last executing test programs:

11m17.826473882s ago: executing program 3 (id=4):
socket$alg(0x26, 0x5, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000004c0)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
set_mempolicy(0x2, 0x0, 0x3)

11m17.637322649s ago: executing program 0 (id=1):
socket$unix(0x1, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000500)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
fchdir(r4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f00000001c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000340)='./file0\x00', &(0x7f0000000140), 0x200800, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@volatile}]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000440)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1/file0'}}]})

11m14.95765546s ago: executing program 1 (id=8):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0xa, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x1}, 0xe)

11m14.080053919s ago: executing program 1 (id=9):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x40980, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x2)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)

11m12.954950307s ago: executing program 1 (id=10):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
pread64(0xffffffffffffffff, &(0x7f0000002c00)=""/4082, 0xfffffffffffffe27, 0x0)

11m11.988152927s ago: executing program 0 (id=12):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f00000198c0)=""/102400, 0x19000)
r1 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000080)=0xf0)
ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000100)=0xd0)

11m11.871202147s ago: executing program 1 (id=13):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f0000000d80)={0x0, 0x0, &(0x7f0000000940)=[{&(0x7f0000000440)="ea", 0x1}], 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="1400"], 0x18}, 0xc800)
recvmmsg(r3, &(0x7f0000001140), 0x700, 0x2, 0x0)
sendmsg$TIPC_CMD_ENABLE_BEARER(r0, 0x0, 0x408c040)

11m10.128064698s ago: executing program 1 (id=15):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000001200)={0x60000010})
r2 = epoll_create1(0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r3, &(0x7f0000000040)={0x2000})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000300)={0x10000000})

11m8.638921005s ago: executing program 1 (id=17):
ioctl$SIOCRSSL2CALL(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)=@bcast)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
clock_gettime(0x25c9f108699afd8d, 0x0)
io_setup(0x3ff, 0x0)
io_destroy(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000080), 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
unshare(0x22020600)
sendmmsg(0xffffffffffffffff, &(0x7f00000008c0), 0x0, 0x0)

11m2.578395488s ago: executing program 32 (id=4):
socket$alg(0x26, 0x5, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000004c0)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
set_mempolicy(0x2, 0x0, 0x3)

10m56.594684836s ago: executing program 33 (id=12):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f00000198c0)=""/102400, 0x19000)
r1 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x0)
ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000080)=0xf0)
ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000100)=0xd0)

10m52.792356291s ago: executing program 34 (id=17):
ioctl$SIOCRSSL2CALL(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)=@bcast)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
clock_gettime(0x25c9f108699afd8d, 0x0)
io_setup(0x3ff, 0x0)
io_destroy(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, &(0x7f0000000080), 0x0)
io_uring_register$IORING_REGISTER_RESTRICTIONS(0xffffffffffffffff, 0xb, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
unshare(0x22020600)
sendmmsg(0xffffffffffffffff, &(0x7f00000008c0), 0x0, 0x0)

7m47.949759603s ago: executing program 7 (id=575):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r4, &(0x7f0000000240)={0x2, 0x4e24, @local}, 0x10)
dup(0xffffffffffffffff)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x8004, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f00000001c0)={0x1, <r5=>0x0}, 0x8)
r6 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
bpf$LINK_GET_FD_BY_ID(0x1e, 0x0, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sysvipc/msg\x00', 0x0, 0x0)
close(r7)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000280)=ANY=[@ANYRES32=0x0, @ANYRES32=r6, @ANYRESDEC=r5], 0x20)
syz_open_dev$vim2m(0x0, 0x3, 0x2)

7m43.231337349s ago: executing program 7 (id=583):
r0 = socket(0x10, 0x80003, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockname$packet(r0, 0x0, &(0x7f0000000100))

7m42.315571295s ago: executing program 7 (id=587):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x18, 0x5, &(0x7f0000000380)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002b80)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
r2 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000040)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000040)=ANY=[], 0x20)

7m40.958758266s ago: executing program 7 (id=592):
connect$inet6(0xffffffffffffffff, &(0x7f0000000540)={0xa, 0x43fc, 0x3, @dev={0xfe, 0x80, '\x00', 0x30}, 0x3}, 0x1c)
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/comedi4\x00', 0x40, 0x0)
readv(r0, &(0x7f0000000400)=[{&(0x7f0000000300)=""/213, 0xd5}], 0x1)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f00000001c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c00000007000000040000000000000c0200000000612e61483e"], 0x0, 0x2b, 0x0, 0x1}, 0x28)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x104)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0xc0580, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r3, 0x4048aec9, &(0x7f0000000840)={0x6, 0x0, @ioapic={0xeeee0000, 0x8000, 0x8, 0x8, 0x0, [{0x6, 0xbd, 0xff, '\x00', 0x6}, {0x5, 0x12, 0x2, '\x00', 0x4}, {0x4, 0x46, 0x3c, '\x00', 0x6}, {0x1, 0xfb, 0x1}, {0x8, 0x8, 0xc, '\x00', 0x5}, {0x8, 0x77, 0x1, '\x00', 0x19}, {0x17, 0x5, 0xd6, '\x00', 0x8d}, {0xa, 0x9, 0x1, '\x00', 0x6f}, {0x8, 0xf, 0x9, '\x00', 0x9}, {0x0, 0x3, 0xf, '\x00', 0x8}, {0x6, 0x3, 0xe1, '\x00', 0x5}, {0xfa, 0x46, 0x4, '\x00', 0xdd}, {0x1, 0x80, 0x2, '\x00', 0x5}, {0x80, 0x6, 0x3, '\x00', 0x6}, {0x2, 0x81, 0x7, '\x00', 0xfd}, {0x4, 0x5, 0x2, '\x00', 0xf7}, {0x9, 0x10, 0x5, '\x00', 0x1}, {0xb5, 0x0, 0x9, '\x00', 0xc}, {0xa7, 0x1, 0x3, '\x00', 0x7}, {0xf, 0x3, 0x9, '\x00', 0xd}, {0x8, 0x5, 0x0, '\x00', 0x9}, {0x0, 0x5, 0x0, '\x00', 0xf1}, {0xa, 0x5, 0x2f, '\x00', 0xff}, {0x8}]}})
syz_genetlink_get_family_id$tipc(&(0x7f0000000000), r1)

7m38.708606172s ago: executing program 7 (id=595):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x60140, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000000000001"])
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7m37.251393794s ago: executing program 7 (id=597):
socket$nl_route(0x10, 0x3, 0x0)
openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec29, 0x800, 0x1, 0x40000337}, &(0x7f0000000dc0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)
syz_usb_connect(0x5, 0x2d, 0x0, 0x0)

7m22.087279357s ago: executing program 35 (id=597):
socket$nl_route(0x10, 0x3, 0x0)
openat$yama_ptrace_scope(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec29, 0x800, 0x1, 0x40000337}, &(0x7f0000000dc0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
socket$nl_generic(0x10, 0x3, 0x10)
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)
syz_usb_connect(0x5, 0x2d, 0x0, 0x0)

4m3.600337576s ago: executing program 8 (id=1287):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x60140, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000080)=ANY=[@ANYBLOB="0100000000"])
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})

4m2.602347541s ago: executing program 8 (id=1292):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)=ANY=[@ANYBLOB="340000001300050000"], 0x34}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=ANY=[@ANYRES32=r2], 0x34}, 0x1, 0x0, 0x0, 0x800c000}, 0x0)

4m2.021821226s ago: executing program 8 (id=1295):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000002740)={0x0, 0x0, &(0x7f0000002700)={&(0x7f0000002600)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x301, 0x0, 0x0, {0x6, 0x0, 0x4}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x3c}, 0x1, 0x0, 0x0, 0x4004000}, 0x8040)

4m1.502118083s ago: executing program 8 (id=1300):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="020000000400000008"], 0x48)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x85, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e21, 0x0, @local, 0x400009}}, 0x27c0}, 0x90)

4m0.989225476s ago: executing program 8 (id=1303):
syz_emit_ethernet(0x32, 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x0, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, @broadcast=0xac14140a, @multicast1}}}}}}, 0x0)

4m0.436393734s ago: executing program 8 (id=1307):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = shmget$private(0x0, 0x1000, 0x40, &(0x7f0000884000/0x1000)=nil)
shmctl$IPC_RMID(r1, 0x0)

3m45.080864586s ago: executing program 36 (id=1307):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = shmget$private(0x0, 0x1000, 0x40, &(0x7f0000884000/0x1000)=nil)
shmctl$IPC_RMID(r1, 0x0)

10.188782875s ago: executing program 6 (id=2504):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x20080050)

9.836437117s ago: executing program 6 (id=2506):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f00000000c0)={0x1d, r1}, 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x20000000)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/profiling', 0xa0042, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/tty/drivers\x00', 0x41, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
sendmmsg(0xffffffffffffffff, &(0x7f0000000b80)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f00000006c0)="9b468da99267a99aed5f6b48ad03b7c825ecb32adffc80ff47af98a3741169ea2fcaa8de0120079173a79cbc6b3e4ef87d968b9bfd", 0x35}], 0x1}}, {{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000001400)}, {&(0x7f0000000700)="ec76b3b81f8baf00b118df1ac0454d8196ee3376807e72c0bd623c3acbac5388b5541634fa21d5627a86986bce473baefeebdb0d59b2c112b6a4041695252ccb163a0bd3dff6c502", 0x48}], 0x2}}], 0x2, 0x404c041)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

8.955508021s ago: executing program 6 (id=2511):
socket$pppoe(0x18, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet(0x2, 0x2, 0x1)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000200081044e81f782db44b90402000000e8fe55a1180015000600142603600e1209000a0000000401a80016000a00114006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee0808856e408e8d8ef52b49816277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006d8df969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e970100040000", 0xd8}], 0x1}, 0x0)

8.925812888s ago: executing program 2 (id=2512):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, 0x0, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000080)=0xcd, 0x4)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e21, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000040)=0xfffffffc, 0x4)
recvmmsg(r0, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000cc0)=""/16, 0x10}, 0x1}], 0x1, 0x45833af92e4b39ff, 0x0)

4.555660558s ago: executing program 6 (id=2527):
ioprio_set$uid(0x3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000780)=ANY=[@ANYBLOB="84000000", @ANYRES16=r1], 0x84}}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xa, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x40)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a84000000060a0b0400000000000000000200000058000480540001800a0001006d617463680000004400028008000240000000002c0003005c260400000000000023edfcbe6d55b57cb15e63c15c46395916e2b388abc3d6ce2316334e8278ad0a0001006c696d69740000000900010073797a30000000000900020073797a32"], 0xac}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8b34, &(0x7f0000000000)={'wlan0\x00'})
recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

4.095364688s ago: executing program 2 (id=2529):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000300)={0x28, r3, 0x1, 0x0, 0x25dfdbff, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0x9, 0x9, 0x0]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x20080050)

3.543683403s ago: executing program 5 (id=2533):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a0702839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfc8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b282f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4de517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1bdb58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000041dcc4cabfc4a21604f0b80da4ec5500000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae6e5c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace201020875c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2f95b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa5"], 0x0}, 0x94)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

3.462672821s ago: executing program 6 (id=2534):
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000800)=ANY=[@ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r0], 0x3c}}, 0x10)

3.109530855s ago: executing program 2 (id=2535):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1200000008000000040000000200000000000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB], 0x50)
set_mempolicy(0x4004, 0x0, 0xa60)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe1d}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x401}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r3, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4})
ioctl$sock_netdev_private(r3, 0x89f1, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001700)={r2, 0x2000002, 0xe, 0x0, &(0x7f0000000080)="df33c9f7b9a600000000e32853c3", 0x0, 0xfffffbff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet(0x2, 0x4000000000000001, 0x0)
syz_open_dev$radio(0x0, 0x3, 0x2)
socket$packet(0x11, 0x2, 0x300)
r4 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r4, 0x10f, 0x87, 0x0, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r5, 0x0, 0x0)

3.015907569s ago: executing program 4 (id=2536):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffb, {0x0, 0x0, 0x0, 0x0, {0x0, 0x9}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
r1 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="4800000010001fff0000056800080000faff0000", @ANYRES32=0x0, @ANYBLOB="c30c424700000000280012800a00010076786c616e00000018000280140011"], 0x48}}, 0x0)

2.951933283s ago: executing program 5 (id=2537):
socket(0x10, 0x3, 0x2)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000480)='ns/uts\x00')
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x42, &(0x7f00000002c0)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x34, 0x0, 0x20, 0xfc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300, {[@end]}}, @dest_unreach={0x3, 0x6, 0x0, 0x0, 0xfa, 0x9, {0x5, 0x4, 0x0, 0x7, 0xfff6, 0x65, 0x5, 0x1, 0x4, 0x3, @private=0xa010102, @remote}}}}}}, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f00000000c0)={@multicast1=0x1c, @empty=0xe0000300, 0x4, "8a79348df081496d0420922f45a71c1daa8b610468cd140526c41efcd3a4a422", 0x3, 0x3, 0x85}, 0x3c)

2.934959057s ago: executing program 6 (id=2538):
socket$pppoe(0x18, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet(0x2, 0x2, 0x1)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)="d8000000200081044e81f782db44b90402000000e8fe55a1180015000600142603600e1209000a0000000401a80016000a00114006000000036010fab94dcf5c0468c1d67f6f94007134cf6ee0808856e408e8d8ef52b49816277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9db22fe7c9f8775730d16a4683f1aeb4edbb57a5025ccca9e00360db70100000040fad95667e006d8df969b3ef35ce3bb9ad809d561cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e970100040000", 0xd8}], 0x1}, 0x0)

2.82791314s ago: executing program 9 (id=2539):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, 0x0, 0x0)
setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000080)=0xcd, 0x4)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e21, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000040)=0xfffffffc, 0x4)
recvmmsg(r0, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000cc0)=""/16, 0x10}, 0x1}], 0x1, 0x45833af92e4b39ff, 0x0)

2.391357799s ago: executing program 4 (id=2540):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
socket(0x2c, 0x3, 0x0)
epoll_create1(0x0)
sendmsg$NL80211_CMD_JOIN_MESH(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0x0, 0x0, 0x0, 0x2000004, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x1, 0x200008, 0x5, 0x4}, 0x10}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r0], 0x4c}}, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.318984767s ago: executing program 5 (id=2541):
r0 = socket$inet(0x2, 0x3, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r3=>0x0})
socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_SET(r1, 0x0, 0x20040850)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000005fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002dbd0600ffdbdb252100000008000300", @ANYRES32=r3, @ANYBLOB="0600eb00000800000400ec000a00060008021100000100000600f70000ff000008009e"], 0x44}, 0x1, 0x0, 0x0, 0x4048020}, 0x20000)

2.157615748s ago: executing program 9 (id=2542):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000003c0)='sys_enter\x00', r0}, 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r3, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sendmsg$inet(r6, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r5, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000900), 0x100}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$inet(r8, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg(r7, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001dc0)=""/4096, 0x1000}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r9=>0x0}, 0x8)
bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r9, 0x4)

1.767180155s ago: executing program 4 (id=2543):
r0 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1={0xff, 0x4}}, 0x1c)
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x4000000)

1.69189605s ago: executing program 2 (id=2544):
ioprio_set$uid(0x3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000780)=ANY=[@ANYBLOB="84000000", @ANYRES16=r1, @ANYBLOB], 0x84}}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xa, 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x40)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a84000000060a0b0400000000000000000200000058000480540001800a0001006d617463680000004400028008000240000000002c0003005c260400000000000023edfcbe6d55b57cb15e63c15c46395916e2b388abc3d6ce2316334e8278ad0a0001006c696d69740000000900010073797a30000000000900020073797a32"], 0xac}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8b34, &(0x7f0000000000)={'wlan0\x00'})
recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

1.484329168s ago: executing program 9 (id=2545):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000300)={0x28, r3, 0x1, 0x0, 0x25dfdbff, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0x9, 0x9, 0x0]}]}, 0x28}, 0x1, 0x0, 0x0, 0x4}, 0x20080050)

1.209781125s ago: executing program 4 (id=2546):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, 0x0, 0x20000000)
r2 = accept4(r0, 0x0, 0x0, 0x80000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
r4 = socket$l2tp(0x2, 0x2, 0x73)
bind$l2tp(r4, &(0x7f00000000c0), 0x10)
sendmsg$NL80211_CMD_SET_STATION(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)={0x14, 0x0, 0x400, 0x70bd25, 0x25dfdbfe, {{}, {@void, @void}}}, 0x14}, 0x1, 0x0, 0x0, 0xd0}, 0x4000000)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)={0x4c, 0x2, 0x6, 0x801, 0xe4340000, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_TYPENAME={0x12, 0x3, 'hash:net,port\x00'}]}, 0x4c}}, 0x2)
sendmsg$IPSET_CMD_ADD(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)={0x5c, 0x9, 0x6, 0x801, 0x0, 0x0, {0x7}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x34, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0x18, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV6={0x14, 0x2, 0x1, 0x0, @remote}}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0xe1f}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x88}, @IPSET_ATTR_PORT_TO={0x6, 0x5, 0x1, 0x0, 0x4e22}]}]}, 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)
sendmsg$alg(r2, 0x0, 0x4004080)

