last executing test programs:

12.971512207s ago: executing program 4 (id=2315):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
msgctl$MSG_STAT(0x0, 0xb, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$dri(0x0, 0xd21, 0x4000)
r2 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000040))
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_open_dev$swradio(&(0x7f0000000240), 0x0, 0x2)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x1, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7}, {0x0, 0x4, 0x9, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}]})
r6 = msgget$private(0x0, 0x4a0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="6c0000001000050400"/20, @ANYBLOB="5d580000000000001c001a8018000a801400070000000000000000000000000000000001140003006970766c616e310000000000000000001c0012800b0001006970766c616e00000c000280060001"], 0x6c}, 0x1, 0x0, 0x0, 0x840}, 0x0)
msgctl$IPC_STAT(r6, 0x2, 0x0)
msgsnd(r6, &(0x7f0000000440)=ANY=[], 0xe3, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000380)={[0xf, 0x3, 0x4, 0x1000000000000002, 0x102000000000002, 0x8000000d, 0x2004c8, 0xffff, 0x3, 0xffffffff, 0xffffffffffffffff, 0x7fffffffffffffff, 0xd0b, 0xfffffffffffffff9, 0x2000000000000003, 0x5], 0x80a0000, 0x4284})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000180), 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r8, 0x40505331, &(0x7f0000000540)={{}, {0x18}, 0x0, 0x7})
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
socket(0x400000000010, 0x3, 0x0)

11.86688885s ago: executing program 1 (id=2319):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
r1 = socket(0x10, 0x3, 0x9)
r2 = syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'netdevsim0\x00', <r5=>0x0})
sendmsg$ETHTOOL_MSG_PAUSE_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000480)=ANY=[@ANYBLOB='(\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000001e0000000c00018008000100", @ANYRES32=r5, @ANYBLOB="050003"], 0x28}}, 0x0)
ioctl$SG_GET_LOW_DMA(0xffffffffffffffff, 0x227a, &(0x7f0000000380))
sendmsg$NFT_BATCH(r1, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_usb_connect$cdc_ncm(0x1, 0x7e, &(0x7f00000000c0)={{0x12, 0x1, 0x250, 0x2, 0x0, 0x0, 0x40, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6c, 0x2, 0x1, 0x8, 0xa0, 0x8, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x7, 0x24, 0x6, 0x0, 0x1, ';p'}, {0x5, 0x24, 0x0, 0x4}, {0xd, 0x24, 0xf, 0x1, 0xb98, 0x400, 0x800, 0x9}, {0x6, 0x24, 0x1a, 0x6}, [@dmm={0x7, 0x24, 0x14, 0x2, 0xe}, @network_terminal={0x7, 0x24, 0xa, 0x93, 0x0, 0xd, 0xe}]}, {{0x9, 0x5, 0x81, 0x3, 0x8, 0x8, 0x7c, 0xb}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x400, 0x9, 0x5b}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x80, 0x8, 0x55}}}}}}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000340)={0x1c, &(0x7f0000000400)={0x40, 0xd8f84ce48bb67326, 0x2, "0270"}, 0x0, 0x0})

8.932833349s ago: executing program 4 (id=2332):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
recvmsg$unix(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100f7000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc08000340000000144c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100d10300000c0004400000000000000001140000001100010b"], 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x4040)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c000180060001"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)

8.053563352s ago: executing program 1 (id=2335):
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="7570646174652064656661756c7420757365723b977275737465643a00"], 0x1d, 0xfffffffffffffffd)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(0xffffffffffffffff, 0xc0105303, &(0x7f00000003c0)={0x0, 0x0, 0x20000})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000005c0)={0x20, 0x10, 0x509, 0x0, 0x0, "", [@generic="6f6d8864d22a3f", @typed={0x4}, @nested={0x4}]}, 0x20}], 0x1}, 0x404c040)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x14)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000180)=0xe)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
close(0x3)
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r3, 0x4020565a, &(0x7f0000000080)={0x3, 0x2, 0x1})
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f00000000c0)=0x2)
r4 = userfaultfd(0xc0001)
ppoll(&(0x7f0000000180)=[{r4, 0x404}], 0x1, 0x0, 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x0)
write$tcp_mem(r5, &(0x7f0000000280)={0x11, 0x2d, 0x0, 0x3a, 0xfffffffffffffffe, 0x2c}, 0x48)
add_key(0x0, &(0x7f0000000180), &(0x7f0000000100), 0x0, 0xfffffffffffffffe)

