last executing test programs:

13.865098716s ago: executing program 4 (id=3149):
r0 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
ioctl$NBD_SET_SOCK(r0, 0xab00, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xffffffffffffff03)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mbind(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x8003, &(0x7f0000000000)=0x9, 0x8, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)
openat$capi20(0xffffffffffffff9c, &(0x7f0000000000), 0x22000, 0x0)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
syz_open_dev$media(0x0, 0x0, 0x0)
r4 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
listen(r4, 0x0)
accept$ax25(r4, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x0)
syz_open_dev$ndb(&(0x7f00000000c0), 0x0, 0x0)

11.228049387s ago: executing program 4 (id=3152):
recvmmsg(0xffffffffffffffff, &(0x7f0000000440), 0x0, 0x2000000022, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000080), 0x1, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
creat(&(0x7f0000000340)='./file0/file0\x00', 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000080)='net/snmp\x00')
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f0000000000)=0x200, 0x4)
setsockopt$inet_tcp_int(r4, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r4, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r4, 0x6, 0x16, &(0x7f0000000340)=[@window, @mss, @window, @timestamp, @sack_perm, @timestamp, @timestamp, @sack_perm], 0x8)
write$binfmt_elf64(r4, &(0x7f0000000280)=ANY=[], 0x40)
sendmsg$BATADV_CMD_GET_MESH(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[], 0x24}}, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r4, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r4, &(0x7f00000004c0)="3ce2de4d8d957a8de4e490b6cd03b988d4edef164bd3377aa381b5f50b7ca414516489f78cd7208982e9bde22b2b7c1c7606d565477f3db9d2b077283644c0f27ab52a863a42863e06944e40a0b3c5d21c8cbe102e7f726263f28aef1bc12a069063d4c30e8f329fdb36859be727fbef4314161e5fb5f01ae00a2634d5cdecca2089c62e32f4c919886b2b88d237e287318739bec0364caf15889f38a312ef6621c0f21709a4bf2b16274cf933f6ad8fcc9c2024bc1b4713f650e860f93ae93b2361956b3e80c38c5fd29b5c1b5d7ce67edc856a8dc0ba54cee53de9a48c131389426bd06ec7c695add357934fc0321f0d3d7982e4fe5a0039decc491a663afd02facb08dd9695f854c7b031d9af8bd7350897996b5208b23030cc0feb84570730eaf24b9f2ac05d0feb3be07a29f887095f36f3c8f0e77e45509acd14a5be4a1572dd4cd1231087b830fa03e071571d4abd694710ef140469cf6df8a59839aafe046a5bffb97e5247be901789eafd726ba090337a2c49207e6b900c7e982472e6aac70e5d52ca2c1bab47b1f6d00f9601e2281686c21f770ae96e0ffec4b30496d012fa00958f794cdbd721bd155cae87", 0x109e8, 0x805, 0x0, 0x6)
preadv(r3, &(0x7f0000000900)=[{&(0x7f0000000880)=""/65, 0x41}], 0x1, 0x8, 0x0)
r5 = syz_open_dev$vbi(&(0x7f00000001c0), 0x3, 0x2)
r6 = fcntl$dupfd(r5, 0x0, r5)
write$binfmt_script(r6, &(0x7f0000000100), 0xfffffd9d)

9.291733684s ago: executing program 4 (id=3158):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x33, 0x4, 0x0, 0x0, 0xcc, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x20401, 0x0, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @lsrr={0x83, 0xb, 0xdc, [@private=0xa010102, @multicast1]}, @rr={0x7, 0x13, 0x0, [@dev, @remote, @multicast1, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$alg(0x26, 0x5, 0x0)
fsopen(&(0x7f00000003c0)='ext3\x00', 0x0)
r1 = syz_usbip_server_init(0x3)
socket$l2tp6(0xa, 0x2, 0x73)
write(r1, &(0x7f0000000f40)="b410a1e8252ce0a1a3be3d593e8bf96f9615aea940ed08d3", 0x18)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
mbind(&(0x7f0000596000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x3)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
msgget$private(0x0, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000040)={'erspan0\x00', &(0x7f0000000000)=@ethtool_ts_info})
r4 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f0000000000)='cpu.stat\x00', 0x300, 0x0)
read$FUSE(r6, &(0x7f000001aa80)={0x2020}, 0x2020)

6.516497685s ago: executing program 0 (id=3164):
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x33, 0x4, 0x0, 0x0, 0xcc, 0x64, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote, {[@timestamp={0x44, 0x18, 0x0, 0x0, 0x9, [0x20401, 0x0, 0x0, 0x5, 0x0]}, @timestamp_prespec={0x44, 0x44, 0xc0, 0x3, 0x1, [{@private=0xa010100}, {@multicast1}, {@remote}, {@dev, 0x659}, {@broadcast}, {@empty}, {@multicast1, 0xffd200}, {@private=0xa010100}]}, @timestamp_prespec={0x44, 0x3c, 0x0, 0x3, 0x8, [{@dev}, {@remote}, {@multicast2}, {@private=0xa010101}, {@rand_addr=0x64010101}, {@broadcast, 0x52b1}, {@multicast2}]}, @noop, @noop, @lsrr={0x83, 0xb, 0xdc, [@private=0xa010102, @multicast1]}, @rr={0x7, 0x13, 0x0, [@dev, @remote, @multicast1, @remote]}]}}}}})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
socket$alg(0x26, 0x5, 0x0)
fsopen(&(0x7f00000003c0)='ext3\x00', 0x0)
r1 = syz_usbip_server_init(0x3)
socket$l2tp6(0xa, 0x2, 0x73)
write(r1, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r2, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
mbind(&(0x7f0000596000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0, 0x3)
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
msgget$private(0x0, 0x0)
getpid()
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r3, 0x8946, &(0x7f0000000040)={'erspan0\x00', &(0x7f0000000000)=@ethtool_ts_info})
r4 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
r6 = openat$cgroup_ro(r5, &(0x7f0000000000)='cpu.stat\x00', 0x300, 0x0)
read$FUSE(r6, &(0x7f000001aa80)={0x2020}, 0x2020)

6.474403645s ago: executing program 4 (id=3165):
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040400"], 0x11)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
lstat(&(0x7f0000000000)='./file0\x00', 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000002340), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000023c0)='./file0\x00', 0xa1)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000022c0)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r4, &(0x7f0000000280)={0x2020}, 0x2020)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xe501, 0x3, 0x490, 0x320, 0x6affffff, 0x3403000b, 0x320, 0x7, 0x3f8, 0x230, 0x230, 0x3f8, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00'}, 0x0, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x1, [{0x6}]}}, @common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x2, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4f0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000400)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x28, 0x0, 0x0, 0x7ffff024}, {0x6}]}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000034c0)={0x0, 0x0, &(0x7f0000003480)={&(0x7f0000002480)=@newchain={0x30, 0x64, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0x5}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)

5.062042645s ago: executing program 4 (id=3167):
socket$kcm(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$packet_int(0xffffffffffffffff, 0x107, 0x0, 0x0, &(0x7f0000000380))
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x34, &(0x7f00000003c0)={&(0x7f0000000480)=ANY=[@ANYRES8, @ANYRES16=r1, @ANYRES16, @ANYBLOB="0c009900a4000000660000000800e78ce400ca653e6022"], 0x82}, 0x1, 0x0, 0x0, 0x4044880}, 0x4000000)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000b215080000000000000000000000001b0014000480080002400000000008000240ffffffff05000300210000000600024000000000"], 0x38}}, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet(0xa, 0x801, 0x84)
r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
r5 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r5, &(0x7f0000000140)={0x2, @short={0x2, 0x2, 0xaaa3}}, 0x14)
fchdir(r4)
mount(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000340)='romfs\x00', 0x0, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r7 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r8 = dup(r7)
mount$9p_fd(0x20100000, &(0x7f0000000080)='.\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="747261f5c0cfa2bf613f09006e6f3d", @ANYRESHEX=r8, @ANYBLOB=',wfdno=', @ANYRESHEX=r6, @ANYBLOB=',\x00'])
r9 = inotify_init1(0x0)
fcntl$setown(r9, 0x8, 0x0)
r10 = syz_open_procfs(0x0, &(0x7f00000008c0)='personality\x00')
ioctl$F2FS_IOC_WRITE_CHECKPOINT(r3, 0xf507, 0x0)
pread64(r10, &(0x7f0000000180)=""/252, 0xfc, 0x11)

4.803860347s ago: executing program 1 (id=3168):
socket$nl_xfrm(0x10, 0x3, 0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="040400"], 0x11)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
lstat(&(0x7f0000000000)='./file0\x00', 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000002340), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000023c0)='./file0\x00', 0xa1)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000022c0)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0x4000}})
read$FUSE(r4, &(0x7f0000000280)={0x2020}, 0x2020)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup(r5)
setsockopt$IPT_SO_SET_REPLACE(r6, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xe501, 0x3, 0x490, 0x320, 0x6affffff, 0x3403000b, 0x320, 0x7, 0x3f8, 0x230, 0x230, 0x3f8, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00'}, 0x0, 0x2d8, 0x320, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x1, [{0x6}]}}, @common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x2, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4f0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r8, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f0000000400)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x28, 0x0, 0x0, 0x7ffff024}, {0x6}]}, 0x10)
dup(r7)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)

4.62330858s ago: executing program 2 (id=3169):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_SET_NESTED_STATE(0xffffffffffffffff, 0x4080aebf, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(0xffffffffffffffff, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
getpid()
openat$vimc1(0xffffff9c, 0x0, 0x2, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r1, 0x541b, 0x0)
r2 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x1b, &(0x7f00000000c0)={@remote}, 0x20)
r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000000500)={<r7=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r6, 0xc0182101, &(0x7f0000000180)={r7})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000000480)={<r8=>0x0})
ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r6, 0x40182103, &(0x7f0000000080)={r8, 0x3, r6, 0x5})
sendmsg$SMC_PNETID_DEL(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="92001fdb", @ANYRES16=r2, @ANYBLOB="270e00000000fcffffff04070200"], 0x14}, 0x1, 0x40030000000000}, 0x0)
ioctl$VIDIOC_QUERYCAP(0xffffffffffffffff, 0x80685600, 0x0)
openat$vnet(0xffffff9c, 0x0, 0x2, 0x0)

3.376289849s ago: executing program 1 (id=3170):
unshare(0x4020400)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000bcc000/0x4000)=nil, 0x4000}, 0x2})
r1 = syz_io_uring_setup(0x6908, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_setup(0x1864, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1}, &(0x7f0000000000)=<r3=>0x0, &(0x7f0000000180))
syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r1, 0x184c, 0x0, 0x0, 0x0, 0x0)

2.814716954s ago: executing program 1 (id=3172):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000002fc0)=ANY=[@ANYBLOB="7a0af8ff7525206cbfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000006000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc560e2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c8edd3aa5d6ee7ab10b1a297cf52866651dde583823c0f09621f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000000db453620ce72d75946c2b638d91dbef661935839c77edf2d34b12cd48a1b20fb7dd8432619f2c50d77bc0ea9b0af58e604f4942eb613eff289026d5045ef76d7d864409eb2dc9518a09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc76be40d435aa8b5208ff0df2db761014b1b999a12df6bee431a668135b8214afa5827b56a8074bf1e6cf5d84b35a3a3a4c66824fe12dbe20fcf50a194185b9e2d8b815fedb0d982936156be34dda66fb977aef7c9cb92428ef25d9bf665bd60024c09e9eed544126fabe4cb8d826e1ec03cc492f5cad6227c94fea467c8a7fa8b58abc37056433edf43fba5566a3e022034ac81fd48f9b7314ffa730017fbd37fdb23bc26992529402a520ef67e246415a697a95ca3314ded0d8a24abd57e042888a9141ab4e6c6b939aaefc248791464970c43120211b9bc82a85cd2fc18f535c7986c2d52ba62f74f000000000080000000000000000000000000400000000000000000000000000000000000000100000000"], &(0x7f0000000100)='GPL\x00'}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000008008500000082000000"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x10)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4)
sendmsg$unix(r1, &(0x7f0000000780)={0x0, 0x0, 0x0}, 0x0)

2.732294186s ago: executing program 3 (id=3173):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), r1)
sendmsg$NFNL_MSG_COMPAT_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000006c0)=ANY=[], 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xbc)
sendmsg$nl_route(r0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000840)=@newtfilter={0x3c, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffff}, {}, {0x5}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_IPV4_DST={0x8, 0xc, @multicast1}]}}]}, 0x3c}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.651859536s ago: executing program 1 (id=3174):
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r0, 0x0, 0x0)
readv(r0, 0x0, 0x0)
ioctl$VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, 0x0)
r1 = pidfd_getfd(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, 0xffffffffffffffff)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
syz_open_dev$dri(0x0, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ZERO(0xffffffffffffffff, 0x0, 0x48f, 0x0, 0x0)
syz_open_dev$I2C(0x0, 0x0, 0x0)
r2 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000980)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581d3b3"], 0x0)
r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r3, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r2)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

2.598740802s ago: executing program 0 (id=3175):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000700)={0x64, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME={0x45, 0x33, @reassoc_resp={{{0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1}, {0x9}, @device_b, @device_a, @initial, {0x6, 0x1}, @value=@ver_80211n={0x0, 0x2, 0x1}}, 0x2809, 0x66, @random=0x79f, @val={0x1, 0x1, [{0x30, 0x1}]}, @val={0x2d, 0x1a, {0x800, 0x3, 0x6, 0x0, {0x1, 0x0, 0x0, 0x2b3, 0x0, 0x1, 0x0, 0x1}, 0x8, 0x7ff, 0x2}}}}]}, 0x64}}, 0x0)

2.500055931s ago: executing program 3 (id=3176):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_int(r1, 0x0, 0x2, &(0x7f0000000000), &(0x7f0000000040)=0x4)
mount(&(0x7f0000000040)=@md0, &(0x7f0000000080)='.\x00', &(0x7f00000000c0)='proc\x00', 0x0, 0x0)
fchmodat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x1ff)
r2 = syz_open_procfs(0x0, &(0x7f0000000000)='cmdline\x00')
read$FUSE(r2, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000000080)="800037bbfa9ba1ce", 0xffd8, 0x0, 0x0, 0x0)

2.440209227s ago: executing program 3 (id=3177):
open(0x0, 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="120100000000f940de28421100000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
syz_usb_control_io(r0, &(0x7f00000001c0)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB="40111400"], 0x0, 0x0, 0x0, 0x0}, 0x0)

2.304977291s ago: executing program 0 (id=3178):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x3)
setsockopt$inet6_int(r2, 0x29, 0x8, &(0x7f0000000000)=0x3, 0x4)
syz_emit_ethernet(0x4a, &(0x7f0000000500)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7}}}}}}}, 0x0)

2.108259931s ago: executing program 0 (id=3179):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
mkdir(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0xfff, 0x7}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000180)={0xffffffffffffffff, 0x4, 0x0, 0x4})
syz_genetlink_get_family_id$gtp(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x1})

1.587722032s ago: executing program 4 (id=3180):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x1, 0x5, 0x8}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_enter\x00', r2}, 0x10)
mlockall(0x1)
sendto$inet6(r0, 0x0, 0x1e, 0x2200c851, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
shutdown(r0, 0x1)