1.19214493s ago: executing program 5 (id=2547):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r2=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b70200001a000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b70600007fffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd0cdfa146ec561750379585e5a0702839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946e0ebc622003b538dfc8e012e79578e51bc5f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3670ef0e789f65f1328d6704902cbe7bc04b82d2789cb132b803000000661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7b148ba532e6ea09c346dfebd38608b32a0080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e14861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fd3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16b089f37b3591a15c0a9be6eb18208404c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b74cd36e7487afa447e2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2a2d0e0000000000000578673f8b6e74ce23877a6b24db0e067345560942fa629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d73415cda2130f50714600fb6241c6e955031795b282f56411e48455b5a8b90dfae158b94f50adab988dd8e12baf5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a308bcc87dc3addb08141bdee5d27874b2f663ddeedd005b3d96c7aabf4de517d90bdc01e73835d5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b315f651c8412392191fa83ee830548f11e1036a8debd64cbe359454a3f2239cfe00000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1bdb58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4eda0545c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708294cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000041dcc4cabfc4a21604f0b80da4ec5500000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae6e5c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e80339f9953c3093c3690d10ecb65dc5b47481edbf1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd52364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5656ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4746e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000a5ace201020875c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f2500579aca11033ec14bb9cc16bd83a00840e31d828ec78e116ae46c4897e2f95b6ff92e9a1e24b0b855c02f2b7add58ffb25f3390343c12aa5"], 0x0}, 0x94)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

1.029284001s ago: executing program 9 (id=2548):
socket$inet_smc(0x2b, 0x1, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000800)=ANY=[@ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB="1f003300d00000000802110000010802110000005050505050500000", @ANYRES8=r0], 0x3c}}, 0x10)

943.945723ms ago: executing program 2 (id=2549):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.sectors\x00', 0x26e1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007d000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100))
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x101000, 0x0)
open(0x0, 0x48afd, 0x180)
syz_open_dev$video(&(0x7f0000000040), 0xa7, 0x0)
syz_open_dev$video4linux(&(0x7f0000000540), 0xf, 0x101002)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x103000)
open$dir(&(0x7f0000000080)='./file0\x00', 0x28080, 0x108)
syz_io_uring_setup(0x313c, &(0x7f0000000000)={0x0, 0x500, 0x3600, 0x1, 0x376, 0x0, r0}, 0x0, 0x0)
epoll_create(0x8000)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=0x0, @ANYRES8=r1], 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r2, &(0x7f0000000200)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r2, &(0x7f0000000000), 0xd)

611.570999ms ago: executing program 4 (id=2550):
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x3, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000008000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x41, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f00000001c0)={'wpan1\x00', <r2=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000000)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="3f9d00000000000000001700000008000300", @ANYRES32=r2, @ANYBLOB="60003080050002000000000014000400403a050c5bae9c544ef2b6d713459a7a1c000180050002000000000008000400050000000800010002000000240003"], 0x7c}, 0x1, 0x0, 0x0, 0x4004}, 0x0)

611.205703ms ago: executing program 5 (id=2551):
ioctl$TUNGETVNETLE(0xffffffffffffffff, 0x800454dd, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000480)='ns/uts\x00')
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x42, &(0x7f00000002c0)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x6, 0x4, 0x0, 0x0, 0x34, 0x0, 0x20, 0xfc, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300, {[@end]}}, @dest_unreach={0x3, 0x6, 0x0, 0x0, 0xfa, 0x9, {0x5, 0x4, 0x0, 0x7, 0xfff6, 0x65, 0x5, 0x1, 0x4, 0x3, @private=0xa010102, @remote}}}}}}, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f00000000c0)={@multicast1=0x1c, @empty=0xe0000300, 0x4, "8a79348df081496d0420922f45a71c1daa8b610468cd140526c41efcd3a4a422", 0x3, 0x3, 0x85}, 0x3c)

513.025115ms ago: executing program 9 (id=2552):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, 0x0, 0x0)
setsockopt$inet_int(r0, 0x0, 0x7, &(0x7f0000000080)=0xcd, 0x4)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e21, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000040)=0xfffffffc, 0x4)
recvmmsg(r0, &(0x7f00000031c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000cc0)=""/16, 0x10}, 0x1}], 0x1, 0x45833af92e4b39ff, 0x0)

173.103268ms ago: executing program 2 (id=2553):
socket$kcm(0x10, 0x400000002, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'sit0\x00', <r0=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000000)={@local, 0x78, r0})
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x8936, &(0x7f0000000000))

79.880115ms ago: executing program 9 (id=2554):
syz_emit_ethernet(0x7a, &(0x7f0000000140)=ANY=[], 0x0)
syz_init_net_socket$ax25(0x3, 0x2, 0xf0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000040)={0x5, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x80040005, 0x0, 0x0, 0x41100, 0x18}, 0x94)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl(r0, 0x8b1a, &(0x7f0000000040))

76.725107ms ago: executing program 5 (id=2555):
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x8, @loopback}, 0x1c)
listen(r0, 0x5)
accept4(r0, 0x0, 0x0, 0x80800)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x24040014, &(0x7f0000000000)={0xa, 0x4e22, 0x7, @empty, 0xfffffffe}, 0x1c)

0s ago: executing program 4 (id=2556):
r0 = socket$inet6(0xa, 0x2, 0x3a)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @mcast1={0xff, 0x4}}, 0x1c)
sendmsg$NL80211_CMD_TDLS_CHANNEL_SWITCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0xffd8}}, 0x4000000)

kernel console output (not intermixed with test programs):

