last executing test programs:

3m2.089634044s ago: executing program 3 (id=3012):
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$can_bcm(0x1d, 0x2, 0x2)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000003c0)=[@in={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000080)=0x3, 0x4)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)

3m1.10203333s ago: executing program 3 (id=3017):
bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48)
syz_init_net_socket$ax25(0x3, 0x2, 0xc3)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x640100ff, 0x4e22, 0x3, 'ovf\x00', 0x1, 0x10000b7e, 0x70}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x0, 0x8, 0x77}, {@remote, 0x4e20, 0x1, 0xcd}}, 0x44)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r3, &(0x7f0000000100)={{0x3, @default, 0x3}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r4 = socket$inet(0x2, 0x80000, 0x1103)
setsockopt$inet_int(r4, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@netrom={'nr', 0x0}, 0x10)
ioctl$sock_netdev_private(r5, 0x8914, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="01000000000046c8db000c0e49a4715a960000fd09000084000000052300008cbbc7e4acf3ba1399471601feb581d6df3975fd6d0756892da258b3721332eb26de5d20b1a1412601a8ef36db2a4c3a591bf3e70856e5787753c669ad654ff417c7933e1670f6a1fe6bdf596cb668f5151d53e34736955ab0e4918bd8ba0130e430b490b2ee7489ed675a9f26a716a68f3154abc34c29ffec75e1bab6dc2fd8233b3b118ba68a7dd39c95459b7e6b33008a8592d81b2485f6ec62941540fce502677f0a83342d7dacd99f48bbb7374348235f67c875364207bb807265d25ebfe77ec0a8e560c77071ca92af3488d7156eaddf885816982b41d34a650e61804343", @ANYRES32, @ANYRES8=r0], 0x50)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')
socket$netlink(0x10, 0x3, 0x12)
ioctl$sock_netrom_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x0, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bpq0, 0x1, 'syz1\x00', @default, 0x1, 0xffffffff, [@null, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]})

2m49.836040922s ago: executing program 3 (id=3040):
bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="000000005e44f954c6b311a854a7ce673b46342911d1f0619eb513229688763fe15f0d4aa096c02e25cced2fcbf03a1058b204cd4e661b715479c92805e4805e1a6a5d8a1eef6226761d487dae961904dfa2", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000002c0), 0x10)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000280)=0xc9, 0x4)
readv(r0, &(0x7f0000000200)=[{&(0x7f0000001b80)=""/4096, 0x1000}], 0x1)
sendmsg$can_bcm(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB, @ANYRES64=0x0], 0x80}}, 0x0)
r1 = socket(0x10, 0x2, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000080)={0x8}, 0x10)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x307000, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="500000000206030000000000000000000d0000000c000300686173683a69700005000400000000000900020073797a31000000000c000780080008400000005d05000500020000000500010006"], 0x50}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)={0x40, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x18, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0xfffffffe}}, @IPSET_ATTR_CIDR={0x5, 0x3, 0x8}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
recvmsg(r4, &(0x7f0000001700)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPSET_CMD_LIST(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {0xa, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000005}, 0x80)
r5 = socket$unix(0x1, 0x2, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x4d2f02, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="120000000400000004000000"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r7, &(0x7f0000000340), &(0x7f00000002c0)=@tcp6=r6}, 0x20)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
write(r1, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})

2m40.676964941s ago: executing program 0 (id=3066):
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x32, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000580)={'veth0_to_team\x00', <r2=>0x0})
syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r0, r2, 0x25, 0x0, @void}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
socket(0x40000000015, 0x805, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
socket$caif_stream(0x25, 0x1, 0x2)
socket$packet(0x11, 0x3, 0x300)
socket(0x10, 0x3, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
socket$kcm(0x29, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x10, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000005000000000000008000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000003f80000850000008600000018010000", @ANYRES32, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000200000085000000a600000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x11}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

2m39.711343342s ago: executing program 0 (id=3070):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000b00)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6493790710000000000080000b2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249f21c6eee84309e7a23c19a394830f2539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bfb1c0e6b1244d35b213bda84cc172afcc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbb888b0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab2e4b380a00d72bc0480f94479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b844139f1111f2dc5e46ac1c60a"], 0x0, 0x5}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030033000b35d25a806c8c6f94f90324fc60100005000a000200053582c137153e37000c", 0x26}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x4, 0x4}, {0x0, 0x1000, 0x3}, {0x0, 0x4}]}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33)

2m39.399610036s ago: executing program 0 (id=3071):
unshare(0x400)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b52710aeee835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5bc6d3fd0500000022eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe326c2ed0a432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x12, 0x7d, 0x4, 0x2}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{r0}, &(0x7f0000000180), 0x0}, 0x20)
setsockopt$XDP_TX_RING(0xffffffffffffffff, 0x11b, 0x3, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x83dff000)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
recvmmsg(r1, &(0x7f0000000600), 0x204083acb88ff8b, 0x2, 0x0)
mmap(&(0x7f0000200000/0x4000)=nil, 0x4000, 0x4, 0x200000006c832, 0xffffffffffffffff, 0x0)

2m37.964868642s ago: executing program 3 (id=3078):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='\n\x00\x00\x00\v\x00\x00\x00B\x00\x00\x00>\x00\x00\x00B\x00\x00\x00', @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, 0x0, &(0x7f0000000180)}, 0x20)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x2000c015}, 0x2404c8c0)
pipe(&(0x7f0000000540)={<r2=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000580)={0x0, 0x7fffffff}, &(0x7f00000005c0)=0x8)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x7f, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xe, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41100, 0x39, '\x00', 0x0, @sk_skb=0x4, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0xa, 0x200008, 0x5, 0x1ffff}, 0x10, 0x0, r4, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r3], 0x4c}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
unshare(0x400)
r6 = epoll_create1(0x0)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f0000000100)={0xa000000d})
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x6293a, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40845}, 0x4000000)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_PKTINFO(r8, 0x10e, 0x3, &(0x7f0000000000)=0x10, 0x4)
r9 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r9, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r9, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, 0x0}}], 0x48}, 0x0)

2m37.716749883s ago: executing program 0 (id=3079):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000019c0)={0x11, 0x4, &(0x7f0000001840)=@framed={{0x18, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x7}, [@call={0x85, 0x0, 0x0, 0x69}]}, &(0x7f0000001880)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x4bd1bfda, 0x0, 0x6}, 0x1c)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffb}, [@call={0x85, 0x0, 0x0, 0x23}, @call={0x85, 0x0, 0x0, 0xe}]}, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
shutdown(0xffffffffffffffff, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, &(0x7f0000000140))
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x16, 0x0, 0x0, &(0x7f0000000c40)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffff8}, 0x94)
r3 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r3, &(0x7f0000000540)=[{&(0x7f0000000180)="580000001400192340834b80040d8c560a066f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0effeffe809005300fff5dd00000010000100080c1000000000", 0x53}], 0x1)
ioctl$BTRFS_IOC_QGROUP_CREATE(0xffffffffffffffff, 0x4010942a, &(0x7f0000000100)={0x1, 0x101})
socket$nl_route(0x10, 0x3, 0x0)

2m37.377787296s ago: executing program 0 (id=3081):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000b00)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6493790710000000000080000b2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249f21c6eee84309e7a23c19a394830f2539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bfb1c0e6b1244d35b213bda84cc172afcc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbb888b0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab2e4b380a00d72bc0480f94479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b844139f1111f2dc5e46ac1c60a"], 0x0, 0x5}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030033000b35d25a806c8c6f94f90324fc60100005000a000200053582c137153e37000c", 0x26}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x4, 0x4}, {0x0, 0x1000, 0x3}, {0x0, 0x4}]}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="7c00000000000000000000000700000044140001ac1414aa00000000ac1414000000000000441c0003e0000001000000007f000001000000000000000000000000442c00000000000000000f883816814100000000000000000000000000000000000000000000000000000000000000000000440c0001000000000000000000000000000000a400000000000000000000000700000044280000000000000000000000000000000000000000000000000000000000000000000000000000071700e0000002ac1414bb00000000e0000002ac1414bb018616000000000010c986d78e6c4b9394b247217b87cb00830b00000000007f000001861f0000000000020010421487f84baabcbcfb42a4d90bab000748c68c4c31001089ca45d9612e5b5c11f12bc78a41000000000000006c000000000000000000000007000000441c0003ffffffff000000000000000000000000e00000010000000044340001ac1414bb0000000000000000000000000000000000000000ac1414aa00000000ac1414aa00000000ac1e000100000000830b0000000000e000000200000000001c000000000000000000", @ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33)

2m35.859478824s ago: executing program 3 (id=3083):
socket(0xa, 0x802, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xa, 0x16, &(0x7f0000000540)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000015001100511b48013d030100000000009500000000000000bc26000000000000bf67000000000000070300000fff07006702000003000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586162c17600674290ca9d8d6413b8199e34f67ceaaa78710f9f8aba4765c91382f497585ca39c595b21afa6bce62b5ab0d44e9c32ad6f0349d92962a58d39494a19a9183362382792ac85578d3de07b7e155cf4ee5e3dd51212d2831bd8e2655b2fbd88791e4c66c832a774919b28b8a62711f0f156e636804e1d3f44a5ff3d63a3a51f0c7ec0c8c25e072194ddd83aa155a537e15c0d91f502deef03f83e826718705c9aef9613ac4a325a428d147c1749196e94226671fd9573ab0d079d44b13b56f793e98ab571c58e98e022f18a3be3f318e0690fff93f44f22473dc8004fc758218349bd3f0516a72a7ea913bfa7603063ed3118b2d680cbc"], &(0x7f0000000100)='GPL\x00'}, 0x48)

2m33.972379458s ago: executing program 3 (id=3084):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/pid_for_children\x00')
unshare(0x6a040000)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a40)=ANY=[@ANYBLOB="b70200000d000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a7fb0a93d035f2f206d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d7be3e8c254a5cba117cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e6a9f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d996d60a17e3c184b751c51160100000000000080148b9a31ee8dc8b544f3c4a532e60a0ac346dfebd31a08060000000200000000000000334d83239dd20100008000000000d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08a406f99f7b1e1ad828267d4eadd3964663e085354133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0183babc190ae2ebf8aad34732181feb28cb0bae7c34dc5e7c805210600000000000000c3dec04b25df45d4f71ab158c36657b7218baa07a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d01776839b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4e6068f1bf710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2b2ff7f9a7d365e63845f3e1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000010000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edef8ba72205beff7771bcb293747b88486cacee403000000a2919a4b09e168e4e4d5ff2ed893f2e314679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289c2f884d0766cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2efce676a93110904d5e055af44664b53c764d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976694b6a0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d201721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e671282a2d3066ac968c7d7d7db195f255b1b4a85eb9ee0a3b68c9e209756623adf685dd715d68ed1274b4d5502f512493af8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b2c16bd94d2da66059de81abfa15eeeae3b0ba38d8bb1bf032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f5533d3c58104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7866f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be2"], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000380)="4094224836e4fb0ba03cba32e511d6", 0x0, 0x804, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

2m33.847724628s ago: executing program 0 (id=3086):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x17c, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}}, [@tmpl={0xc4, 0x5, [{{@in=@loopback, 0x0, 0x3c}, 0x0, @in=@broadcast}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x44}, 0x0, 0x33}, 0x0, @in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x0, 0x3}, {{@in6=@loopback, 0x0, 0x6c}, 0x0, @in=@rand_addr=0x64010100, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x10000000}]}]}, 0x17c}}, 0x0)

2m27.987786442s ago: executing program 4 (id=3100):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030000007f03e3e7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00121000a6400d0c0c00bdad446b9bbc7a46e3988285dcdf12f21308f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)

2m27.716082013s ago: executing program 4 (id=3102):
bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48)
syz_init_net_socket$ax25(0x3, 0x2, 0xc3)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x640100ff, 0x4e22, 0x3, 'ovf\x00', 0x1, 0x10000b7e, 0x70}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x0, 0x8, 0x77}, {@remote, 0x4e20, 0x1, 0xcd}}, 0x44)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r3, &(0x7f0000000100)={{0x3, @default, 0x3}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r4 = socket$inet(0x2, 0x80000, 0x1103)
setsockopt$inet_int(r4, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@netrom={'nr', 0x0}, 0x10)
ioctl$sock_netdev_private(r5, 0x8914, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="01000000000046c8db000c0e49a4715a960000fd09000084000000052300008cbbc7e4acf3ba1399471601feb581d6df3975fd6d0756892da258b3721332eb26de5d20b1a1412601a8ef36db2a4c3a591bf3e70856e5787753c669ad654ff417c7933e1670f6a1fe6bdf596cb668f5151d53e34736955ab0e4918bd8ba0130e430b490b2ee7489ed675a9f26a716a68f3154abc34c29ffec75e1bab6dc2fd8233b3b118ba68a7dd39c95459b7e6b33008a8592d81b2485f6ec62941540fce502677f0a83342d7dacd99f48bbb7374348235f67c875364207bb807265d25ebfe77ec0a8e560c77071ca92af3488d7156eaddf885816982b41d34a650e61804343", @ANYRES32, @ANYRES8=r0], 0x50)
syz_open_procfs$namespace(0x0, &(0x7f0000000080)='ns/ipc\x00')

2m18.61120788s ago: executing program 32 (id=3084):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/pid_for_children\x00')
unshare(0x6a040000)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000a40)=ANY=[@ANYBLOB="b70200000d000000bfa300000000000005000000000000007a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065060400010000050404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf27fb6d2c643db7e2d5fb4b0936cdf827fb43a431ca711fcd0cdfa146ed3d09a6175037958e27106e225b7937f02008b5e5a076d83923dd29c034055b67d5b310efcfa89147a7fb0a93d035f2f206d2ef831ab7ea0c34f17e3ad6eecbb622003b538dfd8e012e79578e51bc53099e90f4580d7be3e8c254a5cba117cbdb9cd38bdb2ca8e050000003a14817ac61e4dd11183a13477bf7e060e3670ef0e6a9f65f1328d6704902cbe7bc04b82d2789cb132b8667c214733a18c8b6619f28d996d60a17e3c184b751c51160100000000000080148b9a31ee8dc8b544f3c4a532e60a0ac346dfebd31a08060000000200000000000000334d83239dd20100008000000000d858e8327ef01fb6c86acac12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e957bc73ddc4eabba08a406f99f7b1e1ad828267d4eadd3964663e085354133f7130856f756436303767d2e24f29e5dad9796edb697a6ea0183babc190ae2ebf8aad34732181feb28cb0bae7c34dc5e7c805210600000000000000c3dec04b25df45d4f71ab158c36657b7218baa07a99bd50499ccc421ace5e845885efb5b9964e4beba3da8223fe5308e4e65ee93e107000000f8ddebf70132a4d01776839b8eccf707882042e716df9b57b290c661d4e85031086197bcc5cb0e221a0c34323c129102b6ff0100002e88a1940b3c02ed9c92d6f64b1282dc51bb0015982730711c599e1c72ffa11ed8be1a6830d7507005154c46bd3ca96318c570f0721fc7aa2a5836ba99fe1f86468694f22cdf550ef091a78098534f0d973059594119d06d5ea9a8d0857382ec6e2a071474cfc12346e47ad97f4ead7cf70a9d1cdac944779dc08a705414888700a30e2366c6a06b3367a389ca39059787790017b0689a173db9c24db65c1e00015c1d093dab18fd0699fe3304000000323e9c7080397bc49d70c060d57bc88fbe3bbaa058b040362ab926150363fb099408885afc2bf9a46a076b7babfcddeff8c35030669ea69f5e4be1b8e0d6697e97186f9ae97d5670dba6623279f73db9dec75070cd9ab0fda6b069ef6d2857ca3e4e6068f1bf710d133d541da86e0477e4a6cc999dc21c3ef408e6b178e7c9f274d7fafc8d757d33dfa35aa2b2ff7f9a7d365e63845f3e1092f8dde8af3904ea0f4b82649b83ed4fa0f873339c4cadecc13219ba7518aa4f7db34ead13484742067ab743c1d82a5687f2ed690000010000000000000000000000000000000000000099d4fa0000000000003f0ecdc7c82e72919c91d2039afe17e95edef8ba72205beff7771bcb293747b88486cacee403000000a2919a4b09e168e4e4d5ff2ed893f2e314679fa69fc7e0cf761f918725704a01c56009a9f748e5aaf30a10bd8c409b1870c1f75e26b45264e3d3f8e0048e55ae289c2f884d0766cddc76eb7f601110ff39053c262279f4ef00fbdb8c328615a9ec84f27a9f3938ae736138b8c1ec220c1540bf3d162dc1c27fa30f0dc60b9f257db5d1c7ed2efce676a93110904d5e055af44664b53c764d61443f73552195c7ccfbf9f03c44432eaa3b7501d4239354da8de21eada75d3a3afb2c76ff0700007976694b6a0f0e946766f57544ff52cef0dd811bec4e3c0a30f2d7d19d26d201721b8eded3bc475958dd498ee2b2d6146e33fc0de1dc2e0516ac565ddb1d4ae89e671282a2d3066ac968c7d7d7db195f255b1b4a85eb9ee0a3b68c9e209756623adf685dd715d68ed1274b4d5502f512493af8f98c615cac3666c58f785c3f758be352a71871d5c081197d37980e4f4e26b5476fb20407ff7098b7174bef66fa03a99b5c0c20b378065fac4ef9ac2d0d804b9400000060e5d3f1749f6aecf69ba83a71caa9bdddc679f1b826f74b6563a4be1fd82b73c8c2bc65f63982b951fb058fd3c7b6341c4580376b2c16bd94d2da66059de81abfa15eeeae3b0ba38d8bb1bf032c73f1285e21fff5a1d138e061b1dc7bbda199b5fab8e0719e9cd69b47dcb52b0be6a3a73afdf328132e1d4f21065716be0c53a23940d07188b015fa341dbc92231c8b5e5717eac184f46c9f61b69f55cd2231bcf821052429a1f250e8b734be0605a15f25923d599544b319319ff0a32621019347df460a098119a6f47eb1bac47946d7a009cbc6ec74c19a93cc7c7138b28c95270116181fd5f5533d3c58104d2ad0e10d3663488e664401453f22f0d76d2162635365258af61ae1f46f4a7866f302d91e3f7c2781f602220522e84602a939a8d5e4137ae31ccd397404dc72e06715a6503d4d865182803ee6725da7293b23daeebefd6fce7411c9624a7e8d5ba5a13e1c32adc4f3274497c6882a72475e4280a4d9a47c003c6ed3071330c58145be813a10788a720a6b5a498ca2b42496c479a0a71e2f6f9bad8c84bc6be2"], &(0x7f0000000340)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0xf, 0x0, &(0x7f0000000380)="4094224836e4fb0ba03cba32e511d6", 0x0, 0x804, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

