last executing test programs:

16.103857835s ago: executing program 1 (id=3756):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x3, 0x180, 0x2, 0xfffffffffffffffa, 0xf1, 0x100000001, 0x1, 0x5, 0x0, 0x29, 0x0, 0x6, 0x0, 0xbd9], 0xffff1001, 0x43100})
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x5, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
capset(&(0x7f0000000000)={0x20080522}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x7, 0x1000000000, 0x0, 0x200000000000043, 0x2000004, 0x0, 0x2004cb, 0x0, 0xa7c, 0x68ff, 0x7, 0x8000000009, 0x803, 0x0, 0x9], 0xeeee8000, 0x202})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0x1, 0x8, 0x70, 0xb, 0xe6, 0x40, 0x0, 0x0, 0x81, 0x82}, {0x5000, 0xdddd0000, 0x3, 0x0, 0x42, 0x5, 0x75, 0x6, 0x36, 0x0, 0x2, 0x87}, {0x0, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0x9, 0x6, 0x5, 0x42, 0xb, 0xff, 0x8, 0x7, 0xe}, {0xf000, 0xc000, 0xf, 0x3, 0x16, 0x7, 0xab, 0x8, 0x9, 0x9, 0xf7, 0x97}, {0xeeefa000, 0x8000000, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0x2f, 0x1, 0x8}, {0x3000, 0x3000, 0x9, 0x5, 0x7, 0xe, 0x7, 0x3, 0x8, 0xff, 0x5, 0x70}, {0x8080000, 0x4000, 0x8, 0x5, 0x3, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x81}, {0xeeee0000, 0xbf4}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x3000, 0x2024, 0x2, 0x4800, 0x8080000, [0x6800000000000000, 0x4, 0x2, 0x8]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

15.739071738s ago: executing program 1 (id=3761):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000600)=@newqdisc={0x60, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_BURST={0x8, 0x6, 0x8}, @TCA_TBF_PARMS={0x28, 0x1, {{0x40, 0x2, 0x80, 0xf6, 0x1000, 0x5}, {0x9, 0x1, 0xc69, 0x7, 0x0, 0x6}, 0x0, 0x2, 0xdb3}}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x20008001}, 0x2000400)
sendmsg$nl_route_sched(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0x80000, {0x0, 0x0, 0x0, r7, {}, {0xffe6, 0xb}, {0xfff2, 0x3}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x5, 0x9, 0x7ff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x48d4}, 0x4048080)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

15.146814056s ago: executing program 1 (id=3766):
r0 = socket$packet(0x11, 0x3, 0x300)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56741, 0x70b923, 0x7fffe, {0x0, 0x0, 0x0, r3, {0x0, 0xfff3}, {0xb, 0xb}, {0x2, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x808, 0x205, 0x1, 0xc}, 0xb, 0x1, 0x32, 0x5, 0x9, 0x7, 0x9, 0x12, 0x2, 0x1, {0xffff1c72, 0x23, 0x100007, 0x8, 0xfffffffe, 0x7583}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x44040}, 0x8000)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', <r5=>0x0})
sendto$packet(r0, &(0x7f00000002c0)="05031400d3fc1c0000004788031c09102c28", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)

13.95153416s ago: executing program 1 (id=3774):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000200)={0x0, &(0x7f0000000680)=[@rdmsr={0x66, 0x18, {0x40000101}}], 0x18})
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

13.56635678s ago: executing program 1 (id=3777):
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="51c2"], 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac9", 0x3}], 0x1}}], 0x1, 0x4000000)
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c527d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}})

13.362835888s ago: executing program 1 (id=3779):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000540)=0x140, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x2, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f00008b3000/0x2000)=nil, &(0x7f0000409000/0xa000)=nil, &(0x7f000056a000/0x2000)=nil, &(0x7f000036f000/0x2000)=nil, &(0x7f000000b000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f00000ff000/0x2000)=nil, &(0x7f00000db000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r1 = socket(0x11, 0x80803, 0x0)
setsockopt(r1, 0x107, 0xd, &(0x7f00000000c0)="0000e20085c75c11a92614431ea3b121", 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x8031, 0xffffffffffffffff, 0x0)
migrate_pages(0x0, 0x8, &(0x7f0000000100)=0x5, &(0x7f0000000140)=0x2)

11.007011222s ago: executing program 4 (id=3790):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x20004055)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
bind$bt_hci(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x40, &(0x7f0000000200)=0x4, 0x4)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="042ffd02ffffffffffff050800400b07000712c124"], 0x200)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412b", 0xf}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

10.527872418s ago: executing program 4 (id=3791):
r0 = socket$packet(0x11, 0x3, 0x300)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56741, 0x70b923, 0x7fffe, {0x0, 0x0, 0x0, r3, {0x0, 0xfff3}, {0xb, 0xb}, {0x2, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x808, 0x205, 0x1, 0xc}, 0xb, 0x1, 0x32, 0x5, 0x9, 0x7, 0x9, 0x12, 0x2, 0x1, {0xffff1c72, 0x23, 0x100007, 0x8, 0xfffffffe, 0x7583}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x44040}, 0x8000)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', <r5=>0x0})
sendto$packet(r0, &(0x7f00000002c0)="05031400d3fc1c0000004788031c09102c28", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)

9.493941327s ago: executing program 4 (id=3798):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdbfc, {0x0, 0x0, 0x0, r4, {0x0, 0xd}, {0x6, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_MEMORY={0x8, 0xa, 0x8}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
r5 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r5, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756", 0xe, 0x40, &(0x7f00000001c0)={0x11, 0x8100, r2, 0x1, 0xd8, 0x6, @multicast}, 0x14)
r6 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
r8 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x1, 0x3}, {}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)

8.833464644s ago: executing program 4 (id=3802):
sendmsg$RDMA_NLDEV_CMD_SET(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB], 0x10}, 0x1, 0x0, 0x0, 0x4}, 0x4000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000004c0)={[0x8aba, 0x100d, 0x4, 0x804, 0x7ffd, 0xf, 0x120000, 0x9, 0x1, 0x5, 0x8000000000000000, 0x1, 0x1, 0xfe, 0x6, 0x1], 0x4000, 0x141200})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000100)=@x86={0x6, 0x2, 0x10, 0x0, 0xb, 0x7, 0x2, 0x9, 0x1, 0x51, 0x0, 0x8, 0x0, 0x4, 0x10, 0xff, 0xb, 0x2, 0x7, '\x00', 0x6, 0x4080000000000005})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7.698670858s ago: executing program 4 (id=3805):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000200)={0x0, &(0x7f0000000680)=[@rdmsr={0x66, 0x18, {0x40000101}}], 0x18})
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

7.209911802s ago: executing program 0 (id=3810):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, 0x0}], 0x1, 0x13, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000005700)=@vmx={0x0, 0x0, 0x2080, {0x0, 0xf000}, {'\x00', "000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a5f2000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fe00"}})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

7.048800617s ago: executing program 4 (id=3811):
open(0x0, 0x103bc2, 0x1c0)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$KVM_GET_MSRS_sys(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x1, 0x0, [{0x491, 0x0, 0x3}]})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f00008b3000/0x2000)=nil, &(0x7f0000409000/0xa000)=nil, &(0x7f000056a000/0x2000)=nil, &(0x7f000036f000/0x2000)=nil, &(0x7f000000b000/0x4000)=nil, &(0x7f0000516000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff7000/0x1000)=nil, &(0x7f00000ff000/0x2000)=nil, &(0x7f00000db000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
fcntl$F_SET_FILE_RW_HINT(0xffffffffffffffff, 0x40e, 0x0)
r0 = socket(0x11, 0x80803, 0x0)
setsockopt(r0, 0x107, 0xd, &(0x7f00000000c0)="0000e20085c75c11a92614431ea3b121", 0x10)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x4, 0x4, &(0x7f00000001c0))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x8031, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x1ff)
fallocate(0xffffffffffffffff, 0x8, 0x4000, 0x10000)
syz_io_uring_setup(0x4a85, 0x0, &(0x7f0000000240), &(0x7f0000000140))
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x19)

6.628005421s ago: executing program 0 (id=3812):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = userfaultfd(0x80001)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$ethtool(&(0x7f0000001b00), 0xffffffffffffffff)
ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000000000/0x800000)=nil, 0x800000})

5.546206373s ago: executing program 0 (id=3819):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2003, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f00000001c0))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, &(0x7f0000000140)="0f30c402fd3eecae660f38800a66b80c010f00d0662e3646d87213460f09b98c0900000f32b8010000000f01c12e644c0fc72f", 0x33}], 0x1, 0x41, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5.277351351s ago: executing program 3 (id=3821):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x10, 0x80000000, 0x4, {0x0, 0x0, 0x0, 0x0, {0xd}, {0xa, 0xfff2}, {0xfff1, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_ECN_PROB={0x8, 0x9, 0x1a}]}}]}, 0x3c}}, 0x20004055)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
bind$bt_hci(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x40, &(0x7f0000000200)=0x4, 0x4)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="042ffd02ffffffffffff050800400b07000712c124"], 0x200)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18", 0xf72}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

4.283088986s ago: executing program 0 (id=3822):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x88, 0x24, 0xf0b, 0x70bd26, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xffff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_mqprio={{0xb}, {0x58, 0x2, {{0x1, [], 0x0, [0x1, 0x2, 0xfffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c4, 0x8000, 0x0, 0x0, 0x3dc], [0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}}}}]}, 0x88}}, 0x20000000)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xfff3, 0xfff3}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x14, 0x2, [@TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@TCA_TAPRIO_SCHED_ENTRY_INTERVAL={0x4, 0x4, 0xffff230c}]}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40001}, 0x880)

3.945902593s ago: executing program 3 (id=3824):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000480)=[{0x0}, {0x0}, {&(0x7f00000003c0)="77cccb0deedbb94f1afd3ccb469a6721cc637e9cbc7f0685c4ab02897a615638b1ba209474e485e5c676dab2f779fc45e14a15eb8cab8dce71eaea08ea87db5609774523b75431043e4a32f82c5b61bea2b9b0eff207d81c7b175cfcb3e448d7fcac8844402e9401582eeb4a08d247096e183b9b7de727a818150a153b9397c4cc61a6bd461f30fb84b679bca11d47c56904a9d359442a5c3693048b", 0x9c}, {0x0}, {&(0x7f0000000680)}], 0x5, 0x4, 0x5)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x7b, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000040)={[0x4, 0x2, 0x80, 0x5, 0x4, 0x7f, 0x4232, 0x3, 0x81, 0x9c1, 0x8001, 0x5, 0x7, 0x4db6, 0x0, 0xfffffdffff7ffffd], 0xdddd1000, 0x80300})
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000180)=0x3)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@x86={0x40, 0x1, 0xc, 0x0, 0x1, 0x0, 0x12, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0xfffffff8, 0x0, 0x3, 0xff})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.700175705s ago: executing program 2 (id=3825):
gettid()
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0xffff, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = userfaultfd(0x80001)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
readv(r0, &(0x7f0000000200)=[{&(0x7f0000000480)=""/198, 0xc6}], 0x1)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
syz_genetlink_get_family_id$tipc2(&(0x7f00000020c0), 0xffffffffffffffff)
syz_genetlink_get_family_id$ethtool(&(0x7f0000001b00), 0xffffffffffffffff)
ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000000000/0x800000)=nil, 0x800000})

3.301277014s ago: executing program 0 (id=3826):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x8, &(0x7f0000000500)=ANY=[@ANYBLOB="18020000f8ffffff0000000000000000850000003600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000e7ffffff850000008600000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000003c0)={r1, 0x0, 0xb, 0x0, &(0x7f0000000140)="05a42f284a5bf1fa61960a", 0x0, 0x4fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

2.923967675s ago: executing program 0 (id=3827):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1342, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000100), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
writev(r0, &(0x7f0000000200)=[{&(0x7f0000000540)="89e7ee0c7cdad9b4b47380c988cafb", 0x140}, {&(0x7f00000006c0)="448b7cff000000000000108a15df09", 0xf}], 0x2)

2.76147359s ago: executing program 3 (id=3828):
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd69010000001406fffe800000000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="51c2"], 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000007880)=[{{0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000040)="af0ac9", 0x3}], 0x1}}], 0x1, 0x4000000)
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c527d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}})

2.551781777s ago: executing program 2 (id=3829):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = userfaultfd(0x80001)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000009, 0x32, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000002c0)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000000000/0x400000)=nil, 0x400000}, 0x1})
syz_genetlink_get_family_id$tipc2(&(0x7f00000020c0), 0xffffffffffffffff)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
ioctl$UFFDIO_WAKE(r0, 0x8010aa02, &(0x7f00000003c0)={&(0x7f0000000000/0x800000)=nil, 0x800000})

