last executing test programs:

13m26.00208964s ago: executing program 4 (id=17446):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
sendmmsg$sock(r0, &(0x7f0000000340)=[{{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000080)="05000000eeca06ad54c456350da0a5f21f55e46e", 0x14}, {&(0x7f00000006c0)="26373bfbfe0bcd2f21b430a9d6cd4fd9a216e32f557f9588a614cec91e8d9eee55317b45873b6230e05071b9f977882b9edec2c3527d4606f774e9dc1ca4f3517ebefbe0243c4bb28f540f0844a3f6d56e42d886e5ac59c95daaa8a73505bcae3b7bb2fe1f8d9bea7103f1b1cb144c1e19a52c4ad963843d322e345f0e56841d890dd8ebf581d01c74ee46188d0fa21bdfcb8cca1fd0d61fd2ce69fc13a5c0280a3976af76adecd0f0434df8cf0ca55bd8dded18ecefdea7900af0ea3b7855468c265729f3eed7720dec581c4446d246aedaf82d726be5207d6b8e78b012a51afb6ac48740ee5f30311e5c031eeffb39bb32c00958ab21968f070000", 0xfc}], 0x2}}], 0x1, 0x0)

13m25.861178881s ago: executing program 4 (id=17450):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r1=>0x0}, &(0x7f0000001080)=0x4)
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000000c0)={0x1, 0x4, 0xffffffff, 0x5, r1}, &(0x7f0000000100)=0x10)

13m25.777643154s ago: executing program 4 (id=17454):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x5, 0x4, 0x4, 0x9, 0x0, 0x1}, 0x5c)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r1}, 0xc)

13m25.700419288s ago: executing program 4 (id=17456):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0x200, 0x0)
fanotify_mark(r1, 0x2d, 0x8000000, r0, 0x0)

13m25.492498524s ago: executing program 4 (id=17463):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x8fff, 0x0)

13m25.359952656s ago: executing program 4 (id=17466):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f00000003c0)='./bus\x00', &(0x7f0000000540)='system.posix_acl_access\x00', &(0x7f0000000580)={{}, {}, [{}], {}, [], {0x10, 0x1}}, 0x2c, 0x1)
getxattr(&(0x7f0000000140)='./bus\x00', &(0x7f00000001c0)=@known='system.posix_acl_access\x00', &(0x7f0000000400)=""/254, 0x145)

13m9.201135854s ago: executing program 32 (id=17466):
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
lsetxattr$system_posix_acl(&(0x7f00000003c0)='./bus\x00', &(0x7f0000000540)='system.posix_acl_access\x00', &(0x7f0000000580)={{}, {}, [{}], {}, [], {0x10, 0x1}}, 0x2c, 0x1)
getxattr(&(0x7f0000000140)='./bus\x00', &(0x7f00000001c0)=@known='system.posix_acl_access\x00', &(0x7f0000000400)=""/254, 0x145)

7m35.855856981s ago: executing program 2 (id=25874):
r0 = socket$inet6(0xa, 0x800000000000002, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000340)=0x63ba, 0x4)
setsockopt$inet6_int(r0, 0x29, 0x4a, &(0x7f0000000040)=0x81, 0x4)
sendmmsg$inet6(r0, &(0x7f0000000580)=[{{&(0x7f0000000080)={0xa, 0x4e20, 0x6, @local, 0x7}, 0x1c, 0x0}}], 0x1, 0x24000000)
recvmmsg(r0, &(0x7f0000000940)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000001f80)=""/130, 0x82}, 0xdb30}], 0x1, 0x40002042, 0x0)

7m35.682130346s ago: executing program 2 (id=25877):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x401, @loopback}], 0x1c)
sendto$inet6(r0, &(0x7f0000000100)="b8", 0xffe0, 0x2000c851, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @loopback, 0xffffffff}, 0x1c)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000080)={0x0, 0x4, 0x1, '\\'}, 0x9)

7m35.272113075s ago: executing program 2 (id=25883):
setgroups(0x0, 0x0)
getgroups(0x1, &(0x7f0000000080)=[<r0=>0xee00])
setregid(r0, r0)
capset(&(0x7f0000000000)={0x20071026}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x83, 0xffffffff})
fchmodat(0xffffffffffffff9c, &(0x7f0000000300)='.\x00', 0xa2)

7m35.072731614s ago: executing program 2 (id=25886):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000000280)='./file0/file0\x00', &(0x7f00000002c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
umount2(0x0, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)

7m34.876680281s ago: executing program 2 (id=25889):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000040)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00001b1000/0x4000)=nil, 0x400000, 0x2, 0x2})
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

7m33.823334681s ago: executing program 2 (id=25910):
socket$kcm(0x10, 0x7, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x0, 0x800, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4004084}, 0x24004014)

7m33.420850525s ago: executing program 33 (id=25910):
socket$kcm(0x10, 0x7, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x0, 0x800, 0x70bd27, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4004084}, 0x24004014)

6m2.457991291s ago: executing program 5 (id=27965):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000040)={0x0, 0x1c, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}]}, &(0x7f0000000180)=0x10)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)=ANY=[@ANYBLOB='$\x00'], 0x24}], 0x1}, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000200)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r2, @in6={{0xa, 0x0, 0x0, @rand_addr=' \x01\x00'}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd}, &(0x7f00000001c0)=0x9c)

6m1.421988179s ago: executing program 5 (id=27995):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000040)=0x7, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
recvmmsg(r0, &(0x7f0000000600)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)=""/70, 0x46}}], 0x1, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

6m0.468167361s ago: executing program 5 (id=28020):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xd53})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f00000000c0)={"49841ada71cfe011e10532489ef0a3127f9f67568978975321ebdb7108d333a8df648f920da594ae3a327a3f1292465c016dbc5261414bd85acd87473d61390f4bbded57a902b5deb9c23c641914f6b147db6146e946ce31b52ff43219cbc1574ebc8f47d0d2a02b89dc02c49f25471af4f2435dd40d0481fe6f0124e4aa9849c9b8358074976ba0dd502c77e65623e41c8ce041fe7058274e54be3d84f5aa382e9032df7a279d491a51e7480061ebb983305b23e584f6b47af6d615b2f0a182d7c0095f222a4a176472ebbd1021d2eb285ff99ea7601c4e25ecd4c055c59c3964e30b2f8567d69324b6828cc0e9c3528f1f4e27527d98bca370c165bfd88348ca0eb405029367247b738c6cce89e3efd4479d8f2fc7dbd015046860acb8a71106b920b09e661065bf765a03317feb4f54d4382ac41850982313319363b14557a5b8a18d60e425b3db6bcd35b03c810c9d398c9d91902878258419a4b02fc4bdc3b69da6c5c27f5a507005a24a3fef74f0b287c3a4cd1517537dc8cf5cf0efd75c11e803e972ecc24c500cc49001f231f74f7120f55004d5621655ba535c8c8a91d2fec5656526974aef9f08d835f6c3c7c570d047312da759708349121ee9f7078926baa412b4ae8076f6b7f2bf46ffe08878e0281bb42ace8eca796933daf7f65530e30eb6b0695a450e50aea20fcabb5fca187f8ee62b93dee581774cefb953b396e5b8a1e3cc1062b001082aa5a434d9f03407c4239d0fcb779eba5a32f473d142ac92042c2b140f12a0181a4d98a0a5a1c80de2363a80dfc365d26e0332ee63e84500f086fffded2d72500cfb5b3b16aefef5d5808f29e1c572df8af9ca90b714fe6c71a1097e58ccb7945341445d2a0c271f5d15a1462be10d757de7cfd980459469387c5049cebcdb62a24cf04418634944354b4690d4974a26ca113eefe5a71b23aa2fbd989f7b6fcf490ed465f219e70b3397dbc63e21b9d3998c4580570c40a2e75cb6845b34236f5a38dde94ae6fac7a994b21e829bdb618b0910b71608ed7893bc927afa06b1d08d18f684d7972e5467ddfebe1982924658db3e5aee3e443f1cd7017d7a27e6e2620673e9afd67c69ae555ec3e67863f1a9ac7d653d38125f51db870ffa8887c08c455a536d70ea0cae525218e8d06865b553b17bacd52630e4765af1036c834e96c193523d8b3bc399ac296fbe53ed4bd454c669f01cb0915cf9fc03b54d93fbc37ace112d4643c64842b60ee6b979703b6448fe7ddaab8d2fc2d417a12f138d61cc3ca311aa09adbad1a0647a62208ca7f9f2a9e6a6c42e6ae926b15d094886a7d6ae787c8238ab4c235541b1432b9e9407d18a0399dfa98b8ee84ccbe16bf8c30e7cf7071ab10eb8ffb0334d2b91135e3294efd14dd06db46be1032a472cdd54bd015f2937fe3d7d691fa9d0b55a0d5d17a9"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

5m59.842798102s ago: executing program 5 (id=28037):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='.\x00', 0x0, 0x8b7848, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)

5m59.689287992s ago: executing program 5 (id=28042):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = fsopen(&(0x7f0000000080)='binfmt_misc\x00', 0x1)
mount$9p_fd(0x0, &(0x7f0000000680)='./file0\x00', &(0x7f0000000380), 0x14c98, &(0x7f0000002780)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})

5m58.666167674s ago: executing program 5 (id=28067):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x1b32, 0x4)
sendto$inet(r0, &(0x7f0000000540)='v', 0x1, 0x4040, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000003980)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/67, 0x43}, 0x8001}], 0x1, 0x40002142, 0x0)

5m58.334470757s ago: executing program 34 (id=28067):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x1b32, 0x4)
sendto$inet(r0, &(0x7f0000000540)='v', 0x1, 0x4040, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000003980)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=""/67, 0x43}, 0x8001}], 0x1, 0x40002142, 0x0)

3m55.223202486s ago: executing program 7 (id=30073):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x4, @loopback}, 0x1c)
syz_open_procfs(0x0, &(0x7f0000000040)='net/netlink\x00')
r1 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x1)
fchdir(r2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)

3m53.609630213s ago: executing program 6 (id=30081):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0xa0602, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15)
lsetxattr$security_capability(0x0, &(0x7f00000025c0), 0x0, 0x0, 0x0)

3m53.500707526s ago: executing program 7 (id=30082):
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000540)='./file7\x00', 0x1c0)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7/file0\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file7/file0\x00', 0x101000, 0x108)
mkdirat(r0, &(0x7f0000000100)='./bus\x00', 0x42)

3m51.408721756s ago: executing program 7 (id=30088):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000080)={@map=r3, r2, 0x26}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000f80)={{r3}, &(0x7f0000000f00), &(0x7f0000000f40)=r0}, 0x20)
recvfrom(r1, 0x0, 0x0, 0x40002161, 0x0, 0xffffffffffffffef)

3m50.011161467s ago: executing program 7 (id=30094):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0xa0)
fallocate(r0, 0x0, 0x0, 0x1001f0)
copy_file_range(r0, 0x0, r0, &(0x7f00000000c0)=0xc615, 0x101, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x180)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x4c)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f00000001c0), 0x8, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000000)='./bus\x00')
openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)

3m49.541712115s ago: executing program 6 (id=30098):
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
sendmsg$xdp(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x200000000000011, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000003c0)={'lo\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000001100)={0x11, 0x3, r2, 0x1, 0x0, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0x14)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000ac0)={0x3, 0x7}, 0x4)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=@newqdisc={0x54, 0x10, 0x1, 0x70bd25, 0x25dfdbfc, {0x6, 0x0, 0x8100, 0x0, {0x1, 0x10}, {0xfff1}, {0xe, 0x10}}, [@TCA_RATE={0x6, 0x5, {0xfc}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x11, {0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x400c800}, 0x0)

3m48.85911985s ago: executing program 7 (id=30102):
syz_open_dev$tty1(0xc, 0x4, 0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x15, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180200001e00000000000000000000007a02500003ffffff950000000016001b049cb83bd81ee7a5588a00"], &(0x7f0000000080)='GPL\x00', 0x4, 0xb, &(0x7f00000001c0)=""/152, 0x40f00}, 0x94)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x2, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x11}, 0x94)

3m46.772460528s ago: executing program 7 (id=30108):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000240)={0x0, 0x6d007ee5}, 0x8)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280000001000010025bd7000fadbdf2500000000", @ANYRES32=0x0, @ANYBLOB="100804000000000008001b"], 0x28}, 0x1, 0x0, 0x0, 0x4008011}, 0x4004)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="cb"], 0x8)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000140)={0x0, 0xffff}, 0x8)

3m46.334577414s ago: executing program 6 (id=30110):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000000c0)={'macsec0\x00', 0x400})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'pimreg0\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB="1800000000010000000000000000c60095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000140)={r3, r2, 0x25, 0x0, @val=@netfilter={0x7, 0x0, 0x7}}, 0x20)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r4, 0xffffffffffffffff, 0x0)

3m44.700217195s ago: executing program 6 (id=30117):
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4008000}, 0x54)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0)
write$binfmt_aout(r0, &(0x7f00000003c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)={0x0, 0x40000000, 0x0, 0x0, 0x83, "00000000000000000000ffff00"})
syz_open_pts(r0, 0x0)
r1 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0x452a, 0x800, 0x2, 0x40000333}, &(0x7f00000006c0)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x2007, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x5a00, 0xf1fc, 0x0, 0x0, 0x0)

3m41.268623859s ago: executing program 6 (id=30128):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100ff2bbe11a5ce7879edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9", 0x32, 0x20000000, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = dup(r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x11, 0x13, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000003000000000000000100008018010000646c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7020000ffffff1fb70300000101000085000000062400001801000020696c2500000000002020207b1af87f"], &(0x7f0000000380)='GPL\x00', 0x3, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x9}, 0x94)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000)=@x86={0x3, 0x1, 0xfb, 0x0, 0x10005, 0x5, 0x3, 0xd4, 0x7, 0x2, 0x4, 0x1, 0x0, 0x7, 0x3, 0x65, 0x5, 0x9, 0x6, '\x00', 0x8, 0x1})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3m39.797703323s ago: executing program 6 (id=30130):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {}, {}, {0xffe0, 0x5}}, [@filter_kind_options=@f_u32={{0x8}, {0xfffffed3, 0x2, [@TCA_U32_HASH={0x8, 0x2, 0xffffffff}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x20048850)

3m30.107400149s ago: executing program 35 (id=30108):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000240)={0x0, 0x6d007ee5}, 0x8)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x1, @loopback, 0x1}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280000001000010025bd7000fadbdf2500000000", @ANYRES32=0x0, @ANYBLOB="100804000000000008001b"], 0x28}, 0x1, 0x0, 0x0, 0x4008011}, 0x4004)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="cb"], 0x8)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000140)={0x0, 0xffff}, 0x8)

3m22.818774395s ago: executing program 36 (id=30130):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x3}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x42}}}]}, 0x38}}, 0x0)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000380)=@newtfilter={0x38, 0x2c, 0xd27, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {}, {}, {0xffe0, 0x5}}, [@filter_kind_options=@f_u32={{0x8}, {0xfffffed3, 0x2, [@TCA_U32_HASH={0x8, 0x2, 0xffffffff}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x20048850)

10.665168677s ago: executing program 3 (id=30593):
add_key$user(&(0x7f0000000000), 0x0, &(0x7f0000000080), 0x0, 0xffffffffffffffff)
semop(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=ANY=[@ANYBLOB="400100001a000100feff0000000000000000fc010000000008000000000000000001000107174e24630e000000203a00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ff020000000000000000000000000001000004d46c000000ac1414bb000000000000000000000000fe000000000000009201000000000010a39b000000000000ffff0000000000001c250800000000000500000000000000fcffffffbfffffff0400000000000000090000000000100000000000000000001f00000000000000fefffffffffffffffefffffffc030000000000007e0000000535000002000100200000000000000048000300"], 0x140}}, 0x844)
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
sendmsg$NFT_MSG_GETFLOWTABLE(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0xc08a005}, 0xc, &(0x7f0000000300)={0x0}, 0x1, 0x0, 0x0, 0x5}, 0x8010)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect$cdc_ecm(0x2, 0x56, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010d00000000000000061c00000020000180080001", @ANYRES32, @ANYBLOB="140002"], 0x34}, 0x1, 0x0, 0x0, 0x20040005}, 0x40)
add_key$user(&(0x7f0000000140), &(0x7f0000002840)={'syz', 0x0}, &(0x7f0000002880), 0x0, 0xfffffffffffffffb)

10.221845425s ago: executing program 1 (id=30594):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, &(0x7f0000000100), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x11, 0x0, 0x0, &(0x7f0000000000)='GPL\x00', 0x2a7, 0x0, 0x0, 0x41100, 0x24, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3ff}, 0x94)
semop(0x0, &(0x7f0000000440)=[{0x3, 0xffff, 0x1000}], 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

7.958570048s ago: executing program 0 (id=30595):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$swradio(&(0x7f0000000080), 0x0, 0x2)
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
timerfd_create(0x0, 0x80000)
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
dup(r0)
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
open$dir(&(0x7f0000000140)='./file0\x00', 0x840, 0xd5)
epoll_create1(0x0)
open$dir(&(0x7f0000000180)='./file0\x00', 0x207e, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000700)=ANY=[@ANYBLOB="b4050000200080006110600000000000c60000000000000095000000000000009f33ef60916e6e893f1eeb0be20000d072f5b89c3043c47c896ce0bc8731fa595b6b4d45ef26dcca5582054d54d53cd2b685b431c70ea948259c4c869b4fc8db714e4b94bdae214fa68a051d4dca7d2647bec1fc89398d2b9000f224891060017c4700de60beac671e8e8f00cb03588aa6007e71f871ab5c2ff88afc6002084e5b52710aeee835cf0d78e45f70983826fb8579c1fb47d2c59005cff414ed55b0d18a9d446935fb332bb593ee341ab59016f81860324b800c00000000000092d9c5fe34ccb80a61ffcb3363073fd8962823ee45f5d7394e9510f4ac6c702cfabe8a9c55c8dafcdb110036e14c1035cafdfef6a358cbfadb3579a285580a3c080d4e0a48d7bdc38a0437c8c1b3aa408a0000000000002248950b000000"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000040000000400000012"], 0x48)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r1 = syz_open_dev$tty1(0xc, 0x4, 0x4)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
ioctl$TIOCL_SETSEL(r1, 0x541c, &(0x7f0000000000)={0x2, {0xc, 0xa00, 0x6, 0x20c4, 0x100}})