ig 0 has an invalid interface number: 85 but max is 0
[  269.790336][ T5860] usb 3-1: config 0 has no interface number 0
[  269.796915][ T5860] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  269.808616][ T5860] usb 3-1: config 0 interface 85 has no altsetting 0
[  269.932375][ T5860] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  269.941828][ T5860] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.950564][ T5860] usb 3-1: Product: syz
[  269.955227][ T5860] usb 3-1: Manufacturer: syz
[  269.960009][ T5860] usb 3-1: SerialNumber: syz
[  270.047950][ T5860] usb 3-1: config 0 descriptor??
[  270.711978][ T5860] appletouch 3-1:0.85: Geyser mode initialized.
[  270.722719][ T5860] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input6
[  270.971275][ T5860] usb 3-1: USB disconnect, device number 3
[  271.084416][ T5860] appletouch 3-1:0.85: input: appletouch disconnected
[  272.236823][ T6345] Zero length message leads to an empty skb
[  274.471826][ T6378] netlink: 56 bytes leftover after parsing attributes in process `syz.4.88'.
[  274.642860][ T1094] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.651638][ T1094] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  274.954228][ T4126] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  274.962417][ T4126] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  276.528032][ T5876] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  276.749823][ T5876] usb 5-1: Using ep0 maxpacket: 32
[  276.760903][ T4126] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  276.769359][ T4126] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  276.806257][ T5876] usb 5-1: config 0 has an invalid interface number: 85 but max is 0
[  276.814898][ T5876] usb 5-1: config 0 has no interface number 0
[  276.821371][ T5876] usb 5-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  276.833211][ T5876] usb 5-1: config 0 interface 85 has no altsetting 0
[  276.926167][ T5876] usb 5-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  276.935921][ T5876] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  276.944764][ T5876] usb 5-1: Product: syz
[  276.949152][ T5876] usb 5-1: Manufacturer: syz
[  276.958674][ T5876] usb 5-1: SerialNumber: syz
[  277.105708][ T5876] usb 5-1: config 0 descriptor??
[  277.147926][ T3965] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  277.158408][ T3965] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  277.814146][ T5876] appletouch 5-1:0.85: Failed to request geyser raw mode
[  277.822247][ T5876] appletouch 5-1:0.85: probe with driver appletouch failed with error -5
[  277.915335][ T5876] usb 5-1: USB disconnect, device number 2
[  280.998810][ T6451] netlink: 24 bytes leftover after parsing attributes in process `syz.6.112'.
[  281.334223][ T5876] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  281.586178][ T5876] usb 7-1: config 0 has an invalid interface number: 168 but max is 0
[  281.596584][ T5876] usb 7-1: config 0 has no interface number 0
[  281.602958][ T5876] usb 7-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06
[  281.613381][ T5876] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.743158][ T5876] usb 7-1: config 0 descriptor??
[  282.012245][ T5813] Bluetooth: hci6: Malformed LE Event: 0x0d
[  282.030350][ T5876] usb 7-1: string descriptor 0 read error: -71
[  282.061130][ T5876] usb-storage 7-1:0.168: USB Mass Storage device detected
[  282.246682][ T5876] usb-storage 7-1:0.168: Quirks match for vid 05ab pid 0060: 2
[  282.355802][ T5876] usb 7-1: USB disconnect, device number 2
[  284.035631][ T6487] fuse: Bad value for 'rootmode'
[  286.148163][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  286.155767][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  287.707350][ T6533] fuse: Bad value for 'rootmode'
[  290.035147][ T6563] netlink: 24 bytes leftover after parsing attributes in process `syz.4.148'.
[  290.378541][ T5860] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  290.645123][ T5860] usb 5-1: config 0 has an invalid interface number: 168 but max is 0
[  290.654842][ T5860] usb 5-1: config 0 has no interface number 0
[  290.661570][ T5860] usb 5-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06
[  290.675428][ T5860] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.766472][ T6573] fuse: Unknown parameter 'use00000000000000000000'
[  290.779808][ T5860] usb 5-1: config 0 descriptor??
[  291.032421][ T5860] usb 5-1: string descriptor 0 read error: -71
[  291.043345][ T5860] usb-storage 5-1:0.168: USB Mass Storage device detected
[  291.126577][ T5860] usb-storage 5-1:0.168: Quirks match for vid 05ab pid 0060: 2
[  291.225341][ T5860] usb 5-1: USB disconnect, device number 3
[  293.076404][ T6608] syz.5.160 uses obsolete (PF_INET,SOCK_PACKET)
[  293.826886][ T6616] fuse: Unknown parameter 'use00000000000000000000'
[  295.545430][ T6641] netlink: 8 bytes leftover after parsing attributes in process `syz.4.173'.
[  297.088608][ T6658] fuse: Unknown parameter 'use00000000000000000000'
[  298.885014][ T6682] netlink: 8 bytes leftover after parsing attributes in process `syz.2.186'.
[  300.316191][ T6697] fuse: Unknown parameter 'user_i00000000000000000000'
[  300.949814][ T5860] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  301.173227][ T5860] usb 6-1: Using ep0 maxpacket: 32
[  301.187768][ T5860] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  301.199465][ T5860] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  301.209649][ T5860] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  301.222669][ T5860] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.392665][ T5860] usb 6-1: config 0 descriptor??
[  301.944838][ T5860] hid_parser_main: 8 callbacks suppressed
[  301.944946][ T5860] ft260 0003:0403:6030.0002: unknown main item tag 0x7
[  302.091495][ T5860] ft260 0003:0403:6030.0002: chip code: 6424 8183
[  302.226827][ T6720] netlink: 8 bytes leftover after parsing attributes in process `syz.2.201'.
[  302.294643][ T5860] ft260 0003:0403:6030.0002: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.5-1/input0
[  302.498629][ T5860] ft260 0003:0403:6030.0002: failed to retrieve status: -32, no wakeup
[  302.555251][ T5860] ft260 0003:0403:6030.0002: failed to retrieve status: -5
[  302.724684][ T5860] ft260 0003:0403:6030.0002: failed to reset I2C controller: -71
[  302.819736][ T5860] usb 6-1: USB disconnect, device number 2
[  303.424434][ T6733] fuse: Unknown parameter 'user_i00000000000000000000'
[  305.444958][ T6765] netlink: 8 bytes leftover after parsing attributes in process `syz.7.216'.
[  305.569023][ T6765] binder_alloc: 6764: binder_alloc_buf, no vma
[  306.104274][ T5876] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  306.324111][ T5876] usb 5-1: Using ep0 maxpacket: 32
[  306.375664][ T5876] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  306.387001][ T5876] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  306.397231][ T5876] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  306.407012][ T5876] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.592716][ T5876] usb 5-1: config 0 descriptor??
[  306.702750][ T6779] fuse: Unknown parameter 'user_i00000000000000000000'
[  307.104042][ T5876] ft260 0003:0403:6030.0003: unknown main item tag 0x7
[  307.315484][ T5876] ft260 0003:0403:6030.0003: chip code: 6424 8183
[  307.522183][ T5876] ft260 0003:0403:6030.0003: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.4-1/input0
[  307.744308][ T5876] ft260 0003:0403:6030.0003: failed to retrieve status: -32, no wakeup
[  307.819634][ T5876] ft260 0003:0403:6030.0003: failed to retrieve status: -5
[  307.990725][ T5876] ft260 0003:0403:6030.0003: failed to reset I2C controller: -71
[  308.114005][ T5876] usb 5-1: USB disconnect, device number 4
[  308.274521][ T6792] netlink: 44 bytes leftover after parsing attributes in process `syz.7.225'.
[  308.634994][ T5809] Bluetooth: hci1: command 0x0406 tx timeout
[  308.641263][ T5809] Bluetooth: hci4: command 0x0406 tx timeout
[  309.641041][ T6809] netlink: 8 bytes leftover after parsing attributes in process `syz.2.230'.
[  309.695364][ T5876] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  309.731051][ T6809] binder: BINDER_SET_CONTEXT_MGR already set
[  309.737604][ T6809] binder: 6807:6809 ioctl 4018620d 80004a80 returned -16
[  309.914692][ T5876] usb 8-1: Using ep0 maxpacket: 8
[  309.957390][ T5876] usb 8-1: config index 0 descriptor too short (expected 241, got 203)
[  309.966631][ T5876] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  309.977368][ T5876] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  309.990842][ T5876] usb 8-1: New USB device found, idVendor=2357, idProduct=0109, bcdDevice=bd.da
[  310.000570][ T5876] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  310.151810][ T5876] usb 8-1: config 0 descriptor??
[  310.388776][ T6802] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  310.401724][ T6802] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  310.529826][ T5860] usb 8-1: USB disconnect, device number 2
[  310.889821][ T6821] fuse: Unknown parameter 'user_id00000000000000000000'
[  311.849801][ T6830] netlink: 44 bytes leftover after parsing attributes in process `syz.4.238'.
[  312.083026][ T6835] netlink: 36 bytes leftover after parsing attributes in process `syz.7.241'.
[  312.095336][ T5860] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  312.304425][ T5860] usb 7-1: Using ep0 maxpacket: 32
[  312.334804][ T6838] netlink: 8 bytes leftover after parsing attributes in process `syz.5.242'.
[  312.383880][ T5860] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  312.395272][ T5860] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  312.405746][ T5860] usb 7-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  312.418267][ T5860] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.524695][ T6838] binder_alloc: 6837: binder_alloc_buf, no vma
[  312.627539][ T5860] usb 7-1: config 0 descriptor??
[  312.984129][ T5876] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  313.087838][ T5860] ft260 0003:0403:6030.0004: unknown main item tag 0x7
[  313.240467][ T5876] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  313.251230][ T5876] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  313.260893][ T5876] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  313.271741][ T5860] ft260 0003:0403:6030.0004: chip code: 6424 8183
[  313.342442][ T5876] usb 5-1: config 0 descriptor??
[  313.368960][ T5876] pwc: Askey VC010 type 2 USB webcam detected.
[  313.497032][ T5860] ft260 0003:0403:6030.0004: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.6-1/input0
[  313.705724][ T5860] ft260 0003:0403:6030.0004: failed to retrieve status: -32, no wakeup
[  313.749127][ T5860] ft260 0003:0403:6030.0004: failed to retrieve status: -5
[  313.841483][ T5876] pwc: recv_control_msg error -32 req 02 val 2b00
[  313.874285][ T5876] pwc: recv_control_msg error -32 req 02 val 2700
[  313.906758][ T5876] pwc: recv_control_msg error -32 req 02 val 2c00
[  313.946758][ T5860] ft260 0003:0403:6030.0004: failed to reset I2C controller: -71
[  313.989895][   T30] audit: type=1326 audit(1762980746.300:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6855 comm="syz.7.247" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22539 code=0x7ffc0000
[  313.999501][ T5876] pwc: recv_control_msg error -32 req 04 val 1000
[  314.072787][ T5876] pwc: recv_control_msg error -32 req 04 val 1300
[  314.094248][ T5860] usb 7-1: USB disconnect, device number 3
[  314.150692][   T30] audit: type=1326 audit(1762980746.390:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6855 comm="syz.7.247" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f22539 code=0x7ffc0000
[  314.164931][ T5876] pwc: recv_control_msg error -32 req 04 val 1400
[  314.174478][   T30] audit: type=1326 audit(1762980746.390:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6855 comm="syz.7.247" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22539 code=0x7ffc0000
[  314.203185][   T30] audit: type=1326 audit(1762980746.390:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6855 comm="syz.7.247" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22539 code=0x7ffc0000
[  314.315417][ T5876] pwc: recv_control_msg error -32 req 02 val 2000
[  314.364093][ T5876] pwc: recv_control_msg error -32 req 02 val 2100
[  314.407493][ T5876] pwc: recv_control_msg error -32 req 04 val 1500
[  314.412366][ T6859] fuse: Unknown parameter 'user_id00000000000000000000'
[  314.417297][ T5876] pwc: recv_control_msg error -32 req 02 val 2500
[  314.471261][ T5876] pwc: recv_control_msg error -32 req 02 val 2400
[  314.480893][ T5876] pwc: recv_control_msg error -32 req 02 val 2600
[  314.498102][ T5876] pwc: recv_control_msg error -32 req 02 val 2900
[  314.508321][ T5876] pwc: recv_control_msg error -32 req 02 val 2800
[  314.727049][ T5876] pwc: recv_control_msg error -71 req 04 val 1200
[  314.795549][ T5876] pwc: Registered as video103.
[  314.804515][ T5876] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input8
[  314.943294][ T5876] usb 5-1: USB disconnect, device number 5
[  315.744249][ T6875] netlink: 44 bytes leftover after parsing attributes in process `syz.7.253'.
[  316.064857][ T6879] netlink: 36 bytes leftover after parsing attributes in process `syz.4.254'.
[  316.245157][ T6884] netlink: 8 bytes leftover after parsing attributes in process `syz.6.256'.
[  316.995229][ T6894] fuse: Unknown parameter 'user_id00000000000000000000'
[  317.315308][ T5860] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  317.563259][ T5860] usb 7-1: Using ep0 maxpacket: 32
[  317.653295][ T5860] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  317.664972][ T5860] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  317.677882][ T5860] usb 7-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  317.687593][ T5860] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.874212][ T5450] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  317.955545][ T5860] usb 7-1: config 0 descriptor??
[  318.104660][ T5450] usb 8-1: Using ep0 maxpacket: 8
[  318.233168][ T5450] usb 8-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  318.242981][ T5450] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  318.251732][ T5450] usb 8-1: Product: syz
[  318.256433][ T5450] usb 8-1: Manufacturer: syz
[  318.261345][ T5450] usb 8-1: SerialNumber: syz
[  318.279934][ T5450] usb 8-1: config 0 descriptor??
[  318.306881][ T5450] radio-usb-si4713 8-1:0.0: Si4713 development board discovered: (10C4:8244)
[  318.495134][ T5860] ft260 0003:0403:6030.0005: unknown main item tag 0x7
[  318.709521][ T5860] ft260 0003:0403:6030.0005: chip code: 6424 8183
[  318.945029][ T5860] ft260 0003:0403:6030.0005: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.6-1/input0
[  319.181485][ T5860] ft260 0003:0403:6030.0005: failed to retrieve status: -32, no wakeup
[  319.235334][ T5860] ft260 0003:0403:6030.0005: failed to retrieve status: -5
[  319.314158][ T5450] radio-usb-si4713 8-1:0.0: probe with driver radio-usb-si4713 failed with error -71
[  319.326022][ T5450] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  319.414186][ T5860] ft260 0003:0403:6030.0005: failed to reset I2C controller: -71
[  319.458983][ T5450] usb 8-1: USB disconnect, device number 3
[  319.589448][ T5860] usb 7-1: USB disconnect, device number 4
[  319.758188][ T5876] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  319.978928][ T5876] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  319.987830][ T5876] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  319.999526][ T5876] usb 3-1: config 220 has no interface number 2
[  320.006222][ T5876] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  320.019908][ T5876] usb 3-1: config 220 interface 0 has no altsetting 0
[  320.027054][ T5876] usb 3-1: config 220 interface 76 has no altsetting 0
[  320.034273][ T5876] usb 3-1: config 220 interface 1 has no altsetting 0
[  320.286243][ T5876] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  320.296075][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.304783][ T5876] usb 3-1: Product: syz
[  320.309152][ T5876] usb 3-1: Manufacturer: syz
[  320.314234][ T5876] usb 3-1: SerialNumber: syz
[  320.735957][ T5876] usb 3-1: selecting invalid altsetting 0
[  320.742512][ T5876] uvcvideo 3-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  320.750783][ T5876] uvcvideo 3-1:220.0: No valid video chain found.
[  320.904192][ T5876] usb 3-1: selecting invalid altsetting 0
[  320.910311][ T5876] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  321.028724][ T6925] netlink: 24 bytes leftover after parsing attributes in process `syz.7.268'.
[  321.038265][ T5876] usb 3-1: USB disconnect, device number 4
[  321.124133][ T5853] usb 7-1: new full-speed USB device number 5 using dummy_hcd
[  321.329107][ T5853] usb 7-1: config 0 has an invalid interface number: 151 but max is 0
[  321.340733][ T5853] usb 7-1: config 0 has no interface number 0
[  321.396956][ T5853] usb 7-1: New USB device found, idVendor=0ccd, idProduct=10b2, bcdDevice=44.3c
[  321.406899][ T5853] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.415380][ T5853] usb 7-1: Product: syz
[  321.419740][ T5853] usb 7-1: Manufacturer: syz
[  321.424829][ T5853] usb 7-1: SerialNumber: syz
[  321.531274][ T5853] usb 7-1: config 0 descriptor??
[  321.829009][ T5853] em28xx 7-1:0.151: New device syz syz @ 12 Mbps (0ccd:10b2, interface 151, class 151)
[  321.839281][ T5853] em28xx 7-1:0.151: Device initialization failed.
[  321.846219][ T5853] em28xx 7-1:0.151: Device must be connected to a high-speed USB 2.0 port.
[  321.922580][ T6933] netlink: 8 bytes leftover after parsing attributes in process `syz.5.271'.
[  321.928163][ T5853] usb 7-1: USB disconnect, device number 5
[  323.165622][ T6947] syz_tun: entered promiscuous mode
[  323.171585][ T6947] macvtap1: entered promiscuous mode
[  323.178451][ T6947] macvtap1: entered allmulticast mode
[  323.184167][ T6947] syz_tun: entered allmulticast mode
[  323.236115][ T6949] fuse: Bad value for 'fd'
[  323.368622][ T6947] syz_tun: left allmulticast mode
[  323.375282][ T6947] syz_tun: left promiscuous mode
[  324.216471][ T5853] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  324.441018][ T5853] usb 3-1: Using ep0 maxpacket: 32
[  324.487463][ T5853] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  324.499150][ T5853] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  324.509468][ T5853] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  324.518943][ T5853] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.605330][ T5853] usb 3-1: config 0 descriptor??
[  325.092276][ T5853] ft260 0003:0403:6030.0006: unknown main item tag 0x7
[  325.291682][ T5853] ft260 0003:0403:6030.0006: chip code: 6424 8183
[  325.473011][ T6967] netlink: 24 bytes leftover after parsing attributes in process `syz.7.282'.
[  325.504702][ T5853] ft260 0003:0403:6030.0006: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.2-1/input0
[  325.704631][ T5853] ft260 0003:0403:6030.0006: failed to retrieve status: -32, no wakeup
[  325.734918][ T5853] ft260 0003:0403:6030.0006: failed to retrieve status: -5
[  325.953148][ T5853] ft260 0003:0403:6030.0006: failed to reset I2C controller: -71
[  326.046749][ T5853] usb 3-1: USB disconnect, device number 5
[  326.642260][ T5860] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  326.883870][ T5860] usb 8-1: Using ep0 maxpacket: 32
[  326.922236][ T5860] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  326.932547][ T5860] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  327.087799][ T5860] usb 8-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=4d.a7
[  327.099567][ T5860] usb 8-1: New USB device strings: Mfr=152, Product=158, SerialNumber=3
[  327.108504][ T5860] usb 8-1: Product: syz
[  327.112874][ T5860] usb 8-1: Manufacturer: syz
[  327.117832][ T5860] usb 8-1: SerialNumber: syz
[  327.187677][ T5860] usb 8-1: config 0 descriptor??
[  327.207935][ T5860] usb 8-1: no audio or video endpoints found
[  327.542063][ T5860] usb 8-1: USB disconnect, device number 4
[  327.671283][ T6982] netlink: 8 bytes leftover after parsing attributes in process `syz.6.286'.
[  328.348275][ T6988] fuse: Bad value for 'fd'
[  328.580229][   T52] Bluetooth: hci4: unexpected event for opcode 0x2007
[  329.279667][ T7001] netlink: 24 bytes leftover after parsing attributes in process `syz.2.294'.
[  329.654837][ T5860] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  329.891874][ T5860] usb 5-1: Using ep0 maxpacket: 32