1.310151152s ago: executing program 2 (id=3181):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0xc9d7, 0x9, 0x1}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000340)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000440), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
close(r0)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r4, &(0x7f000000c3c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f00000002c0)={0x50, 0x0, r5, {0x7, 0x1f, 0x2, 0x102080}}, 0x50)
syz_fuse_handle_req(r4, &(0x7f00000021c0)="388219d25a8985d3a909841c8e956469a15e906a4fad26298b696426a81fcf0d6134c5dfa3dac33b6ea4c5d859c2e1333584935ed9d80c184939089e0cb436417aef5dcfb0c878732c6827d278c2910d390115e202c3162f4711bda810555b179a84d7df9f870f6c7510312f0255ce1bef6e875780543aaaebfbdf8208ee5dfd0de60437108b819a35569013870ba0bd0700000000000000c69ac3d0f174042b37d31f7821f65636376ab7bac88a99fc39c60286cac8d3edb5ac4c768a68a43fc77a52adea3b7397aaa2433cad989958c9a6118c72006208f95199efe7d08508913b00711053120551466066aebc0f3f5c6fdb9693ae6c2dc5fa839b808b8789cb1f88514918a6aa1d1a76eb131ebf84a0edaa97fbbcff14101f79a159222f4b4f31942f18bd6f1d393d3e298803a8435d214fe2f7bb31e02e2a75370bffa78d6752c8a6221b50162f7ec7174c258e4b65bf2797b4f7b7fec7488a0675990a075f7ec74b93fd845a6a9e12b0baeda5c81ce23be3b4cc15b493d4b9ae40736c55fcb8266f33760fd09c80bee60e1d5269770dd67c34d6c7ee57d67558f6421b3002c66df981a3114be6e62d4ff999c7985aa767f0a073eb499257c7b1b977f18dfae99f3be0664bb0c0d96fe4f3b1df5d904744570d01b517cccdbf17dada77ad37099ff69c040c0826cb23a80391f341749f2c21c32b5977b796b6af2d7194f1af44f2e0a84bf102b28dff97fa723c6792e16807939429c921dcd26d375fe58c59bb76e3d5227a5c4e2331337c3592a7d84ac45b1bd268a9d66fc2fd03aa23a7bcd7ab711c4fca2958883260b5d5741b145717012d4aa15f2d49b54660a46ec7cd7f9181213acb61074c65189bda02ac65f0e916f9b9260fc4cfc4bad08afb07fde1c2dfbe7807835958ac127021a7a2da901700483f8e5809a51fcb9a455fcc58d4dd8745ad4af3567fa9ee1b8750543117a970bd98d2595da38f3ea455b1611d32870677b0e0605ac387ca068892e1fb81411f901a1137ab9f5b78d350aeec44957e54e28f9ceb6d5ce046237b979ce4f7e7211167a6d3a3e99b151c08bc2a1593174e18196290e16e517e3ac66dceb7b1cabca97c38a6aefe048aff9fb203e1e58e5343062cd36b65198005d0b8ae336a47e8e4372a73aee7131804013d24e3d9bcd5ae2dd7baf036d571ba12ea7f17976e3e20887d8f24db24b2eb3c5e3f3b9ca8611ad4f4be7aa435c9641f290fb478168d3e204edb8181eebe3acb2552ddfa1f01d368d6604c03f84cbe78ce58284dc3b99aef5936adce8fb81118af0ef5a236391b9856bed6d1bc6cf02990c48b7f6c917efdab113ce0851f87258fb0d3f8633c6d41f33cf76f54492c4a1dcd4459153cd28c6473351371c73d73dd8f9a22f175959febadb76a866a9625b926fa1a12b32ba97df3c2e3b5d6893fab9a6352f168c423b38db9d13895afe3a017d27c84b7c20363f4e8a81f0af52c5368b856ecab23f52cf87f1ee3f73bdefc424b253c9c55f91df8a02b7df35a7c7defb7d260e4edf040503ed18f16aaf742b2c30ffb7f0108a48f50a7e603e24e0399c309781689118b2f1c23721e2528a3f020a4a43cf5439d169b4c116c284aac82ca2a5cecafb97d9dffb2b56af3cd73fe9ca2553ad33c12add00f01fbf7e11f8b30d3bee0096418b1bfdf2f458d8534c3660da46483bcf884088c171d105ff05e441d018dcc495eb35ea1f921f98ad1f5a0bc0f5cf69450b70bbb2a24d427511baf0638d3b4da0fbdcbe126e2e9e415b81fb12239b424f8f553d73520aff5f212fad8a15760759dd4726bd2d05eda93ddb10cc2ae01977d1030480fddea6045be4a5983fb67a263bdb86f722592880e4feaf9767dc5352cd898da96b647eacb41d7c97a1e2bf1e48b548172a06ff21962e79ff3724b94c3e339dae7ac1e67225846da5e1399639885fea22620c9501dbb4b8ec62292c1b8392e20ad72bdd72c85d5aff8e7432117097bb4cc173de0f8dfed12134024d92c2c8512cbb96b31f156d759770467abf602e3a580bb0ee26137229e11df6986f33c8de3921b81ecc56f600f6fbe39787b72293d567c3d396ea4d65baa3fae1a25df344c5f33ec1fdcafefc0bee2c5cdf59dbb0408e99ca27f7a6872bfd2c20e11bd8c5b9a38fa98f30b5a56eb3dd10be3cfc60f43264a40ba7e91676920540b87d9b4f88b59f6ed8b66d5144930f0f4d3748084923b27082d8a175f955687cc1598d02937af997018a871db6e0c1db1e2e4431e452cdb0110c65bea7da6c8a9e4a66f0957fcdf1b8c7cb4d808b896ff217db472709690bf7ff4d4ca912017fd57812e1dac1c4d1db8d5113739e917bfba37581118e950ba1a77aa124b4de0611ab834f8a82794bbd0b0b14ef60031642a6bfe152975b1aee3b466d3d9780c0c3b47aacaa8630a117b25409bb49af1f4b6105f0002b84325dce613054b6402d68e16bf3baa7ec6e9bc39cf324759f92cb82492e9b653015f1d795145fa911ed77ac5acbcff00cbbc2db04d2753c937dac0d09dbba128dc2f5c5918febb6ffaca8feb5bdd2c54853b9efe9b93f5356ab3bfe67bad1985e4c7e32c23e47140c540acdf30aaa966627923dc904f334a309789e17af70c2094ae28375a9414233115a635bb783ff422cd130b9efd41dd1c667d571241dab5d773f83e897787094f130f51c6c34f5af6d67ec94e57c5f9c37aba10f0a0433fa55b6ca2ce88b5ff1f44985312efc85fd31cfbf2412431763ec5ed6f39a799171aad1db74fa5c04295f5476446e5c148ddd3062a8ec4e773dba59139e9d0eb72b327cdc6b306bd475ca92ee5310d72c0906faab2950cec8f8619e009cb8c52e75fbec8aa4ce2736b3326583d365da32284f2b5f5d3c849623d15da5e6b2d780de22cf3504e5f06bc502a174db330d72214849ebd6887bdf4e7763db928b159698ef4e0755946d3a3508f92f332dae105a4c177d3ece1c7360dbade67e339934509e2f38b4f5022f5584255163d152f07b987ba838e45d1e62f14e46c45fe9e8a34dc4ba572081e96e9a33f31509d9bd0a362dace52d3a877fd238890d658ff776224609529e4ad4dc5d9138b3a2750dcafbd04de7d3d94d2b00128db71571ca361e4e257dcbecafa1f236c5c7990a37933a62ad28f575d5641b672fbd6b67b52075cc8daf420e4fe703326c05795ec388f6bfcdefeedf0d50617e086f749f7c37aaae655c5e059cdf0a1d2140273b3e6a22f6f79f843e3a4d05e92565260d354d068a71cc9ac41556e795c84291490821f5e5134ec03faf8b1073b774eb6e81a48f16ab2c2b4ecc0ca758cfcf4d2301f524a2dafa7a1a0cccf08b325dde92ee365c23ac818e673e60d887f8a24e3395e02379341b2a21959d01812f2d2de3eed3616e1d38249b4ccb0bfff4049725324c5d3dae738673e8849a889badf69237f98878efdb3c3136db8a902b83a7fbf62f08501f1e55c2fdee54fbb8e824648e58bd8f45e729261c6e75637e454b14b3e7175ef81551e9ce6609d7b7e9e53467aec2ce5b34a1761ad6a510838bf2611722885251732ba1aa8782a4316619bd49194fc0ecb67b3ec0f199e6af276bfa9cae0769d2779f6579792dd100bbc9b8bcd94bfe7bf1fb985789917c2d83b14a8b028d79236e0b01f1cfa00b34554148643a9ec25053baa4b56a1dfec6c84c1767989f2a400beaf4373daaa7f578846ba90de1bf47a921a0dd4f22746ea82800bb2d51bb80d916148b1fbe8e7ebb79cf11c8bf588e2a0b95f6984e866c623a9015371d5d3495a3f3d9b42ee7828f1a3dce118a648342d0b0b8e17dc9cbc95c16fc7410f5a7ade7bf921279611e6f2cec5c945e4115142075287203b65f8a3b14d026c465b83a4447891dacbc37de3f23b801abd1a628973b5858a9fcfcb1c3923eaddc6fa3787f28f5ed0f2e1df91bf9d7396891b4efbe008e0818cb57d3eb178844e98db8b09fc859c11427adb4a92630aafc2ce7ae644f077bbfe3a899b6014be74be9277177d10c72f0b13998fb666af0cf0b28757c5ae8f5021c00adb414d16aea5cb23f22c7f526d8266e4b67b85f124704769e1187c3415acbf81cb3c2d5cc04d95edbd75bfdd32847e984a55d4dc1a7d3781bad2b6b62a576c10ff471e107add2a74e59ab11071bf5fb57c0cc34a45dc8796fe47000811cfea6cfb22c22e2b4656efd5ced8da97ca0179a6c3a4d58a7bd77260516107a9a72036c92c2dc800d825c3f45c6123a0332d37d7e29f84184e19decc59102950da0b0cef36160153f5a453c9c7fcfe2e145aae343fb9bb726bc3aefb9a604708d3ab1c5f51228ef8987a00ab2abfee2f3c1a38c48797035d43f74d1d6ac26df34926ce8d95d1d57f9e442398822b5014367dd8dde2db00ea5972dc8e782a7a193744d3bfa0298f353207e442716d26ba943821a6b0d2e112bd7033d7df3c99f0d875dca45f466567c198c16039b00f1125b77c1c560ac21ca70db4a642ed58f5f55db9acf206fcb3adb31731d9efb1b7dd9cc124858bc8fd9fe2651e31f152f05d2be376f3854d3de9dc464541bbdab3902773b3b5b2a14a20c0e80ae3a2ca02ddb584fab1767af0428969d4a9035cef9092d8d3bb48b8be88bac57d53c6e50b07fa51e0d9351159eb97741e09f55317c802fdb0cb172fa79b2ad25fd55613dbcad1f070a407facbcce6a229f4bc88de1ab99dea251a677209e9bc08fdb2e0299535beea1189044ab8c69c9196fb9d39b6c609c0c815ec929a01cd974d08b6f0e301991101ccb8c7e591f9cf1dd6fb6cfa17d6925d13bf18508103c44a52efb3701176d31e34207aed48792f5d7c4ddb6bb3bf6f0869f528363b7e0650b06b0e4caf53dc30157e80ae1e2432b60a1c64088eec7013a213ed65340adddf6940d277e87802729c3a6dc9c3d5919d835fd55642e15ffce4a9bd8553be5ec276d0867311f2b0e11173eedf0d7d5dcac0d44f8076ffd9ce8e90f828c4443c8b602db35ca19220f2cbc295e8fda0602e6437a46abc775da4237bede18196bb1e1106220235fd2072fa4375fd8bffa037afeddedc4477b315799176a23f47f48afc652fff5083c917ed1b4097cddd186921531357cd0da18996a152639692f5a2bf4c7745c3b640d7ca69e236edca95934c36ca4b9236d9cbbd3f248b948c942f65dfce17167628b4eb0c5893512c2d8439812bcea8d5fe6a229264723b66e4f2cb6f970139415440dde9946c5ad40032a1c5a18c248d35b73100d8f38aac9c5c302354a9db4e8d99a2d845f54a767c4a0623d40b998e28d454aff7defc9bb4cd3673374a33e641a6614c6b5546b3f70ed288f53def2e49baa32d1afb93b4c04a22b5c9ac3a23f1e0cb423eab40f51e2b3c170b501dc517abbac962784e1bd151815494d04e336ae2f16064ca27c7d776f8c5974a76e9b3d313446336e696e24202b2cb94603e2929906ad4000b13f0f7e7ecf6c2d7243e12d0aba4fb5d4a30de4e2c5a0ea8ade6d79bef8dead7b49ceaf6d7157a427382570771040c084c9feba727019c3b03dae0c5880b0a2dbd8150b743f987b5019b421c5d164150592ae0646217618c92e7876e6c4a2b0ecdfde08f04265e0bfa096a2d6f83953af12209e892a9a326368e0270f8e669ed5aca72579d1d6b806eaba059bb28c7f80fc1ce39b994e6816cac5df5cf9d40582bf9301b12deeb09a2eeab9c8a83a7d44d04a87ae0d4a590cb5f5e3824dc381fc56aca6787be5899aa3694f3b9a872b61dd5876c0f8ff3c81f38b4e52792254edfb954b157abd7b2ae2f4f8caee5b78886894e467e38a93c26cbc546022371b44360a317513341933a0db7ba88929844489e51259a489854f8160ad46594a19cbe799515f396168505520a5288d00f8093d3aef119d94a7863e67c9a7d6f900ba9834fd886044513ee1853713c2a4b5121487db6e7424a0b7f19895e5cf5e41e69c34b3378bae46e2e1c7d29c1cfe1bd0370bc2c0649ea144cd1d4d40fa57160cf856f3fb3dd3cd9ff014b4194837af58189305226b534e1a82297adb14e7af42693fa5065873cbb7fd7ceef5a41d8a63c1ec4a0b214182c5ee3cb9430f6dd7cd57fa56e1b6df932c683905f111867e5bc229bedbb3099a72644d96c38aef3e93268dcab401a2882f1f48c63dc068fc102adf0c8e8a1debdf454919cf7042c6b80955bd63cbc27d785e06ef360feb725748e8359e1fe6d64851ad9faf834d28e6273db6830eb655e6ca3d0d437dee2bd6d0ffbe9aac4e54af0e8436ab653f8d6580acb7388634f342b36fac1feb35526eeeb8602a31a65843c18a9bd463c365e42192f6aadaa1a6e4991e9340258532f4f4811788d8662925405b76db6aba7965aee669441818c5e96a3d945d81baebd00ba2d97414f1840b3dfc7d34d9fb13877d241744cad6a367dea3ff5c4f29fd41e06f85c67c614cfa307463b3a8550a5a31cadc8c7111f1236c9113b18c631cf9ede683818be932fc0c8f389457a05c1b02e7a380b27b10853c79d9495ffa702aa01a1953f269c952e4ee95b001c5ebbba33c902a7d3aa81ac9ff01b1f9ed97a6f280f3caae24cf236e41993cf991e7d8f3ff50a173997179a190d92a26beaef64eae0ebf824b485962089f8675c2cc176c2c052948176937a4074f2506edb7e60a65149ab319f76fff07cfde46f6799869202d735e5ae9f91f4d23150de807efd933ecab245fe128554664fc8a3f411a9e45e050ea40c68e45f57403dc62b3a6908df7f6d8cf9ef45133e56b5682757415093b49b86630758075103fe98f1d380f58829b796b9ea4f06499beaa81108976a3a70174c3542eb2130070b1c4354166049b412b2256be40a9d20e18a2600540e1e1c15549892310c09870dbf70874be181a0ed4009592bea754fe30ff3cd96a551071d7ce21c6cfd3e449dd8c39bd97ed47b16bf00096578342112fd1aaef915962aa9a3141276c7442aab367fdaa02b2db13bb1e1be5c7486464196541d584096200520a6a57a228466fef61e2f6f678ba9f3733f6ae80bdd6bf67dda5b13bb7c8d05d20825566ee3ddfb9c94dc270aebe3d5a24933ba6befcb65226de3f2d8fc6fb518a36bb655289d2daa616121a4ce08c9f4effc5127c90d93369d8345357c67e3bdc024263fd43d090b8f1643c75236ce000ba02001c5974035f733ecb05f35d3d205027b393b4bf33dd86050a9e2c8f779de8947a38ee7b2b2b39d427cf48a359f10bc0fbd50763c8f4727ba82a55f6c2e944b71f8e05626bef8e7598c55cd4e587686446adf394282e312d48e02b9ce324b8523b33978c9ed7e67b886479c8c36d136d276b34de843ccb98d624daee93cd3d5db695189a5b1f730091b6339d8ecb93485f9091b46e998ff1efad6d647a2b6d5f4647e84835cb1d863386a337c9ef4ec0ad827fd0acff7498422f8277052c53f0a7001b3771a19241b1d14021d6dbae44dc7fd92365012d1ced3c4f494699e398c404d8ffa5a6cd824e2f7638a4087693dc5191a7c6fb4fd29967e27988234c015a33db9ac71a416a8469f871b7da09c95f3331576c1b4f4c72b7b127ad2e48a57e28804efe74f8145aeaef16c03e2c3e99fe3ccaddded1da622fc62172e8f55d04e1305df63e789774d3640e6cf36ed53c2fcdeef189178dde1b60c640742c68d8d06cae2538b7b7d0ffe1905037537a754ba44950c4194c8013b5a4eb2a2b6406f9795d70e4321c7ab7e630381ce04e2e4f15e49153842118abb5179e246e41ffa49ed2b39b62ea47001f35229be23d332a81b5d47f88a5737b480f27ca75a653efa3afa257ef05e1b4da1cb84653b074e9aace9f6f4b94f48cf50b3fe2b1658d30e3f288b6d6a1164f3c9153b0f185c10a64c861889dc3faf8bebd6caab6f751a31109756cbc8b9a62384faa1a88b2ef8803855414dcc209329752a65b05a0784be9837e3a4a7cdc49b302a1e3e9be08080b6af5049702613b777e55b0033eab3ad76024a6132522289df20d753b595a48b1d116e792b51c9840541f16f56ef185a3c14e64b7e293c178ade690abeffc9d8f908bab3db2460d7f692e48dbdda353b6df648a98411bd8c70f95f6fb27390e6d3241f36fea36c0aea9198cd40fcc23b181d41fd91cf66570aaaf0688a4eff348b6f0e4c8bbda629cf269eafe2d60cab7108dbaeb0119ed441b7c4b379d0198be27dc6de0b53acca37dd9e5a40a558d8405de127fdd4b381a83d6d33b11061ef5428c08a8c64e73a3a6ccb11037cda942aa937f1ec14a9e2088acbb7b5489d173ce08ea04febb1cd93d7c0e1b3fb2facf8536e6568ea349647e2e449fe220516f5e94ab5727a91b92f9ac957cadb2e107b101c286e521d7742b86dc53df904cd29e6b7488ac8d149226254976858d25d388eb6842271f051a082e18d0549232dd0fdc8da13aaa44f925dc3f462a188cdc8e1573bf989d25243f975a7765cbe01e84ae4654fa60e20a39f89b53f008796c5360ca8ad4cd9adf0bac7862002f9a02a30aebadb738673bb12edb7f61755ca16defb8aca9bbcbf2fd39cd556369050407d4a7077b14cf922f3597af3e967ae63f1c1e8a6b6d10fcdb8aca23c2596b72155962438889005fb8a835153ac594f1a8edfef2ffc66db8d642beee43524f6f271a1c24824c92ad58531251df443d712615f7fff6a385298183cfce80296dc95ef4728b5b1b98549460efaa2d230453f8156b4c6d76e5bce6aa9e1b4da827a96949af8681edd094d0d63dc3b582a156480b1800130ec5543c40be0c561d90bb379db82a4b59b657b05333c958908bc65b3a26fa8d745d579b09b5fd5e2223e7c182bc7610d414a379ff9a8922909340433ac17b77130ed417bf23e4ae48ca4a834b038f977d0deefe1291e76395c35b4107b2de4178b1051251cacb6bff04fd2d092d6ae2a72b25213605ab08b71fe478927cf82353ebcf382630cee84d03bd38227bf8b12c1bca16686ec9ffe61aed4635328f39ee09aafebf30da052e0e4bf28da6badd62636022b130dc4f1e196ffce2051d3e7f80ae29a38abf6367f2555d93f6ad2ab346f3037737ca141dad639771645fd683361c2b67abf0b04c1846dff0ce319ae12a9c79a7bad5e8e6fac23ce85860d1201e69319c41924d87066f6f320006bb3fe802d04a5bedbf50dd15e22df446cd94be3486047315f9ba0fea5af6915ea399075704308653b03f29d4e99419a1a7f848302a46537a297f6331abc7c36df88bb535096135b971d41c4335eb8d2a9eac87061d16f2e6899662d327deb8fd788661d6d151a7e4d3f8cb8312a0b8b60807cb6abc7bad6b66e8d5a492cef77759055e15c7c37a20c751b9571e02ad40b65c0b17668eda7ef989f8bde821d2e9c7a119cac9ca3e925f51cf6c2bab2a406699555099e016944554222144a3e970220e01bfe3b152c955ee4e21716c1e521a4bb0228dcd9b0a237f8fc2ccf9b4ecd8d6e2eec4508cd6c6453db134def3be0808a9f0df28960e28385611ec490cdabd63cd76bc53fe10d67af82c755721f6ba406969969008dc072d1a3c0a64a95f5265e9529575bf1038fe0df1925bc40bd7d8831e891aab8f888d1906681a08fccac5bb4cb3c7e67ccdeff175b76d9bd7029f53e0ee15d8845504476940d05b87156cce1d5ed93671d5ee0ce0874f0606f7d09d15cf16d98a1cbb456a5704cffc0a3918ef543a6e9a67e965c4fbb8186991ac3ca2218244cdc44af93a08763e04cce549c5ab00146278a63c2c94859a91544efc6559061cf781ce86969f8b1f5b65389ab3b19c0cc41ddd39e614803b06599b8653ed64cf8e3605c69afc879ae03e6cc5f80f88fedae281d1adf53a9204c491204edb99d1106b68ccb21004d51c419842f3e1564b5a4e01e71a47135178d8d045b07c045cba01436cd0ce6a1ce9a480b1bd6eb48fe2888214ca31766f5c5144edf8bdf7edefe015cf95bc6834bb06aa157b76f9fbcbade1ceb547fa678ff33a24ed4cca831654c0b03bd1a52ceca4287171d524e37d42899a4c5c66da0586ffb7b4aead7cdf892ce24d66eaff3530dcca213f70cec1d24cd59bbdc12e3f6f4bd4d0a2b232fa5f9ce2c70aa529fc85d4d2183f4c20f154da58103cfeffd477901d188ea888aad45f778dc48969936ce7519d2e1f0e14b2fc8b02340af1f83119cb69ab38e5122223950d5045479cbfb0b989013e2b1b995d6c45656b8124e8fc54f7daf9409ff4ad5babdc9789e3d420cccb792bf06a75cbf2bcc8b45a394e62dce6ed5188495c0de5a86d00694fc70a41b1cede2e986a33c13a7bc88d9c79775dbb624b9d66c577466547183ca48a0279ccfc7bffe699d0f4f82bca906d0118865e8851b75f9914ae12a368c0e2881fbf8c1f4374c37fce575034bdac4a06e022e62b34874966952f0ffb6c9fc8138eff8e07ad630635772e84993af6d71dc3eb534bdb00475eeb433da5b6cdf9051a8898a8893ef0ea4102aa24968c2c8be9b5b02e07c075f59c3398e08876054135ad6be1c51a5e98e1400edcca8061640a0d20b3f7a92acff856d20703f70c2159f91f9419d34cfb87f890b578bed938ec52eb1b45fbef56828774cba3704e0a22b1fff7ff6bb94620c9f0317728ee32d09615d186138238fc529247e80fcf71e9269e72fa25962695e40a38a816c2eb5d5e3f169e5c54ae20cecdc206b8cc093f6f5d3461268ff8a7154bafe92cf145aa415556cd9c6b4f5693050d00d6e1f5441c67b4c3abf561803ef525f4e199b2cdd03b806c0d8606ecaf25ca51a750dab89d91aaab170fcb7b6f50766ab8f11cf177bd75e58d432c051cdafccde5fd81233f524d37a6ae391da09b381d46b1333a07d5632b9f83c1aa8cd44f417320550d5b9ae5118502ff8fe89fffba8e0cf4f8fa4c096ea4937b7b3ea6f9dc0fc13e2e2b4ca172c97b67a58404a335436658063a9bd1c71422e9ee5ef345df6534be0b0482273c4750b9ae92c463bb87e7de173b40a8709a4018bdbe9e799b0a95c5946dc424efaac67eb3fe869d49e040d94d42c1c7680c47c9bba3344f7034d68394e65f6d31b9e5b21a763429432b91b85e274a5675011b2d5442f1d329ccf1220275ba714738022742135bb9674a2544d23b09c93d1d07f35738abf59f44b894048faf09bf0467b9d8171afe57ee10c828640fed3801dc8711e0b678b30f42f396be642975cc2724110d48a59d3ae7160781b7a3f4973fc2d720440408ffced0e2b62728e7ef1f5228fab181fb9b7a1077e376df6c5aeba81e9fe3fc9f82919bf476f1e97c64da1aaa0fc7d1e0b31d8519717717a1ca1856bae339cb612e4880d0aed31500c80e63fc888389c20be12e73cb3299f7a23cfcfd47834ce9b0d92d7b732d15b2df232158cc9b690a0c7e9fd2c511bbce0a6aced586059a9446019ac26ce6eb9ab507dfb24c58acfe596dc2d67ff19569211078498f31e7998135b47a5e2f39b23e474bf74484690c080fc1b818474094d960fe89d45b43c926cc0e6b60bdf3fed333ade75161441c622005e243964d6603a29888a5e921a713e7403785a86103c7fa700", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000fc0)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x20000, 0xc000}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
chmod(&(0x7f0000000080)='./file0\x00', 0x0)