7.958042826s ago: executing program 3 (id=30596):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040))
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'lo\x00', <r1=>0x0})
bind$packet(r0, &(0x7f00000001c0)={0x11, 0x11, r1, 0x1, 0xf, 0x6, @broadcast}, 0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0xb, &(0x7f0000000080)=@framed={{0x18, 0x3, 0x0, 0x0, 0xff}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @initr0={0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x5}, @generic={0x25}, @initr0, @exit, @alu={0x7, 0x0, 0x1, 0x3}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
pipe2(&(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000ac0)=ANY=[@ANYBLOB="040100001000010400400000000000000000ffff", @ANYRES32=0x0, @ANYBLOB="0000000000000000bc00128009000100766c616e00000000ac00028004000480280004800c000100000001000100000086fd010000080000080000000c0001000100000009fe0000100003800c00010000020000ff000000580003800c00010002000000020000000c000100ffffff7f000200000c000100ff0f0000040000000c00010009000000000001000c00010000000000070000000c000100ffffffff000200000c000104b90a0000ff07000006000500810000000c0002000a000000f7ffffff13000300766c616e30"], 0x104}, 0x1, 0x0, 0x0, 0x4000040}, 0x0)
write$P9_RGETLOCK(r3, &(0x7f0000000240)=ANY=[], 0xffffff6a)
splice(r2, 0x0, r0, 0x0, 0x80000000, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xe0802, 0x0)
ioctl$PPPIOCNEWUNIT(r5, 0xc004743e, &(0x7f0000000280)=0x4)
ioctl$PPPIOCSMAXCID(r5, 0x40047451, &(0x7f0000000200)=0x3)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r6 = socket$kcm(0x23, 0x2, 0x0)
sendmsg$kcm(r6, &(0x7f0000000140)={&(0x7f0000000000)=@phonet, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)="b8", 0x1ff48}], 0x1, 0x0, 0x0, 0xeaff}, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="0c04000010000104000000000000000000480000", @ANYRES32=r7, @ANYBLOB="101000000000000008000d0005000000e4031680a40001800c00070000000000adffffff0c00", @ANYRES16=r7, @ANYBLOB="4b76f3b6"], 0x40c}}, 0x0)

6.912945394s ago: executing program 0 (id=30597):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x2a140, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000040)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10)
sendto$inet(r4, 0x0, 0x0, 0xc806, &(0x7f0000000180)={0x2, 0x4e21, @multicast1}, 0x10)
sendto$inet(r4, &(0x7f0000000100)='J', 0xfdbe, 0x4004084, 0x0, 0x11000a00)
ioctl$KVM_CAP_HYPERV_SYNIC2(0xffffffffffffffff, 0x4068aea3, 0x0)

6.912640933s ago: executing program 1 (id=30598):
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x40241, 0x0)
socket$kcm(0x2, 0xa, 0x2)
write$tun(r0, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r2, &(0x7f0000000100)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10)
setsockopt$sock_int(r2, 0x1, 0x6, &(0x7f0000000140)=0x8, 0x4)
connect$inet(r2, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
socket(0x10, 0x803, 0x0)
r3 = syz_open_dev$ndb(0x0, 0x0, 0x900)
ioctl$BLKDISCARD(r3, 0x1277, 0x0)
sendmmsg$inet(r2, &(0x7f0000004d00)=[{{0x0, 0x6000, 0x0, 0x0, 0x0, 0x0, 0x30000}}], 0x300, 0xf00)

6.912225855s ago: executing program 3 (id=30599):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x3, 0x0, 0x0, 0x2, 0xb2, &(0x7f0000000140)=""/178, 0x1f00, 0x6f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f9, 0x800, 0x32, 0xfffffffd}, 0x9c)
bind$inet6(0xffffffffffffffff, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @loopback, 0x3}, 0x7e)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000050000000900010073797a30000000002c000000030a01010000000000000000050000000900010073797a30000000000900030073797a300000000048000000060a010400000000000000000500000008000b4000000000200004801c0001800b00010074756e6e656c00000c00068008000140000000010900010073797a3000000000140000001100010000000000000000000000000a"], 0xbc}}, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000200)={0x1, [0x0]}, &(0x7f0000000080)=0x8)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000180)={'syztnl2\x00', &(0x7f00000000c0)={'sit0\x00', 0x0, 0x7800, 0x8000, 0x80000000, 0x98a1, {{0x5, 0x4, 0x3, 0x1, 0x14, 0x65, 0x0, 0x6d, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x3e}, @empty}}}})

5.451828789s ago: executing program 0 (id=30600):
sync()
sync()
sync()
r0 = syz_open_dev$tty20(0xc, 0x4, 0x1)
writev(r0, &(0x7f0000000500), 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x1c, &(0x7f00000002c0)=[@in6={0xa, 0x4e24, 0xd, @private2={0xfc, 0x2, '\x00', 0x1}, 0x7177}]}, 0x0)
sync()
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r3 = userfaultfd(0x80801)
ioctl$UFFDIO_API(r3, 0xc018aa3f, 0x0)
ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x2})
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000040)={r1}, 0xc)
ppoll(&(0x7f0000000440), 0x0, 0x0, 0x0, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)

5.451408671s ago: executing program 1 (id=30601):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
mmap$xdp(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x100000c, 0x11, r3, 0x100000000)
r4 = inotify_init()
r5 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x34d})
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000ffe000/0x2000)=nil, 0x2000}, 0x1})
mremap(&(0x7f0000ffa000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000ffb000/0x3000)=nil)
mremap(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x1000, 0x7, &(0x7f0000fff000/0x1000)=nil)
close_range(r4, 0xffffffffffffffff, 0x0)

5.451059758s ago: executing program 3 (id=30602):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
socket$inet6(0xa, 0x1, 0x0)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000080), 0x40002df, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0xa, 0x3, 0x3a)
recvmmsg$unix(r1, &(0x7f0000003100)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}}], 0x1, 0x0, 0x0)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)

3.225703831s ago: executing program 1 (id=30603):
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$netlink(0x10, 0x3, 0x10)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket$packet(0x11, 0x3, 0x300)
socket$inet_udp(0x2, 0x2, 0x0)
pipe2(&(0x7f0000001cc0), 0x800)
r0 = getpid()
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_tcp(0x2, 0x1, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
socket(0x10, 0x3, 0x0)
syz_pidfd_open(r0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9902)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
getpeername$packet(r2, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r1, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r3, 0x2f000000}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)

2.32436224s ago: executing program 0 (id=30604):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000240), 0x4000000044402, 0x0)
socket(0x2b, 0x80801, 0x1)
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r1 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000580)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, 0x0, 0x0)
unshare(0xe060400)
unshare(0x2c060000)
rt_sigqueueinfo(0x0, 0x21, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0xfffffffe, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x2, 0x4, r1, 0x0, 0x0, 'syz1\x00', 0x0})
syz_open_procfs(0x0, &(0x7f00000000c0)='net/ptype\x00')
io_setup(0xc00, &(0x7f0000000000))

1.976315176s ago: executing program 3 (id=30605):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c)
setsockopt$XDP_UMEM_COMPLETION_RING(r3, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4)
r4 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$XDP_RX_RING(r3, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', <r5=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4)
bind$xdp(r3, &(0x7f0000000100)={0x2c, 0x0, r5}, 0x10)

1.880675244s ago: executing program 1 (id=30606):
syz_open_procfs$pagemap(0x0, &(0x7f0000000240))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x2400c808)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
io_uring_enter(0xffffffffffffffff, 0x2219, 0x7721, 0x16, 0x0, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc22, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r1, &(0x7f0000000580)={&(0x7f0000000340)={0x2, 0x4f22, @remote}, 0x10, 0x0}, 0xb68fdc1f3041556c)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$netlink(0x10, 0x3, 0x0)
openat$smackfs_change_rule(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
setresuid(0x0, 0xee00, 0x0)

1.742246479s ago: executing program 0 (id=30607):
syz_init_net_socket$llc(0x1a, 0x1, 0x0)
r0 = syz_io_uring_setup(0x237, &(0x7f00000000c0)={0x0, 0x275, 0x400, 0x0, 0x2cf}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000600)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x20000800}, 0x4000008)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x7a, 0x0, @fd=r0, 0x100000001, 0x0, 0x0, 0x2, 0x1})
io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0)

895.850103ms ago: executing program 3 (id=30608):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000080)={0x5, 0x2})
r1 = socket(0xa, 0x5, 0x0)
sendmsg$inet_sctp(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040), 0x0, &(0x7f0000000140)=ANY=[], 0x58, 0x4855}, 0x24000052)
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
getsockopt$bt_BT_CHANNEL_POLICY(0xffffffffffffffff, 0x112, 0x4, 0x0, &(0x7f0000000080))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, &(0x7f0000000500)={'pcl818\x00', [0x8001, 0x4, 0x1, 0x0, 0x3, 0xcc7, 0x8, 0x7, 0x1, 0xff, 0x2, 0x1, 0x8, 0x2, 0x6, 0x9, 0x1, 0x8, 0x43, 0x40000003, 0x89, 0x9, 0xf27, 0x6, 0x800b, 0x8, 0x5, 0x6, 0x8, 0x10000, 0xfffffff4]})
ioctl$COMEDI_BUFINFO(r5, 0xc02c640e, 0x0)
userfaultfd(0x80001)
ioctl$VIDIOC_S_INPUT(r2, 0xc0045627, &(0x7f00000000c0)=0x3)

895.484848ms ago: executing program 1 (id=30609):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'veth1_to_hsr\x00', <r1=>0x0})
getsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x8, 0x0, &(0x7f0000000000))
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0xf, 0x20000000)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f00000009c0)={0x2, 0x4e24, @loopback}, 0x10)
r5 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000000)='veno', 0x4)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xf42, 0x4)
sendto$packet(r0, &(0x7f00000000c0)="3f031c000302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

0s ago: executing program 0 (id=30610):
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r0, 0x29, 0x19, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000580)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0xbc3d, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x1000)
r3 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r3)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0)
r4 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f0000000080)="13", 0x1, 0xfffffffffffffffd)
keyctl$read(0xb, r4, &(0x7f0000000240)=""/112, 0x349b7f55)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab?P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb8\x10\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\x03\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7vC\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
keyctl$assume_authority(0x10, r4)

kernel console output (not intermixed with test programs):