2m15.350921301s ago: executing program 4 (id=3116):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='\n\x00\x00\x00\v\x00\x00\x00B\x00\x00\x00>\x00\x00\x00B\x00\x00\x00', @ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, 0x0, &(0x7f0000000180)}, 0x20)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x2000c015}, 0x2404c8c0)
pipe(&(0x7f0000000540)={<r2=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000580)={0x0, 0x7fffffff}, &(0x7f00000005c0)=0x8)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0xd, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x7f, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xe, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41100, 0x39, '\x00', 0x0, @sk_skb=0x4, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0xa, 0x200008, 0x5, 0x1ffff}, 0x10, 0x0, r4, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r3], 0x4c}}, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
unshare(0x400)
r6 = epoll_create1(0x0)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r6, 0x1, r7, &(0x7f0000000100)={0xa000000d})
sendmsg$nl_route(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x6293a, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x40845}, 0x4000000)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_PKTINFO(r8, 0x10e, 0x3, &(0x7f0000000000)=0x10, 0x4)
r9 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r9, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r9, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000200)=[@rdma_args={0x48, 0x114, 0x1, {{}, {0x0}, 0x0}}], 0x48}, 0x0)

2m13.407282063s ago: executing program 4 (id=3118):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0xffffffffffffffdd, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)

2m11.414808521s ago: executing program 4 (id=3119):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/cgroup\x00')
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000140)="240000005a001f001007f4d655c63589ce9e04020800038005000000ffc8bbb86ec81ffd", 0x24)

2m10.528353789s ago: executing program 4 (id=3123):
bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48)
syz_init_net_socket$ax25(0x3, 0x2, 0xc3)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x640100ff, 0x4e22, 0x3, 'ovf\x00', 0x1, 0x10000b7e, 0x70}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x0, 0x8, 0x77}, {@remote, 0x4e20, 0x1, 0xcd}}, 0x44)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r3, &(0x7f0000000100)={{0x3, @default, 0x3}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r4 = socket$inet(0x2, 0x80000, 0x1103)
setsockopt$inet_int(r4, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@netrom={'nr', 0x0}, 0x10)
ioctl$sock_netdev_private(r5, 0x8914, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="01000000000046c8db000c0e49a4715a960000fd09000084000000052300008cbbc7e4acf3ba1399471601feb581d6df3975fd6d0756892da258b3721332eb26de5d20b1a1412601a8ef36db2a4c3a591bf3e70856e5787753c669ad654ff417c7933e1670f6a1fe6bdf596cb668f5151d53e34736955ab0e4918bd8ba0130e430b490b2ee7489ed675a9f26a716a68f3154abc34c29ffec75e1bab6dc2fd8233b3b118ba68a7dd39c95459b7e6b33008a8592d81b2485f6ec62941540fce502677f0a83342d7dacd99f48bbb7374348235f67c875364207bb807265d25ebfe77ec0a8e560c77071ca92af3488d7156eaddf885816982b41d34a650e61804343", @ANYRES32, @ANYRES8=r0], 0x50)

1m54.735436634s ago: executing program 33 (id=3123):
bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e000000000000000500"], 0x48)
syz_init_net_socket$ax25(0x3, 0x2, 0xc3)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000040)={0x84, @rand_addr=0x640100ff, 0x4e22, 0x3, 'ovf\x00', 0x1, 0x10000b7e, 0x70}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @private=0xa010102, 0x4e21, 0x3, 'lc\x00', 0x0, 0x8, 0x77}, {@remote, 0x4e20, 0x1, 0xcd}}, 0x44)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r3, &(0x7f0000000100)={{0x3, @default, 0x3}, [@null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r4 = socket$inet(0x2, 0x80000, 0x1103)
setsockopt$inet_int(r4, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@netrom={'nr', 0x0}, 0x10)
ioctl$sock_netdev_private(r5, 0x8914, &(0x7f0000000000))
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="01000000000046c8db000c0e49a4715a960000fd09000084000000052300008cbbc7e4acf3ba1399471601feb581d6df3975fd6d0756892da258b3721332eb26de5d20b1a1412601a8ef36db2a4c3a591bf3e70856e5787753c669ad654ff417c7933e1670f6a1fe6bdf596cb668f5151d53e34736955ab0e4918bd8ba0130e430b490b2ee7489ed675a9f26a716a68f3154abc34c29ffec75e1bab6dc2fd8233b3b118ba68a7dd39c95459b7e6b33008a8592d81b2485f6ec62941540fce502677f0a83342d7dacd99f48bbb7374348235f67c875364207bb807265d25ebfe77ec0a8e560c77071ca92af3488d7156eaddf885816982b41d34a650e61804343", @ANYRES32, @ANYRES8=r0], 0x50)

17.711027297s ago: executing program 1 (id=3245):
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'lo\x00'})
socket$nl_route(0x10, 0x3, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(0xffffffffffffffff, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000000)=0x8, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000240)={0xa, 0x0, 0x0, @dev, 0x80004}, 0x1c)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x0)

17.587514164s ago: executing program 1 (id=3246):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r4, 0x4058534c, &(0x7f00000000c0)={0x80, 0x0, {0x3}})
tkill(0x0, 0x7)
r5 = socket(0xa, 0x3, 0xff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r6, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x4, 0x600, 0x1}}, 0x20)
sendmmsg$inet6(r5, &(0x7f0000000740)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000040)="5e546507da932c3e8c628a600b17cbe584d2f93ce23f60e91af3fbcf0e16db6e759d420151c6c575", 0x77}], 0x1}}], 0x1, 0x4046040)

16.089441922s ago: executing program 1 (id=3248):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000000b00)=ANY=[@ANYBLOB="850000002a00000025000000000000009500000000000000afcd48d6493790710000000000080000b2c6161dba392176dd2963038e1d69ba7ea94c500dc4ef2fad96ed406f21caf5adcf920569c00cc1199684fa7c93836d9ea2cfb0e60436e05425cc4686b066707de94a4f4d5fc79c987d669f381faca0f9d9924be41a9169bdfaf16da915b2e249f21c6eee84309e7a23c19a394830f2539fcb4e0b6eab1aa7d55545a34effa077faa55c59e88254f54077f799bf168301000000bfb1c0e6b1244d35b213bda84cc172afcc2e47a7d8b85a5e3d77ac463920e231b7ae0da8616d2b7958f91f5da6c025d060ab186d94af98af1da2b5952eb15855933a212304e035f7a35dfc72c81256a55a25f8fe3b28d7e53c78fbb888b0255f347160ec83070000000000004015cf10453f6c0b973b81a484ebad04859d928365a7ea3fab2e4b380a00d72bc0480f94479757306720399379d9271cf555c14d56b51c2298237bebfc08e0d5976a942b844139f1111f2dc5e46ac1c60a"], 0x0, 0x5}, 0x94)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030033000b35d25a806c8c6f94f90324fc60100005000a000200053582c137153e37000c", 0x26}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3, 0x0, &(0x7f0000000c40)=[{0x0, 0x4, 0x4}, {0x0, 0x1000, 0x3}, {0x0, 0x4}]}, 0x94)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000d40)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=ANY=[@ANYRES32=0x0, @ANYBLOB="ac1414aa00000000000000001400000000000018000000000200000000000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="7f0000017f00000a0000000800"/28, @ANYRES32, @ANYBLOB="7f000001ac141400000000011c0e0000000000000000000007006fc946f1f569c01801"], 0x230}, 0x0)
openat$cgroup_netprio_ifpriomap(0xffffffffffffffff, &(0x7f0000000040), 0x2, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000720000001801"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33)

11.584716786s ago: executing program 1 (id=3249):
bpf$MAP_LOOKUP_ELEM(0x2, &(0x7f0000001740)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
sched_getscheduler(r0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6(0xa, 0x80002, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)

7.596235782s ago: executing program 1 (id=3253):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)=@newtfilter={0x34, 0x2c, 0xd3f, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0xb, 0xfff3}, {}, {0x7, 0x300}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
setsockopt$XDP_UMEM_FILL_RING(0xffffffffffffffff, 0x11b, 0x5, &(0x7f0000000040)=0x110460, 0x4)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000440)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(twofish)\x00'}, 0x58)
mmap$xdp(&(0x7f00000a6000/0x4000)=nil, 0x4000, 0x200000d, 0x11, 0xffffffffffffffff, 0x100000000)
close(0x3)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0)

5.430763782s ago: executing program 2 (id=3254):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, 0x0}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpu.stat\x00', 0x26e1, 0x0)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r4 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r4, 0x1, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$vcsu(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0xc4642, 0x1eb)
writev(r6, 0x0, 0x0)
close(r1)
ioctl$KVM_CAP_VM_TYPES(r6, 0x4068aea3, &(0x7f0000000080)={0xeb, 0x0, 0x8})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001dc0))

3.892258139s ago: executing program 2 (id=3255):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64"], 0x3c}}, 0x0)
r4 = socket(0x10, 0x803, 0x4)
sendmsg$IPVS_CMD_SET_INFO(r4, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r4, &(0x7f0000000340)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x80, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3f00}, [@IFLA_MASTER={0x8, 0xa, r5}, @IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x40000)

2.484172671s ago: executing program 2 (id=3256):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
landlock_create_ruleset(&(0x7f0000000080)={0x8000}, 0x18, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f00000003c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(0x0, 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, 0x0, 0x0, r0)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = getpgrp(0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x2, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'veth0\x00', <r7=>0x0})
setsockopt$packet_int(r2, 0x107, 0x14, &(0x7f0000000180)=0x19ca, 0x4)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0xf3f, 0x4)
sendto$packet(r2, &(0x7f00000000c0)="3f03fe7feee8140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c153cfdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r7, 0x1, 0x0, 0x6, @multicast}, 0x14)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)

1.032265345s ago: executing program 2 (id=3257):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000100001"], 0x7c}, 0x1, 0x0, 0x0, 0xc4}, 0x890)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendto(0xffffffffffffffff, &(0x7f0000000740)="1200000012", 0x5, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000037c0)=[{{0x0, 0x0, &(0x7f0000000380)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000400)=""/106, 0x6a}], 0x4}}], 0x1, 0x0, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

181.21453ms ago: executing program 2 (id=3258):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, 0x0, 0x0)
connect$inet6(r1, &(0x7f0000000080)={0xa, 0xfffa, 0x0, @loopback, 0x2}, 0x1c)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
close(0xffffffffffffffff)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x34, r2, 0x1, 0x1070bd2c, 0x4, {0x5}, [@L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)

179.937229ms ago: executing program 2 (id=3259):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$ndb(&(0x7f0000003b80), 0x0, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x13f, 0x1}}, 0x20)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$6lowpan_control(r4, &(0x7f0000000140)='disconnect aa:aa:aa:aa:aa:11 1', 0x16)
socket$kcm(0x29, 0x5, 0x0)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16, @ANYBLOB="0100000e0001006e6574021d03ef696d0000000f0006006e657464657673696d300000c88882003c6c325fb926da57c2d304d6ebd79e0f0de2f3633b8a4021a518d000ed0400870000000000"], 0x4c}}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001080)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000002000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000003bc0)={'\x00', 0xbe4f, 0x0, 0x7, 0x9, 0xed8})
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
add_key$fscrypt_v1(0x0, &(0x7f0000000140)={'fscrypt:', @desc2}, &(0x7f0000000180)={0x0, "34fa8f263bcc16a6f423a1b5cdd0a77ab84e2c3504c9405a14cbff940f2aa75db1473267ae0574391894a3836a00b6f9fa4eb2678a8cb1010904425fe63df6ba", 0x19}, 0x48, 0xfffffffffffffffe)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
r8 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r7, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r8, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x20}}, 0x2}}, 0x2e)
r9 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r10, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x1c, r9, 0x1, 0x1070bd2c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)
sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000170900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}}, 0x2000c450)
sendmsg$NFT_BATCH(r6, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000040)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x30, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x4}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xe}}}, 0x58}, 0x1, 0x0, 0x0, 0x4000850}, 0x0)

0s ago: executing program 1 (id=3260):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000540)=ANY=[@ANYBLOB="120100009f187620ef170372362e010203010902240001000010000904bc00029e8833000905020200020200000905820220"], 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f00000029c0)={0x2c, &(0x7f0000000080)=ANY=[@ANYBLOB="200302"], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000002640)={0x44, &(0x7f0000002400)={0x20, 0xe, 0x2, "02cf"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000a80)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)={0x40, 0xb, 0x2, "31fb"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000000)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

kernel console output (not intermixed with test programs):

