last executing test programs:

10.872117641s ago: executing program 2 (id=4427):
syz_open_dev$evdev(&(0x7f00000000c0), 0xfffffffffffffffe, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[], 0x0, 0x4, 0x8f, &(0x7f00000003c0)=""/143}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000380)='sched_switch\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100000700002c0000000000"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
add_key$keyring(&(0x7f0000000100), &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
sched_setscheduler(0x0, 0x1, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x6)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = timerfd_create(0x9, 0x0)
timerfd_settime(r5, 0x3, &(0x7f0000000100)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
timerfd_gettime(r5, &(0x7f0000000000))

9.08661505s ago: executing program 0 (id=4446):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_TP_METER(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16, @ANYBLOB="fd8d00000000000000000200000008000300", @ANYRES32=r2], 0x30}}, 0x0)

8.504523568s ago: executing program 1 (id=4447):
socket$qrtr(0x2a, 0x2, 0x0)
r0 = syz_open_dev$video(0x0, 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0285628, &(0x7f0000000340)={0xc, @win={{0x0, 0xfffffffd}, 0x0, 0x81, 0x0, 0x0, 0x0}})
socket$key(0xf, 0x3, 0x2)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f00000000c0))
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x78)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$EVIOCGPROP(r3, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r3, 0x4004743a, &(0x7f0000000300))
read$FUSE(r1, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
getpid()
process_vm_readv(0x0, &(0x7f0000000280), 0x0, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x5f}], 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, &(0x7f0000000f80)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0x541b, &(0x7f0000000040)={<r5=>0xffffffffffffffff, 0xfffffffffffffffe, 0x9, 0xfffffffffffffffc})
close_range(r5, 0xffffffffffffffff, 0x0)

8.272695194s ago: executing program 0 (id=4449):
socket$inet_udplite(0x2, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
pwrite64(0xffffffffffffffff, &(0x7f00000026c0), 0x0, 0xff)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x5, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r4 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
mknodat(r4, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./bus\x00')
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000240)='./bus\x00', 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
renameat2(r5, &(0x7f00000001c0)='./file0\x00', r5, &(0x7f0000000200)='./bus/file0\x00', 0x0)
link(0x0, &(0x7f0000000080)='./bus\x00')
r6 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents64(r6, &(0x7f0000000180)=""/105, 0x69)

7.882149856s ago: executing program 2 (id=4451):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x5, 0x4, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, 0x0, &(0x7f0000000140)=r0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r2, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

6.985473244s ago: executing program 1 (id=4453):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYRES32=r2], 0x1c}}, 0x0)
recvmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

6.925007166s ago: executing program 0 (id=4455):
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYRESHEX])
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', &(0x7f00000001c0)='jfs\x00', 0x0, &(0x7f0000000340))

6.89077177s ago: executing program 2 (id=4456):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000400)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff9ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7"], 0x0}, 0x90)
ptrace$setregs(0xd, r0, 0x0, 0x0)

4.263394882s ago: executing program 3 (id=4457):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xfff, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r2 = io_uring_setup(0x30d5, &(0x7f00000001c0))
r3 = syz_open_dev$usbmon(&(0x7f0000007040), 0x0, 0x0)
ioctl$MON_IOCX_MFETCH(r3, 0xc0109207, &(0x7f00000070c0)={0x0})
close_range(r2, 0xffffffffffffffff, 0x0)

4.243606367s ago: executing program 1 (id=4458):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r1, 0x0)
r2 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r2, &(0x7f0000000000)={0x18, 0x2, {0x0, @local}}, 0x1e)
connect$pptp(r2, &(0x7f0000000080)={0x18, 0x2, {0x0, @loopback}}, 0x1e)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000015c0), 0x0, 0x0)
ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000040)=0x1)
ioctl$PPPIOCATTCHAN(0xffffffffffffffff, 0x40047438, &(0x7f0000000100)=0x1)
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x8, 0x8}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xd, 0x0, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$IPT_SO_GET_REVISION_MATCH(r4, 0x0, 0x42, &(0x7f0000000140)={'ipvs\x00'}, &(0x7f0000000180)=0x1e)
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r3, 0xc0c89425, &(0x7f0000000280)={"255f7cdd83034e7aace902fafd5dc9fd", 0x0, 0x0, {0x16020000000, 0x1b}, {0x50000}, 0x7, [0x3, 0x953d, 0x6, 0x2, 0x7, 0xffffffffffffff0d, 0x5, 0x7fffffffffffffff, 0x6, 0xffffffffffff8001, 0x2, 0x0, 0x935, 0xf67f, 0x3be, 0x7f]})

4.110279104s ago: executing program 2 (id=4460):
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x0, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mount$nfs(0x0, &(0x7f0000000780)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000440), 0x11008, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='net/udp6\x00')
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/62, 0x0, 0x1})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000e40))
r3 = msgget$private(0x0, 0x0)
msgrcv(r3, &(0x7f0000002540), 0x8, 0x0, 0x1400)
msgsnd(r3, &(0x7f0000000500)=ANY=[@ANYBLOB="000000000012"], 0x11, 0x0)
readv(r2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000d00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1810714, &(0x7f0000000240)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@delalloc}, {@grpjquota_path}, {@resuid}, {@prjquota}, {@usrjquota}, {@usrjquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x409e}}, {@test_dummy_encryption}]}, 0xff, 0x468, &(0x7f0000002100)="$eJzs289vFFUcAPDvzG4BQdmKiIIgVTRp/NHSgsrBxGg08aCJiR7wWNtCkIUaWhMhjVZj8GhIvBuPJv4FnjwZ9WTiFY8mhoQoMQG9uGZ2Z0q77JbWbtlN9/NJBt6befve+3bmzb6dtxtA3xrK/kki7o6IyxFRaWSXFxhq/Hfj2vzk39fmJ5Oo1d78I6mXu35tfrKWK163I69zOI1IP03yRmJgabWz5y+cnqhWp8/l+dG5M++Nzp6/8PSpMxMnp09Onx0/duzokbHnnh1/pkWvf7u01jiz+K7v+3Bm/95X3770+uTxS+/8+E3W3z0HGsezONZa5+0MZYH/2fjbNB97vNONddm/tZtxJuVu94bVKkVEOR+cl6MSpbh58irxyidd7RywobJ79tb2hxdqwCaWRLd7AHRH8Uafff4ttjs09egJV19sfADK4r6Rb40j5UjzMgMb2P5QRBxf+OfLbIum5xC1Fs8NAADW67ts/vNUq/lfGnuWlNuZrw0NRsS9EbErIu6LiN0RcX9EvewDEfHgGtsfasrfOv9Mr/yvwFYpm/89n69tLZ//FbO/GCzluXvq8Q8kJ05Vpw/nf5PhGNia5cdaVV5U8fIvn7drf+n8L9uy9ou5YF7JlXLjAd22Ys/UxNxEpyalVz+O2FduFX+yuBKQRMTeiNi3tqp3FolTT3y9v12h28e/gg6sM9W+KiqZX4im+AvJyuuTo9uiOn14tLgqbvXTzxffaNf+uuLvgOz8b19+/TeVqPyVLF2vnV088MJq27j462dtP1OWV3/9L8qu/y3JW/U13S35vg8m5ubOjUVsSV6r55ftH7/52iJflM/iHz7Uevzvyl+Txf9QRGQX8YGIeDgiDubn7pGIeDQiDq0Q/w8vPfZuu2O9cP6nWt7/Fq//weXnf+2J0unvv23X/uruf0frqeF8T/3+dxvtu1PcRpuuZgAAANjE0vp345N0ZDGdpiMjje/w747taXVmdu7JEzPvn51qfId+MAbS4klXZcnz0LFkIa+xkR/PnxUXx4/kz42/KN1Vz49MzlSnuhw79LsdbcZ/5vdSt3sHbDi/14L+1Tz+0y71A7jzvP9D/zL+oX8Z/9C/Wo3/j5ry1gJgM6pVut0DoHvM/6F/Gf/Qv4x/6Evr+V3/RiXKK/x6X6JXEpH2RDd6JnGwh0ZTuQOju8s3JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA75LwAA///foPki")
syz_mount_image$tmpfs(0x0, &(0x7f0000000480)='./file0\x00', 0x10, 0x0, 0x3, 0x0, &(0x7f0000000480))
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(0x0, &(0x7f0000000440)='./file0\x00', 0x0, 0x0, 0x20, 0x0, 0x0)
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r4, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r5 = dup(r4)
write$FUSE_BMAP(r5, &(0x7f0000000100)={0x18}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

4.085616271s ago: executing program 0 (id=4461):
r0 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$inet6_dccp(0xa, 0x6, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000400)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_TP_METER(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000500)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="fd8d00000000000000000200000008000300", @ANYRES32=r2], 0x30}}, 0x0)

4.043705768s ago: executing program 4 (id=4462):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000029c0)=""/250, 0xfa)

3.797803713s ago: executing program 1 (id=4463):
syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="120100002eab5a40401c3405cc6d010203010902120001000000000904"], 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r0, &(0x7f0000000180)=[{&(0x7f0000001a80)=""/102398, 0x18ffe}], 0x1, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000240)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f00000000c0), 0xffffffffffffffff, 0x0, 0x2, 0x4}}, 0x20)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$inet6(0xa, 0x806, 0x0)
r1 = syz_open_dev$vim2m(0x0, 0x40005, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, 0x0)
epoll_create1(0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
syz_open_procfs$userns(0x0, &(0x7f0000000a00))
bind$alg(r2, 0x0, 0x0)
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
r3 = open(&(0x7f00000002c0)='.\x00', 0x0, 0x0)
fcntl$notify(r3, 0x402, 0x3)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)

3.638499492s ago: executing program 0 (id=4464):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d0000000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000540)={0x2c, &(0x7f0000000200)={0x0, 0x0, 0x5, {0x5, 0x0, "a8c6df"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, &(0x7f0000000380)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000181100", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
timerfd_create(0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000440)=@newqdisc={0x30, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0x4}}]}, 0x30}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000f20000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000007f1600850000008200000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_usb_control_io(r0, &(0x7f0000001780)={0x2c, 0x0, &(0x7f00000014c0)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="000312"], 0x0, 0x0}, 0x0)

3.610885204s ago: executing program 4 (id=4465):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr$trusted_overlay_upper(&(0x7f0000000200)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)

1.982615601s ago: executing program 5 (id=4468):
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000))
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x12, 0x5, 0x4, 0x2}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r0}, &(0x7f0000000040), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1.949420563s ago: executing program 2 (id=4469):
syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="bbbbbbbbbbbb0180c2000000080600"], 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x15)
preadv(r1, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x0, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
r3 = openat$sequencer2(0xffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_FM_4OP_ENABLE(r3, 0x4004510f, &(0x7f0000000040)=0x3)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, 0x0)
ioctl$sock_SIOCSIFBR(0xffffffffffffffff, 0x8941, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
epoll_create1(0x80000)
r4 = syz_open_procfs(0x0, &(0x7f0000000040)='ns\x00')
write$binfmt_misc(r3, &(0x7f0000000200)=ANY=[@ANYBLOB="73797a30e88244a83afd80f5592f0a1e5f0be9feec0eb98ca8ee85154d9c8bc147a58a07e51f20f1dbbe90476f617ce99cb2e3c8b1014868d278a8bc7a8ecd323dc59196f43a7d4c54dbe15fd8febeed8c38db44cd13e7b6701681d2419c9b9a7af884027b3be153d1034b9321e90ab5d09d73919f4ce8b90aec2584ca1b359aee4fbf23cc53456665ba67bd59"], 0x3b)
move_mount(r4, &(0x7f00000000c0)='./mnt\x00', r4, &(0x7f0000000100)='./mnt\x00', 0x271)
r5 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r5, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
ioctl$PPPIOCGCHAN(r5, 0x80047437, &(0x7f0000001f00))
sendmmsg(r5, &(0x7f0000001cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)
syz_usb_connect$uac1(0x4, 0x84, 0x0, 0x0)
socket$inet6(0xa, 0x1, 0x0)

1.663914006s ago: executing program 5 (id=4470):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYRES32=r2], 0x1c}}, 0x0)
recvmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

1.399561502s ago: executing program 3 (id=4471):
r0 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000cab000))
setuid(0x0)
r1 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000001c0)=ANY=[@ANYBLOB="38000000031401"], 0x38}}, 0x0)

1.350551422s ago: executing program 4 (id=4472):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000400)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff9ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7"], 0x0}, 0x90)
ptrace$setregs(0xd, r0, 0x0, 0x0)

1.194735494s ago: executing program 5 (id=4473):
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYRESHEX])
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x0, 0x1)
mount(&(0x7f0000000100)=@nullb, &(0x7f00000002c0)='./file0\x00', &(0x7f00000001c0)='jfs\x00', 0x0, &(0x7f0000000340))

986.404598ms ago: executing program 3 (id=4474):
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "0000000000000000000080ffffffffffff00"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup(r1)
ioctl$TIOCGLCKTRMIOS(r2, 0x5456, 0x0)

909.946948ms ago: executing program 4 (id=4475):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000e40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3576], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x12, 0x4, 0x8, 0x200b}, 0x48)

909.165414ms ago: executing program 5 (id=4476):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00\x00\x00', 0x8)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000340)={0x0, 0x1}, 0xe)
shutdown(r2, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f00000001c0)={r3, @in6={{0xa, 0x4e21, 0x1, @ipv4={'\x00', '\xff\xff', @remote}, 0x7}}}, 0x84)

833.993829ms ago: executing program 3 (id=4477):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002380)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f00000029c0)=""/250, 0xfa)

726.145833ms ago: executing program 1 (id=4478):
socket$key(0xf, 0x3, 0x2)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
eventfd(0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x7ffb, 0x220109, 0x6, 0x1, 0xffffffffffffffff, 0xfffffffe}, 0x48)
r0 = socket$kcm(0xa, 0x5, 0x0)
r1 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x8916, &(0x7f0000000000)={r1})
r2 = socket$kcm(0xa, 0x5, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r2, 0x8916, &(0x7f0000000000)={r2})
ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x8936, &(0x7f0000000000)={r1})

586.492863ms ago: executing program 3 (id=4479):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @quote}], 0x38)
write$sndseq(r1, &(0x7f0000000200)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"448cc880fe353ca0f2c2e953"}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @connect}], 0xc4)
write$sndseq(r1, &(0x7f0000000640)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @ext={0x0, 0x0}}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @connect}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @control={0x6, 0x7fff, 0x8}}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}], 0xc4)
write$sndseq(r1, &(0x7f0000002840)=[{0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @control}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @addr}], 0x54)
write$sndseq(r1, 0x0, 0x0)
write$sndseq(r1, &(0x7f0000000a40)=[{0x0, 0x0, 0x0, 0x0, @time}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}, {0x0, 0x0, 0x0, 0x0, @time, {0x0, 0x3}, {}, @quote}, {0x0, 0x0, 0x0, 0x0, @tick, {}, {}, @queue}, {0x0, 0x0, 0x0, 0x0, @time, {}, {}, @queue}], 0x8c)

