last executing test programs:

23m1.923135961s ago: executing program 4 (id=114):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000040)=@raw={'raw\x00', 0x3c1, 0x3, 0x3d0, 0x0, 0xc8, 0x8, 0x0, 0x5803, 0x328, 0x2e8, 0x2e8, 0x328, 0x2e8, 0x3, 0x0, {[{{@ipv6={@local, @private1, [0xffffff00, 0xff000000], [0xff, 0x34da508f3e8fb0eb, 0xffffff00, 0xff], 'veth0_to_batadv\x00', 'veth1_to_team\x00', {0xff}, {0xff}, 0x89, 0x7, 0x7, 0x38}, 0x0, 0x190, 0x1c8, 0x0, {0x0, 0x2000000000000}, [@common=@unspec=@string={{0xc0}, {0x0, 0x100, 'bm\x00', "cfcaf80c672f61cd17ae5119b5135c2aee0500000000000000ecef50c3234e082555f67222476147864fa03182f5cf11d8c348cbd06d7d4e252c3394fed47bf78c70f607b0178fa5ea3350ebc989f1f34a214e67442ce98bbaa8e0f7323a4ca0a7be6c60c527bac2b500", 0x1, 0x3}}, @common=@inet=@set2={{0x28}, {{0xfffe, 0x5, 0x4}}}]}, @common=@inet=@SET3={0x38, 'SET\x00', 0x3, {{0x3, 0x6, 0x7}, {0x3, 0x3, 0x6}, {0x1, 0x1, 0x2}, 0x3, 0x29b}}}, {{@ipv6={@remote, @loopback, [], [], 'macvtap0\x00', 'syzkaller1\x00', {}, {0xff}, 0x0, 0x0, 0x2}, 0x0, 0xd0, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00', {0xfffffffffffffffd}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x430)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000002c0)={@private2={0xfc, 0x2, '\x00', 0x1}, @empty, @private2, 0x80000, 0x6, 0x0, 0x0, 0x6, 0x900066})
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'vlan1\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f00000002c0)="14043600d3fc03fc01004788031c09100628", 0xfd35, 0x4, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

22m59.822806717s ago: executing program 4 (id=118):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf83, 0x3}, 0x1c)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x20040000}, 0x0)

22m59.295546868s ago: executing program 4 (id=122):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000000)={0x3, 0x2, 0x205, 0xfff000, 0x0, 0x8, 0x9, 0x9}, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r1=>0x0]}, &(0x7f0000000080)=0x8)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2, 0x0, 0x3}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = syz_io_uring_setup(0x1c4d, &(0x7f0000000180)={0x0, 0x668d, 0x8000, 0x2, 0x32a}, &(0x7f0000000040), &(0x7f0000000280))
io_uring_register$IORING_REGISTER_FILES2(r3, 0xd, &(0x7f0000000600)={0x2, 0x1, 0x0, &(0x7f0000000580)=[{&(0x7f00000003c0)=""/215, 0xd7}, {&(0x7f00000004c0)=""/157, 0x9d}], &(0x7f00000005c0)=[0x9, 0x0, 0x3, 0x3, 0x9, 0x0, 0x7]}, 0x20)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000080)={r1, @in={{0x2, 0x4e21, @empty}}, 0x5, 0x0, 0x80000003, 0x0, 0xe2d8f2eb1d010935, 0x5, 0x7}, 0x9c)

22m58.098371361s ago: executing program 4 (id=129):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0xa0}}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[], 0x6c}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x80)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

22m57.758332705s ago: executing program 4 (id=131):
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fd7000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0x4a, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{0x0, 0x14}], 0x1}, 0x800)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r1 = shmget$private(0x0, 0x800000, 0x54003f00, &(0x7f0000800000/0x800000)=nil)
shmat(r1, &(0x7f0000000000/0x4000)=nil, 0xbbdccba4532b703b)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r2 = userfaultfd(0x801)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x5})
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f6, &(0x7f0000000000)={'vlan0\x00', 0x0})
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x8, 0x0, 0x1)
ioctl$UFFDIO_CONTINUE(r2, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_clone(0x42080000, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r3, 0x4010ae67, &(0x7f0000000380)={0x2, 0x34000, 0x1})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
ioctl$KVM_MEMORY_ENCRYPT_UNREG_REGION(r3, 0x8010aebc, &(0x7f0000000080)={0xeeee0000})
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r5 = openat$iommufd(0xffffffffffffff9c, &(0x7f00000004c0), 0x80200, 0x0)
ioctl$IOMMU_OPTION$IOMMU_OPTION_HUGE_PAGES(r5, 0x3b87, &(0x7f0000000600)={0x18, 0x7ffffffe, 0x1, 0x0, 0x0, 0x1})
r6 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x84, 0x0, &(0x7f0000000080))
r7 = openat$iommufd(0xffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(r7, 0x3b84, &(0x7f0000000340)={0x20, 0x0, 0x4, 0x0, &(0x7f00000002c0)=[{}, {}, {}, {}]})
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r9, 0xae41, 0x0)

22m55.670887997s ago: executing program 4 (id=142):
socket(0x1f, 0xa, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0xa0, 0x1}, 0x48)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_serviced_recursive\x00', 0x26e1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8b14, &(0x7f0000000000)={'virt_wifi0\x00', @random="0100"})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wg0\x00', <r4=>0x0})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000000080)=0x8000, 0x4)
sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="0b03feff4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
ptrace$getregset(0x4204, r0, 0x6, &(0x7f00000000c0)={&(0x7f0000001ec0)=""/4096, 0x1000})
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents(r5, &(0x7f0000000ec0)=""/4096, 0x1000)

22m39.462982045s ago: executing program 32 (id=142):
socket(0x1f, 0xa, 0x8)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0xa0, 0x1}, 0x48)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_serviced_recursive\x00', 0x26e1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8b14, &(0x7f0000000000)={'virt_wifi0\x00', @random="0100"})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wg0\x00', <r4=>0x0})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, &(0x7f0000000080)=0x8000, 0x4)
sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="0b03feff4f00020002004788aa96a13bb1000011000088ca1a00", 0x1fffc, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)
ptrace$getregset(0x4204, r0, 0x6, &(0x7f00000000c0)={&(0x7f0000001ec0)=""/4096, 0x1000})
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents(r5, &(0x7f0000000ec0)=""/4096, 0x1000)

8m24.730142744s ago: executing program 2 (id=3108):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x21, &(0x7f0000000180)=0x7, 0x4)
sendmmsg$inet6(r0, &(0x7f0000000880)=[{{&(0x7f0000001540)={0xa, 0x4e20, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x1}, 0x1c, &(0x7f0000005300)=[{}], 0x1}}], 0x1, 0x8054)

8m24.606365202s ago: executing program 2 (id=3109):
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x8000}, 0x8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0x7ff80}, 0x8)
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000003300)=[{{&(0x7f0000001080)={0xa, 0x4e22, 0x40, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x8}, 0x1c, &(0x7f00000014c0)=[{&(0x7f00000010c0)}], 0x1}}], 0x1, 0x202a804)
shutdown(r0, 0x1)
getsockopt$bt_hci(r0, 0x84, 0x7f, &(0x7f0000000080)=""/4057, &(0x7f0000001180)=0xfd9)

8m24.573438412s ago: executing program 2 (id=3110):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000c00)=ANY=[@ANYRES16=r1, @ANYBLOB="bf4400000000000000000c0000008000058014000280080001000000000008000100090000002c0002800800020001000000080004005fbe0000080001001b00000008000200000000000800020009000000070001006962000034000280080003006400000008000400090000000800030051bd000008000300fc00000008000300a90f0000080001"], 0x2ac}}, 0x0)

8m24.457715086s ago: executing program 2 (id=3111):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe46a}, 0x94)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000340)=@newtaction={0x5c, 0x30, 0xffffffffffffffff, 0x0, 0x0, {}, [{0x48, 0x1, [@m_bpf={0x44, 0x1, 0x0, 0x0, {{0x8}, {0x1c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1, 0x0, 0x4, 0x0, 0x4}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x5c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0xa25bb844b084a7a1}, 0x0)

8m21.445117085s ago: executing program 2 (id=3121):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000400000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x2c060000)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
unshare(0x2c020400)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, r2, &(0x7f00000002c0)={0xa0000014})
close_range(0xffffffffffffffff, r2, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, 0x0, 0x8000)
io_uring_setup(0x54a0, &(0x7f0000000000)={0x0, 0xe0f5, 0x2, 0x2, 0xf2})
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000440)={0x10001, 0x8, 0x3, 0x7, 0x5, 0x0, [{0x1, 0xc, 0x9, '\x00', 0x8}, {0x4, 0x8001, 0x800, '\x00', 0x300a}, {0x3, 0xae, 0x1, '\x00', 0x1}, {0x9, 0x7, 0xffffffff80000000, '\x00', 0x80}, {0x7fffffffffffffff, 0x5, 0x5, '\x00', 0x2800}]})

8m20.284125776s ago: executing program 2 (id=3133):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="851000000000000018100000", @ANYRES32], 0x0}, 0x94)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x2, &(0x7f0000000000)=""/126, &(0x7f0000000080)=0x7e)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)

8m5.225831915s ago: executing program 33 (id=3133):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000740)={0x0, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="851000000000000018100000", @ANYRES32], 0x0}, 0x94)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x2, &(0x7f0000000000)=""/126, &(0x7f0000000080)=0x7e)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x68, '\x00', 0x0, @fallback=0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000000), &(0x7f0000000040)}, 0x20)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000001b40)='sched_switch\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_clone(0x42000000, 0x0, 0x0, 0x0, 0x0, 0x0)

1m5.151315252s ago: executing program 1 (id=6359):
r0 = open(&(0x7f0000000040)='./file0\x00', 0x101040, 0x0)
fcntl$setsig(r0, 0xa, 0x21)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000000)={'pimreg\x00', 0x2})
r1 = socket$igmp(0x2, 0x3, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
fsync(r1)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="28000000210001"], 0x28}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000300)=ANY=[@ANYBLOB="a80000003c00000426bd7000ffdbdf25080085000a0101000b00090070696d72656700006b8c2cd07094f11dc7d3827f0fbd132ddb3db2c409bf8a5971407b20a9402d83bb8ebe1e2b7a9853ec6a86e969ed4fb7178cd92c97ccd230c481854955f96543e6356ebcdfb0b8dd45822b5d99cd0e30e1153101b45bd32696d9400be3e4e0197007084fb2c8b4814a85b35a957ee8b0c0357c452ceb9d628a7132964255f6ea72000000"], 0xa8}, {&(0x7f00000003c0)={0x10, 0x32, 0x300, 0x70bd29, 0x25dfdbfd}, 0x10}], 0x2}, 0x0)
recvmmsg(r5, &(0x7f00000077c0)=[{{0x0, 0x0, &(0x7f0000000540)}}, {{0x0, 0x0, 0x0}}], 0x2, 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
truncate(&(0x7f0000000000)='./file0\x00', 0x0)
dup2(r6, r0)

1m2.907832598s ago: executing program 1 (id=6366):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_lsm={0x18, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x40}, 0x94)

1m2.657320874s ago: executing program 1 (id=6369):
openat$tun(0xffffffffffffff9c, &(0x7f0000000580), 0x802, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
sendmmsg(r0, &(0x7f0000000ec0)=[{{&(0x7f00000002c0)=@l2tp={0x2, 0x0, @private=0xa010100, 0x4}, 0x80, &(0x7f0000000340)=[{&(0x7f00000006c0)="cc5c84001214dbd9e5943aa8a315357330c56529d6b619a78687eea13ea02981afbb0fab70e8c3ab037cd82bd48f4947702a177974e7eff5f2ccdec909645f69e3dea5153157374459f6a21ba8609552d9ada54e81b0f19b55b77cf382ad229baa9decce1ea639a300f1fa65b945a0e29d36", 0x72}, {0x0}, {&(0x7f0000001400)="9af390e2aadb61017e08249a2485ad46a590a90910858e1ceefc66db2ed8f32bf6be0e2f94e7e4db6454393a128402ed26580c7c5ebc85db639da17c927c23dbde640ab030889e8b61f26d270bc73b21c9ac8ba542e6b4ad2cd147059128ba038e4b9ebb20537f437b23b46ec790720e1fb74cef3c677e9978662a84cf2fcf73c73a5e763358496737af6284226bad34fb9083f87d853ab78c816cf32c90bd5c40ff6446214552d29745d34e0c4bfa623d00e5cbb393972371503122a0f44135db5654ace67cddb85a12df91fcf994fc680afe5d34268b23447589ef3f5383d152bf6dd104984297180f896ec8b1ba50952c5ab76e144f5636692d7cf17922c9b447ed6d59553ec6085e07413034875c1ae0947280e1a6f0d5e7f23b32e56ead8590d3269fdcb624cc870968b2f100bf3bc3d2ab105a5f61456d4969181fbd207b6f4d6d9ca0a1920daabec06d0c5e276d18f2571e88373dd41af9080d72aa88b10f8900b48acb61a61007dd4dd0e9240af5382a26f68bd706a83d8df76a4a5d02b39d07f97c4f86dad9e14eb957cc4be52b027a462262589929e3d035188dd9f0561e3ba2de6bafe743d9ae397e9aa423644fba8b2d6425ac1cd78c76e52e04d3a29e74075625fb5e674bab02843991ce804e0d04961f2978f3749c5ad83f355ae5da936fd6e0178d2bd12aacbe0205aa9a15579fd61d738f8d36412e814ba500edaf28ea68b0e96fb1839acf8416d8f5df7fad3b663f68e2ee5784fd01c7021130a490e629b1348acf3479e0392ecabbeeb18ec421c26e76f6f5c480e7decc85a0583a56180f199d26090b10ee5057ec4c1e04be948a5960acda014d646cf91bfdfb9d327f8ab545f8b41e8dbab94f195b189a8642a6b95e0ceb36b640fbdfe21925cc110bd2ef2c3fe24f12f95771b60e2ffbc47e58b2237b5574cadc32aab0f0db3202e4adc44a0651ef97703957857cfb6022578c97802f486bd7f48129f0c120700d0b70e048618a9f1de9f34dbb1f92dadc86f09e6288eb1bdbd1f700cc2df781654dfd57d9da779607080d3bc6dede5818aa8d6c99fa1ffdbb6a1a43040fe1379cf2a8b4b862db428c29e388a6e6b863bc818c2139a0d4238f10baf22f498b6629181f997ac280547e92fe300d0f8dd8b6724df5aa14be73cd630b808a29bfb52707b8db7d0065bd753b3773f8df58c74ea56f4582caa2fa8532b8049fd9ba775afc5b92b767ed0b35d4c086d9af6f7b7ed96f5f9d3734e703fc683fe0ed82b7763c67734067759e27b60036a3b4c53526716c175d75a9fa6ed019d3e1047bcb9c6510665de23cc2802804a0c3a347faba392282df430e5e6141f9eb660f7cb0eaedb832a7880c953bc0188c1f28eb466799e2768886ef81096847f50159278b572b0cca7744d6a572a81ddd2bcea73da3c8a59680bcaaadaf95e1fe91e41a8036835975b072a9587c560e3da854c96c64011755d08fef5228bb2db62a445bc0b9e17dea88854cd6a7c8a288727d5690fc4941978dee5eda2dbdc85915e7a2fdae978adb217b3f6b31cf69b51b9f805f8b447a4868b442933fc0e03860a7084230ff8fdff70665717f9c0bade31f87f5de99643e800feceb0dfdd6d1b67d4056a52f0efa2ed2b1142132c6242d917b46d939aade6a362bf586058385d7fcef1b4e358a093d6781b9e9bf280520ff083a6026bf701237e38927ed21209dbf407a7944ef687b93619b181b9112477fa902f391a7163f93bec2d6369ffba644f4fd5139890fb66bd6017a61d9fd043154eb0ab0de3046cdb8a182a553cece0701a922518cf09cd1ab421ee8ec677a8d453cd8c21bdaa5f8dd804dfe80fffec8c4d778d5e260b65a2f0d3c1b09e9d6bd1f3746aa7fe07374a028a89fc96eb66affbcddfaa01a72058566e33af88e37f43fbba73c0423d54079fad54c136ec5fcd61d5134f833ab44f6cfbc2348871f190ac4c4bc20c97fcb29f4823a8e3bf76f85b10dfd33df0001646a7e0b2ee3e14455f6c8f225b80eed457e772cb2504ded46a24e911428decff4a130be797b6530c33ec1be7b0dd4df6206eca1c4c8dfda776336bcb876d80043195de773fbcf0d3abe53e9a38da0af7a6598815a71ffc937203f5a04e87eb532e579d66d42b06b791b6ebd50e7855f6645d29434bb0280fdf1511b163b12838f39ca864516711501bbe345d46b34ab2f0d8317d45376f73e302a90f5c362b18e1840668a9f27e90f2b715b4b6ae7a6dc387583110a42fd4977635275f7244a1912d0c67cf53d5da8a384839020d71db234fcc4388a735275763f01b2b4967e99f551e489bcc28f693a1e688ac8c39a971f8ae9d973cc7adac4a642a7a84ecca2d0bd24c300b94dff82fa4f95c1ce5fdb9128466443cb8442048e53cd46334d59774de0e2ceefcd4cd2e6c9da7cdc2162346111f7da236d72f33d509d73133951e1a3f84fa7e767cf56fc9bfb3986c5ec501634b92a780f63e0ee61e3d25f51c39b975ea587027a101059e9386f1eaaaab8ebfd5c453e9f86c851f9c78e4e06184f04fa9a54ba0bba5d18108c2973f50cb626eca6e3d5b2907b00d2ad4fff9546482815291bd220fa31c1d1a735562174644fe06131e31ce66064fa6a02d5bda756994f81163b97e854274183bbc4ddeb9bb823944afc3e07caf510732df2835fd11de82cb318b88f4d385adb57ac73ffe7f3d1e387848766e11000c94123f2a7d33a93d3b030ebb1206f26221a1ceef44a708693796ab80add7d9b6907c653c6becc21d49c380b3fea419276a387ad482fc3614fa7cac6ea9d07dffc85c1d3f01f57aa9816f32e3237b05d191c3f3d2ed31c313346176d18dc53307afc3aea306a5b44189b6fce062cd21319f1c0a5cf3bc84aaff275491d5fa26d12173e134bdb776478c27502dd4786cc079b6eb00d05f1c8c27a2e326ef11ad1866529b60e6a9e9ae776f01071e364a4604dfe79fbdfc9828628e50940398cc6b925ea8806ee3bbd22129c5d37551eb5e1ef613b027aebce0a83963888396f3e7c953e5416b522fd3a0660fefaea0fc97ca7d82191e2e8f23ca2aa56e8b9de2e1d3e093b8c3f4d7e700b7193b3d83c5b6bb1e7ff2a1c574c9d15ad79631573e41d46653601c510ec7cd0d6125c8e600ebb41247988c28305ac47eead817fecf4460c2221a399134d1d11363401090691a7bf1f58f27a09311d6591cef3d879570667e9e10eebf7df32ec9417f0132be9f1485b167b58b0bf88e31fb2d3957fa05a4d3f191c1d1caa189fc0c11c04287ceaee39a147aced6e3e9c2fe8f51a9823401ad4bf92b0fd4070aae1fe886b8c160a0d2a1507259e58c5608654f05f444877bf9ec215933d6f0a89a3f6199a23c535d8cf9541f2eb970261b12325884fe64330f67a8b07748522c58e5096a04afc67f08b4b0b3da2c9e010b8f079fabdbd187b3d1f69b9f8110e0ec3a488aa8b8563745f7e9fdc1faeaf542858f417d3a75d416e8f55c46cd962d9ac96ce8b56f7a0e22350d2b9e8a537780edddd519fd43baec4834aa6abb0b8c4007dfbb9dac74bf3802108966bf7d5a2999d16110ad0d2cab1c72c2d0ddce14e5043ee62fe9b722355dd2b7e728a589da59ef46dae95f1b89c22d5487a855bc1ee5f9d1427f643e2fa8748e07e6b51e365ab5e23e32401acc229c09f56868532ca611fa678b13f7f580392aee230878817f9dadc9b071245f75b7f626ab6f3342e8d80c3735e3a37646dfddeddec617fd3c155bb0735dd74eb1b71b957645978638f6bab555681b1e0047f7ccf370051f8fd42b171d16291a79ab5aad78940d12129d4de9f1d0a17f539fe333c7e3af31703dd147044ab4efd666cda9942c14cb25fae13cdb497bf7d71094192765df81234cf3dc9d38cdf373a06f5b723ab987708c8ed1b1b7c14cf55663298e752621be837d9e8f806552e0d605515dc0346354c76536d7681bac9dce48479abf18fc8b45862471ce1d75957a23c6bee5b2eb0022d557b6ad6153124e4594d26cc4a6e70de89086e0365039d215c2d9c7d881766b564b58be42104b4a4cad074eb1600be3a98fd7e19296066ee8a8d141d1b9f070c06c58c4f6e5c73b43022f39a13e701220064ceac7951818b1a88f68b2241efc57d37f224161533c75e279500896058aa03ce9571567172b57dbd40e1e14f8068cec77cde8da6aebf54039de9c7251289192616dca9d90bcc3ca24708dde9309d00d9a61c7be33f5858729ca3726fd8e8fdf911e58d3908797ec7b53cec49a8d51a3a30c3172b4277a8be98346488f10385ab3396ba34390f5f44a6f51606a392c25f4b6c65d3cee98004c5312b9f2a6349facbb7f0491fa0505ddc859e25963fae59e8ff05282c108be2a267690c8d53cd2ab7189b997cca8f0905ebcdc86a29b851546284870b348d54023e16262e78c034885696e931e1b2a7b2c23c59ef21393370a16f068ce46115e6b1c3ba9375bb9cb644ec9032bb2eb57eb4897284164af7a8b0a7019a610985dad9f1ce9f12a9a2399ee63fd6d21ee4adc8cbeb7ffe22b50e14c959042197ae45c8f8db2a5d03d6d9c2d5e826112a0bf6d21854a6d5fc77604e4117d7e9a92804c7db9f3eeca536b61a079654f8afbccc140602db833e537ac3c591b98549b5c70734e98b5a47eb9cc16ab2e0ed4f32ff69558e5dcfa2a3b54b8cf3326d4cdd7e9a0c19e4b703070a996acb40a882c2c512e38b4e3d31fe918a3562526132c7bbd497d3f5d40881e6c7363f2e21c8ae8d3ade72d57b6fe9a6cce7f100ae63775c6706b5004312b057aa9191e7614a69584974629c81e536b6422072cdb55b5d98418bf0b15268551548fbc6a9c84f4f701461c5e8e9f12573cc7611758c085582c823f9500d1fb8fa0eb44423f78fa60262f157", 0xd91}], 0x3}}, {{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000880)="90b9f79fecb3ad0dc00ca95fb148a3ba4355cee5ce27d2c10d8474464a37dea0c1ab2a961404f5aa5493cdadb4b6bf4131e96c0aef0f89065db2aa551c68ce3fa911638fd608ff9e30cce409b6e516e59c272cdbbb88c83dc61199", 0x5b}], 0x1}}], 0x2, 0x11)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00'})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1m2.382470916s ago: executing program 1 (id=6373):
r0 = fsopen(&(0x7f0000000080)='mqueue\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000001d40)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xaei\xb6\xb7\xc1Y\xd5YG\xf9\xc2\xf1\xa4\xdb$\xf6]\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\x03\x00\x00\x00\x00\x00\x00\x00\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^W\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B\xc5\x05\x9d\xd6\x02|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3q\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^\x00\x00\x00\x00\x00\x00\x00\x00\x00\xef\xcd\xd3\t\x01A\xd5\x81\xc1;9\xeez\xba\x00\x00\x00\xdc\x94\xff)\xa4\xe6\xfb]\x90bG\x11\b\x98#\xaa99ez|\x8b5\x92\xa5\xba\x96\xb3\xb26I\xbb\xdeb\x95?\xc0\x81', &(0x7f0000000200)='sockfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000040)='\x00', &(0x7f00000001c0)='dE\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000280)='\xd0\x9e^\xa0\xee\xc8\x17T\xb1GI\x90\xe2Q1\xb0\x8f\xe1\xa8\x95\xa0\xcd\fL\xf1<e\a\xa5\x8f\xab\x1a\xdaY\xfb\x03dhS\x97nZ\xf8\xc6\x1f\xd3K\xfa\xc8\x8d#\xce)\x9bg-D#g\x16\xf4\xd9\x00\x00\x00\x00\x00eA\x9f\xc3\x11\x18\xe6\xc5\x95\x9e!^\x97\b\x14\xc5\xad\t\f\xdeg\x8d\x16wW\xf6\xacE\xa3\xc8\xe7\xec\xd6\xbd\x1c+\n\xc7Q( \xba\xff\x17N\x1fB\x91\x15\x83\xec(B4/#W\xc5\x05\x9d\xd6\x02\x8cU!a\xdc|6\xdc\xee$\xb5\x1deC\xfb\xa2\xaa\xe0#\xcb\xde;sA\xad\xa6\xb6P\xa3\xf7\xc3\x93\xd4\xb6\x95\x02\xd8*\xa8\xd2\x94\xa3\x89\xa9\xa0\xc5\xc9=\xa5^', &(0x7f00000000c0)='dE\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f00000007c0)='{)+}@@!}\x00', &(0x7f0000000600)='dU|\xcbM\xe6\x91q\xe0', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x2, &(0x7f0000000500)='\x01\x01\x00\x00cl8\xf8b\xed\x82\xae|\xc7\x00\xfe\x11M\\+\x10\x9eDU#UA\xd0~\vZ\x14\n=mZ[O\xa5\xe1\xe3&,\x13\xb8^\xe2\x95:\xdfot\xa9\x7fU<\x1f\x1c\xc9j\xa6\x84m,\xe4e\x01\xf7b\xfc\xa8\xab\xb6\xcd\xf5\x8a.|\xd3\xdc \xfd\xbf\xb27\vr\x8a\xb3\xb2lh\x06\xb8\xffo@\xfb\xceV\x97\xa1\x11\xf2\xe3h\x06\xec\xfem*\xe8:T\xda*\a\xc2B\x8c\x053v7dz\xb1\x1b}\x0e\xbd\b0\x19\xfd[),\x00\x00\x00\x005\xd8G\xfc\xedg\xe5\x92\x12\x17\xfe\xe8\xca]\xba\a\a\x06Y\xfc\x14`\x19u\x00#\xe6 -9e\x02\x84\xa5\x88\x16\xc8\x14A\xe0\x00'/195, &(0x7f0000000b40)="b2", 0x1)
close(r0)