7.079793167s ago: executing program 1 (id=2336):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000580)=ANY=[@ANYBLOB="240000001e008d2af6000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\b'], 0x24}}, 0x4044)
r1 = socket$caif_seqpacket(0x25, 0x5, 0x2)
ioctl$F2FS_IOC_RELEASE_VOLATILE_WRITE(r1, 0xf504, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x4, 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000001d71185d000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_DEL_PMKSA(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x400c4)
r4 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
syz_emit_ethernet(0x74, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x73, 0x0, @private=0x300, @multicast1}, {0x0, 0x0, 0xfffffe9a, 0x0, @gue={{0x2}}}}}}}, 0x0)
ioctl$sock_SIOCINQ(r4, 0x541b, &(0x7f0000000040))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000280)={<r5=>0x0}, &(0x7f00000013c0)=0xc)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000004300)={&(0x7f0000000100)=@proc={0x10, 0x0, 0x25dfdbfc, 0x8000}, 0xc, &(0x7f0000003dc0), 0x0, 0x0, 0x0, 0x8010}, 0x20000000)
getgid()
r6 = getpid()
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r8, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r6}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0x30)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
getsockopt$sock_cred(r10, 0x1, 0x11, &(0x7f0000000280)={<r11=>0x0, <r12=>0x0, <r13=>0x0}, &(0x7f00000013c0)=0xc)
sendmmsg$unix(r10, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r11, @ANYRES32=r12, @ANYRES32=r13, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32=r10, @ANYBLOB="00000002c50c1a4be1c7e58046ab57def1ad414835328d033564c3151a4dfa62b6f97426e56e3329bf7e86ae1f545a71c39a1de4eff44777cb3b3adedd83060b9134020c7468dc757f6e1fc42824483ad69f700fa30d2c463bcc3e52e7869aabdc1afa5270999b240fa681daf3a54ac4a3cf7c8edfc187effec8f1980a026808f762c4e3626b9f01752c67b9380e06d442542696383845e4"], 0x38, 0x40044}}], 0x1, 0x4)
sendmsg$netlink(r3, &(0x7f00000003c0)={&(0x7f0000000180)=@kern={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)=[{&(0x7f0000000b40)=ANY=[@ANYBLOB="100000002000000126bd7000fbdbdf25f7e1be9a22c5958adf2a57e0ed0737e994d3d81bf66f2d6b262042d203831c464f4a3206772f03d387593f674710f126ce586ba19f358944749caf17e605f5d759473c21defc607c8000f4bb734c6295de34fec9fea697c608fea7782bffe8f28dfb1927f9c8897521fbfdeeab5416168c83865eebbac54adb5e5674d12f6b50"], 0x10}, {&(0x7f0000000600)={0x1dc, 0x33, 0x4, 0x70bd26, 0x25dfdbfc, "", [@generic="7fbd62e7f50c414dbc0e2655bc22beacd24131177e7374f507c2e978894995447a5b8cdb83462ce7f7f3a280c158d3bf15bdeab3fd7375027cd0d849e8687a318b422498d152d903ede343de76006b524fcb857735395694d4c4ec1778d2b1d54e3cc248076d94abfa8dd57069d3f3eb4eb820fd3c2e58bf7ca2f788e5e4f6801dd4462a4a66aa849b6df9f3821abf74aafede475dd828423f8a088a25aad2efb945ca11b939b813e22d878605924dfd020deaec44ec3e93c13ffb6251b42ac9e8260791b8df4e73", @typed={0x44, 0x135, 0x0, 0x0, @binary="3c7905fb6e32b2f4f6eb3dcc05b0063da2c00995578c7ee0ce8b272059e521612c6bca5e47bc95cd3630534416c1559573a9a8575e3d5dfe62e0fa1712f930d5"}, @generic="5189bcdb4e5b32", @generic="e04bd5faa163eceb9512ef4b54595aa4f73fb634a295929a489e4bd9a219690c1e027eabb7f1d737c39992432e8541e88802a003ec45f1352314008779895557c34b734bec4b9e77c8f56ec0237526d5213ca520f53d53894193d5bb0b947170a5bf3460bcfac4a7f4a7df7556e27a93737f2dbda499e702501c8d57bb6bf7a77b1bd76ae8de3e8b9e8390f926ab37d1262c76cda66333a31f527282029d6559a5d6a171ccf8ef4e202a8aa9e6273d14007d76796a7874", @generic]}, 0x1dc}, {&(0x7f0000000240)={0x18, 0x1a, 0x20, 0x70bd26, 0x25dfdbfb, "", [@typed={0x8, 0x9f, 0x0, 0x0, @u32=0x8001}]}, 0x18}, {&(0x7f0000007d40)={0x308, 0x2b, 0x100, 0x70bd29, 0x25dfdbfc, "", [@generic="2a67b0e3e05e9b91fdaab65fd8765a855b1b4ae124c58a86502b86792208354a4b497b6eaa2d36a91a0e80459fd7ddd819e4e2af825f9b9489a85e5f24c5dee30a759c774f026c8cb1705bb91a093e92238980d9d2d05f7bb5df09d73901ad3cf0a3a1be3da6559e6fa461af1b46511d7f396020d3831506f53658b746f2e3eac879f584733e1fe5ce84cf5fc6a9b39de54354cd0d0496afdb5d2bc79fac141bfa8fbd2785a7a86f5564785dbd07a117dae538a7d0d65b3fe1e53c0ac479ff58f528c874ba20bdf9b37eca0df8f82f0e33492c713912d97ea83af4825272145cd3425a34d038be", @generic="bcbf75690883ca5da59e5b0061bebff1da28672847f69d68d735eb7c07de0b3a4d5d71c1124bcc5747726c2fa60d56f7a8f5cc5b6e1cbfe6ffef599bacd349c52052c91abb266df7f58869050e9bb02632152ebdc673f8a480edefade566b49798717715187a3a2b42038dda229c1098b464ca1c965e6e3fdf0b912f64f9249cabbf9e6dbc6b7b25fd33c0727d60ed55f96966c78f483e8d21759f1205f60715658a0d58ed8fbc0445eab61a876603d5f31b00", @nested={0xb0, 0x144, 0x0, 0x1, [@generic="be1f9a92392aeb787dd00b37d1639c5998dc2f21f69e6adab4f9986ac9a747a0cefd2fdec199ec336d8967d8f0257131ae67e8dfe3cf14ef45a3ee7a8c9374991d81b72997ce0a5c940d5a9627a03a01d631c92accfcd4973a20a9a21d4db108a2c5b1114152b05e1c6897e7a946769def0ef31ba5dec01bf7cc605dd62ec75d54113bb58dfe7e18d8720e41fc71731b5260bc851ccdfa0654b6ba22afac6fe08a4c1113d59af03e751e9f83"]}, @nested={0x4, 0xeb}, @nested={0x4, 0xf2}, @generic="dfbdc8f1c50634486dea80abbc5a61fb6b8d447a9bb283792221651668e9476e68a1b873a01c704119ea7058abf7dea7ea8c7a47326c909c140f402aaa5f0b313198085f88ed896d82a1450c00a0345410d2798e", @generic="473e120034ef1da3cf265102d28289a5630ad5a203326213722da106f4422f0340e8f835ce9f9c8bdac8b11384f9f5d41971aeffc27e76794bdf43ba817328599e7b736d75d22fa414a0a640d64419"]}, 0x308}, {&(0x7f0000006c00)={0x940, 0x1e, 0x10, 0x70bd2b, 0x25dfdbfe, "", [@nested={0x8b4, 0x14, 0x0, 0x1, [@generic="d105b55853b0a4423383e68a79a5c02feb06671485ac719346f1b6cb4dbef7200379e6a2f25927eb10a209d9187575fee51c1aa540d7b6664f1a470ba36f6ad38cccaf3fca8008e24b767c3f031fa1b31a385eec145086ec8276731682afe30251ba37c5a705f59d8a7b6ef08370aa73ad61ea1dde56c4cfce1b6a84fb20277913080e84dfb7794acaa595bc78cc3c1895de5c2da13bddfb5a2b3684fd2e3a3a96b1426d8d2fa657ce3cb4cfe91bb192876e7a220479a206896c433a74ffdce3a4d66da4efd9216992da63e1859fc52ab08bd2b36627b99983c6169d45865c1e3e5d0d14dbf46f6af212bf7e43365efd32324c96c5f1e4ecc2913a3d2b37b6daa10a9ecba8d57050e070e22df50ee301f9557c6c233f2c513871b8e45bf0b13d8713784aefefb59fde0ee53ce5ca9f77a00805150116f490ed4fdac0136016cabc2f3fa81975d603ceca310093796f0b146ce443537e0b3f754befb472ead651dc32131d27292ee1f2620eade233ea874794060f5e01e6a1ec9abf5e6324c8291aac67c9db94e5ea0cff58bbd9daddef6ad90f42cd4ca2faf58600f6b8e35a81923190dfa7c45c4312c2147df365d0f2ae37cdb2afa61916af79339376d4a72cdabadb0abf1888e33134cc4f6ba698e5432cc3f711727a6675937a983596723eb8f69822faa539b9cd72e4ba6d6bd75ef0c0e6b377e5ca116d2475d2f071d765f2746150d6aeea19ba612ec617f4e8ca5e9a0072e419836f125ee65c78d4519e826c7ed50a9fb399c60aa15df8fc97f113cc2d21fbefcb4bd87ccb4062e2624d49e085bef05c035d16f93475f633bb872f9aa9515cde70384a895c6bcb867f4111cac438f4f7c03ec25cd56959321ac157444799ca98bc75d3a92e5c6cda54ee002d37f96986ecf644f673d7d3d922ae453451a8a091fb3505540afc2a43ae6abc1919d9c3d62fed7072c60315599775b9f11da5302db0deba85d9972dd66721ace5fd74b8a444a3921e6ab6032147558dc4d8b96184e857fe9cb9c76f931faced51b1a2af8abc440b0a4ff26472ae071d1424395dd8a093e504f7e1e9a8a56e0f322e73e21e3d984d22f45eeea2045fd36c9666c979b47486fe9ca3c6f3d88da0cc3eef4c0583164976406cfb3efe01295420e5fdc339365fdda8e6e3541ad64e21e009166a5abd5e97fa0f76c0e0948095774bafd549c5ee51365facad0d5d91ce665226cc2e50a82db75179af8778968d36e8782149f9b07b4131590b70a1d5d08e37887f379a83b9e613270b52f5f60542380f5d16da451fb68637e9a4dfdd85dd6b1d7795c90036559d769a4fc2d6a15d6c58cf15a438602638edecab74a7cd0f45ce5e0fa341c933bccb175daeb6b3f55b769e46313e527dcedbcb4a6202f58eb34e476ef556575792a24d838986fd947fef5184b2cb0b0107d6bff34139adf3cbfdba1bb256f981ea47b99a53a5dde5dd1afc35ed1280b56b3396cfde19af77567f515de6a8524d08495ed81bb964c45061c66cf8a9c40e76026d7db7f8c2771b8a377d07a943981651bbb30b9734d557eee07cc8e1d36aeb804e25d208e2e64ef999ef04271d184e5495776cf791404a6baa3b40af8f8a2f25ca4d09e5156341882bba0f0451d9392ef1fc846d02f18a2753cb10164ff948f689599bd67bc4339512ba2dd47a94adb9f370d47a87d63a498eb0e0525ca12024f6db608d9bd95263190ed8010ec9806b07ad03b8ef66d9dd8ad3e24c6f259f961f055edcedac5ee163948a27b12950a7fd799097539d2f45497c734a615482d550b740a39fd757551f3ff525910f16616d34ac33575223f8ae99d6383091aec0afdb4639a2529d825fa0c70b7c37b88c7beb5da3f268d8da67a85b82611abc9b680ac66c6b0773da1e0a7803f8b673e8b1759acb1cfcd5f32bcb620ba02481bef729c33dc5a8b8752c79c9ead632588d84adf93f9f48afc8ae0e7502c4c0de422c22183936818c50efc085b7effb856e24cc775e05fa6004c16119edad38bc8e48c74ba54d0b08f5811029a8115e7008d71dd9314dc77308ded8a97e0bda415ac75002a2e0d9fc0677de590e09ae1bcfab6e71edc3835173ac13be54423f238bdba983d34726ee591524579b32834cabe814fb641e26bcbbf83edaa9de38613a4cdc571574bebba6db127daa9fffcb1c25138de1010b2f266bc378554bcafd020ce1dc79429c21820751da9f6cec5cc61e5d91fa2ffec83bc890de19884a1284d7dded5231a5b61f495dffb3daf3bc0a1ef290c401eaf6c55fd1d68304008c32dcf2af48bfe7fa8f0fdd215c8c8a6c3a584acfa022a3c2b4aa198b4aa04166ee5c63c7a8b6f6c7012594b6c84fcc093c1b47dc7dfd86e353bce76949c565fdf3ebdbc439d621859782c80a5d86c3897842545f807ba5fae9714af2fd13fcdebe2eaa26bb179bc00df7e200c696592ed6d2344894e32a45a742b88ee89839d4e51db5548751050b7d2ebc17102d7b6d15885f1786c5d14d4225253ba7957b7ad60584eb772852bccf762512543e8bf255ab2156deecae084a56bb65da4cbf23c1f785a028bb546e493543c4871fcb3504b0109acbe01c7aab56ea9e49c40b837bcb7d3a7fa68de02cd053b89043d9f210fe687441f061ea009cbda760085dc90cc15e962f9b5840150555f668931b61fa668925069be3e0a828e51652ed3b4b1b169f8471f2c02621547225078259cde1dab907ba118fd02faa811718e20c677247e2b447847161025e34eb6200384eae6985a7e136ab15b063e4d3aa82078280a105912428331a27623a35c8306b8a636c28e9c604c7646e1c6ce5c486759b5af9eb6e7f15707b3468c76f7ee31ea7f8b294135a82b109cdde48aac448ea0ab6ddd305", @generic="f6f50490573df6169144af46e09c55c06d54da3640bfaa63197c529dd5a07074eec5ee6441e26a1e0a72635e6748457a9bfb61ad60e657360bc73810662602a9b393898150f3f5156d50793f016b7a8b8230e5b154d2057b5b5d5a6e56fa9361fde6489134827468f186a1d5aab97f9a6ca0c96e52b9c2f812f1ba8cd1689dfb47ab21de723fee5ad7e35c75ccc4803e46e450f9228c1aca2e3aa335f60e13db3eea06ec8dd03128c720c52e", @nested={0x4, 0x6a}]}, @generic="64ddd2387907934872aeee1a58a7b35355ab51f72c0e7c21e40c481fbcad711dfcf3bbcc05a9305e40075472e426c7cb2b0a8984234504a7a66f342ed5545eb3a255948612ba6f69f1df29fe4830e271d671c6cfd8cfb5adb052d4bb1e8a3d13161d8e9e0f095a4ae046f6cdcf5fe021ed23fb0d24a436", @typed={0x4, 0xd2}]}, 0x940}, {&(0x7f0000001400)={0x2ec, 0x2e, 0x604, 0x70bd26, 0x25dfdbfc, "", [@nested={0x1d0, 0xb4, 0x0, 0x1, [@nested={0x4, 0x98}, @typed={0x8, 0xe6, 0x0, 0x0, @u32=0x20b}, @nested={0x4, 0x13a}, @nested={0x1b9, 0xe0, 0x0, 0x1, [@nested={0xc1, 0x132, 0x0, 0x1, [@typed={0x14, 0x8b, 0x0, 0x0, @ipv6=@local}, @generic="18cdb9a753dcbd037dadd389d7487899427ed724fe88541973d0f6661d4947d585d78fa9088b2ecf74d6c2196b575766dc2419ae1a250de23694b90b0aef5ffdb65f3daa9633a0dc8ba7d8d56c197e8706c12cb2c6965d79d01af528f5927b3265543c4d0296ba37e49a073100b6face1a846f9d308785e1082d2e536f764e3cdea204c96aff636bd5044931b8e7f8df31ac800e9402887caa8e1226778ceae729fb0c83b4ed404497"]}, @nested={0x4, 0xab}, @generic="0ac20111cf2f84bac4d8839357075f4aea246de17aa22b520afd4167e94edaadb27bca4ebb5a936be91dd2408f5d6af7201dbf95979aa44f459e15007b310b0dfe0408365dcfd7ba964565a4a0568d7a5bc1ac985df4924943963015662ff015c8275cd60bfd1f8256912fe3092898ec734abf24e4c0079a1b11ecc043792ceae39a1e25abd83b4ce7979e9fc1ac7cf39fe4fd199407ef8ae47e5827f70eaf7543f6b8b4369eaa4b88fbba9322c99bbc3c7bbb63d1813491b6b49e53931c64", @generic="549c0b416d89bd071eb0d6e453ce548d4b48f6c463902c51b88c", @typed={0x8, 0x9c, 0x0, 0x0, @fd=r9}, @typed={0xc, 0x133, 0x0, 0x0, @u64=0x5}]}]}, @generic="6fd6ab141063d29b7fc66f83cc283663e6aa0b2272ee94282be9f95ae3ad191b45ca52a2a0114566ed007a2d110b818126dc3412e6d9775c1597a82835f883981949583bb9d3b30d0e74e92d1435c2206731745dc5b42761c098ee2ea2249e3cb05edf48f7b6e5ffafc64f292e5f840dfae92c6e37c4579cc9f4b26444301ef23f2e44357eab4b8b4b7377a347c6d61e1aeb32f7fba00348f8afa297e87f192f82798d", @generic="108dc2a6f81d728367f8ffcf03090629c23d2e98cba1ae", @nested={0x3e, 0xbe, 0x0, 0x1, [@generic="cc55e1cec1b23797af6c699775556591521011d15a73", @typed={0x8, 0x58, 0x0, 0x0, @pid}, @typed={0xc, 0x7f, 0x0, 0x0, @u64=0x8}, @typed={0xc, 0xe7, 0x0, 0x0, @u64=0xc}, @nested={0x4, 0x123}]}, @typed={0x8, 0x111, 0x0, 0x0, @fd}, @typed={0x8, 0x11c, 0x0, 0x0, @fd=r3}]}, 0x2ec}, {&(0x7f00000023c0)={0x1028, 0x28, 0x400, 0x70bd26, 0x2, "", [@typed={0x8, 0x150, 0x0, 0x0, @pid}, @typed={0x8, 0x6d, 0x0, 0x0, @fd=r4}, @typed={0x8, 0xb, 0x0, 0x0, @fd=r3}, @generic="9fead5c00e7cf0ae1f1a50fa2cdadf287a1bcd95a7d58be7df24edaf419d526e2a99bc44914dd8ddef4b6c7df39bee8a72ade06dabfaeef5629f6d01b6e58042015f920e7961b8efb4ab9eb76829159b199a81f6d63c4a78b2c3ae1b72dddcf10ec5b18eb1b963ba6eed083be75695a01869069bb5107220fe7908e01224eabf94a92ed83e1234c080b380d1068adb1001fe1604b17d053b0d3617efcbb3792edddb24ce7133ac34092a4579dc07f18bd89a9092b5073d61e0e24c16bc814e6e0848cca9cc04abfdb0255bbcdf8db8cdbc04510d9b4ef596457361e68d1cc5d0063eb0165edd73b27111d997a41e2bb1d5dc52882912aa6709c706cc128472164abcf92afa3796eb6c4aa00d9a4c008c85ccfbe0428fa3cce33200297288f077d1a251c51940eed4401adec1634fabc75858adf206b2b409514c1021a4553692a2833aa314a4186179ca976dd1b9ee866bc39dc1a64403675d47db38f13836066435e678ea84642636319730ec0b3d5207db1a925d736b9b511d5a71d35dabfa316a7a186c0f8431033993d0028579a65a105c3e014d48e2946f596a658e45dfc00eef7aecd9e3b3dbcf747228e06ef092e63edae9ae4bd58701f2f2fce2f959fcc4da398e11864b12bb7e0effada0eebc16b8af852b7be05cb8cf351cc5a50b858034d798646f41b1afcdae7dde02f9ad2364acc53e38062ddbbd60e78ee4554d18e72b8c96357b2d48a88509d18e555b6208cd9766ae724eea32396ebf6a788fc33e55d53e07c78e40a26c1fd49d390f0e3ad6c9f506ea9d74ec626d4eb6044db84a5cb6c3b0599d2ecb6c68d1a699a81f6456f435bec160741f7d805cc48d704184ab3e97f22281ae420713d160b02232ca8d4d756b434b24e0d8cd3f7a68ebc420ace035505be6be9a4e0dc2e81ea812d825135b04e7d0713b4ab682c77b06ec1ed59fba3dfc8e3226c1947a2a5f7a4205c5b6375195778aeae75005d27db54375ef944d68b9c28f3dda48928212c303608f4a013185c51a9b9033ea6d3597ebeff6c1baecfc94dc89d5c0f7d6a6099b84e6549d9f7d77c99f9961f60ce0d5d2f1d5e07272423073559967d919bdefddab9d32c9f7165d795f6406583f979d280bd4d143645e97aaa712c7268c277ce0d0d9a3cbd54c3bf0262f89e4a4a378bf2498b43ca878fb770b918199ff8ce09f41746e602ab920a4fadef1dae8f055a14a5e8d8a212a0b0082baca81e8495a6c22c63ae164d55582d8b5900348325374f8e3cd3c49ac5e2ae643277907d3c098b6275e953ea2a8f7df3fa343548aa2e3b5ecc92cbc7db268de0c04a509333ea3aec51aa2229b44696b18f9ca818f9460bbef491b5e88c60ebad7f28e57da59d0d6d26300e8bad71d011037f48cb47c3d1ccd9fce3234be58eb9e16ad90c845f429f1440a9d806bed47ef6405d796b4f81671bf37517b4cec3cc879d0e79ec613addb842b47f9432265517c61331682ca1739aeb9140ad1dc885e12a646fcae55d891004d24c01766e0c3d76d3112a8b1b8683d130c87fc089ea30e8cdd52c7dd6be9d7ed42d653b9d7f22066ee4da4c7cbcd0aa4dc5802c92904af802f44525e6ee2c53bfc6f143e3af07935fa780c98c1f70542a9f316f8eff7892d3d58408d4bc1d9d327e7204b8c5492de7e548c0bf56dea0eeedcd17363481049dcfdaa0739aa2187ed1cf2d2e65e69c8327974c34fec5d0dc5a44987707ee95a7aa4c15fee0964b55ea9ada7e788176cf6429f797cb607b45bce78726b0ed3201335c654632f28a3b503a5f9a2a120dd2897b464cac9ab81072bb392afdb6a8e6552d9babecda811cdc80537d48ccd4c4e9de23b024228ede50a8880fcaee3ff73f719e35a613adf3fda246c6dbc4980dcdee79d4c9a4bed49b89da13ba0bbae133bad2c970d06dc9084509ba2009a1a6cb224b9b24b5c492f7249a9523fcc3923de2b5064fe9702ba39d1612e305cee18cd6c5d334025299a9419bb500217065c7759dd7164c2da8fe5e33c2778db2dd1b6176426fffe824c225f2cdd0ded926a5ef4cd7f63ce15c70f80cc515522f839329ff465c73542b2f91d748cb0e051128de696898acec1e31a26223c0082328ccd18b943bb45ae62bdd393eb0e021e3fb7db55a0db4b465604c558b10e5128abb6187b412d5be421676c8406a7462a11673a632ae46cce1c4b941eaba9a5eb1ef9b294a908e8079994d6c00ec61a2427a76db90d664211a7bd27899133a370b3f03535b0f92f6d14fd32100a8369d94821d3108f91a4e86eb5a6e4919fa69245c834c39e56455857dd718d631cd181b933c5d1943777a3437295affacea1ff4fa6a8428912b8ac0c8b165ac040d7a3ebc62344ee348e49e9b2fbf97f286f481804281146af77cf618bed81e03604b97f9893834efdec41589fdc371ffd73dbdf0f26bf9b8a08aa6dcad9aad000d5523c8b900ed62b0231b1c637576505e5daca1f25a78e8fcc78b4f912151ac52ebf8acc5a637b1c8f6c96830860e77ded8072cbc2d1c38be93a22277729a1c1572e2555bd522562b54901143952e26f6f79a3852a8a4f87f1317266d2059c94032090e059a09d0ebe47b0463bbd4926331167c620ea6f151a9ee0202f92986454b7a679459865d99de571b9f7d5b22b619170fd869dda3a12ab14214855c0fb2e0be51e82f291476812205d15451a31681f1f9b6ec813bc245dadccf2915edecd14f7698903a4c4f1f78631f8831609c1b381d36470df3a21d8028753369a3ad68384c531bf1e4c8c0854b22790827a50716ba45146cfaa471bb4a2482e76eb3797ba0b5f8bbe328cc2e43f2b07da2defed20a9e9c34efc549dc6cb82885a7c0c425123fc970c516a5b5d97353a8df5f3ff76a23180637a9fdb8ff5afe66ed51057df6699423491a0b14aa3f3c97fc3ba9160c44923195aa567421f88c603c3c18106891cb4141e48d44c98880f061fc790eda99a9c5ce3bc200484da26cc4b4473c8431cc1c6bb5b70a2a579e0a0e98cff6dbff586c6c1bebf4ddd3dfd7df95572f8ab60b08246082ff7a940f3fe66e74d0598b32cfb794e01a6f71d240c34568fc68d557c2e56cecb1ad45684c5024f80052c9f3afdd43105f5b94203067fe309d554e4f3018323908da86be4d640cd1c4bb889cf1663a4e4e6c6408bac53fc0aa43176e57d464e8a8e495243fd18eb863e634ee89e76df994efa99ec48b2d0dbb443eed8f8dc463e4fc1c501b0c9c424477a3443468421cce74b19167092af73970925807e4fbbf77b6b2ccfe3e2b0f066052634cd3c3b0d7b234dc4ca5516f71cf1d2204e1c8c572e7976eecce99e8ba12c31aa43e196fccd5fada3d434df515d480c15b9eb4f52a40de5c2a4b9ccb73f8b14df4db0f67d981acf1aa2f818b2542b111be87b0ac0d38730206dec72f9f82236b03773777a96caaedd880286772d5e38503ab9c0ff48e2b5664a4046bd56e678c49149f5aeec4967eee819b9f5fa4ac404149abaa2bfec8ff42f671153075bf2be2e132f37b1d6fd2ce0054cb23aceaa1a177e76c541fc0c5abc14721ba513f98aa2a1a3fb5681dab022ca2de2f0c866f2ac906e66cb467daff5096652ae18b3cd1219b448c5a3f85f3b874c49ea783a538fd38c757f0edb9b91c1031a17e94ff42ac56b7099c49aa3ba1a796afbc590e56759ff204ca72b28f1b94336a106b5211da3b95322b001d16ad82befae9ec33dfcad3df394039a3b99c83355f48fc9709058c7de4853f35397b510ab1ed8ce4970ed6141208ce34fde5d8979769e4e2b768de34cdf5c4d33e42e6e798315d64ace7f48c4131fd9b5fc4f927320c7fb9533f7dac583230981b28fb30f0172a83e80ecba9754652a07d8751827b4efd08ac5d25a0780fdea0ced85d909ff670c7404374326e1f1cafc92c752524aeefaa69465801cbc5f20188f12a438a9fa8f28e1716dbdd0ad059fb3714b320e8f0263c7de96631f0d4a832fd8133ba7920cb45136aa42f03188cfa009a39801744850b734b7733cbf9987ee8ecba84b8ecfcd3a7850f9b9eb0897bba6a1b8cd49ad2f5b47f34d1ae69373dac295f7798fdeadfe63e20914e7b1b29a2ffc726ae3e10ac21d7a243ead1a0bce483bcb5e190f47c04c50424a7423d73548a576b0450d9b86acfbdd656e50ada4f455a66a49bf9d4703e411c5564a191c82b90fa6b4bf1a2c657c1623c1c2aee9dba1f0bc2dddb581834a7fd268e5ad3b7e46f39b1651f5ee776a52b2237fcc00f0276d52c60bb906cf922d8eb01e57f9607ed22c351843e87cb2d9f08fcf52ff183f80b1833e34605464c8ff72c66b59d5d0fa1f21bf2171d61f5907379bedb96c67467cd39316fe8181564faf0179eb402c1a9799503ac8806d5b19ee5e68d5edbcde66ac8f5fcf2dfaf96f4819569c60a971bb4518726fde74a67b949c2a62e8899180343b5abfc9adbe949896897d411443102d5df1c7b3aba8ac0d47ed39e778e7eba43771dd4e93f9331a48abccd26252b4ae0d3a0d2bbce906e418ddf2afb3a03c412a75f585cc488590964267e72af6ac206add40015607c1c727b4f1487268ae69f2bcc869591019bdfd5b761d31957f859d6d0e486292d3c6bc7d624c2965cb695fc2e350b88adf95735d29896a9d0ba1f18147e91b718adce3028667da02e70280e7c33040c5f8c945cba1928c6047ac19722c3b1ae8eb08f379fa0ce4d26dc75f400d2b6e73bf313f7362d1941b364d5e58e9588801543abcefffc5492c82a30d54710ba64e4de3ebf02f283f06cc605223c54f4ab7599060a8684098536c4a6df9e3dc9c455380344f9cad1a982083970239552ccdcbde1cc561907cbbd51ce1ae2771f69cd934dce7f6dd7f795b33f5eea695c2cfb8cda13639987aaee1837b48b25d2576d50f7bd384936781e9ea7086bce8d3e72f19047104fcdfa4868bcd6940230a6bef7379c2e3eebbdc4c8f74b4d9428d98bd33c9cca3b1e88fae8ecc5eb95e8aac07f69ef1c507c3daaad904e56fdf2e1ef92f4317517e2fd5e7cb3e38842bfae1c8d5f50084407780b7a71dac4c40466487ba772fa74382488e25619af676baed51d1b52ff741ff80e8bfbd4eb8787e20973efd3f64893ee6e2410664287c8617b17291b54f7e9776629ae7f5d123e596de1c35ea086fa8f08a0b95b278291849291ffbb97d393bb7742c6cdfd00236a37cef6eedbc03f4976bb49a9583baab7c7dcd5807068eab14552657aa2e95cd0f8b389db1d4b3bbe625ea93c41ca08e3217d1233d96e30936f4faf5ea272703a00a7239ddbc0d25e8b52444304f6aa7677fc5a281b2193ff0d1e37d941ceccbb7783660b3aa5bd5a680830051036c3cc1b205df959e06049d3ebcc8d989764891911fd490a079a7ff1cd44efa6b3b28b4ae8f72aaff7c75dcf551a87f3adb33bca9ef89e749f6a825eaa963e516a65060228416ee4cd8d801cd2c9270e258098db40d4f187c21a6cbe94881a09f71035db60a9c27c9ce274a88d3c24d4d43ed10f39575171d2a807e78e382ab2611e9dd6024e8d77c95cff09da37ec1ed921204511d99f5c6620ba87fd46d7a0b3e75f6d4bc62d1be501f2ae4c90d84ee0cbcffb639bc58cc50ba2db8637bc9b6d4e41af27628cdda14b98846770e58146758e8c2787a8b7e2e36768161f3d8c7c36c57213ec2d58bd7a5466c4d277e857c3772469b8b03122fd5150db392a4061288a5eb551d579129d530da7671a6e7c53cf48e533c182d19b5e521b9057b36afec1ea00cf2582307fa91e98d"]}, 0x1028}], 0x7, &(0x7f00000034c0)=[@rights={{0x24, 0x1, 0x1, [r4, r0, r3, r0, r1]}}, @rights={{0x14, 0x1, 0x1, [r2]}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {r5}}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xffffffffffffffff}}}, @cred={{0x1c, 0x1, 0x2, {r6}}}, @rights={{0x14, 0x1, 0x1, [r3]}}], 0xf8, 0x10}, 0x4000000)
r14 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r3, 0x8933, &(0x7f0000000440)={'batadv0\x00', <r15=>0x0})
r16 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r16, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000d40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000070000000900010073797a3000000000c8000000090a010400000000000000000700000108000a40000000000900020073797a31000000000900010073797a300000000008000540000000041c000980100002800c0001800800014000000002080001400000ffff6d000d"], 0x110}, 0x1, 0x0, 0x0, 0x8840}, 0x0)
sendmsg$BATADV_CMD_SET_MESH(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000880)=ANY=[@ANYBLOB='\\\x00\x00\x00', @ANYRES16=r14, @ANYBLOB="010028bd7040010000000f00000005002a000000000008000300", @ANYRES32=r15, @ANYBLOB="08002b000800000005002f000000"], 0x5c}}, 0x18)

7.004503077s ago: executing program 4 (id=2337):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r3, 0x0, 0x20040084)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r7, {0xf, 0x1}, {}, {0x8, 0xa298bcafe42cc1b}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0xc161}]}}]}, 0x44}}, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r8)
socket(0x2, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(r8, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r5, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20}}], 0x1, 0x0)

3.72452267s ago: executing program 2 (id=2342):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.65142461s ago: executing program 3 (id=2344):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x70, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x4, 0xf}, {}, {0x7, 0xd}}, [@filter_kind_options=@f_cgroup={{0x5}, {0x40, 0x2, [@TCA_CGROUP_EMATCHES={0x3c, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x800, 0x7, 0x1}, {{0x0, 0x0, 0x1}, {0x3, 0x1, 0x1}}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x3, 0x6e4, 0xc}, {0x4, 0x80000000, 0x3, 0x1, 0xf, 0x1}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xee4}}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000006100)=@delchain={0x24, 0x65, 0x1, 0x70bd2e, 0x25dfdbff, {0x0, 0x0, 0x0, r9, {0xffff, 0xc}, {}, {0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004004)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x50}, 0x0)

3.635512691s ago: executing program 4 (id=2345):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0xfff2}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket(0x2, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
r7 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r8, {0x0, 0x1}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x15625}]}}]}, 0x44}}, 0x0)
sendmmsg$inet(r4, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, 0x0}}], 0x1, 0x0)

3.475212172s ago: executing program 0 (id=2346):
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="7570646174652064656661756c7420757365723b977275737465643a00"], 0x1d, 0xfffffffffffffffd)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(0xffffffffffffffff, 0xc0105303, &(0x7f00000003c0)={0x0, 0x0, 0x20000})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$netlink(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f00000005c0)={0x20, 0x10, 0x509, 0x0, 0x0, "", [@generic="6f6d8864d22a3f", @typed={0x4}, @nested={0x4}]}, 0x20}], 0x1}, 0x404c040)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x8800, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000000)=0x14)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000180)=0xe)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
close(0x3)
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r3, 0x4020565a, &(0x7f0000000080)={0x3, 0x2, 0x1})
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f00000000c0)=0x2)
r4 = userfaultfd(0xc0001)
ppoll(&(0x7f0000000180)=[{r4, 0x404}], 0x1, 0x0, 0x0, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x0)
write$tcp_mem(r5, &(0x7f0000000280)={0x11, 0x2d, 0x0, 0x3a, 0xfffffffffffffffe, 0x2c}, 0x48)
add_key(0x0, &(0x7f0000000180), &(0x7f0000000100), 0x0, 0xfffffffffffffffe)

2.591466886s ago: executing program 2 (id=2347):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
recvmsg$unix(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0x0, &(0x7f0000000400)}}], 0x1, 0x9200000000000000)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="1400000010000100f7000000000000000500000a44000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc08000340000000144c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a3100000000200003801c0000800c00018006000100d10300000c0004400000000000000001140000001100010b"], 0xb8}, 0x1, 0x0, 0x0, 0x4000850}, 0x4040)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a31000000001c000380180000800c000180060001"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)

