last executing test programs:

17m3.52487769s ago: executing program 1 (id=10630):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f0000000d40)={0x6, {{0x2, 0x4e20, @multicast1=0xe0000002}}, 0x1, 0x1, [{{0x2, 0x4e21, @loopback}}]}, 0x110)

17m3.403742381s ago: executing program 1 (id=10633):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000), 0x4)
sendto$inet6(r0, 0x0, 0xf00, 0x0, &(0x7f0000000540)={0xa, 0x4e24, 0x10, @mcast2}, 0x1c)

17m3.088230831s ago: executing program 1 (id=10640):
unshare(0x6040600)
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x801e, 0xfffffffe, @remote}, 0x1c)

17m2.955903607s ago: executing program 1 (id=10645):
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
mount$9p_unix(&(0x7f00000000c0)='./file0/file0/..\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x12d7498, 0x0)
umount2(&(0x7f0000000340)='./file0\x00', 0x1)

17m2.823904367s ago: executing program 1 (id=10648):
r0 = landlock_create_ruleset(&(0x7f0000000000)={0xe249, 0x0, 0x1}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x4)

17m2.111540606s ago: executing program 1 (id=10662):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$dsp(r0, &(0x7f00000011c0)=""/4117, 0x200021d5)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000100)=0xef1)

17m1.862358941s ago: executing program 32 (id=10662):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$dsp(r0, &(0x7f00000011c0)=""/4117, 0x200021d5)
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000100)=0xef1)

16m21.895897304s ago: executing program 3 (id=11392):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="11000000040000000400000002"], 0x50)
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00')
read$eventfd(r0, &(0x7f0000000100), 0xfffffd79)

16m21.779502966s ago: executing program 3 (id=11397):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x25, &(0x7f0000001480)={0x0, 0x0, 0xfffffffe, 0x2})
fcntl$lock(r0, 0x24, &(0x7f0000000140)={0x2, 0x1, 0xd63e, 0x2})

16m21.58937881s ago: executing program 3 (id=11401):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x8850)
sendmsg$NFT_BATCH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xd}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0x16}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x78}}, 0x0)

16m21.291612135s ago: executing program 3 (id=11408):
unshare(0x400)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1f, 0x10, &(0x7f00000010c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x6}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x6d}}]}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x11}, 0x94)

16m21.095570662s ago: executing program 3 (id=11411):
r0 = open(&(0x7f0000000300)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)

16m20.824664698s ago: executing program 3 (id=11416):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a28000000000a01080000000000000000028a550908000240000000020900010073797a310000000040000000030a01040000000000000000020000060900010073797a31000000000900030073797a3000000000140004800800014000000003080002400f130cd514000000110001"], 0x90}, 0x1, 0x0, 0x0, 0x24000144}, 0x2000)
close(r0)

16m4.660990305s ago: executing program 33 (id=11416):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a28000000000a01080000000000000000028a550908000240000000020900010073797a310000000040000000030a01040000000000000000020000060900010073797a31000000000900030073797a3000000000140004800800014000000003080002400f130cd514000000110001"], 0x90}, 0x1, 0x0, 0x0, 0x24000144}, 0x2000)
close(r0)

10m21.675873441s ago: executing program 4 (id=16990):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={<r1=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x7a, &(0x7f0000000340)={<r2=>r1, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000840)={r2, 0x2, 0x1, 'a'}, 0x9)

10m21.503914121s ago: executing program 4 (id=16993):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/rpc\x00')
fchdir(r0)
r1 = landlock_create_ruleset(&(0x7f00000000c0)={0x8152}, 0x18, 0x0)
landlock_restrict_self(r1, 0x0)
creat(&(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x116)

10m21.275402666s ago: executing program 4 (id=16998):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000000000000850000008600000018010000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000003000000b70400000200000085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

10m21.015992847s ago: executing program 4 (id=17002):
mkdirat(0xffffffffffffff9c, &(0x7f00000010c0)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f00000002c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000280)='.\x00', 0x0, 0x109f087, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
getpid()

10m20.825122624s ago: executing program 4 (id=17007):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000000)=0x13)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000000c0))
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000040)={0xfffffff8, 0xffffffff, 0xfffbfffd, 0x8, 0x0, "0c41920887e8d2b791f805000000000000006b", 0x0, 0x203})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000080)=0x8)

10m19.238138931s ago: executing program 4 (id=17025):
r0 = socket(0x1, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, r1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001940)={<r2=>0xffffffffffffffff})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000005a40)={'sit0\x00', &(0x7f00000059c0)={'sit0\x00', 0x0, 0x7800, 0x40, 0x6, 0x9, {{0x5, 0x4, 0x1, 0x9, 0x14, 0x66, 0x0, 0x1, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}}}})

10m18.489472848s ago: executing program 34 (id=17025):
r0 = socket(0x1, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, r1, r1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001940)={<r2=>0xffffffffffffffff})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r2, 0x89f2, &(0x7f0000005a40)={'sit0\x00', &(0x7f00000059c0)={'sit0\x00', 0x0, 0x7800, 0x40, 0x6, 0x9, {{0x5, 0x4, 0x1, 0x9, 0x14, 0x66, 0x0, 0x1, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}}}})

8m23.181374799s ago: executing program 7 (id=18855):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1200"], 0x50)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="120000000b0000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r0}, 0x20)
ioctl$DRM_IOCTL_DROP_MASTER(0xffffffffffffffff, 0x641f)
ioctl$SG_EMULATED_HOST(0xffffffffffffffff, 0x2203, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000100)={r2, &(0x7f00000000c0), 0x0}, 0x20)

8m22.904701645s ago: executing program 7 (id=18860):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
unshare(0x22020600)
fsopen(&(0x7f0000000040)='cgroup2\x00', 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ff9000/0x5000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0x1f400, 0x8, 0xc1})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1600000004"], 0x50)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

8m22.701367951s ago: executing program 7 (id=18863):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000040)=0x4, 0x4)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000180)=0x1f5, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

8m21.659372017s ago: executing program 7 (id=18881):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x8b101e, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/../file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x18d883, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x89801)
mount$9p_rdma(0x0, &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x20000, 0x0)

8m21.22350099s ago: executing program 7 (id=18888):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
r1 = epoll_create1(0x80000)
write$binfmt_aout(r0, &(0x7f00000003c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)={0x0, 0x7, 0x41, 0x0, 0x83, "00000000000000000000ffff00"})
r2 = syz_open_pts(r0, 0x0)
r3 = dup3(r2, r0, 0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000000)={0x80000001})
ioctl$TCSETSF(r2, 0x5404, &(0x7f0000001800)={0x4, 0x4, 0x6, 0x5, 0x1b, "3e53300da5b1523053a727c900"})

8m19.899111815s ago: executing program 7 (id=18910):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
clock_nanosleep(0x9, 0x1, &(0x7f0000000080)={0x77359400}, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
write$vga_arbiter(0xffffffffffffffff, 0x0, 0x9)

8m19.33456374s ago: executing program 35 (id=18910):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
clock_nanosleep(0x9, 0x1, &(0x7f0000000080)={0x77359400}, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
write$vga_arbiter(0xffffffffffffffff, 0x0, 0x9)

33.37462488s ago: executing program 0 (id=25476):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0x0, 0xac14140c}, 0xff000000}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000140)="8bcd", 0xffe3}], 0x1, 0x0, 0x0, 0x900}, 0x60)

31.91988066s ago: executing program 0 (id=25480):
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
openat$fb0(0xffffff9c, &(0x7f0000000000), 0x10800, 0x0)
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsmount(r0, 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x100, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_CREATE_PIT2(r2, 0x4040ae77, &(0x7f0000000180)={0x1})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="0f01cb650f7410262e66f36d0f330f09660f3a0cb90000a6752066b9800000c00f326635004000000f300f01d7ba4100ed", 0x31}], 0x1, 0x4498bda7e2139f37, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x3, 0x40, 0x40, 0x0, 0x10001, 0x2004cc, 0x0, 0xfffffffffffffffe, 0x3, 0x0, 0x2, 0x0, 0x3, 0x6, 0x1], 0x200000, 0x200650})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

27.974889059s ago: executing program 0 (id=25496):
r0 = socket$inet6(0xa, 0x80001, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0xe1}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000040)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2000000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000440)={0x100000001, {{0xa, 0x0, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000000240)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x4e21, 0x0, @empty, 0x8}}}, 0x108)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000380)=ANY=[@ANYBLOB="01000000000000000a00000000000000ff01000000000000000000000000000100"/129], 0x190)

25.586713034s ago: executing program 0 (id=25501):
sendmsg$IPVS_CMD_NEW_DEST(0xffffffffffffffff, 0x0, 0xe1)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r0, 0x0, 0x0)
sendmmsg$inet(r0, 0x0, 0x0, 0x20008000)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002080)=0x3a, 0x23b)
shutdown(r0, 0x1)
socket$inet_sctp(0x2, 0x5, 0x84)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6)

20.324079882s ago: executing program 0 (id=25528):
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = landlock_create_ruleset(&(0x7f0000000040)={0x123}, 0x10, 0x0)
landlock_restrict_self(r3, 0x0)
syz_open_procfs(0x0, &(0x7f0000000100)='fdinfo/3\x00')
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)

18.795699259s ago: executing program 0 (id=25532):
r0 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000340)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x3, 0x0, 0x7, 0xfa11, 0xffffffff}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$tipc(0x1e, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000480)={'veth1_virt_wifi\x00'})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@getchain={0x2c, 0x11, 0x43d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xc, 0xfff3}}, [{0x8, 0xb, 0x778}]}, 0x2c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)

8.095405951s ago: executing program 5 (id=25635):
openat$tun(0xffffffffffffff9c, 0x0, 0xa2f01, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x4000000)
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
getsockopt$inet6_mptcp_buf(0xffffffffffffffff, 0x11c, 0x4, &(0x7f0000001440)=""/40, 0x0)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$DRM_IOCTL_MODE_GETCRTC(r1, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, r2, <r4=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r1, 0xc06864ce, &(0x7f0000000440)={r4, 0x0, 0x0, 0xceb0, 0x0, [<r5=>0x0], [], [0x8, 0x1]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r5, 0x0, <r6=>0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r6})

7.966777626s ago: executing program 5 (id=25638):
syz_io_uring_setup(0x10d, 0x0, &(0x7f0000000340)=<r0=>0x0, 0x0, &(0x7f0000000000))
mlock(&(0x7f0000ffc000/0x2000)=nil, 0x2000)
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x0, 0x0)
faccessat2(0xffffffffffffff9c, 0x0, 0x7, 0x0)
syz_io_uring_submit(r0, 0x0, 0x0, &(0x7f0000000000))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_emit_ethernet(0x7d, &(0x7f00000000c0)={@broadcast, @broadcast, @void, {@ipv6={0x86dd, @gre_packet={0x1, 0x6, "a70002", 0x47, 0x2f, 0x0, @remote, @local, {[], {{0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x1, 0x88be, 0x0, 0x2}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9900, [], "0080d5"}, {}, {0x8, 0x88be, 0x3, {{0xc, 0x1, 0x8, 0x1, 0x1, 0x0, 0x4, 0x14}, 0x1, {0x7b40}}}, {0x8, 0x22eb, 0x2, {{0x3, 0x2, 0x2, 0x3, 0x0, 0x0, 0x1, 0x9}, 0x2, {0x80000003, 0xeb, 0x0, 0xd, 0x1, 0x1, 0x1, 0x1, 0x1}}}, {0x8, 0x6558, 0x4}}}}}}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_clone(0xb44040, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
ioctl$KVM_CAP_SPLIT_IRQCHIP(0xffffffffffffffff, 0x4068aea3, &(0x7f0000000140)={0x79, 0x0, 0xddf})
r4 = dup(r3)
ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f0000000240)={0x3, 0x2c5, 0x4, 0x7, 0x4, 0x6})
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000040)=@x86={0x0, 0x9, 0xc, 0x0, 0x6, 0x1, 0x86, 0x2, 0xe7, 0x0, 0x2, 0x4, 0x0, 0x7, 0x4, 0x7, 0x5, 0xff, 0x3b, '\x00', 0x8, 0x7ffffffffffffffe})
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

7.753276465s ago: executing program 8 (id=25641):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = fsopen(&(0x7f0000000040)='fuseblk\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, 0x0, &(0x7f0000000400)='(!\xef(.(\\-]\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, 0x0, &(0x7f0000000ac0)='fuseblk\x00M\x13k\x92#\x05z)\xe0c\\35\xdf%\xa3\xac!zoO\xf8\xcex\xb3\f\xad@\x853o\x0f0\x1a\xc0\"\xf7\x11Z\x01\xc1\xd9\x9fbJ7\xd1\xad\xe1\xed\x87\xae\x11-s\xb4\xbd\x1e\x9a\xd7\xc1crt\x88%\x92\x8fL\x8d\xb3-\xb60O \xc5\xd1q\xcc\x97\xe0\xe8\xb0\n\v\xa9V\xfa\xeb\x1e|M\x98W\x81\xa2@{_\xba^\xa2\x82k\x10G\xfc\xd4\x99Pl\xfa\xe8\x7f\xc9 h\xd0\xfd\x04\x95\x8c\xb1\xe7', 0x0)
setsockopt(0xffffffffffffffff, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00', 0x4)

6.47685083s ago: executing program 8 (id=25646):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xa, 0x31, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x79})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xffffffffffffff2c}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r2 = io_uring_setup(0x64a, &(0x7f0000000040)={0x0, 0x8835c, 0xc000, 0x20000a, 0x33c})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x8, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1}, {0x3}, {0xe, 0xe}}}, 0x24}, 0x1, 0x0, 0x0, 0x40005}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r2, 0x2219, 0x7721, 0x16, 0x0, 0x0)
syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f00008e5000/0x400000)=nil)

6.388118884s ago: executing program 5 (id=25647):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ieee802154(0x0, r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981)
acct(0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r4, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r4, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600, 0x0, 0x2000]}}], 0xffc8)

4.925084017s ago: executing program 5 (id=25650):
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0), 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x4e24, 0xfffffffe, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, &(0x7f0000000200)=@gcm_256={{0x304}, "b5d4c27c5c778dd0", "5f128fd81908609c81286d4f6a539024ffb7007ed672afb4be7aec5ca3d27dbf", '\x00', "b690a3fabf2cb970"}, 0x38)
write$binfmt_script(r2, &(0x7f0000000a80), 0x4)
getsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x18, 0x0, &(0x7f0000000300))
writev(r2, &(0x7f0000000180), 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r2, 0x6, 0x14, &(0x7f0000000040)=0x1, 0x4)
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000004c0)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x4d9, 0xa04a, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x80, 0x1, "", [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x7ffd, 0x0, 0x1, {0x22, 0xeb}}, {{{0x9, 0x5, 0x81, 0x3, 0x10, 0xfc}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io$hid(r3, &(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x371, {0x9}}}, &(0x7f0000000080)={0xffffffffffffffeb, 0x0, 0x0, 0x0, 0x0, 0x0})
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r2, 0x6, 0x23, 0x0, &(0x7f0000000140))
close_range(r0, 0xffffffffffffffff, 0x0)

4.782898029s ago: executing program 8 (id=25653):
r0 = fsopen(&(0x7f0000000000)='exfat\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000001100)='iocharset', &(0x7f0000001140)='\xe0^@&&}\'\x00', 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x2, 0x1, 0x100)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r5 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
tkill(r5, 0xb)

4.7598851s ago: executing program 6 (id=25654):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x24, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f0000000080)=0x1)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={r2}, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')

4.640017043s ago: executing program 2 (id=25655):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0x3af4701e)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28012, r0, 0x0)
r1 = io_uring_setup(0x46ea, &(0x7f00000000c0)={0x0, 0xc0a6, 0x40, 0x7fc, 0x3e2})
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000300)={0x0, "030000000000000023000000debd12ffff00000004000000001020000400"})
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
recvmmsg(r0, &(0x7f0000004680), 0x0, 0x2020, &(0x7f0000004900)={0x0, 0x989680})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

4.597941315s ago: executing program 6 (id=25656):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f00000006c0)={0x1, &(0x7f0000000500)=[{0x6, 0x43, 0x0, 0x7fff0000}]})
syz_open_dev$sg(&(0x7f0000000080), 0x0, 0x1a3c82)
close_range(r0, 0xffffffffffffffff, 0x0)
syz_emit_ethernet(0x7a, &(0x7f00000000c0)=ANY=[@ANYBLOB="bbbbbbbbbbbbaaaaaaaaaabb86dd60fc104600442f00fc040000000000000000000000000000ff020000000000000000000000000001242088a800000003000008000000000000000000080022eb"], 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000500)=@newqdisc={0x2c, 0x24, 0xd0f, 0xfffffffd, 0xffffffff, {0x60, 0x0, 0x0, 0x0, {0xffff, 0x2}, {0xfff2, 0xe}, {0xfff3, 0xfff2}}, [@TCA_RATE={0x6, 0x5, {0x4, 0x1}}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000050}, 0x2000c8d1)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, 0xffffffffffffffff, 0x4}, 0x38)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x10, &(0x7f0000000500)=ANY=[@ANYBLOB="18020000ff070000000000000300000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
close(r1)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r1, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="000500000020"})
syz_open_dev$evdev(&(0x7f0000000040), 0x0, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x3, 0x2)
r3 = syz_usb_connect$uac1(0x1, 0x0, 0x0, &(0x7f0000000300)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x250, 0x0, 0x4, 0x7f, 0x40, 0x80}, 0x0, 0x0})
syz_usb_control_io$uac1(r3, &(0x7f0000000a00)={0x14, 0x0, &(0x7f00000003c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x1c01}}}, &(0x7f0000000640)={0x44, 0x0, &(0x7f0000000480)={0x0, 0xa, 0x1, 0xff}, &(0x7f00000004c0)={0x0, 0x8, 0x1, 0x9}, &(0x7f0000000500)={0x20, 0x81, 0x2, 'r.'}, &(0x7f0000000540)={0x20, 0x82, 0x1, "91"}, &(0x7f0000000580)={0x20, 0x83, 0x2, "9d26"}, 0x0, &(0x7f0000000600)={0x20, 0x85, 0x3, "043885"}})
syz_usb_connect$midi(0x1, 0x0, 0x0, &(0x7f0000000980)={0xa, &(0x7f0000000740)={0xa, 0x6, 0x300, 0x1, 0x9, 0xdd, 0xff, 0xcf}, 0x36, &(0x7f0000000780)={0x5, 0xf, 0x36, 0x5, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x8, 0x9, 0x1, 0x4}, @wireless={0xb, 0x10, 0x1, 0x4, 0x5, 0x1, 0x5, 0xffff, 0x1}, @ext_cap={0x7, 0x10, 0x2, 0x6, 0x6, 0x1, 0x3}, @ss_cap={0xa, 0x10, 0x3, 0x0, 0xe, 0x5e, 0x42, 0x6}, @wireless={0xb, 0x10, 0x1, 0xc, 0x9, 0xd, 0xd, 0x800, 0x81}]}, 0x3, [{0x8, &(0x7f00000007c0)=@string={0x8, 0x3, "631b1c573ef1"}}, {0xc4, &(0x7f0000000800)=@string={0xc4, 0x3, "32e12a017d1c0072679351d48a7ce14a481824bebfbbd50f1b30ebecce0fbc459b222805f637a263d7ad65fd7ea27d20b389099482ba131a2dd68dffe11f989c7fbfe40ec94341f9c7602bea662f47a348780567349f70e3e924ab6f5c6d76f81cda158891ee9ce6293a79d473aa21781c45185312f4b261828a0f696b24fdc67bc4a7d1fd883bd2f5d88dec0a5e6028ceed8432c18c790b223766e5de5a72ee2d30d28ab571ee44022ea8ff5ec7b7ac746e1789c1910cd0a1fc8a0727bbfc134d5b"}}, {0x4, &(0x7f0000000940)=@lang_id={0x4, 0x3, 0x40a}}]})
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, &(0x7f00000000c0)={0x1, 0x3, 0x1})

