last executing test programs:

32m6.026788274s ago: executing program 2 (id=6242):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x1c, 0x0, 0x1, 0x201, 0x0, 0x0, {0x2, 0x0, 0x2}, [@CTA_ZONE={0x6, 0x12, 0x1, 0x0, 0x1}]}, 0x1c}}, 0x4000018)

32m5.605101947s ago: executing program 2 (id=6244):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r3, 0x0, 0x0, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
write(r4, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x3, 0x300)

32m5.34299246s ago: executing program 2 (id=6246):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40024)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x805, 0x0, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x80, 0x0, 0x0)

32m5.23996454s ago: executing program 2 (id=6247):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
eventfd2(0xffffffff, 0x1)

32m5.045102765s ago: executing program 2 (id=6249):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r3, &(0x7f0000000040)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4008040)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r4, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
write(r5, 0x0, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r6, 0x0)

32m4.85439333s ago: executing program 2 (id=6251):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x42, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, 0x0, 0x0, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r6, &(0x7f0000003c00), 0x1, 0x4008080)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r7, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r8 = getpid()
r9 = syz_pidfd_open(r8, 0x0)
setns(r9, 0x24020000)
syz_clone(0x52022180, 0x0, 0x0, 0x0, 0x0, 0x0)

31m49.703239888s ago: executing program 32 (id=6251):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r4, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x42, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, 0x0, 0x0, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r6, &(0x7f0000003c00), 0x1, 0x4008080)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r7, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r8 = getpid()
r9 = syz_pidfd_open(r8, 0x0)
setns(r9, 0x24020000)
syz_clone(0x52022180, 0x0, 0x0, 0x0, 0x0, 0x0)

3m42.278984147s ago: executing program 5 (id=18030):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00), 0x458, 0x4)
mount$binderfs(0x0, &(0x7f0000000080)='./binderfs\x00', 0x0, 0x2010860, 0x0)

3m42.199540723s ago: executing program 5 (id=18031):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES32=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r4 = openat$cgroup_procs(r3, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
pread64(r4, &(0x7f00000001c0)=""/100, 0x64, 0x6)

3m42.059723254s ago: executing program 5 (id=18032):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x3, [@restrict={0x0, 0x0, 0x0, 0xb, 0x2}, @fwd={0x2, 0x0, 0x0, 0x12}]}, {0x0, [0x0]}}, 0x0, 0x33, 0x0, 0x1}, 0x28)

3m41.871045973s ago: executing program 5 (id=18034):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0xdc000006, 0x0, {[0x1]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_FLUSH(r2, 0x29, 0xd1, &(0x7f0000000180)=0x5, 0x4)

3m41.335403601s ago: executing program 5 (id=18036):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_MAXSEG(r6, 0x84, 0xd, &(0x7f0000000180), 0x4)

3m40.883949577s ago: executing program 5 (id=18040):
r0 = msgget(0x3, 0x710)
msgget(0x2, 0x624)
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r2, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=r2, @ANYRES64=r1], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
syz_open_procfs(0x0, 0x0)
getsockopt$sock_cred(r1, 0x1, 0x11, 0x0, &(0x7f0000000b40))
msgctl$IPC_RMID(0x0, 0x0)
gettid()
msgctl$MSG_STAT(r0, 0xb, 0x0)
msgget(0x0, 0x200)

2m32.167589839s ago: executing program 3 (id=18176):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)

2m31.722957462s ago: executing program 3 (id=18180):
symlink(&(0x7f0000000040)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8=0x0, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, 0x0, 0x118)

2m30.732774017s ago: executing program 3 (id=18184):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
sendmmsg$inet6(r2, 0x0, 0x0, 0x40084)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)

2m29.67737603s ago: executing program 3 (id=18188):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
socket$inet6_sctp(0xa, 0x1, 0x84)

2m28.243519558s ago: executing program 3 (id=18190):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmmsg$inet(r2, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000007d00)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="180000006a00"], 0x1c}], 0x1}, 0x4000080)

2m27.514529782s ago: executing program 3 (id=18192):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x4000009f}]})

2m11.725218271s ago: executing program 33 (id=18192):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_MSRS_cpu(r2, 0xc008ae88, &(0x7f00000000c0)={0x1, 0x0, [{0x4000009f}]})

2m3.035578174s ago: executing program 1 (id=18229):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
syz_emit_ethernet(0x2a, &(0x7f0000000380)={@broadcast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x33, 0x0, @private, @broadcast}, {0x0, 0x0, 0x8}}}}}, 0x0)

2m1.820854534s ago: executing program 1 (id=18232):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4})
ioctl$sock_netdev_private(r2, 0x89f0, &(0x7f0000000000))

2m1.196566974s ago: executing program 1 (id=18233):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x3, 0x0, 0x1}, 0x48)

1m59.95638494s ago: executing program 1 (id=18236):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x805, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r2, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x19)
remap_file_pages(&(0x7f00002ec000/0x200000)=nil, 0x200000, 0x0, 0x40, 0x0)

1m58.556001776s ago: executing program 1 (id=18239):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
write(r0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = socket$inet(0x2, 0x3, 0x8d)
getsockopt$inet_pktinfo(r4, 0x0, 0x8, 0x0, &(0x7f0000000140))

1m56.119420864s ago: executing program 1 (id=18242):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070011000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

1m46.62587351s ago: executing program 0 (id=18255):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x24000]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0)
ioctl$KVM_X86_SETUP_MCE(r0, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
sendmmsg$inet(r1, &(0x7f0000000a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40040)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000005800)=[{{0x0, 0x0, 0x0}}], 0x1, 0x8014)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1002, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000007d00)=[{&(0x7f00000000c0)=ANY=[@ANYBLOB="180000006a00"], 0x1c}], 0x1}, 0x4000080)

1m43.404806776s ago: executing program 0 (id=18260):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r0, @ANYRES64], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r1, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r2, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4})
ioctl$sock_netdev_private(r2, 0x89f0, &(0x7f0000000000))

1m40.309574447s ago: executing program 34 (id=18242):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="50000000090601020000000000000000020000000900020073797a31000000000500010007000000280007800c00018008000140ffffffff0500070011000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

1m39.719233208s ago: executing program 0 (id=18263):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x54000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)

1m36.669082432s ago: executing program 0 (id=18265):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100)={0x3, &(0x7f0000000000)=[{0xa4}, {0x4c, 0x0, 0x0, 0x10000}, {0x6}]})

1m35.621436466s ago: executing program 0 (id=18266):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000500), 0x0, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r6, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r7, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)

1m35.062714391s ago: executing program 0 (id=18267):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400f9e3bde20064ff00000000", @ANYRES32=0x0, @ANYBLOB], 0x3c}, 0x1, 0xba01}, 0x0)

1m19.647821363s ago: executing program 35 (id=18267):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400f9e3bde20064ff00000000", @ANYRES32=0x0, @ANYBLOB], 0x3c}, 0x1, 0xba01}, 0x0)

26.160596763s ago: executing program 4 (id=18288):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f27, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0)
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r5, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r6, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r7, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)

20.524389894s ago: executing program 4 (id=18289):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, 0x0, 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00), 0x4d, 0x0)
write(r0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r5, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$binfmt_misc(r7, &(0x7f0000000000), 0xd)

16.352375141s ago: executing program 4 (id=18290):
capset(&(0x7f0000000140)={0x20071026}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x84, 0xffffffff, 0x7})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b7000000ff00001fbfa300000000000007030000f0ffffff6a0af0fff8ffffff61a4f0ff0000000066040200000000001d400200000000004704000001ed00006203000000ffffffcf440000000000007a0a00ff00ffffffc30300fff1000000b4000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebaa0f040000c72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204ab3949006c3172171652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d156ae8383117c039862198899b212c55318294270a1ad10c80fef7c247afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15f279b513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aa0000000000000000832371fe5bc621426d1ed0a4a99702cc1b692c3f0b15629eaf4c12a1e717d29135753208165b9cdbae2ed9dc7358f0e3adde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbad937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594807031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac42738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca9be8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998802008f0232b39578052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91ed92cac7c2ccd17d338bbda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922928e000000ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abb8a9982ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139566fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe6290421338ef8f6d27117cd1471bf3c0b64416fbbe955da0281e7ef7f7d5176150e86cda98d07f7de2088cb2ffd1d4c71097635c2bb3d9a0b01e757256ee427f0a244d48682bf89e2279b383b616b40f116172bc1b995eb2c1220597af8df52646f1f0cb65cfa7e038e8bb5d4d52b86a61d82dc14a4f5cc7e6061c65ccdbc2afc3f363ecf34ad0b227687c3ea8d63683ddd5914116edd9e075da9e3638647188bc8f95107c9250995eb6cadcd0f65b8504ff10304f2ceba275f9d485ed5554d64005db877f0fbb3beba59666ff66f132d5077835823592d6d392f5ff62f6f876eb10d8cbf0a73f8421b74c8916e4077b8866c95ad88bc7130244183ed216210f10f69b3e0ee13d06e4eb240cce5ec1c3b1defe4c0f8b83a34ef4f5f8f9ceefb678ad29d3683e3c44a01549e55ffca41c0b06e013f054257646c58b667ec0701004c239589b3e64ef5e1d5ed22b5fd5a90fe3453327c3652d5c9762428f0bd0178d1b80a60f64343ab77d8baa0a388711c8d2d6d3e9049814b15b6ea21387040989d69c3aa27256c55780f33d20823d8e2eb6e56850162969bf4c6c9632a55cf5be00"/2944], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)

13.754556023s ago: executing program 4 (id=18291):
rt_sigaction(0xd, &(0x7f0000000180)={0x0, 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
syz_open_procfs(0x0, &(0x7f0000000000)='net/rt_acct\x00')

7.999632066s ago: executing program 4 (id=18292):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00), 0x4d, 0x0)
write(r0, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r4, &(0x7f0000000500)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r5, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r6, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)

0s ago: executing program 4 (id=18293):
rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca00d1c441ef196ec866400fe2de0fae4e0afaf2466ff00fc01ec422e10399c5c1202063df", 0x44000004, 0x0, {[0x2]}}, 0x0, 0x8, &(0x7f0000000300))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=r1, @ANYRES64=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r1, 0x0)
ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r0, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x805, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x80, 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmmsg$inet6(r3, 0x0, 0x0, 0x4)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
sendmmsg$inet6(r4, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)

kernel console output (not intermixed with test programs):