2.527629014s ago: executing program 0 (id=2348):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f00000002c0)={0x3, 0x6576, 0x7f})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r0, 0x100000000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x1)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='autofs\x00', 0x0, &(0x7f0000000100))
r1 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x84)
ioctl$AUTOFS_IOC_ASKUMOUNT(r1, 0xc0089364, &(0x7f0000001240))

2.465049742s ago: executing program 4 (id=2349):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x0, 0x0})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000005c0)=@generic={&(0x7f0000000580)='./bus\x00', 0x0, 0x8}, 0x18)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2c0c2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0)
syz_genetlink_get_family_id$batadv(0x0, r0)
fsopen(0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000f40)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
readlinkat(0xffffffffffffffff, &(0x7f0000000140)='./mnt\x00', 0x0, 0x0)
socket(0x3, 0x1, 0x8)
setitimer(0x2, 0x0, 0x0)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0xb4, 0x516f}, &(0x7f0000000180))
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, 0x0, 0x8800)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=@newlink={0x3c, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x9801, 0x1303}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipip={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @multicast1}]}}}]}, 0x3c}}, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000540)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x5c, 0x4, 0x0, 0x1, [{0x58, 0x1, 0x0, 0x1, @target={{0xb}, @val={0x48, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x2c, 0x3, "7339f2f10461afb9fdd672bad09dfb78c7699c74e891a0c700"/40}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xe, 0x1, 'IDLETIMER\x00'}]}}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
socket$nl_generic(0x10, 0x3, 0x10)
syz_emit_ethernet(0x5e, &(0x7f0000002e40)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "7428dd", 0x28, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_na={0x89, 0x0, 0x0, 0x0, '\x00', @remote, [{0x0, 0x2, "122b472e41e24b11f34b608816e5"}]}}}}}}, 0x0)

2.286020925s ago: executing program 3 (id=2350):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f00000003c0)="77cccb0deedbb94f1afd3ccb469a6721cc637e9cbc7f0685c4ab02897a615638b1ba209474e485e5c676dab2f779fc45e14a15eb8cab8dce71eaea08ea87db5609774523b75431049f5889f692ed6ca2e2daf113685834f894408506ffc8b421a2b9b0eff207d81c7b175cfcb3e448d7fc", 0x71}], 0x1, 0x4, 0x5)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000040)={[0x4, 0x2, 0x7c, 0x25, 0x20000004, 0x7f, 0x44233, 0x0, 0x81, 0x9c1, 0x8001, 0x1005, 0xc, 0x4db6, 0x0, 0xfffffdfffffffffd], 0x2000, 0x80300})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f00000001c0)=@x86={0x40, 0x11, 0xc, 0x0, 0x8000, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0xfffffdf8, 0x0, 0xff, 0xff, 0x0, '\x00', 0xff})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.237111002s ago: executing program 1 (id=2351):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), r0)
sendmsg$NL802154_CMD_SET_CHANNEL(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000500)={0x20, r1, 0x1, 0x70bd2c, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_DEV={0xc}]}, 0x20}, 0x1, 0x0, 0x0, 0x840}, 0x4000)

2.067213624s ago: executing program 3 (id=2352):
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=@getqdisc={0x24, 0x26, 0x10, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0x1, 0x5}, {0x10, 0xd}, {0x3, 0xc}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000001}, 0x20040000)
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000ec0)=@newqdisc={0x40, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x8}, {0xffff, 0xffff}}, [@TCA_RATE={0x6, 0x5, {0x0, 0x1}}, @qdisc_kind_options=@q_bfifo={{0xa}, {0x8, 0x2, 0x401}}]}, 0x40}, 0x1, 0x0, 0x0, 0x80d1}, 0x34008098)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.064980574s ago: executing program 0 (id=2353):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000005a0000008500000022000000180100002020702500000000002020200100000000000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff"], 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, 0x0, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x14e5, &(0x7f0000001f40)=ANY=[], 0x0)

1.952885568s ago: executing program 1 (id=2354):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/fscaps', 0x4000, 0x166)
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000280)={0x18, &(0x7f0000000040)=ANY=[@ANYBLOB="000112"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000240)={0x2c, &(0x7f0000000980)=ANY=[@ANYBLOB="00000001000000090090"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x4, 0x0)
ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000040)=""/185)

1.947995459s ago: executing program 0 (id=2355):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

1.814491236s ago: executing program 3 (id=2356):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
close(0x3)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
recvmsg(r1, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{0x0}], 0x1}, 0x0)
sendmmsg$inet(r0, &(0x7f0000002c40)=[{{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000a80)="2a73ed35", 0x732a}], 0x1}}], 0x400000000000292, 0x0)

1.653483137s ago: executing program 2 (id=2357):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x4, 0x5, 0x2, 0x3c, 0x29, 0x9, 0xae, 0x9, 0x8}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newqdisc={0x30, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x7fffe, {0x0, 0x0, 0x0, r7, {}, {0xb, 0xb}, {0xe, 0xb}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x40088c0}, 0x8000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

1.361560814s ago: executing program 2 (id=2358):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000000c0), r2)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=@gettfilter={0x24, 0x2e, 0x28202fbbe4fc442b, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0x7, 0xa}, {0xa, 0x4}, {0xc, 0x8}}}, 0x24}}, 0x0)
r3 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r3, &(0x7f0000000200)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
r5 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r5, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
r6 = socket(0x15, 0x5, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt(r6, 0x200000000114, 0x2715, &(0x7f0000000580)=""/102393, &(0x7f0000000000)=0x18ff9)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)=@newtfilter={0x3c, 0x2c, 0x52f, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, r4, {0xc}, {}, {0x8, 0x2}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_CLASSID={0x8, 0x1, {0xe, 0x1}}]}}]}, 0x3c}}, 0x0)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f00000002c0), 0x40000000000009f, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x439, 0x0, 0x0, {0x0, 0x0, 0x0, r8, 0x49801}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @remote}, @IFLA_IPTUN_TOS={0x5, 0x5, 0x1}]}}}]}, 0x40}}, 0x0)
sendto$packet(r0, &(0x7f0000000600)="05d936277c6f5422007f83477ca1b2f8e3e4018a34e7bfd3de1a00ad6762", 0x1e, 0x40890, &(0x7f0000000200)={0x11, 0x86dd, r8, 0x1, 0x4, 0x6, @multicast}, 0x14)

1.279251285s ago: executing program 1 (id=2359):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xf, 0xf}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_SPLIT_GSO={0x8}]}}]}, 0x3c}}, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
close(r6)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
r8 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r9, {0x0, 0x9}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0xc, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4004000}, 0x4084)
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r5, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r7, 0x3e}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000180)="27030200000214000e00052fb96dffff1144ee163cddcb0000fff100"/38, 0x26}, {&(0x7f00000004c0)="f058fe7dad777f8f", 0x300}], 0x2}, 0x5)

1.215014763s ago: executing program 2 (id=2360):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x70, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r7, {0x4, 0xf}, {}, {0x7, 0xd}}, [@filter_kind_options=@f_cgroup={{0x5}, {0x40, 0x2, [@TCA_CGROUP_EMATCHES={0x3c, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x800, 0x7, 0x1}, {{0x0, 0x0, 0x1}, {0x3, 0x1, 0x1}}}}, @TCF_EM_CMP={0x18, 0x2, 0x0, 0x0, {{0x3, 0x6e4, 0xc}, {0x4, 0x80000000, 0x3, 0x1, 0xf, 0x1}}}]}, @TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xee4}}]}]}}]}, 0x70}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000006040)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000006100)=@delchain={0x24, 0x65, 0x1, 0x70bd2e, 0x25dfdbff, {0x0, 0x0, 0x0, r9, {0xffff, 0xc}, {}, {0xfff2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004004)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x50}, 0x0)

959.367356ms ago: executing program 0 (id=2361):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x40000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000140)={{0x1, 0x1, 0xb8, r0}, './file0\x00'})

675.226143ms ago: executing program 3 (id=2362):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000001e40)={0x0, 0x0, &(0x7f0000001e00)={&(0x7f0000000100)=ANY=[@ANYBLOB="020403081d00000026bd7000fddbdf25050005006c0000000a004e210000000ffc0100000000000000000000000000010200000000000000050006009d6000000a004e210000000100000000000000000000ffffac1414aa090000000000000002000100000004d207042d03000000400f00180005026e00"], 0xe8}}, 0x8040)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
setxattr$system_posix_acl(&(0x7f0000000000)='./bus\x00', &(0x7f0000000040)='system.posix_acl_access\x00', &(0x7f0000000180)={{}, {}, [{0x2, 0x1}], {0x4, 0x1}, [], {0x10, 0x1}}, 0x2c, 0x3)
getxattr(&(0x7f0000000100)='./bus\x00', &(0x7f0000000140)=@known='system.posix_acl_access\x00', 0x0, 0xed)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae03, 0x48)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$KVM_SET_CLOCK(r4, 0x4048aec9, &(0x7f0000000040)={0x601b, 0x8, 0x2000000, 0x2000000, 0x40002})
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, 0x0)

359.270994ms ago: executing program 0 (id=2363):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000480)=[{&(0x7f00000003c0)="77cccb0deedbb94f1afd3ccb469a6721cc637e9cbc7f0685c4ab02897a615638b1ba209474e485e5c676dab2f779fc45e14a15eb8cab8dce71eaea08ea87db5609774523b75431049f5889f692ed6ca2e2daf113685834f894408506ffc8b421a2b9b0eff207d81c7b175cfcb3e448d7fc", 0x71}], 0x1, 0x4, 0x5)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000040)={[0x4, 0x2, 0x7c, 0x25, 0x20000004, 0x7f, 0x44233, 0x0, 0x81, 0x9c1, 0x8001, 0x1005, 0xc, 0x4db6, 0x0, 0xfffffdfffffffffd], 0x2000, 0x80300})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f00000001c0)=@x86={0x40, 0x11, 0xc, 0x0, 0x8000, 0x0, 0x10, 0x0, 0x0, 0x80, 0x9, 0x0, 0x0, 0x0, 0xfffffdf8, 0x0, 0xff, 0xff, 0x0, '\x00', 0xff})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

150.049981ms ago: executing program 3 (id=2364):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r1)
r2 = socket(0x2b, 0x1, 0x1)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r2, 0x5)
r3 = socket$inet_smc(0x2b, 0x1, 0x0)
connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

122.450104ms ago: executing program 2 (id=2365):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000005a0000008500000022000000180100002020702500000000002020200100000000000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff"], 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, 0x0, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x14e5, &(0x7f0000001f40)=ANY=[], 0x0)

0s ago: executing program 4 (id=2366):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f0000000c80), &(0x7f0000001280)=0x30)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0xc0a85320, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="640100000001010400000000000000000a0000003c0001802c000180140003000000000000000000000000000000000014000400200100000000000000000000000000010c00028005000100000000003c0002802c00018014000300fe80000000000000000000000000000014000400ff0200000000000000000000000000010c00028005000100000000000800074000000000d0000d800800", @ANYRESHEX=0x0], 0x164}, 0x1, 0x0, 0x0, 0x8090}, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0xe22, 0x0, @ipv4={'\x00', '\xff\xff', @local}, 0xffffffff}, 0x1c)
connect$inet6(r3, &(0x7f0000000340)={0x2, 0x0, 0x0, @rand_addr=' \x01\x00'}, 0x1c)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000000)=[{&(0x7f00000001c0)="580000001500add427323b472545b45602117fffffff81000e224e217f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71036000000ffffffffffffffffffe7ee00000000000000000200000000", 0x58}], 0x1)
r5 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x80800)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
mlock2(&(0x7f0000006000/0x1000)=nil, 0x1000, 0x1)
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000002c0)={'virt_wifi0\x00', <r7=>0x0})
setsockopt$inet6_mreq(r6, 0x29, 0x1b, &(0x7f0000000000)={@remote, r7}, 0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=@newtfilter={0x24, 0x11, 0xd27, 0x2000, 0x0, {0x0, 0x0, 0x74, r7, {}, {0xafabc05531515610, 0xfff3}, {0xf, 0x5}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x1c005}, 0x0)
io_uring_setup(0x178e, &(0x7f0000000140)={0x0, 0x52c1, 0x8, 0xfffffffe, 0xa})
syz_usb_connect(0x2, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="120100000c9768405e0483020b9901e4020109021b000100000000090400fb0160291d00090509"], 0x0)
r8 = syz_open_dev$audion(&(0x7f0000000000), 0x3, 0x1)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r8, &(0x7f0000000700)={0x4, 0x8}, 0x10)

kernel console output (not intermixed with test programs):