2.117872509s ago: executing program 3 (id=3830):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x1e9000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x54, 0x0, 0x0)
ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0xd, 0x99, 0x0, 0x0, 0x10000, 0x2, '\x00', 0xc94})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.435588263s ago: executing program 2 (id=3831):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)
r1 = socket$inet6(0xa, 0x3, 0x8000000003c)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x3, 0x3, @dev={0xfe, 0x80, '\x00', 0xd}, 0x9}, 0x1c)
sendmmsg$unix(r1, &(0x7f0000007b80)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2404c054}}], 0x1, 0x2000c080)
sendmsg(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)=',', 0x1}, {&(0x7f0000000980)="c298ef6ac6d886bbc2ec448faa59851b7d2e40a4c5ba12f2f7623bd86f4724cf466aaa85bb8bb4215986c1474504004913337fce1d25d13e2ece72c88afba13ba35b418a0cf906825c4279b29447d148a8c14a4424edd2237c17283a157c46b7aa18a4e610bc89426c7bd1e9572810bd6dc4129d075a533f7c44cd8aa70acd5fdb9a527693a236c9365b0c2e4144c07f9a5d7f1096e8008f3d99d352bc85ab390f3d31291cac952d6774b23d11db0949d319825bcc24356620a27381d9a9ec75555740be6667b5ea8e0d981dbbeea0ecfacbb5f7a1c3795f6fc99063fa9c29ba09864015ebbfccb56a69aefc80a7a8686ff40f8f44d0a0bdfe8e5c3fd12821a3b5b645bf622b03f0ece97f225ce42fd35fc9773170bc1a89dd56e4ece3285646f3c88820b92b38c52896426bee2b7116d022c4c297543e430cd2d14f9d1cd0693e8b311c37ed5dce6b4885ac5d163695ccb723ce86733e520841b3549b5813104a0756a10b9df7f0fc9d302faced59485b18c12391218ebd6df8e61191ef8866a6c61cd8d052be9638338f3cd2cdef2ef2806ec5e00cfc087b73dfe8132878d3ecff4d99b7408066c65dead354f173b7ccf68e2f9e4c6a6fb39111be56f9b53066593b38b22c16bdf36af11957748063ac0cde5f51cf20b83ea756e92c496a68c8281dcfbba31def325e6c49e101b90534df81c493425aea9212fcbc0ad9165d63dc58d1713a77ae05ddcc307eacb7ec7c051ac15d64b03b972592f90992180ca76e9780c24e2312f1ea411ea9ce1c5c2dcd5c652151d9930edd39a8a98369b01cefcb35d28fd0eac3ec07d5d4b302ea0e45113d17e4ac6981c4c59953d9aaf92ebb21e9a70c2e013f4cd05ead2173903f8aac1c5c1d90ee5337759f76d0bc9fb2069d7cae4543e7442e402b1592399c9a25943afea291ed65abfc193774099389330b7bbfe68e594bf425732fe5702195364471878964fd7def9800509ba91dd070dc9fec288ed6eb857b69e766b623f579f74293066b9202c0f4982325d45cfdff837101879856134ad5982decc805c54839b3b7bc335b8906b029cf8d3ac84265089e70286fc15e444f0d971323e977e53825f6a6a09851785fa6d96a220c43bdc48028134f3f4830434ee7a97f12d75d6639443cad92dc824e3cbad28825e36ee24725ee0644fdbdd9b94f52ecd9a42b7e0f05734ccf781f2bd9fdf556b8a0530474681ad4995301e6217d82ac09c2a5ed91a6c1960c582339b48604676758c7ab654895e3b88595a364cbe8e78cc276c835d1ec8950ba157edd47e6fb7727cc42cc275b71fc35eb5859306e09d54bad0291eefe39969aff49c1cb42f5ba28ebd84f0f7f7a609aae1e44eda9e4043691936ec07ae5fccfd1960c586fcc5ce91252c795519da4c691fcc7661353c6dd6cc5637efe9014c9f332e9c1a6c0b50413e2f0f43822f9b873da051a424406bfd194a6eada9723537003a5074d448a42b31eeb510c6494024392b71a5acecf19221c155049cb8de69f196f975212473bf52c22dc612be0f048cb2f3d73d7bc04643276897fd89856f979e49366b04fb5fdfcf04a7c2152ac4550aa86b5e1d3bebb1462d818556cbee6fbf0b4958e54785a26b0dfc9d487f69a41e282a2619534b42ccdb72228f196bf3d4de83498037b8eac9bc5a1d74c3cc2eb52914ad009bd390959b0d3c5f3c1fb84ab33da6738916c97a99e1d0078e36a5ef7e23fd23445d508346d9f6ecd98104e9515aa49960ad40e42b40462292a0ffcab9f910b67827e4c506a273e0350c2ab343c70a6ddfae8e885490c57dc08ef6761ce31c755eb4985697a5935a0e850732aa1c36014779b7081ce79b183a8ced9ea0cbd703a033af6b1f1bc9e6654f7dcb5dcefb7cbce9c941e9de99fded8bc37475c6057d88f75a8e4de10bdb4e7a172dbbc783c1a220d03a39ef94037dda60610f8b74f2735ee22f296eb1473ca0beb2915a9c22590823c3d7528579e9c0234e29933a865b1df936aec8d5cb00a44d6fbb50ac8440317fb52bbbd6625ae70788d9fd50d3d2ffa9eb10e11704f6b689be948e703715dc2ad7173856d18f4a81c012edfe329dd7ffe3d6b3429589b1c1ee4fb49a62afbf13b50ca5157f4633b75197dfc360c0dd309df2e3d541c3fa9ed44919a093333c44a74abdb2474eea81cdba24546f18afc7ad68483a3f2dc52b032a4c4ecf041c49994e9f4bacf4e079561d485c896a6", 0x631}], 0x2, 0x0, 0x0, 0x2c}, 0x4000)

1.168582142s ago: executing program 3 (id=3832):
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f00000001c0)=[@in6={0xa, 0x4e24, 0x14, @loopback}], 0x1c)
bind$inet6(0xffffffffffffffff, &(0x7f00000002c0)={0xa, 0x4e24, 0x1, @empty, 0x65}, 0x1c)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=@ipv4_newroute={0x2c, 0x1a, 0x1, 0x70bd29, 0x0, {0x2, 0x20, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}, [@RTA_NH_ID={0x4, 0x1e, 0x1ff}, @RTA_IP_PROTO={0x5, 0x1b, 0x11}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20004004}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x4040040}, 0x20000010)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x100, 0x5, 0x6, 0x4002, 0x5, 0x37, 0xefffffffffffffff, 0x0, 0x0, 0x2000005, 0xfffffffface6e3cd, 0x40000000001c, 0x1, 0xffffffffffffffff, 0xfd]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.075358937s ago: executing program 2 (id=3833):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$KVM_GET_MSRS_cpu(0xffffffffffffffff, 0xc008ae88, &(0x7f00000004c0))
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000001fc0)={'ip6gre0\x00', &(0x7f0000000b00)={'syztnl1\x00', 0x0, 0x29, 0x9f, 0xb, 0x7fff, 0x22, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x80, 0x80, 0x6, 0x1}})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x38, 0xfff, 0x3fffc, 0x180, 0x2, 0x14, 0xf1, 0x0, 0x7fffffffffffe, 0x5, 0x4005, 0x8, 0x0, 0x45, 0xfffffffffffffffd, 0xbdb], 0xdddd0000, 0x1c4217})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

642.5322ms ago: executing program 2 (id=3834):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x20004055)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
bind$bt_hci(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x40, &(0x7f0000000200)=0x4, 0x4)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="042ffd02ffffffffffff050800400b07000712c124"], 0x200)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

403.901953ms ago: executing program 3 (id=3835):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0x10, 0x80000000, 0x4, {0x0, 0x0, 0x0, 0x0, {0xd}, {0xa, 0xfff2}, {0xfff1, 0x9}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0xc, 0x8002, [@TCA_FQ_PIE_ECN_PROB={0x8, 0x9, 0x1a}]}}]}, 0x3c}}, 0x20004055)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
bind$bt_hci(0xffffffffffffffff, &(0x7f00000000c0)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x40, &(0x7f0000000200)=0x4, 0x4)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="042ffd02ffffffffffff050800400b07000712c124"], 0x200)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r3 = accept4(r2, 0x0, 0x0, 0x800)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73", 0xf82}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

0s ago: executing program 2 (id=3836):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000016000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, 0x0}], 0x1, 0x4e, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x60242, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f"], 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