_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2260.764782][ T5622] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2260.909821][ T5717] wireguard: wg1: Could not create IPv4 socket
[ 2260.933030][T24879] bridge_slave_1: left allmulticast mode
[ 2260.933057][T24879] bridge_slave_1: left promiscuous mode
[ 2260.933359][T24879] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2261.028862][T24879] bridge_slave_0: left allmulticast mode
[ 2261.028894][T24879] bridge_slave_0: left promiscuous mode
[ 2261.029171][T24879] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2261.879708][T18080] Bluetooth: hci4: command tx timeout
[ 2262.323846][ T5746] 9pnet_virtio: no channels available for device syz
[ 2263.194795][ T5764] netlink: 'syz.5.14761': attribute type 16 has an invalid length.
[ 2263.194822][ T5764] netlink: 64138 bytes leftover after parsing attributes in process `syz.5.14761'.
[ 2263.374535][ T5768] 9pnet_virtio: no channels available for device syz
[ 2263.959911][T18080] Bluetooth: hci4: command tx timeout
[ 2264.503991][T24879] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2264.581552][T24879] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2264.605074][T24879] bond0 (unregistering): Released all slaves
[ 2264.895889][ T5786] wireguard: wg1: Could not create IPv4 socket
[ 2265.054269][ T5783] workqueue: Failed to create a rescuer kthread for wq "bond7": -EINTR
[ 2265.175086][ T5799] netlink: 28 bytes leftover after parsing attributes in process `syz.3.14777'.
[ 2265.506525][ T5622] hsr_slave_0: entered promiscuous mode
[ 2265.534688][ T5622] hsr_slave_1: entered promiscuous mode
[ 2265.535766][ T5622] debugfs: 'hsr0' already exists in 'hsr'
[ 2265.535792][ T5622] Cannot create hsr debugfs directory
[ 2265.537927][ T5783] workqueue: Failed to create a rescuer kthread for wq "bond7": -EINTR
[ 2266.256015][ T5826] netlink: 188 bytes leftover after parsing attributes in process `syz.5.14788'.
[ 2266.592965][ T5849] 9pnet_virtio: no channels available for device syz
[ 2266.811553][T24879] hsr_slave_0: left promiscuous mode
[ 2266.870182][T24879] hsr_slave_1: left promiscuous mode
[ 2266.871264][T24879] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2266.871292][T24879] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2267.053366][ T5866] netlink: 388 bytes leftover after parsing attributes in process `syz.1.14808'.
[ 2267.115139][T24879] veth1_macvtap: left promiscuous mode
[ 2267.115257][T24879] veth0_macvtap: left promiscuous mode
[ 2267.115534][T24879] veth1_vlan: left promiscuous mode
[ 2267.115728][T24879] veth0_vlan: left promiscuous mode
[ 2270.900581][T24879] team0 (unregistering): Port device team_slave_1 removed
[ 2271.350704][T24879] team0 (unregistering): Port device team_slave_0 removed
[ 2274.561709][ T5909] netlink: 188 bytes leftover after parsing attributes in process `syz.1.14829'.
[ 2274.870274][ T5935] dns_resolver: Unsupported content type (6)
[ 2275.156333][ T5937] netlink: 'syz.0.14843': attribute type 1 has an invalid length.
[ 2275.156361][ T5937] netlink: 72 bytes leftover after parsing attributes in process `syz.0.14843'.
[ 2276.171345][ T5947] overlay: Unknown parameter 'hash'
[ 2276.646356][ T5622] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2276.685684][ T5622] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2276.737965][ T5622] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2276.818798][ T5622] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2276.920289][ T5957] netlink: 'syz.5.14852': attribute type 16 has an invalid length.
[ 2276.920315][ T5957] netlink: 63370 bytes leftover after parsing attributes in process `syz.5.14852'.
[ 2277.318821][ T5622] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2277.392787][ T5622] 8021q: adding VLAN 0 to HW filter on device team0
[ 2277.417113][T24879] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2277.417355][T24879] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2277.474826][T24879] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2277.476281][T24879] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2278.408464][ T5622] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2279.533412][ T5999] netlink: 8 bytes leftover after parsing attributes in process `syz.5.14866'.
[ 2279.558639][ T5622] veth0_vlan: entered promiscuous mode
[ 2279.574747][ T6003] tmpfs: Unknown parameter 'mpo'
[ 2279.621689][ T5622] veth1_vlan: entered promiscuous mode
[ 2279.633473][ T6002] netlink: 'syz.1.14858': attribute type 1 has an invalid length.
[ 2279.877526][ T5622] veth0_macvtap: entered promiscuous mode
[ 2279.910348][ T5622] veth1_macvtap: entered promiscuous mode
[ 2280.004608][ T5622] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2280.052226][ T5622] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2280.116094][  T919] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2280.118104][  T919] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2280.128737][  T919] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2280.151971][  T919] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2280.571328][  T919] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2280.571352][  T919] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2280.739672][  T919] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2280.739696][  T919] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2281.532186][ T6026] netlink: 52 bytes leftover after parsing attributes in process `syz.4.14877'.
[ 2281.532213][ T6026] netlink: 12 bytes leftover after parsing attributes in process `syz.4.14877'.
[ 2282.461320][ T6034] netlink: 20 bytes leftover after parsing attributes in process `syz.4.14881'.
[ 2282.677429][ T6036] netlink: 32 bytes leftover after parsing attributes in process `syz.4.14882'.
[ 2283.140795][   T31] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[ 2283.315471][   T31] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2283.315546][   T31] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2283.315576][   T31] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2283.315602][   T31] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2283.315647][   T31] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2283.315669][   T31] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2283.326353][ T6038] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 2283.407559][   T31] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 2283.408685][   T31] usb 5-1: invalid MIDI out EP 0
[ 2283.754399][   T31] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2283.768190][   T31] usb 5-1: USB disconnect, device number 5
[ 2285.138677][ T6068] netlink: 28 bytes leftover after parsing attributes in process `syz.5.14897'.
[ 2288.528568][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 2288.528651][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 2288.624690][ T6117] netlink: 32 bytes leftover after parsing attributes in process `syz.3.14922'.
[ 2290.344273][ T6152] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14936'.
[ 2291.115298][ T6166] netlink: 28 bytes leftover after parsing attributes in process `syz.0.14943'.
[ 2291.926092][ T6184] tmpfs: Bad value for 'nr_blocks'
[ 2292.854943][ T6212] fuseblk: Bad value for 'fd'
[ 2293.298703][ T6226] wireguard: wg1: Could not create IPv4 socket
[ 2293.714998][ T6237] fuseblk: Bad value for 'fd'
[ 2293.761786][ T6239] netlink: 'syz.4.14978': attribute type 1 has an invalid length.
[ 2294.503229][ T6252] wireguard: wg1: Could not create IPv4 socket
[ 2298.229744][ T6321] netlink: 112 bytes leftover after parsing attributes in process `syz.1.15015'.
[ 2298.416747][ T6324] 9pnet_virtio: no channels available for device syz
[ 2300.341748][ T6342] netlink: 32 bytes leftover after parsing attributes in process `syz.1.15025'.
[ 2302.839929][ T6386] netlink: 'syz.3.15045': attribute type 1 has an invalid length.
[ 2305.747146][ T6405] netlink: 388 bytes leftover after parsing attributes in process `syz.0.15055'.
[ 2305.975555][ T6409] tmpfs: Bad value for 'nr_blocks'
[ 2309.071713][ T6436] netlink: 188 bytes leftover after parsing attributes in process `syz.4.15068'.
[ 2313.075462][ T6468] netlink: 'syz.3.15086': attribute type 1 has an invalid length.
[ 2313.336463][ T6472] wireguard: wg1: Could not create IPv4 socket
[ 2314.439847][T26943] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[ 2314.602253][T26943] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2314.602316][T26943] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2314.602345][T26943] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2314.602373][T26943] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2314.602417][T26943] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2314.602441][T26943] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2314.677786][ T6490] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 2314.724357][T26943] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 2314.725403][T26943] usb 5-1: invalid MIDI out EP 0
[ 2315.227413][T26943] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2315.254503][T26943] usb 5-1: USB disconnect, device number 6
[ 2315.985123][ T6523] netlink: 52 bytes leftover after parsing attributes in process `syz.5.15101'.
[ 2315.985152][ T6523] netlink: 12 bytes leftover after parsing attributes in process `syz.5.15101'.
[ 2316.580316][ T6537] netlink: 132 bytes leftover after parsing attributes in process `syz.5.15120'.
[ 2316.595203][ T6539] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15121'.
[ 2317.824332][ T6570] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15134'.
[ 2317.863746][ T6563] wireguard: wg1: Could not create IPv4 socket
[ 2317.919218][T26943] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[ 2318.082305][T26943] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2318.082339][T26943] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2318.082385][T26943] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2318.082410][T26943] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2318.310624][ T6574] netlink: 20 bytes leftover after parsing attributes in process `syz.0.15136'.
[ 2318.365559][T26943] usb 5-1: usb_control_msg returned -32
[ 2318.365612][T26943] usbtmc 5-1:16.0: can't read capabilities
[ 2318.413089][T26943] usb 5-1: USB disconnect, device number 7
[ 2321.679756][ T5806] usb 2-1: new full-speed USB device number 16 using dummy_hcd
[ 2321.832941][ T5806] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2321.832975][ T5806] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 2321.833022][ T5806] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2321.833046][ T5806] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2322.120960][ T5806] usb 2-1: usb_control_msg returned -32
[ 2322.121132][ T5806] usbtmc 2-1:16.0: can't read capabilities
[ 2322.163530][ T5806] usb 2-1: USB disconnect, device number 16
[ 2322.913241][ T6635] netlink: 52 bytes leftover after parsing attributes in process `syz.1.15165'.
[ 2322.913270][ T6635] netlink: 12 bytes leftover after parsing attributes in process `syz.1.15165'.
[ 2323.247133][ T6639] netlink: 28 bytes leftover after parsing attributes in process `syz.1.15168'.
[ 2324.849799][ T6672] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15183'.
[ 2325.104702][ T6678] netlink: 'syz.1.15186': attribute type 12 has an invalid length.
[ 2325.977313][ T6702] wireguard: wg1: Could not create IPv4 socket
[ 2326.184649][ T6710] netlink: 28 bytes leftover after parsing attributes in process `syz.1.15204'.
[ 2326.383261][ T6712] netlink: 24 bytes leftover after parsing attributes in process `syz.4.15205'.
[ 2326.843828][ T6723] tmpfs: Bad value for 'nr_blocks'
[ 2327.128838][ T6733] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15213'.
[ 2327.415231][ T6741] netlink: 'syz.4.15217': attribute type 12 has an invalid length.
[ 2328.351204][ T6759] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15226'.
[ 2330.730338][ T6785] wireguard: wg1: Could not create IPv4 socket
[ 2331.503892][ T6800] netlink: 112 bytes leftover after parsing attributes in process `syz.1.15245'.
[ 2331.754325][ T6805] overlay: Unknown parameter 'hash'
[ 2332.156709][ T6809] netlink: 24 bytes leftover after parsing attributes in process `syz.1.15251'.
[ 2333.549152][ T5120] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2333.568146][ T5120] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2333.569490][ T5120] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2333.587831][ T5120] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2333.588781][ T5120] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2333.633802][ T6832] overlay: Unknown parameter 'hash'
[ 2334.827826][ T6830] chnl_net:caif_netlink_parms(): no params data found
[ 2335.639810][ T5120] Bluetooth: hci5: command tx timeout
[ 2336.326225][  T155] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2337.105798][  T155] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2337.163593][ T6830] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2337.163804][ T6830] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2337.164060][ T6830] bridge_slave_0: entered allmulticast mode
[ 2337.183900][ T6830] bridge_slave_0: entered promiscuous mode
[ 2337.195749][ T6830] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2337.204394][ T6830] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2337.204652][ T6830] bridge_slave_1: entered allmulticast mode
[ 2337.221983][ T6830] bridge_slave_1: entered promiscuous mode
[ 2337.719764][ T5120] Bluetooth: hci5: command tx timeout
[ 2337.746318][  T155] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2337.813367][ T6830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2337.832483][ T6830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2338.181107][ T6882] dns_resolver: Unsupported content type (6)
[ 2338.545677][  T155] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2338.633228][ T6830] team0: Port device team_slave_0 added
[ 2338.757740][ T6830] team0: Port device team_slave_1 added
[ 2338.866945][ T6888] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15283'.
[ 2339.120868][ T6830] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2339.120887][ T6830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2339.120918][ T6830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2339.123493][ T6830] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2339.123507][ T6830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2339.123537][ T6830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2339.707999][ T6830] hsr_slave_0: entered promiscuous mode
[ 2339.709504][ T6830] hsr_slave_1: entered promiscuous mode
[ 2339.716309][ T6830] debugfs: 'hsr0' already exists in 'hsr'
[ 2339.716342][ T6830] Cannot create hsr debugfs directory
[ 2339.812919][ T5120] Bluetooth: hci5: command tx timeout
[ 2340.226709][  T155] bridge_slave_1: left allmulticast mode
[ 2340.226741][  T155] bridge_slave_1: left promiscuous mode
[ 2340.227161][  T155] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2340.372859][  T155] bridge_slave_0: left allmulticast mode
[ 2340.372891][  T155] bridge_slave_0: left promiscuous mode
[ 2340.373162][  T155] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2341.879915][ T5120] Bluetooth: hci5: command tx timeout
[ 2342.477906][  T155] bond0 (unregistering): Released all slaves
[ 2342.516117][  T155] bond1 (unregistering): Released all slaves
[ 2342.560331][  T155] bond2 (unregistering): Released all slaves
[ 2344.893653][  T155] hsr_slave_0: left promiscuous mode
[ 2344.939796][  T155] hsr_slave_1: left promiscuous mode
[ 2344.940808][  T155] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2344.940835][  T155] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2345.143641][  T155] veth1_macvtap: left promiscuous mode
[ 2345.143757][  T155] veth0_macvtap: left promiscuous mode
[ 2345.144016][  T155] veth1_vlan: left promiscuous mode
[ 2345.144194][  T155] veth0_vlan: left promiscuous mode
[ 2349.221034][  T155] team0 (unregistering): Port device team_slave_1 removed
[ 2349.489727][   T10] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[ 2349.562526][  T155] team0 (unregistering): Port device team_slave_0 removed
[ 2349.644076][   T10] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2349.644141][   T10] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2349.644171][   T10] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2349.644200][   T10] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2349.644244][   T10] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2349.644268][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2349.652821][ T6965] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 2349.660484][   T10] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 2349.661707][   T10] usb 5-1: invalid MIDI out EP 0
[ 2349.776123][   T10] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2349.890851][   T10] usb 5-1: USB disconnect, device number 8
[ 2349.965676][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 2349.965755][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 2351.922938][ T6999] overlay: Unknown parameter 'hash'
[ 2353.131695][ T7003] wireguard: wg1: Could not create IPv4 socket
[ 2353.206855][ T7007] netlink: 28 bytes leftover after parsing attributes in process `syz.3.15342'.
[ 2353.371105][ T7013] netlink: 56 bytes leftover after parsing attributes in process `syz.0.15345'.
[ 2353.536592][ T7019] overlay: Unknown parameter 'hash'
[ 2353.693472][ T7027] wireguard: wg1: Could not create IPv4 socket
[ 2353.892616][ T7033] netlink: 20 bytes leftover after parsing attributes in process `syz.0.15354'.
[ 2353.974560][ T7039] netlink: 56 bytes leftover after parsing attributes in process `syz.3.15358'.
[ 2354.102776][ T7043] tmpfs: Bad value for 'nr_blocks'
[ 2354.453819][ T6830] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 2354.527824][ T6830] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 2354.622698][ T6830] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 2354.683818][ T6830] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 2354.726635][ T7059] netlink: 20 bytes leftover after parsing attributes in process `syz.0.15368'.
[ 2354.827967][ T7061] netlink: 8 bytes leftover after parsing attributes in process `syz.3.15369'.
[ 2355.238510][ T7081] netlink: 8 bytes leftover after parsing attributes in process `syz.1.15376'.
[ 2355.238534][ T7081] netlink: 24 bytes leftover after parsing attributes in process `syz.1.15376'.
[ 2355.327665][ T6830] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2355.428449][ T6830] 8021q: adding VLAN 0 to HW filter on device team0