839.637366ms ago: executing program 0 (id=3182):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r0}, &(0x7f00000004c0), &(0x7f00000003c0)=r1}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000b40)='neigh_create\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca7f8fbc9cdfa146ec56175037958e271f60d25b7937f02c8695e5a1b2cdf41dc10d1e8bf076d83923dd29c0301000000010000003d5d58c07fa1f7e4d5b318e2ec0e0700897a74a0091ff110026e6d2ef831ab7ea0c34f17e3ad6e70af07da5ceb01b7551ef3bb6220030100dfd8e012e79578e51bc53099e90fbdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e060e3670ef0e789f93781965f1328d6704902cbe7bc0476619f28d99cde7a6b73340cc2160a1fe3c184b751c51160fbce841dfebd31a08b32808b80200000000009dd27080e71113610e10d8fb9c2aec61ce63a3462fd50117b89a9ab759b4eeb8cb000066d42b4e54861d0227dbfd2ed8576a3f7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0180aabc18cae2ed4b4390af9a9ceafd07ed0030000002cab154ad029a119ca3c9727ec84222fff0d7216fdb0d3a0ec4bfae563858dc06e7c337642d3e5a815212f5e16c1b30c3a2a71bc85018e5ff2c910496f0dafc9ffc2cc788bee1b47683db01a46939868d75211bbae0e7313bff5d4c391ddece00fc772dd6b4d4d0a917b239fe12280fc92c88c5b8dcdcc22ee1747790a8992533ac2a9f5a699593f084419cae0b4183fb01c73f99857399537f5cc2acb72c7eae993fc9eb22d130665b6341da114f08cd0509d380578673fffffff7f23877a6b24db0e067345560942fa1c22015e53fd8a46be933ab460d8629fbef2461c96a08707671215c302fae29187d4f5c06a960fd37c10223fdae7ed04935c3c90d3add8eebc8619d73415e6adcda2130f5011e42e50adab988dd8f12baf5cc9398c88607a08009c2977aab37d9a44cfc1c7b4000000000000fa47742f6c5b9c4b11e7d7262a1457c39495c826b956ba859adfe38f77b91bd7d5ca1664fe2f3ced8468911806e8916dc15e21644db60c2499d5d16d7d915836ab26c169482008ef069dc42749289f854797f2f900c2a12d8c38a967c1bbe09315c29877a331bcc874b2f663ddeef0005b3d96c7aae73835d5a3cda9e90d76c1993e0799d4894ee7f8249dc1e3428d2129369ee1b85afa1a5b6154eb2eea0d0df414b315f65112412392191fa83ee830548f11e1038debd64cbe359454a3f2239cfe35f81b7ade8a5b859968ff0e90500d0b07c0dd00490f167e6d5c1109681739dc33f75b20428d6474a0a91ee90b8de802c6b538622e6bbcb80f87b415263c401e64ed69a2f75409000000000000001d695c4559b82cabac3cccadc1e1c19af4e03020abf5ff0433d660f20898d2a045d009a0ffb20a77c9af2b80c05184a66d30bbea2ca45a4d6d6d1e6e79aef42355a500587b603306a5af8d867d80a07f10d82eafb03062e95196d5e3ffea0000000000000be959096ea948cfa8e7194123e918914a71ad5a8521fb9553bc60f7d9719b55b3abb6bba3d113a680a8d46fe074c83fbe378a3889e8145b2eaceab05ef932c6e4f8ef0ed0d818a7b76d839cf3c63ebb4380b168c38fa32e49563cfee3a7f0fc18bfa32c418cef875fb49e2989177a1bcd1e30280bc586e79a5dd80701018e7d6e97b3ce267dd4e27b6ef206660090bb2164474cef378f97ca33fc03000000000000001547053453d0c9aec91a24079b21d52fb5516bf0c28ef37aa76442f6083dc99cd61afaf6be45d7b00d3639f2f10ac2d5c759c3e5468f0000000011d415b6b085fb73a2c7c3852e0e658ffeb4e863428a792bee94f6cd895424360e0464f9d7ea425f2fa6aac029d15af607ad83532ff181c985f54b39370c06e63055b4d6a36fa98a44e379d28307c9912fb097601f3f88a2ca6fd1f9320cfe7fc8e9f7f15f02e177ce23f43a154b42e26f037e8a01377cbd3f509e6e540c9ba9c2a589c95d8ad67a65e9a44c576dc24452eaa9d819e2b04bdd1c000000070000000000000000000000005333c6199c12dcd926891927a7267c47cf897853d160100b39b613faefe16bed1fc105dddd77ab929b837d4442d13d5a29179a00837918dd7854aa17eb9fbdc2bdc0e98ae2c3f23a6131e2879f04ff01000030b92dd493be66c2242f8184733b80ba28e8ffffff7f00000000bb2f89049c5f6d63d56995747639964217aacfe548bc869098aa8e07e51dbc9e2d4db3c5f79fd355222ec2a00cf7f2ccd6dd6d2dc2a815d8314221a5472f1318a9dfbec5a759579caf3262129b14e99040b5d91398e17df85c25ccae973eecc7d187168d5c9cd848d566cc17587641ed01889c927da38d83314480b15e23138c5b877a72bd4cf74a299df4fbfc8e6ea96939f15d254d9033c5a45706bda78ab60200000000000000000000000000000000000000706f78f0a2ea9667fb5b951808545a46830970c2dfae01adbda7d29bf1f7abdaf52e0de6f9d7150808ed086642e64ebf98762b34338b80e41b704c3eefaf0bb5ff070000000000000ea15ccc0d7a830b6eb33b6b61675511d693ef5e3c44bbf71cabc5f45c879e7499f8baae2a1a09cf38da73297764fbc0e723e1cc3abb12e3076982ed32c94a2ce3e6f37c47e983da4ca5c96187db5a2a2e1742bc93a65d7187126126b3a80f17dd2f7dbbe82d104ede9ba6925afc2ee6cb94f56f1363cad635abf8f983292c49c0ebf5005154c7b58a3a2a2ea86d2fd92b8661264f781e3fb02d05a28f3f17b64d0258853d45cb5ebde10cd3d82eeed2f1ed925b7cf400304932c5ed0a362b235ce37e1f17700f7d1fecf8be8a2c5d25a9c60657560d05441387ff158a018d19a286c58684a1d2f624c3eb59d509ee89cc2df52881d005b2e5c27563ba54e4153c132d0366aa660000000000000009c1aaec93ec0f925921fb2e9eb202a29bef28224dbabe723de5c584bc398a8792e493048c87f60a51a391e95921218149403558fd13c649f90b0911d57eeb298b590581eba1ce383b539ab80fd15445987b1bb4eb512545e1ab65fef3103ce10b1ee362b51c72f82edf2f502ddf52567775e34a56d1be892f1e62b08950d517fa6fb1b0ef2edf1b67f8644786116b037d4a36fdd30b000063e58c856ec44cbbc2d370553f832af9480215e09aaa3843fe360b1c293a14627f2cfbe278f31d0abc0f5aaa10926dbbfe8a4b131c13a73d4e6d065c2c0fed3ab8442520ce0e0ad7d2d177377ab197ace3ef8b1c24ceb0bdee84bd6e6317633938dd19dc42de7f8f860eca6d9c74525fcd3497526df4c13e3ba5f0d75365a4542ae9440d2fede416d61800aaf7e038879c5d177b3876fda4121e00000100000000003edd3d43cc64e0d26b46907b42e08d000000000000903350932d3eef7fdada20c19807066e3c72d0d816eb9fa50be213bf6bbb7ccb9f2e8a153e6ced68f192ebed6e86af0f2cec7335fa8039fd6eb025440bc2a34d071f0a0e6774308a74748b8cd994ed368695aa2c59869c9200a1306ffa5a71ca69e89a69fc858f37c2c398515a910a35e22ab0573c10b85df4c2972a2fb8b9c080fbb41a753791df727fdeaded2930376eda31312256191c620cce34d1e3bf40a4a207ab1575b399eb8155781bfc7cb5920b49c039935a888d77041894f60fbbcafa487ee96b368e8769da90b44190e569fe8b923c32c288baaca5c5558b5a78bb43e5d9e47a1d5809bb178184b5672d08e29aecf1f572ac1e6cab7e820751e95999b7532603494d37a2bff35a9eec46dfc8a52433f605ebf151c837b4966b5f3628a406175a87e32c5e4268d3000933b580415b162e2946446b8f02554c8a1225217d69d049685dd06aa8528673a9673a723ac414af77f523ad730d00e8700c213f95c87a94f39f506b9e000000000000000000000000000000000000000000000000000090668ac41a1c2a4f7831e6c6a3e9c68ca2c449482bb70a994e71a7f24873848fbb128c820c1de19cc003dfa65a2b296caeb1253802080e08eeb724c4c7b7e052afa19b0f2cd7a13bda4b5a8f3b8fa3ca70bb756a3d529718d5c79d9bdb89e5d33793533211d76d00a45079eff797476106bf76f1fed952a7c9162b88911b5b00c3d26fd2fb4d7b29d1ce025e102d458efd5cca3f3835ce760359eaa01cb13cb28d60e8942fdc02b6824c00dac62f8a2d4c680ae284a82f09d6641921536814b444e4188d9b2e97eb3b108e7876f0f3f3863147ab694218c7cecc075d52d590dddbb57fc6fedf5ec69d7894a7b5c8109f303dab998815c80534b0bd34c49eea63997e56728a8185a8bb6988a7197b87f5548f5edfdfb3efc907fe561b33a6f7c707f7828c6adaf3b2a39929b4b65253e787d65c08aff5e4a9b2267bd8f803ea38f10a6e9c4a49bf23525e08c12d229211fe4d88cf1440f29accfa50f327ac1fb20d7f164100111bd21fca713b2475f1c997f3000000000080c426bcec79c6bc83ce4e6cbb17c01be69db342192d0a716cc24710d23321441f475ec485d642b61c6bd907071dbbe37c0b78f60fd2ad0d13ca62d9d9aafb01c3920b64cb5e023810e2de4327f90c389ce36d90ff9f3cb9d8cd2260d05a8126943a3df17157470595c68ac8df7fea6d42ecb2cdb65b4f2aef0dc4b2de949a6d4ec37f2fd693ae44944041a64fe6336aba1c66b1b95d2edbc40364a049616ae962d75eae619548aa86bd5f0bad56e7ad7de2ee5e6f3b42e3a27094b6b5face99456d9af1926b21d37faf7612d9752cf58e6424decd530b5419e117ec086174439af6ee6c7fdb2d19c9280fa9a02e8fa6a38acfff09050d912635fed175fd06f577d40000000000000000000000000000754bffd73c0888ba8834f20b3acea57b7817663e12c1a5503bc4c13af59bda21688d68698c53ce3aa767657774db09ece7ec888d3af290207d36fa433b35e17dc0f3dc728ea1c633a4ef9e7d9bf81b57492e0544800921d1b751c5fbc163"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x55, 0x0, 0xffffffffffffffff, 0x3}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r3, 0x18000000000002a0, 0xe06, 0x1000000, &(0x7f0000000100)="b9ff030f6044238cb89e14f088ca1bff43052f002000636777fbac141443e000000d62079f4b4d2f87e56dca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0xfe, 0x60000000}, 0x2c)

839.380943ms ago: executing program 2 (id=3183):
r0 = io_uring_setup(0x2a0c, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x3})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0xde02})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x701200, 0x0)
close(r2)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000380))
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00'})
preadv(r1, &(0x7f0000000400)=[{&(0x7f00000004c0)=""/248, 0xf8}], 0x1, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

580.628975ms ago: executing program 0 (id=3184):
lstat(0x0, 0x0)
r0 = eventfd(0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
read$eventfd(r0, &(0x7f00000001c0), 0x8)
ptrace(0x10, 0x1)
syz_usb_connect(0x0, 0x24, &(0x7f0000003cc0)=ANY=[], 0x0)

473.868125ms ago: executing program 2 (id=3185):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x200000100000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=r2, @ANYBLOB="140001000040000000000000000000000000000014000200fe8000000000000000000000000000aa140006"], 0x54}}, 0x0)

405.381468ms ago: executing program 3 (id=3186):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x3)
setsockopt$inet6_int(r2, 0x29, 0x8, &(0x7f0000000000)=0x3, 0x4)
syz_emit_ethernet(0x4a, &(0x7f0000000500)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7}}}}}}}, 0x0)

320.083148ms ago: executing program 2 (id=3187):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x3)
setsockopt$inet6_int(r3, 0x29, 0x8, &(0x7f0000000000)=0x3, 0x4)
syz_emit_ethernet(0x4a, &(0x7f0000000500)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7}}}}}}}, 0x0)

258.642312ms ago: executing program 3 (id=3188):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r2, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @link_local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "2a8435", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x4, 0x5, 0xc2}}}}}}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000500)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x7}}}}}}}, 0x0)

204.584316ms ago: executing program 1 (id=3189):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmsg$unix(r0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@rights={{0x10}}], 0x10, 0x35c556aae2ce9086}, 0x40800)

160.148226ms ago: executing program 2 (id=3190):
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000100), 0xc0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000040)=@framed={{}, [@printk={@llx, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x2d}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x51)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x0, &(0x7f0000000200)=0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0))
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff})
ptrace$ARCH_SHSTK_STATUS(0x1e, 0x0, &(0x7f00000000c0), 0x5005)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000000540)=@v1={0x0, @aes128, 0x1, @auto="7640aceca2062234"})
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(0xffffffffffffffff, 0x800c6613, &(0x7f0000000000)=@v1={0x0, @adiantum, 0x0, @desc1})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001000050700"/20, @ANYRES32, @ANYBLOB="00000000000000002800120009000100766574"], 0x48}}, 0x0)
openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000080), 0x300, 0x0)
sendmsg$TIPC_CMD_SHOW_NAME_TABLE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000400)={0x30, 0x0, 0x1, 0x0, 0x0, {{}, {}, {0x14}}}, 0x30}}, 0x0)

81.713936ms ago: executing program 3 (id=3191):
socket$inet_tcp(0x2, 0x1, 0x0)
pipe(&(0x7f0000000000))
open(&(0x7f0000000100)='.\x00', 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="120100000000f940de28421100000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000004850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
syz_usb_control_io(r0, &(0x7f00000001c0)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB="40111400"], 0x0, 0x0, 0x0, 0x0}, 0x0)

0s ago: executing program 1 (id=3192):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)={0x1c, 0x52, 0x1, 0x0, 0x0, {0x2}, [@typed={0x8, 0x1, 0x0, 0x0, @uid=0xffffffffffffffff}]}, 0x1c}}, 0x0)
r1 = syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000180)={0x1, @pix={0x0, 0x0, 0x47425247, 0x0, 0x0, 0x0, 0x4, 0xfeedcafe, 0x3, 0x0, 0x0, 0x1}})
socket$nl_generic(0x10, 0x3, 0x10)
clock_gettime(0x0, &(0x7f00000000c0))
r2 = getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r3 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r3, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r3, 0x100000001)
r4 = accept4(r3, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_EVENTS(r4, 0x84, 0xb, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xe)
sched_setscheduler(0x0, 0x0, 0x0)
recvmmsg(r4, &(0x7f0000004300), 0x3a4, 0x0, 0x0)
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[0x0], 0x1})
ioctl$DRM_IOCTL_MODE_SETPLANE(0xffffffffffffffff, 0xc03064b7, 0x0)
r6 = syz_open_dev$video(&(0x7f0000000000), 0x485, 0x0)
ioctl$VIDIOC_CROPCAP(r6, 0xc02c563a, &(0x7f0000000280))
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
write$sndseq(r7, 0x0, 0x0)
ioctl$FS_IOC_GETFSLABEL(r0, 0x81009431, &(0x7f0000000000))

kernel console output (not intermixed with test programs):