[  329.951289][ T5860] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  329.962881][ T5860] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  329.973074][ T5860] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  329.982606][ T5860] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.004882][    T9] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[  330.121362][ T5860] usb 5-1: config 0 descriptor??
[  330.208792][    T9] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  330.219787][    T9] usb 8-1: config 0 interface 0 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  330.233261][    T9] usb 8-1: config 0 interface 0 has no altsetting 0
[  330.241481][    T9] usb 8-1: New USB device found, idVendor=28de, idProduct=1102, bcdDevice= 0.00
[  330.250894][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.422027][    T9] usb 8-1: config 0 descriptor??
[  330.454571][   T11] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  330.543220][    T9] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  330.644355][   T11] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  330.654874][   T11] usb 3-1: config 0 interface 0 has no altsetting 0
[  330.655169][ T5860] ft260 0003:0403:6030.0007: unknown main item tag 0x7
[  330.776114][   T11] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  330.785783][   T11] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  330.794788][   T11] usb 3-1: Product: syz
[  330.799322][   T11] usb 3-1: Manufacturer: syz
[  330.804463][   T11] usb 3-1: SerialNumber: syz
[  330.852427][ T5860] ft260 0003:0403:6030.0007: chip code: 6424 8183
[  330.942834][   T11] usb 3-1: config 0 descriptor??
[  330.964192][   T30] audit: type=1326 audit(1762980763.280:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.7.297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22539 code=0x7ffc0000
[  330.987153][   T30] audit: type=1326 audit(1762980763.280:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.7.297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22539 code=0x7ffc0000
[  331.002706][   T11] usb 3-1: selecting invalid altsetting 0
[  331.010430][   T30] audit: type=1326 audit(1762980763.290:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.7.297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f22539 code=0x7ffc0000
[  331.042756][   T30] audit: type=1326 audit(1762980763.290:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.7.297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22539 code=0x7ffc0000
[  331.065942][   T30] audit: type=1326 audit(1762980763.300:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.7.297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f22539 code=0x7ffc0000
[  331.130586][ T5860] ft260 0003:0403:6030.0007: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.4-1/input0
[  331.334310][ T5860] ft260 0003:0403:6030.0007: failed to retrieve status: -32, no wakeup
[  331.363136][ T5860] ft260 0003:0403:6030.0007: failed to retrieve status: -5
[  331.441721][ T5853] usb 8-1: USB disconnect, device number 5
[  331.480787][   T30] audit: type=1326 audit(1762980763.440:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.7.297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22539 code=0x7ffc0000
[  331.504381][   T30] audit: type=1326 audit(1762980763.450:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7007 comm="syz.7.297" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f22539 code=0x7ffc0000
[  331.559279][ T5860] ft260 0003:0403:6030.0007: failed to reset I2C controller: -71
[  331.695528][ T5860] usb 5-1: USB disconnect, device number 6
[  331.862294][ T7025] netlink: 8 bytes leftover after parsing attributes in process `syz.5.301'.
[  331.978905][ T7025] binder: BINDER_SET_CONTEXT_MGR already set
[  331.985697][ T7025] binder: 7023:7025 ioctl 4018620d 80004a80 returned -16
[  333.167161][ T7037] fuse: Bad value for 'fd'
[  333.659240][ T5860] usb 3-1: USB disconnect, device number 6
[  334.548462][ T7040] syz.5.305 (7040): drop_caches: 2
[  334.987973][ T7052] netlink: 48 bytes leftover after parsing attributes in process `syz.4.308'.
[  336.218337][ T7074] netlink: 8 bytes leftover after parsing attributes in process `syz.7.315'.
[  336.291441][ T7074] binder: BINDER_SET_CONTEXT_MGR already set
[  336.298281][ T7074] binder: 7073:7074 ioctl 4018620d 80004a80 returned -16
[  336.413965][ T5860] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  336.584167][ T5853] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  336.654526][ T5860] usb 7-1: Using ep0 maxpacket: 32
[  336.696981][ T5860] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  336.708891][ T5860] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  336.719360][ T5860] usb 7-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  336.728780][ T5860] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  336.780694][ T5853] usb 6-1: Using ep0 maxpacket: 16
[  336.814688][ T5860] usb 7-1: config 0 descriptor??
[  336.818780][ T5853] usb 6-1: config 0 has an invalid interface number: 132 but max is 0
[  336.828363][ T5853] usb 6-1: config 0 has no interface number 0
[  336.912567][ T5853] usb 6-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  336.922125][ T5853] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  336.931042][ T5853] usb 6-1: Product: syz
[  336.935572][ T5853] usb 6-1: Manufacturer: syz
[  336.940520][ T5853] usb 6-1: SerialNumber: syz
[  337.096162][ T5853] usb 6-1: config 0 descriptor??
[  337.140520][ T5853] hub 6-1:0.132: bad descriptor, ignoring hub
[  337.147239][ T5853] hub 6-1:0.132: probe with driver hub failed with error -5
[  337.257607][ T7083] fuse: Unknown parameter '0x0000000000000004'
[  337.303391][ T5853] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.132/input/input9
[  337.328024][ T5860] ft260 0003:0403:6030.0008: unknown main item tag 0x7
[  337.516537][ T5853] usb 6-1: USB disconnect, device number 3
[  337.536406][ T5860] ft260 0003:0403:6030.0008: chip code: 6424 8183
[  337.739981][ T5860] ft260 0003:0403:6030.0008: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.6-1/input0
[  337.954663][ T5860] ft260 0003:0403:6030.0008: failed to retrieve status: -32, no wakeup
[  338.017307][ T5860] ft260 0003:0403:6030.0008: failed to retrieve status: -5
[  338.191867][ T5860] ft260 0003:0403:6030.0008: failed to reset I2C controller: -71
[  338.308777][ T5860] usb 7-1: USB disconnect, device number 6
[  339.135468][ T7099] netlink: 48 bytes leftover after parsing attributes in process `syz.7.323'.
[  340.085668][ T7110] netlink: 8 bytes leftover after parsing attributes in process `syz.4.328'.
[  340.168243][ T7110] binder: BINDER_SET_CONTEXT_MGR already set
[  340.174631][ T7110] binder: 7109:7110 ioctl 4018620d 80004a80 returned -16
[  340.891916][ T7119] fuse: Unknown parameter '0x0000000000000004'
[  342.324212][ T5853] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  342.524291][ T5853] usb 5-1: Using ep0 maxpacket: 32
[  342.571523][ T5853] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  342.588359][ T5853] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  342.600475][ T5853] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  342.610077][ T5853] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.807051][ T5853] usb 5-1: config 0 descriptor??
[  343.345332][ T5853] ft260 0003:0403:6030.0009: unknown main item tag 0x7
[  343.494689][ T5853] ft260 0003:0403:6030.0009: chip code: 6424 8183
[  343.545170][ T7144] netlink: 48 bytes leftover after parsing attributes in process `syz.7.337'.
[  343.694240][ T5853] ft260 0003:0403:6030.0009: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.4-1/input0
[  343.926032][ T5853] ft260 0003:0403:6030.0009: failed to retrieve status: -32, no wakeup
[  343.951295][ T5853] ft260 0003:0403:6030.0009: failed to retrieve status: -5
[  344.174507][ T5853] ft260 0003:0403:6030.0009: failed to reset I2C controller: -71
[  344.255850][ T5853] usb 5-1: USB disconnect, device number 7
[  344.475567][ T5813] Bluetooth: hci5: command 0x0406 tx timeout
[  344.565176][ T7154] netlink: 8 bytes leftover after parsing attributes in process `syz.7.341'.
[  345.407818][ T7163] fuse: Unknown parameter '0x0000000000000004'
[  347.543101][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  347.550121][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  348.389001][ T7198] netlink: 8 bytes leftover after parsing attributes in process `syz.2.353'.
[  348.434361][ T7198] binder: BINDER_SET_CONTEXT_MGR already set
[  348.440618][ T7198] binder: 7196:7198 ioctl 4018620d 80004a80 returned -16
[  349.291728][ T7208] fuse: Unknown parameter '0x0000000000000004'
[  349.618671][ T5813] Bluetooth: hci6: command 0x0406 tx timeout
[  351.765431][   T11] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  351.773144][   T11] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  351.781994][   T11] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  351.790079][   T11] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  351.797920][   T11] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  351.812096][   T11] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  351.821707][   T11] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  351.829543][   T11] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  351.837525][   T11] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  351.845401][   T11] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  352.012014][ T7241] fuse: Unknown parameter '0x0000000000000004'
[  352.075227][   T11] hid-generic 0003:0004:0000.000A: hidraw0: USB HID v0.00 Device [syz0] on syz0
[  352.883475][ T7246] fido_id[7246]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  354.730761][ T5813] Bluetooth: hci7: command 0x0406 tx timeout
[  355.624532][   T11] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  355.766340][ T5813] Bluetooth: hci6: unexpected event for opcode 0x2024
[  355.828871][ T7285] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  355.837768][ T7285] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  355.864745][   T11] usb 6-1: Using ep0 maxpacket: 8
[  355.976931][   T11] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  355.989363][   T11] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  356.005560][   T11] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  356.017961][   T11] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  356.031701][   T11] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  356.041143][   T11] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  356.534535][   T11] usb 6-1: GET_CAPABILITIES returned 2f
[  356.540422][   T11] usbtmc 6-1:16.0: can't read capabilities
[  356.781422][ T5860] usb 6-1: USB disconnect, device number 4
[  359.558796][ T7332] warning: `syz.2.398' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  365.114262][ T7392] =======================================================
[  365.114262][ T7392] WARNING: The mand mount option has been deprecated and
[  365.114262][ T7392]          and is ignored by this kernel. Remove the mand
[  365.114262][ T7392]          option from the mount to silence this warning.
[  365.114262][ T7392] =======================================================
[  365.243752][ T7392] overlayfs: missing 'lowerdir'
[  367.474990][ T5860] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  367.676578][ T5860] usb 7-1: device descriptor read/64, error -71
[  367.944213][ T5860] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  368.094118][ T5860] usb 7-1: device descriptor read/64, error -71
[  368.220134][ T5860] usb usb7-port1: attempt power cycle
[  368.623952][ T5860] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  368.667947][ T5860] usb 7-1: device descriptor read/8, error -71
[  368.835602][ T7431] overlayfs: missing 'lowerdir'
[  368.947192][ T5860] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  369.009329][ T5860] usb 7-1: device descriptor read/8, error -71
[  369.138125][ T5860] usb usb7-port1: unable to enumerate USB device
[  372.380677][ T7472] overlay: Unknown parameter '/'
[  372.955029][ T7476] capability: warning: `syz.2.445' uses 32-bit capabilities (legacy support in use)
[  374.254798][ T5450] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  374.434616][ T5450] usb 7-1: device descriptor read/64, error -71
[  374.740217][ T5450] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[  374.914557][ T5450] usb 7-1: device descriptor read/64, error -71
[  375.029361][ T5450] usb usb7-port1: attempt power cycle
[  375.415612][ T5450] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  375.509811][ T5450] usb 7-1: device descriptor read/8, error -71
[  375.678619][ T7507] Illegal XDP return value 4294967282 on prog  (id 16) dev syz_tun, expect packet loss!
[  375.796312][ T5450] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[  375.869569][ T5450] usb 7-1: device descriptor read/8, error -71
[  375.981312][ T7512] overlay: Unknown parameter '/'
[  375.991346][ T5450] usb usb7-port1: unable to enumerate USB device
[  379.304246][ T5853] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[  379.434413][ T5450] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  379.559864][ T5853] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  379.570388][ T5853] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  379.580113][ T5853] usb 7-1: New USB device found, idVendor=1b96, idProduct=0009, bcdDevice= 0.00
[  379.589635][ T5853] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.647326][ T5450] usb 8-1: Using ep0 maxpacket: 8
[  379.676340][ T5853] usb 7-1: config 0 descriptor??
[  379.695865][ T5450] usb 8-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  379.705824][ T5450] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.714257][ T5450] usb 8-1: Product: syz
[  379.718635][ T5450] usb 8-1: Manufacturer: syz
[  379.723453][ T5450] usb 8-1: SerialNumber: syz
[  379.860817][ T5450] usb 8-1: config 0 descriptor??
[  379.905314][ T5853] usb 7-1: USB disconnect, device number 15
[  379.974289][ T5450] radio-usb-si4713 8-1:0.0: Si4713 development board discovered: (10C4:8244)
[  380.614452][ T5859] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  380.697529][ T5450] radio-usb-si4713 8-1:0.0: probe with driver radio-usb-si4713 failed with error -71
[  380.711911][ T5450] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  380.794862][ T5859] usb 5-1: device descriptor read/64, error -71
[  380.852931][ T5450] usb 8-1: USB disconnect, device number 6
[  381.044347][ T5859] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  381.224541][ T5859] usb 5-1: device descriptor read/64, error -71
[  381.352020][ T5859] usb usb5-port1: attempt power cycle
[  381.784789][ T5859] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  381.839799][ T5859] usb 5-1: device descriptor read/8, error -71
[  382.114360][ T5859] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  382.216297][ T5859] usb 5-1: device descriptor read/8, error -71
[  382.344329][ T5859] usb usb5-port1: unable to enumerate USB device
[  384.621650][ T5853] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  384.818268][ T5853] usb 8-1: Using ep0 maxpacket: 8
[  384.920146][ T5853] usb 8-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  384.930016][ T5853] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.938549][ T5853] usb 8-1: Product: syz
[  384.942892][ T5853] usb 8-1: Manufacturer: syz
[  384.947785][ T5853] usb 8-1: SerialNumber: syz
[  385.064842][ T5853] usb 8-1: config 0 descriptor??
[  385.134117][ T5853] radio-usb-si4713 8-1:0.0: Si4713 development board discovered: (10C4:8244)
[  385.873072][ T5853] radio-usb-si4713 8-1:0.0: probe with driver radio-usb-si4713 failed with error -71
[  385.884275][ T5853] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[  385.981958][ T5853] usb 8-1: USB disconnect, device number 7
[  388.055933][ T5853] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  388.239139][ T5853] usb 8-1: device descriptor read/64, error -71
[  388.534107][ T5853] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  388.692326][ T5853] usb 8-1: device descriptor read/64, error -71
[  388.924178][ T5853] usb usb8-port1: attempt power cycle
[  389.284045][ T5853] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  389.343362][ T5853] usb 8-1: device descriptor read/8, error -71
[  389.620186][ T5853] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  389.668564][ T5853] usb 8-1: device descriptor read/8, error -71
[  389.804181][ T5853] usb usb8-port1: unable to enumerate USB device
[  394.304192][    T9] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  394.454091][    T9] usb 5-1: device descriptor read/64, error -71
[  394.714849][    T9] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  394.894649][    T9] usb 5-1: device descriptor read/64, error -71
[  395.022771][    T9] usb usb5-port1: attempt power cycle
[  395.454198][    T9] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  395.532862][    T9] usb 5-1: device descriptor read/8, error -71
[  395.794027][    T9] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  396.127077][    T9] usb 5-1: device descriptor read/8, error -71
[  396.266673][    T9] usb usb5-port1: unable to enumerate USB device
[  396.950932][ T7735] hub 1-0:1.0: USB hub found
[  396.966072][ T7735] hub 1-0:1.0: 1 port detected
[  400.435045][ T7767] netlink: 16 bytes leftover after parsing attributes in process `syz.5.530'.
[  400.561454][ T7767] dns_resolver: Unsupported content type (152)
[  404.897322][ T7805] binder: BINDER_SET_CONTEXT_MGR already set
[  404.903899][ T7805] binder: 7804:7805 ioctl 4018620d 80000040 returned -16
[  405.883987][    T9] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  406.068369][    T9] usb 5-1: Using ep0 maxpacket: 32
[  406.166019][    T9] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  406.181259][    T9] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  406.240319][    T9] usb 5-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=4d.a7
[  406.250634][    T9] usb 5-1: New USB device strings: Mfr=152, Product=158, SerialNumber=3
[  406.259406][    T9] usb 5-1: Product: syz
[  406.263918][    T9] usb 5-1: Manufacturer: syz
[  406.268689][    T9] usb 5-1: SerialNumber: syz
[  406.344296][    T9] usb 5-1: config 0 descriptor??
[  406.570375][    T9] usb 5-1: USB disconnect, device number 16
[  408.997931][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  409.005078][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  409.644824][ T7837] binder: BINDER_SET_CONTEXT_MGR already set
[  409.651155][ T7837] binder: 7836:7837 ioctl 4018620d 80000040 returned -16
[  414.594882][ T5153] udevd[5153]: worker [6084] terminated by signal 33 (Unknown signal 33)
[  414.660944][ T5153] udevd[5153]: worker [6077] terminated by signal 33 (Unknown signal 33)
[  414.724656][ T5153] udevd[5153]: worker [6085] terminated by signal 33 (Unknown signal 33)
[  414.734756][ T5153] udevd[5153]: worker [6163] terminated by signal 33 (Unknown signal 33)
[  414.765411][ T5153] udevd[5153]: worker [6182] terminated by signal 33 (Unknown signal 33)
[  414.827128][ T5153] udevd[5153]: worker [6570] terminated by signal 33 (Unknown signal 33)
[  414.859999][ T5153] udevd[5153]: worker [6898] terminated by signal 33 (Unknown signal 33)
[  415.444626][ T5153] udevd[5153]: worker [7026] terminated by signal 33 (Unknown signal 33)
[  433.137751][ T5813] Bluetooth: hci5: unexpected event for opcode 0x0000
[  437.207062][ T5813] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  437.216215][ T5813] Bluetooth: hci5: Injecting HCI hardware error event
[  437.224000][   T52] Bluetooth: hci5: hardware error 0x00
[  438.786899][ T5813] Bluetooth: hci1: unexpected event for opcode 0x0024
[  439.286617][   T52] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  441.265678][ T5813] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  441.275308][ T5813] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  441.291358][ T5813] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  441.327212][ T5813] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  441.346008][ T5813] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  443.454021][   T52] Bluetooth: hci0: command tx timeout
[  445.523917][   T52] Bluetooth: hci0: command tx timeout
[  445.655384][ T8035] chnl_net:caif_netlink_parms(): no params data found
[  447.594671][   T52] Bluetooth: hci0: command tx timeout
[  448.298504][ T8035] bridge0: port 1(bridge_slave_0) entered blocking state
[  448.306645][ T8035] bridge0: port 1(bridge_slave_0) entered disabled state
[  448.315149][ T8035] bridge_slave_0: entered allmulticast mode
[  448.324904][ T8035] bridge_slave_0: entered promiscuous mode