4.013496503s ago: executing program 2 (id=25657):
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYBLOB="0b00000073797a31000000ffff00000000000000000000000000000000000000000000000000000000000000000100000000000080"], 0x119)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f0000000000)={0x80, 0x40000105, 0x0, 0x0})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

3.931407887s ago: executing program 6 (id=25658):
socket$inet6(0xa, 0x80002, 0x0)
r0 = socket(0x2, 0x3, 0xff)
socket$nl_xfrm(0x10, 0x3, 0x6)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x19, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x200cc0c5, &(0x7f0000000080)={0xa, 0x4c20, 0x0, @empty, 0x8}, 0x1c)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r4, 0x5609, &(0x7f0000000040)={0x1, 0x7, 0x3})
sendmmsg$inet(r0, &(0x7f0000000ec0)=[{{&(0x7f0000000000)={0x2, 0x4e22, @multicast1}, 0x10, &(0x7f0000000300)=[{&(0x7f0000000040)="281effe935fdca249bd774480a584b135c556eabe1a3f2724200a50e8002a6e5", 0x20}], 0x1, &(0x7f0000000340)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}}}], 0x20}}], 0x1, 0x4800)

3.70487646s ago: executing program 8 (id=25659):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000940))
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = fsopen(&(0x7f0000000100)='debugfs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, 0x0, &(0x7f0000000240)='//\xf2/\x06\b\xa30\\o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas\x9d\x14\xe3\v\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7Gl\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140))
openat$urandom(0xffffffffffffff9c, &(0x7f0000000500), 0x123a00, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$inet_sctp(0x2, 0x5, 0x84)
socket$netlink(0x10, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b7020000b0ffffffbfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d64050000000000650404000100010104040000f1000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0), 0x111, 0x6}}, 0x20)
fanotify_init(0x2, 0x1)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000940), 0x2, 0x0)
r3 = socket$unix(0x1, 0x2, 0x0)
ppoll(&(0x7f0000000300)=[{r3, 0x4236}], 0x1, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x2, 0x4}}, 0x20)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

3.662514173s ago: executing program 5 (id=25660):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
fchdir(r1)
r2 = socket(0x2, 0x805, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x140)
chdir(&(0x7f0000000140)='./bus\x00')
symlink(&(0x7f0000000880)='.\x00', &(0x7f00000008c0)='./file0\x00')
r3 = open(&(0x7f0000000300)='.\x00', 0x20000, 0x0)
mkdirat(r3, &(0x7f0000000340)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
r4 = open(&(0x7f0000000280)='./file0\x00', 0x101c00, 0x0)
renameat2(r4, &(0x7f0000000040)='./file0\x00', r4, &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x2)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e22, @rand_addr=0x64010102}]}, &(0x7f00000007c0)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000400)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000440)=0x1c)

3.523584785s ago: executing program 2 (id=25661):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x0, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @sk_skb}, 0x94)
syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @multicast2}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9cd14c222ee", 0x4b}], 0x1}}], 0x1, 0x20008000)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x4000000000001, 0x0, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4c090}, 0xc000)
prlimit64(0x0, 0xe, 0x0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f0000000000)={0x1, 'veth0_virt_wifi\x00', 0x2000000}, 0x18)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x18fab000)
setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f00000002c0)={0x1, 'ipvlan1\x00', 0x100}, 0x18)

3.523159025s ago: executing program 6 (id=25662):
r0 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r1, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20)
syz_emit_ethernet(0x46, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa1780c206050086dd6018232500102c"], 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000004280)='/proc/zoneinfo\x00', 0x0, 0x0)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000100)={0x6, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000002000000000000000008082295"], &(0x7f00000002c0)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0xffffffffffffff62, &(0x7f0000000000)="ff", 0x0, 0x149c, 0x503, 0x0, 0x0, 0x0, 0x0, 0x2, 0xffff80fe}, 0x48)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'veth1_to_team\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4)
r3 = syz_open_dev$radio(&(0x7f00000000c0), 0x3, 0x2)
ioctl$VIDIOC_G_FREQUENCY(r3, 0xc02c5638, &(0x7f0000000100)={0x0, 0x3, 0x3})
r4 = openat$urandom(0xffffffffffffff9c, &(0x7f000009de40), 0x40000, 0x0)
fremovexattr(r4, &(0x7f0000000340)=ANY=[@ANYBLOB="7573657201000000000000002fe617496d681d1d1468bd1fd4c8d1140e385d32b4f171fb8ce90626b396bb151776318bcafee1d43cf7337e6d5f9c2c939123"])
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r5=>0x0})
r6 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x109301)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r6, 0x8108551b, &(0x7f0000000200)={0x0, 0x2, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34371113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
ioctl$USBDEVFS_SUBMITURB(r6, 0x8038550a, &(0x7f0000000340)=@urb_type_interrupt={0x1, {0x1, 0x1}, 0x7, 0x4, 0x0, 0x0, 0x9, 0x7, 0x0, 0x8, 0x9, 0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=@newtfilter={0x50, 0x2c, 0xf3f, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0xf, 0xfff3}, {}, {0xf, 0x300}}, [@filter_kind_options=@f_flower={{0xb}, {0x20, 0x2, [@TCA_FLOWER_KEY_ETH_DST_MASK={0xa, 0x5, [0xff, 0xff, 0xff, 0xff, 0xff]}, @TCA_FLOWER_KEY_ENC_IPV4_DST_MASK={0x8}, @TCA_FLOWER_KEY_IPV4_DST={0x8, 0xc, @broadcast}]}}]}, 0x50}, 0x1, 0x0, 0x0, 0x20041090}, 0x0)

3.449547332s ago: executing program 8 (id=25663):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/14], 0x50)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xf0667000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, 0x0)
setitimer(0x1, 0x0, 0x0)
getitimer(0x1, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x5, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1804000000000000000000000000000018010000b98bc2c900000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b100000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x40000004}, 0x94)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x8400, 0x0)
ioctl$FS_IOC_SETFLAGS(r3, 0x40186f40, &(0x7f0000000440)=0x1f)
openat$cgroup_ro(r3, 0x0, 0x275a, 0x0)
io_uring_register$IORING_REGISTER_NAPI(0xffffffffffffffff, 0x1b, 0x0, 0x1)
syz_emit_vhci(&(0x7f0000001480)=ANY=[@ANYBLOB="02c9"], 0x11)

3.304528331s ago: executing program 2 (id=25664):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000680)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xab24c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r3, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r3, 0x0, 0xca, &(0x7f00000000c0)={0x4, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r4, 0x0, 0xca, &(0x7f00000000c0)={0x16, 0x4, 0xfc, 0x0, @vifc_lcl_ifindex, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10)

3.304277499s ago: executing program 6 (id=25665):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=@ipv6_newrule={0x1c, 0x1a, 0x1, 0x0, 0x0, {0x81, 0x80, 0x80, 0x0, 0x9, 0x0, 0x0, 0x8}}, 0x1c}}, 0x20004080)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$HIDIOCGUSAGE(0xffffffffffffffff, 0xc018480b, &(0x7f0000000300)={0x3, 0x1, 0x1800, 0x9f78, 0x101, 0xec})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$usbmon(&(0x7f0000000300), 0x7, 0x82c0)

1.816409733s ago: executing program 36 (id=25532):
r0 = socket$kcm(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000340)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x3, 0x0, 0x7, 0xfa11, 0xffffffff}, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$packet_add_memb(0xffffffffffffffff, 0x107, 0x1, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
r3 = socket$tipc(0x1e, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000480)={'veth1_virt_wifi\x00'})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'veth0_vlan\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@getchain={0x2c, 0x11, 0x43d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xc, 0xfff3}}, [{0x8, 0xb, 0x778}]}, 0x2c}}, 0x0)
socket$netlink(0x10, 0x3, 0x0)

1.767395396s ago: executing program 8 (id=25667):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = signalfd(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r4, &(0x7f0000001b40)={'syz0\x00', {0x0, 0x0, 0x0, 0x2}, 0x0, [0x39, 0x3, 0x4000401, 0x8, 0xe, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x4, 0x9, 0x0, 0x0, 0x0, 0x3, 0x0, 0x2a, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x4, 0x0, 0x0, 0x0, 0x0, 0xf5b1, 0xfffffffd, 0x10000000, 0x99, 0x20000000, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x5, 0xfffffff6, 0x0, 0x8, 0x800000, 0x0, 0x0, 0x4, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0x1], [0x3, 0xfffff41a, 0x0, 0x0, 0x4, 0x20000, 0x2000000, 0xedc0, 0x0, 0x5ee, 0x5, 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0xa0000000, 0x0, 0x8, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x1, 0x0, 0xfffffff8, 0x2, 0x0, 0x2, 0x400, 0x0, 0x0, 0x8, 0x40000, 0x0, 0xc0800000, 0x100, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x5, 0x4, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0xfffffffc, 0x1, 0xfffffffe, 0xfffff986], [0x0, 0x7f, 0x0, 0x0, 0x3, 0x80, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x68, 0x0, 0x0, 0x0, 0x2, 0xfffffffc, 0x0, 0x0, 0xfffffffd, 0x2, 0xffffffff, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x4000, 0x6, 0x0, 0x0, 0x200, 0x2, 0x6, 0x80000000, 0x2, 0x47fff, 0x0, 0x0, 0x0, 0x3, 0x0, 0xf, 0x3, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x4, 0xf88], [0xfffffffe, 0x0, 0x4, 0x0, 0xfffefffe, 0x0, 0xfffffffe, 0x4, 0xfffffffc, 0x0, 0x0, 0x3, 0xfffffffc, 0x4, 0x803, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffff, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x10, 0x5, 0xfffffffe, 0x3, 0x0, 0x4, 0x8001, 0x80, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0xea, 0x0, 0x0, 0x0, 0x8000000, 0x4, 0xffffffff, 0x0, 0x0, 0xffffe]}, 0x45c)
ioctl$UI_SET_EVBIT(r4, 0x40045564, 0x5)
ioctl$UI_DEV_CREATE(r4, 0x5501)
close(r3)
r5 = inotify_init1(0x800)
fcntl$setstatus(r3, 0x4, 0x2c00)
inotify_add_watch(r5, &(0x7f0000000180)='./control\x00', 0xa4000960)

1.734517199s ago: executing program 5 (id=25668):
openat$dsp(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, 0x0, 0x40824)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0x8031, 0xffffffffffffffff, 0x3d6d9000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfff}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
syz_open_dev$video(0x0, 0x100000000, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x6, 0x7, 0x0, 0x7fff8000}]})
close_range(r4, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)

1.72530846s ago: executing program 2 (id=25669):
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x109)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
syz_open_dev$MSR(0x0, 0xfffffffffffffffd, 0x0)
syz_open_dev$vim2m(&(0x7f0000000100), 0x400000, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000300)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x56f02000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102384, 0x18ff0)
openat$tun(0xffffffffffffff9c, 0x0, 0xa2f01, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000000)=0x5, 0x4)
bind$inet(r1, &(0x7f0000000080)={0x2, 0x5e21, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10)
sendmmsg$inet(r1, &(0x7f0000000440)=[{{&(0x7f0000000140)={0x2, 0x4e24, @multicast1}, 0x10, 0x0}}], 0x1, 0x44008004)
write$binfmt_misc(r1, &(0x7f0000000300), 0xfdef)

1.706546864s ago: executing program 6 (id=25670):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
socket$kcm(0x2a, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x14d802, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x8882, 0x0)
syz_io_uring_setup(0x7bb9, &(0x7f0000000300)={0x0, 0xec22, 0x400, 0x3, 0x40000333}, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket(0x1e, 0x4, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket(0x1e, 0x2, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000050000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001400000001208000240000000", @ANYRES16=r0], 0xc4}}, 0x0)

0s ago: executing program 2 (id=25671):
syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00'})
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={0x28, 0x0, 0x5, 0x4, 0x0, {{}, {@val={0x8}, @void}}, [@crypto_settings=[@NL80211_ATTR_CIPHER_SUITES_PAIRWISE={0xc, 0x49, [0xfac0b, 0xfac0b]}]]}, 0x28}}, 0x80)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e)
bind$alg(r1, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "00fcff", 0x18, 0x6, 0x1, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