essage: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=14712 comm=syz.0.1729
[ 1280.940020][T14322] veth0_macvtap: entered promiscuous mode
[ 1280.998063][T14322] veth1_macvtap: entered promiscuous mode
[ 1281.041098][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1281.068623][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1281.092105][T14712] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1281.105101][T14712] batadv_slave_0: entered allmulticast mode
[ 1281.185404][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1281.280510][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1281.394591][T14322] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1281.429581][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1281.466961][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1281.498671][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1281.514766][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1281.576661][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1281.649183][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1281.679694][T14322] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1281.711227][T14322] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1281.760529][T14322] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1281.790884][T14707] block nbd0: shutting down sockets
[ 1281.844028][T14322] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1281.886457][T14322] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1283.012343][T14322] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1283.021259][T14322] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1283.499211][T14734] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1731'.
[ 1283.679230][ T5693] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1283.699254][ T5693] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1283.751226][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1283.784409][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1284.317963][T14753] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1289.088853][T14771] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[ 1289.095399][T14771] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1289.169686][T14771] vhci_hcd vhci_hcd.0: Device attached
[ 1289.694176][ T5274] usb 13-1: new high-speed USB device number 9 using vhci_hcd
[ 1290.723254][T14773] vhci_hcd: connection reset by peer
[ 1290.742040][   T52] vhci_hcd: stop threads
[ 1290.746913][   T52] vhci_hcd: release socket
[ 1290.751526][   T52] vhci_hcd: disconnect device
[ 1291.463003][T14795] input: syz1 as /devices/virtual/input/input83
[ 1294.136321][T14808] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1298.433676][ T5274] vhci_hcd: vhci_device speed not set
[ 1299.124353][T14821] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1300.651671][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.658299][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[ 1301.992661][   T29] audit: type=1804 audit(1725423757.524:531): pid=14824 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.1745" name="/newroot/4/bus/bus" dev="overlay" ino=45 res=1 errno=0
[ 1302.531011][T12751] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1302.548260][T12751] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1302.556309][T12751] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1302.575062][T12751] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1302.583413][T12751] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1302.596069][T12751] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1303.650607][ T4615] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1303.661797][ T4615] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1303.670831][ T4615] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1303.736461][ T4615] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1303.815144][ T4615] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1303.839208][ T4615] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1304.302199][   T35] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1304.646939][ T4615] Bluetooth: hci3: command tx timeout
[ 1304.672927][   T35] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1304.748800][T14830] chnl_net:caif_netlink_parms(): no params data found
[ 1304.995611][   T35] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1305.335661][   T35] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1305.932028][ T4615] Bluetooth: hci5: command tx timeout
[ 1305.961125][T14830] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1305.980536][T14830] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1306.008032][T14830] bridge_slave_0: entered allmulticast mode
[ 1306.054418][T14830] bridge_slave_0: entered promiscuous mode
[ 1306.070161][T14830] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1306.086671][T14830] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1306.094045][T14830] bridge_slave_1: entered allmulticast mode
[ 1306.101910][T14830] bridge_slave_1: entered promiscuous mode
[ 1306.723968][ T4615] Bluetooth: hci3: command tx timeout
[ 1307.322248][T14830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1307.475973][T14830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1307.796957][T14830] team0: Port device team_slave_0 added
[ 1307.808987][T14830] team0: Port device team_slave_1 added
[ 1307.993464][   T35] bridge_slave_1: left allmulticast mode
[ 1308.003676][ T4615] Bluetooth: hci5: command tx timeout
[ 1308.010240][   T35] bridge_slave_1: left promiscuous mode
[ 1308.048944][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1308.088026][   T35] bridge_slave_0: left allmulticast mode
[ 1308.123565][   T35] bridge_slave_0: left promiscuous mode
[ 1308.142491][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1308.863780][ T4615] Bluetooth: hci3: command tx timeout
[ 1310.133769][ T4615] Bluetooth: hci5: command tx timeout
[ 1311.829799][ T4615] Bluetooth: hci3: command tx timeout
[ 1312.164518][ T4615] Bluetooth: hci5: command tx timeout
[ 1313.918885][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1313.950656][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1313.977614][   T35] bond0 (unregistering): Released all slaves
[ 1314.152761][T14941] netlink: 'syz.2.1757': attribute type 4 has an invalid length.
[ 1314.208747][T14944] netlink: 'syz.2.1757': attribute type 4 has an invalid length.
[ 1314.603435][T14849] chnl_net:caif_netlink_parms(): no params data found
[ 1314.803851][T14830] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1314.810795][T14830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1314.836654][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1314.871444][T14830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1314.939998][T14830] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1314.961793][T14830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1315.029123][T14830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1315.105696][   T35] hsr_slave_0: left promiscuous mode
[ 1315.122543][   T35] hsr_slave_1: left promiscuous mode
[ 1315.173272][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1315.193147][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1315.211599][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1315.219189][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1315.280649][   T35] veth1_macvtap: left promiscuous mode
[ 1315.290092][   T35] veth0_macvtap: left promiscuous mode
[ 1315.298301][   T35] veth1_vlan: left promiscuous mode
[ 1315.310815][   T35] veth0_vlan: left promiscuous mode
[ 1317.753139][   T35] team0 (unregistering): Port device team_slave_1 removed
[ 1317.904675][   T35] team0 (unregistering): Port device team_slave_0 removed
[ 1319.704979][T14830] hsr_slave_0: entered promiscuous mode
[ 1319.757950][T14830] hsr_slave_1: entered promiscuous mode
[ 1319.786993][T14830] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1319.822232][T14830] Cannot create hsr debugfs directory
[ 1320.293325][T14849] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1320.321524][T14849] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1320.354089][T14849] bridge_slave_0: entered allmulticast mode
[ 1320.380333][T14849] bridge_slave_0: entered promiscuous mode
[ 1320.463913][T14849] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1320.471169][T14849] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1320.489472][T14849] bridge_slave_1: entered allmulticast mode
[ 1320.502499][T14849] bridge_slave_1: entered promiscuous mode
[ 1320.693874][ T5278] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1320.731208][T14849] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1320.770060][T14849] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1320.932487][ T5278] usb 5-1: config 1 has an invalid descriptor of length 105, skipping remainder of the config
[ 1320.964959][ T5278] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1321.010367][ T5278] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1321.024348][ T5278] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1321.044269][ T5278] usb 5-1: SerialNumber: syz
[ 1321.078874][   T35] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1321.159332][T14849] team0: Port device team_slave_0 added
[ 1321.208197][T14849] team0: Port device team_slave_1 added
[ 1321.349833][T15041] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1772'.
[ 1321.407928][   T35] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1321.984041][   T35] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1322.164430][T14849] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1322.188198][T14849] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1322.233801][T14849] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1322.402684][   T35] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1322.565959][T14849] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1322.574611][T14849] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1322.604587][T14849] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1322.907571][ T5278] usb 5-1: 0:2 : does not exist
[ 1323.047264][ T5278] usb 5-1: USB disconnect, device number 19
[ 1323.182401][T14816] udevd[14816]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1323.242455][T14849] hsr_slave_0: entered promiscuous mode
[ 1323.313249][T14849] hsr_slave_1: entered promiscuous mode
[ 1323.359260][T14849] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1323.491262][T14849] Cannot create hsr debugfs directory
[ 1323.659990][T15068] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1776'.
[ 1324.082503][T15073] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1776'.
[ 1324.529437][   T35] bridge_slave_1: left allmulticast mode
[ 1324.542805][   T35] bridge_slave_1: left promiscuous mode
[ 1324.549396][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1324.581757][   T35] bridge_slave_0: left allmulticast mode
[ 1324.587742][   T35] bridge_slave_0: left promiscuous mode
[ 1324.594206][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1326.191493][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1326.213691][ T9874] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[ 1326.266068][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1326.285888][   T35] bond0 (unregistering): Released all slaves
[ 1326.458666][ T9874] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1326.478112][ T9874] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1326.506199][ T9874] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1326.534731][ T9874] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1326.598584][ T9874] usb 3-1: SerialNumber: syz
[ 1326.836204][ T9874] usb 3-1: 0:2 : does not exist
[ 1327.001320][ T9874] usb 3-1: USB disconnect, device number 9
[ 1327.126880][T14816] udevd[14816]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1327.743972][T15115] input: syz1 as /devices/virtual/input/input84
[ 1328.367112][   T35] hsr_slave_0: left promiscuous mode
[ 1328.385761][   T35] hsr_slave_1: left promiscuous mode
[ 1328.416615][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1328.447110][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1328.478369][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1328.541956][   T35] veth1_macvtap: left promiscuous mode
[ 1328.579296][   T35] veth0_macvtap: left promiscuous mode
[ 1328.676904][   T35] veth1_vlan: left promiscuous mode
[ 1328.687764][   T35] veth0_vlan: left promiscuous mode
[ 1330.434427][T15143] 9pnet_fd: Insufficient options for proto=fd
[ 1331.195733][   T35] team0 (unregistering): Port device team_slave_1 removed
[ 1331.315719][   T35] team0 (unregistering): Port device team_slave_0 removed
[ 1331.610260][T15154] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=15154 comm=syz.4.1789
[ 1332.121776][T15151] block nbd4: shutting down sockets
[ 1333.783129][T14830] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1333.978320][T14830] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1334.403919][T15171] input: syz1 as /devices/virtual/input/input85
[ 1335.753593][T14830] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1335.778395][T15183] netlink: 'syz.2.1793': attribute type 4 has an invalid length.
[ 1336.029046][T15185] netlink: 'syz.2.1793': attribute type 4 has an invalid length.
[ 1336.439827][T14830] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1337.312858][T15205] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=15205 comm=syz.2.1797
[ 1337.511756][T14849] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1337.653138][T14830] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1337.709005][T14849] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1337.786514][T14849] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1337.881649][T14849] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1337.890379][T15200] block nbd2: shutting down sockets
[ 1338.132590][T14830] 8021q: adding VLAN 0 to HW filter on device team0
[ 1338.636841][T15216] input: syz1 as /devices/virtual/input/input86
[ 1339.028338][ T5676] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1339.035476][ T5676] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1339.319224][ T2952] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1339.326462][ T2952] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1339.482219][T15225] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=15225 comm=syz.4.1799
[ 1339.911758][T14849] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1340.051140][T14849] 8021q: adding VLAN 0 to HW filter on device team0
[ 1340.158451][ T5693] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1340.165720][ T5693] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1340.201121][T15218] block nbd4: shutting down sockets
[ 1340.259325][ T5693] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1340.266560][ T5693] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1340.601313][T14849] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1340.670314][T14849] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1341.341586][T15251] input: syz1 as /devices/virtual/input/input87
[ 1341.955990][T14830] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1344.054266][T14830] veth0_vlan: entered promiscuous mode
[ 1344.142973][T14830] veth1_vlan: entered promiscuous mode
[ 1345.126531][T14830] veth0_macvtap: entered promiscuous mode
[ 1345.238319][T14830] veth1_macvtap: entered promiscuous mode
[ 1346.066954][T14849] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1346.099322][T14830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1346.301324][T14830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1346.314147][T14830] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1346.349993][T14830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1346.965070][T14830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1347.121416][T14830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1347.165720][T14830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1347.229629][T14830] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1347.276492][T14830] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1347.330733][T14830] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1347.387767][T14830] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1347.589223][T14830] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1347.617496][T14830] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1347.660932][T14830] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1347.735004][T14849] veth0_vlan: entered promiscuous mode
[ 1348.039120][T14849] veth1_vlan: entered promiscuous mode
[ 1348.431401][T14849] veth0_macvtap: entered promiscuous mode
[ 1348.439221][T13618] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1348.507555][T13618] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1348.599647][T14849] veth1_macvtap: entered promiscuous mode
[ 1348.683789][T15311] futex_wake_op: syz.0.1812 tries to shift op by -1; fix this program
[ 1348.728479][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1348.750924][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1348.864633][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1348.926713][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1348.982953][T14849] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1349.123207][T13618] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1349.143206][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1349.155453][T13618] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1349.203256][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1349.263625][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1349.323956][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1349.342646][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1349.384858][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1349.422976][T14849] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1349.433898][T14849] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1349.452723][T14849] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1349.485623][T14849] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1349.502575][T14849] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1349.542819][T14849] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1349.576507][T14849] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1349.938950][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1350.142007][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1351.106561][ T5693] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1351.166001][ T5693] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1351.294165][T15343] futex_wake_op: syz.3.1817 tries to shift op by -1; fix this program
[ 1352.866796][T15378] futex_wake_op: syz.3.1821 tries to shift op by -1; fix this program
[ 1354.141541][T15356] Bluetooth: hci4: command 0x0406 tx timeout
[ 1354.147692][T15356] Bluetooth: hci2: command 0x0406 tx timeout
[ 1355.246528][   T29] audit: type=1804 audit(1725423811.114:532): pid=15393 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.1824" name="/newroot/3/bus/bus" dev="overlay" ino=40 res=1 errno=0
[ 1357.128273][T15407] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1361.405298][   T29] audit: type=1804 audit(1725423817.554:533): pid=15417 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.1829" name="/newroot/28/bus/bus" dev="overlay" ino=181 res=1 errno=0
[ 1361.659473][T15421] netlink: 'syz.3.1831': attribute type 4 has an invalid length.
[ 1361.781705][T15424] netlink: 'syz.3.1831': attribute type 4 has an invalid length.
[ 1362.073603][ T1170] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 1362.100185][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[ 1362.100247][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[ 1362.386263][ T1170] usb 2-1: config 1 has an invalid descriptor of length 105, skipping remainder of the config
[ 1362.386299][ T1170] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1363.166481][ T1170] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1363.166522][ T1170] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1363.166551][ T1170] usb 2-1: SerialNumber: syz
[ 1363.516823][T15416] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1830'.
[ 1364.719785][ T1170] usb 2-1: 0:2 : does not exist
[ 1364.977096][ T1170] usb 2-1: USB disconnect, device number 19
[ 1365.128281][T15425] udevd[15425]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1366.853676][T15473] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=15473 comm=syz.1.1843
[ 1367.009817][T15474] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1367.075519][T15474] batadv_slave_0: entered allmulticast mode
[ 1368.272022][T15487] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1847'.
[ 1368.305485][T15471] block nbd1: shutting down sockets
[ 1369.049975][T15496] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1847'.
[ 1376.564460][   T29] audit: type=1804 audit(1725423832.644:534): pid=15576 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.1864" name="/newroot/40/bus/bus" dev="overlay" ino=242 res=1 errno=0
[ 1377.263782][T15580] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=15580 comm=syz.3.1868
[ 1377.788491][   T29] audit: type=1804 audit(1725423833.804:535): pid=15585 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.1869" name="/newroot/10/bus/bus" dev="overlay" ino=81 res=1 errno=0
[ 1378.266824][T15580] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1378.322091][T15580] batadv_slave_0: entered allmulticast mode
[ 1378.857604][T15590] futex_wake_op: syz.1.1870 tries to shift op by -1; fix this program
[ 1378.977392][T15578] block nbd3: shutting down sockets
[ 1381.160121][T15615] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=15615 comm=syz.4.1877
[ 1381.863570][  T941] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[ 1382.797490][T15611] block nbd4: shutting down sockets
[ 1382.920755][  T941] usb 4-1: config 1 has an invalid descriptor of length 105, skipping remainder of the config
[ 1382.987654][  T941] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1383.046153][  T941] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1383.088011][  T941] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1383.137958][  T941] usb 4-1: SerialNumber: syz
[ 1383.495871][T15608] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1875'.
[ 1383.556896][  T941] usb 4-1: 0:2 : does not exist
[ 1383.682710][  T941] usb 4-1: USB disconnect, device number 15
[ 1384.896718][T15636] udevd[15636]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1390.548437][T15668] input: syz1 as /devices/virtual/input/input89
[ 1391.062344][T15670] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=15670 comm=syz.2.1886
[ 1391.108145][T15670] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1391.156137][T15670] batadv_slave_0: entered allmulticast mode
[ 1391.578131][T15660] block nbd2: shutting down sockets
[ 1392.145967][ T9874] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1392.702521][ T9874] usb 5-1: config 1 has an invalid descriptor of length 105, skipping remainder of the config
[ 1392.753582][ T9874] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1392.775292][ T9874] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1392.793754][ T9874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1392.822183][ T9874] usb 5-1: SerialNumber: syz
[ 1393.832734][T15698] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1397.047917][T15712] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1397.062002][T15713] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1399.629133][ T9874] usb 5-1: 0:2 : does not exist
[ 1399.753191][ T9874] usb 5-1: USB disconnect, device number 20
[ 1399.967808][T15676] udevd[15676]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1400.635759][T15726] input: syz1 as /devices/virtual/input/input90