573.144656ms ago: executing program 4 (id=4480):
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, 0x0, 0x800)
sendmsg$GTP_CMD_DELPDP(0xffffffffffffffff, 0x0, 0x8810)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000080)='./bus\x00', 0x2, &(0x7f0000004b00)=ANY=[@ANYRES32=0x0, @ANYBLOB="5e0de6d0a46fa97f7414d5d4beddb6230d028c2985c07fd13ab9cd215be43701b0695c176f010c8522dc892d07fde1c4dd61620c6f145357d324923d98eafd69fcb6929e5d0149b55ad366cb405eb1db194e21eff7ee1ffd0fc491f7a1bd5ef94daa60e4ca4f86b607c0bfa43209a15cc602bced1e30290c9c66b61c0ce079072dc9c55937e87e811990c0a91e53fb7262746f85989515c54010fd24e6ce0415a26322ae81df827d5dcd02a05bea25986e519c3ec6192d3b14cf5fe367c9165b7e625e7c8389494b52ea3019206695e90ce8167dbf5a4157b8943bb48d9b485936f5e27d9538b9a26e5aba36d03db6093d2d3572600e08431993ce973d4cc18848c4593672ae571311d7723653de6825ebf2cb1ea583fe04db14c9ce1762a6b8f00dfd20f64f9acc3ced5097658b468f02c66bb8a7a586d00970044ace79a1202a934310f37359976a87a4b407ee8c3838f48255c0dd8dec7e6be5ef228cb602d83169cc3cdd372823665e0173e6d17bce2a6fb31d80542852c651fbb12c1f875a9f9f7654944b6054fbd6a2755f1eac851d3574df50e5bcf52b771784b7494278b1ee4954fcc101a27cd2caa6bed9d137b06ac60716f64745446165f75818f9ee4d0d02407e33f2cbe25398555191dc68ca32d57d986da35f029b57bc9ddbdb3c7286994688782975d4e91dfd0ae1aca248ac78df50ecf1a84b8a88577c1884bd97c96b3feea64f35e34b41ee47cc845f9240bfabb68c11e1dec3ae7aa4642af97341fb2358ec2c9fffb1c0bb90f375020e7a14c3c46c41766614442a0eeb6c5a55c6dc8d735ad8f724be9123a12f1416ed9404a070da645be79878b39e36eb461ec426c46a5d0201543fa3ccd8b0c305655aee8dbbae71e1f187bae5abe882e52a41dfb52a057704dbf359f993f0fde8bcab0f8ba7ec1f84e7386e8c72c81a6317bc937529063f8f5cf7b8753592629199a0e63773f9d1c63373738804b8267c989434168ecdfd0805e8936f99b5dffbab3a2c326a8bcf5881fe5f79cf58bea52d236abdfb1986331fabb9aab70f3e50acf81e2f5b4db83a73f9d0ec011f840fc5f62e5762cd4abfabebe5737d1486d65ad58f846c29bb1e94c7b20b04a34be7be0ec348f502dffb12f7e4140f8d70120ff1015664afa4c0dab33e5c04ea296ae48c0f4d7c67db9c319de481e018299990c727eb95b6746cc5bbfbdee52a77d96f2406b2f883eb3cce1deb571bc322dd113d69aac36e3816ca2256067391a1d10386503d2788eb5f3289ed462c3bea4951e2e9843cfa0ee70826c2d29ab31a902ccd9f82e43e56a6299b3f5c19ab010ee56c7d71031684ab754c1a442c386b93fa66dcc36f9c1d372434e75a5a7f8651ec4bb2b46ab61fc45a019abf8e20107e9a228ec07ecadfcb2f2373bf977cdedcdaa103bba3b70fb2ab373070f3fa88ef3ff54c1bf05df0350c3d9f8fc6d35734798bfe454da9128e2011e33e8b7602d3e45c160eb85ff49d722c1d049de00b151a938c5cb59861e19669b381f0ebcae398a93789ce8e2579aaf7b1493db08d71165d6c60396e0f2626b9f4609965d6c063fc071592e5eb58b707a942ab6a8a09192fd0bd3f0964c9ff7c978fbb46bd951f0d60c296f00d38c78bdee7f9e894b04b174a15aa68ff527376b3fc319996400f2e705cdf15f133a59a496402afc90824306d0f5c49993d3fa24ede9304f11fd30b31e7ce0517d9ea1919f2f5ef3ed1ede8f39872e17e0fbfdf1a9342dc65b192cb01dcbae1bbfab8b3fa2db08b09cd2aa9ad36ad9d4fc7039dafe688b1dff5986e172cc2e3476caa63ad6603568b2290252dc015c12323a980c6a347ec50efc9aea18c124bb21877b3807df36b71ad0e108f819988b8769cd1a6ec5d5b853939845187763ccc818d50146b912e3c76dbb7d893d787c898727be3b369c1c0526845b4ce2e842dbb120b2d7174203b3096f381743f4e0480206a13aee6f6514818dc77c5bf1e0476c1e391a71d2c58cc862063c5723bb0e7eb06e7e2d22252793c5b65c77c850530ef57f894145b332708371a06135382b7eea0782f8f7a88392c2be365934785685a2af96aa2b6e2035c3cb6f556071be1fb411f8c8497c041573e261a205d40b098ac2546cf2d25b7947c503ed6c9c9c3217a8695e1ca1b359ac92b91740344796243fac99189c0c46215df1a42478ebdb8c4a8d99e6ee985886de89c5d33f9485891da2023ce3d3c3b7b620c4231100c1911730f9d03e90ccf9cd10e4c7953e79a10913d683b3860db3c40f53f85ef77b9bdc108661a1d7b6c28d3c9f1c8bdd4d6110ba986c1f639de668a027740124ecdf54ab9e877f3208dad0139d434eb76ad3d6fb08ef20b6bdca5392d5e21ff9be075658192e70ff175beaa325397b45bdf9d5025935f9369d6a8bb9e368cab2beae3b891faeb1c9623104cacebffac39be98e324991983a268fce8226ef81184e4f2bab4b05f4c0111bcff4de5633fe26dda28197418470c59a254d18320afb3264ba857e0666e35e504d93054c8fc6e5e6bde8845abd33f6607d988da0e41831bb1228dcd83a894d094fdae1f592078d6d1b79dc8dc40d76e7b065b7ddb42b82773251dfd887fd0083d581deefd2cc8bf133f239aa7d014b67cd27eab9c40578449f61aef4831d1cef26902d886f29ada6624c45ef13caea199e8e98a14eb66559cb55296d7b1bfe87ff39c4e29598a014d723d245a2501301d2e9ac28caa8848532acc0c142b45f02e2daf692ba28decf4e0f6afcf5eeaa84e5282b91c3026d7c350bae653b2fcae8b77e9236348be3717552db2351cb289a4848cfaef7fcca4d246c91aeb619c7fdfc2a740736fd3677599d7e0092cd32274817188964b2be954bcfb3bc7928367be69d05688509f0b1edfbdb2138d766cff0bed83d67fea0ed79a6d02cee5ff6a4a6c6cd05f769cae141cc543af8705d1878953b63b3b1bb9f65e3c35891e9716959627b8bd8cda654dbaf44b2240144d587b2ee6b7c14d4246a920eeb5dd6adde20e4782f015a39b7e1287a3b00d93e7ae0dab496644aa5e833fc2334777c41b8935461c845d44f82fbdd821d413ed3b4a8c35ce5e36729b755c10400e66f49e012b7b1416744498d99093074574068230236c3559a25b4badfc4610cd4bca127b17434a76f10638e26cd77bdc8d9063398def2a36b115b381d03ea4a556aa608bde59c0e6662c0a1382d4bb26563e42b80d21c8400e4f48ccf62bbff0faa291cca6d5093cf12ac83979505bcf31682c225d9f5d02b43a83c4b0d9a9ceaab087b9acf6ec300f3e82f1fb348786704dfb536cdb65e1e35a8e68c9cd2490b198c1d0d46fb7f51ea8f5e210d3547c9577396a6619476871b3260ea49a5bb95825192688cff7e22520b821ceeeccc1f54471b76ae855c3733054be0ce00a4c44de27e45c2c0569de1b7c1621089f731fe64022e5b2225f3d85b71d4dba61a0a51b2a93687a33fa26f586da98f7b811221c717180d717546ef88e8ef37fdb381643f9eb32fbf327f37dc16f725b384d7bec64fb64a25836dd46a3ed3403ae2d9c751056d6db1983c0b36226bef498caa786c78f26a0e56b6fae8034df8fe9e76b466c6f67774c6bcdfa4429c3a5fb1edaa3f0e44f60f13a63c9ed19f360a30dcbdff3a30c8003a5c0eb51d8f1620fc58134550c46a7e66cfcb411c9bb151fe823ef2dbdfaad4ed4b54bd02740aad65163d30c43425c05032107fdb2de4b9be600fd35a33abda297087cd206cc56ade830c52524130ca577cc34f7538fd1bdb1c0608ede243a47cc6021447183509091511565b138126840859812db525691bd0b357bd6499e70ae3aa2d2711298dda1b4f274a6c24e31f548693c2ffb86ac957b00fe7fb802c72cf70977a116972fe9ccfdf206977c6137d152010132a6a3b01197769a418126b57ad67661c555d8c11ad8c09c8ba43a4ff55b28bf37ff03febf4688f30a3ab759b0088810c7e7d45eeeee778fdc9cd0efc719a84170d47246e9ed1e072799d7e2419bab5af06f3d319e2e19819237b6b5ba746d221796086570e1bf3365078d4c9806c7949e773c752665a73adfc3ee5d24fd17c653009ad1f3f5a0b3184c99f72dea417702391bcc4f2d1f924298c056d18b4083e075255799b77ed11b003cb5b54f26f28716582dffbcb3fbb9891c2b27ee8a0e3ea8e0412a13e63920ef0886e97b7b22aea7d22734459fe2f09007e16160b0770b6e5235c6cd19fd76b9305615018a0b1ec748a2daedb768680ec63b5c4cc8848221e474c7f3e24f339ce640534e682209d119c29652b95b4d63e1633b31f4c31b27f67ddd456c2816bf9f60457c36c1b6f011251a30b708cb218e25523f967c90a320eaa1e7d9aa8bcfc3c46d89881a9ca821ee324ee883aa7fcfb528e588e05e9e9cdaa7ae84ef5dabba76681d9b2b16af60b0ec3770e5d44b72fdfa193ba723875ea8bc93d50fb22b2ebb576826da6c4e1f7574e4d9ef140986fdc01b0334d8a646e7ac43d12c12463d8142236432e5f03ba68beec4c578016c396ac719e108a6ff7c1d2c7aaea8085dd176f716cbb815f944153657289625f22a8ee62e596d498ed2246ae8daa093280f5e33677ccdb95682faecf22d091c31fd8a0d541adcdb78090368ccdba3afda265ca1bd4bd412b236892ca41a629cdd6bd96529ba789a8f25f7122902f9bd121b050ea3075cf9c8ab7051ec2e7647b5e7ca81ab314863868c2519b0700b924d862fcae1ad13c08cece894ee7026ed0795166e8abac03f593285a8e82a05d0354a8b9e464e363660b7b2674a109397fbb0d191dcd32b1aad1ff7742b7a208ba423058329038ff7e54c963322b1ab821af6d500a996afdf94086293ec0089ebebc7996b76f3a315d7e515c5c56363c8fbf8f5af457bc8ee55ab884b2129cc064e0540315bb758441c25e2c4675972966581ce8dbe69cb52e6ed39b6ea6f752f1d2014cf5e30928815ddff44fc2b7260eafa9a9fb647f2f211ef3a79bd0d2d46d2e64db000db30350977c5b7638565c0db0115e7affbf3b554dc4a7066c50a6a22c6e75487d8624bc2c46a97f51a93009f747cb685af75ae2e8f79894f63e8a79ecae8548ccaf89006607adc82197ed1ceaad2f74f63cef83454e0cae3220d0c2d5ae37f90938cda02ef853e03358ee634707c806262752cb33dfd1e9061d032f8402c075293c33c3fc850ae7cf79cafb1f7629cffbaa6afe2873470ddae816f46877f5d1b463fd0cdc6564b17968058a014ac214bd49240ef7e939ab4220f1e3f641591db5c2a289f42e3f831f6743e03491e7bd97e3eb6edd8b9b7d31985a052bdeaf5682bb8eac75ad212a5fe79fb2ddd3c170336d7d96fc121d0700f71b0e12d1dfed19c372d999dddfe3e350f99803cae669208822fb126a440650c8dc39151f82cb26810edf96a13a198fceafd94b1ad15aef421f01ee62e527295adbb10fda8e3335369cc31297b6bb6597f19a429d73d6f68a6719909c846b825c858f82b4c8f432475812ebe8085e445beea7807c00d3a092e1b00fa02ae41fdf2a1013a7f1f87bf5b3ed8238fe94d07a8851ac2c1d8399af64ac964e2011f888ae935e0c24349127a339cca1b23e1039b89045df50918dc869803526f3f761c66b5a32cb3f370810af2f7a2e6deab47ba0bce10f5f1650776d84896b60f735282196208cc477e68762303830cdb687f9c9f9727bd938b170a4cf32aedbe132fea64c3c649b20ba74caebe8587e634d4d86ca8d7dc637a998b8dd921e9", @ANYRES16=0x0, @ANYRESHEX, @ANYRES32, @ANYRES32, @ANYRESHEX], 0xff, 0x2e7, &(0x7f0000000280)="$eJzs3M9LG2kcx/Gvml9GNDksu+wuy37ZveyyMGj2XghFaWmgRU2pLRRGnbQh00QygyWlqD31WvpH9CDe6k1oe+jVS2899dKbhxZKqfTXlEwmGjX+oiZa836B5nGe5+vzTGYcPiNk1q48uFXIOUbOdKW7OyzdIguyLpKstkQq1W9dIhKTmi6JSKMF+bfv3cs/xiauXkhnMsOjqiPp8f9Tqjrw55Pbd5f+eub2XV4eWInKavL62tvU69WfV39d+zp+M+9o3tFiyVVTJ0uv3Mikbel03ikYqpc8z3QszRefT4j4/SXXrPbn7NLMTEXN4nR/fKZsOY6axYoWrIpKSKRcUfOGmS+qYRjaHxfsJ7o4Omqm/Wbs0MVTLVgQvtu5HSd+uZw2e0Skd8fY7GK7VgUAAE6OLfk/ptvzv68reK1u+eJ5XmO9n//fPxY5UP5fieyS/4N8X8//tlXL/45Vdg+W/92SutX8HyL/H0J2M//j1Krm/3jw9+u7d21p0G+Q/wEAAAAAAAAAAAAAAAAAAAAA+BGse17C87xE/bX+FQ0+El7/+bjXidbg+He2MQ0aqjER+/5sdjYrYodrGzeOuyWDkpDP/vkQqLVHzmeGB9WXlKf2fFA/P5vt8QvTOcmLLZYMSUKSzeuHavW6tT4s8cb6lCTkp+b1qab1Efnn74Z6QxLyYkpKYsu0f15v1s8NqZ69mNlW3+uPAwAAAADgNDB0Q9P7d8PYrb9Wn86J+PfX+/9/YNv9dUh+Cx3vvgMAAAAA0Cmcyp2CadtWuY2NmIi0fq7q3rV+d3r3HjP3X/vf3pPTSDRsqT9Euu3LCDVOGg1W0aK5fnn46MPR/cIzy79/atb1sS1v3QEuHuHWXZcAAAAAHL3N0L/7GO9NO1cEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDnad1TxHqCGfZ6sgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQWb4FAAD//9yVIwU=")
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000a00)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000280)="c1090000000000", 0x7}], 0x1}, 0x0)
syz_emit_vhci(&(0x7f0000000280)=ANY=[@ANYBLOB="040e0c200310"], 0xf)

450.537577ms ago: executing program 2 (id=4481):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, &(0x7f0000000440), 0x10)
listen(r3, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
writev(r4, &(0x7f00000000c0)=[{&(0x7f0000000000)='b', 0x1}], 0x1)
accept4$unix(r3, 0x0, 0x0, 0x0)

425.92211ms ago: executing program 5 (id=4482):
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x9, 0x4, 0x7fe2, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000040)='jbd2_handle_stats\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000340)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = inotify_init1(0x0)
fcntl$setown(r2, 0x8, 0xffffffffffffffff)
fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, <r3=>0x0})
r4 = syz_open_procfs(r3, &(0x7f0000000600)='fd/4\x00')
ioctl$FS_IOC_SETFLAGS(r4, 0x40086602, &(0x7f0000000180)=0x80000)

192.903731ms ago: executing program 1 (id=4483):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000040)=ANY=[])
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, 0x0, 0x0)
r4 = socket$inet_sctp(0x2, 0x5, 0x84)
listen(r4, 0x7fffffff)
recvmmsg(r3, &(0x7f0000000a40), 0x0, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x3, 0x2)
getsockname(r5, &(0x7f0000000d00)=@xdp={0x2c, 0x0, <r6=>0x0}, &(0x7f0000000c80)=0x80)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="480000001000810500"/20, @ANYRES32=r6, @ANYBLOB="0000000000000000280012800a00010063616e"], 0x48}}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)

192.363117ms ago: executing program 3 (id=4484):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0}, 0x10)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@fd={0x66642a85, 0x0, r0}, @fd={0x66642a85, 0x0, r3}, @fd={0x66642a85, 0x0, r0}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x1, 0x1000000000000, &(0x7f0000000780)="cb"})

192.112688ms ago: executing program 4 (id=4485):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r2=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000600)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYRES32=r2], 0x1c}}, 0x0)
recvmmsg(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)