r parsing attributes in process `syz.1.406'.
[  134.815657][ T5643] netlink: 68 bytes leftover after parsing attributes in process `syz.2.409'.
[  134.852552][ T5646] device syzkaller0 entered promiscuous mode
[  134.903604][ T5649] netlink: 24 bytes leftover after parsing attributes in process `syz.0.412'.
[  135.104668][ T5654] device syzkaller0 entered promiscuous mode
[  135.278179][ T5658] netlink: 76 bytes leftover after parsing attributes in process `syz.3.416'.
[  135.626685][ T5669] netlink: 24 bytes leftover after parsing attributes in process `syz.1.421'.
[  135.801963][ T5676] netlink: 24 bytes leftover after parsing attributes in process `syz.3.423'.
[  135.930414][ T5681] device syzkaller0 entered promiscuous mode
[  135.940036][ T5682] netlink: 68 bytes leftover after parsing attributes in process `syz.4.426'.
[  136.895034][ T5714] device syzkaller0 entered promiscuous mode
[  137.001041][ T5717] 8021q: adding VLAN 0 to HW filter on device bond1
[  137.141946][ T5721] bond1: (slave syz_tun): Enslaving as an active interface with an up link
[  137.640739][ T5717] bond1 (unregistering): (slave syz_tun): Releasing backup interface
[  137.649720][ T5741] loop2: detected capacity change from 0 to 7
[  137.661131][ T5717] bond1 (unregistering): Released all slaves
[  137.678069][ T4737] Dev loop2: unable to read RDB block 7
[  137.683713][ T4737]  loop2: unable to read partition table
[  137.696420][ T4737] loop2: partition table beyond EOD, truncated
[  137.718556][ T5741] Dev loop2: unable to read RDB block 7
[  137.725048][ T5741]  loop2: unable to read partition table
[  137.733740][ T5741] loop2: partition table beyond EOD, truncated
[  137.764565][ T5741] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  138.119176][ T5749] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  138.191524][   T27] audit: type=1326 audit(1768788827.191:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5747 comm="syz.3.448" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f33c7d9acb9 code=0x0
[  138.723971][ T5766] device syzkaller0 entered promiscuous mode
[  139.160250][ T5779] device syzkaller0 entered promiscuous mode
[  139.661121][ T5792] __nla_validate_parse: 8 callbacks suppressed
[  139.661139][ T5792] netlink: 76 bytes leftover after parsing attributes in process `syz.0.465'.
[  139.833251][ T5794] netlink: 24 bytes leftover after parsing attributes in process `syz.1.466'.
[  139.988311][ T5806] netlink: 40 bytes leftover after parsing attributes in process `syz.1.471'.
[  140.034967][ T5803] netlink: 8 bytes leftover after parsing attributes in process `syz.3.469'.
[  140.150468][ T5814] device syzkaller0 entered promiscuous mode
[  140.256654][   T27] audit: type=1326 audit(1768788829.261:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5800 comm="syz.3.469" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f33c7d9acb9 code=0x0
[  141.353217][ T5846] netlink: 76 bytes leftover after parsing attributes in process `syz.1.480'.
[  141.958360][ T5858] bridge: RTM_NEWNEIGH with unconfigured vlan 1 on bridge0
[  142.153827][ T5865] netlink: 28 bytes leftover after parsing attributes in process `syz.2.488'.
[  142.249413][ T5865] netlink: 'syz.2.488': attribute type 7 has an invalid length.
[  142.282651][ T5865] netlink: 4 bytes leftover after parsing attributes in process `syz.2.488'.
[  142.357019][ T5865] device syz_tun entered promiscuous mode
[  142.383973][ T5865] device syz_tun left promiscuous mode
[  142.585157][ T5868] device syzkaller0 entered promiscuous mode
[  142.785551][ T5882] netlink: 40 bytes leftover after parsing attributes in process `syz.3.493'.
[  142.803573][ T5883] netlink: 76 bytes leftover after parsing attributes in process `syz.2.494'.
[  145.954718][ T5930] netlink: 24 bytes leftover after parsing attributes in process `syz.1.504'.
[  146.052407][ T5932] netlink: 40 bytes leftover after parsing attributes in process `syz.4.505'.
[  146.186850][ T5943] netlink: 8 bytes leftover after parsing attributes in process `syz.0.503'.
[  146.312667][ T5936] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  146.332905][ T5949] netlink: 28 bytes leftover after parsing attributes in process `syz.1.510'.
[  146.342417][ T5949] netlink: 'syz.1.510': attribute type 7 has an invalid length.
[  146.354491][ T5949] netlink: 4 bytes leftover after parsing attributes in process `syz.1.510'.
[  146.401782][ T5949] device syz_tun entered promiscuous mode
[  146.443303][ T5949] device syz_tun left promiscuous mode
[  146.450888][   T27] audit: type=1326 audit(1768788835.451:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5927 comm="syz.0.503" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f073539acb9 code=0x0
[  147.677322][ T5982] syz.2.518 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  147.817573][ T5984] netlink: 24 bytes leftover after parsing attributes in process `syz.1.520'.
[  148.423624][ T5993] netlink: 40 bytes leftover after parsing attributes in process `syz.4.521'.
[  149.642202][ T6034] bridge: RTM_NEWNEIGH with unconfigured vlan 1 on bridge0
[  149.687476][ T6033] netlink: 8 bytes leftover after parsing attributes in process `syz.1.533'.
[  149.725164][ T6036] netlink: 52 bytes leftover after parsing attributes in process `syz.4.534'.
[  149.746264][ T6036] bridge0: port 2(bridge_slave_1) entered disabled state
[  149.754054][ T6036] bridge0: port 1(bridge_slave_0) entered disabled state
[  149.785488][ T6033] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  149.946857][   T27] audit: type=1326 audit(1768788838.951:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6029 comm="syz.1.533" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f09b079acb9 code=0x0
[  150.086056][    C0] bridge0: port 3(team0) entered learning state
[  150.634141][ T6046] netlink: 40 bytes leftover after parsing attributes in process `syz.3.536'.
[  151.964110][ T6060] device syzkaller0 entered promiscuous mode
[  151.986089][ T6065] bridge0: port 2(bridge_slave_1) entered blocking state
[  151.993855][ T6065] bridge0: port 2(bridge_slave_1) entered listening state
[  152.002140][ T6065] bridge0: port 1(bridge_slave_0) entered blocking state
[  152.009552][ T6065] bridge0: port 1(bridge_slave_0) entered listening state
[  152.024697][ T6066] netlink: 12 bytes leftover after parsing attributes in process `syz.0.545'.
[  152.086551][ T6066] device bond1 entered promiscuous mode
[  152.092429][ T6066] 8021q: adding VLAN 0 to HW filter on device bond1
[  152.450271][ T6076] Bluetooth: MGMT ver 1.22
[  152.476382][ T6076] xt_TPROXY: Can be used only with -p tcp or -p udp
[  152.526687][ T6076] delete_channel: no stack
[  154.360656][ T6072] netlink: 40 bytes leftover after parsing attributes in process `syz.4.547'.
[  154.913845][ T6103] netlink: 24 bytes leftover after parsing attributes in process `syz.0.555'.
[  155.094777][ T6103] bridge: RTM_NEWNEIGH with unconfigured vlan 1 on bridge0
[  155.418140][ T6111] netlink: 8 bytes leftover after parsing attributes in process `syz.4.558'.
[  155.510297][ T6111] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  155.586473][   T27] audit: type=1326 audit(1768788844.591:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6110 comm="syz.4.558" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe309f9acb9 code=0x0
[  156.044187][ T6124] device syzkaller0 entered promiscuous mode
[  156.349863][ T6127] ieee802154 phy0 wpan0: encryption failed: -22
[  156.396596][ T6127] ieee802154 phy0 wpan0: encryption failed: -22
[  160.314795][ T6175] netlink: 8 bytes leftover after parsing attributes in process `syz.4.575'.
[  160.352562][ T6175] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  160.489831][   T27] audit: type=1326 audit(1768788849.491:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6174 comm="syz.4.575" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe309f9acb9 code=0x0
[  160.728980][ T6190] bond1 (unregistering): Released all slaves
[  160.761514][ T6193] netlink: 24 bytes leftover after parsing attributes in process `syz.2.577'.
[  161.461304][ T6200] device syzkaller0 entered promiscuous mode
[  161.696441][ T6213] loop2: detected capacity change from 0 to 7
[  161.729024][ T6213] Dev loop2: unable to read RDB block 7
[  161.743360][ T6213]  loop2: unable to read partition table
[  161.749732][ T6213] loop2: partition table beyond EOD, truncated
[  161.763521][ T6213] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  165.496543][ T6274] bond2 (unregistering): Released all slaves
[  165.601243][ T6282] netlink: 'syz.1.603': attribute type 1 has an invalid length.
[  165.670704][ T6280] device syzkaller0 entered promiscuous mode
[  165.704337][ T6284] netlink: 24 bytes leftover after parsing attributes in process `syz.4.602'.
[  165.898109][ T6289] netlink: 68 bytes leftover after parsing attributes in process `syz.0.604'.
[  166.276954][ T6299] device syzkaller0 entered promiscuous mode
[  167.375236][    C1] bridge0: port 1(bridge_slave_0) entered learning state
[  167.382471][    C1] bridge0: port 2(bridge_slave_1) entered learning state
[  169.547317][ T6316] netlink: 76 bytes leftover after parsing attributes in process `syz.2.608'.
[  169.639244][ T6341] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  170.079821][ T6354] device syzkaller0 entered promiscuous mode
[  170.388672][ T6375] tipc: Started in network mode
[  170.393712][ T6375] tipc: Node identity 82f51d3ffe08, cluster identity 4711
[  170.425641][ T6375] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  170.432379][ T6372] netlink: 76 bytes leftover after parsing attributes in process `syz.0.624'.
[  170.449939][ T6364] tipc: Resetting bearer <eth:syzkaller0>
[  170.557210][ T6364] tipc: Disabling bearer <eth:syzkaller0>
[  170.808086][ T6385] device syzkaller0 entered promiscuous mode
[  171.586889][ T6403] device syzkaller0 entered promiscuous mode
[  174.266081][ T6416] device syzkaller0 entered promiscuous mode
[  174.277084][ T6427] netlink: 76 bytes leftover after parsing attributes in process `syz.2.637'.
[  176.159749][ T6460] device syzkaller0 entered promiscuous mode
[  176.650895][ T6490] netlink: 144 bytes leftover after parsing attributes in process `syz.2.649'.
[  177.361934][ T6515] netlink: 76 bytes leftover after parsing attributes in process `syz.3.655'.
[  178.004171][ T6526] netlink: 14 bytes leftover after parsing attributes in process `syz.3.658'.
[  178.161572][ T6529] device syzkaller0 entered promiscuous mode
[  178.617944][ T6542] fuse: Unknown parameter 'fd0x0000000000000004'
[  178.755129][ T6538] device syzkaller0 entered promiscuous mode
[  180.174497][    C0] bridge0: port 3(team0) entered forwarding state
[  180.181042][    C0] bridge0: topology change detected, propagating
[  181.577477][ T6555] netlink: 76 bytes leftover after parsing attributes in process `syz.0.668'.
[  181.726024][ T6581] loop2: detected capacity change from 0 to 7
[  181.757567][ T4737] Dev loop2: unable to read RDB block 7
[  181.763210][ T4737]  loop2: AHDI p1 p2 p3
[  181.782426][ T4737] loop2: partition table partially beyond EOD, truncated
[  181.812197][ T4737] loop2: p1 start 1601398130 is beyond EOD, truncated
[  181.848939][ T4737] loop2: p2 start 1702059890 is beyond EOD, truncated
[  181.919856][ T6581] Dev loop2: unable to read RDB block 7
[  181.934850][ T6581]  loop2: AHDI p1 p2 p3
[  181.939275][ T6581] loop2: partition table partially beyond EOD, truncated
[  181.994710][ T6581] loop2: p1 start 1601398130 is beyond EOD, truncated
[  182.044580][ T6581] loop2: p2 start 1702059890 is beyond EOD, truncated
[  182.281080][ T6595] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.389086][ T6595] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.542887][ T6595] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.657730][ T6595] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  182.724512][    C1] bridge0: port 2(bridge_slave_1) entered forwarding state
[  182.731823][    C1] bridge0: topology change detected, propagating
[  182.738798][    C1] bridge0: port 1(bridge_slave_0) entered forwarding state
[  182.746101][    C1] bridge0: topology change detected, propagating
[  182.753754][ T4794] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  183.033387][ T6611] netlink: 14 bytes leftover after parsing attributes in process `syz.2.679'.
[  183.086812][ T6595] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  183.143528][ T6595] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  183.173575][ T6595] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  183.211318][ T6613] device syzkaller0 entered promiscuous mode
[  183.229308][ T6595] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  186.147452][ T6615] netlink: 28 bytes leftover after parsing attributes in process `syz.3.681'.
[  186.163792][ T6615] netlink: 'syz.3.681': attribute type 7 has an invalid length.
[  186.174665][ T6615] netlink: 4 bytes leftover after parsing attributes in process `syz.3.681'.
[  186.198930][ T6615] device syz_tun entered promiscuous mode
[  186.227198][ T6615] device syz_tun left promiscuous mode
[  186.291760][ T6618] netlink: 76 bytes leftover after parsing attributes in process `syz.0.683'.
[  186.382124][ T6634] device syzkaller0 entered promiscuous mode
[  188.592653][ T6667] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  188.600445][ T6669] device syzkaller0 entered promiscuous mode
[  188.710372][ T6669] tipc: Resetting bearer <eth:syzkaller0>
[  188.782967][ T6669] tipc: Disabling bearer <eth:syzkaller0>
[  189.130795][ T6702] device syzkaller0 entered promiscuous mode
[  192.012759][ T6707] netlink: 28 bytes leftover after parsing attributes in process `syz.0.698'.
[  192.032106][ T6707] netlink: 'syz.0.698': attribute type 7 has an invalid length.
[  192.044567][ T6707] netlink: 4 bytes leftover after parsing attributes in process `syz.0.698'.
[  192.087701][ T6707] device syz_tun entered promiscuous mode
[  192.104819][ T6707] device syz_tun left promiscuous mode
[  192.129188][ T6711] syzkaller1: tun_chr_ioctl cmd 1074025677
[  192.135935][ T6711] syzkaller1: linktype set to 773
[  192.386835][ T6720] netlink: 14 bytes leftover after parsing attributes in process `syz.3.702'.
[  192.480852][ T6724] device syzkaller0 entered promiscuous mode
[  193.968563][ T6752] netlink: 28 bytes leftover after parsing attributes in process `syz.0.713'.
[  193.985021][ T6752] netlink: 'syz.0.713': attribute type 7 has an invalid length.
[  193.992699][ T6752] netlink: 4 bytes leftover after parsing attributes in process `syz.0.713'.
[  194.165239][ T6752] device syz_tun entered promiscuous mode
[  194.192144][ T6752] device syz_tun left promiscuous mode
[  194.249899][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  194.257470][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  194.574940][ T6763] device syzkaller0 entered promiscuous mode
[  194.623223][ T6767] netlink: 68 bytes leftover after parsing attributes in process `syz.0.719'.
[  195.396282][ T6781] device syzkaller0 entered promiscuous mode
[  196.228925][ T6794] netlink: 14 bytes leftover after parsing attributes in process `syz.4.729'.
[  198.779842][ T6823] netlink: 68 bytes leftover after parsing attributes in process `syz.3.735'.
[  199.398824][ T6809] device syzkaller0 entered promiscuous mode
[  199.842425][ T6835] device syzkaller0 entered promiscuous mode
[  199.870314][ T6843] netlink: 28 bytes leftover after parsing attributes in process `syz.3.740'.
[  199.894660][ T6843] netlink: 'syz.3.740': attribute type 7 has an invalid length.
[  199.902381][ T6843] netlink: 4 bytes leftover after parsing attributes in process `syz.3.740'.
[  200.370120][ T6843] device syz_tun entered promiscuous mode
[  200.403014][ T6843] device syz_tun left promiscuous mode
[  200.862823][ T6861] netlink: 14 bytes leftover after parsing attributes in process `syz.4.743'.
[  201.083068][ T6867] device syzkaller0 entered promiscuous mode
[  201.461209][ T4272] Bluetooth: hci1: command 0x0406 tx timeout
[  201.461232][   T48] Bluetooth: hci2: command 0x0406 tx timeout
[  201.467720][ T4272] Bluetooth: hci3: command 0x0406 tx timeout
[  201.467753][ T4272] Bluetooth: hci0: command 0x0406 tx timeout
[  204.268002][ T6889] netlink: 28 bytes leftover after parsing attributes in process `syz.0.755'.
[  204.301759][ T6889] netlink: 'syz.0.755': attribute type 7 has an invalid length.
[  204.322339][ T6889] netlink: 4 bytes leftover after parsing attributes in process `syz.0.755'.
[  204.346167][ T6889] device syz_tun entered promiscuous mode
[  204.353201][ T6889] device syz_tun left promiscuous mode
[  207.206733][ T6903] netlink: 40 bytes leftover after parsing attributes in process `syz.4.760'.
[  207.529567][ T6943] netlink: 28 bytes leftover after parsing attributes in process `syz.0.769'.
[  207.630718][ T6943] netlink: 'syz.0.769': attribute type 7 has an invalid length.
[  207.660318][ T6943] netlink: 4 bytes leftover after parsing attributes in process `syz.0.769'.
[  207.708145][ T6943] device syz_tun entered promiscuous mode
[  207.731153][ T6943] device syz_tun left promiscuous mode
[  208.729235][ T6977] netlink: 40 bytes leftover after parsing attributes in process `syz.4.776'.
[  208.743657][ T6981] netlink: 68 bytes leftover after parsing attributes in process `syz.3.777'.
[  209.250649][ T7001] device syzkaller0 entered promiscuous mode
[  209.471855][ T7006] device syzkaller0 entered promiscuous mode
[  211.694580][   T48] Bluetooth: hci4: command 0x0406 tx timeout
[  211.753072][ T7009] netlink: 40 bytes leftover after parsing attributes in process `syz.4.790'.
[  212.144211][ T7052] netlink: 68 bytes leftover after parsing attributes in process `syz.4.795'.
[  212.401766][ T7060] device syzkaller0 entered promiscuous mode
[  212.688464][ T7070] loop2: detected capacity change from 0 to 7
[  212.706393][ T4737] Dev loop2: unable to read RDB block 7
[  212.712044][ T4737]  loop2: unable to read partition table
[  212.727888][ T4737] loop2: partition table beyond EOD, truncated
[  212.737541][ T7070] Dev loop2: unable to read RDB block 7
[  212.743372][ T7070]  loop2: unable to read partition table
[  212.790721][ T7073] netlink: 40 bytes leftover after parsing attributes in process `syz.2.806'.
[  212.792003][ T7070] loop2: partition table beyond EOD, truncated
[  212.818091][ T7070] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  212.841803][ T3638] Dev loop2: unable to read RDB block 7
[  212.847970][ T3638]  loop2: unable to read partition table
[  212.854177][ T3638] loop2: partition table beyond EOD, truncated
[  213.233736][ T7087] device syzkaller0 entered promiscuous mode
[  213.781860][ T7116] netlink: 68 bytes leftover after parsing attributes in process `syz.0.817'.
[  215.509683][ T7102] netlink: 'syz.1.818': attribute type 39 has an invalid length.
[  215.554139][ T7106] device syzkaller0 entered promiscuous mode
[  215.820025][ T7124] netlink: 40 bytes leftover after parsing attributes in process `syz.2.819'.
[  216.339651][ T7149] loop2: detected capacity change from 0 to 7
[  216.368756][ T4737] Dev loop2: unable to read RDB block 7
[  216.379093][ T4737]  loop2: unable to read partition table
[  216.402324][ T4737] loop2: partition table beyond EOD, truncated
[  216.461523][ T7149] Dev loop2: unable to read RDB block 7
[  216.491397][ T7149]  loop2: unable to read partition table
[  216.535732][ T7149] loop2: partition table beyond EOD, truncated
[  216.599877][ T7149] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  216.642228][ T7154] netlink: 68 bytes leftover after parsing attributes in process `syz.0.830'.
[  216.884846][   T14] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  217.061584][ T7162] netlink: 40 bytes leftover after parsing attributes in process `syz.0.833'.
[  217.078674][   T14] usb 4-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  217.091773][   T14] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.127338][   T14] usb 4-1: Product: syz
[  217.133467][   T14] usb 4-1: Manufacturer: syz
[  217.138792][   T14] usb 4-1: SerialNumber: syz
[  217.153290][   T14] usb 4-1: config 0 descriptor??
[  217.170154][   T14] i2c-tiny-usb 4-1:0.0: version 6d.cc found at bus 004 address 002
[  217.432417][ T7170] device syzkaller0 entered promiscuous mode
[  217.572998][   T14]  (null): failure reading functionality
[  217.605077][   T14] i2c i2c-1: failure reading functionality
[  217.644019][   T14] i2c i2c-1: connected i2c-tiny-usb device
[  217.779663][ T7168] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  217.817628][ T7168] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  217.982428][ T7168] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  218.016985][ T7168] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.208173][ T7168] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  218.276491][ T7168] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.606663][ T7168] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  218.649991][ T7168] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.933870][ T7194] netlink: 68 bytes leftover after parsing attributes in process `syz.1.843'.
[  218.993551][ T7168] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  219.034180][ T7168] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  219.071802][ T7168] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  219.098502][ T7168] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  219.142847][ T7168] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  219.164595][ T7168] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  219.215051][ T7168] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  219.223462][ T7168] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  219.571235][ T7205] loop2: detected capacity change from 0 to 7
[  219.651753][ T4737] Dev loop2: unable to read RDB block 7
[  219.661771][ T4737]  loop2: unable to read partition table
[  219.685184][ T7172] i2c i2c-1: failure reading data
[  219.700196][ T4737] loop2: partition table beyond EOD, truncated
[  219.730606][ T7205] Dev loop2: unable to read RDB block 7
[  219.748801][ T7205]  loop2: unable to read partition table
[  219.783794][ T7205] loop2: partition table beyond EOD, truncated
[  219.878281][ T1169] usb 4-1: USB disconnect, device number 2
[  219.886990][ T7205] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  219.951416][ T7209] device syzkaller0 entered promiscuous mode
[  220.360227][ T7224] device syzkaller0 entered promiscuous mode
[  220.582056][ T7231] netlink: 68 bytes leftover after parsing attributes in process `syz.1.856'.
[  221.174500][ T4274] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  221.384983][ T4274] usb 4-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  221.395568][ T7262] loop2: detected capacity change from 0 to 7
[  221.402617][ T4274] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.423192][ T4274] usb 4-1: Product: syz
[  221.428330][ T7262] Dev loop2: unable to read RDB block 7
[  221.436555][ T4274] usb 4-1: Manufacturer: syz
[  221.441210][ T4274] usb 4-1: SerialNumber: syz
[  221.456239][ T7262]  loop2: unable to read partition table
[  221.462152][ T7262] loop2: partition table beyond EOD, truncated
[  221.471293][ T4274] usb 4-1: config 0 descriptor??
[  221.489771][ T4274] i2c-tiny-usb 4-1:0.0: version 6d.cc found at bus 004 address 003
[  221.498086][ T7262] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  221.760839][ T7266] device syzkaller0 entered promiscuous mode
[  221.893771][ T4274]  (null): failure reading functionality
[  221.910779][ T4274] i2c i2c-1: failure reading functionality
[  221.930043][ T4274] i2c i2c-1: connected i2c-tiny-usb device
[  222.299094][ T7278] netlink: 68 bytes leftover after parsing attributes in process `syz.1.872'.
[  223.437128][ T7305] device syzkaller0 entered promiscuous mode
[  223.690149][ T7310] loop2: detected capacity change from 0 to 7
[  223.697886][ T4737] Dev loop2: unable to read RDB block 7
[  223.703531][ T4737]  loop2: unable to read partition table
[  223.712927][ T4737] loop2: partition table beyond EOD, truncated
[  223.720650][ T7310] Dev loop2: unable to read RDB block 7
[  223.729851][ T7310]  loop2: unable to read partition table
[  223.745048][ T7310] loop2: partition table beyond EOD, truncated
[  223.772100][ T7310] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  224.038207][ T7322] netlink: 24 bytes leftover after parsing attributes in process `syz.1.885'.
[  224.089689][ T7271] i2c i2c-1: failure reading data
[  224.268938][ T1169] usb 4-1: USB disconnect, device number 3
[  224.875046][ T7349] device syzkaller0 entered promiscuous mode
[  225.160374][ T7354] netlink: 24 bytes leftover after parsing attributes in process `syz.3.896'.