[ 1402.217936][T15743] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[ 1402.224481][T15743] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1402.428882][T15743] vhci_hcd vhci_hcd.0: Device attached
[ 1404.386275][ T1170] usb 17-1: new high-speed USB device number 8 using vhci_hcd
[ 1404.411301][T15747] usbip_core: unknown command
[ 1404.436040][T15747] vhci_hcd: unknown pdu 3020988904
[ 1404.513613][T15747] usbip_core: unknown command
[ 1404.613961][T13618] vhci_hcd: stop threads
[ 1404.618209][T13618] vhci_hcd: release socket
[ 1404.659414][T13618] vhci_hcd: disconnect device
[ 1408.719284][T15788] input: syz1 as /devices/virtual/input/input92
[ 1409.877623][T15792] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1410.164937][ T1170] vhci_hcd: vhci_device speed not set
[ 1412.161611][T15798] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=15798 comm=syz.3.1917
[ 1413.701375][T15794] block nbd3: shutting down sockets
[ 1413.859978][T15805] 9pnet_fd: Insufficient options for proto=fd
[ 1416.672278][T15819] futex_wake_op: syz.3.1922 tries to shift op by -1; fix this program
[ 1418.463696][T15836] futex_wake_op: syz.0.1927 tries to shift op by -1; fix this program
[ 1418.871117][T15844] input: syz1 as /devices/virtual/input/input93
[ 1419.542822][T12751] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1419.560399][T12751] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1419.581087][T12751] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1419.597896][T12751] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1419.606039][T12751] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1419.615112][T12751] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1419.650290][T13462] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1419.782427][T15850] 9pnet_fd: Insufficient options for proto=fd
[ 1419.884945][T13462] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1420.110506][T13462] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1420.600867][T15857] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1934'.
[ 1421.084367][T13462] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1421.301852][T15863] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1934'.
[ 1421.606879][T15862] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1421.776910][ T4615] Bluetooth: hci1: command tx timeout
[ 1421.891972][T15867] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1935'.
[ 1422.332510][T15873] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1935'.
[ 1422.908672][T15871] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[ 1423.539344][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.555151][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[ 1423.963622][T12751] Bluetooth: hci1: command tx timeout
[ 1425.603556][T12751] Bluetooth: hci3: command 0x0406 tx timeout
[ 1426.003671][T12751] Bluetooth: hci1: command tx timeout
[ 1427.270787][T13462] bridge_slave_1: left allmulticast mode
[ 1427.316011][T13462] bridge_slave_1: left promiscuous mode
[ 1427.372206][T13462] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1427.433377][T13462] bridge_slave_0: left allmulticast mode
[ 1427.451668][T13462] bridge_slave_0: left promiscuous mode
[ 1427.462924][T13462] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1428.083754][ T4615] Bluetooth: hci1: command tx timeout
[ 1429.645538][T15920] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[ 1429.652100][T15920] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1429.687991][T13462] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1429.695397][T15920] vhci_hcd vhci_hcd.0: Device attached
[ 1429.743031][T13462] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1429.765362][T13462] bond0 (unregistering): Released all slaves
[ 1430.703547][ T5274] usb 13-1: new high-speed USB device number 10 using vhci_hcd
[ 1430.918037][T15845] chnl_net:caif_netlink_parms(): no params data found
[ 1431.117165][T15921] vhci_hcd: connection reset by peer
[ 1431.165101][ T5679] vhci_hcd: stop threads
[ 1431.169384][ T5679] vhci_hcd: release socket
[ 1431.243402][ T5679] vhci_hcd: disconnect device
[ 1433.392695][T15967] input: syz1 as /devices/virtual/input/input94
[ 1434.567790][T13462] hsr_slave_0: left promiscuous mode
[ 1434.644161][T13462] hsr_slave_1: left promiscuous mode
[ 1434.747074][T13462] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1434.787530][T13462] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1434.832878][T13462] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1434.949427][T13462] veth1_macvtap: left promiscuous mode
[ 1434.957585][T13462] veth0_macvtap: left promiscuous mode
[ 1434.977521][T13462] veth1_vlan: left promiscuous mode
[ 1434.984257][T13462] veth0_vlan: left promiscuous mode
[ 1435.340357][T15993] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[ 1435.346916][T15993] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1435.580002][T15993] vhci_hcd vhci_hcd.0: Device attached
[ 1436.087508][  T941] usb 17-1: new high-speed USB device number 9 using vhci_hcd
[ 1436.096920][ T5274] vhci_hcd: vhci_device speed not set
[ 1438.428061][T15994] vhci_hcd: connection reset by peer
[ 1438.469328][ T5698] vhci_hcd: stop threads
[ 1438.489593][ T5698] vhci_hcd: release socket
[ 1438.517697][ T5698] vhci_hcd: disconnect device
[ 1441.407802][  T941] vhci_hcd: vhci_device speed not set
[ 1441.601326][T13462] team0 (unregistering): Port device team_slave_1 removed
[ 1441.700817][T13462] team0 (unregistering): Port device team_slave_0 removed
[ 1442.630216][T15845] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1442.702747][T15845] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1442.763700][T15845] bridge_slave_0: entered allmulticast mode
[ 1442.802767][T15845] bridge_slave_0: entered promiscuous mode
[ 1442.839349][T15845] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1442.880169][T15845] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1443.079292][T15845] bridge_slave_1: entered allmulticast mode
[ 1443.095634][T15845] bridge_slave_1: entered promiscuous mode
[ 1444.775926][T15845] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1444.822026][T15845] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1445.257721][T15845] team0: Port device team_slave_0 added
[ 1445.348443][T15845] team0: Port device team_slave_1 added
[ 1445.637518][T15845] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1445.656387][T15845] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1445.804369][T15845] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1445.956323][T15845] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1445.963277][T15845] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1446.105860][T15845] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1447.529585][T16085] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1972'.
[ 1447.558216][T15845] hsr_slave_0: entered promiscuous mode
[ 1447.612458][T15845] hsr_slave_1: entered promiscuous mode
[ 1448.005343][T16089] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1972'.
[ 1448.493259][T16088] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1449.254457][T16098] futex_wake_op: syz.2.1973 tries to shift op by -1; fix this program
[ 1452.355223][T15845] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1452.435587][T16140] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1980'.
[ 1453.162775][T16126] futex_wake_op: syz.2.1978 tries to shift op by -1; fix this program
[ 1453.174782][T15845] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1453.237620][T15845] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1453.302522][T15845] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1453.348081][T16147] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[ 1453.354615][T16147] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1453.392109][T16147] vhci_hcd vhci_hcd.0: Device attached
[ 1453.697870][  T941] usb 15-1: new high-speed USB device number 7 using vhci_hcd
[ 1453.817132][T15845] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1453.962301][T15845] 8021q: adding VLAN 0 to HW filter on device team0
[ 1453.977404][T16148] vhci_hcd: connection reset by peer
[ 1454.010650][ T5679] vhci_hcd: stop threads
[ 1454.028589][T13462] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1454.035729][T13462] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1454.045950][ T5679] vhci_hcd: release socket
[ 1454.068711][ T5679] vhci_hcd: disconnect device
[ 1454.085317][T13462] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1454.092436][T13462] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1454.958845][T15845] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1455.144544][T16186] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1458.161884][T15845] veth0_vlan: entered promiscuous mode
[ 1460.110744][T16200] input: syz1 as /devices/virtual/input/input98
[ 1460.286907][  T941] vhci_hcd: vhci_device speed not set
[ 1460.322002][T15845] veth1_vlan: entered promiscuous mode
[ 1460.622672][T15845] veth0_macvtap: entered promiscuous mode
[ 1460.678963][T15845] veth1_macvtap: entered promiscuous mode
[ 1460.780101][T15845] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1461.022497][T15845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1461.046443][T15845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1461.170130][   T29] audit: type=1804 audit(1725423917.284:536): pid=16220 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.1991" name="/newroot/259/bus/bus" dev="overlay" ino=1451 res=1 errno=0
[ 1461.586998][T15845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1461.599208][T15845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1461.626553][T15845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1461.648342][T15845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1461.690999][T15845] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1461.885793][T15845] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1461.908620][T15845] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1462.004070][T16225] input: syz1 as /devices/virtual/input/input99
[ 1462.749363][T15845] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1462.767193][T15845] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1462.925155][T15845] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1462.970905][T15845] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1463.333274][ T5693] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1463.376490][ T5693] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1463.612799][ T5698] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1463.730576][ T5698] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1467.549448][T12751] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1467.579098][T12751] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1467.587587][T12751] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1467.617806][T12751] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1467.626797][T12751] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1467.638617][T12751] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1467.952689][ T5693] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1468.245757][T16300] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=16300 comm=syz.1.2003
[ 1468.320943][ T5693] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1468.469668][T16303] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1468.555011][T16303] batadv_slave_0: entered allmulticast mode
[ 1469.642168][ T5693] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1469.692732][T12751] Bluetooth: hci3: command tx timeout
[ 1471.001083][ T5693] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1471.763698][T12751] Bluetooth: hci3: command tx timeout
[ 1471.983172][T16290] block nbd1: shutting down sockets
[ 1472.550424][ T5693] bridge_slave_1: left allmulticast mode
[ 1472.591412][ T5693] bridge_slave_1: left promiscuous mode
[ 1472.621555][ T5693] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1472.714075][ T5693] bridge_slave_0: left allmulticast mode
[ 1472.726500][T16343] futex_wake_op: syz.1.2010 tries to shift op by -1; fix this program
[ 1472.758256][ T5693] bridge_slave_0: left promiscuous mode
[ 1472.800399][ T5693] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1474.353110][T12751] Bluetooth: hci3: command tx timeout
[ 1475.414174][T16380] input: syz1 as /devices/virtual/input/input100
[ 1477.058486][T12751] Bluetooth: hci3: command tx timeout
[ 1477.331543][T16364] block nbd4: shutting down sockets
[ 1478.604692][ T5693] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1478.634268][ T5693] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1478.668799][ T5693] bond0 (unregistering): Released all slaves
[ 1478.808909][T16278] chnl_net:caif_netlink_parms(): no params data found
[ 1482.297095][T16278] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1482.329192][T16433] futex_wake_op: syz.1.2026 tries to shift op by -1; fix this program
[ 1482.343809][T16278] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1482.384287][T16278] bridge_slave_0: entered allmulticast mode
[ 1482.413293][T16278] bridge_slave_0: entered promiscuous mode
[ 1482.623198][T16278] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1482.640991][T16278] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1482.650886][T16278] bridge_slave_1: entered allmulticast mode
[ 1482.674245][T16278] bridge_slave_1: entered promiscuous mode
[ 1482.956871][ T5693] hsr_slave_0: left promiscuous mode
[ 1483.103678][ T9874] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[ 1483.537044][ T9874] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1483.637230][ T9874] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1483.699857][ T9874] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1483.858095][ T5693] hsr_slave_1: left promiscuous mode
[ 1483.863349][ T9874] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1483.871618][ T9874] usb 3-1: SerialNumber: syz
[ 1483.909591][ T5693] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1483.956406][ T5693] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1483.991754][ T5693] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1484.084635][ T5693] veth1_macvtap: left promiscuous mode
[ 1484.121756][ T5693] veth0_macvtap: left promiscuous mode
[ 1484.387583][ T5693] veth1_vlan: left promiscuous mode
[ 1484.467867][ T5693] veth0_vlan: left promiscuous mode
[ 1484.973626][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[ 1484.980098][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[ 1485.131205][   T29] audit: type=1400 audit(1725423941.274:537): avc:  denied  { rename } for  pid=16451 comm="syz.4.2029" name="file0" dev="tmpfs" ino=1504 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=chr_file permissive=1
[ 1486.205593][ T9874] usb 3-1: 0:2 : does not exist
[ 1486.322767][ T9874] usb 3-1: USB disconnect, device number 10
[ 1486.435539][T16476] udevd[16476]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1486.551371][ T5693] team0 (unregistering): Port device team_slave_1 removed
[ 1486.610979][ T5693] team0 (unregistering): Port device team_slave_0 removed
[ 1487.183522][ T9874] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[ 1487.274831][T16278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1487.320054][T16278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1487.404085][ T9874] usb 3-1: config 1 has an invalid descriptor of length 105, skipping remainder of the config
[ 1487.424157][ T9874] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1487.438694][ T9874] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1487.468726][ T9874] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1487.482126][ T9874] usb 3-1: SerialNumber: syz
[ 1487.749550][T16278] team0: Port device team_slave_0 added
[ 1487.776229][T16478] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2034'.
[ 1488.920728][T16278] team0: Port device team_slave_1 added
[ 1488.932278][ T9874] usb 3-1: 0:2 : does not exist
[ 1488.938483][T16489] futex_wake_op: syz.1.2037 tries to shift op by -1; fix this program
[ 1489.033837][ T9874] usb 3-1: USB disconnect, device number 11
[ 1489.296840][T16496] input: syz1 as /devices/virtual/input/input101
[ 1489.528809][T16278] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1489.546057][T16476] udevd[16476]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1489.587738][T16278] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1489.613721][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1489.692742][T16278] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1489.708313][T16278] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1489.716364][T16278] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1489.762674][T16278] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1490.958844][T16278] hsr_slave_0: entered promiscuous mode
[ 1491.047063][T16278] hsr_slave_1: entered promiscuous mode
[ 1491.079491][T16278] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1491.100262][T16278] Cannot create hsr debugfs directory
[ 1492.079058][   T29] audit: type=1804 audit(1725423947.764:538): pid=16527 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.2042" name="/newroot/83/bus/bus" dev="overlay" ino=482 res=1 errno=0
[ 1495.729359][T16560] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1504.153261][   T29] audit: type=1804 audit(1725423959.964:539): pid=16595 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.2053" name="/newroot/89/bus/bus" dev="overlay" ino=513 res=1 errno=0
[ 1504.464084][T16596] futex_wake_op: syz.0.2054 tries to shift op by -1; fix this program
[ 1504.654597][T16278] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1504.738407][T16278] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1504.799075][T16278] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1504.822777][T16278] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1505.368305][T16621] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1508.378369][T16278] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1508.438266][T16278] 8021q: adding VLAN 0 to HW filter on device team0
[ 1508.460111][T13462] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1508.467256][T13462] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1508.598936][T13462] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1508.606073][T13462] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1508.681297][T16278] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1508.713024][T16278] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1509.650404][T16278] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1509.978812][T16278] veth0_vlan: entered promiscuous mode
[ 1510.113303][T16278] veth1_vlan: entered promiscuous mode
[ 1510.576712][T16278] veth0_macvtap: entered promiscuous mode
[ 1511.464199][T16278] veth1_macvtap: entered promiscuous mode
[ 1512.390606][T16278] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1512.480607][T16278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1512.576936][T16278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1512.635125][T16278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1512.847327][T16278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1513.742178][T16278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1513.775260][T16680] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1513.793614][T16278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1513.818702][T16278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1513.878105][T16278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1513.958441][T16278] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1514.170037][T16278] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1514.186176][T16278] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1514.213668][T16278] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1514.222400][T16278] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1514.725624][T16697] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=16697 comm=syz.4.2071
[ 1514.913117][T13462] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1514.932346][T13462] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1515.091435][ T5698] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1515.126522][ T5698] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1516.226823][T16694] block nbd4: shutting down sockets
[ 1516.481638][T16717] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[ 1516.488199][T16717] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1516.581998][T16722] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1517.640836][T16717] vhci_hcd vhci_hcd.0: Device attached
[ 1518.889118][T16719] usbip_core: unknown command
[ 1519.143645][ T5277] usb 15-1: new high-speed USB device number 8 using vhci_hcd
[ 1519.202916][T16719] vhci_hcd: unknown pdu 3020988904
[ 1519.221706][T16719] usbip_core: unknown command
[ 1519.244660][T10007] vhci_hcd: stop threads
[ 1519.248925][T10007] vhci_hcd: release socket
[ 1519.257721][T10007] vhci_hcd: disconnect device
[ 1520.548391][T16733] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1521.148488][T16749] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[ 1521.164119][T16749] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1521.193305][T16749] vhci_hcd vhci_hcd.0: Device attached
[ 1521.364928][T16750] usbip_core: unknown command
[ 1521.387240][T16750] vhci_hcd: unknown pdu 3020988904
[ 1521.453527][T16564] usb 17-1: new high-speed USB device number 10 using vhci_hcd
[ 1521.475253][T16750] usbip_core: unknown command
[ 1521.539593][ T5698] vhci_hcd: stop threads
[ 1522.520852][ T5698] vhci_hcd: release socket
[ 1522.737949][T16765] input: syz1 as /devices/virtual/input/input103
[ 1523.356082][ T5698] vhci_hcd: disconnect device
[ 1524.324514][ T5277] vhci_hcd: vhci_device speed not set
[ 1526.817516][T16564] vhci_hcd: vhci_device speed not set
[ 1526.899968][T16805] netlink: 'syz.3.2088': attribute type 4 has an invalid length.
[ 1527.389933][T16812] input: syz1 as /devices/virtual/input/input104
[ 1528.093545][T16807] netlink: 'syz.3.2088': attribute type 4 has an invalid length.
[ 1532.674566][T16856] input: syz1 as /devices/virtual/input/input105
[ 1534.988538][T16875] input: syz1 as /devices/virtual/input/input106
[ 1539.001512][T16890] futex_wake_op: syz.1.2108 tries to shift op by -1; fix this program
[ 1543.235510][T16920] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1547.134195][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[ 1547.140543][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[ 1547.146922][ T4615] Bluetooth: hci1: command 0x0406 tx timeout
[ 1551.218610][T16960] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2128'.
[ 1552.351001][T16964] futex_wake_op: syz.4.2129 tries to shift op by -1; fix this program
[ 1555.155891][ T4615] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1555.176184][ T4615] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1555.184668][ T4615] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1555.207079][ T4615] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1555.216304][ T4615] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1555.224047][ T4615] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1556.612182][ T5698] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1556.915345][ T5698] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1557.284108][ T4615] Bluetooth: hci5: command tx timeout
[ 1557.292547][ T5698] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1557.582808][ T5698] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1559.022577][T16976] chnl_net:caif_netlink_parms(): no params data found
[ 1559.366546][ T4615] Bluetooth: hci5: command tx timeout
[ 1559.854942][ T5698] bridge_slave_1: left allmulticast mode
[ 1559.860641][ T5698] bridge_slave_1: left promiscuous mode