1626] syz_tun: entered promiscuous mode
[ 1093.656375][T31626] veth1_to_bridge: entered promiscuous mode
[ 1093.657520][T31626] debugfs: 'hsr0' already exists in 'hsr'
[ 1093.657573][T31626] Cannot create hsr debugfs directory
[ 1093.657682][T31626] hsr0: Slave A (syz_tun) is not up; please bring it up to get a fully working HSR network
[ 1093.657701][T31626] hsr0: Slave B (veth1_to_bridge) is not up; please bring it up to get a fully working HSR network
[ 1093.659377][T31626] hsr0: entered promiscuous mode
[ 1094.172904][ T6620] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[ 1094.354885][ T6620] usb 3-1: Using ep0 maxpacket: 16
[ 1094.365134][ T6620] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1094.365610][ T6620] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1094.368887][ T6620] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1094.368915][ T6620] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1094.368936][ T6620] usb 3-1: Product: syz
[ 1094.368950][ T6620] usb 3-1: Manufacturer: syz
[ 1094.368966][ T6620] usb 3-1: SerialNumber: syz
[ 1094.386051][ T6620] usb 3-1: config 0 descriptor??
[ 1094.401942][ T6620] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1094.401976][ T6620] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[ 1095.101038][ T6620] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[ 1095.102244][ T6620] em28xx 3-1:0.0: Config register raw data: 0x41
[ 1095.334871][ T5797] usb 3-1: USB disconnect, device number 25
[ 1095.337174][ T5797] em28xx 3-1:0.0: Disconnecting em28xx
[ 1095.378461][ T5797] em28xx 3-1:0.0: Freeing device
[ 1096.359066][   T36] kauditd_printk_skb: 1 callbacks suppressed
[ 1096.359084][   T36] audit: type=1326 audit(2000000840.424:1070): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=31810 comm="syz.1.25005" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd30007c799 code=0x0
[ 1096.880003][T31849] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[ 1096.880033][T31849] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1096.884277][T31849] vhci_hcd vhci_hcd.0: Device attached
[ 1096.899451][T31849] vhci_hcd vhci_hcd.0: pdev(5) rhport(1) sockfd(5)
[ 1096.899479][T31849] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1096.905034][T31849] vhci_hcd vhci_hcd.0: Device attached
[ 1096.908315][T31849] vhci_hcd vhci_hcd.0: pdev(5) rhport(2) sockfd(7)
[ 1096.908342][T31849] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1096.908455][T31849] vhci_hcd vhci_hcd.0: Device attached
[ 1096.913636][T31849] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1096.918767][T31849] vhci_hcd vhci_hcd.0: pdev(5) rhport(4) sockfd(11)
[ 1096.918794][T31849] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 1096.919538][T31849] vhci_hcd vhci_hcd.0: Device attached
[ 1096.928045][T31850] vhci_hcd: connection closed
[ 1096.934135][  T569] vhci_hcd vhci_hcd.5: stop threads
[ 1096.934162][  T569] vhci_hcd vhci_hcd.5: release socket
[ 1096.934199][  T569] vhci_hcd vhci_hcd.5: disconnect device
[ 1096.936239][T31855] vhci_hcd: connection closed
[ 1096.937920][  T569] vhci_hcd vhci_hcd.5: stop threads
[ 1096.937939][  T569] vhci_hcd vhci_hcd.5: release socket
[ 1096.937974][  T569] vhci_hcd vhci_hcd.5: disconnect device
[ 1096.949626][T31857] vhci_hcd: connection closed
[ 1096.970028][T31853] vhci_hcd: connection closed
[ 1096.984865][T23311] vhci_hcd vhci_hcd.5: stop threads
[ 1096.984894][T23311] vhci_hcd vhci_hcd.5: release socket
[ 1096.984932][T23311] vhci_hcd vhci_hcd.5: disconnect device
[ 1097.004121][T23311] vhci_hcd vhci_hcd.5: stop threads
[ 1097.004141][T23311] vhci_hcd vhci_hcd.5: release socket
[ 1097.030143][T23311] vhci_hcd vhci_hcd.5: disconnect device
[ 1097.529740][ T6073] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[ 1097.709340][ T6073] usb 3-1: Using ep0 maxpacket: 8
[ 1097.717803][ T6073] usb 3-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 1097.717860][ T6073] usb 3-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1097.717891][ T6073] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1097.717904][ T6073] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1097.787092][ T6073] usbtmc 3-1:16.0: bulk endpoints not found
[ 1097.949325][T31918] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1098.551845][T31947] netlink: 60 bytes leftover after parsing attributes in process `syz.5.25060'.
[ 1099.691879][T32018] Invalid argument reading file caps for ./file0
[ 1100.379571][T32068] loop8: detected capacity change from 0 to 8
[ 1100.426369][T32068] Dev loop8: unable to read RDB block 8
[ 1100.426417][T32068]  loop8: unable to read partition table
[ 1100.426594][T32068] loop8: partition table beyond EOD, truncated
[ 1100.426634][T32068] loop_reread_partitions: partition scan of loop8 (þ被xü^>à–
) failed (rc=-5)
[ 1100.538259][T32076] netlink: 32 bytes leftover after parsing attributes in process `syz.5.25120'.
[ 1100.579696][ T6073] usb 3-1: USB disconnect, device number 26
[ 1102.030528][ T5797] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[ 1102.200852][ T5797] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1102.200885][ T5797] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1102.200945][ T5797] usb 3-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00
[ 1102.200970][ T5797] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1102.250576][ T5797] usb 3-1: config 0 descriptor??
[ 1102.447494][T23966] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[ 1102.615805][T23966] usb 6-1: config index 0 descriptor too short (expected 45, got 36)
[ 1102.615862][T23966] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1102.615941][T23966] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1102.615963][T23966] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1102.615988][T23966] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1102.616029][T23966] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1102.616098][T23966] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1102.705671][T23966] usb 6-1: config 0 descriptor??
[ 1102.714925][T32184] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1102.740766][ T5797] logitech-djreceiver 0003:046D:C71F.002A: ignoring exceeding usage max
[ 1102.743095][ T5797] hid_parser_main: 5 callbacks suppressed
[ 1102.743162][ T5797] logitech-djreceiver 0003:046D:C71F.002A: unknown main item tag 0x5
[ 1102.940069][ T6620] usb 3-1: USB disconnect, device number 27
[ 1103.168017][T23966] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[ 1103.168052][T23966] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[ 1103.168076][T23966] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[ 1103.168099][T23966] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[ 1103.168122][T23966] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[ 1103.172415][T23966] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[ 1103.172447][T23966] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[ 1103.172472][T23966] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[ 1103.172498][T23966] plantronics 0003:047F:FFFF.002B: unknown main item tag 0x0
[ 1103.270028][T23966] plantronics 0003:047F:FFFF.002B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[ 1103.488469][ T6620] usb 6-1: USB disconnect, device number 30
[ 1104.451625][T32325] netlink: 212348 bytes leftover after parsing attributes in process `syz.2.25208'.
[ 1104.451763][T32325] openvswitch: netlink: Message has 3 unknown bytes.
[ 1106.053361][ T6065] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[ 1106.210546][ T6065] usb 2-1: Using ep0 maxpacket: 32
[ 1106.227642][ T6065] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[ 1106.227671][ T6065] usb 2-1: config 0 has no interface number 0
[ 1106.227716][ T6065] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1106.227745][ T6065] usb 2-1: config 0 interface 85 has no altsetting 0
[ 1106.230110][ T6065] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[ 1106.230138][ T6065] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1106.230159][ T6065] usb 2-1: Product: syz
[ 1106.230174][ T6065] usb 2-1: Manufacturer: syz
[ 1106.230190][ T6065] usb 2-1: SerialNumber: syz
[ 1106.241863][ T6065] usb 2-1: config 0 descriptor??
[ 1106.923691][ T6065] appletouch 2-1:0.85: Geyser mode initialized.
[ 1106.938214][ T6065] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input91
[ 1107.143760][ T6073] usb 2-1: USB disconnect, device number 39
[ 1107.143865][    C1] appletouch 2-1:0.85: atp_complete: usb_submit_urb failed with result -19
[ 1107.358519][ T6073] appletouch 2-1:0.85: input: appletouch disconnected
[ 1107.706767][T32543] netlink: 52 bytes leftover after parsing attributes in process `syz.5.25291'.
[ 1107.843177][T32551] netlink: 48 bytes leftover after parsing attributes in process `syz.1.25297'.
[ 1108.413267][T23966] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[ 1108.575973][T23966] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1108.576037][T23966] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has an invalid bInterval 211, changing to 7
[ 1108.576064][T23966] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 8511, setting to 1024
[ 1108.578345][T23966] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1108.578375][T23966] usb 6-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[ 1108.578396][T23966] usb 6-1: Product: syz
[ 1108.578412][T23966] usb 6-1: SerialNumber: syz
[ 1108.658857][ T6065] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[ 1108.825094][ T6065] usb 3-1: Using ep0 maxpacket: 32
[ 1108.832033][ T6065] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[ 1108.835903][ T6065] usb 3-1: New USB device found, idVendor=0499, idProduct=6bb7, bcdDevice=68.2f
[ 1108.835931][ T6065] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1108.835999][ T6065] usb 3-1: Product: syz
[ 1108.836013][ T6065] usb 3-1: Manufacturer: syz
[ 1108.836029][ T6065] usb 3-1: SerialNumber: syz
[ 1108.887670][ T6065] usb 3-1: config 0 descriptor??
[ 1109.111165][ T6065] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 1109.332748][ T6065] usb 3-1: USB disconnect, device number 28
[ 1109.629074][T13871] udevd[13871]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1109.687714][T23966] cdc_ncm 6-1:1.0: bind() failure
[ 1109.737691][T23966] cdc_ncm 6-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1109.747887][T23966] cdc_mbim 6-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1109.759292][T23966] usbtest 6-1:1.1: probe with driver usbtest failed with error -71
[ 1109.827627][T23966] usb 6-1: USB disconnect, device number 31
[ 1110.700737][T32754] binder: 32753:32754 ioctl c0306201 0 returned -14
[ 1111.951739][ T6065] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[ 1112.122583][ T6065] usb 2-1: Using ep0 maxpacket: 16
[ 1112.126662][ T6065] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1112.126688][ T6065] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1112.129106][ T6065] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1112.129135][ T6065] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1112.129151][ T6065] usb 2-1: Product: syz
[ 1112.129159][ T6065] usb 2-1: Manufacturer: syz
[ 1112.129167][ T6065] usb 2-1: SerialNumber: syz
[ 1112.424709][ T6065] usb 2-1: 0:2 : does not exist
[ 1112.443931][ T6065] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[ 1112.636172][ T6065] usb 2-1: USB disconnect, device number 40
[ 1112.841468][T14188] udevd[14188]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1112.875530][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[ 1113.914350][  T488] netlink: 4 bytes leftover after parsing attributes in process `syz.2.25449'.
[ 1114.335411][ T6620] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[ 1114.498086][ T6620] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1114.498123][ T6620] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1114.498161][ T6620] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1114.498184][ T6620] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1114.504216][ T6620] usb 3-1: config 0 descriptor??
[ 1114.728390][ T6620] usbhid 3-1:0.0: can't add hid device: -71
[ 1114.728504][ T6620] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1114.756630][ T6620] usb 3-1: USB disconnect, device number 29
[ 1115.254831][ T6620] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[ 1115.417259][ T6620] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1115.417292][ T6620] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1115.417315][ T6620] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1115.417356][ T6620] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1115.417378][ T6620] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1115.422186][ T6620] usb 3-1: config 0 descriptor??
[ 1115.618315][T23966] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[ 1115.779042][T23966] usb 6-1: Using ep0 maxpacket: 16
[ 1115.780995][T23966] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1115.781016][T23966] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1115.781031][T23966] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1115.783036][T23966] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1115.783062][T23966] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1115.783081][T23966] usb 6-1: Product: syz
[ 1115.783095][T23966] usb 6-1: Manufacturer: syz
[ 1115.783110][T23966] usb 6-1: SerialNumber: syz
[ 1115.880096][ T6620] plantronics 0003:047F:FFFF.002C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1116.108063][ T6620] usb 3-1: USB disconnect, device number 30
[ 1116.201963][  T608] fido_id[608]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[ 1116.290323][T23966] usb 6-1: 0:2 : does not exist
[ 1116.435208][ T5113] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1116.458419][ T5113] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1116.461810][ T5113] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1116.491616][ T5113] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1116.500652][ T5113] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1116.572362][ T8055] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1116.572399][ T8055] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1116.975345][T23966] usb 6-1: 1:0: failed to get current value for ch 0 (-22)
[ 1117.007779][  T649] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[ 1117.015129][ T6065] IPVS: starting estimator thread 0...
[ 1117.022648][ T8055] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1117.022682][ T8055] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1117.125822][  T656] IPVS: using max 17 ests per chain, 40800 per kthread
[ 1117.129425][  T625] dummy0 speed is unknown, defaulting to 1000
[ 1117.218976][T23966] usb 6-1: USB disconnect, device number 32
[ 1117.499586][ T8055] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1117.499620][ T8055] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1117.927802][ T6073] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[ 1117.973337][ T8055] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1117.973373][ T8055] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1118.122017][ T6073] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1118.122051][ T6073] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1118.123208][ T6073] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1118.123234][ T6073] usb 6-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[ 1118.123254][ T6073] usb 6-1: Manufacturer: syz
[ 1118.183615][ T6073] usb 6-1: config 0 descriptor??
[ 1118.444386][ T6073] usbhid 6-1:0.0: can't add hid device: -71
[ 1118.444505][ T6073] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1118.587426][ T6073] usb 6-1: USB disconnect, device number 33
[ 1118.775859][T28634] Bluetooth: hci2: command tx timeout
[ 1119.356030][ T8055] tipc: Resetting bearer <eth:geneve1>
[ 1120.506230][  T835] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[ 1120.607288][  T839] loop8: detected capacity change from 0 to 8
[ 1120.609500][  T839]  loop8: [CUMANA/ADFS] p1 [ADFS] p1
[ 1120.609539][  T839] loop8: partition table partially beyond EOD, truncated
[ 1120.609832][  T839] loop8: p1 size 1204205415 extends beyond EOD, truncated
[ 1120.807619][T14188] udevd[14188]: inotify_add_watch(7, /dev/loop8p1, 10) failed: No such file or directory
[ 1121.007630][T28634] Bluetooth: hci2: command tx timeout
[ 1122.066734][ T8055] dvmrp1 (unregistering): left allmulticast mode
[ 1122.361276][ T8055] geneve1 (unregistering): left allmulticast mode
[ 1122.463462][ T8055] tipc: Disabling bearer <eth:geneve1>
[ 1122.665611][  T955] netlink: 264 bytes leftover after parsing attributes in process `syz.2.25592'.
[ 1122.665639][  T955] netlink: 264 bytes leftover after parsing attributes in process `syz.2.25592'.
[ 1123.219374][T28634] Bluetooth: hci2: command tx timeout
[ 1123.537380][ T8055] .` (unregistering): Released all slaves
[ 1123.561900][ T8055] bond1 (unregistering): Released all slaves
[ 1123.589607][ T8055] bond2 (unregistering): Released all slaves
[ 1123.610706][ T8055] bond3 (unregistering): Released all slaves
[ 1123.687219][ T8055] bond4 (unregistering): Released all slaves
[ 1123.736244][ T8055] bond0 (unregistering): Released all slaves
[ 1124.447368][ T8055] tipc: Left network mode
[ 1124.943326][  T625] chnl_net:caif_netlink_parms(): no params data found
[ 1125.339445][  T625] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1125.339641][  T625] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1125.339853][  T625] bridge_slave_0: entered allmulticast mode
[ 1125.342374][  T625] bridge_slave_0: entered promiscuous mode
[ 1125.345710][  T625] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1125.345898][  T625] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1125.346100][  T625] bridge_slave_1: entered allmulticast mode
[ 1125.350156][  T625] bridge_slave_1: entered promiscuous mode
[ 1125.443029][T28634] Bluetooth: hci2: command tx timeout
[ 1125.461609][  T625] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1125.483186][ T8055] IPVS: stopping backup sync thread 6531 ...
[ 1125.489952][  T625] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1125.605073][  T625] team0: Port device team_slave_0 added
[ 1125.667458][ T1241] netlink: 'syz.2.25650': attribute type 1 has an invalid length.
[ 1125.667480][ T1241] netlink: 'syz.2.25650': attribute type 2 has an invalid length.
[ 1125.835425][  T625] team0: Port device team_slave_1 added
[ 1126.473485][  T625] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1126.473502][  T625] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1126.473527][  T625] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1126.769717][  T625] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1126.769734][  T625] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1126.769759][  T625] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1126.882103][ T1312] loop1: detected capacity change from 0 to 4096
[ 1127.487108][  T625] hsr_slave_0: entered promiscuous mode
[ 1127.489892][  T625] hsr_slave_1: entered promiscuous mode
[ 1127.507537][  T625] debugfs: 'hsr0' already exists in 'hsr'
[ 1127.507564][  T625] Cannot create hsr debugfs directory
[ 1127.538314][T23966] usb 6-1: new low-speed USB device number 34 using dummy_hcd
[ 1127.712293][T23966] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 1127.712321][T23966] usb 6-1: config 0 has no interface number 0
[ 1127.712364][T23966] usb 6-1: config 0 interface 1 altsetting 19 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1127.712389][T23966] usb 6-1: config 0 interface 1 altsetting 19 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1127.712410][T23966] usb 6-1: config 0 interface 1 has no altsetting 0
[ 1127.712441][T23966] usb 6-1: New USB device found, idVendor=2179, idProduct=0053, bcdDevice= 0.00
[ 1127.712463][T23966] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1127.719042][T23966] usb 6-1: config 0 descriptor??
[ 1128.129427][ T8055] mac80211_hwsim hwsim5 wlan1 (unregistering): left promiscuous mode
[ 1128.444982][ T1434] netlink: 104 bytes leftover after parsing attributes in process `syz.2.25691'.
[ 1128.461636][T23966] uclogic 0003:2179:0053.002D: pen parameters not found
[ 1128.461733][T23966] uclogic 0003:2179:0053.002D: interface is invalid, ignoring
[ 1128.692472][ T6127] usb 6-1: USB disconnect, device number 34
[ 1129.526271][ T1545] netlink: 28 bytes leftover after parsing attributes in process `syz.2.25715'.
[ 1129.526308][ T1545] netlink: 28 bytes leftover after parsing attributes in process `syz.2.25715'.
[ 1129.592146][ T1552] netlink: 28 bytes leftover after parsing attributes in process `syz.2.25715'.
[ 1129.592181][ T1552] netlink: 28 bytes leftover after parsing attributes in process `syz.2.25715'.
[ 1129.867989][ T1545] erspan0: entered promiscuous mode
[ 1129.884386][ T1545] erspan0: left promiscuous mode
[ 1130.099799][ T1552] erspan0: entered promiscuous mode
[ 1130.112302][ T1552] erspan0: left promiscuous mode
[ 1130.760498][ T8055] hsr_slave_0: left promiscuous mode
[ 1130.831175][ T8055] hsr_slave_1: left promiscuous mode
[ 1130.940428][ T8055] veth1_macvtap: left promiscuous mode
[ 1130.985551][ T8055] veth0_vlan: left promiscuous mode
[ 1132.835975][ T8055] pim6reg (unregistering): left allmulticast mode
[ 1134.396630][T23966] dummy0 speed is unknown, defaulting to 1000
[ 1134.396675][T23966] infiniband syz0: ib_query_port failed (-19)
[ 1135.447367][ T1887] netlink: 'syz.2.25851': attribute type 10 has an invalid length.
[ 1135.663302][ T6073] usb 6-1: new full-speed USB device number 35 using dummy_hcd
[ 1135.766211][ T1887] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1135.771992][ T1887] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 1135.825759][ T6073] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1135.825794][ T6073] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1135.825819][ T6073] usb 6-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[ 1135.825831][ T6073] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1135.829608][ T6073] usb 6-1: config 0 descriptor??