[  448.526577][ T8035] bridge0: port 2(bridge_slave_1) entered blocking state
[  448.534455][ T8035] bridge0: port 2(bridge_slave_1) entered disabled state
[  448.542563][ T8035] bridge_slave_1: entered allmulticast mode
[  448.552698][ T8035] bridge_slave_1: entered promiscuous mode
[  449.673925][   T52] Bluetooth: hci0: command tx timeout
[  450.712399][ T8035] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  450.956523][ T8035] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  451.446389][ T8035] team0: Port device team_slave_0 added
[  451.554756][ T8035] team0: Port device team_slave_1 added
[  451.920952][ T8035] batman_adv: batadv0: Adding interface: batadv_slave_0
[  451.928597][ T8035] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  451.960202][ T8035] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  452.718125][ T8035] batman_adv: batadv0: Adding interface: batadv_slave_1
[  452.725573][ T8035] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  452.752273][ T8035] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  452.943061][   T52] Bluetooth: hci4: unexpected event for opcode 0x0024
[  454.716646][ T8035] hsr_slave_0: entered promiscuous mode
[  454.728094][ T8035] hsr_slave_1: entered promiscuous mode
[  458.246574][ T8035] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  458.813436][ T8035] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  458.945486][ T8035] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  459.031465][ T8035] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  460.057592][   T12] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  460.220379][   T12] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  460.396589][   T12] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  460.562394][   T12] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  461.133012][ T8035] 8021q: adding VLAN 0 to HW filter on device bond0
[  461.284526][   T12] bridge_slave_1: left allmulticast mode
[  461.290524][   T12] bridge_slave_1: left promiscuous mode
[  461.298110][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  461.407319][   T12] bridge_slave_0: left allmulticast mode
[  461.413193][   T12] bridge_slave_0: left promiscuous mode
[  461.420219][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  462.171988][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  462.215968][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  462.251841][   T12] bond0 (unregistering): Released all slaves
[  462.538777][ T8035] 8021q: adding VLAN 0 to HW filter on device team0
[  462.655750][ T4126] bridge0: port 1(bridge_slave_0) entered blocking state
[  462.663313][ T4126] bridge0: port 1(bridge_slave_0) entered forwarding state
[  462.950126][ T4126] bridge0: port 2(bridge_slave_1) entered blocking state
[  462.957760][ T4126] bridge0: port 2(bridge_slave_1) entered forwarding state
[  463.347060][   T12] hsr_slave_0: left promiscuous mode
[  463.376690][   T12] hsr_slave_1: left promiscuous mode
[  463.386214][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  463.394099][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  463.456086][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  463.463916][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  463.559306][   T12] veth1_macvtap: left promiscuous mode
[  463.567168][   T12] veth0_macvtap: left promiscuous mode
[  463.573088][   T12] veth1_vlan: left promiscuous mode
[  463.578866][   T12] veth0_vlan: left promiscuous mode
[  465.256474][   T12] team0 (unregistering): Port device team_slave_1 removed
[  465.368776][   T12] team0 (unregistering): Port device team_slave_0 removed
[  469.992469][ T8035] 8021q: adding VLAN 0 to HW filter on device batadv0
[  470.424621][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  470.431583][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  472.856396][ T8035] veth0_vlan: entered promiscuous mode
[  472.955352][ T8035] veth1_vlan: entered promiscuous mode
[  473.364220][ T8035] veth0_macvtap: entered promiscuous mode
[  473.521727][ T8035] veth1_macvtap: entered promiscuous mode
[  474.000299][ T8035] batman_adv: batadv0: Interface activated: batadv_slave_0
[  474.335497][ T8035] batman_adv: batadv0: Interface activated: batadv_slave_1
[  474.632587][ T4183] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  474.839115][ T4183] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  475.824363][ T4183] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  475.833839][ T4183] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  484.880045][ T4079] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  484.888547][ T4079] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  485.118371][ T1094] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  485.131233][ T1094] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  494.233946][ T5860] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  494.459361][ T5860] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  494.469193][ T5860] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  494.480009][ T5860] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[  494.489497][ T5860] usb 9-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  494.502394][ T5860] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  494.513652][ T5860] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  494.587070][ T5860] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  494.598002][ T5860] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  494.607112][ T5860] usb 9-1: Product: syz
[  494.611500][ T5860] usb 9-1: Manufacturer: syz
[  494.709773][ T8386] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  494.729919][ T5860] cdc_wdm 9-1:1.0: skipping garbage
[  494.735703][ T5860] cdc_wdm 9-1:1.0: skipping garbage
[  494.796116][ T5860] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  494.802454][ T5860] cdc_wdm 9-1:1.0: Unknown control protocol
[  494.965513][ T5860] usb 9-1: USB disconnect, device number 2
[  498.925928][ T8425] usb usb1: usbfs: interface 0 claimed by hub while 'syz.8.729' sets config #0
[  500.493806][ T8443] netlink: 8 bytes leftover after parsing attributes in process `syz.4.734'.
[  512.237077][ T8531] netlink: 'syz.8.762': attribute type 2 has an invalid length.
[  512.245140][ T8531] netlink: 'syz.8.762': attribute type 9 has an invalid length.
[  512.252946][ T8531] netlink: 209852 bytes leftover after parsing attributes in process `syz.8.762'.
[  524.575642][ T8663] vcan0: tx drop: invalid sa for name 0x0000000000000002
[  531.856677][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  531.863614][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  531.983916][ T5860] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  532.174308][ T5860] usb 9-1: Using ep0 maxpacket: 16
[  532.200872][ T5860] usb 9-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  532.212375][ T5860] usb 9-1: config 0 interface 0 has no altsetting 0
[  532.219538][ T5860] usb 9-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  532.231605][ T5860] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  532.347406][ T5860] usb 9-1: config 0 descriptor??
[  532.881029][ T5860] nzxt-smart2 0003:1E71:2009.000B: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.8-1/input0
[  533.374025][ T5860] usb 9-1: USB disconnect, device number 3
[  533.706677][ T8747] fido_id[8747]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.8/usb9/report_descriptor': No such file or directory
[  538.441016][ T5860] kernel write not supported for file /newroot/25/file0 (pid: 5860 comm: kworker/1:6)
[  538.740506][ T8796] netlink: 76 bytes leftover after parsing attributes in process `syz.5.843'.
[  539.418803][ T8805] netlink: 4 bytes leftover after parsing attributes in process `syz.4.847'.
[  541.700335][ T5813] Bluetooth: hci6: Ignoring HCI_Connection_Complete for existing connection
[  542.389423][ T5860] kernel write not supported for file /newroot/28/file0 (pid: 5860 comm: kworker/1:6)
[  542.509700][ T8830] netlink: 76 bytes leftover after parsing attributes in process `syz.2.856'.
[  543.765893][ T8836] netlink: 4 bytes leftover after parsing attributes in process `syz.8.859'.
[  545.537469][ T8859] netlink: 76 bytes leftover after parsing attributes in process `syz.5.868'.
[  545.812118][ T5853] kernel write not supported for file /newroot/149/file0 (pid: 5853 comm: kworker/0:3)
[  546.412051][ T8875] netlink: 4 bytes leftover after parsing attributes in process `syz.8.873'.
[  547.637195][ T8894] 8021q: adding VLAN 0 to HW filter on device batadv1
[  547.649136][ T8894] team0: Port device batadv1 added
[  549.114767][ T8904] netlink: 76 bytes leftover after parsing attributes in process `syz.6.882'.
[  549.594360][ T5813] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  549.742679][ T5860] kernel write not supported for file /newroot/152/file0 (pid: 5860 comm: kworker/1:6)
[  550.384975][ T8915] netlink: 4 bytes leftover after parsing attributes in process `syz.5.887'.
[  553.228784][ T5859] kernel write not supported for file /newroot/184/file0 (pid: 5859 comm: kworker/1:5)
[  553.840449][ T5813] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  554.026377][ T8951] netlink: 4 bytes leftover after parsing attributes in process `syz.6.901'.
[  554.758557][ T5813] Bluetooth: hci6: Malformed LE Event: 0x0d
[  556.475032][    C1] hrtimer: interrupt took 430612 ns
[  557.756977][ T5860] kernel write not supported for file /newroot/41/file0 (pid: 5860 comm: kworker/1:6)
[  558.435932][ T5813] Bluetooth: hci6: Ignoring HCI_Connection_Complete for existing connection
[  559.077203][ T5813] Bluetooth: hci1: Malformed LE Event: 0x0d
[  559.777860][ T9008] netlink: 8 bytes leftover after parsing attributes in process `syz.4.921'.
[  559.798318][ T9008] team0: entered promiscuous mode
[  559.803628][ T9008] team_slave_0: entered promiscuous mode
[  559.810164][ T9008] team_slave_1: entered promiscuous mode
[  559.820830][ T9008] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  559.835819][ T9008] team0: left promiscuous mode
[  559.840717][ T9008] team_slave_0: left promiscuous mode
[  559.847355][ T9008] team_slave_1: left promiscuous mode
[  561.426317][ T5853] kernel write not supported for file /newroot/226/file0 (pid: 5853 comm: kworker/0:3)
[  562.482195][ T5813] Bluetooth: hci6: Ignoring HCI_Connection_Complete for existing connection
[  562.944001][ T5853] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  563.166839][ T5853] usb 9-1: config 0 has an invalid interface number: 168 but max is 0
[  563.178408][ T5853] usb 9-1: config 0 has no interface number 0
[  563.184961][ T5853] usb 9-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06
[  563.194549][ T5853] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  563.297781][ T5853] usb 9-1: config 0 descriptor??
[  563.545015][   T52] Bluetooth: hci0: Malformed LE Event: 0x0d
[  563.561303][ T5853] usb 9-1: string descriptor 0 read error: -71
[  563.579715][ T5853] usb-storage 9-1:0.168: USB Mass Storage device detected
[  563.696450][ T5853] usb-storage 9-1:0.168: Quirks match for vid 05ab pid 0060: 2
[  563.815425][ T5853] usb 9-1: USB disconnect, device number 4
[  564.632967][ T5860] kernel write not supported for file /newroot/230/file0 (pid: 5860 comm: kworker/1:6)
[  564.644617][   T52] Bluetooth: hci0: command 0x0406 tx timeout
[  566.030241][ T5813] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  567.363205][ T5860] kernel write not supported for file /newroot/233/file0 (pid: 5860 comm: kworker/1:6)
[  569.436499][ T9125] fuse: Bad value for 'group_id'
[  569.441891][ T9125] fuse: Bad value for 'group_id'
[  569.494666][ T5860] kernel write not supported for file /newroot/53/file0 (pid: 5860 comm: kworker/1:6)
[  571.696258][ T9139] netlink: 'syz.6.975': attribute type 12 has an invalid length.
[  571.705567][ T9139] netlink: 'syz.6.975': attribute type 29 has an invalid length.
[  571.714051][ T9139] netlink: 148 bytes leftover after parsing attributes in process `syz.6.975'.
[  573.242708][   T52] Bluetooth: hci0: Ignoring HCI_Connection_Complete for existing connection
[  573.896490][ T9155] fuse: Bad value for 'fd'
[  573.968171][ T5853] kernel write not supported for file /newroot/193/file0 (pid: 5853 comm: kworker/0:3)
[  575.063840][ T5860] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  575.279711][ T5860] usb 9-1: Using ep0 maxpacket: 32
[  575.304139][ T5860] usb 9-1: config 0 has an invalid interface number: 85 but max is 0
[  575.312691][ T5860] usb 9-1: config 0 has no interface number 0
[  575.319224][ T5860] usb 9-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  575.330726][ T5860] usb 9-1: config 0 interface 85 has no altsetting 0
[  575.390741][ T5860] usb 9-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  575.400364][ T5860] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  575.408761][ T5860] usb 9-1: Product: syz
[  575.413100][ T5860] usb 9-1: Manufacturer: syz
[  575.418004][ T5860] usb 9-1: SerialNumber: syz
[  575.432118][ T5860] usb 9-1: config 0 descriptor??
[  575.673844][ T5860] appletouch 9-1:0.85: Failed to read mode from device.
[  575.681915][ T5860] appletouch 9-1:0.85: probe with driver appletouch failed with error -5
[  576.123841][ T5860] usb 9-1: USB disconnect, device number 5
[  578.766762][ T9209] netlink: 'syz.8.1005': attribute type 12 has an invalid length.
[  578.775152][ T9209] netlink: 'syz.8.1005': attribute type 29 has an invalid length.
[  578.783268][ T9209] netlink: 148 bytes leftover after parsing attributes in process `syz.8.1005'.
[  579.403188][ T9214] Bluetooth: MGMT ver 1.23
[  579.408180][ T9214] Bluetooth: hci0: invalid length 0, exp 2 for type 22
[  580.908920][ T9231] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1016'.
[  580.935414][ T9231] erspan0: entered promiscuous mode
[  580.950201][ T9231] erspan0: left promiscuous mode
[  581.431441][ T9236] netlink: 'syz.2.1018': attribute type 12 has an invalid length.
[  581.439862][ T9236] netlink: 'syz.2.1018': attribute type 29 has an invalid length.
[  581.448505][ T9236] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1018'.
[  583.014686][   T52] Bluetooth: hci6: unexpected event for opcode 0x0809
[  583.028120][   T52] Bluetooth: hci6: unexpected event for opcode 0x0419
[  584.075030][   T52] Bluetooth: hci1: command 0x0406 tx timeout
[  584.235845][ T9265] netlink: 'syz.5.1032': attribute type 12 has an invalid length.
[  584.244343][ T9265] netlink: 'syz.5.1032': attribute type 29 has an invalid length.
[  584.255532][ T9265] netlink: 148 bytes leftover after parsing attributes in process `syz.5.1032'.
[  587.033825][   T52] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[  587.042412][   T52] Bluetooth: hci6: Injecting HCI hardware error event
[  587.051295][ T5813] Bluetooth: hci6: hardware error 0x00
[  587.994616][   T52] Bluetooth: hci0: command 0x0406 tx timeout
[  588.593174][ T9296] netlink: 'syz.8.1046': attribute type 12 has an invalid length.
[  588.601646][ T9296] netlink: 'syz.8.1046': attribute type 29 has an invalid length.
[  588.609835][ T9296] netlink: 148 bytes leftover after parsing attributes in process `syz.8.1046'.
[  589.114157][ T5813] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[  591.048733][ T9326] netlink: 'syz.4.1061': attribute type 12 has an invalid length.
[  591.057355][ T9326] netlink: 'syz.4.1061': attribute type 29 has an invalid length.
[  591.065550][ T9326] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1061'.
[  593.314810][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  593.321432][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  594.051172][ T9350] netlink: 'syz.8.1072': attribute type 10 has an invalid length.
[  594.161599][ T9350] team0: Port device dummy0 added
[  594.561175][ T9354] netlink: 'syz.6.1074': attribute type 12 has an invalid length.
[  594.569659][ T9354] netlink: 'syz.6.1074': attribute type 29 has an invalid length.
[  594.577931][ T9354] netlink: 148 bytes leftover after parsing attributes in process `syz.6.1074'.
[  594.956635][ T5813] Bluetooth: hci4: command 0x0406 tx timeout
[  595.140021][ T9360] overlayfs: failed to clone upperpath
[  595.884646][   T30] audit: type=1326 audit(1762981028.200:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9370 comm="syz.8.1083" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3539 code=0x7ffc0000
[  595.907619][   T30] audit: type=1326 audit(1762981028.200:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9370 comm="syz.8.1083" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3539 code=0x7ffc0000
[  595.932759][   T30] audit: type=1326 audit(1762981028.200:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9370 comm="syz.8.1083" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3539 code=0x7ffc0000
[  595.956134][   T30] audit: type=1326 audit(1762981028.210:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9370 comm="syz.8.1083" exe="/root/syz-executor" sig=0 arch=40000003 syscall=168 compat=1 ip=0xf7fb3539 code=0x7ffc0000
[  595.978567][   T30] audit: type=1326 audit(1762981028.210:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9370 comm="syz.8.1083" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3539 code=0x7ffc0000
[  596.001129][   T30] audit: type=1326 audit(1762981028.210:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9370 comm="syz.8.1083" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3539 code=0x7ffc0000
[  596.026085][   T30] audit: type=1326 audit(1762981028.210:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9370 comm="syz.8.1083" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3539 code=0x7ffc0000
[  596.049766][   T30] audit: type=1326 audit(1762981028.210:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9370 comm="syz.8.1083" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3539 code=0x7ffc0000
[  596.072588][   T30] audit: type=1326 audit(1762981028.210:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9370 comm="syz.8.1083" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fb3539 code=0x7ffc0000
[  596.095578][   T30] audit: type=1326 audit(1762981028.210:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9370 comm="syz.8.1083" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3539 code=0x7ffc0000
[  607.791594][ T5813] Bluetooth: hci0: unexpected event for opcode 0x0809
[  607.807453][ T5813] Bluetooth: hci0: unexpected event for opcode 0x0419
[  610.417650][ T9518] IPv6: NLM_F_CREATE should be specified when creating new route
[  610.426183][ T9518] IPv6: NLM_F_REPLACE set, but no existing node found!
[  611.275963][ T5813] Bluetooth: hci0: unexpected event for opcode 0x0809
[  611.286265][ T5813] Bluetooth: hci0: unexpected event for opcode 0x0419
[  615.353877][ T5813] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  615.362575][ T5813] Bluetooth: hci0: Injecting HCI hardware error event
[  615.370356][ T5813] Bluetooth: hci0: hardware error 0x00
[  617.158183][ T5854] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  617.360725][ T5854] usb 9-1: Using ep0 maxpacket: 8
[  617.454101][ T5813] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  617.459118][ T5854] usb 9-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  617.470759][ T5854] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  617.480184][ T5854] usb 9-1: Product: syz
[  617.484649][ T5854] usb 9-1: Manufacturer: syz
[  617.489508][ T5854] usb 9-1: SerialNumber: syz
[  617.573201][ T5854] usb 9-1: config 0 descriptor??
[  620.025335][ T5860] usb 9-1: USB disconnect, device number 6
[  622.393941][ T5854] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  622.623846][ T5854] usb 9-1: Using ep0 maxpacket: 8
[  622.671032][ T5854] usb 9-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  622.680613][ T5854] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  622.689040][ T5854] usb 9-1: Product: syz
[  622.693377][ T5854] usb 9-1: Manufacturer: syz
[  622.698366][ T5854] usb 9-1: SerialNumber: syz
[  622.725177][ T5854] usb 9-1: config 0 descriptor??
[  625.285058][ T5854] usb 9-1: USB disconnect, device number 7
[  626.478240][ T9743] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1229'.
[  629.991784][ T5860] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  630.183952][ T5860] usb 9-1: Using ep0 maxpacket: 32
[  630.208875][ T5860] usb 9-1: config 0 has an invalid interface number: 85 but max is 0
[  630.217776][ T5860] usb 9-1: config 0 has no interface number 0
[  630.226930][ T5860] usb 9-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  630.239086][ T5860] usb 9-1: config 0 interface 85 has no altsetting 0