[ 2355.460159][  T785] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2355.460371][  T785] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2355.534317][  T919] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2355.534469][  T919] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2355.536739][ T7081] netlink: 8 bytes leftover after parsing attributes in process `syz.1.15376'.
[ 2355.536760][ T7081] netlink: 24 bytes leftover after parsing attributes in process `syz.1.15376'.
[ 2356.428976][ T6830] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2357.521818][ T6830] veth0_vlan: entered promiscuous mode
[ 2357.598260][ T6830] veth1_vlan: entered promiscuous mode
[ 2357.742067][ T6830] veth0_macvtap: entered promiscuous mode
[ 2357.764146][ T6830] veth1_macvtap: entered promiscuous mode
[ 2357.852717][ T6830] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2357.918215][ T6830] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2358.004099][  T990] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2358.017115][  T990] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2358.018770][  T990] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2358.018821][  T990] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2358.332952][ T7154] __nla_validate_parse: 5 callbacks suppressed
[ 2358.332967][ T7154] netlink: 388 bytes leftover after parsing attributes in process `syz.0.15405'.
[ 2358.510470][  T919] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2358.510494][  T919] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2358.619637][ T6426] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2358.619660][ T6426] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2359.350530][ T7170] netlink: 24 bytes leftover after parsing attributes in process `syz.5.15412'.
[ 2359.463107][ T7170] netlink: 24 bytes leftover after parsing attributes in process `syz.5.15412'.
[ 2360.019846][   T10] usb 2-1: new full-speed USB device number 17 using dummy_hcd
[ 2360.103833][ T7191] overlay: Unknown parameter 'hash'
[ 2360.175003][   T10] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2360.175071][   T10] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2360.175100][   T10] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2360.175129][   T10] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2360.175171][   T10] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2360.175196][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2360.254119][ T7181] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 2360.285120][   T10] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 2360.286255][   T10] usb 2-1: invalid MIDI out EP 0
[ 2360.413152][   T10] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2360.450912][ T7197] netlink: 40 bytes leftover after parsing attributes in process `syz.0.15423'.
[ 2360.490368][   T10] usb 2-1: USB disconnect, device number 17
[ 2363.329044][ T7280] netlink: 28 bytes leftover after parsing attributes in process `syz.3.15464'.
[ 2363.449332][ T7284] netlink: 24 bytes leftover after parsing attributes in process `syz.4.15465'.
[ 2363.566528][T18080] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2363.603445][T18080] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2363.607945][T18080] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2363.620405][T18080] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2363.621747][T18080] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2363.732303][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2363.957535][ T7284] netlink: 24 bytes leftover after parsing attributes in process `syz.4.15465'.
[ 2364.321179][ T7308] netlink: 28 bytes leftover after parsing attributes in process `syz.3.15476'.
[ 2364.510576][ T7312] overlay: Unknown parameter 'hash'
[ 2364.722936][  T990] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2365.236774][  T990] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2365.554604][ T7334] netlink: 28 bytes leftover after parsing attributes in process `syz.4.15488'.
[ 2365.677606][  T990] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2365.719704][ T5120] Bluetooth: hci0: command tx timeout
[ 2366.092243][  T990] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2366.811408][ T7288] chnl_net:caif_netlink_parms(): no params data found
[ 2367.300023][  T990] bridge_slave_1: left allmulticast mode
[ 2367.300054][  T990] bridge_slave_1: left promiscuous mode
[ 2367.300336][  T990] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2367.398492][  T990] bridge_slave_0: left allmulticast mode
[ 2367.398523][  T990] bridge_slave_0: left promiscuous mode
[ 2367.398808][  T990] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2367.799671][ T5120] Bluetooth: hci0: command tx timeout
[ 2368.774327][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2368.975335][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2369.071499][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2369.390217][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2369.470846][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2369.497923][ T7380] netlink: 8 bytes leftover after parsing attributes in process `syz.3.15506'.
[ 2369.879719][ T5120] Bluetooth: hci0: command tx timeout
[ 2370.021968][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2370.104078][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2370.303406][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2370.471936][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2370.555003][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2370.724070][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2370.822893][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2371.227614][  T990] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2371.336429][  T990] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2371.374027][  T990] bond0 (unregistering): Released all slaves
[ 2371.443801][  T990] bond1 (unregistering): Released all slaves
[ 2371.511973][  T990] bond2 (unregistering): Released all slaves
[ 2371.565130][  T990] bond3 (unregistering): Released all slaves
[ 2371.597712][  T990] bond4 (unregistering): Released all slaves
[ 2371.672915][  T990] bond5 (unregistering): Released all slaves
[ 2371.762576][  T990] bond6 (unregistering): Released all slaves
[ 2371.833973][  T990] bond7 (unregistering): Released all slaves
[ 2371.902758][  T990] bond8 (unregistering): Released all slaves
[ 2371.959759][ T5120] Bluetooth: hci0: command tx timeout
[ 2371.993449][  T990] bond9 (unregistering): Released all slaves
[ 2372.112079][ T7359] netlink: 188 bytes leftover after parsing attributes in process `syz.4.15500'.
[ 2372.393669][ T7397] netlink: 388 bytes leftover after parsing attributes in process `syz.4.15517'.
[ 2372.505806][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2372.654117][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2373.111532][ T7288] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2373.111740][ T7288] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2373.111997][ T7288] bridge_slave_0: entered allmulticast mode
[ 2373.114957][ T7288] bridge_slave_0: entered promiscuous mode
[ 2373.120642][ T7408] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15514'.
[ 2373.161375][ T7288] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2373.161528][ T7288] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2373.161787][ T7288] bridge_slave_1: entered allmulticast mode
[ 2373.164662][ T7288] bridge_slave_1: entered promiscuous mode
[ 2373.420635][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2373.582239][ T7412] netlink: 'syz.0.15524': attribute type 12 has an invalid length.
[ 2373.655250][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2374.038992][ T7422] input: syz1 as /devices/virtual/input/input5
[ 2374.039221][ T7422] input: failed to attach handler leds to device input5, error: -6
[ 2374.097873][ T7288] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2374.125329][ T7288] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2374.412624][ T7425] netlink: 388 bytes leftover after parsing attributes in process `syz.5.15529'.
[ 2374.625017][ T7288] team0: Port device team_slave_0 added
[ 2374.749864][  T990] hsr_slave_0: left promiscuous mode
[ 2374.795589][  T990] hsr_slave_1: left promiscuous mode
[ 2374.796643][  T990] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2374.796680][  T990] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2374.977938][  T990] veth1_macvtap: left promiscuous mode
[ 2374.978053][  T990] veth0_macvtap: left promiscuous mode
[ 2374.995879][  T990] veth1_vlan: left promiscuous mode
[ 2374.996085][  T990] veth0_vlan: left promiscuous mode
[ 2377.600755][ T7447] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15542'.
[ 2379.832958][  T990] team0 (unregistering): Port device team_slave_1 removed
[ 2379.898368][ T7474] netlink: 20 bytes leftover after parsing attributes in process `syz.3.15553'.
[ 2380.460707][  T990] team0 (unregistering): Port device team_slave_0 removed
[ 2381.569858][ T7506] netlink: 112 bytes leftover after parsing attributes in process `syz.3.15569'.
[ 2382.759844][ T5120] Bluetooth: hci4: command 0x0406 tx timeout
[ 2384.439415][ T7522] dns_resolver: Unsupported content type (6)
[ 2385.203189][ T7288] team0: Port device team_slave_1 added
[ 2385.242027][ T7488] netlink: 188 bytes leftover after parsing attributes in process `syz.4.15559'.
[ 2385.588265][ T7288] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2385.588285][ T7288] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2385.588315][ T7288] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2385.635306][ T7288] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2385.635323][ T7288] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2385.635354][ T7288] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2386.072435][ T7288] hsr_slave_0: entered promiscuous mode
[ 2386.073884][ T7288] hsr_slave_1: entered promiscuous mode
[ 2386.609385][ T7543] 9pnet_fd: Insufficient options for proto=fd
[ 2387.090777][T32756] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[ 2387.250371][T32756] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2387.250434][T32756] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2387.250464][T32756] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2387.250492][T32756] usb 6-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2387.250537][T32756] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2387.250561][T32756] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2387.258602][ T7545] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 2387.357712][T32756] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 2387.359423][T32756] usb 6-1: invalid MIDI out EP 0
[ 2387.531528][T32756] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2387.560329][T32756] usb 6-1: USB disconnect, device number 9
[ 2388.191870][ T7566] 9pnet_fd: Insufficient options for proto=fd
[ 2388.661704][ T7573] 9pnet_virtio: no channels available for device syz
[ 2388.768710][ T7288] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 2388.821827][ T7288] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 2388.861561][ T7288] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 2388.943038][ T7288] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 2389.114257][ T7587] netlink: 388 bytes leftover after parsing attributes in process `syz.0.15604'.
[ 2389.311349][ T7591] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15605'.
[ 2389.424447][ T7288] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2389.545439][ T7288] 8021q: adding VLAN 0 to HW filter on device team0
[ 2389.586108][  T155] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2389.586395][  T155] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2389.628008][  T919] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2389.631918][  T919] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2389.706229][ T7599] netlink: 112 bytes leftover after parsing attributes in process `syz.3.15610'.
[ 2389.937836][ T7602] netlink: 24 bytes leftover after parsing attributes in process `syz.3.15612'.
[ 2390.030447][ T7607] tmpfs: Bad value for 'nr_blocks'
[ 2390.161245][ T7602] netlink: 24 bytes leftover after parsing attributes in process `syz.3.15612'.
[ 2390.608983][ T7288] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2390.699722][T32756] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[ 2390.718585][ T7288] veth0_vlan: entered promiscuous mode
[ 2390.752247][ T7288] veth1_vlan: entered promiscuous mode
[ 2390.864607][T32756] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2390.864693][T32756] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2390.864723][T32756] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2390.864751][T32756] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2390.864797][T32756] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2390.864821][T32756] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2390.886563][ T7619] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 2390.954591][T32756] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 2390.955725][T32756] usb 1-1: invalid MIDI out EP 0
[ 2390.970672][ T7288] veth0_macvtap: entered promiscuous mode
[ 2391.010294][ T7288] veth1_macvtap: entered promiscuous mode
[ 2391.137922][ T7288] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2391.203384][ T7288] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2391.269656][  T990] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2391.269979][  T990] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2391.270022][  T990] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2391.270063][  T990] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2391.357170][T32756] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2391.384612][T32756] usb 1-1: USB disconnect, device number 9
[ 2391.753711][  T990] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2391.753732][  T990] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2391.852804][ T7632] netlink: 112 bytes leftover after parsing attributes in process `syz.5.15621'.
[ 2391.972867][ T6426] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2391.972890][ T6426] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2392.434992][ T7646] wireguard: wg1: Could not create IPv4 socket
[ 2393.756442][ T5120] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 2393.768027][ T5120] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 2393.779460][ T5120] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 2393.794618][ T5120] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 2393.795902][ T5120] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 2394.912251][T12005] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2395.069991][ T7669] wireguard: wg1: Could not create IPv4 socket
[ 2395.435174][T12005] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2395.879797][T18080] Bluetooth: hci1: command tx timeout
[ 2396.034443][T12005] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2396.675596][T12005] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2397.672438][T12005] bridge_slave_1: left allmulticast mode
[ 2397.672473][T12005] bridge_slave_1: left promiscuous mode
[ 2397.672750][T12005] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2397.761473][T12005] bridge_slave_0: left allmulticast mode
[ 2397.761507][T12005] bridge_slave_0: left promiscuous mode
[ 2397.761786][T12005] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2397.959815][T18080] Bluetooth: hci1: command tx timeout
[ 2400.039895][T18080] Bluetooth: hci1: command tx timeout
[ 2401.350653][T12005] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2401.410451][T12005] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2401.454585][T12005] bond0 (unregistering): Released all slaves
[ 2401.504235][T12005] bond1 (unregistering): Released all slaves
[ 2401.558202][T12005] bond2 (unregistering): Released all slaves
[ 2401.604665][T12005] bond3 (unregistering): Released all slaves
[ 2401.609771][ T1412] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[ 2401.647046][T12005] bond4 (unregistering): Released all slaves
[ 2401.747101][ T7656] chnl_net:caif_netlink_parms(): no params data found
[ 2401.781535][ T1412] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2401.781606][ T1412] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2401.781636][ T1412] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2401.781664][ T1412] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2401.781710][ T1412] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2401.781735][ T1412] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2401.956298][ T7720] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 2401.985567][ T1412] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 2401.986732][ T1412] usb 2-1: invalid MIDI out EP 0
[ 2402.119692][T18080] Bluetooth: hci1: command tx timeout
[ 2402.354838][ T1412] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2402.376876][ T1412] usb 2-1: USB disconnect, device number 18
[ 2403.686115][ T7656] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2403.686272][ T7656] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2403.686517][ T7656] bridge_slave_0: entered allmulticast mode
[ 2403.689392][ T7656] bridge_slave_0: entered promiscuous mode
[ 2403.699083][ T7656] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2403.702576][ T7656] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2403.702781][ T7656] bridge_slave_1: entered allmulticast mode
[ 2403.705381][ T7656] bridge_slave_1: entered promiscuous mode
[ 2404.301138][T12005] hsr_slave_0: left promiscuous mode
[ 2404.345255][T12005] hsr_slave_1: left promiscuous mode
[ 2404.346275][T12005] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2404.346303][T12005] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2404.527194][T12005] veth1_macvtap: left promiscuous mode
[ 2404.527313][T12005] veth0_macvtap: left promiscuous mode
[ 2404.527588][T12005] veth1_vlan: left promiscuous mode
[ 2404.527805][T12005] veth0_vlan: left promiscuous mode
[ 2409.164559][T12005] team0 (unregistering): Port device team_slave_1 removed
[ 2409.359685][T32756] usb 2-1: new full-speed USB device number 19 using dummy_hcd
[ 2409.525630][T32756] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 2409.525694][T32756] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2409.525719][T32756] usb 2-1: config 16 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 2409.525764][T32756] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 2409.525787][T32756] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2409.592071][T32756] usbtmc 2-1:16.0: bulk endpoints not found