59.893256703s ago: executing program 1 (id=6375):
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0xc2300, 0x0)
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a40)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, r1, {0x0, 0x6}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000800)=@newtfilter={0x54, 0x2c, 0xd27, 0x70bd25, 0x4, {0x0, 0x0, 0x0, r1, {0x4, 0x2}, {}, {0xa, 0xf}}, [@filter_kind_options=@f_basic={{0xa}, {0x24, 0x2, [@TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x14, 0x2, 0x0, 0x1, [@TCF_EM_CONTAINER={0x10, 0x1, 0x0, 0x0, {{0x81, 0x0, 0x1}, 'u'}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x9}}]}]}}]}, 0x54}}, 0x20040054)

58.76892313s ago: executing program 1 (id=6384):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
writev(r0, &(0x7f0000000500)=[{&(0x7f0000000040)="93d90400000304", 0x7}, {&(0x7f0000000180)="010400001bfa64", 0x5}], 0x2)

48.153287958s ago: executing program 5 (id=6420):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000100000850000007b00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x14, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000a00)='fib_table_lookup\x00', r0}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast})

46.955437303s ago: executing program 5 (id=6422):
syz_io_uring_setup(0x4ea0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, 0x0, &(0x7f0000001dc0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x2d)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x2c060000)
unshare(0x2c020400)

45.886580581s ago: executing program 5 (id=6427):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x815, 0x81, 0xffffffff})
clock_adjtime(0x0, 0x0)

45.709856809s ago: executing program 5 (id=6429):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065fffff53000000800395032303030"], 0x15)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r0, &(0x7f0000000300)=ANY=[], 0x15)
r1 = dup(r0)
write$P9_RLERRORu(r1, &(0x7f0000000540)=ANY=[@ANYBLOB="8b"], 0x53)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x44}}, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @ib_path={0x0}}, 0x20)
write$binfmt_elf64(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="7f454c4600073f034b0b00000000000003003e00ffffffe93501"], 0x7c8)
mount$9p_fd(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

45.664651617s ago: executing program 5 (id=6430):
socket$nl_netfilter(0x10, 0x3, 0xc)
pipe(&(0x7f0000000500))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180))
pipe(&(0x7f00000000c0))
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='memory.events\x00', 0x26e1, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)=ANY=[@ANYBLOB="4000000001010101000000000000000002001c0020000180060003400000", @ANYRES32=r0], 0x40}}, 0x0)

43.925140263s ago: executing program 5 (id=6431):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000057000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x34}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x18)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

42.564951606s ago: executing program 34 (id=6384):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
writev(r0, &(0x7f0000000500)=[{&(0x7f0000000040)="93d90400000304", 0x7}, {&(0x7f0000000180)="010400001bfa64", 0x5}], 0x2)

28.962235117s ago: executing program 6 (id=6482):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="02000000040000000700000002"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10)
openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)

28.854456551s ago: executing program 6 (id=6483):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01022dbd7000ffdbdf252100000009001f00706879310000000005002000000000000c0005"], 0x34}, 0x1, 0x0, 0x0, 0x24008800}, 0x0)

26.68835381s ago: executing program 6 (id=6487):
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000, 0xfffff6ea, 0x0, 0x0, 0x3})
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SCSI_IOCTL_GET_PCI(r0, 0x5393, &(0x7f0000000000))

26.57616304s ago: executing program 6 (id=6489):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/devices\x00', 0x0, 0x0)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = gettid()
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
sendmsg$unix(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000007c0)='>', 0x1}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r3, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32=r0, @ANYRES32=r2, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="e5ffff6e18"], 0xa0}, 0x4004881)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x160)
socket$netlink(0x10, 0x3, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000080)={@broadcast, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "dd690b", 0x44, 0x2f, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x8100}, {}, {}, {0x8, 0x88be, 0x81000000}, {}, {0x8, 0x6558, 0x1}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'bond0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x0)
bind$netlink(r6, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r6, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000002c0))
r7 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
writev(r7, &(0x7f0000000500)=[{&(0x7f0000000040)="93d90400000304", 0x7}, {&(0x7f0000000180)="010400001bfa64", 0x5}], 0x2)

21.140636771s ago: executing program 6 (id=6507):
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x9, 0x4, 0xdd, 0xa}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0x1fffffffffffffcd, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007200000095"], 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r0}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000340)=@bpf_lsm={0x18, 0x3, &(0x7f0000000000)=@framed, &(0x7f0000000100)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x40}, 0x94)

20.973807331s ago: executing program 6 (id=6508):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x609e495c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)

18.474983246s ago: executing program 3 (id=6521):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300), 0x200000, &(0x7f00000003c0)=ANY=[@ANYBLOB='nr_inodes'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

18.423548467s ago: executing program 3 (id=6522):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffffff0000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000280)={'wg2\x00'})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x14, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000a00)='fib_table_lookup\x00', r0}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast})

18.022237771s ago: executing program 3 (id=6523):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, 0x0, &(0x7f00000001c0))
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000802800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)

17.365740098s ago: executing program 3 (id=6525):
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x40000001, 0x34f}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000240)=0xffffffff, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

17.253206228s ago: executing program 3 (id=6526):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000f1ffff"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000280)={'wg2\x00'})
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="05000000040000000800000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000021b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x14, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000a00)='fib_table_lookup\x00', r0}, 0x18)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'wg2\x00', @multicast})

16.952897986s ago: executing program 0 (id=6529):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000006c0)={r1, 0x0, 0x83, 0x70, &(0x7f0000000300)="3a49adb3ef31c9a6a0cefab05cd63c4ba85e4cb55d59df6fb07262ae1a858d9f1a3d7663f9c09d8984e5053af1d6a5938058aa1654d54c924173232a33907f25effcd754d5c3855a0c9bdfcc0b9dcc2c6ed6102ad31f33c440a4221020330eff44b21a005bfc2d00e044f52ab22f13d7b1add92dcf6d3f8301bfca963661216c3d82f4", &(0x7f00000004c0)=""/112, 0x8, 0x0, 0xd6, 0x60, &(0x7f0000000540)="b7691a2f137708ab1ca7d8573385d64601e29a1da0a45dd3f88d7407a6b598d0f3602b6a88784c530a2a90a2e30c8c1324723eb5486d6e7842c54358ea9b348add2ee590c7b70c822fe9aec1b79ba0ab6f53978754a043b89071a05de471bbc8cab1a61c83bdbd8af7ab43e28ae2b53680d3f03628a637f45566b0395c2359b90b227b7f580bad6219016c69fc96b61bd8339264d3a2c3f59622b126a45cb7384ff67f5d2c959a5ba48808d7547ac52ba34c19ad17dfbb3b399bd4b9ee22b812bce2eac097da7840ec43bf363f11b1fe95338a4c1bde", &(0x7f0000000640)="c370165a4d12b533d9160cf5efa23123ae0162fe0461f3ba8174efd8b3d2ddb5a947406c513987c8cfb455e68f65f2f7f1e23b4747e12430269eab93389ffbbbc258ff181189bff4dd584b56ba3e592fcfdac17b1f30fa4bb8bf02648d1e4196", 0x7}, 0x50)

16.854662322s ago: executing program 0 (id=6530):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x503, 0x0, 0xfffffbfc, {}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x40}, 0x1, 0x0, 0x0, 0x800}, 0x4000)

16.852683819s ago: executing program 3 (id=6531):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/devices\x00', 0x0, 0x0)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = gettid()
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
sendmsg$unix(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000007c0)='>', 0x1}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r3, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32=r0, @ANYRES32=r2, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="e5ffff6e18"], 0xa0}, 0x4004881)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x160)
socket$netlink(0x10, 0x3, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000080)={@broadcast, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "dd690b", 0x44, 0x2f, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x8100}, {}, {}, {0x8, 0x88be, 0x81000000}, {}, {0x8, 0x6558, 0x1}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'bond0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
bind$netlink(r8, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r8, &(0x7f0000000600)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000700)=@newlink={0x84, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r9, 0x40881, 0x64088}, [@IFLA_LINKINFO={0x5c, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x4c, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e22}, @IFLA_GRE_ERSPAN_DIR={0x5, 0x17, 0x1}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x1}, @IFLA_GRE_ERSPAN_INDEX={0x8, 0x15, 0xd1b7d}, @IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e21}, @IFLA_GRE_ERSPAN_INDEX={0x8, 0x15, 0xf48dd}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e20}, @IFLA_GRE_TTL={0x5, 0x8, 0x6}, @IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x2}]}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x84}, 0x1, 0x0, 0x0, 0x20040040}, 0x800)
socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000002c0))
r10 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
writev(r10, &(0x7f0000000500)=[{&(0x7f0000000040)="93d90400000304", 0x7}, {&(0x7f0000000180)="010400001bfa64", 0x5}], 0x2)

16.64444262s ago: executing program 0 (id=6532):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00'}, 0x10)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0xfffffffffffffe8b, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$packet(0x11, 0xa, 0x300)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="219a53f271a76d2608004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000580)='kmem_cache_free\x00', r2}, 0x10)

15.807628551s ago: executing program 0 (id=6533):
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'macvtap0\x00', <r2=>0x0})
setsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000280)={@remote, r2}, 0x14)
dup2(0xffffffffffffffff, r1)

15.649126244s ago: executing program 0 (id=6534):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="580000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="46060900000000802800128009000100766c616e00000000180002800c0002001f0000001f000000060001000100000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r5], 0x58}, 0x1, 0x0, 0x0, 0x600}, 0x0)

15.442323425s ago: executing program 0 (id=6535):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x800000, 0x0)
close(r1)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0x1, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x8080)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r6)
r7 = socket$unix(0x1, 0x5, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000001c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r9, {}, {0x2, 0xb}, {0x9, 0x4}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x7, 0xd569, 0x0, 0x4, 0xb}, 0x80000001, 0x1, 0x3, 0x3, 0x8e, 0x5, 0x1, 0x11, 0x0, 0x4, {0x7, 0xf, 0x361f, 0x5, 0x6, 0xd}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x2000c0e9}, 0x4008000)
ioctl$SIOCSIFHWADDR(r6, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

5.533995953s ago: executing program 35 (id=6508):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000a999850000000400000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x609e495c}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000400)='kfree\x00', r0}, 0x18)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)

1.034350763s ago: executing program 36 (id=6531):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/bus/input/devices\x00', 0x0, 0x0)
rseq(&(0x7f0000000400), 0x20, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002d40)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = gettid()
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000003c0)=ANY=[@ANYBLOB="18010000008000000000000000000004850000006d00000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r4}, 0x10)
sendmsg$unix(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000007c0)='>', 0x1}], 0x1, &(0x7f0000001040)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r3, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000030000000000000000100000001000000", @ANYRES32=r2, @ANYRES32=r1, @ANYRES32=r1, @ANYRES32=r2, @ANYRES32=r2, @ANYRES32=r0, @ANYRES32=r2, @ANYBLOB="1c000000000000000100000402000000", @ANYRES32, @ANYRES32=0xee01, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r1, @ANYBLOB="e5ffff6e18"], 0xa0}, 0x4004881)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x160)
socket$netlink(0x10, 0x3, 0x0)
syz_emit_ethernet(0x7a, &(0x7f0000000080)={@broadcast, @empty, @void, {@ipv6={0x86dd, @gre_packet={0x0, 0x6, "dd690b", 0x44, 0x2f, 0x0, @private0, @mcast2, {[], {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x1, 0x8100}, {}, {}, {0x8, 0x88be, 0x81000000}, {}, {0x8, 0x6558, 0x1}}}}}}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000300)={'bond0\x00', <r6=>0x0})
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
bind$netlink(r8, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfd, 0x400}, 0xc)
getsockname$packet(r8, &(0x7f0000000600)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r7, &(0x7f00000006c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000700)=@newlink={0x84, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, r9, 0x40881, 0x64088}, [@IFLA_LINKINFO={0x5c, 0x12, 0x0, 0x1, @erspan={{0xb}, {0x4c, 0x2, 0x0, 0x1, [@IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e22}, @IFLA_GRE_ERSPAN_DIR={0x5, 0x17, 0x1}, @IFLA_GRE_ERSPAN_VER={0x5, 0x16, 0x1}, @IFLA_GRE_ERSPAN_INDEX={0x8, 0x15, 0xd1b7d}, @IFLA_GRE_ENCAP_DPORT={0x6, 0x11, 0x4e21}, @IFLA_GRE_ERSPAN_INDEX={0x8, 0x15, 0xf48dd}, @IFLA_GRE_ENCAP_SPORT={0x6, 0x10, 0x4e20}, @IFLA_GRE_TTL={0x5, 0x8, 0x6}, @IFLA_GRE_ENCAP_TYPE={0x6, 0xe, 0x2}]}}}, @IFLA_MASTER={0x8, 0xa, r6}]}, 0x84}, 0x1, 0x0, 0x0, 0x20040040}, 0x800)
socket$nl_route(0x10, 0x3, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000002c0))
r10 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x2642, 0x0)
writev(r10, &(0x7f0000000500)=[{&(0x7f0000000040)="93d90400000304", 0x7}, {&(0x7f0000000180)="010400001bfa64", 0x5}], 0x2)

0s ago: executing program 37 (id=6535):
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x800000, 0x0)
close(r1)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0x1, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x8080)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r6)
r7 = socket$unix(0x1, 0x5, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000740)={&(0x7f00000001c0)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r9, {}, {0x2, 0xb}, {0x9, 0x4}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x7, 0xd569, 0x0, 0x4, 0xb}, 0x80000001, 0x1, 0x3, 0x3, 0x8e, 0x5, 0x1, 0x11, 0x0, 0x4, {0x7, 0xf, 0x361f, 0x5, 0x6, 0xd}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x2000c0e9}, 0x4008000)
ioctl$SIOCSIFHWADDR(r6, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

kernel console output (not intermixed with test programs):