[ 1136.315301][ T6073] hid-steam 0003:28DE:1142.002E: item fetching failed at offset 2/5
[ 1136.316002][ T6073] hid-steam 0003:28DE:1142.002E: steam_probe:parse of hid interface failed
[ 1136.316608][ T6073] hid-steam 0003:28DE:1142.002E: probe with driver hid-steam failed with error -22
[ 1136.537654][T23966] usb 6-1: USB disconnect, device number 35
[ 1137.137831][ T8055] IPVS: stop unused estimator thread 0...
[ 1137.501501][  T625] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1137.586535][  T625] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1137.757753][  T625] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1137.807992][  T625] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1138.537875][T22607] syz_tun (unregistering): left promiscuous mode
[ 1138.965813][  T625] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1139.009012][  T625] 8021q: adding VLAN 0 to HW filter on device team0
[ 1139.058651][  T569] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1139.058915][  T569] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1139.098638][   T57] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1139.098769][   T57] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1139.710919][ T5113] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1139.730440][  T625] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1139.744961][ T5113] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1139.753631][ T5113] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1139.762041][ T5113] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1139.763706][ T5113] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1139.998362][  T625] veth0_vlan: entered promiscuous mode
[ 1140.052200][  T625] veth1_vlan: entered promiscuous mode
[ 1140.203436][  T625] veth0_macvtap: entered promiscuous mode
[ 1140.218722][  T625] veth1_macvtap: entered promiscuous mode
[ 1140.292033][  T625] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1140.340530][  T625] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1140.421884][ T8055] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1140.430927][ T8055] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1140.432974][ T8055] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1140.433515][ T8055] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1141.069615][   T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1141.069636][   T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1141.378194][T12646] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1141.378215][T12646] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1142.034917][ T5113] Bluetooth: hci4: command tx timeout
[ 1142.542019][ T2124] chnl_net:caif_netlink_parms(): no params data found
[ 1142.804956][ T7537] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[ 1142.964861][ T7537] usb 6-1: Using ep0 maxpacket: 8
[ 1142.967146][ T7537] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1142.967175][ T7537] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1142.967203][ T7537] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1142.967228][ T7537] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1142.967269][ T7537] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1142.967293][ T7537] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1143.041668][ T2124] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1143.042370][ T2124] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1143.043710][ T2124] bridge_slave_0: entered allmulticast mode
[ 1143.077438][ T2124] bridge_slave_0: entered promiscuous mode
[ 1143.122237][ T2124] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1143.122538][ T2124] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1143.122961][ T2124] bridge_slave_1: entered allmulticast mode
[ 1143.147667][ T2124] bridge_slave_1: entered promiscuous mode
[ 1143.235418][ T7537] usb 6-1: GET_CAPABILITIES returned 0
[ 1143.235478][ T7537] usbtmc 6-1:16.0: can't read capabilities
[ 1143.340409][ T2124] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1143.363898][ T2124] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1143.449118][ T2124] team0: Port device team_slave_0 added
[ 1143.455665][ T2124] team0: Port device team_slave_1 added
[ 1143.482965][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.494311][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.535240][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.535322][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.535390][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.535750][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.535821][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.537587][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.537665][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.537733][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.538107][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.538176][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.538243][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.538516][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.538582][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.538922][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1143.562596][ T5797] usb 6-1: USB disconnect, device number 36
[ 1143.893632][ T2124] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1143.893648][ T2124] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1143.893673][ T2124] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1143.903353][ T2124] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1143.903370][ T2124] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1143.903403][ T2124] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1144.104054][ T2124] hsr_slave_0: entered promiscuous mode
[ 1144.105359][ T2124] hsr_slave_1: entered promiscuous mode
[ 1144.106034][ T2124] debugfs: 'hsr0' already exists in 'hsr'
[ 1144.106050][ T2124] Cannot create hsr debugfs directory
[ 1144.264994][ T5113] Bluetooth: hci4: command tx timeout
[ 1145.020752][ T2659] sctp: [Deprecated]: syz.1.25999 (pid 2659) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1145.020752][ T2659] Use struct sctp_sack_info instead
[ 1145.045073][ T2665] netlink: 16 bytes leftover after parsing attributes in process `syz.5.25997'.
[ 1145.046035][ T2665] netlink: 16 bytes leftover after parsing attributes in process `syz.5.25997'.
[ 1145.448942][ T2124] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1145.499949][ T2124] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1145.559311][ T2124] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1145.627457][ T2124] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1145.877120][ T2124] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1145.908665][ T2124] 8021q: adding VLAN 0 to HW filter on device team0
[ 1145.929356][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1145.930751][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1145.986958][   T67] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1145.987077][   T67] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1146.412546][ T2771] loop8: detected capacity change from 0 to 7
[ 1146.427008][ T2771] Dev loop8: unable to read RDB block 7
[ 1146.427055][ T2771]  loop8: unable to read partition table
[ 1146.427293][ T2771] loop8: partition table beyond EOD, truncated
[ 1146.427331][ T2771] loop_reread_partitions: partition scan of loop8 (þ被xü^>à– �) failed (rc=-5)
[ 1146.450052][ T6620] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[ 1146.482577][ T5113] Bluetooth: hci4: command tx timeout
[ 1146.538080][ T2124] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1146.610452][ T6620] usb 2-1: Using ep0 maxpacket: 16
[ 1146.617467][ T6620] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[ 1146.617495][ T6620] usb 2-1: config 0 has no interface number 0
[ 1146.617541][ T6620] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1146.617569][ T6620] usb 2-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1146.619823][ T6620] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1146.619851][ T6620] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[ 1146.619872][ T6620] usb 2-1: Product: syz
[ 1146.619887][ T6620] usb 2-1: SerialNumber: syz
[ 1146.694591][ T6620] usb 2-1: config 0 descriptor??
[ 1146.711324][ T6620] cm109 2-1:0.8: invalid payload size 0, expected 4
[ 1146.729595][ T6620] input: CM109 USB driver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.8/input/input93
[ 1146.959197][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[ 1147.400138][    C1] cm109_urb_ctl_callback: 5 callbacks suppressed
[ 1147.400169][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1147.400413][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1147.400836][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1147.401069][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1147.401352][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1147.401584][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1147.401820][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1147.402052][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1147.402296][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1147.402527][    C1] cm109 2-1:0.8: cm109_urb_ctl_callback: urb status -71
[ 1147.487649][T30892] usb 2-1: USB disconnect, device number 41
[ 1147.487746][    C1] cm109 2-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[ 1147.537081][T30892] cm109 2-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[ 1147.668020][ T2124] veth0_vlan: entered promiscuous mode
[ 1147.688029][ T2124] veth1_vlan: entered promiscuous mode
[ 1147.744505][ T5797] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[ 1147.793156][ T2124] veth0_macvtap: entered promiscuous mode
[ 1147.811062][ T2124] veth1_macvtap: entered promiscuous mode
[ 1147.870173][ T2124] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1147.901786][ T2124] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1147.922233][   T67] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1147.922453][   T67] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1147.922490][   T67] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1147.922525][   T67] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1147.928555][ T5797] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1147.928585][ T5797] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1147.933523][ T5797] usb 6-1: config 0 descriptor??
[ 1147.974362][ T5797] cp210x 6-1:0.0: cp210x converter detected
[ 1148.420115][ T5797] cp210x 6-1:0.0: failed to get vendor val 0x0010 size 3: -32
[ 1148.501316][ T5797] usb 6-1: cp210x converter now attached to ttyUSB0
[ 1148.673998][ T7537] usb 6-1: USB disconnect, device number 37
[ 1148.704529][ T7537] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1148.706608][ T5113] Bluetooth: hci4: command tx timeout
[ 1148.766895][ T1437] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1148.766916][ T1437] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1148.879073][  T569] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1148.879103][  T569] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1148.882470][ T7537] cp210x 6-1:0.0: device disconnected
[ 1149.156546][ T2947] netlink: 'syz.6.25912': attribute type 2 has an invalid length.
[ 1149.156580][ T2947] netlink: 'syz.6.25912': attribute type 2 has an invalid length.
[ 1150.951400][ T3061] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[ 1151.175570][ T6065] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[ 1151.335582][ T6065] usb 2-1: Using ep0 maxpacket: 16
[ 1151.338163][ T6065] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1151.338197][ T6065] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1151.338220][ T6065] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1151.338263][ T6065] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1151.338287][ T6065] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1151.360614][ T6065] usb 2-1: config 0 descriptor??
[ 1151.752876][ T7537] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[ 1151.808331][ T6065] hid_parser_main: 6 callbacks suppressed
[ 1151.808353][ T6065] microsoft 0003:045E:07DA.002F: unknown main item tag 0x0
[ 1151.808383][ T6065] microsoft 0003:045E:07DA.002F: unknown main item tag 0x0
[ 1151.808411][ T6065] microsoft 0003:045E:07DA.002F: unknown main item tag 0x0
[ 1151.808437][ T6065] microsoft 0003:045E:07DA.002F: unknown main item tag 0x0
[ 1151.808464][ T6065] microsoft 0003:045E:07DA.002F: unknown main item tag 0x0
[ 1151.808492][ T6065] microsoft 0003:045E:07DA.002F: unknown main item tag 0x0
[ 1151.808520][ T6065] microsoft 0003:045E:07DA.002F: unknown main item tag 0x0
[ 1151.808548][ T6065] microsoft 0003:045E:07DA.002F: unknown main item tag 0x0
[ 1151.808573][ T6065] microsoft 0003:045E:07DA.002F: unknown main item tag 0x0
[ 1151.808598][ T6065] microsoft 0003:045E:07DA.002F: unknown main item tag 0x0
[ 1151.890101][ T6065] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.002F/input/input94
[ 1151.923627][ T7537] usb 6-1: Using ep0 maxpacket: 8
[ 1151.929481][ T6065] microsoft 0003:045E:07DA.002F: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[ 1151.932210][ T7537] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1151.932243][ T7537] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1151.932273][ T7537] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1151.932298][ T7537] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1151.932350][ T7537] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1151.932373][ T7537] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1152.227404][ T7537] usb 6-1: usb_control_msg returned -32
[ 1152.227459][ T7537] usbtmc 6-1:16.0: can't read capabilities
[ 1152.295731][ T6620] usb 2-1: USB disconnect, device number 42
[ 1152.613840][ T3167] usbtmc 6-1:16.0: usbtmc488_ioctl_trigger returned -71
[ 1153.203729][ T3191] syzkaller1: entered promiscuous mode
[ 1153.203755][ T3191] syzkaller1: entered allmulticast mode
[ 1153.298361][ T3198] netlink: 'syz.6.26155': attribute type 6 has an invalid length.
[ 1154.657656][ T3281] netlink: 80 bytes leftover after parsing attributes in process `syz.6.26185'.
[ 1154.724742][T23966] usb 6-1: USB disconnect, device number 38
[ 1154.816435][ T3298] netlink: 256 bytes leftover after parsing attributes in process `syz.5.26191'.
[ 1154.816460][ T3298] netlink: 256 bytes leftover after parsing attributes in process `syz.5.26191'.
[ 1154.978873][ T3305] netlink: 4 bytes leftover after parsing attributes in process `syz.5.26195'.
[ 1155.968113][ T3359] netlink: 'syz.5.26215': attribute type 4 has an invalid length.
[ 1155.968137][ T3359] netlink: 32 bytes leftover after parsing attributes in process `syz.5.26215'.
[ 1156.759504][ T3431] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.26243'.
[ 1157.238420][ T3463] netlink: 12 bytes leftover after parsing attributes in process `syz.6.26256'.
[ 1157.525508][ T3329] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1159.205623][ T3587] loop8: detected capacity change from 0 to 8
[ 1159.257418][T14188] Dev loop8: unable to read RDB block 8
[ 1159.257448][T14188]  loop8: unable to read partition table
[ 1159.257595][T14188] loop8: partition table beyond EOD, truncated
[ 1159.273984][ T3587] Dev loop8: unable to read RDB block 8
[ 1159.274030][ T3587]  loop8: unable to read partition table
[ 1159.274247][ T3587] loop8: partition table beyond EOD, truncated
[ 1159.274291][ T3587] loop_reread_partitions: partition scan of loop8 (þ被xü^>Ñà– ) failed (rc=-5)
[ 1159.650080][ T3612] netlink: 8 bytes leftover after parsing attributes in process `syz.5.26321'.
[ 1159.650127][ T3612] bond0: Unable to set down delay as MII monitoring is disabled
[ 1160.062438][ T3642] netlink: 'syz.1.26334': attribute type 3 has an invalid length.
[ 1160.062459][ T3642] netlink: 16 bytes leftover after parsing attributes in process `syz.1.26334'.
[ 1160.447387][ T3671] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.26343'.
[ 1162.537678][ T3801] evm: overlay not supported
[ 1162.978953][ T3828] netlink: 'syz.1.26414': attribute type 1 has an invalid length.
[ 1163.062565][ T3838] netlink: 8 bytes leftover after parsing attributes in process `syz.1.26418'.
[ 1163.600663][ T3873] tipc: Started in network mode
[ 1163.600682][ T3873] tipc: Node identity bridge_s., cluster identity 4711
[ 1164.357109][ T5113] Bluetooth: hci3: command 0x0406 tx timeout
[ 1164.506444][T23966] usb 2-1: new full-speed USB device number 43 using dummy_hcd
[ 1164.598104][ T7537] kernel write not supported for file bpf-prog (pid: 7537 comm: kworker/0:7)
[ 1164.668859][T23966] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1164.668895][T23966] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1164.668918][T23966] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1164.668960][T23966] usb 2-1: New USB device found, idVendor=0c70, idProduct=f003, bcdDevice= 0.00
[ 1164.668984][T23966] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1164.732372][T23966] usb 2-1: config 0 descriptor??
[ 1165.195165][T23966] hid_parser_main: 5 callbacks suppressed
[ 1165.195191][T23966] aquacomputer_d5next 0003:0C70:F003.0030: unknown main item tag 0x0
[ 1165.195224][T23966] aquacomputer_d5next 0003:0C70:F003.0030: unknown main item tag 0x0
[ 1165.195254][T23966] aquacomputer_d5next 0003:0C70:F003.0030: unknown main item tag 0x0
[ 1165.195281][T23966] aquacomputer_d5next 0003:0C70:F003.0030: unknown main item tag 0x0
[ 1165.195307][T23966] aquacomputer_d5next 0003:0C70:F003.0030: unknown main item tag 0x0
[ 1165.195332][T23966] aquacomputer_d5next 0003:0C70:F003.0030: unknown main item tag 0x0
[ 1165.195355][T23966] aquacomputer_d5next 0003:0C70:F003.0030: unexpected long global item
[ 1165.196256][T23966] aquacomputer_d5next 0003:0C70:F003.0030: probe with driver aquacomputer_d5next failed with error -22
[ 1165.439894][ T6127] usb 2-1: USB disconnect, device number 43
[ 1166.088266][   T36] audit: type=1326 audit(2000000905.650:1071): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4028 comm="syz.1.26496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51a86ac799 code=0x7ffc0000
[ 1166.101035][   T36] audit: type=1326 audit(2000000905.669:1072): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4028 comm="syz.1.26496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=90 compat=0 ip=0x7f51a86ac799 code=0x7ffc0000
[ 1166.101202][   T36] audit: type=1326 audit(2000000905.669:1073): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4028 comm="syz.1.26496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51a86ac799 code=0x7ffc0000
[ 1166.101342][   T36] audit: type=1326 audit(2000000905.669:1074): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4028 comm="syz.1.26496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51a86ac799 code=0x7ffc0000
[ 1166.101653][   T36] audit: type=1326 audit(2000000905.669:1075): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4028 comm="syz.1.26496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f51a86ac799 code=0x7ffc0000
[ 1166.102260][   T36] audit: type=1326 audit(2000000905.669:1076): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4028 comm="syz.1.26496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51a86ac799 code=0x7ffc0000
[ 1166.102408][   T36] audit: type=1326 audit(2000000905.669:1077): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4028 comm="syz.1.26496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51a86ac799 code=0x7ffc0000
[ 1166.102804][   T36] audit: type=1326 audit(2000000905.669:1078): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4028 comm="syz.1.26496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=229 compat=0 ip=0x7f51a86ac799 code=0x7ffc0000
[ 1166.102939][   T36] audit: type=1326 audit(2000000905.669:1079): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4028 comm="syz.1.26496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51a86ac799 code=0x7ffc0000
[ 1166.103073][   T36] audit: type=1326 audit(2000000905.669:1080): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=4028 comm="syz.1.26496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51a86ac799 code=0x7ffc0000
[ 1166.783581][ T6127] usb 2-1: new full-speed USB device number 44 using dummy_hcd
[ 1166.794255][ T6065] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[ 1166.958258][ T6127] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1166.958292][ T6127] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1166.958329][ T6127] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1166.958354][ T6127] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1166.965263][ T6065] usb 6-1: Using ep0 maxpacket: 32
[ 1166.967200][ T6065] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[ 1166.967225][ T6065] usb 6-1: config 0 has no interface number 0
[ 1166.967281][ T6065] usb 6-1: config 0 interface 184 has no altsetting 0
[ 1166.970551][ T6127] usb 2-1: config 0 descriptor??
[ 1166.975150][ T6065] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1166.975177][ T6065] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1166.975198][ T6065] usb 6-1: Product: syz
[ 1166.975212][ T6065] usb 6-1: Manufacturer: syz
[ 1166.975226][ T6065] usb 6-1: SerialNumber: syz
[ 1167.015709][ T6127] hub 2-1:0.0: USB hub found
[ 1167.081550][ T6065] usb 6-1: config 0 descriptor??
[ 1167.220950][ T6127] hub 2-1:0.0: 1 port detected
[ 1167.681772][ T6127] usb 2-1: USB disconnect, device number 44
[ 1167.754949][ T6065] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[ 1167.754979][ T6065] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1167.909376][ T4131] netlink: 8 bytes leftover after parsing attributes in process `syz.6.26534'.
[ 1167.973043][ T6065] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1167.973073][ T6065] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[ 1167.973092][ T6065] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[ 1167.973110][ T6065] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1167.973397][ T6065] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -71