[  630.298111][ T5860] usb 9-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  630.310646][ T5860] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  630.319620][ T5860] usb 9-1: Product: syz
[  630.324131][ T5860] usb 9-1: Manufacturer: syz
[  630.331479][ T5860] usb 9-1: SerialNumber: syz
[  630.344714][ T5860] usb 9-1: config 0 descriptor??
[  631.118252][ T5860] appletouch 9-1:0.85: Geyser mode initialized.
[  631.130392][ T5860] input: appletouch as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.85/input/input11
[  631.365719][ T5860] usb 9-1: USB disconnect, device number 8
[  631.439832][ T5860] appletouch 9-1:0.85: input: appletouch disconnected
[  634.864113][ T5860] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  635.046523][ T5860] usb 9-1: Using ep0 maxpacket: 32
[  635.077646][ T5860] usb 9-1: config 0 has an invalid interface number: 85 but max is 0
[  635.086368][ T5860] usb 9-1: config 0 has no interface number 0
[  635.092657][ T5860] usb 9-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  635.104431][ T5860] usb 9-1: config 0 interface 85 has no altsetting 0
[  635.171523][ T5860] usb 9-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  635.181184][ T5860] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  635.189837][ T5860] usb 9-1: Product: syz
[  635.194314][ T5860] usb 9-1: Manufacturer: syz
[  635.199085][ T5860] usb 9-1: SerialNumber: syz
[  635.229441][ T5860] usb 9-1: config 0 descriptor??
[  635.742641][ T9848] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1276'.
[  635.801150][ T9848] dns_resolver: Unsupported content type (152)
[  635.889565][ T5860] appletouch 9-1:0.85: Geyser mode initialized.
[  635.900290][ T5860] input: appletouch as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.85/input/input12
[  636.111390][ T5860] usb 9-1: USB disconnect, device number 9
[  636.177000][ T5860] appletouch 9-1:0.85: input: appletouch disconnected
[  637.795460][   T30] kauditd_printk_skb: 28 callbacks suppressed
[  637.795542][   T30] audit: type=1326 audit(1762981070.120:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9862 comm="syz.8.1284" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3539 code=0x7ffc0000
[  637.818893][ T9863] mmap: syz.8.1284 (9863) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  637.827688][   T30] audit: type=1326 audit(1762981070.140:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9862 comm="syz.8.1284" exe="/root/syz-executor" sig=0 arch=40000003 syscall=257 compat=1 ip=0xf7fb3539 code=0x7ffc0000
[  637.972264][   T30] audit: type=1326 audit(1762981070.280:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9862 comm="syz.8.1284" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3539 code=0x7ffc0000
[  637.995408][   T30] audit: type=1326 audit(1762981070.280:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9862 comm="syz.8.1284" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb3539 code=0x7ffc0000
[  647.695221][ T9946] netlink: 'syz.4.1321': attribute type 10 has an invalid length.
[  647.720609][ T9946] team0: Port device dummy0 added
[  648.828366][ T9954] fuse: Bad value for 'fd'
[  648.868989][ T5854] kernel write not supported for file /newroot/286/file0 (pid: 5854 comm: kworker/0:4)
[  651.351059][ T9978] netlink: 'syz.4.1334': attribute type 10 has an invalid length.
[  651.815274][ T9982] fuse: Bad value for 'fd'
[  651.931352][ T5860] kernel write not supported for file /newroot/277/file0 (pid: 5860 comm: kworker/1:6)
[  654.232191][ T5813] Bluetooth: hci1: unexpected event for opcode 0x0809
[  654.673881][T10017] netlink: 'syz.5.1348': attribute type 10 has an invalid length.
[  654.710647][T10017] team0: Port device dummy0 added
[  654.749492][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  654.756472][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  654.970159][T10020] fuse: Bad value for 'fd'
[  655.057540][ T5860] kernel write not supported for file /newroot/280/file0 (pid: 5860 comm: kworker/1:6)
[  656.323346][T10038] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1357'.
[  657.928336][ T9585] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  657.941476][ T9585] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  657.943705][T10051] fuse: Bad value for 'fd'
[  657.987224][ T9585] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  658.013813][ T9585] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  658.026740][ T9585] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  658.096937][ T5854] kernel write not supported for file /newroot/283/file0 (pid: 5854 comm: kworker/0:4)
[  658.377880][T10056] netlink: 'syz.5.1364': attribute type 10 has an invalid length.
[  659.680431][T10050] chnl_net:caif_netlink_parms(): no params data found
[  660.236373][ T9585] Bluetooth: hci2: command tx timeout
[  661.184666][T10050] bridge0: port 1(bridge_slave_0) entered blocking state
[  661.192517][T10050] bridge0: port 1(bridge_slave_0) entered disabled state
[  661.200821][T10050] bridge_slave_0: entered allmulticast mode
[  661.209350][T10050] bridge_slave_0: entered promiscuous mode
[  661.223753][T10050] bridge0: port 2(bridge_slave_1) entered blocking state
[  661.231335][T10050] bridge0: port 2(bridge_slave_1) entered disabled state
[  661.239393][T10050] bridge_slave_1: entered allmulticast mode
[  661.247729][T10050] bridge_slave_1: entered promiscuous mode
[  661.433984][ T9585] Bluetooth: hci4: command 0x0406 tx timeout
[  661.540895][T10050] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  661.642259][T10050] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  661.989218][T10050] team0: Port device team_slave_0 added
[  662.069702][T10050] team0: Port device team_slave_1 added
[  662.314474][ T5813] Bluetooth: hci2: command tx timeout
[  662.341327][T10100] netlink: 'syz.4.1379': attribute type 10 has an invalid length.
[  662.558622][T10050] batman_adv: batadv0: Adding interface: batadv_slave_0
[  662.566034][T10050] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  662.596859][T10050] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  662.834093][T10050] batman_adv: batadv0: Adding interface: batadv_slave_1
[  662.841225][T10050] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  662.867911][T10050] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  663.179591][T10050] hsr_slave_0: entered promiscuous mode
[  663.190755][T10050] hsr_slave_1: entered promiscuous mode
[  663.200912][T10050] debugfs: 'hsr0' already exists in 'hsr'
[  663.206977][T10050] Cannot create hsr debugfs directory
[  664.404022][ T5813] Bluetooth: hci2: command tx timeout
[  665.306498][T10134] netlink: 'syz.6.1392': attribute type 10 has an invalid length.
[  665.471536][T10134] team0: Port device dummy0 added
[  665.492222][T10050] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  665.595883][T10050] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  665.691594][T10050] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  665.827935][T10050] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  666.479819][ T5813] Bluetooth: hci2: command tx timeout
[  667.071359][ T1111] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  667.291462][ T1111] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  667.509186][ T1111] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  667.651919][ T1111] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  667.744320][T10050] 8021q: adding VLAN 0 to HW filter on device bond0
[  667.892525][T10050] 8021q: adding VLAN 0 to HW filter on device team0
[  667.963022][ T4126] bridge0: port 1(bridge_slave_0) entered blocking state
[  667.970729][ T4126] bridge0: port 1(bridge_slave_0) entered forwarding state
[  668.091732][ T1111] bridge_slave_1: left allmulticast mode
[  668.098308][ T1111] bridge_slave_1: left promiscuous mode
[  668.105147][ T1111] bridge0: port 2(bridge_slave_1) entered disabled state
[  668.145146][ T1111] bridge_slave_0: left allmulticast mode
[  668.151139][ T1111] bridge_slave_0: left promiscuous mode
[  668.158112][ T1111] bridge0: port 1(bridge_slave_0) entered disabled state
[  668.846084][ T1111] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  668.857849][T10169] netlink: 'syz.5.1405': attribute type 10 has an invalid length.
[  668.914824][ T1111] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  668.940077][ T1111] bond0 (unregistering): Released all slaves
[  669.097047][ T4126] bridge0: port 2(bridge_slave_1) entered blocking state
[  669.104699][ T4126] bridge0: port 2(bridge_slave_1) entered forwarding state
[  669.904329][ T1111] hsr_slave_0: left promiscuous mode
[  669.935599][ T1111] hsr_slave_1: left promiscuous mode
[  669.944002][ T1111] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  669.951683][ T1111] batman_adv: batadv0: Removing interface: batadv_slave_0
[  670.006504][ T1111] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  670.014318][ T1111] batman_adv: batadv0: Removing interface: batadv_slave_1
[  670.064064][ T1111] veth1_macvtap: left promiscuous mode
[  670.069959][ T1111] veth0_macvtap: left promiscuous mode
[  670.080199][ T1111] veth1_vlan: left promiscuous mode
[  670.086076][ T1111] veth0_vlan: left promiscuous mode
[  671.024255][ T1111] team0 (unregistering): Port device team_slave_1 removed
[  671.125676][ T1111] team0 (unregistering): Port device team_slave_0 removed
[  671.342060][ T1111] team0 (unregistering): Port device dummy0 removed
[  673.551771][T10050] 8021q: adding VLAN 0 to HW filter on device batadv0
[  673.756264][T10231] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1421'.
[  673.782656][T10231] bond0: entered promiscuous mode
[  673.788108][T10231] bond_slave_0: entered promiscuous mode
[  673.795233][T10231] bond_slave_1: entered promiscuous mode
[  673.809196][T10231] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  673.822461][T10231] bond0: left promiscuous mode
[  673.827697][T10231] bond_slave_0: left promiscuous mode
[  673.834731][T10231] bond_slave_1: left promiscuous mode
[  675.211805][   T30] audit: type=1326 audit(1762981620.505:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10254 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  675.234490][   T30] audit: type=1326 audit(1762981620.515:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10254 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  675.257278][   T30] audit: type=1326 audit(1762981620.515:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10254 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  675.279986][   T30] audit: type=1326 audit(1762981620.515:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10254 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  675.306859][   T30] audit: type=1326 audit(1762981620.515:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10254 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  675.329537][   T30] audit: type=1326 audit(1762981620.515:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10254 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  675.352315][   T30] audit: type=1326 audit(1762981620.515:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10254 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  675.374728][   T30] audit: type=1326 audit(1762981620.675:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10254 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  675.399968][   T30] audit: type=1326 audit(1762981620.675:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10254 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  675.424045][   T30] audit: type=1326 audit(1762981620.725:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10254 comm="syz.4.1429" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  676.371698][T10050] veth0_vlan: entered promiscuous mode
[  676.541897][T10050] veth1_vlan: entered promiscuous mode
[  677.097458][T10050] veth0_macvtap: entered promiscuous mode
[  677.183306][T10050] veth1_macvtap: entered promiscuous mode
[  677.371437][T10050] batman_adv: batadv0: Interface activated: batadv_slave_0
[  677.452461][T10050] batman_adv: batadv0: Interface activated: batadv_slave_1
[  677.520853][   T35] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  677.550521][   T35] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  677.586480][   T35] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  677.625730][   T35] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  677.652592][T10282] lo: entered allmulticast mode
[  678.278381][T10289] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1437'.
[  678.307151][T10289] bond0: entered promiscuous mode
[  678.312496][T10289] bond_slave_0: entered promiscuous mode
[  678.319716][T10289] bond_slave_1: entered promiscuous mode
[  678.333159][T10289] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  678.346286][T10289] bond0: left promiscuous mode
[  678.351283][T10289] bond_slave_0: left promiscuous mode
[  678.365423][T10289] bond_slave_1: left promiscuous mode
[  678.395255][ T5813] Bluetooth: hci4: unexpected event for opcode 0x2039
[  680.834155][T10335] overlayfs: failed to clone upperpath
[  684.165911][ T1121] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  684.174127][ T1121] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  684.443844][ T1111] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  684.451933][ T1111] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  685.803738][   T24] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  685.974766][   T24] usb 10-1: Using ep0 maxpacket: 32
[  686.015058][   T24] usb 10-1: config 0 has an invalid interface number: 85 but max is 0
[  686.024432][   T24] usb 10-1: config 0 has no interface number 0
[  686.031002][   T24] usb 10-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  686.043178][   T24] usb 10-1: config 0 interface 85 has no altsetting 0
[  686.165934][   T24] usb 10-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  686.176111][   T24] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  686.184618][   T24] usb 10-1: Product: syz
[  686.189050][   T24] usb 10-1: Manufacturer: syz
[  686.194126][   T24] usb 10-1: SerialNumber: syz
[  686.242410][   T24] usb 10-1: config 0 descriptor??
[  686.888227][   T24] appletouch 10-1:0.85: Geyser mode initialized.
[  686.899615][   T24] input: appletouch as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.85/input/input13
[  687.100181][   T24] usb 10-1: USB disconnect, device number 2
[  687.223326][   T24] appletouch 10-1:0.85: input: appletouch disconnected
[  688.564457][ T5813] Bluetooth: hci4: unexpected event for opcode 0x2039
[  688.980716][T10466] binder: 10463:10466 ioctl c0306201 0 returned -14
[  689.787582][T10475] netlink: 112 bytes leftover after parsing attributes in process `syz.5.1489'.
[  689.890778][T10478] xt_limit: Overflow, try lower: 271964/0
[  690.254330][ T5853] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  690.414039][ T5853] usb 10-1: Using ep0 maxpacket: 32
[  690.433184][ T5853] usb 10-1: config 0 has an invalid interface number: 85 but max is 0
[  690.445363][ T5853] usb 10-1: config 0 has no interface number 0
[  690.451774][ T5853] usb 10-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  690.466117][ T5853] usb 10-1: config 0 interface 85 has no altsetting 0
[  690.488770][T10475] syz.5.1489 (10475) used greatest stack depth: 2344 bytes left
[  690.602593][ T5853] usb 10-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  690.612283][ T5853] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  690.623583][ T5853] usb 10-1: Product: syz
[  690.628033][ T5853] usb 10-1: Manufacturer: syz
[  690.632921][ T5853] usb 10-1: SerialNumber: syz
[  690.671826][ T5853] usb 10-1: config 0 descriptor??
[  691.324977][ T5853] appletouch 10-1:0.85: Geyser mode initialized.
[  691.335780][ T5853] input: appletouch as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.85/input/input14
[  691.441421][T10497] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1494'.
[  691.468285][T10497] bond0: entered promiscuous mode
[  691.473847][T10497] bond_slave_0: entered promiscuous mode
[  691.480757][T10497] bond_slave_1: entered promiscuous mode
[  691.494658][T10497] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  691.507257][T10497] bond0: left promiscuous mode
[  691.512250][T10497] bond_slave_0: left promiscuous mode
[  691.520224][T10497] bond_slave_1: left promiscuous mode
[  691.552585][    C0] appletouch 10-1:0.85: atp_complete: usb_submit_urb failed with result -19
[  691.561916][ T5853] usb 10-1: USB disconnect, device number 3
[  691.715729][ T5853] appletouch 10-1:0.85: input: appletouch disconnected
[  695.997030][ T5813] Bluetooth: hci2: Invalid handle: 0x6300 > 0x0eff
[  703.329266][   T30] kauditd_printk_skb: 66 callbacks suppressed
[  703.329351][   T30] audit: type=1326 audit(1762981648.645:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.5.1555" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  703.359762][   T30] audit: type=1326 audit(1762981648.645:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.5.1555" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  703.384947][   T30] audit: type=1326 audit(1762981648.655:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.5.1555" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  703.407704][   T30] audit: type=1326 audit(1762981648.655:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.5.1555" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  703.430529][   T30] audit: type=1326 audit(1762981648.655:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.5.1555" exe="/root/syz-executor" sig=0 arch=40000003 syscall=168 compat=1 ip=0xf706d539 code=0x7ffc0000
[  703.454605][   T30] audit: type=1326 audit(1762981648.655:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.5.1555" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  703.477339][   T30] audit: type=1326 audit(1762981648.655:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.5.1555" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  703.500282][   T30] audit: type=1326 audit(1762981648.685:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.5.1555" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  703.522989][   T30] audit: type=1326 audit(1762981648.685:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.5.1555" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  703.546074][   T30] audit: type=1326 audit(1762981648.685:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10656 comm="syz.5.1555" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706d539 code=0x7ffc0000
[  704.388513][T10670] loop9: detected capacity change from 0 to 2368
[  710.221975][T10740] netlink: 112 bytes leftover after parsing attributes in process `syz.2.1579'.
[  710.355344][T10743] xt_limit: Overflow, try lower: 271964/0
[  711.646233][T10758] netlink: 'syz.2.1585': attribute type 12 has an invalid length.
[  711.654608][T10758] netlink: 'syz.2.1585': attribute type 29 has an invalid length.
[  711.664942][T10758] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1585'.
[  714.255445][   T30] kauditd_printk_skb: 73 callbacks suppressed
[  714.255523][   T30] audit: type=1326 audit(1762981659.575:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10792 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  714.284328][   T30] audit: type=1326 audit(1762981659.575:215): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10792 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  714.307644][   T30] audit: type=1326 audit(1762981659.605:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10792 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  714.330724][   T30] audit: type=1326 audit(1762981659.605:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10792 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  714.353501][   T30] audit: type=1326 audit(1762981659.605:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10792 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  714.376242][   T30] audit: type=1326 audit(1762981659.655:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10792 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  714.400040][   T30] audit: type=1326 audit(1762981659.655:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10792 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  714.423186][   T30] audit: type=1326 audit(1762981659.655:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10792 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=40000003 syscall=125 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  714.445916][   T30] audit: type=1326 audit(1762981659.655:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10792 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=40000003 syscall=175 compat=1 ip=0xf7f37539 code=0x7ffc0000