eter '0x0000000000000004'
[  448.243710][T10554] device syzkaller0 entered promiscuous mode
[  448.252792][T10556] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1972'.
[  449.316027][T10568] fuse: Unknown parameter '0x0000000000000004'
[  450.565249][T10529] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  450.979722][T10558] bond2: (slave vcan1): The slave device specified does not support setting the MAC address
[  450.991841][T10558] bond2: (slave vcan1): Error -95 calling set_mac_address
[  451.019921][T10571] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1977'.
[  451.540259][T10577] device syzkaller0 entered promiscuous mode
[  451.690821][ T4287] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  451.980459][T10611] fuse: Unknown parameter '0x0000000000000004'
[  452.331442][T10617] device syzkaller0 entered promiscuous mode
[  453.064434][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  453.260993][T10646] fuse: Unknown parameter '0x0000000000000004'
[  455.034833][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  455.233201][T10693] fuse: Unknown parameter 'fd0x0000000000000004'
[  457.431914][T10724] fuse: Unknown parameter 'fd0x0000000000000004'
[  458.939841][T10647] device syzkaller0 entered promiscuous mode
[  458.993379][T10743] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  459.186187][T10756] fuse: Bad value for 'fd'
[  459.311202][T10758] netlink: 'syz.0.2030': attribute type 12 has an invalid length.
[  460.707048][T10768] fuse: Unknown parameter 'fd0x0000000000000004'
[  461.534502][T10794] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2043'.
[  461.572867][T10798] fuse: Bad value for 'fd'
[  461.663805][T10795] device syzkaller0 entered promiscuous mode
[  463.045953][T10806] netlink: 'syz.0.2047': attribute type 12 has an invalid length.
[  463.471809][T10812] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2049'.
[  463.495466][T10812] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2049'.
[  465.059640][T10849] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2059'.
[  465.190562][T10850] netlink: 'syz.3.2058': attribute type 1 has an invalid length.
[  465.604574][T10858] netlink: 'syz.2.2061': attribute type 12 has an invalid length.
[  466.238568][T10866] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2063'.
[  467.032143][T10884] fuse: Unknown parameter '00000000000000000000003'
[  467.614378][T10896] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  467.630064][T10895] tipc: Disabling bearer <eth:syzkaller0>
[  467.983526][T10910] netlink: 'syz.3.2076': attribute type 12 has an invalid length.
[  471.100225][T10985] fuse: Unknown parameter '00000000000000000000003'
[  472.354578][T11029] device syzkaller0 entered promiscuous mode
[  472.739254][T11043] device syzkaller0 entered promiscuous mode
[  473.268365][T11052] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2096'.
[  473.292100][T11067] fuse: Unknown parameter '00000000000000000000003'
[  473.419770][T11061] device syzkaller0 entered promiscuous mode
[  473.731432][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  478.566921][T11109] netlink: 'syz.2.2110': attribute type 12 has an invalid length.
[  478.731158][T11145] fuse: Unknown parameter '00000000000000000000003'
[  478.799049][T11149] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2114'.
[  482.148901][T11173] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  482.231926][T11173] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  482.814335][T11173] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  482.826869][T11173] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  482.838089][T11173] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  482.848986][T11173] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  483.039453][T11173] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  483.049016][T11173] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  483.052398][    C0] hrtimer: interrupt took 367075 ns
[  483.062856][T11173] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  483.077394][T11173] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  483.103883][T11179] netlink: 'syz.1.2124': attribute type 12 has an invalid length.
[  483.233042][T11217] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2133'.
[  483.503577][T11228] fuse: Unknown parameter 'fd00000000000000000000003'
[  483.549421][ T4287] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  484.228620][T11251] netlink: 'syz.1.2145': attribute type 12 has an invalid length.
[  485.101133][T11253] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2146'.
[  486.413224][T11289] netlink: 'syz.1.2159': attribute type 12 has an invalid length.
[  487.629878][T11301] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2161'.
[  492.441358][T11333] device syzkaller0 entered promiscuous mode
[  494.114330][ T4287] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  495.939167][T11381] netlink: 'syz.1.2186': attribute type 1 has an invalid length.
[  496.324026][T11394] device syzkaller0 entered promiscuous mode
[  497.064473][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  501.605260][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  501.619613][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  502.447633][T11467] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  502.467873][T11467] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  502.499515][T11467] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  502.530248][T11467] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  503.099102][T11510] device syzkaller0 entered promiscuous mode
[  503.357690][ T4287] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  507.152344][   T26] audit: type=1326 audit(2000000360.840:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11574 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6bb9c799 code=0x7ffc0000
[  507.215033][   T26] audit: type=1326 audit(2000000360.840:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11574 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6bb9c799 code=0x7ffc0000
[  507.245793][   T26] audit: type=1326 audit(2000000360.840:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11574 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=263 compat=0 ip=0x7f7b6bb9c799 code=0x7ffc0000
[  507.270975][   T26] audit: type=1326 audit(2000000360.840:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11574 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6bb9c799 code=0x7ffc0000
[  507.310816][   T26] audit: type=1326 audit(2000000360.840:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11574 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6bb9c799 code=0x7ffc0000
[  507.350672][   T26] audit: type=1326 audit(2000000360.840:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11574 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6bb9c799 code=0x7ffc0000
[  507.414172][   T26] audit: type=1326 audit(2000000360.850:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11574 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=237 compat=0 ip=0x7f7b6bb9c799 code=0x7ffc0000
[  507.489842][   T26] audit: type=1326 audit(2000000360.850:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11574 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6bb9c799 code=0x7ffc0000
[  507.562965][   T26] audit: type=1326 audit(2000000360.850:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11574 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b6bb9c799 code=0x7ffc0000
[  507.615484][   T26] audit: type=1326 audit(2000000360.900:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11574 comm="syz.3.2223" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f7b6bb5cfce code=0x7ffc0000
[  515.218452][   T26] kauditd_printk_skb: 39 callbacks suppressed
[  515.218475][   T26] audit: type=1326 audit(2000000368.910:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11670 comm="syz.4.2246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b3939c799 code=0x7ffc0000
[  515.380595][   T26] audit: type=1326 audit(2000000368.910:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11670 comm="syz.4.2246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b3939c799 code=0x7ffc0000
[  515.456970][   T26] audit: type=1326 audit(2000000368.910:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11670 comm="syz.4.2246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b3939c799 code=0x7ffc0000
[  515.586690][   T26] audit: type=1326 audit(2000000368.910:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11670 comm="syz.4.2246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7f1b3939c799 code=0x7ffc0000
[  515.639169][   T26] audit: type=1326 audit(2000000368.910:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11670 comm="syz.4.2246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b3939c799 code=0x7ffc0000
[  515.703649][   T26] audit: type=1326 audit(2000000368.910:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11670 comm="syz.4.2246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b3939c799 code=0x7ffc0000
[  515.728875][   T26] audit: type=1326 audit(2000000368.910:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11670 comm="syz.4.2246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b3939c799 code=0x7ffc0000
[  515.857675][   T26] audit: type=1326 audit(2000000368.910:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11670 comm="syz.4.2246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7f1b3939c799 code=0x7ffc0000
[  515.992126][   T26] audit: type=1326 audit(2000000368.960:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11670 comm="syz.4.2246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b3939c799 code=0x7ffc0000
[  516.062778][   T26] audit: type=1326 audit(2000000368.960:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11670 comm="syz.4.2246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1b3939c799 code=0x7ffc0000
[  517.519746][ T4287] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  521.456584][ T4287] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  526.373075][T11788] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  527.677052][T11853] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  528.839716][ T4287] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  531.556011][T11900] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2314'.
[  532.685578][  T125] kernel write not supported for file /1357/net/snmp6 (pid: 125 comm: kworker/1:2)
[  532.790780][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  532.966248][T11921] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  539.805159][ T4287] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  543.243284][T12007] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  543.286608][   T26] kauditd_printk_skb: 60 callbacks suppressed
[  543.286627][   T26] audit: type=1326 audit(2000000396.980:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12008 comm="syz.2.2348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3abf59c799 code=0x7ffc0000
[  543.323621][T12007] sch_tbf: burst 8 is lower than device syzkaller0 mtu (1514) !
[  543.388530][T12011] tipc: Resetting bearer <eth:syzkaller0>
[  543.448244][   T26] audit: type=1326 audit(2000000397.020:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12008 comm="syz.2.2348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3abf59c799 code=0x7ffc0000
[  543.546783][T12006] tipc: Disabling bearer <eth:syzkaller0>
[  543.590257][   T26] audit: type=1326 audit(2000000397.030:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12008 comm="syz.2.2348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3abf59c799 code=0x7ffc0000
[  543.647357][   T26] audit: type=1326 audit(2000000397.030:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12008 comm="syz.2.2348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3abf59c799 code=0x7ffc0000
[  543.734819][   T26] audit: type=1326 audit(2000000397.030:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12008 comm="syz.2.2348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3abf59c799 code=0x7ffc0000
[  543.845403][   T26] audit: type=1326 audit(2000000397.030:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12008 comm="syz.2.2348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3abf59c799 code=0x7ffc0000
[  543.943896][   T26] audit: type=1326 audit(2000000397.030:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12008 comm="syz.2.2348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3abf59c799 code=0x7ffc0000
[  544.048632][   T26] audit: type=1326 audit(2000000397.030:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12008 comm="syz.2.2348" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3abf59c799 code=0x7ffc0000
[  544.351032][T12039] loop0: detected capacity change from 0 to 256
[  545.120097][   T26] audit: type=1804 audit(2000000398.810:145): pid=12043 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.2357" name="/newroot/502/file0/file0" dev="loop0" ino=1048607 res=1 errno=0
[  545.391718][   T26] audit: type=1804 audit(2000000398.950:146): pid=12039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.2357" name="/newroot/502/file0/file0" dev="loop0" ino=1048607 res=1 errno=0
[  545.749991][T12058] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2362'.
[  545.803563][T12058] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2362'.
[  545.845062][T12061] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  545.870150][T12061] sch_tbf: burst 8 is lower than device syzkaller0 mtu (1514) !
[  545.896925][T12061] tipc: Resetting bearer <eth:syzkaller0>
[  545.959185][T12060] tipc: Disabling bearer <eth:syzkaller0>
[  546.356735][T12073] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2367'.
[  546.526892][T12075] loop0: detected capacity change from 0 to 512
[  548.171544][T12099] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  548.252969][T12099] sch_tbf: burst 8 is lower than device syzkaller0 mtu (1514) !
[  548.296387][T12099] tipc: Resetting bearer <eth:syzkaller0>
[  548.365849][T12097] tipc: Disabling bearer <eth:syzkaller0>
[  550.113545][ T4287] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  552.073064][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  553.122843][ T4287] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  555.119181][ T4287] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  555.313784][ T4287] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  555.881719][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  556.574945][ T4287] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  557.391072][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  559.033875][T12352] netlink: 252 bytes leftover after parsing attributes in process `syz.1.2466'.
[  559.091704][T12352] netem: unknown loss type 5
[  559.112905][T12352] netem: change failed
[  559.610174][T12364] netlink: 'syz.3.2470': attribute type 1 has an invalid length.
[  560.779584][ T4287] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  561.038377][T12406] netlink: 'syz.2.2485': attribute type 1 has an invalid length.
[  563.054697][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  563.062981][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  571.527308][T12526] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2518'.
[  581.620757][T12575] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2532'.
[  582.029089][ T4287] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  582.067281][T12625] capability: warning: `syz.0.2547' uses 32-bit capabilities (legacy support in use)
[  582.511096][ T4287] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  587.782785][ T4287] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  588.039586][T12721] device syzkaller0 entered promiscuous mode
[  588.093898][T12724] sch_tbf: burst 8 is lower than device syzkaller0 mtu (1514) !
[  588.340820][T12731] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  588.379847][T12731] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  588.576387][T12737] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2577'.
[  589.797740][T12748] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  593.336034][T12768] device syzkaller0 entered promiscuous mode
[  596.441097][ T4287] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  597.759219][T12836] device batadv_slave_1 entered promiscuous mode
[  597.780245][T12836] device batadv_slave_1 left promiscuous mode
[  599.362701][ T4287] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  600.433772][T12899] loop1: detected capacity change from 0 to 764
[  602.719819][T12946] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2637'.
[  604.573009][T12987] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2653'.
[  604.877768][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  608.807228][T13023] loop1: detected capacity change from 0 to 8192
[  608.879416][   T26] audit: type=1800 audit(2000000462.570:147): pid=13023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2666" name="file2" dev="loop1" ino=1048609 res=0 errno=0
[  608.906681][T13023] FAT-fs (loop1): error, invalid access to FAT (entry 0x00008114)
[  608.917221][T13023] FAT-fs (loop1): Filesystem has been set read-only
[  608.929174][T13023] syz.1.2666: attempt to access beyond end of device
[  608.929174][T13023] loop1: rw=0, sector=33114, nr_sectors = 1 limit=8192
[  610.248464][T13087] device syzkaller0 entered promiscuous mode
[  611.979484][T13157] overlayfs: failed to resolve './file0': -2
[  612.127970][T13165] netlink: 'syz.3.2713': attribute type 12 has an invalid length.
[  612.139491][T13165] netlink: 'syz.3.2713': attribute type 29 has an invalid length.
[  612.149604][T13165] netlink: 148 bytes leftover after parsing attributes in process `syz.3.2713'.
[  612.472512][T13174] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2717'.
[  612.507237][T13174] dvmrp1: tun_chr_ioctl cmd 1074812118
[  612.839827][T13189] overlayfs: failed to resolve './file0': -2
[  613.843193][T13223] device syzkaller0 entered promiscuous mode
[  617.570544][T13293] device syzkaller0 entered promiscuous mode
[  620.859482][T13337] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2771'.
[  621.105767][T13340] bond4: (slave vcan0): The slave device specified does not support setting the MAC address
[  621.106947][T13340] bond4: (slave vcan0): Error -95 calling set_mac_address
[  621.930192][T13357] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2779'.
[  622.266046][T13364] device syzkaller0 entered promiscuous mode
[  622.509187][T13377] overlayfs: failed to resolve './file0': -2
[  622.600768][T13381] overlayfs: failed to resolve './file0': -2
[  622.855323][ T4287] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  624.481728][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  624.498811][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  625.985549][T13424] loop2: detected capacity change from 0 to 764
[  626.329584][T13431] overlayfs: failed to resolve './file0': -2
[  626.580313][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  626.837612][T13450] device syzkaller0 entered promiscuous mode
[  626.995365][T13457] loop4: detected capacity change from 0 to 764
[  627.155293][ T4287] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  628.854508][T13490] overlayfs: failed to resolve './file0': -2
[  630.789838][T13504] loop3: detected capacity change from 0 to 128
[  630.875773][   T26] audit: type=1800 audit(2000000013.933:148): pid=13504 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2821" name="file2" dev="loop3" ino=1048610 res=0 errno=0
[  630.934688][T13504] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  630.968399][T13504] FAT-fs (loop3): Filesystem has been set read-only
[  630.996360][T13504] FAT-fs (loop3): error, invalid access to FAT (entry 0x00000100)
[  631.026739][T13504] syz.3.2821: attempt to access beyond end of device
[  631.026739][T13504] loop3: rw=2049, sector=2065, nr_sectors = 8 limit=128
[  631.059852][ T4287] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  631.681985][T13528] device syzkaller0 entered promiscuous mode
[  634.648844][T13559] loop3: detected capacity change from 0 to 512
[  635.236668][ T4287] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  635.435904][T13588] device syzkaller0 entered promiscuous mode
[  638.013625][T13626] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  638.023651][T13626] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  638.051407][T13626] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  638.066251][T13626] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  638.086497][ T4289] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  638.094194][ T4289] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  639.793884][T13639] device syzkaller0 entered promiscuous mode