191.287116ms ago: executing program 5 (id=4486):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001080)=ANY=[@ANYBLOB="bf16000000000000b7070000ff030000487000000000000050000000000000009500000000000000e83d24a394a293b3bd23212fb56fa54f0b71d0e6adfefc41d86b60717142fa9ea4318123741c0a0f168c1886bf0fccf8d56ccb659427cf8593dbe3a2a3ad358061011fbc5ba1f07318988e6e01a41cc0990d0dc800974a0000503ceb9fc474c2a10000000077beee1cebf45fab73962fa8f6296b32a8343881dcc7b1b85f3c3da4cd36414e90a61965c3de4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d0054ce21fa41181a9580cfca031e5388ee5c9a7ddd04201f5200001fcadf95e5a4725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f588cb211624f40401691721715f46e0080000074943c3ba663739a190a4e825c908c0abc85d457ec5a57cb706eef32a3ed12d63c9c4c508530e173650a8a8f2a9c81bcffe437bccbe158024d8d4939e6fd9adc43f0f4b049218db92bf466e934330ed79bc9f626d68b0000600057d14854eef851bc8c30f5d0df6b94ea0b852d495085ff4eabaac9606f0497958c2c357a7124a69f6770ea6702bc53896a15fad5e55c64efd217450a975221b20d78e445e3da74a3c1e59bae44546bde4ac6de55a480f3ad5dc0f2d1818b696492285f60d914283f8d687b0bdb46261277671bba2c550bfef679bddf38ab35eaaf0268c4efa45b56a188a9195044a222ec06bb49784d5608d87c4832e4305bf8889e5db2a70f6a83d4b3cdc12546d276856de6d895704ba3e8ee12c8121ffc4f5d2ae03f0227dcc4f38699d3db16f69ed45e918b07ce58bf576e253364fe0000000084f897400d4f5503a6e9ea4a480e3221f3c247ee8c55e487eaa25a7689689c9c305da4b0181f0f653fec399fcc0cc800e82bde039cc29c19b538c76e65642875bddbef61e5985751d9ebd37d2f32375357b5d2b4dc24baa6a7010038380f7029a292f1ad05000000e4e801a819aef69d081e2cacaa8ad1b4ca6df5dc37962ebc5337379e00645b6d2bec249c0612510000000000a7060d8d9b9ad109b62d1dab0eec6beabc76d765b9caf70900000399772ddfe89be4338e70d0ecfed537780a31fcaf4acaf9bd3711a4359d68ec71b0693ede07e7d18e797697901fbae4a9d9966b68eadae75ef1b8931b0818a57e5136fb8c61d73b17d8fd55c2b8d321a6cba8743114fcff01e5c10200c512000800009a021d377e477ea807cc00919ee8bfbd090034f67609cfde8877b5bb072572b421d6b1fdae83e5e250190628d02d01f978323fe36685e652ceb218a9cc9e125a4880faccaf5ac2345f20b1ee403885790500d0bc75c7e95d23904dc446e0201aafea0d3f4cc0cf285ccd000000000100005aee4199a34686905441c1fa62ed20328a10690432f59a4d3e05bd00997ea2b6f5213cb883d05b620f31869f6cce80f1ae09009ed7e3c5f3aa61bfd240cb9726bc512ba0eb1f68579c76144feb0100809f12bcf79c4d57f66703c2aee08e52de3eff160623e1af555dc7481128ed0bab22dcb6e5b6ac5e4010eaf2510fa440aabfdc80c77108c769ed2d666c555c6c38b30899a688d96a6c6dc0dd4309f6548765d3f53261b4890aa004e7f667a230b22bc6e248bf56b219d9a547b6e1c5077c9ba463329323b53910e7358b4d0c6882c590cf25e4d044a6afb10a070f285e3c94ed405aa8dc41718dd3f4bf474868538aad9a23f85a707e325c10a9f22e37c4213d0ca2910726de8e62d2e3ae7f64e40c7af3dc00bab70cf607869c5a11a03bce8aa43fa010348bc2fb420ba5e344fcdcb302548e571157d323f5fd535800284d32ffff000088ccd685f07309101a3196b705479897f4c9d97c4c7b77db7b15bfb4305d5e954a34385418e665af882a7d505323070929b228bc94b70300000066dab8c4e63debff054621a0ac7dd85b14cb7616ca23f044bd0ccd1c79292c3aa8f6e4a1c27315ef8d55781edbe368d72aeb2f48256131aaab707451c14747dfa3bb5f8725a98f6d3c797573f18810bf378e38107ece5cb7cf3b98975e9254248af60de2f04e2429d9b6eba525fd1b1b665f77710fa49426eb32e775acd535fc78697ac980573c35e9916f0000000000002c8ee5ec55faffffffffffffffcd59cc0600000053d0a1f4ea4477022c9f376b3191efeb46be3c174fb24009379bbc949fd2923715540556450f12d1645177ce3eca0d65d17deff51a024f0180000000006100499e829bda469048c70e5968375feb39e6918e591a384851ba3079ad9c376bdaf0650e212eb4185cbbb6c0dc0e699afc34ca3b9a307cd2519cd9b192d678492ea2228ff0817d68f97b18402d271036067c141b911c4e0207e2c9d37ac203f440e1a065a2d227c6ec860c6bc85fb3a48348c1fe7144ec680c0dac7b5906a6197c8173080c9ab3ecb72820f0ee36d744b20fae962c4a42e4a43ee3f325f93edb3a204b9c9dc8953375e37c83876f248d91f166676b54781c6855c5e067ab2c2c6d22b20a703d68d77312333deff80883cb5a25c738f4e7cbb075e10f5c36396156abb221adebb9303342bfa2b745a5e045d5db847e4810270ed1c5bbb1548ec3184ff9b8ed1687333d0e0412d452ba6b390199bd684ff458d6c8114833efde87215e5f9569d92d24579f3ef473bce24e61eb21336ad441eea93cbcb69d2156b9b6e3000000000000000000fc411d2eadcadc7c0a2c12410e4b9d634807f2a6f1c3a13508e274ecef5cfccb707a1640973973fd2d1d60138d9b7a778827fd07fbd093a0ba779dcd32556613e1fac161825da91acde7fa964c689b1f0ea96047a98260270c3a3ccb2142b074db79aa88614663ff33f9966502a2361e49aabe58eb086c5827dd9d92fa4ff0c0e8b949d585f2cbc111de478905cb37f3cbfb019c6daace508b926718506a577234468f9279a52360d1a80b88b4eb1cda949ca77b6ec43bdf5f5a400989705746b86b400947891b33d591ec5ea9ae45983273f62027998d72f83625021a72e27e0449fa154ade55071546d4000000000000000000000000000000002f907c5db9c967a1f86c57bb5062fed7c37ec16a7e62b6e370c3c5a32adee9032367814394a7a7fd12c44b81fb5ac2ad92220a72aa3355e894cbefe344a6b5eb4c25128d5427a640faae401eccf3aca4294410461e946010c50f9ee556b38eae0b252ef288397672bbbd17e5306589f93dc134b6be5b19dfb2462348355ef24762509cf29becacf8515abe299b8a7dfd585f5dbf7578bfdbfa37deeb872c3291b59349238add315cd18e6f4196b404e48955657d680511c7ba7f5e0f9d97d649583190c78015aaf4db05aa2a6cc9d00084ce958406e09fe508a0ee5feb2d34f48d87000000000000001108780004ec696f618c20771a7ae436d733f603f20c9189567b63d47fae002e616969d888a418d139a25b11c0da7aecb8c14f1a879f7b985ab634b0f5cdb2090ad2c336e9a28289247ef4f3cfcafa393927d27711ed0543a5e8ec6c1c62082549791f75fccd54582f990234496954e6e54bcbb90f2756912ab7e511a55a9e0512e5c1c10bcd76ee4799af611179a39bd0c0323cae1aaaaaa8dafb55bca104ada3252c5d9de5b9cdb6217c35ca3d28b1d8b9d2fa79376c13167a9ef1b1f4b7509debbeacc153ca8bea4a0a65ee1d1d20a9106499f0bf7f416b051e835d790ac978b90143d9125224f74b6167f7a967c7e33eb5f43570b9f3c91371968a30e528968b233d0396db424e5fd73d399e23e1676d074dd5ce552a222e250f9f6d0bdd9e46e7f22d9abfd4573b57e3b52d407b464b0146ea15560a2ce034b1623fecc84842928223d17ce4ab31ef4c2a9f9caebf65341fa3da1bbae7972097e24603b9db8edc25a152bd39af179eab23ed555023c2bbb89ea22c08b97264b3616a41abfad0ab12a79574c60cf1841ea45f10e9438e55e1e0eb645200993b08833bb14517b0d0e5ba72bdacd92d57b6029129c95ab0a93857c7205e8450b27aee5e684ece77f53112873f40247a998cc896ab4d55573c425cab46cd4fdd1452ea8429c63c74d5673f5e4d47d1b001d0d3a9e1d5c840ab37a69cb30d17ff7591f01549e552dc43b672e0feff94408171d682565dc2d84476297c693620715ccb9f7f2eb690d7a032c09f0a3d48663fe5ece30f592d71755dd6cbfac96016a2ecd4e499ce9adce6e59db0494fa25117a2bc13275c9a94a3532c1b8417e9ed5e6cd5f51f8ccc878ba73305ad19b0cf05625439cdf688d33c8fd6cf52c5c5685444b65eb918884727d3a780bdac17d447745e4accd85d3aca4d63127bb3a58095cffa08a6cecae329dd5f47552c40b560b05e962363e99300d61931ddd97444c2bae02edb26383cb96ee7d2742d24dc7e9b6dac831674ae09b7d180ebb30b9221480ad78706dadf7ca3540eb6c6c43dc7e31b2c8d188f28d6ab10d3c0c97b9f6b5feb9abeb6a801975c0bbab0b1fed7485f2fca1730906a6dc1914386118646dab2618582c4ce0a8ce7a1a3ca7d56f6ca8c7d43cad0116c70751a0db051d9adc4ab34dafbca31fecd9191d38fa011a4c1fc19df0b9aac3a0de17dc01b413c4d4eccf9eb1cd90569508fc6479111544807f11dad193a170ac290f28dc398e2"], &(0x7f0000000240)='syzkaller\x00'}, 0x90)
socket$packet(0x11, 0x2, 0x300)
socket$inet6_udplite(0xa, 0x2, 0x88)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts(twofish)\x00'}, 0x58)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, '\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38//file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_io_uring_setup(0x7b, &(0x7f00000003c0)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f0000000100))
io_uring_enter(r3, 0x46f6, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
read$FUSE(0xffffffffffffffff, &(0x7f000000ac40)={0x2020}, 0x2020)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, 0x0, &(0x7f0000000380)='GPL\x00', 0x8, 0xc3, &(0x7f00000003c0)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000100), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0xb}, 0x48)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZE(r4, 0x4b44, 0xfffffffffffffffc)

0s ago: executing program 0 (id=4487):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000400)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff9ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00010000850000000d000000b7"], 0x0}, 0x90)
ptrace$setregs(0xd, r0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