6 audit(2000001644.421:1039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15496 comm="syz.5.16191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc69540db99 code=0x7ffc0000
[ 1027.341052][T15591] netlink: 8 bytes leftover after parsing attributes in process `syz.4.16216'.
[ 1027.441606][T15591] veth1_vlan: left allmulticast mode
[ 1027.566420][T15591] netlink: 'syz.4.16216': attribute type 1 has an invalid length.
[ 1027.566448][T15591] netlink: 'syz.4.16216': attribute type 2 has an invalid length.
[ 1027.589107][T15597] binder: 15596:15597 ioctl c0306201 200000000080 returned -14
[ 1028.015805][T15613] netlink: 64 bytes leftover after parsing attributes in process `syz.5.16225'.
[ 1028.198566][T15620] netlink: 'syz.0.16228': attribute type 9 has an invalid length.
[ 1028.198594][T15620] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.16228'.
[ 1028.311398][T15625] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1029.521250][ T9565] usb 5-1: new high-speed USB device number 127 using dummy_hcd
[ 1029.692448][ T9565] usb 5-1: Using ep0 maxpacket: 32
[ 1029.695771][ T9565] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[ 1029.695803][ T9565] usb 5-1: config 0 has no interface number 0
[ 1029.695862][ T9565] usb 5-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[ 1029.695885][ T9565] usb 5-1: config 0 interface 1 has no altsetting 0
[ 1029.757894][ T9565] usb 5-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[ 1029.757931][ T9565] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1029.757953][ T9565] usb 5-1: Product: syz
[ 1029.757969][ T9565] usb 5-1: Manufacturer: syz
[ 1029.757985][ T9565] usb 5-1: SerialNumber: syz
[ 1029.813143][ T9565] usb 5-1: config 0 descriptor??
[ 1030.052903][ T9565] cx231xx 5-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces
[ 1030.052942][ T9565] cx231xx 5-1:0.1: Not found matching IAD interface
[ 1030.081372][ T9565] usb 5-1: USB disconnect, device number 127
[ 1031.702649][  T811] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 1031.876032][  T811] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1031.876079][  T811] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1031.877665][  T811] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1031.877695][  T811] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1031.877718][  T811] usb 5-1: Manufacturer: syz
[ 1031.933434][  T811] usb 5-1: config 0 descriptor??
[ 1032.822396][  T811] uclogic 0003:256C:006D.0034: failed retrieving Huion firmware version: -71
[ 1032.822473][  T811] uclogic 0003:256C:006D.0034: failed probing parameters: -71
[ 1032.822605][  T811] uclogic 0003:256C:006D.0034: probe with driver uclogic failed with error -71
[ 1032.877193][  T811] usb 5-1: USB disconnect, device number 2
[ 1034.284303][T15924] netlink: 'syz.5.16316': attribute type 12 has an invalid length.
[ 1034.284330][T15924] netlink: 'syz.5.16316': attribute type 29 has an invalid length.
[ 1034.284345][T15924] netlink: 148 bytes leftover after parsing attributes in process `syz.5.16316'.
[ 1034.284373][T15924] netlink: 'syz.5.16316': attribute type 2 has an invalid length.
[ 1034.284388][T15924] netlink: 23 bytes leftover after parsing attributes in process `syz.5.16316'.
[ 1034.640275][   T37] kauditd_printk_skb: 430 callbacks suppressed
[ 1034.640296][   T37] audit: type=1326 audit(2000001653.410:1470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=15939 comm="syz.5.16323" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc69546c819 code=0x0
[ 1035.056656][T15962] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1037.054082][T16070] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16366'.
[ 1037.059119][T16070] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16366'.
[ 1038.475035][T16124] loop7: detected capacity change from 0 to 7
[ 1038.584654][T16124] Dev loop7: unable to read RDB block 7
[ 1038.584713][T16124]  loop7: unable to read partition table
[ 1038.584987][T16124] loop7: partition table beyond EOD, truncated
[ 1038.586487][T16124] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1038.628483][    C1] blk_print_req_error: 54 callbacks suppressed
[ 1038.628508][    C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x8800 phys_seg 1 prio class 2
[ 1038.628667][    C1] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x8800 phys_seg 1 prio class 2
[ 1041.061822][T16240] evm: overlay not supported
[ 1042.812636][T16307] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1044.596003][   T36] kernel read not supported for file /1569/ns (pid: 36 comm: kworker/1:1)
[ 1044.777200][T12059] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[ 1044.940578][T12059] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[ 1044.940618][T12059] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 255
[ 1044.995180][T12059] usb 5-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[ 1044.995216][T12059] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1044.995245][T12059] usb 5-1: Product: syz
[ 1044.995261][T12059] usb 5-1: Manufacturer: syz
[ 1044.995278][T12059] usb 5-1: SerialNumber: syz
[ 1045.040049][T12059] usb 5-1: config 0 descriptor??
[ 1045.045263][T16385] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1045.045394][T16385] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1045.314612][T16385] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1045.314768][T16385] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1046.034782][T16430] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1046.063435][T16430] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1046.233176][T12059] dm9601 5-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71
[ 1046.289614][T12059] dm9601 5-1:0.0 eth5: register 'dm9601' at usb-dummy_hcd.4-1, Davicom DM96xx USB 10/100 Ethernet, 9a:26:63:1b:bb:b3
[ 1046.329673][T12059] usb 5-1: USB disconnect, device number 3
[ 1046.333574][T12059] dm9601 5-1:0.0 eth5: unregister 'dm9601' usb-dummy_hcd.4-1, Davicom DM96xx USB 10/100 Ethernet
[ 1046.678069][ T9565] hid-generic 0000:0000:0000.0035: unknown main item tag 0x0
[ 1046.792138][T16493] batadv_slave_1: entered promiscuous mode
[ 1046.798304][ T9565] hid-generic 0000:0000:0000.0035: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1046.813914][T16492] batadv_slave_1: left promiscuous mode
[ 1049.277971][T16619] dummy0: entered allmulticast mode
[ 1049.292077][T16619] dummy0: left allmulticast mode
[ 1049.558718][T16632] 9pnet: p9_errstr2errno: server reported unknown error 0x000
[ 1050.065125][T16665] netlink: 27 bytes leftover after parsing attributes in process `syz.6.16565'.
[ 1050.557835][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[ 1050.557917][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[ 1050.894630][T16703] netlink: 'syz.6.16578': attribute type 7 has an invalid length.
[ 1051.185570][T16718] netlink: 'syz.6.16583': attribute type 2 has an invalid length.
[ 1051.185600][T16718] netlink: 'syz.6.16583': attribute type 2 has an invalid length.
[ 1051.780829][T16755] tipc: Started in network mode
[ 1051.780849][T16755] tipc: Node identity , cluster identity 4711
[ 1051.780866][T16755] tipc: Failed to obtain node identity
[ 1051.780896][T16755] tipc: Enabling of bearer <eth:gre0> rejected, failed to enable media
[ 1051.879245][T16759] netlink: 32 bytes leftover after parsing attributes in process `syz.5.16597'.
[ 1054.043969][T16843] netlink: 20 bytes leftover after parsing attributes in process `syz.6.16627'.
[ 1054.699026][T16864] input: syz0 as /devices/virtual/input/input84
[ 1056.793589][T16941] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1057.629642][T17000] netlink: 16 bytes leftover after parsing attributes in process `syz.5.16677'.
[ 1057.678133][T17000] veth0_macvtap: left promiscuous mode
[ 1057.768554][T17000] netlink: 16 bytes leftover after parsing attributes in process `syz.5.16677'.
[ 1059.963971][   T10] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[ 1060.130528][   T10] usb 6-1: Using ep0 maxpacket: 8
[ 1060.140518][   T10] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1060.140552][   T10] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1060.140580][   T10] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1060.140606][   T10] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1060.140654][   T10] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1060.140688][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1060.513963][   T10] usb 6-1: GET_CAPABILITIES returned 0
[ 1060.514019][   T10] usbtmc 6-1:16.0: can't read capabilities
[ 1060.773687][T12059] usb 6-1: USB disconnect, device number 45
[ 1061.356363][T17168] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16729'.
[ 1061.384094][T17168] netlink: 64 bytes leftover after parsing attributes in process `syz.0.16729'.
[ 1061.386487][T17169] netlink: 4 bytes leftover after parsing attributes in process `syz.6.16730'.
[ 1061.729324][T17180] syzkaller1: entered promiscuous mode
[ 1061.729353][T17180] syzkaller1: entered allmulticast mode
[ 1062.245443][ T9565] usb 7-1: new high-speed USB device number 22 using dummy_hcd
[ 1062.405601][ T9565] usb 7-1: Using ep0 maxpacket: 16
[ 1062.410736][ T9565] usb 7-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[ 1062.410772][ T9565] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1062.410793][ T9565] usb 7-1: Product: syz
[ 1062.410807][ T9565] usb 7-1: Manufacturer: syz
[ 1062.410822][ T9565] usb 7-1: SerialNumber: syz
[ 1062.496717][ T9565] usb 7-1: config 0 descriptor??
[ 1062.939352][ T9565] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[ 1062.944878][ T9565] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1062.966408][ T9565] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[ 1062.966476][ T9565] usb 7-1: media controller created
[ 1063.037839][ T9565] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1063.793214][ T9565] zl10353_read_register: readreg error (reg=127, ret==0)
[ 1063.793289][ T9565] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[ 1063.793303][ T9565] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[ 1063.817387][T17193] dtv5100: wlen = 0, aborting.
[ 1063.854306][ T9565] usb 7-1: USB disconnect, device number 22
[ 1064.139616][ T9565] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[ 1066.753604][T17390] netlink: 'syz.5.16796': attribute type 8 has an invalid length.
[ 1066.753633][T17390] netlink: 209840 bytes leftover after parsing attributes in process `syz.5.16796'.
[ 1067.815887][   T10] usb 7-1: new high-speed USB device number 23 using dummy_hcd
[ 1067.953367][T17442] pimreg: entered allmulticast mode
[ 1067.965435][T17442] pimreg: left allmulticast mode
[ 1067.978654][   T10] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 130, using maximum allowed: 30
[ 1067.978707][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 252, changing to 11
[ 1067.978738][   T10] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 130
[ 1067.978783][   T10] usb 7-1: New USB device found, idVendor=045e, idProduct=009d, bcdDevice= 0.00
[ 1067.978808][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1068.067863][   T10] usb 7-1: config 0 descriptor??
[ 1068.574678][T17463] ipip1: entered promiscuous mode
[ 1068.574822][T17463] ipip1: entered allmulticast mode
[ 1068.581425][   T10] microsoft 0003:045E:009D.0036: unknown main item tag 0x0
[ 1068.581465][   T10] microsoft 0003:045E:009D.0036: unknown main item tag 0x0
[ 1068.581492][   T10] microsoft 0003:045E:009D.0036: unknown main item tag 0x0
[ 1068.581519][   T10] microsoft 0003:045E:009D.0036: unknown main item tag 0x0
[ 1068.581546][   T10] microsoft 0003:045E:009D.0036: unknown main item tag 0x0
[ 1068.581570][   T10] microsoft 0003:045E:009D.0036: unknown main item tag 0x0
[ 1068.581596][   T10] microsoft 0003:045E:009D.0036: unknown main item tag 0x0
[ 1068.581634][   T10] microsoft 0003:045E:009D.0036: unknown main item tag 0x0
[ 1068.581661][   T10] microsoft 0003:045E:009D.0036: unknown main item tag 0x0
[ 1068.581688][   T10] microsoft 0003:045E:009D.0036: unknown main item tag 0x0
[ 1068.690740][   T10] microsoft 0003:045E:009D.0036: hidraw0: USB HID v6f.fd Device [HID 045e:009d] on usb-dummy_hcd.6-1/input0
[ 1068.690777][   T10] microsoft 0003:045E:009D.0036: no inputs found
[ 1068.690791][   T10] microsoft 0003:045E:009D.0036: could not initialize ff, continuing anyway
[ 1068.809245][   T36] usb 7-1: USB disconnect, device number 23
[ 1069.110808][T17481] fido_id[17481]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[ 1069.548577][  T811] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[ 1069.711500][  T811] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1069.711540][  T811] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1069.711597][  T811] usb 6-1: New USB device found, idVendor=046d, idProduct=c539, bcdDevice= 0.00
[ 1069.711623][  T811] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1069.769741][  T811] usb 6-1: config 0 descriptor??
[ 1070.287171][  T811] logitech-djreceiver 0003:046D:C539.0037: hidraw0: USB HID v0.04 Device [HID 046d:c539] on usb-dummy_hcd.5-1/input0
[ 1070.499939][  T811] usb 6-1: USB disconnect, device number 46
[ 1070.673283][T17562] fido_id[17562]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[ 1070.825216][T17592] Bluetooth: hci1: invalid length 1, exp 2 for type 2
[ 1070.873208][   T10] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[ 1070.936364][T17595] netlink: 9275 bytes leftover after parsing attributes in process `syz.0.16846'.
[ 1071.042859][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1071.042899][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1071.042924][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1071.042972][   T10] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1071.042997][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1071.121722][   T10] usb 5-1: config 0 descriptor??
[ 1071.405336][   T37] audit: type=1326 audit(2000001687.805:1471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17615 comm="syz.0.16853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4ba1c819 code=0x7ffc0000
[ 1071.405405][   T37] audit: type=1326 audit(2000001687.805:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17615 comm="syz.0.16853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4ba1c819 code=0x7ffc0000
[ 1071.407335][   T37] audit: type=1326 audit(2000001687.814:1473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17615 comm="syz.0.16853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7fbd4ba1c819 code=0x7ffc0000
[ 1071.504550][   T37] audit: type=1326 audit(2000001687.908:1474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17615 comm="syz.0.16853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4ba1c819 code=0x7ffc0000
[ 1071.504684][   T37] audit: type=1326 audit(2000001687.908:1475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17615 comm="syz.0.16853" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4ba1c819 code=0x7ffc0000
[ 1071.587322][   T10] plantronics 0003:047F:FFFF.0038: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[ 1071.904378][   T10] usb 5-1: USB disconnect, device number 4
[ 1072.047488][T17641] fido_id[17641]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory
[ 1073.524968][T17725] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16882'.
[ 1073.525003][T17725] bond0: Unable to set up delay as MII monitoring is disabled
[ 1073.803100][T17734] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[ 1074.162204][T17751] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1075.616509][T17825] netlink: 252 bytes leftover after parsing attributes in process `syz.5.16917'.
[ 1077.592549][   T37] audit: type=1326 audit(2000001693.595:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=17923 comm="syz.6.16949" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd93157c819 code=0x0
[ 1078.495755][   T10] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[ 1078.656541][   T10] usb 5-1: Using ep0 maxpacket: 32
[ 1078.659441][   T10] usb 5-1: config 139 has an invalid interface number: 49 but max is 0
[ 1078.659473][   T10] usb 5-1: config 139 has no interface number 0
[ 1078.659508][   T10] usb 5-1: config 139 interface 49 has no altsetting 0
[ 1078.663152][   T10] usb 5-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=72.75
[ 1078.663184][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1078.663206][   T10] usb 5-1: Product: syz
[ 1078.663222][   T10] usb 5-1: Manufacturer: syz
[ 1078.663238][   T10] usb 5-1: SerialNumber: syz
[ 1079.216280][   T10] radio-usb-si4713 5-1:139.49: Si4713 development board discovered: (10C4:8244)
[ 1079.663873][ T5114] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1079.912849][   T10] radio-usb-si4713 5-1:139.49: probe with driver radio-usb-si4713 failed with error -71
[ 1079.913468][   T10] usbhid 5-1:139.49: couldn't find an input interrupt endpoint
[ 1079.950415][   T10] usb 5-1: USB disconnect, device number 5
[ 1081.841292][ T7928] usb 7-1: new high-speed USB device number 24 using dummy_hcd
[ 1081.922364][T18136] input: syz0 as /devices/virtual/input/input86
[ 1082.006003][ T7928] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1082.006053][ T7928] usb 7-1: New USB device found, idVendor=04d9, idProduct=a04a, bcdDevice= 0.00
[ 1082.006068][ T7928] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1082.085874][ T7928] usb 7-1: config 0 descriptor??
[ 1082.552961][ T7928] hid_parser_main: 272 callbacks suppressed
[ 1082.552994][ T7928] holtek_mouse 0003:04D9:A04A.0039: unknown main item tag 0x0
[ 1082.553026][ T7928] holtek_mouse 0003:04D9:A04A.0039: unknown main item tag 0x0
[ 1082.553054][ T7928] holtek_mouse 0003:04D9:A04A.0039: unknown main item tag 0x0
[ 1082.553084][ T7928] holtek_mouse 0003:04D9:A04A.0039: unknown main item tag 0x0
[ 1082.553112][ T7928] holtek_mouse 0003:04D9:A04A.0039: unknown main item tag 0x0
[ 1082.553141][ T7928] holtek_mouse 0003:04D9:A04A.0039: unknown main item tag 0x0
[ 1082.553169][ T7928] holtek_mouse 0003:04D9:A04A.0039: unknown main item tag 0x0
[ 1082.553196][ T7928] holtek_mouse 0003:04D9:A04A.0039: unknown main item tag 0x0
[ 1082.553225][ T7928] holtek_mouse 0003:04D9:A04A.0039: unknown main item tag 0x0
[ 1082.553252][ T7928] holtek_mouse 0003:04D9:A04A.0039: unknown main item tag 0x0
[ 1082.566916][ T7928] holtek_mouse 0003:04D9:A04A.0039: hidraw0: USB HID v0.20 Device [HID 04d9:a04a] on usb-dummy_hcd.6-1/input0
[ 1082.774640][T12059] usb 7-1: USB disconnect, device number 24
[ 1082.896342][T18178] fido_id[18178]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[ 1083.472086][ T6296] netdevsim netdevsim4 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1084.117987][T27721] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1084.158318][T27721] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1084.183071][T27721] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1084.212168][ T6296] netdevsim netdevsim4 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1084.263245][T27721] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1084.277833][T27721] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1084.696435][ T6296] netdevsim netdevsim4 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1085.025335][ T6296] netdevsim netdevsim4 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1085.629403][T18297] Invalid argument reading file caps for ./file0
[ 1086.247416][T18330] veth0: entered promiscuous mode
[ 1086.252315][T18327] veth0: left promiscuous mode
[ 1086.478593][T27721] Bluetooth: hci3: command tx timeout
[ 1086.482523][ T6296] veth0_to_bridge: left allmulticast mode
[ 1086.482551][ T6296] veth0_to_bridge: left promiscuous mode
[ 1086.483635][ T6296] bridge0: port 3(veth0_to_bridge) entered disabled state
[ 1086.721105][ T6296] bridge_slave_1: left allmulticast mode
[ 1086.721141][ T6296] bridge_slave_1: left promiscuous mode
[ 1086.721446][ T6296] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1086.958825][ T6296] bridge_slave_0: left promiscuous mode
[ 1086.959096][ T6296] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1086.983296][   T36] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[ 1087.146000][   T36] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1087.150203][   T36] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1087.150236][   T36] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1087.150258][   T36] usb 6-1: Product: syz
[ 1087.150273][   T36] usb 6-1: Manufacturer: syz
[ 1087.150289][   T36] usb 6-1: SerialNumber: syz
[ 1087.236544][   T36] cdc_ncm 6-1:1.0: skipping garbage
[ 1088.360420][   T36] cdc_ncm 6-1:1.0: bind() failure
[ 1088.392518][   T36] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1088.393524][   T36] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1088.412912][   T36] usbtest 6-1:1.1: probe with driver usbtest failed with error -71
[ 1088.456632][   T36] usb 6-1: USB disconnect, device number 47
[ 1088.703810][T27721] Bluetooth: hci3: command tx timeout
[ 1089.767275][ T6296] gretap0 (unregistering): left allmulticast mode
[ 1090.591018][ T6296] team0: Port device bridge0 removed
[ 1090.917414][T27721] Bluetooth: hci3: command tx timeout
[ 1091.410045][ T6296] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1091.452528][ T6296] bond_slave_0: left allmulticast mode
[ 1091.495526][ T6296] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1091.539960][ T6296] bond_slave_1: left allmulticast mode
[ 1091.544436][ T6296] bond0 (unregistering): Released all slaves
[ 1091.584576][ T6296] bond1 (unregistering): Released all slaves
[ 1091.610249][ T6296] bond2 (unregistering): Released all slaves
[ 1091.915625][ T6296] : left promiscuous mode
[ 1092.530976][ T6296] m1Ie5n��: left promiscuous mode
[ 1092.853562][ T6296] tipc: Disabling bearer <udp:syz2>
[ 1092.930505][ T6296] tipc: Left network mode
[ 1092.980993][   T36] usb 6-1: new high-speed USB device number 48 using dummy_hcd
[ 1093.141063][T27721] Bluetooth: hci3: command tx timeout
[ 1093.159053][   T36] usb 6-1: Using ep0 maxpacket: 8