[  640.152346][ T4289] Bluetooth: hci5: command 0x0409 tx timeout
[  642.237740][ T4289] Bluetooth: hci5: command 0x041b tx timeout
[  643.708554][T13665] netlink: 'syz.2.2864': attribute type 12 has an invalid length.
[  643.960812][T13673] device syzkaller0 entered promiscuous mode
[  644.312359][ T4289] Bluetooth: hci5: command 0x040f tx timeout
[  646.394027][ T4289] Bluetooth: hci5: command 0x0419 tx timeout
[  647.480116][T13625] chnl_net:caif_netlink_parms(): no params data found
[  647.554629][ T4289] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  647.594592][ T6021] tipc: Left network mode
[  648.514104][T13711] netlink: 'syz.3.2875': attribute type 12 has an invalid length.
[  649.531315][T13625] bridge0: port 1(bridge_slave_0) entered blocking state
[  649.541378][T13625] bridge0: port 1(bridge_slave_0) entered disabled state
[  649.585405][T13625] device bridge_slave_0 entered promiscuous mode
[  649.652944][T13625] bridge0: port 2(bridge_slave_1) entered blocking state
[  649.660799][T13625] bridge0: port 2(bridge_slave_1) entered disabled state
[  649.700734][T13625] device bridge_slave_1 entered promiscuous mode
[  650.013828][T13625] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  650.066853][T13625] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  650.340406][T13768] device syzkaller0 entered promiscuous mode
[  654.043544][ T6021] bond1: (slave gretap1): Releasing active interface
[  654.127590][T13801] netlink: 'syz.3.2887': attribute type 12 has an invalid length.
[  654.189231][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  654.202026][T13625] team0: Port device team_slave_0 added
[  654.479951][T13813] device syzkaller0 entered promiscuous mode
[  654.502054][T13625] team0: Port device team_slave_1 added
[  658.528512][T13852] device syzkaller0 entered promiscuous mode
[  658.538649][T13865] netlink: 'syz.0.2899': attribute type 12 has an invalid length.
[  658.754043][ T4289] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  661.962000][T13625] batman_adv: batadv0: Adding interface: batadv_slave_0
[  661.990832][T13625] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  662.017838][T13625] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  662.045040][T13625] batman_adv: batadv0: Adding interface: batadv_slave_1
[  662.052735][T13625] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  662.102210][T13625] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  662.161033][T13920] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2909'.
[  663.320816][T13931] netlink: 'syz.2.2910': attribute type 12 has an invalid length.
[  663.488876][ T4289] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  663.514957][ T6021] device hsr_slave_0 left promiscuous mode
[  663.566144][ T6021] device hsr_slave_1 left promiscuous mode
[  663.620648][ T6021] batman_adv: batadv0: Removing interface: batadv_slave_0
[  663.639900][ T6021] batman_adv: batadv0: Removing interface: batadv_slave_1
[  663.663146][ T6021] device bridge_slave_0 left promiscuous mode
[  663.711261][ T6021] bridge0: port 1(bridge_slave_0) entered disabled state
[  663.737330][ T6021] bond3 (unregistering): Released all slaves
[  663.775816][ T6021] bond2 (unregistering): Released all slaves
[  663.806007][ T6021] bond1 (unregistering): Released all slaves
[  665.527327][ T6021] team0 (unregistering): Port device team_slave_1 removed
[  665.572073][ T6021] team0 (unregistering): Port device team_slave_0 removed
[  665.616261][ T6021] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  665.662046][ T6021] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  665.710532][ T6021] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  666.009722][ T6021] bond0 (unregistering): Released all slaves
[  666.085112][T13625] device hsr_slave_0 entered promiscuous mode
[  666.092409][T13625] device hsr_slave_1 entered promiscuous mode
[  666.099283][T13625] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  666.107447][T13625] Cannot create hsr debugfs directory
[  666.127954][T13947] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2913'.
[  666.192470][T13970] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2921'.
[  666.369902][T13976] netlink: 'syz.1.2922': attribute type 12 has an invalid length.
[  666.695640][T13985] device syzkaller0 entered promiscuous mode
[  670.312201][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  670.526990][T14053] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2933'.
[  671.454954][T14061] netlink: 'syz.3.2934': attribute type 12 has an invalid length.
[  671.661786][T14069] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2935'.
[  671.757547][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  672.032877][T13625] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  672.113941][T13625] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  672.159227][T13625] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  672.229245][T13625] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  672.535162][T14088] device syzkaller0 entered promiscuous mode
[  676.442080][T14111] device syzkaller0 entered promiscuous mode
[  677.537425][ T4289] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  681.144010][T14143] netlink: 'syz.0.2944': attribute type 12 has an invalid length.
[  681.220558][T14159] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2948'.
[  681.490556][T13625] 8021q: adding VLAN 0 to HW filter on device bond0
[  681.526041][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  681.579955][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  681.624876][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  681.670044][T13625] 8021q: adding VLAN 0 to HW filter on device team0
[  681.710046][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  681.759165][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  681.793025][T11001] bridge0: port 1(bridge_slave_0) entered blocking state
[  681.800450][T11001] bridge0: port 1(bridge_slave_0) entered forwarding state
[  681.876441][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  681.901107][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  681.911706][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  681.928359][T11001] bridge0: port 2(bridge_slave_1) entered blocking state
[  681.935718][T11001] bridge0: port 2(bridge_slave_1) entered forwarding state
[  681.954975][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  682.076707][T14203] device syzkaller0 entered promiscuous mode
[  682.106276][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  682.141754][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  682.176543][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  682.210397][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  682.425325][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  685.924698][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  685.938702][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  686.856581][T11008] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  686.893852][T11008] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  686.914878][T14242] netlink: 'syz.1.2958': attribute type 12 has an invalid length.
[  686.989914][T13625] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  687.081163][T13625] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  687.163806][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  687.176027][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  687.213248][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  687.238836][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  687.288475][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  687.359413][T14263] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2962'.
[  687.481783][T14257] sch_tbf: burst 8 is lower than device syzkaller0 mtu (1514) !
[  687.749651][T14266] device syzkaller0 entered promiscuous mode
[  687.766561][T14266] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  687.834006][T14280] loop1: detected capacity change from 0 to 128
[  688.055881][ T4289] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  688.155208][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  688.171577][ T1222] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  688.185337][T14288] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2966'.
[  688.208297][ T4289] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  688.299422][T13625] 8021q: adding VLAN 0 to HW filter on device batadv0
[  688.472937][T14304] netlink: 'syz.0.2968': attribute type 12 has an invalid length.
[  688.589001][T14302] fuse: Bad value for 'fd'
[  689.452738][T14312] device syzkaller0 entered promiscuous mode
[  689.672543][T14317] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2974'.
[  689.807737][T14320] loop2: detected capacity change from 0 to 128
[  689.887752][   T26] audit: type=1800 audit(2000000072.943:149): pid=14320 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2975" name="file2" dev="loop2" ino=1048611 res=0 errno=0
[  689.916014][T14320] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  689.935377][T14320] FAT-fs (loop2): Filesystem has been set read-only
[  689.943066][T14320] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  689.951417][T14320] syz.2.2975: attempt to access beyond end of device
[  689.951417][T14320] loop2: rw=2049, sector=2065, nr_sectors = 8 limit=128
[  689.979185][T14323] device syzkaller0 entered promiscuous mode
[  690.021663][T14323] sch_tbf: burst 8 is lower than device syzkaller0 mtu (1514) !
[  690.209251][ T4289] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  690.446429][T14341] netlink: 'syz.1.2980': attribute type 12 has an invalid length.
[  691.319756][T14344] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2981'.
[  691.347789][T14348] fuse: Bad value for 'fd'
[  691.559335][T14353] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  691.568895][T14353] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  691.616802][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  691.643329][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  691.738254][T11008] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  691.782827][T11008] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  691.820302][T11008] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  691.837320][T11008] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  691.943396][T13625] device veth0_vlan entered promiscuous mode
[  691.955281][T14362] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2987'.
[  692.358073][T14369] device syzkaller0 entered promiscuous mode
[  692.393775][T13625] device veth1_vlan entered promiscuous mode
[  694.009506][ T4289] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  695.135667][T14403] overlayfs: missing 'lowerdir'
[  696.988871][T14383] netlink: 'syz.1.2991': attribute type 12 has an invalid length.
[  697.049408][T14398] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2996'.
[  697.259931][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  697.293381][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  697.335437][T13625] device veth0_macvtap entered promiscuous mode
[  697.364026][T13625] device veth1_macvtap entered promiscuous mode
[  697.431523][T14420] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3001'.
[  697.477265][T13625] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  697.505039][T13625] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  697.563942][T13625] batman_adv: batadv0: Interface activated: batadv_slave_0
[  697.751741][T11008] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  697.778088][T11008] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  697.803282][T11008] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  697.834040][T11008] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  697.864841][T14426] sch_tbf: burst 8 is lower than device syzkaller0 mtu (1514) !
[  698.225395][T14432] device syzkaller0 entered promiscuous mode
[  698.295678][T14432] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  699.094489][T14446] netlink: 'syz.2.3008': attribute type 12 has an invalid length.
[  699.251652][T14451] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3010'.
[  699.422847][T14458] fuse: Bad value for 'fd'
[  699.592597][T14452] device syzkaller0 entered promiscuous mode
[  699.842606][ T4287] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  699.854050][ T4287] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  699.864144][ T4287] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  699.874240][ T4287] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  699.883915][ T4287] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  699.891531][ T4287] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  701.919902][ T4289] Bluetooth: hci1: command 0x0409 tx timeout
[  703.461696][T14480] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3017'.
[  703.764890][T14492] netlink: 'syz.1.3019': attribute type 12 has an invalid length.
[  703.993689][ T4289] Bluetooth: hci1: command 0x041b tx timeout
[  704.662711][T14506] fuse: Bad value for 'fd'
[  704.819959][T14467] chnl_net:caif_netlink_parms(): no params data found
[  705.105523][T14515] loop0: detected capacity change from 0 to 128
[  705.182899][   T26] audit: type=1800 audit(2000000088.243:150): pid=14515 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3025" name="file2" dev="loop0" ino=1048612 res=0 errno=0
[  705.213907][T14515] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  705.222737][T14515] FAT-fs (loop0): Filesystem has been set read-only
[  705.229643][T14515] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[  705.263550][T14467] bridge0: port 1(bridge_slave_0) entered blocking state
[  705.270995][T14467] bridge0: port 1(bridge_slave_0) entered disabled state
[  705.280020][T14467] device bridge_slave_0 entered promiscuous mode
[  705.290853][T14467] bridge0: port 2(bridge_slave_1) entered blocking state
[  705.298637][T14467] bridge0: port 2(bridge_slave_1) entered disabled state
[  705.308462][T14515] syz.0.3025: attempt to access beyond end of device
[  705.308462][T14515] loop0: rw=2049, sector=2065, nr_sectors = 8 limit=128
[  705.332841][T14467] device bridge_slave_1 entered promiscuous mode
[  705.405672][T14467] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  705.425229][T14467] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  705.481678][T14467] team0: Port device team_slave_0 added
[  705.548300][T14467] team0: Port device team_slave_1 added
[  705.579517][   T26] audit: type=1326 audit(2000000088.633:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.0.3029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dad99c799 code=0x7ffc0000
[  705.625891][T14467] batman_adv: batadv0: Adding interface: batadv_slave_0
[  705.633099][   T26] audit: type=1326 audit(2000000088.663:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.0.3029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dad99c799 code=0x7ffc0000
[  705.656533][T14467] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  705.693453][   T26] audit: type=1326 audit(2000000088.663:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.0.3029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dad99c799 code=0x7ffc0000
[  705.719712][T14467] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  705.740334][T14532] device syzkaller0 entered promiscuous mode
[  705.747518][   T26] audit: type=1326 audit(2000000088.673:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.0.3029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7dad99e007 code=0x7ffc0000
[  705.775165][T14467] batman_adv: batadv0: Adding interface: batadv_slave_1
[  705.784947][T14467] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  705.812519][   T26] audit: type=1326 audit(2000000088.673:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.0.3029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dad99c799 code=0x7ffc0000
[  705.837629][T14467] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  705.863861][   T26] audit: type=1326 audit(2000000088.673:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.0.3029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dad99c799 code=0x7ffc0000
[  705.918587][T14533] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3030'.
[  705.946703][   T26] audit: type=1326 audit(2000000088.673:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.0.3029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dad99c799 code=0x7ffc0000
[  706.025786][   T26] audit: type=1326 audit(2000000088.673:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.0.3029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f7dad99c799 code=0x7ffc0000
[  706.051183][   T26] audit: type=1326 audit(2000000088.673:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14527 comm="syz.0.3029" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7dad99c799 code=0x7ffc0000
[  706.082977][ T4289] Bluetooth: hci1: command 0x040f tx timeout
[  706.163704][T14467] device hsr_slave_0 entered promiscuous mode
[  706.207209][T14467] device hsr_slave_1 entered promiscuous mode
[  706.228523][T14467] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  706.279913][T14467] Cannot create hsr debugfs directory
[  706.410911][ T4289] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  707.099466][T14552] device syzkaller0 entered promiscuous mode
[  707.271477][T14555] sch_tbf: burst 8 is lower than device syzkaller0 mtu (1514) !
[  707.558209][ T4289] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  707.812232][T14570] netlink: 'syz.1.3041': attribute type 1 has an invalid length.
[  707.990225][T14571] bond5: (slave bridge3): making interface the new active one
[  708.033638][T14571] bond5: (slave bridge3): Enslaving as an active interface with an up link
[  708.162306][ T4289] Bluetooth: hci1: command 0x0419 tx timeout
[  708.183534][T14574] device syzkaller0 entered promiscuous mode
[  708.421742][T14467] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  708.475767][T14467] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  708.638247][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  709.771842][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  710.363734][ T4289] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  711.104479][T14616] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  711.146662][T14616] overlayfs: failed to set xattr on upper
[  711.212186][T14616] overlayfs: ...falling back to index=off,metacopy=off.
[  711.219309][T14616] overlayfs: './file0' not a directory
[  713.110269][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  714.664271][T14467] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  714.715999][T14610] netlink: 'syz.3.3053': attribute type 1 has an invalid length.
[  714.887119][T14467] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  715.159085][T14651] overlayfs: missing 'workdir'
[  715.310405][T14467] 8021q: adding VLAN 0 to HW filter on device bond0
[  715.404931][T14653] capability: warning: `syz.2.3066' uses deprecated v2 capabilities in a way that may be insecure
[  715.454287][T14467] 8021q: adding VLAN 0 to HW filter on device team0
[  715.470888][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  715.511391][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  715.563555][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  715.574320][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  715.589459][T11001] bridge0: port 1(bridge_slave_0) entered blocking state
[  715.598135][T11001] bridge0: port 1(bridge_slave_0) entered forwarding state
[  715.613688][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  715.641900][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  715.671268][T11001] bridge0: port 2(bridge_slave_1) entered blocking state
[  715.678629][T11001] bridge0: port 2(bridge_slave_1) entered forwarding state