[  648.129144][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.143930][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.154949][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.217649][T15293] pimreg: entered allmulticast mode
[  648.223245][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.240556][T15299] pimreg: left allmulticast mode
[  648.251825][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.259752][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.267767][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.288478][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.296409][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.346747][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.362806][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.373898][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.394364][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.402013][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.409944][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.417885][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.448710][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.466469][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.480832][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.522910][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.556099][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.608509][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.637336][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.670976][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.678420][ T1163] hid-generic 0000:0000:0000.000E: unknown main item tag 0x0
[  648.737897][ T1163] hid-generic 0000:0000:0000.000E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  648.962345][T15318] ieee802154 phy0 wpan0: encryption failed: -22
[  648.988924][T14850] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  649.016351][T14850] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  649.057495][T14850] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  649.101653][ T1163] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  649.310833][ T1163] usb 4-1: Using ep0 maxpacket: 8
[  649.339486][ T1163] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  649.387153][ T1163] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  649.590735][ T5237] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  649.599606][ T5237] Bluetooth: hci5: Injecting HCI hardware error event
[  649.608588][ T5237] Bluetooth: hci5: hardware error 0x00
[  649.680207][ T1163] usb 4-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  649.681352][T14850] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  649.694154][ T1163] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  649.709535][ T1163] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  649.734669][ T1163] usbtmc 4-1:16.0: bulk endpoints not found
[  650.168051][   T29] audit: type=1326 audit(1725578001.026:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15329 comm="syz.2.3576" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8f8f97cef9 code=0x0
[  651.240742][   T54] Bluetooth: hci6: command 0x0c1a tx timeout
[  651.286467][T15344] loop4: detected capacity change from 0 to 2048
[  651.314249][T15344] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  651.431057][T15347] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  651.433290][T15344] syz.4.3579: attempt to access beyond end of device
[  651.433290][T15344] loop4: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  651.599876][T14850] 8021q: adding VLAN 0 to HW filter on device bond0
[  651.700656][ T5237] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  651.952077][ T5237] Bluetooth: hci2: SCO packet for unknown connection handle 137
[  652.194696][T14905] usb 4-1: USB disconnect, device number 19
[  652.223688][T14850] 8021q: adding VLAN 0 to HW filter on device team0
[  652.382710][  T178] bridge0: port 1(bridge_slave_0) entered blocking state
[  652.382847][  T178] bridge0: port 1(bridge_slave_0) entered forwarding state
[  652.399912][T14838] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  652.507576][T14838] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  652.668451][T14838] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  652.729728][T14236] bridge0: port 2(bridge_slave_1) entered blocking state
[  652.729862][T14236] bridge0: port 2(bridge_slave_1) entered forwarding state
[  652.762780][T14838] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  653.105948][T15374] loop3: detected capacity change from 0 to 512
[  653.358012][T15374] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -13
[  653.358400][T15374] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.3584: invalid indirect mapped block 2683928664 (level 1)
[  653.359736][T15374] EXT4-fs (loop3): Remounting filesystem read-only
[  653.360060][T15374] EXT4-fs (loop3): 1 truncate cleaned up
[  653.381622][T15374] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  653.439762][T14850] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  654.043220][T14838] 8021q: adding VLAN 0 to HW filter on device bond0
[  654.152702][T14838] 8021q: adding VLAN 0 to HW filter on device team0
[  654.245704][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  654.253039][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  654.369108][ T2527] bridge0: port 2(bridge_slave_1) entered blocking state
[  654.376332][ T2527] bridge0: port 2(bridge_slave_1) entered forwarding state
[  654.583288][   T29] audit: type=1326 audit(1725578005.346:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15397 comm="syz.4.3588" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2f5ed7cef9 code=0x0
[  654.756182][T14838] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  654.766909][T14838] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  654.785256][T14850] 8021q: adding VLAN 0 to HW filter on device batadv0
[  654.925786][T15405] loop2: detected capacity change from 0 to 512
[  654.984308][T15405] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  654.997647][T15405] ext4 filesystem being mounted at /224/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  655.174121][T14850] veth0_vlan: entered promiscuous mode
[  655.234417][T14850] veth1_vlan: entered promiscuous mode
[  655.472200][T12089] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  655.537503][T14850] veth0_macvtap: entered promiscuous mode
[  655.622823][T14850] veth1_macvtap: entered promiscuous mode
[  655.677648][T14838] 8021q: adding VLAN 0 to HW filter on device batadv0
[  655.792772][T15415] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3590'.
[  655.840493][T14850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  655.890164][T14850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  655.918349][T14850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  655.940479][ T5321] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  655.949662][T14850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  655.990127][T14850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  656.020482][T14850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  656.059368][T14850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  656.102929][T14850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  656.132892][T14850] batman_adv: batadv0: Interface activated: batadv_slave_0
[  656.134304][T10297] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  656.158092][T15415] bridge_slave_1: left allmulticast mode
[  656.163956][ T5321] usb 5-1: Using ep0 maxpacket: 16
[  656.171128][T15415] bridge_slave_1: left promiscuous mode
[  656.198036][T15415] bridge0: port 2(bridge_slave_1) entered disabled state
[  656.266812][ T5321] usb 5-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  656.278377][T15415] bridge1: port 1(bridge_slave_1) entered blocking state
[  656.280751][ T5321] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  656.299271][ T5321] usb 5-1: Product: syz
[  656.309199][ T5321] usb 5-1: Manufacturer: syz
[  656.330045][ T5321] usb 5-1: SerialNumber: syz
[  656.335342][T15415] bridge1: port 1(bridge_slave_1) entered disabled state
[  656.351220][T15415] bridge_slave_1: entered allmulticast mode
[  656.366541][ T5321] usb 5-1: config 0 descriptor??
[  656.392416][T15415] bridge_slave_1: entered promiscuous mode
[  656.410082][ T5321] ftdi_sio 5-1:0.0: FTDI USB Serial Device converter detected
[  656.434223][ T5321] usb 5-1: Detected FT232H
[  656.483053][T14850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  656.533766][T14850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  656.564266][T14850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  656.600590][T14850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  656.624205][T15413] loop4: detected capacity change from 0 to 128
[  656.644812][T14850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  656.672878][T14850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  656.714494][T14850] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  656.722242][T15413] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  656.740510][T14850] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  656.761371][T15413] ext4 filesystem being mounted at /207/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  656.805364][T14850] batman_adv: batadv0: Interface activated: batadv_slave_1
[  656.843854][T14850] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  656.871465][T14850] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  656.886706][T14850] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  656.907232][T14850] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  658.895515][T14233] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  658.971751][T14233] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  659.141182][ T5321] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  659.290942][ T5321] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  659.304582][ T5321] ftdi_sio 5-1:0.0: GPIO initialisation failed: -71
[  659.324127][T11799] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  659.336389][ T5321] usb 5-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  659.353808][T14838] veth0_vlan: entered promiscuous mode
[  659.382080][T12055] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  659.407776][ T5321] usb 5-1: USB disconnect, device number 20
[  659.419031][T12055] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  659.455437][ T5321] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  659.514989][ T5321] ftdi_sio 5-1:0.0: device disconnected
[  659.518731][T14838] veth1_vlan: entered promiscuous mode
[  659.771379][T14838] veth0_macvtap: entered promiscuous mode
[  659.867798][T14838] veth1_macvtap: entered promiscuous mode
[  659.913248][T15473] fuse: Bad value for 'rootmode'
[  659.918306][   T29] audit: type=1326 audit(1725578010.766:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15471 comm="syz.2.3601" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8f8f97cef9 code=0x0
[  659.971624][T15472] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3600'.
[  660.040746][ T5321] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  660.125303][T14838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  660.200522][T14838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  660.230468][T14838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  660.270731][ T5321] usb 5-1: device descriptor read/64, error -71
[  660.279480][T14838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  660.310414][T14838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  660.336899][T14838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  660.384896][T14838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  660.425124][T14838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  660.455610][T14838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  660.473174][T15488] ip6t_REJECT: ECHOREPLY is not supported
[  660.484662][T14838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  660.549052][T14838] batman_adv: batadv0: Interface activated: batadv_slave_0
[  660.566763][ T5321] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  660.619981][T15486] netlink: 'syz.3.3603': attribute type 1 has an invalid length.
[  660.640905][T14838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  660.663145][T14838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  660.684873][T14838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  660.708459][T14838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  660.750324][T14838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  660.770601][ T5321] usb 5-1: device descriptor read/64, error -71
[  660.806404][T14838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  660.845112][T14838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  660.891916][T14838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  660.902459][ T5321] usb usb5-port1: attempt power cycle
[  660.933197][T14838] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  660.995982][T14838] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  661.032995][T14838] batman_adv: batadv0: Interface activated: batadv_slave_1
[  661.111932][T14838] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  661.135546][T14838] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  661.167666][T14838] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  661.188516][T14838] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  661.259046][T15498] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3606'.
[  661.596705][ T5321] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  662.365461][ T5321] usb 5-1: device descriptor read/8, error -71
[  662.504976][ T5237] Bluetooth: hci6: unexpected event for opcode 0x0c25
[  662.710864][ T5321] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  662.775451][ T5321] usb 5-1: device descriptor read/8, error -71
[  662.787705][T14236] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  662.798721][T15483] loop1: detected capacity change from 0 to 32768
[  662.825477][T14236] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  662.865866][T15483] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.3602 (15483)
[  662.940956][ T5321] usb usb5-port1: unable to enumerate USB device
[  662.950089][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  662.994966][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  663.042965][T15483] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  663.054141][T15521] fuse: Bad value for 'rootmode'
[  663.101071][T15483] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm
[  663.115975][T15483] BTRFS info (device loop1): using free-space-tree
[  663.130521][ T5299] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  663.263580][T15483] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  663.303683][   T29] audit: type=1326 audit(1725578014.166:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15534 comm="syz.4.3616" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2f5ed7cef9 code=0x0
[  663.310970][T15483] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  663.347776][T15483] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  663.358330][T15483] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  663.371383][ T5299] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  663.390774][ T5299] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  663.448244][ T5299] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  663.486783][ T5299] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  663.521879][T15483] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  663.522879][T15483] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  663.543572][ T5299] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  663.585928][T15483] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  663.595909][ T5299] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  663.618067][ T5299] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  663.649360][ T5299] usb 3-1: Product: syz
[  663.684399][ T5299] usb 3-1: Manufacturer: syz
[  663.770296][ T5299] cdc_wdm 3-1:1.0: skipping garbage
[  663.813186][ T5299] cdc_wdm 3-1:1.0: skipping garbage
[  663.846078][T15483] BTRFS error (device loop1): open_ctree failed
[  663.866869][ T5299] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  664.054753][T15555] xt_recent: hitcount (2147483648) is larger than allowed maximum (65535)
[  664.685187][ T5299] cdc_wdm 3-1:1.0: Unknown control protocol
[  664.694946][ T5299] usb 3-1: USB disconnect, device number 35
[  665.090530][ T5299] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  665.316287][ T5299] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  665.360429][ T5299] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  665.406864][ T5299] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  665.436101][ T5299] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  665.459035][ T5299] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  665.523175][ T5299] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  665.558662][ T5299] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  665.611139][ T5299] usb 3-1: Product: syz
[  665.615682][ T5299] usb 3-1: Manufacturer: syz
[  665.635266][T15586] fuse: Unknown parameter 'use00000000000000000000'
[  665.737525][T15589] input: syz1 as /devices/virtual/input/input16
[  666.351131][T15584] loop4: detected capacity change from 0 to 4096
[  666.481512][T15584] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  666.496148][ T5299] usb 3-1: can't set config #1, error -71
[  666.514788][ T5299] usb 3-1: USB disconnect, device number 36
[  666.534374][ T5237] Bluetooth: hci6: Controller not accepting commands anymore: ncmd = 0
[  666.544852][ T5237] Bluetooth: hci6: Injecting HCI hardware error event
[  666.553440][   T54] Bluetooth: hci6: hardware error 0x00
[  666.553686][T15593] loop1: detected capacity change from 0 to 128
[  667.091893][   T29] audit: type=1326 audit(1725578017.956:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15597 comm="syz.2.3631" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8f8f97cef9 code=0x0
[  667.638962][T15610] xt_recent: hitcount (2147483648) is larger than allowed maximum (65535)
[  668.074975][T15449] usb 6-1: new full-speed USB device number 14 using dummy_hcd
[  668.192132][    C1] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  668.329199][T15449] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  668.394403][T15449] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  668.448269][T15449] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  668.535205][T15449] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  668.604263][   T54] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[  669.419430][T15626] loop2: detected capacity change from 0 to 1024
[  669.420340][T15449] usb 6-1: config 0 descriptor??
[  669.429334][T15626] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  669.434548][T15449] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  669.440753][T15626] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  669.447231][T15449] dvb-usb: bulk message failed: -22 (3/0)
[  669.461143][T15626] jbd2_journal_init_inode: Cannot locate journal superblock
[  669.470439][T15626] EXT4-fs (loop2): Could not load journal inode
[  669.480109][T15449] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  669.499127][T15449] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  669.513191][T15449] usb 6-1: media controller created
[  669.536045][T15449] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  669.687778][T15606] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  669.751511][T15449] dvb-usb: bulk message failed: -22 (6/0)
[  669.757366][T15449] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  669.769010][T15449] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input17
[  669.807689][T15606] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  669.830916][T15449] dvb-usb: schedule remote query interval to 150 msecs.
[  669.837888][T15449] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  669.862798][T15606] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  669.911831][T15637] netlink: 104 bytes leftover after parsing attributes in process `syz.4.3640'.
[  669.942014][T15636] fuse: Unknown parameter 'use00000000000000000000'
[  669.953974][T15606] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  669.997197][T15449] dvb-usb: bulk message failed: -22 (1/0)
[  670.046036][T15449] dvb-usb: error while querying for an remote control event.
[  670.262669][T15449] dvb-usb: bulk message failed: -22 (1/0)
[  670.270226][T14905] usb 6-1: USB disconnect, device number 14
[  670.285271][T15449] dvb-usb: error while querying for an remote control event.
[  670.294188][T15646] loop2: detected capacity change from 0 to 128
[  670.690906][T14905] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  671.206356][   T29] audit: type=1326 audit(1725578022.056:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15654 comm="syz.4.3646" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f2f5ed7cef9 code=0x0
[  671.510483][ T5300] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  671.681856][T15664] loop2: detected capacity change from 0 to 16
[  671.730598][ T5300] usb 1-1: Using ep0 maxpacket: 8
[  671.773373][ T5300] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  671.784713][T15664] erofs: (device loop2): mounted with root inode @ nid 36.
[  671.821714][ T5300] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  671.867802][ T5300] usb 1-1: New USB device found, idVendor=056a, idProduct=003f, bcdDevice= 0.00
[  671.905995][T15641] loop3: detected capacity change from 0 to 32768
[  671.919211][ T5300] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  671.936074][T15670] syz.2.3648: attempt to access beyond end of device
[  671.936074][T15670] loop2: rw=0, sector=8, nr_sectors = 16 limit=16
[  671.951747][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 205 @ nid 36
[  671.964214][T15641] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3643 (15641)
[  671.978281][ T5300] usb 1-1: config 0 descriptor??
[  671.996808][T15672] syz.2.3648: attempt to access beyond end of device
[  671.996808][T15672] loop2: rw=0, sector=8, nr_sectors = 16 limit=16
[  672.040139][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 204 @ nid 36
[  672.067176][T15641] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  672.071080][T14905] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  672.118917][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 197 @ nid 36
[  672.140756][T15641] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  672.192371][T15641] BTRFS info (device loop3): using free-space-tree
[  672.213127][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 196 @ nid 36
[  672.262617][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 192 @ nid 36
[  672.340470][T14905] usb 6-1: Using ep0 maxpacket: 16
[  672.349151][T14905] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  672.362803][T14905] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  672.381076][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 180 @ nid 36
[  672.390452][T14905] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  672.390492][T14905] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  672.397280][T14905] usb 6-1: config 0 descriptor??
[  672.444869][T15677] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  672.511106][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 172 @ nid 36
[  672.565988][T15677] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  672.571827][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 168 @ nid 36
[  672.731003][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 160 @ nid 36
[  672.837250][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 149 @ nid 36
[  672.884897][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 148 @ nid 36
[  672.946047][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 144 @ nid 36
[  672.967550][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 140 @ nid 36
[  672.995804][ T5300] usbhid 1-1:0.0: can't add hid device: -71
[  673.012630][ T5300] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  673.031670][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 92 @ nid 36