oot/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1235.390415][   T38] audit: type=1326 audit(2000000306.290:3766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20593 comm="syz.5.4954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1235.406602][T20586] lo speed is unknown, defaulting to 1000
[ 1235.476473][   T38] audit: type=1326 audit(2000000306.380:3767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20593 comm="syz.5.4954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1235.476910][   T38] audit: type=1326 audit(2000000306.380:3768): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20593 comm="syz.5.4954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1235.525849][   T38] audit: type=1326 audit(2000000306.380:3769): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20593 comm="syz.5.4954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1235.525925][   T38] audit: type=1326 audit(2000000306.390:3770): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20593 comm="syz.5.4954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1235.525975][   T38] audit: type=1326 audit(2000000306.390:3771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20593 comm="syz.5.4954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=86 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1235.526025][   T38] audit: type=1326 audit(2000000306.390:3772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20593 comm="syz.5.4954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1235.526076][   T38] audit: type=1326 audit(2000000306.390:3773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20593 comm="syz.5.4954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1237.737106][T20659] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[ 1237.737135][T20659] bond0: (slave lo): Error: Device can not be enslaved while up
[ 1238.397078][T20672] netlink: 224 bytes leftover after parsing attributes in process `syz.3.4989'.
[ 1238.397102][T20672] ksmbd: Unknown IPC event: 4, ignore.
[ 1238.772546][T20682] netlink: 40 bytes leftover after parsing attributes in process `syz.6.4995'.
[ 1238.880379][T20687] lo speed is unknown, defaulting to 1000
[ 1239.421467][T20704] siw: device registration error -23
[ 1240.177918][T20715] 9pnet_fd: Insufficient options for proto=fd
[ 1241.646831][T20745] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5017'.
[ 1241.748936][T20751] siw: device registration error -23
[ 1242.252024][   T38] kauditd_printk_skb: 11 callbacks suppressed
[ 1242.252045][   T38] audit: type=1326 audit(2000000313.150:3785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20749 comm="syz.6.5018" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x0
[ 1243.218945][T20764] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5023'.
[ 1243.581437][   T38] audit: type=1326 audit(2000000314.480:3786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20765 comm="syz.5.5026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1243.603068][   T38] audit: type=1326 audit(2000000314.510:3787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20765 comm="syz.5.5026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1243.603334][   T38] audit: type=1326 audit(2000000314.510:3788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20765 comm="syz.5.5026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1243.604032][   T38] audit: type=1326 audit(2000000314.510:3789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20765 comm="syz.5.5026" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1244.035604][T20772] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5027'.
[ 1244.095426][T20775] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5029'.
[ 1244.143191][T20776] netlink: 'syz.5.5027': attribute type 4 has an invalid length.
[ 1244.143216][T20776] netlink: 152 bytes leftover after parsing attributes in process `syz.5.5027'.
[ 1244.151165][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 1245.339913][T20782] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1245.802318][T20806] netlink: 176 bytes leftover after parsing attributes in process `syz.1.5041'.
[ 1245.805022][   T38] audit: type=1107 audit(2000000316.700:3790): pid=20796 uid=0 auid=4294967295 ses=4294967295 subj=_ msg=''
[ 1245.928681][T20782] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1246.347296][T20782] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1246.474374][T20810] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5044'.
[ 1246.776862][T20782] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1247.054731][T20823] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5047'.
[ 1247.401804][T11304] netdevsim netdevsim6 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1247.507883][T20833] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5052'.
[ 1247.543824][ T9036] netdevsim netdevsim6 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1247.669295][ T3531] netdevsim netdevsim6 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1247.726143][T11304] netdevsim netdevsim6 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1247.911741][   T38] audit: type=1326 audit(2000000318.810:3791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20839 comm="syz.1.5056" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0ae61deec9 code=0x0
[ 1248.570316][T20866] siw: device registration error -23
[ 1249.082165][T20869] netlink: 176 bytes leftover after parsing attributes in process `syz.0.5067'.
[ 1249.638725][   T38] audit: type=1326 audit(2000000320.540:3792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20876 comm="syz.3.5071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1249.639245][   T38] audit: type=1326 audit(2000000320.540:3793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20876 comm="syz.3.5071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1249.639575][   T38] audit: type=1326 audit(2000000320.540:3794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20876 comm="syz.3.5071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1249.640170][   T38] audit: type=1326 audit(2000000320.540:3795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20876 comm="syz.3.5071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1249.641471][   T38] audit: type=1326 audit(2000000320.540:3796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20876 comm="syz.3.5071" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1250.323469][T20887] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[ 1250.861473][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1250.888240][T20899] lo speed is unknown, defaulting to 1000
[ 1251.957520][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1252.353203][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1252.389476][   T38] audit: type=1326 audit(2000000323.290:3797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20930 comm="syz.1.5094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ae61deec9 code=0x7ffc0000
[ 1252.390011][   T38] audit: type=1326 audit(2000000323.290:3798): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20930 comm="syz.1.5094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f0ae61deec9 code=0x7ffc0000
[ 1252.391134][   T38] audit: type=1326 audit(2000000323.290:3799): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20930 comm="syz.1.5094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ae61deec9 code=0x7ffc0000
[ 1252.463844][   T38] audit: type=1326 audit(2000000323.290:3800): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20930 comm="syz.1.5094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0ae61deec9 code=0x7ffc0000
[ 1252.831581][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1252.927195][   T38] kauditd_printk_skb: 9 callbacks suppressed
[ 1252.927215][   T38] audit: type=1326 audit(2000000323.830:3810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20939 comm="syz.6.5097" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x0
[ 1253.001193][   T38] audit: type=1326 audit(2000000323.900:3811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20946 comm="syz.3.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1253.001339][   T38] audit: type=1326 audit(2000000323.900:3812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20946 comm="syz.3.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1253.011411][   T38] audit: type=1326 audit(2000000323.910:3813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20946 comm="syz.3.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1253.022389][   T38] audit: type=1326 audit(2000000323.920:3814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20946 comm="syz.3.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1253.032594][   T38] audit: type=1326 audit(2000000323.930:3815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20946 comm="syz.3.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1253.047112][   T38] audit: type=1326 audit(2000000323.950:3816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20946 comm="syz.3.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1253.067177][   T38] audit: type=1326 audit(2000000323.970:3817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20946 comm="syz.3.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1253.087611][   T38] audit: type=1326 audit(2000000323.990:3818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20946 comm="syz.3.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1253.127512][   T38] audit: type=1326 audit(2000000324.030:3819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=20946 comm="syz.3.5101" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1254.068965][T20983] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5117'.
[ 1255.463247][T21016] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5131'.
[ 1255.626881][T21021] netlink: 'syz.6.5133': attribute type 13 has an invalid length.
[ 1255.626908][T21021] netlink: 'syz.6.5133': attribute type 17 has an invalid length.
[ 1256.232179][T21021] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1257.028264][T21060] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5147'.
[ 1257.365964][T21074] 9pnet_fd: Insufficient options for proto=fd
[ 1257.752480][T21088] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5161'.
[ 1258.098147][T21094] netlink: 176 bytes leftover after parsing attributes in process `syz.5.5165'.
[ 1258.922377][T21108] sctp: [Deprecated]: syz.5.5171 (pid 21108) Use of int in max_burst socket option deprecated.
[ 1258.922377][T21108] Use struct sctp_assoc_value instead
[ 1260.723269][T21129] netlink: 'syz.1.5179': attribute type 12 has an invalid length.
[ 1260.845084][   T38] kauditd_printk_skb: 58 callbacks suppressed
[ 1260.845113][   T38] audit: type=1326 audit(2000000331.750:3878): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21124 comm="syz.6.5178" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x0
[ 1261.142337][T21133] 9pnet_fd: Insufficient options for proto=fd
[ 1261.299739][T21137] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5182'.
[ 1262.856177][T21147] lo speed is unknown, defaulting to 1000
[ 1263.052682][T21146] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5185'.
[ 1264.823248][T12622] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1264.828675][T12622] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1264.831352][T12622] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1264.858901][T12622] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1264.871215][T12622] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1264.957940][T21172] lo speed is unknown, defaulting to 1000
[ 1265.777490][T21197] netdevsim netdevsim5: loading /lib/firmware/. failed with error -22
[ 1265.777537][T21197] netdevsim netdevsim5: Direct firmware load for . failed with error -22
[ 1265.777560][T21197] netdevsim netdevsim5: Falling back to sysfs fallback for: .
[ 1265.854532][   T38] audit: type=1326 audit(2000000336.760:3879): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21194 comm="syz.6.5204" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x0
[ 1265.861777][T21172] chnl_net:caif_netlink_parms(): no params data found
[ 1266.443712][T21203] siw: device registration error -23
[ 1266.956393][ T5117] Bluetooth: hci3: command tx timeout
[ 1267.318176][   T38] audit: type=1326 audit(2000000338.220:3880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21211 comm="syz.6.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1267.369565][   T38] audit: type=1326 audit(2000000338.230:3881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21211 comm="syz.6.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1267.369625][   T38] audit: type=1326 audit(2000000338.230:3882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21211 comm="syz.6.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1267.369677][   T38] audit: type=1326 audit(2000000338.230:3883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21211 comm="syz.6.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1267.369727][   T38] audit: type=1326 audit(2000000338.230:3884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21211 comm="syz.6.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1267.369778][   T38] audit: type=1326 audit(2000000338.240:3885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21211 comm="syz.6.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1267.369827][   T38] audit: type=1326 audit(2000000338.240:3886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21211 comm="syz.6.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1267.369877][   T38] audit: type=1326 audit(2000000338.240:3887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21211 comm="syz.6.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f8e84ab5d67 code=0x7ffc0000
[ 1267.369926][   T38] audit: type=1326 audit(2000000338.240:3888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21211 comm="syz.6.5209" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8e84a5af79 code=0x7ffc0000
[ 1268.448219][T21224] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5213'.
[ 1268.542964][T21223] lo speed is unknown, defaulting to 1000
[ 1268.645351][T21172] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1268.645617][T21172] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1268.672112][T21172] bridge_slave_0: entered allmulticast mode
[ 1268.676279][T21172] bridge_slave_0: entered promiscuous mode
[ 1268.767388][T21172] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1268.768460][T21172] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1268.768708][T21172] bridge_slave_1: entered allmulticast mode
[ 1268.771658][T21172] bridge_slave_1: entered promiscuous mode
[ 1269.015450][ T5117] Bluetooth: hci3: command tx timeout
[ 1269.106399][T21172] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1269.111004][T21172] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1269.539300][T21241] random: crng reseeded on system resumption
[ 1269.591420][T21172] team0: Port device team_slave_0 added
[ 1269.745589][T21172] team0: Port device team_slave_1 added
[ 1270.105205][T21080] Set syz1 is full, maxelem 65536 reached
[ 1270.173762][T21172] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1270.173782][T21172] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1270.173812][T21172] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1270.176499][T21172] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1270.176523][T21172] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1270.176554][T21172] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1270.470110][T21259] netlink: 'syz.6.5229': attribute type 1 has an invalid length.
[ 1270.525573][T21262] netlink: 12 bytes leftover after parsing attributes in process `syz.6.5229'.
[ 1270.585891][T21259] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1271.092055][ T5117] Bluetooth: hci3: command tx timeout
[ 1271.506574][T21280] netlink: 160 bytes leftover after parsing attributes in process `syz.3.5237'.
[ 1271.506594][T21280] netlink: 160 bytes leftover after parsing attributes in process `syz.3.5237'.
[ 1271.685293][T21262] bond1 (unregistering): Released all slaves
[ 1271.745429][T21172] hsr_slave_0: entered promiscuous mode
[ 1271.747177][T21172] hsr_slave_1: entered promiscuous mode
[ 1271.748226][T21172] debugfs: 'hsr0' already exists in 'hsr'
[ 1271.748254][T21172] Cannot create hsr debugfs directory
[ 1272.338012][T21301] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5246'.
[ 1273.129676][T21324] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5253'.
[ 1273.213155][T21327] netlink: 'syz.1.5253': attribute type 4 has an invalid length.
[ 1273.213178][T21327] netlink: 152 bytes leftover after parsing attributes in process `syz.1.5253'.
[ 1273.213295][ T5117] Bluetooth: hci3: command tx timeout
[ 1273.325849][T21329] siw: device registration error -23
[ 1274.442761][T21172] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1274.880054][   T38] kauditd_printk_skb: 5 callbacks suppressed
[ 1274.880075][   T38] audit: type=1326 audit(2000000345.780:3894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21362 comm="syz.1.5266" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0ae61deec9 code=0x0
[ 1275.233620][T21370] netlink: 'syz.6.5271': attribute type 13 has an invalid length.
[ 1275.233645][T21370] netlink: 'syz.6.5271': attribute type 17 has an invalid length.
[ 1275.329661][T21375] siw: device registration error -23
[ 1275.525455][T21172] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1275.655739][T21370] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1276.029382][   T38] audit: type=1326 audit(2000000346.930:3895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21382 comm="syz.3.5276" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x0
[ 1276.048676][T21172] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1276.324369][T21398] siw: device registration error -23
[ 1276.504764][T21172] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1276.537802][   T38] audit: type=1326 audit(2000000347.440:3896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21401 comm="syz.3.5284" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x0
[ 1277.532810][   T38] audit: type=1326 audit(2000000347.910:3897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21407 comm="syz.5.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1277.533415][   T38] audit: type=1326 audit(2000000347.910:3898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21407 comm="syz.5.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1277.533748][   T38] audit: type=1326 audit(2000000347.930:3899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21407 comm="syz.5.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1277.534048][   T38] audit: type=1326 audit(2000000347.930:3900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21407 comm="syz.5.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1277.534506][   T38] audit: type=1326 audit(2000000347.930:3901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21407 comm="syz.5.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1277.534838][   T38] audit: type=1326 audit(2000000347.940:3902): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21407 comm="syz.5.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1277.535161][   T38] audit: type=1326 audit(2000000347.950:3903): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21407 comm="syz.5.5286" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1280.747189][T21420] netlink: 'syz.3.5289': attribute type 13 has an invalid length.
[ 1280.747361][T21420] netlink: 'syz.3.5289': attribute type 17 has an invalid length.
[ 1280.773899][T21422] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5290'.
[ 1281.106535][T21420] 8021q: adding VLAN 0 to HW filter on device .`
[ 1281.127700][T21420] batman_adv: batadv0: Interface activated: dummy0
[ 1281.127723][T21420] batadv0: mtu less than device minimum
[ 1281.145925][T21420] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1281.165254][T21420] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1281.171006][T21420] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1281.183966][T21420] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1281.206019][T21420] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1281.217868][T21420] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1281.228368][T21420] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1281.239580][T21420] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1281.260707][T21420] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (0)
[ 1281.679364][T21439] netlink: 'syz.3.5297': attribute type 13 has an invalid length.
[ 1281.679389][T21439] netlink: 'syz.3.5297': attribute type 17 has an invalid length.
[ 1282.323098][T21458] netlink: 'syz.1.5305': attribute type 13 has an invalid length.
[ 1282.394562][T21459] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5306'.
[ 1282.463206][T21458] gretap0: refused to change device tx_queue_len
[ 1282.654711][   T38] kauditd_printk_skb: 37 callbacks suppressed
[ 1282.654731][   T38] audit: type=1326 audit(2000000353.560:3941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21467 comm="syz.6.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1282.654877][   T38] audit: type=1326 audit(2000000353.560:3942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21467 comm="syz.6.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1282.655214][   T38] audit: type=1326 audit(2000000353.560:3943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21467 comm="syz.6.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=459 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1282.655393][   T38] audit: type=1326 audit(2000000353.560:3944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21467 comm="syz.6.5310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1283.373447][T21172] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1283.423927][T21172] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1283.489513][T21172] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1283.544501][T21172] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1283.606151][   T38] audit: type=1326 audit(2000000354.510:3945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21501 comm="syz.5.5324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1283.606278][   T38] audit: type=1326 audit(2000000354.510:3946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21501 comm="syz.5.5324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1283.606538][   T38] audit: type=1326 audit(2000000354.510:3947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21501 comm="syz.5.5324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1283.606843][   T38] audit: type=1326 audit(2000000354.510:3948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21501 comm="syz.5.5324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1283.607171][   T38] audit: type=1326 audit(2000000354.510:3949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21501 comm="syz.5.5324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1283.607398][   T38] audit: type=1326 audit(2000000354.510:3950): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21501 comm="syz.5.5324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1283.899755][T21509] netlink: 28 bytes leftover after parsing attributes in process `syz.5.5328'.
[ 1284.295164][T21524] netlink: 16402 bytes leftover after parsing attributes in process `syz.5.5331'.
[ 1284.591072][T21172] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1284.680726][T21172] 8021q: adding VLAN 0 to HW filter on device team0
[ 1284.704556][   T37] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1284.704939][   T37] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1284.716626][   T37] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1284.716852][   T37] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1284.844625][T21542] netlink: 28 bytes leftover after parsing attributes in process `syz.3.5338'.
[ 1285.151110][T21557] loop2: detected capacity change from 0 to 7
[ 1285.160079][T21557] Dev loop2: unable to read RDB block 7
[ 1285.160127][T21557]  loop2: AHDI p1 p2 p3
[ 1285.160162][T21557] loop2: partition table partially beyond EOD, truncated
[ 1285.160459][T21557] loop2: p1 start 1818582900 is beyond EOD, truncated
[ 1285.160480][T21557] loop2: p3 start 335544320 is beyond EOD, truncated
[ 1285.737576][T21172] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1285.905780][T21172] veth0_vlan: entered promiscuous mode
[ 1285.966098][T21172] veth1_vlan: entered promiscuous mode
[ 1286.065277][T21584] siw: device registration error -23
[ 1286.080016][T21585] netlink: 'syz.1.5357': attribute type 12 has an invalid length.
[ 1286.124038][T21172] veth0_macvtap: entered promiscuous mode
[ 1286.146768][T21172] veth1_macvtap: entered promiscuous mode
[ 1286.183465][T21581] netlink: 12 bytes leftover after parsing attributes in process `syz.3.5355'.
[ 1286.207625][T21172] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1286.238387][T21172] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1286.257006][T11304] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1286.264825][T11304] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1286.286339][ T6115] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1286.289618][ T6115] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1286.758271][T11304] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1286.758295][T11304] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1286.883593][T21598] lo speed is unknown, defaulting to 1000
[ 1286.959960][ T3531] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1286.959983][ T3531] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1287.724766][T21615] ÿÿÿÿÿÿ: renamed from vlan1 (while UP)
[ 1288.426620][T21649] lo speed is unknown, defaulting to 1000
[ 1288.640330][   T38] kauditd_printk_skb: 46 callbacks suppressed
[ 1288.640351][   T38] audit: type=1326 audit(2000000359.540:3997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21650 comm="syz.0.5385" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x0
[ 1288.812166][   T38] audit: type=1326 audit(2000000359.710:3998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21662 comm="syz.1.5390" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0ae61deec9 code=0x0