[ 1093.166895][   T36] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1093.166927][   T36] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1093.166953][   T36] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1093.166978][   T36] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1093.167021][   T36] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1093.167046][   T36] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1093.473007][   T36] usb 6-1: GET_CAPABILITIES returned 0
[ 1093.473075][   T36] usbtmc 6-1:16.0: can't read capabilities
[ 1093.727477][  T811] usb 6-1: USB disconnect, device number 48
[ 1094.256205][T18221] chnl_net:caif_netlink_parms(): no params data found
[ 1095.116012][T18766] netlink: 'syz.5.17153': attribute type 3 has an invalid length.
[ 1095.116036][T18766] netlink: 504 bytes leftover after parsing attributes in process `syz.5.17153'.
[ 1095.116056][T18766] netlink: 'syz.5.17153': attribute type 3 has an invalid length.
[ 1095.116071][T18766] netlink: 504 bytes leftover after parsing attributes in process `syz.5.17153'.
[ 1096.213949][T18221] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1096.214069][T18221] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1096.214349][T18221] bridge_slave_0: entered allmulticast mode
[ 1096.267827][T18221] bridge_slave_0: entered promiscuous mode
[ 1096.298659][T18221] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1096.298802][T18221] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1096.299011][T18221] bridge_slave_1: entered allmulticast mode
[ 1096.344645][T18221] bridge_slave_1: entered promiscuous mode
[ 1096.753287][T18221] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1096.805656][T18221] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1098.076698][T18930] 8021q: adding VLAN 0 to HW filter on device bond4
[ 1098.126730][T18221] team0: Port device team_slave_0 added
[ 1098.243373][T18221] team0: Port device team_slave_1 added
[ 1098.411799][ T6296] macvlan0: left promiscuous mode
[ 1098.511811][ T6296] dummy0: left promiscuous mode
[ 1098.841544][ T6296] hsr_slave_0: left promiscuous mode
[ 1098.926649][ T6296] hsr_slave_1: left promiscuous mode
[ 1098.927915][ T6296] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1098.927944][ T6296] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1098.995123][ T6296] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1098.995155][ T6296] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1099.070304][ T6296] batman_adv: batadv0: Removing interface: vlan1
[ 1099.204461][ T6296] veth1_macvtap: left promiscuous mode
[ 1099.204579][ T6296] veth0_macvtap: left promiscuous mode
[ 1099.204956][ T6296] veth1_vlan: left promiscuous mode
[ 1100.003790][ T6296] pim6reg (unregistering): left allmulticast mode
[ 1101.459090][ T6296] team0 (unregistering): Port device team_slave_1 removed
[ 1102.175655][T18221] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1102.175676][T18221] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1102.175706][T18221] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1102.233047][T18221] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1102.233066][T18221] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1102.233093][T18221] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1102.667309][T18221] hsr_slave_0: entered promiscuous mode
[ 1102.689142][T18221] hsr_slave_1: entered promiscuous mode
[ 1102.690227][T18221] debugfs: 'hsr0' already exists in 'hsr'
[ 1102.690255][T18221] Cannot create hsr debugfs directory
[ 1106.058003][T18221] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1106.139877][T18221] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1106.260392][T18221] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1106.357078][T18221] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1106.915025][T18221] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1106.973420][T18221] 8021q: adding VLAN 0 to HW filter on device team0
[ 1107.019121][ T6296] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1107.019208][ T6296] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1107.048040][ T4538] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1107.055195][ T4538] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1108.034292][T18221] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1109.218654][T18221] veth0_vlan: entered promiscuous mode
[ 1109.258895][T18221] veth1_vlan: entered promiscuous mode
[ 1109.423778][T18221] veth0_macvtap: entered promiscuous mode
[ 1109.455530][T18221] veth1_macvtap: entered promiscuous mode
[ 1109.557150][T18221] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1109.666868][T18221] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1109.745529][ T1275] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1109.773464][ T1275] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1109.776363][ T1275] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1109.777216][ T1275] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1110.484417][ T6296] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1110.484442][ T6296] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1110.641669][T19234] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1110.641694][T19234] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1111.922414][T19694] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 1111.922633][T19694] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 1111.922826][T19694] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 1111.923023][T19694] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 1111.923211][T19694] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 1111.923446][T19694] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 1111.923647][T19694] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 1111.949674][T19694] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 1111.949889][T19694] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 1111.950062][T19694] ICMPv6: RA: ndisc_router_discovery failed to add default route
[ 1112.678480][T19717] netlink: 8 bytes leftover after parsing attributes in process `syz.5.17372'.
[ 1114.652721][T19783] netlink: 20 bytes leftover after parsing attributes in process `syz.7.17393'.
[ 1114.726660][T19785] loop8: detected capacity change from 0 to 7
[ 1114.739239][T19785] Dev loop8: unable to read RDB block 7
[ 1114.739295][T19785]  loop8: unable to read partition table
[ 1114.739535][T19785] loop8: partition table beyond EOD, truncated
[ 1114.739553][T19785] loop_reread_partitions: partition scan of loop8 (�被x�^>��� ) failed (rc=-5)
[ 1115.607849][T19835] kernel read not supported for file /file0 (pid: 19835 comm: syz.0.17411)
[ 1115.608079][   T37] audit: type=1800 audit(2000001729.159:1477): pid=19835 uid=0 auid=4294967295 ses=4294967295 subj=_ op=collect_data cause=failed comm="syz.0.17411" name="file0" dev="mqueue" ino=136124 res=0 errno=0
[ 1115.746677][T19844] netlink: 8 bytes leftover after parsing attributes in process `syz.7.17413'.
[ 1115.746717][T19844] netlink: 'syz.7.17413': attribute type 26 has an invalid length.
[ 1115.746734][T19844] netlink: 4 bytes leftover after parsing attributes in process `syz.7.17413'.
[ 1115.752255][T19844] netlink: 8 bytes leftover after parsing attributes in process `syz.7.17413'.
[ 1115.752288][T19844] netlink: 'syz.7.17413': attribute type 26 has an invalid length.
[ 1115.752303][T19844] netlink: 4 bytes leftover after parsing attributes in process `syz.7.17413'.
[ 1116.260658][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.260739][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[ 1117.544378][T19927] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1117.544415][T19927] overlayfs: failed to set xattr on upper
[ 1117.544424][T19927] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1117.544434][T19927] overlayfs: ...falling back to index=off.
[ 1117.544442][T19927] overlayfs: ...falling back to uuid=null.
[ 1117.544452][T19927] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[ 1119.333120][ T7928] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[ 1119.493633][ T7928] usb 6-1: Using ep0 maxpacket: 8
[ 1119.498508][ T7928] usb 6-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1119.498547][ T7928] usb 6-1: config 1 interface 0 has no altsetting 0
[ 1119.544886][ T7928] usb 6-1: string descriptor 0 read error: -22
[ 1119.545050][ T7928] usb 6-1: New USB device found, idVendor=054c, idProduct=0268, bcdDevice= 0.40
[ 1119.545075][ T7928] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1120.097676][ T7928] sony 0003:054C:0268.003A: report_id 1464697065 is invalid
[ 1120.097708][ T7928] sony 0003:054C:0268.003A: item 0 4 1 8 parsing failed
[ 1120.098606][ T7928] sony 0003:054C:0268.003A: parse failed
[ 1120.098728][ T7928] sony 0003:054C:0268.003A: probe with driver sony failed with error -22
[ 1120.311203][ T7928] usb 6-1: USB disconnect, device number 49
[ 1120.531796][T20077] 9pnet: p9_errstr2errno: server reported unknown error 0x0000
[ 1121.301170][T20118] net_ratelimit: 694 callbacks suppressed
[ 1121.301194][T20118] Set syz1 is full, maxelem 2 reached
[ 1122.500598][T20177] A link change request failed with some changes committed already. Interface veth0_to_team may have been left with an inconsistent configuration, please check.
[ 1123.285688][T20212] ref_ctr_offset mismatch. inode: 0x93 offset: 0x5 ref_ctr_offset(old): 0x2 ref_ctr_offset(new): 0x0
[ 1124.815239][T20268] syz.5.17535 (20268) used greatest stack depth: 17288 bytes left
[ 1124.960946][T20299] loop8: detected capacity change from 0 to 7
[ 1124.982079][T20299] Dev loop8: unable to read RDB block 7
[ 1124.982131][T20299]  loop8: unable to read partition table
[ 1124.982380][T20299] loop8: partition table beyond EOD, truncated
[ 1124.982416][T20299] loop_reread_partitions: partition scan of loop8 (�被x�^>��� ) failed (rc=-5)
[ 1129.955730][T20549] netlink: 212368 bytes leftover after parsing attributes in process `syz.7.17636'.
[ 1130.544934][T20581] 9p: Bad value for 'wfdno'
[ 1132.295452][T20678] netlink: 'syz.5.17684': attribute type 3 has an invalid length.
[ 1134.770647][   T37] audit: type=1326 audit(2000000001.496:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20800 comm="syz.7.17732" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3b1f5ac819 code=0x0
[ 1141.868615][T21179] netlink: 'syz.5.17875': attribute type 1 has an invalid length.
[ 1141.878511][T21179] netlink: 188 bytes leftover after parsing attributes in process `syz.5.17875'.
[ 1142.952645][   T37] audit: type=1326 audit(2000000009.148:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21233 comm="syz.0.17899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4ba1c819 code=0x7ffc0000
[ 1142.952726][   T37] audit: type=1326 audit(2000000009.148:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21233 comm="syz.0.17899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4ba1c819 code=0x7ffc0000
[ 1142.962033][   T37] audit: type=1326 audit(2000000009.157:1481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21233 comm="syz.0.17899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4ba1c819 code=0x7ffc0000
[ 1142.970290][   T37] audit: type=1326 audit(2000000009.157:1482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21233 comm="syz.0.17899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=210 compat=0 ip=0x7fbd4ba1c819 code=0x7ffc0000
[ 1142.970352][   T37] audit: type=1326 audit(2000000009.157:1483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21233 comm="syz.0.17899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4ba1c819 code=0x7ffc0000
[ 1142.970402][   T37] audit: type=1326 audit(2000000009.157:1484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21233 comm="syz.0.17899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4ba1c819 code=0x7ffc0000
[ 1142.970450][   T37] audit: type=1326 audit(2000000009.157:1485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21233 comm="syz.0.17899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4ba1c819 code=0x7ffc0000
[ 1142.970500][   T37] audit: type=1326 audit(2000000009.157:1486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21233 comm="syz.0.17899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4ba1c819 code=0x7ffc0000
[ 1142.970549][   T37] audit: type=1326 audit(2000000009.157:1487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21233 comm="syz.0.17899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbd4ba1c819 code=0x7ffc0000
[ 1142.970599][   T37] audit: type=1326 audit(2000000009.157:1488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21233 comm="syz.0.17899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbd4ba1c819 code=0x7ffc0000
[ 1148.913306][T21429] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17971'.
[ 1148.913333][T21429] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17971'.
[ 1149.198013][T21439] ceph: No mds server is up or the cluster is laggy
[ 1149.399791][T21454] netlink: 28 bytes leftover after parsing attributes in process `syz.7.17979'.
[ 1150.032981][T21476] netlink: 'syz.0.17988': attribute type 3 has an invalid length.
[ 1151.612142][T21557] overlayfs: failed to clone lowerpath
[ 1157.083511][T21849] netlink: 4 bytes leftover after parsing attributes in process `syz.5.18119'.
[ 1158.647494][T21946] netlink: 8 bytes leftover after parsing attributes in process `syz.5.18152'.
[ 1158.647537][T21946] netlink: 12 bytes leftover after parsing attributes in process `syz.5.18152'.
[ 1158.696752][   T43] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1158.697332][   T43] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1158.697373][   T43] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1158.697409][   T43] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1158.735445][T21946] netlink: 8 bytes leftover after parsing attributes in process `syz.5.18152'.
[ 1158.735481][T21946] netlink: 12 bytes leftover after parsing attributes in process `syz.5.18152'.
[ 1160.216462][T22034] overlayfs: failed to clone upperpath
[ 1163.826234][T22197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.18249'.
[ 1164.492110][T22237] netlink: 12 bytes leftover after parsing attributes in process `syz.5.18264'.
[ 1165.443806][T22265] overlayfs: failed to clone upperpath
[ 1169.249524][T22396] netlink: set zone limit has 4 unknown bytes
[ 1170.367327][T22461] netlink: 'syz.0.18345': attribute type 5 has an invalid length.
[ 1170.921865][T22498] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1176.453896][T22764] netlink: 8 bytes leftover after parsing attributes in process `syz.5.18459'.
[ 1176.453927][T22764] netlink: 12 bytes leftover after parsing attributes in process `syz.5.18459'.
[ 1176.454050][T22764] netlink: 'syz.5.18459': attribute type 5 has an invalid length.
[ 1176.456806][T22764] netlink: 8 bytes leftover after parsing attributes in process `syz.5.18459'.
[ 1176.456834][T22764] netlink: 12 bytes leftover after parsing attributes in process `syz.5.18459'.
[ 1176.456861][T22764] netlink: 'syz.5.18459': attribute type 5 has an invalid length.
[ 1176.662569][T22773] netlink: 52 bytes leftover after parsing attributes in process `syz.5.18464'.
[ 1176.798989][ T7928] IPVS: starting estimator thread 0...
[ 1176.913145][T22780] IPVS: using max 8 ests per chain, 19200 per kthread
[ 1178.562800][T22878] netlink: 28 bytes leftover after parsing attributes in process `syz.5.18503'.
[ 1178.645660][T22881] netlink: 'syz.7.18504': attribute type 4 has an invalid length.
[ 1178.707331][T22881] netlink: 'syz.7.18504': attribute type 4 has an invalid length.
[ 1179.249922][T22913] fuse: Bad value for 'fd'
[ 1179.277135][T22917] netlink: 'syz.0.18516': attribute type 10 has an invalid length.
[ 1179.314541][T22917] team0: left allmulticast mode
[ 1179.314570][T22917] geneve1: left allmulticast mode
[ 1179.314596][T22917] team0: left promiscuous mode
[ 1179.314862][T22917] team_slave_1: left promiscuous mode
[ 1179.315089][T22917] geneve1: left promiscuous mode
[ 1179.315504][T22917] bridge0: port 3(team0) entered disabled state
[ 1179.455597][T22917] 8021q: adding VLAN 0 to HW filter on device team0
[ 1179.485098][T22917] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1181.415656][T23002] netlink: 'syz.5.18540': attribute type 2 has an invalid length.
[ 1181.415684][T23002] netlink: 'syz.5.18540': attribute type 1 has an invalid length.
[ 1181.415698][T23002] netlink: 'syz.5.18540': attribute type 8 has an invalid length.
[ 1181.415713][T23002] netlink: 88 bytes leftover after parsing attributes in process `syz.5.18540'.
[ 1181.929569][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[ 1181.929644][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[ 1182.356543][T23040] program syz.0.18555 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1183.920962][T23122] netlink: 'syz.5.18587': attribute type 5 has an invalid length.
[ 1186.608048][T23261] trusted_key: syz.7.18640 sent an empty control message without MSG_MORE.
[ 1192.829484][T23557] netlink: 8 bytes leftover after parsing attributes in process `syz.5.18747'.
[ 1192.829516][T23557] netlink: 8 bytes leftover after parsing attributes in process `syz.5.18747'.
[ 1194.448061][T23632] netlink: 4 bytes leftover after parsing attributes in process `syz.0.18775'.
[ 1194.642187][T23632] team0: Port device team_slave_0 removed
[ 1194.739630][T23651] tipc: Failed to remove unknown binding: 66,1,1/0:3793794200/3793794202
[ 1195.917873][T23707] loop2: detected capacity change from 0 to 7
[ 1195.934301][T23707] Dev loop2: unable to read RDB block 7
[ 1195.934354][T23707]  loop2: unable to read partition table
[ 1195.934776][T23707] loop2: partition table beyond EOD, truncated
[ 1195.934821][T23707] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[ 1198.749396][T23843] netlink: 'syz.5.18849': attribute type 1 has an invalid length.
[ 1198.929075][T23843] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1199.187612][T23850] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1199.188144][T23850] bond1: (slave vxcan1): The slave device specified does not support setting the MAC address
[ 1199.189561][T23850] bond1: (slave vxcan1): Error -95 calling set_mac_address
[ 1200.637358][T23964] io-wq is not configured for unbound workers
[ 1201.940636][T24019] fuse: Bad value for 'fd'
[ 1203.378551][ T5114] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1203.414913][ T5114] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1203.438445][ T5114] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1203.450145][ T5114] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1203.454611][ T5114] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1203.647441][  T156] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1203.851104][T24054] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1204.091237][T24087] loop2: detected capacity change from 0 to 7
[ 1204.114356][T24087]  loop2:
[ 1204.114398][T24087] loop2: partition table partially beyond EOD, truncated
[ 1204.390350][  T156] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1204.939974][  T156] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1205.554199][T27721] Bluetooth: hci1: unexpected event for opcode 0x0401
[ 1205.658760][  T156] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1205.695874][T27721] Bluetooth: hci3: command tx timeout
[ 1206.739472][T24194] input: syz1 as /devices/virtual/input/input87
[ 1207.542516][T24065] chnl_net:caif_netlink_parms(): no params data found
[ 1207.936885][T27721] Bluetooth: hci3: command tx timeout
[ 1208.130476][  T156] bridge_slave_1: left allmulticast mode
[ 1208.130512][  T156] bridge_slave_1: left promiscuous mode
[ 1208.130814][  T156] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1208.356520][  T156] bridge_slave_0: left allmulticast mode
[ 1208.356555][  T156] bridge_slave_0: left promiscuous mode
[ 1208.356853][  T156] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1209.891356][T27721] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[ 1209.891680][T27721] Bluetooth: hci1: Injecting HCI hardware error event
[ 1209.907850][ T5114] Bluetooth: hci1: hardware error 0x00
[ 1210.176503][T27721] Bluetooth: hci3: command tx timeout
[ 1212.118444][ T5114] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[ 1212.380926][ T5114] Bluetooth: hci3: command tx timeout
[ 1213.437897][  T156] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1213.700778][  T156] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1213.756762][  T156] bond0 (unregistering): Released all slaves
[ 1215.567862][T24065] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1215.568006][T24065] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1215.568275][T24065] bridge_slave_0: entered allmulticast mode
[ 1215.649133][T24065] bridge_slave_0: entered promiscuous mode
[ 1215.664105][T24065] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1215.687835][T24065] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1215.688201][T24065] bridge_slave_1: entered allmulticast mode
[ 1215.691386][T24065] bridge_slave_1: entered promiscuous mode
[ 1216.488426][T24065] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1216.529176][T24065] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1216.841615][T24065] team0: Port device team_slave_0 added
[ 1216.914136][T24065] team0: Port device team_slave_1 added
[ 1217.420728][T24065] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1217.420748][T24065] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1217.420777][T24065] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1217.440524][T24065] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1217.440553][T24065] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1217.440709][T24065] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1219.381195][T24065] hsr_slave_0: entered promiscuous mode
[ 1219.390230][T24065] hsr_slave_1: entered promiscuous mode
[ 1219.407578][T24065] debugfs: 'hsr0' already exists in 'hsr'
[ 1219.408148][T24065] Cannot create hsr debugfs directory
[ 1219.825178][  T156] hsr_slave_0: left promiscuous mode
[ 1219.928214][  T156] hsr_slave_1: left promiscuous mode
[ 1219.929467][  T156] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1219.929498][  T156] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1220.021907][  T156] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1220.021938][  T156] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1220.217754][  T156] veth1_macvtap: left promiscuous mode