][ T5962] usb 5-1: USB disconnect, device number 12
[  406.416168][T11704] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2125'.
[  406.873831][T11727] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.2133'.
[  407.531612][ T5876] usb 2-1: USB disconnect, device number 14
[  407.746855][T11742] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2137'.
[  408.001716][T11750] vlan2: entered promiscuous mode
[  408.231622][T11754] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  408.242162][T11754] syzkaller0: entered promiscuous mode
[  408.242187][T11754] syzkaller0: entered allmulticast mode
[  408.396535][T11757] tipc: Resetting bearer <eth:syzkaller0>
[  408.584570][ T5889] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  408.744414][ T5889] usb 5-1: Using ep0 maxpacket: 32
[  408.747846][ T5889] usb 5-1: config 0 has an invalid interface number: 188 but max is 0
[  408.747873][ T5889] usb 5-1: config 0 has no interface number 0
[  408.747922][ T5889] usb 5-1: config 0 interface 188 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  408.750709][ T5889] usb 5-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  408.750738][ T5889] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.750759][ T5889] usb 5-1: Product: syz
[  408.750774][ T5889] usb 5-1: Manufacturer: syz
[  408.750788][ T5889] usb 5-1: SerialNumber: syz
[  408.806532][ T5889] usb 5-1: config 0 descriptor??
[  408.851856][ T5889] asix 5-1:0.188: probe with driver asix failed with error -22
[  408.965606][T11753] tipc: Resetting bearer <eth:syzkaller0>
[  408.966288][T11776] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2152'.
[  409.130021][T11753] tipc: Disabling bearer <eth:syzkaller0>
[  409.362089][T11766] lo speed is unknown, defaulting to 1000
[  409.448863][T11785] netlink: 'syz.1.2155': attribute type 2 has an invalid length.
[  410.332197][ T5962] usb 5-1: USB disconnect, device number 13
[  412.553147][T11817] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2164'.
[  412.664313][T11816] syzkaller0: entered promiscuous mode
[  412.664340][T11816] syzkaller0: entered allmulticast mode
[  414.082579][T11852] netlink: 'syz.0.2173': attribute type 2 has an invalid length.
[  414.793493][T11856] vlan2: entered promiscuous mode
[  415.022745][T11845] lo speed is unknown, defaulting to 1000
[  415.025325][T11862] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2176'.
[  415.174160][T11864] syzkaller0: entered promiscuous mode
[  415.174188][T11864] syzkaller0: entered allmulticast mode
[  415.394099][T11842] lo speed is unknown, defaulting to 1000
[  416.590603][T11899] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2189'.
[  416.882932][T11901] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  416.882963][T11901] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  416.945577][T11905] syzkaller0: entered promiscuous mode
[  416.945600][T11905] syzkaller0: entered allmulticast mode
[  417.472894][T11901] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  417.472930][T11901] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  417.833746][T11901] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  417.833798][T11901] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.052438][T11901] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  418.052469][T11901] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  418.110993][T11928] bond2: (slave bridge5): Enslaving as an active interface with an up link
[  418.221490][T11935] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2203'.
[  418.247294][T11938] netlink: 'syz.3.2204': attribute type 4 has an invalid length.
[  418.268567][ T3684] netdevsim netdevsim2 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  418.268605][ T3684] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  418.326108][ T3684] netdevsim netdevsim2 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  418.326145][ T3684] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  418.408502][ T3684] netdevsim netdevsim2 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  418.408552][ T3684] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  418.421091][T11940] netlink: 'syz.4.2205': attribute type 39 has an invalid length.
[  418.471540][ T3684] netdevsim netdevsim2 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  418.471576][ T3684] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  418.575903][T11945] syzkaller0: entered promiscuous mode
[  418.575933][T11945] syzkaller0: entered allmulticast mode
[  419.069385][ T5961] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  419.219337][ T5961] usb 1-1: Using ep0 maxpacket: 32
[  419.221458][ T5961] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  419.221486][ T5961] usb 1-1: config 0 has no interface number 0
[  419.221537][ T5961] usb 1-1: config 0 interface 184 has no altsetting 0
[  419.255743][ T5961] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  419.255774][ T5961] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.255794][ T5961] usb 1-1: Product: syz
[  419.255808][ T5961] usb 1-1: Manufacturer: syz
[  419.255822][ T5961] usb 1-1: SerialNumber: syz
[  419.292370][ T5961] usb 1-1: config 0 descriptor??
[  419.307146][ T5961] smsc75xx v1.0.0
[  419.419265][T11974] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  419.420466][T11974] syzkaller0: entered promiscuous mode
[  419.420490][T11974] syzkaller0: entered allmulticast mode
[  419.563067][T11974] tipc: Resetting bearer <eth:syzkaller0>
[  419.640982][T11973] tipc: Resetting bearer <eth:syzkaller0>
[  419.798561][T11973] tipc: Disabling bearer <eth:syzkaller0>
[  419.904081][ T5961] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  419.904119][ T5961] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  420.119313][T11991] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.2227'.
[  420.163258][T11989] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  420.364521][T11989] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  420.371355][T11997] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2230'.
[  420.371377][T11997] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2230'.
[  420.448758][T11997] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2230'.
[  420.448784][T11997] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2230'.
[  420.512502][ T5961] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -61
[  420.512886][ T5961] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -61
[  420.512911][ T5961] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -61
[  420.513203][ T5961] smsc75xx 1-1:0.184: probe with driver smsc75xx failed with error -61
[  420.580330][T11989] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  420.718939][ T5876] usb 1-1: USB disconnect, device number 19
[  421.001355][T11989] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  421.241008][T12013] netlink: 55631 bytes leftover after parsing attributes in process `syz.1.2238'.
[  421.535757][T12019] bond2: (slave bridge6): Enslaving as an active interface with an up link
[  421.566664][T12015] input: syz1 as /devices/virtual/input/input36
[  421.829622][T12022] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2241'.
[  421.829644][T12022] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2241'.
[  421.829794][T12022] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2241'.
[  422.533900][   T68] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  423.284152][T12045] __nla_validate_parse: 1 callbacks suppressed
[  423.284172][T12045] netlink: 55631 bytes leftover after parsing attributes in process `syz.2.2249'.
[  423.311944][   T68] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  423.413669][ T6118] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  423.475835][ T3684] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  423.746992][ T5876] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  423.878686][T12057] netlink: 'syz.1.2252': attribute type 3 has an invalid length.
[  423.878711][T12057] netlink: 3 bytes leftover after parsing attributes in process `syz.1.2252'.
[  423.896962][ T5876] usb 3-1: Using ep0 maxpacket: 32
[  423.899892][ T5876] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  423.899919][ T5876] usb 3-1: config 0 has no interface number 0
[  423.900013][ T5876] usb 3-1: config 0 interface 184 has no altsetting 0
[  423.946450][ T5876] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  423.946484][ T5876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.946499][ T5876] usb 3-1: Product: syz
[  423.946510][ T5876] usb 3-1: Manufacturer: syz
[  423.946521][ T5876] usb 3-1: SerialNumber: syz
[  423.963643][ T5876] usb 3-1: config 0 descriptor??
[  424.008420][ T5876] smsc75xx v1.0.0
[  424.316865][ T5961] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  424.475195][ T5961] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  424.484616][ T5961] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  424.484643][ T5961] usb 2-1: config 0 has no interfaces?
[  424.486170][ T5961] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  424.486203][ T5961] usb 2-1: config 0 has no interfaces?
[  424.506525][ T5962] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  424.526199][ T5961] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  424.526227][ T5961] usb 2-1: config 0 has no interfaces?
[  424.543903][ T5961] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  424.543931][ T5961] usb 2-1: config 0 has no interfaces?
[  424.552445][ T5961] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  424.552475][ T5961] usb 2-1: config 0 has no interfaces?
[  424.580274][ T5961] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  424.580313][ T5961] usb 2-1: config 0 has no interfaces?
[  424.583423][ T5961] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  424.583447][ T5961] usb 2-1: config 0 has no interfaces?
[  424.617912][ T5961] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  424.617939][ T5961] usb 2-1: config 0 has no interfaces?
[  424.618560][ T5876] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  424.618589][ T5876] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  424.626168][ T5961] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  424.626196][ T5961] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  424.626224][ T5961] usb 2-1: Product: syz
[  424.626239][ T5961] usb 2-1: Manufacturer: syz
[  424.626254][ T5961] usb 2-1: SerialNumber: syz
[  424.656428][ T5962] usb 5-1: Using ep0 maxpacket: 32
[  424.662652][ T5962] usb 5-1: config 0 has an invalid interface number: 188 but max is 0
[  424.662681][ T5962] usb 5-1: config 0 has no interface number 0
[  424.662731][ T5962] usb 5-1: config 0 interface 188 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  424.662756][ T5962] usb 5-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  424.688986][ T5962] usb 5-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  424.689027][ T5962] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.689068][ T5962] usb 5-1: Product: syz
[  424.689084][ T5962] usb 5-1: Manufacturer: syz
[  424.689100][ T5962] usb 5-1: SerialNumber: syz
[  424.771471][ T5962] usb 5-1: config 0 descriptor??
[  424.775379][ T5961] usb 2-1: config 0 descriptor??
[  424.790974][ T5962] asix 5-1:0.188: probe with driver asix failed with error -22
[  425.112322][   T10] usb 2-1: USB disconnect, device number 15
[  425.228305][ T5876] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -61
[  425.228330][ T5876] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -61
[  425.228345][ T5876] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -61
[  425.228544][ T5876] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -61
[  425.341078][T12085] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  425.342166][T12085] syzkaller0: entered promiscuous mode
[  425.342202][T12085] syzkaller0: entered allmulticast mode
[  425.445749][   T10] usb 3-1: USB disconnect, device number 20
[  425.461495][T12088] tipc: Resetting bearer <eth:syzkaller0>
[  425.506337][T12084] tipc: Resetting bearer <eth:syzkaller0>
[  425.626684][T12084] tipc: Disabling bearer <eth:syzkaller0>
[  425.704662][   T10] usb 5-1: USB disconnect, device number 14
[  425.907948][T12102] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2267'.
[  426.555632][ T5876] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  426.722311][ T5876] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  426.729460][T12126] tipc: Started in network mode
[  426.729520][T12126] tipc: Node identity 0a7c507ad2d8, cluster identity 4711
[  426.739823][ T5876] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  426.739928][ T5876] usb 5-1: config 0 has no interfaces?
[  426.742428][ T5876] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  426.742456][ T5876] usb 5-1: config 0 has no interfaces?
[  426.795627][ T5876] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  426.795655][ T5876] usb 5-1: config 0 has no interfaces?
[  426.800480][ T5876] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  426.800504][ T5876] usb 5-1: config 0 has no interfaces?
[  426.803287][ T5876] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  426.803304][ T5876] usb 5-1: config 0 has no interfaces?
[  426.828249][T12126] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  426.837528][ T5876] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  426.837595][ T5876] usb 5-1: config 0 has no interfaces?
[  426.875837][ T5876] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  426.875909][ T5876] usb 5-1: config 0 has no interfaces?
[  426.894254][ T5876] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  426.894281][ T5876] usb 5-1: config 0 has no interfaces?
[  426.898898][T12127] syzkaller0: entered promiscuous mode
[  426.900298][T12127] syzkaller0: entered allmulticast mode
[  426.923648][ T5876] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  426.923680][ T5876] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  426.923696][ T5876] usb 5-1: Product: syz
[  426.923707][ T5876] usb 5-1: Manufacturer: syz
[  426.923717][ T5876] usb 5-1: SerialNumber: syz
[  426.971614][T12126] tipc: Resetting bearer <eth:syzkaller0>
[  427.003631][ T5876] usb 5-1: config 0 descriptor??
[  427.076419][T12123] tipc: Resetting bearer <eth:syzkaller0>
[  427.153832][T12131] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2279'.
[  427.175940][T12123] tipc: Disabling bearer <eth:syzkaller0>
[  427.316941][ T5961] usb 5-1: USB disconnect, device number 15
[  427.393918][T12136] bond1: (slave macvlan7): Error -98 calling set_mac_address
[  427.458770][T12140] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2282'.
[  428.517517][T12173] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.2293'.
[  428.628596][T12177] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2297'.
[  428.628622][T12177] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2297'.
[  428.628802][T12177] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2297'.
[  428.628820][T12177] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2297'.
[  428.934364][ T5961] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  428.982288][T12166] lo speed is unknown, defaulting to 1000
[  429.085295][ T5961] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  429.086640][ T5961] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  429.086663][ T5961] usb 3-1: config 0 has no interfaces?
[  429.088007][ T5961] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  429.088029][ T5961] usb 3-1: config 0 has no interfaces?
[  429.089329][ T5961] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  429.089354][ T5961] usb 3-1: config 0 has no interfaces?
[  429.090755][ T5961] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  429.090779][ T5961] usb 3-1: config 0 has no interfaces?
[  429.092168][ T5961] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  429.092191][ T5961] usb 3-1: config 0 has no interfaces?
[  429.093389][ T5961] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  429.093412][ T5961] usb 3-1: config 0 has no interfaces?
[  429.197589][ T5961] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  429.197617][ T5961] usb 3-1: config 0 has no interfaces?
[  429.201479][ T5961] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  429.201506][ T5961] usb 3-1: config 0 has no interfaces?
[  429.235943][ T5961] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  429.235974][ T5961] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  429.235995][ T5961] usb 3-1: Product: syz
[  429.236010][ T5961] usb 3-1: Manufacturer: syz
[  429.236025][ T5961] usb 3-1: SerialNumber: syz
[  429.241412][ T5961] usb 3-1: config 0 descriptor??
[  429.419635][T12201] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.2306'.
[  429.575859][ T5876] usb 3-1: USB disconnect, device number 21
[  430.525033][T12231] netlink: 1688 bytes leftover after parsing attributes in process `syz.2.2316'.
[  430.750668][T12236] netlink: 'syz.4.2317': attribute type 3 has an invalid length.
[  430.750691][T12236] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2317'.
[  431.095073][T12219] lo speed is unknown, defaulting to 1000
[  431.827605][T12274] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2331'.
[  432.496528][T12294] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  432.497665][T12294] syzkaller0: entered promiscuous mode
[  432.497691][T12294] syzkaller0: entered allmulticast mode
[  432.842634][T12299] tipc: Resetting bearer <eth:syzkaller0>
[  433.075274][T12299] tipc: Disabling bearer <eth:syzkaller0>
[  433.239318][T12321] netlink: 'syz.0.2350': attribute type 1 has an invalid length.
[  433.408016][T12334] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.2355'.
[  433.469274][T12326] bond4: (slave bridge6): Enslaving as an active interface with an up link
[  433.641617][T12342] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  433.644921][T12342] syzkaller0: entered promiscuous mode
[  433.644977][T12342] syzkaller0: entered allmulticast mode
[  433.712827][T12342] tipc: Resetting bearer <eth:syzkaller0>
[  433.803417][T12340] tipc: Resetting bearer <eth:syzkaller0>
[  433.912649][T12340] tipc: Disabling bearer <eth:syzkaller0>
[  434.105390][T12357] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2363'.
[  434.454766][T12368] netlink: 'syz.2.2369': attribute type 1 has an invalid length.
[  434.513216][T12368] bond5: (slave bridge8): Enslaving as an active interface with an up link
[  434.647433][T12379] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2371'.
[  434.647458][T12379] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2371'.
[  434.647647][T12379] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2371'.
[  434.647663][T12379] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2371'.
[  435.030024][T12396] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  435.044813][T12396] syzkaller0: entered promiscuous mode
[  435.044842][T12396] syzkaller0: entered allmulticast mode
[  435.050767][T12396] tipc: Resetting bearer <eth:syzkaller0>
[  435.121555][T12395] tipc: Resetting bearer <eth:syzkaller0>
[  435.168510][T12402] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2380'.
[  435.360508][T12395] tipc: Disabling bearer <eth:syzkaller0>
[  435.412145][T12408] netlink: 'syz.4.2383': attribute type 1 has an invalid length.
[  435.900578][T12410] bond4: (slave bridge6): Enslaving as an active interface with an up link
[  436.451034][T12433] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2393'.
[  437.544921][T12446] netlink: 212348 bytes leftover after parsing attributes in process `syz.4.2399'.
[  437.545076][T12446] netlink: ct family unspecified
[  437.855320][T12452] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  437.862311][T12452] syzkaller0: entered promiscuous mode
[  437.862385][T12452] syzkaller0: entered allmulticast mode
[  437.894284][T12452] tipc: Resetting bearer <eth:syzkaller0>
[  438.110221][T12451] tipc: Resetting bearer <eth:syzkaller0>
[  438.414413][T12460] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2405'.
[  438.877113][T12451] tipc: Disabling bearer <eth:syzkaller0>
[  439.154254][T12471] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2409'.
[  440.369972][T12500] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  440.372630][T12500] syzkaller0: entered promiscuous mode
[  440.372655][T12500] syzkaller0: entered allmulticast mode