[ 1289.091988][   T38] audit: type=1326 audit(2000000359.990:3999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21669 comm="syz.6.5393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1289.092108][   T38] audit: type=1326 audit(2000000359.990:4000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21669 comm="syz.6.5393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1289.092217][   T38] audit: type=1326 audit(2000000359.990:4001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21669 comm="syz.6.5393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=270 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1289.092320][   T38] audit: type=1326 audit(2000000359.990:4002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21669 comm="syz.6.5393" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1290.115086][   T38] audit: type=1326 audit(2000000361.020:4003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21695 comm="syz.1.5403" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0ae61deec9 code=0x0
[ 1290.307840][   T38] audit: type=1326 audit(2000000361.200:4004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21702 comm="syz.0.5405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1290.310172][   T38] audit: type=1326 audit(2000000361.210:4005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21702 comm="syz.0.5405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1290.311171][   T38] audit: type=1326 audit(2000000361.210:4007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21702 comm="syz.0.5405" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1290.469113][T21705] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5406'.
[ 1291.027507][T21713] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5409'.
[ 1291.467729][T21721] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[ 1291.467762][T21721] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1291.467876][T21721] vhci_hcd vhci_hcd.0: Device attached
[ 1291.652101][ T6013] vhci_hcd: vhci_device speed not set
[ 1291.700741][T21731] netlink: 'syz.0.5414': attribute type 1 has an invalid length.
[ 1291.712102][ T6013] usb 35-1: new full-speed USB device number 3 using vhci_hcd
[ 1291.975997][T21696] syz.3.5402: vmalloc error: size 2101248, failed to allocated page array size 4104, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[ 1291.976483][T21696] CPU: 0 UID: 0 PID: 21696 Comm: syz.3.5402 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1291.976510][T21696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1291.976526][T21696] Call Trace:
[ 1291.976535][T21696]  <TASK>
[ 1291.976556][T21696]  dump_stack_lvl+0x189/0x250
[ 1291.976592][T21696]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1291.976619][T21696]  ? __pfx__printk+0x10/0x10
[ 1291.976647][T21696]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1291.976675][T21696]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[ 1291.976705][T21696]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[ 1291.976735][T21696]  warn_alloc+0x22e/0x3b0
[ 1291.976778][T21696]  ? __pfx_warn_alloc+0x10/0x10
[ 1291.976820][T21696]  ? __get_vm_area_node+0x2bc/0x350
[ 1291.976850][T21696]  ? hash_netiface_create+0x354/0xf90
[ 1291.976884][T21696]  __vmalloc_node_range_noprof+0x690/0x12d0
[ 1291.976916][T21696]  ? alloc_vmap_area+0xda0/0x14c0
[ 1291.976966][T21696]  ? __kasan_kmalloc+0x93/0xb0
[ 1291.977000][T21696]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1291.977029][T21696]  ? hash_netiface_create+0x354/0xf90
[ 1291.977061][T21696]  ? __get_vm_area_node+0x2bc/0x350
[ 1291.977090][T21696]  ? hash_netiface_create+0x354/0xf90
[ 1291.977120][T21696]  __vmalloc_node_range_noprof+0x578/0x12d0
[ 1291.977151][T21696]  ? hash_netiface_create+0x354/0xf90
[ 1291.977180][T21696]  ? __alloc_frozen_pages_noprof+0x9f/0x370
[ 1291.977244][T21696]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[ 1291.977280][T21696]  ? rcu_is_watching+0x15/0xb0
[ 1291.977321][T21696]  __kvmalloc_node_noprof+0x4a3/0x920
[ 1291.977365][T21696]  ? hash_netiface_create+0x354/0xf90
[ 1291.977390][T21696]  ? __kmalloc_cache_noprof+0x1ef/0x6c0
[ 1291.977417][T21696]  ? hash_netiface_create+0x354/0xf90
[ 1291.977453][T21696]  hash_netiface_create+0x354/0xf90
[ 1291.977490][T21696]  ? __nla_parse+0x40/0x60
[ 1291.977515][T21696]  ? __pfx_hash_netiface_create+0x10/0x10
[ 1291.977552][T21696]  ip_set_create+0xa9c/0x1940
[ 1291.977582][T21696]  ? ip_set_create+0x4a7/0x1940
[ 1291.977623][T21696]  ? __pfx_ip_set_create+0x10/0x10
[ 1291.977693][T21696]  nfnetlink_rcv_msg+0xb66/0x1150
[ 1291.977728][T21696]  ? nfnetlink_rcv_msg+0x212/0x1150
[ 1291.977781][T21696]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1291.977812][T21696]  ? kasan_save_track+0x4f/0x80
[ 1291.977882][T21696]  ? __local_bh_enable+0x27b/0x410
[ 1291.977918][T21696]  netlink_rcv_skb+0x208/0x470
[ 1291.977943][T21696]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1291.977978][T21696]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1291.978015][T21696]  ? bpf_lsm_capable+0x9/0x20
[ 1291.978038][T21696]  ? security_capable+0x7e/0x2e0
[ 1291.978072][T21696]  nfnetlink_rcv+0x282/0x2590
[ 1291.978112][T21696]  ? __dev_queue_xmit+0x1d3d/0x3b70
[ 1291.978152][T21696]  ? __dev_queue_xmit+0x26f/0x3b70
[ 1291.978197][T21696]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1291.978230][T21696]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1291.978275][T21696]  ? ref_tracker_free+0x61e/0x7c0
[ 1291.978328][T21696]  ? __asan_memcpy+0x40/0x70
[ 1291.978352][T21696]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1291.978394][T21696]  ? skb_clone+0x246/0x3a0
[ 1291.978426][T21696]  ? __netlink_deliver_tap+0x807/0x850
[ 1291.978449][T21696]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1291.978481][T21696]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1291.978514][T21696]  netlink_unicast+0x846/0xa10
[ 1291.978563][T21696]  ? __pfx_netlink_unicast+0x10/0x10
[ 1291.978600][T21696]  ? netlink_sendmsg+0x642/0xb30
[ 1291.978622][T21696]  ? skb_put+0x11b/0x210
[ 1291.978650][T21696]  netlink_sendmsg+0x805/0xb30
[ 1291.978685][T21696]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1291.978718][T21696]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1291.978749][T21696]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1291.978775][T21696]  __sock_sendmsg+0x21c/0x270
[ 1291.978811][T21696]  ____sys_sendmsg+0x508/0x820
[ 1291.978844][T21696]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1291.978883][T21696]  ? import_iovec+0x74/0xa0
[ 1291.978915][T21696]  ___sys_sendmsg+0x21f/0x2a0
[ 1291.978945][T21696]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1291.979013][T21696]  ? __fget_files+0x2a/0x420
[ 1291.979042][T21696]  ? __fget_files+0x3a6/0x420
[ 1291.979084][T21696]  __x64_sys_sendmsg+0x1a1/0x260
[ 1291.979114][T21696]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1291.979161][T21696]  ? do_syscall_64+0xbe/0xfa0
[ 1291.979191][T21696]  do_syscall_64+0xfa/0xfa0
[ 1291.979213][T21696]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1291.979237][T21696]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1291.979260][T21696]  ? clear_bhb_loop+0x60/0xb0
[ 1291.979287][T21696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1291.979313][T21696] RIP: 0033:0x7f001ef2eec9
[ 1291.979333][T21696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1291.979352][T21696] RSP: 002b:00007f001d18e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1291.979375][T21696] RAX: ffffffffffffffda RBX: 00007f001f185fa0 RCX: 00007f001ef2eec9
[ 1291.979392][T21696] RDX: 0000000000000800 RSI: 0000200000000040 RDI: 0000000000000003
[ 1291.979406][T21696] RBP: 00007f001efb1f91 R08: 0000000000000000 R09: 0000000000000000
[ 1291.979420][T21696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1291.979434][T21696] R13: 00007f001f186038 R14: 00007f001f185fa0 R15: 00007ffe375a00d8
[ 1291.979470][T21696]  </TASK>
[ 1291.979630][T21696] Mem-Info:
[ 1291.979642][T21696] active_anon:269 inactive_anon:7196 isolated_anon:0
[ 1291.979642][T21696]  active_file:17087 inactive_file:44769 isolated_file:0
[ 1291.979642][T21696]  unevictable:768 dirty:220 writeback:0
[ 1291.979642][T21696]  slab_reclaimable:12681 slab_unreclaimable:139907
[ 1291.979642][T21696]  mapped:30479 shmem:2406 pagetables:1648
[ 1291.979642][T21696]  sec_pagetables:0 bounce:0
[ 1291.979642][T21696]  kernel_misc_reclaimable:0
[ 1291.979642][T21696]  free:1243094 free_pcp:1207 free_cma:0
[ 1291.979709][T21696] Node 0 active_anon:1076kB inactive_anon:28784kB active_file:68128kB inactive_file:179076kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:121896kB dirty:876kB writeback:0kB shmem:8088kB kernel_stack:13920kB pagetables:6436kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1291.979760][T21696] Node 1 active_anon:0kB inactive_anon:0kB active_file:220kB inactive_file:0kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:20kB dirty:4kB writeback:0kB shmem:1536kB kernel_stack:48kB pagetables:156kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[ 1291.979810][T21696] Node 0 DMA free:15344kB boost:0kB min:20kB low:32kB high:44kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB
[ 1291.979876][T21696] lowmem_reserve[]: 0 2514 2515 2515 2515
[ 1291.979916][T21696] Node 0 DMA32 free:1049712kB boost:0kB min:3940kB low:6484kB high:9028kB reserved_highatomic:0KB free_highatomic:0KB active_anon:1076kB inactive_anon:28784kB active_file:68128kB inactive_file:179076kB unevictable:1536kB writepending:876kB zspages:0kB present:3129332kB managed:2574656kB mlocked:0kB bounce:0kB free_pcp:4816kB local_pcp:3716kB free_cma:0kB
[ 1291.979988][T21696] lowmem_reserve[]: 0 0 1 1 1
[ 1291.980025][T21696] Node 0 Normal free:0kB boost:0kB min:0kB low:0kB high:0kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1291.980089][T21696] lowmem_reserve[]: 0 0 0 0 0
[ 1291.980127][T21696] Node 1 Normal free:3907320kB boost:0kB min:6360kB low:10468kB high:14576kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:220kB inactive_file:0kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[ 1291.980195][T21696] lowmem_reserve[]: 0 0 0 0 0
[ 1291.980233][T21696] Node 0 DMA: 0*4kB 0*8kB 1*16kB (U) 1*32kB (U) 1*64kB (U) 1*128kB (U) 1*256kB (U) 1*512kB (U) 0*1024kB 1*2048kB (M) 3*4096kB (M) = 15344kB
[ 1291.980396][T21696] Node 0 DMA32: 868*4kB (ME) 900*8kB (ME) 424*16kB (UME) 207*32kB (ME) 148*64kB (UME) 486*128kB (UME) 428*256kB (UM) 259*512kB (UME) 111*1024kB (UME) 10*2048kB (UM) 141*4096kB (UM) = 1049616kB
[ 1291.980578][T21696] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[ 1291.980689][T21696] Node 1 Normal: 232*4kB (UE) 67*8kB (UME) 30*16kB (UE) 215*32kB (UME) 96*64kB (UME) 37*128kB (UME) 12*256kB (UM) 9*512kB (UME) 3*1024kB (UM) 3*2048kB (ME) 945*4096kB (M) = 3907320kB
[ 1291.980866][T21696] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1291.980887][T21696] Node 0 hugepages_total=4 hugepages_free=4 hugepages_surp=0 hugepages_size=2048kB
[ 1291.980907][T21696] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[ 1291.980926][T21696] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[ 1291.980945][T21696] 64258 total pagecache pages
[ 1291.980959][T21696] 0 pages in swap cache
[ 1291.980968][T21696] Free swap  = 124996kB
[ 1291.980978][T21696] Total swap = 124996kB
[ 1291.980987][T21696] 2097051 pages RAM
[ 1291.980996][T21696] 0 pages HighMem/MovableOnly
[ 1291.981005][T21696] 421425 pages reserved
[ 1291.981013][T21696] 0 pages cma reserved
[ 1292.413641][T21723] vhci_hcd: connection reset by peer
[ 1292.414149][ T3478] vhci_hcd: stop threads
[ 1292.414172][ T3478] vhci_hcd: release socket
[ 1292.419132][ T3478] vhci_hcd: disconnect device
[ 1292.516194][T21736] netlink: 'syz.5.5418': attribute type 16 has an invalid length.
[ 1292.524290][T21736] netlink: 'syz.5.5418': attribute type 16 has an invalid length.
[ 1293.074632][T21746] netlink: 176 bytes leftover after parsing attributes in process `syz.0.5417'.
[ 1293.391064][T21753] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5422'.
[ 1294.029625][T21769] netlink: 'syz.1.5428': attribute type 1 has an invalid length.
[ 1294.251398][T21777] netlink: 176 bytes leftover after parsing attributes in process `syz.1.5433'.
[ 1294.880345][T21790] lo speed is unknown, defaulting to 1000
[ 1296.815549][   T38] kauditd_printk_skb: 479 callbacks suppressed
[ 1296.815570][   T38] audit: type=1326 audit(2000000367.720:4486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21809 comm="syz.5.5447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1296.816534][   T38] audit: type=1326 audit(2000000367.720:4487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21809 comm="syz.5.5447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1296.817369][   T38] audit: type=1326 audit(2000000367.720:4488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21809 comm="syz.5.5447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1296.817420][   T38] audit: type=1326 audit(2000000367.720:4489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21809 comm="syz.5.5447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1296.817468][   T38] audit: type=1326 audit(2000000367.720:4490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21809 comm="syz.5.5447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1296.821667][   T38] audit: type=1326 audit(2000000367.720:4491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21809 comm="syz.5.5447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1296.821723][   T38] audit: type=1326 audit(2000000367.720:4492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21809 comm="syz.5.5447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1296.821771][   T38] audit: type=1326 audit(2000000367.720:4493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21809 comm="syz.5.5447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1296.842163][ T6013] vhci_hcd: vhci_device speed not set
[ 1296.845669][   T38] audit: type=1326 audit(2000000367.750:4494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21809 comm="syz.5.5447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1296.860079][   T38] audit: type=1326 audit(2000000367.760:4495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21809 comm="syz.5.5447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x7ffc0000
[ 1299.618237][T21870] siw: device registration error -23
[ 1300.313029][T21886] veth0: entered promiscuous mode
[ 1300.332707][T21886] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5476'.
[ 1301.269707][T21895] lo speed is unknown, defaulting to 1000
[ 1302.570571][T21903] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5481'.
[ 1302.663654][   T38] kauditd_printk_skb: 2 callbacks suppressed
[ 1302.663677][   T38] audit: type=1326 audit(2000000373.550:4498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=21909 comm="syz.5.5483" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x0
[ 1302.816240][T21912] netlink: 176 bytes leftover after parsing attributes in process `syz.5.5487'.
[ 1303.293854][T21924] netlink: 20 bytes leftover after parsing attributes in process `syz.5.5490'.
[ 1304.670142][T21945] siw: device registration error -23
[ 1305.377695][T21969] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5506'.
[ 1305.543744][T21974] loop2: detected capacity change from 0 to 7
[ 1305.571131][T21974] Dev loop2: unable to read RDB block 7
[ 1305.571205][T21974]  loop2: unable to read partition table
[ 1305.571455][T21974] loop2: partition table beyond EOD, truncated
[ 1305.582487][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 1305.590254][T21974] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1307.015543][T21984] netlink: 'syz.0.5511': attribute type 13 has an invalid length.
[ 1307.015567][T21984] netlink: 'syz.0.5511': attribute type 17 has an invalid length.
[ 1307.773337][T21984] net_ratelimit: 13 callbacks suppressed
[ 1307.773351][T21984] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1308.414726][T22014] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5523'.
[ 1309.300341][T22031] netlink: 'syz.5.5530': attribute type 12 has an invalid length.
[ 1309.909146][T22050] lo speed is unknown, defaulting to 1000
[ 1310.825915][   T38] audit: type=1326 audit(2000000381.730:4499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22056 comm="syz.6.5540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1310.825975][   T38] audit: type=1326 audit(2000000381.730:4500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22056 comm="syz.6.5540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1310.826024][   T38] audit: type=1326 audit(2000000381.730:4501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22056 comm="syz.6.5540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1310.826924][   T38] audit: type=1326 audit(2000000381.730:4502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22056 comm="syz.6.5540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1310.826974][   T38] audit: type=1326 audit(2000000381.730:4503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22056 comm="syz.6.5540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1310.828257][   T38] audit: type=1326 audit(2000000381.730:4504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22056 comm="syz.6.5540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1310.828309][   T38] audit: type=1326 audit(2000000381.730:4505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22056 comm="syz.6.5540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1310.828993][   T38] audit: type=1326 audit(2000000381.730:4506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22056 comm="syz.6.5540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1310.829279][   T38] audit: type=1326 audit(2000000381.730:4507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22056 comm="syz.6.5540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1310.829721][   T38] audit: type=1326 audit(2000000381.730:4508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22056 comm="syz.6.5540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1310.994067][T22057] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5541'.
[ 1311.117937][T22057] netlink: 'syz.5.5541': attribute type 4 has an invalid length.
[ 1311.117962][T22057] netlink: 152 bytes leftover after parsing attributes in process `syz.5.5541'.
[ 1311.953893][T22079] netlink: 'syz.6.5550': attribute type 12 has an invalid length.
[ 1312.035494][T22081] siw: device registration error -23
[ 1312.364136][T22095] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5559'.
[ 1312.457830][T22095] netlink: 'syz.0.5559': attribute type 4 has an invalid length.
[ 1312.457856][T22095] netlink: 152 bytes leftover after parsing attributes in process `syz.0.5559'.
[ 1312.486741][T22095] .`: renamed from bond0 (while UP)
[ 1312.634040][T22108] siw: device registration error -23
[ 1312.926520][T22121] netlink: 8 bytes leftover after parsing attributes in process `syz.1.5570'.
[ 1312.926555][T22121] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5570'.
[ 1313.429077][T22134] netlink: 'syz.5.5577': attribute type 1 has an invalid length.
[ 1313.528441][T22134] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1313.754161][T22148] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5583'.
[ 1313.910387][T22154] netlink: 176 bytes leftover after parsing attributes in process `syz.1.5584'.
[ 1314.135430][T22160] netlink: 4 bytes leftover after parsing attributes in process `syz.6.5586'.
[ 1314.194096][T22160] netlink: 'syz.6.5586': attribute type 4 has an invalid length.
[ 1314.194121][T22160] netlink: 152 bytes leftover after parsing attributes in process `syz.6.5586'.
[ 1314.268422][T22163] tipc: Started in network mode
[ 1314.268454][T22163] tipc: Node identity 9eae7457e80d, cluster identity 4711
[ 1314.268650][T22163] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1314.310732][T22160] .`: renamed from bond0 (while UP)
[ 1314.369530][T22157] syzkaller0: entered promiscuous mode
[ 1314.369559][T22157] syzkaller0: entered allmulticast mode
[ 1314.464020][T22157] tipc: Resetting bearer <eth:syzkaller0>
[ 1314.603273][T22156] tipc: Resetting bearer <eth:syzkaller0>
[ 1314.803721][T22156] tipc: Disabling bearer <eth:syzkaller0>
[ 1316.017844][T22218] loop2: detected capacity change from 0 to 7
[ 1316.030002][T22218] Dev loop2: unable to read RDB block 7
[ 1316.030039][T22218]  loop2: AHDI p1 p2 p3
[ 1316.030629][T22218] loop2: partition table partially beyond EOD, truncated
[ 1316.031006][T22218] loop2: p1 start 1818582900 is beyond EOD, truncated
[ 1316.031028][T22218] loop2: p3 start 335544320 is beyond EOD, truncated
[ 1316.361621][T22204] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1316.393458][T22204] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1316.393761][T22204] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1316.394033][T22204] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1316.394539][T22204] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1316.394693][T22204] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1316.483208][T22204] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1316.862443][T22236] __nla_validate_parse: 2 callbacks suppressed
[ 1316.862465][T22236] netlink: 176 bytes leftover after parsing attributes in process `syz.0.5619'.
[ 1317.043266][T22242] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5621'.
[ 1317.404080][T22246] netlink: 8 bytes leftover after parsing attributes in process `syz.6.5623'.
[ 1317.743445][ T5117] Bluetooth: hci1: command 0x0406 tx timeout
[ 1317.831335][T22255] netlink: 'syz.6.5625': attribute type 4 has an invalid length.
[ 1317.831360][T22255] netlink: 152 bytes leftover after parsing attributes in process `syz.6.5625'.
[ 1318.311479][T22270] netlink: 176 bytes leftover after parsing attributes in process `syz.1.5631'.
[ 1318.452020][ T5117] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1318.452048][T12622] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1318.452081][T12622] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1318.452108][T12622] Bluetooth: hci0: command 0x0406 tx timeout
[ 1318.749000][   T38] kauditd_printk_skb: 730 callbacks suppressed
[ 1318.749020][   T38] audit: type=1326 audit(2000000389.650:5239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22281 comm="syz.0.5635" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x0
[ 1319.263157][   T38] audit: type=1326 audit(2000000390.170:5240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22296 comm="syz.0.5643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1319.263917][   T38] audit: type=1326 audit(2000000390.170:5241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22296 comm="syz.0.5643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1319.265894][   T38] audit: type=1326 audit(2000000390.170:5242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22296 comm="syz.0.5643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1319.266199][   T38] audit: type=1326 audit(2000000390.170:5243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22296 comm="syz.0.5643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1319.272790][   T38] audit: type=1326 audit(2000000390.180:5244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22296 comm="syz.0.5643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1319.272849][   T38] audit: type=1326 audit(2000000390.180:5245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22296 comm="syz.0.5643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1319.272911][   T38] audit: type=1326 audit(2000000390.180:5246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22296 comm="syz.0.5643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1319.275038][   T38] audit: type=1326 audit(2000000390.180:5247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22296 comm="syz.0.5643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1319.276188][   T38] audit: type=1326 audit(2000000390.180:5248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22296 comm="syz.0.5643" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1320.074761][T22319] netlink: 'syz.3.5655': attribute type 1 has an invalid length.
[ 1320.291082][T22319] bond0: entered promiscuous mode
[ 1320.299022][T22319] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1320.300097][T22317] netlink: 'syz.6.5654': attribute type 12 has an invalid length.
[ 1320.397602][T22323] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1320.398151][T22323] bond0: (slave gre1): The slave device specified does not support setting the MAC address
[ 1320.399428][T22323] bond0: (slave gre1): Error -95 calling set_mac_address
[ 1320.532342][ T5117] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1321.732042][T22362] netlink: 'syz.5.5673': attribute type 1 has an invalid length.
[ 1321.912542][T22362] bond2: entered promiscuous mode
[ 1321.913130][T22362] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1322.058808][T22365] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1322.059337][T22365] bond2: (slave gre1): The slave device specified does not support setting the MAC address
[ 1322.060576][T22365] bond2: (slave gre1): Error -95 calling set_mac_address
[ 1322.183364][T22371] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1322.404899][T22375] siw: device registration error -23
[ 1322.625078][ T5117] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1324.826457][   T31] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1325.132396][   T31] usb 7-1: Using ep0 maxpacket: 32
[ 1325.234296][   T31] usb 7-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 1325.235600][   T31] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1325.236016][   T31] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 1325.236538][   T31] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8
[ 1325.236833][   T31] usb 7-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 255
[ 1325.382019][   T31] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1325.382053][   T31] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1325.382074][   T31] usb 7-1: SerialNumber: syz
[ 1325.430420][T22393] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1325.450355][   T31] cdc_acm 7-1:1.0: Control and data interfaces are not separated!
[ 1325.450379][   T31] cdc_acm 7-1:1.0: This needs exactly 3 endpoints
[ 1325.450418][   T31] cdc_acm 7-1:1.0: probe with driver cdc_acm failed with error -22
[ 1329.275961][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1329.411351][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1329.422210][ T5874] usb 7-1: USB disconnect, device number 2