[  715.742933][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  715.835320][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  715.845593][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  715.855621][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  715.878066][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  715.884380][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  715.938541][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  715.960296][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  715.973880][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  716.028980][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  716.061666][T14467] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  716.098330][T14467] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  716.131144][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  716.147384][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  716.187188][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  716.767347][T14675] device syzkaller0 entered promiscuous mode
[  716.931624][T14677] netlink: 'syz.0.3073': attribute type 1 has an invalid length.
[  717.203030][T14679] bond8: (slave bridge1): making interface the new active one
[  717.261287][T14679] bond8: (slave bridge1): Enslaving as an active interface with an up link
[  717.311793][T14681] bond8: (slave gretap1): Enslaving as an active interface with an up link
[  717.440906][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  717.462445][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  717.476939][T14467] 8021q: adding VLAN 0 to HW filter on device batadv0
[  718.722775][ T4289] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  718.890068][T14719] device syzkaller0 entered promiscuous mode
[  718.948636][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  718.989618][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  719.103198][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  719.114235][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  719.123788][T14467] device veth0_vlan entered promiscuous mode
[  719.131111][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  719.159815][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  719.206621][T14467] device veth1_vlan entered promiscuous mode
[  719.339693][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  719.361048][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  719.400942][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  719.441855][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  719.471994][T14467] device veth0_macvtap entered promiscuous mode
[  719.520759][T14467] device veth1_macvtap entered promiscuous mode
[  719.576950][T14733] loop1: detected capacity change from 0 to 128
[  719.609307][T14467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  719.663339][T14467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  719.674448][   T26] kauditd_printk_skb: 274 callbacks suppressed
[  719.674466][   T26] audit: type=1800 audit(2000000102.743:434): pid=14733 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3090" name="file2" dev="loop1" ino=1048613 res=0 errno=0
[  719.731693][T14467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  719.762562][T14467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  719.795571][T14467] batman_adv: batadv0: Interface activated: batadv_slave_0
[  719.870852][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  719.915467][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  719.968690][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  719.996690][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  720.024133][T14467] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  720.102355][T14467] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  720.152819][T14467] batman_adv: batadv0: Interface activated: batadv_slave_1
[  720.179952][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  720.196887][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  720.231865][T14467] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  720.251969][T14467] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  720.279903][T14467] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  720.329779][T14467] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  720.589740][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  720.631712][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  720.737701][ T4289] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  720.739374][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  720.803803][ T4330] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  720.826075][ T4330] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  720.840095][T14757] device syzkaller0 entered promiscuous mode
[  720.864196][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  721.138675][T14764] loop3: detected capacity change from 0 to 128
[  721.244533][   T26] audit: type=1800 audit(2000000104.303:435): pid=14764 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3100" name="file2" dev="loop3" ino=1048617 res=0 errno=0
[  721.502385][ T4289] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  721.769985][T14774] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  721.962627][T14777] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3105'.
[  722.005746][T14777] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3105'.
[  722.048397][T14777] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3105'.
[  722.466762][ T4287] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  722.479238][ T4287] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  722.489835][ T4287] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  722.502624][ T4287] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  722.511055][ T4287] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  722.519056][ T4287] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  722.581719][T14794] netlink: 'syz.1.3107': attribute type 1 has an invalid length.
[  722.772922][T14788] chnl_net:caif_netlink_parms(): no params data found
[  722.840283][T14788] bridge0: port 1(bridge_slave_0) entered blocking state
[  722.847629][T14788] bridge0: port 1(bridge_slave_0) entered disabled state
[  722.856681][T14788] device bridge_slave_0 entered promiscuous mode
[  722.866364][T14788] bridge0: port 2(bridge_slave_1) entered blocking state
[  722.875693][T14788] bridge0: port 2(bridge_slave_1) entered disabled state
[  722.893594][T14788] device bridge_slave_1 entered promiscuous mode
[  723.015944][T14788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  723.053979][T14788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  723.172273][T14788] team0: Port device team_slave_0 added
[  723.181054][T14788] team0: Port device team_slave_1 added
[  723.269888][T14810] loop4: detected capacity change from 0 to 128
[  723.283191][T14788] batman_adv: batadv0: Adding interface: batadv_slave_0
[  723.290310][T14788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  723.354660][   T26] audit: type=1800 audit(2000000106.413:436): pid=14810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3113" name="file2" dev="loop4" ino=1048618 res=0 errno=0
[  723.445213][T14788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  723.499397][T14788] batman_adv: batadv0: Adding interface: batadv_slave_1
[  723.544381][T14788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  723.618769][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  723.652577][T14788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  723.766400][T14817] block device autoloading is deprecated and will be removed.
[  723.914954][T14788] device hsr_slave_0 entered promiscuous mode
[  723.960695][T14788] device hsr_slave_1 entered promiscuous mode
[  723.997420][T14788] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  724.017773][T14788] Cannot create hsr debugfs directory
[  724.040570][T14824] netlink: 'syz.3.3117': attribute type 1 has an invalid length.
[  724.140668][T14829] loop1: detected capacity change from 0 to 16
[  724.218491][T14829] erofs: (device loop1): mounted with root inode @ nid 36.
[  724.290875][T14825] bond2: (slave bridge3): making interface the new active one
[  724.341042][T14825] bond2: (slave bridge3): Enslaving as an active interface with an up link
[  724.354064][T14829] syz.1.3118: attempt to access beyond end of device
[  724.354064][T14829] loop1: rw=0, sector=1936876908, nr_sectors = 1 limit=16
[  724.405806][ T4287] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  724.411757][T14829] syz.1.3118: attempt to access beyond end of device
[  724.411757][T14829] loop1: rw=0, sector=3955228672, nr_sectors = 1 limit=16
[  724.527478][T14832] syz.1.3118: attempt to access beyond end of device
[  724.527478][T14832] loop1: rw=0, sector=1936876908, nr_sectors = 1 limit=16
[  724.552514][ T4287] Bluetooth: hci0: command 0x0409 tx timeout
[  724.590029][T14835] netlink: 'syz.3.3120': attribute type 1 has an invalid length.
[  724.619615][T14832] syz.1.3118: attempt to access beyond end of device
[  724.619615][T14832] loop1: rw=0, sector=3955228672, nr_sectors = 1 limit=16
[  724.992651][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  725.038984][T14788] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  725.274438][T14788] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  725.522591][T14788] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  725.809687][T14788] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  725.896687][T14853] sch_tbf: burst 8 is lower than device syzkaller0 mtu (1514) !
[  725.925803][T14863] program syz.3.3128 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  726.088476][T14856] device syzkaller0 entered promiscuous mode
[  726.104109][T14856] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  726.275296][T14867] netlink: 'syz.2.3129': attribute type 1 has an invalid length.
[  726.484265][T14869] bond6: (slave bridge0): making interface the new active one
[  726.526564][T14869] bond6: (slave bridge0): Enslaving as an active interface with an up link
[  726.551029][T14788] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  726.615466][T14788] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  726.632347][ T4287] Bluetooth: hci0: command 0x041b tx timeout
[  726.645264][T14788] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  726.729923][T14874] netlink: 'syz.1.3131': attribute type 1 has an invalid length.
[  726.759408][ T4287] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  726.770925][T14788] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  727.150187][T14788] 8021q: adding VLAN 0 to HW filter on device bond0
[  727.197968][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  727.208658][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  727.233717][T14788] 8021q: adding VLAN 0 to HW filter on device team0
[  727.278589][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  727.295345][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  727.334619][T11001] bridge0: port 1(bridge_slave_0) entered blocking state
[  727.341794][T11001] bridge0: port 1(bridge_slave_0) entered forwarding state
[  727.381713][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  727.439086][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  727.491571][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  727.527126][T11001] bridge0: port 2(bridge_slave_1) entered blocking state
[  727.534478][T11001] bridge0: port 2(bridge_slave_1) entered forwarding state
[  727.597983][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  727.607829][T14889] loop1: detected capacity change from 0 to 512
[  727.705223][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  727.717928][T14889] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 49, start 000000c8)
[  727.746116][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  727.778216][T14889] FAT-fs (loop1): error, invalid access to FAT (entry 0x000000c8)
[  727.821125][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  727.853478][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  727.863139][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  727.877264][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  727.935108][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  727.984003][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  728.049819][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  728.075860][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  728.111834][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  728.175351][T14788] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  728.309935][T14899] device syzkaller0 entered promiscuous mode
[  728.373486][T14899] sch_tbf: burst 8 is lower than device syzkaller0 mtu (1514) !
[  728.590575][T14907] netlink: 'syz.1.3142': attribute type 1 has an invalid length.
[  728.712465][ T4287] Bluetooth: hci0: command 0x040f tx timeout
[  728.872608][T14908] bond6: (slave bridge4): making interface the new active one
[  728.909486][T14908] bond6: (slave bridge4): Enslaving as an active interface with an up link
[  729.523531][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  729.545002][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  729.573837][T14927] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3147'.
[  729.686371][T14788] 8021q: adding VLAN 0 to HW filter on device batadv0
[  729.706426][ T4287] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  729.832347][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  729.926667][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  729.989060][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  730.008290][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  730.062349][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  730.077787][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  730.114090][T14788] device veth0_vlan entered promiscuous mode
[  730.128786][T14940] device syzkaller0 entered promiscuous mode
[  730.155068][T14940] sch_tbf: burst 8 is lower than device syzkaller0 mtu (1514) !
[  730.228845][T14788] device veth1_vlan entered promiscuous mode
[  730.369150][ T4595] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  730.411805][ T4595] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  730.473944][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  730.501751][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  730.577286][T14788] device veth0_macvtap entered promiscuous mode
[  730.624354][T14788] device veth1_macvtap entered promiscuous mode
[  730.703871][T14947] netlink: 'syz.2.3154': attribute type 1 has an invalid length.
[  730.792479][ T4287] Bluetooth: hci0: command 0x0419 tx timeout
[  730.919800][T14788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  730.941781][T14788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  730.962927][T14788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  730.998047][T14788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  731.061303][T14788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  731.075328][T14788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  731.096176][T14788] batman_adv: batadv0: Interface activated: batadv_slave_0
[  731.144991][T14950] bond8: (slave bridge1): making interface the new active one
[  731.175670][T14950] bond8: (slave bridge1): Enslaving as an active interface with an up link
[  731.205236][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  731.224651][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  731.250781][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  731.278075][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  731.308771][T14788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  731.357511][T14788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  731.406759][T14788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  731.442169][T14788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  731.482312][T14788] batman_adv: batadv0: Interface activated: batadv_slave_1
[  731.502315][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  731.520484][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  731.551763][T14788] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  731.571236][T14788] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  731.589520][T14788] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  731.632150][T14788] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  731.859446][T14966] netlink: 'syz.2.3160': attribute type 1 has an invalid length.
[  731.942445][ T4330] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  731.976487][ T4330] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  732.013676][T14969] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3161'.
[  732.133787][T11001] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  732.203490][T11001] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  732.250095][T11001] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  732.269337][T14976] sch_tbf: burst 8 is lower than device syzkaller0 mtu (1514) !
[  732.304149][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  732.788355][T14995] netlink: 'syz.3.3167': attribute type 1 has an invalid length.
[  732.846760][T14979] device syzkaller0 entered promiscuous mode
[  732.853629][T14979] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  733.011930][T14997] bond3: (slave bridge4): making interface the new active one
[  733.039386][T14997] bond3: (slave bridge4): Enslaving as an active interface with an up link
[  733.798307][T15015] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3174'.
[  733.889683][T15016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  733.970130][T15016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  734.031523][T15016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  734.102328][T15016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  734.113694][ T4289] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  734.124716][ T4289] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  734.134201][ T4289] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  734.144186][T15016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  734.155237][T15016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  734.165468][T13626] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  734.166418][T15016] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  734.175525][T13626] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  734.185932][T15016] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  734.191763][T13626] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  734.706864][T15019] chnl_net:caif_netlink_parms(): no params data found
[  735.097549][T15019] bridge0: port 1(bridge_slave_0) entered blocking state
[  735.143962][T15019] bridge0: port 1(bridge_slave_0) entered disabled state
[  735.145338][T15019] device bridge_slave_0 entered promiscuous mode
[  735.162611][T15019] bridge0: port 2(bridge_slave_1) entered blocking state
[  735.162758][T15019] bridge0: port 2(bridge_slave_1) entered disabled state
[  735.164247][T15019] device bridge_slave_1 entered promiscuous mode
[  735.261426][T15019] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  735.295773][T15019] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  735.377595][T15019] team0: Port device team_slave_0 added
[  735.380196][T13626] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  735.408859][T15019] team0: Port device team_slave_1 added
[  735.479614][T15019] batman_adv: batadv0: Adding interface: batadv_slave_0
[  735.479634][T15019] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  735.479662][T15019] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  735.482826][T15019] batman_adv: batadv0: Adding interface: batadv_slave_1
[  735.482845][T15019] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  735.482927][T13626] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  735.486641][T15019] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  735.640203][T15019] device hsr_slave_0 entered promiscuous mode
[  735.695925][T15019] device hsr_slave_1 entered promiscuous mode
[  735.707329][T15019] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  735.707454][T15019] Cannot create hsr debugfs directory
[  736.242774][T13626] Bluetooth: hci5: command 0x0409 tx timeout
[  736.302655][T15045] netlink: 'syz.4.3182': attribute type 1 has an invalid length.
[  736.815520][T15058] netlink: 12 bytes leftover after parsing attributes in process `syz.3.3187'.
[  737.190095][T15019] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  737.244598][T15019] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  737.328072][T15019] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  737.349177][T13626] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  737.373415][T15019] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  737.759034][T15019] 8021q: adding VLAN 0 to HW filter on device bond0
[  737.841358][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  737.874195][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  737.918548][T15019] 8021q: adding VLAN 0 to HW filter on device team0