[  440.412336][T12500] tipc: Resetting bearer <eth:syzkaller0>
[  440.415400][T12503] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.2420'.
[  440.488997][T12499] tipc: Resetting bearer <eth:syzkaller0>
[  440.556249][T12394] Set syz1 is full, maxelem 65536 reached
[  440.670214][T12499] tipc: Disabling bearer <eth:syzkaller0>
[  440.899362][T12514] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2424'.
[  440.900488][T12514] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2424'.
[  441.433250][T12530] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.2431'.
[  441.576714][T12523] lo speed is unknown, defaulting to 1000
[  441.859235][T12541] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2436'.
[  442.037036][T12552] netlink: 'syz.2.2442': attribute type 4 has an invalid length.
[  442.058691][T12547] netlink: 61963 bytes leftover after parsing attributes in process `syz.0.2439'.
[  442.173791][T12558] netlink: 212348 bytes leftover after parsing attributes in process `syz.2.2444'.
[  442.410323][T12574] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2448'.
[  442.687534][ T5961] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  442.837603][ T5961] usb 4-1: Using ep0 maxpacket: 8
[  442.840227][ T5961] usb 4-1: config 152 has an invalid descriptor of length 0, skipping remainder of the config
[  442.840256][ T5961] usb 4-1: config 152 has 0 interfaces, different from the descriptor's value: 1
[  442.844542][ T5961] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  442.844573][ T5961] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  442.844595][ T5961] usb 4-1: Product: syz
[  442.844612][ T5961] usb 4-1: Manufacturer: syz
[  442.844628][ T5961] usb 4-1: SerialNumber: syz
[  443.325013][T12592] vlan2: entered promiscuous mode
[  443.375138][T12598] netlink: 212348 bytes leftover after parsing attributes in process `syz.2.2458'.
[  443.587073][ T5876] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  443.736901][ T5876] usb 2-1: Using ep0 maxpacket: 32
[  443.738912][ T5876] usb 2-1: config 0 has an invalid interface number: 188 but max is 0
[  443.738990][ T5876] usb 2-1: config 0 has no interface number 0
[  443.739058][ T5876] usb 2-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  443.742216][ T5876] usb 2-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  443.742238][ T5876] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  443.742252][ T5876] usb 2-1: Product: syz
[  443.742266][ T5876] usb 2-1: Manufacturer: syz
[  443.742277][ T5876] usb 2-1: SerialNumber: syz
[  443.808776][ T5876] usb 2-1: config 0 descriptor??
[  443.809842][T12595] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  444.015686][T12595] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  444.217371][ T5876] asix 2-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[  444.217562][ T5876] asix 2-1:0.188: probe with driver asix failed with error -32
[  445.113288][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  445.113387][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  445.388597][T12639] __nla_validate_parse: 8 callbacks suppressed
[  445.388613][T12639] netlink: 61963 bytes leftover after parsing attributes in process `syz.4.2472'.
[  445.520117][ T5889] usb 4-1: USB disconnect, device number 10
[  445.578961][T12645] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2474'.
[  445.643581][T12648] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  445.652844][T12648] syzkaller0: entered promiscuous mode
[  445.652869][T12648] syzkaller0: entered allmulticast mode
[  445.774624][T12648] tipc: Resetting bearer <eth:syzkaller0>
[  445.817923][T12646] tipc: Resetting bearer <eth:syzkaller0>
[  445.823728][T12664] netlink: 212348 bytes leftover after parsing attributes in process `syz.3.2481'.
[  445.966458][T12646] tipc: Disabling bearer <eth:syzkaller0>
[  446.336167][ T5961] usb 2-1: USB disconnect, device number 16
[  446.491328][T12680] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  446.492162][T12680] syzkaller0: entered promiscuous mode
[  446.492185][T12680] syzkaller0: entered allmulticast mode
[  446.631175][T12684] tipc: Resetting bearer <eth:syzkaller0>
[  446.700182][T12679] tipc: Resetting bearer <eth:syzkaller0>
[  446.836949][T12679] tipc: Disabling bearer <eth:syzkaller0>
[  447.006747][T12700] Set syz1 is full, maxelem 65536 reached
[  447.250465][T12710] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  447.295919][T12714] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2501'.
[  447.295953][T12714] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2501'.
[  447.296126][T12714] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2501'.
[  447.296142][T12714] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2501'.
[  447.437860][T12710] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  447.460703][T12724] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.2505'.
[  447.503787][T12717] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  447.514650][T12717] tipc: Resetting bearer <eth:syzkaller0>
[  447.636034][T12715] tipc: Disabling bearer <eth:syzkaller0>
[  447.812773][T12735] syzkaller0: entered promiscuous mode
[  447.812805][T12735] syzkaller0: entered allmulticast mode
[  447.859714][T12710] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  447.959951][T12742] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2508'.
[  448.170804][T12710] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  448.460224][ T1017] netdevsim netdevsim4 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  448.518846][ T1017] netdevsim netdevsim4 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  448.552013][ T1017] netdevsim netdevsim4 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  448.566093][T12759] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2515'.
[  448.586498][   T68] netdevsim netdevsim4 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  449.883220][T12814] netlink: 'syz.4.2538': attribute type 72 has an invalid length.
[  450.006472][T12817] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  450.007391][T12817] syzkaller0: entered promiscuous mode
[  450.007415][T12817] syzkaller0: entered allmulticast mode
[  450.184094][T12828] tipc: Resetting bearer <eth:syzkaller0>
[  450.243972][T12815] tipc: Resetting bearer <eth:syzkaller0>
[  450.364266][T12815] tipc: Disabling bearer <eth:syzkaller0>
[  450.618280][T12843] __nla_validate_parse: 15 callbacks suppressed
[  450.618301][T12843] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2548'.
[  450.653441][ T5876] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  450.803470][ T5876] usb 2-1: Using ep0 maxpacket: 32
[  450.808998][ T5876] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  450.809036][ T5876] usb 2-1: config 0 has no interface number 0
[  450.809086][ T5876] usb 2-1: config 0 interface 184 has no altsetting 0
[  450.842614][ T5876] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  450.842657][ T5876] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.842678][ T5876] usb 2-1: Product: syz
[  450.842694][ T5876] usb 2-1: Manufacturer: syz
[  450.842709][ T5876] usb 2-1: SerialNumber: syz
[  450.882259][T12857] netlink: 1752 bytes leftover after parsing attributes in process `syz.4.2552'.
[  450.893985][ T5876] usb 2-1: config 0 descriptor??
[  450.913461][ T5876] smsc75xx v1.0.0
[  450.918849][T12858] netlink: 'syz.2.2551': attribute type 39 has an invalid length.
[  451.159516][T12867] netlink: 48 bytes leftover after parsing attributes in process `syz.4.2557'.
[  451.512974][ T5876] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  451.513009][ T5876] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  451.659697][T12876] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2561'.
[  451.836151][T12880] netlink: 1752 bytes leftover after parsing attributes in process `syz.3.2563'.
[  452.131543][ T5876] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -61
[  452.131582][ T5876] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -61
[  452.131605][ T5876] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -61
[  452.131925][ T5876] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -61
[  452.324139][T12897] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  452.344955][  T918] usb 2-1: USB disconnect, device number 17
[  452.792122][T12921] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2573'.
[  452.813445][T12920] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2575'.
[  453.231744][T12930] misc userio: Invalid payload size
[  453.782043][T12937] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  453.845833][T12940] syzkaller0: entered promiscuous mode
[  453.845863][T12940] syzkaller0: entered allmulticast mode
[  454.152324][T12942] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  454.153548][T12950] syzkaller0: entered promiscuous mode
[  454.153574][T12950] syzkaller0: entered allmulticast mode
[  454.244277][T12960] tipc: Resetting bearer <eth:syzkaller0>
[  454.293278][T12941] tipc: Resetting bearer <eth:syzkaller0>
[  454.324679][T12965] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2586'.
[  454.432646][T12941] tipc: Disabling bearer <eth:syzkaller0>
[  454.460020][T12972] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2587'.
[  454.690051][T12983] netlink: 176 bytes leftover after parsing attributes in process `syz.3.2592'.
[  455.112981][T12984] misc userio: Invalid payload size
[  455.532546][T12991] syzkaller0: entered promiscuous mode
[  455.532573][T12991] syzkaller0: entered allmulticast mode
[  455.812122][T13013] __nla_validate_parse: 1 callbacks suppressed
[  455.812145][T13013] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2604'.
[  456.264875][T13023] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2605'.
[  456.313567][T13022] misc userio: Invalid payload size
[  456.540791][T13009] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  456.541076][T13011] syzkaller0: entered promiscuous mode
[  456.541092][T13011] syzkaller0: entered allmulticast mode
[  456.696003][T13011] tipc: Resetting bearer <eth:syzkaller0>
[  456.903023][T13011] tipc: Disabling bearer <eth:syzkaller0>
[  457.308721][T13051] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_tx_wq": -EINTR
[  457.712486][T13072] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  457.714826][T13072] syzkaller0: entered promiscuous mode
[  457.714852][T13072] syzkaller0: entered allmulticast mode
[  457.748751][T13074] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  457.749645][T13074] syzkaller0: entered promiscuous mode
[  457.749669][T13074] syzkaller0: entered allmulticast mode
[  457.994630][T13078] tipc: Resetting bearer <eth:syzkaller0>
[  458.039331][T13092] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2630'.
[  458.070084][T13071] tipc: Resetting bearer <eth:syzkaller0>
[  458.170350][T13071] tipc: Disabling bearer <eth:syzkaller0>
[  458.420120][T13080] tipc: Resetting bearer <eth:syzkaller0>
[  458.551952][T13080] tipc: Disabling bearer <eth:syzkaller0>
[  458.703192][T13105] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2633'.
[  459.581370][T13128] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2640'.
[  459.661245][T13131] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2641'.
[  459.730809][T13134] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2643'.
[  459.969768][T13138] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  459.970153][T13139] syzkaller0: entered promiscuous mode
[  459.970178][T13139] syzkaller0: entered allmulticast mode
[  460.100495][T13132] tipc: Resetting bearer <eth:syzkaller0>
[  460.162342][T13129] tipc: Resetting bearer <eth:syzkaller0>
[  460.216256][   T61] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  460.239138][   T61] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  460.240536][   T61] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  460.264011][   T61] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  460.265600][   T61] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  460.414579][T13129] tipc: Disabling bearer <eth:syzkaller0>
[  460.490913][T13152] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2647'.
[  461.294790][T13168] netlink: 'syz.2.2651': attribute type 2 has an invalid length.
[  462.301659][T13168] !: entered promiscuous mode
[  462.367628][   T61] Bluetooth: hci5: command tx timeout
[  463.841600][ T6118] netdevsim netdevsim4 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  464.446580][   T61] Bluetooth: hci5: command tx timeout
[  464.816758][T13189] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2654'.
[  464.817617][T13146] lo speed is unknown, defaulting to 1000
[  464.989272][ T6118] netdevsim netdevsim4 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  465.171960][T13203] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2659'.
[  465.413356][ T6118] netdevsim netdevsim4 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  465.492329][T13141] lo speed is unknown, defaulting to 1000
[  465.628805][ T6118] netdevsim netdevsim4 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  466.160961][T13221] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2664'.
[  466.537386][   T61] Bluetooth: hci5: command tx timeout
[  466.901561][T13232] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2668'.
[  466.922641][T13227] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  466.956195][T13227] syzkaller0: entered promiscuous mode
[  466.956232][T13227] syzkaller0: entered allmulticast mode
[  467.090379][T13230] tipc: Resetting bearer <eth:syzkaller0>
[  467.145524][T13226] tipc: Resetting bearer <eth:syzkaller0>
[  467.275888][T13226] tipc: Disabling bearer <eth:syzkaller0>
[  467.435187][ T6118] bridge_slave_1: left allmulticast mode
[  467.435385][ T6118] bridge_slave_1: left promiscuous mode
[  467.440156][ T6118] bridge0: port 2(bridge_slave_1) entered disabled state
[  467.536278][ T6118] bridge_slave_0: left allmulticast mode
[  467.536303][ T6118] bridge_slave_0: left promiscuous mode
[  467.538485][ T6118] bridge0: port 1(bridge_slave_0) entered disabled state
[  468.003083][T13255] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2678'.
[  468.604537][   T61] Bluetooth: hci5: command tx timeout
[  468.977559][ T6118] geneve0 (unregistering): left promiscuous mode
[  468.995865][ T6118] team0: Port device geneve0 removed
[  469.744644][ T6118] bond4 (unregistering): (slave bridge6): Releasing backup interface
[  469.994614][ T6118] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  470.036176][ T6118] bond_slave_0: left promiscuous mode
[  470.074527][ T6118] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  470.094173][ T6118] bond_slave_1: left promiscuous mode
[  470.134582][ T6118] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  470.159330][ T6118] dummy0: left promiscuous mode
[  470.176558][ T6118] bond0 (unregistering): Released all slaves
[  470.191808][ T6118] bond1 (unregistering): Released all slaves
[  470.209534][ T6118] bond2 (unregistering): Released all slaves
[  470.225839][ T6118] bond3 (unregistering): Released all slaves
[  470.242455][ T6118] bond4 (unregistering): Released all slaves
[  470.829883][T13141] chnl_net:caif_netlink_parms(): no params data found
[  471.041445][T13141] bridge0: port 1(bridge_slave_0) entered blocking state
[  471.041663][T13141] bridge0: port 1(bridge_slave_0) entered disabled state
[  471.041847][T13141] bridge_slave_0: entered allmulticast mode
[  471.045390][T13141] bridge_slave_0: entered promiscuous mode
[  471.055346][T13141] bridge0: port 2(bridge_slave_1) entered blocking state
[  471.055917][T13141] bridge0: port 2(bridge_slave_1) entered disabled state
[  471.056374][T13141] bridge_slave_1: entered allmulticast mode
[  471.065040][T13141] bridge_slave_1: entered promiscuous mode
[  471.133775][T13141] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  471.138298][T13141] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  471.207378][T13141] team0: Port device team_slave_0 added
[  471.211179][T13141] team0: Port device team_slave_1 added
[  471.260594][T13141] batman_adv: batadv0: Adding interface: batadv_slave_0
[  471.260613][T13141] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  471.260643][T13141] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  471.293294][T13141] batman_adv: batadv0: Adding interface: batadv_slave_1
[  471.293333][T13141] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  471.293414][T13141] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  471.416938][T13141] hsr_slave_0: entered promiscuous mode
[  471.418360][T13141] hsr_slave_1: entered promiscuous mode
[  471.419381][T13141] debugfs: 'hsr0' already exists in 'hsr'
[  471.419407][T13141] Cannot create hsr debugfs directory
[  472.503021][ T6118] !: left promiscuous mode
[  472.644400][ T6118] tipc: Left network mode
[  473.197350][T13141] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  473.261460][T13141] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  473.333778][T13141] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  473.513819][T13141] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  474.031159][T13141] 8021q: adding VLAN 0 to HW filter on device bond0
[  474.112277][T13141] 8021q: adding VLAN 0 to HW filter on device team0
[  474.230727][ T3763] bridge0: port 1(bridge_slave_0) entered blocking state
[  474.240009][ T3763] bridge0: port 1(bridge_slave_0) entered forwarding state
[  474.299944][ T1342] bridge0: port 2(bridge_slave_1) entered blocking state
[  474.300095][ T1342] bridge0: port 2(bridge_slave_1) entered forwarding state
[  474.925928][T13141] 8021q: adding VLAN 0 to HW filter on device batadv0
[  475.251211][ T6118] hsr_slave_0: left promiscuous mode
[  475.271224][ T6118] hsr_slave_1: left promiscuous mode
[  475.272226][ T6118] batman_adv: batadv0: Removing interface: batadv_slave_0
[  475.323240][ T6118] batman_adv: batadv0: Removing interface: batadv_slave_1
[  478.681336][ T6118] team_slave_1 (unregistering): left promiscuous mode
[  478.720280][ T6118] team0 (unregistering): Port device team_slave_1 removed
[  478.891337][ T6118] team_slave_0 (unregistering): left promiscuous mode
[  478.930905][ T6118] team0 (unregistering): Port device team_slave_0 removed
[  481.025751][T13379] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2696'.
[  481.212849][T13141] veth0_vlan: entered promiscuous mode
[  481.427992][T13387] netlink: 'syz.3.2695': attribute type 2 has an invalid length.
[  481.631905][T13141] veth1_vlan: entered promiscuous mode
[  483.515656][T13141] veth0_macvtap: entered promiscuous mode
[  483.848126][T13141] veth1_macvtap: entered promiscuous mode
[  484.133028][T13141] batman_adv: batadv0: Interface activated: batadv_slave_0
[  484.172436][T13141] batman_adv: batadv0: Interface activated: batadv_slave_1
[  484.195978][ T6123] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  484.212821][ T6123] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  484.213758][ T6123] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  484.214122][ T6123] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  484.415660][T13407] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2704'.
[  484.928925][T13414] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2707'.
[  485.127697][ T1342] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  485.127721][ T1342] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  485.426252][T13430] netlink: 'syz.0.2712': attribute type 2 has an invalid length.
[  486.956653][ T5984] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  486.956671][ T5984] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  487.399677][T13449] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2718'.
[  487.826962][T13457] tipc: Started in network mode
[  487.826996][T13457] tipc: Node identity 06c205962193, cluster identity 4711
[  487.827179][T13457] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  487.829329][T13460] syzkaller0: entered promiscuous mode
[  487.829353][T13460] syzkaller0: entered allmulticast mode
[  487.921812][T13450] tipc: Resetting bearer <eth:syzkaller0>
[  487.970726][T13447] tipc: Resetting bearer <eth:syzkaller0>
[  488.334352][T13483] netlink: 'syz.0.2725': attribute type 2 has an invalid length.
[  491.063829][T13447] tipc: Disabling bearer <eth:syzkaller0>