[  714.468749][   T30] audit: type=1326 audit(1762981659.655:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10792 comm="syz.4.1597" exe="/root/syz-executor" sig=0 arch=40000003 syscall=435 compat=1 ip=0xf71c8b00 code=0x7ffc0000
[  714.614426][T10799] netlink: 'syz.6.1599': attribute type 12 has an invalid length.
[  714.626070][T10799] netlink: 'syz.6.1599': attribute type 29 has an invalid length.
[  714.634718][T10799] netlink: 148 bytes leftover after parsing attributes in process `syz.6.1599'.
[  715.017007][T10804] syz_tun: entered allmulticast mode
[  715.091129][T10803] syz_tun: left allmulticast mode
[  716.179978][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  716.187606][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  717.099627][T10838] binder: 10835:10838 ioctl 4018620d 0 returned -22
[  717.866867][T10851] netlink: 'syz.9.1614': attribute type 12 has an invalid length.
[  717.875132][T10851] netlink: 'syz.9.1614': attribute type 29 has an invalid length.
[  717.886073][T10851] netlink: 148 bytes leftover after parsing attributes in process `syz.9.1614'.
[  720.789465][   T30] kauditd_printk_skb: 80 callbacks suppressed
[  720.789543][   T30] audit: type=1326 audit(1762981666.105:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10899 comm="syz.6.1627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  720.819145][   T30] audit: type=1326 audit(1762981666.105:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10899 comm="syz.6.1627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  720.841934][   T30] audit: type=1326 audit(1762981666.115:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10899 comm="syz.6.1627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  720.864998][   T30] audit: type=1326 audit(1762981666.115:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10899 comm="syz.6.1627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  720.887943][   T30] audit: type=1326 audit(1762981666.115:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10899 comm="syz.6.1627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=168 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  720.910551][   T30] audit: type=1326 audit(1762981666.115:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10899 comm="syz.6.1627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  720.915585][T10907] netlink: 'syz.4.1629': attribute type 12 has an invalid length.
[  720.933002][   T30] audit: type=1326 audit(1762981666.115:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10899 comm="syz.6.1627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  720.933232][   T30] audit: type=1326 audit(1762981666.115:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10899 comm="syz.6.1627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  720.933635][   T30] audit: type=1326 audit(1762981666.145:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10899 comm="syz.6.1627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  720.933865][   T30] audit: type=1326 audit(1762981666.145:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10899 comm="syz.6.1627" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  720.941632][T10907] netlink: 'syz.4.1629': attribute type 29 has an invalid length.
[  720.941712][T10907] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1629'.
[  721.758564][T10917] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1632'.
[  722.522369][T10931] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1638'.
[  726.566614][   T30] kauditd_printk_skb: 59 callbacks suppressed
[  726.566699][   T30] audit: type=1326 audit(1762981671.885:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10982 comm="syz.9.1657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000
[  726.596851][   T30] audit: type=1326 audit(1762981671.885:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10982 comm="syz.9.1657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000
[  726.619778][   T30] audit: type=1326 audit(1762981671.885:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10982 comm="syz.9.1657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000
[  726.642461][   T30] audit: type=1326 audit(1762981671.885:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10982 comm="syz.9.1657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000
[  726.664986][   T30] audit: type=1326 audit(1762981671.895:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10982 comm="syz.9.1657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=168 compat=1 ip=0xf7f76539 code=0x7ffc0000
[  726.688112][   T30] audit: type=1326 audit(1762981671.895:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10982 comm="syz.9.1657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000
[  726.711207][   T30] audit: type=1326 audit(1762981671.895:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10982 comm="syz.9.1657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000
[  726.733709][   T30] audit: type=1326 audit(1762981671.895:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10982 comm="syz.9.1657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000
[  726.756797][   T30] audit: type=1326 audit(1762981671.915:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10982 comm="syz.9.1657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f76539 code=0x7ffc0000
[  726.780001][   T30] audit: type=1326 audit(1762981671.915:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10982 comm="syz.9.1657" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f76539 code=0x7ffc0000
[  726.991907][T10944] netlink: 'syz.5.1644': attribute type 10 has an invalid length.
[  727.000879][T10944] netlink: 156 bytes leftover after parsing attributes in process `syz.5.1644'.
[  729.114501][T11008] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1666'.
[  732.529224][T11053] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  733.051726][T11062] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  733.062226][T11062] batman_adv: batadv0: Removing interface: batadv_slave_0
[  733.087822][T11062] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  733.099335][T11062] batman_adv: batadv0: Removing interface: batadv_slave_1
[  734.230622][T11081] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1697'.
[  735.191354][T11100] syzkaller0: entered promiscuous mode
[  735.198003][T11100] syzkaller0: entered allmulticast mode
[  735.455321][T11103] syz_tun: entered allmulticast mode
[  735.488719][T11102] syz_tun: left allmulticast mode
[  736.331988][T11119] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1711'.
[  736.935960][T11127] bond0: entered promiscuous mode
[  736.941243][T11127] bond_slave_0: entered promiscuous mode
[  736.948615][T11127] bond_slave_1: entered promiscuous mode
[  736.965113][T11127] batadv0: entered promiscuous mode
[  736.979154][T11127] 8021q: adding VLAN 0 to HW filter on device hsr1
[  737.208933][T11131] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1718'.
[  741.214507][T11197] syz_tun: entered allmulticast mode
[  741.235424][T11196] syz_tun: left allmulticast mode
[  742.824732][T11221] syz_tun: entered allmulticast mode
[  742.864981][T11220] syz_tun: left allmulticast mode
[  748.710269][T11322] Unknown status report in ack skb
[  750.033096][   T30] kauditd_printk_skb: 65 callbacks suppressed
[  750.033184][   T30] audit: type=1326 audit(1762981695.345:448): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11340 comm="syz.2.1808" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f14539 code=0x7ffc0000
[  750.083831][   T30] audit: type=1326 audit(1762981695.395:449): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11340 comm="syz.2.1808" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f14539 code=0x7ffc0000
[  750.098696][T11343] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1807'.
[  750.106547][   T30] audit: type=1326 audit(1762981695.395:450): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11340 comm="syz.2.1808" exe="/root/syz-executor" sig=0 arch=40000003 syscall=168 compat=1 ip=0xf7f14539 code=0x7ffc0000
[  750.106781][   T30] audit: type=1326 audit(1762981695.395:451): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11340 comm="syz.2.1808" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f14539 code=0x7ffc0000
[  750.107000][   T30] audit: type=1326 audit(1762981695.405:452): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11340 comm="syz.2.1808" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f14539 code=0x7ffc0000
[  750.133817][T11343] bond0: entered promiscuous mode
[  750.139838][   T30] audit: type=1326 audit(1762981695.405:453): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11340 comm="syz.2.1808" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f14539 code=0x7ffc0000
[  750.162470][T11343] bond_slave_0: entered promiscuous mode
[  750.166869][T11343] bond_slave_1: entered promiscuous mode
[  750.232197][T11343] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  750.246153][T11343] bond0: left promiscuous mode
[  750.251166][T11343] bond_slave_0: left promiscuous mode
[  750.258251][T11343] bond_slave_1: left promiscuous mode
[  750.289467][   T30] audit: type=1326 audit(1762981695.605:454): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11340 comm="syz.2.1808" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f14539 code=0x7ffc0000
[  750.312898][   T30] audit: type=1326 audit(1762981695.605:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11340 comm="syz.2.1808" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f14539 code=0x7ffc0000
[  750.335578][   T30] audit: type=1326 audit(1762981695.605:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11340 comm="syz.2.1808" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f14539 code=0x7ffc0000
[  750.359114][   T30] audit: type=1326 audit(1762981695.605:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11340 comm="syz.2.1808" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f14539 code=0x7ffc0000
[  751.578511][T11359] syz_tun: entered allmulticast mode
[  752.125202][T11368] netlink: 'syz.9.1820': attribute type 10 has an invalid length.
[  752.134115][T11368] netlink: 156 bytes leftover after parsing attributes in process `syz.9.1820'.
[  752.440381][T11377] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1823'.
[  752.480429][T11377] bond0: entered promiscuous mode
[  752.486435][T11377] bond_slave_0: entered promiscuous mode
[  752.494368][T11377] bond_slave_1: entered promiscuous mode
[  752.507688][T11377] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  752.520863][T11377] bond0: left promiscuous mode
[  752.526092][T11377] bond_slave_0: left promiscuous mode
[  752.532768][T11377] bond_slave_1: left promiscuous mode
[  753.133696][T10545] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  753.341603][T10545] usb 10-1: config 220 has an invalid interface number: 76 but max is 2
[  753.350598][T10545] usb 10-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  753.361597][T10545] usb 10-1: config 220 has no interface number 2
[  753.368351][T10545] usb 10-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  753.382006][T10545] usb 10-1: config 220 interface 0 has no altsetting 0
[  753.389236][T10545] usb 10-1: config 220 interface 76 has no altsetting 0
[  753.396572][T10545] usb 10-1: config 220 interface 1 has no altsetting 0
[  753.560832][T10545] usb 10-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  753.570686][T10545] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  753.579255][T10545] usb 10-1: Product: syz
[  753.583814][T10545] usb 10-1: Manufacturer: syz
[  753.588708][T10545] usb 10-1: SerialNumber: syz
[  753.695212][T11396] syz_tun: entered allmulticast mode
[  753.886429][T10545] usb 10-1: selecting invalid altsetting 0
[  753.893031][T10545] uvcvideo 10-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  753.900885][T10545] uvcvideo 10-1:220.0: No valid video chain found.
[  754.040468][T10545] usb 10-1: selecting invalid altsetting 0
[  754.046843][T10545] usbtest 10-1:220.1: probe with driver usbtest failed with error -22
[  754.119216][T10545] usb 10-1: USB disconnect, device number 4
[  755.300277][T11416] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1837'.
[  755.327551][T11416] bond0: entered promiscuous mode
[  755.332912][T11416] bond_slave_0: entered promiscuous mode
[  755.340162][T11416] bond_slave_1: entered promiscuous mode
[  755.353805][T11416] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  755.367670][T11416] bond0: left promiscuous mode
[  755.372689][T11416] bond_slave_0: left promiscuous mode
[  755.379906][T11416] bond_slave_1: left promiscuous mode
[  757.239306][T11429] syz_tun: entered allmulticast mode
[  760.504458][T11475] netlink: 112 bytes leftover after parsing attributes in process `syz.5.1863'.
[  763.319253][T11508] netlink: 112 bytes leftover after parsing attributes in process `syz.5.1876'.
[  763.399005][T11510] xt_limit: Overflow, try lower: 271964/0
[  766.055293][T11551] netlink: 112 bytes leftover after parsing attributes in process `syz.5.1894'.
[  766.142792][T11552] xt_limit: Overflow, try lower: 271964/0
[  767.521068][T11570] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1900'.
[  768.435975][T11582] netlink: 592 bytes leftover after parsing attributes in process `syz.6.1906'.
[  768.778235][T11591] syz_tun: entered allmulticast mode
[  769.072969][T11585] syz_tun: left allmulticast mode
[  769.662800][T11605] fuse: Bad value for 'fd'
[  770.324239][T11611] netlink: 28 bytes leftover after parsing attributes in process `syz.9.1915'.
[  770.696850][T11617] netlink: 112 bytes leftover after parsing attributes in process `syz.4.1918'.
[  770.740030][T11621] netlink: 592 bytes leftover after parsing attributes in process `syz.5.1919'.
[  770.770373][T11622] xt_limit: Overflow, try lower: 271964/0
[  772.423789][T10676] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  772.615801][T10676] usb 10-1: Using ep0 maxpacket: 8
[  772.650343][T11648] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1931'.
[  772.673099][T10676] usb 10-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  772.684936][T10676] usb 10-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  772.695636][T10676] usb 10-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  772.709105][T10676] usb 10-1: config 0 interface 0 has no altsetting 0
[  772.717256][T10676] usb 10-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[  772.726961][T10676] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  772.767807][T10676] usb 10-1: config 0 descriptor??
[  772.976309][T11652] netlink: 592 bytes leftover after parsing attributes in process `syz.4.1932'.
[  773.038510][T10676] usbhid 10-1:0.0: can't add hid device: -71
[  773.045953][T10676] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  773.093823][T10676] usb 10-1: USB disconnect, device number 5
[  773.636977][T11660] xt_limit: Overflow, try lower: 271964/0
[  775.240726][T11687] netlink: 592 bytes leftover after parsing attributes in process `syz.6.1944'.
[  775.934042][T11695] netlink: 112 bytes leftover after parsing attributes in process `syz.2.1948'.
[  775.995755][T11698] xt_limit: Overflow, try lower: 271964/0
[  777.625671][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  777.633141][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  778.164527][T11731] netlink: 112 bytes leftover after parsing attributes in process `syz.5.1962'.
[  778.240786][T11733] xt_limit: Overflow, try lower: 271964/0
[  780.685725][T11774] netlink: 112 bytes leftover after parsing attributes in process `syz.2.1977'.
[  780.796009][T11776] xt_limit: Overflow, try lower: 271964/0
[  780.967864][T11777] netlink: 'syz.5.1978': attribute type 10 has an invalid length.
[  781.640129][T11788] syz_tun: entered allmulticast mode
[  781.681380][T11785] syz_tun: left allmulticast mode
[  783.265530][T11807] netlink: 'syz.5.1991': attribute type 10 has an invalid length.
[  783.282448][T11810] netlink: 112 bytes leftover after parsing attributes in process `syz.9.1993'.
[  783.356408][T11812] xt_limit: Overflow, try lower: 271964/0
[  783.820385][T11816] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1995'.
[  784.793842][ T9585] Bluetooth: hci2: command 0x0406 tx timeout
[  785.259011][T11839] netlink: 'syz.6.2005': attribute type 10 has an invalid length.
[  787.217769][T11873] netlink: 'syz.2.2020': attribute type 10 has an invalid length.
[  787.252424][T11873] team0: Port device dummy0 added
[  788.988773][T11904] netlink: 'syz.4.2034': attribute type 10 has an invalid length.
[  789.664101][T10676] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  789.865059][T10676] usb 10-1: Using ep0 maxpacket: 8
[  789.880424][T10676] usb 10-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  789.892302][T10676] usb 10-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  789.902746][T10676] usb 10-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  789.916076][T10676] usb 10-1: config 0 interface 0 has no altsetting 0
[  789.923147][T10676] usb 10-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[  789.935493][T10676] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  789.979915][T10676] usb 10-1: config 0 descriptor??
[  790.303870][T10676] usbhid 10-1:0.0: can't add hid device: -71
[  790.310838][T10676] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  790.381118][T10676] usb 10-1: USB disconnect, device number 6
[  791.587167][T11944] netlink: 'syz.6.2049': attribute type 10 has an invalid length.
[  792.915015][T10676] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  793.063736][T10676] usb 10-1: device descriptor read/64, error -71
[  793.323963][T10676] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  793.474584][T10676] usb 10-1: device descriptor read/64, error -71
[  793.598325][T10676] usb usb10-port1: attempt power cycle
[  793.854555][T11981] netlink: 'syz.4.2063': attribute type 10 has an invalid length.
[  793.953930][T10676] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  794.001648][T10676] usb 10-1: device descriptor read/8, error -71
[  794.254040][T10676] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  794.345493][T10676] usb 10-1: device descriptor read/8, error -71
[  794.469098][T10676] usb usb10-port1: unable to enumerate USB device
[  795.557788][T12013] netlink: 'syz.4.2079': attribute type 10 has an invalid length.
[  797.873783][T10545] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  798.054414][T10545] usb 10-1: Using ep0 maxpacket: 8
[  798.089183][T10545] usb 10-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  798.101104][T10545] usb 10-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  798.111333][T10545] usb 10-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  798.124813][T10545] usb 10-1: config 0 interface 0 has no altsetting 0
[  798.131761][T10545] usb 10-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[  798.141275][T10545] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  798.293193][T10545] usb 10-1: config 0 descriptor??
[  798.660509][T10545] usbhid 10-1:0.0: can't add hid device: -71
[  798.667940][T10545] usbhid 10-1:0.0: probe with driver usbhid failed with error -71
[  798.758408][T10545] usb 10-1: USB disconnect, device number 11
[  799.929394][T12074] xt_limit: Overflow, try lower: 271964/0
[  802.109607][T12113] xt_limit: Overflow, try lower: 271964/0
[  802.430915][T12120] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2124'.
[  804.434915][T12147] xt_limit: Overflow, try lower: 271964/0
[  804.818766][T12152] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2138'.
[  805.584191][T10676] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  805.766379][T10676] usb 10-1: config 220 has an invalid descriptor of length 1, skipping remainder of the config
[  805.777493][T10676] usb 10-1: config 220 has 1 interface, different from the descriptor's value: 3
[  805.780155][   T30] kauditd_printk_skb: 24 callbacks suppressed
[  805.780234][   T30] audit: type=1326 audit(1762981751.105:482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12172 comm="syz.6.2147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  805.787055][T10676] usb 10-1: config 220 interface 0 has no altsetting 0