[ 1559.919945][T17028] input: syz1 as /devices/virtual/input/input107
[ 1559.954302][ T5698] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1559.987815][ T5698] bridge_slave_0: left allmulticast mode
[ 1560.039981][ T5698] bridge_slave_0: left promiscuous mode
[ 1560.080887][ T5698] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1561.443655][ T4615] Bluetooth: hci5: command tx timeout
[ 1561.934089][T17058] futex_wake_op: syz.4.2147 tries to shift op by -1; fix this program
[ 1563.523489][ T4615] Bluetooth: hci5: command tx timeout
[ 1563.547626][ T5698] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1563.562853][ T5698] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1563.576929][ T5698] bond0 (unregistering): Released all slaves
[ 1564.129462][T16976] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1564.137407][T16976] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1564.156909][T16976] bridge_slave_0: entered allmulticast mode
[ 1564.177061][T16976] bridge_slave_0: entered promiscuous mode
[ 1564.262834][T16976] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1564.305328][T16976] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1564.370595][T16976] bridge_slave_1: entered allmulticast mode
[ 1564.385961][T16976] bridge_slave_1: entered promiscuous mode
[ 1564.876012][T16976] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1564.980320][T16976] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1565.082718][ T5698] hsr_slave_0: left promiscuous mode
[ 1565.111721][ T5698] hsr_slave_1: left promiscuous mode
[ 1565.141391][ T5698] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1565.176604][ T5698] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1565.231277][ T5698] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1565.376802][ T5698] veth1_macvtap: left promiscuous mode
[ 1565.423481][ T5698] veth0_macvtap: left promiscuous mode
[ 1565.444186][ T5698] veth1_vlan: left promiscuous mode
[ 1565.449585][ T5698] veth0_vlan: left promiscuous mode
[ 1569.152137][ T5698] team0 (unregistering): Port device team_slave_1 removed
[ 1569.301658][ T5698] team0 (unregistering): Port device team_slave_0 removed
[ 1570.808419][T16976] team0: Port device team_slave_0 added
[ 1570.874156][T16976] team0: Port device team_slave_1 added
[ 1571.453631][   T29] audit: type=1804 audit(1725424027.374:540): pid=17174 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.2167" name="/newroot/22/bus/bus" dev="overlay" ino=140 res=1 errno=0
[ 1571.476379][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1571.956591][T16976] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1571.988939][T16976] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1572.014824][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1572.058703][T16976] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1575.715469][T16976] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1575.886571][T16976] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1575.912484][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1576.046092][T16976] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1576.576802][T17197] netlink: 'syz.3.2172': attribute type 4 has an invalid length.
[ 1577.322259][T16976] hsr_slave_0: entered promiscuous mode
[ 1577.359039][T16976] hsr_slave_1: entered promiscuous mode
[ 1577.393736][T16976] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1577.416785][T16976] Cannot create hsr debugfs directory
[ 1577.422432][T17199] netlink: 'syz.3.2172': attribute type 4 has an invalid length.
[ 1579.388286][   T29] audit: type=1804 audit(1725424035.284:541): pid=17218 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.2175" name="/newroot/112/bus/bus" dev="overlay" ino=650 res=1 errno=0
[ 1580.619209][T17243] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1582.912772][T16976] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1583.008528][T16976] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1583.205801][T16976] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1583.292586][T16976] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1583.983762][   T29] audit: type=1804 audit(1725424040.034:542): pid=17265 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.2185" name="/newroot/114/bus/bus" dev="overlay" ino=669 res=1 errno=0
[ 1584.699946][T16976] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1584.920513][T17277] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1585.218862][T16976] 8021q: adding VLAN 0 to HW filter on device team0
[ 1585.328875][T16976] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1585.356570][T16976] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1585.861209][T10008] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1585.868478][T10008] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1586.273266][T10008] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1586.280496][T10008] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1587.311091][T16976] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1588.482678][T16976] veth0_vlan: entered promiscuous mode
[ 1588.764263][T16976] veth1_vlan: entered promiscuous mode
[ 1589.810077][T16976] veth0_macvtap: entered promiscuous mode
[ 1589.909060][T16976] veth1_macvtap: entered promiscuous mode
[ 1590.145383][T17333] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2196'.
[ 1590.167328][T16976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1590.240362][T16976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1590.665253][T17342] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2196'.
[ 1591.249543][T16976] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1591.264511][T17341] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1591.546963][T16976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1591.785292][T16976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1591.830380][T16976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1591.858840][T16976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1592.295499][T16976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1592.316908][T16976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1592.372302][T16976] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1592.388171][T16976] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1592.415926][T16976] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1592.535150][T16976] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1592.589664][T16976] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1592.814965][T16976] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1593.638231][T16976] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1593.855315][T13618] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1593.900530][T13618] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1594.111448][T10008] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1594.133621][T10008] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1594.563969][T12751] Bluetooth: hci3: command 0x0406 tx timeout
[ 1594.939839][T17386] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[ 1594.946378][T17386] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1594.970903][T17386] vhci_hcd vhci_hcd.0: Device attached
[ 1595.264833][    T8] usb 15-1: new high-speed USB device number 9 using vhci_hcd
[ 1595.335788][T17393] vhci_hcd: connection reset by peer
[ 1595.456162][T10007] vhci_hcd: stop threads
[ 1595.471502][T10007] vhci_hcd: release socket
[ 1595.488439][T10007] vhci_hcd: disconnect device
[ 1596.724220][  T941] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[ 1597.016241][  T941] usb 3-1: config 1 has an invalid descriptor of length 105, skipping remainder of the config
[ 1597.080881][  T941] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1597.125688][  T941] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1597.143487][  T941] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1597.174792][  T941] usb 3-1: SerialNumber: syz
[ 1599.508532][  T941] usb 3-1: 0:2 : does not exist
[ 1599.530251][  T941] usb 3-1: unit 5 not found!
[ 1599.621487][  T941] usb 3-1: USB disconnect, device number 12
[ 1599.664230][T17443] futex_wake_op: syz.0.2209 tries to shift op by -1; fix this program
[ 1599.805633][T17447] udevd[17447]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1600.268387][T17454] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[ 1600.274929][T17454] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1600.291799][T17454] vhci_hcd vhci_hcd.0: Device attached
[ 1600.994542][T17464] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2214'.
[ 1601.263483][    T8] vhci_hcd: vhci_device speed not set
[ 1601.321279][T17467] overlayfs: failed to resolve './bus': -2
[ 1601.332787][ T5308] usb 13-1: new high-speed USB device number 11 using vhci_hcd
[ 1601.600990][T17459] vhci_hcd: connection reset by peer
[ 1601.818208][T13618] vhci_hcd: stop threads
[ 1601.828555][T13618] vhci_hcd: release socket
[ 1602.478777][T13618] vhci_hcd: disconnect device
[ 1602.749889][T17481] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=17481 comm=syz.4.2218
[ 1603.966174][T17475] block nbd4: shutting down sockets
[ 1604.983565][T17498] futex_wake_op: syz.0.2221 tries to shift op by -1; fix this program
[ 1606.854785][ T5308] vhci_hcd: vhci_device speed not set
[ 1607.855796][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.865520][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[ 1608.540629][T17536] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[ 1608.547166][T17536] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1608.586716][T17536] vhci_hcd vhci_hcd.0: Device attached
[ 1608.873571][   T25] usb 9-1: new high-speed USB device number 5 using vhci_hcd
[ 1609.960711][T17543] vhci_hcd: connection reset by peer
[ 1609.986172][ T5679] vhci_hcd: stop threads
[ 1609.990433][ T5679] vhci_hcd: release socket
[ 1610.042101][ T5679] vhci_hcd: disconnect device
[ 1611.393489][ T5277] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1611.603519][ T5277] usb 2-1: device descriptor read/64, error -71
[ 1611.854181][T17570] netlink: 492 bytes leftover after parsing attributes in process `syz.3.2241'.
[ 1612.820065][ T5277] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 1613.016505][ T5277] usb 2-1: device descriptor read/64, error -71
[ 1613.174021][ T5277] usb usb2-port1: attempt power cycle
[ 1614.004992][   T25] vhci_hcd: vhci_device speed not set
[ 1621.101992][T17648] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[ 1621.108529][T17648] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1621.269744][T17648] vhci_hcd vhci_hcd.0: Device attached
[ 1621.580364][ T5277] usb 15-1: new high-speed USB device number 10 using vhci_hcd
[ 1621.734619][T17652] vhci_hcd: connection reset by peer
[ 1621.776412][T13618] vhci_hcd: stop threads
[ 1621.796613][T13618] vhci_hcd: release socket
[ 1621.796664][T13618] vhci_hcd: disconnect device
[ 1621.881630][T17658] netlink: 'syz.2.2261': attribute type 4 has an invalid length.
[ 1621.992944][T17660] netlink: 'syz.2.2261': attribute type 4 has an invalid length.
[ 1626.880688][ T5277] vhci_hcd: vhci_device speed not set
[ 1627.388141][   T29] audit: type=1804 audit(1725424083.494:543): pid=17689 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.2268" name="/newroot/314/bus/bus" dev="overlay" ino=1769 res=1 errno=0
[ 1627.410956][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1628.644569][   T29] audit: type=1804 audit(1725424084.764:544): pid=17697 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.4.2269" name="/newroot/315/bus/bus" dev="overlay" ino=1783 res=1 errno=0
[ 1630.279757][   T29] audit: type=1804 audit(1725424085.784:545): pid=17702 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.2271" name="/newroot/133/bus/bus" dev="overlay" ino=778 res=1 errno=0
[ 1631.341411][T17721] netlink: 'syz.2.2276': attribute type 4 has an invalid length.
[ 1631.489373][T17723] netlink: 'syz.2.2276': attribute type 4 has an invalid length.
[ 1632.114636][   T29] audit: type=1804 audit(1725424088.024:546): pid=17729 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.2278" name="/newroot/49/bus/bus" dev="overlay" ino=313 res=1 errno=0
[ 1635.393539][T16564] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[ 1635.895883][T16564] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1635.955639][T16564] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1636.016032][T16564] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1636.080591][T16564] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1636.153452][T16564] usb 1-1: SerialNumber: syz
[ 1636.514262][T17741] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2283'.
[ 1636.592864][T16564] usb 1-1: invalid UAC_HEADER (v1)
[ 1636.667953][T16564] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 1636.759146][T16564] usb 1-1: USB disconnect, device number 17
[ 1637.904223][T17773] udevd[17773]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1639.747919][T17799] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=17799 comm=syz.4.2295
[ 1640.797549][T17797] block nbd4: shutting down sockets
[ 1642.948123][T17826] 9pnet_fd: Insufficient options for proto=fd
[ 1643.450088][T17837] futex_wake_op: syz.0.2304 tries to shift op by -1; fix this program
[ 1645.688311][T17862] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2313'.
[ 1647.440540][T17872] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[ 1651.537877][T17892] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=17892 comm=syz.0.2318
[ 1651.728393][T17889] block nbd0: shutting down sockets
[ 1652.749815][T17914] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=17914 comm=syz.1.2322
[ 1652.766079][ T5274] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[ 1652.985300][ T5274] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1653.044021][ T5274] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1653.085047][ T5274] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1653.107871][ T5274] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1653.146082][ T5274] usb 1-1: SerialNumber: syz
[ 1653.419911][T17903] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2320'.
[ 1653.519805][T17911] block nbd1: shutting down sockets
[ 1653.541132][ T5274] usb 1-1: 0:2 : does not exist
[ 1653.669912][ T5274] usb 1-1: USB disconnect, device number 18
[ 1653.820761][T17895] udevd[17895]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1654.375490][T17928] netlink: 'syz.1.2325': attribute type 4 has an invalid length.
[ 1654.531455][T17928] netlink: 'syz.1.2325': attribute type 4 has an invalid length.
[ 1657.097828][T17953] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(3)
[ 1657.104359][T17953] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1657.136669][T17953] vhci_hcd vhci_hcd.0: Device attached
[ 1657.503841][T16630] usb 17-1: new high-speed USB device number 11 using vhci_hcd
[ 1660.994755][T17954] vhci_hcd: connection reset by peer
[ 1661.018333][ T5693] vhci_hcd: stop threads
[ 1661.046218][ T5693] vhci_hcd: release socket
[ 1661.093298][ T5693] vhci_hcd: disconnect device
[ 1662.582170][T17989] futex_wake_op: syz.0.2341 tries to shift op by -1; fix this program
[ 1663.366031][T17997] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=17997 comm=syz.4.2344
[ 1664.736563][T17996] block nbd4: shutting down sockets
[ 1666.718990][T16630] vhci_hcd: vhci_device speed not set
[ 1669.289337][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[ 1669.297369][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[ 1671.008521][T18070] netlink: 'syz.0.2362': attribute type 4 has an invalid length.
[ 1671.116342][T18074] netlink: 'syz.0.2362': attribute type 4 has an invalid length.
[ 1673.584327][ T5276] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[ 1673.796315][ T5276] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1673.824309][ T5276] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1673.869043][ T5276] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1673.903537][ T5276] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1673.931979][ T5276] usb 3-1: SerialNumber: syz
[ 1674.210229][T18088] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2368'.
[ 1674.271251][ T5276] usb 3-1: 0:2 : does not exist
[ 1674.306321][ T5276] usb 3-1: unit 5 not found!
[ 1674.398723][ T5276] usb 3-1: USB disconnect, device number 13
[ 1674.631592][T18111] udevd[18111]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1681.603767][T18155] Bluetooth: hci5: command 0x0406 tx timeout
[ 1681.796724][   T29] audit: type=1400 audit(1725424137.024:547): avc:  denied  { create } for  pid=18165 comm="syz.2.2385" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_tcpdiag_socket permissive=1
[ 1682.203910][T18172] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=18172 comm=syz.1.2386
[ 1682.304770][T18174] futex_wake_op: syz.2.2387 tries to shift op by -1; fix this program
[ 1682.388299][T18171] block nbd1: shutting down sockets
[ 1683.064175][ T5274] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[ 1683.265192][ T5274] usb 5-1: config 1 has an invalid descriptor of length 105, skipping remainder of the config
[ 1683.293404][ T5274] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1683.304564][ T5274] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1683.318221][ T5274] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1683.333116][ T5274] usb 5-1: SerialNumber: syz
[ 1683.465616][T18195] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=18195 comm=syz.2.2392
[ 1683.496023][T18195] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1683.549688][T18195] batadv_slave_0: entered allmulticast mode
[ 1683.992536][T18193] block nbd2: shutting down sockets
[ 1685.233391][T16564] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[ 1685.353703][T18213] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=18213 comm=syz.3.2396
[ 1685.389697][ T5274] usb 5-1: 0:2 : does not exist
[ 1685.400463][ T5274] usb 5-1: unit 5 not found!
[ 1685.445171][ T5274] usb 5-1: USB disconnect, device number 21
[ 1685.456727][T16564] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1685.485173][T16564] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1685.508323][T18214] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1685.536362][T16564] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1685.558533][T18111] udevd[18111]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1685.588122][T18214] batadv_slave_0: entered allmulticast mode
[ 1685.610351][T16564] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1685.673049][T16564] usb 3-1: SerialNumber: syz
[ 1685.974763][T16564] usb 3-1: 0:2 : does not exist
[ 1686.006737][T16564] usb 3-1: unit 5 not found!
[ 1686.184644][T16564] usb 3-1: USB disconnect, device number 14
[ 1686.306043][T18111] udevd[18111]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1688.220304][T18238] futex_wake_op: syz.1.2402 tries to shift op by -1; fix this program
[ 1688.635644][   T29] audit: type=1804 audit(1725424144.774:548): pid=18242 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.2399" name="/newroot/158/bus/bus" dev="overlay" ino=937 res=1 errno=0
[ 1691.599829][T18261] futex_wake_op: syz.1.2408 tries to shift op by -1; fix this program
[ 1699.507912][   T29] audit: type=1804 audit(1725424155.084:549): pid=18328 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.0.2425" name="/newroot/162/bus/bus" dev="overlay" ino=966 res=1 errno=0
[ 1702.029911][T18345] futex_wake_op: syz.2.2429 tries to shift op by -1; fix this program
[ 1703.696977][T18363] futex_wake_op: syz.3.2433 tries to shift op by -1; fix this program
[ 1703.999242][T18369] futex_wake_op: syz.4.2435 tries to shift op by -1; fix this program
[ 1715.382270][T18410] block nbd0: shutting down sockets
[ 1716.986071][T18155] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1717.004148][T18155] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1717.012441][T18155] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1717.023162][T18155] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1717.031435][T18155] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1717.039013][T18155] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1719.032981][T10007] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1719.206891][T18155] Bluetooth: hci4: command tx timeout
[ 1719.222500][T18444] chnl_net:caif_netlink_parms(): no params data found
[ 1719.733800][T10007] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1720.012573][   T29] audit: type=1804 audit(1725424175.964:550): pid=18474 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.3.2457" name="/newroot/86/bus/bus" dev="overlay" ino=522 res=1 errno=0
[ 1720.411758][T18469] netlink: 'syz.2.2458': attribute type 4 has an invalid length.
[ 1720.548707][T18471] netlink: 'syz.2.2458': attribute type 4 has an invalid length.
[ 1720.703245][T10007] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1721.333713][T18155] Bluetooth: hci4: command tx timeout
[ 1721.717845][T10007] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1722.496265][T18483] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[ 1722.502827][T18483] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1722.673554][T18483] vhci_hcd vhci_hcd.0: Device attached
[ 1722.708759][T18444] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1722.795526][T18444] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1722.802828][T18444] bridge_slave_0: entered allmulticast mode
[ 1722.886128][T18444] bridge_slave_0: entered promiscuous mode
[ 1722.909588][T18491] vhci_hcd: connection closed
[ 1722.912610][   T52] vhci_hcd: stop threads
[ 1722.934079][T18444] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1722.965560][T18444] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1722.971965][   T52] vhci_hcd: release socket
[ 1723.159751][ T5277] usb 9-1: new high-speed USB device number 6 using vhci_hcd
[ 1723.794659][T18444] bridge_slave_1: entered allmulticast mode
[ 1723.802508][T18444] bridge_slave_1: entered promiscuous mode
[ 1723.808627][T18155] Bluetooth: hci4: command tx timeout
[ 1723.889976][   T52] vhci_hcd: disconnect device
[ 1724.225642][T18444] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1725.067545][T18444] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1725.412868][T18444] team0: Port device team_slave_0 added
[ 1725.448889][T10007] bridge_slave_1: left allmulticast mode
[ 1725.463624][T10007] bridge_slave_1: left promiscuous mode
[ 1725.478646][T10007] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1725.522061][T10007] bridge_slave_0: left allmulticast mode
[ 1725.548463][T10007] bridge_slave_0: left promiscuous mode
[ 1725.569980][T10007] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1725.883486][T18155] Bluetooth: hci4: command tx timeout
[ 1728.561978][ T5277] vhci_hcd: vhci_device speed not set
[ 1728.622669][T10007] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1728.660073][T10007] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1728.766175][T10007] bond0 (unregistering): Released all slaves
[ 1728.944809][T18444] team0: Port device team_slave_1 added
[ 1729.976078][T18444] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1730.038687][T18444] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1730.187914][T18444] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1730.525180][T18444] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1730.552603][T18444] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1730.658486][T18444] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1730.728992][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[ 1730.741224][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[ 1731.253377][T10007] hsr_slave_0: left promiscuous mode
[ 1731.269731][T10007] hsr_slave_1: left promiscuous mode