[  737.982208][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  738.010250][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  738.047218][ T6547] bridge0: port 1(bridge_slave_0) entered blocking state
[  738.054495][ T6547] bridge0: port 1(bridge_slave_0) entered forwarding state
[  738.129189][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  738.197607][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  738.251549][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  738.283633][ T6547] bridge0: port 2(bridge_slave_1) entered blocking state
[  738.290969][ T6547] bridge0: port 2(bridge_slave_1) entered forwarding state
[  738.312389][T13626] Bluetooth: hci5: command 0x041b tx timeout
[  738.371992][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  738.401670][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  738.427857][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  738.454349][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  738.531675][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  738.549592][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  738.580381][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  738.600672][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  738.613382][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  738.653173][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  738.674156][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  738.693397][T15097] netlink: 'syz.0.3198': attribute type 1 has an invalid length.
[  738.705513][T15019] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  739.139722][T15110] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3203'.
[  739.192642][T15112] vxcan1: Master is either lo or non-ether device
[  739.472814][T13626] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  739.811962][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  739.850386][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  739.880046][T15019] 8021q: adding VLAN 0 to HW filter on device batadv0
[  740.037198][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  740.061267][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  740.169428][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  740.221117][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  740.271149][T15019] device veth0_vlan entered promiscuous mode
[  740.283149][T15138] netlink: 'syz.0.3213': attribute type 1 has an invalid length.
[  740.353122][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  740.365614][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  740.392340][T13626] Bluetooth: hci5: command 0x040f tx timeout
[  740.522995][T15019] device veth1_vlan entered promiscuous mode
[  740.684252][T15019] device veth0_macvtap entered promiscuous mode
[  740.723149][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  740.758995][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  740.784193][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  740.810512][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  740.837320][T15019] device veth1_macvtap entered promiscuous mode
[  740.854008][T15147] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3216'.
[  740.938828][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  740.948145][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  741.207410][T15149] device syzkaller0 entered promiscuous mode
[  741.215030][T13626] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  741.230764][T15019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  741.317702][T15019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  741.337050][T15019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  741.389327][T15019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  741.422511][T15019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  741.450893][T15019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  741.479026][T15019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  741.513805][T15019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  741.563498][T15019] batman_adv: batadv0: Interface activated: batadv_slave_0
[  741.586278][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  741.622728][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  741.645407][T15162] qfq: no options
[  742.479680][T13626] Bluetooth: hci5: command 0x0419 tx timeout
[  745.418210][T15019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  745.429389][T15019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  745.443383][T15019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  745.454927][T15019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  745.467440][T15019] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  745.478414][T15019] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  745.490598][T15019] batman_adv: batadv0: Interface activated: batadv_slave_1
[  745.524693][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  745.534803][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  745.596152][T15019] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  745.628116][T15019] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  745.647513][T15019] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  745.675984][T15019] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  745.932578][ T4595] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  745.945189][ T4595] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  746.023118][ T4595] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  746.061364][ T4330] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  746.075281][ T4330] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  746.107892][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  746.628231][T15210] netlink: 12 bytes leftover after parsing attributes in process `syz.0.3228'.
[  746.677823][T15210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  746.708071][T15210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  746.758460][T15210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  746.801943][T15210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  746.828641][T15210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  746.853492][T15210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  746.875177][T15210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  746.904040][T15210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  747.355428][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  747.361818][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  748.292031][ T4287] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  748.312605][ T4287] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  748.333201][ T4287] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  748.343004][ T4287] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  748.351732][ T4287] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  748.359511][ T4287] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  748.933193][T15258] device syzkaller0 entered promiscuous mode
[  749.559316][T15247] chnl_net:caif_netlink_parms(): no params data found
[  749.642623][T15271] qfq: no options
[  749.864467][T15247] bridge0: port 1(bridge_slave_0) entered blocking state
[  749.879540][T15247] bridge0: port 1(bridge_slave_0) entered disabled state
[  749.940956][T15247] device bridge_slave_0 entered promiscuous mode
[  750.013510][T15247] bridge0: port 2(bridge_slave_1) entered blocking state
[  750.020689][T15247] bridge0: port 2(bridge_slave_1) entered disabled state
[  750.063239][T15247] device bridge_slave_1 entered promiscuous mode
[  750.188147][T15247] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  750.232414][T15247] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  750.386976][T15247] team0: Port device team_slave_0 added
[  750.402365][ T4287] Bluetooth: hci2: command 0x0409 tx timeout
[  750.414110][T15247] team0: Port device team_slave_1 added
[  750.511029][T15247] batman_adv: batadv0: Adding interface: batadv_slave_0
[  750.543876][T15247] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  750.614045][T15247] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  750.669052][T15247] batman_adv: batadv0: Adding interface: batadv_slave_1
[  750.679700][T15247] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  750.710768][T15247] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  750.858179][T15247] device hsr_slave_0 entered promiscuous mode
[  750.897808][T15247] device hsr_slave_1 entered promiscuous mode
[  750.944889][T15247] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  750.973551][T15247] Cannot create hsr debugfs directory
[  751.012405][ T4287] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  751.239291][T15305] device syzkaller0 entered promiscuous mode
[  751.468938][ T4287] Bluetooth: hci4: unexpected event 0x2f length: 509 > 260
[  752.052937][T15317] tipc: Started in network mode
[  752.104200][T15317] tipc: Node identity ceed991b9efa, cluster identity 4711
[  752.122583][T15317] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  752.207302][T15318] device syzkaller0 entered promiscuous mode
[  752.245296][T15307] tipc: Resetting bearer <eth:syzkaller0>
[  752.368942][T15307] tipc: Disabling bearer <eth:syzkaller0>
[  752.474133][ T4287] Bluetooth: hci2: command 0x041b tx timeout
[  753.079494][T15346] device syzkaller0 entered promiscuous mode
[  753.418971][T15350] fuse: Bad value for 'fd'
[  753.491958][T15352] netlink: 'syz.0.3271': attribute type 1 has an invalid length.
[  753.524128][T15352] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3271'.
[  753.689631][T15247] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  753.747449][T15247] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  753.773261][T15247] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  753.826468][T15247] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  754.063812][T15365] tipc: Started in network mode
[  754.092383][T15365] tipc: Node identity 8ac4c0fc548, cluster identity 4711
[  754.099898][T15365] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  754.155907][T15368] device syzkaller0 entered promiscuous mode
[  754.194547][T15365] sch_tbf: burst 8 is lower than device syzkaller0 mtu (1514) !
[  754.284509][T15364] tipc: Resetting bearer <eth:syzkaller0>
[  754.376822][T15364] tipc: Disabling bearer <eth:syzkaller0>
[  754.469396][T15247] 8021q: adding VLAN 0 to HW filter on device bond0
[  754.523352][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  754.556807][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  754.564581][ T4287] Bluetooth: hci2: command 0x040f tx timeout
[  754.648848][T15247] 8021q: adding VLAN 0 to HW filter on device team0
[  754.693397][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  754.722703][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  754.750530][T11005] bridge0: port 1(bridge_slave_0) entered blocking state
[  754.757768][T11005] bridge0: port 1(bridge_slave_0) entered forwarding state
[  754.777662][T15381] loop3: detected capacity change from 0 to 16
[  754.795846][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  754.813104][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  754.833465][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  754.864501][T15381] erofs: (device loop3): mounted with root inode @ nid 36.
[  754.873057][T11005] bridge0: port 2(bridge_slave_1) entered blocking state
[  754.880213][T11005] bridge0: port 2(bridge_slave_1) entered forwarding state
[  754.908994][T15381] syz.3.3281: attempt to access beyond end of device
[  754.908994][T15381] loop3: rw=0, sector=1936876908, nr_sectors = 1 limit=16
[  754.940679][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  754.967939][T15381] syz.3.3281: attempt to access beyond end of device
[  754.967939][T15381] loop3: rw=0, sector=3955228672, nr_sectors = 1 limit=16
[  754.983727][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  755.027132][ T4287] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  755.035178][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  755.063692][T15382] syz.3.3281: attempt to access beyond end of device
[  755.063692][T15382] loop3: rw=0, sector=1936876908, nr_sectors = 1 limit=16
[  755.122528][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  755.141206][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  755.170751][T15382] syz.3.3281: attempt to access beyond end of device
[  755.170751][T15382] loop3: rw=0, sector=3955228672, nr_sectors = 1 limit=16
[  755.212870][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  755.252964][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  755.270495][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  755.305596][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  755.350722][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  755.366462][T15389] xt_hashlimit: size too large, truncated to 1048576
[  755.385105][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  755.434107][T15247] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  756.213747][   T26] audit: type=1326 audit(2000000139.273:437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15407 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7709f9c799 code=0x7ffc0000
[  756.323206][   T26] audit: type=1326 audit(2000000139.293:438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15407 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7709f9c799 code=0x7ffc0000
[  756.427690][   T26] audit: type=1326 audit(2000000139.293:439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15407 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7709f9c799 code=0x7ffc0000
[  756.566946][   T26] audit: type=1326 audit(2000000139.303:440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15407 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7709f9e007 code=0x7ffc0000
[  756.629933][   T26] audit: type=1326 audit(2000000139.303:441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15407 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7709f9c799 code=0x7ffc0000
[  756.664766][ T4287] Bluetooth: hci2: command 0x0419 tx timeout
[  756.714871][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  756.724159][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  756.740644][T15247] 8021q: adding VLAN 0 to HW filter on device batadv0
[  756.758732][   T26] audit: type=1326 audit(2000000139.303:442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15407 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7709f9c799 code=0x7ffc0000
[  756.806710][T15413] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  756.824424][T15413] device syzkaller0 entered promiscuous mode
[  756.847432][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  756.859393][   T26] audit: type=1326 audit(2000000139.313:443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15407 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7709f9c799 code=0x7ffc0000
[  756.894523][   T26] audit: type=1326 audit(2000000139.313:444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15407 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7709f9c799 code=0x7ffc0000
[  756.923154][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  756.966314][T15413] sch_tbf: burst 8 is lower than device syzkaller0 mtu (1514) !
[  756.984577][   T26] audit: type=1326 audit(2000000139.313:445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15407 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f7709f9c799 code=0x7ffc0000
[  757.063838][   T26] audit: type=1326 audit(2000000139.323:446): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15407 comm="syz.4.3287" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7709f9c799 code=0x7ffc0000
[  757.099128][T15412] tipc: Resetting bearer <eth:syzkaller0>
[  757.184700][T15412] tipc: Disabling bearer <eth:syzkaller0>
[  757.222735][T15247] device veth0_vlan entered promiscuous mode
[  757.241758][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  757.274078][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  757.313390][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  757.372730][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  757.418906][T15247] device veth1_vlan entered promiscuous mode
[  757.526600][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  757.543258][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  757.595029][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  757.623379][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  757.694964][T15247] device veth0_macvtap entered promiscuous mode
[  757.753267][T11008] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  757.776727][T15247] device veth1_macvtap entered promiscuous mode
[  757.873027][ T4287] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  757.878831][T15247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  757.928363][T15247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  757.969469][T15247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  758.012145][T15247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.044512][T15247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  758.071308][T15247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.103518][T15247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  758.134608][T15247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.168242][T15247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  758.213579][T15247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.271124][T15247] batman_adv: batadv0: Interface activated: batadv_slave_0
[  758.332397][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  758.352683][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  758.418148][T15247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  758.494224][T15247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.540743][T15247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  758.590625][T15247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.632406][T15247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  758.673443][T15247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.722351][T15247] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  758.755722][T15247] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  758.807812][T15247] batman_adv: batadv0: Interface activated: batadv_slave_1
[  758.853084][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  758.893865][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  758.946465][T15247] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  758.975968][T15247] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  759.019937][T15247] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  759.052662][T15247] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  759.359848][T11005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  759.399917][T11005] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  759.432882][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  759.500611][ T6547] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  759.516862][ T6547] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  759.525959][T15436] program syz.4.3295 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  759.576686][T11008] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  759.821660][T15442] device syzkaller0 entered promiscuous mode
[  760.396412][ T4287] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  760.467860][T15453] netlink: 'syz.4.3300': attribute type 12 has an invalid length.
[  761.035044][T15460] loop2: detected capacity change from 0 to 7
[  761.045420][ T4287] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  761.047115][T15242] Dev loop2: unable to read RDB block 7
[  761.071758][T15242]  loop2: AHDI p1 p2 p3
[  761.088237][T15242] loop2: partition table partially beyond EOD, truncated
[  761.113743][T15242] loop2: p1 start 1601398130 is beyond EOD, truncated
[  761.120623][T15242] loop2: p2 start 1702059890 is beyond EOD, truncated
[  761.195749][T15460] Dev loop2: unable to read RDB block 7
[  761.201483][T15460]  loop2: AHDI p1 p2 p3
[  761.216965][T15460] loop2: partition table partially beyond EOD, truncated
[  761.272797][T15460] loop2: p1 start 1601398130 is beyond EOD, truncated
[  761.279997][T15460] loop2: p2 start 1702059890 is beyond EOD, truncated
[  761.694043][T13626] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  761.721074][T13626] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  761.730131][T13626] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  761.739684][T13626] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  761.747493][T13626] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  761.750145][T15467] device syzkaller0 entered promiscuous mode