[  225.297714][ T7360] loop2: detected capacity change from 0 to 7
[  225.305669][ T7359] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  225.340336][ T7360] Dev loop2: unable to read RDB block 7
[  225.367221][ T7359] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  225.384921][ T7360]  loop2: unable to read partition table
[  225.390895][ T7360] loop2: partition table beyond EOD, truncated
[  225.402018][ T7360] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  226.009637][ T7376] netlink: 80 bytes leftover after parsing attributes in process `syz.3.906'.
[  226.153343][ T7380] device syzkaller0 entered promiscuous mode
[  226.321872][ T7386] netlink: 24 bytes leftover after parsing attributes in process `syz.0.910'.
[  227.671263][ T7407] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  227.686605][ T7409] netlink: 80 bytes leftover after parsing attributes in process `syz.2.919'.
[  227.924067][ T7415] device syzkaller0 entered promiscuous mode
[  228.186554][ T7425] device syzkaller0 entered promiscuous mode
[  229.165529][ T7440] netlink: 80 bytes leftover after parsing attributes in process `syz.3.933'.
[  229.580762][ T7451] netlink: 'syz.2.936': attribute type 12 has an invalid length.
[  231.421754][ T7501] loop2: detected capacity change from 0 to 7
[  231.431367][ T4737] Dev loop2: unable to read RDB block 7
[  231.445358][ T4737]  loop2: unable to read partition table
[  231.451252][ T4737] loop2: partition table beyond EOD, truncated
[  231.496495][ T7501] Dev loop2: unable to read RDB block 7
[  231.502714][ T7501]  loop2: unable to read partition table
[  231.517226][ T7501] loop2: partition table beyond EOD, truncated
[  231.524222][ T7501] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  233.008236][ T7467] device syzkaller0 entered promiscuous mode
[  233.049091][ T7505] netlink: 12 bytes leftover after parsing attributes in process `syz.2.951'.
[  233.063034][ T7505] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  233.072224][ T7505] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  233.081119][ T7505] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  233.089926][ T7505] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  233.100686][ T7505] netlink: 4 bytes leftover after parsing attributes in process `syz.2.951'.
[  233.146011][ T7506] netlink: 4 bytes leftover after parsing attributes in process `syz.2.951'.
[  233.190450][ T7506] netlink: 4 bytes leftover after parsing attributes in process `syz.2.951'.
[  233.412356][ T7512] device syzkaller0 entered promiscuous mode
[  234.508068][ T7530] device syzkaller0 entered promiscuous mode
[  237.513939][ T7586] device syzkaller0 entered promiscuous mode
[  237.925507][ T7598] device syzkaller0 entered promiscuous mode
[  238.451444][ T7602] netlink: 'syz.3.974': attribute type 12 has an invalid length.
[  238.957505][ T7617] device syzkaller0 entered promiscuous mode
[  239.268705][ T7621] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.485604][ T7621] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.750112][ T7621] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.829791][ T7631] device syzkaller0 entered promiscuous mode
[  239.970079][ T7621] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.098954][ T7648] device syzkaller0 entered promiscuous mode
[  240.135758][ T7648] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  240.165969][ T7646] tipc: Resetting bearer <eth:syzkaller0>
[  240.289012][ T7646] tipc: Disabling bearer <eth:syzkaller0>
[  240.360456][ T7621] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  240.412766][ T7621] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  240.502462][ T7621] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  240.560281][ T7621] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  240.680608][ T7660] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  240.689157][ T7660] device syzkaller0 entered promiscuous mode
[  240.742355][ T7659] device syzkaller0 entered promiscuous mode
[  241.191582][ T7678] netlink: 68 bytes leftover after parsing attributes in process `syz.0.992'.
[  241.556250][ T7667] tipc: Resetting bearer <eth:syzkaller0>
[  241.662765][ T7657] tipc: Resetting bearer <eth:syzkaller0>
[  241.739980][ T7657] tipc: Disabling bearer <eth:syzkaller0>
[  241.779327][ T7682] device syzkaller0 entered promiscuous mode
[  241.998580][ T7698] device syzkaller0 entered promiscuous mode
[  242.192896][ T7705] device syzkaller0 entered promiscuous mode
[  242.260927][ T7705] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  242.320926][ T7704] tipc: Resetting bearer <eth:syzkaller0>
[  242.507887][ T7704] tipc: Disabling bearer <eth:syzkaller0>
[  242.640175][ T7729] netlink: 76 bytes leftover after parsing attributes in process `syz.4.999'.
[  243.787135][ T7754] device syzkaller0 entered promiscuous mode
[  243.863361][ T7763] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1004'.
[  243.875428][ T7758] bond2 (unregistering): Released all slaves
[  245.983886][ T7766] device syzkaller0 entered promiscuous mode
[  247.764048][ T7796] device syzkaller0 entered promiscuous mode
[  248.714564][   T14] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  248.781726][ T7832] device syzkaller0 entered promiscuous mode
[  248.857112][ T7837] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1020'.
[  248.900769][   T14] usb 2-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  248.919692][   T14] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  248.936941][   T14] usb 2-1: Product: syz
[  248.941383][   T14] usb 2-1: Manufacturer: syz
[  248.950388][   T14] usb 2-1: SerialNumber: syz
[  248.976527][   T14] usb 2-1: config 0 descriptor??
[  248.992672][   T14] i2c-tiny-usb 2-1:0.0: version 6d.cc found at bus 002 address 002
[  249.400033][   T14]  (null): failure reading functionality
[  249.420031][   T14] i2c i2c-1: failure reading functionality
[  249.427851][   T14] i2c i2c-1: connected i2c-tiny-usb device
[  251.525174][ T7853] i2c i2c-1: failure reading data
[  251.586297][ T1169] usb 2-1: USB disconnect, device number 2
[  252.836436][ T7915] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1035'.
[  252.881412][ T7914] device syzkaller0 entered promiscuous mode
[  254.599521][ T7919] device syzkaller0 entered promiscuous mode
[  254.625949][ T7935] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  254.637252][ T7935] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  255.135697][    T7] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  255.348761][    T7] usb 5-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  255.397891][    T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  255.459036][    T7] usb 5-1: Product: syz
[  255.507912][    T7] usb 5-1: Manufacturer: syz
[  255.537150][    T7] usb 5-1: SerialNumber: syz
[  255.583959][    T7] usb 5-1: config 0 descriptor??
[  255.634254][    T7] i2c-tiny-usb 5-1:0.0: version 6d.cc found at bus 005 address 003
[  255.687603][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  255.694116][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  256.033374][    T7]  (null): failure reading functionality
[  256.040075][    T7] i2c i2c-1: failure reading functionality
[  256.056356][    T7] i2c i2c-1: connected i2c-tiny-usb device
[  256.133522][ T7980] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1048'.
[  256.532264][ T7995] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  256.554652][ T7995] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  257.142738][ T8014] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1060'.
[  257.603067][ T8022] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  257.642492][ T8022] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  257.673478][ T8024] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1065'.
[  258.164694][ T7942] i2c i2c-1: failure reading data
[  258.450056][    T7] usb 5-1: USB disconnect, device number 3
[  260.731602][ T8036] netlink: 'syz.0.1070': attribute type 12 has an invalid length.
[  260.751181][ T8046] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  260.761252][ T8052] netlink: 'syz.2.1073': attribute type 16 has an invalid length.
[  260.771343][ T8052] netlink: 'syz.2.1073': attribute type 17 has an invalid length.
[  261.484078][ T8052] bridge0: port 2(bridge_slave_1) entered disabled state
[  261.491697][ T8052] bridge0: port 1(bridge_slave_0) entered disabled state
[  261.692846][ T8065] delete_channel: no stack
[  262.160749][ T8052] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  262.217303][ T8052] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  262.719807][ T8052] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  262.729188][ T8052] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  262.738589][ T8052] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  262.747548][ T8052] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  263.065383][ T8052] netdevsim netdevsim2 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  263.074293][ T8052] netdevsim netdevsim2 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  263.083318][ T8052] netdevsim netdevsim2 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  263.092305][ T8052] netdevsim netdevsim2 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  263.129755][ T8066] netlink: 'syz.0.1076': attribute type 6 has an invalid length.
[  263.137905][ T8066] netlink: 'syz.0.1076': attribute type 7 has an invalid length.
[  263.146070][ T8066] netlink: 'syz.0.1076': attribute type 8 has an invalid length.
[  263.160067][ T8076] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  263.184690][ T8076] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  263.380838][ T8095] netlink: 'syz.0.1082': attribute type 2 has an invalid length.
[  263.533723][ T8097] device syzkaller0 entered promiscuous mode
[  263.801996][ T8108] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1088'.
[  263.999266][ T8111] bond1 (unregistering): Released all slaves
[  264.192669][ T8119] netlink: 'syz.4.1092': attribute type 8 has an invalid length.
[  264.379861][ T8124] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  264.414467][ T8124] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  264.522712][ T8128] netlink: 'syz.1.1096': attribute type 12 has an invalid length.
[  264.679490][ T8131] netlink: 'syz.2.1097': attribute type 2 has an invalid length.
[  264.790662][ T8137] device syzkaller0 entered promiscuous mode
[  265.007872][ T8143] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1103'.
[  265.085472][ T8143] bond1 (unregistering): Released all slaves
[  265.241634][ T8151] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  265.267846][ T8146] device syzkaller0 entered promiscuous mode
[  265.383477][ T8146] tipc: Resetting bearer <eth:syzkaller0>
[  265.441652][ T8145] tipc: Resetting bearer <eth:syzkaller0>
[  265.507981][ T8145] tipc: Disabling bearer <eth:syzkaller0>
[  265.557561][ T8162] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  265.630550][ T8162] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  266.084883][    T7] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  266.286436][    T7] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  266.315846][    T7] usb 5-1: config 0 interface 0 has no altsetting 0
[  266.376156][    T7] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  266.417966][    T7] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  266.458247][    T7] usb 5-1: Product: syz
[  266.462500][    T7] usb 5-1: Manufacturer: syz
[  266.481276][ T8190] device syzkaller0 entered promiscuous mode
[  266.498656][    T7] usb 5-1: SerialNumber: syz
[  266.529803][    T7] usb 5-1: config 0 descriptor??
[  266.572135][    T7] usb 5-1: selecting invalid altsetting 0
[  267.039703][ T8201] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1119'.
[  267.059396][ T8200] device netdevsim0 entered promiscuous mode
[  267.073693][ T8200] IPv6: ADDRCONF(NETDEV_CHANGE): netdevsim0: link becomes ready
[  267.086573][ T8200] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  267.226177][ T8204] validate_nla: 1 callbacks suppressed
[  267.226199][ T8204] netlink: 'syz.3.1121': attribute type 12 has an invalid length.
[  267.473604][ T8209] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  267.523517][ T8209] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  268.368687][ T8238] device syzkaller0 entered promiscuous mode
[  268.610901][ T8246] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  268.636615][ T8246] device syzkaller0 entered promiscuous mode
[  268.705602][ T8246] tipc: Resetting bearer <eth:syzkaller0>
[  268.757890][ T8244] tipc: Resetting bearer <eth:syzkaller0>
[  268.855146][ T4335] usb 5-1: USB disconnect, device number 4
[  268.869367][ T8244] tipc: Disabling bearer <eth:syzkaller0>
[  269.087301][ T8256] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1133'.
[  269.248156][ T8260] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  269.276139][ T8260] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  269.556791][ T8278] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1139'.
[  269.880925][ T8286] device syzkaller0 entered promiscuous mode
[  270.324519][   T22] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  270.528767][   T22] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  270.554151][   T22] usb 5-1: config 0 interface 0 has no altsetting 0
[  270.580630][   T22] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  270.608553][   T22] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  270.632813][   T22] usb 5-1: Product: syz
[  270.650098][   T22] usb 5-1: Manufacturer: syz
[  270.663030][   T22] usb 5-1: SerialNumber: syz
[  270.681836][   T22] usb 5-1: config 0 descriptor??
[  270.702074][   T22] usb 5-1: selecting invalid altsetting 0
[  270.884884][ T8315] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1148'.
[  271.067720][ T8319] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  271.082460][ T8319] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  271.169593][ T8323] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1151'.
[  271.399785][ T8327] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1153'.
[  271.470026][ T8333] netlink: 168 bytes leftover after parsing attributes in process `syz.2.1153'.
[  271.510146][ T8332] device syzkaller0 entered promiscuous mode
[  271.629440][ T8339] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1156'.
[  271.894428][ T8344] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1157'.
[  271.932567][ T8344] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1157'.
[  272.519063][   T27] audit: type=1326 audit(1768788961.521:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8353 comm="syz.2.1159" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9288d9acb9 code=0x0
[  273.087236][ T8339] IPVS: nq: FWM 3 0x00000003 - no destination available
[  273.167581][ T4274] usb 5-1: USB disconnect, device number 5
[  273.412338][ T8376] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  273.439263][ T8376] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  273.484045][ T8378] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1164'.
[  274.024141][ T8392] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  274.080481][ T8392] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.196416][ T8394] __nla_validate_parse: 2 callbacks suppressed
[  274.196431][ T8394] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1169'.
[  274.293655][ T8392] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  274.348836][ T8392] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.420617][ T8392] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  274.439519][ T8392] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.527634][ T8392] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  274.579684][ T8392] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  274.831274][ T8392] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  274.860645][ T8392] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  274.884661][ T4274] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  274.911275][ T8392] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  274.925847][ T8392] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  274.943416][ T8392] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  274.959799][ T8392] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  274.976053][ T8392] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  274.985095][ T8392] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  275.098205][ T4274] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  275.114491][ T4335] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  275.135164][ T4274] usb 4-1: config 0 interface 0 has no altsetting 0
[  275.150744][ T4274] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  275.164001][ T8418] netlink: 100 bytes leftover after parsing attributes in process `syz.4.1179'.
[  275.177435][ T4274] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  275.186640][ T8422] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1181'.
[  275.195706][ T4274] usb 4-1: Product: syz
[  275.200012][ T4274] usb 4-1: Manufacturer: syz
[  275.205624][ T4274] usb 4-1: SerialNumber: syz
[  275.222486][ T4274] usb 4-1: config 0 descriptor??
[  275.233248][ T4274] usb 4-1: selecting invalid altsetting 0
[  275.339697][ T4335] usb 2-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  275.364054][ T4335] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.379716][ T4335] usb 2-1: Product: syz
[  275.384134][ T4335] usb 2-1: Manufacturer: syz
[  275.417515][ T4335] usb 2-1: SerialNumber: syz
[  275.475865][ T4335] usb 2-1: config 0 descriptor??
[  275.504059][ T4335] i2c-tiny-usb 2-1:0.0: version 6d.cc found at bus 002 address 003
[  275.905153][ T4335]  (null): failure reading functionality
[  275.917359][ T4335] i2c i2c-1: failure reading functionality
[  275.982623][ T4335] i2c i2c-1: connected i2c-tiny-usb device
[  276.280705][   T27] audit: type=1326 audit(1768788965.281:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8437 comm="syz.0.1186" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f073539acb9 code=0x0
[  276.821807][ T8462] device syzkaller0 entered promiscuous mode
[  277.225155][ T8468] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1192'.
[  277.234638][ T8468] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1192'.
[  277.346289][ T8471] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1194'.
[  277.384616][ T8471] 8021q: adding VLAN 0 to HW filter on device bond1
[  277.412125][ T8471] bond1: (slave syz_tun): Enslaving as an active interface with an up link
[  277.422000][ T4822] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  277.593364][ T4274] usb 4-1: USB disconnect, device number 4
[  278.084816][ T8449] i2c i2c-1: failure reading data
[  278.151725][ T8471] bond1 (unregistering): (slave syz_tun): Releasing backup interface
[  278.230100][ T8471] bond1 (unregistering): Released all slaves
[  278.296979][ T4371] usb 2-1: USB disconnect, device number 3
[  279.240314][ T8521] device syzkaller0 entered promiscuous mode
[  280.054563][ T4371] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  280.164520][   T14] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[  280.218947][   T27] audit: type=1326 audit(1768788969.221:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8544 comm="syz.4.1210" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe309f9acb9 code=0x0
[  280.252027][ T4371] usb 1-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  280.263617][ T4371] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.278293][ T4371] usb 1-1: Product: syz
[  280.282646][ T4371] usb 1-1: Manufacturer: syz
[  280.289164][ T4371] usb 1-1: SerialNumber: syz
[  280.308825][ T4371] usb 1-1: config 0 descriptor??
[  280.340037][ T4371] i2c-tiny-usb 1-1:0.0: version 6d.cc found at bus 001 address 003
[  280.356718][   T14] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  280.374547][   T14] usb 3-1: config 0 interface 0 has no altsetting 0
[  280.400350][   T14] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  280.424568][   T14] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  280.433101][   T14] usb 3-1: Product: syz
[  280.437874][   T14] usb 3-1: Manufacturer: syz
[  280.442596][   T14] usb 3-1: SerialNumber: syz
[  280.450694][   T14] usb 3-1: config 0 descriptor??
[  280.462406][   T14] usb 3-1: selecting invalid altsetting 0
[  280.722360][ T4371]  (null): failure reading functionality
[  280.735318][ T4371] i2c i2c-1: failure reading functionality
[  280.830073][ T4371] i2c i2c-1: connected i2c-tiny-usb device
[  281.884806][ T8582] device syzkaller0 entered promiscuous mode
[  282.885489][ T8570] i2c i2c-1: failure reading data
[  282.950631][   T22] usb 3-1: USB disconnect, device number 2
[  283.118673][    T7] usb 1-1: USB disconnect, device number 3
[  283.723522][ T8611] device syzkaller0 entered promiscuous mode
[  283.796596][ T8616] bond2 (unregistering): Released all slaves
[  284.175199][ T8629] device syzkaller0 entered promiscuous mode
[  284.339978][ T8631] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1231'.
[  284.676351][ T8645] device syzkaller0 entered promiscuous mode
[  284.734482][ T4274] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  284.928454][ T4274] usb 3-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  284.956527][ T4274] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.001186][ T4274] usb 3-1: Product: syz
[  285.015227][ T4274] usb 3-1: Manufacturer: syz
[  285.020001][ T4274] usb 3-1: SerialNumber: syz
[  285.043823][ T4274] usb 3-1: config 0 descriptor??
[  285.076699][ T4274] i2c-tiny-usb 3-1:0.0: version 6d.cc found at bus 003 address 003
[  285.469194][ T4274]  (null): failure reading functionality
[  285.483943][ T4274] i2c i2c-1: failure reading functionality
[  285.513619][ T4274] i2c i2c-1: connected i2c-tiny-usb device
[  287.605323][ T8666] i2c i2c-1: failure reading data
[  287.762302][   T22] usb 3-1: USB disconnect, device number 3
[  288.438658][ T8713] netlink: 72 bytes leftover after parsing attributes in process `syz.0.1249'.
[  289.899410][ T8694] device syzkaller0 entered promiscuous mode
[  290.718161][   T22] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  290.918499][   T22] usb 1-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  290.932648][   T22] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.942367][   T22] usb 1-1: Product: syz
[  290.951299][   T22] usb 1-1: Manufacturer: syz
[  290.956593][   T22] usb 1-1: SerialNumber: syz
[  290.979655][   T22] usb 1-1: config 0 descriptor??
[  290.991702][   T22] i2c-tiny-usb 1-1:0.0: version 6d.cc found at bus 001 address 004
[  291.406715][   T22]  (null): failure reading functionality
[  291.418628][   T22] i2c i2c-1: failure reading functionality
[  291.478472][   T22] i2c i2c-1: connected i2c-tiny-usb device
[  292.746938][ T8761] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  292.788917][ T8762] device syzkaller0 entered promiscuous mode
[  292.814973][ T8767] tipc: Resetting bearer <eth:syzkaller0>
[  292.854891][ T8759] tipc: Resetting bearer <eth:syzkaller0>
[  292.911268][ T8759] tipc: Disabling bearer <eth:syzkaller0>
[  293.535515][ T8771] i2c i2c-1: failure reading data
[  293.625962][   T14] usb 1-1: USB disconnect, device number 4
[  295.219337][ T8781] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1264'.
[  295.230632][ T8783] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1265'.
[  295.240441][ T8783] tipc: Enabled bearer <eth:vlan0>, priority 10
[  295.252761][ T8789] device syzkaller0 entered promiscuous mode
[  295.468811][ T8809] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1270'.
[  295.511688][ T8809] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1270'.
[  295.921315][ T8823] device syzkaller0 entered promiscuous mode
[  295.959009][ T8821] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  295.966929][ T8821] device syzkaller0 entered promiscuous mode
[  296.058872][ T8821] tipc: Resetting bearer <eth:syzkaller0>
[  296.162667][ T8827] netlink: 'syz.0.1277': attribute type 12 has an invalid length.
[  296.193902][ T8820] tipc: Resetting bearer <eth:syzkaller0>
[  296.265439][ T8820] tipc: Disabling bearer <eth:syzkaller0>
[  296.453524][ T4335] tipc: Node number set to 1258278327
[  296.471078][ T8836] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1282'.
[  296.504825][ T8836] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1282'.
[  296.535970][ T8840] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1281'.