[  491.215498][ T5918] tipc: Node number set to 659621270
[  491.549521][T13510] netlink: 'syz.0.2737': attribute type 1 has an invalid length.
[  491.764389][ T5918] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  491.847026][T13528] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2742'.
[  491.932789][ T5918] usb 2-1: Using ep0 maxpacket: 32
[  491.935293][ T5918] usb 2-1: config 0 has an invalid interface number: 188 but max is 0
[  491.935322][ T5918] usb 2-1: config 0 has no interface number 0
[  491.935377][ T5918] usb 2-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  491.937797][ T5918] usb 2-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  491.937827][ T5918] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  491.937848][ T5918] usb 2-1: Product: syz
[  491.937863][ T5918] usb 2-1: Manufacturer: syz
[  491.937879][ T5918] usb 2-1: SerialNumber: syz
[  491.947378][ T5918] usb 2-1: config 0 descriptor??
[  492.009977][T13506] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  492.233426][T13506] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  492.429230][T13541] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  492.430323][T13541] syzkaller0: entered promiscuous mode
[  492.430347][T13541] syzkaller0: entered allmulticast mode
[  492.434963][ T5918] asix 2-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  492.435571][ T5918] asix 2-1:0.188: probe with driver asix failed with error -61
[  492.610151][T13547] tipc: Resetting bearer <eth:syzkaller0>
[  492.662818][T13539] tipc: Resetting bearer <eth:syzkaller0>
[  492.800988][T13556] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2750'.
[  492.823136][T13539] tipc: Disabling bearer <eth:syzkaller0>
[  492.962560][T13507] lo speed is unknown, defaulting to 1000
[  493.112047][T13561] netlink: 'syz.4.2752': attribute type 1 has an invalid length.
[  493.647581][T13589] netlink: 'syz.0.2763': attribute type 1 has an invalid length.
[  494.243967][T13604] netlink: 55631 bytes leftover after parsing attributes in process `syz.3.2768'.
[  494.489994][ T5961] usb 2-1: USB disconnect, device number 18
[  494.537723][T13609] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2770'.
[  494.537747][T13609] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2770'.
[  494.746149][T13609] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2770'.
[  494.746179][T13609] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2770'.
[  494.895450][T13619] netlink: 164 bytes leftover after parsing attributes in process `syz.1.2773'.
[  495.018405][T13616] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(5)
[  495.018436][T13616] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  495.053623][T13616] vhci_hcd vhci_hcd.0: Device attached
[  495.112580][T13629] netlink: 'syz.3.2775': attribute type 1 has an invalid length.
[  495.121994][T13616] smc: ib device syz2 ibport 1 applied user defined pnetid SYZ1
[  495.356648][T13486] usb 42-1: SetAddress Request (2) to port 0
[  495.356773][T13486] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[  495.394871][T13623] vhci_hcd: sendmsg failed!, ret=-32 for 48
[  495.567067][T13621] vhci_hcd: connection closed
[  495.567274][ T6118] vhci_hcd vhci_hcd.4: stop threads
[  495.568114][ T6118] vhci_hcd vhci_hcd.4: release socket
[  496.271677][   T70] kworker/u8:5 (70) used greatest stack depth: 14304 bytes left
[  496.355472][ T6118] vhci_hcd vhci_hcd.4: disconnect device
[  496.822440][T13636] lo speed is unknown, defaulting to 1000
[  497.036959][T13659] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2787'.
[  497.036986][T13659] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2787'.
[  497.042139][T13655] syzkaller0: entered promiscuous mode
[  497.042236][T13655] syzkaller0: entered allmulticast mode
[  497.254829][T13659] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2787'.
[  497.637013][T13647] lo speed is unknown, defaulting to 1000
[  497.798450][T13671] netlink: 'syz.0.2792': attribute type 1 has an invalid length.
[  499.521350][T13700] __nla_validate_parse: 1 callbacks suppressed
[  499.521378][T13700] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2800'.
[  499.521400][T13700] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2800'.
[  499.626848][T13700] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2800'.
[  499.626875][T13700] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2800'.
[  499.750307][T13707] netlink: 'syz.4.2803': attribute type 1 has an invalid length.
[  501.090659][T13486] usb 42-1: device descriptor read/8, error -110
[  501.446570][T13738] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2815'.
[  501.446599][T13738] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2815'.
[  501.499837][T13486] usb usb42-port1: attempt power cycle
[  501.525378][T13738] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2815'.
[  501.525395][T13738] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2815'.
[  501.666928][T13744] netlink: 48 bytes leftover after parsing attributes in process `syz.2.2816'.
[  501.865852][T13746] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2817'.
[  502.061549][T13486] usb usb42-port1: unable to enumerate USB device
[  502.282206][T13773] netlink: 'syz.0.2825': attribute type 39 has an invalid length.
[  502.285726][T13772] netlink: 'syz.2.2826': attribute type 4 has an invalid length.
[  502.286311][T13772] netlink: 'syz.2.2826': attribute type 4 has an invalid length.
[  502.742633][T13797] netlink: 'syz.1.2836': attribute type 39 has an invalid length.
[  503.587009][  T918] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  503.757855][  T918] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  503.759426][  T918] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.759452][  T918] usb 2-1: config 0 has no interfaces?
[  503.762765][  T918] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.762789][  T918] usb 2-1: config 0 has no interfaces?
[  503.764617][  T918] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.764642][  T918] usb 2-1: config 0 has no interfaces?
[  503.766264][  T918] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.766290][  T918] usb 2-1: config 0 has no interfaces?
[  503.770972][  T918] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.770996][  T918] usb 2-1: config 0 has no interfaces?
[  503.785911][  T918] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.785940][  T918] usb 2-1: config 0 has no interfaces?
[  503.787580][  T918] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.787605][  T918] usb 2-1: config 0 has no interfaces?
[  503.789212][  T918] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  503.789238][  T918] usb 2-1: config 0 has no interfaces?
[  503.792629][  T918] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  503.792660][  T918] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  503.792696][  T918] usb 2-1: Product: syz
[  503.792712][  T918] usb 2-1: Manufacturer: syz
[  503.792728][  T918] usb 2-1: SerialNumber: syz
[  503.918826][  T918] usb 2-1: config 0 descriptor??
[  504.187637][T13829] netlink: 'syz.3.2848': attribute type 39 has an invalid length.
[  504.243745][T13486] usb 2-1: USB disconnect, device number 19
[  504.605206][T13841] __nla_validate_parse: 11 callbacks suppressed
[  504.605229][T13841] netlink: 212348 bytes leftover after parsing attributes in process `syz.2.2855'.
[  504.754961][T13847] netlink: 212332 bytes leftover after parsing attributes in process `syz.2.2856'.
[  504.915910][T13850] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  504.917060][T13850] syzkaller0: entered promiscuous mode
[  504.917082][T13850] syzkaller0: entered allmulticast mode
[  504.979572][T13850] tipc: Resetting bearer <eth:syzkaller0>
[  505.020271][T13854] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2858'.
[  505.020296][T13854] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2858'.
[  505.041655][T13849] tipc: Resetting bearer <eth:syzkaller0>
[  505.157374][T13858] netlink: 20 bytes leftover after parsing attributes in process `syz.0.2860'.
[  505.219713][ T5814] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  505.234828][ T5814] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  505.247181][ T5814] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  505.248612][ T5814] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  505.250145][ T5814] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  505.303611][T13849] tipc: Disabling bearer <eth:syzkaller0>
[  505.655007][T13854] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2858'.
[  505.655036][T13854] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2858'.
[  505.750133][T13867] siw: device registration error -23
[  506.536193][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  506.536261][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  506.732896][T13872] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.2866'.
[  506.843183][ T1342] netdevsim netdevsim3 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  506.843224][ T1342] netdevsim netdevsim3 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  507.268715][T13859] lo speed is unknown, defaulting to 1000
[  507.305087][   T61] Bluetooth: hci3: command tx timeout
[  507.323500][ T1342] netdevsim netdevsim3 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  507.323536][ T1342] netdevsim netdevsim3 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  507.535604][T13895] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2875'.
[  507.535632][T13895] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2875'.
[  507.842262][T13900] siw: device registration error -23
[  508.763639][ T1342] netdevsim netdevsim3 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  508.763677][ T1342] netdevsim netdevsim3 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  508.917006][T13907] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  508.965585][T13911] syzkaller0: entered promiscuous mode
[  508.965614][T13911] syzkaller0: entered allmulticast mode
[  509.033244][T13904] tipc: Resetting bearer <eth:syzkaller0>
[  509.141114][ T1342] netdevsim netdevsim3 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  509.141156][ T1342] netdevsim netdevsim3 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  509.384141][   T61] Bluetooth: hci3: command tx timeout
[  509.504481][T13903] tipc: Resetting bearer <eth:syzkaller0>
[  509.648143][T13903] tipc: Disabling bearer <eth:syzkaller0>
[  510.080477][T13941] __nla_validate_parse: 2 callbacks suppressed
[  510.080500][T13941] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2886'.
[  510.080517][T13941] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2886'.
[  510.115058][T13943] netlink: 'syz.0.2887': attribute type 12 has an invalid length.
[  510.403816][T13944] netlink: 'syz.0.2887': attribute type 3 has an invalid length.
[  510.403845][T13944] netlink: 3 bytes leftover after parsing attributes in process `syz.0.2887'.
[  510.410262][T13941] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2886'.
[  510.410287][T13941] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2886'.
[  510.481980][T13859] chnl_net:caif_netlink_parms(): no params data found
[  511.445626][T13967] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  511.463069][   T61] Bluetooth: hci3: command tx timeout
[  511.521964][T13967] tipc: Resetting bearer <eth:syzkaller0>
[  511.533773][T13859] bridge0: port 1(bridge_slave_0) entered blocking state
[  511.533985][T13859] bridge0: port 1(bridge_slave_0) entered disabled state
[  511.534221][T13859] bridge_slave_0: entered allmulticast mode
[  511.541239][T13859] bridge_slave_0: entered promiscuous mode
[  511.570819][T13970] netlink: 'syz.0.2894': attribute type 12 has an invalid length.
[  511.710125][T13963] tipc: Disabling bearer <eth:syzkaller0>
[  511.853188][ T1342] bridge_slave_1: left allmulticast mode
[  511.853222][ T1342] bridge_slave_1: left promiscuous mode
[  511.863317][ T1342] bridge0: port 2(bridge_slave_1) entered disabled state
[  511.954413][ T1342] bridge_slave_0: left allmulticast mode
[  511.954444][ T1342] bridge_slave_0: left promiscuous mode
[  511.954454][T13974] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.2895'.
[  511.954835][ T1342] bridge0: port 1(bridge_slave_0) entered disabled state
[  512.601228][T13884] Set syz1 is full, maxelem 65536 reached
[  513.435072][ T1342] geneve0 (unregistering): left promiscuous mode
[  513.453307][ T1342] team0: Port device geneve0 removed
[  513.542474][   T61] Bluetooth: hci3: command tx timeout
[  514.162126][ T1342] bond2 (unregistering): (slave bridge5): Releasing backup interface
[  514.602081][ T1342] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  514.664858][ T1342] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  514.722635][ T1342] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  514.765576][ T1342] bond0 (unregistering): Released all slaves
[  514.773078][ T1342] bond1 (unregistering): Released all slaves
[  514.791682][ T1342] bond2 (unregistering): Released all slaves
[  514.808422][ T1342] bond3 (unregistering): Released all slaves
[  514.853925][T13859] bridge0: port 2(bridge_slave_1) entered blocking state
[  514.854016][T13859] bridge0: port 2(bridge_slave_1) entered disabled state
[  514.854213][T13859] bridge_slave_1: entered allmulticast mode
[  514.856109][T13859] bridge_slave_1: entered promiscuous mode
[  514.857300][T13971] netlink: 'syz.0.2894': attribute type 3 has an invalid length.
[  514.857319][T13971] netlink: 3 bytes leftover after parsing attributes in process `syz.0.2894'.
[  514.860707][T13949] lo speed is unknown, defaulting to 1000
[  515.128908][T13859] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  515.234982][T13859] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  515.475942][T13859] team0: Port device team_slave_0 added
[  515.642209][T13859] team0: Port device team_slave_1 added
[  516.020405][T13859] batman_adv: batadv0: Adding interface: batadv_slave_0
[  516.020424][T13859] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  516.020455][T13859] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  516.111851][T13859] batman_adv: batadv0: Adding interface: batadv_slave_1
[  516.111872][T13859] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  516.111904][T13859] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  516.338195][T13859] hsr_slave_0: entered promiscuous mode
[  516.339540][T13859] hsr_slave_1: entered promiscuous mode
[  516.358079][T13859] debugfs: 'hsr0' already exists in 'hsr'
[  516.358108][T13859] Cannot create hsr debugfs directory
[  516.662349][T14025] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.2905'.
[  516.714603][T14023] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  516.714680][ T1342] !: left promiscuous mode
[  516.784508][T14028] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2906'.
[  516.802572][T14026] syzkaller0: entered promiscuous mode
[  516.802599][T14026] syzkaller0: entered allmulticast mode
[  516.829709][ T5961] IPVS: starting estimator thread 0...
[  516.898042][T14023] tipc: Resetting bearer <eth:syzkaller0>
[  516.930347][T14030] IPVS: using max 8 ests per chain, 19200 per kthread
[  517.041462][ T1342] tipc: Left network mode
[  517.084408][T14015] tipc: Resetting bearer <eth:syzkaller0>
[  517.212700][T14015] tipc: Disabling bearer <eth:syzkaller0>
[  517.454952][T14010] lo speed is unknown, defaulting to 1000
[  518.067510][T14047] siw: device registration error -23
[  519.016893][T14055] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.2915'.
[  519.229314][T13486] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  519.400197][T13486] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  519.401722][T13486] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  519.401754][T13486] usb 5-1: config 0 has no interfaces?
[  519.402870][T13486] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  519.402893][T13486] usb 5-1: config 0 has no interfaces?
[  519.404049][T13486] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  519.404072][T13486] usb 5-1: config 0 has no interfaces?
[  519.405209][T13486] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  519.405233][T13486] usb 5-1: config 0 has no interfaces?
[  519.406427][T13486] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  519.406451][T13486] usb 5-1: config 0 has no interfaces?
[  519.407618][T13486] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  519.407642][T13486] usb 5-1: config 0 has no interfaces?
[  519.408773][T13486] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  519.408796][T13486] usb 5-1: config 0 has no interfaces?
[  519.486009][T13486] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  519.486585][T13486] usb 5-1: config 0 has no interfaces?
[  519.506393][T13486] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  519.506491][T13486] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  519.506575][T13486] usb 5-1: Product: syz
[  519.506673][T13486] usb 5-1: Manufacturer: syz
[  519.506725][T13486] usb 5-1: SerialNumber: syz
[  519.548432][T13486] usb 5-1: config 0 descriptor??
[  519.953540][T13486] usb 5-1: USB disconnect, device number 16
[  520.588058][T14098] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.2925'.
[  520.658123][T14100] netlink: 181392 bytes leftover after parsing attributes in process `syz.4.2926'.
[  521.263074][T14113] netlink: 61963 bytes leftover after parsing attributes in process `syz.2.2931'.
[  521.405124][T13488] IPVS: starting estimator thread 0...
[  521.488027][T14118] IPVS: using max 8 ests per chain, 19200 per kthread
[  521.604429][T14109] nr4: entered promiscuous mode
[  521.604469][T14109] nr4: entered allmulticast mode
[  521.977873][  T918] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  522.022925][T14135] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.2935'.
[  522.162413][  T918] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  522.163883][  T918] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  522.163910][  T918] usb 3-1: config 0 has no interfaces?
[  522.165289][  T918] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  522.165314][  T918] usb 3-1: config 0 has no interfaces?
[  522.166765][  T918] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  522.166791][  T918] usb 3-1: config 0 has no interfaces?
[  522.189588][  T918] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  522.189618][  T918] usb 3-1: config 0 has no interfaces?
[  522.191092][  T918] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  522.191115][  T918] usb 3-1: config 0 has no interfaces?
[  522.197722][  T918] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  522.197749][  T918] usb 3-1: config 0 has no interfaces?
[  522.227668][  T918] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  522.227698][  T918] usb 3-1: config 0 has no interfaces?
[  522.257665][  T918] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  522.257694][  T918] usb 3-1: config 0 has no interfaces?
[  522.320626][  T918] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  522.320661][  T918] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  522.320684][  T918] usb 3-1: Product: syz
[  522.320699][  T918] usb 3-1: Manufacturer: syz
[  522.320715][  T918] usb 3-1: SerialNumber: syz
[  522.336057][T14141] netlink: 181392 bytes leftover after parsing attributes in process `syz.1.2937'.
[  522.393003][  T918] usb 3-1: config 0 descriptor??
[  522.587005][T14146] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  522.792792][ T5918] usb 3-1: USB disconnect, device number 22
[  522.813610][T14146] tipc: Resetting bearer <eth:syzkaller0>
[  522.898218][T14139] tipc: Disabling bearer <eth:syzkaller0>
[  523.201018][T13859] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  523.269486][T13859] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  523.272695][T14104] lo speed is unknown, defaulting to 1000
[  523.433139][T13859] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  523.471992][T14179] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2942'.
[  523.472019][T14179] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2942'.
[  523.603011][T14179] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2942'.
[  523.603037][T14179] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2942'.
[  523.645390][T14178] vlan2: entered promiscuous mode