[ 2409.680459][T12005] team0 (unregistering): Port device team_slave_0 removed
[ 2410.994226][ T7817] netlink: 388 bytes leftover after parsing attributes in process `syz.5.15704'.
[ 2411.419379][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 2411.419995][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 2412.013232][ T7831] fuseblk: Bad value for 'fd'
[ 2412.176389][ T7628] usb 2-1: USB disconnect, device number 19
[ 2413.229718][ T1412] usb 6-1: new full-speed USB device number 10 using dummy_hcd
[ 2413.388391][ T1412] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2413.388467][ T1412] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2413.388496][ T1412] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2413.388524][ T1412] usb 6-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2413.388570][ T1412] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2413.388595][ T1412] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2413.397732][ T7851] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 2413.457509][ T1412] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 2413.458795][ T1412] usb 6-1: invalid MIDI out EP 0
[ 2413.662984][ T1412] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2413.739757][ T1412] usb 6-1: USB disconnect, device number 10
[ 2414.958150][ T7656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2415.214181][ T7656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2415.667206][ T7656] team0: Port device team_slave_0 added
[ 2415.686290][ T7656] team0: Port device team_slave_1 added
[ 2415.921009][ T7913] netlink: 112 bytes leftover after parsing attributes in process `syz.0.15750'.
[ 2416.139389][ T7656] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2416.139408][ T7656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2416.139437][ T7656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2416.146291][ T7656] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2416.146312][ T7656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2416.146346][ T7656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2416.389705][ T1412] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[ 2416.549679][ T1412] usb 1-1: Using ep0 maxpacket: 16
[ 2416.552104][ T1412] usb 1-1: config 0 has an invalid interface number: 147 but max is 0
[ 2416.552132][ T1412] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2416.552153][ T1412] usb 1-1: config 0 has no interface number 0
[ 2416.555358][ T1412] usb 1-1: New USB device found, idVendor=0525, idProduct=1080, bcdDevice=5b.44
[ 2416.555387][ T1412] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2416.555408][ T1412] usb 1-1: Product: syz
[ 2416.555423][ T1412] usb 1-1: Manufacturer: syz
[ 2416.555438][ T1412] usb 1-1: SerialNumber: syz
[ 2416.579294][ T1412] usb 1-1: config 0 descriptor??
[ 2416.591059][ T1412] net1080 1-1:0.147: probe with driver net1080 failed with error -22
[ 2416.792077][ T1412] usb 1-1: USB disconnect, device number 10
[ 2416.802194][ T7656] hsr_slave_0: entered promiscuous mode
[ 2416.810297][ T7656] hsr_slave_1: entered promiscuous mode
[ 2416.816043][ T7656] debugfs: 'hsr0' already exists in 'hsr'
[ 2416.816077][ T7656] Cannot create hsr debugfs directory
[ 2418.208272][ T7942] netlink: 20 bytes leftover after parsing attributes in process `syz.0.15764'.
[ 2419.483419][ T7656] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 2419.539859][ T7656] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 2419.637647][ T7656] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 2419.708388][ T7656] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 2419.756243][ T7974] netlink: 188 bytes leftover after parsing attributes in process `syz.0.15779'.
[ 2420.019748][ T1246] usb 2-1: new full-speed USB device number 20 using dummy_hcd
[ 2420.104898][ T7656] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2420.186196][ T1246] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2420.186260][ T1246] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2420.186289][ T1246] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2420.186317][ T1246] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2420.186361][ T1246] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2420.186385][ T1246] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2420.198265][ T7656] 8021q: adding VLAN 0 to HW filter on device team0
[ 2420.213688][ T7978] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 2420.238254][ T1246] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 2420.239539][ T1246] usb 2-1: invalid MIDI out EP 0
[ 2420.276814][T12005] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2420.276988][T12005] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2420.351775][T12005] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2420.351931][T12005] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2420.598267][ T1246] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2420.610640][ T7992] fuseblk: Bad value for 'fd'
[ 2420.621248][ T1246] usb 2-1: USB disconnect, device number 20
[ 2421.245575][ T8004] netlink: 28 bytes leftover after parsing attributes in process `syz.0.15789'.
[ 2421.308591][ T7656] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2421.542563][ T7656] veth0_vlan: entered promiscuous mode
[ 2421.594599][ T7656] veth1_vlan: entered promiscuous mode
[ 2421.752139][ T7656] veth0_macvtap: entered promiscuous mode
[ 2421.785097][ T7656] veth1_macvtap: entered promiscuous mode
[ 2421.859106][ T7656] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2421.882820][ T7656] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2421.914956][ T6426] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2421.918215][ T6426] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2421.918518][ T6426] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2421.918781][ T6426] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2422.429682][T24880] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2422.429704][T24880] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2422.583523][ T8013] netlink: 48 bytes leftover after parsing attributes in process `syz.0.15794'.
[ 2422.656465][  T785] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2422.656488][  T785] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2423.990133][   T31] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[ 2424.147092][   T31] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2424.147161][   T31] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2424.147191][   T31] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2424.147218][   T31] usb 4-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2424.147262][   T31] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2424.147296][   T31] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2424.181570][ T8028] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 2424.189116][   T31] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 2424.221389][   T31] usb 4-1: invalid MIDI out EP 0
[ 2424.510909][   T31] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2424.529734][   T31] usb 4-1: USB disconnect, device number 10
[ 2424.611477][ T5120] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2424.614810][ T5120] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2424.640704][ T5120] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2424.657391][ T5120] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2424.659037][ T5120] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2425.431161][ T8061] 9pnet_virtio: no channels available for device syz
[ 2425.566791][ T8064] netlink: 8 bytes leftover after parsing attributes in process `syz.3.15817'.
[ 2425.887050][ T3593] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2426.387723][ T3593] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2426.755254][ T3593] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2426.771557][T18080] Bluetooth: hci2: command tx timeout
[ 2427.164580][ T3593] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2427.748381][ T8041] chnl_net:caif_netlink_parms(): no params data found
[ 2427.857177][ T8111] fuseblk: Bad value for 'fd'
[ 2428.181942][ T3593] bridge_slave_1: left allmulticast mode
[ 2428.181969][ T3593] bridge_slave_1: left promiscuous mode
[ 2428.182180][ T3593] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2428.271301][ T3593] bridge_slave_0: left allmulticast mode
[ 2428.271334][ T3593] bridge_slave_0: left promiscuous mode
[ 2428.271618][ T3593] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2428.839851][T18080] Bluetooth: hci2: command tx timeout
[ 2429.455115][ T8140] netlink: 388 bytes leftover after parsing attributes in process `syz.3.15850'.
[ 2430.492897][ T3593] bond0 (unregistering): Released all slaves
[ 2430.548492][ T3593] bond1 (unregistering): Released all slaves
[ 2430.595897][ T3593] bond2 (unregistering): Released all slaves
[ 2430.663101][ T3593] bond3 (unregistering): Released all slaves
[ 2430.722328][ T3593] bond4 (unregistering): Released all slaves
[ 2430.777836][ T3593] bond5 (unregistering): Released all slaves
[ 2430.850052][ T8146] wireguard: wg1: Could not create IPv4 socket
[ 2430.921321][T18080] Bluetooth: hci2: command tx timeout
[ 2431.291991][ T8150] netlink: 'syz.4.15856': attribute type 12 has an invalid length.
[ 2431.293057][ T8041] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2431.293204][ T8041] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2431.325694][ T8041] bridge_slave_0: entered allmulticast mode
[ 2431.370727][ T8041] bridge_slave_0: entered promiscuous mode
[ 2432.056115][ T8041] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2432.056260][ T8041] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2432.056515][ T8041] bridge_slave_1: entered allmulticast mode
[ 2432.083452][ T8041] bridge_slave_1: entered promiscuous mode
[ 2432.229684][   T31] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[ 2432.392365][   T31] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2432.392430][   T31] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2432.392460][   T31] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2432.392488][   T31] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2432.392532][   T31] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2432.392556][   T31] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2432.470717][ T8163] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 2432.477130][   T31] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 2432.478286][   T31] usb 5-1: invalid MIDI out EP 0
[ 2432.603356][   T31] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2432.681830][ T1246] usb 5-1: USB disconnect, device number 9
[ 2432.988554][ T8041] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2432.993817][ T8173] wireguard: wg1: Could not create IPv4 socket
[ 2432.999794][T18080] Bluetooth: hci2: command tx timeout
[ 2433.049430][ T8041] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2433.491980][ T8179] netlink: 'syz.5.15868': attribute type 12 has an invalid length.
[ 2433.690019][ T3593] hsr_slave_0: left promiscuous mode
[ 2433.755616][ T3593] hsr_slave_1: left promiscuous mode
[ 2433.756700][ T3593] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2433.756726][ T3593] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2433.864501][ T3593] veth1_macvtap: left promiscuous mode
[ 2433.864618][ T3593] veth0_macvtap: left promiscuous mode
[ 2433.864895][ T3593] veth1_vlan: left promiscuous mode
[ 2433.865083][ T3593] veth0_vlan: left promiscuous mode
[ 2437.504239][ T8214] JFS: discard option not supported on device
[ 2437.507859][ T8214] Mount JFS Failure: -5
[ 2437.520698][ T3593] team0 (unregistering): Port device team_slave_1 removed
[ 2437.792068][ T3593] team0 (unregistering): Port device team_slave_0 removed
[ 2440.863651][ T8236] 9p: Unknown access argument a: -22
[ 2441.202741][ T8242] JFS: discard option not supported on device
[ 2441.223346][ T8242] Mount JFS Failure: -5
[ 2441.546209][ T8041] team0: Port device team_slave_0 added
[ 2441.610319][ T8041] team0: Port device team_slave_1 added
[ 2441.994677][ T8041] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2441.994696][ T8041] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2441.994727][ T8041] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2441.997297][ T8041] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2441.997313][ T8041] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2441.997343][ T8041] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2442.465459][ T8041] hsr_slave_0: entered promiscuous mode
[ 2442.476237][ T8041] hsr_slave_1: entered promiscuous mode
[ 2442.489052][ T8041] debugfs: 'hsr0' already exists in 'hsr'
[ 2442.489085][ T8041] Cannot create hsr debugfs directory
[ 2445.106598][ T8041] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 2445.175777][ T8041] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 2445.228584][ T8041] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 2445.291204][ T8041] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 2445.726376][ T8041] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2445.786016][ T8041] 8021q: adding VLAN 0 to HW filter on device team0
[ 2445.824665][T24879] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2445.827206][T24879] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2445.846603][T24879] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2445.857410][T24879] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2446.097551][ T8316] capability: warning: `syz.4.15930' uses deprecated v2 capabilities in a way that may be insecure
[ 2446.486461][ T8326] netlink: 28 bytes leftover after parsing attributes in process `syz.4.15938'.
[ 2446.898679][ T8041] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2447.155313][ T8041] veth0_vlan: entered promiscuous mode
[ 2447.212498][ T8041] veth1_vlan: entered promiscuous mode
[ 2447.390455][ T8041] veth0_macvtap: entered promiscuous mode
[ 2447.396162][ T8041] veth1_macvtap: entered promiscuous mode
[ 2447.519819][ T8041] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2447.549720][ T8041] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2447.591589][T24879] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2447.594763][T24879] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2447.619678][T24879] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2447.620053][T24879] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2448.108575][T24879] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2448.108598][T24879] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2448.274112][ T3593] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2448.274134][ T3593] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2448.589889][ T8368] netlink: 8 bytes leftover after parsing attributes in process `syz.5.15952'.
[ 2448.595955][ T8371] netlink: 24 bytes leftover after parsing attributes in process `syz.0.15800'.
[ 2448.897264][ T8371] netlink: 24 bytes leftover after parsing attributes in process `syz.0.15800'.
[ 2450.092044][ T8402] 9pnet_fd: Insufficient options for proto=fd
[ 2450.338282][ T8408] netlink: 8 bytes leftover after parsing attributes in process `syz.4.15970'.
[ 2450.569961][ T8414] netlink: 28 bytes leftover after parsing attributes in process `syz.4.15973'.
[ 2450.780724][ T8417] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15975'.
[ 2452.292211][ T8444] netlink: 24 bytes leftover after parsing attributes in process `syz.0.15989'.
[ 2452.485124][ T8444] netlink: 24 bytes leftover after parsing attributes in process `syz.0.15989'.
[ 2454.014504][ T8481] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16005'.
[ 2455.324377][ T8512] tmpfs: Bad value for 'nr_blocks'
[ 2455.483397][ T8514] netlink: 536 bytes leftover after parsing attributes in process `syz.3.16017'.
[ 2456.195952][ T8530] 9pnet_virtio: no channels available for device syz
[ 2456.269670][   T10] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[ 2456.423828][   T10] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2456.423890][   T10] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2456.423917][   T10] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2456.423943][   T10] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2456.423987][   T10] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2456.424010][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2456.508012][ T8528] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 2456.526002][   T10] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 2456.527170][   T10] usb 1-1: invalid MIDI out EP 0
[ 2456.745884][   T10] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2456.786956][   T10] usb 1-1: USB disconnect, device number 11
[ 2457.030656][ T8540] netlink: 536 bytes leftover after parsing attributes in process `syz.5.16030'.
[ 2458.275541][ T8551] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2459.559806][ T8549] Bluetooth: hci5: command 0x0406 tx timeout
[ 2466.765674][ T8634] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16077'.
[ 2467.441450][ T8655] JFS: discard option not supported on device
[ 2467.442140][ T8655] Mount JFS Failure: -5
[ 2467.789662][ T6039] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[ 2467.939620][ T6039] usb 1-1: Using ep0 maxpacket: 16
[ 2467.945630][ T6039] usb 1-1: config 0 has an invalid interface number: 147 but max is 0
[ 2467.945660][ T6039] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2467.945681][ T6039] usb 1-1: config 0 has no interface number 0
[ 2467.953626][ T6039] usb 1-1: New USB device found, idVendor=0525, idProduct=1080, bcdDevice=5b.44
[ 2467.953663][ T6039] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2467.953687][ T6039] usb 1-1: Product: syz
[ 2467.953704][ T6039] usb 1-1: Manufacturer: syz
[ 2467.953721][ T6039] usb 1-1: SerialNumber: syz
[ 2467.981951][ T6039] usb 1-1: config 0 descriptor??
[ 2468.005813][ T6039] net1080 1-1:0.147: probe with driver net1080 failed with error -22
[ 2468.207644][ T5806] usb 1-1: USB disconnect, device number 12
[ 2469.383374][ T8690] JFS: discard option not supported on device
[ 2469.383865][ T8690] Mount JFS Failure: -5
[ 2470.955629][ T8710] 9pnet_fd: Insufficient options for proto=fd
[ 2472.545225][ T8729] netlink: 16 bytes leftover after parsing attributes in process `syz.5.16122'.
[ 2472.826582][ T8734] JFS: discard option not supported on device
[ 2472.827291][ T8734] Mount JFS Failure: -5