[ 1731.292353][T10007] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1731.394799][T10007] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1731.405686][T10007] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1731.695017][T10007] veth1_macvtap: left promiscuous mode
[ 1731.744057][T10007] veth0_macvtap: left promiscuous mode
[ 1731.772415][T10007] veth1_vlan: left promiscuous mode
[ 1731.799729][T10007] veth0_vlan: left promiscuous mode
[ 1734.713143][T10007] team0 (unregistering): Port device team_slave_1 removed
[ 1734.883092][T10007] team0 (unregistering): Port device team_slave_0 removed
[ 1741.449535][T18444] hsr_slave_0: entered promiscuous mode
[ 1741.457269][T18444] hsr_slave_1: entered promiscuous mode
[ 1744.174049][T18678] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=18678 comm=syz.2.2498
[ 1745.807620][T18693] overlayfs: missing 'lowerdir'
[ 1746.081389][T18698] futex_wake_op: syz.3.2502 tries to shift op by -1; fix this program
[ 1747.271548][   T29] audit: type=1804 audit(1725424203.104:551): pid=18719 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.2504" name="/newroot/60/bus/bus" dev="overlay" ino=380 res=1 errno=0
[ 1747.544171][T18444] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1749.631820][T18444] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1749.746327][T18444] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1749.834371][T18444] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1750.137386][T18732] futex_wake_op: syz.3.2510 tries to shift op by -1; fix this program
[ 1750.466767][T18444] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1750.576694][T18444] 8021q: adding VLAN 0 to HW filter on device team0
[ 1750.618044][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1750.625365][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1750.698490][T13462] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1750.705845][T13462] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1751.472770][T18752] overlayfs: missing 'lowerdir'
[ 1751.591596][T18444] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1751.770129][T18444] veth0_vlan: entered promiscuous mode
[ 1752.692097][T18444] veth1_vlan: entered promiscuous mode
[ 1753.084532][T18444] veth0_macvtap: entered promiscuous mode
[ 1753.134339][T18444] veth1_macvtap: entered promiscuous mode
[ 1753.302119][T18444] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1753.359661][T18444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1753.411769][T18444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1753.493615][T18444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1753.510462][T18444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1753.547186][T18444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1753.623617][T18444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1753.745519][T18444] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1753.912572][T18444] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1754.112643][T18444] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1754.325637][T18444] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1754.373827][T18444] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1754.412589][T18444] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1754.449592][T18444] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1755.096532][ T5669] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1755.117052][ T5669] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1755.175370][ T5669] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1755.196433][ T5669] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1758.637713][T18833] futex_wake_op: syz.3.2524 tries to shift op by -1; fix this program
[ 1759.393927][   T29] audit: type=1804 audit(1725424215.314:552): pid=18847 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.1.2526" name="/newroot/2/bus/bus" dev="overlay" ino=36 res=1 errno=0
[ 1765.673516][ T5277] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1766.114268][ T5277] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1766.253331][ T5277] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1766.277131][ T5277] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1766.286548][ T5277] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1766.294885][ T5277] usb 5-1: SerialNumber: syz
[ 1768.792505][ T5277] usb 5-1: 0:2 : does not exist
[ 1768.836697][ T5277] usb 5-1: unit 4 not found!
[ 1768.951787][ T5277] usb 5-1: USB disconnect, device number 22
[ 1769.134757][T18960] udevd[18960]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1769.621145][T18969] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2552'.
[ 1770.125403][T18973] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2552'.
[ 1770.568122][T18972] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1772.607615][   T29] audit: type=1804 audit(1725424228.714:553): pid=18989 uid=0 auid=4294967295 ses=4294967295 subj=root:sysadm_r:sysadm_t op=invalid_pcr cause=open_writers comm="syz.2.2555" name="/newroot/70/bus/bus" dev="overlay" ino=444 res=1 errno=0
[ 1773.521035][T18995] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=18995 comm=syz.1.2558
[ 1773.708306][T18998] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1773.744883][T18998] batadv_slave_0: entered allmulticast mode
[ 1774.419953][T18993] block nbd1: shutting down sockets
[ 1774.664093][T19010] futex_wake_op: syz.3.2562 tries to shift op by -1; fix this program
[ 1774.714113][T19009] futex_wake_op: syz.2.2561 tries to shift op by -1; fix this program
[ 1783.636874][T19084] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2581'.
[ 1783.648600][    T8] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[ 1785.061824][T19095] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=19095 comm=syz.0.2584
[ 1786.759645][T19093] block nbd0: shutting down sockets
[ 1788.722041][T19133] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2594'.
[ 1789.314343][T19142] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=19142 comm=syz.4.2595
[ 1789.970543][T19135] block nbd4: shutting down sockets
[ 1790.061891][T19149] netlink: 'syz.3.2597': attribute type 4 has an invalid length.
[ 1790.176624][T19151] netlink: 'syz.3.2597': attribute type 4 has an invalid length.
[ 1790.806781][T19154] futex_wake_op: syz.0.2599 tries to shift op by -1; fix this program
[ 1792.184008][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[ 1792.190311][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[ 1793.048785][T19175] syzkaller0: entered promiscuous mode
[ 1793.083434][T19175] syzkaller0: entered allmulticast mode
[ 1798.843708][T19195] netlink: 'syz.4.2609': attribute type 4 has an invalid length.
[ 1798.938316][T19191] netlink: 'syz.4.2609': attribute type 4 has an invalid length.
[ 1798.987814][T19206] netlink: 'syz.1.2611': attribute type 4 has an invalid length.
[ 1799.093440][T19208] netlink: 'syz.1.2611': attribute type 4 has an invalid length.
[ 1803.866635][T19264] netlink: 'syz.1.2624': attribute type 4 has an invalid length.
[ 1803.977684][T19267] netlink: 'syz.1.2624': attribute type 4 has an invalid length.
[ 1806.210754][T19292] futex_wake_op: syz.3.2631 tries to shift op by -1; fix this program
[ 1810.331510][T19335] futex_wake_op: syz.2.2642 tries to shift op by -1; fix this program
[ 1814.938947][T19380] futex_wake_op: syz.3.2653 tries to shift op by -1; fix this program
[ 1816.270946][T19403] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=19403 comm=syz.4.2658
[ 1817.058553][T19397] block nbd4: shutting down sockets
[ 1817.697886][T19413] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=19413 comm=syz.0.2661
[ 1818.544317][T19410] block nbd0: shutting down sockets
[ 1820.855856][T19441] futex_wake_op: syz.0.2668 tries to shift op by -1; fix this program
[ 1823.345080][T19466] netlink: 'syz.2.2675': attribute type 4 has an invalid length.
[ 1823.423864][T19467] netlink: 'syz.2.2675': attribute type 4 has an invalid length.
[ 1829.567980][T19521] futex_wake_op: syz.3.2689 tries to shift op by -1; fix this program
[ 1829.815966][T19533] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=19533 comm=syz.0.2691
[ 1830.626931][T19522] block nbd0: shutting down sockets
[ 1832.240891][T19540] futex_wake_op: syz.1.2695 tries to shift op by -1; fix this program
[ 1834.388866][T19562] futex_wake_op: syz.2.2700 tries to shift op by -1; fix this program
[ 1835.942825][T19588] futex_wake_op: syz.2.2706 tries to shift op by -1; fix this program
[ 1839.211450][T19615] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2713'.
[ 1839.690282][T19622] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2713'.
[ 1840.119666][T19621] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1840.972775][ T4615] Bluetooth: hci4: command 0x0406 tx timeout
[ 1843.578703][T19654] futex_wake_op: syz.3.2721 tries to shift op by -1; fix this program
[ 1848.273181][T19699] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=19699 comm=syz.1.2732
[ 1850.012541][T19695] block nbd1: shutting down sockets
[ 1850.447513][T19721] futex_wake_op: syz.3.2737 tries to shift op by -1; fix this program
[ 1850.472923][ T9874] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[ 1850.705672][ T9874] usb 5-1: config 1 has an invalid descriptor of length 105, skipping remainder of the config
[ 1850.787931][ T9874] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1850.830514][ T9874] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1850.879471][ T9874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1850.924747][ T9874] usb 5-1: SerialNumber: syz
[ 1851.264356][T19705] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2734'.
[ 1851.506201][ T9874] usb 5-1: 0:2 : does not exist
[ 1853.385548][ T9874] usb 5-1: USB disconnect, device number 23
[ 1853.614346][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.620708][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[ 1853.660455][T19720] udevd[19720]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1853.701199][T19744] futex_wake_op: syz.2.2742 tries to shift op by -1; fix this program
[ 1857.412274][T19761] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=19761 comm=syz.3.2745
[ 1860.213365][T16630] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 1866.982128][T19842] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=19842 comm=syz.3.2765
[ 1867.114983][T19841] block nbd3: shutting down sockets
[ 1867.229090][    T8] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[ 1867.465802][    T8] usb 2-1: config 1 has an invalid descriptor of length 105, skipping remainder of the config
[ 1867.521866][    T8] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1867.585225][    T8] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1867.599295][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1867.608863][    T8] usb 2-1: SerialNumber: syz
[ 1868.017703][T19825] netlink: 'syz.1.2760': attribute type 72 has an invalid length.
[ 1868.046508][T19825] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2760'.
[ 1868.286277][    T8] usb 2-1: 0:2 : does not exist
[ 1868.332135][    T8] usb 2-1: USB disconnect, device number 23
[ 1868.570211][T19860] udevd[19860]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1877.612323][T19954] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=19954 comm=syz.2.2789
[ 1877.863491][   T25] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[ 1878.055754][   T25] usb 2-1: config 1 has an invalid descriptor of length 105, skipping remainder of the config
[ 1878.100019][   T25] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1878.133521][   T25] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1878.158930][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1878.194388][   T25] usb 2-1: SerialNumber: syz
[ 1878.420362][T19948] block nbd2: shutting down sockets
[ 1878.585311][   T25] usb 2-1: 0:2 : does not exist
[ 1878.900390][   T25] usb 2-1: USB disconnect, device number 24
[ 1878.988913][T19860] udevd[19860]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1880.186021][T19980] futex_wake_op: syz.3.2796 tries to shift op by -1; fix this program
[ 1882.193528][T16630] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[ 1882.437828][T16630] usb 1-1: config 1 has an invalid descriptor of length 105, skipping remainder of the config
[ 1882.462144][T16630] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1882.515439][T16630] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1882.541816][T20002] futex_wake_op: syz.3.2801 tries to shift op by -1; fix this program
[ 1882.553017][T16630] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1882.564968][T16630] usb 1-1: SerialNumber: syz
[ 1882.974323][T16630] usb 1-1: 0:2 : does not exist
[ 1883.108723][T20006] futex_wake_op: syz.2.2802 tries to shift op by -1; fix this program
[ 1883.124571][T16630] usb 1-1: USB disconnect, device number 19
[ 1883.166709][T19860] udevd[19860]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1887.573733][T20057] futex_wake_op: syz.0.2813 tries to shift op by -1; fix this program
[ 1887.828087][T20061] futex_wake_op: syz.1.2815 tries to shift op by -1; fix this program
[ 1887.987916][T20066] futex_wake_op: syz.4.2816 tries to shift op by -1; fix this program
[ 1888.908803][T20079] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[ 1888.915341][T20079] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1888.957254][T20079] vhci_hcd vhci_hcd.0: Device attached
[ 1889.247267][ T5276] usb 13-1: new high-speed USB device number 12 using vhci_hcd
[ 1890.669407][T20084] vhci_hcd: connection reset by peer
[ 1890.713902][   T52] vhci_hcd: stop threads
[ 1890.729731][   T52] vhci_hcd: release socket
[ 1890.755388][   T52] vhci_hcd: disconnect device
[ 1890.825234][T20100] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2824'.
[ 1891.258109][T20104] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2824'.
[ 1891.802674][T20103] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1894.417012][ T5276] vhci_hcd: vhci_device speed not set
[ 1896.033574][ T9874] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1896.107434][   T29] audit: type=1326 audit(1725424352.244:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20146 comm="syz.0.2835" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09deb7cef9 code=0x7fc00000
[ 1896.266115][ T9874] usb 3-1: config 1 has an invalid descriptor of length 105, skipping remainder of the config
[ 1896.294631][ T9874] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1896.316005][ T9874] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1896.338477][ T9874] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1896.363295][ T9874] usb 3-1: SerialNumber: syz
[ 1896.675053][ T9874] usb 3-1: 0:2 : does not exist
[ 1896.753583][ T9874] usb 3-1: USB disconnect, device number 16
[ 1896.958990][T19860] udevd[19860]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1898.103424][   T29] audit: type=1400 audit(1725424354.224:555): avc:  denied  { bind } for  pid=20171 comm="syz.0.2840" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[ 1898.123244][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1898.346052][T20178] 9pnet_virtio: no channels available for device 
[ 1899.019123][T20191] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2844'.
[ 1899.455152][T20196] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2844'.
[ 1899.948218][T20195] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_cmd_wq": -EINTR
[ 1901.652387][   T29] audit: type=1326 audit(1725424357.794:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20213 comm="syz.0.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09deb7cef9 code=0x7fc00000
[ 1901.699400][T20214] futex_wake_op: syz.3.2849 tries to shift op by -1; fix this program
[ 1902.007686][T20220] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[ 1902.014240][T20220] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1902.038607][T20220] vhci_hcd vhci_hcd.0: Device attached
[ 1902.118659][T20223] usbip_core: unknown command
[ 1902.248338][T20223] vhci_hcd: unknown pdu 3020988904
[ 1902.294501][T20223] usbip_core: unknown command
[ 1902.336887][T10007] vhci_hcd: stop threads
[ 1902.374463][T10007] vhci_hcd: release socket
[ 1902.389483][   T29] audit: type=1326 audit(1725424358.504:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20213 comm="syz.0.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f09deb7cef9 code=0x7fc00000
[ 1902.418394][T10007] vhci_hcd: disconnect device
[ 1902.420318][   T25] usb 13-1: new high-speed USB device number 13 using vhci_hcd
[ 1902.487681][   T29] audit: type=1326 audit(1725424358.504:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20213 comm="syz.0.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09deb7cef9 code=0x7fc00000
[ 1902.643428][   T29] audit: type=1326 audit(1725424358.504:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20213 comm="syz.0.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09deb7cef9 code=0x7fc00000
[ 1902.679341][   T29] audit: type=1326 audit(1725424358.504:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20213 comm="syz.0.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09deb7cef9 code=0x7fc00000
[ 1902.769048][   T29] audit: type=1326 audit(1725424358.504:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20213 comm="syz.0.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09deb7cef9 code=0x7fc00000
[ 1902.846039][   T29] audit: type=1326 audit(1725424358.504:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20213 comm="syz.0.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09deb7cef9 code=0x7fc00000
[ 1902.876625][   T29] audit: type=1326 audit(1725424358.504:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20213 comm="syz.0.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09deb7cef9 code=0x7fc00000
[ 1903.069406][   T29] audit: type=1326 audit(1725424358.504:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20213 comm="syz.0.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09deb7cef9 code=0x7fc00000
[ 1903.096970][   T29] audit: type=1326 audit(1725424358.504:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=20213 comm="syz.0.2850" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f09deb7cef9 code=0x7fc00000
[ 1903.951485][T20235] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[ 1903.958126][T20235] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1903.972154][T20235] vhci_hcd vhci_hcd.0: Device attached
[ 1904.233458][ T9874] usb 17-1: new high-speed USB device number 12 using vhci_hcd
[ 1904.375463][T20236] vhci_hcd: connection reset by peer
[ 1904.452583][T20247] futex_wake_op: syz.1.2856 tries to shift op by -1; fix this program
[ 1904.467713][T10007] vhci_hcd: stop threads
[ 1904.479118][T10007] vhci_hcd: release socket
[ 1904.510808][T10007] vhci_hcd: disconnect device
[ 1904.925542][T20254] futex_wake_op: syz.2.2857 tries to shift op by -1; fix this program
[ 1906.536501][ T5274] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[ 1906.815926][ T5274] usb 2-1: config 1 has an invalid descriptor of length 105, skipping remainder of the config
[ 1906.860750][ T5274] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1906.878455][ T5274] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1906.901111][ T5274] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1906.933299][ T5274] usb 2-1: SerialNumber: syz
[ 1908.123404][   T25] vhci_hcd: vhci_device speed not set
[ 1908.210994][ T5274] usb 2-1: 0:2 : does not exist
[ 1908.434833][ T5274] usb 2-1: USB disconnect, device number 25
[ 1908.500265][T19860] udevd[19860]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1908.808273][T20298] 9pnet_virtio: no channels available for device 
[ 1909.385637][ T9874] vhci_hcd: vhci_device speed not set
[ 1912.033420][T20324] 9pnet_virtio: no channels available for device 
[ 1912.125637][T20339] futex_wake_op: syz.4.2879 tries to shift op by -1; fix this program
[ 1913.041614][T20344] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=20344 comm=syz.3.2880
[ 1913.364830][T20341] block nbd3: shutting down sockets
[ 1914.710223][T20356] 9pnet_virtio: no channels available for device 
[ 1915.047369][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[ 1915.057314][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[ 1917.137632][T20412] netlink: 'syz.4.2896': attribute type 4 has an invalid length.
[ 1920.005064][T20438] netlink: 'syz.1.2903': attribute type 4 has an invalid length.
[ 1920.548556][T20444] 9pnet_virtio: no channels available for device 
[ 1920.689429][T20451] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=20451 comm=syz.0.2908
[ 1920.807632][T20450] block nbd0: shutting down sockets
[ 1920.941997][T20457] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=20457 comm=syz.1.2909
[ 1921.582347][T20452] block nbd1: shutting down sockets
[ 1924.263167][T20485] 9pnet_virtio: no channels available for device 
[ 1926.121443][T20507] 9pnet_virtio: no channels available for device 
[ 1932.505137][T20597] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[ 1932.511690][T20597] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1932.569808][T20597] vhci_hcd vhci_hcd.0: Device attached
[ 1932.853803][T16564] usb 17-1: new high-speed USB device number 13 using vhci_hcd
[ 1933.215630][T20602] vhci_hcd: connection reset by peer
[ 1933.266902][ T5669] vhci_hcd: stop threads
[ 1933.282855][ T5669] vhci_hcd: release socket
[ 1933.295009][ T5669] vhci_hcd: disconnect device
[ 1934.771952][T20629] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=20629 comm=syz.1.2948
[ 1935.572577][T20628] block nbd1: shutting down sockets
[ 1936.670172][T20654] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=20654 comm=syz.1.2953
[ 1937.710988][T20650] block nbd1: shutting down sockets
[ 1938.003616][T16564] vhci_hcd: vhci_device speed not set
[ 1941.337335][T20691] 9pnet_virtio: no channels available for device 
[ 1943.428507][T20713] 9pnet_virtio: no channels available for device 
[ 1943.789901][T20722] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(7)
[ 1943.796437][T20722] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1943.862718][T20722] vhci_hcd vhci_hcd.0: Device attached
[ 1943.966445][T20728] usbip_core: unknown command
[ 1943.992264][T20728] vhci_hcd: unknown pdu 3020988904
[ 1944.033023][T20728] usbip_core: unknown command
[ 1944.167323][ T5693] vhci_hcd: stop threads
[ 1944.173450][ T5274] usb 13-1: new high-speed USB device number 14 using vhci_hcd
[ 1944.186146][ T5693] vhci_hcd: release socket
[ 1944.204794][ T5693] vhci_hcd: disconnect device
[ 1946.450820][T20741] block nbd0: shutting down sockets
[ 1947.269160][T20760] 9pnet_virtio: no channels available for device 
[ 1947.638343][T20764] 9pnet_virtio: no channels available for device 
[ 1948.027749][T20768] 9pnet_virtio: no channels available for device 
[ 1948.462695][T20782] Bluetooth: MGMT ver 1.23
[ 1949.375741][ T5274] vhci_hcd: vhci_device speed not set
[ 1949.603501][T20789] 9pnet_virtio: no channels available for device 
[ 1949.826161][T20799] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=20799 comm=syz.3.2987
[ 1950.626177][T20795] block nbd3: shutting down sockets
[ 1951.033471][T20813] netlink: 'syz.0.2990': attribute type 4 has an invalid length.
[ 1953.209585][T20846] overlayfs: overlapping lowerdir path
[ 1953.336689][T20850] overlayfs: overlapping lowerdir path
[ 1955.640822][T20879] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7)
[ 1955.647340][T20879] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1955.659972][T20861] 9pnet_virtio: no channels available for device 
[ 1955.685209][T20879] vhci_hcd vhci_hcd.0: Device attached
[ 1955.814974][T20880] usbip_core: unknown command
[ 1955.885636][T20880] vhci_hcd: unknown pdu 3020988904
[ 1955.938365][T20880] usbip_core: unknown command
[ 1956.097227][    T8] usb 15-1: new high-speed USB device number 11 using vhci_hcd
[ 1956.110894][T20881] vhci_hcd: sendmsg failed!, ret=-32 for 48