[  523.645414][T14178] team0: entered promiscuous mode
[  523.645428][T14178] team_slave_0: entered promiscuous mode
[  523.645648][T14178] team_slave_1: entered promiscuous mode
[  523.645873][T14178] geneve0: entered promiscuous mode
[  523.897199][T13859] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  524.126832][ T1342] hsr_slave_0: left promiscuous mode
[  524.176985][ T1342] hsr_slave_1: left promiscuous mode
[  524.177791][ T1342] batman_adv: batadv0: Removing interface: batadv_slave_0
[  524.225080][ T1342] batman_adv: batadv0: Removing interface: batadv_slave_1
[  524.473989][T14205] netlink: 181392 bytes leftover after parsing attributes in process `syz.2.2947'.
[  526.665993][ T1342] team_slave_1 (unregistering): left promiscuous mode
[  526.705970][ T1342] team0 (unregistering): Port device team_slave_1 removed
[  526.875919][ T1342] team_slave_0 (unregistering): left promiscuous mode
[  526.915896][ T1342] team0 (unregistering): Port device team_slave_0 removed
[  528.877772][T14208] vlan2: entered promiscuous mode
[  529.334264][T13488] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  529.494814][T13488] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  529.500549][T13488] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  529.500575][T13488] usb 3-1: config 0 has no interfaces?
[  529.533679][T13488] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  529.533709][T13488] usb 3-1: config 0 has no interfaces?
[  529.550737][T13488] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  529.550765][T13488] usb 3-1: config 0 has no interfaces?
[  529.590656][T13488] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  529.590684][T13488] usb 3-1: config 0 has no interfaces?
[  529.595759][T14223] netlink: 'syz.0.2952': attribute type 4 has an invalid length.
[  529.601274][T13488] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  529.601326][T13488] usb 3-1: config 0 has no interfaces?
[  529.602963][T13488] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  529.602987][T13488] usb 3-1: config 0 has no interfaces?
[  529.621701][T13488] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  529.621766][T13488] usb 3-1: config 0 has no interfaces?
[  529.664029][T13488] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  529.664103][T13488] usb 3-1: config 0 has no interfaces?
[  529.682353][T13859] 8021q: adding VLAN 0 to HW filter on device bond0
[  529.728420][T13488] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  529.728456][T13488] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  529.728480][T13488] usb 3-1: Product: syz
[  529.728495][T13488] usb 3-1: Manufacturer: syz
[  529.728511][T13488] usb 3-1: SerialNumber: syz
[  529.785579][T13488] usb 3-1: config 0 descriptor??
[  529.805515][T14224] netlink: 'syz.0.2952': attribute type 4 has an invalid length.
[  529.973566][T13859] 8021q: adding VLAN 0 to HW filter on device team0
[  529.994786][   T68] bridge0: port 1(bridge_slave_0) entered blocking state
[  529.994887][   T68] bridge0: port 1(bridge_slave_0) entered forwarding state
[  530.027811][   T68] bridge0: port 2(bridge_slave_1) entered blocking state
[  530.027901][   T68] bridge0: port 2(bridge_slave_1) entered forwarding state
[  530.146373][T13488] usb 3-1: USB disconnect, device number 23
[  530.884167][T14253] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2962'.
[  530.911669][T14255] Set syz1 is full, maxelem 65536 reached
[  530.925812][T13859] 8021q: adding VLAN 0 to HW filter on device batadv0
[  531.265930][T14253] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2962'.
[  531.274876][T14253] bridge0: port 2(bridge_slave_1) entered disabled state
[  531.409948][T13859] veth0_vlan: entered promiscuous mode
[  531.463712][T13859] veth1_vlan: entered promiscuous mode
[  531.554461][T13859] veth0_macvtap: entered promiscuous mode
[  531.579921][T13859] veth1_macvtap: entered promiscuous mode
[  531.627381][T13859] batman_adv: batadv0: Interface activated: batadv_slave_0
[  531.661491][T13859] batman_adv: batadv0: Interface activated: batadv_slave_1
[  531.698011][ T3763] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  531.698963][ T3763] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  531.699296][ T3763] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  531.699471][ T3763] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  532.066419][T14279] netlink: 212344 bytes leftover after parsing attributes in process `syz.1.2973'.
[  532.132766][ T5889] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  532.293282][ T5889] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  532.294896][ T5889] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  532.294947][ T5889] usb 1-1: config 0 has no interfaces?
[  532.342722][ T5889] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  532.342743][ T5889] usb 1-1: config 0 has no interfaces?
[  532.343945][ T5889] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  532.343973][ T5889] usb 1-1: config 0 has no interfaces?
[  532.345128][ T5889] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  532.345151][ T5889] usb 1-1: config 0 has no interfaces?
[  532.346309][ T5889] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  532.346331][ T5889] usb 1-1: config 0 has no interfaces?
[  532.347437][ T5889] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  532.347461][ T5889] usb 1-1: config 0 has no interfaces?
[  532.348790][ T5889] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  532.348815][ T5889] usb 1-1: config 0 has no interfaces?
[  532.349970][ T5889] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  532.349996][ T5889] usb 1-1: config 0 has no interfaces?
[  532.356074][ T5889] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  532.356158][ T5889] usb 1-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  532.356213][ T5889] usb 1-1: Product: syz
[  532.356256][ T5889] usb 1-1: Manufacturer: syz
[  532.356304][ T5889] usb 1-1: SerialNumber: syz
[  532.400554][ T5889] usb 1-1: config 0 descriptor??
[  532.734960][ T5918] usb 1-1: USB disconnect, device number 20
[  532.960028][T14298] syzkaller0: entered promiscuous mode
[  532.960057][T14298] syzkaller0: entered allmulticast mode
[  532.993742][ T3763] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  532.993766][ T3763] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  533.400816][T14320] Set syz1 is full, maxelem 65536 reached
[  533.537452][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  533.537477][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  533.868844][T14332] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2984'.
[  534.711121][ T5814] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  534.723171][ T5814] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  534.727152][ T5814] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  534.733573][ T5814] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  534.735290][ T5814] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  535.490067][   T44] netdevsim netdevsim2 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  535.490111][   T44] netdevsim netdevsim2 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  535.597432][T14345] nr0: entered promiscuous mode
[  535.597463][T14345] nr0: entered allmulticast mode
[  535.910253][T13486] IPVS: starting estimator thread 0...
[  535.951774][   T44] netdevsim netdevsim2 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  535.951814][   T44] netdevsim netdevsim2 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  536.004327][T14366] IPVS: using max 10 ests per chain, 24000 per kthread
[  536.034362][T14358] nr3: entered promiscuous mode
[  536.034392][T14358] nr3: entered allmulticast mode
[  536.232633][   T44] netdevsim netdevsim2 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  536.232675][   T44] netdevsim netdevsim2 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  536.434479][T14373] Bluetooth: MGMT ver 1.23
[  536.698643][   T44] netdevsim netdevsim2 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  536.698685][   T44] netdevsim netdevsim2 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  536.890323][   T61] Bluetooth: hci0: command tx timeout
[  538.096574][   T44] bridge_slave_1: left allmulticast mode
[  538.096606][   T44] bridge_slave_1: left promiscuous mode
[  538.097626][   T44] bridge0: port 2(bridge_slave_1) entered disabled state
[  538.285169][   T44] bridge_slave_0: left allmulticast mode
[  538.285202][   T44] bridge_slave_0: left promiscuous mode
[  538.285487][   T44] bridge0: port 1(bridge_slave_0) entered disabled state
[  538.979295][   T61] Bluetooth: hci0: command tx timeout
[  539.216756][T14308] Set syz1 is full, maxelem 65536 reached
[  539.889872][   T44] geneve0 (unregistering): left promiscuous mode
[  539.909983][   T44] team0: Port device geneve0 removed
[  540.589204][   T44] bond2 (unregistering): (slave bridge5): Releasing active interface
[  540.899306][   T44] bond5 (unregistering): (slave bridge8): Releasing backup interface
[  541.060193][   T61] Bluetooth: hci0: command tx timeout
[  541.201649][   T44] bond1 (unregistering): (slave macvlan2): Removing an active aggregator
[  541.202378][   T44] bond1 (unregistering): (slave macvlan2): Releasing backup interface
[  541.202394][   T44] bond1 (unregistering): (slave macvlan2): the permanent HWaddr of slave - c6:f8:f9:96:3d:d2 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  541.328793][   T44] bond1 (unregistering): (slave macvlan6): Releasing backup interface
[  541.449720][   T44] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  541.488411][   T44] bond_slave_0: left promiscuous mode
[  541.508585][   T44] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  541.559545][   T44] bond_slave_1: left promiscuous mode
[  541.578625][   T44] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  541.618565][   T44] dummy0: left promiscuous mode
[  541.619146][   T44] bond0 (unregistering): Released all slaves
[  542.311162][   T44] bond1 (unregistering): Released all slaves
[  542.327425][   T44] bond2 (unregistering): Released all slaves
[  542.347700][   T44] bond3 (unregistering): Released all slaves
[  542.367276][   T44] bond4 (unregistering): Released all slaves
[  542.387244][   T44] bond5 (unregistering): Released all slaves
[  542.920589][T14414] syzkaller0: entered promiscuous mode
[  542.920619][T14414] syzkaller0: entered allmulticast mode
[  543.127481][ T5814] Bluetooth: hci0: command tx timeout
[  543.319323][T14352] chnl_net:caif_netlink_parms(): no params data found
[  543.811157][T14449] netlink: 'syz.3.3012': attribute type 4 has an invalid length.
[  543.863550][T14450] netlink: 'syz.3.3012': attribute type 4 has an invalid length.
[  544.157283][T14352] bridge0: port 1(bridge_slave_0) entered blocking state
[  544.157515][T14352] bridge0: port 1(bridge_slave_0) entered disabled state
[  544.157722][T14352] bridge_slave_0: entered allmulticast mode
[  544.160220][T14352] bridge_slave_0: entered promiscuous mode
[  544.198478][T14352] bridge0: port 2(bridge_slave_1) entered blocking state
[  544.198727][T14352] bridge0: port 2(bridge_slave_1) entered disabled state
[  544.198965][T14352] bridge_slave_1: entered allmulticast mode
[  544.202256][T14352] bridge_slave_1: entered promiscuous mode
[  544.305083][   T44] !: left promiscuous mode
[  544.452893][T14352] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  544.499512][T14352] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  544.499703][   T44] tipc: Left network mode
[  545.072609][T14352] team0: Port device team_slave_0 added
[  545.133558][T14352] team0: Port device team_slave_1 added
[  545.291722][T14470] syzkaller0: entered promiscuous mode
[  545.291751][T14470] syzkaller0: entered allmulticast mode
[  545.594119][T14352] batman_adv: batadv0: Adding interface: batadv_slave_0
[  545.594137][T14352] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  545.594160][T14352] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  545.937716][T14352] batman_adv: batadv0: Adding interface: batadv_slave_1
[  545.937737][T14352] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  545.937769][T14352] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  546.502298][T14352] hsr_slave_0: entered promiscuous mode
[  546.503403][T14352] hsr_slave_1: entered promiscuous mode
[  546.504108][T14352] debugfs: 'hsr0' already exists in 'hsr'
[  546.504124][T14352] Cannot create hsr debugfs directory
[  546.794053][T14496] netlink: 'syz.1.3023': attribute type 4 has an invalid length.
[  546.851058][T14497] netlink: 'syz.1.3023': attribute type 4 has an invalid length.
[  548.267409][T14501] lo speed is unknown, defaulting to 1000
[  548.284915][T14501] lo speed is unknown, defaulting to 1000
[  548.286142][T14501] lo speed is unknown, defaulting to 1000
[  548.298191][T14501] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  548.345861][T14501] lo speed is unknown, defaulting to 1000
[  548.350557][T14501] lo speed is unknown, defaulting to 1000
[  548.353476][T14501] lo speed is unknown, defaulting to 1000
[  548.357286][T14501] lo speed is unknown, defaulting to 1000
[  548.373116][T14501] lo speed is unknown, defaulting to 1000
[  548.382801][T14501] lo speed is unknown, defaulting to 1000
[  548.396709][T14501] lo speed is unknown, defaulting to 1000
[  549.744181][T14539] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  549.836945][T14540] syzkaller0: entered promiscuous mode
[  549.836987][T14540] syzkaller0: entered allmulticast mode
[  549.875604][T14539] tipc: Resetting bearer <eth:syzkaller0>
[  550.097098][T14542] syzkaller0: entered promiscuous mode
[  550.097940][T14542] syzkaller0: entered allmulticast mode
[  550.513926][T14533] tipc: Resetting bearer <eth:syzkaller0>
[  550.634153][T14533] tipc: Disabling bearer <eth:syzkaller0>
[  550.754895][T14556] netlink: 'syz.1.3033': attribute type 39 has an invalid length.
[  550.875054][T14558] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.3034'.
[  550.922493][T14562] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3036'.
[  551.163358][   T44] hsr_slave_0: left promiscuous mode
[  551.203273][   T44] hsr_slave_1: left promiscuous mode
[  551.204350][   T44] batman_adv: batadv0: Removing interface: batadv_slave_0
[  551.227246][   T44] batman_adv: batadv0: Removing interface: batadv_slave_1
[  553.527270][   T44] team_slave_1 (unregistering): left promiscuous mode
[  553.562661][   T44] team0 (unregistering): Port device team_slave_1 removed
[  553.782535][   T44] team_slave_0 (unregistering): left promiscuous mode
[  553.822466][   T44] team0 (unregistering): Port device team_slave_0 removed
[  555.747352][T14562] netlink: 56 bytes leftover after parsing attributes in process `syz.4.3036'.
[  555.981489][T14576] netlink: 'syz.4.3038': attribute type 4 has an invalid length.
[  556.052364][T14580] netlink: 'syz.4.3038': attribute type 4 has an invalid length.
[  556.493681][T14596] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3043'.
[  556.829283][T14601] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3044'.
[  556.939026][T14352] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  557.172152][T14352] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  557.673878][T14352] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  557.778799][T14352] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  558.583186][T14636] netlink: 61963 bytes leftover after parsing attributes in process `syz.4.3050'.
[  558.708613][T14352] 8021q: adding VLAN 0 to HW filter on device bond0
[  558.752071][T14352] 8021q: adding VLAN 0 to HW filter on device team0
[  558.768713][ T6118] bridge0: port 1(bridge_slave_0) entered blocking state
[  558.768931][ T6118] bridge0: port 1(bridge_slave_0) entered forwarding state
[  558.828719][ T6123] bridge0: port 2(bridge_slave_1) entered blocking state
[  558.828866][ T6123] bridge0: port 2(bridge_slave_1) entered forwarding state
[  559.237136][T14644] netlink: 'syz.4.3052': attribute type 10 has an invalid length.
[  559.237163][T14644] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3052'.
[  559.467961][T14644] team0: Port device geneve0 added
[  559.499791][T14646] debugfs: 'netdev:nicvf0' already exists in 'phy39'
[  559.837386][T14627] lo speed is unknown, defaulting to 1000
[  560.396900][T14352] 8021q: adding VLAN 0 to HW filter on device batadv0
[  560.545061][T14352] veth0_vlan: entered promiscuous mode
[  560.565455][T14352] veth1_vlan: entered promiscuous mode
[  560.715175][T14352] veth0_macvtap: entered promiscuous mode
[  560.766364][T14352] veth1_macvtap: entered promiscuous mode
[  560.995169][T14352] batman_adv: batadv0: Interface activated: batadv_slave_0
[  561.000487][T14675] netlink: 'syz.4.3056': attribute type 39 has an invalid length.
[  561.610573][T14352] batman_adv: batadv0: Interface activated: batadv_slave_1
[  561.710543][T14647] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  561.710599][T14647] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  561.710641][T14647] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  561.710680][T14647] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  562.331478][T14708] netlink: 61963 bytes leftover after parsing attributes in process `syz.0.3060'.
[  562.516838][ T6118] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  562.516876][ T6118] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  564.110818][T14719] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3062'.
[  564.207681][T14719] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3062'.
[  564.316926][ T6118] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  564.316951][ T6118] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  565.889150][T14749] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  565.891101][T14750] syzkaller0: entered promiscuous mode
[  565.891124][T14750] syzkaller0: entered allmulticast mode
[  565.920879][T14749] tipc: Resetting bearer <eth:syzkaller0>
[  565.946274][T14748] tipc: Resetting bearer <eth:syzkaller0>
[  566.117307][T14748] tipc: Disabling bearer <eth:syzkaller0>
[  566.289506][T14762] netlink: 61963 bytes leftover after parsing attributes in process `syz.0.3070'.
[  566.695471][T13486] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  566.797788][T14783] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3073'.
[  566.798073][T14783] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3073'.
[  566.855287][T13486] usb 5-1: Using ep0 maxpacket: 32
[  566.857711][T13486] usb 5-1: config 0 has an invalid interface number: 188 but max is 0
[  566.857737][T13486] usb 5-1: config 0 has no interface number 0
[  566.857782][T13486] usb 5-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  566.896665][T13486] usb 5-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  566.896699][T13486] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  566.896722][T13486] usb 5-1: Product: syz
[  566.896739][T13486] usb 5-1: Manufacturer: syz
[  566.896756][T13486] usb 5-1: SerialNumber: syz
[  566.941331][T13486] usb 5-1: config 0 descriptor??
[  566.942435][T14776] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  567.147754][T14776] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  567.321207][T14790] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3076'.
[  567.321290][T14790] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3076'.
[  567.344308][T14790] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3076'.
[  567.344333][T14790] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3076'.
[  567.451036][T14791] tipc: Started in network mode
[  567.451068][T14791] tipc: Node identity a211f74b99b8, cluster identity 4711
[  567.451256][T14791] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  567.452188][T14791] syzkaller0: entered promiscuous mode
[  567.452213][T14791] syzkaller0: entered allmulticast mode
[  567.550487][T13486] asix 5-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -61
[  567.550755][T13486] asix 5-1:0.188: probe with driver asix failed with error -61
[  567.623662][T14794] tipc: Resetting bearer <eth:syzkaller0>
[  567.675176][T14789] tipc: Resetting bearer <eth:syzkaller0>
[  567.729123][T14579] Set syz1 is full, maxelem 65536 reached
[  567.816504][T14789] tipc: Disabling bearer <eth:syzkaller0>
[  567.855755][T14801] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  567.855777][T14801] IPv6: NLM_F_CREATE should be set when creating new route