[ 2472.849802][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 2472.849876][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 2473.343964][ T8738] netlink: 52 bytes leftover after parsing attributes in process `syz.5.16129'.
[ 2473.343989][ T8738] netlink: 12 bytes leftover after parsing attributes in process `syz.5.16129'.
[ 2473.932000][ T8746] 9pnet_virtio: no channels available for device syz
[ 2474.223743][ T8754] fuseblk: Bad value for 'fd'
[ 2476.683731][ T8780] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16149'.
[ 2479.668026][ T8804] netlink: 52 bytes leftover after parsing attributes in process `syz.5.16161'.
[ 2479.668052][ T8804] netlink: 12 bytes leftover after parsing attributes in process `syz.5.16161'.
[ 2481.542709][ T8830] netlink: 52 bytes leftover after parsing attributes in process `syz.4.16174'.
[ 2481.542737][ T8830] netlink: 12 bytes leftover after parsing attributes in process `syz.4.16174'.
[ 2481.680775][ T8832] 9pnet_fd: Insufficient options for proto=fd
[ 2482.865299][ T8849] JFS: discard option not supported on device
[ 2482.866961][ T8849] Mount JFS Failure: -5
[ 2484.519775][ T1412] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[ 2484.689883][ T1412] usb 4-1: Using ep0 maxpacket: 16
[ 2484.692155][ T1412] usb 4-1: config 0 has an invalid interface number: 147 but max is 0
[ 2484.692185][ T1412] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2484.692206][ T1412] usb 4-1: config 0 has no interface number 0
[ 2484.698343][ T1412] usb 4-1: New USB device found, idVendor=0525, idProduct=1080, bcdDevice=5b.44
[ 2484.698376][ T1412] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2484.698398][ T1412] usb 4-1: Product: syz
[ 2484.698413][ T1412] usb 4-1: Manufacturer: syz
[ 2484.698428][ T1412] usb 4-1: SerialNumber: syz
[ 2484.764164][ T1412] usb 4-1: config 0 descriptor??
[ 2484.790436][ T1412] net1080 4-1:0.147: probe with driver net1080 failed with error -22
[ 2484.980377][   T10] usb 4-1: USB disconnect, device number 11
[ 2485.635148][ T8887] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16202'.
[ 2487.485355][ T8916] netlink: 20 bytes leftover after parsing attributes in process `syz.4.16211'.
[ 2490.281881][ T8549] Bluetooth: hci0: command 0x0406 tx timeout
[ 2492.856065][ T8969] netlink: 28 bytes leftover after parsing attributes in process `syz.1.16240'.
[ 2492.929869][ T5806] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[ 2493.086194][ T5806] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2493.086258][ T5806] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2493.086286][ T5806] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2493.086314][ T5806] usb 4-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2493.086361][ T5806] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2493.086386][ T5806] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2493.126928][ T8966] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 2493.159921][ T5806] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 2493.160973][ T5806] usb 4-1: invalid MIDI out EP 0
[ 2493.420485][ T5806] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2493.429400][ T5806] usb 4-1: USB disconnect, device number 12
[ 2494.570027][ T8989] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2495.421651][ T8996] overlayfs: missing 'lowerdir'
[ 2495.790062][ T9005] netlink: 16 bytes leftover after parsing attributes in process `syz.1.16258'.
[ 2495.991888][ T9010] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2497.031092][ T9038] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2497.266814][ T9042] netlink: 388 bytes leftover after parsing attributes in process `syz.4.16276'.
[ 2497.885945][ T9057] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16283'.
[ 2498.024102][ T9060] tmpfs: Bad value for 'huge'
[ 2498.572499][ T9073] wireguard: wg1: Could not create IPv4 socket
[ 2499.110554][ T9084] 9pnet: Could not find request transport: fd0x0000000000000008
[ 2500.130786][ T9104] netlink: 388 bytes leftover after parsing attributes in process `syz.3.16307'.
[ 2503.220284][ T9165] 9pnet_virtio: no channels available for device syz
[ 2506.513031][ T9203] netlink: 52 bytes leftover after parsing attributes in process `syz.0.16353'.
[ 2506.513060][ T9203] netlink: 12 bytes leftover after parsing attributes in process `syz.0.16353'.
[ 2506.542983][ T9205] netlink: 16 bytes leftover after parsing attributes in process `syz.3.16349'.
[ 2508.879687][   T10] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 2509.029644][   T10] usb 2-1: Using ep0 maxpacket: 32
[ 2509.032341][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2509.032371][   T10] usb 2-1: config 0 has no interfaces?
[ 2509.032406][   T10] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 2509.032433][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2509.038217][   T10] usb 2-1: config 0 descriptor??
[ 2509.290589][   T10] usb 2-1: USB disconnect, device number 21
[ 2509.620268][ T9242] wireguard: wg1: Could not create IPv4 socket
[ 2510.832197][ T9271] bond2: entered promiscuous mode
[ 2512.389795][ T8355] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[ 2512.553267][ T8355] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2512.553332][ T8355] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2512.553362][ T8355] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2512.553390][ T8355] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2512.553446][ T8355] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2512.553469][ T8355] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2512.586080][ T9297] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 2512.593646][ T8355] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 2512.615380][ T8355] usb 5-1: invalid MIDI out EP 0
[ 2512.721254][ T9301] wireguard: wg1: Could not create IPv4 socket
[ 2512.890053][ T8355] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2512.900709][ T8355] usb 5-1: USB disconnect, device number 10
[ 2515.540096][ T9331] netlink: 28 bytes leftover after parsing attributes in process `syz.5.16415'.
[ 2515.803064][ T9336] netlink: 12 bytes leftover after parsing attributes in process `syz.5.16416'.
[ 2515.971079][ T9336] netlink: 12 bytes leftover after parsing attributes in process `syz.5.16416'.
[ 2516.324801][ T9344] overlayfs: missing 'lowerdir'
[ 2517.370108][ T9356] netlink: 28 bytes leftover after parsing attributes in process `syz.3.16427'.
[ 2521.002785][ T8549] Bluetooth: hci1: command 0x0406 tx timeout
[ 2522.631019][ T9420] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16454'.
[ 2522.851206][ T9424] netlink: 28 bytes leftover after parsing attributes in process `syz.3.16456'.
[ 2523.566845][ T9446] netlink: 8 bytes leftover after parsing attributes in process `syz.3.16465'.
[ 2523.684318][ T9448] trusted_key: encrypted_key: master key parameter 'u' is invalid
[ 2523.789919][ T9450] binder: 9449:9450 ioctl c0306201 0 returned -14
[ 2525.085266][ T9472] macvtap0: entered promiscuous mode
[ 2525.087218][ T9472] macvtap0: left promiscuous mode
[ 2526.491803][ T9497] netlink: 112 bytes leftover after parsing attributes in process `syz.0.16490'.
[ 2528.676599][ T9518] netlink: 24 bytes leftover after parsing attributes in process `syz.5.16502'.
[ 2528.853636][ T9518] netlink: 24 bytes leftover after parsing attributes in process `syz.5.16502'.
[ 2529.045618][ T9526] macvtap0: entered promiscuous mode
[ 2529.047820][ T9526] macvtap0: left promiscuous mode
[ 2529.416331][ T9531] netlink: 52 bytes leftover after parsing attributes in process `syz.3.16506'.
[ 2529.416356][ T9531] netlink: 12 bytes leftover after parsing attributes in process `syz.3.16506'.
[ 2529.903228][ T9536] trusted_key: encrypted_key: master key parameter '' is invalid
[ 2532.510476][ T9562] bond3: entered promiscuous mode
[ 2532.977838][ T9569] program syz.0.16526 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2534.092952][ T9602] overlayfs: missing 'lowerdir'
[ 2534.286276][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 2534.286348][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 2536.047500][ T9650] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16563'.
[ 2537.522213][ T9650] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2537.600519][ T9650] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2537.648550][ T9650] bond0 (unregistering): Released all slaves
[ 2538.262661][ T9662] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2538.599969][ T9670] trusted_key: encrypted_key: master key parameter 'u' is invalid
[ 2538.815628][ T9676] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16578'.
[ 2538.891659][ T9678] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16579'.
[ 2539.368336][ T9688] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2539.775878][ T9700] program syz.0.16588 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2540.417537][ T9676] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2540.470489][ T9676] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2540.510121][ T9676] bond0 (unregistering): Released all slaves
[ 2540.580157][ T9686] netlink: 'syz.4.16582': attribute type 12 has an invalid length.
[ 2541.381956][ T9716] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2541.570489][ T9718] netlink: 24 bytes leftover after parsing attributes in process `syz.0.16597'.
[ 2541.689657][ T9718] netlink: 24 bytes leftover after parsing attributes in process `syz.0.16597'.
[ 2542.062013][ T9727] netlink: 'syz.0.16600': attribute type 12 has an invalid length.
[ 2542.396927][ T9736] netlink: 76 bytes leftover after parsing attributes in process `syz.3.16604'.
[ 2545.229760][ T9779] binder: 9778:9779 ioctl c0306201 0 returned -14
[ 2546.291091][ T9806] netlink: 52 bytes leftover after parsing attributes in process `syz.1.16633'.
[ 2546.291118][ T9806] netlink: 12 bytes leftover after parsing attributes in process `syz.1.16633'.
[ 2546.987795][ T9821] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16640'.
[ 2547.277078][ T9831] netlink: 8 bytes leftover after parsing attributes in process `syz.5.16645'.
[ 2547.400255][ T9833] 9pnet_fd: Insufficient options for proto=fd
[ 2548.112736][ T9855] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2550.568130][ T9881] netlink: 8 bytes leftover after parsing attributes in process `syz.4.16667'.
[ 2551.719834][ T8549] Bluetooth: hci2: command 0x0406 tx timeout
[ 2552.276235][ T9918] netlink: 76 bytes leftover after parsing attributes in process `syz.3.16686'.
[ 2553.122544][ T9949] Mount JFS Failure: -5
[ 2553.947779][ T9963] netlink: 8 bytes leftover after parsing attributes in process `syz.4.16706'.
[ 2559.102652][T10066] 9pnet_fd: Insufficient options for proto=fd
[ 2560.023054][T10076] overlayfs: missing 'lowerdir'
[ 2561.499652][ T8355] usb 1-1: new full-speed USB device number 13 using dummy_hcd
[ 2561.663266][ T8355] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2561.663340][ T8355] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2561.663370][ T8355] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2561.663399][ T8355] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2561.663444][ T8355] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2561.663469][ T8355] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2561.738696][T10087] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 2561.760980][ T8355] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 2561.762102][ T8355] usb 1-1: invalid MIDI out EP 0
[ 2561.868682][ T8355] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2561.957022][   T10] usb 1-1: USB disconnect, device number 13
[ 2563.752689][T10122] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16784'.
[ 2565.431799][T10149] netlink: 76 bytes leftover after parsing attributes in process `syz.1.16796'.
[ 2566.689650][ T8355] usb 1-1: new full-speed USB device number 14 using dummy_hcd
[ 2566.843141][ T8355] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2566.843208][ T8355] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 2566.843236][ T8355] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[ 2566.843265][ T8355] usb 1-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2566.843308][ T8355] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2566.843332][ T8355] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2566.930929][T10170] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 2566.973461][ T8355] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 2566.974589][ T8355] usb 1-1: invalid MIDI out EP 0
[ 2567.126333][ T8355] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2567.172918][ T8355] usb 1-1: USB disconnect, device number 14
[ 2568.343798][T10192] 9pnet_fd: Insufficient options for proto=fd
[ 2570.758139][T10212] trusted_key: encrypted_key: master key parameter 'u' is invalid
[ 2572.681466][T10238] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16839'.
[ 2572.952313][T10240] binder: 10239:10240 ioctl c0306201 0 returned -14
[ 2574.146500][T10255] 9pnet_fd: Insufficient options for proto=fd
[ 2575.544905][T10277] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.16861'.
[ 2576.074591][T10289] Mount JFS Failure: -5
[ 2576.466674][ T8355] usb 6-1: new full-speed USB device number 11 using dummy_hcd
[ 2576.589647][ T8355] usb 6-1: device descriptor read/64, error -71
[ 2576.811429][T10304] 9pnet_fd: Insufficient options for proto=fd
[ 2576.837268][ T8355] usb 6-1: new full-speed USB device number 12 using dummy_hcd
[ 2576.979607][ T8355] usb 6-1: device descriptor read/64, error -71
[ 2577.090093][ T8355] usb usb6-port1: attempt power cycle
[ 2577.426837][T10308] macvtap0: entered promiscuous mode
[ 2577.429931][ T8355] usb 6-1: new full-speed USB device number 13 using dummy_hcd
[ 2577.451872][ T8355] usb 6-1: device descriptor read/8, error -71
[ 2577.452704][T10308] macvtap0: left promiscuous mode
[ 2577.689589][ T8355] usb 6-1: new full-speed USB device number 14 using dummy_hcd
[ 2577.711856][ T8355] usb 6-1: device descriptor read/8, error -71
[ 2577.820026][ T8355] usb usb6-port1: unable to enumerate USB device
[ 2579.434385][T10334] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2581.504439][T10362] program syz.4.16898 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2582.831879][T10382] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2585.181330][T10411] Mount JFS Failure: -5
[ 2588.624644][T10485] veth0_to_batadv: entered allmulticast mode
[ 2589.382468][T10497] netlink: 24 bytes leftover after parsing attributes in process `syz.4.16952'.
[ 2590.028916][T10511] netlink: 24 bytes leftover after parsing attributes in process `syz.3.16959'.
[ 2590.244955][T10511] netlink: 24 bytes leftover after parsing attributes in process `syz.3.16959'.
[ 2593.359874][T10572] netlink: 4 bytes leftover after parsing attributes in process `syz.3.16983'.
[ 2595.725851][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 2595.725929][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 2595.751908][T10595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16994'.
[ 2600.744409][   T38] kauditd_printk_skb: 5 callbacks suppressed
[ 2600.744429][   T38] audit: type=1326 audit(1763511951.194:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10633 comm="syz.0.17013" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f09ec7cf6c9 code=0x0
[ 2601.040430][T10636] netlink: 'syz.0.17014': attribute type 12 has an invalid length.
[ 2613.425118][   T38] audit: type=1326 audit(1763511963.874:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10774 comm="syz.3.17085" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f08b26ff6c9 code=0x0
[ 2614.809806][ T8355] usb 1-1: new full-speed USB device number 15 using dummy_hcd
[ 2614.969074][ T8355] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2614.969144][ T8355] usb 1-1: config 27 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 2614.969189][ T8355] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2614.969212][ T8355] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2615.054473][ T8355] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 2615.142837][ T8355] snd-usb-audio 1-1:27.0: probe with driver snd-usb-audio failed with error -2
[ 2615.262227][ T6039] usb 1-1: USB disconnect, device number 15
[ 2616.146965][T10826] netlink: 4 bytes leftover after parsing attributes in process `syz.4.17108'.
[ 2616.693786][T10831] netlink: 76 bytes leftover after parsing attributes in process `syz.0.17112'.
[ 2616.886151][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2617.680394][T10826] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 2617.780615][T10826] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 2617.836750][T10826] bond0 (unregistering): Released all slaves
[ 2617.912031][T10835] netlink: 'syz.5.17113': attribute type 12 has an invalid length.
[ 2618.197891][T10841] macvtap0: entered promiscuous mode
[ 2618.204670][T10841] macvtap0: left promiscuous mode
[ 2619.061965][T10857] netlink: 76 bytes leftover after parsing attributes in process `syz.0.17126'.
[ 2620.079059][   T38] audit: type=1326 audit(1763511970.524:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10881 comm="syz.5.17137" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f83f0def6c9 code=0x0
[ 2620.280055][T10886] netlink: 76 bytes leftover after parsing attributes in process `syz.3.17138'.
[ 2620.650526][T10896] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2621.921923][T10922] Context (ID=0x1) not attached to queue pair (handle=0x0:0x2)
[ 2623.552233][T10950] Mount JFS Failure: -5
[ 2624.237525][T10962] overlayfs: missing 'lowerdir'
[ 2625.095679][T10982] netlink: 76 bytes leftover after parsing attributes in process `syz.5.17186'.
[ 2625.830544][T11008] program syz.4.17198 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2626.537617][T11035] program syz.4.17212 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2628.660707][T11087] binder: 11085:11087 ioctl c0306201 0 returned -14
[ 2629.419602][T26943] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[ 2629.569547][T26943] usb 2-1: Using ep0 maxpacket: 16
[ 2629.574287][T26943] usb 2-1: config 0 has an invalid interface number: 147 but max is 0
[ 2629.574318][T26943] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2629.574339][T26943] usb 2-1: config 0 has no interface number 0
[ 2629.612432][T26943] usb 2-1: New USB device found, idVendor=0525, idProduct=1080, bcdDevice=5b.44
[ 2629.612465][T26943] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2629.612487][T26943] usb 2-1: Product: syz
[ 2629.612502][T26943] usb 2-1: Manufacturer: syz
[ 2629.612517][T26943] usb 2-1: SerialNumber: syz