[ 1168.041354][ T6065] usb 6-1: USB disconnect, device number 39
[ 1168.045672][ T6127] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1168.881739][ T4180] loop8: detected capacity change from 0 to 8
[ 1168.932951][ T4180] Dev loop8: unable to read RDB block 8
[ 1168.932995][ T4180]  loop8: unable to read partition table
[ 1168.933212][ T4180] loop8: partition table beyond EOD, truncated
[ 1168.933253][ T4180] loop_reread_partitions: partition scan of loop8 (þ被xü^>à– �) failed (rc=-5)
[ 1169.146598][ T6127] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1170.002672][ T6065] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1170.068100][ T4239] loop2: detected capacity change from 0 to 7
[ 1170.103235][ T4239] Dev loop2: unable to read RDB block 7
[ 1170.103288][ T4239]  loop2: unable to read partition table
[ 1170.103502][ T4239] loop2: partition table beyond EOD, truncated
[ 1170.103519][ T4239] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1170.259312][ T6127] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1170.366783][ T4256] netlink: 8 bytes leftover after parsing attributes in process `syz.1.26582'.
[ 1171.372030][ T6127] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1172.482460][T30892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1172.640791][ T4390] netlink: 'syz.5.26640': attribute type 2 has an invalid length.
[ 1172.640815][ T4390] netlink: 60 bytes leftover after parsing attributes in process `syz.5.26640'.
[ 1172.952063][T23966] usb 7-1: new full-speed USB device number 2 using dummy_hcd
[ 1173.081880][ T5113] Bluetooth: hci4: command 0x0405 tx timeout
[ 1173.100019][ T7537] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1173.117890][T23966] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1173.117916][T23966] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1173.117936][T23966] usb 7-1: config 1 has no interface number 0
[ 1173.117979][T23966] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 1173.118006][T23966] usb 7-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[ 1173.118031][T23966] usb 7-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[ 1173.118062][T23966] usb 7-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[ 1173.118088][T23966] usb 7-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1173.123312][T23966] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1173.123341][T23966] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1173.123361][T23966] usb 7-1: Product: syz
[ 1173.123376][T23966] usb 7-1: Manufacturer: syz
[ 1173.123390][T23966] usb 7-1: SerialNumber: syz
[ 1173.170162][ T4396] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1173.251990][ T7537] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1173.406974][ T4396] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1173.594189][ T6620] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1173.622113][ T4396] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1174.056964][ T4396] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1174.060732][T23966] cdc_ncm 7-1:1.1: bind() failure
[ 1174.300791][T23966] usb 7-1: USB disconnect, device number 2
[ 1174.706235][ T6620] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1175.344286][ T4540] 9pnet: p9_errstr2errno: server reported unknown error 0x000
[ 1175.817586][ T6620] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1176.398313][ T4614] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1176.503599][T23966] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1176.503789][T23966] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1176.930167][ T6127] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1178.042848][ T6127] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1178.155431][ T4686] PID 4686 killed due to inadequate hugepage pool
[ 1178.459042][ T4727] Invalid argument reading file caps for ./file0
[ 1178.559496][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[ 1179.153483][ T6127] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1179.751528][ T6065] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1180.265259][ T6620] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1180.607424][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1180.608631][ T6065] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1180.649246][ T7537] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[ 1180.696029][ T4864] netlink: 104 bytes leftover after parsing attributes in process `syz.5.26824'.
[ 1180.810497][ T7537] usb 7-1: Using ep0 maxpacket: 32
[ 1180.812862][ T7537] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid maxpacket 9865, setting to 1024
[ 1180.812894][ T7537] usb 7-1: config 0 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1180.812918][ T7537] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1180.812949][ T7537] usb 7-1: New USB device found, idVendor=05ac, idProduct=0269, bcdDevice= 0.00
[ 1180.812970][ T7537] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1180.818039][ T7537] usb 7-1: config 0 descriptor??
[ 1180.818974][ T4847] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1181.044973][T23966] usb 2-1: new full-speed USB device number 45 using dummy_hcd
[ 1181.211362][T23966] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1181.212035][T23966] usb 2-1: not running at top speed; connect to a high speed hub
[ 1181.213327][T23966] usb 2-1: config 1 interface 0 altsetting 5 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[ 1181.213359][T23966] usb 2-1: config 1 interface 0 altsetting 5 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1181.213437][T23966] usb 2-1: config 1 interface 0 has no altsetting 0
[ 1181.262704][ T7537] hid (null): report_id 0 is invalid
[ 1181.274783][T23966] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1181.274815][T23966] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1181.274835][T23966] usb 2-1: Product: syz
[ 1181.274851][T23966] usb 2-1: Manufacturer: syz
[ 1181.274866][T23966] usb 2-1: SerialNumber: syz
[ 1181.326153][ T7537] magicmouse 0003:05AC:0269.0031: unknown main item tag 0x0
[ 1181.326192][ T7537] magicmouse 0003:05AC:0269.0031: unknown main item tag 0x0
[ 1181.326221][ T7537] magicmouse 0003:05AC:0269.0031: unknown main item tag 0x0
[ 1181.326254][ T7537] magicmouse 0003:05AC:0269.0031: unknown main item tag 0x0
[ 1181.326281][ T7537] magicmouse 0003:05AC:0269.0031: unknown main item tag 0x0
[ 1181.326308][ T7537] magicmouse 0003:05AC:0269.0031: unknown main item tag 0x0
[ 1181.326334][ T7537] magicmouse 0003:05AC:0269.0031: report_id 0 is invalid
[ 1181.326351][ T7537] magicmouse 0003:05AC:0269.0031: item 0 1 1 8 parsing failed
[ 1181.327123][ T7537] magicmouse 0003:05AC:0269.0031: magicmouse hid parse failed
[ 1181.327227][ T7537] magicmouse 0003:05AC:0269.0031: probe with driver magicmouse failed with error -22
[ 1181.381689][ T6620] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1181.418184][ T4871] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1181.462245][ T4909] netlink: 'syz.5.26841': attribute type 11 has an invalid length.
[ 1181.507585][ T6127] usb 7-1: USB disconnect, device number 3
[ 1181.651498][T23966] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[ 1181.978332][T23966] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1182.488344][ T6620] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1183.601009][ T6620] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1184.010926][ T7537] usb 2-1: USB disconnect, device number 45
[ 1184.601043][ T5130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1184.611194][ T5130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1184.611759][ T5130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1184.612341][ T5130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1184.612688][ T5130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1184.617814][ T5128] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1184.711997][T30892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1184.894390][ T5150] netlink: 40 bytes leftover after parsing attributes in process `syz.6.26943'.
[ 1184.894426][ T5150] netlink: 40 bytes leftover after parsing attributes in process `syz.6.26943'.
[ 1184.895019][ T5150] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[ 1185.034448][ T5161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1185.042784][ T5161] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1187.038633][ T5113] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1187.094872][ T5113] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1187.099395][ T5113] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1187.103805][ T5113] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1187.106150][ T5113] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1187.243025][ T2565] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1187.828452][ T2565] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1188.348103][ T2565] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1188.755684][ T2565] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1189.418169][ T5113] Bluetooth: hci2: command tx timeout
[ 1189.478748][ T2565] bridge_slave_1: left allmulticast mode
[ 1189.478777][ T2565] bridge_slave_1: left promiscuous mode
[ 1189.479014][ T2565] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1189.694392][ T2565] bridge_slave_0: left allmulticast mode
[ 1189.694421][ T2565] bridge_slave_0: left promiscuous mode
[ 1189.694656][ T2565] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1190.116390][ T5488] netlink: 27 bytes leftover after parsing attributes in process `syz.6.27060'.
[ 1190.271754][T30892] net_ratelimit: 26 callbacks suppressed
[ 1190.271774][T30892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1190.909941][ T2890] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1191.277133][ T2565] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1191.373353][ T2565] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1191.383557][   T55] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1191.430592][ T2565] bond0 (unregistering): Released all slaves
[ 1191.639890][ T5113] Bluetooth: hci2: command tx timeout
[ 1191.708891][ T2565] tipc: Left network mode
[ 1191.710191][ T5274] chnl_net:caif_netlink_parms(): no params data found
[ 1191.725251][ T7537] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1192.121020][ T5631] netlink: 8 bytes leftover after parsing attributes in process `syz.6.27111'.
[ 1192.192840][ T5637] netlink: 8 bytes leftover after parsing attributes in process `syz.6.27111'.
[ 1192.448459][ T5631] netlink: 16 bytes leftover after parsing attributes in process `syz.6.27111'.
[ 1192.448582][ T5637] netlink: 16 bytes leftover after parsing attributes in process `syz.6.27111'.
[ 1192.495200][ T6620] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1192.709573][ T5274] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1192.719647][ T5274] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1192.719927][ T5274] bridge_slave_0: entered allmulticast mode
[ 1192.722367][ T5274] bridge_slave_0: entered promiscuous mode
[ 1192.804570][T30892] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1192.922600][ T6620] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1193.007167][T30892] usb 7-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[ 1193.007197][T30892] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1193.007216][T30892] usb 7-1: Product: syz
[ 1193.007229][T30892] usb 7-1: Manufacturer: syz
[ 1193.007241][T30892] usb 7-1: SerialNumber: syz
[ 1193.046793][T30892] usb 7-1: config 0 descriptor??
[ 1193.062371][T30892] hub 7-1:0.0: bad descriptor, ignoring hub
[ 1193.062408][T30892] hub 7-1:0.0: probe with driver hub failed with error -5
[ 1193.194242][ T5274] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1193.194360][ T5274] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1193.194611][ T5274] bridge_slave_1: entered allmulticast mode
[ 1193.208275][ T5274] bridge_slave_1: entered promiscuous mode
[ 1193.268353][T30892] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state.
[ 1193.335600][T30892] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1193.336689][T30892] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo)
[ 1193.336755][T30892] usb 7-1: media controller created
[ 1193.390286][T30892] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1193.468611][T30892] DVB: Unable to find symbol dib7000p_attach()
[ 1193.468626][T30892] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo'
[ 1193.606509][   T55] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1193.702526][T30892] rc_core: IR keymap rc-dib0700-rc5 not found
[ 1193.702549][T30892] Registered IR keymap rc-empty
[ 1193.702952][T30892] dvb-usb: could not initialize remote control.
[ 1193.702963][T30892] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected.
[ 1193.799455][ T5274] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1193.865687][ T5113] Bluetooth: hci2: command tx timeout
[ 1193.927898][ T5274] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1193.968324][ T5763] netlink: 20 bytes leftover after parsing attributes in process `syz.5.27136'.
[ 1194.099510][ T5773] i2c i2c-1: Invalid block size returned: 58
[ 1194.333498][ T2890] usb 7-1: USB disconnect, device number 4
[ 1194.363271][ T5274] team0: Port device team_slave_0 added
[ 1194.377375][ T5274] team0: Port device team_slave_1 added
[ 1194.642972][ T2890] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected.
[ 1194.695052][ T5274] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1194.695068][ T5274] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1194.695092][ T5274] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1194.739544][T30892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1194.756897][ T5274] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1194.756914][ T5274] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1194.756938][ T5274] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1194.976165][ T2565] hsr_slave_0: left promiscuous mode
[ 1195.019319][ T2565] hsr_slave_1: left promiscuous mode
[ 1195.020442][ T2565] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1195.020708][ T2565] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1195.065796][ T2565] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1195.065823][ T2565] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1195.192334][ T5866] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1195.195404][ T5866] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1195.316621][ T2565] veth1_macvtap: left promiscuous mode
[ 1195.317156][ T2565] veth0_macvtap: left promiscuous mode
[ 1195.317656][ T2565] veth1_vlan: left promiscuous mode
[ 1195.317833][ T2565] veth0_vlan: left promiscuous mode
[ 1195.830124][ T6620] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1196.086672][ T5113] Bluetooth: hci2: command tx timeout
[ 1196.173102][ T6065] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1196.644405][ T2565] team0 (unregistering): Port device team_slave_1 removed
[ 1196.710190][ T2565] team0 (unregistering): Port device team_slave_0 removed
[ 1196.942840][ T6620] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1197.459075][ T5274] hsr_slave_0: entered promiscuous mode
[ 1197.462958][ T5274] hsr_slave_1: entered promiscuous mode
[ 1197.463877][ T5274] debugfs: 'hsr0' already exists in 'hsr'
[ 1197.463900][ T5274] Cannot create hsr debugfs directory
[ 1198.069482][T30892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1199.171960][T30892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1199.423405][ T6065] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1200.277410][ T6620] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1200.785411][ T6296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1200.786078][ T6296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1200.786589][ T6296] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1201.445513][T30892] net_ratelimit: 5 callbacks suppressed
[ 1201.445542][T30892] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1201.822605][ T5274] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1201.878884][ T5274] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1201.985369][ T5274] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1202.067847][ T5274] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1202.432874][ T5274] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1202.475402][ T5274] 8021q: adding VLAN 0 to HW filter on device team0
[ 1202.488046][ T2565] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1202.488280][ T2565] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1202.491738][    C0] vcan0: j1939_tp_rxtimer: 0xffff888064497400: rx timeout, send abort
[ 1202.581686][ T5685] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1202.589003][ T5685] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1202.597368][   T55] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1202.672182][ T2890] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[ 1202.738201][ T6404] netlink: 'syz.6.27310': attribute type 1 has an invalid length.
[ 1202.905640][ T6440] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1202.908952][ T6440] bond1: (slave bond2): making interface the new active one
[ 1202.909862][ T6440] bond1: (slave bond2): Enslaving as an active interface with an up link
[ 1203.026672][    C0] vcan0: j1939_tp_rxtimer: 0xffff888039aee800: rx timeout, send abort
[ 1203.029758][    C0] vcan0: j1939_tp_rxtimer: 0xffff888064497400: abort rx timeout. Force session deactivation
[ 1203.419363][ T5274] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1203.561275][    C0] vcan0: j1939_tp_rxtimer: 0xffff888039aee800: abort rx timeout. Force session deactivation
[ 1203.607101][ T5274] veth0_vlan: entered promiscuous mode
[ 1203.948631][ T6506] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1203.949370][ T6506] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1204.746517][ T6506] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1204.765554][ T6506] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1206.133167][ T8055] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1206.155444][ T6637] macvtap1: entered promiscuous mode
[ 1206.155674][ T6637] macvtap1: entered allmulticast mode
[ 1206.155689][ T6637] veth1_vlan: entered allmulticast mode
[ 1206.163247][ T8055] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1206.168837][ T8055] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1206.170721][ T8055] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1206.176754][ T5274] veth1_vlan: entered promiscuous mode
[ 1206.537335][ T6668] syzkaller1: entered promiscuous mode
[ 1206.537368][ T6668] syzkaller1: entered allmulticast mode
[ 1206.558566][ T5274] veth0_macvtap: entered promiscuous mode
[ 1206.584312][ T5274] veth1_macvtap: entered promiscuous mode
[ 1206.978218][ T5274] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1206.998711][ T5274] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1207.063279][ T2565] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1207.063548][ T2565] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1207.063608][ T2565] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1207.063642][ T2565] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1207.549497][ T1437] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1207.549518][ T1437] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1207.651049][ T5685] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1207.651072][ T5685] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1208.017263][T30892] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1208.193725][T30892] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1208.197505][T30892] usb 7-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1208.197535][T30892] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1208.197557][T30892] usb 7-1: Product: syz
[ 1208.197572][T30892] usb 7-1: Manufacturer: syz
[ 1208.197588][T30892] usb 7-1: SerialNumber: syz
[ 1208.207392][T30892] usb 7-1: config 0 descriptor??
[ 1208.462107][ T7537] usb 7-1: USB disconnect, device number 5
[ 1209.720502][ T5113] Bluetooth: hci4: ISO packet too small
[ 1209.872099][ T6874] netlink: 'syz.5.27473': attribute type 3 has an invalid length.
[ 1210.413340][ T6910] netlink: 'syz.5.27490': attribute type 13 has an invalid length.
[ 1210.600566][ T6910] gretap0: refused to change device tx_queue_len
[ 1210.600590][ T6910] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 1210.668509][ T7537] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1210.828872][ T7537] usb 7-1: Using ep0 maxpacket: 8
[ 1210.830713][ T7537] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1210.830742][ T7537] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1210.830768][ T7537] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1210.830792][ T7537] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1210.830834][ T7537] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1210.830858][ T7537] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1211.074908][ T7537] usb 7-1: GET_CAPABILITIES returned 0
[ 1211.074953][ T7537] usbtmc 7-1:16.0: can't read capabilities
[ 1211.303973][    C1] usbtmc 7-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1211.328527][ T6127] usb 7-1: USB disconnect, device number 6
[ 1214.185779][ T6065] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1214.346206][ T6065] usb 7-1: Using ep0 maxpacket: 32
[ 1214.354256][ T6065] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1214.371167][ T6065] usb 7-1: config 8 has an invalid interface number: 109 but max is 1
[ 1214.371195][ T6065] usb 7-1: config 8 has an invalid interface number: 33 but max is 1
[ 1214.371213][ T6065] usb 7-1: config 8 has no interface number 0
[ 1214.371229][ T6065] usb 7-1: config 8 has no interface number 1
[ 1214.371290][ T6065] usb 7-1: config 8 interface 109 has no altsetting 0
[ 1214.371309][ T6065] usb 7-1: config 8 interface 33 has no altsetting 0
[ 1214.375334][ T6065] usb 7-1: New USB device found, idVendor=1915, idProduct=2234, bcdDevice=58.10