[ 1220.217876][  T156] veth0_macvtap: left promiscuous mode
[ 1220.219427][  T156] veth1_vlan: left promiscuous mode
[ 1220.219645][  T156] veth0_vlan: left promiscuous mode
[ 1221.191466][T24738] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1223.390164][  T156] team0 (unregistering): Port device team_slave_1 removed
[ 1223.492718][  T156] team0 (unregistering): Port device team_slave_0 removed
[ 1224.758375][T24917] overlayfs: failed to clone upperpath
[ 1226.490840][T24065] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1226.580922][T24065] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1226.598305][  T156] IPVS: stop unused estimator thread 0...
[ 1226.660515][T25032] netlink: 20 bytes leftover after parsing attributes in process `syz.5.19161'.
[ 1226.660544][T25032] netlink: 20 bytes leftover after parsing attributes in process `syz.5.19161'.
[ 1226.684542][T24065] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1226.763375][T24065] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1227.529633][T24065] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1227.626892][T24065] 8021q: adding VLAN 0 to HW filter on device team0
[ 1227.700772][  T156] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1227.701822][  T156] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1227.816707][ T4538] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1227.816897][ T4538] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1228.985946][T24065] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1230.659998][T25153] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1230.660408][T25153] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1233.085096][T25153] ipvlan2: left promiscuous mode
[ 1233.338638][T15589] netdevsim netdevsim5 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1233.338678][T15589] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1233.359071][T15589] netdevsim netdevsim5 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1233.359112][T15589] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1233.369561][T15589] netdevsim netdevsim5 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1233.371616][T15589] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1233.372213][T15589] netdevsim netdevsim5 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1233.372241][T15589] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1233.518587][   T37] kauditd_printk_skb: 19 callbacks suppressed
[ 1233.518608][   T37] audit: type=1326 audit(2000000093.858:1508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25305 comm="syz.5.19251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1233.518984][   T37] audit: type=1326 audit(2000000093.858:1509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25305 comm="syz.5.19251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1233.570269][   T37] audit: type=1326 audit(2000000093.904:1510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25305 comm="syz.5.19251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1233.571043][   T37] audit: type=1326 audit(2000000093.904:1511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25305 comm="syz.5.19251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1233.571325][   T37] audit: type=1326 audit(2000000093.904:1512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25305 comm="syz.5.19251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1233.572106][   T37] audit: type=1326 audit(2000000093.904:1513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25305 comm="syz.5.19251" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1233.750583][T25316] 9p: Bad value for 'rfdno'
[ 1234.238258][T24065] veth0_vlan: entered promiscuous mode
[ 1234.285929][T24065] veth1_vlan: entered promiscuous mode
[ 1234.480802][T24065] veth0_macvtap: entered promiscuous mode
[ 1234.533921][T24065] veth1_macvtap: entered promiscuous mode
[ 1234.642993][T24065] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1234.786733][T24065] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1234.933570][ T4538] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1234.934131][ T4538] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1234.934409][ T4538] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1234.934688][ T4538] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1235.375929][T25385] kvm: pic: level sensitive irq not supported
[ 1235.376145][T25385] kvm: pic: non byte read
[ 1235.376983][T25385] kvm: pic: single mode not supported
[ 1235.377072][T25385] kvm: pic: non byte read
[ 1235.377485][T25385] kvm: pic: non byte read
[ 1235.378088][T25385] kvm: pic: non byte read
[ 1235.378508][T25385] kvm: pic: non byte read
[ 1235.378848][T25385] kvm: pic: single mode not supported
[ 1235.378859][T25385] kvm: pic: level sensitive irq not supported
[ 1235.378939][T25385] kvm: pic: non byte read
[ 1235.390612][T25385] kvm: pic: level sensitive irq not supported
[ 1235.390788][T25385] kvm: pic: non byte read
[ 1235.391173][T25385] kvm: pic: single mode not supported
[ 1235.391246][T25385] kvm: pic: non byte read
[ 1235.392027][T25385] kvm: pic: non byte read
[ 1235.756942][T15589] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1235.756968][T15589] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1235.960735][ T4538] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1235.960759][ T4538] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1237.325617][   T37] audit: type=1326 audit(2000000097.412:1514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25476 comm="syz.5.19301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7fc00000
[ 1237.325683][   T37] audit: type=1326 audit(2000000097.412:1515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=25476 comm="syz.5.19301" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fc69546c819 code=0x7fc00000
[ 1240.392111][T25585] netlink: 'syz.0.19337': attribute type 1 has an invalid length.
[ 1240.599412][T25585] 8021q: adding VLAN 0 to HW filter on device bond5
[ 1240.708382][T25591] bond5: (slave gretap1): making interface the new active one
[ 1240.748184][T25591] bond5: (slave gretap1): Enslaving as an active interface with an up link
[ 1240.838628][T25610] vlan4: entered allmulticast mode
[ 1240.838645][T25610] bond5: entered allmulticast mode
[ 1240.838654][T25610] gretap1: entered allmulticast mode
[ 1240.839901][T25610] bond5: (slave vlan4): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[ 1246.024254][T25802] kvm: emulating exchange as write
[ 1247.616949][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[ 1247.617032][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[ 1248.808567][T25930] netlink: 'syz.5.19441': attribute type 10 has an invalid length.
[ 1248.814106][T25930] bond0: (slave wlan1): Enslaving as an active interface with an up link
[ 1250.556419][T26004] netlink: 1363 bytes leftover after parsing attributes in process `syz.5.19466'.
[ 1251.045561][T26000] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1251.450113][  T156] wlan1: Trigger new scan to find an IBSS to join
[ 1254.729605][T12059] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1254.893140][T12059] usb 9-1: Using ep0 maxpacket: 8
[ 1254.895704][T12059] usb 9-1: config index 0 descriptor too short (expected 74, got 45)
[ 1254.895735][T12059] usb 9-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 1254.895791][T12059] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[ 1254.895821][T12059] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1254.895846][T12059] usb 9-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1254.895891][T12059] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1254.895916][T12059] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1254.985274][T12059] usbtmc 9-1:16.0: bulk endpoints not found
[ 1255.804271][T15589] wlan1: Trigger new scan to find an IBSS to join
[ 1256.836703][T26202] orangefs_mount: mount request failed with -4
[ 1257.264586][T26190] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1258.365570][T26193] bond0: (slave team0): Releasing backup interface
[ 1258.504815][  T812] usb 9-1: USB disconnect, device number 2
[ 1258.533128][ T1275] wlan1: Creating new IBSS network, BSSID c6:b1:15:9a:22:af
[ 1258.898714][T26193] team0 (unregistering): Port device team_slave_1 removed
[ 1259.067506][T26193] team0 (unregistering): Port device geneve1 removed
[ 1259.136321][   T69] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1259.137501][   T69] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1259.137552][   T69] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1259.137592][   T69] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1261.178542][T26345] tipc: Failed to remove unknown binding: 66,0,0/0:1459196091/1459196093
[ 1261.178583][T26345] tipc: Failed to remove unknown binding: 66,0,0/0:1459196091/1459196092
[ 1261.182400][T26345] tipc: Failed to remove unknown binding: 66,0,0/0:1459196091/1459196093
[ 1261.182445][T26345] tipc: Failed to remove unknown binding: 66,0,0/0:1459196091/1459196092
[ 1262.245390][ T6085] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1262.405915][ T6085] usb 9-1: Using ep0 maxpacket: 16
[ 1262.408487][ T6085] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1262.408515][ T6085] usb 9-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[ 1262.411607][ T6085] usb 9-1: New USB device found, idVendor=0d8c, idProduct=0102, bcdDevice= 0.40
[ 1262.411638][ T6085] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1262.411659][ T6085] usb 9-1: Product: syz
[ 1262.411675][ T6085] usb 9-1: Manufacturer: syz
[ 1262.411690][ T6085] usb 9-1: SerialNumber: syz
[ 1263.192005][   T10] usb 9-1: USB disconnect, device number 3
[ 1264.369457][T26470] IPVS: length: 528 != 8
[ 1265.956707][T26509] netlink: 28 bytes leftover after parsing attributes in process `syz.0.19616'.
[ 1267.785651][T26567] netlink: 'syz.0.19639': attribute type 4 has an invalid length.
[ 1267.817569][T26567] netlink: 'syz.0.19639': attribute type 4 has an invalid length.
[ 1270.001792][T26605] overlayfs: failed to clone upperpath
[ 1270.333109][T26623] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[ 1270.527606][T26626] sch_tbf: burst 6281 is lower than device lo mtu (11337746) !
[ 1273.477767][ T6085] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1273.662714][ T6085] usb 9-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1273.662748][ T6085] usb 9-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[ 1273.662790][ T6085] usb 9-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1273.662816][ T6085] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1276.463581][ T6085] usb 9-1: USB disconnect, device number 4
[ 1282.724550][T26892] netlink: 68 bytes leftover after parsing attributes in process `syz.8.19745'.
[ 1282.751929][T26892] netlink: 'syz.8.19745': attribute type 10 has an invalid length.
[ 1282.751955][T26892] netlink: 228 bytes leftover after parsing attributes in process `syz.8.19745'.
[ 1284.031191][T26918] netlink: 4 bytes leftover after parsing attributes in process `syz.5.19752'.
[ 1284.098706][T26921] netlink: 4 bytes leftover after parsing attributes in process `syz.5.19752'.
[ 1285.742277][T26921] netlink: 4 bytes leftover after parsing attributes in process `syz.5.19752'.
[ 1285.743849][   T43] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1285.771540][   T43] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1285.773426][   T43] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1285.773506][   T43] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1294.569871][  T176] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1298.755669][T27222] vlan3: entered allmulticast mode
[ 1298.755686][T27222] bridge0: entered allmulticast mode
[ 1305.328102][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[ 1313.412287][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[ 1313.416538][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[ 1313.945186][T27516] overlayfs: failed to clone upperpath
[ 1313.967658][T27505] syzkaller0: entered promiscuous mode
[ 1313.967677][T27505] syzkaller0: entered allmulticast mode
[ 1320.486625][T27633] netlink: 'syz.5.19958': attribute type 3 has an invalid length.
[ 1320.502147][T27633] netlink: 'syz.5.19958': attribute type 3 has an invalid length.
[ 1321.845106][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[ 1321.866494][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[ 1321.877196][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[ 1321.887873][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[ 1321.898559][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[ 1321.909267][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[ 1321.919941][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[ 1321.930654][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[ 1324.460166][T27674] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1324.461737][T27674] syzkaller0: entered promiscuous mode
[ 1324.461764][T27674] syzkaller0: entered allmulticast mode
[ 1324.854382][T27686] tipc: Resetting bearer <eth:syzkaller0>
[ 1324.965961][T27673] tipc: Resetting bearer <eth:syzkaller0>
[ 1325.424634][T27673] tipc: Disabling bearer <eth:syzkaller0>
[ 1330.559193][   T12] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1331.056877][T27853] netlink: 'syz.5.20023': attribute type 1 has an invalid length.
[ 1331.530795][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[ 1332.708624][T27876] netlink: 312 bytes leftover after parsing attributes in process `syz.8.20030'.
[ 1344.703485][T28039] netlink: 4 bytes leftover after parsing attributes in process `syz.0.20087'.
[ 1346.798861][T28062] netlink: 'syz.0.20100': attribute type 1 has an invalid length.
[ 1348.556961][T28121] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1349.880059][T12059] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1353.030936][T12059] usb 9-1: Using ep0 maxpacket: 32
[ 1353.361155][T12059] usb 9-1: device descriptor read/all, error -71
[ 1359.994691][T28246] netlink: 8 bytes leftover after parsing attributes in process `syz.8.20160'.
[ 1365.555580][T28340] netlink: 8 bytes leftover after parsing attributes in process `syz.2.20194'.
[ 1366.133362][  T176] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1371.960208][T28462] program syz.0.20245 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1375.683962][T28514] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20262'.
[ 1375.954043][T28527] netlink: 24 bytes leftover after parsing attributes in process `syz.6.20265'.
[ 1379.081290][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[ 1379.081550][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[ 1391.493103][T28842] netlink: 4 bytes leftover after parsing attributes in process `syz.8.20323'.
[ 1391.493282][T28842] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1392.227496][T28842] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1396.885882][T28909] virt_wifi0 speed is unknown, defaulting to 1000
[ 1396.886017][T28909] virt_wifi0 speed is unknown, defaulting to 1000
[ 1396.887551][T28909] virt_wifi0 speed is unknown, defaulting to 1000
[ 1396.907427][T28909] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 1397.131617][T28909] virt_wifi0 speed is unknown, defaulting to 1000
[ 1397.135044][T28909] virt_wifi0 speed is unknown, defaulting to 1000
[ 1397.138500][T28909] virt_wifi0 speed is unknown, defaulting to 1000
[ 1397.192989][T28909] virt_wifi0 speed is unknown, defaulting to 1000
[ 1397.226297][T28909] virt_wifi0 speed is unknown, defaulting to 1000
[ 1397.255461][T28909] virt_wifi0 speed is unknown, defaulting to 1000
[ 1402.330940][ T9180] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1404.537072][T27721] Bluetooth: hci3: command 0x0406 tx timeout
[ 1404.785843][T29004] kAFS: unable to lookup cell ''
[ 1407.735832][ T5114] Bluetooth: hci3: SCO packet for unknown connection handle 200
[ 1417.109487][T29378] netlink: 4 bytes leftover after parsing attributes in process `syz.8.20556'.
[ 1418.566387][T29443] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 4294967290 out of range (51000000..2150000000)
[ 1418.829122][T29456] netlink: 6032 bytes leftover after parsing attributes in process `syz.8.20591'.
[ 1418.985326][   T37] audit: type=1326 audit(2000000267.346:1516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29463 comm="syz.8.20595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1418.985508][   T37] audit: type=1326 audit(2000000267.346:1517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29463 comm="syz.8.20595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1418.988275][   T37] audit: type=1326 audit(2000000267.346:1518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29463 comm="syz.8.20595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1418.988570][   T37] audit: type=1326 audit(2000000267.346:1519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29463 comm="syz.8.20595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1418.988694][   T37] audit: type=1326 audit(2000000267.346:1520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29463 comm="syz.8.20595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1418.988848][   T37] audit: type=1326 audit(2000000267.346:1521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29463 comm="syz.8.20595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1419.127215][   T37] audit: type=1326 audit(2000000267.477:1522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29463 comm="syz.8.20595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1419.127671][   T37] audit: type=1326 audit(2000000267.477:1523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29463 comm="syz.8.20595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1419.127821][   T37] audit: type=1326 audit(2000000267.477:1524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29463 comm="syz.8.20595" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1419.477003][   T37] audit: type=1326 audit(2000000267.805:1525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29472 comm="syz.8.20600" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fac10d1c819 code=0x0
[ 1420.041859][T29497] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20610'.
[ 1420.897053][T29542] netlink: 'syz.8.20634': attribute type 1 has an invalid length.
[ 1421.402091][T29568] netlink: 56 bytes leftover after parsing attributes in process `syz.5.20644'.
[ 1421.711792][T29585] netlink: 240 bytes leftover after parsing attributes in process `syz.8.20656'.
[ 1422.305080][T29616] netlink: 8 bytes leftover after parsing attributes in process `syz.5.20667'.
[ 1422.365319][T29620] netlink: 40 bytes leftover after parsing attributes in process `syz.0.20668'.
[ 1422.365363][T29620] netlink: 12 bytes leftover after parsing attributes in process `syz.0.20668'.
[ 1422.441929][T29624] netlink: 'syz.5.20671': attribute type 1 has an invalid length.
[ 1423.085495][T29652] netlink: 8 bytes leftover after parsing attributes in process `syz.8.20684'.
[ 1423.085521][T29652] netlink: 4 bytes leftover after parsing attributes in process `syz.8.20684'.
[ 1423.209717][T29657] netlink: 'syz.5.20686': attribute type 1 has an invalid length.
[ 1423.521265][T29674] netlink: 28 bytes leftover after parsing attributes in process `syz.0.20694'.
[ 1423.707094][T29685] openvswitch: netlink: Duplicate key (type 21).
[ 1425.137992][T29713] netlink: 4 bytes leftover after parsing attributes in process `syz.5.20713'.
[ 1425.178947][T29713] macvtap1: entered promiscuous mode
[ 1425.178974][T29713] team0: entered promiscuous mode
[ 1425.178988][T29713] team_slave_0: entered promiscuous mode
[ 1425.179235][T29713] team_slave_1: entered promiscuous mode
[ 1425.180487][T29713] macvtap1: entered allmulticast mode
[ 1425.211103][T29713] team0: entered allmulticast mode
[ 1425.211126][T29713] team_slave_0: entered allmulticast mode
[ 1425.211147][T29713] team_slave_1: entered allmulticast mode
[ 1425.211815][T29713] 8021q: adding VLAN 0 to HW filter on device macvtap1
[ 1425.236333][T29723] netlink: 28 bytes leftover after parsing attributes in process `syz.0.20718'.
[ 1425.323854][T29723] ip6tnl3: entered allmulticast mode
[ 1425.609959][ T5114] Bluetooth: hci3: unexpected event for opcode 0x1005
[ 1426.186604][T29778] netlink: 8 bytes leftover after parsing attributes in process `syz.5.20744'.
[ 1426.709936][   T37] kauditd_printk_skb: 5 callbacks suppressed
[ 1426.709959][   T37] audit: type=1326 audit(2000000274.577:1531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29800 comm="syz.5.20756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1426.713289][   T37] audit: type=1326 audit(2000000274.577:1532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29800 comm="syz.5.20756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1426.713348][   T37] audit: type=1326 audit(2000000274.577:1533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29800 comm="syz.5.20756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1426.713396][   T37] audit: type=1326 audit(2000000274.577:1534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29800 comm="syz.5.20756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1426.720331][   T37] audit: type=1326 audit(2000000274.586:1535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=29800 comm="syz.5.20756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1428.460980][T29861] netlink: 'syz.0.20783': attribute type 11 has an invalid length.
[ 1428.546748][T29867] netlink: 12 bytes leftover after parsing attributes in process `syz.0.20787'.
[ 1428.814370][T29885] netlink: 'syz.5.20793': attribute type 32 has an invalid length.
[ 1428.816120][T29885] netlink: 8 bytes leftover after parsing attributes in process `syz.5.20793'.
[ 1428.980363][T29885] bond2: Setting coupled_control to off (0)
[ 1429.203176][T29935] netlink: 4 bytes leftover after parsing attributes in process `syz.5.20802'.
[ 1429.263096][T29935] macvtap2: entered promiscuous mode
[ 1429.263125][T29935] dummy0: entered promiscuous mode
[ 1429.263397][T29935] macvtap2: entered allmulticast mode
[ 1429.263414][T29935] dummy0: entered allmulticast mode