[  673.057651][ T5300] usb 1-1: USB disconnect, device number 17
[  673.074555][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 77 @ nid 36
[  673.088462][T14905] microsoft 0003:045E:07DA.000F: unknown main item tag 0x0
[  673.100547][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 76 @ nid 36
[  673.130446][T14905] microsoft 0003:045E:07DA.000F: unknown main item tag 0x0
[  673.165392][T14905] microsoft 0003:045E:07DA.000F: unknown main item tag 0x0
[  673.184331][T14905] microsoft 0003:045E:07DA.000F: unknown main item tag 0x0
[  673.209749][T14905] microsoft 0003:045E:07DA.000F: unknown main item tag 0x0
[  673.224671][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 69 @ nid 36
[  673.231746][T14905] microsoft 0003:045E:07DA.000F: unknown main item tag 0x0
[  673.315712][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 68 @ nid 36
[  673.375495][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 64 @ nid 36
[  673.432757][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 60 @ nid 36
[  673.521847][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 40 @ nid 36
[  673.592977][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 36 @ nid 36
[  673.674163][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 32 @ nid 36
[  673.724122][T10297] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  673.761849][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 24 @ nid 36
[  673.823501][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 19 @ nid 36
[  673.882106][T15718] syz.1.3657[15718] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  673.882300][T15718] syz.1.3657[15718] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  673.905548][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 18 @ nid 36
[  674.020007][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 17 @ nid 36
[  674.105956][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 16 @ nid 36
[  674.126467][T14905] microsoft 0003:045E:07DA.000F: unknown main item tag 0x0
[  674.134082][T14905] microsoft 0003:045E:07DA.000F: unknown main item tag 0x0
[  674.143222][T14905] microsoft 0003:045E:07DA.000F: No inputs registered, leaving
[  674.154398][T14905] microsoft 0003:045E:07DA.000F: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  674.167333][T14905] microsoft 0003:045E:07DA.000F: no inputs found
[  674.173975][T14905] microsoft 0003:045E:07DA.000F: could not initialize ff, continuing anyway
[  674.184421][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 12 @ nid 36
[  674.229050][T15664] erofs: (device loop2): z_erofs_readahead: readahead error at folio 8 @ nid 36
[  674.250173][T14905] usb 6-1: USB disconnect, device number 15
[  674.314257][T15664] syz.2.3648: attempt to access beyond end of device
[  674.314257][T15664] loop2: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  674.397213][T15664] syz.2.3648: attempt to access beyond end of device
[  674.397213][T15664] loop2: rw=524288, sector=1049272, nr_sectors = 16 limit=16
[  674.449049][T15664] syz.2.3648: attempt to access beyond end of device
[  674.449049][T15664] loop2: rw=524288, sector=376, nr_sectors = 16 limit=16
[  674.569608][T15664] syz.2.3648: attempt to access beyond end of device
[  674.569608][T15664] loop2: rw=524288, sector=384, nr_sectors = 16 limit=16
[  674.678960][T15664] syz.2.3648: attempt to access beyond end of device
[  674.678960][T15664] loop2: rw=524288, sector=720, nr_sectors = 16 limit=16
[  674.680470][ T5321] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  674.784614][T15731] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3660'.
[  674.800758][T15664] syz.2.3648: attempt to access beyond end of device
[  674.800758][T15664] loop2: rw=524288, sector=728, nr_sectors = 16 limit=16
[  674.831010][T14905] usb 6-1: new full-speed USB device number 16 using dummy_hcd
[  674.846768][T15664] syz.2.3648: attempt to access beyond end of device
[  674.846768][T15664] loop2: rw=524288, sector=525144, nr_sectors = 16 limit=16
[  674.908724][T15664] syz.2.3648: attempt to access beyond end of device
[  674.908724][T15664] loop2: rw=524288, sector=525152, nr_sectors = 16 limit=16
[  674.993409][ T5321] usb 1-1: config 0 has no interfaces?
[  675.023938][ T5321] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  675.054895][ T5321] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  675.081246][T14905] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  675.097555][ T5321] usb 1-1: SerialNumber: syz
[  675.115340][T14905] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  675.157344][ T5321] usb 1-1: config 0 descriptor??
[  675.169175][T14905] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  675.186011][T14905] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  675.246286][T14905] usb 6-1: config 0 descriptor??
[  675.269187][   T29] audit: type=1326 audit(1725578026.126:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15736 comm="syz.1.3662" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f088237cef9 code=0x0
[  675.303653][T14905] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  675.349443][T14905] dvb-usb: bulk message failed: -22 (3/0)
[  675.394045][T14905] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  675.467737][T15741] fuse: Unknown parameter 'use00000000000000000000'
[  675.506285][T14905] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  675.540638][T15726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  675.623304][T14905] usb 6-1: media controller created
[  675.638187][T15726] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  675.689828][T14905] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  675.703198][T15726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  675.724048][T15726] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  675.954912][T14905] dvb-usb: bulk message failed: -22 (6/0)
[  675.961041][T14905] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  675.980772][T14905] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input19
[  675.996087][T14905] dvb-usb: schedule remote query interval to 150 msecs.
[  676.003479][T14905] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  676.211295][T14905] dvb-usb: bulk message failed: -22 (1/0)
[  676.219591][T14905] dvb-usb: error while querying for an remote control event.
[  676.533232][T14905] dvb-usb: bulk message failed: -22 (1/0)
[  676.727986][T14905] dvb-usb: error while querying for an remote control event.
[  676.950611][    T8] usb 4-1: new full-speed USB device number 20 using dummy_hcd
[  676.963199][T14905] usb 6-1: USB disconnect, device number 16
[  677.075094][T14905] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  677.088662][T15449] usb 1-1: USB disconnect, device number 18
[  677.194080][    T8] usb 4-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=30.62
[  677.215717][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  677.270543][    T8] usb 4-1: Product: syz
[  677.274762][    T8] usb 4-1: Manufacturer: syz
[  677.279362][    T8] usb 4-1: SerialNumber: syz
[  677.321406][    T8] usb 4-1: config 0 descriptor??
[  677.376466][    T8] usb 4-1: selecting invalid altsetting 3
[  677.404160][    T8] comedi comedi0: could not set alternate setting 3 in high speed
[  677.420988][    T8] usbdux 4-1:0.0: driver 'usbdux' failed to auto-configure device.
[  677.452647][    T8] usbdux 4-1:0.0: probe with driver usbdux failed with error -22
[  677.869197][T15781] syz.0.3672[15781] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  677.869385][T15781] syz.0.3672[15781] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  678.286487][T15792] input: syz0 as /devices/virtual/input/input20
[  678.575104][T15799] fuse: Unknown parameter 'user_i00000000000000000000'
[  679.221451][    T8] usb 4-1: USB disconnect, device number 20
[  680.013249][T15838] syz.0.3688[15838] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  680.013427][T15838] syz.0.3688[15838] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  680.390861][T15847] fuse: Unknown parameter 'user_i00000000000000000000'
[  680.409516][ T5321] usb 6-1: new full-speed USB device number 17 using dummy_hcd
[  680.613150][ T5321] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  680.632533][ T5321] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  680.656720][ T5321] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  680.681980][ T5321] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  680.710954][ T5321] usb 6-1: config 0 descriptor??
[  680.729520][ T5321] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  680.743878][ T5321] dvb-usb: bulk message failed: -22 (3/0)
[  680.794809][ T5321] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  680.826873][ T5321] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  680.851302][ T5321] usb 6-1: media controller created
[  680.890208][ T5321] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  680.935670][T15832] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  680.956511][ T5321] dvb-usb: bulk message failed: -22 (6/0)
[  680.980841][ T5321] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  680.991092][T15832] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  681.029075][ T5321] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input21
[  681.050899][T15832] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  681.088633][ T5321] dvb-usb: schedule remote query interval to 150 msecs.
[  681.100751][T15832] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  681.115976][ T5321] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  681.160187][ T5321] usb 6-1: USB disconnect, device number 17
[  681.283224][ T5321] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  681.430517][T15449] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  681.642902][T15449] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  681.673811][T15449] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  681.740482][T15449] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  681.749588][T15449] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  681.831547][T15449] usb 2-1: config 0 descriptor??
[  682.049735][T15873] syz.4.3703[15873] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  682.049917][T15873] syz.4.3703[15873] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  682.246388][T15449] hid (null): bogus close delimiter
[  682.339480][T15876] fuse: Unknown parameter 'user_i00000000000000000000'
[  682.449746][T15449] usb 2-1: language id specifier not provided by device, defaulting to English
[  682.659155][T15858] sch_fq: defrate 2 ignored.
[  682.806915][ T5237] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  682.817194][ T5237] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  682.827053][ T5237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  682.835946][ T5237] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  682.844196][ T5237] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  682.853099][ T5237] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  682.942278][T15890] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3707'.
[  683.005065][   T46] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  683.421155][   T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  683.491792][   T46] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  683.560919][   T46] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  683.610463][   T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  683.676525][   T46] usb 5-1: config 0 descriptor??
[  683.719999][T15449] uclogic 0003:256C:006D.0010: failed retrieving string descriptor #100: -71
[  683.733037][T15449] uclogic 0003:256C:006D.0010: failed retrieving pen parameters: -71
[  683.741224][T15449] uclogic 0003:256C:006D.0010: failed probing pen v1 parameters: -71
[  683.749357][T15449] uclogic 0003:256C:006D.0010: failed probing parameters: -71
[  683.758541][T15449] uclogic 0003:256C:006D.0010: probe with driver uclogic failed with error -71
[  683.770657][T15449] usb 2-1: USB disconnect, device number 27
[  684.161449][   T46] hid (null): bogus close delimiter
[  684.375491][   T46] usb 5-1: language id specifier not provided by device, defaulting to English
[  684.519412][T15885] chnl_net:caif_netlink_parms(): no params data found
[  684.597463][T15880] sch_fq: defrate 2 ignored.
[  684.740824][ T5316] usb 4-1: new full-speed USB device number 21 using dummy_hcd
[  684.945435][ T5316] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  684.964004][ T5316] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  684.983677][ T5316] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  684.997846][ T5316] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  685.009333][T15885] bridge0: port 1(bridge_slave_0) entered blocking state
[  685.018587][T15885] bridge0: port 1(bridge_slave_0) entered disabled state
[  685.030911][ T5316] usb 4-1: config 0 descriptor??
[  685.039832][ T5316] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  685.049584][T15885] bridge_slave_0: entered allmulticast mode
[  685.067295][T15885] bridge_slave_0: entered promiscuous mode
[  685.068247][ T5316] dvb-usb: bulk message failed: -22 (3/0)
[  685.082600][   T46] uclogic 0003:256C:006D.0011: failed retrieving string descriptor #100: -71
[  685.095220][T15885] bridge0: port 2(bridge_slave_1) entered blocking state
[  685.104865][T15885] bridge0: port 2(bridge_slave_1) entered disabled state
[  685.112355][   T46] uclogic 0003:256C:006D.0011: failed retrieving pen parameters: -71
[  685.138061][ T5316] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  685.145058][   T46] uclogic 0003:256C:006D.0011: failed probing pen v1 parameters: -71
[  685.159528][T15885] bridge_slave_1: entered allmulticast mode
[  685.171177][ T5237] Bluetooth: hci0: command tx timeout
[  685.185983][   T46] uclogic 0003:256C:006D.0011: failed probing parameters: -71
[  685.187694][T15885] bridge_slave_1: entered promiscuous mode
[  685.202980][ T5316] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  685.208864][   T46] uclogic 0003:256C:006D.0011: probe with driver uclogic failed with error -71
[  685.220518][T15917] syz.1.3717[15917] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  685.220692][T15917] syz.1.3717[15917] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  685.233111][ T5316] usb 4-1: media controller created
[  685.256593][   T46] usb 5-1: USB disconnect, device number 25
[  685.283849][T15904] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  685.325461][ T1265] ieee802154 phy0 wpan0: encryption failed: -22
[  685.332254][ T1265] ieee802154 phy1 wpan1: encryption failed: -22
[  685.333342][ T5316] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  685.351271][T15904] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  685.377849][T15904] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  685.437897][ T5316] dvb-usb: bulk message failed: -22 (6/0)
[  685.450915][T15904] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  685.495709][ T5316] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  685.533970][ T5316] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input22
[  685.601790][T15885] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  685.616454][ T5316] dvb-usb: schedule remote query interval to 150 msecs.
[  685.626450][ T5316] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  685.644907][T15885] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  685.669956][ T5316] usb 4-1: USB disconnect, device number 21
[  685.742554][ T5316] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  685.835043][T15923] netlink: 'syz.1.3718': attribute type 1 has an invalid length.
[  685.931526][T15930] ip6t_REJECT: ECHOREPLY is not supported
[  686.231923][T15923] 8021q: adding VLAN 0 to HW filter on device bond1
[  687.134304][T15927] bond1: (slave ip6gretap1): making interface the new active one
[  687.186254][T15927] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  687.241618][ T5237] Bluetooth: hci0: command tx timeout
[  687.253860][T15926] netlink: 'syz.5.3719': attribute type 1 has an invalid length.
[  687.326493][T15885] team0: Port device team_slave_0 added
[  687.513428][T15885] team0: Port device team_slave_1 added
[  687.698494][T15948] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3729'.
[  688.262480][T15885] batman_adv: batadv0: Adding interface: batadv_slave_0
[  688.295319][T15885] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  688.360576][T15885] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  688.381676][T15885] batman_adv: batadv0: Adding interface: batadv_slave_1
[  688.406631][T15885] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  688.549702][T15885] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  688.613907][T15960] loop4: detected capacity change from 0 to 8
[  689.364179][   T54] Bluetooth: hci0: command tx timeout
[  689.755365][T15885] hsr_slave_0: entered promiscuous mode
[  689.810819][T15885] hsr_slave_1: entered promiscuous mode
[  690.156867][T15449] usb 2-1: new full-speed USB device number 28 using dummy_hcd
[  691.147480][T15983] loop5: detected capacity change from 0 to 512
[  691.176466][T15449] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  691.217490][T15983] EXT4-fs (loop5): Test dummy encryption mode enabled
[  691.248010][T15449] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  691.259207][T15985] netlink: 'syz.4.3738': attribute type 1 has an invalid length.
[  691.259759][T15987] ip6t_REJECT: ECHOREPLY is not supported
[  691.277400][T15449] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  691.305365][T15449] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  691.306275][T15983] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2240: inode #12: comm syz.5.3739: corrupted in-inode xattr: invalid ea_ino
[  691.551941][   T46] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  691.571669][T15983] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.3739: couldn't read orphan inode 12 (err -117)
[  691.591709][T15449] usb 2-1: config 0 descriptor??
[  692.253518][T15983] EXT4-fs (loop5): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  692.317387][T15449] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  692.372948][   T46] usb 4-1: too many endpoints for config 0 interface 0 altsetting 49: 56, using maximum allowed: 30
[  692.383812][T15449] dvb-usb: bulk message failed: -22 (3/0)
[  692.416933][   T46] usb 4-1: config 0 interface 0 altsetting 49 has 0 endpoint descriptors, different from the interface descriptor's value: 56
[  692.434254][   T46] usb 4-1: config 0 interface 0 has no altsetting 0
[  692.455220][   T46] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  692.469694][T15449] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  692.505086][   T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  692.512094][T15449] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  692.521771][   T46] usb 4-1: Product: syz
[  692.521797][   T46] usb 4-1: Manufacturer: syz
[  692.521818][   T46] usb 4-1: SerialNumber: syz
[  692.524932][   T46] usb 4-1: config 0 descriptor??
[  692.579456][T15970] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  692.617749][T15449] usb 2-1: media controller created
[  692.671494][T15449] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  692.767128][T15970] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  692.789715][T15449] dvb-usb: bulk message failed: -22 (6/0)
[  692.798500][T15885] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  692.813480][T15449] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  692.814533][T15970] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  692.863176][T15449] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input23
[  692.900167][T15970] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  692.982865][T15449] dvb-usb: schedule remote query interval to 150 msecs.
[  692.989908][T15449] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  693.146121][T15449] usb 2-1: USB disconnect, device number 28
[  693.475744][T15885] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  693.498587][T15449] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  693.789738][T15885] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  693.960057][T16005] syz.0.3743 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  694.226425][T15885] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  695.516967][   T46] ch341 4-1:0.0: ch341-uart converter detected
[  695.557653][   T46] usb 4-1: failed to receive control message: -71
[  695.664099][   T46] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  695.729202][   T46] usb 4-1: USB disconnect, device number 22
[  695.754505][T16020] loop1: detected capacity change from 0 to 512
[  695.811242][   T46] ch341 4-1:0.0: device disconnected
[  695.831742][T16020] ext4: Unknown parameter 'noacl'
[  695.935104][T15885] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  695.949877][T14838] EXT4-fs (loop5): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  697.143355][T15885] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  697.374328][T15885] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  697.444148][T15885] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  697.500283][T16031] netlink: 'syz.3.3752': attribute type 1 has an invalid length.
[  697.580830][T16039] input: syz0 as /devices/virtual/input/input24
[  697.620593][T16031] ip6t_REJECT: ECHOREPLY is not supported
[  697.715993][ T5316] kernel read not supported for file /uinput (pid: 5316 comm: kworker/0:6)
[  697.966941][T15885] 8021q: adding VLAN 0 to HW filter on device bond0
[  698.042529][ T5316] kernel write not supported for file [eventfd] (pid: 5316 comm: kworker/0:6)
[  698.110683][    T8] usb 1-1: new full-speed USB device number 19 using dummy_hcd
[  698.119703][T15885] 8021q: adding VLAN 0 to HW filter on device team0
[  698.204718][ T2574] bridge0: port 1(bridge_slave_0) entered blocking state
[  698.211982][ T2574] bridge0: port 1(bridge_slave_0) entered forwarding state
[  698.302961][ T2574] bridge0: port 2(bridge_slave_1) entered blocking state
[  698.310208][ T2574] bridge0: port 2(bridge_slave_1) entered forwarding state
[  698.387328][    T8] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  698.430573][    T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  698.489109][    T8] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  698.539095][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  698.559641][    C0] TCP: request_sock_TCP: Possible SYN flooding on port [::]:2. Sending cookies.
[  698.715202][    T8] usb 1-1: config 0 descriptor??
[  699.377147][T16041] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  699.461563][    T8] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  699.468262][    T8] dvb-usb: bulk message failed: -22 (3/0)
[  699.506144][T15885] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  699.511852][    T8] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  699.603371][T16041] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  699.641749][    T8] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  699.648892][    T8] usb 1-1: media controller created
[  699.673944][    T8] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  699.692151][T16041] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  699.731427][    T8] dvb-usb: bulk message failed: -22 (6/0)
[  699.758311][T16041] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  699.773372][    T8] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  699.823287][    T8] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input25
[  699.899632][    T8] dvb-usb: schedule remote query interval to 150 msecs.
[  699.947359][    T8] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  699.985371][    T8] usb 1-1: USB disconnect, device number 19
[  700.067708][    T8] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  700.386267][T15885] 8021q: adding VLAN 0 to HW filter on device batadv0
[  700.651237][T15885] veth0_vlan: entered promiscuous mode
[  700.747651][T15885] veth1_vlan: entered promiscuous mode
[  700.801089][T16087] netlink: 'syz.0.3770': attribute type 1 has an invalid length.
[  701.008601][T15885] veth0_macvtap: entered promiscuous mode
[  701.082153][T15885] veth1_macvtap: entered promiscuous mode
[  701.142611][T14905] kernel write not supported for file [eventfd] (pid: 14905 comm: kworker/1:0)