[  567.920418][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  567.920493][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  568.160148][T14808] netlink: 'syz.2.3080': attribute type 10 has an invalid length.
[  568.160217][T14808] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3080'.
[  568.240300][T14801] bridge0: port 2(bridge_slave_1) entered disabled state
[  568.241215][T14801] bridge0: port 1(bridge_slave_0) entered disabled state
[  568.781972][T14801] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  568.798553][T14801] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  569.456595][ T5896] usb 5-1: USB disconnect, device number 17
[  571.846025][T14808] team0: Port device geneve0 added
[  571.847844][T14812] netlink: 61963 bytes leftover after parsing attributes in process `syz.0.3081'.
[  571.849396][   T68] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  571.943979][   T68] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  572.117088][   T68] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  572.167329][   T68] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  572.532847][   T37] audit: type=1326 audit(6060681901.653:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14834 comm="syz.4.3089" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f95835bacb9 code=0x0
[  573.438437][   T61] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  573.463689][   T61] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  573.470116][   T61] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  573.488104][   T61] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  573.503423][   T61] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  574.130760][T14868] netlink: 'syz.2.3094': attribute type 2 has an invalid length.
[  574.532838][T14868] !: entered promiscuous mode
[  575.681119][   T61] Bluetooth: hci1: command tx timeout
[  577.501027][T14883] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3097'.
[  577.566784][ T5984] netdevsim netdevsim0 eth3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  577.566827][ T5984] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  577.631735][T14892] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3098'.
[  577.666064][T14885] netlink: 61963 bytes leftover after parsing attributes in process `syz.4.3096'.
[  577.708870][T14847] lo speed is unknown, defaulting to 1000
[  577.755659][   T61] Bluetooth: hci1: command tx timeout
[  577.944786][ T5984] netdevsim netdevsim0 eth2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  577.944827][ T5984] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  578.420242][ T5984] netdevsim netdevsim0 eth1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  578.420296][ T5984] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  578.571077][T14891] lo speed is unknown, defaulting to 1000
[  578.646756][ T5984] netdevsim netdevsim0 eth0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  578.646799][ T5984] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  580.968945][   T61] Bluetooth: hci1: command tx timeout
[  581.438218][T14902] lo speed is unknown, defaulting to 1000
[  581.676098][T14847] chnl_net:caif_netlink_parms(): no params data found
[  581.894192][ T5984] bridge_slave_1: left allmulticast mode
[  581.894213][ T5984] bridge_slave_1: left promiscuous mode
[  581.894379][ T5984] bridge0: port 2(bridge_slave_1) entered disabled state
[  581.959648][ T5984] bridge_slave_0: left allmulticast mode
[  581.959675][ T5984] bridge_slave_0: left promiscuous mode
[  581.961888][ T5984] bridge0: port 1(bridge_slave_0) entered disabled state
[  583.027375][   T61] Bluetooth: hci1: command tx timeout
[  583.168108][ T5984] geneve0 (unregistering): left promiscuous mode
[  583.189340][ T5984] team0: Port device geneve0 removed
[  583.967349][ T5984] bond4 (unregistering): (slave bridge6): Releasing backup interface
[  584.187409][ T5984] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  584.227158][ T5984] bond_slave_0: left promiscuous mode
[  584.267233][ T5984] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  584.286927][ T5984] bond_slave_1: left promiscuous mode
[  584.327390][ T5984] bond0 (unregistering): (slave dummy0): Releasing backup interface
[  584.347138][ T5984] dummy0: left promiscuous mode
[  584.347680][ T5984] bond0 (unregistering): Released all slaves
[  585.214820][ T5984] bond1 (unregistering): Released all slaves
[  585.231383][ T5984] bond2 (unregistering): Released all slaves
[  585.247872][ T5984] bond3 (unregistering): Released all slaves
[  585.266925][ T5984] bond4 (unregistering): Released all slaves
[  585.289312][ T5984] bond5 (unregistering): Released all slaves
[  585.307603][ T5984] bond6 (unregistering): Released all slaves
[  585.322960][ T5984] bond7 (unregistering): Released all slaves
[  585.528314][T14847] bridge0: port 1(bridge_slave_0) entered blocking state
[  585.528522][T14847] bridge0: port 1(bridge_slave_0) entered disabled state
[  585.528732][T14847] bridge_slave_0: entered allmulticast mode
[  585.531911][T14847] bridge_slave_0: entered promiscuous mode
[  585.581798][T14847] bridge0: port 2(bridge_slave_1) entered blocking state
[  585.581925][T14847] bridge0: port 2(bridge_slave_1) entered disabled state
[  585.582181][T14847] bridge_slave_1: entered allmulticast mode
[  585.611954][T14847] bridge_slave_1: entered promiscuous mode
[  585.691449][T14847] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  585.706409][T14847] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  585.780176][T14847] team0: Port device team_slave_0 added
[  585.783773][T14847] team0: Port device team_slave_1 added
[  585.840524][T14847] batman_adv: batadv0: Adding interface: batadv_slave_0
[  585.840543][T14847] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  585.840571][T14847] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  585.842811][T14847] batman_adv: batadv0: Adding interface: batadv_slave_1
[  585.842832][T14847] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  585.842860][T14847] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  586.016309][T14847] hsr_slave_0: entered promiscuous mode
[  586.017519][T14847] hsr_slave_1: entered promiscuous mode
[  586.205555][T14908] lo speed is unknown, defaulting to 1000
[  586.212645][T14929] lo speed is unknown, defaulting to 1000
[  587.357761][ T5984] !: left promiscuous mode
[  587.569541][ T5814] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  587.589775][ T5814] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  587.602579][ T5814] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  587.645569][ T5814] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  587.654174][ T5814] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  587.892932][ T5984] tipc: Left network mode
[  588.321163][T14970] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3108'.
[  588.884444][T14973] netlink: 61963 bytes leftover after parsing attributes in process `syz.2.3109'.
[  588.987113][T14957] lo speed is unknown, defaulting to 1000
[  589.824633][   T61] Bluetooth: hci4: command tx timeout
[  590.459680][T14995] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  590.459700][T14995] IPv6: NLM_F_CREATE should be set when creating new route
[  590.849191][T14999] bridge0: port 1(bridge_slave_0) entered disabled state
[  591.348883][T14999] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  591.365153][T14999] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  591.902846][   T61] Bluetooth: hci4: command tx timeout
[  594.329456][   T61] Bluetooth: hci4: command tx timeout
[  594.464961][   T68] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  594.597640][   T68] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  594.598797][   T68] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  594.626145][T14847] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  594.671358][   T68] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  594.671798][T14847] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  594.817292][T14847] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  595.052805][T14847] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  595.195996][T15018] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3119'.
[  595.527891][T14957] chnl_net:caif_netlink_parms(): no params data found
[  597.459937][   T61] Bluetooth: hci4: command tx timeout
[  598.389185][T15059] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  598.389206][T15059] IPv6: NLM_F_CREATE should be set when creating new route
[  598.703385][T15063] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3128'.
[  598.848460][T15059] bridge0: port 2(bridge_slave_1) entered disabled state
[  598.857396][T15059] bridge0: port 1(bridge_slave_0) entered disabled state
[  599.334819][T15059] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  599.354538][T15059] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  600.468551][ T5984] hsr_slave_0: left promiscuous mode
[  600.508575][ T5984] hsr_slave_1: left promiscuous mode
[  600.511773][ T5984] batman_adv: batadv0: Removing interface: batadv_slave_0
[  600.550504][ T5984] batman_adv: batadv0: Removing interface: batadv_slave_1
[  602.897930][ T5984] team_slave_1 (unregistering): left promiscuous mode
[  602.917850][ T5984] team0 (unregistering): Port device team_slave_1 removed
[  603.107827][ T5984] team_slave_0 (unregistering): left promiscuous mode
[  603.128517][ T5984] team0 (unregistering): Port device team_slave_0 removed
[  605.002371][T15028] lo speed is unknown, defaulting to 1000
[  605.005669][ T3684] smc: removing ib device syz2
[  605.009967][   T68] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  605.031509][T15068] netlink: 61963 bytes leftover after parsing attributes in process `syz.2.3130'.
[  605.136972][   T68] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  605.137243][T14957] bridge0: port 1(bridge_slave_0) entered blocking state
[  605.137783][T14957] bridge0: port 1(bridge_slave_0) entered disabled state
[  605.138023][T14957] bridge_slave_0: entered allmulticast mode
[  605.139192][T15073] netlink: 212344 bytes leftover after parsing attributes in process `syz.1.3132'.
[  605.190316][T14957] bridge_slave_0: entered promiscuous mode
[  605.207373][   T68] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  605.284132][T14957] bridge0: port 2(bridge_slave_1) entered blocking state
[  605.284312][T14957] bridge0: port 2(bridge_slave_1) entered disabled state
[  605.284540][T14957] bridge_slave_1: entered allmulticast mode
[  605.347537][T14957] bridge_slave_1: entered promiscuous mode
[  605.356760][   T68] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  605.383043][T15081] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3133'.
[  605.410261][T15083] netlink: 'syz.2.3131': attribute type 4 has an invalid length.
[  605.461517][T15078] netlink: 'syz.2.3131': attribute type 4 has an invalid length.
[  605.552658][T15081] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3133'.
[  605.839096][T14957] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  605.879499][T14957] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  606.029479][T15097] netlink: 'syz.2.3135': attribute type 4 has an invalid length.
[  606.085960][T15098] netlink: 'syz.2.3135': attribute type 4 has an invalid length.
[  606.461323][T14957] team0: Port device team_slave_0 added
[  606.552955][T14957] team0: Port device team_slave_1 added
[  606.749934][T15115] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3137'.
[  606.934139][T15119] netlink: 'syz.2.3138': attribute type 4 has an invalid length.
[  606.986415][T15123] netlink: 'syz.2.3138': attribute type 4 has an invalid length.
[  607.266177][T14957] batman_adv: batadv0: Adding interface: batadv_slave_0
[  607.266198][T14957] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  607.266230][T14957] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  607.287629][T14957] batman_adv: batadv0: Adding interface: batadv_slave_1
[  607.287681][T14957] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  607.287754][T14957] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  607.478266][T15133] netlink: 61963 bytes leftover after parsing attributes in process `syz.2.3140'.
[  607.634507][T14847] 8021q: adding VLAN 0 to HW filter on device bond0
[  607.663564][T14957] hsr_slave_0: entered promiscuous mode
[  607.683717][T14957] hsr_slave_1: entered promiscuous mode
[  607.706043][T14957] debugfs: 'hsr0' already exists in 'hsr'
[  607.706076][T14957] Cannot create hsr debugfs directory
[  607.807633][T15140] netlink: 212344 bytes leftover after parsing attributes in process `syz.2.3142'.
[  610.746216][T14847] 8021q: adding VLAN 0 to HW filter on device team0
[  611.119921][ T3872] bridge0: port 1(bridge_slave_0) entered blocking state
[  611.120138][ T3872] bridge0: port 1(bridge_slave_0) entered forwarding state
[  611.207942][ T3872] bridge0: port 2(bridge_slave_1) entered blocking state
[  611.222623][ T3872] bridge0: port 2(bridge_slave_1) entered forwarding state
[  613.263654][ T5814] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  613.267625][ T5814] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  613.275714][ T5814] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  613.278407][ T5814] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  613.280888][ T5814] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  613.702081][T15164] lo speed is unknown, defaulting to 1000
[  613.852561][ T5984] IPVS: stop unused estimator thread 0...
[  615.816361][ T5814] Bluetooth: hci3: command tx timeout
[  616.390654][T14957] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  616.457070][T14957] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  616.524806][T14957] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  616.604706][T14957] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  616.631478][T15181] netlink: 212348 bytes leftover after parsing attributes in process `syz.2.3151'.
[  616.743854][T14847] 8021q: adding VLAN 0 to HW filter on device batadv0
[  616.876508][T15191] netlink: 61963 bytes leftover after parsing attributes in process `syz.1.3149'.
[  618.621466][ T5814] Bluetooth: hci3: command tx timeout
[  618.930197][T15164] chnl_net:caif_netlink_parms(): no params data found
[  621.054853][ T5814] Bluetooth: hci3: command tx timeout
[  621.139513][T14847] veth0_vlan: entered promiscuous mode
[  621.588796][T15164] bridge0: port 1(bridge_slave_0) entered blocking state
[  621.589864][T15164] bridge0: port 1(bridge_slave_0) entered disabled state
[  621.590129][T15164] bridge_slave_0: entered allmulticast mode
[  621.592947][T15164] bridge_slave_0: entered promiscuous mode
[  621.655339][T15215] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.3159'.
[  621.675955][T14847] veth1_vlan: entered promiscuous mode
[  621.685188][T15164] bridge0: port 2(bridge_slave_1) entered blocking state
[  621.685340][T15164] bridge0: port 2(bridge_slave_1) entered disabled state
[  621.685558][T15164] bridge_slave_1: entered allmulticast mode
[  621.687485][T15164] bridge_slave_1: entered promiscuous mode
[  621.899379][T15217] netlink: 61963 bytes leftover after parsing attributes in process `syz.1.3160'.
[  621.965742][T15164] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  621.991745][T15164] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  623.742309][ T5814] Bluetooth: hci3: command tx timeout
[  623.961380][T15225] netlink: 'syz.2.3157': attribute type 4 has an invalid length.
[  623.976455][T14957] 8021q: adding VLAN 0 to HW filter on device bond0
[  624.016891][T15226] netlink: 'syz.2.3157': attribute type 4 has an invalid length.
[  624.025877][T15164] team0: Port device team_slave_0 added
[  624.055557][T15164] team0: Port device team_slave_1 added
[  624.150498][T15164] batman_adv: batadv0: Adding interface: batadv_slave_0
[  624.150516][T15164] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  624.150542][T15164] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  624.155875][T15164] batman_adv: batadv0: Adding interface: batadv_slave_1
[  624.155891][T15164] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  624.155920][T15164] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  626.442808][T14847] veth0_macvtap: entered promiscuous mode
[  628.065983][T14957] 8021q: adding VLAN 0 to HW filter on device team0
[  628.256486][T15164] hsr_slave_0: entered promiscuous mode
[  628.257464][T15164] hsr_slave_1: entered promiscuous mode
[  628.258104][T15164] debugfs: 'hsr0' already exists in 'hsr'
[  628.258121][T15164] Cannot create hsr debugfs directory
[  628.320430][T14847] veth1_macvtap: entered promiscuous mode
[  628.352546][T14668] bridge0: port 1(bridge_slave_0) entered blocking state
[  628.352808][T14668] bridge0: port 1(bridge_slave_0) entered forwarding state
[  628.467123][T14668] bridge0: port 2(bridge_slave_1) entered blocking state
[  628.467332][T14668] bridge0: port 2(bridge_slave_1) entered forwarding state
[  628.515504][ T5984] bridge_slave_1: left allmulticast mode
[  628.515535][ T5984] bridge_slave_1: left promiscuous mode
[  628.515796][ T5984] bridge0: port 2(bridge_slave_1) entered disabled state
[  628.596034][ T5984] bridge_slave_0: left allmulticast mode
[  628.596066][ T5984] bridge_slave_0: left promiscuous mode
[  628.596359][ T5984] bridge0: port 1(bridge_slave_0) entered disabled state
[  629.054867][T15245] netlink: 212348 bytes leftover after parsing attributes in process `syz.2.3167'.
[  629.348831][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  629.348903][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  629.924553][ T5984] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  630.004482][ T5984] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  630.026153][ T5984] bond0 (unregistering): Released all slaves
[  630.088439][T15247] netlink: 61963 bytes leftover after parsing attributes in process `syz.2.3168'.
[  632.656323][T14847] batman_adv: batadv0: Interface activated: batadv_slave_0
[  633.213231][   T61] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  633.218721][   T61] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  633.219871][   T61] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  633.241168][   T61] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  633.244428][   T61] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  636.958475][ T5814] Bluetooth: hci5: command tx timeout
[  637.550100][ T5984] hsr_slave_0: left promiscuous mode
[  637.590139][ T5984] hsr_slave_1: left promiscuous mode
[  637.591230][ T5984] batman_adv: batadv0: Removing interface: batadv_slave_0
[  637.670181][ T5984] batman_adv: batadv0: Removing interface: batadv_slave_1
[  640.119912][ T5814] Bluetooth: hci5: command tx timeout
[  642.197679][ T5814] Bluetooth: hci5: command tx timeout
[  644.345823][ T5814] Bluetooth: hci5: command tx timeout
[  644.408178][T15299] netlink: 'syz.1.3182': attribute type 4 has an invalid length.
[  645.718644][ T5984] team0 (unregistering): Port device team_slave_1 removed
[  645.947063][ T5984] team0 (unregistering): Port device team_slave_0 removed
[  647.427944][   T61] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  647.434789][   T61] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  647.465152][   T61] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  647.472068][   T61] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  647.472773][   T61] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  648.096199][T15293] netlink: 61963 bytes leftover after parsing attributes in process `syz.2.3181'.
[  648.234781][T15267] lo speed is unknown, defaulting to 1000
[  648.668278][T15301] lo speed is unknown, defaulting to 1000
[  649.370871][T15317] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  649.404643][T15314] syzkaller0: entered promiscuous mode
[  649.404670][T15314] syzkaller0: entered allmulticast mode
[  649.407290][T15164] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  649.554438][   T61] Bluetooth: hci1: command tx timeout
[  649.624086][T15164] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  649.756989][T15323] tipc: Resetting bearer <eth:syzkaller0>
[  651.653430][   T61] Bluetooth: hci1: command tx timeout