[ 1214.375366][ T6065] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1214.375385][ T6065] usb 7-1: Product: syz
[ 1214.375482][ T6065] usb 7-1: Manufacturer: syz
[ 1214.375500][ T6065] usb 7-1: SerialNumber: syz
[ 1214.480589][ T7156] netlink: 'syz.5.27584': attribute type 6 has an invalid length.
[ 1214.480612][ T7156] netlink: 8 bytes leftover after parsing attributes in process `syz.5.27584'.
[ 1214.482141][ T6065] usb 7-1: Interface #109 referenced by multiple IADs
[ 1214.677488][ T6620] IPVS: starting estimator thread 0...
[ 1214.762097][ T6065] usb 7-1: USB disconnect, device number 7
[ 1214.777873][ T7168] IPVS: using max 9 ests per chain, 21600 per kthread
[ 1214.948516][ T6620] libceph: connect (1)[c::]:6789 error -101
[ 1214.948708][ T6620] libceph: mon0 (1)[c::]:6789 connect error
[ 1215.056368][ T7190] ceph: No mds server is up or the cluster is laggy
[ 1216.761176][ T7308] netlink: 'syz.6.27641': attribute type 4 has an invalid length.
[ 1217.093731][ T6620] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[ 1217.254323][ T6620] usb 7-1: Using ep0 maxpacket: 8
[ 1217.256651][ T6620] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1217.256680][ T6620] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1217.256706][ T6620] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1217.256732][ T6620] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1217.256775][ T6620] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1217.256798][ T6620] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1217.574212][ T6620] usb 7-1: GET_CAPABILITIES returned 0
[ 1217.574258][ T6620] usbtmc 7-1:16.0: can't read capabilities
[ 1217.805423][ T6065] usb 7-1: USB disconnect, device number 8
[ 1218.763011][ T7455] netlink: 'syz.6.27700': attribute type 10 has an invalid length.
[ 1218.859412][ T7455] team0 (unregistering): Port device team_slave_0 removed
[ 1218.901440][ T7455] team0 (unregistering): Port device team_slave_1 removed
[ 1219.499805][ T7510] netlink: 12 bytes leftover after parsing attributes in process `syz.6.27725'.
[ 1219.584086][ T7510] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1219.748654][ T7542] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1219.749233][ T7542] bond3: (slave vxcan3): The slave device specified does not support setting the MAC address
[ 1219.750486][ T7542] bond3: (slave vxcan3): Error -95 calling set_mac_address
[ 1220.357669][ T7338] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1221.148501][ T7655] netlink: 4 bytes leftover after parsing attributes in process `syz.1.27769'.
[ 1221.207385][ T7658] netlink: 44 bytes leftover after parsing attributes in process `syz.1.27769'.
[ 1221.510304][ T7681] io-wq is not configured for unbound workers
[ 1221.647804][ T6065] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[ 1221.822669][ T6065] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1221.824742][ T6065] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1221.824773][ T6065] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[ 1221.824896][ T6065] usb 2-1: Product: syz
[ 1221.824913][ T6065] usb 2-1: SerialNumber: syz
[ 1222.943763][ T6065] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[ 1222.943805][ T6065] cdc_ncm 2-1:1.0: dwNtbInMaxSize=1 is too small. Using 2048
[ 1222.943826][ T6065] cdc_ncm 2-1:1.0: setting rx_max = 2048
[ 1223.160553][ T6065] cdc_ncm 2-1:1.0: setting tx_max = 184
[ 1223.235008][ T6065] cdc_ncm 2-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[ 1223.278556][ T6065] usb 2-1: USB disconnect, device number 46
[ 1223.279936][ T6065] cdc_ncm 2-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM (NO ZLP)
[ 1225.594969][ T7910] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input96
[ 1225.826015][ T7928] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1226.622985][ T7981] batadv_slave_1: entered promiscuous mode
[ 1226.625260][ T7980] batadv_slave_1: left promiscuous mode
[ 1227.421871][ T8031] netlink: 204 bytes leftover after parsing attributes in process `syz.6.27925'.
[ 1227.422373][ T8031] netlink: 72 bytes leftover after parsing attributes in process `syz.6.27925'.
[ 1229.355812][ T6065] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[ 1229.516111][ T6065] usb 2-1: Using ep0 maxpacket: 8
[ 1229.522977][ T6065] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[ 1229.523036][ T6065] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1229.523061][ T6065] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1229.523087][ T6065] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1229.523113][ T6065] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1229.523155][ T6065] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1229.523179][ T6065] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1229.639078][ T8106] team0: entered promiscuous mode
[ 1229.639488][ T8106] team_slave_0: entered promiscuous mode
[ 1229.641397][ T8106] team_slave_1: entered promiscuous mode
[ 1229.701235][ T8106] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1229.869132][ T8106] team0: left promiscuous mode
[ 1229.869158][ T8106] team_slave_0: left promiscuous mode
[ 1229.869402][ T8106] team_slave_1: left promiscuous mode
[ 1230.377729][ T8147] usbtmc 2-1:16.0: simple usb_control_msg failed -71
[ 1230.380928][ T2890] usb 2-1: USB disconnect, device number 47
[ 1234.403209][ T8389] delete_channel: no stack
[ 1234.525699][ T8402] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[ 1234.740739][T28634] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1234.777044][T28634] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1234.785224][T28634] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1234.806742][T28634] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1234.809912][T28634] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1235.835460][ T8473] input: syz1 as /devices/virtual/input/input97
[ 1236.492645][ T8413] chnl_net:caif_netlink_parms(): no params data found
[ 1236.969362][ T8621] loop5: detected capacity change from 0 to 7
[ 1237.009173][ T6807] Dev loop5: unable to read RDB block 7
[ 1237.009216][ T6807]  loop5: unable to read partition table
[ 1237.009459][ T6807] loop5: partition table beyond EOD, truncated
[ 1237.053107][T28634] Bluetooth: hci3: command tx timeout
[ 1237.103604][ T8621] Dev loop5: unable to read RDB block 7
[ 1237.103644][ T8621]  loop5: unable to read partition table
[ 1237.103850][ T8621] loop5: partition table beyond EOD, truncated
[ 1237.103886][ T8621] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1237.179054][ T8413] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1237.187491][ T8413] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1237.187765][ T8413] bridge_slave_0: entered allmulticast mode
[ 1237.199795][ T8413] bridge_slave_0: entered promiscuous mode
[ 1237.215988][ T8413] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1237.216110][ T8413] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1237.216701][ T8413] bridge_slave_1: entered allmulticast mode
[ 1237.243382][ T8413] bridge_slave_1: entered promiscuous mode
[ 1237.446465][ T8413] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1237.491826][ T8413] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1237.717988][ T8413] team0: Port device team_slave_0 added
[ 1237.930561][ T8413] team0: Port device team_slave_1 added
[ 1238.041480][ T8413] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1238.041497][ T8413] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1238.041524][ T8413] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1238.045249][ T8413] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1238.045264][ T8413] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1238.045291][ T8413] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1238.246394][ T8413] hsr_slave_0: entered promiscuous mode
[ 1238.247201][ T8413] hsr_slave_1: entered promiscuous mode
[ 1238.247839][ T8413] debugfs: 'hsr0' already exists in 'hsr'
[ 1238.247856][ T8413] Cannot create hsr debugfs directory
[ 1238.808542][ T8874] netlink: 5 bytes leftover after parsing attributes in process `syz.6.28176'.
[ 1238.977262][ T6620] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[ 1239.141285][ T6620] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1239.141313][ T6620] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1239.141349][ T6620] usb 2-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[ 1239.141372][ T6620] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1239.194992][ T6620] usb 2-1: config 0 descriptor??
[ 1239.279804][T28634] Bluetooth: hci3: command tx timeout
[ 1239.418304][ T8864] vcan0: tx drop: invalid sa for name 0xfffffffffffffffe
[ 1239.422345][ T6620] usb 2-1: USB disconnect, device number 48
[ 1241.500473][T28634] Bluetooth: hci3: command tx timeout
[ 1242.344954][ T6065] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[ 1242.505305][ T6065] usb 2-1: Using ep0 maxpacket: 16
[ 1242.513101][ T6065] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1242.513135][ T6065] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1242.513159][ T6065] usb 2-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[ 1242.513186][ T6065] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1242.513219][ T6065] usb 2-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1242.513243][ T6065] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1242.584491][ T6065] usb 2-1: config 0 descriptor??
[ 1242.820916][ T9104] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1242.821516][ T9104] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1243.038848][ T6065] hid (null): unknown global tag 0xc
[ 1243.049674][ T6065] hid (null): usage index exceeded
[ 1243.055873][ T6065] hid (null): unknown global tag 0xe
[ 1243.055897][ T6065] hid (null): nested delimiters
[ 1243.270883][ T6620] usb 2-1: USB disconnect, device number 49
[ 1243.723955][T28634] Bluetooth: hci3: command tx timeout
[ 1244.241661][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[ 1249.416436][ T8413] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1249.492637][ T8413] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1249.556291][ T8413] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1249.634811][ T8413] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1250.060899][ T8413] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1250.173893][ T8413] 8021q: adding VLAN 0 to HW filter on device team0
[ 1250.194347][ T2565] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1250.212617][ T2565] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1250.285556][ T2565] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1250.295992][ T2565] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1250.400212][ T9692] netlink: 'syz.6.28536': attribute type 5 has an invalid length.
[ 1251.054034][ T8413] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1251.666247][ T8413] veth0_vlan: entered promiscuous mode
[ 1251.675810][ T8413] veth1_vlan: entered promiscuous mode
[ 1251.790457][ T8413] veth0_macvtap: entered promiscuous mode
[ 1251.809751][ T8413] veth1_macvtap: entered promiscuous mode
[ 1251.847716][ T8413] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1251.896444][ T8413] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1251.922517][ T5685] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1251.923949][ T5685] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1251.924429][ T5685] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1251.924466][ T5685] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1252.494509][   T57] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1252.494531][   T57] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1252.646615][   T57] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1252.646637][   T57] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1254.284811][ T9901] loop3: detected capacity change from 0 to 7
[ 1254.299513][ T9635] Dev loop3: unable to read RDB block 7
[ 1254.299556][ T9635]  loop3: unable to read partition table
[ 1254.299807][ T9635] loop3: partition table beyond EOD, truncated
[ 1254.331552][ T9901] Dev loop3: unable to read RDB block 7
[ 1254.331600][ T9901]  loop3: unable to read partition table
[ 1254.331834][ T9901] loop3: partition table beyond EOD, truncated
[ 1254.331868][ T9901] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1256.995422][T10057] trusted_key: syz.7.28664 sent an empty control message without MSG_MORE.
[ 1257.386555][ T7537] usb 2-1: new full-speed USB device number 50 using dummy_hcd
[ 1257.573515][ T7537] usb 2-1: config 0 interface 0 altsetting 251 endpoint 0x1 has invalid maxpacket 252, setting to 64
[ 1257.573553][ T7537] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1257.577101][ T7537] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1257.577130][ T7537] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 1257.577151][ T7537] usb 2-1: Product: syz
[ 1257.577166][ T7537] usb 2-1: Manufacturer: syz
[ 1257.577181][ T7537] usb 2-1: SerialNumber: syz
[ 1257.634310][ T7537] usb 2-1: config 0 descriptor??
[ 1257.687408][ T7537] usb 2-1: selecting invalid altsetting 0
[ 1257.742252][T10109] netlink: 'syz.7.28680': attribute type 12 has an invalid length.
[ 1257.742277][T10109] netlink: 'syz.7.28680': attribute type 29 has an invalid length.
[ 1257.742291][T10109] netlink: 148 bytes leftover after parsing attributes in process `syz.7.28680'.
[ 1258.041635][ T7537] usb 2-1: USB disconnect, device number 50
[ 1258.216317][ T9795] udevd[9795]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1258.763994][   T36] kauditd_printk_skb: 26 callbacks suppressed
[ 1258.764012][   T36] audit: type=1326 audit(2000000993.325:1107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10167 comm="syz.7.28693" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2da05fc799 code=0x0
[ 1261.053431][ T6065] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[ 1261.216276][ T6065] usb 2-1: config 0 has too many interfaces: 253, using maximum allowed: 32
[ 1261.216304][ T6065] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 253
[ 1261.223452][ T6065] usb 2-1: New USB device found, idVendor=055f, idProduct=c630, bcdDevice=b6.ac
[ 1261.223477][ T6065] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1261.223487][ T6065] usb 2-1: Product: syz
[ 1261.223495][ T6065] usb 2-1: Manufacturer: syz
[ 1261.223557][ T6065] usb 2-1: SerialNumber: syz
[ 1261.232381][ T6065] usb 2-1: config 0 descriptor??
[ 1261.288577][ T7537] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[ 1261.303008][ T6065] gspca_main: sunplus-2.14.0 probing 055f:c630
[ 1261.451585][ T7537] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1261.451619][ T7537] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1261.451691][ T7537] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1261.451735][ T7537] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1261.451758][ T7537] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1261.483533][ T7537] usb 7-1: config 0 descriptor??
[ 1261.986011][ T7537] plantronics 0003:047F:FFFF.0033: reserved main item tag 0xd
[ 1262.171008][ T7537] plantronics 0003:047F:FFFF.0033: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[ 1262.333222][   T55] usb 7-1: USB disconnect, device number 9
[ 1262.367861][T10377] fido_id[10377]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/7-1/report_descriptor': No such file or directory
[ 1262.585360][ T6065] gspca_sunplus: reg_r err -71
[ 1262.585447][ T6065] sunplus 2-1:0.0: probe with driver sunplus failed with error -71
[ 1262.617643][ T6065] usb 2-1: USB disconnect, device number 51
[ 1262.926806][   T36] audit: type=1326 audit(2000000997.235:1108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10416 comm="syz.7.28773" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2da05fc799 code=0x0
[ 1266.248372][T10561] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[ 1266.254159][T10561] UDF-fs: Scanning with blocksize 512 failed
[ 1266.345941][T10561] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[ 1266.345966][T10561] UDF-fs: Scanning with blocksize 1024 failed
[ 1266.420410][T10561] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[ 1266.420703][T10561] UDF-fs: Scanning with blocksize 2048 failed
[ 1266.516255][T10561] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found
[ 1266.516277][T10561] UDF-fs: Scanning with blocksize 4096 failed
[ 1266.922644][ T6127] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[ 1267.082890][ T6127] usb 7-1: Using ep0 maxpacket: 32
[ 1267.085836][ T6127] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1267.085868][ T6127] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1267.085907][ T6127] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1267.085931][ T6127] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1267.090933][ T6127] usb 7-1: config 0 descriptor??
[ 1267.161005][ T6127] hub 7-1:0.0: USB hub found
[ 1267.314181][ T6127] hub 7-1:0.0: 1 port detected
[ 1267.969451][ T6127] hub 7-1:0.0: activate --> -90
[ 1268.401088][ T6127] usb 7-1-port1: config error
[ 1268.406737][ T2890] usb 7-1: USB disconnect, device number 10
[ 1270.833050][   T36] audit: type=1326 audit(2000001004.625:1109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10764 comm="syz.6.28893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbb419dc799 code=0x7fc00000
[ 1270.871759][   T36] audit: type=1326 audit(2000001004.653:1110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10764 comm="syz.6.28893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fbb419dc799 code=0x7fc00000
[ 1272.187397][   T36] audit: type=1326 audit(2000001005.897:1111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10768 comm="syz.1.28895" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f394f19c799 code=0x7fc00000
[ 1273.427067][T10934] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1273.454508][ T7537] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[ 1273.617452][ T7537] usb 7-1: Using ep0 maxpacket: 8
[ 1273.629870][ T7537] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[ 1273.629906][ T7537] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1273.629929][ T7537] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1273.629952][ T7537] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[ 1273.629984][ T7537] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1273.630021][ T7537] usb 7-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[ 1273.630044][ T7537] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1273.657070][ T7537] usb 7-1: config 0 descriptor??
[ 1273.658797][T10916] raw-gadget.1 gadget.6: fail, usb_ep_enable returned -22
[ 1273.828610][ T6070] Bluetooth: hci4: command 0x0405 tx timeout
[ 1274.129124][ T6127] usb 7-1: USB disconnect, device number 11
[ 1274.150599][T28634] Bluetooth: hci5: Opcode 0x0c03 failed: -19
[ 1279.761923][ T6127] usb 7-1: new low-speed USB device number 12 using dummy_hcd
[ 1279.925775][ T6127] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[ 1279.925804][ T6127] usb 7-1: config 0 has no interface number 0
[ 1279.925847][ T6127] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1279.925874][ T6127] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1279.925917][ T6127] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1279.925941][ T6127] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1279.931549][ T6127] usb 7-1: config 0 descriptor??
[ 1279.933352][T11310] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1280.017535][ T6127] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1280.325605][ T7537] usb 7-1: USB disconnect, device number 12
[ 1280.325746][    C1] iowarrior 7-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[ 1283.193704][   T36] audit: type=1326 audit(2000001016.186:1112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11500 comm="syz.7.29154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2da05fc799 code=0x7ffc0000
[ 1283.194003][   T36] audit: type=1326 audit(2000001016.196:1113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11500 comm="syz.7.29154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2da05fc799 code=0x7ffc0000
[ 1283.194274][   T36] audit: type=1326 audit(2000001016.196:1114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11500 comm="syz.7.29154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2da05fc799 code=0x7ffc0000
[ 1283.194957][   T36] audit: type=1326 audit(2000001016.196:1115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11500 comm="syz.7.29154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2da05fc799 code=0x7ffc0000
[ 1283.195434][   T36] audit: type=1326 audit(2000001016.196:1116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11500 comm="syz.7.29154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f2da05fc799 code=0x7ffc0000
[ 1283.195478][   T36] audit: type=1326 audit(2000001016.196:1117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11500 comm="syz.7.29154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2da05fc799 code=0x7ffc0000
[ 1283.195807][   T36] audit: type=1326 audit(2000001016.196:1118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11500 comm="syz.7.29154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2da05fc799 code=0x7ffc0000
[ 1283.196432][   T36] audit: type=1326 audit(2000001016.196:1119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11500 comm="syz.7.29154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2da05fc799 code=0x7ffc0000
[ 1283.196470][   T36] audit: type=1326 audit(2000001016.196:1120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11500 comm="syz.7.29154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=47 compat=0 ip=0x7f2da05fc799 code=0x7ffc0000
[ 1283.198914][   T36] audit: type=1326 audit(2000001016.196:1121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=11500 comm="syz.7.29154" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2da05fc799 code=0x7ffc0000
[ 1285.086278][T11614] netlink: 'syz.7.29196': attribute type 10 has an invalid length.
[ 1285.112519][T11614] 8021q: adding VLAN 0 to HW filter on device team0