[  701.215734][T15885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  701.243059][T15885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  701.254153][T15885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  701.272839][T15885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  701.302676][T15885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  701.338824][T15885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  701.372008][T15885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  701.412493][T15885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  701.440133][T15885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  701.468833][T15885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  701.500970][T15885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  701.537801][T15885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  701.587567][T15885] batman_adv: batadv0: Interface activated: batadv_slave_0
[  701.674194][T15885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  701.760741][T15885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  701.801331][T15885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  701.847425][T15885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  701.876895][T15885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  701.922786][T15885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  701.952008][T15885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  701.980467][T15885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.000443][T15885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  702.032715][T15885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.052947][T15885] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  702.080534][T15885] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  702.105357][T15885] batman_adv: batadv0: Interface activated: batadv_slave_1
[  702.156389][T15885] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  702.193980][T15885] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  702.226420][T15885] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  702.256907][T15885] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  702.280587][ T5233] usb 6-1: new full-speed USB device number 18 using dummy_hcd
[  702.349421][T16113] gfs2: gfs2 mount does not exist
[  703.623404][T16120] binder: BINDER_SET_CONTEXT_MGR already set
[  703.630047][T16120] binder: 16116:16120 ioctl 4018620d 200001c0 returned -16
[  703.920949][ T5233] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  704.057687][ T5233] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  704.334883][ T5233] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  704.365624][ T5233] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  704.416776][T16130] loop3: detected capacity change from 0 to 1024
[  704.426387][T16130] EXT4-fs: Ignoring removed bh option
[  704.432021][T16130] ext2: Unknown parameter 'dont_hash'
[  704.852459][ T2574] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  704.860318][ T2574] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  704.901765][ T5233] usb 6-1: config 0 descriptor??
[  704.983519][ T5233] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  705.042790][ T5233] dvb-usb: bulk message failed: -22 (3/0)
[  705.130698][ T5233] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  705.206346][ T5233] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  705.247835][ T5233] usb 6-1: media controller created
[  705.262841][ T5233] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  705.351341][ T5233] dvb-usb: bulk message failed: -22 (6/0)
[  705.391933][ T5233] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  705.437571][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  705.445681][ T5233] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input26
[  705.480139][ T5233] dvb-usb: schedule remote query interval to 150 msecs.
[  705.480514][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  705.508670][ T5233] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  705.523868][T16143] netlink: 'syz.1.3791': attribute type 1 has an invalid length.
[  705.592237][ T5233] usb 6-1: USB disconnect, device number 18
[  705.819135][ T5233] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  705.905259][   T54] Bluetooth: hci2: unexpected event for opcode 0x1003
[  707.990802][ T5300] usb 5-1: new full-speed USB device number 26 using dummy_hcd
[  708.058908][T16175] loop5: detected capacity change from 0 to 1024
[  708.094790][T16175] EXT4-fs: Ignoring removed orlov option
[  708.115494][T16175] EXT4-fs: Ignoring removed nomblk_io_submit option
[  708.378168][ T5297] usb 2-1: new full-speed USB device number 29 using dummy_hcd
[  708.412120][T16175] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  710.770825][T16186] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  710.782710][ T5297] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  710.830821][   T54] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  710.846679][   T54] Bluetooth: hci2: Injecting HCI hardware error event
[  710.857229][ T5237] Bluetooth: hci2: hardware error 0x00
[  710.936345][ T5297] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  710.945269][ T5300] usb 5-1: New USB device found, idVendor=13d8, idProduct=0001, bcdDevice=30.62
[  710.945307][ T5300] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  710.945335][ T5300] usb 5-1: Product: syz
[  710.945355][ T5300] usb 5-1: Manufacturer: syz
[  710.945376][ T5300] usb 5-1: SerialNumber: syz
[  711.000417][ T5300] usb 5-1: config 0 descriptor??
[  711.021066][ T5300] usb 5-1: can't set config #0, error -71
[  711.071963][ T5300] usb 5-1: USB disconnect, device number 26
[  711.130719][ T5297] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  711.140325][ T5297] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  711.309366][T14838] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  711.323561][ T5297] usb 2-1: config 0 descriptor??
[  711.329579][ T5297] usb 2-1: can't set config #0, error -71
[  711.358732][   T54] Bluetooth: hci2: unexpected event for opcode 0x1003
[  711.372409][ T5297] usb 2-1: USB disconnect, device number 29
[  711.463634][   T29] audit: type=1326 audit(1725578062.316:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16201 comm="syz.0.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8c097cef9 code=0x7ffc0000
[  711.580617][   T29] audit: type=1326 audit(1725578062.316:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16201 comm="syz.0.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8c097cef9 code=0x7ffc0000
[  711.709422][   T29] audit: type=1326 audit(1725578062.376:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16201 comm="syz.0.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7fa8c097cef9 code=0x7ffc0000
[  711.734559][T16206] netlink: 'syz.5.3813': attribute type 1 has an invalid length.
[  711.821574][   T29] audit: type=1326 audit(1725578062.376:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16201 comm="syz.0.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8c097cef9 code=0x7ffc0000
[  711.930729][   T29] audit: type=1326 audit(1725578062.376:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16201 comm="syz.0.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8c097cef9 code=0x7ffc0000
[  712.038619][   T29] audit: type=1326 audit(1725578062.386:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16201 comm="syz.0.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7fa8c097cef9 code=0x7ffc0000
[  712.222015][   T29] audit: type=1326 audit(1725578062.386:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16201 comm="syz.0.3814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa8c097cef9 code=0x7ffc0000
[  712.842353][   T54] Bluetooth: hci0: command tx timeout
[  712.930703][ T5237] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  713.848323][T16268] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3842'.
[  714.000775][T16272] fuse: Unknown parameter '0x0000000000000007'
[  714.967803][T16304] loop1: detected capacity change from 0 to 512
[  715.027257][T16304] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  715.202339][T16313] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3859'.
[  715.452807][T16320] fuse: Unknown parameter '0x0000000000000007'
[  715.854703][T16341] loop1: detected capacity change from 0 to 512
[  715.933328][T16341] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  716.301292][T16350] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3875'.
[  716.620748][ T5237] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  716.631366][ T5237] Bluetooth: hci4: Injecting HCI hardware error event
[  716.642801][ T5237] Bluetooth: hci4: hardware error 0x00
[  717.965340][T16373] netlink: 348 bytes leftover after parsing attributes in process `syz.1.3884'.
[  718.267543][T16383] loop1: detected capacity change from 0 to 512
[  718.338342][T16383] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[  718.402522][T16386] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3889'.
[  718.567996][T16390] loop5: detected capacity change from 0 to 512
[  718.631947][T16390] ext4: Unknown parameter 'noacl'
[  718.857299][ T5237] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  720.003710][T16412] netlink: 348 bytes leftover after parsing attributes in process `syz.5.3900'.
[  720.041768][T16409] loop1: detected capacity change from 0 to 4096
[  720.147012][T16409] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  721.046987][T16428] loop4: detected capacity change from 0 to 512
[  721.133402][T16428] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  721.406773][T14850] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.838095][T16447] loop1: detected capacity change from 0 to 512
[  721.847770][T16447] ext4: Unknown parameter 'noacl'
[  722.174156][T16449] xt_CT: You must specify a L4 protocol and not use inversions on it
[  722.678907][T16452] loop5: detected capacity change from 0 to 1024
[  722.811434][T16452] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  723.696851][T16462] netlink: 348 bytes leftover after parsing attributes in process `syz.2.3915'.
[  724.305024][T16479] loop3: detected capacity change from 0 to 512
[  724.350116][T16479] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  725.816863][T16493] binder: 16492:16493 unknown command 0
[  725.846608][T16493] binder: 16492:16493 ioctl c0306201 20000480 returned -22
[  726.123880][T16495] loop3: detected capacity change from 0 to 1024
[  726.153499][T16495] EXT4-fs: Ignoring removed nobh option
[  726.685652][T16495] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  727.153374][T10297] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  727.494767][T14838] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  730.044372][T16536] binder: 16534:16536 unknown command 0
[  730.103961][T16536] binder: 16534:16536 ioctl c0306201 20000480 returned -22
[  730.282219][T16542] loop1: detected capacity change from 0 to 512
[  730.336365][T16542] EXT4-fs (loop1): 1 truncate cleaned up
[  730.352037][T16545] loop3: detected capacity change from 0 to 1024
[  730.383976][T16542] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  730.452132][T16545] EXT4-fs: Ignoring removed nobh option
[  730.519539][T16542] bridge1: entered promiscuous mode
[  730.537892][T16542] bridge1: entered allmulticast mode
[  730.539419][T16545] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  730.948161][T10297] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  731.062210][T16556] veth0_vlan: entered allmulticast mode
[  731.442108][T14850] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  731.536329][   T29] audit: type=1326 audit(1725578082.396:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16566 comm="syz.4.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f5ed7cef9 code=0x7ffc0000
[  731.657286][   T29] audit: type=1326 audit(1725578082.396:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16566 comm="syz.4.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=155 compat=0 ip=0x7f2f5ed7cef9 code=0x7ffc0000
[  731.722042][T16573] binder: 16571:16573 unknown command 0
[  731.755359][   T29] audit: type=1326 audit(1725578082.396:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16566 comm="syz.4.3955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f5ed7cef9 code=0x7ffc0000
[  731.768317][T16573] binder: 16571:16573 ioctl c0306201 20000480 returned -22
[  732.585672][T16579] loop4: detected capacity change from 0 to 256
[  732.641854][T16579] vfat: Unknown parameter 'uni_xlatå'
[  735.610660][T16620] binder: 16619:16620 unknown command 0
[  735.673641][T16620] binder: 16619:16620 ioctl c0306201 20000480 returned -22
[  736.751998][T16626] loop1: detected capacity change from 0 to 512
[  736.790578][T16626] EXT4-fs (loop1): blocks per group (71) and clusters per group (20800) inconsistent
[  736.915396][   T46] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  736.923649][   T46] hid-generic 0000:0000:0000.0012: unknown main item tag 0x0
[  736.946658][   T46] hid-generic 0000:0000:0000.0012: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  737.454180][T16626] loop1: detected capacity change from 0 to 512
[  737.598712][T16626] loop1: detected capacity change from 0 to 512
[  737.923011][T16656] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3986'.
[  738.110143][T16661] binder: 16657:16661 unknown command 0
[  738.138457][T16661] binder: 16657:16661 ioctl c0306201 20000480 returned -22
[  738.281032][T16667] loop4: detected capacity change from 0 to 512
[  738.321767][T16667] ext4: Unknown parameter 'noacl'
[  738.337162][T16668] loop3: detected capacity change from 0 to 8
[  738.577351][T16668] SQUASHFS error: lzo decompression failed, data probably corrupt
[  738.611640][   T54] Bluetooth: hci3: command 0x0406 tx timeout
[  738.811522][T16668] SQUASHFS error: Failed to read block 0x91: -5
[  738.880588][T16668] SQUASHFS error: Unable to read metadata cache entry [8f]
[  738.888044][T16668] SQUASHFS error: Unable to read inode 0x11f
[  740.277279][T16707] loop3: detected capacity change from 0 to 1024
[  740.318628][T16707] EXT4-fs: Ignoring removed bh option
[  740.402196][T16707] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  740.658721][T16721] binder: 16719:16721 unknown command 0
[  740.695550][T16721] binder: 16719:16721 ioctl c0306201 20000480 returned -22
[  740.945131][T16730] loop4: detected capacity change from 0 to 512
[  740.984128][T16730] ext4: Unknown parameter 'noacl'
[  741.286265][T10297] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  741.958814][T14536] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  742.413539][T14536] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  743.203125][T14536] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  743.605000][T14536] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  743.771605][T16757] binder: 16756:16757 ioctl c0306201 0 returned -14
[  745.254528][   T54] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  745.273578][   T54] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  745.289645][   T54] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  745.301015][   T54] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  745.311162][   T54] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  745.331969][   T54] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  745.376820][T16786] loop5: detected capacity change from 0 to 2048
[  745.436000][T14536] bridge_slave_1: left allmulticast mode
[  745.481265][T14536] bridge_slave_1: left promiscuous mode
[  745.518857][T14536] bridge0: port 2(bridge_slave_1) entered disabled state
[  745.546445][T16786] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  745.621489][T14536] bridge_slave_0: left allmulticast mode
[  745.626250][T16786] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  745.627165][T14536] bridge_slave_0: left promiscuous mode
[  745.718424][T14536] bridge0: port 1(bridge_slave_0) entered disabled state
[  746.765724][ T1265] ieee802154 phy0 wpan0: encryption failed: -22
[  746.775063][ T1265] ieee802154 phy1 wpan1: encryption failed: -22
[  746.831746][T16810] binder: 16809:16810 ioctl c0306201 0 returned -14
[  747.074816][T16815] netlink: 20 bytes leftover after parsing attributes in process `syz.0.4043'.
[  747.263263][ T5297] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  747.400774][ T5237] Bluetooth: hci5: command tx timeout
[  747.675379][ T5297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  747.703151][ T5297] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  747.756232][ T5297] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  747.766800][ T5297] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  747.786011][ T5297] usb 3-1: config 0 descriptor??
[  747.992005][T14536] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  748.039142][T14536] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  748.086190][T14536] bond0 (unregistering): Released all slaves
[  748.781866][T16837] 9pnet_fd: Insufficient options for proto=fd
[  749.533611][ T5237] Bluetooth: hci5: command tx timeout
[  750.420815][ T5297] usbhid 3-1:0.0: can't add hid device: -71
[  750.428580][ T5297] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  750.508254][ T5297] usb 3-1: USB disconnect, device number 37
[  750.781625][T14536] hsr_slave_0: left promiscuous mode
[  750.829418][T16859] loop4: detected capacity change from 0 to 1024
[  750.880638][T14536] hsr_slave_1: left promiscuous mode
[  750.914835][T16859] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  750.954006][T14536] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  750.998212][T14536] batman_adv: batadv0: Removing interface: batadv_slave_0
[  751.013987][ T2569] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  751.038607][T16867] binder: 16865:16867 ioctl c0306201 0 returned -14
[  751.082034][T14536] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  751.089515][T14536] batman_adv: batadv0: Removing interface: batadv_slave_1
[  751.109380][ T2569] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28
[  751.165625][ T2569] EXT4-fs (loop4): This should not happen!! Data will be lost
[  751.165625][ T2569] 
[  751.206731][ T2569] EXT4-fs (loop4): Total free blocks count 0
[  751.243726][ T2569] EXT4-fs (loop4): Free/Dirty block details
[  751.249877][ T2569] EXT4-fs (loop4): free_blocks=68451041280
[  751.293608][T14536] veth1_macvtap: left promiscuous mode
[  751.300193][T14536] veth0_macvtap: left promiscuous mode
[  751.310479][ T2569] EXT4-fs (loop4): dirty_blocks=64
[  751.315633][ T2569] EXT4-fs (loop4): Block reservation details
[  751.342511][ T2569] EXT4-fs (loop4): i_reserved_data_blocks=4
[  751.350491][T14536] veth1_vlan: left promiscuous mode
[  751.355772][T14536] veth0_vlan: left promiscuous mode
[  751.375433][T16878] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4060'.
[  751.395281][T11799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  751.565870][ T5237] Bluetooth: hci5: command tx timeout
[  752.921015][ T5316] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  753.123882][ T5316] usb 6-1: Using ep0 maxpacket: 8
[  753.139945][ T5316] usb 6-1: unable to get BOS descriptor or descriptor too short
[  753.156853][ T5316] usb 6-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  753.169867][T14536] team0 (unregistering): Port device team_slave_1 removed
[  753.194727][ T5316] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  753.214442][ T5316] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  753.230453][ T5316] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  753.248167][ T5316] usb 6-1: Product: syz
[  753.253776][T14536] team0 (unregistering): Port device team_slave_0 removed
[  753.255127][ T5316] usb 6-1: Manufacturer: syz
[  753.266153][ T5316] usb 6-1: SerialNumber: syz
[  753.640813][ T5237] Bluetooth: hci5: command tx timeout
[  754.095646][T16893] mac80211_hwsim hwsim51 wlan1: entered allmulticast mode
[  754.417911][ T5316] usb 6-1: invalid UAC_HEADER (v1)
[  754.488033][ T5316] snd-usb-audio 6-1:1.0: probe with driver snd-usb-audio failed with error -22
[  754.525555][ T5316] usb 6-1: USB disconnect, device number 19
[  754.570275][T14817] udevd[14817]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  754.645501][T16780] chnl_net:caif_netlink_parms(): no params data found
[  754.744496][T16924] 9pnet_fd: Insufficient options for proto=fd
[  754.898985][T16931] loop1: detected capacity change from 0 to 512
[  755.027104][T16931] EXT4-fs (loop1): 1 truncate cleaned up
[  755.102465][T16931] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  756.161022][T16949] EXT4-fs error (device loop1): ext4_add_entry:2435: inode #2: comm syz.1.4073: Directory hole found for htree leaf block 0
[  757.498329][T16951] EXT4-fs error (device loop1): ext4_add_entry:2435: inode #2: comm syz.1.4073: Directory hole found for htree leaf block 0
[  757.540692][T16948] EXT4-fs error (device loop1): ext4_add_entry:2435: inode #2: comm syz.1.4073: Directory hole found for htree leaf block 0
[  757.617902][T16954] EXT4-fs error (device loop1): ext4_add_entry:2435: inode #2: comm syz.1.4073: Directory hole found for htree leaf block 0
[  757.646386][T16956] EXT4-fs error (device loop1): ext4_add_entry:2435: inode #2: comm syz.1.4073: Directory hole found for htree leaf block 0
[  757.908470][T16959] netlink: 20 bytes leftover after parsing attributes in process `syz.5.4076'.
[  757.982298][T16946] netlink: 'syz.2.4074': attribute type 4 has an invalid length.
[  758.052055][T14850] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  758.063835][T16780] bridge0: port 1(bridge_slave_0) entered blocking state
[  758.094535][T16780] bridge0: port 1(bridge_slave_0) entered disabled state
[  758.143833][T16780] bridge_slave_0: entered allmulticast mode
[  758.187289][T16780] bridge_slave_0: entered promiscuous mode
[  758.245905][T16780] bridge0: port 2(bridge_slave_1) entered blocking state
[  758.280704][T16780] bridge0: port 2(bridge_slave_1) entered disabled state
[  758.314232][T16780] bridge_slave_1: entered allmulticast mode
[  758.361416][T16780] bridge_slave_1: entered promiscuous mode
[  758.668247][T16968] bridge0: port 2(bridge_slave_1) entered disabled state
[  758.676190][T16968] bridge0: port 1(bridge_slave_0) entered disabled state
[  758.733090][T16968] bridge0: port 2(bridge_slave_1) entered blocking state
[  758.740639][T16968] bridge0: port 2(bridge_slave_1) entered forwarding state
[  758.750493][T16968] bridge0: port 1(bridge_slave_0) entered blocking state
[  758.757705][T16968] bridge0: port 1(bridge_slave_0) entered forwarding state
[  758.847052][T16968] team0: Port device bridge0 added
[  758.884914][T16973] bridge_slave_1: left allmulticast mode
[  758.910122][T16973] bridge_slave_1: left promiscuous mode
[  758.946958][T16973] bridge0: port 2(bridge_slave_1) entered disabled state
[  758.973390][T16973] bridge_slave_0: left allmulticast mode
[  758.996025][T16973] bridge_slave_0: left promiscuous mode
[  759.011824][T16973] bridge0: port 1(bridge_slave_0) entered disabled state
[  759.143236][T16973] team0: Port device bridge0 removed
[  759.334492][T16780] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  759.366560][   T46] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  759.428640][T16780] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  759.581199][   T46] usb 6-1: Using ep0 maxpacket: 32
[  759.603705][   T46] usb 6-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  759.615274][T16994] vxcan1: entered allmulticast mode
[  759.626263][   T46] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  759.643809][   T46] usb 6-1: Product: syz
[  759.669851][T16995] netlink: 'syz.1.4088': attribute type 39 has an invalid length.
[  759.704106][T16995] vxcan1: left allmulticast mode
[  759.894881][T16780] team0: Port device team_slave_0 added
[  759.911527][   T46] usb 6-1: Manufacturer: syz
[  759.916292][   T46] usb 6-1: SerialNumber: syz
[  759.924433][   T46] usb 6-1: config 0 descriptor??
[  759.933558][   T46] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  760.502097][T16780] team0: Port device team_slave_1 added
[  760.510454][   T46] gspca_ov534_9: reg_w failed -110
[  760.563522][T17015] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4092'.
[  760.682138][T16780] batman_adv: batadv0: Adding interface: batadv_slave_0