[ 1329.902647][T22428] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5697'.
[ 1329.945955][   T38] kauditd_printk_skb: 17 callbacks suppressed
[ 1329.945981][   T38] audit: type=1326 audit(2000000400.850:5266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=22429 comm="syz.1.5698" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0ae61deec9 code=0x0
[ 1330.103571][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1330.433160][T22438] lo speed is unknown, defaulting to 1000
[ 1330.524619][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1330.592506][T22446] siw: device registration error -23
[ 1330.720165][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1332.324325][T10554] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[ 1332.618421][T10554] usb 7-1: Using ep0 maxpacket: 32
[ 1332.627192][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1332.658906][T10554] usb 7-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 1332.658959][T10554] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1332.658983][T10554] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 1332.659009][T10554] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8
[ 1332.659034][T10554] usb 7-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 255
[ 1332.662358][T10554] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1332.662388][T10554] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1332.662409][T10554] usb 7-1: SerialNumber: syz
[ 1332.745897][T22456] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1332.833603][T10554] cdc_acm 7-1:1.0: Control and data interfaces are not separated!
[ 1332.833628][T10554] cdc_acm 7-1:1.0: This needs exactly 3 endpoints
[ 1332.833667][T10554] cdc_acm 7-1:1.0: probe with driver cdc_acm failed with error -22
[ 1333.887163][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1334.031122][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1334.136498][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1334.174300][ T5899] usb 7-1: USB disconnect, device number 3
[ 1335.167824][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1335.350564][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1335.688695][T22488] siw: device registration error -23
[ 1335.773033][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1335.865474][T22491] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5716'.
[ 1336.001643][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1336.043613][T22497] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5720'.
[ 1336.258479][T22507] netlink: 'syz.3.5720': attribute type 4 has an invalid length.
[ 1336.258508][T22507] netlink: 152 bytes leftover after parsing attributes in process `syz.3.5720'.
[ 1337.346752][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1338.524201][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1338.702330][T22531] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1339.483135][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1339.521999][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1339.630906][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1339.946919][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1340.879846][T22545] siw: device registration error -23
[ 1340.953834][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1341.128611][T22548] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5733'.
[ 1341.259823][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1341.314638][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1341.355705][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1341.441070][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1341.518175][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1341.634284][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1341.714726][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1342.406994][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1344.351973][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1344.485182][T22578] fuse: Bad value for 'user_id'
[ 1344.485229][T22578] fuse: Bad value for 'user_id'
[ 1345.258337][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1345.286601][T22577] netlink: 4 bytes leftover after parsing attributes in process `syz.5.5741'.
[ 1345.391265][T22579] netlink: 'syz.5.5741': attribute type 4 has an invalid length.
[ 1345.391291][T22579] netlink: 152 bytes leftover after parsing attributes in process `syz.5.5741'.
[ 1345.565481][T22586] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5744'.
[ 1345.988986][T22599] netlink: 'syz.0.5752': attribute type 12 has an invalid length.
[ 1345.995092][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1346.940500][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1347.331062][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1347.480458][T22621] siw: device registration error -23
[ 1347.682452][ T6013] usb 4-1: new full-speed USB device number 59 using dummy_hcd
[ 1348.054906][ T6013] usb 4-1: config 0 has an invalid interface number: 50 but max is 0
[ 1348.054937][ T6013] usb 4-1: config 0 has no interface number 0
[ 1348.058663][ T6013] usb 4-1: New USB device found, idVendor=0b48, idProduct=1009, bcdDevice=87.f7
[ 1348.058693][ T6013] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1348.058716][ T6013] usb 4-1: Product: syz
[ 1348.058732][ T6013] usb 4-1: Manufacturer: syz
[ 1348.058748][ T6013] usb 4-1: SerialNumber: syz
[ 1348.116641][ T6013] usb 4-1: config 0 descriptor??
[ 1348.128447][ T6013] ttusb_dec_send_command: command bulk message failed: error -22
[ 1348.128793][ T6013] ttusb-dec 4-1:0.50: probe with driver ttusb-dec failed with error -22
[ 1348.199098][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1348.323617][T22619] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1348.324242][T22619] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1348.512285][ T5882] usb 4-1: USB disconnect, device number 59
[ 1348.936811][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1348.989549][T22634] netlink: 'syz.5.5764': attribute type 12 has an invalid length.
[ 1349.588670][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1349.704437][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1349.856813][T22650] siw: device registration error -23
[ 1354.523939][T22668] netlink: 4 bytes leftover after parsing attributes in process `syz.0.5776'.
[ 1355.215372][T22668] netlink: 'syz.0.5776': attribute type 4 has an invalid length.
[ 1355.215397][T22668] netlink: 152 bytes leftover after parsing attributes in process `syz.0.5776'.
[ 1355.729788][T22684] siw: device registration error -23
[ 1355.731980][ T5882] usb 7-1: new full-speed USB device number 4 using dummy_hcd
[ 1356.974829][ T5882] usb 7-1: config 0 has an invalid interface number: 50 but max is 0
[ 1356.974860][ T5882] usb 7-1: config 0 has no interface number 0
[ 1356.978183][ T5882] usb 7-1: New USB device found, idVendor=0b48, idProduct=1009, bcdDevice=87.f7
[ 1356.978213][ T5882] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1356.978235][ T5882] usb 7-1: Product: syz
[ 1356.978251][ T5882] usb 7-1: Manufacturer: syz
[ 1356.978267][ T5882] usb 7-1: SerialNumber: syz
[ 1357.044097][ T5882] usb 7-1: config 0 descriptor??
[ 1357.057912][ T5882] ttusb_dec_send_command: command bulk message failed: error -22
[ 1357.058159][ T5882] ttusb-dec 7-1:0.50: probe with driver ttusb-dec failed with error -22
[ 1357.524244][T22677] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1357.524860][T22677] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1358.630391][T22721] loop2: detected capacity change from 0 to 7
[ 1358.639652][T22721] Dev loop2: unable to read RDB block 7
[ 1358.639694][T22721]  loop2: AHDI p1 p2 p3
[ 1358.639726][T22721] loop2: partition table partially beyond EOD, truncated
[ 1358.639984][T22721] loop2: p1 start 1818582900 is beyond EOD, truncated
[ 1358.640005][T22721] loop2: p3 start 335544320 is beyond EOD, truncated
[ 1358.770304][ T5861] usb 7-1: USB disconnect, device number 4
[ 1360.350130][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1360.372366][T22752] overlayfs: failed to resolve './file0': -2
[ 1361.334434][T22776] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5818'.
[ 1361.582118][ T5861] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[ 1362.744308][ T5861] usb 1-1: config 0 has an invalid interface number: 50 but max is 0
[ 1362.744338][ T5861] usb 1-1: config 0 has no interface number 0
[ 1362.747857][ T5861] usb 1-1: New USB device found, idVendor=0b48, idProduct=1009, bcdDevice=87.f7
[ 1362.747892][ T5861] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1362.747915][ T5861] usb 1-1: Product: syz
[ 1362.747931][ T5861] usb 1-1: Manufacturer: syz
[ 1362.747948][ T5861] usb 1-1: SerialNumber: syz
[ 1362.780798][ T5861] usb 1-1: config 0 descriptor??
[ 1362.808555][ T5861] ttusb_dec_send_command: command bulk message failed: error -22
[ 1362.808804][ T5861] ttusb-dec 1-1:0.50: probe with driver ttusb-dec failed with error -22
[ 1363.015537][T22778] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1363.021053][T22778] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1363.368634][ T5861] usb 1-1: USB disconnect, device number 12
[ 1363.587398][T22814] netlink: 4 bytes leftover after parsing attributes in process `syz.1.5829'.
[ 1363.805497][T22820] netlink: 12 bytes leftover after parsing attributes in process `syz.1.5831'.
[ 1363.805522][T22820] netlink: 24 bytes leftover after parsing attributes in process `syz.1.5831'.
[ 1365.252767][T22826] 9pnet_fd: Insufficient options for proto=fd
[ 1367.239494][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 1369.000747][T22862] 9pnet_fd: Insufficient options for proto=fd
[ 1373.118362][T22901] 9pnet_fd: Insufficient options for proto=fd
[ 1373.304487][T22906] netlink: 28 bytes leftover after parsing attributes in process `syz.0.5851'.
[ 1373.450319][T22912] loop2: detected capacity change from 0 to 7
[ 1373.463684][T22912] Dev loop2: unable to read RDB block 7
[ 1373.463721][T22912]  loop2: AHDI p1 p2 p3
[ 1373.463751][T22912] loop2: partition table partially beyond EOD, truncated
[ 1373.464027][T22912] loop2: p1 start 1818582900 is beyond EOD, truncated
[ 1373.464050][T22912] loop2: p3 start 335544320 is beyond EOD, truncated
[ 1375.328156][T22935] 9pnet_fd: Insufficient options for proto=fd
[ 1375.908356][T22949] netlink: 28 bytes leftover after parsing attributes in process `syz.6.5879'.
[ 1375.938342][T22948] loop2: detected capacity change from 0 to 7
[ 1375.949161][T22948] Dev loop2: unable to read RDB block 7
[ 1375.949196][T22948]  loop2: AHDI p1 p2 p3
[ 1375.949225][T22948] loop2: partition table partially beyond EOD, truncated
[ 1375.950669][T22948] loop2: p1 start 1818582900 is beyond EOD, truncated
[ 1375.950696][T22948] loop2: p3 start 335544320 is beyond EOD, truncated
[ 1381.366817][T23030] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1381.368659][T23030] syzkaller0: entered promiscuous mode
[ 1381.368677][T23030] syzkaller0: entered allmulticast mode
[ 1381.384100][T23030] tipc: Resetting bearer <eth:syzkaller0>
[ 1381.412150][T23029] tipc: Resetting bearer <eth:syzkaller0>
[ 1381.855110][T23029] tipc: Disabling bearer <eth:syzkaller0>
[ 1382.235996][T23042] loop2: detected capacity change from 0 to 7
[ 1382.444484][T23042] Dev loop2: unable to read RDB block 7
[ 1382.444526][T23042]  loop2: AHDI p1 p2 p3
[ 1382.444557][T23042] loop2: partition table partially beyond EOD, truncated
[ 1382.444841][T23042] loop2: p1 start 1818582900 is beyond EOD, truncated
[ 1382.444862][T23042] loop2: p3 start 335544320 is beyond EOD, truncated
[ 1383.269802][T23047] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5917'.
[ 1384.830984][T23080] loop2: detected capacity change from 0 to 7
[ 1384.836489][T23043] Dev loop2: unable to read RDB block 7
[ 1384.836525][T23043]  loop2: AHDI p1 p2 p3
[ 1384.836559][T23043] loop2: partition table partially beyond EOD, truncated
[ 1384.836883][T23043] loop2: p1 start 1818582900 is beyond EOD, truncated
[ 1384.836903][T23043] loop2: p3 start 335544320 is beyond EOD, truncated
[ 1384.850384][T23080] Dev loop2: unable to read RDB block 7
[ 1384.850424][T23080]  loop2: AHDI p1 p2 p3
[ 1384.850456][T23080] loop2: partition table partially beyond EOD, truncated
[ 1384.851642][T23080] loop2: p1 start 1818582900 is beyond EOD, truncated
[ 1384.851670][T23080] loop2: p3 start 335544320 is beyond EOD, truncated
[ 1385.145664][T23083] lo speed is unknown, defaulting to 1000
[ 1388.765874][T23124] overlayfs: failed to clone upperpath
[ 1389.260013][T23135] siw: device registration error -23
[ 1389.305180][T23137] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5950'.
[ 1391.954290][T23177] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1391.992877][T23178] netlink: 60 bytes leftover after parsing attributes in process `syz.5.5965'.
[ 1393.514211][T23190] loop2: detected capacity change from 0 to 7
[ 1393.531327][T23190] Dev loop2: unable to read RDB block 7
[ 1393.531351][T23190]  loop2: AHDI p1 p2 p3
[ 1393.531374][T23190] loop2: partition table partially beyond EOD, truncated
[ 1393.531600][T23190] loop2: p1 start 1818582900 is beyond EOD, truncated
[ 1393.531614][T23190] loop2: p3 start 335544320 is beyond EOD, truncated
[ 1394.012025][T22557] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[ 1394.312521][T22557] usb 4-1: config 0 has an invalid interface number: 113 but max is 0
[ 1394.312553][T22557] usb 4-1: config 0 has no interface number 0
[ 1394.463334][T22557] usb 4-1: New USB device found, idVendor=0e41, idProduct=534d, bcdDevice=98.2a
[ 1394.463368][T22557] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1394.463391][T22557] usb 4-1: Product: syz
[ 1394.463408][T22557] usb 4-1: Manufacturer: syz
[ 1394.463425][T22557] usb 4-1: SerialNumber: syz
[ 1394.490050][T23215] netlink: 60 bytes leftover after parsing attributes in process `syz.5.5977'.
[ 1394.529419][T22557] usb 4-1: config 0 descriptor??
[ 1394.954223][T22557] snd_usb_variax 4-1:0.113: Line 6 Variax Workbench found
[ 1394.954244][T22557] usb 4-1: selecting invalid altsetting 1
[ 1394.954257][T22557] snd_usb_variax 4-1:0.113: set_interface failed
[ 1394.954860][T22557] snd_usb_variax 4-1:0.113: Line 6 Variax Workbench now disconnected
[ 1394.955023][T22557] snd_usb_variax 4-1:0.113: probe with driver snd_usb_variax failed with error -22
[ 1395.125215][T23225] fuse: Bad value for 'rootmode'
[ 1395.967147][T22557] usb 4-1: USB disconnect, device number 60
[ 1395.971294][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1396.058127][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1396.101189][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1396.435492][T23235] netlink: 8 bytes leftover after parsing attributes in process `syz.5.5984'.
[ 1397.455023][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1397.674993][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1397.767673][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1398.489092][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1398.590947][T23250] netlink: 60 bytes leftover after parsing attributes in process `syz.3.5989'.
[ 1398.925718][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1399.179450][T23261] fuse: Unknown parameter 'use00000000000000000000'
[ 1399.341574][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1399.424023][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1399.658113][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1400.145934][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1400.647791][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1400.757214][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1401.007617][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1401.780749][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1402.089592][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1402.112662][T23293] netlink: 60 bytes leftover after parsing attributes in process `syz.0.6003'.
[ 1403.197984][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1404.057145][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1404.138667][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1404.419361][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1406.016473][T23339] netlink: 60 bytes leftover after parsing attributes in process `syz.6.6018'.
[ 1406.932405][    T9] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1407.082030][    T9] usb 7-1: Using ep0 maxpacket: 16
[ 1407.084543][    T9] usb 7-1: config 0 has an invalid interface number: 2 but max is 0
[ 1407.084562][    T9] usb 7-1: config 0 has no interface number 0
[ 1407.086844][    T9] usb 7-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 0.01
[ 1407.086865][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1407.086880][    T9] usb 7-1: Product: syz
[ 1407.086890][    T9] usb 7-1: Manufacturer: syz
[ 1407.086902][    T9] usb 7-1: SerialNumber: syz
[ 1407.149616][    T9] usb 7-1: config 0 descriptor??
[ 1407.265594][    T9] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[ 1407.566353][T23342] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1407.573564][T23342] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1407.581664][T23342] netlink: 'syz.6.6019': attribute type 21 has an invalid length.
[ 1407.583434][T23342] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6019'.
[ 1407.772819][T22557] usb 4-1: new full-speed USB device number 61 using dummy_hcd
[ 1407.925494][T23342] sp0: Synchronizing with TNC
[ 1407.927890][T22557] usb 4-1: config 0 has an invalid interface number: 50 but max is 0
[ 1407.927918][T22557] usb 4-1: config 0 has no interface number 0
[ 1407.991599][T22557] usb 4-1: New USB device found, idVendor=0b48, idProduct=1009, bcdDevice=87.f7
[ 1407.991631][T22557] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1407.991651][T22557] usb 4-1: Product: syz
[ 1407.991665][T22557] usb 4-1: Manufacturer: syz
[ 1407.991681][T22557] usb 4-1: SerialNumber: syz
[ 1408.052875][T22557] usb 4-1: config 0 descriptor??
[ 1408.060844][T22557] ttusb_dec_send_command: command bulk message failed: error -22
[ 1408.061086][T22557] ttusb-dec 4-1:0.50: probe with driver ttusb-dec failed with error -22
[ 1408.287745][T23359] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1408.288320][T23359] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1408.466154][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0400, value 0x00, error -71)
[ 1408.466667][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0400, value 0x01, error -71)
[ 1408.467100][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0420, value 0x00, error -71)
[ 1408.467543][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0420, value 0x01, error -71)
[ 1408.467987][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0409, value 0x0D, error -71)
[ 1408.468396][    T9] gspca_xirlink_cit: Failed to write a register (index 0x040A, value 0x02, error -71)
[ 1408.468833][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0405, value 0x18, error -71)
[ 1408.469262][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0435, value 0x08, error -71)
[ 1408.469697][    T9] gspca_xirlink_cit: Failed to write a register (index 0x040B, value 0x26, error -71)
[ 1408.470111][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0437, value 0x07, error -71)
[ 1408.475434][    T9] gspca_xirlink_cit: Failed to write a register (index 0x042F, value 0x15, error -71)
[ 1408.587658][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0439, value 0x2B, error -71)
[ 1408.589027][    T9] gspca_xirlink_cit: Failed to write a register (index 0x043A, value 0x26, error -71)
[ 1408.589474][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0438, value 0x08, error -71)
[ 1408.592258][    T9] gspca_xirlink_cit: Failed to write a register (index 0x042B, value 0x1E, error -71)
[ 1408.592695][    T9] gspca_xirlink_cit: Failed to write a register (index 0x042C, value 0x41, error -71)
[ 1408.593128][    T9] gspca_xirlink_cit: Failed to write a register (index 0x0100, value 0xC0, error -71)
[ 1408.597484][    T9] input: xirlink-cit as /devices/platform/dummy_hcd.6/usb7/7-1/input/input16
[ 1408.748483][    T9] usb 7-1: USB disconnect, device number 5
[ 1410.420451][ T5882] usb 4-1: USB disconnect, device number 61
[ 1411.173013][T23396] netlink: 'syz.1.6038': attribute type 12 has an invalid length.
[ 1411.523502][T23414] netlink: 12 bytes leftover after parsing attributes in process `syz.1.6043'.
[ 1412.572199][T23438] netlink: 'syz.5.6054': attribute type 12 has an invalid length.
[ 1412.927054][T23460] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6061'.
[ 1414.429628][T23489] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1415.250384][T23518] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6084'.
[ 1416.033274][T23532] netlink: 'syz.3.6087': attribute type 10 has an invalid length.
[ 1416.088513][T23537] netlink: 'syz.3.6087': attribute type 10 has an invalid length.
[ 1416.443699][T23532] batman_adv: batadv0: Interface deactivated: dummy0
[ 1416.450977][T23532] batman_adv: batadv0: Removing interface: dummy0
[ 1416.526152][T23532] team0: Port device dummy0 added
[ 1416.596777][T23537] team0: Port device dummy0 removed
[ 1416.635090][T23537] .`: (slave dummy0): Enslaving as an active interface with an up link
[ 1419.430454][T23582] lo speed is unknown, defaulting to 1000
[ 1420.492619][   T31] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1421.041894][   T31] usb 7-1: Using ep0 maxpacket: 32
[ 1421.044003][   T31] usb 7-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 1421.044068][   T31] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1421.044093][   T31] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 1421.044120][   T31] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8
[ 1421.044147][   T31] usb 7-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 255
[ 1421.111695][   T31] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1421.111728][   T31] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1421.111750][   T31] usb 7-1: SerialNumber: syz
[ 1421.157856][T23602] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1421.175119][T23611] loop2: detected capacity change from 0 to 7
[ 1421.183713][   T31] cdc_acm 7-1:1.0: Control and data interfaces are not separated!
[ 1421.183737][   T31] cdc_acm 7-1:1.0: This needs exactly 3 endpoints
[ 1421.183790][   T31] cdc_acm 7-1:1.0: probe with driver cdc_acm failed with error -22
[ 1421.184886][T23611] Dev loop2: unable to read RDB block 7
[ 1421.184918][T23611]  loop2: AHDI p1 p2 p3
[ 1421.184949][T23611] loop2: partition table partially beyond EOD, truncated
[ 1421.185846][T23611] loop2: p1 start 1818582900 is beyond EOD, truncated
[ 1421.185870][T23611] loop2: p3 start 335544320 is beyond EOD, truncated
[ 1421.356922][   T38] audit: type=1326 audit(2000000492.260:5267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23614 comm="syz.5.6118" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x0
[ 1421.586169][T23623] netlink: 'syz.3.6122': attribute type 1 has an invalid length.
[ 1421.666721][T23623] bond1: entered promiscuous mode
[ 1421.667417][T23623] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1422.180161][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1422.706167][T23645] netlink: 20 bytes leftover after parsing attributes in process `syz.0.6129'.
[ 1423.203274][T22557] usb 7-1: USB disconnect, device number 6
[ 1423.308222][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1424.152881][  T161] bridge_slave_1: left allmulticast mode
[ 1424.152915][  T161] bridge_slave_1: left promiscuous mode
[ 1424.153224][  T161] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1424.327276][  T161] bridge_slave_0: left allmulticast mode
[ 1424.327308][  T161] bridge_slave_0: left promiscuous mode
[ 1424.351638][  T161] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1424.777271][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1424.847494][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1425.619477][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1426.113936][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1426.618244][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1427.461754][T23695] netlink: 20 bytes leftover after parsing attributes in process `syz.3.6142'.
[ 1427.464530][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1428.469747][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 1429.202624][  T161] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1429.282665][  T161] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1429.354571][  T161] bond0 (unregistering): (slave dummy0): Releasing backup interface
[ 1429.382712][  T161] bond0 (unregistering): Released all slaves
[ 1430.215261][  T161] bond1 (unregistering): Released all slaves
[ 1430.273540][T23669] lo speed is unknown, defaulting to 1000
[ 1431.705583][T23725] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1432.294085][  T161] tipc: Left network mode
[ 1432.843907][T23746] fuse: Unknown parameter 'user_id00000000000000000000'
[ 1433.680266][T23750] netlink: 28 bytes leftover after parsing attributes in process `syz.0.6160'.
[ 1433.726619][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1433.866740][T23756] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6161'.
[ 1434.560966][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1435.785883][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1436.008551][T23778] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6167'.
[ 1436.056979][T23778] netlink: 'syz.5.6167': attribute type 4 has an invalid length.
[ 1436.057004][T23778] netlink: 152 bytes leftover after parsing attributes in process `syz.5.6167'.
[ 1436.058059][T23780] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[ 1436.068407][ T5786] usb 1-1: new full-speed USB device number 13 using dummy_hcd
[ 1436.215450][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1436.261927][ T5786] usb 1-1: config 0 has an invalid interface number: 50 but max is 0
[ 1436.261956][ T5786] usb 1-1: config 0 has no interface number 0
[ 1436.265932][ T5786] usb 1-1: New USB device found, idVendor=0b48, idProduct=1009, bcdDevice=87.f7
[ 1436.265962][ T5786] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1436.265984][ T5786] usb 1-1: Product: syz
[ 1436.265999][ T5786] usb 1-1: Manufacturer: syz
[ 1436.266014][ T5786] usb 1-1: SerialNumber: syz
[ 1436.284857][ T5786] usb 1-1: config 0 descriptor??
[ 1436.305970][ T5786] ttusb_dec_send_command: command bulk message failed: error -22