[ 1429.464705][T29951] netlink: 8 bytes leftover after parsing attributes in process `syz.8.20809'.
[ 1429.477224][T29951] netlink: 8 bytes leftover after parsing attributes in process `syz.8.20809'.
[ 1429.477264][T29951] netlink: 48 bytes leftover after parsing attributes in process `syz.8.20809'.
[ 1431.641031][T30070] macvtap1: left promiscuous mode
[ 1431.641063][T30070] team0: left promiscuous mode
[ 1431.641077][T30070] team_slave_0: left promiscuous mode
[ 1431.641399][T30070] team_slave_1: left promiscuous mode
[ 1431.643923][T30070] macvtap2: left promiscuous mode
[ 1431.643948][T30070] dummy0: left promiscuous mode
[ 1431.906353][T30086] netlink: 4 bytes leftover after parsing attributes in process `syz.5.20876'.
[ 1431.975694][T30086] macvtap3: entered promiscuous mode
[ 1431.975714][T30086] dummy0: entered promiscuous mode
[ 1431.975879][T30086] macvtap3: entered allmulticast mode
[ 1432.704987][T30111] geneve2: entered promiscuous mode
[ 1432.739265][   T13] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[ 1432.740834][   T13] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[ 1432.740881][   T13] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[ 1432.740937][   T13] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[ 1433.491236][T30140] netlink: 12 bytes leftover after parsing attributes in process `syz.0.20899'.
[ 1433.750982][T30148] geneve2: entered promiscuous mode
[ 1433.751901][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1433.751994][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1433.752032][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1433.752069][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1435.205566][T30208] sctp: [Deprecated]: syz.0.20931 (pid 30208) Use of int in maxseg socket option.
[ 1435.205566][T30208] Use struct sctp_assoc_value instead
[ 1435.490068][T30220] netlink: 28 bytes leftover after parsing attributes in process `syz.8.20937'.
[ 1435.490102][T30220] netlink: 28 bytes leftover after parsing attributes in process `syz.8.20937'.
[ 1436.085382][T30246] netlink: 56 bytes leftover after parsing attributes in process `syz.8.20950'.
[ 1437.767508][T30341] netlink: 'syz.5.20996': attribute type 10 has an invalid length.
[ 1437.773798][T30341] veth1: entered allmulticast mode
[ 1437.777659][T30341] team0: Port device veth1 added
[ 1437.806504][  T176] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1438.843374][T30381] netlink: 288 bytes leftover after parsing attributes in process `syz.5.21016'.
[ 1438.843407][T30381] netlink: 12 bytes leftover after parsing attributes in process `syz.5.21016'.
[ 1438.843422][T30381] netlink: 16 bytes leftover after parsing attributes in process `syz.5.21016'.
[ 1439.286716][T30407] openvswitch: netlink: Unexpected mask (mask=4000040, allowed=10048)
[ 1440.790842][T30497] netlink: 36 bytes leftover after parsing attributes in process `syz.5.21073'.
[ 1441.106193][T30515] netlink: 'syz.0.21082': attribute type 3 has an invalid length.
[ 1442.180850][T30577] netlink: 28 bytes leftover after parsing attributes in process `syz.5.21113'.
[ 1442.473608][ T5114] Bluetooth: hci3: Ignoring connect complete event for invalid link type
[ 1442.640598][T30603] netlink: 4 bytes leftover after parsing attributes in process `syz.5.21126'.
[ 1442.844903][T30603] veth5: entered promiscuous mode
[ 1442.844933][T30603] veth5: entered allmulticast mode
[ 1442.989123][T30633] netlink: 12 bytes leftover after parsing attributes in process `syz.0.21130'.
[ 1443.774514][T30676] netlink: 44 bytes leftover after parsing attributes in process `syz.5.21154'.
[ 1443.774732][T30676] netlink: 'syz.5.21154': attribute type 3 has an invalid length.
[ 1444.203255][T30701] openvswitch: netlink: IP tunnel dst address not specified
[ 1444.657698][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[ 1444.657804][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[ 1445.317440][T30764] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1445.426558][T30767] netlink: 24 bytes leftover after parsing attributes in process `syz.8.21198'.
[ 1445.971678][T30801] tmpfs: Bad value for 'size'
[ 1446.202468][T30815] netlink: 20 bytes leftover after parsing attributes in process `syz.8.21221'.
[ 1446.997387][T30860] netdevsim netdevsim8 
5
@�: renamed from netdevsim0 (while UP)
[ 1447.783772][T30906] netlink: 36 bytes leftover after parsing attributes in process `syz.8.21265'.
[ 1448.306815][T30948] netlink: 180 bytes leftover after parsing attributes in process `syz.0.21280'.
[ 1451.436895][T31097] ieee802154 phy0 wpan0: encryption failed: -22
[ 1453.427477][T31198] netlink: 'syz.8.21396': attribute type 21 has an invalid length.
[ 1453.624033][T31210] openvswitch: netlink: IP tunnel dst address not specified
[ 1459.084484][T31383] netlink: 8 bytes leftover after parsing attributes in process `syz.8.21481'.
[ 1459.084513][T31383] netlink: 4 bytes leftover after parsing attributes in process `syz.8.21481'.
[ 1459.122002][T31386] netlink: 20 bytes leftover after parsing attributes in process `syz.5.21483'.
[ 1459.122041][T31386] netlink: 20 bytes leftover after parsing attributes in process `syz.5.21483'.
[ 1460.287031][T31422] cgroup: noprefix used incorrectly
[ 1460.465889][T31428] netlink: 8 bytes leftover after parsing attributes in process `syz.8.21500'.
[ 1460.657481][T31430] netlink: 12 bytes leftover after parsing attributes in process `syz.8.21503'.
[ 1462.906265][T31472] infiniband syz2: set down
[ 1462.922576][T31472] infiniband syz2: added ipvlan0
[ 1463.165353][T31472] RDS/IB: syz2: added
[ 1463.165456][T31472] smc: adding ib device syz2 with port count 1
[ 1463.165485][T31472] smc:    ib device syz2 port 1 has no pnetid
[ 1463.256025][T31534] netlink: 24 bytes leftover after parsing attributes in process `syz.8.21550'.
[ 1463.755389][T31559] netlink: 20 bytes leftover after parsing attributes in process `syz.0.21562'.
[ 1466.001174][T31664] netlink: 8 bytes leftover after parsing attributes in process `syz.8.21613'.
[ 1466.195321][T31672] netlink: 'syz.8.21616': attribute type 13 has an invalid length.
[ 1467.733101][T31741] netlink: 'syz.8.21649': attribute type 31 has an invalid length.
[ 1468.467862][T31771] netlink: 16 bytes leftover after parsing attributes in process `syz.8.21664'.
[ 1468.780830][T31789] netlink: 32 bytes leftover after parsing attributes in process `syz.5.21670'.
[ 1468.894140][T31795] netlink: 8 bytes leftover after parsing attributes in process `syz.8.21674'.
[ 1469.294354][T31819] lo: entered promiscuous mode
[ 1469.295489][T31819] tunl0: entered promiscuous mode
[ 1469.296371][T31819] gre0: entered promiscuous mode
[ 1469.297249][T31819] gretap0: entered promiscuous mode
[ 1469.298356][T31819] erspan0: entered promiscuous mode
[ 1469.299197][T31819] ip_vti0: entered promiscuous mode
[ 1469.300078][T31819] ip6_vti0: entered promiscuous mode
[ 1469.343082][T31819] sit0: entered promiscuous mode
[ 1469.347393][T31820] netlink: 24 bytes leftover after parsing attributes in process `syz.5.21686'.
[ 1469.359696][T31819] ip6tnl0: entered promiscuous mode
[ 1469.360696][T31819] ip6gre0: entered promiscuous mode
[ 1469.361697][T31819] ip6gretap0: entered promiscuous mode
[ 1469.362721][T31819] bridge0: entered promiscuous mode
[ 1469.363742][T31819] vcan0: entered promiscuous mode
[ 1469.401063][T31819] bond0: entered promiscuous mode
[ 1469.401148][T31819] bond_slave_0: entered promiscuous mode
[ 1469.401433][T31819] bond_slave_1: entered promiscuous mode
[ 1469.403397][T31819] team0: entered promiscuous mode
[ 1469.403416][T31819] team_slave_0: entered promiscuous mode
[ 1469.403894][T31819] team_slave_1: entered promiscuous mode
[ 1469.405677][T31819] dummy0: entered promiscuous mode
[ 1469.406618][T31819] nlmon0: entered promiscuous mode
[ 1469.454392][T31819] caif0: entered promiscuous mode
[ 1469.454612][T31819] batadv0: entered promiscuous mode
[ 1469.456224][T31819] vxcan0: entered promiscuous mode
[ 1469.457360][T31819] vxcan1: entered promiscuous mode
[ 1469.458584][T31819] veth0: entered promiscuous mode
[ 1469.459787][T31819] veth1: entered promiscuous mode
[ 1469.460822][T31819] wg0: entered promiscuous mode
[ 1469.500451][T31819] wg1: entered promiscuous mode
[ 1469.501807][T31819] wg2: entered promiscuous mode
[ 1469.502721][T31819] veth0_to_bridge: entered promiscuous mode
[ 1469.521212][T31819] veth1_to_bridge: entered promiscuous mode
[ 1469.524033][T31819] veth0_to_bond: entered promiscuous mode
[ 1469.541811][T31819] veth1_to_bond: entered promiscuous mode
[ 1469.549772][T31819] veth0_to_team: entered promiscuous mode
[ 1469.551630][T31819] veth1_to_team: entered promiscuous mode
[ 1469.553468][T31819] veth1_to_batadv: entered promiscuous mode
[ 1469.555322][T31819] batadv_slave_1: entered promiscuous mode
[ 1469.556141][T31819] xfrm0: entered promiscuous mode
[ 1469.556938][T31819] veth0_to_hsr: entered promiscuous mode
[ 1469.589084][T31819] veth1_to_hsr: entered promiscuous mode
[ 1469.604522][T31819] hsr0: entered promiscuous mode
[ 1469.605257][T31819] veth1_virt_wifi: entered promiscuous mode
[ 1469.605826][T31819] veth0_virt_wifi: entered promiscuous mode
[ 1469.606438][T31819] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[ 1469.607989][T31819] vlan0: entered promiscuous mode
[ 1469.609380][T31819] vlan1: entered promiscuous mode
[ 1469.610154][T31819] macvlan0: entered promiscuous mode
[ 1469.645659][T31819] macvlan1: entered promiscuous mode
[ 1469.646870][T31819] ipvlan0: entered promiscuous mode
[ 1469.647066][T31819] ipvlan1: entered promiscuous mode
[ 1469.649008][T31819] macvtap0: entered promiscuous mode
[ 1469.650093][T31819] macsec0: entered promiscuous mode
[ 1469.656350][T31819] geneve0: entered promiscuous mode
[ 1469.659270][T31819] geneve1: entered promiscuous mode
[ 1469.663161][T31819] netdevsim netdevsim8 
5
@�: entered promiscuous mode
[ 1469.684396][T31819] netdevsim netdevsim8 netdevsim1: entered promiscuous mode
[ 1469.691620][T31819] netdevsim netdevsim8 netdevsim2: entered promiscuous mode
[ 1469.694315][T31819] netdevsim netdevsim8 netdevsim3: entered promiscuous mode
[ 1469.705114][T31819] mac80211_hwsim hwsim29 wlan0: entered promiscuous mode
[ 1469.711123][T31819] mac80211_hwsim hwsim30 wlan1: entered promiscuous mode
[ 1469.713212][T31819] gre1: entered promiscuous mode
[ 1469.720451][T31819] macvlan2: entered promiscuous mode
[ 1469.727352][T31819] erspan1: entered promiscuous mode
[ 1469.727519][T31819] ip6erspan0: entered promiscuous mode
[ 1469.736373][T31819] geneve2: entered promiscuous mode
[ 1469.836258][T31820] bridge1: trying to set multicast startup query interval above maximum, setting to 8640000 (86400000ms)
[ 1469.836659][T31822] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 1470.914443][T31891] x_tables: ip_tables: socket.0 match: invalid size 0 (kernel) != (user) 8
[ 1471.314001][T31914] netlink: 20 bytes leftover after parsing attributes in process `syz.8.21731'.
[ 1472.017525][  T176] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1472.369922][T31974] macsec0: left promiscuous mode
[ 1472.369949][T31974] macsec0: entered allmulticast mode
[ 1472.405693][T31974] veth1_macvtap: entered allmulticast mode
[ 1472.405921][T31974] macsec0: left allmulticast mode
[ 1472.405935][T31974] veth1_macvtap: left allmulticast mode
[ 1473.925996][T32033] hsr0: Caught tx_queue_len zero misconfig
[ 1475.592787][T32092] 9p: Unknown access argument �: -22
[ 1477.907007][   T37] audit: type=1326 audit(2000000322.451:1536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32197 comm="syz.8.21867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1477.907070][   T37] audit: type=1326 audit(2000000322.460:1537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32197 comm="syz.8.21867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1477.907929][   T37] audit: type=1326 audit(2000000322.460:1538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32197 comm="syz.8.21867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1477.907993][   T37] audit: type=1326 audit(2000000322.460:1539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32197 comm="syz.8.21867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=82 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1477.908310][   T37] audit: type=1326 audit(2000000322.460:1540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32197 comm="syz.8.21867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1477.914226][   T37] audit: type=1326 audit(2000000322.460:1541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32197 comm="syz.8.21867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1477.914282][   T37] audit: type=1326 audit(2000000322.460:1542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32197 comm="syz.8.21867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1477.917070][   T37] audit: type=1326 audit(2000000322.460:1543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32197 comm="syz.8.21867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1477.917127][   T37] audit: type=1326 audit(2000000322.460:1544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32197 comm="syz.8.21867" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1479.480970][T32256] netlink: 'syz.5.21895': attribute type 14 has an invalid length.
[ 1479.482526][T32256] netlink: 'syz.5.21895': attribute type 14 has an invalid length.
[ 1479.942513][T32283] netlink: 60 bytes leftover after parsing attributes in process `syz.0.21906'.
[ 1479.944628][T32283] netlink: 60 bytes leftover after parsing attributes in process `syz.0.21906'.
[ 1480.606126][   T37] audit: type=1326 audit(2000000324.986:1545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32319 comm="syz.5.21924" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1482.377982][T32405] netlink: 100 bytes leftover after parsing attributes in process `syz.8.21964'.
[ 1482.967055][T32423] macvtap1: entered promiscuous mode
[ 1482.967324][T32423] macvtap1: entered allmulticast mode
[ 1482.967341][T32423] veth1_vlan: entered allmulticast mode
[ 1484.388517][T32495] netlink: 28 bytes leftover after parsing attributes in process `syz.5.22008'.
[ 1484.778441][T32518] netlink: 804 bytes leftover after parsing attributes in process `syz.5.22019'.
[ 1486.655004][T32617] veth1_virt_wifi: Caught tx_queue_len zero misconfig
[ 1490.019257][T32747] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1490.734213][  T326] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[ 1490.734213][  T326] The task syz.5.22150 (326) triggered the difference, watch for misbehavior.
[ 1492.689508][   T37] kauditd_printk_skb: 13 callbacks suppressed
[ 1492.689532][   T37] audit: type=1326 audit(2000000336.285:1559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=437 comm="syz.5.22205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1492.691857][   T37] audit: type=1326 audit(2000000336.285:1560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=437 comm="syz.5.22205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1492.703304][   T37] audit: type=1326 audit(2000000336.304:1561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=437 comm="syz.5.22205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc69542d04e code=0x7ffc0000
[ 1492.703364][   T37] audit: type=1326 audit(2000000336.304:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=437 comm="syz.5.22205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc69542d04e code=0x7ffc0000
[ 1492.704187][   T37] audit: type=1326 audit(2000000336.304:1563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=437 comm="syz.5.22205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1492.704238][   T37] audit: type=1326 audit(2000000336.304:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=437 comm="syz.5.22205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1492.711052][   T37] audit: type=1326 audit(2000000336.304:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=437 comm="syz.5.22205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1492.711188][   T37] audit: type=1326 audit(2000000336.304:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=437 comm="syz.5.22205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1492.711342][   T37] audit: type=1326 audit(2000000336.304:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=437 comm="syz.5.22205" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1492.870328][  T446] netlink: 12 bytes leftover after parsing attributes in process `syz.5.22209'.
[ 1493.997697][  T512] netlink: 16 bytes leftover after parsing attributes in process `syz.8.22242'.
[ 1493.998221][  T512] 8021q: VLANs not supported on lo
[ 1494.327923][  T528] vlan2: entered promiscuous mode
[ 1494.836807][  T557] : entered promiscuous mode
[ 1495.201896][   T37] audit: type=1326 audit(2000000338.633:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=585 comm="syz.5.22274" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1495.726192][  T614] netlink: 'syz.5.22288': attribute type 1 has an invalid length.
[ 1496.074134][  T632] bridge_slave_0: default FDB implementation only supports local addresses
[ 1496.704295][  T671] CUSE: DEVNAME unspecified
[ 1498.548556][  T707] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1500.874981][  T831] ipvlan2: entered allmulticast mode
[ 1500.875008][  T831] syz_tun: entered allmulticast mode
[ 1504.169773][ T1057] tipc: Started in network mode
[ 1504.169807][ T1057] tipc: Node identity aaaaaaaaaa2a, cluster identity 4711
[ 1504.170148][ T1057] tipc: Enabled bearer <eth:batadv0>, priority 10
[ 1504.871017][ T1112] xt_bpf: check failed: parse error
[ 1505.360254][ T6385] tipc: Node number set to 8432298
[ 1505.577688][ T1152] netlink: 24 bytes leftover after parsing attributes in process `syz.0.22520'.
[ 1506.228240][  T156] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1507.615436][ T1282] macvlan3: entered promiscuous mode
[ 1507.910766][ T1297] netlink: 8 bytes leftover after parsing attributes in process `syz.5.22582'.
[ 1507.976517][ T1301] netlink: 4 bytes leftover after parsing attributes in process `syz.0.22583'.
[ 1508.124179][ T1308] netlink: 2 bytes leftover after parsing attributes in process `syz.5.22584'.
[ 1508.969073][ T1360] netlink: 44 bytes leftover after parsing attributes in process `syz.5.22608'.
[ 1508.969105][ T1360] netlink: 43 bytes leftover after parsing attributes in process `syz.5.22608'.
[ 1508.969122][ T1360] netlink: 'syz.5.22608': attribute type 5 has an invalid length.
[ 1508.969137][ T1360] netlink: 43 bytes leftover after parsing attributes in process `syz.5.22608'.
[ 1509.029675][ T1364] netlink: 'syz.5.22611': attribute type 1 has an invalid length.
[ 1509.029702][ T1364] netlink: 96 bytes leftover after parsing attributes in process `syz.5.22611'.
[ 1509.029721][ T1364] netlink: 1 bytes leftover after parsing attributes in process `syz.5.22611'.
[ 1510.348296][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[ 1510.348344][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[ 1510.943390][ T1451] sctp: [Deprecated]: syz.8.22650 (pid 1451) Use of int in max_burst socket option.
[ 1510.943390][ T1451] Use struct sctp_assoc_value instead
[ 1512.815924][ T1554] netlink: 24 bytes leftover after parsing attributes in process `syz.0.22700'.
[ 1512.946913][ T1559] tipc: Enabled bearer <eth:ipvlan1>, priority 10
[ 1513.001488][ T1562] IPVS: Unknown mcast interface: vc
[ 1513.443248][ T1589] netlink: 24 bytes leftover after parsing attributes in process `syz.0.22715'.
[ 1514.153904][ T1626] netlink: 8 bytes leftover after parsing attributes in process `syz.8.22737'.
[ 1517.691654][ T1813] vlan2: entered allmulticast mode
[ 1517.691688][ T1813] veth0_to_bond: entered allmulticast mode
[ 1518.070462][ T1766] virt_wifi0 speed is unknown, defaulting to 1000
[ 1518.269509][ T1839] netlink: 28 bytes leftover after parsing attributes in process `syz.0.22833'.
[ 1519.305726][ T1877] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1519.308203][ T1877] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1521.413328][ T1994] netlink: 8 bytes leftover after parsing attributes in process `syz.8.22887'.
[ 1522.318960][ T2022] netlink: 44 bytes leftover after parsing attributes in process `syz.8.22900'.
[ 1522.323701][ T2022] L�+߬��: renamed from bridge_slave_0 (while UP)
[ 1522.668014][   T37] kauditd_printk_skb: 7 callbacks suppressed
[ 1522.668036][   T37] audit: type=1326 audit(2000000364.319:1576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2030 comm="syz.8.22903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fac10cbdb99 code=0x7ffc0000
[ 1522.670834][   T37] audit: type=1326 audit(2000000364.338:1577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2030 comm="syz.8.22903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1522.671116][   T37] audit: type=1326 audit(2000000364.338:1578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2030 comm="syz.8.22903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1522.719744][   T37] audit: type=1326 audit(2000000364.375:1579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2030 comm="syz.8.22903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fac10cbdb99 code=0x7ffc0000
[ 1522.720889][   T37] audit: type=1326 audit(2000000364.375:1580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2030 comm="syz.8.22903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fac10cbdb99 code=0x7ffc0000
[ 1522.721230][   T37] audit: type=1326 audit(2000000364.375:1581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2030 comm="syz.8.22903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fac10cbdb99 code=0x7ffc0000
[ 1522.729773][   T37] audit: type=1326 audit(2000000364.375:1582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2030 comm="syz.8.22903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fac10cbdb99 code=0x7ffc0000
[ 1522.730579][   T37] audit: type=1326 audit(2000000364.385:1583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2030 comm="syz.8.22903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fac10cbdb99 code=0x7ffc0000
[ 1522.730964][   T37] audit: type=1326 audit(2000000364.385:1584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2030 comm="syz.8.22903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fac10cbdb99 code=0x7ffc0000