[  760.720914][ T5316] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  760.729438][T16780] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  760.859872][T16780] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  760.885855][T17021] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4094'.
[  760.905515][T16780] batman_adv: batadv0: Adding interface: batadv_slave_1
[  760.922718][ T5316] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  760.924876][T16780] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  760.959735][ T5316] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  760.989661][ T5316] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  761.017985][ T5316] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  761.021314][T16780] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  761.069292][ T5316] usb 3-1: config 0 descriptor??
[  761.080577][   T46] gspca_ov534_9: Unknown sensor 0000
[  761.080681][   T46] ov534_9 6-1:0.0: probe with driver ov534_9 failed with error -22
[  761.207577][T16780] hsr_slave_0: entered promiscuous mode
[  761.257309][T16780] hsr_slave_1: entered promiscuous mode
[  761.278363][T16780] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  761.290414][T16780] Cannot create hsr debugfs directory
[  761.517267][ T5316] hid (null): bogus close delimiter
[  762.361722][ T5298] usb 6-1: USB disconnect, device number 20
[  762.475222][ T5316] usb 3-1: language id specifier not provided by device, defaulting to English
[  762.579900][ T5316] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0013/input/input27
[  762.732803][ T5316] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0013/input/input28
[  762.789691][ T5316] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0013/input/input29
[  762.900726][ T5316] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0013/input/input30
[  763.085156][ T5316] uclogic 0003:256C:006D.0013: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[  763.190448][ T5316] usb 3-1: USB disconnect, device number 38
[  763.234692][   T46] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  763.441774][   T46] usb 5-1: too many configurations: 65, using maximum allowed: 8
[  763.493415][   T46] usb 5-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  763.522914][   T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  763.740939][T17070] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4108'.
[  764.000979][   T46] usb 5-1: Found UVC 0.00 device <unnamed> (046d:08c1)
[  764.035387][   T46] usb 5-1: No valid video chain found.
[  764.063328][   T46] usb 5-1: USB disconnect, device number 27
[  764.677005][T17080] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4110'.
[  764.721740][T17090] netlink: 132 bytes leftover after parsing attributes in process `syz.2.4114'.
[  764.770708][T17093] netlink: 'syz.2.4114': attribute type 10 has an invalid length.
[  764.787575][T17095] 9pnet_fd: Insufficient options for proto=fd
[  764.837287][T17093] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  765.390035][T17117] netlink: 32 bytes leftover after parsing attributes in process `syz.4.4122'.
[  765.435387][T16780] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  765.473079][T16780] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  765.509898][T16780] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  765.561390][ T5316] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  765.569622][T16780] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  765.781004][ T5316] usb 1-1: Using ep0 maxpacket: 8
[  765.824192][ T5316] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  765.841431][T17130] netlink: 32 bytes leftover after parsing attributes in process `syz.2.4127'.
[  765.848381][ T5316] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  765.870502][ T5316] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  765.882737][ T5316] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  765.896188][ T5316] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  765.919909][T17132] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  765.948287][ T5316] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  766.073246][T17134] 9pnet_fd: Insufficient options for proto=fd
[  766.236561][ T5316] usb 1-1: GET_CAPABILITIES returned 0
[  766.259067][ T5316] usbtmc 1-1:16.0: can't read capabilities
[  766.315495][T17140] netlink: 4096 bytes leftover after parsing attributes in process `syz.2.4130'.
[  766.346195][T17140] openvswitch: netlink: Missing key (keys=400040, expected=200000)
[  766.489316][ T5298] usb 1-1: USB disconnect, device number 20
[  766.506451][T16780] 8021q: adding VLAN 0 to HW filter on device bond0
[  766.677404][T16780] 8021q: adding VLAN 0 to HW filter on device team0
[  766.860282][T14236] bridge0: port 1(bridge_slave_0) entered blocking state
[  766.867501][T14236] bridge0: port 1(bridge_slave_0) entered forwarding state
[  766.938858][  T178] bridge0: port 2(bridge_slave_1) entered blocking state
[  766.946115][  T178] bridge0: port 2(bridge_slave_1) entered forwarding state
[  767.188113][T17153] netlink: 'syz.5.4134': attribute type 16 has an invalid length.
[  767.219093][T16780] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  768.180667][ T5298] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  768.215718][T16780] 8021q: adding VLAN 0 to HW filter on device batadv0
[  768.382613][ T5298] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  768.413732][ T5298] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  768.444834][ T5298] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  768.468812][ T5298] usb 1-1: Product: syz
[  768.521061][ T5298] usb 1-1: Manufacturer: syz
[  768.542098][ T5298] usb 1-1: SerialNumber: syz
[  768.589320][T16780] veth0_vlan: entered promiscuous mode
[  768.634324][T16780] veth1_vlan: entered promiscuous mode
[  768.723775][T17189] 9pnet_fd: Insufficient options for proto=fd
[  768.783656][T16780] veth0_macvtap: entered promiscuous mode
[  768.833941][T16780] veth1_macvtap: entered promiscuous mode
[  768.944939][T16780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  768.956157][T16780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  768.974436][T16780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  769.008220][T16780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  769.031770][T16780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  769.063004][T16780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  769.089686][T16780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  769.129040][T16780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  769.152843][T16780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  769.179250][T16780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  769.205253][T16780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  769.260526][T16780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  769.289469][T16780] batman_adv: batadv0: Interface activated: batadv_slave_0
[  769.303768][T16780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  769.348385][T16780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  769.407814][T16780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  769.475534][T16780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  769.539551][T16780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  769.570467][T16780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  769.606203][T16780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  769.617354][T16780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  769.629759][T16780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  769.646044][T16780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  769.656302][ T5298] cdc_ncm 1-1:1.0: MAC-Address: 42:42:42:42:42:42
[  769.663177][ T5298] cdc_ncm 1-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[  769.670931][T16780] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  769.688559][ T5298] cdc_ncm 1-1:1.0: setting rx_max = 2048
[  769.694908][T16780] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  769.732045][T16780] batman_adv: batadv0: Interface activated: batadv_slave_1
[  769.746647][ T5316] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  769.787925][T17207] veth1_virt_wifi: entered promiscuous mode
[  769.830523][T17207] veth1_virt_wifi: left promiscuous mode
[  769.950568][ T5316] usb 3-1: Using ep0 maxpacket: 8
[  769.967852][ T5316] usb 3-1: too many configurations: 249, using maximum allowed: 8
[  769.970969][ T5298] cdc_ncm 1-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.0-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  769.982986][T16780] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  770.044412][T16780] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  770.078734][ T5316] usb 3-1: New USB device found, idVendor=055f, idProduct=a800, bcdDevice=b3.ff
[  770.086593][ T5298] usb 1-1: USB disconnect, device number 21
[  770.098488][T16780] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  770.117654][ T5316] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=2
[  770.127381][ T5298] cdc_ncm 1-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.0-1, CDC NCM (NO ZLP)
[  770.137905][T16780] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  770.162549][ T5316] usb 3-1: Product: syz
[  770.166756][ T5316] usb 3-1: Manufacturer: syz
[  770.200784][ T5316] usb 3-1: SerialNumber: syz
[  770.228067][ T5316] usb 3-1: config 0 descriptor??
[  770.804499][ T5297] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  771.025552][ T5297] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  771.044079][ T5297] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  771.083684][ T5297] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  771.126051][ T5297] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  771.131139][T14537] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  771.146227][ T5297] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  771.175252][T14537] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  771.198424][ T5297] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  771.224390][ T5297] usb 5-1: invalid MIDI out EP 0
[  771.498189][T14537] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  771.506761][ T5297] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[  771.552681][ T5297] usb 5-1: USB disconnect, device number 28
[  771.598278][T14537] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  772.391748][ T5316] mdc800 3-1:0.0: probe fails -> wrong Number of Configuration
[  772.456282][ T5316] usb 3-1: USB disconnect, device number 39
[  772.492894][T17268] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4167'.
[  773.614150][ T5316] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  773.788647][T17317] veth1_virt_wifi: entered promiscuous mode
[  773.839279][T17320] 9pnet_fd: Insufficient options for proto=fd
[  773.847542][T17317] veth1_virt_wifi: left promiscuous mode
[  773.856462][ T5316] usb 5-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  773.886331][ T5316] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  773.914527][ T5316] usb 5-1: Product: syz
[  773.950453][ T5316] usb 5-1: Manufacturer: syz
[  773.961680][ T5316] usb 5-1: SerialNumber: syz
[  773.981110][ T5316] usb 5-1: config 0 descriptor??
[  774.002806][ T5316] i2c-tiny-usb 5-1:0.0: version 6d.cc found at bus 005 address 029
[  774.996670][ T5316]  (null): failure setting delay to 10us
[  775.022406][ T5316] i2c-tiny-usb 5-1:0.0: probe with driver i2c-tiny-usb failed with error -5
[  775.082302][ T5316] usb 5-1: USB disconnect, device number 29
[  776.600859][ T5297] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  776.705423][T17378] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4202'.
[  776.821190][ T5297] usb 3-1: Using ep0 maxpacket: 8
[  776.846316][ T5297] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  776.880144][ T5297] usb 3-1: config 0 has no interface number 0
[  776.918236][ T5297] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  776.971376][ T5297] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  777.036888][ T5297] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  777.071788][ T5297] usb 3-1: config 0 descriptor??
[  777.135260][ T5297] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  777.373034][ T5297] usb 3-1: USB disconnect, device number 40
[  777.408494][ T5297] iowarrior 3-1:0.1: I/O-Warror #0 now disconnected
[  778.162055][ T5300] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  778.380729][ T5300] usb 5-1: Using ep0 maxpacket: 8
[  779.366333][ T5300] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  779.380023][ T5300] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  779.386477][T17402] Bluetooth: MGMT ver 1.23
[  779.397417][ T5300] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  779.409587][ T5300] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  779.443959][ T5300] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  779.477135][ T5300] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  779.491314][T17415] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4211'.
[  779.745232][ T5300] usb 5-1: GET_CAPABILITIES returned 0
[  779.777206][ T5300] usbtmc 5-1:16.0: can't read capabilities
[  780.012646][ T5299] usb 5-1: USB disconnect, device number 30
[  780.145805][ T5300] usb 3-1: new full-speed USB device number 41 using dummy_hcd
[  780.365643][ T5300] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 512, setting to 64
[  780.404317][ T5300] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  780.445573][ T5300] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  780.464242][ T5300] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  780.487467][ T5300] usb 3-1: Product: syz
[  780.496398][ T5300] usb 3-1: Manufacturer: syz
[  780.507907][ T5300] usb 3-1: SerialNumber: syz
[  780.538437][T17424] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  780.782516][T17424] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  781.069230][ T5300] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71
[  781.221486][ T5300] usb 3-1: USB disconnect, device number 41
[  783.270849][T17488] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4230'.
[  783.464316][T17482] loop4: detected capacity change from 0 to 8192
[  783.493164][ T5300] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  783.780596][ T5297] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  784.314430][ T5300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  784.523710][ T5300] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  784.594169][ T5300] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  784.653906][ T5300] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  784.731843][ T5300] usb 2-1: config 0 descriptor??
[  784.760683][ T5297] usb 1-1: Using ep0 maxpacket: 16
[  784.779454][ T5297] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  784.790600][ T5299] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  784.860406][ T5297] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  784.928227][ T5297] usb 1-1: New USB device found, idVendor=006b, idProduct=0101, bcdDevice= 0.40
[  784.970472][ T5299] usb 4-1: Using ep0 maxpacket: 8
[  784.970603][ T5297] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  785.009204][ T5299] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  785.047223][ T5297] usb 1-1: Product: syz
[  785.047267][ T5299] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  785.076612][ T5297] usb 1-1: Manufacturer: syz
[  785.100175][ T5297] usb 1-1: SerialNumber: syz
[  785.120594][ T5299] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  785.168841][ T5300] hid (null): bogus close delimiter
[  785.180983][ T5299] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  785.235490][ T5299] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  785.299715][ T5299] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  785.349663][ T5299] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  785.368696][ T5300] usb 2-1: language id specifier not provided by device, defaulting to English
[  785.408988][ T5297] usb 1-1: 0:2 : does not exist
[  785.472947][ T5297] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  785.584183][ T5297] usb 1-1: 5:0: cannot get min/max values for control 5 (id 5)
[  785.678410][ T5299] usb 4-1: usb_control_msg returned -32
[  785.710336][ T5297] usb 1-1: 5:0: cannot get min/max values for control 5 (id 5)
[  785.720325][ T5299] usbtmc 4-1:16.0: can't read capabilities
[  785.816562][ T5300] uclogic 0003:256C:006D.0014: failed retrieving Huion firmware version: -71
[  785.820915][ T5297] usb 1-1: USB disconnect, device number 22
[  785.885188][ T5300] uclogic 0003:256C:006D.0014: failed probing parameters: -71
[  785.906122][ T5300] uclogic 0003:256C:006D.0014: probe with driver uclogic failed with error -71
[  785.928018][T14817] udevd[14817]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  785.980503][ T5300] usb 2-1: USB disconnect, device number 30
[  787.173473][ T5233] usb 4-1: USB disconnect, device number 23
[  787.300761][T17535] 9pnet_fd: Insufficient options for proto=fd
[  787.481501][T17539] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4247'.
[  789.029674][ T5242] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  789.059672][ T5242] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  789.071047][ T5242] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  789.079850][ T5242] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  789.122644][ T5242] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  789.141296][ T5242] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  789.434458][T17584] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4263'.
[  789.489995][T17586] team0: entered promiscuous mode
[  789.516632][T17586] team_slave_0: entered promiscuous mode
[  789.547911][T17586] team_slave_1: entered promiscuous mode
[  789.632278][T17577] team0: left promiscuous mode
[  789.641276][T17577] team_slave_0: left promiscuous mode
[  789.647643][T17577] team_slave_1: left promiscuous mode
[  790.495055][T17575] chnl_net:caif_netlink_parms(): no params data found
[  791.247703][ T5242] Bluetooth: hci7: command tx timeout
[  791.305447][T17575] bridge0: port 1(bridge_slave_0) entered blocking state
[  791.347559][T17575] bridge0: port 1(bridge_slave_0) entered disabled state
[  791.382388][T17618] netlink: 88 bytes leftover after parsing attributes in process `syz.2.4275'.
[  791.417717][T17575] bridge_slave_0: entered allmulticast mode
[  791.463583][T17575] bridge_slave_0: entered promiscuous mode
[  791.527271][T17575] bridge0: port 2(bridge_slave_1) entered blocking state
[  791.618259][T17575] bridge0: port 2(bridge_slave_1) entered disabled state
[  791.756189][T17575] bridge_slave_1: entered allmulticast mode
[  791.784262][T17575] bridge_slave_1: entered promiscuous mode
[  792.042786][T17575] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  792.109161][T17575] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  792.230817][T15449] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  792.356601][T17575] team0: Port device team_slave_0 added
[  792.395855][T17575] team0: Port device team_slave_1 added
[  792.422707][T15449] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  792.466479][T15449] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  792.500494][T15449] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  792.538697][T15449] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  792.570634][ T5298] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  792.573137][T15449] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  792.622470][T15449] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  792.642824][T17575] batman_adv: batadv0: Adding interface: batadv_slave_0
[  792.649820][T17575] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  792.691725][T15449] usb 5-1: invalid MIDI out EP 0
[  792.696201][T17650] Mount JFS Failure: -22
[  792.724961][T17650] jfs_mount failed w/return code = -22
[  792.782644][T17575] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  792.820064][ T5298] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  792.859600][T15449] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[  792.859706][ T5298] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  792.877177][T17575] batman_adv: batadv0: Adding interface: batadv_slave_1
[  792.914274][T17575] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  792.930408][ T5298] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  792.965601][T15449] usb 5-1: USB disconnect, device number 31
[  793.010423][ T5298] usb 2-1: Product: syz
[  793.024711][T17575] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  793.033720][ T5298] usb 2-1: Manufacturer: syz
[  793.058836][ T5298] usb 2-1: SerialNumber: syz
[  793.321183][ T5242] Bluetooth: hci7: command tx timeout
[  793.424985][T17575] hsr_slave_0: entered promiscuous mode
[  793.494986][T17575] hsr_slave_1: entered promiscuous mode
[  793.570850][T17575] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  793.578609][T17575] Cannot create hsr debugfs directory
[  794.253262][ T5298] cdc_ncm 2-1:1.0: failed to get mac address
[  794.266475][ T5298] cdc_ncm 2-1:1.0: bind() failure
[  794.316544][ T5298] cdc_ncm 2-1:1.1: probe with driver cdc_ncm failed with error -71
[  794.415361][ T5298] cdc_mbim 2-1:1.1: probe with driver cdc_mbim failed with error -71
[  794.475493][ T5298] usbtest 2-1:1.1: probe with driver usbtest failed with error -71
[  794.501815][T17654] netlink: 'syz.2.4289': attribute type 1 has an invalid length.
[  794.506431][ T5298] usb 2-1: USB disconnect, device number 31
[  794.540627][T17654] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.4289'.
[  794.698328][T17575] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  794.937705][T17575] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  795.269996][T17575] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  795.401942][ T5242] Bluetooth: hci7: command tx timeout
[  795.561235][ T5242] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  795.570516][ T5242] Bluetooth: hci5: Injecting HCI hardware error event
[  795.579459][ T5242] Bluetooth: hci5: hardware error 0x00
[  795.754101][T17575] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  796.164128][T17703] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4308'.
[  796.405833][T17575] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  796.477145][T17575] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  796.574638][T17575] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  796.648041][T17575] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  797.295335][T17575] 8021q: adding VLAN 0 to HW filter on device bond0
[  797.439585][T17575] 8021q: adding VLAN 0 to HW filter on device team0
[  797.492456][ T5237] Bluetooth: hci7: command tx timeout
[  797.566563][T14234] bridge0: port 1(bridge_slave_0) entered blocking state
[  797.573794][T14234] bridge0: port 1(bridge_slave_0) entered forwarding state
[  797.887144][ T5242] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  798.570255][   T63] bridge0: port 2(bridge_slave_1) entered blocking state
[  798.577573][   T63] bridge0: port 2(bridge_slave_1) entered forwarding state
[  798.932077][T17760] netlink: 'syz.3.4331': attribute type 1 has an invalid length.
[  798.982405][T17760] ip6t_REJECT: ECHOREPLY is not supported
[  800.042078][T17575] 8021q: adding VLAN 0 to HW filter on device batadv0
[  801.345770][T17820] loop4: detected capacity change from 0 to 512
[  801.397689][T17817] netlink: 'syz.1.4351': attribute type 1 has an invalid length.
[  801.408606][T17820] ext3: Unknown parameter 'pcr'
[  801.477316][T17817] ip6t_REJECT: ECHOREPLY is not supported
[  801.612723][T14234] bridge_slave_1: left allmulticast mode
[  801.634265][T14234] bridge_slave_1: left promiscuous mode
[  801.671101][T14234] bridge0: port 2(bridge_slave_1) entered disabled state
[  801.733997][T14234] bridge_slave_0: left allmulticast mode
[  801.764085][T14234] bridge_slave_0: left promiscuous mode
[  801.800269][T14234] bridge0: port 1(bridge_slave_0) entered disabled state
[  802.127662][T17839] Mount JFS Failure: -22
[  802.143022][T17839] jfs_mount failed w/return code = -22
[  802.284336][T17848] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4362'.