[ 2629.627743][T26943] usb 2-1: config 0 descriptor??
[ 2629.633812][T26943] net1080 2-1:0.147: probe with driver net1080 failed with error -22
[ 2629.835939][T26943] usb 2-1: USB disconnect, device number 22
[ 2630.574484][T11109] netlink: 52 bytes leftover after parsing attributes in process `syz.1.17247'.
[ 2630.996175][T11119] 9pnet_fd: Insufficient options for proto=fd
[ 2632.401524][T11140] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17254'.
[ 2632.957242][T11148] netlink: 8 bytes leftover after parsing attributes in process `syz.5.17266'.
[ 2632.957268][T11148] netlink: 24 bytes leftover after parsing attributes in process `syz.5.17266'.
[ 2633.193077][T11148] netlink: 8 bytes leftover after parsing attributes in process `syz.5.17266'.
[ 2633.193113][T11148] netlink: 24 bytes leftover after parsing attributes in process `syz.5.17266'.
[ 2636.239783][T11196] binder: 11195:11196 ioctl c0306201 0 returned -14
[ 2638.542500][T11206] netlink: 8 bytes leftover after parsing attributes in process `syz.4.17292'.
[ 2641.274383][T11251] trusted_key: encrypted_key: master key parameter 'u' is invalid
[ 2643.351101][T11292] overlayfs: missing 'lowerdir'
[ 2643.369597][ T8355] usb 4-1: new full-speed USB device number 13 using dummy_hcd
[ 2643.525406][ T8355] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2643.525472][ T8355] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[ 2643.525499][ T8355] usb 4-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2643.525544][ T8355] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2643.525568][ T8355] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2643.554997][T11296] program syz.5.17335 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2643.620377][ T8355] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 2643.696079][ T8355] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -2
[ 2643.810786][ T8355] usb 4-1: USB disconnect, device number 13
[ 2644.396836][T11314] 9pnet_fd: Insufficient options for proto=fd
[ 2644.563893][T11318] overlayfs: missing 'lowerdir'
[ 2645.101982][T11337] binder: 11334:11337 ioctl c0306201 0 returned -14
[ 2645.343563][T11345] program syz.3.17359 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2646.299870][T11375] program syz.4.17374 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2646.665562][T11385] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17378'.
[ 2646.665589][T11385] netlink: 24 bytes leftover after parsing attributes in process `syz.1.17378'.
[ 2646.745823][T11385] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17378'.
[ 2646.745847][T11385] netlink: 24 bytes leftover after parsing attributes in process `syz.1.17378'.
[ 2647.154191][T11398] binder: 11397:11398 ioctl c0306201 0 returned -14
[ 2647.209183][T11400] veth0_to_batadv: entered allmulticast mode
[ 2647.553984][T11410] binder: 11408:11410 ioctl c0306201 0 returned -14
[ 2648.347057][T11436] netlink: 'syz.5.17402': attribute type 4 has an invalid length.
[ 2648.347080][T11436] netlink: 'syz.5.17402': attribute type 5 has an invalid length.
[ 2648.347095][T11436] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.17402'.
[ 2648.535609][T11440] netlink: 48 bytes leftover after parsing attributes in process `syz.1.17403'.
[ 2649.905028][T11467] netlink: 8 bytes leftover after parsing attributes in process `syz.1.17418'.
[ 2650.359695][ T8549] Bluetooth: hci2: command 0x0406 tx timeout
[ 2652.134944][T11499] netlink: 'syz.5.17433': attribute type 4 has an invalid length.
[ 2652.134989][T11499] netlink: 'syz.5.17433': attribute type 5 has an invalid length.
[ 2652.135004][T11499] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.17433'.
[ 2652.378478][T11505] veth0_to_batadv: entered allmulticast mode
[ 2657.164326][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 2657.164492][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 2661.077558][T11601] netlink: 'syz.3.17482': attribute type 4 has an invalid length.
[ 2661.077583][T11601] netlink: 'syz.3.17482': attribute type 5 has an invalid length.
[ 2661.077598][T11601] netlink: 3657 bytes leftover after parsing attributes in process `syz.3.17482'.
[ 2661.730281][T11615] netlink: 76 bytes leftover after parsing attributes in process `syz.1.17489'.
[ 2663.131792][T11633] macvtap0: entered promiscuous mode
[ 2663.133920][T11633] macvtap0: left promiscuous mode
[ 2665.141591][T11646] netlink: 'syz.5.17504': attribute type 4 has an invalid length.
[ 2665.141617][T11646] netlink: 'syz.5.17504': attribute type 5 has an invalid length.
[ 2665.141633][T11646] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.17504'.
[ 2665.849730][T11661] netlink: 76 bytes leftover after parsing attributes in process `syz.3.17509'.
[ 2666.081717][T11668] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17512'.
[ 2666.081744][T11668] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17512'.
[ 2666.268509][T11668] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17512'.
[ 2666.268536][T11668] netlink: 8 bytes leftover after parsing attributes in process `syz.3.17512'.
[ 2667.089036][T11694] netlink: 48 bytes leftover after parsing attributes in process `syz.5.17523'.
[ 2668.984905][T11714] binder: 11713:11714 ioctl c0306201 0 returned -14
[ 2669.353868][T11718] netlink: 48 bytes leftover after parsing attributes in process `syz.5.17536'.
[ 2670.699725][T11741] netlink: 'syz.1.17548': attribute type 4 has an invalid length.
[ 2670.699748][T11741] netlink: 'syz.1.17548': attribute type 5 has an invalid length.
[ 2670.699763][T11741] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.17548'.
[ 2671.284303][T11760] binder: 11758:11760 ioctl c0306201 0 returned -14
[ 2672.300044][T11792] overlayfs: missing 'lowerdir'
[ 2672.308175][T11790] binder: 11789:11790 ioctl c0306201 0 returned -14
[ 2673.315176][T11819] binder: 11818:11819 ioctl c0306201 0 returned -14
[ 2673.624292][T11829] Mount JFS Failure: -5
[ 2673.714652][T11831] 9pnet_fd: Insufficient options for proto=fd
[ 2675.193830][T11862] overlayfs: missing 'lowerdir'
[ 2675.741160][T11875] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17598'.
[ 2675.741186][T11875] netlink: 24 bytes leftover after parsing attributes in process `syz.0.17598'.
[ 2675.967582][T11875] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17598'.
[ 2675.967609][T11875] netlink: 24 bytes leftover after parsing attributes in process `syz.0.17598'.
[ 2678.292763][T11907] binder: 11906:11907 ioctl c0306201 0 returned -14
[ 2679.330683][T11927] netlink: 8 bytes leftover after parsing attributes in process `syz.4.17635'.
[ 2679.330712][T11927] netlink: 24 bytes leftover after parsing attributes in process `syz.4.17635'.
[ 2679.472536][T11927] netlink: 8 bytes leftover after parsing attributes in process `syz.4.17635'.
[ 2679.472565][T11927] netlink: 24 bytes leftover after parsing attributes in process `syz.4.17635'.
[ 2681.295041][T11951] Mount JFS Failure: -5
[ 2681.637614][T11957] overlayfs: missing 'lowerdir'
[ 2684.159272][T11989] netlink: 'syz.5.17666': attribute type 12 has an invalid length.
[ 2684.523923][T11997] overlayfs: missing 'lowerdir'
[ 2685.234098][T12020] netlink: 4 bytes leftover after parsing attributes in process `syz.4.17680'.
[ 2685.753423][T12030] binder: 12029:12030 ioctl c0306201 0 returned -14
[ 2686.078104][T12040] program syz.0.17689 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2686.779944][T12060] netlink: 'syz.1.17698': attribute type 12 has an invalid length.
[ 2687.013280][   T38] audit: type=1326 audit(1763512037.464:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12065 comm="syz.4.17702" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f2fb412f6c9 code=0x0
[ 2687.604439][T12086] netlink: 'syz.4.17712': attribute type 12 has an invalid length.
[ 2688.075152][T12101] overlayfs: missing 'lowerdir'
[ 2688.085363][T12099] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17719'.
[ 2689.045798][T12124] netlink: 8 bytes leftover after parsing attributes in process `syz.0.17731'.
[ 2690.049190][T12156] netlink: 76 bytes leftover after parsing attributes in process `syz.3.17746'.
[ 2690.551722][T12172] trusted_key: encrypted_key: master key parameter 'u' is invalid
[ 2691.275638][T12188] program syz.4.17762 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2691.653478][T12198] trusted_key: encrypted_key: insufficient parameters specified
[ 2691.993230][T12204] netlink: 48 bytes leftover after parsing attributes in process `syz.3.17771'.
[ 2693.153765][T12224] trusted_key: encrypted_key: insufficient parameters specified
[ 2693.834482][T12236] 9pnet_fd: Insufficient options for proto=fd
[ 2698.766405][T12290] trusted_key: encrypted_key: insufficient parameters specified
[ 2698.969976][T12292] netlink: 'syz.1.17815': attribute type 4 has an invalid length.
[ 2698.970001][T12292] netlink: 'syz.1.17815': attribute type 5 has an invalid length.
[ 2698.970017][T12292] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.17815'.
[ 2703.129640][ T6039] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[ 2703.193816][ T8549] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 2703.212826][ T8549] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 2703.214199][ T8549] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 2703.217766][ T8549] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 2703.218604][ T8549] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 2703.292709][ T6039] usb 4-1: Using ep0 maxpacket: 16
[ 2703.311188][ T6039] usb 4-1: config 0 has an invalid interface number: 147 but max is 0
[ 2703.311218][ T6039] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2703.311238][ T6039] usb 4-1: config 0 has no interface number 0
[ 2703.321060][ T6039] usb 4-1: New USB device found, idVendor=0525, idProduct=1080, bcdDevice=5b.44
[ 2703.321091][ T6039] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2703.321112][ T6039] usb 4-1: Product: syz
[ 2703.321127][ T6039] usb 4-1: Manufacturer: syz
[ 2703.321141][ T6039] usb 4-1: SerialNumber: syz
[ 2703.426903][ T6039] usb 4-1: config 0 descriptor??
[ 2703.441792][ T6039] net1080 4-1:0.147: probe with driver net1080 failed with error -22
[ 2703.670599][ T6039] usb 4-1: USB disconnect, device number 14
[ 2704.310730][ T6426] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2704.683362][T12382] netlink: 4 bytes leftover after parsing attributes in process `syz.3.17858'.
[ 2704.733475][ T6426] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2705.113876][ T6426] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2705.329675][ T8549] Bluetooth: hci3: command tx timeout
[ 2705.714290][ T6426] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2706.302767][T12375] chnl_net:caif_netlink_parms(): no params data found
[ 2706.431521][ T6426] bridge_slave_1: left allmulticast mode
[ 2706.431554][ T6426] bridge_slave_1: left promiscuous mode
[ 2706.431858][ T6426] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2706.541211][ T6426] bridge_slave_0: left allmulticast mode
[ 2706.541246][ T6426] bridge_slave_0: left promiscuous mode
[ 2706.541549][ T6426] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2707.401229][ T8549] Bluetooth: hci3: command tx timeout
[ 2708.917954][ T6426] bond1 (unregistering): Released all slaves
[ 2709.008358][ T6426] bond2 (unregistering): Released all slaves
[ 2709.499841][ T8549] Bluetooth: hci3: command tx timeout
[ 2710.411538][T12375] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2710.411683][T12375] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2710.411970][T12375] bridge_slave_0: entered allmulticast mode
[ 2710.415000][T12375] bridge_slave_0: entered promiscuous mode
[ 2710.418468][T12375] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2710.418611][T12375] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2710.418824][T12375] bridge_slave_1: entered allmulticast mode
[ 2710.486397][T12375] bridge_slave_1: entered promiscuous mode
[ 2710.653624][T12455] Mount JFS Failure: -5
[ 2711.315848][T12480] netlink: 76 bytes leftover after parsing attributes in process `syz.0.17902'.
[ 2711.377710][T12375] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2711.455922][T12375] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2711.559518][ T8549] Bluetooth: hci3: command tx timeout
[ 2711.578000][   T38] audit: type=1326 audit(1763512062.024:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12482 comm="syz.1.17904" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc9e483f6c9 code=0x0
[ 2711.909647][ T6426] hsr_slave_0: left promiscuous mode
[ 2711.969527][ T6426] hsr_slave_1: left promiscuous mode
[ 2711.970515][ T6426] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2711.970542][ T6426] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2712.001459][ T6426] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2712.001490][ T6426] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2712.199665][ T6426] veth1_macvtap: left promiscuous mode
[ 2712.199924][ T6426] veth0_macvtap: left promiscuous mode
[ 2712.200196][ T6426] veth1_vlan: left promiscuous mode
[ 2712.200377][ T6426] veth0_vlan: left promiscuous mode
[ 2714.755123][T12505] overlayfs: missing 'lowerdir'
[ 2716.250964][T12533] netlink: 'syz.5.17929': attribute type 4 has an invalid length.
[ 2716.250987][T12533] netlink: 'syz.5.17929': attribute type 5 has an invalid length.
[ 2716.251000][T12533] netlink: 3657 bytes leftover after parsing attributes in process `syz.5.17929'.
[ 2717.082316][T12550] netlink: 96 bytes leftover after parsing attributes in process `syz.0.17936'.
[ 2717.201329][ T6426] veth0_to_batadv (unregistering): left allmulticast mode
[ 2717.381406][ T6426] team0 (unregistering): Port device team_slave_1 removed
[ 2717.644121][ T6426] team0 (unregistering): Port device team_slave_0 removed
[ 2718.620276][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 2718.620352][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 2718.721806][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2718.840461][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2719.691428][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2719.739963][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2719.792209][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2719.841254][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2720.508635][T12375] team0: Port device team_slave_0 added
[ 2720.530308][T12375] team0: Port device team_slave_1 added
[ 2720.626582][   T38] audit: type=1326 audit(1763512071.074:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12573 comm="syz.1.17947" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc9e483f6c9 code=0x0
[ 2720.955241][T12375] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2720.955262][T12375] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2720.955294][T12375] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2720.957814][T12375] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2720.957830][T12375] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2720.957859][T12375] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2721.175845][T12597] netlink: 'syz.1.17959': attribute type 4 has an invalid length.
[ 2721.175868][T12597] netlink: 'syz.1.17959': attribute type 5 has an invalid length.
[ 2721.175881][T12597] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.17959'.
[ 2721.533384][T12375] hsr_slave_0: entered promiscuous mode
[ 2721.548128][T12375] hsr_slave_1: entered promiscuous mode
[ 2721.551618][T12375] debugfs: 'hsr0' already exists in 'hsr'
[ 2721.551649][T12375] Cannot create hsr debugfs directory
[ 2721.724283][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2721.949703][T12622] netlink: 76 bytes leftover after parsing attributes in process `syz.3.17971'.
[ 2721.984330][T12626] netlink: 'syz.1.17972': attribute type 4 has an invalid length.
[ 2721.984354][T12626] netlink: 'syz.1.17972': attribute type 5 has an invalid length.
[ 2721.984370][T12626] netlink: 3657 bytes leftover after parsing attributes in process `syz.1.17972'.
[ 2722.349083][T12637] Mount JFS Failure: -5
[ 2723.225044][T12658] netlink: 76 bytes leftover after parsing attributes in process `syz.5.17988'.
[ 2723.902494][T12375] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 2723.947077][T12375] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 2724.008591][T12375] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 2724.048991][T12375] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 2724.328636][T12687] netlink: 76 bytes leftover after parsing attributes in process `syz.5.17999'.
[ 2724.449332][T12375] 8021q: adding VLAN 0 to HW filter on device bond0
[ 2724.504771][T12375] 8021q: adding VLAN 0 to HW filter on device team0
[ 2724.533327][  T785] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2724.533550][  T785] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2724.556203][  T785] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2724.556491][  T785] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2724.708815][T12699] Mount JFS Failure: -5
[ 2725.575340][T12375] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 2726.493071][   T38] audit: type=1326 audit(1763512076.944:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=12748 comm="syz.1.18026" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc9e483f6c9 code=0x0
[ 2726.650043][T12375] veth0_vlan: entered promiscuous mode
[ 2726.676090][T12375] veth1_vlan: entered promiscuous mode
[ 2726.748015][T12375] veth0_macvtap: entered promiscuous mode
[ 2726.764530][T12375] veth1_macvtap: entered promiscuous mode
[ 2726.793110][T12375] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 2726.880963][T12375] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 2726.937533][  T785] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 2726.941765][  T785] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 2726.942312][  T785] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 2726.943652][  T785] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 2727.011334][T12759] Mount JFS Failure: -5
[ 2727.298977][T12005] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2727.298999][T12005] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2727.409767][ T3593] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 2727.409791][ T3593] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 2727.926773][T12771] 9pnet_fd: Insufficient options for proto=fd
[ 2727.962949][T12774] sctp: [Deprecated]: syz.5.18036 (pid 12774) Use of int in maxseg socket option.
[ 2727.962949][T12774] Use struct sctp_assoc_value instead
[ 2731.408267][T12794] 9pnet_fd: Insufficient options for proto=fd