[ 1285.140634][T11614] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1285.209465][T11621] Bluetooth: hci0: invalid len left 7, exp >= 86
[ 1290.524493][T11898] syzkaller0: entered promiscuous mode
[ 1290.524518][T11898] syzkaller0: entered allmulticast mode
[ 1292.385868][T11997] netlink: 67 bytes leftover after parsing attributes in process `syz.7.29350'.
[ 1293.450429][T12056] netlink: 64595 bytes leftover after parsing attributes in process `syz.1.29374'.
[ 1294.392363][T12092] netlink: 'syz.6.29389': attribute type 12 has an invalid length.
[ 1294.392385][T12092] netlink: 'syz.6.29389': attribute type 29 has an invalid length.
[ 1294.392399][T12092] netlink: 148 bytes leftover after parsing attributes in process `syz.6.29389'.
[ 1294.392442][T12092] netlink: 'syz.6.29389': attribute type 2 has an invalid length.
[ 1294.392456][T12092] netlink: 'syz.6.29389': attribute type 3 has an invalid length.
[ 1295.927905][T28634] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1295.955451][T28634] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1295.973302][T28634] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1295.975234][T28634] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1295.977234][T28634] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1296.365699][   T55] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[ 1296.535524][   T55] usb 2-1: Using ep0 maxpacket: 16
[ 1296.537874][   T55] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[ 1296.537900][   T55] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1296.537920][   T55] usb 2-1: config 0 has no interface number 0
[ 1296.540404][   T55] usb 2-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[ 1296.540431][   T55] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1296.540451][   T55] usb 2-1: Product: syz
[ 1296.540466][   T55] usb 2-1: Manufacturer: syz
[ 1296.540482][   T55] usb 2-1: SerialNumber: syz
[ 1296.621235][   T55] usb 2-1: config 0 descriptor??
[ 1296.640528][   T55] uvcvideo 2-1:0.105: Found UVC 0.00 device syz (046d:08f3)
[ 1296.640549][   T55] uvcvideo 2-1:0.105: No valid video chain found.
[ 1296.865924][T23966] usb 2-1: USB disconnect, device number 52
[ 1298.289175][ T5113] Bluetooth: hci4: command tx timeout
[ 1298.397420][T12137] chnl_net:caif_netlink_parms(): no params data found
[ 1299.150917][ T1402] bridge_slave_1: left allmulticast mode
[ 1299.150936][ T1402] bridge_slave_1: left promiscuous mode
[ 1299.151127][ T1402] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1299.372150][ T1402] bridge_slave_0: left allmulticast mode
[ 1299.372175][ T1402] bridge_slave_0: left promiscuous mode
[ 1299.372378][ T1402] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1300.454216][ T1402] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1300.512414][ T5113] Bluetooth: hci4: command tx timeout
[ 1300.535781][ T1402] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1300.579088][ T1402] bond0 (unregistering): Released all slaves
[ 1300.642259][ T1402] bond1 (unregistering): (slave bond2): Releasing backup interface
[ 1300.684732][ T1402] bond1 (unregistering): Released all slaves
[ 1300.743977][ T1402] bond2 (unregistering): Released all slaves
[ 1300.816765][ T1402] bond3 (unregistering): Released all slaves
[ 1300.880143][T12137] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1300.880273][T12137] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1300.880523][T12137] bridge_slave_0: entered allmulticast mode
[ 1300.883159][T12137] bridge_slave_0: entered promiscuous mode
[ 1300.913251][T12137] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1300.913369][T12137] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1300.913637][T12137] bridge_slave_1: entered allmulticast mode
[ 1300.916142][T12137] bridge_slave_1: entered promiscuous mode
[ 1301.120489][T12137] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1301.129279][T12137] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1301.225408][T12137] team0: Port device team_slave_0 added
[ 1301.229638][T12137] team0: Port device team_slave_1 added
[ 1301.741579][T12137] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1301.741590][T12137] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1301.741606][T12137] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1301.940976][T12137] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1301.940993][T12137] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1301.941020][T12137] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1302.601657][T12137] hsr_slave_0: entered promiscuous mode
[ 1302.603673][T12137] hsr_slave_1: entered promiscuous mode
[ 1302.605962][T12137] debugfs: 'hsr0' already exists in 'hsr'
[ 1302.605987][T12137] Cannot create hsr debugfs directory
[ 1302.750952][ T5113] Bluetooth: hci4: command tx timeout
[ 1302.793315][   T36] kauditd_printk_skb: 4 callbacks suppressed
[ 1302.793333][   T36] audit: type=1326 audit(2000001034.520:1126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12670 comm="syz.7.29534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2da059db19 code=0x7ffc0000
[ 1302.793378][   T36] audit: type=1326 audit(2000001034.520:1127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12670 comm="syz.7.29534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2da059db19 code=0x7ffc0000
[ 1302.793419][   T36] audit: type=1326 audit(2000001034.520:1128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12670 comm="syz.7.29534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2da059db19 code=0x7ffc0000
[ 1302.793463][   T36] audit: type=1326 audit(2000001034.520:1129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12670 comm="syz.7.29534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2da059db19 code=0x7ffc0000
[ 1302.793507][   T36] audit: type=1326 audit(2000001034.520:1130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12670 comm="syz.7.29534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2da059db19 code=0x7ffc0000
[ 1302.793547][   T36] audit: type=1326 audit(2000001034.520:1131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12670 comm="syz.7.29534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2da059db19 code=0x7ffc0000
[ 1302.793588][   T36] audit: type=1326 audit(2000001034.520:1132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12670 comm="syz.7.29534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2da059db19 code=0x7ffc0000
[ 1302.793630][   T36] audit: type=1326 audit(2000001034.520:1133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12670 comm="syz.7.29534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2da059db19 code=0x7ffc0000
[ 1302.793671][   T36] audit: type=1326 audit(2000001034.520:1134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12670 comm="syz.7.29534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2da059db19 code=0x7ffc0000
[ 1302.793712][   T36] audit: type=1326 audit(2000001034.520:1135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12670 comm="syz.7.29534" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2da059db19 code=0x7ffc0000
[ 1303.612715][T23966] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[ 1303.805156][T23966] usb 2-1: Using ep0 maxpacket: 32
[ 1303.807227][T23966] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[ 1303.807251][T23966] usb 2-1: config 0 has no interface number 0
[ 1303.807295][T23966] usb 2-1: config 0 interface 184 has no altsetting 0
[ 1303.810077][T23966] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1303.810105][T23966] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1303.810125][T23966] usb 2-1: Product: syz
[ 1303.810139][T23966] usb 2-1: Manufacturer: syz
[ 1303.810155][T23966] usb 2-1: SerialNumber: syz
[ 1303.829156][T23966] usb 2-1: config 0 descriptor??
[ 1304.125480][T12750] netlink: 'syz.7.29547': attribute type 83 has an invalid length.
[ 1304.230480][ T1402] hsr_slave_0: left promiscuous mode
[ 1304.274465][ T1402] hsr_slave_1: left promiscuous mode
[ 1304.282934][ T1402] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1304.386840][ T1402] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1304.924978][T23966] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[ 1304.925010][T23966] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1304.959732][ T5113] Bluetooth: hci4: command tx timeout
[ 1305.185073][T23966] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1305.185104][T23966] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[ 1305.185123][T23966] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[ 1305.185140][T23966] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1305.185442][T23966] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[ 1305.214652][T23966] usb 2-1: USB disconnect, device number 53
[ 1306.789381][T12891] loop2: detected capacity change from 0 to 7
[ 1306.790847][T12892] netlink: 27 bytes leftover after parsing attributes in process `syz.7.29592'.
[ 1306.805563][T10144] Dev loop2: unable to read RDB block 7
[ 1306.805608][T10144]  loop2: unable to read partition table
[ 1306.805846][T10144] loop2: partition table beyond EOD, truncated
[ 1306.813929][T12891] Dev loop2: unable to read RDB block 7
[ 1306.813973][T12891]  loop2: unable to read partition table
[ 1306.814186][T12891] loop2: partition table beyond EOD, truncated
[ 1306.814203][T12891] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1309.931136][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[ 1311.635432][T12137] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1311.679552][T12137] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1311.725873][T12137] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1311.792568][T12137] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1312.133252][T12137] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1312.191758][T12137] 8021q: adding VLAN 0 to HW filter on device team0
[ 1312.199423][T13013] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1312.199645][T13013] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1312.267469][T13029] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1312.267767][T13029] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1312.594166][T13225] netlink: 24 bytes leftover after parsing attributes in process `syz.1.29660'.
[ 1313.102910][T12137] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1313.917032][T12137] veth0_vlan: entered promiscuous mode
[ 1313.940674][T12137] veth1_vlan: entered promiscuous mode
[ 1314.090158][T12137] veth0_macvtap: entered promiscuous mode
[ 1314.099542][T12137] veth1_macvtap: entered promiscuous mode
[ 1314.159849][T12137] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1314.227040][T12137] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1314.256629][T13026] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1314.256888][T13026] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1314.256925][T13026] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1314.256960][T13026] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1314.982249][T13029] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1314.982271][T13029] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1315.104569][T13026] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1315.104590][T13026] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1317.799236][ T2890] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[ 1317.971166][ T2890] usb 2-1: too many configurations: 9, using maximum allowed: 8
[ 1317.972482][ T2890] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1317.972534][ T2890] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1317.972562][ T2890] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1317.973780][ T2890] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1317.973828][ T2890] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1317.973854][ T2890] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1317.975309][ T2890] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1317.975360][ T2890] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1317.975388][ T2890] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1317.976605][ T2890] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1317.976655][ T2890] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1317.976683][ T2890] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1317.977706][ T2890] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1317.977752][ T2890] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1317.977779][ T2890] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1317.978968][ T2890] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1317.979033][ T2890] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1317.979058][ T2890] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1317.980244][ T2890] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1317.980304][ T2890] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1317.980330][ T2890] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1317.986508][ T2890] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1317.986560][ T2890] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1317.986587][ T2890] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1317.990856][ T2890] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1317.990883][ T2890] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1317.990905][ T2890] usb 2-1: Product: syz
[ 1317.990919][ T2890] usb 2-1: Manufacturer: syz
[ 1317.990933][ T2890] usb 2-1: SerialNumber: syz
[ 1318.029767][ T2890] usb 2-1: config 0 descriptor??
[ 1318.083390][ T2890] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[ 1318.362983][ T6127] usb 2-1: USB disconnect, device number 54
[ 1318.367999][ T6127] yurex 2-1:0.0: USB YUREX #0 now disconnected
[ 1318.849881][T13536] tmpfs: Unsupported parameter 'huge'
[ 1319.354148][T13566] overlayfs: failed to clone upperpath
[ 1319.843926][T13598] tmpfs: Unsupported parameter 'huge'
[ 1326.291902][T13800] fuse: Bad value for 'fd'
[ 1331.060966][    C1] sched: DL replenish lagged too much
[ 1331.297033][T13935] overlayfs: failed to clone upperpath
[ 1348.601442][T14211] overlayfs: failed to clone lowerpath
[ 1350.565496][T14231] overlayfs: failed to clone upperpath
[ 1360.568837][T14340] overlayfs: failed to clone upperpath
[ 1361.406325][T28634] Bluetooth: hci2: command 0x0406 tx timeout
[ 1363.193390][T14368] overlayfs: failed to clone upperpath
[ 1363.578493][T14376] netlink: 'syz.6.30098': attribute type 16 has an invalid length.
[ 1363.578514][T14376] netlink: 'syz.6.30098': attribute type 17 has an invalid length.
[ 1364.941158][T14376] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1367.025061][ T5113] Bluetooth: hci3: command 0x0406 tx timeout
[ 1373.237955][T14404] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1373.238747][T14404] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1373.884305][T14466] netlink: 12 bytes leftover after parsing attributes in process `syz.6.30130'.
[ 1375.618320][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[ 1382.780108][T14404] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1383.599708][T14404] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1384.063578][ T5113] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1384.396708][ T5113] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1384.434226][ T5113] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1384.435371][ T5113] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1384.436130][ T5113] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1386.754060][T28634] Bluetooth: hci5: command tx timeout
[ 1388.945278][T28634] Bluetooth: hci5: command tx timeout
[ 1391.056759][T14647] random: crng reseeded on system resumption
[ 1391.169250][T28634] Bluetooth: hci5: command tx timeout
[ 1392.834908][ T5113] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1392.870250][ T5113] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1392.884344][ T5113] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1393.027726][ T5113] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1393.028501][ T5113] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1393.469465][T28634] Bluetooth: hci5: command tx timeout
[ 1395.701793][T28634] Bluetooth: hci6: command tx timeout
[ 1397.925343][T28634] Bluetooth: hci6: command tx timeout
[ 1400.150206][T28634] Bluetooth: hci6: command tx timeout
[ 1402.372739][T28634] Bluetooth: hci6: command tx timeout
[ 1407.364626][T13013] netdevsim netdevsim7 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1407.369933][T13013] netdevsim netdevsim7 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1407.403529][T13013] netdevsim netdevsim7 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1407.456999][T13013] netdevsim netdevsim7 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1434.414629][T14664] chnl_net:caif_netlink_parms(): no params data found
[ 1436.294247][T14571] chnl_net:caif_netlink_parms(): no params data found
[ 1439.063032][T14664] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1439.063157][T14664] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1439.063435][T14664] bridge_slave_0: entered allmulticast mode
[ 1439.066066][T14664] bridge_slave_0: entered promiscuous mode
[ 1439.069271][T14664] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1439.069403][T14664] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1439.069617][T14664] bridge_slave_1: entered allmulticast mode
[ 1439.072236][T14664] bridge_slave_1: entered promiscuous mode
[ 1440.546885][T14664] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1440.556416][T14571] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1440.556539][T14571] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1440.556823][T14571] bridge_slave_0: entered allmulticast mode
[ 1440.566820][T14571] bridge_slave_0: entered promiscuous mode
[ 1440.572596][T14664] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1441.458192][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[ 1441.608504][T14571] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1441.608644][T14571] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1441.608907][T14571] bridge_slave_1: entered allmulticast mode
[ 1441.662939][T14571] bridge_slave_1: entered promiscuous mode
[ 1443.223352][T14664] team0: Port device team_slave_0 added
[ 1443.703604][T14664] team0: Port device team_slave_1 added
[ 1443.707071][T14571] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1443.981970][T14571] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1447.413287][T14664] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1447.413302][T14664] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1447.413326][T14664] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1447.415720][T14664] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1447.415733][T14664] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1447.415756][T14664] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1448.977168][T14664] hsr_slave_0: entered promiscuous mode
[ 1448.978550][T14664] hsr_slave_1: entered promiscuous mode
[ 1448.979488][T14664] debugfs: 'hsr0' already exists in 'hsr'
[ 1448.979512][T14664] Cannot create hsr debugfs directory
[ 1453.054378][ T5113] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1453.082030][ T5113] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1453.084436][ T5113] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1453.100764][ T5113] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1453.113604][ T5113] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1456.781428][ T5113] Bluetooth: hci3: command tx timeout
[ 1459.076012][ T5113] Bluetooth: hci3: command tx timeout
[ 1461.313587][ T5113] Bluetooth: hci3: command tx timeout
[ 1461.372344][T28634] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1461.588125][T28634] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1461.962216][T28634] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1461.975528][T28634] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1461.976780][T28634] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1463.523002][ T5113] Bluetooth: hci3: command tx timeout
[ 1464.463727][ T5113] Bluetooth: hci4: command tx timeout
[ 1466.687326][ T5113] Bluetooth: hci4: command tx timeout
[ 1468.911071][ T5113] Bluetooth: hci4: command tx timeout
[ 1471.237587][ T5113] Bluetooth: hci4: command tx timeout
[ 1488.440688][T15380] chnl_net:caif_netlink_parms(): no params data found
[ 1489.382414][T13019] batman_adv: batadv0: adding TT local entry 33:33:00:00:00:01 to non-existent VLAN -1
[ 1495.917261][T15380] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1495.917396][T15380] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1495.917670][T15380] bridge_slave_0: entered allmulticast mode
[ 1495.920378][T15380] bridge_slave_0: entered promiscuous mode
[ 1496.065320][T15380] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1496.065457][T15380] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1496.065731][T15380] bridge_slave_1: entered allmulticast mode
[ 1496.068289][T15380] bridge_slave_1: entered promiscuous mode
[ 1503.286460][ T2890] IPVS: starting estimator thread 0...
[ 1503.431129][T15796] IPVS: using max 12 ests per chain, 28800 per kthread
[ 1507.037809][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[ 1513.407432][T13005] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1514.970086][T15380] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1519.447040][T28634] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1519.477072][T28634] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1519.507278][T28634] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1519.508922][T28634] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1519.535900][T28634] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1522.684841][ T5113] Bluetooth: hci5: command tx timeout
[ 1524.844412][ T5113] Bluetooth: hci5: command tx timeout
[ 1527.182776][T28634] Bluetooth: hci5: command tx timeout
[ 1529.326153][T28634] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1529.645304][ T6070] Bluetooth: hci5: command tx timeout