[ 1522.731345][   T37] audit: type=1326 audit(2000000364.385:1585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2030 comm="syz.8.22903" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fac10cbdb99 code=0x7ffc0000
[ 1526.943038][ T2254] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[ 1527.263283][ T2274] netlink: 16 bytes leftover after parsing attributes in process `syz.5.23014'.
[ 1527.263314][ T2274] netlink: 16 bytes leftover after parsing attributes in process `syz.5.23014'.
[ 1527.898577][ T2306] 9p: Invalid uid '0x00000000ffffffff'
[ 1528.064494][ T2316] overlayfs: conflicting options: userxattr,redirect_dir=on
[ 1528.715665][ T2353] netlink: 27 bytes leftover after parsing attributes in process `syz.8.23053'.
[ 1529.624392][ T2412] cgroup: none used incorrectly
[ 1531.484361][ T2534] netlink: 'syz.8.23118': attribute type 12 has an invalid length.
[ 1531.484390][ T2534] netlink: 24 bytes leftover after parsing attributes in process `syz.8.23118'.
[ 1532.293070][ T2592] netlink: 44 bytes leftover after parsing attributes in process `syz.8.23141'.
[ 1532.293101][ T2592] netlink: 44 bytes leftover after parsing attributes in process `syz.8.23141'.
[ 1532.915659][T27721] Bluetooth: hci4: command 0x1003 tx timeout
[ 1532.916040][ T5114] Bluetooth: hci4: Opcode 0x1003 failed: -110
[ 1533.667962][ T2682] netlink: 36 bytes leftover after parsing attributes in process `syz.0.23174'.
[ 1533.714194][ T2682] netlink: 36 bytes leftover after parsing attributes in process `syz.0.23174'.
[ 1536.032292][ T2821] overlayfs: failed to clone upperpath
[ 1536.472896][ T2854] overlayfs: failed to clone lowerpath
[ 1536.556516][ T2860] netlink: 16186 bytes leftover after parsing attributes in process `syz.8.23244'.
[ 1540.446900][ T9180] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1543.125521][ T3178] dummy0: entered allmulticast mode
[ 1543.127293][ T3177] dummy0: left allmulticast mode
[ 1543.681815][ T3202] macvlan0: left promiscuous mode
[ 1543.700849][ T3202] netlink: 'syz.8.23377': attribute type 1 has an invalid length.
[ 1543.700875][ T3202] netlink: 'syz.8.23377': attribute type 2 has an invalid length.
[ 1543.818943][ T3215] 9p: Bad value for 'rfdno'
[ 1544.468178][ T3255] netlink: 12 bytes leftover after parsing attributes in process `syz.8.23400'.
[ 1545.128766][ T3293] netlink: 24 bytes leftover after parsing attributes in process `syz.8.23419'.
[ 1545.656950][ T3319] loop7: detected capacity change from 0 to 7
[ 1545.757269][ T3319] Dev loop7: unable to read RDB block 7
[ 1545.757321][ T3319]  loop7: unable to read partition table
[ 1545.757573][ T3319] loop7: partition table beyond EOD, truncated
[ 1545.757619][ T3319] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1546.032409][ T3338] netlink: 8 bytes leftover after parsing attributes in process `syz.8.23437'.
[ 1547.982352][ T3414] /dev/nullb0: Can't lookup blockdev
[ 1547.986057][ T3412] netlink: 8 bytes leftover after parsing attributes in process `syz.5.23471'.
[ 1548.023893][T27721] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1548.061837][T27721] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1548.068391][T27721] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1548.076044][ T3412] macvlan3: entered allmulticast mode
[ 1548.076067][ T3412] hsr0: entered allmulticast mode
[ 1548.076080][ T3412] hsr_slave_0: entered allmulticast mode
[ 1548.076097][ T3412] hsr_slave_1: entered allmulticast mode
[ 1548.096291][T27721] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1548.097018][T27721] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1548.401931][ T3448] netlink: 8 bytes leftover after parsing attributes in process `syz.5.23478'.
[ 1549.237464][ T3415] virt_wifi0 speed is unknown, defaulting to 1000
[ 1549.285513][ T3489] netlink: 774 bytes leftover after parsing attributes in process `syz.8.23499'.
[ 1550.357058][T27721] Bluetooth: hci0: command tx timeout
[ 1550.976453][ T3415] chnl_net:caif_netlink_parms(): no params data found
[ 1551.722535][ T3415] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1551.737956][ T3415] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1551.738170][ T3415] bridge_slave_0: entered allmulticast mode
[ 1551.739999][ T3415] bridge_slave_0: entered promiscuous mode
[ 1551.742493][ T3415] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1551.742573][ T3415] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1551.742705][ T3415] bridge_slave_1: entered allmulticast mode
[ 1551.744528][ T3415] bridge_slave_1: entered promiscuous mode
[ 1551.891636][ T3415] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1551.894400][ T3415] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1552.055412][ T3415] team0: Port device team_slave_0 added
[ 1552.075038][ T3415] team0: Port device team_slave_1 added
[ 1552.151899][ T3415] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1552.151920][ T3415] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1552.151950][ T3415] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1552.166547][ T3415] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1552.166565][ T3415] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1552.166590][ T3415] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1552.492700][ T3415] hsr_slave_0: entered promiscuous mode
[ 1552.494264][ T3415] hsr_slave_1: entered promiscuous mode
[ 1552.496177][ T3415] debugfs: 'hsr0' already exists in 'hsr'
[ 1552.496202][ T3415] Cannot create hsr debugfs directory
[ 1552.580685][T27721] Bluetooth: hci0: command tx timeout
[ 1553.785432][ T3415] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1554.300349][ T3415] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1554.556520][ T3952] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1554.564913][  T811] IPVS: starting estimator thread 0...
[ 1554.627567][ T3415] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1554.669356][ T3956] IPVS: using max 8 ests per chain, 19200 per kthread
[ 1554.804590][T27721] Bluetooth: hci0: command tx timeout
[ 1555.307203][ T3415] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1556.338075][ T3415] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1556.422025][ T3415] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1556.469951][ T3415] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1556.532357][ T3415] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1557.028228][T27721] Bluetooth: hci0: command tx timeout
[ 1557.132748][ T3415] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1557.278242][ T3415] 8021q: adding VLAN 0 to HW filter on device team0
[ 1557.313756][ T9180] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1557.314055][ T9180] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1557.384957][  T156] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1557.385112][  T156] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1558.219597][ T4127] syz.5.23669 (4127) used greatest stack depth: 17184 bytes left
[ 1558.426034][ T3415] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1558.656838][ T3415] veth0_vlan: entered promiscuous mode
[ 1558.729984][ T3415] veth1_vlan: entered promiscuous mode
[ 1558.942033][ T3415] veth0_macvtap: entered promiscuous mode
[ 1559.007824][ T3415] veth1_macvtap: entered promiscuous mode
[ 1559.108836][ T3415] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1559.151166][ T3415] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1559.242239][T22996] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1559.242501][T22996] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1559.242990][T22996] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1559.243549][T22996] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1560.007303][T22996] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1560.007329][T22996] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1560.189006][T22996] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1560.189032][T22996] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1560.560417][ T4233] netlink: 12 bytes leftover after parsing attributes in process `syz.0.23457'.
[ 1561.050185][ T4255] syzkaller1: entered promiscuous mode
[ 1561.050205][ T4255] syzkaller1: entered allmulticast mode
[ 1567.391382][ T6085] kernel read not supported for file [fscontext] (pid: 6085 comm: kworker/1:3)
[ 1568.428022][ T4558] virt_wifi0 speed is unknown, defaulting to 1000
[ 1571.151383][   T37] kauditd_printk_skb: 131 callbacks suppressed
[ 1571.151406][   T37] audit: type=1326 audit(2000000409.686:1717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4723 comm="syz.8.23915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1571.151463][   T37] audit: type=1326 audit(2000000409.686:1718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4723 comm="syz.8.23915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1571.160945][   T37] audit: type=1326 audit(2000000409.686:1719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4723 comm="syz.8.23915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1571.161007][   T37] audit: type=1326 audit(2000000409.686:1720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4723 comm="syz.8.23915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1571.161056][   T37] audit: type=1326 audit(2000000409.686:1721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4723 comm="syz.8.23915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1571.161104][   T37] audit: type=1326 audit(2000000409.686:1722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4723 comm="syz.8.23915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1571.161152][   T37] audit: type=1326 audit(2000000409.686:1723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4723 comm="syz.8.23915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1571.161198][   T37] audit: type=1326 audit(2000000409.686:1724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4723 comm="syz.8.23915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1571.161241][   T37] audit: type=1326 audit(2000000409.686:1725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4723 comm="syz.8.23915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1571.161284][   T37] audit: type=1326 audit(2000000409.686:1726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4723 comm="syz.8.23915" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac10d1c819 code=0x7ffc0000
[ 1574.056955][ T4845] netlink: 16 bytes leftover after parsing attributes in process `syz.8.23972'.
[ 1574.056990][ T4845] netlink: 48 bytes leftover after parsing attributes in process `syz.8.23972'.
[ 1574.360301][ T4861] netlink: 'syz.8.23977': attribute type 2 has an invalid length.
[ 1574.360329][ T4861] netlink: 15 bytes leftover after parsing attributes in process `syz.8.23977'.
[ 1574.650418][ T6296] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1574.972105][ T4893] netlink: 24 bytes leftover after parsing attributes in process `syz.8.23992'.
[ 1576.020100][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[ 1576.020198][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[ 1576.540554][T26600] IPVS: starting estimator thread 0...
[ 1576.634787][ T4966] IPVS: using max 9 ests per chain, 21600 per kthread
[ 1579.171944][ T5090] netlink: 24 bytes leftover after parsing attributes in process `syz.8.24084'.
[ 1579.555816][ T5103] netlink: 'syz.8.24092': attribute type 10 has an invalid length.
[ 1579.681695][ T5103] netdevsim netdevsim8 
5
@�: left promiscuous mode
[ 1579.767917][ T5103] netdevsim netdevsim8 
5
@�: entered promiscuous mode
[ 1579.801416][ T5103] bond0: (slave 
5
@�): Enslaving as an active interface with an up link
[ 1579.987066][ T5124] netlink: 24 bytes leftover after parsing attributes in process `syz.8.24097'.
[ 1580.063743][ T5124] netlink: 24 bytes leftover after parsing attributes in process `syz.8.24097'.
[ 1585.480655][ T5369] netlink: 8 bytes leftover after parsing attributes in process `syz.5.24208'.
[ 1585.542252][ T5369] netlink: 8 bytes leftover after parsing attributes in process `syz.5.24208'.
[ 1586.801729][ T5438] veth1_to_bond: entered allmulticast mode
[ 1586.810364][ T5436] veth1_to_bond: left allmulticast mode
[ 1588.391315][ T5473] netlink: 48 bytes leftover after parsing attributes in process `syz.5.24253'.
[ 1589.936886][ T5608] netlink: 'syz.5.24311': attribute type 1 has an invalid length.
[ 1589.936944][ T5608] netlink: 188 bytes leftover after parsing attributes in process `syz.5.24311'.
[ 1593.163164][ T5747] loop2: detected capacity change from 0 to 7
[ 1593.187538][ T5747] Dev loop2: unable to read RDB block 7
[ 1593.187591][ T5747]  loop2: unable to read partition table
[ 1593.187858][ T5747] loop2: partition table beyond EOD, truncated
[ 1593.192260][ T5747] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[ 1594.129895][ T5790] netlink: 165 bytes leftover after parsing attributes in process `syz.5.24391'.
[ 1594.195697][ T5795] netlink: 8 bytes leftover after parsing attributes in process `syz.8.24395'.
[ 1595.325774][   T37] kauditd_printk_skb: 14 callbacks suppressed
[ 1595.325797][   T37] audit: type=1326 audit(2000000432.295:1741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5851 comm="syz.0.24416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1595.326372][   T37] audit: type=1326 audit(2000000432.295:1742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5851 comm="syz.0.24416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1595.326664][   T37] audit: type=1326 audit(2000000432.295:1743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5851 comm="syz.0.24416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1595.326940][   T37] audit: type=1326 audit(2000000432.295:1744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5851 comm="syz.0.24416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1595.329270][   T37] audit: type=1326 audit(2000000432.295:1745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5851 comm="syz.0.24416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1595.332985][   T37] audit: type=1326 audit(2000000432.295:1746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5851 comm="syz.0.24416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1595.333043][   T37] audit: type=1326 audit(2000000432.295:1747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5851 comm="syz.0.24416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1595.333312][   T37] audit: type=1326 audit(2000000432.304:1748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5851 comm="syz.0.24416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1595.333911][   T37] audit: type=1326 audit(2000000432.304:1749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5851 comm="syz.0.24416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1595.374275][   T37] audit: type=1326 audit(2000000432.332:1750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5851 comm="syz.0.24416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1595.673216][ T5865] netlink: 8 bytes leftover after parsing attributes in process `syz.0.24422'.
[ 1600.782171][ T6094] kernel read not supported for file /zero (pid: 6094 comm: syz.0.24513)
[ 1601.362960][ T6146] netlink: 'syz.5.24528': attribute type 10 has an invalid length.
[ 1601.363023][ T6146] syz_tun: entered promiscuous mode
[ 1601.367836][ T6146] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[ 1604.343374][ T6304] tipc: Failed to remove unknown binding: 66,1,1/8432298:1497988381/1497988382
[ 1606.999184][ T6427] loop2: detected capacity change from 0 to 7
[ 1607.030511][ T6427] Dev loop2: unable to read RDB block 7
[ 1607.030551][ T6427]  loop2: AHDI p1 p2 p3
[ 1607.030583][ T6427] loop2: partition table partially beyond EOD, truncated
[ 1607.030936][ T6427] loop2: p1 start 1818582900 is beyond EOD, truncated
[ 1607.030958][ T6427] loop2: p3 start 335544320 is beyond EOD, truncated
[ 1608.111923][ T6481] netlink: 12 bytes leftover after parsing attributes in process `syz.0.24653'.
[ 1608.117696][ T6481] netlink: 12 bytes leftover after parsing attributes in process `syz.0.24653'.
[ 1608.858274][ T6296] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1613.356393][ T6703] netlink: 4 bytes leftover after parsing attributes in process `syz.0.24736'.
[ 1613.357640][ T6703] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1613.535854][ T6703] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1613.950872][ T6733] overlayfs: failed to clone upperpath
[ 1615.245381][   T37] kauditd_printk_skb: 3 callbacks suppressed
[ 1615.245402][   T37] audit: type=1326 audit(2000000450.928:1754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6799 comm="syz.0.24769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1615.257550][   T37] audit: type=1326 audit(2000000450.928:1755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6799 comm="syz.0.24769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1615.257613][   T37] audit: type=1326 audit(2000000450.928:1756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6799 comm="syz.0.24769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1615.258050][   T37] audit: type=1326 audit(2000000450.937:1757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6799 comm="syz.0.24769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1615.258096][   T37] audit: type=1326 audit(2000000450.937:1758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6799 comm="syz.0.24769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1615.258362][   T37] audit: type=1326 audit(2000000450.937:1759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6799 comm="syz.0.24769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1615.258614][   T37] audit: type=1326 audit(2000000450.937:1760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6799 comm="syz.0.24769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1615.259191][   T37] audit: type=1326 audit(2000000450.937:1761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6799 comm="syz.0.24769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1615.259465][   T37] audit: type=1326 audit(2000000450.937:1762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6799 comm="syz.0.24769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1615.261099][   T37] audit: type=1326 audit(2000000450.946:1763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6799 comm="syz.0.24769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1618.722803][ T6967] netlink: 12 bytes leftover after parsing attributes in process `syz.5.24835'.
[ 1622.743867][ T7067] netlink: 20 bytes leftover after parsing attributes in process `syz.8.24874'.
[ 1622.743901][ T7067] netlink: 4 bytes leftover after parsing attributes in process `syz.8.24874'.
[ 1628.278322][ T7292] netlink: 4 bytes leftover after parsing attributes in process `syz.8.24963'.
[ 1629.445640][   T37] kauditd_printk_skb: 20 callbacks suppressed
[ 1629.445663][   T37] audit: type=1326 audit(2000000464.201:1784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7355 comm="syz.0.24988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1629.447078][   T37] audit: type=1326 audit(2000000464.210:1786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7355 comm="syz.0.24988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1629.447127][   T37] audit: type=1326 audit(2000000464.201:1785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7355 comm="syz.0.24988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1629.454439][   T37] audit: type=1326 audit(2000000464.210:1787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7355 comm="syz.0.24988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1629.508382][   T37] audit: type=1326 audit(2000000464.267:1788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7355 comm="syz.0.24988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f404d46c819 code=0x7ffc0000
[ 1629.508806][   T37] audit: type=1326 audit(2000000464.267:1789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7355 comm="syz.0.24988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f404d46c582 code=0x7ffc0000
[ 1629.509330][   T37] audit: type=1326 audit(2000000464.267:1790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7355 comm="syz.0.24988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f404d46c617 code=0x7ffc0000
[ 1629.511032][   T37] audit: type=1326 audit(2000000464.267:1791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7355 comm="syz.0.24988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f404d429511 code=0x7ffc0000
[ 1629.512282][   T37] audit: type=1326 audit(2000000464.276:1792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7355 comm="syz.0.24988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f404d46d609 code=0x7ffc0000
[ 1629.513115][   T37] audit: type=1326 audit(2000000464.276:1793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7355 comm="syz.0.24988" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f404d42957b code=0x7ffc0000
[ 1637.835646][ T7624] netlink: 24 bytes leftover after parsing attributes in process `syz.5.25090'.
[ 1638.332724][ T7660] netlink: 12 bytes leftover after parsing attributes in process `syz.8.25099'.
[ 1638.411516][ T7665] netlink: 'syz.8.25099': attribute type 1 has an invalid length.
[ 1638.583687][ T7660] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1638.622456][ T7665] vxlan0: entered promiscuous mode
[ 1638.634948][ T7665] bond2: (slave vxlan0): Enslaving as an active interface with an up link
[ 1638.635058][   T43] netdevsim netdevsim8 
5
@�: set [0, 0] type 1 family 0 port 8472 - 0
[ 1638.668635][ T1275] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1638.672164][ T1275] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1638.674646][  T156] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1639.015972][ T7725] overlayfs: failed to clone upperpath
[ 1639.523320][ T7755] overlayfs: failed to clone upperpath
[ 1640.575210][   T37] kauditd_printk_skb: 279 callbacks suppressed
[ 1640.575235][   T37] audit: type=1804 audit(2000000474.575:2073): pid=7809 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz.8.25146" name="file0" dev="tmpfs" ino=4231 res=1 errno=0
[ 1641.708598][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[ 1641.708679][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[ 1642.048852][ T7884] netlink: 156 bytes leftover after parsing attributes in process `syz.5.25176'.