[  761.760967][ T4289] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  762.493636][T15484] netlink: 'syz.1.3309': attribute type 1 has an invalid length.
[  762.513010][T15484] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3309'.
[  762.545981][T15484] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3309'.
[  762.729309][T15489] device syzkaller0 entered promiscuous mode
[  762.977639][T15496] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3312'.
[  762.997340][T15496] device ip6gre1 entered promiscuous mode
[  763.009182][T15468] chnl_net:caif_netlink_parms(): no params data found
[  763.077714][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  763.345975][T15468] bridge0: port 1(bridge_slave_0) entered blocking state
[  763.402779][T15468] bridge0: port 1(bridge_slave_0) entered disabled state
[  763.431460][T15468] device bridge_slave_0 entered promiscuous mode
[  763.470218][T15468] bridge0: port 2(bridge_slave_1) entered blocking state
[  763.487526][T15468] bridge0: port 2(bridge_slave_1) entered disabled state
[  763.505758][T15468] device bridge_slave_1 entered promiscuous mode
[  763.574949][T15468] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  763.628614][T15468] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  763.754842][T15468] team0: Port device team_slave_0 added
[  763.793200][T15468] team0: Port device team_slave_1 added
[  763.832690][ T4289] Bluetooth: hci3: command 0x0409 tx timeout
[  763.967105][T15468] batman_adv: batadv0: Adding interface: batadv_slave_0
[  764.002192][T15468] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  764.143698][T15468] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  764.177517][T15468] batman_adv: batadv0: Adding interface: batadv_slave_1
[  764.198535][T15468] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  764.304676][T15468] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  764.578194][T15524] device syzkaller0 entered promiscuous mode
[  764.657240][T15536] netlink: 'syz.2.3322': attribute type 1 has an invalid length.
[  764.710843][T15534] tipc: Started in network mode
[  764.722343][T15534] tipc: Node identity 222bc25fc711, cluster identity 4711
[  764.747973][T15534] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  764.804530][T15536] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3322'.
[  764.833823][T15536] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3322'.
[  764.862670][ T4289] Bluetooth: hci5: unexpected event 0x2f length: 509 > 260
[  764.875746][T15539] batman_adv: batadv0: Adding interface: bridge1
[  764.935351][T15539] batman_adv: batadv0: The MTU of interface bridge1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  765.055091][T15539] batman_adv: batadv0: Not using interface bridge1 (retrying later): interface not active
[  765.918180][ T4289] Bluetooth: hci3: command 0x041b tx timeout
[  766.215093][T15550] loop2: detected capacity change from 0 to 7
[  766.234485][T15550] Dev loop2: unable to read RDB block 7
[  766.240164][T15550]  loop2: AHDI p1 p2 p3
[  766.257972][T15550] loop2: partition table partially beyond EOD, truncated
[  766.277577][T15550] loop2: p1 start 1601398130 is beyond EOD, truncated
[  766.295815][T15550] loop2: p2 start 1702059890 is beyond EOD, truncated
[  767.992626][ T4289] Bluetooth: hci3: command 0x040f tx timeout
[  769.653339][T15540] batman_adv: batadv0: Adding interface: gretap1
[  769.659837][T15540] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  769.704722][T15534] tipc: Resetting bearer <eth:syzkaller0>
[  769.715988][T15468] device hsr_slave_0 entered promiscuous mode
[  769.743421][T15468] device hsr_slave_1 entered promiscuous mode
[  769.765117][T15468] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  769.803443][T15468] Cannot create hsr debugfs directory
[  769.812963][T15537] device syzkaller0 entered promiscuous mode
[  769.820280][T15537] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  769.875372][T15530] tipc: Resetting bearer <eth:syzkaller0>
[  769.924795][T15530] tipc: Disabling bearer <eth:syzkaller0>
[  769.932608][ T4289] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  769.951824][ T4325] tipc: Node number set to 3845833311
[  770.072213][ T4289] Bluetooth: hci3: command 0x0419 tx timeout
[  770.174482][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  770.767074][T15587] sctp: [Deprecated]: syz.1.3335 (pid 15587) Use of int in max_burst socket option.
[  770.767074][T15587] Use struct sctp_assoc_value instead
[  771.354140][T15468] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  771.428319][T15601] netlink: 'syz.1.3340': attribute type 1 has an invalid length.
[  771.570757][T15468] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  771.644839][T15604] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3340'.
[  771.665403][T15604] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3340'.
[  771.840292][T15606] device syzkaller0 entered promiscuous mode
[  771.882981][T15601] bond1: (slave bridge1): making interface the new active one
[  771.934717][T15601] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  771.960286][T15468] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  775.677737][T15610] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  775.695174][T15614] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  775.704571][T15609] device syzkaller0 entered promiscuous mode
[  775.728412][T15612] tipc: Resetting bearer <eth:syzkaller0>
[  775.744539][T15468] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  775.832892][T15608] tipc: Resetting bearer <eth:syzkaller0>
[  775.978475][ T4289] Bluetooth: hci5: unexpected event 0x2f length: 509 > 260
[  776.010180][T15608] tipc: Disabling bearer <eth:syzkaller0>
[  776.352718][T15468] 8021q: adding VLAN 0 to HW filter on device bond0
[  776.445354][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  776.453770][T15646] netlink: 'syz.4.3352': attribute type 25 has an invalid length.
[  776.473596][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  776.511574][T15468] 8021q: adding VLAN 0 to HW filter on device team0
[  776.565051][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  776.595911][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  776.624438][ T6547] bridge0: port 1(bridge_slave_0) entered blocking state
[  776.631702][ T6547] bridge0: port 1(bridge_slave_0) entered forwarding state
[  776.689749][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  776.755578][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  776.782971][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  776.826073][ T6547] bridge0: port 2(bridge_slave_1) entered blocking state
[  776.834363][ T6547] bridge0: port 2(bridge_slave_1) entered forwarding state
[  776.871348][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  776.930839][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  776.970387][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  777.005661][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  777.034789][T15655] device syzkaller0 entered promiscuous mode
[  777.097442][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  777.131398][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  777.170746][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  777.194399][T15659] loop1: detected capacity change from 0 to 256
[  777.216051][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  777.241753][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  777.279594][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  777.323290][ T6547] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  777.494337][T15468] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  778.121463][T15678] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  778.179760][T15680] device syzkaller0 entered promiscuous mode
[  778.215940][T15682] overlayfs: failed to resolve './bus': -2
[  778.283874][T15678] tipc: Resetting bearer <eth:syzkaller0>
[  778.352948][T15675] tipc: Resetting bearer <eth:syzkaller0>
[  778.442645][T15687] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  778.463654][T15675] tipc: Disabling bearer <eth:syzkaller0>
[  778.653073][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  778.661433][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  778.687060][T15468] 8021q: adding VLAN 0 to HW filter on device batadv0
[  778.774047][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  778.789012][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  778.878535][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  778.894979][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  778.936929][T15468] device veth0_vlan entered promiscuous mode
[  778.956943][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  778.976662][ T4330] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  779.018775][T15468] device veth1_vlan entered promiscuous mode
[  779.147834][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  779.164307][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  779.227582][T15468] device veth0_macvtap entered promiscuous mode
[  779.278589][T15468] device veth1_macvtap entered promiscuous mode
[  779.303441][T15702] device syzkaller0 entered promiscuous mode
[  779.326164][T15706] loop4: detected capacity change from 0 to 136
[  779.413572][T15468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  779.467716][T15468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  779.512210][T15468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  779.548601][T15468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  779.588077][T15468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  779.609043][T15468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  779.635236][T15468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  779.666448][T15468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  779.682197][T15468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  779.706554][T15468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  779.728254][T15468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  779.753680][T15468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  779.780646][T15468] batman_adv: batadv0: Interface activated: batadv_slave_0
[  779.902182][T15709] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3372'.
[  779.970100][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  779.987407][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  780.003096][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  780.013296][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  780.027109][T15468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  780.038785][T15468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  780.082250][T15468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  780.120989][T15468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  780.164085][T15468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  780.202205][T15468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  780.242194][T15468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  780.293847][T15468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  780.336810][T15468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  780.373300][T15468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  780.407326][T15468] batman_adv: batadv0: Interface activated: batadv_slave_1
[  780.481689][T15722] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  780.539098][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  780.557418][ T4346] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  780.616933][T15468] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  780.642612][T15468] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  780.710564][T15468] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  780.732551][T15468] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  780.748752][ T4289] Bluetooth: hci5: unexpected event 0x2f length: 509 > 260
[  781.009044][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  781.023265][ T6547] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  781.080889][ T6547] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  781.159471][ T4595] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  781.177282][ T4595] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  781.232369][ T4595] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  781.257188][T11005] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  781.340370][T15746] qfq: no options
[  781.359734][T15746] netlink: 'syz.1.3384': attribute type 1 has an invalid length.
[  781.509672][T15748] loop3: detected capacity change from 0 to 128
[  782.860460][T15788] qfq: no options
[  782.880342][T15788] netlink: 'syz.0.3397': attribute type 1 has an invalid length.
[  783.561128][T15800] device syzkaller0 entered promiscuous mode
[  783.739286][T15802] loop0: detected capacity change from 0 to 128
[  785.078979][T15829] overlayfs: failed to get inode (-116)
[  785.104263][T15832] loop0: detected capacity change from 0 to 128
[  785.131800][T15829] overlayfs: failed to get inode (-116)
[  785.522200][   T26] kauditd_printk_skb: 61 callbacks suppressed
[  785.522217][   T26] audit: type=1326 audit(2000000168.573:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15837 comm="syz.3.3416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b32f9c799 code=0x7ffc0000
[  785.564954][T15838] device syzkaller0 entered promiscuous mode
[  785.667758][   T26] audit: type=1326 audit(2000000168.583:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15837 comm="syz.3.3416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b32f9c799 code=0x7ffc0000
[  785.824462][   T26] audit: type=1326 audit(2000000168.613:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15837 comm="syz.3.3416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f8b32f9c799 code=0x7ffc0000
[  785.870045][   T26] audit: type=1326 audit(2000000168.613:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15837 comm="syz.3.3416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b32f9c799 code=0x7ffc0000
[  785.911526][   T26] audit: type=1326 audit(2000000168.613:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15837 comm="syz.3.3416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b32f9c799 code=0x7ffc0000
[  786.000633][   T26] audit: type=1326 audit(2000000168.633:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15837 comm="syz.3.3416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b32f9c799 code=0x7ffc0000
[  786.096909][   T26] audit: type=1326 audit(2000000168.633:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15837 comm="syz.3.3416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b32f9c799 code=0x7ffc0000
[  786.186101][   T26] audit: type=1326 audit(2000000168.633:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15837 comm="syz.3.3416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8b32f5cfce code=0x7ffc0000
[  786.278057][   T26] audit: type=1326 audit(2000000168.633:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15837 comm="syz.3.3416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8b32f5cfce code=0x7ffc0000
[  786.358166][   T26] audit: type=1326 audit(2000000168.633:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15837 comm="syz.3.3416" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b32f9c799 code=0x7ffc0000
[  786.715895][T15868] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3427'.
[  786.727389][T15869] netlink: 60 bytes leftover after parsing attributes in process `syz.4.3426'.
[  787.317052][T15888] device syzkaller0 entered promiscuous mode
[  788.526521][T15917] overlayfs: failed to resolve './bus': -2
[  788.577734][T15920] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3447'.
[  788.642854][T15920] device gretap0 entered promiscuous mode
[  788.704373][T15920] device macvtap1 entered promiscuous mode
[  788.812308][T15925] loop2: detected capacity change from 0 to 7
[  788.834287][T15633] Dev loop2: unable to read RDB block 7
[  788.840076][T15633]  loop2: AHDI p1 p2 p3
[  788.869169][T15633] loop2: partition table partially beyond EOD, truncated
[  788.909418][T15633] loop2: p1 start 1601398130 is beyond EOD, truncated
[  788.940205][T15633] loop2: p2 start 1702059890 is beyond EOD, truncated
[  789.010589][T15925] Dev loop2: unable to read RDB block 7
[  789.023274][T15925]  loop2: AHDI p1 p2 p3
[  789.038306][T15925] loop2: partition table partially beyond EOD, truncated
[  789.087645][T15925] loop2: p1 start 1601398130 is beyond EOD, truncated
[  789.111491][T15925] loop2: p2 start 1702059890 is beyond EOD, truncated
[  789.157262][T15934] loop0: detected capacity change from 0 to 128
[  789.227754][T15934] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  789.333879][T15934] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  789.827524][T15944] device syzkaller0 entered promiscuous mode
[  790.154479][T15954] overlayfs: failed to resolve './bus': -2
[  791.044704][T15972] loop2: detected capacity change from 0 to 256
[  791.493766][ T4289] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  791.546097][T15985] overlayfs: failed to resolve './bus': -2
[  791.664587][T15990] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  791.712851][T15990] device syzkaller0 entered promiscuous mode
[  791.791179][T15990] tipc: Resetting bearer <eth:syzkaller0>
[  791.836289][T15989] tipc: Resetting bearer <eth:syzkaller0>
[  791.965986][T15989] tipc: Disabling bearer <eth:syzkaller0>
[  792.008728][T16002] device syzkaller0 entered promiscuous mode
[  793.042971][T16008] loop2: detected capacity change from 0 to 7
[  793.081031][T16008] Dev loop2: unable to read RDB block 7
[  793.107367][T16008]  loop2: AHDI p1 p2 p3
[  793.123765][T16008] loop2: partition table partially beyond EOD, truncated
[  793.154609][T16008] loop2: p1 start 1601398130 is beyond EOD, truncated
[  793.184604][T16008] loop2: p2 start 1702059890 is beyond EOD, truncated
[  793.891679][T16026] loop2: detected capacity change from 0 to 128
[  794.917237][T16045] loop4: detected capacity change from 0 to 256
[  795.073518][T16049] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  795.086309][T16049] device syzkaller0 entered promiscuous mode
[  795.151625][T16049] tipc: Resetting bearer <eth:syzkaller0>
[  795.204401][T16047] tipc: Resetting bearer <eth:syzkaller0>
[  795.387795][T16047] tipc: Disabling bearer <eth:syzkaller0>
[  796.146736][T16066] netlink: 'syz.0.3502': attribute type 1 has an invalid length.
[  796.435744][T16066] bond1: (slave bridge1): making interface the new active one
[  796.524592][T16066] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  796.625776][T16068] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  796.775500][T16078] loop3: detected capacity change from 0 to 512
[  797.340587][ T4289] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  798.257834][T16093] device syzkaller0 entered promiscuous mode
[  798.804561][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  800.068207][T16129] device syzkaller0 entered promiscuous mode
[  800.423471][T16134] device syzkaller0 entered promiscuous mode
[  800.654304][T16145] loop2: detected capacity change from 0 to 7
[  800.670399][T16145] Dev loop2: unable to read RDB block 7
[  800.670468][T16145]  loop2: AHDI p1 p2 p3
[  800.670495][T16145] loop2: partition table partially beyond EOD, truncated
[  800.671156][T16145] loop2: p1 start 1601398130 is beyond EOD, truncated
[  800.671184][T16145] loop2: p2 start 1702059890 is beyond EOD, truncated
[  800.868266][T16147] loop2: detected capacity change from 0 to 256
[  800.911706][T16151] loop1: detected capacity change from 0 to 128
[  801.316715][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  801.424023][T16160] qfq: no options
[  802.597820][T16197] loop2: detected capacity change from 0 to 128
[  802.783266][T16201] device syzkaller0 entered promiscuous mode
[  802.949011][T16203] qfq: no options
[  803.713239][ T4289] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  804.009806][T16236] device syzkaller0 entered promiscuous mode
[  805.120410][ T4289] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  805.783021][T16280] loop2: detected capacity change from 0 to 128
[  806.231966][T16285] netlink: 'syz.3.3583': attribute type 1 has an invalid length.
[  806.276190][T16286] loop4: detected capacity change from 0 to 256
[  806.687387][T16291] bond1: (slave bridge1): making interface the new active one