[  804.075585][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  804.246215][T14234] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  804.263895][T14234] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  804.290335][T14234] bond0 (unregistering): Released all slaves
[  804.318389][T17865] loop4: detected capacity change from 0 to 32768
[  804.335200][T17865] XFS: ikeep mount option is deprecated.
[  804.373052][T17864] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4366'.
[  804.455525][T17865] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  804.516551][T17575] veth0_vlan: entered promiscuous mode
[  804.586809][T17575] veth1_vlan: entered promiscuous mode
[  804.632622][T17865] XFS (loop4): Ending clean mount
[  804.670042][T17865] XFS (loop4): Quotacheck needed: Please wait.
[  804.830219][T17865] XFS (loop4): Quotacheck: Done.
[  804.892510][T17887] ip6t_REJECT: ECHOREPLY is not supported
[  804.919757][T17886] netlink: 'syz.3.4371': attribute type 1 has an invalid length.
[  805.299447][T11799] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  805.382601][T17575] veth0_macvtap: entered promiscuous mode
[  805.451830][T17575] veth1_macvtap: entered promiscuous mode
[  805.651991][T14234] hsr_slave_0: left promiscuous mode
[  805.684433][T14234] hsr_slave_1: left promiscuous mode
[  805.786506][T14234] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  805.815679][T14234] batman_adv: batadv0: Removing interface: batadv_slave_0
[  805.861598][T14234] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  805.869057][T14234] batman_adv: batadv0: Removing interface: batadv_slave_1
[  806.577658][T14234] veth1_macvtap: left promiscuous mode
[  806.610956][T14234] veth0_macvtap: left promiscuous mode
[  806.633550][T14234] veth1_vlan: left promiscuous mode
[  806.654150][T14234] veth0_vlan: left promiscuous mode
[  807.671748][T17936] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  808.204401][ T1265] ieee802154 phy0 wpan0: encryption failed: -22
[  808.212951][ T1265] ieee802154 phy1 wpan1: encryption failed: -22
[  808.597523][T17940] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4389'.
[  809.032138][T14234] team0 (unregistering): Port device team_slave_1 removed
[  809.291757][ T5297] IPVS: starting estimator thread 0...
[  809.450582][T17948] IPVS: using max 16 ests per chain, 38400 per kthread
[  809.742531][T14234] team0 (unregistering): Port device team_slave_0 removed
[  809.925207][T17952] loop1: detected capacity change from 0 to 1024
[  809.982107][T17952] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  810.020578][T17952] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  810.052892][T17952] JBD2: no valid journal superblock found
[  810.074071][T17952] EXT4-fs (loop1): Could not load journal inode
[  811.824483][T17912] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4383'.
[  811.892454][T17575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  811.928452][T17575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  811.947412][T17979] netlink: 40 bytes leftover after parsing attributes in process `syz.1.4402'.
[  812.011662][T17575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  812.060591][T17575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  812.100512][T17575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  812.128805][T17575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  812.147763][T17575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  812.159770][T17575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  812.178564][T17575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  812.209899][T17575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  812.231840][T17575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  812.245891][T17575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  812.264673][T17575] batman_adv: batadv0: Interface activated: batadv_slave_0
[  812.285090][T17575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  812.324512][T17575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  812.368987][T17575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  812.408173][T17575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  812.438357][T17575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  812.466163][T17575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  812.488804][T17575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  812.507541][T17575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  812.537817][T17575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  812.566251][T17575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  812.587355][T17575] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  812.620715][T17575] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  812.642597][T17575] batman_adv: batadv0: Interface activated: batadv_slave_1
[  812.861705][T17575] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  812.893721][T17575] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  812.919189][T17575] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  812.952815][T17575] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  814.195926][T18014] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4415'.
[  814.477729][T18007] Process accounting resumed
[  814.510303][T14233] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  814.559134][T14233] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  814.808172][ T2569] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  815.064794][ T2569] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  815.631817][T18032] jfs: Unrecognized mount option "gid=" or missing value
[  815.890048][T18042] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4426'.
[  816.190756][T18053] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4430'.
[  817.004413][T18073] jfs: Unrecognized mount option "0xffffffffffffffff" or missing value
[  817.591118][ T5298] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  818.021708][ T5298] usb 6-1: config 0 has no interfaces?
[  818.110613][ T5298] usb 6-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  818.163713][ T5298] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  818.295478][ T5298] usb 6-1: config 0 descriptor??
[  818.465198][T18052] loop3: detected capacity change from 0 to 32768
[  818.465505][T18096] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4448'.
[  818.588375][T18052] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  818.598035][ T5233] usb 6-1: USB disconnect, device number 21
[  819.603796][T18052] XFS (loop3): Ending clean mount
[  819.741512][T18052] XFS (loop3): Quotacheck needed: Please wait.
[  820.014981][T18122] IPv6: NLM_F_REPLACE set, but no existing node found!
[  820.426196][T18052] XFS (loop3): Quotacheck: Done.
[  820.495357][T18122] loop5: detected capacity change from 0 to 1764
[  822.146955][T18122] iso9660: Corrupted directory entry in block 2 of inode 1920
[  822.397734][T18130] jfs: Unrecognized mount option "0xffffffffffffffff" or missing value
[  822.490869][T16780] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  823.255155][   T29] audit: type=1326 audit(1725578174.096:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18150 comm="syz.4.4465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f5ed7cef9 code=0x7ffc0000
[  823.273940][T18151] loop4: detected capacity change from 0 to 1024
[  823.310666][ T5299] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  823.380577][ T5300] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  823.384804][T18151] EXT4-fs: Ignoring removed orlov option
[  823.403104][   T29] audit: type=1326 audit(1725578174.096:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18150 comm="syz.4.4465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2f5ed7cef9 code=0x7ffc0000
[  823.458116][T18151] EXT4-fs: Ignoring removed nomblk_io_submit option
[  823.480038][   T29] audit: type=1326 audit(1725578174.106:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18150 comm="syz.4.4465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f2f5ed7cef9 code=0x7ffc0000
[  823.502636][    C1] vkms_vblank_simulate: vblank timer overrun
[  823.558391][ T5299] usb 2-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  823.770833][ T5299] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  823.779650][ T5299] usb 2-1: Product: syz
[  823.786776][ T5299] usb 2-1: Manufacturer: syz
[  823.791762][ T5300] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  823.806350][ T5299] usb 2-1: SerialNumber: syz
[  823.817097][ T5300] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  823.979336][ T5300] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  824.026774][ T5300] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  824.050692][ T5299] usb 2-1: config 0 descriptor??
[  824.476592][ T5299] i2c-tiny-usb 2-1:0.0: version 6d.cc found at bus 002 address 032
[  824.671515][   T29] audit: type=1326 audit(1725578174.106:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18150 comm="syz.4.4465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f2f5ed7cf33 code=0x7ffc0000
[  824.697055][ T5300] usb 1-1: config 0 descriptor??
[  824.741064][T18151] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  824.776189][   T29] audit: type=1326 audit(1725578174.116:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18150 comm="syz.4.4465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f2f5ed7b9df code=0x7ffc0000
[  824.902109][   T29] audit: type=1326 audit(1725578174.136:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18150 comm="syz.4.4465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f2f5ed7cf87 code=0x7ffc0000
[  824.984574][   T29] audit: type=1326 audit(1725578174.136:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18150 comm="syz.4.4465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f2f5ed7b890 code=0x7ffc0000
[  825.099343][   T29] audit: type=1326 audit(1725578174.136:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18150 comm="syz.4.4465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2f5ed7cafb code=0x7ffc0000
[  825.181141][ T5300] hid (null): bogus close delimiter
[  825.259340][   T29] audit: type=1326 audit(1725578174.226:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18150 comm="syz.4.4465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2f5ed7bb8a code=0x7ffc0000
[  825.307914][ T5299]  (null): failure setting delay to 10us
[  825.314587][ T5299] i2c-tiny-usb 2-1:0.0: probe with driver i2c-tiny-usb failed with error -5
[  825.351637][   T29] audit: type=1326 audit(1725578174.226:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18150 comm="syz.4.4465" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f2f5ed7bb8a code=0x7ffc0000
[  825.376699][ T5299] usb 2-1: USB disconnect, device number 32
[  825.383333][ T5300] usb 1-1: language id specifier not provided by device, defaulting to English
[  825.423510][T11799] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  825.642065][T18172] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4471'.
[  825.647110][T18175] jfs: Unrecognized mount option "0xffffffffffffffff" or missing value
[  825.798409][ T5300] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0015/input/input31
[  825.960233][ T5300] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0015/input/input32
[  826.079813][ T5300] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0015/input/input33
[  826.223600][ T5300] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:256C:006D.0015/input/input34
[  826.312108][T18190] loop4: detected capacity change from 0 to 128
[  826.551587][ T5300] uclogic 0003:256C:006D.0015: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.0-1/input0
[  826.792714][   T30] INFO: task syz.2.3648:15664 blocked for more than 143 seconds.
[  827.312103][ T5300] usb 1-1: USB disconnect, device number 23
[  827.753485][   T30]       Not tainted 6.11.0-rc6-syzkaller-00070-gc763c4339688 #0
[  828.015131][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  828.880505][T18211] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4483'.
[  829.145106][   T30] task:syz.2.3648      state:D stack:23608 pid:15664 tgid:15662 ppid:12089  flags:0x00004006
[  829.501551][   T30] Call Trace:
[  829.520550][   T30]  <TASK>
[  829.590304][T18216] binder: 18197:18216 ioctl c0306201 20000680 returned -14
[  829.765104][   T30]  __schedule+0x1800/0x4a60
[  829.806646][   T30]  ? __pfx___schedule+0x10/0x10
[  829.856617][   T30]  ? __blk_flush_plug+0x449/0x500
[  829.897861][   T30]  ? __pfx_lock_release+0x10/0x10
[  829.937117][   T30]  ? __blk_flush_plug+0x449/0x500
[  829.982968][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  830.033961][   T30]  ? __pfx___blk_flush_plug+0x10/0x10
[  830.099059][   T30]  ? schedule+0x90/0x320
[  830.125849][   T30]  schedule+0x14b/0x320
[  830.170538][   T30]  io_schedule+0x8d/0x110
[  830.174962][   T30]  folio_wait_bit_common+0x882/0x12b0
[  830.210764][   T30]  ? __pfx_folio_wait_bit_common+0x10/0x10
[  830.216671][   T30]  ? __pfx_wake_page_function+0x10/0x10
[  830.238309][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[  830.243700][   T30]  z_erofs_runqueue+0xa8c/0x2010
[  830.252992][   T30]  ? __pfx_z_erofs_runqueue+0x10/0x10
[  830.258445][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  830.271913][   T30]  ? _raw_spin_unlock+0x28/0x50
[  830.276785][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  830.286738][   T30]  ? lockref_put_or_lock+0x75/0xc0
[  830.294908][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  830.304797][   T30]  z_erofs_readahead+0xbae/0xf00
[  830.309856][   T30]  ? __pfx_z_erofs_readahead+0x10/0x10
[  830.315485][   T30]  ? __pfx_lock_release+0x10/0x10
[  830.326249][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  830.332910][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  830.338558][   T30]  ? blk_start_plug+0x70/0x1b0
[  830.343607][   T30]  read_pages+0x180/0x840
[  830.347967][   T30]  ? __pfx_lru_add_fn+0x10/0x10
[  830.357086][   T30]  ? __pfx_read_pages+0x10/0x10
[  830.362102][   T30]  ? filemap_add_folio+0x26d/0x650
[  830.367256][   T30]  ? __pfx_filemap_add_folio+0x10/0x10
[  830.373144][   T30]  page_cache_ra_unbounded+0x6ce/0x7f0
[  830.378647][   T30]  force_page_cache_ra+0x280/0x2f0
[  830.383861][   T30]  generic_fadvise+0x528/0x840
[  830.388665][   T30]  ? __pfx_generic_fadvise+0x10/0x10
[  830.394042][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  830.399969][   T30]  ? __fget_files+0x3f6/0x470
[  830.404822][   T30]  ? __fget_files+0x29/0x470
[  830.409461][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  830.415218][   T30]  __x64_sys_fadvise64+0x145/0x190
[  830.420472][   T30]  do_syscall_64+0xf3/0x230
[  830.425019][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  830.431015][   T30] RIP: 0033:0x7f8f8f97cef9
[  830.435456][   T30] RSP: 002b:00007f8f9071a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000dd
[  830.445230][   T30] RAX: ffffffffffffffda RBX: 00007f8f8fb35f80 RCX: 00007f8f8f97cef9
[  830.457649][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  830.465803][   T30] RBP: 00007f8f8f9ef01e R08: 0000000000000000 R09: 0000000000000000
[  830.473849][   T30] R10: 0000000000000003 R11: 0000000000000246 R12: 0000000000000000
[  830.481973][   T30] R13: 0000000000000000 R14: 00007f8f8fb35f80 R15: 00007fff14ca0218
[  830.489985][   T30]  </TASK>
[  830.587554][   T30] 
[  830.587554][   T30] Showing all locks held in the system:
[  830.620442][   T30] 1 lock held by khungtaskd/30:
[  830.641698][   T30]  #0: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  830.671632][   T30] 3 locks held by kworker/u8:5/178:
[  830.676925][   T30] 4 locks held by acpid/4666:
[  830.682525][   T30]  #0: ffff88803e71c158 (&joydev->mutex){+.+.}-{3:3}, at: joydev_open+0x221/0x940
[  830.691996][   T30]  #1: ffff88809fb662c0 (&dev->mutex#2){+.+.}-{3:3}, at: input_open_device+0x52/0x2e0
[  830.702310][   T30]  #2: ffff8880b8928948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x441/0x770
[  830.714536][   T30]  #3: ffffffff8e614688 (rename_lock.seqcount){+.+.}-{0:0}, at: prepend_path+0x2d6/0xbe0
[  830.743399][   T30] 2 locks held by getty/4989:
[  830.748162][   T30]  #0: ffff888034d4a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  830.758348][   T30]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00
[  830.769974][   T30] 8 locks held by kworker/0:5/5300:
[  830.775248][   T30]  #0: ffff88801e2a7148 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[  830.786924][   T30]  #1: ffffc90004127d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[  830.804661][   T30]  #2: ffff888029775190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150
[  830.815561][   T30]  #3: ffff88801b322190 (&dev->mutex){....}-{3:3}, at: usb_disconnect+0x103/0x950
[  830.829802][   T30]  #4: ffff888022eb6160 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0
[  830.850388][   T30]  #5: ffff88803157da20 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0
[  830.868319][   T30]  #6: ffffffff8f712b68 (input_mutex){+.+.}-{3:3}, at: __input_unregister_device+0x2f3/0x620
[  830.878624][   T30]  #7: ffffffff8e93d6f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  830.889819][   T30] 1 lock held by syz.2.3648/15664:
[  830.895000][   T30]  #0: ffff88805c2b4330 (mapping.invalidate_lock#6){.+.+}-{3:3}, at: page_cache_ra_unbounded+0xf7/0x7f0
[  830.906392][   T30] 
[  830.908734][   T30] =============================================
[  830.908734][   T30] 
[  830.927352][   T30] NMI backtrace for cpu 1
[  830.931712][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc6-syzkaller-00070-gc763c4339688 #0
[  830.942221][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  830.952278][   T30] Call Trace:
[  830.955565][   T30]  <TASK>
[  830.958499][   T30]  dump_stack_lvl+0x241/0x360
[  830.963270][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  830.968481][   T30]  ? __pfx__printk+0x10/0x10
[  830.973090][   T30]  ? vprintk_emit+0x667/0x7c0
[  830.977793][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[  830.982847][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  830.987818][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  830.993287][   T30]  ? _printk+0xd5/0x120
[  830.997464][   T30]  ? __pfx__printk+0x10/0x10
[  831.002076][   T30]  ? __wake_up_klogd+0xcc/0x110
[  831.006953][   T30]  ? __pfx__printk+0x10/0x10
[  831.011555][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  831.017195][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  831.022231][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  831.028754][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  831.034750][   T30]  watchdog+0xff4/0x1040
[  831.039012][   T30]  ? watchdog+0x1ea/0x1040
[  831.043454][   T30]  ? __pfx_watchdog+0x10/0x10
[  831.048147][   T30]  kthread+0x2f2/0x390
[  831.052220][   T30]  ? __pfx_watchdog+0x10/0x10
[  831.056913][   T30]  ? __pfx_kthread+0x10/0x10
[  831.061511][   T30]  ret_from_fork+0x4d/0x80
[  831.065943][   T30]  ? __pfx_kthread+0x10/0x10
[  831.070543][   T30]  ret_from_fork_asm+0x1a/0x30
[  831.075349][   T30]  </TASK>
[  831.079432][   T30] Sending NMI from CPU 1 to CPUs 0:
[  831.085507][    C0] NMI backtrace for cpu 0
[  831.085521][    C0] CPU: 0 UID: 0 PID: 35 Comm: kworker/u8:2 Not tainted 6.11.0-rc6-syzkaller-00070-gc763c4339688 #0
[  831.085547][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  831.085561][    C0] Workqueue: bat_events batadv_nc_worker
[  831.085598][    C0] RIP: 0010:lock_acquire+0x5/0x550
[  831.085633][    C0] Code: a9 00 ff ff 00 0f 95 c0 e9 f3 74 80 0a 0f 1f 84 00 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 55 <48> 89 e5 41 57 41 56 41 55 41 54 53 48 83 e4 e0 48 81 ec 20 01 00
[  831.085653][    C0] RSP: 0018:ffffc90000ab7b40 EFLAGS: 00000246
[  831.085672][    C0] RAX: ffffffff8b83cd0b RBX: ffff88807f667500 RCX: 0000000000000002
[  831.085689][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: ffffffff8e938320
[  831.085705][    C0] RBP: ffff88807f1995a8 R08: 0000000000000000 R09: 0000000000000000
[  831.085721][    C0] R10: dffffc0000000000 R11: fffffbfff2030df6 R12: ffff888058b3ccc0
[  831.085739][    C0] R13: 00000000000002b5 R14: ffff88807f667500 R15: dffffc0000000000
[  831.085760][    C0] FS:  0000000000000000(0000) GS:ffff8880b8800000(0000) knlGS:0000000000000000
[  831.085779][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  831.085802][    C0] CR2: 000055d87634b958 CR3: 000000000e734000 CR4: 0000000000350ef0
[  831.085821][    C0] Call Trace:
[  831.085830][    C0]  <NMI>
[  831.085839][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  831.085871][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  831.085906][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  831.085936][    C0]  ? nmi_handle+0x2a/0x5a0
[  831.085972][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  831.086002][    C0]  ? nmi_handle+0x151/0x5a0
[  831.086025][    C0]  ? nmi_handle+0x2a/0x5a0
[  831.086049][    C0]  ? lock_acquire+0x5/0x550
[  831.086080][    C0]  ? default_do_nmi+0x63/0x160
[  831.086113][    C0]  ? exc_nmi+0x123/0x1f0
[  831.086143][    C0]  ? end_repeat_nmi+0xf/0x53
[  831.086181][    C0]  ? batadv_nc_worker+0xcb/0x610
[  831.086216][    C0]  ? lock_acquire+0x5/0x550
[  831.086248][    C0]  ? lock_acquire+0x5/0x550
[  831.086282][    C0]  ? lock_acquire+0x5/0x550
[  831.086314][    C0]  </NMI>
[  831.086322][    C0]  <TASK>
[  831.086330][    C0]  batadv_nc_worker+0xec/0x610
[  831.086364][    C0]  ? batadv_nc_worker+0xcb/0x610
[  831.086397][    C0]  ? batadv_nc_worker+0xcb/0x610
[  831.086434][    C0]  ? process_scheduled_works+0x945/0x1830
[  831.086465][    C0]  process_scheduled_works+0xa2e/0x1830
[  831.086520][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  831.086559][    C0]  ? assign_work+0x364/0x3d0
[  831.086594][    C0]  worker_thread+0x86d/0xd10
[  831.086633][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  831.086674][    C0]  ? __kthread_parkme+0x169/0x1d0
[  831.086710][    C0]  ? __pfx_worker_thread+0x10/0x10
[  831.086742][    C0]  kthread+0x2f2/0x390
[  831.086763][    C0]  ? __pfx_worker_thread+0x10/0x10
[  831.086798][    C0]  ? __pfx_kthread+0x10/0x10
[  831.086821][    C0]  ret_from_fork+0x4d/0x80
[  831.086853][    C0]  ? __pfx_kthread+0x10/0x10
[  831.086875][    C0]  ret_from_fork_asm+0x1a/0x30
[  831.086920][    C0]  </TASK>
[  831.389445][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  831.396327][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc6-syzkaller-00070-gc763c4339688 #0
[  831.406850][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[  831.416933][   T30] Call Trace:
[  831.420224][   T30]  <TASK>
[  831.423164][   T30]  dump_stack_lvl+0x241/0x360
[  831.427861][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  831.433065][   T30]  ? __pfx__printk+0x10/0x10
[  831.437659][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  831.443659][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  831.449310][   T30]  ? vscnprintf+0x5d/0x90
[  831.453653][   T30]  panic+0x349/0x860
[  831.457552][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  831.463203][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  831.469371][   T30]  ? __pfx_panic+0x10/0x10
[  831.473796][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  831.479181][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  831.484845][   T30]  ? __irq_work_queue_local+0x137/0x410
[  831.490418][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  831.496074][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  831.501457][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  831.507622][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  831.514052][   T30]  ? srso_alias_return_thunk+0x5/0xfbef5
[  831.519697][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  831.525867][   T30]  watchdog+0x1033/0x1040
[  831.530219][   T30]  ? watchdog+0x1ea/0x1040
[  831.534655][   T30]  ? __pfx_watchdog+0x10/0x10
[  831.539345][   T30]  kthread+0x2f2/0x390
[  831.543421][   T30]  ? __pfx_watchdog+0x10/0x10
[  831.548124][   T30]  ? __pfx_kthread+0x10/0x10
[  831.552724][   T30]  ret_from_fork+0x4d/0x80
[  831.557157][   T30]  ? __pfx_kthread+0x10/0x10
[  831.561756][   T30]  ret_from_fork_asm+0x1a/0x30
[  831.566558][   T30]  </TASK>
[  831.569791][   T30] Kernel Offset: disabled
[  831.574110][   T30] Rebooting in 86400 seconds..