[  296.613728][ T8846] device syzkaller0 entered promiscuous mode
[  299.397771][ T8890] device syzkaller0 entered promiscuous mode
[  299.441520][ T8893] netlink: 'syz.4.1292': attribute type 12 has an invalid length.
[  299.489376][ T8897] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1295'.
[  299.521929][ T8897] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1295'.
[  299.668427][ T8905] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1297'.
[  299.687818][ T8903] device syzkaller0 entered promiscuous mode
[  299.709881][ T8905] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.803614][ T8905] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  299.906782][ T8905] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.012515][ T8905] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.917556][ T8905] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  301.945935][ T8905] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  302.022153][ T8905] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  302.077580][ T8905] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  302.195482][ T8937] netlink: 'syz.3.1306': attribute type 12 has an invalid length.
[  302.353017][ T8942] device syzkaller0 entered promiscuous mode
[  302.423659][ T8944] __nla_validate_parse: 2 callbacks suppressed
[  302.423676][ T8944] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1308'.
[  302.450229][ T8944] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1308'.
[  302.520552][ T8948] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1311'.
[  302.532337][ T8946] device syzkaller0 entered promiscuous mode
[  302.818280][ T8958] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1315'.
[  304.923624][ T8968] netlink: 'syz.2.1319': attribute type 12 has an invalid length.
[  305.037103][ T8982] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1321'.
[  305.222503][ T8990] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1321'.
[  305.243388][ T8982] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.267623][ T8985] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1322'.
[  305.277297][ T8985] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1322'.
[  305.340426][ T8986] device syzkaller0 entered promiscuous mode
[  305.395963][ T8982] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  305.418237][ T8992] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  305.450987][ T8992] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  307.533444][ T8982] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.564839][ T9002] device syzkaller0 entered promiscuous mode
[  307.679168][ T8982] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  307.711535][ T9021] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1329'.
[  307.876596][ T8982] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  307.913267][ T8982] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  307.970294][ T8982] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  308.017934][ T8982] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  308.061877][ T9029] netlink: 'syz.2.1332': attribute type 12 has an invalid length.
[  308.121308][ T9033] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1334'.
[  308.173449][ T9033] netlink: 'syz.0.1334': attribute type 1 has an invalid length.
[  308.204666][ T9036] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1335'.
[  308.222329][ T9036] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1335'.
[  310.212232][ T9044] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  310.222614][ T9044] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  310.330976][ T9050] device syzkaller0 entered promiscuous mode
[  312.912124][ T9079] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1342'.
[  312.922095][ T9071] device syzkaller0 entered promiscuous mode
[  313.207794][ T9115] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1345'.
[  313.261790][ T9117] netlink: 'syz.4.1346': attribute type 12 has an invalid length.
[  313.288070][ T9118] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1345'.
[  313.628572][ T9126] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  313.674655][ T9126] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  313.965352][ T9141] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1354'.
[  314.034199][ T9138] device syzkaller0 entered promiscuous mode
[  317.132854][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  317.139279][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  318.812546][ T9204] device syzkaller0 entered promiscuous mode
[  318.923389][ T9205] device syzkaller0 entered promiscuous mode
[  319.002799][ T9211] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1375'.
[  321.582080][ T9215] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1374'.
[  321.591896][ T9215] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1374'.
[  321.640467][ T9212] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.757248][ T9212] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.881970][ T9212] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  321.980602][ T9246] device syzkaller1 entered promiscuous mode
[  322.214953][ T9212] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.497106][ T9212] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  322.557892][ T9212] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  322.603195][ T9212] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  322.618986][ T9212] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  322.864547][ T9274] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1393'.
[  322.873598][ T9274] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1393'.
[  323.024729][ T9275] device syzkaller0 entered promiscuous mode
[  323.048492][ T9281] device syzkaller0 entered promiscuous mode
[  324.290115][ T9319] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1404'.
[  326.032317][ T9330] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  326.043894][ T9330] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  326.081298][ T9334] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1408'.
[  326.121255][ T9334] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1408'.
[  326.235932][ T9339] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1409'.
[  326.308978][ T9339] bridge: RTM_NEWNEIGH with unconfigured vlan 1 on bridge0
[  326.543011][ T9353] device syzkaller0 entered promiscuous mode
[  327.569823][ T9377] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1419'.
[  328.935853][ T9383] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  328.975722][ T9383] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  329.047739][ T9385] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1421'.
[  329.366927][ T9401] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1429'.
[  329.391798][ T9401] (unnamed net_device) (uninitialized): option ad_select: invalid value (24)
[  329.610516][ T9406] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1430'.
[  329.749773][ T9413] device syzkaller0 entered promiscuous mode
[  329.811572][ T9421] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1433'.
[  331.803530][ T9433] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  331.814166][ T9433] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  332.083519][ T9446] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  332.117928][ T9439] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1437'.
[  332.461062][ T9456] device syzkaller0 entered promiscuous mode
[  332.838378][ T9462] device syzkaller0 entered promiscuous mode
[  332.859827][ T9464] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  332.893900][ T9464] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  335.282691][ T9469] device syzkaller0 entered promiscuous mode
[  335.328729][ T9480] device syzkaller0 entered promiscuous mode
[  335.407832][ T9503] Bluetooth: MGMT ver 1.22
[  340.483605][ T9504] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1454'.
[  340.502876][ T9534] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  340.718530][ T9550] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  340.754521][ T9550] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  340.775550][ T9552] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1462'.
[  340.795462][ T9552] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1462'.
[  340.832812][ T9552] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  341.047702][ T9559] device syzkaller0 entered promiscuous mode
[  343.535764][ T9571] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1470'.
[  343.568552][ T9585] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1472'.
[  343.725685][ T9610] device syzkaller0 entered promiscuous mode
[  343.757146][ T9612] device syzkaller0 entered promiscuous mode
[  343.809927][ T9610] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  343.921942][ T9609] tipc: Resetting bearer <eth:syzkaller0>
[  343.996173][ T9609] tipc: Disabling bearer <eth:syzkaller0>
[  344.043874][ T9614] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  344.087756][ T9614] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  344.263606][ T9623] device syzkaller0 entered promiscuous mode
[  346.638771][ T9636] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1484'.
[  346.761396][ T9661] device syzkaller0 entered promiscuous mode
[  347.527575][ T9711] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1492'.
[  349.438139][ T9681] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1487'.
[  349.453930][ T9714] netlink: 'syz.4.1492': attribute type 6 has an invalid length.
[  349.462995][ T9717] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1492'.
[  349.663501][ T9724] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  349.690922][ T9724] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  349.883935][ T9733] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1498'.
[  350.007255][ T9736] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1500'.
[  350.035129][ T9740] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1501'.
[  350.117268][ T9738] device syzkaller0 entered promiscuous mode
[  352.530585][ T9757] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  352.557755][ T9763] device syzkaller0 entered promiscuous mode
[  352.893334][ T9788] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1513'.
[  352.938540][ T9793] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1514'.
[  352.980329][ T9785] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  352.994712][ T9785] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  353.010808][ T9797] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1515'.
[  353.203115][ T9802] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1516'.
[  355.579411][ T9817] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  355.593003][ T9820] device syzkaller0 entered promiscuous mode
[  355.794722][ T9820] tipc: Resetting bearer <eth:syzkaller0>
[  355.878837][ T9820] tipc: Disabling bearer <eth:syzkaller0>
[  355.935019][ T9844] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  356.079782][ T9858] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1528'.
[  356.288603][ T9862] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  356.331415][ T9862] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  356.411626][ T9851] device syzkaller0 entered promiscuous mode
[  356.651618][ T9873] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1532'.
[  357.304292][ T9887] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1536'.
[  360.259720][ T9892] device syzkaller0 entered promiscuous mode
[  360.268324][ T9910] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1541'.
[  362.282752][ T9918] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  362.328389][ T9926] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  362.348764][ T9926] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  362.487526][ T9940] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  363.358378][ T9968] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1550'.
[  366.844227][ T9980] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1554'.
[  366.869356][ T9985] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  366.887414][ T9991] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  366.913565][ T9991] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  367.135565][T10012] netlink: 'syz.4.1562': attribute type 1 has an invalid length.
[  367.301056][T10019] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  367.348110][T10022] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1564'.
[  367.573982][T10027] bond1 (unregistering): Released all slaves
[  367.603349][T10036] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1566'.
[  368.034903][T10049] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1570'.
[  368.311674][T10054] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  368.444699][T10058] device syzkaller0 entered promiscuous mode
[  368.476581][T10056] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  368.504661][T10056] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  369.097827][T10077] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1578'.
[  369.137789][T10077] netlink: 'syz.3.1578': attribute type 12 has an invalid length.
[  369.251301][T10063] device syzkaller0 entered promiscuous mode
[  369.546024][T10091] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  369.601273][T10090] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1582'.
[  369.689010][T10090] 8021q: adding VLAN 0 to HW filter on device bond2
[  370.223677][T10093] bond2 (unregistering): Released all slaves
[  370.260536][T10098] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1584'.
[  370.615332][T10133] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1592'.
[  370.654550][T10133] netlink: 'syz.3.1592': attribute type 12 has an invalid length.
[  370.835194][T10140] device syzkaller0 entered promiscuous mode
[  370.906721][T10146] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1593'.
[  371.509564][T10162] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  371.561049][T10161] tipc: Disabling bearer <eth:syzkaller0>
[  371.815863][T10168] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1602'.
[  371.902679][T10168] 8021q: adding VLAN 0 to HW filter on device bond1
[  371.912765][T10170] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1601'.
[  372.403798][T10192] netlink: 68 bytes leftover after parsing attributes in process `syz.2.1607'.
[  372.591150][T10174] bond1 (unregistering): Released all slaves
[  372.710391][T10194] netlink: 'syz.2.1607': attribute type 12 has an invalid length.
[  373.028419][T10200] device syzkaller0 entered promiscuous mode
[  373.110671][T10202] device syzkaller0 entered promiscuous mode
[  373.150870][T10204] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1611'.
[  373.396571][T10210] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  373.579978][T10209] tipc: Disabling bearer <eth:syzkaller0>
[  373.694718][T10228] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  373.756886][T10228] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  373.859851][T10236] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1618'.
[  374.005856][T10243] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1620'.
[  374.082966][T10247] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1619'.
[  374.157746][T10243] 8021q: adding VLAN 0 to HW filter on device bond2
[  374.357373][T10245] bond2 (unregistering): Released all slaves
[  374.382413][T10249] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1621'.
[  374.747361][T10257] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1625'.
[  374.831234][T10259] device syzkaller0 entered promiscuous mode
[  374.860593][T10261] device syzkaller0 entered promiscuous mode
[  375.158197][T10266] device syzkaller0 entered promiscuous mode
[  375.235659][T10266] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  375.257571][T10269] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  375.283698][T10264] tipc: Resetting bearer <eth:syzkaller0>
[  375.363014][T10264] tipc: Disabling bearer <eth:syzkaller0>
[  375.439190][T10268] tipc: Disabling bearer <eth:syzkaller0>
[  375.477818][T10271] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  375.530101][T10271] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  375.569185][T10276] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1632'.
[  375.772496][T10281] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1634'.
[  375.853761][T10281] 8021q: adding VLAN 0 to HW filter on device bond1
[  376.470561][T10283] bond1 (unregistering): Released all slaves
[  377.170814][T10339] device syzkaller0 entered promiscuous mode
[  377.376432][T10348] __nla_validate_parse: 1 callbacks suppressed
[  377.376449][T10348] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1643'.
[  377.412541][T10343] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  377.488242][T10342] tipc: Disabling bearer <eth:syzkaller0>
[  377.524815][T10349] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  377.560147][T10349] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  377.584156][T10352] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1646'.
[  377.750634][T10362] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1647'.
[  378.068379][T10374] device syzkaller0 entered promiscuous mode
[  378.458429][T10381] device syzkaller0 entered promiscuous mode
[  378.483847][T10383] xt_hashlimit: invalid rate
[  378.558619][T10385] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  378.572102][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  378.578797][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  378.615386][T10385] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  379.022272][T10389] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  379.076694][T10388] tipc: Disabling bearer <eth:syzkaller0>
[  379.484917][T10400] device syzkaller0 entered promiscuous mode
[  379.663448][T10409] device syzkaller0 entered promiscuous mode
[  381.800283][T10415] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  381.813819][T10415] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  381.828597][T10417] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  382.311076][T10451] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1677'.
[  382.334735][T10449] device syzkaller0 entered promiscuous mode
[  382.375063][T10452] device syzkaller0 entered promiscuous mode
[  382.536986][T10454] device syzkaller0 entered promiscuous mode
[  385.188860][T10521] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  385.282621][   T27] audit: type=1326 audit(1768789074.281:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10518 comm="syz.1.1695" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f09b079acb9 code=0x0
[  387.155348][T10529] netlink: 'syz.1.1697': attribute type 12 has an invalid length.
[  387.357649][T10535] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  387.406851][T10535] tipc: Resetting bearer <eth:syzkaller0>
[  387.503356][T10533] tipc: Disabling bearer <eth:syzkaller0>
[  387.799836][T10556] netlink: 14 bytes leftover after parsing attributes in process `syz.4.1705'.
[  387.862409][T10557] device syzkaller0 entered promiscuous mode
[  387.994583][ T1169] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  388.096105][   T27] audit: type=1326 audit(1768789077.101:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10549 comm="syz.2.1707" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9288d9acb9 code=0x0
[  388.184713][ T1169] usb 2-1: Using ep0 maxpacket: 8
[  388.192941][ T1169] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  388.253570][ T1169] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  388.293613][T10567] netlink: 'syz.3.1712': attribute type 12 has an invalid length.
[  388.304228][ T1169] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  388.331089][ T1169] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  388.366326][ T1169] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  388.442949][ T1169] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  388.485004][ T1169] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  388.735465][ T1169] usb 2-1: usb_control_msg returned -32
[  388.741339][ T1169] usbtmc 2-1:16.0: can't read capabilities
[  389.102133][T10583] usbtmc 2-1:16.0: INITIATE_CLEAR returned 0
[  389.118351][T10582] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1716'.
[  389.303833][   T22] usb 2-1: USB disconnect, device number 4
[  389.595141][T10590] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1718'.
[  389.697194][T10590] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  389.750131][T10590] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.802893][T10591] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1718'.
[  389.949676][T10590] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  390.024643][T10590] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.136370][T10590] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  390.159417][T10590] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.202189][T10602] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  390.230576][T10601] device syzkaller0 entered promiscuous mode
[  390.261816][T10590] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  390.272090][T10590] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  390.368839][T10599] tipc: Resetting bearer <eth:syzkaller0>
[  390.411257][T10596] tipc: Disabling bearer <eth:syzkaller0>
[  390.487876][T10590] netdevsim netdevsim0 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  390.516803][T10590] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  390.543487][T10606] netlink: 'syz.3.1724': attribute type 12 has an invalid length.
[  390.591236][T10590] netdevsim netdevsim0 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  390.622552][T10590] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  390.668942][T10590] netdevsim netdevsim0 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  390.689559][T10590] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  390.734189][T10590] netdevsim netdevsim0 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  390.768519][T10590] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  390.883789][T10614] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1728'.
[  391.119176][T10625] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1729'.
[  391.859222][   T27] audit: type=1326 audit(1768789080.861:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10630 comm="syz.3.1732" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f33c7d9acb9 code=0x0
[  393.582808][T10648] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1736'.
[  394.668235][T10650] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1737'.
[  394.750662][T10650] 8021q: adding VLAN 0 to HW filter on device bond2
[  395.095937][T10652] bond2 (unregistering): Released all slaves
[  395.135804][T10655] netlink: 'syz.1.1739': attribute type 12 has an invalid length.
[  395.458607][T10672] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  395.494194][T10673] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1743'.
[  395.581344][T10679] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1744'.
[  395.598303][T10673] bridge: RTM_NEWNEIGH with unconfigured vlan 1 on bridge0
[  396.442832][T10692] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1747'.
[  396.849746][T10697] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1750'.
[  397.430216][T10701] netlink: 'syz.4.1753': attribute type 12 has an invalid length.
[  397.526243][T10705] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1754'.
[  397.660699][T10705] 8021q: adding VLAN 0 to HW filter on device bond2
[  398.370633][T10728] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1761'.
[  398.882158][T10738] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1764'.
[  399.132215][T10744] netlink: 'syz.0.1766': attribute type 12 has an invalid length.
[  399.620085][T10751] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1768'.
[  399.862354][T10753] device syzkaller0 entered promiscuous mode
[  400.047386][T10755] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1770'.
[  400.211164][T10755] 8021q: adding VLAN 0 to HW filter on device bond3
[  400.471375][T10756] bond3: (slave syz_tun): Enslaving as an active interface with an up link
[  400.611274][ T4791] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready
[  400.835724][   T48] Bluetooth: hci4: Malformed Event: 0x2f
[  402.053946][T10806] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1779'.