[  805.823160][   T30] audit: type=1326 audit(1762981751.105:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12172 comm="syz.6.2147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  805.847066][T10676] usb 10-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  805.857287][T10676] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  805.866061][T10676] usb 10-1: Product: syz
[  805.870585][T10676] usb 10-1: Manufacturer: syz
[  805.875642][T10676] usb 10-1: SerialNumber: syz
[  806.019411][   T30] audit: type=1326 audit(1762981751.185:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12172 comm="syz.6.2147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  806.042695][   T30] audit: type=1326 audit(1762981751.185:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12172 comm="syz.6.2147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=168 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  806.066275][   T30] audit: type=1326 audit(1762981751.185:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12172 comm="syz.6.2147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  806.089640][   T30] audit: type=1326 audit(1762981751.185:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12172 comm="syz.6.2147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  806.112120][   T30] audit: type=1326 audit(1762981751.185:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12172 comm="syz.6.2147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  806.134757][   T30] audit: type=1326 audit(1762981751.205:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12172 comm="syz.6.2147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  806.158279][   T30] audit: type=1326 audit(1762981751.205:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12172 comm="syz.6.2147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  806.181279][   T30] audit: type=1326 audit(1762981751.205:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12172 comm="syz.6.2147" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ad539 code=0x7ffc0000
[  806.239897][T10676] uvcvideo 10-1:220.0: Found UVC 0.00 device syz (8086:0b07)
[  806.248279][T10676] uvcvideo 10-1:220.0: No valid video chain found.
[  806.354139][T10676] usb 10-1: USB disconnect, device number 12
[  807.287577][T12187] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2153'.
[  811.374047][T12247] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2179'.
[  812.287020][   T30] kauditd_printk_skb: 99 callbacks suppressed
[  812.287102][   T30] audit: type=1326 audit(1762981757.605:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12259 comm="syz.5.2186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  812.317850][   T30] audit: type=1326 audit(1762981757.605:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12259 comm="syz.5.2186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  812.341325][   T30] audit: type=1326 audit(1762981757.605:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12259 comm="syz.5.2186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  812.364241][   T30] audit: type=1326 audit(1762981757.605:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12259 comm="syz.5.2186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  812.386727][   T30] audit: type=1326 audit(1762981757.605:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12259 comm="syz.5.2186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=168 compat=1 ip=0xf706d539 code=0x7ffc0000
[  812.411014][   T30] audit: type=1326 audit(1762981757.605:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12259 comm="syz.5.2186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  812.434696][   T30] audit: type=1326 audit(1762981757.615:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12259 comm="syz.5.2186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  812.457375][   T30] audit: type=1326 audit(1762981757.615:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12259 comm="syz.5.2186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  812.480304][   T30] audit: type=1326 audit(1762981757.625:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12259 comm="syz.5.2186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706d539 code=0x7ffc0000
[  812.504118][   T30] audit: type=1326 audit(1762981757.635:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12259 comm="syz.5.2186" exe="/root/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf706d539 code=0x7ffc0000
[  814.126840][T12280] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2193'.
[  815.072277][T12295] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2199'.
[  816.286510][T12278] netlink: 'syz.5.2192': attribute type 10 has an invalid length.
[  816.294849][T12278] netlink: 156 bytes leftover after parsing attributes in process `syz.5.2192'.
[  819.674669][T12352] netlink: 12 bytes leftover after parsing attributes in process `syz.9.2222'.
[  821.991291][T12382] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2234'.
[  822.626356][T12370] netlink: 'syz.9.2229': attribute type 10 has an invalid length.
[  822.636306][T12370] netlink: 156 bytes leftover after parsing attributes in process `syz.9.2229'.
[  825.034682][    T9] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  825.043914][T12423] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2254'.
[  825.213502][    T9] usb 10-1: config 220 has an invalid interface number: 76 but max is 2
[  825.222705][    T9] usb 10-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  825.234004][    T9] usb 10-1: config 220 has 2 interfaces, different from the descriptor's value: 3
[  825.243618][    T9] usb 10-1: config 220 has no interface number 1
[  825.250188][    T9] usb 10-1: config 220 interface 0 has no altsetting 0
[  825.257348][    T9] usb 10-1: config 220 interface 76 has no altsetting 0
[  825.307126][    T9] usb 10-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  825.317729][    T9] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  825.326783][    T9] usb 10-1: Product: syz
[  825.331773][    T9] usb 10-1: Manufacturer: syz
[  825.336802][    T9] usb 10-1: SerialNumber: syz
[  825.614859][    T9] uvcvideo 10-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  825.622841][    T9] uvcvideo 10-1:220.0: No valid video chain found.
[  825.723240][    T9] usb 10-1: USB disconnect, device number 13
[  826.132645][T12435] netlink: 'syz.5.2257': attribute type 10 has an invalid length.
[  826.141216][T12435] netlink: 156 bytes leftover after parsing attributes in process `syz.5.2257'.
[  827.804961][T12456] 9pnet_fd: Insufficient options for proto=fd
[  828.699166][    T9] usb 10-1: new high-speed USB device number 14 using dummy_hcd
[  828.846279][T12470] netlink: 'syz.6.2271': attribute type 10 has an invalid length.
[  828.855266][T12470] netlink: 156 bytes leftover after parsing attributes in process `syz.6.2271'.
[  828.901906][    T9] usb 10-1: config 220 has an invalid interface number: 76 but max is 2
[  828.911595][    T9] usb 10-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  828.922914][    T9] usb 10-1: config 220 has 2 interfaces, different from the descriptor's value: 3
[  828.932707][    T9] usb 10-1: config 220 has no interface number 1
[  828.939507][    T9] usb 10-1: config 220 interface 0 has no altsetting 0
[  828.946708][    T9] usb 10-1: config 220 interface 76 has no altsetting 0
[  829.184169][    T9] usb 10-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  829.194806][    T9] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  829.205055][    T9] usb 10-1: Product: syz
[  829.209498][    T9] usb 10-1: Manufacturer: syz
[  829.215796][    T9] usb 10-1: SerialNumber: syz
[  829.569521][    T9] uvcvideo 10-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  829.579687][    T9] uvcvideo 10-1:220.0: No valid video chain found.
[  829.640594][    T9] usb 10-1: USB disconnect, device number 14
[  829.960339][T12489] 9pnet_fd: Insufficient options for proto=fd
[  832.281062][T12520] 9pnet_fd: Insufficient options for proto=fd
[  834.693980][T12559] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2309'.
[  836.850810][T12589] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2321'.
[  837.540286][T12601] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2326'.
[  837.550058][T12601] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2326'.
[  837.578716][T12601] team0: entered promiscuous mode
[  837.584480][T12601] team_slave_0: entered promiscuous mode
[  837.591621][T12601] team_slave_1: entered promiscuous mode
[  837.599499][T12601] batadv1: entered promiscuous mode
[  837.606463][T12601] dummy0: entered promiscuous mode
[  837.620778][T12601] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  839.080237][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  839.087186][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  839.244572][T12620] netlink: 4 bytes leftover after parsing attributes in process `syz.9.2334'.
[  840.325390][T12637] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2339'.
[  840.334780][T12637] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2339'.
[  840.408385][T12637] team0: entered promiscuous mode
[  840.414008][T12637] team_slave_0: entered promiscuous mode
[  840.421068][T12637] team_slave_1: entered promiscuous mode
[  840.428235][T12637] dummy0: entered promiscuous mode
[  840.441069][T12637] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  842.761941][T12669] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2353'.
[  842.772158][T12669] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2353'.
[  843.382856][T12674] netlink: 40 bytes leftover after parsing attributes in process `syz.9.2354'.
[  845.112306][T12702] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2365'.
[  845.121786][T12702] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2365'.
[  845.368444][T12710] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2368'.
[  846.735605][T12729] xt_limit: Overflow, try lower: 271964/0
[  847.698366][T12742] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2379'.
[  847.708236][T12742] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2379'.
[  849.521633][T12771] xt_limit: Overflow, try lower: 271964/0
[  849.942135][T12778] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2392'.
[  849.951594][T12778] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2392'.
[  849.979678][T12778] team0: entered promiscuous mode
[  849.985071][T12778] team_slave_0: entered promiscuous mode
[  849.992038][T12778] team_slave_1: entered promiscuous mode
[  849.999925][T12778] dummy0: entered promiscuous mode
[  850.013061][T12778] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  851.800510][T12810] xt_limit: Overflow, try lower: 271964/0
[  852.799551][T12822] netlink: 32 bytes leftover after parsing attributes in process `syz.6.2408'.
[  852.978598][T12824] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2407'.
[  854.265140][T12846] xt_limit: Overflow, try lower: 271964/0
[  854.711829][T12856] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2420'.
[  854.908660][T12858] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2421'.
[  856.281177][T12885] xt_limit: Overflow, try lower: 271964/0
[  857.096308][T12895] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2434'.
[  859.011754][T12926] xt_limit: Overflow, try lower: 271964/0
[  859.033217][T12927] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2448'.
[  859.060905][T12927] team0: entered promiscuous mode
[  859.066369][T12927] team_slave_0: entered promiscuous mode
[  859.073507][T12927] team_slave_1: entered promiscuous mode
[  859.080376][T12927] dummy0: entered promiscuous mode
[  859.094655][T12927] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  860.258244][T12947] netlink: 988 bytes leftover after parsing attributes in process `syz.4.2455'.
[  862.344148][T12962] xt_limit: Overflow, try lower: 271964/0
[  863.541381][T12972] netlink: 988 bytes leftover after parsing attributes in process `syz.9.2466'.
[  864.774048][T12991] xt_limit: Overflow, try lower: 271964/0
[  866.071521][T13007] netlink: 988 bytes leftover after parsing attributes in process `syz.2.2480'.
[  866.513874][T13015] netlink: 32 bytes leftover after parsing attributes in process `syz.5.2483'.
[  868.077738][T13031] xt_limit: Overflow, try lower: 271964/0
[  868.926118][T13005] netlink: 'syz.6.2479': attribute type 10 has an invalid length.
[  868.937547][T13005] netlink: 156 bytes leftover after parsing attributes in process `syz.6.2479'.
[  871.301138][T13065] xt_limit: Overflow, try lower: 271964/0
[  874.347803][T13098] xt_limit: Overflow, try lower: 271964/0
[  877.660761][T13129] xt_limit: Overflow, try lower: 271964/0
[  879.093203][   T12] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  879.110498][   T12] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  879.173977][   T12] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  879.218075][   T12] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  880.518946][T13169] xt_limit: Overflow, try lower: 271964/0
[  882.069977][T13153] netlink: 'syz.6.2538': attribute type 10 has an invalid length.
[  882.078523][T13153] netlink: 156 bytes leftover after parsing attributes in process `syz.6.2538'.
[  882.097235][ T5446] =====================================================
[  882.105054][ T5446] BUG: KMSAN: kernel-infoleak in _copy_to_iter+0xef3/0x33f0
[  882.112687][ T5446]  _copy_to_iter+0xef3/0x33f0
[  882.118021][ T5446]  __skb_datagram_iter+0x196/0x12c0
[  882.123775][ T5446]  skb_copy_datagram_iter+0x5b/0x1e0
[  882.130432][ T5446]  netlink_recvmsg+0x4bb/0xfe0
[  882.135636][ T5446]  sock_recvmsg+0x2df/0x390
[  882.140412][ T5446]  ____sys_recvmsg+0x193/0x610
[  882.145505][ T5446]  ___sys_recvmsg+0x20b/0x850
[  882.150391][ T5446]  __x64_sys_recvmsg+0x20e/0x3d0
[  882.156347][ T5446]  x64_sys_call+0x35f0/0x3e30
[  882.161257][ T5446]  do_syscall_64+0xd9/0xfa0
[  882.166157][ T5446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  882.172338][ T5446] 
[  882.174983][ T5446] Uninit was stored to memory at:
[  882.180366][ T5446]  pskb_expand_head+0x310/0x1610
[  882.186042][ T5446]  netlink_trim+0x496/0x500
[  882.190730][ T5446]  netlink_broadcast_filtered+0x80/0x28f0
[  882.196829][ T5446]  nlmsg_notify+0x15b/0x2f0
[  882.201542][ T5446]  rtnl_notify+0xba/0x100
[  882.206276][ T5446]  wireless_nlevent_process+0xfe/0x290
[  882.212056][ T5446]  process_scheduled_works+0xb91/0x1d80
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  882.218233][ T5446]  worker_thread+0xedf/0x1590
[  882.223108][ T5446]  kthread+0xd5c/0xf00
[  882.227467][ T5446]  ret_from_fork+0x1f5/0x4c0
[  882.233580][ T5446]  ret_from_fork_asm+0x1a/0x30
[  882.238543][ T5446] 
[  882.240952][ T5446] Uninit was stored to memory at:
[  882.246413][ T5446]  wireless_send_event+0x67f/0x1530
[  882.251772][ T5446]  ioctl_standard_iw_point+0x12b0/0x13f0
[  882.259275][ T5446]  compat_standard_call+0x188/0x4c0
[  882.264765][ T5446]  wext_ioctl_dispatch+0x192/0x7a0
[  882.270046][ T5446]  compat_wext_handle_ioctl+0x1a1/0x300
[  882.276510][ T5446]  compat_sock_ioctl+0x20c/0xff0
[  882.281613][ T5446]  __ia32_compat_sys_ioctl+0x7f9/0x1270
[  882.287555][ T5446]  ia32_sys_call+0x2d5f/0x4310
[  882.292517][ T5446]  __do_fast_syscall_32+0xb0/0x150
[  882.298077][ T5446]  do_fast_syscall_32+0x38/0x80
[  882.303125][ T5446]  do_SYSENTER_32+0x1f/0x30
[  882.308134][ T5446]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  882.314839][ T5446] 
[  882.317232][ T5446] Local variable iwp created at:
[  882.322323][ T5446]  compat_standard_call+0x4a/0x4c0
[  882.327714][ T5446]  wext_ioctl_dispatch+0x192/0x7a0
[  882.334184][ T5446] 
[  882.336583][ T5446] Bytes 60-63 of 64 are uninitialized
[  882.342045][ T5446] Memory access of size 64 starts at ffff8880b21f6680
[  882.349026][ T5446] Data copied to user address 00007fff85059ec0
[  882.355355][ T5446] 
[  882.358410][ T5446] CPU: 0 UID: 101 PID: 5446 Comm: dhcpcd Not tainted syzkaller #0 PREEMPT(none) 
[  882.368206][ T5446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  882.378503][ T5446] =====================================================
[  882.385848][ T5446] Disabling lock debugging due to kernel taint
[  882.392105][ T5446] Kernel panic - not syncing: kmsan.panic set ...
[  882.398649][ T5446] CPU: 0 UID: 101 PID: 5446 Comm: dhcpcd Tainted: G    B               syzkaller #0 PREEMPT(none) 
[  882.409516][ T5446] Tainted: [B]=BAD_PAGE
[  882.413758][ T5446] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  882.423951][ T5446] Call Trace:
[  882.427331][ T5446]  <TASK>
[  882.430342][ T5446]  __dump_stack+0x26/0x30
[  882.434844][ T5446]  dump_stack_lvl+0x53/0x270
[  882.439620][ T5446]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  882.445622][ T5446]  dump_stack+0x1e/0x25
[  882.449943][ T5446]  vpanic+0x435/0xd30
[  882.454112][ T5446]  panic+0x15d/0x160
[  882.458215][ T5446]  kmsan_report+0x31c/0x320
[  882.462866][ T5446]  ? kmsan_internal_check_memory+0x1e1/0x230
[  882.469063][ T5446]  ? kmsan_copy_to_user+0xf1/0x190
[  882.474327][ T5446]  ? _copy_to_iter+0xef3/0x33f0
[  882.479426][ T5446]  ? __skb_datagram_iter+0x196/0x12c0
[  882.485097][ T5446]  ? skb_copy_datagram_iter+0x5b/0x1e0
[  882.490759][ T5446]  ? netlink_recvmsg+0x4bb/0xfe0
[  882.495883][ T5446]  ? sock_recvmsg+0x2df/0x390
[  882.500711][ T5446]  ? ____sys_recvmsg+0x193/0x610
[  882.506088][ T5446]  ? ___sys_recvmsg+0x20b/0x850
[  882.511115][ T5446]  ? __x64_sys_recvmsg+0x20e/0x3d0
[  882.516403][ T5446]  ? x64_sys_call+0x35f0/0x3e30
[  882.521421][ T5446]  ? do_syscall_64+0xd9/0xfa0
[  882.526278][ T5446]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  882.532674][ T5446]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  882.538653][ T5446]  ? kmsan_get_metadata+0xfb/0x160
[  882.543915][ T5446]  ? kmsan_get_metadata+0xfb/0x160
[  882.549183][ T5446]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  882.555153][ T5446]  ? kmsan_get_metadata+0xfb/0x160
[  882.560410][ T5446]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  882.566382][ T5446]  ? __pfx__raw_spin_lock+0x1/0x10
[  882.571726][ T5446]  ? kmsan_get_metadata+0xfb/0x160
[  882.577000][ T5446]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  882.582983][ T5446]  kmsan_internal_check_memory+0x1e1/0x230
[  882.589293][ T5446]  kmsan_copy_to_user+0xf1/0x190
[  882.594470][ T5446]  _copy_to_iter+0xef3/0x33f0
[  882.599303][ T5446]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[  882.605825][ T5446]  ? kmsan_get_metadata+0xfb/0x160
[  882.611096][ T5446]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  882.617065][ T5446]  ? kmsan_get_metadata+0xfb/0x160
[  882.622323][ T5446]  ? kmsan_internal_set_shadow_origin+0x7a/0x110
[  882.628939][ T5446]  __skb_datagram_iter+0x196/0x12c0
[  882.634349][ T5446]  ? __pfx_simple_copy_to_iter+0x10/0x10
[  882.640216][ T5446]  skb_copy_datagram_iter+0x5b/0x1e0
[  882.645773][ T5446]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  882.652027][ T5446]  netlink_recvmsg+0x4bb/0xfe0
[  882.657025][ T5446]  ? aa_sock_msg_perm+0x29c/0x2f0
[  882.662336][ T5446]  ? __pfx_netlink_recvmsg+0x10/0x10
[  882.667804][ T5446]  sock_recvmsg+0x2df/0x390
[  882.672492][ T5446]  ____sys_recvmsg+0x193/0x610
[  882.677459][ T5446]  ? setup_fault_attr+0x260/0x300
[  882.682749][ T5446]  ? stack_depot_save_flags+0x35/0x7b0
[  882.688544][ T5446]  ___sys_recvmsg+0x20b/0x850
[  882.693448][ T5446]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  882.699421][ T5446]  ? kmsan_get_metadata+0xfb/0x160
[  882.704697][ T5446]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  882.710669][ T5446]  __x64_sys_recvmsg+0x20e/0x3d0
[  882.715901][ T5446]  ? kmsan_get_metadata+0xfb/0x160
[  882.721209][ T5446]  x64_sys_call+0x35f0/0x3e30
[  882.726061][ T5446]  do_syscall_64+0xd9/0xfa0
[  882.730735][ T5446]  ? clear_bhb_loop+0x40/0x90
[  882.735561][ T5446]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  882.741621][ T5446] RIP: 0033:0x7fed136e2407
[  882.746316][ T5446] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  882.766249][ T5446] RSP: 002b:00007fff85059db0 EFLAGS: 00000202 ORIG_RAX: 000000000000002f
[  882.774829][ T5446] RAX: ffffffffffffffda RBX: 00007fed13658740 RCX: 00007fed136e2407
[  882.782913][ T5446] RDX: 0000000000000040 RSI: 00007fff85059e30 RDI: 0000000000000009
[  882.791159][ T5446] RBP: 000055a6b0358aa0 R08: 0000000000000000 R09: 0000000000000000
[  882.799234][ T5446] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000009
[  882.807309][ T5446] R13: 00007fff8505df90 R14: 0000000000000000 R15: 00007fff8505df80
[  882.815430][ T5446]  </TASK>
[  882.818903][ T5446] Kernel Offset: disabled
[  882.823280][ T5446] Rebooting in 86400 seconds..