[ 1956.124994][ T5698] vhci_hcd: stop threads
[ 1956.129259][ T5698] vhci_hcd: release socket
[ 1957.044728][ T5698] vhci_hcd: disconnect device
[ 1957.406671][T20895] overlayfs: overlapping lowerdir path
[ 1958.658630][T20912] overlayfs: overlapping lowerdir path
[ 1960.108714][T20904] 9pnet_virtio: no channels available for device 
[ 1960.626952][T20934] overlayfs: overlapping lowerdir path
[ 1960.848161][T20919] block nbd0: shutting down sockets
[ 1960.978649][T20937] overlayfs: overlapping lowerdir path
[ 1961.204538][    T8] vhci_hcd: vhci_device speed not set
[ 1962.774524][T20957] overlayfs: overlapping lowerdir path
[ 1962.961348][T20965] overlayfs: overlapping lowerdir path
[ 1963.045450][T20940] block nbd0: shutting down sockets
[ 1963.738720][T20964] 9pnet_virtio: no channels available for device 
[ 1963.750047][T20970] 9pnet_virtio: no channels available for device 
[ 1964.228105][   T29] kauditd_printk_skb: 58 callbacks suppressed
[ 1964.228119][   T29] audit: type=1400 audit(1725424420.354:624): avc:  denied  { setopt } for  pid=20982 comm="syz.0.3027" lport=59486 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[ 1964.387686][   T29] audit: type=1400 audit(1725424420.524:625): avc:  denied  { read } for  pid=20982 comm="syz.0.3027" lport=59486 faddr=::ffff:172.20.255.187 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=sctp_socket permissive=1
[ 1966.973271][T20991] 9pnet_virtio: no channels available for device 
[ 1967.319637][T21012] netlink: 'syz.2.3034': attribute type 4 has an invalid length.
[ 1967.649473][T21017] futex_wake_op: syz.3.3035 tries to shift op by -1; fix this program
[ 1970.152965][T21058] overlayfs: overlapping lowerdir path
[ 1970.307412][T21059] overlayfs: overlapping lowerdir path
[ 1970.324368][T21047] 9pnet_virtio: no channels available for device 
[ 1971.320628][T21062] block nbd0: shutting down sockets
[ 1971.710289][T21068] 9pnet_virtio: no channels available for device 
[ 1973.416867][T21089] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=21089 comm=syz.0.3052
[ 1973.730690][T21099] overlayfs: overlapping lowerdir path
[ 1973.770566][T21096] 9pnet_virtio: no channels available for device 
[ 1974.185367][T21087] block nbd0: shutting down sockets
[ 1974.802724][T21113] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=21113 comm=syz.4.3057
[ 1975.428156][T21114] 9pnet_virtio: no channels available for device 
[ 1975.601442][T21108] block nbd4: shutting down sockets
[ 1975.799691][T21129] overlayfs: overlapping lowerdir path
[ 1976.487897][ T1272] ieee802154 phy0 wpan0: encryption failed: -22
[ 1976.497754][ T1272] ieee802154 phy1 wpan1: encryption failed: -22
[ 1976.676171][T21140] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=21140 comm=syz.4.3063
[ 1977.879983][T21153] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[ 1977.886504][T21153] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 1977.963619][T21143] 9pnet_virtio: no channels available for device 
[ 1978.020926][T21153] vhci_hcd vhci_hcd.0: Device attached
[ 1978.210314][T21133] block nbd4: shutting down sockets
[ 1978.323452][T16564] usb 15-1: new high-speed USB device number 12 using vhci_hcd
[ 1978.383538][T21154] usbip_core: unknown command
[ 1978.393419][T21154] vhci_hcd: unknown pdu 3020988904
[ 1978.460026][T21154] usbip_core: unknown command
[ 1978.471527][T10007] vhci_hcd: stop threads
[ 1978.485489][T10007] vhci_hcd: release socket
[ 1978.519486][T10007] vhci_hcd: disconnect device
[ 1979.073713][T21157] 9pnet_virtio: no channels available for device 
[ 1979.265355][T21168] overlayfs: overlapping lowerdir path
[ 1981.164325][T21176] 9pnet_virtio: no channels available for device 
[ 1982.065729][T18155] Bluetooth: hci3: unexpected event 0x04 length: 14 > 10
[ 1982.341605][T21200] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1983.523486][T16564] vhci_hcd: vhci_device speed not set
[ 1984.083685][T18155] Bluetooth: hci3: command 0x0406 tx timeout
[ 1984.186003][T21218] overlayfs: overlapping lowerdir path
[ 1984.422240][T21211] 9pnet_virtio: no channels available for device 
[ 1984.426976][T21213] 9pnet_virtio: no channels available for device 
[ 1985.049804][T21222] 9pnet_virtio: no channels available for device 
[ 1985.105416][T21231] overlayfs: overlapping lowerdir path
[ 1986.258817][T21247] overlayfs: overlapping lowerdir path
[ 1986.541566][T18155] Bluetooth: hci2: unexpected event 0x04 length: 14 > 10
[ 1986.864748][T21253] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1988.231315][T21263] overlayfs: overlapping lowerdir path
[ 1988.514257][T21269] overlayfs: overlapping lowerdir path
[ 1988.573478][T18155] Bluetooth: hci2: command 0x0406 tx timeout
[ 1988.653722][T18155] Bluetooth: hci5: unexpected event 0x04 length: 14 > 10
[ 1988.984307][T21274] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1990.002530][T21277] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=21277 comm=syz.1.3093
[ 1990.726040][T18155] Bluetooth: hci5: command 0x0406 tx timeout
[ 1990.781530][T21266] block nbd1: shutting down sockets
[ 1991.060079][T21291] overlayfs: overlapping lowerdir path
[ 1992.501246][T21303] overlayfs: overlapping lowerdir path
[ 1993.284515][T21317] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=21317 comm=syz.4.3105
[ 1993.819648][T21310] block nbd4: shutting down sockets
[ 1994.450808][T18155] Bluetooth: hci0: unexpected event 0x04 length: 14 > 10
[ 1994.766582][T21327] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1995.974093][T21338] overlayfs: overlapping lowerdir path
[ 1996.483385][T18155] Bluetooth: hci0: command 0x0406 tx timeout
[ 1997.293389][T18155] Bluetooth: hci4: unexpected event 0x04 length: 14 > 10
[ 1999.449043][T18155] Bluetooth: hci4: command 0x0406 tx timeout
[ 1999.516893][T21349] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1999.936653][T21334] block nbd0: shutting down sockets
[ 2000.181983][T21371] overlayfs: overlapping lowerdir path
[ 2000.763667][T21380] overlayfs: overlapping lowerdir path
[ 2002.514880][T21403] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(7)
[ 2002.521435][T21403] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 2002.582801][T18155] Bluetooth: hci0: unexpected event 0x04 length: 14 > 10
[ 2002.869548][T21414] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 2003.095156][T21403] vhci_hcd vhci_hcd.0: Device attached
[ 2003.888396][T21386] 9pnet_virtio: no channels available for device 
[ 2003.979074][T18155] Bluetooth: hci0: unexpected event 0x04 length: 14 > 10
[ 2004.063338][ T5277] usb 11-1: new high-speed USB device number 7 using vhci_hcd
[ 2004.294821][T21420] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 2004.663307][T18155] Bluetooth: hci0: command 0x0406 tx timeout
[ 2005.451115][T18155] Bluetooth: hci0: unexpected event 0x04 length: 14 > 10
[ 2005.711315][T21426] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 2006.733398][T18155] Bluetooth: hci0: command 0x0406 tx timeout
[ 2006.812726][T21407] vhci_hcd: connection reset by peer
[ 2006.818556][ T5669] vhci_hcd: stop threads
[ 2006.823080][ T5669] vhci_hcd: release socket
[ 2006.828355][ T5669] vhci_hcd: disconnect device
[ 2007.303327][T18155] Bluetooth: hci2: unexpected event 0x04 length: 14 > 10
[ 2007.382841][T21437] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=32792 sclass=netlink_route_socket pid=21437 comm=syz.3.3133
[ 2007.428968][T21440] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 2007.451189][T18155] Bluetooth: hci4: unexpected event 0x04 length: 14 > 10
[ 2007.824764][T21442] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 2008.700510][T18155] Bluetooth: hci4: unexpected event 0x04 length: 14 > 10
[ 2009.010053][T21447] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 2009.110049][T18155] Bluetooth: hci0: command 0x0406 tx timeout
[ 2009.790641][T18155] Bluetooth: hci2: command 0x0406 tx timeout
[ 2009.796889][T18155] Bluetooth: hci4: command 0x0406 tx timeout
[ 2009.974770][T21431] block nbd3: shutting down sockets
[ 2009.998581][T21430] 9pnet_virtio: no channels available for device 
[ 2010.522041][ T5277] vhci_hcd: vhci_device speed not set
[ 2011.843279][T21448] Bluetooth: hci4: command 0x0406 tx timeout
[ 2012.770775][T21484] overlayfs: overlapping lowerdir path
[ 2013.335657][T21493] netlink: 'syz.0.3145': attribute type 4 has an invalid length.
[ 2013.457967][T21493] netlink: 'syz.0.3145': attribute type 4 has an invalid length.
[ 2013.507870][T21492] futex_wake_op: syz.1.3146 tries to shift op by -1; fix this program
[ 2014.379962][T21503] overlayfs: overlapping lowerdir path
[ 2014.420612][T21448] Bluetooth: hci2: unexpected event 0x04 length: 14 > 10
[ 2016.208904][T21512] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 2016.427318][T21448] Bluetooth: hci4: unexpected event 0x04 length: 14 > 10
[ 2016.483359][T21448] Bluetooth: hci2: command 0x0406 tx timeout
[ 2016.717829][T21519] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 2017.804375][T21531] netlink: 'syz.2.3155': attribute type 4 has an invalid length.
[ 2017.824913][T21531] netlink: 'syz.2.3155': attribute type 4 has an invalid length.
[ 2018.023031][T21520] block nbd0: shutting down sockets
[ 2018.483551][T21448] Bluetooth: hci4: command 0x0406 tx timeout
[ 2018.523390][T21542] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(7)
[ 2018.529936][T21542] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 2018.573600][T21542] vhci_hcd vhci_hcd.0: Device attached
[ 2018.591188][T21545] futex_wake_op: syz.2.3157 tries to shift op by -1; fix this program
[ 2018.853421][ T5277] usb 17-1: new high-speed USB device number 14 using vhci_hcd
[ 2019.092116][T21547] vhci_hcd: connection closed
[ 2019.092528][T10007] vhci_hcd: stop threads
[ 2019.181935][T10007] vhci_hcd: release socket
[ 2019.298269][T10007] vhci_hcd: disconnect device
[ 2019.609815][T21448] Bluetooth: hci5: unexpected event 0x04 length: 14 > 10
[ 2019.866433][T21560] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 2021.119883][T21562] netlink: 'syz.1.3162': attribute type 4 has an invalid length.
[ 2021.179741][T21563] netlink: 'syz.1.3162': attribute type 4 has an invalid length.
[ 2021.204766][T21448] Bluetooth: hci0: unexpected event 0x04 length: 14 > 10
[ 2021.481493][T21577] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 2021.683310][T21448] Bluetooth: hci5: command 0x0406 tx timeout
[ 2022.533396][T21579] netlink: 52 bytes leftover after parsing attributes in process `syz.3.3166'.
[ 2022.543204][T21581] overlayfs: overlapping lowerdir path
[ 2022.548943][T21571] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7)
[ 2022.555478][T21571] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[ 2022.571169][T21571] vhci_hcd vhci_hcd.0: Device attached
[ 2022.883573][ T5308] usb 9-1: new high-speed USB device number 7 using vhci_hcd
[ 2022.894285][T21448] Bluetooth: hci4: unexpected event 0x04 length: 14 > 10
[ 2023.159050][T21591] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 2023.283233][T21448] Bluetooth: hci0: command 0x0406 tx timeout
[ 2024.108012][T21582] vhci_hcd: connection reset by peer
[ 2024.144224][T10007] vhci_hcd: stop threads
[ 2024.154123][ T5277] vhci_hcd: vhci_device speed not set
[ 2024.168355][T10007] vhci_hcd: release socket
[ 2024.179085][T10007] vhci_hcd: disconnect device
[ 2024.270865][T21587] 9pnet_virtio: no channels available for device 
[ 2024.963531][T21448] Bluetooth: hci4: command 0x0406 tx timeout
[ 2025.353431][ T5274] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[ 2025.383467][    T8] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[ 2025.585838][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2025.603267][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2025.619209][    T8] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[ 2025.628632][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2025.659403][    T8] usb 4-1: config 0 descriptor??
[ 2025.728724][ T5274] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 2025.743220][ T5274] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2025.809102][ T5274] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 2025.862491][ T5274] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2025.900964][ T5274] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 2025.924062][ T5274] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 2025.932164][ T5274] usb 2-1: Product: syz
[ 2025.947333][ T5274] usb 2-1: Manufacturer: syz
[ 2025.971502][ T5274] cdc_wdm 2-1:1.0: skipping garbage
[ 2025.981591][ T5274] cdc_wdm 2-1:1.0: skipping garbage
[ 2026.011580][ T5274] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[ 2026.030773][ T5274] cdc_wdm 2-1:1.0: Unknown control protocol
[ 2026.115406][    T8] hid-steam 0003:28DE:1142.0007: unknown main item tag 0x0
[ 2026.130484][    T8] hid-steam 0003:28DE:1142.0007: unknown main item tag 0x0
[ 2026.166185][    T8] hid-steam 0003:28DE:1142.0007: unknown main item tag 0x0
[ 2026.195547][    T8] hid-steam 0003:28DE:1142.0007: unknown main item tag 0x0
[ 2026.230340][    T8] hid-steam 0003:28DE:1142.0007: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[ 2026.293903][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 2026.300769][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 2026.307071][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 2026.313682][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 2026.319969][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 2026.326577][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 2026.332910][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 2026.339522][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 2026.345812][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 2026.352418][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 2026.358728][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 2026.365337][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 2026.371697][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 2026.378306][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 2026.384592][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 2026.391205][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 2026.397489][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 2026.404099][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 2026.410370][    C1] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[ 2026.416986][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[ 2026.443746][ T5277] usb 4-1: USB disconnect, device number 16
[ 2026.465484][    T8] usb 2-1: USB disconnect, device number 26
[ 2026.465657][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[ 2027.015934][T21638] ptrace attach of "./syz-executor exec"[14324] was attempted by "./syz-executor exec"[21638]
[ 2027.343536][T20290] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[ 2027.736615][T21655] ------------[ cut here ]------------
[ 2027.743086][T21655] WARNING: CPU: 1 PID: 21655 at include/linux/rwsem.h:195 follow_pte+0x414/0x4c0
[ 2027.752269][T21655] Modules linked in:
[ 2027.756201][T21655] CPU: 1 UID: 0 PID: 21655 Comm: syz.2.3190 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[ 2027.767012][T21655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 2027.777131][T21655] RIP: 0010:follow_pte+0x414/0x4c0
[ 2027.782246][T21655] Code: bf 98 01 00 00 be ff ff ff ff e8 a7 d8 44 09 31 ff 41 89 c4 89 c6 e8 9b cd b9 ff 45 85 e4 0f 85 80 fc ff ff e8 4d cb b9 ff 90 <0f> 0b 90 e9 72 fc ff ff e8 3f cb b9 ff 90 0f 0b 48 c7 c7 58 76 14
[ 2027.804143][T21655] RSP: 0018:ffffc90004e874d0 EFLAGS: 00010283
[ 2027.810227][T21655] RAX: 0000000000012967 RBX: 00007f45503cc000 RCX: ffffc9000a64a000
[ 2027.818243][T21655] RDX: 0000000000040000 RSI: ffffffff81d1f503 RDI: 0000000000000005
[ 2027.826228][T21655] RBP: ffff88802e61e4d8 R08: 0000000000000005 R09: 0000000000000000
[ 2027.834241][T21655] R10: 0000000000000000 R11: 000000000000021c R12: 0000000000000000
[ 2027.842234][T21655] R13: ffffc90004e87530 R14: ffffc90004e87550 R15: ffff88807cadc280
[ 2027.850246][T21655] FS:  00007f8fd72ef6c0(0000) GS:ffff8880b8900000(0000) knlGS:0000000000000000
[ 2027.859492][T21655] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2027.866096][T21655] CR2: 00000000200ef000 CR3: 0000000025be0000 CR4: 00000000003506f0
[ 2027.874102][T21655] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 2027.882065][T21655] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 2027.891241][T21655] Call Trace:
[ 2027.895269][T21655]  <TASK>
[ 2027.898200][T21655]  ? show_regs+0x8c/0xa0
[ 2027.902447][T21655]  ? __warn+0xe5/0x3c0
[ 2027.906634][T21655]  ? follow_pte+0x414/0x4c0
[ 2027.911253][T21655]  ? report_bug+0x3c0/0x580
[ 2027.915848][T21655]  ? handle_bug+0x3d/0x70
[ 2027.920192][T21655]  ? exc_invalid_op+0x17/0x50
[ 2027.924898][T21655]  ? asm_exc_invalid_op+0x1a/0x20
[ 2027.930011][T21655]  ? follow_pte+0x413/0x4c0
[ 2027.934611][T21655]  ? follow_pte+0x414/0x4c0
[ 2027.939127][T21655]  get_pat_info+0xf2/0x510
[ 2027.943560][T21655]  ? __pfx_get_pat_info+0x10/0x10
[ 2027.948598][T21655]  untrack_pfn+0xf7/0x4d0
[ 2027.952921][T21655]  ? __pfx_untrack_pfn+0x10/0x10
[ 2027.958093][T21655]  ? zap_page_range_single+0x307/0x560
[ 2027.963585][T21655]  ? __pfx_lock_release+0x10/0x10
[ 2027.968611][T21655]  ? uprobe_munmap+0x20/0x5d0
[ 2027.973328][T21655]  unmap_single_vma+0x1bd/0x2b0
[ 2027.978185][T21655]  zap_page_range_single+0x326/0x560
[ 2027.983630][T21655]  ? __pfx_zap_page_range_single+0x10/0x10
[ 2027.989445][T21655]  ? __pfx___might_resched+0x10/0x10
[ 2027.995752][T21655]  ? vma_interval_tree_subtree_search+0x14d/0x1b0
[ 2028.002176][T21655]  unmap_mapping_range+0x1ee/0x280
[ 2028.008236][T21655]  ? __pfx_unmap_mapping_range+0x10/0x10
[ 2028.014035][T21655]  ? inode_newsize_ok+0x13b/0x200
[ 2028.019087][T21655]  truncate_pagecache+0x53/0x90
[ 2028.023963][T21655]  simple_setattr+0xf2/0x120
[ 2028.028555][T21655]  notify_change+0xf41/0x1230
[ 2028.033270][T21655]  do_truncate+0x15c/0x220
[ 2028.037692][T21655]  ? __pfx_do_truncate+0x10/0x10
[ 2028.042639][T21655]  path_openat+0x27a8/0x2d20
[ 2028.047255][T21655]  ? __pfx_path_openat+0x10/0x10
[ 2028.052190][T21655]  ? __pfx___lock_acquire+0x10/0x10
[ 2028.057422][T21655]  ? find_held_lock+0x2d/0x110
[ 2028.062202][T21655]  do_filp_open+0x1dc/0x430
[ 2028.066738][T21655]  ? __pfx_do_filp_open+0x10/0x10
[ 2028.071757][T21655]  ? find_held_lock+0x2d/0x110
[ 2028.076627][T21655]  ? _raw_spin_unlock+0x28/0x50
[ 2028.081507][T21655]  ? alloc_fd+0x2d7/0x6c0
[ 2028.085855][T21655]  do_sys_openat2+0x17a/0x1e0
[ 2028.090533][T21655]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2028.096691][T21655]  __x64_sys_openat+0x175/0x210
[ 2028.101549][T21655]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2028.107772][T21655]  do_syscall_64+0xcd/0x250
[ 2028.112291][T21655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2028.118213][T21655] RIP: 0033:0x7f8fd657cef9
[ 2028.122625][T21655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2028.142267][T21655] RSP: 002b:00007f8fd72ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2028.150720][T21655] RAX: ffffffffffffffda RBX: 00007f8fd6736058 RCX: 00007f8fd657cef9
[ 2028.158711][T21655] RDX: 0000000000000300 RSI: 0000000020000080 RDI: ffffffffffffff9c
[ 2028.166709][T21655] RBP: 00007f8fd65ef01e R08: 0000000000000000 R09: 0000000000000000
[ 2028.174703][T21655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2028.182681][T21655] R13: 0000000000000000 R14: 00007f8fd6736058 R15: 00007ffce1d04a78
[ 2028.190699][T21655]  </TASK>
[ 2028.193847][T21655] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 2028.201116][T21655] CPU: 1 UID: 0 PID: 21655 Comm: syz.2.3190 Not tainted 6.11.0-rc6-syzkaller-00026-g88fac17500f4 #0
[ 2028.211862][T21655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 2028.221931][T21655] Call Trace:
[ 2028.225231][T21655]  <TASK>
[ 2028.228177][T21655]  dump_stack_lvl+0x3d/0x1f0
[ 2028.232785][T21655]  panic+0x6dc/0x7c0
[ 2028.236680][T21655]  ? __pfx_panic+0x10/0x10
[ 2028.241087][T21655]  ? show_trace_log_lvl+0x363/0x500
[ 2028.246290][T21655]  ? follow_pte+0x414/0x4c0
[ 2028.250789][T21655]  check_panic_on_warn+0xab/0xb0
[ 2028.255720][T21655]  __warn+0xf1/0x3c0
[ 2028.259605][T21655]  ? follow_pte+0x414/0x4c0
[ 2028.264120][T21655]  report_bug+0x3c0/0x580
[ 2028.268440][T21655]  handle_bug+0x3d/0x70
[ 2028.272586][T21655]  exc_invalid_op+0x17/0x50
[ 2028.277091][T21655]  asm_exc_invalid_op+0x1a/0x20
[ 2028.281930][T21655] RIP: 0010:follow_pte+0x414/0x4c0
[ 2028.287034][T21655] Code: bf 98 01 00 00 be ff ff ff ff e8 a7 d8 44 09 31 ff 41 89 c4 89 c6 e8 9b cd b9 ff 45 85 e4 0f 85 80 fc ff ff e8 4d cb b9 ff 90 <0f> 0b 90 e9 72 fc ff ff e8 3f cb b9 ff 90 0f 0b 48 c7 c7 58 76 14
[ 2028.306631][T21655] RSP: 0018:ffffc90004e874d0 EFLAGS: 00010283
[ 2028.312684][T21655] RAX: 0000000000012967 RBX: 00007f45503cc000 RCX: ffffc9000a64a000
[ 2028.320639][T21655] RDX: 0000000000040000 RSI: ffffffff81d1f503 RDI: 0000000000000005
[ 2028.328597][T21655] RBP: ffff88802e61e4d8 R08: 0000000000000005 R09: 0000000000000000
[ 2028.336553][T21655] R10: 0000000000000000 R11: 000000000000021c R12: 0000000000000000
[ 2028.344511][T21655] R13: ffffc90004e87530 R14: ffffc90004e87550 R15: ffff88807cadc280
[ 2028.352474][T21655]  ? follow_pte+0x413/0x4c0
[ 2028.356981][T21655]  get_pat_info+0xf2/0x510
[ 2028.361385][T21655]  ? __pfx_get_pat_info+0x10/0x10
[ 2028.366405][T21655]  untrack_pfn+0xf7/0x4d0
[ 2028.370724][T21655]  ? __pfx_untrack_pfn+0x10/0x10
[ 2028.375649][T21655]  ? zap_page_range_single+0x307/0x560
[ 2028.381115][T21655]  ? __pfx_lock_release+0x10/0x10
[ 2028.386131][T21655]  ? uprobe_munmap+0x20/0x5d0
[ 2028.390799][T21655]  unmap_single_vma+0x1bd/0x2b0
[ 2028.395666][T21655]  zap_page_range_single+0x326/0x560
[ 2028.400961][T21655]  ? __pfx_zap_page_range_single+0x10/0x10
[ 2028.406794][T21655]  ? __pfx___might_resched+0x10/0x10
[ 2028.412092][T21655]  ? vma_interval_tree_subtree_search+0x14d/0x1b0
[ 2028.418502][T21655]  unmap_mapping_range+0x1ee/0x280
[ 2028.423611][T21655]  ? __pfx_unmap_mapping_range+0x10/0x10
[ 2028.429236][T21655]  ? inode_newsize_ok+0x13b/0x200
[ 2028.434256][T21655]  truncate_pagecache+0x53/0x90
[ 2028.439103][T21655]  simple_setattr+0xf2/0x120
[ 2028.443684][T21655]  notify_change+0xf41/0x1230
[ 2028.448359][T21655]  do_truncate+0x15c/0x220
[ 2028.452761][T21655]  ? __pfx_do_truncate+0x10/0x10
[ 2028.457698][T21655]  path_openat+0x27a8/0x2d20
[ 2028.462292][T21655]  ? __pfx_path_openat+0x10/0x10
[ 2028.467239][T21655]  ? __pfx___lock_acquire+0x10/0x10
[ 2028.472439][T21655]  ? find_held_lock+0x2d/0x110
[ 2028.477194][T21655]  do_filp_open+0x1dc/0x430
[ 2028.481686][T21655]  ? __pfx_do_filp_open+0x10/0x10
[ 2028.486697][T21655]  ? find_held_lock+0x2d/0x110
[ 2028.491467][T21655]  ? _raw_spin_unlock+0x28/0x50
[ 2028.496306][T21655]  ? alloc_fd+0x2d7/0x6c0
[ 2028.500625][T21655]  do_sys_openat2+0x17a/0x1e0
[ 2028.505301][T21655]  ? __pfx_do_sys_openat2+0x10/0x10
[ 2028.510502][T21655]  __x64_sys_openat+0x175/0x210
[ 2028.515366][T21655]  ? __pfx___x64_sys_openat+0x10/0x10
[ 2028.520738][T21655]  do_syscall_64+0xcd/0x250
[ 2028.525238][T21655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2028.531119][T21655] RIP: 0033:0x7f8fd657cef9
[ 2028.535518][T21655] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2028.555111][T21655] RSP: 002b:00007f8fd72ef038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 2028.563511][T21655] RAX: ffffffffffffffda RBX: 00007f8fd6736058 RCX: 00007f8fd657cef9
[ 2028.571490][T21655] RDX: 0000000000000300 RSI: 0000000020000080 RDI: ffffffffffffff9c
[ 2028.579510][T21655] RBP: 00007f8fd65ef01e R08: 0000000000000000 R09: 0000000000000000
[ 2028.587465][T21655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 2028.595422][T21655] R13: 0000000000000000 R14: 00007f8fd6736058 R15: 00007ffce1d04a78
[ 2028.603390][T21655]  </TASK>
[ 2028.606695][T21655] Kernel Offset: disabled
[ 2028.611515][T21655] Rebooting in 86400 seconds..