[ 1642.109717][ T7891] netlink: 156 bytes leftover after parsing attributes in process `syz.5.25176'.
[ 1642.154699][ T7884] netlink: 12 bytes leftover after parsing attributes in process `syz.5.25176'.
[ 1642.658336][   T37] audit: type=1326 audit(2000000476.567:2074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7916 comm="syz.5.25191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1642.658396][   T37] audit: type=1326 audit(2000000476.567:2075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7916 comm="syz.5.25191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1642.659334][   T37] audit: type=1326 audit(2000000476.567:2076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7916 comm="syz.5.25191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1642.659388][   T37] audit: type=1326 audit(2000000476.567:2077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7916 comm="syz.5.25191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1642.754729][   T37] audit: type=1326 audit(2000000476.651:2078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7916 comm="syz.5.25191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1642.754786][   T37] audit: type=1326 audit(2000000476.651:2079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7916 comm="syz.5.25191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1642.755119][   T37] audit: type=1326 audit(2000000476.651:2080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7916 comm="syz.5.25191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc69546c582 code=0x7ffc0000
[ 1642.755432][   T37] audit: type=1326 audit(2000000476.651:2081): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7916 comm="syz.5.25191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc69546c819 code=0x7ffc0000
[ 1642.843096][   T37] audit: type=1326 audit(2000000476.651:2082): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7916 comm="syz.5.25191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7fc69546c617 code=0x7ffc0000
[ 1643.066495][  T156] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1645.769629][ T8035] tipc: Failed to remove unknown binding: 66,0,0/8432298:3167403564/3167403565
[ 1645.814387][ T8035] tipc: Failed to remove unknown binding: 66,0,0/8432298:3167403564/3167403565
[ 1649.408510][ T8142] netlink: 'syz.5.25274': attribute type 1 has an invalid length.
[ 1649.485111][ T8142] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1649.487666][ T8174] bond3: entered promiscuous mode
[ 1649.715173][ T8142] bond3 (unregistering): left promiscuous mode
[ 1649.725927][ T8142] bond3 (unregistering): Released all slaves
[ 1650.208311][ T8242] netlink: 4 bytes leftover after parsing attributes in process `syz.5.25288'.
[ 1650.298419][ T8238] team0 (unregistering): Port device team_slave_0 removed
[ 1650.367442][ T8238] team0 (unregistering): Port device team_slave_1 removed
[ 1651.876303][ T8328] tipc: Started in network mode
[ 1651.876918][ T8328] tipc: Node identity 84e, cluster identity 4711
[ 1651.876937][ T8328] tipc: Node number set to 2126
[ 1660.795458][ T8587] netlink: 12 bytes leftover after parsing attributes in process `syz.0.25414'.
[ 1660.884086][T27721] block nbd0: Receive control failed (result -1)
[ 1661.822379][ T8613] netlink: 60 bytes leftover after parsing attributes in process `syz.5.25424'.
[ 1661.848490][ T8613] unsupported nlmsg_type 40
[ 1666.211639][ T8709] netlink: 168 bytes leftover after parsing attributes in process `syz.8.25455'.
[ 1678.043163][T27152] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1678.589953][ T8861] netlink: 16 bytes leftover after parsing attributes in process `syz.8.25510'.
[ 1678.714606][ T8867] netlink: 'syz.8.25510': attribute type 2 has an invalid length.
[ 1682.253396][ T5114] Bluetooth: hci0: command 0x0406 tx timeout
[ 1683.772918][ T8934] netlink: 12 bytes leftover after parsing attributes in process `syz.0.25532'.
[ 1688.951371][ T9092] overlayfs: failed to clone lowerpath
[ 1691.612678][ T8962] netlink: 'syz.8.25545': attribute type 6 has an invalid length.
[ 1698.070712][ T9280] ceph: No mds server is up or the cluster is laggy
[ 1698.071966][  T811] libceph: connect (1)[c::]:6789 error -101
[ 1698.073736][  T811] libceph: mon0 (1)[c::]:6789 connect error
[ 1698.695566][ T9299] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1698.695601][ T9299] overlayfs: failed to set xattr on upper
[ 1698.695609][ T9299] overlayfs: ...falling back to redirect_dir=nofollow.
[ 1698.695620][ T9299] overlayfs: ...falling back to index=off.
[ 1698.695628][ T9299] overlayfs: ...falling back to uuid=null.
[ 1699.207861][T27721] Bluetooth: Frame is too long (len 12, expected len 4)
[ 1700.811967][ T5114] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1700.825652][ T5114] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1701.187967][ T5114] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1702.636991][ T5114] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1702.643287][ T5114] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1702.695099][T27721] 
[ 1702.695117][T27721] ======================================================
[ 1702.695128][T27721] WARNING: possible circular locking dependency detected
[ 1702.695143][T27721] syzkaller #0 Tainted: G             L     
[ 1702.695158][T27721] ------------------------------------------------------
[ 1702.695167][T27721] kworker/u9:0/27721 is trying to acquire lock:
[ 1702.695182][T27721] ffffffff8deee340 (fs_reclaim){+.+.}-{0:0}, at: kmem_cache_alloc_node_noprof+0x4b/0x6e0
SYZFAIL: failed to send rpc
fd=3 want=608 sent=0 n=-1 (errno 32: Broken pipe)
[ 1702.695261][T27721] 
[ 1702.695261][T27721] but task is already holding lock:
[ 1702.695270][T27721] ffffffff8f512778 (uevent_sock_mutex){+.+.}-{4:4}, at: kobject_uevent_net_broadcast+0x281/0x560
[ 1702.695333][T27721] 
[ 1702.695333][T27721] which lock already depends on the new lock.
[ 1702.695333][T27721] 
[ 1702.695342][T27721] 
[ 1702.695342][T27721] the existing dependency chain (in reverse order) is:
[ 1702.695351][T27721] 
[ 1702.695351][T27721] -> #9 (uevent_sock_mutex){+.+.}-{4:4}:
[ 1702.695384][T27721]        mutex_lock_nested+0x5a/0x1d0
[ 1702.695415][T27721]        kobject_uevent_net_broadcast+0x281/0x560
[ 1702.695447][T27721]        kobject_uevent_env+0x55f/0x9e0
[ 1702.695475][T27721]        device_add+0x557/0xb80
[ 1702.695501][T27721]        device_create+0x269/0x300
[ 1702.695529][T27721]        msr_device_create+0x33/0x50
[ 1702.695550][T27721]        cpuhp_invoke_callback+0x445/0x860
[ 1702.695585][T27721]        cpuhp_thread_fun+0x36b/0x780
[ 1702.695618][T27721]        smpboot_thread_fn+0x541/0xa50
[ 1702.695652][T27721]        kthread+0x388/0x470
[ 1702.695673][T27721]        ret_from_fork+0x51e/0xb90
[ 1702.695703][T27721]        ret_from_fork_asm+0x1a/0x30
[ 1702.695724][T27721] 
[ 1702.695724][T27721] -> #8 (cpuhp_state-up){+.+.}-{0:0}:
[ 1702.695755][T27721]        cpuhp_thread_fun+0x127/0x780
[ 1702.695796][T27721]        smpboot_thread_fn+0x541/0xa50
[ 1702.695829][T27721]        kthread+0x388/0x470
[ 1702.695850][T27721]        ret_from_fork+0x51e/0xb90
[ 1702.695880][T27721]        ret_from_fork_asm+0x1a/0x30
[ 1702.695900][T27721] 
[ 1702.695900][T27721] -> #7 (cpu_hotplug_lock){++++}-{0:0}:
[ 1702.695933][T27721]        cpus_read_lock+0x42/0x160
[ 1702.695961][T27721]        static_key_slow_inc+0x12/0x30
[ 1702.695986][T27721]        ipv6_flowlabel_opt+0x160a/0x2340
[ 1702.696014][T27721]        do_ipv6_setsockopt+0xda7/0x31c0
[ 1702.696039][T27721]        ipv6_setsockopt+0x59/0x170
[ 1702.696065][T27721]        do_sock_setsockopt+0x17c/0x1b0
[ 1702.696087][T27721]        __x64_sys_setsockopt+0x143/0x1b0
[ 1702.696108][T27721]        do_syscall_64+0x14d/0xf80
[ 1702.696130][T27721]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1702.696152][T27721] 
[ 1702.696152][T27721] -> #6 (sk_lock-AF_INET6){+.+.}-{0:0}:
[ 1702.696184][T27721]        lock_sock_nested+0x3e/0x130
[ 1702.696212][T27721]        inet_shutdown+0x6a/0x390
[ 1702.696232][T27721]        nbd_mark_nsock_dead+0x2e9/0x560
[ 1702.696256][T27721]        recv_work+0x1c9d/0x1dc0
[ 1702.696279][T27721]        process_scheduled_works+0xb6e/0x18c0
[ 1702.696308][T27721]        worker_thread+0xa53/0xfc0
[ 1702.696337][T27721]        kthread+0x388/0x470
[ 1702.696357][T27721]        ret_from_fork+0x51e/0xb90
[ 1702.696384][T27721]        ret_from_fork_asm+0x1a/0x30
[ 1702.696403][T27721] 
[ 1702.696403][T27721] -> #5 (&nsock->tx_lock){+.+.}-{4:4}:
[ 1702.696435][T27721]        mutex_lock_nested+0x5a/0x1d0
[ 1702.696463][T27721]        nbd_queue_rq+0x37b/0x1100
[ 1702.696484][T27721]        blk_mq_dispatch_rq_list+0xa77/0x1910
[ 1702.696512][T27721]        __blk_mq_sched_dispatch_requests+0xddb/0x1610
[ 1702.696539][T27721]        blk_mq_sched_dispatch_requests+0xda/0x1a0
[ 1702.696567][T27721]        blk_mq_run_hw_queue+0x368/0x520
[ 1702.696590][T27721]        blk_mq_dispatch_list+0xd1f/0xe20
[ 1702.696617][T27721]        blk_mq_flush_plug_list+0x48d/0x570
[ 1702.696642][T27721]        __blk_flush_plug+0x3ed/0x4d0
[ 1702.696667][T27721]        __submit_bio+0x28d/0x580
[ 1702.696693][T27721]        submit_bio_noacct_nocheck+0x2f4/0xa70
[ 1702.696718][T27721]        block_read_full_folio+0x599/0x830
[ 1702.696740][T27721]        filemap_read_folio+0x137/0x3b0
[ 1702.696759][T27721]        do_read_cache_folio+0x2bf/0x560
[ 1702.696786][T27721]        read_part_sector+0xb8/0x2b0
[ 1702.696811][T27721]        adfspart_check_ICS+0xa5/0xa40
[ 1702.696836][T27721]        bdev_disk_changed+0x7ba/0x1550
[ 1702.696861][T27721]        blkdev_get_whole+0x2e5/0x480
[ 1702.696887][T27721]        bdev_open+0x31e/0xcc0
[ 1702.696909][T27721]        blkdev_open+0x485/0x620
[ 1702.696935][T27721]        do_dentry_open+0x83d/0x13e0
[ 1702.696958][T27721]        vfs_open+0x3b/0x350
[ 1702.696980][T27721]        path_openat+0x2e43/0x38a0
[ 1702.697010][T27721]        do_file_open+0x23e/0x4a0
[ 1702.697038][T27721]        do_sys_openat2+0x113/0x200
[ 1702.697063][T27721]        __x64_sys_openat+0x138/0x170
[ 1702.697087][T27721]        do_syscall_64+0x14d/0xf80
[ 1702.697108][T27721]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1702.697128][T27721] 
[ 1702.697128][T27721] -> #4 (&cmd->lock){+.+.}-{4:4}:
[ 1702.697158][T27721]        mutex_lock_nested+0x5a/0x1d0
[ 1702.697184][T27721]        nbd_queue_rq+0xc6/0x1100
[ 1702.697205][T27721]        blk_mq_dispatch_rq_list+0xa77/0x1910
[ 1702.697230][T27721]        __blk_mq_sched_dispatch_requests+0xddb/0x1610
[ 1702.697258][T27721]        blk_mq_sched_dispatch_requests+0xda/0x1a0
[ 1702.697285][T27721]        blk_mq_run_hw_queue+0x368/0x520
[ 1702.697308][T27721]        blk_mq_dispatch_list+0xd1f/0xe20
[ 1702.697334][T27721]        blk_mq_flush_plug_list+0x48d/0x570
[ 1702.697361][T27721]        __blk_flush_plug+0x3ed/0x4d0
[ 1702.697389][T27721]        __submit_bio+0x28d/0x580
[ 1702.697416][T27721]        submit_bio_noacct_nocheck+0x2f4/0xa70
[ 1702.697440][T27721]        block_read_full_folio+0x599/0x830
[ 1702.697462][T27721]        filemap_read_folio+0x137/0x3b0
[ 1702.697481][T27721]        do_read_cache_folio+0x2bf/0x560
[ 1702.697502][T27721]        read_part_sector+0xb8/0x2b0
[ 1702.697525][T27721]        adfspart_check_ICS+0xa5/0xa40
[ 1702.697549][T27721]        bdev_disk_changed+0x7ba/0x1550
[ 1702.697576][T27721]        blkdev_get_whole+0x2e5/0x480
[ 1702.697602][T27721]        bdev_open+0x31e/0xcc0
[ 1702.697627][T27721]        blkdev_open+0x485/0x620
[ 1702.697656][T27721]        do_dentry_open+0x83d/0x13e0
[ 1702.697681][T27721]        vfs_open+0x3b/0x350
[ 1702.697705][T27721]        path_openat+0x2e43/0x38a0
[ 1702.697737][T27721]        do_file_open+0x23e/0x4a0
[ 1702.697767][T27721]        do_sys_openat2+0x113/0x200
[ 1702.697802][T27721]        __x64_sys_openat+0x138/0x170
[ 1702.697828][T27721]        do_syscall_64+0x14d/0xf80
[ 1702.697850][T27721]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1702.697872][T27721] 
[ 1702.697872][T27721] -> #3 (set->srcu){.+.+}-{0:0}:
[ 1702.697904][T27721]        __synchronize_srcu+0xca/0x300
[ 1702.697936][T27721]        elevator_switch+0x1e8/0x7a0
[ 1702.697962][T27721]        elevator_change+0x2cc/0x450
[ 1702.697984][T27721]        elevator_set_default+0x36c/0x430
[ 1702.698009][T27721]        blk_register_queue+0x366/0x430
[ 1702.698032][T27721]        __add_disk+0x677/0xd50
[ 1702.698058][T27721]        add_disk_fwnode+0xfb/0x480
[ 1702.698089][T27721]        nbd_dev_add+0x72c/0xb50
[ 1702.698110][T27721]        nbd_init+0x168/0x1f0
[ 1702.698142][T27721]        do_one_initcall+0x250/0x8d0
[ 1702.698174][T27721]        do_initcall_level+0x104/0x190
[ 1702.698194][T27721]        do_initcalls+0x59/0xa0
[ 1702.698214][T27721]        kernel_init_freeable+0x2a6/0x3e0
[ 1702.698235][T27721]        kernel_init+0x1d/0x1d0
[ 1702.698264][T27721]        ret_from_fork+0x51e/0xb90
[ 1702.698294][T27721]        ret_from_fork_asm+0x1a/0x30
[ 1702.698315][T27721] 
[ 1702.698315][T27721] -> #2 (&q->elevator_lock){+.+.}-{4:4}:
[ 1702.698346][T27721]        mutex_lock_nested+0x5a/0x1d0
[ 1702.698376][T27721]        elevator_change+0x1b3/0x450
[ 1702.698401][T27721]        elevator_set_none+0xb5/0x140
[ 1702.698426][T27721]        blk_mq_update_nr_hw_queues+0x607/0x1a80
[ 1702.698457][T27721]        nbd_start_device+0x17f/0xb20
[ 1702.698478][T27721]        nbd_genl_connect+0x1651/0x1c80
[ 1702.698500][T27721]        genl_family_rcv_msg_doit+0x22a/0x330
[ 1702.698526][T27721]        genl_rcv_msg+0x61c/0x7a0
[ 1702.698547][T27721]        netlink_rcv_skb+0x232/0x4b0
[ 1702.698576][T27721]        genl_rcv+0x28/0x40
[ 1702.698598][T27721]        netlink_unicast+0x831/0x9f0
[ 1702.698626][T27721]        netlink_sendmsg+0x813/0xb40
[ 1702.698657][T27721]        ____sys_sendmsg+0x94c/0x9c0
[ 1702.698681][T27721]        ___sys_sendmsg+0x2a5/0x360
[ 1702.698703][T27721]        __x64_sys_sendmsg+0x1c3/0x2a0
[ 1702.698726][T27721]        do_syscall_64+0x14d/0xf80
[ 1702.698748][T27721]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1702.698770][T27721] 
[ 1702.698770][T27721] -> #1 (&q->q_usage_counter(io)#50){++++}-{0:0}:
[ 1702.698819][T27721]        blk_alloc_queue+0x54e/0x690
[ 1702.698844][T27721]        __blk_mq_alloc_disk+0x197/0x390
[ 1702.698874][T27721]        nbd_dev_add+0x499/0xb50
[ 1702.698895][T27721]        nbd_init+0x168/0x1f0
[ 1702.698926][T27721]        do_one_initcall+0x250/0x8d0
[ 1702.698958][T27721]        do_initcall_level+0x104/0x190
[ 1702.698977][T27721]        do_initcalls+0x59/0xa0
[ 1702.698996][T27721]        kernel_init_freeable+0x2a6/0x3e0
[ 1702.699017][T27721]        kernel_init+0x1d/0x1d0
[ 1702.699044][T27721]        ret_from_fork+0x51e/0xb90
[ 1702.699074][T27721]        ret_from_fork_asm+0x1a/0x30
[ 1702.699094][T27721] 
[ 1702.699094][T27721] -> #0 (fs_reclaim){+.+.}-{0:0}:
[ 1702.699124][T27721]        __lock_acquire+0x15a5/0x2cf0
[ 1702.699145][T27721]        lock_acquire+0xf0/0x2e0
[ 1702.699164][T27721]        fs_reclaim_acquire+0x71/0x100
[ 1702.699186][T27721]        kmem_cache_alloc_node_noprof+0x4b/0x6e0
[ 1702.699219][T27721]        __alloc_skb+0x1d0/0x7d0
[ 1702.699238][T27721]        alloc_uevent_skb+0x7d/0x230
[ 1702.699267][T27721]        kobject_uevent_net_broadcast+0x2fd/0x560
[ 1702.699296][T27721]        kobject_uevent_env+0x55f/0x9e0
[ 1702.699323][T27721]        device_add+0x557/0xb80
[ 1702.699348][T27721]        hci_conn_add_sysfs+0xd5/0x210
[ 1702.699380][T27721]        hci_conn_complete_evt+0x77a/0x11d0
[ 1702.699401][T27721]        hci_event_packet+0x805/0x12c0
[ 1702.699459][T27721]        hci_rx_work+0x3ee/0x1030
[ 1702.699479][T27721]        process_scheduled_works+0xb6e/0x18c0
[ 1702.699509][T27721]        worker_thread+0xa53/0xfc0
[ 1702.699538][T27721]        kthread+0x388/0x470
[ 1702.699560][T27721]        ret_from_fork+0x51e/0xb90
[ 1702.699588][T27721]        ret_from_fork_asm+0x1a/0x30
[ 1702.699608][T27721] 
[ 1702.699608][T27721] other info that might help us debug this:
[ 1702.699608][T27721] 
[ 1702.699616][T27721] Chain exists of:
[ 1702.699616][T27721]   fs_reclaim --> cpuhp_state-up --> uevent_sock_mutex
[ 1702.699616][T27721] 
[ 1702.699653][T27721]  Possible unsafe locking scenario:
[ 1702.699653][T27721] 
[ 1702.699661][T27721]        CPU0                    CPU1
[ 1702.699668][T27721]        ----                    ----
[ 1702.699676][T27721]   lock(uevent_sock_mutex);
[ 1702.699692][T27721]                                lock(cpuhp_state-up);
[ 1702.699710][T27721]                                lock(uevent_sock_mutex);
[ 1702.699728][T27721]   lock(fs_reclaim);
[ 1702.699743][T27721] 
[ 1702.699743][T27721]  *** DEADLOCK ***
[ 1702.699743][T27721] 
[ 1702.699750][T27721] 4 locks held by kworker/u9:0/27721:
[ 1702.699764][T27721]  #0: ffff888059233138 ((wq_completion)hci4#2){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[ 1702.699841][T27721]  #1: ffffc9000ffafc40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[ 1702.699907][T27721]  #2: ffff88802b51c0b0 (&hdev->lock){+.+.}-{4:4}, at: hci_conn_complete_evt+0xbb/0x11d0
[ 1702.699961][T27721]  #3: ffffffff8f512778 (uevent_sock_mutex){+.+.}-{4:4}, at: kobject_uevent_net_broadcast+0x281/0x560
[ 1702.700026][T27721] 
[ 1702.700026][T27721] stack backtrace:
[ 1702.700044][T27721] CPU: 1 UID: 0 PID: 27721 Comm: kworker/u9:0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1702.700077][T27721] Tainted: [L]=SOFTLOCKUP
[ 1702.700086][T27721] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 1702.700103][T27721] Workqueue: hci4 hci_rx_work
[ 1702.700125][T27721] Call Trace:
[ 1702.700134][T27721]  <TASK>
[ 1702.700145][T27721]  dump_stack_lvl+0xe8/0x150
[ 1702.700179][T27721]  print_circular_bug+0x2e1/0x300
[ 1702.700209][T27721]  check_noncircular+0x12e/0x150
[ 1702.700240][T27721]  __lock_acquire+0x15a5/0x2cf0
[ 1702.700272][T27721]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1702.700297][T27721]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1702.700322][T27721]  lock_acquire+0xf0/0x2e0
[ 1702.700344][T27721]  ? kmem_cache_alloc_node_noprof+0x4b/0x6e0
[ 1702.700384][T27721]  fs_reclaim_acquire+0x71/0x100
[ 1702.700408][T27721]  ? kmem_cache_alloc_node_noprof+0x4b/0x6e0
[ 1702.700444][T27721]  kmem_cache_alloc_node_noprof+0x4b/0x6e0
[ 1702.700478][T27721]  ? __alloc_skb+0x1d0/0x7d0
[ 1702.700498][T27721]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1702.700525][T27721]  __alloc_skb+0x1d0/0x7d0
[ 1702.700549][T27721]  alloc_uevent_skb+0x7d/0x230
[ 1702.700582][T27721]  kobject_uevent_net_broadcast+0x2fd/0x560
[ 1702.700618][T27721]  kobject_uevent_env+0x55f/0x9e0
[ 1702.700652][T27721]  device_add+0x557/0xb80
[ 1702.700681][T27721]  hci_conn_add_sysfs+0xd5/0x210
[ 1702.700717][T27721]  hci_conn_complete_evt+0x77a/0x11d0
[ 1702.700741][T27721]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1702.700769][T27721]  ? __pfx_hci_conn_complete_evt+0x10/0x10
[ 1702.700806][T27721]  hci_event_packet+0x805/0x12c0
[ 1702.700844][T27721]  ? __pfx_hci_conn_complete_evt+0x10/0x10
[ 1702.700867][T27721]  ? __pfx_hci_event_packet+0x10/0x10
[ 1702.700902][T27721]  ? rt_spin_unlock+0x14f/0x200
[ 1702.700938][T27721]  ? hci_send_to_monitor+0xe2/0x590
[ 1702.700970][T27721]  hci_rx_work+0x3ee/0x1030
[ 1702.700995][T27721]  ? process_scheduled_works+0xa8d/0x18c0
[ 1702.701028][T27721]  process_scheduled_works+0xb6e/0x18c0
[ 1702.701075][T27721]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1702.701110][T27721]  ? assign_work+0x3d5/0x5e0
[ 1702.701143][T27721]  worker_thread+0xa53/0xfc0
[ 1702.701189][T27721]  kthread+0x388/0x470
[ 1702.701214][T27721]  ? __pfx_worker_thread+0x10/0x10
[ 1702.701246][T27721]  ? __pfx_kthread+0x10/0x10
[ 1702.701270][T27721]  ret_from_fork+0x51e/0xb90
[ 1702.701304][T27721]  ? __pfx_ret_from_fork+0x10/0x10
[ 1702.701336][T27721]  ? __switch_to+0xc7d/0x1450
[ 1702.701366][T27721]  ? __pfx_kthread+0x10/0x10
[ 1702.701392][T27721]  ret_from_fork_asm+0x1a/0x30
[ 1702.701422][T27721]  </TASK>
[ 1702.873161][ T9341] vlan3: entered promiscuous mode
[ 1705.093827][ T6099] team0: Port device syz_tun removed
[ 1705.435302][T13260] bond0: (slave syz_tun): Releasing backup interface
[ 1706.281666][ T8809] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1706.281697][ T8809] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1706.528635][ T8809] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1706.528664][ T8809] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1706.729657][ T8809] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1706.729683][ T8809] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1706.943930][ T8809] netdevsim netdevsim6 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1706.943957][ T8809] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1707.167509][ T8809] bridge_slave_1: left promiscuous mode
[ 1707.167735][ T8809] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1707.264598][ T8809] bridge_slave_0: left allmulticast mode
[ 1707.264626][ T8809] bridge_slave_0: left promiscuous mode
[ 1707.264824][ T8809] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1707.383341][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[ 1707.383397][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[ 1708.054873][ T8809] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1708.119073][ T8809] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1708.162945][ T8809] bond0 (unregistering): Released all slaves
[ 1709.690863][ T8809] hsr_slave_0: left promiscuous mode
[ 1709.711279][ T8809] hsr_slave_1: left promiscuous mode
[ 1709.711912][ T8809] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1709.711929][ T8809] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1709.765901][ T8809] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1709.765933][ T8809] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1709.861219][ T8809] veth1_macvtap: left promiscuous mode
[ 1709.861288][ T8809] veth1_vlan: left promiscuous mode
[ 1709.861341][ T8809] veth0_vlan: left promiscuous mode
[ 1710.439799][ T8809] team0 (unregistering): Port device team_slave_1 removed
[ 1710.460947][ T8809] team0 (unregistering): Port device team_slave_0 removed