[ 1436.306264][ T5786] ttusb-dec 1-1:0.50: probe with driver ttusb-dec failed with error -22
[ 1436.432035][  T161] hsr_slave_0: left promiscuous mode
[ 1436.452333][  T161] hsr_slave_1: left promiscuous mode
[ 1436.491193][T23770] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1436.493844][T23770] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1436.703152][  T161] veth1_macvtap: left promiscuous mode
[ 1436.703267][  T161] veth0_macvtap: left promiscuous mode
[ 1436.775498][T23798] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6174'.
[ 1437.217996][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1437.538081][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1437.760400][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1437.900374][T23819] loop2: detected capacity change from 0 to 7
[ 1437.904015][T23819] Dev loop2: unable to read RDB block 7
[ 1437.904054][T23819]  loop2: AHDI p1 p2 p3
[ 1437.904089][T23819] loop2: partition table partially beyond EOD, truncated
[ 1437.904384][T23819] loop2: p1 start 1818582900 is beyond EOD, truncated
[ 1437.904407][T23819] loop2: p3 start 335544320 is beyond EOD, truncated
[ 1437.988690][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1441.821425][T23858] fuse: Bad value for 'fd'
[ 1442.893844][  T161] team0 (unregistering): Port device team_slave_1 removed
[ 1443.347043][  T161] team0 (unregistering): Port device team_slave_0 removed
[ 1444.488242][T23890] IPv6: Can't replace route, no match found
[ 1444.637783][   T38] audit: type=1326 audit(2000000515.540:5268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=23891 comm="syz.5.6209" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9eeae8eec9 code=0x0
[ 1447.469967][ T5786] lo speed is unknown, defaulting to 1000
[ 1447.479930][ T5786] syz0: Port: 1 Link DOWN
[ 1447.574808][ T5786] usb 1-1: USB disconnect, device number 13
[ 1448.275149][T23940] netlink: 28 bytes leftover after parsing attributes in process `syz.6.6227'.
[ 1448.970082][T10929] usb 4-1: new full-speed USB device number 62 using dummy_hcd
[ 1449.937358][T10929] usb 4-1: config 0 has an invalid interface number: 50 but max is 0
[ 1449.937388][T10929] usb 4-1: config 0 has no interface number 0
[ 1449.940395][T10929] usb 4-1: New USB device found, idVendor=0b48, idProduct=1009, bcdDevice=87.f7
[ 1449.940424][T10929] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1449.940446][T10929] usb 4-1: Product: syz
[ 1449.940462][T10929] usb 4-1: Manufacturer: syz
[ 1449.940477][T10929] usb 4-1: SerialNumber: syz
[ 1449.954531][T10929] usb 4-1: config 0 descriptor??
[ 1449.971674][T10929] ttusb_dec_send_command: command bulk message failed: error -22
[ 1449.992361][T10929] ttusb-dec 4-1:0.50: probe with driver ttusb-dec failed with error -22
[ 1450.145497][T23954] netlink: 'syz.0.6230': attribute type 12 has an invalid length.
[ 1451.384302][T23942] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1451.384923][T23942] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1451.815050][T23973] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6239'.
[ 1452.729596][   T31] usb 4-1: USB disconnect, device number 62
[ 1452.799472][T23987] netlink: 4 bytes leftover after parsing attributes in process `syz.6.6244'.
[ 1453.334911][T23994] netlink: 'syz.5.6246': attribute type 12 has an invalid length.
[ 1453.380458][   T38] audit: type=1326 audit(2000000524.280:5269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24001 comm="syz.3.6250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1453.406721][   T38] audit: type=1326 audit(2000000524.290:5270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24001 comm="syz.3.6250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1453.409866][   T38] audit: type=1326 audit(2000000524.310:5271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24001 comm="syz.3.6250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1453.443844][   T38] audit: type=1326 audit(2000000524.320:5272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24001 comm="syz.3.6250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1453.443950][   T38] audit: type=1326 audit(2000000524.320:5273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24001 comm="syz.3.6250" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1453.551650][T24004] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6251'.
[ 1454.012604][T24019] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6257'.
[ 1454.223559][   T38] audit: type=1326 audit(2000000525.130:5274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24024 comm="syz.3.6264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1454.225363][   T38] audit: type=1326 audit(2000000525.130:5275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24024 comm="syz.3.6264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1454.226858][   T38] audit: type=1326 audit(2000000525.130:5276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24024 comm="syz.3.6264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1454.227151][   T38] audit: type=1326 audit(2000000525.130:5277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24024 comm="syz.3.6264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1454.227525][   T38] audit: type=1326 audit(2000000525.130:5278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24024 comm="syz.3.6264" exe="/root/syz-executor" sig=0 arch=c000003e syscall=426 compat=0 ip=0x7f001ef2eec9 code=0x7ffc0000
[ 1454.382657][T24035] netlink: 8 bytes leftover after parsing attributes in process `syz.5.6265'.
[ 1454.645404][T24045] netlink: 8 bytes leftover after parsing attributes in process `syz.6.6269'.
[ 1455.148563][T24062] netlink: 4 bytes leftover after parsing attributes in process `syz.1.6275'.
[ 1455.403125][T24066] netlink: 'syz.3.6276': attribute type 10 has an invalid length.
[ 1455.403152][T24066] netlink: 40 bytes leftover after parsing attributes in process `syz.3.6276'.
[ 1455.406378][T24066] batman_adv: batadv0: Adding interface: virt_wifi0
[ 1455.406400][T24066] batman_adv: batadv0: Interface activated: virt_wifi0
[ 1458.067244][T24110] netlink: 'syz.1.6293': attribute type 1 has an invalid length.
[ 1459.298015][T24110] bond1: entered promiscuous mode
[ 1459.299843][T24110] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1459.834441][T24131] IPv6: Can't replace route, no match found
[ 1460.110791][T24141] netlink: 'syz.0.6306': attribute type 1 has an invalid length.
[ 1460.188912][T24141] bond0: entered promiscuous mode
[ 1460.189496][T24141] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1461.232459][ T6013] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[ 1461.879737][   T38] kauditd_printk_skb: 150 callbacks suppressed
[ 1461.879759][   T38] audit: type=1326 audit(2000000532.770:5429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24162 comm="syz.6.6314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1461.879812][   T38] audit: type=1326 audit(2000000532.780:5430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24162 comm="syz.6.6314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1461.879863][   T38] audit: type=1326 audit(2000000532.780:5431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24162 comm="syz.6.6314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1461.879912][   T38] audit: type=1326 audit(2000000532.780:5432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24162 comm="syz.6.6314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1461.879960][   T38] audit: type=1326 audit(2000000532.780:5433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24162 comm="syz.6.6314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1461.891833][ T6013] usb 2-1: Using ep0 maxpacket: 32
[ 1461.893986][ T6013] usb 2-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[ 1461.894059][ T6013] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1461.894090][ T6013] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[ 1461.894132][ T6013] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 8
[ 1461.894161][ T6013] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 255
[ 1461.895408][ T6013] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1461.895441][ T6013] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1461.895468][ T6013] usb 2-1: SerialNumber: syz
[ 1461.911671][T24161] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1461.931808][   T38] audit: type=1326 audit(2000000532.830:5434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24162 comm="syz.6.6314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1461.931872][   T38] audit: type=1326 audit(2000000532.830:5435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24162 comm="syz.6.6314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1461.931926][   T38] audit: type=1326 audit(2000000532.830:5436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24162 comm="syz.6.6314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1461.933892][ T6013] cdc_acm 2-1:1.0: Control and data interfaces are not separated!
[ 1461.933916][ T6013] cdc_acm 2-1:1.0: This needs exactly 3 endpoints
[ 1461.933958][ T6013] cdc_acm 2-1:1.0: probe with driver cdc_acm failed with error -22
[ 1461.945201][   T38] audit: type=1326 audit(2000000532.840:5437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24162 comm="syz.6.6314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1462.969299][T24192] netlink: 24 bytes leftover after parsing attributes in process `syz.6.6327'.
[ 1462.991672][T24192] IPVS: Error connecting to the multicast addr
[ 1463.167703][   T38] audit: type=1326 audit(2000000534.070:5438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24197 comm="syz.6.6330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1463.552153][ T5882] usb 2-1: USB disconnect, device number 38
[ 1463.657376][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1464.054252][T24215] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6336'.
[ 1465.192810][T24243] loop2: detected capacity change from 0 to 7
[ 1465.202555][T24243] Dev loop2: unable to read RDB block 7
[ 1465.202606][T24243]  loop2: unable to read partition table
[ 1465.202877][T24243] loop2: partition table beyond EOD, truncated
[ 1465.202923][T24243] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1465.778736][T24254] netlink: 'syz.6.6351': attribute type 4 has an invalid length.
[ 1465.778774][T24254] netlink: 152 bytes leftover after parsing attributes in process `syz.6.6351'.
[ 1465.919858][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1466.566072][T24262] fuse: Unknown parameter '0x0000000000000009'
[ 1467.425116][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1467.636597][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1467.754878][T24272] 9pnet_fd: Insufficient options for proto=fd
[ 1467.967918][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1468.548262][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1468.866356][T24291] netlink: 4 bytes leftover after parsing attributes in process `syz.5.6365'.
[ 1469.656386][T24291] netlink: 'syz.5.6365': attribute type 4 has an invalid length.
[ 1469.656413][T24291] netlink: 152 bytes leftover after parsing attributes in process `syz.5.6365'.
[ 1470.000450][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1470.091888][   T38] kauditd_printk_skb: 14 callbacks suppressed
[ 1470.091908][   T38] audit: type=1326 audit(2000000540.990:5453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24287 comm="syz.3.6363" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f001ef2eec9 code=0x0
[ 1470.220668][T24301] netlink: 'syz.5.6368': attribute type 10 has an invalid length.
[ 1470.220692][T24301] netlink: 40 bytes leftover after parsing attributes in process `syz.5.6368'.
[ 1470.242988][T24301] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[ 1470.361271][T24305] netlink: 1624 bytes leftover after parsing attributes in process `syz.1.6369'.
[ 1470.630854][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1470.839630][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1471.225187][T24320] lo speed is unknown, defaulting to 1000
[ 1471.230203][T24320] lo speed is unknown, defaulting to 1000
[ 1471.455987][T24320] lo speed is unknown, defaulting to 1000
[ 1471.459936][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1471.474555][T24320] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[ 1471.656752][T24320] lo speed is unknown, defaulting to 1000
[ 1471.840470][T24320] lo speed is unknown, defaulting to 1000
[ 1471.880265][T24320] lo speed is unknown, defaulting to 1000
[ 1471.883301][T24320] lo speed is unknown, defaulting to 1000
[ 1471.886285][T24320] lo speed is unknown, defaulting to 1000
[ 1471.889278][T24320] lo speed is unknown, defaulting to 1000
[ 1471.892286][T24320] lo speed is unknown, defaulting to 1000
[ 1471.895206][T24320] lo speed is unknown, defaulting to 1000
[ 1474.322506][T24350] lo speed is unknown, defaulting to 1000
[ 1474.503257][T24349] batman_adv: batadv0: Interface deactivated: virt_wifi0
[ 1474.627625][T24360] netlink: 24 bytes leftover after parsing attributes in process `syz.5.6388'.
[ 1474.650024][T24360] IPVS: Unknown mcast interface: ipvlan1
[ 1475.112302][T24349] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1475.112330][T24349] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[ 1475.113794][T24349] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1475.113815][T24349] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 1475.260493][T24377] IPv6: Can't replace route, no match found
[ 1476.125742][T24371] wg2: entered promiscuous mode
[ 1476.125770][T24371] wg2: entered allmulticast mode
[ 1477.255807][T24385] netlink: 'syz.5.6397': attribute type 12 has an invalid length.
[ 1478.529202][T24396] loop2: detected capacity change from 0 to 7
[ 1478.530399][T24396] Dev loop2: unable to read RDB block 7
[ 1478.530428][T24396]  loop2: AHDI p1 p2
[ 1478.530457][T24396] loop2: partition table partially beyond EOD, truncated
[ 1478.530737][T24396] loop2: p1 start 1818582900 is beyond EOD, truncated
[ 1481.309631][T24349] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1481.309657][T24349] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[ 1481.504945][T24425] netlink: 'syz.5.6409': attribute type 12 has an invalid length.
[ 1484.227104][T24349] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1484.227132][T24349] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1486.224408][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1486.769400][T24349] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1486.769426][T24349] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[ 1486.904587][   T38] audit: type=1326 audit(2000000557.760:5454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24478 comm="syz.6.6426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1486.904652][   T38] audit: type=1326 audit(2000000557.760:5455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24478 comm="syz.6.6426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1486.904702][   T38] audit: type=1326 audit(2000000557.770:5456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24478 comm="syz.6.6426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1486.904751][   T38] audit: type=1326 audit(2000000557.770:5457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24478 comm="syz.6.6426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1486.904801][   T38] audit: type=1326 audit(2000000557.770:5458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24478 comm="syz.6.6426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1486.904850][   T38] audit: type=1326 audit(2000000557.770:5459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24478 comm="syz.6.6426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1486.904910][   T38] audit: type=1326 audit(2000000557.770:5460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24478 comm="syz.6.6426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1486.904961][   T38] audit: type=1326 audit(2000000557.770:5461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24478 comm="syz.6.6426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1486.905011][   T38] audit: type=1326 audit(2000000557.790:5462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24480 comm="syz.6.6426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f8e84af1785 code=0x7ffc0000
[ 1486.905059][   T38] audit: type=1326 audit(2000000557.790:5463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24478 comm="syz.6.6426" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8e84abeec9 code=0x7ffc0000
[ 1487.222395][T24487] 9pnet_fd: Insufficient options for proto=fd
[ 1487.297015][T24489] netlink: 12 bytes leftover after parsing attributes in process `syz.5.6430'.
[ 1488.557011][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1489.322809][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1489.547425][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1489.721816][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1489.955811][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1489.987410][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 1490.187322][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1490.455455][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1490.569771][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1490.892612][T24510] netlink: 'syz.3.6436': attribute type 10 has an invalid length.
[ 1490.892638][T24510] netlink: 40 bytes leftover after parsing attributes in process `syz.3.6436'.
[ 1490.892743][T24510] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[ 1491.607853][T17433] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1491.638363][T17433] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1491.666121][T17433] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1491.680569][T17433] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1491.709905][T17433] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1491.760804][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1491.851658][ T5117] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1491.855099][ T5117] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1491.855674][ T5117] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1491.857191][ T5117] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1491.858123][ T5117] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1492.173928][ T5117] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1492.180975][ T5117] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1492.203256][ T5117] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1492.204691][ T5117] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1492.207139][ T5117] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1492.509794][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1492.731468][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1492.962470][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1493.130172][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1493.319852][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1493.591497][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1493.891921][ T5117] Bluetooth: hci5: command tx timeout
[ 1493.928518][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1494.291928][ T5117] Bluetooth: hci0: command tx timeout
[ 1494.531380][T23829] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1494.533737][ T5861] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[ 1494.681887][ T5861] usb 4-1: Using ep0 maxpacket: 16
[ 1494.684751][ T5861] usb 4-1: config 0 has an invalid interface number: 2 but max is 0
[ 1494.684779][ T5861] usb 4-1: config 0 has no interface number 0
[ 1494.688648][ T5861] usb 4-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 0.01
[ 1494.688677][ T5861] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1494.688700][ T5861] usb 4-1: Product: syz
[ 1494.688717][ T5861] usb 4-1: Manufacturer: syz
[ 1494.688733][ T5861] usb 4-1: SerialNumber: syz
[ 1494.755996][ T5861] usb 4-1: config 0 descriptor??
[ 1494.765145][ T5861] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[ 1494.784674][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1494.838882][T24516] lo speed is unknown, defaulting to 1000
[ 1495.054527][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1495.222908][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1495.405711][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1495.689796][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1495.730511][T24521] lo speed is unknown, defaulting to 1000
[ 1495.921872][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x0100, value 0x00, error -110)
[ 1495.922342][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x0112, value 0x01, error -32)
[ 1495.922776][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x0400, value 0x00, error -32)
[ 1495.923179][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x0400, value 0x01, error -32)
[ 1495.923585][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x0420, value 0x00, error -32)
[ 1495.923997][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x0420, value 0x01, error -32)
[ 1495.924434][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x0409, value 0x0D, error -32)
[ 1495.924862][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x040A, value 0x02, error -32)
[ 1495.925292][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x0405, value 0x18, error -32)
[ 1495.925708][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x0435, value 0x08, error -32)
[ 1495.926120][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x040B, value 0x26, error -32)
[ 1495.926536][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x0437, value 0x07, error -32)
[ 1495.927051][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x042F, value 0x15, error -32)
[ 1495.927487][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x0439, value 0x2B, error -32)
[ 1495.927887][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x043A, value 0x26, error -32)
[ 1495.928309][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x0438, value 0x08, error -32)
[ 1495.929302][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x042B, value 0x1E, error -32)
[ 1495.929695][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x042C, value 0x41, error -32)
[ 1495.930115][ T5861] gspca_xirlink_cit: Failed to write a register (index 0x0100, value 0xC0, error -32)
[ 1495.931176][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1495.975890][ T5117] Bluetooth: hci5: command tx timeout
[ 1496.086448][   T38] kauditd_printk_skb: 5 callbacks suppressed
[ 1496.086469][   T38] audit: type=1326 audit(2000000566.990:5469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.0.6460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1496.087091][   T38] audit: type=1326 audit(2000000566.990:5470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.0.6460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1496.087508][   T38] audit: type=1326 audit(2000000566.990:5471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.0.6460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1496.087802][   T38] audit: type=1326 audit(2000000566.990:5472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.0.6460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1496.088481][   T38] audit: type=1326 audit(2000000566.990:5473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.0.6460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1496.089487][   T38] audit: type=1326 audit(2000000566.990:5474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.0.6460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1496.090347][   T38] audit: type=1326 audit(2000000566.990:5475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.0.6460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1496.146099][   T38] audit: type=1326 audit(2000000567.050:5476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.0.6460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe1ea435d67 code=0x7ffc0000
[ 1496.146542][   T38] audit: type=1326 audit(2000000567.050:5477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.0.6460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fe1ea3daf79 code=0x7ffc0000
[ 1496.146877][   T38] audit: type=1326 audit(2000000567.050:5478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=24576 comm="syz.0.6460" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fe1ea43eec9 code=0x7ffc0000
[ 1496.370131][T24579] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1496.372075][ T5117] Bluetooth: hci0: command tx timeout
[ 1496.399233][T24579] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1496.406205][T24579] netlink: 'syz.3.6451': attribute type 21 has an invalid length.
[ 1496.423789][ T5861] input: xirlink-cit as /devices/platform/dummy_hcd.3/usb4/4-1/input/input17
[ 1496.499357][T24579] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6451'.
[ 1496.563446][T23829] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1496.669968][T24580] sp0: Synchronizing with TNC
[ 1496.835002][T24582] wg2: left promiscuous mode
[ 1496.835026][T24582] wg2: left allmulticast mode
[ 1496.882171][T24584] wg2: entered promiscuous mode
[ 1496.882200][T24584] wg2: entered allmulticast mode
[ 1496.961009][T23829] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1497.148236][T23829] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1497.177839][T24599] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6465'.
[ 1497.836460][T24516] chnl_net:caif_netlink_parms(): no params data found
[ 1497.864069][T24521] chnl_net:caif_netlink_parms(): no params data found
[ 1498.052237][ T5117] Bluetooth: hci5: command tx timeout
[ 1498.431588][T24632] netlink: 12 bytes leftover after parsing attributes in process `syz.6.6474'.
[ 1498.451914][ T5117] Bluetooth: hci0: command tx timeout
[ 1498.958700][ T5899] usb 4-1: USB disconnect, device number 63
[ 1500.146330][ T5117] Bluetooth: hci5: command tx timeout
[ 1500.531881][T17433] Bluetooth: hci0: command tx timeout
[ 1501.682790][T23829] .` (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1501.742790][T23829] .` (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1501.804666][T23829] .` (unregistering): (slave dummy0): Releasing backup interface
[ 1501.826684][T23829] .` (unregistering): Released all slaves
[ 1502.725374][T23829] bond0 (unregistering): Released all slaves
[ 1503.615297][T23829] bond1 (unregistering): Released all slaves
[ 1504.242558][T23829] tipc: Left network mode