[  403.939652][T10784] netlink: 'syz.2.1777': attribute type 12 has an invalid length.
[  404.029558][T10807] device syzkaller0 entered promiscuous mode
[  405.240508][T10852] netlink: 14 bytes leftover after parsing attributes in process `syz.0.1789'.
[  408.225302][T10833] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1784'.
[  408.258735][T10846] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1788'.
[  408.272298][T10855] netlink: 'syz.1.1790': attribute type 12 has an invalid length.
[  408.422954][T10873] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  408.497386][T10875] device syzkaller0 entered promiscuous mode
[  408.837713][T10887] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1799'.
[  408.897746][   T22] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  409.020648][T10894] device syzkaller0 entered promiscuous mode
[  409.041656][T10899] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1801'.
[  409.072970][T10897] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1803'.
[  409.084875][   T22] usb 4-1: Using ep0 maxpacket: 8
[  409.093501][   T22] usb 4-1: New USB device found, idVendor=09da, idProduct=001a, bcdDevice= 0.00
[  409.122517][   T22] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.131866][T10897] 8021q: adding VLAN 0 to HW filter on device bond2
[  409.146195][   T22] usb 4-1: config 0 descriptor??
[  409.164983][T10900] bond2: (slave syz_tun): Enslaving as an active interface with an up link
[  409.315993][ T4817] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  409.435277][T10907] netlink: 'syz.1.1804': attribute type 12 has an invalid length.
[  409.561241][   T22] a4tech 0003:09DA:001A.0001: unknown main item tag 0x0
[  409.602020][   T22] a4tech 0003:09DA:001A.0001: unknown main item tag 0x0
[  409.657011][   T22] a4tech 0003:09DA:001A.0001: item fetching failed at offset 4/5
[  409.711887][   T22] a4tech 0003:09DA:001A.0001: parse failed
[  409.743055][   T22] a4tech: probe of 0003:09DA:001A.0001 failed with error -22
[  409.803691][   T22] usb 4-1: USB disconnect, device number 5
[  410.355148][T10919] bridge: RTM_NEWNEIGH with unconfigured vlan 1 on bridge0
[  410.945413][ T1169] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  411.145477][ T1169] usb 4-1: Using ep0 maxpacket: 32
[  411.167298][ T1169] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0060, bcdDevice=67.fe
[  411.218352][ T1169] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  411.265543][ T1169] usb 4-1: Product: syz
[  411.307926][ T1169] usb 4-1: Manufacturer: syz
[  411.327747][ T1169] usb 4-1: SerialNumber: syz
[  411.355885][ T1169] usb 4-1: config 0 descriptor??
[  411.468286][T10937] device syzkaller0 entered promiscuous mode
[  411.567477][ T1169] dvb-usb: found a 'Terratec Cinergy HT Express' in warm state.
[  411.603522][ T1169] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  411.645171][ T1169] dvbdev: DVB: registering new adapter (Terratec Cinergy HT Express)
[  411.653393][ T1169] usb 4-1: media controller created
[  411.712789][ T1169] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  411.774163][T10939] netlink: 'syz.2.1816': attribute type 12 has an invalid length.
[  411.999692][ T1169] DVB: Unable to find symbol dib7000p_attach()
[  412.028764][ T1169] dvb-usb: no frontend was attached by 'Terratec Cinergy HT Express'
[  412.304621][ T1169] rc_core: IR keymap rc-dib0700-rc5 not found
[  412.312936][ T1169] Registered IR keymap rc-empty
[  412.354489][ T1169] dvb-usb: could not initialize remote control.
[  412.371987][ T1169] dvb-usb: Terratec Cinergy HT Express successfully initialized and connected.
[  412.497966][T10958] device syzkaller0 entered promiscuous mode
[  412.521792][T10958] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  412.558912][T10956] tipc: Resetting bearer <eth:syzkaller0>
[  412.611231][T10956] tipc: Disabling bearer <eth:syzkaller0>
[  412.620301][ T4274] usb 4-1: USB disconnect, device number 6
[  412.626310][ T4335] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  412.722696][ T4274] dvb-usb: Terratec Cinergy HT Express successfully deinitialized and disconnected.
[  412.732446][   T48] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  412.739093][ T4280] Bluetooth: hci0: command 0x0401 tx timeout
[  412.766118][T10964] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1824'.
[  412.778072][T10966] device syzkaller0 entered promiscuous mode
[  412.814422][ T4335] usb 3-1: Using ep0 maxpacket: 32
[  412.821866][ T4335] usb 3-1: config 0 has an invalid interface number: 188 but max is 0
[  412.830330][ T4335] usb 3-1: config 0 has no interface number 0
[  412.836587][ T4335] usb 3-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  412.849746][ T4335] usb 3-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  412.869564][ T4335] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  412.887889][ T4335] usb 3-1: Product: syz
[  412.892757][ T4335] usb 3-1: Manufacturer: syz
[  412.897509][ T4335] usb 3-1: SerialNumber: syz
[  412.935097][ T4335] usb 3-1: config 0 descriptor??
[  412.940793][T10955] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  413.171888][T10955] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  413.406852][T10976] device syzkaller0 entered promiscuous mode
[  414.123599][T10989] bridge: RTM_NEWNEIGH with unconfigured vlan 1 on bridge0
[  414.300867][T10996] device syzkaller0 entered promiscuous mode
[  414.316397][T10996] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  414.325905][T10995] tipc: Resetting bearer <eth:syzkaller0>
[  414.375776][T10995] tipc: Disabling bearer <eth:syzkaller0>
[  414.814646][   T48] Bluetooth: hci0: command 0x0c1a tx timeout
[  415.233868][T11008] kernel profiling enabled (shift: 17)
[  416.530705][ T4335] asix 3-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  416.559169][ T4335] asix 3-1:0.188 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[  416.593114][T11018] device syzkaller0 entered promiscuous mode
[  416.622392][ T4335] asix: probe of 3-1:0.188 failed with error -71
[  416.651299][ T4335] usb 3-1: USB disconnect, device number 4
[  417.359565][   T27] audit: type=1326 audit(1768789106.361:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11037 comm="syz.2.1849" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9288d9acb9 code=0x0
[  417.876007][T11062] netlink: 14 bytes leftover after parsing attributes in process `syz.3.1854'.
[  417.987671][T11065] device syzkaller0 entered promiscuous mode
[  418.438392][T11071] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  419.234175][T11094] device syzkaller0 entered promiscuous mode
[  419.524641][ T4280] Bluetooth: hci2: command 0x2016 tx timeout
[  423.679498][T11130] device syzkaller0 entered promiscuous mode
[  423.959560][ T4326] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  424.161654][ T4326] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  424.172948][ T4326] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  424.188240][ T4326] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  424.204181][ T4326] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.228586][ T4326] usb 4-1: config 0 descriptor??
[  424.304422][ T4371] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  424.508030][ T4371] usb 1-1: Using ep0 maxpacket: 16
[  424.522813][ T4371] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xF3, skipping
[  424.555493][ T4371] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  424.572932][ T4371] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.590100][ T4371] usb 1-1: Product: syz
[  424.594540][ T4371] usb 1-1: Manufacturer: syz
[  424.599188][ T4371] usb 1-1: SerialNumber: syz
[  424.617432][ T4371] usb 1-1: config 0 descriptor??
[  424.647323][ T4326] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0
[  424.670685][ T4326] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0
[  424.756990][ T4326] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0D8C:0022.0002/input/input6
[  424.804146][ T4326] cm6533_jd 0003:0D8C:0022.0002: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0
[  424.872052][ T4326] usb 4-1: USB disconnect, device number 7
[  425.138586][T11171] fido_id[11171]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory
[  427.220729][ T1169] usb 1-1: USB disconnect, device number 5
[  427.327353][T11197] device syzkaller0 entered promiscuous mode
[  429.428561][T11217] device syzkaller0 entered promiscuous mode
[  432.528373][T11247] device syzkaller0 entered promiscuous mode
[  435.812877][T11306] device syzkaller0 entered promiscuous mode
[  435.877135][T11330] device syzkaller0 entered promiscuous mode
[  439.320570][T11353] netlink: 'syz.1.1918': attribute type 12 has an invalid length.
[  439.336618][T11355] netlink: 112 bytes leftover after parsing attributes in process `syz.0.1919'.
[  439.580152][T11383] device syzkaller0 entered promiscuous mode
[  439.876328][T11389] device syzkaller0 entered promiscuous mode
[  440.011024][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  440.017944][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  440.140555][T11406] netlink: 68 bytes leftover after parsing attributes in process `syz.4.1934'.
[  440.192640][T11407] netlink: 'syz.4.1934': attribute type 12 has an invalid length.
[  440.356138][T11412] netlink: 112 bytes leftover after parsing attributes in process `syz.1.1936'.
[  440.557038][T11416] device syzkaller0 entered promiscuous mode
[  440.982990][T11426] device syzkaller0 entered promiscuous mode
[  441.453424][T11437] device syzkaller0 entered promiscuous mode
[  441.646375][T11440] netlink: 112 bytes leftover after parsing attributes in process `syz.1.1949'.
[  441.735189][T11444] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1950'.
[  441.867766][T11447] device syzkaller0 entered promiscuous mode
[  443.638814][T11476] netlink: 112 bytes leftover after parsing attributes in process `syz.3.1961'.
[  443.734824][ T1169] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  443.812951][T11482] device syzkaller0 entered promiscuous mode
[  443.957722][ T1169] usb 2-1: Using ep0 maxpacket: 16
[  443.979048][ T1169] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  444.004018][ T1169] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  444.035649][ T1169] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  444.053768][ T1169] usb 2-1: Product: syz
[  444.064867][ T1169] usb 2-1: Manufacturer: syz
[  444.082271][ T1169] usb 2-1: SerialNumber: syz
[  444.122975][ T1169] usb 2-1: config 0 descriptor??
[  444.154229][ T1169] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  444.174566][T11499] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1966'.
[  444.200696][ T1169] em28xx 2-1:0.0: DVB interface 0 found: bulk
[  444.331840][T11488] device syzkaller0 entered promiscuous mode
[  444.746301][ T1169] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[  445.848776][ T1169] em28xx 2-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  445.879832][ T1169] em28xx 2-1:0.0: board has no eeprom
[  445.974412][ T1169] em28xx 2-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  445.982391][ T1169] em28xx 2-1:0.0: dvb set to bulk mode.
[  446.027582][ T1169] usb 2-1: USB disconnect, device number 5
[  446.044514][ T1169] em28xx 2-1:0.0: Disconnecting em28xx
[  446.057847][   T14] em28xx 2-1:0.0: Binding DVB extension
[  446.199909][   T14] em28xx 2-1:0.0: Registering input extension
[  446.215711][ T1169] em28xx 2-1:0.0: Closing input extension
[  446.257624][ T1169] em28xx 2-1:0.0: Freeing device
[  448.287708][T11560] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1974'.
[  448.823650][T11560] netlink: 'syz.1.1974': attribute type 12 has an invalid length.
[  448.992054][T11562] netlink: 112 bytes leftover after parsing attributes in process `syz.3.1975'.
[  449.192987][T11571] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1977'.
[  449.533500][T11583] pit: kvm: requested 5866 ns i8254 timer period limited to 200000 ns
[  450.674689][   T22] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  450.896522][   T22] usb 2-1: config 0 has an invalid interface number: 142 but max is 0
[  450.936196][   T22] usb 2-1: config 0 has no interface number 0
[  450.943490][   T22] usb 2-1: New USB device found, idVendor=05ac, idProduct=0246, bcdDevice=62.09
[  451.032988][   T22] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  451.103521][   T22] usb 2-1: config 0 descriptor??
[  451.285325][T11615] netlink: 112 bytes leftover after parsing attributes in process `syz.4.1990'.
[  451.345475][   T22] usb 2-1: string descriptor 0 read error: -71
[  451.389092][   T22] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.142/input/input8
[  451.461663][ T3623] bcm5974 2-1:0.142: could not read from device
[  451.484776][ T3623] bcm5974 2-1:0.142: could not read from device
[  451.538237][   T22] usb 2-1: USB disconnect, device number 6
[  451.555427][ T3623] bcm5974 2-1:0.142: could not read from device
[  451.614910][T11618] netlink: 68 bytes leftover after parsing attributes in process `syz.3.1991'.
[  451.645751][T11618] netlink: 'syz.3.1991': attribute type 12 has an invalid length.
[  451.855217][T11625] device syzkaller0 entered promiscuous mode
[  452.213078][T11632] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1997'.
[  453.391669][T11636] device syzkaller0 entered promiscuous mode
[  453.721163][T11659] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2004'.
[  453.746180][T11659] netlink: 'syz.0.2004': attribute type 12 has an invalid length.
[  454.430119][   T27] audit: type=1326 audit(1768789143.421:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11673 comm="syz.0.2010" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f073539acb9 code=0x0
[  454.700166][T11680] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2012'.
[  457.787305][T11703] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2016'.
[  457.828063][T11703] netlink: 'syz.2.2016': attribute type 12 has an invalid length.
[  458.034501][ T4335] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  458.206852][T11712] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  458.238747][ T4335] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  458.259435][ T4335] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  458.296695][ T4335] usb 5-1: Product: syz
[  458.310576][ T4335] usb 5-1: Manufacturer: syz
[  458.334802][ T4335] usb 5-1: SerialNumber: syz
[  458.711069][T11724] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2024'.
[  458.777128][ T4335] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[  458.793325][T11726] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2025'.
[  458.843910][T11726] 8021q: adding VLAN 0 to HW filter on device bond3
[  458.867555][T11730] bond2: (slave syz_tun): Releasing backup interface
[  458.909030][T11730] bond3: (slave syz_tun): Enslaving as an active interface with an up link
[  458.918662][ T4793] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready
[  458.929658][T11729] pit: kvm: requested 5866 ns i8254 timer period limited to 200000 ns
[  459.072082][T11734] device syzkaller0 entered promiscuous mode
[  459.272113][T11740] netlink: 'syz.1.2030': attribute type 12 has an invalid length.
[  459.343185][T11738] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  459.871181][T11764] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2038'.
[  459.921308][T11764] 8021q: adding VLAN 0 to HW filter on device bond1
[  459.966186][T11764] bond1: (slave syz_tun): Enslaving as an active interface with an up link
[  460.020566][ T4335] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -32
[  460.070116][ T4817] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  460.379864][T11774] device syzkaller0 entered promiscuous mode
[  460.613936][T11776] netlink: 'syz.2.2042': attribute type 12 has an invalid length.
[  460.647689][ T4335] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000044. ret = -71
[  460.679632][ T4335] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -71
[  460.720397][ T4335] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001004. ret = -71
[  460.753044][ T4335] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001008. ret = -71
[  460.813597][ T4335] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001020. ret = -71
[  460.851681][ T4335] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001028. ret = -71
[  460.940903][ T4335] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001030. ret = -71
[  460.957433][T11785] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2045'.
[  461.043200][ T4335] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001018. ret = -71
[  461.100427][ T4335] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  461.149648][ T4335] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  461.232632][ T4335] lan78xx: probe of 5-1:1.0 failed with error -71
[  461.367264][ T4335] usb 5-1: USB disconnect, device number 6
[  461.809517][T11801] process 'syz.1.2052' launched './file2' with NULL argv: empty string added
[  462.104744][T11811] device syzkaller0 entered promiscuous mode
[  462.628317][T11823] device syzkaller0 entered promiscuous mode
[  462.731218][T11823] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  462.772364][T11822] tipc: Resetting bearer <eth:syzkaller0>
[  462.876515][T11822] tipc: Disabling bearer <eth:syzkaller0>
[  463.126781][T11834] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2064'.
[  464.294565][ T4335] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  464.484966][ T4335] usb 5-1: Using ep0 maxpacket: 32
[  464.491999][ T4335] usb 5-1: config 0 has an invalid interface number: 136 but max is 0
[  464.519732][ T4335] usb 5-1: config 0 has no interface number 0
[  464.545893][ T4335] usb 5-1: New USB device found, idVendor=06a5, idProduct=d001, bcdDevice=fe.bb
[  464.571462][ T4335] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  464.589157][ T4335] usb 5-1: Product: syz
[  464.593483][ T4335] usb 5-1: Manufacturer: syz
[  464.601741][ T4335] usb 5-1: SerialNumber: syz
[  464.611840][ T4335] usb 5-1: config 0 descriptor??
[  464.629063][ T4335] gspca_main: nw80x-2.14.0 probing 06a5:d001
[  465.233457][ T4335] gspca_nw80x: reg_w err -71
[  465.243766][ T4335] nw80x: probe of 5-1:0.136 failed with error -71
[  465.270483][ T4335] usb 5-1: USB disconnect, device number 7
[  466.990053][T11954] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2109'.
[  468.284510][ T4326] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  468.474370][ T4326] usb 2-1: Using ep0 maxpacket: 32
[  468.481220][ T4326] usb 2-1: config 0 has an invalid interface number: 89 but max is 0
[  468.530267][ T4326] usb 2-1: config 0 has no interface number 0
[  468.544761][ T4326] usb 2-1: config 0 interface 89 has no altsetting 0
[  468.569152][ T4326] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  468.621840][ T4326] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  468.667990][ T4326] usb 2-1: Product: syz
[  468.672247][ T4326] usb 2-1: Manufacturer: syz
[  468.708120][ T4326] usb 2-1: SerialNumber: syz
[  468.720375][   T27] audit: type=1326 audit(1768789157.721:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11994 comm="syz.0.2124" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f073539acb9 code=0x0
[  468.743585][ T4326] usb 2-1: config 0 descriptor??
[  468.757161][ T4326] em28xx 2-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  468.780491][ T4326] em28xx 2-1:0.89: Video interface 89 found: bulk
[  469.234732][ T4326] em28xx 2-1:0.89: unknown em28xx chip ID (0)
[  469.317308][ T4326] em28xx 2-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[  469.348925][ T4326] em28xx 2-1:0.89: board has no eeprom
[  469.424379][ T4326] em28xx 2-1:0.89: Identified as Terratec Grabby (card=67)
[  469.431771][ T4326] em28xx 2-1:0.89: analog set to bulk mode.
[  469.454148][ T4335] em28xx 2-1:0.89: Registering V4L2 extension
[  469.477711][ T4326] usb 2-1: USB disconnect, device number 7
[  469.501446][ T4326] em28xx 2-1:0.89: Disconnecting em28xx
[  469.691206][ T4335] em28xx 2-1:0.89: Config register raw data: 0xffffffed
[  469.709961][ T4335] em28xx 2-1:0.89: AC97 chip type couldn't be determined
[  469.729878][ T4335] em28xx 2-1:0.89: No AC97 audio processor
[  470.101502][ T4335] usb 2-1: Decoder not found
[  470.178359][ T4335] em28xx 2-1:0.89: failed to create media graph
[  470.308622][ T4335] em28xx 2-1:0.89: V4L2 device video103 deregistered
[  470.572101][ T4335] em28xx 2-1:0.89: Registering snapshot button...
[  470.629568][ T4335] input: em28xx snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.89/input/input9
[  470.787293][T12032] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2131'.
[  470.802963][ T4335] em28xx 2-1:0.89: Remote control support is not available for this card.
[  470.867522][ T4326] em28xx 2-1:0.89: Closing input extension
[  470.877156][ T4326] em28xx 2-1:0.89: Deregistering snapshot button
[  471.023856][ T4326] em28xx 2-1:0.89: Freeing device
[  476.098611][T12064] netlink: 'syz.0.2140': attribute type 12 has an invalid length.
[  476.552046][T12115] pit: kvm: requested 5866 ns i8254 timer period limited to 200000 ns
[  476.604507][ T4371] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  476.826384][ T4371] usb 5-1: config 0 has an invalid interface number: 41 but max is 0
[  476.842765][ T4371] usb 5-1: config 0 has no interface number 0
[  476.863167][ T4371] usb 5-1: config 0 interface 41 has no altsetting 0
[  476.888750][ T4371] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  476.903624][ T4371] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  476.912379][ T4371] usb 5-1: Product: syz
[  476.923718][ T4371] usb 5-1: Manufacturer: syz
[  476.931787][ T4371] usb 5-1: SerialNumber: syz
[  476.940546][ T4371] usb 5-1: config 0 descriptor??
[  477.288878][T12146] netlink: 'syz.3.2159': attribute type 12 has an invalid length.
[  477.566922][T12152] device syzkaller0 entered promiscuous mode
[  477.763413][ T4371] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  477.918426][T12161] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2164'.
[  478.062256][T12160] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2164'.
[  478.311105][T12167] device syzkaller0 entered promiscuous mode
[  478.831864][ T4371] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[  478.861066][ T4371] CoreChips 5-1:0.41 (unnamed net_device) (uninitialized): Failed to power up PHY: -71
[  478.891692][ T4371] CoreChips: probe of 5-1:0.41 failed with error -71
[  478.952591][ T4371] usb 5-1: USB disconnect, device number 8
[  479.392845][T12188] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2176'.
[  479.456748][T12192] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2175'.
[  479.491072][T12188] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2176'.
[  479.523645][T12184] device syzkaller0 entered promiscuous mode
[  480.069588][ T4274] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  480.276882][ T4274] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  480.294607][ T4274] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  480.314200][ T4274] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  480.330587][ T4274] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.357122][ T4274] usb 3-1: config 0 descriptor??
[  480.774091][ T4274] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0
[  480.781776][ T4274] cm6533_jd 0003:0D8C:0022.0003: unknown main item tag 0x0
[  480.803651][ T4274] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0D8C:0022.0003/input/input10
[  480.895963][ T4274] cm6533_jd 0003:0D8C:0022.0003: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0
[  480.978362][ T4274] usb 3-1: USB disconnect, device number 5
[  481.079767][T12223] fido_id[12223]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  482.347633][T12211] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  482.354553][T12211] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  482.372652][T12211] Bluetooth: hci0: Suspend notifier action (1) failed: -4
[  482.380722][T12211] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  482.387370][T12211] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  482.398768][T12211] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[  482.427617][T12211] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  482.434178][T12211] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  482.443419][T12211] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[  482.451760][T12211] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  482.458422][T12211] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  482.476292][T12211] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[  482.483553][T12211] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  482.490081][T12211] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  482.497159][T12211] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[  482.842521][T12239] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2190'.