[ 1529.772959][T28634] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1529.796878][T28634] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1529.804235][T28634] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1529.849537][T28634] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1532.831545][T28634] Bluetooth: hci6: command tx timeout
[ 1535.031035][T28634] Bluetooth: hci6: command tx timeout
[ 1537.278845][T28634] Bluetooth: hci6: command tx timeout
[ 1539.469046][T28634] Bluetooth: hci6: command tx timeout
[ 1559.756355][T15905] chnl_net:caif_netlink_parms(): no params data found
[ 1573.230336][ T1320] ieee802154 phy1 wpan1: encryption failed: -22
[ 1573.323158][T15905] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1573.323282][T15905] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1573.323572][T15905] bridge_slave_0: entered allmulticast mode
[ 1573.356532][T15905] bridge_slave_0: entered promiscuous mode
[ 1574.118510][T15905] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1574.118634][T15905] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1574.118911][T15905] bridge_slave_1: entered allmulticast mode
[ 1574.121636][T15905] bridge_slave_1: entered promiscuous mode
[ 1583.470608][T15959] chnl_net:caif_netlink_parms(): no params data found
[ 1585.720749][ T5113] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1585.760900][ T5113] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1585.793838][ T5113] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1585.796663][ T5113] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1585.798006][ T5113] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1588.375259][ T5113] Bluetooth: hci3: command tx timeout
[ 1590.869734][ T5113] Bluetooth: hci3: command tx timeout
[ 1590.926192][T28634] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1590.935687][T28634] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1590.965982][T28634] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1591.500422][T28634] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1591.585222][T28634] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1592.520839][   T37] INFO: task syz.7.30108:14404 blocked for more than 143 seconds.
[ 1592.520866][   T37]       Tainted: G             L      syzkaller #0
[ 1592.520878][   T37]       Blocked by coredump.
[ 1592.520884][   T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1592.520894][   T37] task:syz.7.30108     state:D stack:16672 pid:14404 tgid:14397 ppid:8413   task_flags:0x40054c flags:0x00080001
[ 1592.520940][   T37] Call Trace:
[ 1592.520948][   T37]  <TASK>
[ 1592.520962][   T37]  __schedule+0x1553/0x5240
[ 1592.521003][   T37]  ? __lock_acquire+0x6b5/0x2cf0
[ 1592.521046][   T37]  ? __pfx___schedule+0x10/0x10
[ 1592.521083][   T37]  ? schedule+0x90/0x360
[ 1592.521113][   T37]  schedule+0x164/0x360
[ 1592.521142][   T37]  schedule_timeout+0xc3/0x2c0
[ 1592.521173][   T37]  ? __pfx_schedule_timeout+0x10/0x10
[ 1592.521199][   T37]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1592.521242][   T37]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1592.521275][   T37]  ? wait_for_completion+0x274/0x5e0
[ 1592.521304][   T37]  wait_for_completion+0x2cc/0x5e0
[ 1592.521345][   T37]  ? __pfx_wait_for_completion+0x10/0x10
[ 1592.521382][   T37]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1592.521416][   T37]  rcu_barrier+0x463/0x580
[ 1592.521452][   T37]  netdev_run_todo+0x2e0/0xde0
[ 1592.521559][   T37]  ? __pfx_netdev_run_todo+0x10/0x10
[ 1592.521580][   T37]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1592.521608][   T37]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1592.521645][   T37]  ? netdev_state_change+0x1ca/0x220
[ 1592.521702][   T37]  ? __pfx_tun_chr_close+0x10/0x10
[ 1592.521785][   T37]  tun_chr_close+0x13f/0x1c0
[ 1592.521814][   T37]  __fput+0x461/0xa90
[ 1592.521881][   T37]  task_work_run+0x1d9/0x270
[ 1592.521908][   T37]  ? __pfx_task_work_run+0x10/0x10
[ 1592.521932][   T37]  ? kmem_cache_free+0x185/0x6b0
[ 1592.521978][   T37]  ? put_net+0x191/0x260
[ 1592.522011][   T37]  do_exit+0x70f/0x23c0
[ 1592.522044][   T37]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1592.522078][   T37]  ? __pfx_do_exit+0x10/0x10
[ 1592.522097][   T37]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 1592.522122][   T37]  ? reacquire_held_locks+0x104/0x190
[ 1592.522143][   T37]  ? rt_spin_lock+0x1e0/0x400
[ 1592.522180][   T37]  do_group_exit+0x21b/0x2d0
[ 1592.522202][   T37]  ? rt_spin_unlock+0x160/0x200
[ 1592.522236][   T37]  get_signal+0x125c/0x1310
[ 1592.522284][   T37]  arch_do_signal_or_restart+0xbc/0x830
[ 1592.522326][   T37]  ? __x64_sys_sendmsg+0x275/0x2a0
[ 1592.522374][   T37]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1592.522420][   T37]  exit_to_user_mode_loop+0x86/0x480
[ 1592.522449][   T37]  ? rcu_is_watching+0x15/0xb0
[ 1592.522475][   T37]  do_syscall_64+0x32d/0xf80
[ 1592.522503][   T37]  ? trace_irq_disable+0x3b/0x150
[ 1592.522527][   T37]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1592.522549][   T37]  ? clear_bhb_loop+0x40/0x90
[ 1592.522574][   T37]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1592.522594][   T37] RIP: 0033:0x7f2da05fc799
[ 1592.522614][   T37] RSP: 002b:00007f2d9e835028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1592.522635][   T37] RAX: 0000000000000028 RBX: 00007f2da0876090 RCX: 00007f2da05fc799
[ 1592.522649][   T37] RDX: 0000000000004004 RSI: 0000200000000200 RDI: 0000000000000004
[ 1592.522663][   T37] RBP: 00007f2da0692c99 R08: 0000000000000000 R09: 0000000000000000
[ 1592.522677][   T37] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1592.522690][   T37] R13: 00007f2da0876128 R14: 00007f2da0876090 R15: 00007fff21b18458
[ 1592.522723][   T37]  </TASK>
[ 1592.522733][   T37] INFO: task syz.6.30130:14461 blocked for more than 143 seconds.
[ 1592.522749][   T37]       Tainted: G             L      syzkaller #0
[ 1592.522760][   T37]       Blocked by coredump.
[ 1592.522767][   T37] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1592.522776][   T37] task:syz.6.30130     state:D stack:21952 pid:14461 tgid:14454 ppid:12137  task_flags:0x40054c flags:0x00080001
[ 1592.522822][   T37] Call Trace:
[ 1592.522830][   T37]  <TASK>
[ 1592.522842][   T37]  __schedule+0x1553/0x5240
[ 1592.522898][   T37]  ? __pfx___schedule+0x10/0x10
[ 1592.522941][   T37]  rt_mutex_schedule+0x76/0xf0
[ 1592.522967][   T37]  rt_mutex_slowlock_block+0x508/0x680
[ 1592.523004][   T37]  ? rt_mutex_slowlock_block+0x2e9/0x680
[ 1592.523031][   T37]  rt_mutex_slowlock+0x2dc/0x7b0
[ 1592.523058][   T37]  ? rt_mutex_slowlock+0x1fd/0x7b0
[ 1592.523083][   T37]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1592.523127][   T37]  ? rcu_barrier+0x4c/0x580
[ 1592.523156][   T37]  ? rcu_barrier+0x4c/0x580
[ 1592.523178][   T37]  mutex_lock_nested+0x168/0x1d0
[ 1592.523200][   T37]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 1592.523281][   T37]  rcu_barrier+0x4c/0x580
[ 1592.523315][   T37]  netdev_run_todo+0x2e0/0xde0
[ 1592.523343][   T37]  ? __pfx_netdev_run_todo+0x10/0x10
[ 1592.523364][   T37]  ? kasan_quarantine_put+0xbb/0x1f0
[ 1592.523390][   T37]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1592.523426][   T37]  ? netdev_state_change+0x1ca/0x220
[ 1592.523454][   T37]  ? __pfx_tun_chr_close+0x10/0x10
[ 1592.523483][   T37]  tun_chr_close+0x13f/0x1c0
[ 1592.523511][   T37]  __fput+0x461/0xa90
[ 1592.523548][   T37]  task_work_run+0x1d9/0x270
[ 1592.523574][   T37]  ? __pfx_task_work_run+0x10/0x10
[ 1592.523598][   T37]  ? kmem_cache_free+0x185/0x6b0
[ 1592.523616][   T37]  ? put_net+0x191/0x260
[ 1592.523648][   T37]  do_exit+0x70f/0x23c0
[ 1592.523673][   T37]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1592.523706][   T37]  ? __pfx_do_exit+0x10/0x10
[ 1592.523724][   T37]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[ 1592.523745][   T37]  ? reacquire_held_locks+0x104/0x190
[ 1592.523767][   T37]  ? rt_spin_lock+0x1e0/0x400
[ 1592.523804][   T37]  do_group_exit+0x21b/0x2d0
[ 1592.523826][   T37]  ? rt_spin_unlock+0x160/0x200
[ 1592.523853][   T37]  get_signal+0x125c/0x1310
[ 1592.523902][   T37]  arch_do_signal_or_restart+0xbc/0x830
[ 1592.523928][   T37]  ? __x64_sys_sendmsg+0x275/0x2a0
[ 1592.523948][   T37]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 1592.523995][   T37]  exit_to_user_mode_loop+0x86/0x480
[ 1592.524021][   T37]  ? rcu_is_watching+0x15/0xb0
[ 1592.524047][   T37]  do_syscall_64+0x32d/0xf80
[ 1592.524075][   T37]  ? trace_irq_disable+0x3b/0x150
[ 1592.524098][   T37]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1592.524118][   T37]  ? clear_bhb_loop+0x40/0x90
[ 1592.524142][   T37]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1592.524162][   T37] RIP: 0033:0x7f6ebbbbc799
[ 1592.524180][   T37] RSP: 002b:00007f6eb9df5028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1592.524199][   T37] RAX: 0000000000000038 RBX: 00007f6ebbe36090 RCX: 00007f6ebbbbc799
[ 1592.524213][   T37] RDX: 0000000000000000 RSI: 00002000000012c0 RDI: 0000000000000003
[ 1592.524233][   T37] RBP: 00007f6ebbc52c99 R08: 0000000000000000 R09: 0000000000000000
[ 1592.524246][   T37] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1592.524259][   T37] R13: 00007f6ebbe36128 R14: 00007f6ebbe36090 R15: 00007ffe0f41fd68
[ 1592.524293][   T37]  </TASK>
[ 1592.524328][   T37] 
[ 1592.524328][   T37] Showing all locks held in the system:
[ 1592.524340][   T37] 4 locks held by ksoftirqd/1/30:
[ 1592.524354][   T37] 1 lock held by khungtaskd/37:
[ 1592.524365][   T37]  #0: ffffffff8ddcb980 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1592.524439][   T37] 4 locks held by kworker/u9:1/5113:
[ 1592.524451][   T37]  #0: ffff88807e653138 ((wq_completion)hci4#2){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[ 1592.524508][   T37]  #1: ffffc9000ef1fc40 ((work_completion)(&hdev->rx_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[ 1592.524560][   T37]  #2: ffff888072ac40b0 (&hdev->lock){+.+.}-{4:4}, at: le_conn_complete_evt+0xa0/0x1430
[ 1592.524697][   T37]  #3: ffff888019c4f238 (&root->kernfs_rwsem){++++}-{4:4}, at: kernfs_add_one+0x41/0x5c0
[ 1592.524792][   T37] 1 lock held by udevd/5163:
[ 1592.524803][   T37]  #0: ffff888019c4f238 (&root->kernfs_rwsem){++++}-{4:4}, at: kernfs_dop_revalidate+0x9e/0x5e0
[ 1592.524854][   T37] 2 locks held by getty/5547:
[ 1592.524866][   T37]  #0: ffff888037ab50a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1592.524945][   T37]  #1: ffffc90003e762e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13c0
[ 1592.524991][   T37] 3 locks held by kworker/0:3/5797:
[ 1592.525012][   T37] 10 locks held by syz-executor/5274:
[ 1592.525030][   T37] 6 locks held by kworker/u8:38/13005:
[ 1592.525042][   T37]  #0: ffff88801aee1138 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[ 1592.525097][   T37]  #1: ffffc90005ef7c40 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[ 1592.525148][   T37]  #2: ffffffff8f14c400 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf4/0x800
[ 1592.525235][   T37]  #3: ffff88809e5ce0d8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x117/0x3f0
[ 1592.525309][   T37]  #4: ffff88802ac44300 (&devlink->lock_key#6){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x129/0x3f0
[ 1592.525360][   T37]  #5: ffffffff8ddd1bf0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[ 1592.525408][   T37] 2 locks held by kworker/u8:39/13013:
[ 1592.525420][   T37]  #0: ffff888019c44138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[ 1592.525471][   T37]  #1: ffffc90006337c40 ((reaper_work).work){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[ 1592.525522][   T37] 2 locks held by kworker/u8:41/13017:
[ 1592.525535][   T37] 4 locks held by kworker/u8:46/13031:
[ 1592.525548][   T37] 1 lock held by syz.7.30108/14404:
[ 1592.525559][   T37]  #0: ffffffff8ddd1bf0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[ 1592.525607][   T37] 1 lock held by syz.6.30130/14461:
[ 1592.525618][   T37]  #0: ffffffff8ddd1bf0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[ 1592.525670][   T37] 1 lock held by syz-executor/14571:
[ 1592.525681][   T37]  #0: ffffffff8ddd1bf0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[ 1592.525741][   T37] 1 lock held by syz-executor/14664:
[ 1592.525752][   T37]  #0: ffffffff8ddd1bf0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[ 1592.525802][   T37] 1 lock held by syz-executor/15380:
[ 1592.525813][   T37]  #0: ffffffff8ddd1bf0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[ 1592.525860][   T37] 1 lock held by syz-executor/15448:
[ 1592.525871][   T37]  #0: ffffffff8ddd1bf0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[ 1592.525921][   T37] 2 locks held by syz-executor/15905:
[ 1592.525932][   T37]  #0: ffff8880552a4f80 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x5a0
[ 1592.526037][   T37]  #1: ffff8880552a40b0 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x640/0x10e0
[ 1592.526115][   T37] 5 locks held by syz-executor/16365:
[ 1592.526127][   T37]  #0: ffffffff8f14c400 (pernet_ops_rwsem){++++}-{4:4}, at: copy_net_ns+0x4f7/0x730
[ 1592.526177][   T37]  #1: ffffffff8eeaf920 (devices_rwsem){++++}-{4:4}, at: rdma_dev_init_net+0x200/0x2f0
[ 1592.526264][   T37]  #2: ffffffff8eeafb60 (rdma_nets_rwsem){++++}-{4:4}, at: rdma_dev_init_net+0x238/0x2f0
[ 1592.526307][   T37]  #3: ffff888031f1d130 (&device->compat_devs_mutex){+.+.}-{4:4}, at: add_one_compat_dev+0xf0/0x650
[ 1592.526371][   T37]  #4: ffff888019c4f238 (&root->kernfs_rwsem){++++}-{4:4}, at: kernfs_add_one+0x2ae/0x5c0
[ 1592.715248][   T37] 2 locks held by syz-executor/16399:
[ 1592.715263][   T37] 1 lock held by syz.1.30609/16413:
[ 1592.715278][   T37] 
[ 1592.715284][   T37] =============================================
[ 1592.715284][   T37] 
[ 1592.715310][   T37] NMI backtrace for cpu 1
[ 1592.715331][   T37] CPU: 1 UID: 0 PID: 37 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1592.715380][   T37] Tainted: [L]=SOFTLOCKUP
[ 1592.715387][   T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1592.715399][   T37] Call Trace:
[ 1592.715408][   T37]  <TASK>
[ 1592.715418][   T37]  dump_stack_lvl+0xe8/0x150
[ 1592.715454][   T37]  nmi_cpu_backtrace+0x274/0x2d0
[ 1592.715553][   T37]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1592.715583][   T37]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1592.715609][   T37]  sys_info+0x135/0x170
[ 1592.715629][   T37]  watchdog+0xfd9/0x1030
[ 1592.715659][   T37]  ? watchdog+0x21a/0x1030
[ 1592.715689][   T37]  kthread+0x388/0x470
[ 1592.715711][   T37]  ? __pfx_watchdog+0x10/0x10
[ 1592.715732][   T37]  ? __pfx_kthread+0x10/0x10
[ 1592.715754][   T37]  ret_from_fork+0x51e/0xb90
[ 1592.715785][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[ 1592.715809][   T37]  ? __switch_to+0xc7d/0x1450
[ 1592.715836][   T37]  ? __pfx_kthread+0x10/0x10
[ 1592.715859][   T37]  ret_from_fork_asm+0x1a/0x30
[ 1592.715894][   T37]  </TASK>
[ 1592.715902][   T37] Sending NMI from CPU 1 to CPUs 0:
[ 1592.715929][    C0] NMI backtrace for cpu 0
[ 1592.715949][    C0] CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1592.716002][    C0] Tainted: [L]=SOFTLOCKUP
[ 1592.716016][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1592.716039][    C0] RIP: 0010:unwind_next_frame+0x13b6/0x23c0
[ 1592.716064][    C0] Code: b6 04 28 84 c0 0f 85 6c 0b 00 00 41 0f b6 04 2f 84 c0 0f 85 83 0b 00 00 0f b7 32 c1 ee 04 83 e6 0f 83 fe 04 0f 84 ae 04 00 00 <83> fe 01 0f 84 5d 04 00 00 85 f6 0f 85 40 06 00 00 48 8b 44 24 38
[ 1592.716078][    C0] RSP: 0018:ffffc90000156ab8 EFLAGS: 00000293
[ 1592.716093][    C0] RAX: 0000000000000000 RBX: ffffc90000156bc0 RCX: 0000000000000000
[ 1592.716105][    C0] RDX: ffffffff90043656 RSI: 0000000000000001 RDI: ffffc90000156be8
[ 1592.716117][    C0] RBP: dffffc0000000000 R08: ffffc90000156be7 R09: 0000000000000000
[ 1592.716148][    C0] R10: ffffc90000156bd8 R11: fffff5200002ad7d R12: ffffc90000156bd8
[ 1592.716160][    C0] R13: 1ffff9200002ad73 R14: ffffc90000156b88 R15: 1ffffffff20086ca
[ 1592.716173][    C0] FS:  0000000000000000(0000) GS:ffff88812633c000(0000) knlGS:0000000000000000
[ 1592.716187][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1592.716199][    C0] CR2: 00007f787b2264f0 CR3: 00000000864d2000 CR4: 00000000003526f0
[ 1592.716215][    C0] Call Trace:
[ 1592.716221][    C0]  <TASK>
[ 1592.716232][    C0]  ? unwind_next_frame+0xa5/0x23c0
[ 1592.716249][    C0]  ? kmem_cache_alloc_noprof+0x33b/0x680
[ 1592.716274][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1592.716296][    C0]  arch_stack_walk+0x11b/0x150
[ 1592.716315][    C0]  ? fill_pool+0x156/0x590
[ 1592.716336][    C0]  stack_trace_save+0xa9/0x100
[ 1592.716357][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[ 1592.716380][    C0]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1592.716404][    C0]  kasan_save_track+0x3e/0x80
[ 1592.716425][    C0]  ? kasan_save_track+0x3e/0x80
[ 1592.716444][    C0]  ? __kasan_slab_alloc+0x6c/0x80
[ 1592.716465][    C0]  ? kmem_cache_alloc_noprof+0x33b/0x680
[ 1592.716511][    C0]  __kasan_slab_alloc+0x6c/0x80
[ 1592.716533][    C0]  kmem_cache_alloc_noprof+0x33b/0x680
[ 1592.716555][    C0]  ? fill_pool+0x156/0x590
[ 1592.716575][    C0]  fill_pool+0x156/0x590
[ 1592.716595][    C0]  ? __pfx_fill_pool+0x10/0x10
[ 1592.716616][    C0]  ? debug_objects_fill_pool+0x6f/0xd0
[ 1592.716633][    C0]  ? debug_objects_fill_pool+0x6f/0xd0
[ 1592.716652][    C0]  debug_objects_fill_pool+0x97/0xd0
[ 1592.716677][    C0]  debug_object_activate+0x36/0x520
[ 1592.716695][    C0]  ? synproxy_send_client_synack+0x8c1/0xe30
[ 1592.716791][    C0]  ? __pfx_dst_destroy_rcu+0x10/0x10
[ 1592.716809][    C0]  call_rcu+0x43/0x890
[ 1592.716830][    C0]  ? dst_release+0x126/0x1b0
[ 1592.716848][    C0]  skb_release_head_state+0x71/0x360
[ 1592.716921][    C0]  __kfree_skb+0x24/0x210
[ 1592.716944][    C0]  nft_synproxy_eval_v4+0x352/0x4e0
[ 1592.716990][    C0]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[ 1592.717008][    C0]  ? nf_ip_checksum+0x13c/0x510
[ 1592.717051][    C0]  nft_synproxy_do_eval+0x305/0x580
[ 1592.717067][    C0]  ? reacquire_held_locks+0x104/0x190
[ 1592.717085][    C0]  ? rt_spin_lock+0x1e0/0x400
[ 1592.717106][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[ 1592.717125][    C0]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1592.717152][    C0]  nft_do_chain+0x45e/0x1990
[ 1592.717175][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[ 1592.717202][    C0]  ? rtlock_slowlock_locked+0xfb/0x3c80
[ 1592.717224][    C0]  ? __lock_acquire+0x6b5/0x2cf0
[ 1592.717242][    C0]  nft_do_chain_inet+0x29d/0x380
[ 1592.717282][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1592.717301][    C0]  ? rtlock_slowlock_locked+0xfb/0x3c80
[ 1592.717325][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 1592.717341][    C0]  nf_hook_slow+0xc5/0x220
[ 1592.717388][    C0]  NF_HOOK+0x21f/0x3c0
[ 1592.717406][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1592.717422][    C0]  ? NF_HOOK+0x9e/0x3c0
[ 1592.717437][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[ 1592.717452][    C0]  ? ip_rcv_finish_core+0xda3/0x1c00
[ 1592.717470][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 1592.717489][    C0]  ? ip_local_deliver+0x12a/0x1b0
[ 1592.717507][    C0]  NF_HOOK+0x336/0x3c0
[ 1592.717522][    C0]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1592.717545][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1592.717561][    C0]  ? NF_HOOK+0x9e/0x3c0
[ 1592.717576][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[ 1592.717593][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 1592.717611][    C0]  ? __pfx_ip_rcv+0x10/0x10
[ 1592.717626][    C0]  ? process_backlog+0x271/0xc60
[ 1592.717646][    C0]  ? __pfx_ip_rcv+0x10/0x10
[ 1592.717662][    C0]  process_backlog+0x569/0xc60
[ 1592.717697][    C0]  __napi_poll+0xaf/0x580
[ 1592.717715][    C0]  ? skb_defer_free_flush+0x233/0x260
[ 1592.717736][    C0]  net_rx_action+0x696/0xe00
[ 1592.717756][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[ 1592.717785][    C0]  ? __pfx_net_rx_action+0x10/0x10
[ 1592.717820][    C0]  handle_softirqs+0x1de/0x6f0
[ 1592.717845][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[ 1592.717868][    C0]  run_ktimerd+0x69/0x100
[ 1592.717883][    C0]  smpboot_thread_fn+0x541/0xa50
[ 1592.717905][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[ 1592.717932][    C0]  kthread+0x388/0x470
[ 1592.717948][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1592.717971][    C0]  ? __pfx_kthread+0x10/0x10
[ 1592.717988][    C0]  ret_from_fork+0x51e/0xb90
[ 1592.718011][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1592.718031][    C0]  ? __switch_to+0xc7d/0x1450
[ 1592.718051][    C0]  ? __pfx_kthread+0x10/0x10
[ 1592.718068][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1592.718091][    C0]  </TASK>
[ 1592.800537][   T37] Kernel panic - not syncing: hung_task: blocked tasks
[ 1592.800561][   T37] CPU: 1 UID: 0 PID: 37 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT_{RT,(full)} 
[ 1592.800588][   T37] Tainted: [L]=SOFTLOCKUP
[ 1592.800595][   T37] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1592.800608][   T37] Call Trace:
[ 1592.800615][   T37]  <TASK>
[ 1592.800626][   T37]  vpanic+0x56c/0xa60
[ 1592.800659][   T37]  ? __pfx___schedule+0x10/0x10
[ 1592.800687][   T37]  ? __pfx_vpanic+0x10/0x10
[ 1592.800723][   T37]  panic+0xc5/0xd0
[ 1592.800750][   T37]  ? __pfx_panic+0x10/0x10
[ 1592.800781][   T37]  ? preempt_schedule_thunk+0x16/0x30
[ 1592.800811][   T37]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[ 1592.800840][   T37]  watchdog+0x1023/0x1030
[ 1592.800868][   T37]  ? watchdog+0x21a/0x1030
[ 1592.800899][   T37]  kthread+0x388/0x470
[ 1592.800921][   T37]  ? __pfx_watchdog+0x10/0x10
[ 1592.800943][   T37]  ? __pfx_kthread+0x10/0x10
[ 1592.800966][   T37]  ret_from_fork+0x51e/0xb90
[ 1592.800996][   T37]  ? __pfx_ret_from_fork+0x10/0x10
[ 1592.801022][   T37]  ? __switch_to+0xc7d/0x1450
[ 1592.801050][   T37]  ? __pfx_kthread+0x10/0x10
[ 1592.801072][   T37]  ret_from_fork_asm+0x1a/0x30
[ 1592.801107][   T37]  </TASK>
[ 1592.801380][   T37] Kernel Offset: disabled