[ 1506.151848][T24516] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1506.152002][T24516] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1506.152250][T24516] bridge_slave_0: entered allmulticast mode
[ 1506.155170][T24516] bridge_slave_0: entered promiscuous mode
[ 1506.288216][T24687] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6486'.
[ 1506.413829][T24521] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1506.413991][T24521] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1506.414261][T24521] bridge_slave_0: entered allmulticast mode
[ 1506.418671][T24521] bridge_slave_0: entered promiscuous mode
[ 1506.432085][T24516] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1506.432252][T24516] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1506.432537][T24516] bridge_slave_1: entered allmulticast mode
[ 1506.436159][T24516] bridge_slave_1: entered promiscuous mode
[ 1506.535977][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1506.558029][T24521] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1506.558182][T24521] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1506.558451][T24521] bridge_slave_1: entered allmulticast mode
[ 1506.598999][T24521] bridge_slave_1: entered promiscuous mode
[ 1507.658835][T24516] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1507.687293][T24521] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1507.697296][T24516] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1507.860785][T24521] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1508.147842][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1508.160884][T24708] syzkaller0: entered promiscuous mode
[ 1508.160904][T24708] syzkaller0: entered allmulticast mode
[ 1508.334981][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1508.521387][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1508.709518][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1508.964924][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1509.686316][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1509.891045][T24516] team0: Port device team_slave_0 added
[ 1509.930424][T24521] team0: Port device team_slave_0 added
[ 1509.950210][T24516] team0: Port device team_slave_1 added
[ 1509.970936][T24521] team0: Port device team_slave_1 added
[ 1510.674192][T24516] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1510.674206][T24516] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1510.674226][T24516] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1510.753546][T24521] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1510.753565][T24521] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1510.753595][T24521] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1510.754963][T24516] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1510.754974][T24516] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1510.754996][T24516] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1510.999868][T24521] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1510.999882][T24521] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1510.999902][T24521] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1511.275581][T24749] netlink: 'syz.3.6504': attribute type 4 has an invalid length.
[ 1511.275606][T24749] netlink: 152 bytes leftover after parsing attributes in process `syz.3.6504'.
[ 1511.302057][T24694] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[ 1511.302084][T24694] Bluetooth: hci5: Error when powering off device on rfkill (-4)
[ 1511.473823][T24694] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1511.473849][T24694] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[ 1511.608545][T24516] hsr_slave_0: entered promiscuous mode
[ 1511.612400][T24516] hsr_slave_1: entered promiscuous mode
[ 1511.615482][T24516] debugfs: 'hsr0' already exists in 'hsr'
[ 1511.615515][T24516] Cannot create hsr debugfs directory
[ 1511.950200][T24521] hsr_slave_0: entered promiscuous mode
[ 1511.957945][T24521] hsr_slave_1: entered promiscuous mode
[ 1511.959169][T24521] debugfs: 'hsr0' already exists in 'hsr'
[ 1511.959195][T24521] Cannot create hsr debugfs directory
[ 1512.981592][T24786] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1512.981625][T24786] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1513.018609][T24786] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1513.018632][T24786] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1514.014167][T24797] wg2: entered promiscuous mode
[ 1514.014188][T24797] wg2: entered allmulticast mode
[ 1514.140923][T24799] loop2: detected capacity change from 0 to 7
[ 1514.147430][T24799] Dev loop2: unable to read RDB block 7
[ 1514.147481][T24799]  loop2: AHDI p1 p2 p3
[ 1514.147516][T24799] loop2: partition table partially beyond EOD, truncated
[ 1514.147910][T24799] loop2: p1 start 1818582900 is beyond EOD, truncated
[ 1514.147935][T24799] loop2: p3 start 335544320 is beyond EOD, truncated
[ 1514.468257][T24807] tmpfs: Bad value for 'nr_inodes'
[ 1514.631091][T24516] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1514.853950][T24812] wg2: entered promiscuous mode
[ 1514.853975][T24812] wg2: entered allmulticast mode
[ 1514.919555][T24814] netlink: 'syz.3.6523': attribute type 1 has an invalid length.
[ 1515.028746][T24516] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1515.464050][T24814] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1515.771234][T24516] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1515.952330][T24836] wg2: left promiscuous mode
[ 1515.952351][T24836] wg2: left allmulticast mode
[ 1516.012659][T24839] wg2: entered promiscuous mode
[ 1516.012687][T24839] wg2: entered allmulticast mode
[ 1516.187968][T24516] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1516.657024][T24516] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1516.942125][T24516] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1517.001810][T24516] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1517.090728][T24516] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1517.306036][T24521] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1517.308765][T24878] netlink: 'syz.0.6534': attribute type 1 has an invalid length.
[ 1517.385447][T24878] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1517.388832][T24521] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1517.440447][T24521] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1517.469965][T24521] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1517.846663][T24516] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1517.910048][T24516] 8021q: adding VLAN 0 to HW filter on device team0
[ 1517.936791][T24521] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1517.955531][ T9036] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1517.957275][ T9036] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1517.998171][ T6441] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1517.998338][ T6441] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1518.028982][T24521] 8021q: adding VLAN 0 to HW filter on device team0
[ 1518.069823][T11304] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1518.070062][T11304] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1518.101475][ T1145] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1518.110390][ T1145] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1518.480843][T24516] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1518.560360][T24521] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1518.885204][T24516] veth0_vlan: entered promiscuous mode
[ 1518.897152][T24516] veth1_vlan: entered promiscuous mode
[ 1518.959913][T24516] veth0_macvtap: entered promiscuous mode
[ 1518.983302][T24516] veth1_macvtap: entered promiscuous mode
[ 1519.025317][T24516] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1519.042218][T24521] veth0_vlan: entered promiscuous mode
[ 1519.047654][T24516] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1519.069390][ T6441] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1519.070177][ T6441] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1519.081036][T24521] veth1_vlan: entered promiscuous mode
[ 1519.090970][ T6441] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1519.112477][T11304] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1519.325792][T24521] veth0_macvtap: entered promiscuous mode
[ 1519.359117][T24521] veth1_macvtap: entered promiscuous mode
[ 1519.423933][T24521] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1519.437526][T24521] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1519.455429][T11309] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1519.455483][T11309] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1519.455524][T11309] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1519.455566][T11309] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1551.339464][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 1612.779122][ T1323] ieee802154 phy0 wpan0: encryption failed: -22
[ 1670.385214][   T39] INFO: task kworker/1:0:31 blocked for more than 143 seconds.
[ 1670.385245][   T39]       Not tainted syzkaller #0
[ 1670.385257][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disabl[ 1670.385257][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1670.385268][   T39] task:kworker/1:0     state:D stack:19992 pid:31    tgid:31    ppid:2      task_flags:0x4208060 flags:0x00080000
[ 1670.385330][   T39] Workqueue: events rfkill_global_led_trigger_worker
[ 1670.385366][   T39] Call Trace:
[ 1670.385375][   T39]  <TASK>
[ 1670.385392][   T39]  __schedule+0x16f3/0x4c20
[ 1670.385433][   T39]  ? wg_packet_decrypt_worker+0xcd/0xce0
[ 1670.385475][   T39]  ? __pfx___schedule+0x10/0x10
[ 1670.385518][   T39]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1670.385548][   T39]  rt_mutex_schedule+0x77/0xf0
[ 1670.385571][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 1670.385604][   T39]  ? task_blocks_on_rt_mutex+0xf12/0x1380
[ 1670.385657][   T39]  rt_mutex_slowlock+0x2b1/0x6e0
[ 1670.385693][   T39]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 1670.385728][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1670.385773][   T39]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[ 1670.385819][   T39]  ? rfkill_global_led_trigger_worker+0x27/0xd0
[ 1670.385856][   T39]  mutex_lock_nested+0x16a/0x1d0
[ 1670.385888][   T39]  ? process_scheduled_works+0x9ef/0x17b0
[ 1670.385918][   T39]  rfkill_global_led_trigger_worker+0x27/0xd0
[ 1670.385947][   T39]  ? process_scheduled_works+0x9ef/0x17b0
[ 1670.385976][   T39]  process_scheduled_works+0xade/0x17b0
[ 1670.386038][   T39]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1670.386085][   T39]  worker_thread+0x8a0/0xda0
[ 1670.386144][   T39]  kthread+0x711/0x8a0
[ 1670.386182][   T39]  ? __pfx_worker_thread+0x10/0x10
[ 1670.386210][   T39]  ? __pfx_kthread+0x10/0x10
[ 1670.386240][   T39]  ? rt_spin_unlock+0x150/0x200
[ 1670.386279][   T39]  ? rt_spin_unlock+0x161/0x200
[ 1670.386309][   T39]  ? __pfx_kthread+0x10/0x10
[ 1670.386343][   T39]  ret_from_fork+0x4b9/0x870
[ 1670.386374][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[ 1670.386410][   T39]  ? __switch_to_asm+0x39/0x70
[ 1670.386439][   T39]  ? __switch_to_asm+0x33/0x70
[ 1670.386663][   T39]  ? __pfx_kthread+0x10/0x10
[ 1670.386701][   T39]  ret_from_fork_asm+0x1a/0x30
[ 1670.386753][   T39]  </TASK>
[ 1670.386892][   T39] INFO: task kworker/1:6:6013 blocked for more than 143 seconds.
[ 1670.386909][   T39]       Not tainted syzkaller #0
[ 1670.386921][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1670.386931][   T39] task:kworker/1:6     state:D stack:19312 pid:6013  tgid:6013  ppid:2      task_flags:0x4208060 flags:0x00080000
[ 1670.386988][   T39] Workqueue: events rfkill_sync_work
[ 1670.387014][   T39] Call Trace:
[ 1670.387022][   T39]  <TASK>
[ 1670.387036][   T39]  __schedule+0x16f3/0x4c20
[ 1670.387069][   T39]  ? sched_clock+0x3f/0x60
[ 1670.387094][   T39]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1670.387134][   T39]  ? __pfx___schedule+0x10/0x10
[ 1670.387184][   T39]  rt_mutex_schedule+0x77/0xf0
[ 1670.387207][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 1670.387255][   T39]  ? rt_mutex_slowlock_block+0x351/0x6d0
[ 1670.387293][   T39]  rt_mutex_slowlock+0x2b1/0x6e0
[ 1670.387330][   T39]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 1670.387364][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1670.387428][   T39]  ? nfc_rfkill_set_block+0x50/0x2e0
[ 1670.387457][   T39]  mutex_lock_nested+0x16a/0x1d0
[ 1670.387499][   T39]  ? rt_spin_unlock+0x150/0x200
[ 1670.387531][   T39]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 1670.387562][   T39]  nfc_rfkill_set_block+0x50/0x2e0
[ 1670.387590][   T39]  ? __pfx_nfc_rfkill_set_block+0x10/0x10
[ 1670.387621][   T39]  rfkill_set_block+0x1e2/0x450
[ 1670.387651][   T39]  rfkill_sync_work+0x114/0x200
[ 1670.387676][   T39]  ? process_scheduled_works+0x9ef/0x17b0
[ 1670.387705][   T39]  process_scheduled_works+0xade/0x17b0
[ 1670.387765][   T39]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1670.387812][   T39]  worker_thread+0x8a0/0xda0
[ 1670.387848][   T39]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1670.387883][   T39]  ? __kthread_parkme+0x7b/0x200
[ 1670.387923][   T39]  kthread+0x711/0x8a0
[ 1670.387959][   T39]  ? __pfx_worker_thread+0x10/0x10
[ 1670.387986][   T39]  ? __pfx_kthread+0x10/0x10
[ 1670.388016][   T39]  ? rt_spin_unlock+0x150/0x200
[ 1670.388072][   T39]  ? rt_spin_unlock+0x161/0x200
[ 1670.388103][   T39]  ? __pfx_kthread+0x10/0x10
[ 1670.388137][   T39]  ret_from_fork+0x4b9/0x870
[ 1670.388168][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[ 1670.388205][   T39]  ? __switch_to_asm+0x39/0x70
[ 1670.388234][   T39]  ? __switch_to_asm+0x33/0x70
[ 1670.388263][   T39]  ? __pfx_kthread+0x10/0x10
[ 1670.388298][   T39]  ret_from_fork_asm+0x1a/0x30
[ 1670.388349][   T39]  </TASK>
[ 1670.388406][   T39] INFO: task kworker/u8:13:23829 blocked for more than 143 seconds.
[ 1670.388422][   T39]       Not tainted syzkaller #0
[ 1670.388445][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1670.388456][   T39] task:kworker/u8:13   state:D stack:20392 pid:23829 tgid:23829 ppid:2      task_flags:0x4208060 flags:0x00080000
[ 1670.388511][   T39] Workqueue: netns cleanup_net
[ 1670.388533][   T39] Call Trace:
[ 1670.388541][   T39]  <TASK>
[ 1670.388554][   T39]  __schedule+0x16f3/0x4c20
[ 1670.388591][   T39]  ? __lock_acquire+0xab9/0xd20
[ 1670.388632][   T39]  ? __pfx___schedule+0x10/0x10
[ 1670.388675][   T39]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1670.388703][   T39]  rt_mutex_schedule+0x77/0xf0
[ 1670.388724][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 1670.388756][   T39]  ? task_blocks_on_rt_mutex+0xf04/0x1380
[ 1670.388804][   T39]  rt_mutex_slowlock+0x2b1/0x6e0
[ 1670.388843][   T39]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 1670.388876][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1670.388937][   T39]  ? rfkill_unregister+0xd1/0x230
[ 1670.388963][   T39]  mutex_lock_nested+0x16a/0x1d0
[ 1670.389001][   T39]  rfkill_unregister+0xd1/0x230
[ 1670.389031][   T39]  wiphy_unregister+0x238/0xae0
[ 1670.389059][   T39]  ? __pfx_wiphy_unregister+0x10/0x10
[ 1670.389083][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1670.389112][   T39]  ? ieee80211_unregister_hw+0x144/0x2c0
[ 1670.389142][   T39]  ? kfree+0x197/0x950
[ 1670.389164][   T39]  ? ieee80211_unregister_hw+0x144/0x2c0
[ 1670.389207][   T39]  ieee80211_unregister_hw+0x1e2/0x2c0
[ 1670.389242][   T39]  mac80211_hwsim_del_radio+0x275/0x460
[ 1670.389275][   T39]  ? __pfx_mac80211_hwsim_del_radio+0x10/0x10
[ 1670.389302][   T39]  ? rt_spin_unlock+0x150/0x200
[ 1670.389337][   T39]  ? rt_spin_unlock+0x161/0x200
[ 1670.389390][   T39]  hwsim_exit_net+0xf18/0xfd0
[ 1670.389418][   T39]  ? hwsim_exit_net+0xcb/0xfd0
[ 1670.389449][   T39]  ? __pfx_hwsim_exit_net+0x10/0x10
[ 1670.389482][   T39]  ? __ip_vs_dev_cleanup_batch+0x238/0x260
[ 1670.389510][   T39]  ops_undo_list+0x49a/0x990
[ 1670.389541][   T39]  ? __pfx_ops_undo_list+0x10/0x10
[ 1670.389563][   T39]  ? rt_spin_unlock+0x150/0x200
[ 1670.389601][   T39]  ? rt_spin_unlock+0x161/0x200
[ 1670.389634][   T39]  cleanup_net+0x4de/0x820
[ 1670.389660][   T39]  ? __pfx_cleanup_net+0x10/0x10
[ 1670.389686][   T39]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1670.389710][   T39]  ? process_scheduled_works+0x9ef/0x17b0
[ 1670.389737][   T39]  ? process_scheduled_works+0x9ef/0x17b0
[ 1670.389766][   T39]  process_scheduled_works+0xade/0x17b0
[ 1670.389827][   T39]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1670.389880][   T39]  worker_thread+0x8a0/0xda0
[ 1670.389912][   T39]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1670.389948][   T39]  ? __kthread_parkme+0x7b/0x200
[ 1670.389989][   T39]  kthread+0x711/0x8a0
[ 1670.390026][   T39]  ? __pfx_worker_thread+0x10/0x10
[ 1670.390055][   T39]  ? __pfx_kthread+0x10/0x10
[ 1670.390097][   T39]  ? rt_spin_unlock+0x150/0x200
[ 1670.390135][   T39]  ? rt_spin_unlock+0x161/0x200
[ 1670.390165][   T39]  ? __pfx_kthread+0x10/0x10
[ 1670.390199][   T39]  ret_from_fork+0x4b9/0x870
[ 1670.390229][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[ 1670.390262][   T39]  ? __switch_to_asm+0x39/0x70
[ 1670.390288][   T39]  ? __switch_to_asm+0x33/0x70
[ 1670.390315][   T39]  ? __pfx_kthread+0x10/0x10
[ 1670.390348][   T39]  ret_from_fork_asm+0x1a/0x30
[ 1670.390397][   T39]  </TASK>
[ 1670.390407][   T39] INFO: task syz-executor:24516 blocked for more than 143 seconds.
[ 1670.390423][   T39]       Not tainted syzkaller #0
[ 1670.390434][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1670.390445][   T39] task:syz-executor    state:D stack:20392 pid:24516 tgid:24516 ppid:1      task_flags:0x400140 flags:0x00080002
[ 1670.390498][   T39] Call Trace:
[ 1670.390506][   T39]  <TASK>
[ 1670.390520][   T39]  __schedule+0x16f3/0x4c20
[ 1670.390555][   T39]  ? __lock_acquire+0xab9/0xd20
[ 1670.390641][   T39]  ? __pfx___schedule+0x10/0x10
[ 1670.390686][   T39]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1670.390722][   T39]  rt_mutex_schedule+0x77/0xf0
[ 1670.390744][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 1670.390777][   T39]  ? task_blocks_on_rt_mutex+0xf04/0x1380
[ 1670.390827][   T39]  rt_mutex_slowlock+0x2b1/0x6e0
[ 1670.390868][   T39]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 1670.390901][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1670.390930][   T39]  ? __lock_acquire+0xab9/0xd20
[ 1670.390971][   T39]  ? misc_open+0x51/0x350
[ 1670.391001][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1670.391187][   T39]  ? misc_open+0x51/0x350
[ 1670.391206][   T39]  mutex_lock_nested+0x16a/0x1d0
[ 1670.391228][   T39]  ? rt_spin_unlock+0x150/0x200
[ 1670.391254][   T39]  misc_open+0x51/0x350
[ 1670.391275][   T39]  chrdev_open+0x4cc/0x5e0
[ 1670.391300][   T39]  ? __pfx_chrdev_open+0x10/0x10
[ 1670.391324][   T39]  ? fsnotify_open_perm_and_set_mode+0x116/0x620
[ 1670.391351][   T39]  ? __pfx_chrdev_open+0x10/0x10
[ 1670.391373][   T39]  do_dentry_open+0x9ae/0x1350
[ 1670.391407][   T39]  vfs_open+0x3b/0x350
[ 1670.391429][   T39]  ? path_openat+0x2ed9/0x3840
[ 1670.391449][   T39]  path_openat+0x2ef1/0x3840
[ 1670.391472][   T39]  ? try_to_take_rt_mutex+0x840/0xb00
[ 1670.391517][   T39]  ? __pfx_path_openat+0x10/0x10
[ 1670.391534][   T39]  ? do_raw_spin_lock+0x121/0x290
[ 1670.391561][   T39]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1670.391579][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1670.391601][   T39]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1670.391625][   T39]  do_filp_open+0x1fa/0x410
[ 1670.391644][   T39]  ? __pfx_do_filp_open+0x10/0x10
[ 1670.391845][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1670.391903][   T39]  ? alloc_fd+0x64f/0x6c0
[ 1670.391951][   T39]  do_sys_openat2+0x121/0x1c0
[ 1670.391975][   T39]  ? kmem_cache_free+0x732/0x910
[ 1670.392008][   T39]  ? fput_close_sync+0x119/0x200
[ 1670.392034][   T39]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1670.392057][   T39]  ? fput_close_sync+0x119/0x200
[ 1670.392079][   T39]  ? dnotify_flush+0x1e8/0x5c0
[ 1670.392104][   T39]  ? __pfx_fput_close_sync+0x10/0x10
[ 1670.392136][   T39]  __x64_sys_openat+0x138/0x170
[ 1670.392169][   T39]  do_syscall_64+0xfa/0xfa0
[ 1670.392199][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1670.392224][   T39]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1670.392250][   T39]  ? clear_bhb_loop+0x60/0xb0
[ 1670.392281][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1670.392307][   T39] RIP: 0033:0x7f24d85dd710
[ 1670.392329][   T39] RSP: 002b:00007ffecb023ae0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1670.392355][   T39] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f24d85dd710
[ 1670.392374][   T39] RDX: 0000000000000002 RSI: 00007f24d8662a45 RDI: 00000000ffffff9c
[ 1670.392392][   T39] RBP: 00007f24d8662a45 R08: 0000000000000000 R09: 0000000000000000
[ 1670.392409][   T39] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000008
[ 1670.392425][   T39] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[ 1670.392849][   T39]  </TASK>
[ 1670.392865][   T39] INFO: task syz-executor:24521 blocked for more than 143 seconds.
[ 1670.392883][   T39]       Not tainted syzkaller #0
[ 1670.392895][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1670.392907][   T39] task:syz-executor    state:D stack:21240 pid:24521 tgid:24521 ppid:1      task_flags:0x400140 flags:0x00080002
[ 1670.392972][   T39] Call Trace:
[ 1670.392981][   T39]  <TASK>
[ 1670.392997][   T39]  __schedule+0x16f3/0x4c20
[ 1670.393041][   T39]  ? __lock_acquire+0xab9/0xd20
[ 1670.393089][   T39]  ? __pfx___schedule+0x10/0x10
[ 1670.393137][   T39]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1670.393170][   T39]  rt_mutex_schedule+0x77/0xf0
[ 1670.393195][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 1670.393231][   T39]  ? task_blocks_on_rt_mutex+0xf04/0x1380
[ 1670.393289][   T39]  rt_mutex_slowlock+0x2b1/0x6e0
[ 1670.393330][   T39]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 1670.393368][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1670.393414][   T39]  ? __lock_acquire+0xab9/0xd20
[ 1670.393480][   T39]  ? misc_open+0x51/0x350
[ 1670.393514][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1670.393561][   T39]  ? misc_open+0x51/0x350
[ 1670.393586][   T39]  mutex_lock_nested+0x16a/0x1d0
[ 1670.393620][   T39]  ? rt_spin_unlock+0x150/0x200
[ 1670.393660][   T39]  misc_open+0x51/0x350
[ 1670.393694][   T39]  chrdev_open+0x4cc/0x5e0
[ 1670.393732][   T39]  ? __pfx_chrdev_open+0x10/0x10
[ 1670.393770][   T39]  ? fsnotify_open_perm_and_set_mode+0x116/0x620
[ 1670.393813][   T39]  ? __pfx_chrdev_open+0x10/0x10
[ 1670.393853][   T39]  do_dentry_open+0x9ae/0x1350
[ 1670.393908][   T39]  vfs_open+0x3b/0x350
[ 1670.393942][   T39]  ? path_openat+0x2ed9/0x3840
[ 1670.393974][   T39]  path_openat+0x2ef1/0x3840
[ 1670.394010][   T39]  ? try_to_take_rt_mutex+0x840/0xb00
[ 1670.394082][   T39]  ? __pfx_path_openat+0x10/0x10
[ 1670.394111][   T39]  ? do_raw_spin_lock+0x121/0x290
[ 1670.394154][   T39]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1670.394183][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1670.394212][   T39]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1670.394252][   T39]  do_filp_open+0x1fa/0x410
[ 1670.394282][   T39]  ? __pfx_do_filp_open+0x10/0x10
[ 1670.394307][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1670.394375][   T39]  ? alloc_fd+0x64f/0x6c0
[ 1670.394422][   T39]  do_sys_openat2+0x121/0x1c0
[ 1670.394445][   T39]  ? kmem_cache_free+0x732/0x910
[ 1670.394475][   T39]  ? fput_close_sync+0x119/0x200
[ 1670.394502][   T39]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1670.394528][   T39]  ? fput_close_sync+0x119/0x200
[ 1670.394554][   T39]  ? dnotify_flush+0x1e8/0x5c0
[ 1670.394579][   T39]  ? __pfx_fput_close_sync+0x10/0x10
[ 1670.394611][   T39]  __x64_sys_openat+0x138/0x170
[ 1670.394642][   T39]  do_syscall_64+0xfa/0xfa0
[ 1670.394668][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1670.394695][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1670.394721][   T39]  ? clear_bhb_loop+0x60/0xb0
[ 1670.394753][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1670.394780][   T39] RIP: 0033:0x7f17317dd710
[ 1670.394801][   T39] RSP: 002b:00007ffc59458b30 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[ 1670.394828][   T39] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f17317dd710
[ 1670.394854][   T39] RDX: 0000000000000002 RSI: 00007f1731862a45 RDI: 00000000ffffff9c
[ 1670.394870][   T39] RBP: 00007f1731862a45 R08: 0000000000000000 R09: 0000000000000000
[ 1670.394887][   T39] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000008
[ 1670.394903][   T39] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[ 1670.394941][   T39]  </TASK>
[ 1670.394959][   T39] INFO: task syz.6.6508:24773 blocked for more than 143 seconds.
[ 1670.394977][   T39]       Not tainted syzkaller #0
[ 1670.394991][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1670.395002][   T39] task:syz.6.6508      state:D stack:25472 pid:24773 tgid:24772 ppid:16087  task_flags:0x400140 flags:0x00080002
[ 1670.395073][   T39] Call Trace:
[ 1670.395082][   T39]  <TASK>
[ 1670.395096][   T39]  __schedule+0x16f3/0x4c20
[ 1670.395136][   T39]  ? validate_chain+0x897/0x2140
[ 1670.395175][   T39]  ? try_to_take_rt_mutex+0x840/0xb00
[ 1670.395233][   T39]  ? __lock_acquire+0xab9/0xd20
[ 1670.395266][   T39]  ? __pfx___schedule+0x10/0x10
[ 1670.395330][   T39]  ? schedule+0x91/0x360
[ 1670.395359][   T39]  schedule+0x165/0x360
[ 1670.395387][   T39]  schedule_timeout+0x9a/0x270
[ 1670.395413][   T39]  ? __pfx_schedule_timeout+0x10/0x10
[ 1670.395455][   T39]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1670.395494][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1670.395517][   T39]  ? wait_for_completion+0x267/0x5d0
[ 1670.395547][   T39]  wait_for_completion+0x2bf/0x5d0
[ 1670.395588][   T39]  ? __pfx_wait_for_completion+0x10/0x10
[ 1670.395623][   T39]  ? __flush_work+0xce/0xd20
[ 1670.395658][   T39]  ? __flush_work+0xce/0xd20
[ 1670.395692][   T39]  __flush_work+0x9c1/0xd20
[ 1670.395729][   T39]  ? __flush_work+0xce/0xd20
[ 1670.395766][   T39]  ? __pfx___flush_work+0x10/0x10
[ 1670.395800][   T39]  ? __pfx_wq_barrier_func+0x10/0x10
[ 1670.395854][   T39]  ? __pfx___cancel_work+0x10/0x10
[ 1670.395907][   T39]  ? nfc_genl_device_removed+0x23c/0x330