[  483.024348][ T4371] usb 5-1: new low-speed USB device number 9 using dummy_hcd
[  483.225343][ T4371] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  483.247712][ T4371] usb 5-1: config 0 has no interface number 0
[  483.267237][ T4371] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  483.301051][ T4371] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  483.322908][ T4371] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  483.333043][ T4371] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.368426][ T4371] usb 5-1: config 0 descriptor??
[  483.374214][T12235] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  483.420333][ T4371] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  483.524598][   T14] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  483.629276][ T4371] usb 5-1: USB disconnect, device number 9
[  483.635251][    C0] iowarrior 5-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  483.735870][   T14] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  483.761613][   T14] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  483.781272][   T14] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  483.792387][   T14] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.812614][   T14] usb 3-1: config 0 descriptor??
[  483.997227][T12276] Falling back ldisc for ptm0.
[  484.247405][   T14] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0
[  484.268968][   T14] cm6533_jd 0003:0D8C:0022.0004: unknown main item tag 0x0
[  484.292982][   T14] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0D8C:0022.0004/input/input11
[  484.336736][T12290] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2211'.
[  484.382985][   T14] cm6533_jd 0003:0D8C:0022.0004: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0
[  484.411419][ T4280] Bluetooth: hci2: command 0x0c1a tx timeout
[  484.417728][   T48] Bluetooth: hci0: command 0x0c1a tx timeout
[  484.484549][   T48] Bluetooth: hci4: command 0x0c1a tx timeout
[  484.490724][   T48] Bluetooth: hci3: command 0x0c1a tx timeout
[  484.494929][ T4280] Bluetooth: hci1: command 0x0c1a tx timeout
[  484.561808][ T4335] usb 3-1: USB disconnect, device number 6
[  485.023037][T12301] fido_id[12301]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  486.090150][T12318] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2217'.
[  486.484403][ T4272] Bluetooth: hci2: command 0x0406 tx timeout
[  486.490507][ T4280] Bluetooth: hci0: command 0x0406 tx timeout
[  486.531598][T12326] device syzkaller0 entered promiscuous mode
[  486.564551][ T4280] Bluetooth: hci1: command 0x0406 tx timeout
[  486.565972][   T48] Bluetooth: hci3: command 0x0406 tx timeout
[  486.570710][ T4280] Bluetooth: hci4: command 0x0406 tx timeout
[  487.173271][T12337] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2222'.
[  487.394418][T12339] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2222'.
[  488.040405][T12349] device syzkaller0 entered promiscuous mode
[  488.524948][T12365] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2230'.
[  488.577028][T12365] netlink: 'syz.3.2230': attribute type 12 has an invalid length.
[  489.607323][ T4280] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  489.664519][   T14] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  489.826196][T12385] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  489.854709][T12385] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  489.904507][   T14] usb 3-1: Using ep0 maxpacket: 16
[  489.926456][   T14] usb 3-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22
[  489.951648][   T14] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  489.961564][   T14] usb 3-1: Product: syz
[  489.966038][   T14] usb 3-1: Manufacturer: syz
[  489.970678][   T14] usb 3-1: SerialNumber: syz
[  490.178517][T12395] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  490.203319][   T14] usb 3-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state
[  490.239050][   T14] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  490.261375][   T14] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0)
[  490.277192][T12402] device syzkaller0 entered promiscuous mode
[  490.290140][   T14] usb 3-1: media controller created
[  490.332778][   T14] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  490.605888][   T14] zl10353_read_register: readreg error (reg=127, ret==-110)
[  490.869917][   T14] dvb_usb_gl861: probe of 3-1:157.0 failed with error -5
[  490.894215][T12418] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2242'.
[  490.922143][   T14] usb 3-1: USB disconnect, device number 7
[  491.042179][T12418] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  491.063297][T12418] net_ratelimit: 1 callbacks suppressed
[  491.063308][T12418] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  491.292334][T12426] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2243'.
[  491.340558][T12426] netlink: 'syz.0.2243': attribute type 12 has an invalid length.
[  492.708600][T12447] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2247'.
[  492.844537][    T7] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  493.034587][    T7] usb 1-1: Using ep0 maxpacket: 8
[  493.042407][    T7] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  493.079554][    T7] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  493.147036][    T7] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  493.192365][    T7] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  493.229476][    T7] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  493.262776][    T7] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  493.272741][    T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  493.496051][    T7] usb 1-1: usb_control_msg returned -32
[  493.501756][    T7] usbtmc 1-1:16.0: can't read capabilities
[  493.721373][T12473] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  493.753629][T12473] 8021q: adding VLAN 0 to HW filter on device bond0
[  493.791613][T12473] 8021q: adding VLAN 0 to HW filter on device team0
[  493.803750][T12473] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  494.160661][T12484] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2256'.
[  494.450404][T12487] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2259'.
[  494.482030][T12487] netlink: 'syz.2.2259': attribute type 12 has an invalid length.
[  495.558480][ T4371] usb 1-1: USB disconnect, device number 6
[  495.675833][T12502] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2263'.
[  495.863739][T12510] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2267'.
[  496.047917][T12515] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  496.061468][T12515] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  496.530857][T12520] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  496.838241][T12528] block nbd1: NBD_DISCONNECT
[  496.845378][T12527] block nbd1: Disconnected due to user request.
[  496.852020][T12527] block nbd1: shutting down sockets
[  497.114900][T12538] tipc: Cannot configure node identity twice
[  497.256351][ T4280] Bluetooth: hci1: ACL packet for unknown connection handle 201
[  497.718850][T12554] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  497.784440][T12554] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  498.160233][T12565] syz.3.2284 (12565) used obsolete PPPIOCDETACH ioctl
[  498.228332][T12568] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  498.724529][   T14] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  498.926167][   T14] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  498.948051][   T14] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  498.983146][   T14] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  499.028436][   T14] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  499.066235][   T14] usb 4-1: config 0 descriptor??
[  499.134458][ T4280] Bluetooth: hci1: command 0x0409 tx timeout
[  499.486077][   T14] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0
[  499.493448][   T14] cm6533_jd 0003:0D8C:0022.0005: unknown main item tag 0x0
[  499.519087][   T14] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0D8C:0022.0005/input/input12
[  499.550823][   T14] cm6533_jd 0003:0D8C:0022.0005: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0
[  499.571472][T12599] device syzkaller1 entered promiscuous mode
[  499.707348][ T4371] usb 4-1: USB disconnect, device number 8
[  499.791227][T12603] (unnamed net_device) (uninitialized): option packets_per_slave: invalid value (1048582)
[  499.801587][T12603] (unnamed net_device) (uninitialized): option packets_per_slave: allowed values 0 - 65535
[  499.826544][T12601] fido_id[12601]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  499.971333][T12612] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2296'.
[  500.897280][T12644] binder: 12643:12644 unknown command 0
[  500.903249][T12644] binder: 12643:12644 ioctl c0306201 200000000080 returned -22
[  500.920032][T12644] binder: 12643:12644 ioctl c0306201 2000000003c0 returned -14
[  501.052576][ T4272] Bluetooth: hci4: unexpected event 0x09 length: 4 > 3
[  501.456593][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  501.494505][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  502.644398][ T4371] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  502.846433][ T4371] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  502.874144][ T4371] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  502.932579][ T4371] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  503.003377][ T4371] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.060127][ T4371] usb 1-1: config 0 descriptor??
[  503.093645][T12672] netlink: 'syz.4.2315': attribute type 10 has an invalid length.
[  503.136468][T12672] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2315'.
[  503.213589][   T27] audit: type=1326 audit(1768789192.211:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12669 comm="syz.4.2315" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fe309f9acb9 code=0x0
[  503.495884][ T4371] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0
[  503.508219][ T4371] cm6533_jd 0003:0D8C:0022.0006: unknown main item tag 0x0
[  503.540894][ T4371] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0D8C:0022.0006/input/input13
[  503.621723][T12680] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  503.622105][ T4371] cm6533_jd 0003:0D8C:0022.0006: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0
[  503.772854][ T4371] usb 1-1: USB disconnect, device number 7
[  504.105784][T12683] fido_id[12683]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  504.224430][   T22] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  504.430665][   T22] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  504.605971][   T22] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  505.264112][   T22] usb 2-1: config 0 descriptor??
[  505.320006][   T22] cp210x 2-1:0.0: cp210x converter detected
[  505.742014][T12716] netlink: 68 bytes leftover after parsing attributes in process `syz.0.2327'.
[  505.904509][T12716] netlink: 'syz.0.2327': attribute type 12 has an invalid length.
[  506.228358][T12733] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  506.304738][T12733] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  506.799309][   T22] usb 2-1: cp210x converter now attached to ttyUSB0
[  506.879933][   T22] usb 2-1: USB disconnect, device number 8
[  506.915152][T12750] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2332'.
[  506.934030][   T22] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  506.989313][   T22] cp210x 2-1:0.0: device disconnected
[  507.194447][ T4335] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  507.406213][ T4335] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  507.428775][ T4335] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  507.459558][ T4335] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.486815][ T4335] usb 3-1: config 0 descriptor??
[  507.503796][ T4335] pwc: Askey VC010 type 2 USB webcam detected.
[  507.684732][   T22] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  508.713349][   T22] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  508.751391][ T4335] pwc: recv_control_msg error -32 req 02 val 2b00
[  508.760942][   T22] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  508.775963][ T4335] pwc: recv_control_msg error -32 req 02 val 2700
[  508.804767][ T4335] pwc: recv_control_msg error -32 req 02 val 2c00
[  508.819678][T12766] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2336'.
[  508.824737][   T22] usb 1-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  508.861318][   T22] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.891169][   T22] usb 1-1: config 0 descriptor??
[  509.012568][ T4335] pwc: recv_control_msg error -32 req 04 val 1300
[  509.027044][ T4335] pwc: recv_control_msg error -32 req 04 val 1400
[  509.051016][ T4335] pwc: recv_control_msg error -32 req 02 val 2000
[  509.069450][ T4335] pwc: recv_control_msg error -32 req 02 val 2100
[  509.088607][ T4335] pwc: recv_control_msg error -32 req 04 val 1500
[  509.096273][ T4335] pwc: recv_control_msg error -32 req 02 val 2500
[  509.323633][ T4335] pwc: recv_control_msg error -71 req 02 val 2600
[  509.336875][   T22] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x0
[  509.349633][   T22] cm6533_jd 0003:0D8C:0022.0007: unknown main item tag 0x0
[  509.349773][ T4335] pwc: recv_control_msg error -71 req 02 val 2900
[  509.367627][   T22] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0D8C:0022.0007/input/input14
[  509.383331][ T4335] pwc: recv_control_msg error -71 req 02 val 2800
[  509.407143][ T4335] pwc: recv_control_msg error -71 req 04 val 1100
[  509.416458][   T22] cm6533_jd 0003:0D8C:0022.0007: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0
[  509.433100][ T4335] pwc: recv_control_msg error -71 req 04 val 1200
[  509.510810][ T4335] pwc: Registered as video103.
[  509.554436][ T4335] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input15
[  509.594524][ T4335] usb 3-1: USB disconnect, device number 8
[  509.691599][ T4326] usb 1-1: USB disconnect, device number 8
[  509.728793][ T4737] udevd[4737]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[  509.817187][T12776] fido_id[12776]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  511.829931][T12770] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  511.924730][T12770] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  512.062157][T12770] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  512.149678][T12797] netlink: 68 bytes leftover after parsing attributes in process `syz.3.2344'.
[  512.153240][T12770] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  513.119523][T12813] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2347'.
[  513.183755][T12770] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  513.214100][T12770] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  513.237119][T12770] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  513.282649][T12770] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  514.037392][T12841] device syzkaller0 entered promiscuous mode
[  514.449523][T12846] device syzkaller0 entered promiscuous mode
[  514.764130][T12855] netlink: 68 bytes leftover after parsing attributes in process `syz.2.2360'.
[  514.959460][T12859] =======================================================
[  514.959460][T12859] WARNING: The mand mount option has been deprecated and
[  514.959460][T12859]          and is ignored by this kernel. Remove the mand
[  514.959460][T12859]          option from the mount to silence this warning.
[  514.959460][T12859] =======================================================
[  515.647393][T12869] 
[  515.649806][T12869] ======================================================
[  515.656865][T12869] WARNING: possible circular locking dependency detected
[  515.663931][T12869] syzkaller #0 Not tainted
[  515.668379][T12869] ------------------------------------------------------
[  515.675428][T12869] syz.3.2364/12869 is trying to acquire lock:
[  515.681552][T12869] ffff888053de9f98 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}, at: __flush_work+0x10d/0xae0
[  515.693123][T12869] 
[  515.693123][T12869] but task is already holding lock:
[  515.700529][T12869] ffff888053de8c70 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x251/0x530
[  515.709590][T12869] 
[  515.709590][T12869] which lock already depends on the new lock.
[  515.709590][T12869] 
[  515.720041][T12869] 
[  515.720041][T12869] the existing dependency chain (in reverse order) is:
[  515.729129][T12869] 
[  515.729129][T12869] -> #1 (sk_lock-AF_SMC/1){+.+.}-{0:0}:
[  515.736928][T12869]        lock_sock_nested+0x44/0x100
[  515.742298][T12869]        smc_listen_out+0x109/0x3d0
[  515.747556][T12869]        smc_listen_work+0x581/0xd70
[  515.752902][T12869]        process_one_work+0x8a2/0x1160
[  515.758411][T12869]        worker_thread+0xaa2/0x1270
[  515.763671][T12869]        kthread+0x29d/0x330
[  515.768326][T12869]        ret_from_fork+0x1f/0x30
[  515.773312][T12869] 
[  515.773312][T12869] -> #0 ((work_completion)(&new_smc->smc_listen_work)){+.+.}-{0:0}:
[  515.783523][T12869]        __lock_acquire+0x2d07/0x7d10
[  515.789048][T12869]        lock_acquire+0x1bb/0x4a0
[  515.794126][T12869]        __flush_work+0x126/0xae0
[  515.799204][T12869]        __cancel_work_timer+0x3f4/0x560
[  515.804890][T12869]        smc_clcsock_release+0x5c/0xe0
[  515.810391][T12869]        __smc_release+0x661/0x7d0
[  515.815563][T12869]        smc_close_non_accepted+0xd1/0x1f0
[  515.821424][T12869]        smc_close_active+0xb00/0xea0
[  515.826858][T12869]        __smc_release+0x8d/0x7d0
[  515.831939][T12869]        smc_release+0x2ca/0x530
[  515.836925][T12869]        sock_close+0xd5/0x240
[  515.841734][T12869]        __fput+0x22c/0x920
[  515.846282][T12869]        task_work_run+0x1d0/0x260
[  515.851439][T12869]        exit_to_user_mode_loop+0xe6/0x110
[  515.857305][T12869]        exit_to_user_mode_prepare+0xee/0x180
[  515.863429][T12869]        syscall_exit_to_user_mode+0x16/0x40
[  515.869461][T12869]        do_syscall_64+0x58/0xa0
[  515.874435][T12869]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  515.880898][T12869] 
[  515.880898][T12869] other info that might help us debug this:
[  515.880898][T12869] 
[  515.891228][T12869]  Possible unsafe locking scenario:
[  515.891228][T12869] 
[  515.898696][T12869]        CPU0                    CPU1
[  515.904069][T12869]        ----                    ----
[  515.909447][T12869]   lock(sk_lock-AF_SMC/1);
[  515.913979][T12869]                                lock((work_completion)(&new_smc->smc_listen_work));
[  515.923449][T12869]                                lock(sk_lock-AF_SMC/1);
[  515.930495][T12869]   lock((work_completion)(&new_smc->smc_listen_work));
[  515.937456][T12869] 
[  515.937456][T12869]  *** DEADLOCK ***
[  515.937456][T12869] 
[  515.945617][T12869] 2 locks held by syz.3.2364/12869:
[  515.950817][T12869]  #0: ffff888075a92c10 (&sb->s_type->i_mutex_key#11){+.+.}-{3:3}, at: sock_close+0x90/0x240
[  515.961026][T12869]  #1: ffff888053de8c70 (sk_lock-AF_SMC/1){+.+.}-{0:0}, at: smc_release+0x251/0x530
[  515.970562][T12869] 
[  515.970562][T12869] stack backtrace:
[  515.976484][T12869] CPU: 0 PID: 12869 Comm: syz.3.2364 Not tainted syzkaller #0
[  515.983968][T12869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  515.994070][T12869] Call Trace:
[  515.997374][T12869]  <TASK>
[  516.000317][T12869]  dump_stack_lvl+0x188/0x24e
[  516.005034][T12869]  ? load_image+0x400/0x400
[  516.009581][T12869]  ? show_regs_print_info+0x12/0x12
[  516.014822][T12869]  ? print_circular_bug+0x12b/0x1a0
[  516.020072][T12869]  check_noncircular+0x296/0x330
[  516.025052][T12869]  ? look_up_lock_class+0x75/0x140
[  516.030178][T12869]  ? add_chain_block+0x940/0x940
[  516.035136][T12869]  ? lockdep_lock+0xf1/0x1f0
[  516.039740][T12869]  ? lock_release+0xcf/0x920
[  516.044383][T12869]  ? _find_first_zero_bit+0xcf/0x100
[  516.049718][T12869]  __lock_acquire+0x2d07/0x7d10
[  516.054585][T12869]  ? unwind_next_frame+0x1880/0x20b0
[  516.059880][T12869]  ? deref_stack_reg+0x19f/0x230
[  516.064837][T12869]  ? __bfs+0x2a3/0x5c0
[  516.068918][T12869]  ? verify_lock_unused+0x140/0x140
[  516.074126][T12869]  ? mark_lock+0x94/0x320
[  516.078476][T12869]  ? __lock_acquire+0x13cf/0x7d10
[  516.083539][T12869]  ? add_chain_block+0x940/0x940
[  516.088615][T12869]  ? lockdep_unlock+0x142/0x2e0
[  516.093482][T12869]  lock_acquire+0x1bb/0x4a0
[  516.098034][T12869]  ? __flush_work+0x10d/0xae0
[  516.102755][T12869]  ? __lock_acquire+0x13cf/0x7d10
[  516.107796][T12869]  ? read_lock_is_recursive+0x10/0x10
[  516.113198][T12869]  ? __flush_work+0x10d/0xae0
[  516.117893][T12869]  __flush_work+0x126/0xae0
[  516.122411][T12869]  ? __flush_work+0x10d/0xae0
[  516.127105][T12869]  ? verify_lock_unused+0x140/0x140
[  516.132320][T12869]  ? flush_work+0x20/0x20
[  516.136662][T12869]  ? try_to_grab_pending+0xfa/0x860
[  516.141910][T12869]  ? lockdep_hardirqs_off+0x70/0x100
[  516.147226][T12869]  ? mark_lock+0x94/0x320
[  516.151601][T12869]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  516.157630][T12869]  ? lock_chain_count+0x20/0x20
[  516.162522][T12869]  ? __cancel_work_timer+0x36a/0x560
[  516.167853][T12869]  __cancel_work_timer+0x3f4/0x560
[  516.172985][T12869]  ? cancel_work_sync+0x20/0x20
[  516.177849][T12869]  ? __smc_release+0x659/0x7d0
[  516.182632][T12869]  ? __local_bh_enable_ip+0x136/0x1c0
[  516.188023][T12869]  ? lockdep_hardirqs_on+0x94/0x140
[  516.193236][T12869]  ? __local_bh_enable_ip+0x136/0x1c0
[  516.198626][T12869]  ? _local_bh_enable+0xa0/0xa0
[  516.203495][T12869]  smc_clcsock_release+0x5c/0xe0
[  516.208442][T12869]  __smc_release+0x661/0x7d0
[  516.213152][T12869]  ? do_raw_spin_unlock+0x11d/0x230
[  516.218375][T12869]  smc_close_non_accepted+0xd1/0x1f0
[  516.223725][T12869]  smc_close_active+0xb00/0xea0
[  516.228639][T12869]  ? sock_no_sendpage_locked+0x1c0/0x1c0
[  516.234321][T12869]  __smc_release+0x8d/0x7d0
[  516.238895][T12869]  ? do_raw_spin_unlock+0x11d/0x230
[  516.244125][T12869]  smc_release+0x2ca/0x530
[  516.248571][T12869]  sock_close+0xd5/0x240
[  516.252834][T12869]  ? sock_mmap+0x90/0x90
[  516.257099][T12869]  __fput+0x22c/0x920
[  516.261110][T12869]  task_work_run+0x1d0/0x260
[  516.265740][T12869]  ? task_work_cancel+0x220/0x220
[  516.270783][T12869]  ? exit_to_user_mode_loop+0x3b/0x110
[  516.276268][T12869]  exit_to_user_mode_loop+0xe6/0x110
[  516.281577][T12869]  exit_to_user_mode_prepare+0xee/0x180
[  516.287141][T12869]  syscall_exit_to_user_mode+0x16/0x40
[  516.292708][T12869]  do_syscall_64+0x58/0xa0
[  516.297147][T12869]  ? clear_bhb_loop+0x60/0xb0
[  516.301842][T12869]  ? clear_bhb_loop+0x60/0xb0
[  516.306556][T12869]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  516.312470][T12869] RIP: 0033:0x7f33c7d9acb9
[  516.317092][T12869] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  516.336718][T12869] RSP: 002b:00007f33c8c18028 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[  516.345161][T12869] RAX: 0000000000000000 RBX: 00007f33c8015fa0 RCX: 00007f33c7d9acb9
[  516.353170][T12869] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000000000000
[  516.361163][T12869] RBP: 00007f33c7e08bf7 R08: 0000000000000000 R09: 0000000000000000
[  516.369272][T12869] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  516.377296][T12869] R13: 00007f33c8016038 R14: 00007f33c8015fa0 R15: 00007ffc907312b8
[  516.385290][T12869]  </TASK>
[  516.694858][ T4335] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  516.886193][ T4335] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  516.896735][ T4335] usb 5-1: config 0 interface 0 has no altsetting 0
[  516.920785][ T4335] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  516.932934][ T4335] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  516.941291][ T4335] usb 5-1: Product: syz
[  516.945513][ T4335] usb 5-1: Manufacturer: syz
[  516.950112][ T4335] usb 5-1: SerialNumber: syz
[  516.964989][ T4335] usb 5-1: config 0 descriptor??
[  516.986362][ T4335] usb 5-1: selecting invalid altsetting 0
[  518.713844][ T4326] usb 5-1: USB disconnect, device number 10