[ 2734.653515][T18080] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 2734.682929][T18080] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 2734.684333][T18080] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 2734.771475][T18080] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 2734.777706][T18080] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 2736.841884][ T8549] Bluetooth: hci4: command tx timeout
[ 2738.919619][ T8549] Bluetooth: hci4: command tx timeout
[ 2741.159678][ T8549] Bluetooth: hci4: command tx timeout
[ 2742.843250][T12809] chnl_net:caif_netlink_parms(): no params data found
[ 2743.249505][ T8549] Bluetooth: hci4: command tx timeout
[ 2748.145093][T12884] veth0_to_batadv: entered allmulticast mode
[ 2748.278877][T12809] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2748.279042][T12809] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2748.279317][T12809] bridge_slave_0: entered allmulticast mode
[ 2748.335275][T12809] bridge_slave_0: entered promiscuous mode
[ 2748.382702][T12809] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2748.382882][T12809] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2748.383144][T12809] bridge_slave_1: entered allmulticast mode
[ 2748.414369][T12809] bridge_slave_1: entered promiscuous mode
[ 2751.480746][T12910] binder: 12908:12910 ioctl c0306201 0 returned -14
[ 2753.506054][T12809] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2753.633936][T12809] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2755.794807][T18080] Bluetooth: hci4: command 0x0405 tx timeout
[ 2757.998968][T12809] team0: Port device team_slave_0 added
[ 2758.070508][T12809] team0: Port device team_slave_1 added
[ 2767.794296][T12997] overlayfs: conflicting lowerdir path
[ 2767.819916][T13002] sctp: [Deprecated]: syz.3.18130 (pid 13002) Use of int in maxseg socket option.
[ 2767.819916][T13002] Use struct sctp_assoc_value instead
[ 2770.155759][T12809] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2770.155778][T12809] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2770.155809][T12809] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2770.158798][T12809] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2770.158814][T12809] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2770.158845][T12809] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2771.105708][T13018] program syz.4.18136 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2773.128131][   T38] audit: type=1326 audit(1763512123.574:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13022 comm="syz.4.18138" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0ed3eef6c9 code=0x0
[ 2779.353396][  T785] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2780.045382][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 2780.045479][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 2782.055849][T12809] hsr_slave_0: entered promiscuous mode
[ 2782.085965][T12809] hsr_slave_1: entered promiscuous mode
[ 2782.095325][T12809] debugfs: 'hsr0' already exists in 'hsr'
[ 2782.095355][T12809] Cannot create hsr debugfs directory
[ 2783.148981][T13058] Mount JFS Failure: -5
[ 2787.600452][T13073] sctp: [Deprecated]: syz.1.18158 (pid 13073) Use of int in maxseg socket option.
[ 2787.600452][T13073] Use struct sctp_assoc_value instead
[ 2789.414356][T13084] Mount JFS Failure: -5
[ 2790.979743][   T38] audit: type=1326 audit(1763512141.404:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13093 comm="syz.1.18167" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc9e483f6c9 code=0x0
[ 2797.287734][ T5120] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 2797.406460][ T5120] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 2797.416127][ T5120] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 2797.418604][ T5120] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 2797.420422][ T5120] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 2797.562053][   T38] audit: type=1326 audit(1763512148.014:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13115 comm="syz.0.18177" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f09ec7cf6c9 code=0x0
[ 2799.479691][ T8549] Bluetooth: hci5: command tx timeout
[ 2801.559472][ T8549] Bluetooth: hci5: command tx timeout
[ 2803.352557][T13116] chnl_net:caif_netlink_parms(): no params data found
[ 2803.695362][ T8549] Bluetooth: hci5: command tx timeout
[ 2805.729541][ T8549] Bluetooth: hci5: command tx timeout
[ 2808.934788][T13116] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2808.934950][T13116] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2808.935221][T13116] bridge_slave_0: entered allmulticast mode
[ 2808.938371][T13116] bridge_slave_0: entered promiscuous mode
[ 2809.041796][T13116] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2809.058895][T13116] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2809.059177][T13116] bridge_slave_1: entered allmulticast mode
[ 2809.105385][T13116] bridge_slave_1: entered promiscuous mode
[ 2811.385636][T13116] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2811.516504][T13116] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2811.798394][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2811.867531][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2811.897351][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2811.938835][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2811.967437][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2811.995942][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2812.053347][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2812.686050][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2812.716655][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2812.768366][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2812.838227][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2812.866273][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2812.937413][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2813.486746][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2813.516873][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2813.572404][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2813.599255][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2813.785915][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2813.812981][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2813.871549][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2813.898550][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2813.968958][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.120449][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.149692][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.203889][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.233489][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.267766][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.296726][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.350074][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.386207][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.417143][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.446255][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.520876][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.550096][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.603920][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.632913][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.688089][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.715227][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.785656][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.812928][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.886396][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.913166][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2814.987320][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.013241][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.092909][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.135271][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.164221][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.196173][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.267869][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.322210][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.350562][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.405416][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.432428][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.486844][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.512523][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.546375][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.601799][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.655260][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.684108][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.714067][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.787792][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.817303][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.888771][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.914146][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2815.985903][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2816.012735][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2816.053720][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2816.149252][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2816.179225][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2816.239246][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2816.266734][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2816.338785][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2816.364780][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2816.436268][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2816.462647][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2816.522601][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2816.550568][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2816.579322][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2816.621979][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2816.649140][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2817.975046][T13116] team0: Port device team_slave_0 added
[ 2818.046928][T13116] team0: Port device team_slave_1 added
[ 2820.294832][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2820.341744][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2820.373621][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2820.404933][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2820.435731][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2820.466205][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2820.501155][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2820.534072][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2820.810032][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2820.841630][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2820.875837][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2820.911160][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2821.001012][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2821.032826][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2821.064590][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2821.800802][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2821.835716][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2821.868812][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2821.901242][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2821.935894][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2821.969747][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2822.001860][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2822.035834][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2822.142564][T13116] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2822.142584][T13116] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2822.142614][T13116] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2822.145238][T13116] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 2822.145252][T13116] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2822.145280][T13116] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 2822.150739][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2822.182766][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2822.217062][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2822.253207][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2822.288819][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2822.321285][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2822.352798][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2822.541791][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2822.573916][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2822.605634][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2822.640633][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2822.673531][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2823.340684][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2823.411336][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2823.472656][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2823.592272][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2823.625852][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2823.845913][ T5120] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 2823.896685][ T5120] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 2823.942565][ T5120] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 2823.978816][ T5120] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 2823.984950][ T5120] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 2824.127752][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2824.161198][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2824.194340][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2824.228494][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2824.261272][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2824.312208][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2824.346836][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2824.386418][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2824.421390][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2824.453542][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2824.699250][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2824.868707][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2824.899909][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2824.931715][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2824.964501][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2824.998967][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2826.039565][ T5120] Bluetooth: hci4: command tx timeout
[ 2827.872240][T13116] hsr_slave_0: entered promiscuous mode
[ 2827.876028][T13116] hsr_slave_1: entered promiscuous mode
[ 2827.877052][T13116] debugfs: 'hsr0' already exists in 'hsr'
[ 2827.877077][T13116] Cannot create hsr debugfs directory
[ 2828.141619][ T8549] Bluetooth: hci4: command tx timeout
[ 2828.289595][ T8549] Bluetooth: hci3: command 0x0406 tx timeout
[ 2830.217508][ T5120] Bluetooth: hci4: command tx timeout
[ 2832.289603][ T5120] Bluetooth: hci4: command tx timeout
[ 2837.332972][T13298] netlink: 28 bytes leftover after parsing attributes in process `syz.4.18249'.
[ 2838.360169][T13242] chnl_net:caif_netlink_parms(): no params data found
[ 2841.491414][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 2841.491491][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 2844.340021][T13325] netlink: 28 bytes leftover after parsing attributes in process `syz.4.18258'.
[ 2845.044706][T13242] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2845.044887][T13242] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2845.045182][T13242] bridge_slave_0: entered allmulticast mode
[ 2845.095446][T13242] bridge_slave_0: entered promiscuous mode
[ 2845.107334][T13242] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2845.107481][T13242] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2845.107752][T13242] bridge_slave_1: entered allmulticast mode
[ 2845.132886][T13242] bridge_slave_1: entered promiscuous mode
[ 2847.638666][T13242] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 2847.663779][T13242] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 2852.874906][T13242] team0: Port device team_slave_0 added
[ 2852.878803][T13242] team0: Port device team_slave_1 added
[ 2853.242473][   T38] audit: type=1326 audit(1763512203.684:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=13338 comm="syz.0.18265" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f09ec7cf6c9 code=0x0
[ 2854.480739][ T8549] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 2854.484666][ T8549] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 2854.488834][ T8549] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 2854.522913][ T8549] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 2854.523914][ T8549] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 2855.918799][T13346] netlink: 28 bytes leftover after parsing attributes in process `syz.0.18267'.
[ 2856.613480][ T8549] Bluetooth: hci6: command tx timeout
[ 2858.344926][ T5120] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2858.371252][ T5120] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2858.390546][ T5120] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2858.391835][ T5120] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2858.392665][ T5120] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2858.679575][ T5120] Bluetooth: hci6: command tx timeout
[ 2860.439592][ T5120] Bluetooth: hci0: command tx timeout
[ 2860.759461][ T5120] Bluetooth: hci6: command tx timeout
[ 2862.519483][ T5120] Bluetooth: hci0: command tx timeout
[ 2863.039660][ T5120] Bluetooth: hci6: command tx timeout
[ 2864.649544][ T8549] Bluetooth: hci0: command tx timeout
[ 2866.682509][ T8549] Bluetooth: hci0: command tx timeout
[ 2877.365895][  T785] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 2878.159314][ T5120] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 2878.475168][ T5120] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 2878.759758][ T5120] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 2878.799585][ T5120] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 2878.800507][ T5120] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 2879.128009][T13242] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 2879.128029][T13242] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 2879.128067][T13242] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 2882.039701][ T5120] Bluetooth: hci7: command tx timeout