[  806.744463][T16291] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  806.866303][T16295] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  807.393303][T16309] device syzkaller0 entered promiscuous mode
[  807.960688][T16339] overlayfs: missing 'lowerdir'
[  808.794486][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  808.800889][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  809.470387][T16384] device syzkaller0 entered promiscuous mode
[  811.291029][T16433] tipc: Started in network mode
[  811.328484][T16433] tipc: Node identity b6169d9858ea, cluster identity 4711
[  811.354401][T16433] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  811.382373][T16437] device syzkaller0 entered promiscuous mode
[  811.460867][T16433] tipc: Resetting bearer <eth:syzkaller0>
[  811.508203][T16432] tipc: Resetting bearer <eth:syzkaller0>
[  811.629375][T16432] tipc: Disabling bearer <eth:syzkaller0>
[  811.943250][T16454] netlink: 'syz.3.3629': attribute type 1 has an invalid length.
[  812.267808][T16461] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3629'.
[  812.463890][T16462] bond2: (slave bridge2): making interface the new active one
[  812.576641][T16462] bond2: (slave bridge2): Enslaving as an active interface with an up link
[  813.513431][T16493] device syzkaller0 entered promiscuous mode
[  814.671446][T16524] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  814.706613][T16524] device syzkaller0 entered promiscuous mode
[  814.738737][T16532] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3655'.
[  814.849628][T16524] tipc: Resetting bearer <eth:syzkaller0>
[  814.913335][T16523] tipc: Resetting bearer <eth:syzkaller0>
[  815.188983][T16523] tipc: Disabling bearer <eth:syzkaller0>
[  815.392886][T16549] device syzkaller0 entered promiscuous mode
[  816.583808][ T4289] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  817.677377][ T4289] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  818.611354][T16630] loop2: detected capacity change from 0 to 7
[  818.657271][T16627] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  818.733860][T16630] Dev loop2: unable to read RDB block 7
[  818.763150][T16630]  loop2: AHDI p1 p2 p3
[  818.767574][T16630] loop2: partition table partially beyond EOD, truncated
[  818.808734][T16627] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  818.885824][T16630] loop2: p1 start 1601398130 is beyond EOD, truncated
[  818.898408][T16627] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  818.999995][T16630] loop2: p2 start 1702059890 is beyond EOD, truncated
[  819.783793][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  819.936929][T16651] device syzkaller0 entered promiscuous mode
[  820.898729][T16667] device syzkaller0 entered promiscuous mode
[  820.932995][T16672] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  821.045537][T16667] sch_tbf: burst 0 is lower than device syzkaller0 mtu (1514) !
[  821.197196][T16667] tipc: Resetting bearer <eth:syzkaller0>
[  821.262659][T16665] tipc: Resetting bearer <eth:syzkaller0>
[  821.413142][T16665] tipc: Disabling bearer <eth:syzkaller0>
[  822.285947][ T4289] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  822.548180][T16709] loop0: detected capacity change from 0 to 256
[  823.405514][ T4289] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  824.444559][ T4287] Bluetooth: hci5: unexpected event 0x2f length: 509 > 260
[  826.232210][ T4287] Bluetooth: hci1: command 0x0406 tx timeout
[  826.616591][T16767] loop0: detected capacity change from 0 to 256
[  826.914700][T16767] syz.0.3724: attempt to access beyond end of device
[  826.914700][T16767] loop0: rw=0, sector=260, nr_sectors = 4 limit=256
[  827.681036][T16786] loop2: detected capacity change from 0 to 7
[  827.713895][T15633] Dev loop2: unable to read RDB block 7
[  827.719707][T15633]  loop2: AHDI p1 p2 p3
[  827.738593][T15633] loop2: partition table partially beyond EOD, truncated
[  827.787050][T15633] loop2: p1 start 1601398130 is beyond EOD, truncated
[  827.821271][T15633] loop2: p2 start 1702059890 is beyond EOD, truncated
[  827.849850][T16786] Dev loop2: unable to read RDB block 7
[  827.862165][T16786]  loop2: AHDI p1 p2 p3
[  827.866431][T16786] loop2: partition table partially beyond EOD, truncated
[  827.918442][T16786] loop2: p1 start 1601398130 is beyond EOD, truncated
[  827.942299][T16786] loop2: p2 start 1702059890 is beyond EOD, truncated
[  828.820375][T16812] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  829.330591][ T4287] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  829.709511][T16831] loop3: detected capacity change from 0 to 1764
[  829.784794][T16835] loop2: detected capacity change from 0 to 7
[  829.793216][T15633] Dev loop2: unable to read RDB block 7
[  829.798861][T15633]  loop2: AHDI p1 p2 p3
[  829.834482][T15633] loop2: partition table partially beyond EOD, truncated
[  829.905718][T15633] loop2: p1 start 1601398130 is beyond EOD, truncated
[  829.951103][T15633] loop2: p2 start 1702059890 is beyond EOD, truncated
[  830.002863][T16835] Dev loop2: unable to read RDB block 7
[  830.008639][T16835]  loop2: AHDI p1 p2 p3
[  830.033053][T16835] loop2: partition table partially beyond EOD, truncated
[  830.069126][T16835] loop2: p1 start 1601398130 is beyond EOD, truncated
[  830.104430][T16835] loop2: p2 start 1702059890 is beyond EOD, truncated
[  830.754484][ T4287] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  831.486742][T16872] loop3: detected capacity change from 0 to 256
[  831.571572][T16874] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  831.608835][T16874] device syzkaller0 entered promiscuous mode
[  831.643995][T16874] sch_tbf: burst 0 is lower than device syzkaller0 mtu (1514) !
[  831.681191][T16874] tipc: Resetting bearer <eth:syzkaller0>
[  831.718111][T16873] tipc: Resetting bearer <eth:syzkaller0>
[  831.801957][T16873] tipc: Disabling bearer <eth:syzkaller0>
[  831.847804][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  832.696526][T16910] loop2: detected capacity change from 0 to 136
[  832.812456][T16910] rock: directory entry would overflow storage
[  832.836431][ T4287] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  832.847543][T16910] rock: sig=0x4f50, size=4, remaining=3
[  832.908744][T16910] iso9660: Corrupted directory entry in block 2 of inode 1472
[  833.512851][T16927] loop2: detected capacity change from 0 to 256
[  834.873281][T16958] overlayfs: missing 'lowerdir'
[  834.890095][T16956] device syzkaller0 entered promiscuous mode
[  835.556296][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  836.282566][ T4287] Bluetooth: hci1: unexpected event 0x2f length: 509 > 260
[  836.863110][T16985] loop2: detected capacity change from 0 to 7
[  836.955134][T16985] Dev loop2: unable to read RDB block 7
[  836.980480][T16985]  loop2: AHDI p1 p2 p3
[  837.005241][T16985] loop2: partition table partially beyond EOD, truncated
[  837.036644][T16985] loop2: p1 start 1601398130 is beyond EOD, truncated
[  837.072251][T16985] loop2: p2 start 1702059890 is beyond EOD, truncated
[  837.544707][T17005] device syzkaller0 entered promiscuous mode
[  837.837538][T17009] device syzkaller0 entered promiscuous mode
[  838.334543][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  838.480468][ T4287] Bluetooth: hci0: unexpected event 0x2f length: 509 > 260
[  840.136874][T17050] device syzkaller0 entered promiscuous mode
[  841.874354][ T4287] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  841.966817][ T4287] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  844.499364][T17113] device syzkaller0 entered promiscuous mode
[  844.595966][T17116] loop2: detected capacity change from 0 to 7
[  844.638382][T17116] Dev loop2: unable to read RDB block 7
[  844.662687][T17116]  loop2: AHDI p1 p2 p3
[  844.702283][T17116] loop2: partition table partially beyond EOD, truncated
[  844.732896][T17116] loop2: p1 start 1601398130 is beyond EOD, truncated
[  844.766840][T17116] loop2: p2 start 1702059890 is beyond EOD, truncated
[  846.678639][ T4289] Bluetooth: hci2: unexpected event 0x2f length: 509 > 260
[  846.712405][ T4289] Bluetooth: hci0: command 0x0406 tx timeout
[  846.997879][ T4289] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  847.671118][   T79] ==================================================================
[  847.688958][   T79] BUG: KASAN: slab-out-of-bounds in drop_buffers+0x65/0x6a0
[  847.696442][   T79] Read of size 4 at addr ffff88802f0260e0 by task kswapd0/79
[  847.703877][   T79] 
[  847.706264][   T79] CPU: 0 PID: 79 Comm: kswapd0 Not tainted syzkaller #0
[  847.713303][   T79] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  847.723545][   T79] Call Trace:
[  847.726909][   T79]  <TASK>
[  847.729934][   T79]  dump_stack_lvl+0x188/0x24e
[  847.734793][   T79]  ? __lock_acquire+0x7d10/0x7d10
[  847.740132][   T79]  ? show_regs_print_info+0x12/0x12
[  847.745607][   T79]  ? load_image+0x400/0x400
[  847.750265][   T79]  ? _raw_spin_lock_irqsave+0xbc/0x100
[  847.756073][   T79]  ? __virt_addr_valid+0x188/0x540
[  847.761367][   T79]  ? __virt_addr_valid+0x465/0x540
[  847.766570][   T79]  ? drop_buffers+0x65/0x6a0
[  847.771517][   T79]  print_report+0xa8/0x210
[  847.775994][   T79]  kasan_report+0x10b/0x140
[  847.780672][   T79]  ? drop_buffers+0x65/0x6a0
[  847.785489][   T79]  kasan_check_range+0x235/0x290
[  847.791121][   T79]  drop_buffers+0x65/0x6a0
[  847.795631][   T79]  try_to_free_buffers+0x205/0x520
[  847.801005][   T79]  shrink_folio_list+0x2127/0x7aa0
[  847.806306][   T79]  ? reclaim_clean_pages_from_list+0xb30/0xb30
[  847.812884][   T79]  ? isolate_folios+0x568a/0x6330
[  847.818545][   T79]  ? mark_lock+0x94/0x320
[  847.823068][   T79]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  847.829131][   T79]  ? lock_chain_count+0x20/0x20
[  847.834061][   T79]  ? reset_ctrl_pos+0x72b/0x7b0
[  847.838988][   T79]  ? _raw_spin_unlock_irq+0x1f/0x40
[  847.844256][   T79]  ? lockdep_hardirqs_on+0x94/0x140
[  847.849629][   T79]  evict_folios+0xa80/0x22a0
[  847.854619][   T79]  ? verify_lock_unused+0x140/0x140
[  847.859997][   T79]  ? folio_inc_gen+0x400/0x400
[  847.864833][   T79]  ? __lock_acquire+0x7d10/0x7d10
[  847.869953][   T79]  ? should_run_aging+0x486/0x550
[  847.875066][   T79]  shrink_lruvec+0xc90/0x3d50
[  847.879911][   T79]  ? mem_cgroup_shrink_node+0x710/0x710
[  847.885621][   T79]  ? __lock_acquire+0x7d10/0x7d10
[  847.890809][   T79]  ? __might_sleep+0xd0/0xd0
[  847.895690][   T79]  ? percpu_ref_put+0x19/0x180
[  847.900661][   T79]  ? mem_cgroup_calculate_protection+0x4c/0x3f0
[  847.907694][   T79]  ? mem_cgroup_iter+0x37/0x4a0
[  847.912800][   T79]  ? shrink_node+0x680/0x28d0
[  847.918203][   T79]  ? kswapd+0x1c3e/0x3360
[  847.922740][   T79]  ? kswapd+0xa4f/0x3360
[  847.927185][   T79]  ? kswapd+0x1761/0x3360
[  847.931620][   T79]  ? kswapd_run+0x160/0x160
[  847.936222][   T79]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  847.942736][   T79]  ? wake_bit_function+0x200/0x200
[  847.948244][   T79]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  847.954845][   T79]  ? __kthread_parkme+0x162/0x1c0
[  847.961290][   T79]  ? kthread+0x29d/0x330
[  847.966395][   T79]  ? kswapd_run+0x160/0x160
[  847.971219][   T79]  ? kthread_blkcg+0xd0/0xd0
[  847.976401][   T79]  ? ret_from_fork+0x1f/0x30
[  847.981846][   T79]  </TASK>
[  847.985024][   T79] 
[  847.987607][   T79] Allocated by task 15381:
[  847.992085][   T79]  kasan_set_track+0x4b/0x70
[  847.997023][   T79]  __kasan_kmalloc+0x8e/0xa0
[  848.002700][   T79]  __kmalloc+0xb0/0x240
[  848.007347][   T79]  iomap_page_create+0x14a/0x600
[  848.013904][   T79]  iomap_readpage_iter+0x240/0x8f0
[  848.019644][   T79]  iomap_read_folio+0x332/0x8c0
[  848.025424][   T79]  filemap_read_folio+0x16b/0x770
[  848.030953][   T79]  do_read_cache_folio+0x2a0/0x760
[  848.037106][   T79]  erofs_bread+0x18e/0x670
[  848.042331][   T79]  erofs_namei+0x29c/0xf50
[  848.047781][   T79]  erofs_lookup+0x14b/0x390
[  848.052456][   T79]  path_openat+0xfce/0x2ee0
[  848.057831][   T79]  do_filp_open+0x1f1/0x430
[  848.063188][   T79]  do_sys_openat2+0x150/0x4b0
[  848.070715][   T79]  __x64_sys_openat+0x135/0x160
[  848.075813][   T79]  do_syscall_64+0x4c/0xa0
[  848.083176][   T79]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  848.092542][   T79] 
[  848.095620][   T79] Last potentially related work creation:
[  848.102508][   T79]  kasan_save_stack+0x3a/0x60
[  848.108891][   T79]  __kasan_record_aux_stack+0xb2/0xc0
[  848.114684][   T79]  kvfree_call_rcu+0x103/0x870
[  848.120337][   T79]  cfg80211_update_known_bss+0x178/0xa20
[  848.129484][   T79]  cfg80211_bss_update+0x15f/0x2250
[  848.135876][   T79]  cfg80211_inform_bss_frame_data+0x9ec/0x1390
[  848.142917][   T79]  ieee80211_bss_info_update+0x738/0xc80
[  848.148807][   T79]  ieee80211_ibss_rx_queued_mgmt+0x189d/0x2cd0
[  848.156157][   T79]  ieee80211_iface_work+0x726/0xc80
[  848.162278][   T79]  cfg80211_wiphy_work+0x221/0x260
[  848.168372][   T79]  process_one_work+0x8a2/0x1160
[  848.173853][   T79]  worker_thread+0xaa2/0x1270
[  848.179091][   T79]  kthread+0x29d/0x330
[  848.185591][   T79]  ret_from_fork+0x1f/0x30
[  848.190528][   T79] 
[  848.192990][   T79] Second to last potentially related work creation:
[  848.200313][   T79]  kasan_save_stack+0x3a/0x60
[  848.205820][   T79]  __kasan_record_aux_stack+0xb2/0xc0
[  848.211721][   T79]  kvfree_call_rcu+0x103/0x870
[  848.216712][   T79]  cfg80211_update_known_bss+0x178/0xa20
[  848.222760][   T79]  cfg80211_bss_update+0x15f/0x2250
[  848.228404][   T79]  cfg80211_inform_bss_frame_data+0x9ec/0x1390
[  848.236674][   T79]  ieee80211_bss_info_update+0x738/0xc80
[  848.242620][   T79]  ieee80211_ibss_rx_queued_mgmt+0x189d/0x2cd0
[  848.248878][   T79]  ieee80211_iface_work+0x726/0xc80
[  848.254647][   T79]  cfg80211_wiphy_work+0x221/0x260
[  848.260046][   T79]  process_one_work+0x8a2/0x1160
[  848.265517][   T79]  worker_thread+0xaa2/0x1270
[  848.270402][   T79]  kthread+0x29d/0x330
[  848.274711][   T79]  ret_from_fork+0x1f/0x30
[  848.279207][   T79] 
[  848.281693][   T79] The buggy address belongs to the object at ffff88802f026080
[  848.281693][   T79]  which belongs to the cache kmalloc-96 of size 96
[  848.296019][   T79] The buggy address is located 0 bytes to the right of
[  848.296019][   T79]  96-byte region [ffff88802f026080, ffff88802f0260e0)
[  848.310052][   T79] 
[  848.312505][   T79] The buggy address belongs to the physical page:
[  848.319177][   T79] page:ffffea0000bc0980 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2f026
[  848.329564][   T79] flags: 0xfff00000000200(slab|node=0|zone=1|lastcpupid=0x7ff)
[  848.339105][   T79] raw: 00fff00000000200 ffffea0001de4080 dead000000000005 ffff888017441780
[  848.348849][   T79] raw: 0000000000000000 0000000000200020 00000001ffffffff 0000000000000000
[  848.357751][   T79] page dumped because: kasan: bad access detected
[  848.364567][   T79] page_owner tracks the page as allocated
[  848.371264][   T79] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x112cc0(GFP_USER|__GFP_NOWARN|__GFP_NORETRY), pid 125, tgid 125 (kworker/1:2), ts 91619529255, free_ts 91609621864
[  848.390285][   T79]  post_alloc_hook+0x173/0x1a0
[  848.395277][   T79]  get_page_from_freelist+0x1a1e/0x1ab0
[  848.401840][   T79]  __alloc_pages+0x1ec/0x4f0
[  848.407277][   T79]  alloc_slab_page+0x5d/0x160
[  848.412315][   T79]  new_slab+0x87/0x2c0
[  848.416508][   T79]  ___slab_alloc+0xbc6/0x1240
[  848.421252][   T79]  __kmem_cache_alloc_node+0x1a0/0x260
[  848.427097][   T79]  kmalloc_trace+0x26/0xe0
[  848.431793][   T79]  nsim_fib_event_work+0x891/0x3450
[  848.437521][   T79]  process_one_work+0x8a2/0x1160
[  848.442578][   T79]  worker_thread+0xd27/0x1270
[  848.447493][   T79]  kthread+0x29d/0x330
[  848.452118][   T79]  ret_from_fork+0x1f/0x30
[  848.456725][   T79] page last free stack trace:
[  848.461481][   T79]  free_unref_page_prepare+0x8b4/0x9a0
[  848.467158][   T79]  free_unref_page+0x2e/0x3f0
[  848.471927][   T79]  __unfreeze_partials+0x1a5/0x200
[  848.477423][   T79]  put_cpu_partial+0x17c/0x250
[  848.482279][   T79]  qlist_free_all+0x76/0xe0
[  848.487138][   T79]  kasan_quarantine_reduce+0x144/0x160
[  848.492727][   T79]  __kasan_slab_alloc+0x1e/0x80
[  848.498311][   T79]  slab_post_alloc_hook+0x4b/0x480
[  848.503564][   T79]  kmem_cache_alloc_node+0x14d/0x320
[  848.509081][   T79]  __alloc_skb+0xfc/0x7e0
[  848.513702][   T79]  alloc_skb_with_frags+0xa7/0x710
[  848.518992][   T79]  sock_alloc_send_pskb+0x87f/0x9a0
[  848.524390][   T79]  unix_dgram_sendmsg+0x539/0x16e0
[  848.529787][   T79]  __sys_sendto+0x497/0x650
[  848.534417][   T79]  __x64_sys_sendto+0xda/0xf0
[  848.539451][   T79]  do_syscall_64+0x4c/0xa0
[  848.544649][   T79] 
[  848.547088][   T79] Memory state around the buggy address:
[  848.552911][   T79]  ffff88802f025f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  848.561231][   T79]  ffff88802f026000: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[  848.569507][   T79] >ffff88802f026080: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc
[  848.577663][   T79]                                                        ^
[  848.584988][   T79]  ffff88802f026100: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc
[  848.593403][   T79]  ffff88802f026180: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc
[  848.601568][   T79] ==================================================================
[  850.590222][   T79] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  850.597613][   T79] CPU: 1 PID: 79 Comm: kswapd0 Not tainted syzkaller #0
[  850.604778][   T79] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  850.615081][   T79] Call Trace:
[  850.618401][   T79]  <TASK>
[  850.621411][   T79]  dump_stack_lvl+0x188/0x24e
[  850.626320][   T79]  ? memcpy+0x3c/0x60
[  850.630367][   T79]  ? show_regs_print_info+0x12/0x12
[  850.635901][   T79]  ? load_image+0x400/0x400
[  850.640478][   T79]  panic+0x2e5/0x730
[  850.644640][   T79]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  850.651121][   T79]  ? bpf_jit_dump+0xd0/0xd0
[  850.655782][   T79]  ? _raw_spin_unlock_irqrestore+0x10d/0x120
[  850.661912][   T79]  ? _raw_spin_unlock+0x40/0x40
[  850.666823][   T79]  check_panic_on_warn+0x80/0xa0
[  850.672026][   T79]  ? drop_buffers+0x65/0x6a0
[  850.676776][   T79]  end_report+0x66/0x110
[  850.681108][   T79]  kasan_report+0x118/0x140
[  850.685656][   T79]  ? drop_buffers+0x65/0x6a0
[  850.690723][   T79]  kasan_check_range+0x235/0x290
[  850.695727][   T79]  drop_buffers+0x65/0x6a0
[  850.700307][   T79]  try_to_free_buffers+0x205/0x520
[  850.705459][   T79]  shrink_folio_list+0x2127/0x7aa0
[  850.710718][   T79]  ? reclaim_clean_pages_from_list+0xb30/0xb30
[  850.717181][   T79]  ? isolate_folios+0x568a/0x6330
[  850.722254][   T79]  ? mark_lock+0x94/0x320
[  850.726730][   T79]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  850.732750][   T79]  ? lock_chain_count+0x20/0x20
[  850.737658][   T79]  ? reset_ctrl_pos+0x72b/0x7b0
[  850.742809][   T79]  ? _raw_spin_unlock_irq+0x1f/0x40
[  850.748204][   T79]  ? lockdep_hardirqs_on+0x94/0x140
[  850.754086][   T79]  evict_folios+0xa80/0x22a0
[  850.758809][   T79]  ? verify_lock_unused+0x140/0x140
[  850.764852][   T79]  ? folio_inc_gen+0x400/0x400
[  850.770050][   T79]  ? __lock_acquire+0x7d10/0x7d10
[  850.775336][   T79]  ? should_run_aging+0x486/0x550
[  850.781824][   T79]  shrink_lruvec+0xc90/0x3d50
[  850.786834][   T79]  ? mem_cgroup_shrink_node+0x710/0x710
[  850.792589][   T79]  ? __lock_acquire+0x7d10/0x7d10
[  850.798409][   T79]  ? __might_sleep+0xd0/0xd0
[  850.804445][   T79]  ? percpu_ref_put+0x19/0x180
[  850.809903][   T79]  ? mem_cgroup_calculate_protection+0x4c/0x3f0
[  850.816491][   T79]  ? mem_cgroup_iter+0x37/0x4a0
[  850.821411][   T79]  ? shrink_node+0x680/0x28d0
[  850.826398][   T79]  ? kswapd+0x1c3e/0x3360
[  850.831576][   T79]  ? kswapd+0xa4f/0x3360
[  850.836078][   T79]  ? kswapd+0x1761/0x3360
[  850.840654][   T79]  ? kswapd_run+0x160/0x160
[  850.845942][   T79]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  850.851997][   T79]  ? wake_bit_function+0x200/0x200
[  850.857505][   T79]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  850.863972][   T79]  ? __kthread_parkme+0x162/0x1c0
[  850.869883][   T79]  ? kthread+0x29d/0x330
[  850.874317][   T79]  ? kswapd_run+0x160/0x160
[  850.879053][   T79]  ? kthread_blkcg+0xd0/0xd0
[  850.884483][   T79]  ? ret_from_fork+0x1f/0x30
[  850.889574][   T79]  </TASK>
[  850.893275][   T79] Kernel Offset: disabled
[  850.898183][   T79] Rebooting in 86400 seconds..