[ 1670.395952][   T39]  __cancel_work_sync+0xbe/0x110
[ 1670.395990][   T39]  rfkill_unregister+0x95/0x230
[ 1670.396026][   T39]  nfc_unregister_device+0x96/0x2a0
[ 1670.396060][   T39]  ? __pfx_virtual_ncidev_close+0x10/0x10
[ 1670.396089][   T39]  virtual_ncidev_close+0x59/0x90
[ 1670.396116][   T39]  __fput+0x45b/0xa80
[ 1670.396158][   T39]  task_work_run+0x1d4/0x260
[ 1670.396188][   T39]  ? __pfx_task_work_run+0x10/0x10
[ 1670.396219][   T39]  ? exit_to_user_mode_loop+0x40/0x130
[ 1670.396259][   T39]  exit_to_user_mode_loop+0xe9/0x130
[ 1670.396293][   T39]  do_syscall_64+0x2bd/0xfa0
[ 1670.396320][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1670.396349][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1670.396373][   T39]  ? clear_bhb_loop+0x60/0xb0
[ 1670.396405][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1670.396431][   T39] RIP: 0033:0x7f8e84abeec9
[ 1670.396451][   T39] RSP: 002b:00007f8e82d26038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1670.396476][   T39] RAX: ffffffffffffffea RBX: 00007f8e84d15fa0 RCX: 00007f8e84abeec9
[ 1670.396496][   T39] RDX: 0000000000005400 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1670.396514][   T39] RBP: 00007f8e84b41f91 R08: 0000000000000000 R09: 0000000000000000
[ 1670.396530][   T39] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1670.396546][   T39] R13: 00007f8e84d16038 R14: 00007f8e84d15fa0 R15: 00007ffc89929eb8
[ 1670.396588][   T39]  </TASK>
[ 1670.396601][   T39] INFO: task syz.3.6531:24849 blocked for more than 143 seconds.
[ 1670.396618][   T39]       Not tainted syzkaller #0
[ 1670.396631][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1670.396642][   T39] task:syz.3.6531      state:D stack:26248 pid:24849 tgid:24848 ppid:18067  task_flags:0x400140 flags:0x00080003
[ 1670.396713][   T39] Call Trace:
[ 1670.396721][   T39]  <TASK>
[ 1670.396743][   T39]  __schedule+0x16f3/0x4c20
[ 1670.396773][   T39]  ? preempt_schedule_common+0x83/0xd0
[ 1670.396808][   T39]  ? __lock_acquire+0xab9/0xd20
[ 1670.396862][   T39]  ? __pfx___schedule+0x10/0x10
[ 1670.396911][   T39]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1670.396944][   T39]  rt_mutex_schedule+0x77/0xf0
[ 1670.396967][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 1670.397003][   T39]  ? task_blocks_on_rt_mutex+0xf04/0x1380
[ 1670.397063][   T39]  rt_mutex_slowlock+0x2b1/0x6e0
[ 1670.397102][   T39]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 1670.397139][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1670.397208][   T39]  ? rfkill_fop_open+0x138/0x820
[ 1670.397237][   T39]  mutex_lock_nested+0x16a/0x1d0
[ 1670.397271][   T39]  ? __init_waitqueue_head+0xae/0x160
[ 1670.397308][   T39]  rfkill_fop_open+0x138/0x820
[ 1670.397347][   T39]  ? mutex_lock_nested+0x154/0x1d0
[ 1670.397381][   T39]  ? misc_open+0x51/0x350
[ 1670.397411][   T39]  ? __pfx_rfkill_fop_open+0x10/0x10
[ 1670.397443][   T39]  misc_open+0x2db/0x350
[ 1670.397475][   T39]  chrdev_open+0x4cc/0x5e0
[ 1670.397515][   T39]  ? __pfx_chrdev_open+0x10/0x10
[ 1670.397554][   T39]  ? fsnotify_open_perm_and_set_mode+0x116/0x620
[ 1670.397596][   T39]  ? __pfx_chrdev_open+0x10/0x10
[ 1670.397630][   T39]  do_dentry_open+0x9ae/0x1350
[ 1670.397683][   T39]  vfs_open+0x3b/0x350
[ 1670.397716][   T39]  ? path_openat+0x2ed9/0x3840
[ 1670.397748][   T39]  path_openat+0x2ef1/0x3840
[ 1670.397784][   T39]  ? try_to_take_rt_mutex+0x840/0xb00
[ 1670.397861][   T39]  ? __pfx_path_openat+0x10/0x10
[ 1670.397890][   T39]  ? do_raw_spin_lock+0x121/0x290
[ 1670.397933][   T39]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1670.397961][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1670.397992][   T39]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1670.398029][   T39]  do_filp_open+0x1fa/0x410
[ 1670.398059][   T39]  ? __pfx_do_filp_open+0x10/0x10
[ 1670.398085][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1670.398152][   T39]  ? alloc_fd+0x64f/0x6c0
[ 1670.398200][   T39]  do_sys_openat2+0x121/0x1c0
[ 1670.398228][   T39]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1670.398260][   T39]  ? __pfx___se_sys_futex+0x10/0x10
[ 1670.398301][   T39]  __x64_sys_openat+0x138/0x170
[ 1670.398332][   T39]  do_syscall_64+0xfa/0xfa0
[ 1670.398358][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1670.398385][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1670.398410][   T39]  ? clear_bhb_loop+0x60/0xb0
[ 1670.398441][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1670.398466][   T39] RIP: 0033:0x7f001ef2eec9
[ 1670.398486][   T39] RSP: 002b:00007f001d18e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1670.398510][   T39] RAX: ffffffffffffffda RBX: 00007f001f185fa0 RCX: 00007f001ef2eec9
[ 1670.398530][   T39] RDX: 0000000000002642 RSI: 00002000000000c0 RDI: ffffffffffffff9c
[ 1670.398548][   T39] RBP: 00007f001efb1f91 R08: 0000000000000000 R09: 0000000000000000
[ 1670.398564][   T39] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1670.398579][   T39] R13: 00007f001f186038 R14: 00007f001f185fa0 R15: 00007ffe375a00d8
[ 1670.398622][   T39]  </TASK>
[ 1670.398638][   T39] INFO: task syz.0.6535:24884 blocked for more than 143 seconds.
[ 1670.398655][   T39]       Not tainted syzkaller #0
[ 1670.398669][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1670.398680][   T39] task:syz.0.6535      state:D stack:28008 pid:24884 tgid:24883 ppid:21172  task_flags:0x400040 flags:0x00080002
[ 1670.398751][   T39] Call Trace:
[ 1670.398761][   T39]  <TASK>
[ 1670.398775][   T39]  __schedule+0x16f3/0x4c20
[ 1670.398817][   T39]  ? __lock_acquire+0xab9/0xd20
[ 1670.398881][   T39]  ? __pfx___schedule+0x10/0x10
[ 1670.398940][   T39]  rt_mutex_schedule+0x77/0xf0
[ 1670.398964][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 1670.399017][   T39]  ? rt_mutex_slowlock_block+0x351/0x6d0
[ 1670.399058][   T39]  rt_mutex_slowlock+0x2b1/0x6e0
[ 1670.399098][   T39]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 1670.399136][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1670.399170][   T39]  ? __lock_acquire+0xab9/0xd20
[ 1670.399217][   T39]  ? misc_open+0x51/0x350
[ 1670.399248][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1670.399295][   T39]  ? misc_open+0x51/0x350
[ 1670.399321][   T39]  mutex_lock_nested+0x16a/0x1d0
[ 1670.399355][   T39]  ? rt_spin_unlock+0x150/0x200
[ 1670.399397][   T39]  misc_open+0x51/0x350
[ 1670.399427][   T39]  chrdev_open+0x4cc/0x5e0
[ 1670.399465][   T39]  ? __pfx_chrdev_open+0x10/0x10
[ 1670.399505][   T39]  ? fsnotify_open_perm_and_set_mode+0x116/0x620
[ 1670.399548][   T39]  ? __pfx_chrdev_open+0x10/0x10
[ 1670.399581][   T39]  do_dentry_open+0x9ae/0x1350
[ 1670.399635][   T39]  vfs_open+0x3b/0x350
[ 1670.399668][   T39]  ? path_openat+0x2ed9/0x3840
[ 1670.399699][   T39]  path_openat+0x2ef1/0x3840
[ 1670.399735][   T39]  ? try_to_take_rt_mutex+0x840/0xb00
[ 1670.399807][   T39]  ? __pfx_path_openat+0x10/0x10
[ 1670.399843][   T39]  ? do_raw_spin_lock+0x121/0x290
[ 1670.399884][   T39]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1670.399914][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1670.399943][   T39]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1670.399981][   T39]  do_filp_open+0x1fa/0x410
[ 1670.400012][   T39]  ? __pfx_do_filp_open+0x10/0x10
[ 1670.400037][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1670.400105][   T39]  ? alloc_fd+0x64f/0x6c0
[ 1670.400152][   T39]  do_sys_openat2+0x121/0x1c0
[ 1670.400181][   T39]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1670.400216][   T39]  ? rcu_is_watching+0x15/0xb0
[ 1670.400261][   T39]  __x64_sys_openat+0x138/0x170
[ 1670.400293][   T39]  do_syscall_64+0xfa/0xfa0
[ 1670.400319][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1670.400346][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1670.400373][   T39]  ? clear_bhb_loop+0x60/0xb0
[ 1670.400405][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1670.400428][   T39] RIP: 0033:0x7fe1ea43eec9
[ 1670.400449][   T39] RSP: 002b:00007fe1e86a6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1670.400473][   T39] RAX: ffffffffffffffda RBX: 00007fe1ea695fa0 RCX: 00007fe1ea43eec9
[ 1670.400494][   T39] RDX: 0000000000000000 RSI: 0000200000000100 RDI: ffffffffffffff9c
[ 1670.400510][   T39] RBP: 00007fe1ea4c1f91 R08: 0000000000000000 R09: 0000000000000000
[ 1670.400526][   T39] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1670.400543][   T39] R13: 00007fe1ea696038 R14: 00007fe1ea695fa0 R15: 00007ffc49dd1418
[ 1670.400584][   T39]  </TASK>
[ 1670.400594][   T39] INFO: task syz.0.6535:24892 blocked for more than 143 seconds.
[ 1670.400612][   T39]       Not tainted syzkaller #0
[ 1670.400625][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1670.400636][   T39] task:syz.0.6535      state:D stack:28232 pid:24892 tgid:24883 ppid:21172  task_flags:0x400040 flags:0x00080002
[ 1670.400708][   T39] Call Trace:
[ 1670.400717][   T39]  <TASK>
[ 1670.400731][   T39]  __schedule+0x16f3/0x4c20
[ 1670.400773][   T39]  ? __lock_acquire+0xab9/0xd20
[ 1670.400820][   T39]  ? __pfx___schedule+0x10/0x10
[ 1670.400877][   T39]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1670.400910][   T39]  rt_mutex_schedule+0x77/0xf0
[ 1670.400935][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 1670.400973][   T39]  ? task_blocks_on_rt_mutex+0xf04/0x1380
[ 1670.401031][   T39]  rt_mutex_slowlock+0x2b1/0x6e0
[ 1670.401070][   T39]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 1670.401107][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1670.401142][   T39]  ? __lock_acquire+0xab9/0xd20
[ 1670.401188][   T39]  ? misc_open+0x51/0x350
[ 1670.401221][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1670.401267][   T39]  ? misc_open+0x51/0x350
[ 1670.401293][   T39]  mutex_lock_nested+0x16a/0x1d0
[ 1670.401328][   T39]  ? rt_spin_unlock+0x150/0x200
[ 1670.401368][   T39]  misc_open+0x51/0x350
[ 1670.401401][   T39]  chrdev_open+0x4cc/0x5e0
[ 1670.401439][   T39]  ? __pfx_chrdev_open+0x10/0x10
[ 1670.401476][   T39]  ? fsnotify_open_perm_and_set_mode+0x116/0x620
[ 1670.401518][   T39]  ? __pfx_chrdev_open+0x10/0x10
[ 1670.401552][   T39]  do_dentry_open+0x9ae/0x1350
[ 1670.401604][   T39]  vfs_open+0x3b/0x350
[ 1670.401638][   T39]  ? path_openat+0x2ed9/0x3840
[ 1670.401849][   T39]  path_openat+0x2ef1/0x3840
[ 1670.401890][   T39]  ? try_to_take_rt_mutex+0x840/0xb00
[ 1670.401962][   T39]  ? __pfx_path_openat+0x10/0x10
[ 1670.401990][   T39]  ? do_raw_spin_lock+0x121/0x290
[ 1670.402032][   T39]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1670.402062][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1670.402091][   T39]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1670.402129][   T39]  do_filp_open+0x1fa/0x410
[ 1670.402162][   T39]  ? __pfx_do_filp_open+0x10/0x10
[ 1670.402185][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1670.402254][   T39]  ? alloc_fd+0x64f/0x6c0
[ 1670.402303][   T39]  do_sys_openat2+0x121/0x1c0
[ 1670.402333][   T39]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1670.402370][   T39]  ? rcu_is_watching+0x15/0xb0
[ 1670.402415][   T39]  __x64_sys_openat+0x138/0x170
[ 1670.402446][   T39]  do_syscall_64+0xfa/0xfa0
[ 1670.402473][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1670.402500][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1670.402526][   T39]  ? clear_bhb_loop+0x60/0xb0
[ 1670.402559][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1670.402583][   T39] RIP: 0033:0x7fe1ea43eec9
[ 1670.402603][   T39] RSP: 002b:00007fe1e8685038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1670.402630][   T39] RAX: ffffffffffffffda RBX: 00007fe1ea696090 RCX: 00007fe1ea43eec9
[ 1670.402650][   T39] RDX: 0000000000800000 RSI: 0000200000000400 RDI: ffffffffffffff9c
[ 1670.402670][   T39] RBP: 00007fe1ea4c1f91 R08: 0000000000000000 R09: 0000000000000000
[ 1670.402685][   T39] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1670.402702][   T39] R13: 00007fe1ea696128 R14: 00007fe1ea696090 R15: 00007ffc49dd1418
[ 1670.402745][   T39]  </TASK>
[ 1670.402756][   T39] INFO: task syz.0.6535:24896 blocked for more than 143 seconds.
[ 1670.402774][   T39]       Not tainted syzkaller #0
[ 1670.402789][   T39] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1670.402801][   T39] task:syz.0.6535      state:D stack:27016 pid:24896 tgid:24883 ppid:21172  task_flags:0x400140 flags:0x00080002
[ 1670.402880][   T39] Call Trace:
[ 1670.402889][   T39]  <TASK>
[ 1670.402903][   T39]  __schedule+0x16f3/0x4c20
[ 1670.402946][   T39]  ? __lock_acquire+0xab9/0xd20
[ 1670.402993][   T39]  ? __pfx___schedule+0x10/0x10
[ 1670.403043][   T39]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1670.403074][   T39]  rt_mutex_schedule+0x77/0xf0
[ 1670.403100][   T39]  rt_mutex_slowlock_block+0x5ba/0x6d0
[ 1670.403136][   T39]  ? task_blocks_on_rt_mutex+0xf04/0x1380
[ 1670.403195][   T39]  rt_mutex_slowlock+0x2b1/0x6e0
[ 1670.403235][   T39]  ? rt_mutex_slowlock+0x1c9/0x6e0
[ 1670.403272][   T39]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[ 1670.403306][   T39]  ? __lock_acquire+0xab9/0xd20
[ 1670.403353][   T39]  ? misc_open+0x51/0x350
[ 1670.403387][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1670.403433][   T39]  ? misc_open+0x51/0x350
[ 1670.403460][   T39]  mutex_lock_nested+0x16a/0x1d0
[ 1670.403494][   T39]  ? rt_spin_unlock+0x150/0x200
[ 1670.403536][   T39]  misc_open+0x51/0x350
[ 1670.403569][   T39]  chrdev_open+0x4cc/0x5e0
[ 1670.403607][   T39]  ? __pfx_chrdev_open+0x10/0x10
[ 1670.403644][   T39]  ? fsnotify_open_perm_and_set_mode+0x116/0x620
[ 1670.403689][   T39]  ? __pfx_chrdev_open+0x10/0x10
[ 1670.403723][   T39]  do_dentry_open+0x9ae/0x1350
[ 1670.403777][   T39]  vfs_open+0x3b/0x350
[ 1670.403809][   T39]  ? path_openat+0x2ed9/0x3840
[ 1670.403846][   T39]  path_openat+0x2ef1/0x3840
[ 1670.403883][   T39]  ? try_to_take_rt_mutex+0x840/0xb00
[ 1670.403954][   T39]  ? __pfx_path_openat+0x10/0x10
[ 1670.403984][   T39]  ? do_raw_spin_lock+0x121/0x290
[ 1670.404038][   T39]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1670.404067][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1670.404095][   T39]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1670.404132][   T39]  do_filp_open+0x1fa/0x410
[ 1670.404161][   T39]  ? __pfx_do_filp_open+0x10/0x10
[ 1670.404185][   T39]  ? rt_mutex_slowunlock+0x493/0x8a0
[ 1670.404250][   T39]  ? alloc_fd+0x64f/0x6c0
[ 1670.404295][   T39]  do_sys_openat2+0x121/0x1c0
[ 1670.404323][   T39]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1670.404355][   T39]  ? rcu_is_watching+0x15/0xb0
[ 1670.404395][   T39]  __x64_sys_openat+0x138/0x170
[ 1670.404428][   T39]  do_syscall_64+0xfa/0xfa0
[ 1670.404454][   T39]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1670.404500][   T39]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1670.404527][   T39]  ? clear_bhb_loop+0x60/0xb0
[ 1670.404558][   T39]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1670.404583][   T39] RIP: 0033:0x7fe1ea43eec9
[ 1670.404601][   T39] RSP: 002b:00007fe1e8241038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1670.404626][   T39] RAX: ffffffffffffffda RBX: 00007fe1ea696270 RCX: 00007fe1ea43eec9
[ 1670.404645][   T39] RDX: 0000000000000100 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1670.404662][   T39] RBP: 00007fe1ea4c1f91 R08: 0000000000000000 R09: 0000000000000000
[ 1670.404679][   T39] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1670.404694][   T39] R13: 00007fe1ea696308 R14: 00007fe1ea696270 R15: 00007ffc49dd1418
[ 1670.404734][   T39]  </TASK>
[ 1670.404743][   T39] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[ 1670.404789][   T39] 
[ 1670.404789][   T39] Showing all locks held in the system:
[ 1670.404807][   T39] 4 locks held by pr/legacy/17:
[ 1670.404823][   T39] 3 locks held by kworker/1:0/31:
[ 1670.404843][   T39]  #0: ffff88813fe19138 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1670.404908][   T39]  #1: ffffc90000a5fba0 ((work_completion)(&rfkill_global_led_trigger_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1670.404970][   T39]  #2: ffffffff8ed55f58 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_global_led_trigger_worker+0x27/0xd0
[ 1670.405035][   T39] 1 lock held by khungtaskd/39:
[ 1670.405048][   T39]  #0: ffffffff8d7aa500 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1670.405139][   T39] 2 locks held by getty/5562:
[ 1670.405154][   T39]  #0: ffff88823bf6e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1670.405217][   T39]  #1: ffffc90003e7e2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x444/0x1400
[ 1670.405277][   T39] 4 locks held by kworker/1:6/6013:
[ 1670.405291][   T39]  #0: ffff88813fe19138 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1670.405351][   T39]  #1: ffffc900052afba0 ((work_completion)(&rfkill->sync_work)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1670.405413][   T39]  #2: ffffffff8ed55f58 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_sync_work+0x2e/0x200
[ 1670.405472][   T39]  #3: ffff88802ca0c0f0 (&dev->mutex){....}-{4:4}, at: nfc_rfkill_set_block+0x50/0x2e0
[ 1670.405548][   T39] 4 locks held by kworker/u8:13/23829:
[ 1670.405563][   T39]  #0: ffff88801a294938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[ 1670.405622][   T39]  #1: ffffc9000f09fba0 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[ 1670.405682][   T39]  #2: ffffffff8ea6a7a0 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf7/0x820
[ 1670.405737][   T39]  #3: ffffffff8ed55f58 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_unregister+0xd1/0x230
[ 1670.405797][   T39] 1 lock held by syz-executor/24516:
[ 1670.405812][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.405877][   T39] 1 lock held by syz-executor/24521:
[ 1670.405892][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.405954][   T39] 1 lock held by syz.6.6508/24773:
[ 1670.405969][   T39]  #0: ffff88802ca0c0f0 (&dev->mutex){....}-{4:4}, at: nfc_unregister_device+0x63/0x2a0
[ 1670.406031][   T39] 2 locks held by syz.3.6531/24849:
[ 1670.406044][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.406102][   T39]  #1: ffffffff8ed55f58 (rfkill_global_mutex){+.+.}-{4:4}, at: rfkill_fop_open+0x138/0x820
[ 1670.406164][   T39] 1 lock held by syz.0.6535/24884:
[ 1670.406177][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.406233][   T39] 1 lock held by syz.0.6535/24892:
[ 1670.406267][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.406327][   T39] 1 lock held by syz.0.6535/24896:
[ 1670.406340][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.406402][   T39] 1 lock held by syz-executor/24932:
[ 1670.406415][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.406475][   T39] 1 lock held by syz-executor/24990:
[ 1670.406491][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.406549][   T39] 1 lock held by syz-executor/24992:
[ 1670.406565][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.406624][   T39] 1 lock held by syz-executor/24994:
[ 1670.406639][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.406698][   T39] 1 lock held by syz-executor/24996:
[ 1670.406714][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.406773][   T39] 1 lock held by syz-executor/25002:
[ 1670.406788][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.406853][   T39] 1 lock held by syz-executor/25004:
[ 1670.406868][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.406927][   T39] 1 lock held by syz-executor/25006:
[ 1670.406942][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.407001][   T39] 1 lock held by syz-executor/25008:
[ 1670.407017][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.407076][   T39] 1 lock held by syz-executor/25010:
[ 1670.407090][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.407150][   T39] 1 lock held by syz-executor/25016:
[ 1670.407164][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.407223][   T39] 1 lock held by syz-executor/25018:
[ 1670.407238][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.407300][   T39] 1 lock held by syz-executor/25020:
[ 1670.407315][   T39]  #0: ffffffff8dfdeaf8 (misc_mtx){+.+.}-{4:4}, at: misc_open+0x51/0x350
[ 1670.407375][   T39] 
[ 1670.407381][   T39] =============================================
[ 1670.407381][   T39] 
[ 1670.407395][   T39] NMI backtrace for cpu 1
[ 1670.407410][   T39] CPU: 1 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1670.407440][   T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1670.407454][   T39] Call Trace:
[ 1670.407464][   T39]  <TASK>
[ 1670.407476][   T39]  dump_stack_lvl+0x189/0x250
[ 1670.407509][   T39]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1670.407541][   T39]  ? __pfx__printk+0x10/0x10
[ 1670.407586][   T39]  nmi_cpu_backtrace+0x39e/0x3d0
[ 1670.407626][   T39]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1670.407665][   T39]  ? __pfx__printk+0x10/0x10
[ 1670.407700][   T39]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1670.407730][   T39]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1670.407771][   T39]  watchdog+0xf60/0xfa0
[ 1670.407811][   T39]  ? watchdog+0x1e2/0xfa0
[ 1670.407867][   T39]  kthread+0x711/0x8a0
[ 1670.407908][   T39]  ? __pfx_watchdog+0x10/0x10
[ 1670.407942][   T39]  ? __pfx_kthread+0x10/0x10
[ 1670.407973][   T39]  ? rt_spin_unlock+0x150/0x200
[ 1670.408016][   T39]  ? rt_spin_unlock+0x161/0x200
[ 1670.408049][   T39]  ? __pfx_kthread+0x10/0x10
[ 1670.408087][   T39]  ret_from_fork+0x4b9/0x870
[ 1670.408120][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[ 1670.408158][   T39]  ? __switch_to_asm+0x39/0x70
[ 1670.408188][   T39]  ? __switch_to_asm+0x33/0x70
[ 1670.408220][   T39]  ? __pfx_kthread+0x10/0x10
[ 1670.408257][   T39]  ret_from_fork_asm+0x1a/0x30
[ 1670.408310][   T39]  </TASK>
[ 1670.408320][   T39] Sending NMI from CPU 1 to CPUs 0:
[ 1670.408355][    C0] NMI backtrace for cpu 0
[ 1670.408369][    C0] CPU: 0 UID: 0 PID: 17 Comm: pr/legacy Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1670.408390][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1670.408402][    C0] RIP: 0010:io_serial_in+0x77/0xc0
[ 1670.408422][    C0] Code: e8 6e 30 b3 fc 44 89 f9 d3 e3 49 83 ee 80 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 4f d3 14 fd 41 03 1e 89 da ec <0f> b6 c0 5b 41 5c 41 5e 41 5f e9 9a 12 be 05 cc 44 89 f9 80 e1 07
[ 1670.408438][    C0] RSP: 0018:ffffc90000167870 EFLAGS: 00000202
[ 1670.408454][    C0] RAX: 1ffffffff3217500 RBX: 00000000000003fd RCX: 0000000000000000
[ 1670.408466][    C0] RDX: 00000000000003fd RSI: 0000000000000000 RDI: 0000000000000000
[ 1670.408477][    C0] RBP: ffffffff990bb1b0 R08: 0000000000000000 R09: 0000000000000000
[ 1670.408488][    C0] R10: dffffc0000000000 R11: ffffffff850b1c80 R12: dffffc0000000000
[ 1670.408501][    C0] R13: 0000000000000000 R14: ffffffff990baf20 R15: 0000000000000000
[ 1670.408513][    C0] FS:  0000000000000000(0000) GS:ffff888126bcd000(0000) knlGS:0000000000000000
[ 1670.408527][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1670.408539][    C0] CR2: 00007f774030c6bf CR3: 000000000d5a6000 CR4: 00000000003526f0
[ 1670.408555][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1670.408566][    C0] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1670.408578][    C0] Call Trace:
[ 1670.408592][    C0]  <TASK>
[ 1670.408601][    C0]  wait_for_lsr+0x1aa/0x2f0
[ 1670.408626][    C0]  serial8250_console_write+0x11bd/0x1b40
[ 1670.408664][    C0]  ? __pfx_serial8250_console_write+0x10/0x10
[ 1670.408693][    C0]  ? console_flush_all+0x13a/0xb40
[ 1670.408718][    C0]  ? console_flush_all+0x476/0xb40
[ 1670.408741][    C0]  console_flush_all+0x663/0xb40
[ 1670.408763][    C0]  ? console_flush_all+0x13a/0xb40
[ 1670.408786][    C0]  ? __pfx_console_flush_all+0x10/0x10
[ 1670.408816][    C0]  __console_flush_and_unlock+0x9b/0x160
[ 1670.408836][    C0]  ? legacy_kthread_func+0x136/0x1a0
[ 1670.408861][    C0]  ? __pfx___console_flush_and_unlock+0x10/0x10
[ 1670.408881][    C0]  ? schedule+0x91/0x360
[ 1670.408903][    C0]  legacy_kthread_func+0x13b/0x1a0
[ 1670.408926][    C0]  ? __pfx_legacy_kthread_func+0x10/0x10
[ 1670.408950][    C0]  ? __pfx_autoremove_wake_function+0x10/0x10
[ 1670.408974][    C0]  ? __kthread_parkme+0x7b/0x200
[ 1670.408999][    C0]  ? __kthread_parkme+0x1a1/0x200
[ 1670.409027][    C0]  kthread+0x711/0x8a0
[ 1670.409056][    C0]  ? __pfx_legacy_kthread_func+0x10/0x10
[ 1670.409079][    C0]  ? __pfx_kthread+0x10/0x10
[ 1670.409105][    C0]  ? rt_spin_unlock+0x150/0x200
[ 1670.409134][    C0]  ? rt_spin_unlock+0x161/0x200
[ 1670.409160][    C0]  ? __pfx_kthread+0x10/0x10
[ 1670.409188][    C0]  ret_from_fork+0x4b9/0x870
[ 1670.409210][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1670.409236][    C0]  ? __switch_to_asm+0x39/0x70
[ 1670.409260][    C0]  ? __switch_to_asm+0x33/0x70
[ 1670.409283][    C0]  ? __pfx_kthread+0x10/0x10
[ 1670.409311][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1670.409345][    C0]  </TASK>
[ 1670.410362][   T39] Kernel panic - not syncing: hung_task: blocked tasks
[ 1670.410381][   T39] CPU: 1 UID: 0 PID: 39 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1670.410409][   T39] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[ 1670.410425][   T39] Call Trace:
[ 1670.410435][   T39]  <TASK>
[ 1670.410445][   T39]  dump_stack_lvl+0x99/0x250
[ 1670.410477][   T39]  ? __asan_memcpy+0x40/0x70
[ 1670.410505][   T39]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1670.410535][   T39]  ? __pfx__printk+0x10/0x10
[ 1670.410580][   T39]  vpanic+0x237/0x6d0
[ 1670.410604][   T39]  ? __pfx_vpanic+0x10/0x10
[ 1670.410640][   T39]  panic+0xb9/0xc0
[ 1670.410665][   T39]  ? __pfx_panic+0x10/0x10
[ 1670.410693][   T39]  ? irq_work_queue+0xc3/0x140
[ 1670.410731][   T39]  ? nmi_trigger_cpumask_backtrace+0x234/0x300
[ 1670.410772][   T39]  watchdog+0xf9f/0xfa0
[ 1670.410813][   T39]  ? watchdog+0x1e2/0xfa0
[ 1670.410865][   T39]  kthread+0x711/0x8a0
[ 1670.410907][   T39]  ? __pfx_watchdog+0x10/0x10
[ 1670.410939][   T39]  ? __pfx_kthread+0x10/0x10
[ 1670.410973][   T39]  ? rt_spin_unlock+0x150/0x200
[ 1670.411015][   T39]  ? rt_spin_unlock+0x161/0x200
[ 1670.411050][   T39]  ? __pfx_kthread+0x10/0x10
[ 1670.411087][   T39]  ret_from_fork+0x4b9/0x870
[ 1670.411119][   T39]  ? __pfx_ret_from_fork+0x10/0x10
[ 1670.411158][   T39]  ? __switch_to_asm+0x39/0x70
[ 1670.411189][   T39]  ? __switch_to_asm+0x33/0x70
[ 1670.411219][   T39]  ? __pfx_kthread+0x10/0x10
[ 1670.411258][   T39]  ret_from_fork_asm+0x1a/0x30
[ 1670.411312][   T39]  </TASK>
[ 1670.411667][   T39] Kernel Offset: disabled