[ 2884.122565][ T5120] Bluetooth: hci7: command tx timeout
[ 2886.279657][ T5120] Bluetooth: hci7: command tx timeout
[ 2886.328256][ T8549] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 2886.337100][ T8549] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 2886.339924][ T8549] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 2886.530042][ T8549] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 2886.530912][ T8549] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 2888.359735][ T8549] Bluetooth: hci7: command tx timeout
[ 2888.599539][ T8549] Bluetooth: hci2: command tx timeout
[ 2890.685399][ T8549] Bluetooth: hci2: command tx timeout
[ 2892.759892][ T8549] Bluetooth: hci2: command tx timeout
[ 2895.903251][ T5120] Bluetooth: hci2: command tx timeout
[ 2902.663189][T13385] netlink: 'syz.4.18280': attribute type 4 has an invalid length.
[ 2902.663216][T13385] netlink: 'syz.4.18280': attribute type 5 has an invalid length.
[ 2902.663231][T13385] netlink: 3657 bytes leftover after parsing attributes in process `syz.4.18280'.
[ 2902.926439][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 2902.926519][ T1323] ieee802154 phy1 wpan1: encryption failed: -22
[ 2920.115491][T13416] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 2920.118807][T13416] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 2920.134140][T13416] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 2920.180290][T13416] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 2920.188525][T13356] chnl_net:caif_netlink_parms(): no params data found
[ 2920.210898][T13416] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 2920.453562][ T5120] Bluetooth: hci5: command 0x0406 tx timeout
[ 2922.366848][T13420] sctp: [Deprecated]: syz.4.18287 (pid 13420) Use of int in maxseg socket option.
[ 2922.366848][T13420] Use struct sctp_assoc_value instead
[ 2922.672314][ T8549] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 2922.699609][ T8549] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 2922.704001][ T8549] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 2922.706181][ T8549] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 2922.707062][ T8549] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 2924.379277][ T8549] Bluetooth: hci4: command tx timeout
[ 2924.759533][ T8549] Bluetooth: hci6: command tx timeout
[ 2926.812170][ T8549] Bluetooth: hci4: command tx timeout
[ 2926.849422][ T8549] Bluetooth: hci6: command tx timeout
[ 2928.939516][ T8549] Bluetooth: hci4: command tx timeout
[ 2929.009673][ T8549] Bluetooth: hci6: command tx timeout
[ 2931.029440][ T8549] Bluetooth: hci4: command tx timeout
[ 2931.099386][ T8549] Bluetooth: hci6: command tx timeout
[ 2935.261222][ T5120] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 2935.265852][ T5120] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 2935.268665][ T5120] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 2935.382178][ T5120] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 2935.496590][ T5120] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 2937.689520][ T8549] Bluetooth: hci0: command tx timeout
[ 2939.719453][ T8549] Bluetooth: hci0: command tx timeout
[ 2941.799958][ T8549] Bluetooth: hci0: command tx timeout
[ 2948.465180][ T8549] Bluetooth: hci0: command tx timeout
[ 2950.919912][   T39] INFO: task syz.3.18192:13155 blocked for more than 143 seconds.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 2950.919953][   T39]       Not tainted syzkaller #0
[ 2950.919964][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 2950.919976][   T39] task:syz.3.18192     state:D stack:25160 pid:13155 tgid:13155 ppid:7656   task_flags:0x400040 flags:0x00080003
[ 2950.920055][   T39] Call Trace:
[ 2950.920068][   T39]  <TASK>
[ 2950.920085][   T39]  __schedule+0x16f3/0x4c20
[ 2950.920293][   T39]  ? __pfx___schedule+0x10/0x10
[ 2950.920346][   T39]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2950.920411][   T39]  rt_mutex_schedule+0x77/0xf0
[ 2950.920469][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 2950.920495][   T39]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[ 2950.920541][   T39]  rt_mutex_slowlock+0x2b1/0x6e0
[ 2950.920570][   T39]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 2950.920598][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 2950.920622][   T39]  ? __lock_acquire+0xab9/0xd20
[ 2950.920664][   T39]  ? rcu_barrier+0x4c/0x570
[ 2950.920715][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 2950.920747][   T39]  ? rcu_barrier+0x4c/0x570
[ 2950.920768][   T39]  mutex_lock_nested+0x16a/0x1d0
[ 2950.920800][   T39]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 2950.920833][   T39]  rcu_barrier+0x4c/0x570
[ 2950.920858][   T39]  ? rt_write_unlock+0x191/0x230
[ 2950.920892][   T39]  kvm_mmu_uninit_vm+0x53/0x90
[ 2950.920980][   T39]  kvm_arch_destroy_vm+0x23d/0x280
[ 2950.921013][   T39]  kvm_put_kvm+0x6ca/0xa80
[ 2950.921060][   T39]  ? __pfx_kvm_vm_release+0x10/0x10
[ 2950.921098][   T39]  kvm_vm_release+0x46/0x50
[ 2950.921127][   T39]  __fput+0x45b/0xa80
[ 2950.921187][   T39]  task_work_run+0x1d4/0x260
[ 2950.921225][   T39]  ? __pfx_task_work_run+0x10/0x10
[ 2950.921252][   T39]  ? exit_to_user_mode_loop+0x40/0x130
[ 2950.921287][   T39]  exit_to_user_mode_loop+0xe9/0x130
[ 2950.921317][   T39]  do_syscall_64+0x2bd/0xfa0
[ 2950.921348][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2950.921380][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2950.921418][   T39]  ? clear_bhb_loop+0x60/0xb0
[ 2950.921446][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2950.921468][   T39] RIP: 0033:0x7f08b26ff6c9
[ 2950.921493][   T39] RSP: 002b:00007ffd349a1718 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 2950.921516][   T39] RAX: 0000000000000000 RBX: 00000000002ac22f RCX: 00007f08b26ff6c9
[ 2950.921532][   T39] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 2950.921545][   T39] RBP: 00007f08b2957da0 R08: 0000000000000001 R09: 00000004349a1a0f
[ 2950.921560][   T39] R10: 0000001b31f20000 R11: 0000000000000246 R12: 00007f08b2955fac
[ 2950.921575][   T39] R13: 00007f08b2955fa0 R14: ffffffffffffffff R15: 00007ffd349a1830
[ 2950.921612][   T39]  </TASK>
[ 2950.921642][   T39] 
[ 2950.921642][   T39] Showing all locks held in the system:
[ 2950.921657][   T39] 3 locks held by rcuc/0/20:
[ 2950.921671][   T39] 1 lock held by khungtaskd/39:
[ 2950.921683][   T39]  #0: ffffffff8d5aa880 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 2950.921779][   T39] 10 locks held by kworker/u8:12/3593:
[ 2950.921802][   T39] 2 locks held by getty/5559:
[ 2950.921814][   T39]  #0: ffff88823bf700a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 2950.921968][   T39]  #1: ffffc90003e832e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1400
[ 2950.922055][   T39] 6 locks held by kworker/u8:0/785:
[ 2950.922069][   T39]  #0: ffff888019ad4938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 2950.922126][   T39]  #1: ffffc9000e4ffba0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 2950.922182][   T39]  #2: ffffffff8e8568e0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x820
[ 2950.922295][   T39]  #3: ffff888049f6a0d8 (&dev->mutex){....}-{4:4}, at: devlink_pernet_pre_exit+0x10a/0x3d0
[ 2950.922400][   T39]  #4: ffff88802735e300 (&devlink->lock_key#28){+.+.}-{4:4}, at: devlink_pernet_pre_exit+0x11c/0x3d0
[ 2950.922456][   T39]  #5: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[ 2950.922507][   T39] 2 locks held by kworker/u8:2/919:
[ 2950.922521][   T39]  #0: ffff88801fb40138 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 2950.922578][   T39]  #1: ffffc9000a8bfba0 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 2950.922640][   T39] 3 locks held by kworker/1:3/8355:
[ 2950.922654][   T39] 1 lock held by syz.1.17607/11869:
[ 2950.922667][   T39]  #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[ 2950.922720][   T39] 1 lock held by syz-executor/12809:
[ 2950.922732][   T39]  #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[ 2950.922794][   T39] 5 locks held by syz-executor/13116:
[ 2950.922807][   T39]  #0: ffff88803440e480 (sb_writers#7){.+.+}-{0:0}, at: vfs_write+0x217/0xb40
[ 2950.922866][   T39]  #1: ffff88805c456078 (&of->mutex){+.+.}-{4:4}, at: kernfs_fop_write_iter+0x1df/0x540
[ 2950.922947][   T39]  #2: ffff888144f8ee18 (kn->active#52){.+.+}-{0:0}, at: kernfs_fop_write_iter+0x232/0x540
[ 2950.923011][   T39]  #3: ffffffff8e0f4478 (nsim_bus_dev_list_lock){+.+.}-{4:4}, at: del_device_store+0xd1/0x360
[ 2950.923118][   T39]  #4: ffff888049f6a0d8 (&dev->mutex){....}-{4:4}, at: device_del+0xa9/0x8e0
[ 2950.923250][   T39] 1 lock held by syz.3.18192/13155:
[ 2950.923263][   T39]  #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[ 2950.923316][   T39] 8 locks held by kworker/u8:13/13209:
[ 2950.923328][   T39] 6 locks held by kworker/u8:14/13210:
[ 2950.923341][   T39] 1 lock held by syz-executor/13242:
[ 2950.923353][   T39]  #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[ 2950.923407][   T39] 1 lock held by syz-executor/13343:
[ 2950.923420][   T39]  #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[ 2950.923472][   T39] 1 lock held by syz.0.18267/13346:
[ 2950.923483][   T39]  #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[ 2950.923536][   T39] 1 lock held by syz-executor/13347:
[ 2950.923548][   T39]  #0: ffffffff8d5b0230 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x570
[ 2950.923600][   T39] 2 locks held by syz-executor/13356:
[ 2950.923612][   T39]  #0: ffff88806fed4e88 (&hdev->req_lock){+.+.}-{4:4}, at: hci_unregister_dev+0x212/0x510
[ 2950.923713][   T39]  #1: ffff88806fed40a8 (&hdev->lock){+.+.}-{4:4}, at: hci_dev_close_sync+0x66a/0x1330
[ 2950.923903][   T39] 3 locks held by syz-executor/13414:
[ 2950.923918][   T39] 2 locks held by syz-executor/13421:
[ 2950.923932][   T39] 2 locks held by syz-executor/13433:
[ 2950.923945][   T39] 10 locks held by syz-executor/13439:
[ 2950.923958][   T39] 1 lock held by syz.4.18293/13446:
[ 2950.923971][   T39] 
[ 2950.923976][   T39] =============================================
[ 2950.923976][   T39] 
[ 2950.923995][   T39] NMI backtrace for cpu 1
[ 2950.924019][   T39] CPU: 1 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2950.924041][   T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2950.924054][   T39] Call Trace:
[ 2950.924063][   T39]  <TASK>
[ 2950.924077][   T39]  dump_stack_lvl+0x189/0x250
[ 2950.924139][   T39]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2950.924177][   T39]  ? __pfx__printk+0x10/0x10
[ 2950.924218][   T39]  nmi_cpu_backtrace+0x39e/0x3d0
[ 2950.924327][   T39]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 2950.924357][   T39]  ? __pfx__printk+0x10/0x10
[ 2950.924388][   T39]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 2950.924430][   T39]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 2950.924460][   T39]  watchdog+0xf60/0xfa0
[ 2950.924509][   T39]  ? watchdog+0x1e2/0xfa0
[ 2950.924546][   T39]  kthread+0x711/0x8a0
[ 2950.924582][   T39]  ? __pfx_watchdog+0x10/0x10
[ 2950.924612][   T39]  ? __pfx_kthread+0x10/0x10
[ 2950.924640][   T39]  ? rt_spin_unlock+0x150/0x200
[ 2950.924671][   T39]  ? rt_spin_unlock+0x161/0x200
[ 2950.924695][   T39]  ? __pfx_kthread+0x10/0x10
[ 2950.924729][   T39]  ret_from_fork+0x4bc/0x870
[ 2950.924765][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[ 2950.924810][   T39]  ? __switch_to_asm+0x39/0x70
[ 2950.924831][   T39]  ? __switch_to_asm+0x33/0x70
[ 2950.924851][   T39]  ? __pfx_kthread+0x10/0x10
[ 2950.924885][   T39]  ret_from_fork_asm+0x1a/0x30
[ 2950.924925][   T39]  </TASK>
[ 2950.924934][   T39] Sending NMI from CPU 1 to CPUs 0:
[ 2950.924966][    C0] NMI backtrace for cpu 0
[ 2950.924988][    C0] CPU: 0 UID: 0 PID: 3593 Comm: kworker/u8:12 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 2950.925010][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 2950.925029][    C0] Workqueue: bat_events batadv_dat_purge
[ 2950.925100][    C0] RIP: 0010:match_held_lock+0x0/0xc0
[ 2950.925128][    C0] Code: 41 5e 41 5f c3 cc cc cc cc cc e8 fb f8 ff ff 66 66 2e 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 <41> 56 53 bb 01 00 00 00 48 39 77 10 74 6a 81 7f 20 00 00 20 00 72
[ 2950.925145][    C0] RSP: 0018:ffffc9000d99e698 EFLAGS: 00000083
[ 2950.925160][    C0] RAX: 0000000000000006 RBX: ffff888030fe0b88 RCX: f4eb42202cf56200
[ 2950.925173][    C0] RDX: 0000000000000100 RSI: ffffffff8d5aa880 RDI: ffff888030fe0b88
[ 2950.925187][    C0] RBP: 00000000ffffffff R08: 0000000000000000 R09: 0000000000000100
[ 2950.925199][    C0] R10: 0000000000000100 R11: 0000000000000005 R12: 0000000000000246
[ 2950.925210][    C0] R13: ffff888030fe0000 R14: ffffffff8d5aa880 R15: 0000000000000001
[ 2950.925223][    C0] FS:  0000000000000000(0000) GS:ffff888126df7000(0000) knlGS:0000000000000000
[ 2950.925238][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2950.925251][    C0] CR2: 00007f3e6b91f128 CR3: 0000000030dd4000 CR4: 00000000003526f0
[ 2950.925267][    C0] Call Trace:
[ 2950.925274][    C0]  <TASK>
[ 2950.925280][    C0]  lock_is_held_type+0xa8/0x190
[ 2950.925310][    C0]  ip_route_output_key_hash_rcu+0x1328/0x23e0
[ 2950.925398][    C0]  ? ip_route_output_key_hash+0xc1/0x280
[ 2950.925424][    C0]  ip_route_output_key_hash+0x174/0x280
[ 2950.925448][    C0]  ? __lock_acquire+0xab9/0xd20
[ 2950.925474][    C0]  ? __pfx_ip_route_output_key_hash+0x10/0x10
[ 2950.925507][    C0]  ip_route_output_flow+0x2a/0x150
[ 2950.925528][    C0]  ? ip_route_me_harder+0x6ae/0xf10
[ 2950.925604][    C0]  ip_route_me_harder+0x6c4/0xf10
[ 2950.925637][    C0]  ? __pfx_ip_route_me_harder+0x10/0x10
[ 2950.925672][    C0]  ? rcu_is_watching+0x15/0xb0
[ 2950.925694][    C0]  synproxy_send_tcp+0x3a7/0x700
[ 2950.925768][    C0]  synproxy_send_client_synack+0x8bb/0xe20
[ 2950.925799][    C0]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[ 2950.925821][    C0]  ? nft_fib_store_result+0x8/0x2f0
[ 2950.925873][    C0]  ? synproxy_pernet+0x45/0x270
[ 2950.925922][    C0]  nft_synproxy_eval_v4+0x36e/0x560
[ 2950.925952][    C0]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[ 2950.925980][    C0]  ? nf_ip_checksum+0x13c/0x510
[ 2950.926052][    C0]  nft_synproxy_do_eval+0x345/0x570
[ 2950.926081][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[ 2950.926116][    C0]  nft_do_chain+0x40c/0x1920
[ 2950.926143][    C0]  ? stack_depot_save_flags+0x40/0x860
[ 2950.926195][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[ 2950.926218][    C0]  ? kasan_save_track+0x4f/0x80
[ 2950.926249][    C0]  ? __local_bh_enable_ip+0x1a0/0x2e0
[ 2950.926272][    C0]  ? __batadv_dat_purge+0x344/0x400
[ 2950.926295][    C0]  ? batadv_dat_purge+0x20/0x70
[ 2950.926328][    C0]  ? process_scheduled_works+0xae1/0x17b0
[ 2950.926365][    C0]  nft_do_chain_inet+0x25d/0x340
[ 2950.926433][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 2950.926459][    C0]  ? __lock_acquire+0xab9/0xd20
[ 2950.926488][    C0]  ? NF_HOOK+0x9a/0x3a0
[ 2950.926504][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[ 2950.926530][    C0]  nf_hook_slow+0xc5/0x220
[ 2950.926553][    C0]  NF_HOOK+0x206/0x3a0
[ 2950.926571][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 2950.926589][    C0]  ? NF_HOOK+0x9a/0x3a0
[ 2950.926604][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[ 2950.926620][    C0]  ? ip_rcv_finish_core+0xda3/0x1c00
[ 2950.926640][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[ 2950.926659][    C0]  ? skb_dst+0x4f/0xd0
[ 2950.926676][    C0]  ? ip_local_deliver+0x12a/0x1b0
[ 2950.926695][    C0]  NF_HOOK+0x30c/0x3a0
[ 2950.926712][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 2950.926729][    C0]  ? NF_HOOK+0x9a/0x3a0
[ 2950.926746][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[ 2950.926764][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[ 2950.926788][    C0]  ? __pfx_ip_rcv+0x10/0x10
[ 2950.926804][    C0]  __netif_receive_skb+0x143/0x380
[ 2950.926899][    C0]  ? process_backlog+0x27b/0x900
[ 2950.926915][    C0]  process_backlog+0x31e/0x900
[ 2950.926937][    C0]  __napi_poll+0xb6/0x540
[ 2950.926966][    C0]  net_rx_action+0x5f7/0xda0
[ 2950.926990][    C0]  ? __pfx_net_rx_action+0x10/0x10
[ 2950.927010][    C0]  ? kvm_sched_clock_read+0x11/0x20
[ 2950.927046][    C0]  ? __pfx_sched_clock_cpu+0x10/0x10
[ 2950.927070][    C0]  handle_softirqs+0x22f/0x710
[ 2950.927098][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 2950.927125][    C0]  __local_bh_enable_ip+0x1a0/0x2e0
[ 2950.927147][    C0]  ? rt_spin_lock+0x1c1/0x3e0
[ 2950.927168][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 2950.927192][    C0]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[ 2950.927215][    C0]  ? rt_spin_unlock+0x150/0x200
[ 2950.927238][    C0]  ? rt_spin_unlock+0x161/0x200
[ 2950.927259][    C0]  ? __pfx_batadv_dat_to_purge+0x10/0x10
[ 2950.927283][    C0]  __batadv_dat_purge+0x344/0x400
[ 2950.927308][    C0]  ? __batadv_dat_purge+0xae/0x400
[ 2950.927330][    C0]  ? __pfx_batadv_dat_to_purge+0x10/0x10
[ 2950.927356][    C0]  batadv_dat_purge+0x20/0x70
[ 2950.927378][    C0]  ? process_scheduled_works+0x9ef/0x17b0
[ 2950.927399][    C0]  process_scheduled_works+0xae1/0x17b0
[ 2950.927434][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2950.927464][    C0]  worker_thread+0x8a0/0xda0
[ 2950.927499][    C0]  kthread+0x711/0x8a0
[ 2950.927527][    C0]  ? __pfx_worker_thread+0x10/0x10
[ 2950.927549][    C0]  ? __pfx_kthread+0x10/0x10
[ 2950.927574][    C0]  ? rt_spin_unlock+0x150/0x200
[ 2950.927597][    C0]  ? rt_spin_unlock+0x161/0x200
[ 2950.927617][    C0]  ? __pfx_kthread+0x10/0x10
[ 2950.927648][    C0]  ret_from_fork+0x4bc/0x870
[ 2950.927670][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 2950.927694][    C0]  ? __switch_to_asm+0x39/0x70
[ 2950.927711][    C0]  ? __switch_to_asm+0x33/0x70
[ 2950.927728][    C0]  ? __pfx_kthread+0x10/0x10
[ 2950.927755][    C0]  ret_from_fork_asm+0x1a/0x30
[ 2950.927783][    C0]  </TASK>
[ 2953.472223][ T5120] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 2953.483619][ T5120] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 2953.485092][ T5120] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 2953.486966][ T5120] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 2953.488000][ T5120] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 2955.711858][ T8549] Bluetooth: hci8: command tx timeout
[ 2957.836358][ T8549] Bluetooth: hci8: command tx timeout
[ 2959.906280][ T8549] Bluetooth: hci8: command tx timeout