[  652.142844][T15164] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  652.253386][T15313] tipc: Resetting bearer <eth:syzkaller0>
[  652.423173][T15313] tipc: Disabling bearer <eth:syzkaller0>
[  652.542712][T13486] tipc: Node number set to 1000994635
[  652.543682][T15164] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  652.600224][T15345] netlink: 61687 bytes leftover after parsing attributes in process `syz.1.3192'.
[  652.699755][T15348] netlink: 'syz.2.3193': attribute type 4 has an invalid length.
[  654.490215][   T61] Bluetooth: hci1: command tx timeout
[  656.973494][   T61] Bluetooth: hci1: command tx timeout
[  656.998838][ T5984] IPVS: stop unused estimator thread 0...
[  657.153261][T14355] Bluetooth: hci0: command 0x0406 tx timeout
[  658.963092][T15267] chnl_net:caif_netlink_parms(): no params data found
[  659.568884][T15387] netlink: 'syz.1.3200': attribute type 10 has an invalid length.
[  659.568909][T15387] netlink: 40 bytes leftover after parsing attributes in process `syz.1.3200'.
[  659.740141][T15301] chnl_net:caif_netlink_parms(): no params data found
[  659.937935][T15392] netlink: 61687 bytes leftover after parsing attributes in process `syz.1.3201'.
[  660.139799][T15398] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  660.140180][T15267] bridge0: port 1(bridge_slave_0) entered blocking state
[  660.141570][T15267] bridge0: port 1(bridge_slave_0) entered disabled state
[  660.141761][T15267] bridge_slave_0: entered allmulticast mode
[  660.145188][T15267] bridge_slave_0: entered promiscuous mode
[  660.233377][T15267] bridge0: port 2(bridge_slave_1) entered blocking state
[  660.249038][T15267] bridge0: port 2(bridge_slave_1) entered disabled state
[  660.249310][T15267] bridge_slave_1: entered allmulticast mode
[  660.269969][T15267] bridge_slave_1: entered promiscuous mode
[  660.683355][T15267] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  660.799295][T15301] bridge0: port 1(bridge_slave_0) entered blocking state
[  660.800242][T15301] bridge0: port 1(bridge_slave_0) entered disabled state
[  660.800495][T15301] bridge_slave_0: entered allmulticast mode
[  660.805352][T15301] bridge_slave_0: entered promiscuous mode
[  660.846932][T15267] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  660.878458][T15301] bridge0: port 2(bridge_slave_1) entered blocking state
[  660.878553][T15301] bridge0: port 2(bridge_slave_1) entered disabled state
[  660.878823][T15301] bridge_slave_1: entered allmulticast mode
[  660.880775][T15301] bridge_slave_1: entered promiscuous mode
[  664.463731][T15267] team0: Port device team_slave_0 added
[  664.479259][T15301] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  667.143114][T15267] team0: Port device team_slave_1 added
[  669.502245][T15301] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  669.556843][T15454] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  669.712697][T15267] batman_adv: batadv0: Adding interface: batadv_slave_0
[  669.712717][T15267] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  669.712749][T15267] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  670.017444][T15301] team0: Port device team_slave_0 added
[  670.018344][T15267] batman_adv: batadv0: Adding interface: batadv_slave_1
[  670.018359][T15267] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  670.018388][T15267] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  670.019533][T15464] netlink: 61687 bytes leftover after parsing attributes in process `syz.2.3209'.
[  670.087266][T15301] team0: Port device team_slave_1 added
[  675.842324][T14355] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  675.853356][T14355] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  675.867418][T14355] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  675.870551][T14355] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  675.874962][T14355] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  675.972911][T15301] batman_adv: batadv0: Adding interface: batadv_slave_0
[  675.972929][T15301] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  675.972959][T15301] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  676.226482][T15301] batman_adv: batadv0: Adding interface: batadv_slave_1
[  676.226497][T15301] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  676.226518][T15301] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  676.324270][T15267] hsr_slave_0: entered promiscuous mode
[  676.325598][T15267] hsr_slave_1: entered promiscuous mode
[  676.326569][T15267] debugfs: 'hsr0' already exists in 'hsr'
[  676.326594][T15267] Cannot create hsr debugfs directory
[  676.595696][T15478] lo speed is unknown, defaulting to 1000
[  676.629759][T15301] hsr_slave_0: entered promiscuous mode
[  676.638310][T15301] hsr_slave_1: entered promiscuous mode
[  676.639313][T15301] debugfs: 'hsr0' already exists in 'hsr'
[  676.639341][T15301] Cannot create hsr debugfs directory
[  679.076006][ T5814] Bluetooth: hci4: command tx timeout
[  681.356577][ T5814] Bluetooth: hci4: command tx timeout
[  683.590484][T15511] netlink: 61963 bytes leftover after parsing attributes in process `syz.2.3219'.
[  683.590768][ T5814] Bluetooth: hci4: command tx timeout
[  683.769222][T15517] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  685.654977][ T5814] Bluetooth: hci4: command tx timeout
[  688.515018][T15543] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  690.743899][ T1324] ieee802154 phy0 wpan0: encryption failed: -22
[  690.743983][ T1324] ieee802154 phy1 wpan1: encryption failed: -22
[  691.048255][T15560] netlink: 61963 bytes leftover after parsing attributes in process `syz.1.3228'.
[  691.345591][T15478] chnl_net:caif_netlink_parms(): no params data found
[  695.821713][T15594] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  696.074598][T14355] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  696.102069][T14355] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  696.103527][T14355] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  696.107597][T14355] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  696.152610][T14355] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  698.561259][T15478] bridge0: port 1(bridge_slave_0) entered blocking state
[  698.561474][T15478] bridge0: port 1(bridge_slave_0) entered disabled state
[  698.561735][T15478] bridge_slave_0: entered allmulticast mode
[  698.564371][T15478] bridge_slave_0: entered promiscuous mode
[  699.831505][ T5814] Bluetooth: hci3: command tx timeout
[  700.138554][T15478] bridge0: port 2(bridge_slave_1) entered blocking state
[  700.138705][T15478] bridge0: port 2(bridge_slave_1) entered disabled state
[  700.138973][T15478] bridge_slave_1: entered allmulticast mode
[  700.141812][T15478] bridge_slave_1: entered promiscuous mode
[  700.512923][T15478] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  700.612484][T15478] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  700.612569][T15608] lo speed is unknown, defaulting to 1000
[  700.667559][T15620] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  700.945948][T15628] netlink: 61963 bytes leftover after parsing attributes in process `syz.1.3237'.
[  700.979706][T15478] team0: Port device team_slave_0 added
[  701.010583][T15478] team0: Port device team_slave_1 added
[  703.028446][ T5814] Bluetooth: hci3: command tx timeout
[  703.191485][T15478] batman_adv: batadv0: Adding interface: batadv_slave_0
[  703.191502][T15478] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  703.191529][T15478] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  704.680776][T15478] batman_adv: batadv0: Adding interface: batadv_slave_1
[  704.680794][T15478] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  704.680823][T15478] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  705.056250][T14355] Bluetooth: hci3: command tx timeout
[  705.812773][T15478] hsr_slave_0: entered promiscuous mode
[  705.814254][T15478] hsr_slave_1: entered promiscuous mode
[  705.815291][T15478] debugfs: 'hsr0' already exists in 'hsr'
[  705.815316][T15478] Cannot create hsr debugfs directory
[  705.875992][T15665] netlink: 'syz.2.3242': attribute type 10 has an invalid length.
[  705.876017][T15665] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3242'.
[  707.469413][T14355] Bluetooth: hci3: command tx timeout
[  709.727333][ T5984] bridge_slave_1: left allmulticast mode
[  709.727364][ T5984] bridge_slave_1: left promiscuous mode
[  709.727650][ T5984] bridge0: port 2(bridge_slave_1) entered disabled state
[  709.767490][ T5814] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  709.772229][ T5814] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  709.794305][ T5814] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  709.795467][ T5814] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  709.798834][ T5814] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  709.875522][ T5984] bridge_slave_0: left allmulticast mode
[  709.875552][ T5984] bridge_slave_0: left promiscuous mode
[  709.875791][ T5984] bridge0: port 1(bridge_slave_0) entered disabled state
[  709.966526][ T5984] bridge_slave_1: left allmulticast mode
[  709.966550][ T5984] bridge_slave_1: left promiscuous mode
[  709.966715][ T5984] bridge0: port 2(bridge_slave_1) entered disabled state
[  710.075252][ T5984] bridge_slave_0: left allmulticast mode
[  710.075285][ T5984] bridge_slave_0: left promiscuous mode
[  710.075555][ T5984] bridge0: port 1(bridge_slave_0) entered disabled state
[  710.161455][ T5984] bridge_slave_1: left promiscuous mode
[  710.161696][ T5984] bridge0: port 2(bridge_slave_1) entered disabled state
[  710.235077][ T5984] bridge_slave_0: left allmulticast mode
[  710.235108][ T5984] bridge_slave_0: left promiscuous mode
[  710.235389][ T5984] bridge0: port 1(bridge_slave_0) entered disabled state
[  711.513765][ T5984] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  711.593744][ T5984] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  711.616136][ T5984] bond0 (unregistering): Released all slaves
[  711.842911][ T5814] Bluetooth: hci5: command tx timeout
[  712.553233][ T5984] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  712.633034][ T5984] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  712.655299][ T5984] bond0 (unregistering): Released all slaves
[  713.593208][ T5984] team0: Port device geneve0 removed
[  713.892450][ T5984] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  713.921914][ T5814] Bluetooth: hci5: command tx timeout
[  713.973361][ T5984] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  713.992652][ T5984] bond0 (unregistering): Released all slaves
[  714.052248][T15682] netlink: 61963 bytes leftover after parsing attributes in process `syz.1.3248'.
[  714.404018][T15678] lo speed is unknown, defaulting to 1000
[  716.172942][ T5814] Bluetooth: hci5: command tx timeout
[  716.386526][T15608] chnl_net:caif_netlink_parms(): no params data found
[  718.247168][ T5814] Bluetooth: hci5: command tx timeout
[  718.413801][ T5984] tipc: Left network mode
[  721.927511][T15723] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3255'.
[  723.210660][T15723] 8021q: adding VLAN 0 to HW filter on device bond1
[  723.238206][T15724] bond1: (slave bridge1): Enslaving as an active interface with an up link
[  725.946373][T15608] bridge0: port 1(bridge_slave_0) entered blocking state
[  725.946523][T15608] bridge0: port 1(bridge_slave_0) entered disabled state
[  725.946749][T15608] bridge_slave_0: entered allmulticast mode
[  725.948498][T15608] bridge_slave_0: entered promiscuous mode
[  726.035954][ T5962] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  726.064022][T15608] bridge0: port 2(bridge_slave_1) entered blocking state
[  726.064144][T15608] bridge0: port 2(bridge_slave_1) entered disabled state
[  726.064357][T15608] bridge_slave_1: entered allmulticast mode
[  726.070751][T15608] bridge_slave_1: entered promiscuous mode
[  726.205614][ T5962] usb 2-1: Using ep0 maxpacket: 32
[  726.208627][ T5962] usb 2-1: config 0 has an invalid interface number: 188 but max is 0
[  726.208648][ T5962] usb 2-1: config 0 has no interface number 0
[  726.208684][ T5962] usb 2-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  726.214790][ T5962] usb 2-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  726.214819][ T5962] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  726.214834][ T5962] usb 2-1: Product: syz
[  726.214847][ T5962] usb 2-1: Manufacturer: syz
[  726.214858][ T5962] usb 2-1: SerialNumber: syz
[  726.288014][ T5962] usb 2-1: config 0 descriptor??
[  726.288954][T15754] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  726.425469][ T5984] hsr_slave_0: left promiscuous mode
[  726.445479][ T5984] hsr_slave_1: left promiscuous mode
[  726.461483][ T5984] batman_adv: batadv0: Removing interface: batadv_slave_0
[  726.494666][T15754] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  726.506284][ T5984] batman_adv: batadv0: Removing interface: batadv_slave_1
[  726.565334][    C1] ------------[ cut here ]------------
[  726.565350][    C1] ODEBUG: free active (active state 0) object: ffff888010b0b4d0 object type: timer_list hint: rose_t0timer_expiry+0x0/0x360
[  726.565561][    C1] WARNING: lib/debugobjects.c:615 at debug_check_no_obj_freed+0x405/0x550, CPU#1: ktimers/1/29
[  726.565671][    C1] Modules linked in:
[  726.565707][    C1] CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  726.565738][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[  726.565756][    C1] RIP: 0010:debug_check_no_obj_freed+0x44a/0x550
[  726.565792][    C1] Code: 89 44 24 20 e8 f7 4e 92 fd 48 8b 44 24 20 4c 8b 4d 00 4c 89 ef 48 c7 c6 40 ed 65 8b 48 c7 c2 c0 f2 65 8b 8b 0c 24 4d 89 f8 50 <67> 48 0f b9 3a 48 83 c4 08 4c 8b 6c 24 18 48 b9 00 00 00 00 00 fc
[  726.565812][    C1] RSP: 0018:ffffc90000a3f890 EFLAGS: 00010246
[  726.565832][    C1] RAX: ffffffff89dd4300 RBX: ffffffff99325058 RCX: 0000000000000000
[  726.565850][    C1] RDX: ffffffff8b65f2c0 RSI: ffffffff8b65ed40 RDI: ffffffff8f3179c0
[  726.565868][    C1] RBP: ffffffff8b0f58c0 R08: ffff888010b0b4d0 R09: ffffffff8b0f6c00
[  726.565885][    C1] R10: dffffc0000000000 R11: ffffffff81ae3310 R12: ffff888010b0b600
[  726.565903][    C1] R13: ffffffff8f3179c0 R14: ffff888010b0b000 R15: ffff888010b0b4d0
[  726.565921][    C1] FS:  0000000000000000(0000) GS:ffff8881268fc000(0000) knlGS:0000000000000000
[  726.565941][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  726.565958][    C1] CR2: 000020000014a000 CR3: 0000000034412000 CR4: 00000000003526f0
[  726.565978][    C1] Call Trace:
[  726.566111][    C1]  <TASK>
[  726.566133][    C1]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  726.566162][    C1]  ? rt_spin_lock+0x20e/0x400
[  726.566245][    C1]  ? rose_timer_expiry+0x4cb/0x600
[  726.566270][    C1]  kfree+0x134/0x8f0
[  726.566352][    C1]  rose_timer_expiry+0x4cb/0x600
[  726.566375][    C1]  ? call_timer_fn+0x178/0x5a0
[  726.566418][    C1]  call_timer_fn+0x192/0x5a0
[  726.566442][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  726.566464][    C1]  ? call_timer_fn+0xd4/0x5a0
[  726.566487][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  726.566519][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  726.566547][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  726.566572][    C1]  __run_timer_base+0x6a3/0x9f0
[  726.566606][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  726.566639][    C1]  ? __local_bh_disable_ip+0x3c/0x420
[  726.566678][    C1]  run_timer_softirq+0xb7/0x170
[  726.566701][    C1]  handle_softirqs+0x1de/0x640
[  726.566727][    C1]  ? smpboot_thread_fn+0x4d/0xa50
[  726.566754][    C1]  run_ktimerd+0x69/0x100
[  726.566775][    C1]  smpboot_thread_fn+0x541/0xa50
[  726.566798][    C1]  ? smpboot_thread_fn+0x4d/0xa50
[  726.566826][    C1]  kthread+0x726/0x8b0
[  726.566851][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  726.566872][    C1]  ? __pfx_kthread+0x10/0x10
[  726.566892][    C1]  ? rt_spin_unlock+0x14f/0x200
[  726.566933][    C1]  ? rt_spin_unlock+0x160/0x200
[  726.566950][    C1]  ? __pfx_kthread+0x10/0x10
[  726.566974][    C1]  ret_from_fork+0x51b/0xa40
[  726.567004][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  726.567021][    C1]  ? __switch_to+0xc82/0x1410
[  726.567054][    C1]  ? __pfx_kthread+0x10/0x10
[  726.567079][    C1]  ret_from_fork_asm+0x1a/0x30
[  726.567132][    C1]  </TASK>
[  726.567147][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  726.567160][    C1] CPU: 1 UID: 0 PID: 29 Comm: ktimers/1 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  726.567179][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/13/2026
[  726.567189][    C1] Call Trace:
[  726.567195][    C1]  <TASK>
[  726.567202][    C1]  vpanic+0x1e0/0x670
[  726.567243][    C1]  panic+0xc5/0xd0
[  726.567265][    C1]  ? __pfx_panic+0x10/0x10
[  726.567294][    C1]  ? ret_from_fork_asm+0x1a/0x30
[  726.567321][    C1]  __warn+0x315/0x4a0
[  726.567342][    C1]  ? debug_check_no_obj_freed+0x405/0x550
[  726.567362][    C1]  ? debug_check_no_obj_freed+0x405/0x550
[  726.567383][    C1]  __report_bug+0x29a/0x540
[  726.567431][    C1]  ? debug_check_no_obj_freed+0x405/0x550
[  726.567450][    C1]  ? __pfx___report_bug+0x10/0x10
[  726.567478][    C1]  ? try_to_take_rt_mutex+0x840/0xb00
[  726.567497][    C1]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  726.567518][    C1]  report_bug_entry+0x19a/0x290
[  726.567566][    C1]  ? debug_check_no_obj_freed+0x44a/0x550
[  726.567584][    C1]  ? debug_check_no_obj_freed+0x44f/0x550
[  726.567602][    C1]  handle_bug+0xca/0x200
[  726.567636][    C1]  exc_invalid_op+0x1a/0x50
[  726.567650][    C1]  asm_exc_invalid_op+0x1a/0x20
[  726.567676][    C1] RIP: 0010:debug_check_no_obj_freed+0x44a/0x550
[  726.567698][    C1] Code: 89 44 24 20 e8 f7 4e 92 fd 48 8b 44 24 20 4c 8b 4d 00 4c 89 ef 48 c7 c6 40 ed 65 8b 48 c7 c2 c0 f2 65 8b 8b 0c 24 4d 89 f8 50 <67> 48 0f b9 3a 48 83 c4 08 4c 8b 6c 24 18 48 b9 00 00 00 00 00 fc
[  726.567714][    C1] RSP: 0018:ffffc90000a3f890 EFLAGS: 00010246
[  726.567729][    C1] RAX: ffffffff89dd4300 RBX: ffffffff99325058 RCX: 0000000000000000
[  726.567741][    C1] RDX: ffffffff8b65f2c0 RSI: ffffffff8b65ed40 RDI: ffffffff8f3179c0
[  726.567754][    C1] RBP: ffffffff8b0f58c0 R08: ffff888010b0b4d0 R09: ffffffff8b0f6c00
[  726.567766][    C1] R10: dffffc0000000000 R11: ffffffff81ae3310 R12: ffff888010b0b600
[  726.567779][    C1] R13: ffffffff8f3179c0 R14: ffff888010b0b000 R15: ffff888010b0b4d0
[  726.567799][    C1]  ? __pfx_timer_debug_hint+0x10/0x10
[  726.567825][    C1]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  726.567850][    C1]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  726.567871][    C1]  ? rt_spin_lock+0x20e/0x400
[  726.567892][    C1]  ? rose_timer_expiry+0x4cb/0x600
[  726.567915][    C1]  kfree+0x134/0x8f0
[  726.567940][    C1]  rose_timer_expiry+0x4cb/0x600
[  726.567962][    C1]  ? call_timer_fn+0x178/0x5a0
[  726.567988][    C1]  call_timer_fn+0x192/0x5a0
[  726.568012][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  726.568034][    C1]  ? call_timer_fn+0xd4/0x5a0
[  726.568058][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[  726.568090][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  726.568111][    C1]  ? __pfx_rose_timer_expiry+0x10/0x10
[  726.568136][    C1]  __run_timer_base+0x6a3/0x9f0
[  726.568170][    C1]  ? __pfx___run_timer_base+0x10/0x10
[  726.568206][    C1]  ? __local_bh_disable_ip+0x3c/0x420
[  726.568230][    C1]  run_timer_softirq+0xb7/0x170
[  726.568253][    C1]  handle_softirqs+0x1de/0x640
[  726.568279][    C1]  ? smpboot_thread_fn+0x4d/0xa50
[  726.568298][    C1]  run_ktimerd+0x69/0x100
[  726.568320][    C1]  smpboot_thread_fn+0x541/0xa50
[  726.568341][    C1]  ? smpboot_thread_fn+0x4d/0xa50
[  726.568368][    C1]  kthread+0x726/0x8b0
[  726.568393][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  726.568414][    C1]  ? __pfx_kthread+0x10/0x10
[  726.568434][    C1]  ? rt_spin_unlock+0x14f/0x200
[  726.568455][    C1]  ? rt_spin_unlock+0x160/0x200
[  726.568471][    C1]  ? __pfx_kthread+0x10/0x10
[  726.568494][    C1]  ret_from_fork+0x51b/0xa40
[  726.568514][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  726.568537][    C1]  ? __switch_to+0xc82/0x1410
[  726.568556][    C1]  ? __pfx_kthread+0x10/0x10
[  726.568580][    C1]  ret_from_fork_asm+0x1a/0x30
[  726.568616][    C1]  </TASK>
[  726.569266][    C1] Kernel Offset: disabled