last executing test programs:

22m0.679051111s ago: executing program 32 (id=3130):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x14, 0xc, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000300)={0x1, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000040)={0x32b, @tick=0x440, 0xff, {}, 0x0, 0x0, 0x4b})

16m41.099496334s ago: executing program 33 (id=5220):
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f00000000c0)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r0, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000004000/0x4000)=nil)

16m40.692071082s ago: executing program 34 (id=5219):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x1100, 0x1})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
dup3(r1, r0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000480)={0x8, 0x0, &(0x7f0000000200)=[@acquire], 0x0, 0x0, 0x0})

16m40.405484785s ago: executing program 35 (id=5215):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = dup(r1)
r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f0000000240)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}})
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000005c0)={0x1, @pix_mp={0x3fe, 0x1000fff, 0x35314152, 0x8, 0x8, [{0x8, 0xf}, {0x8, 0xa}, {0xe, 0x8}, {0x5, 0x9}, {0x2, 0x3}, {0x5, 0x9}, {0x6, 0xc}, {0x10001, 0x1800000}], 0x0, 0xd, 0x2, 0x3078182a3427730f, 0x1}})

16m39.849948644s ago: executing program 36 (id=5207):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'veth1_macvtap\x00', <r2=>0x0})
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000180)=ANY=[@ANYBLOB="700000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006d616373656300000400028008000500", @ANYRES32=r2], 0x70}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r2, {0x1, 0x6}, {0x7}, {0x3}}}, 0x24}}, 0x0)

16m39.421127524s ago: executing program 37 (id=5218):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c001a800800028008000200080000003e"], 0x44}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=ANY=[], 0xa0}}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0xfff0)

15m28.017139192s ago: executing program 38 (id=5233):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=@newlink={0x44, 0x10, 0xffffffffffffffff, 0x70bd27, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0xc6da5938055fb7fd, 0x20005}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvtap={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x2054)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f0000000b00)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r3}, 0x18)

13m53.156183592s ago: executing program 39 (id=5256):
munmap(&(0x7f0000c00000/0x400000)=nil, 0x400000)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x5, 0x1, 0x0, 0x2000, &(0x7f0000fe5000/0x2000)=nil})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)={0x1, 0x0, [{0x4b564d03, 0x0, 0x1}]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

12m54.912771239s ago: executing program 6 (id=5617):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = socket$igmp6(0xa, 0x3, 0x2)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r2, 0x8983, &(0x7f0000000300)={0x0, 'syzkaller1\x00'})
r3 = dup(r1)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
write$tun(r0, &(0x7f0000000340)={@void, @void, @eth={@remote, @multicast, @val={@val={0x88a8, 0x0, 0x0, 0x4}, {0x8100, 0x0, 0x0, 0x28}}, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x1, 0x3d, 0x28, 0x68, 0x0, 0xaa, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x31}, @dev={0xac, 0x14, 0x14, 0x14}}, {{0x4e23, 0x4e24, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x1, 0x9, 0x0, 0x76}}}}}}}, 0x3e)

12m53.20015049s ago: executing program 6 (id=5621):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x8, 0x94, 0x7fff0000}]})
close_range(r0, 0xffffffffffffffff, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @hyper}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
unshare(0x2000600)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1f, &(0x7f0000000000)=[0xffffffffffffffff], 0x1)

12m52.948102594s ago: executing program 6 (id=5622):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)={0x24, r3, 0x1, 0x50bd26, 0x25dfdbf8, {{}, {@val={0x8, 0x1, 0x4f}, @val={0x8, 0x3, r2}, @void}}}, 0x24}, 0x1, 0x0, 0x0, 0x4}, 0x24008004)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000003840), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_REGISTER_BEACONS(r1, &(0x7f0000003900)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)={0x28, r4, 0x1, 0x0, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r5}, @val={0xc, 0x99, {0x8, 0x4}}}}}, 0x28}, 0x1, 0x0, 0x0, 0x20000014}, 0x2404c088)

12m52.778312224s ago: executing program 6 (id=5623):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000480)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x12c5008, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x28a5291, 0x0)
pread64(r0, &(0x7f0000000200)=""/4098, 0x1002, 0xd37)

12m52.545968541s ago: executing program 6 (id=5625):
unshare(0x22020600)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001400)=[{&(0x7f0000000080)="3bfdd75fa5717852d59a9367444a", 0xe}], 0x1}, 0x84)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x4})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})

12m50.159775681s ago: executing program 6 (id=5632):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x14, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000010000000000000080000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000850000007d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000092c58500000086000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x9, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000140)='tlb_flush\x00', r2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

12m49.717885889s ago: executing program 40 (id=5632):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0x14, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000010000000000000080000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000850000007d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000092c58500000086000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x9, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000900)={&(0x7f0000000140)='tlb_flush\x00', r2}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r3}, 0x10)
mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2)

10m41.597318665s ago: executing program 1 (id=6632):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r2, &(0x7f0000000100)={0x20000014})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000000)={0xa0000001})
ppoll(&(0x7f0000000200)=[{r3, 0x1}], 0x1, 0x0, 0x0, 0x3)
epoll_wait(r3, &(0x7f0000000140)=[{}], 0x1, 0xffffffff)

10m36.992291381s ago: executing program 1 (id=6657):
r0 = gettid()
timer_create(0x0, &(0x7f0000000180)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
syz_usb_connect(0x0, 0x2a9, 0x0, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
pwrite64(r3, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

10m35.146963308s ago: executing program 1 (id=6678):
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getpgrp(0xffffffffffffffff)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000600), 0x2, 0x141102)
writev(r0, 0x0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000001300)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000400)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="05a300000000000000000d00000008000300", @ANYRES32=r3, @ANYBLOB], 0x1c}}, 0x10000000)

10m34.863785716s ago: executing program 1 (id=6685):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd2(0xe5c, 0x80000)
r3 = eventfd2(0x4001, 0x800)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000100)={r2, 0x7, 0x2, r3})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x5, 0x82, 0x4, 0x1, 0xc5, 0x9, 0xb3, 0x77, 0x6, 0x9, 0x5, 0x81, 0x8, 0xff, 0x1, 0xec}})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000003c0)={[0x35, 0xe, 0x4, 0x1, 0x2, 0x1000, 0xf1, 0x0, 0x7fffffffffffb, 0x1, 0x1, 0x40001, 0x0, 0xc12, 0x1, 0xbde], 0x1000, 0x3d4316})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

10m34.79765817s ago: executing program 9 (id=6686):
syz_open_dev$cec(0x0, 0xffffffffffffffff, 0xc0c00)
syz_open_dev$video4linux(&(0x7f0000000080), 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socket$kcm(0x2, 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000100)="4c000000150097f87059ae08060c040002ff0f020000000000000187ac1414aaa69d35a2cca84708f7abca1bac1414aabd7c493872f750375ed08a560400000003c48f93b82a03000000461e", 0x4c}], 0x1}, 0x0)
r1 = syz_open_dev$cec(&(0x7f0000000000), 0xffffffffffffffff, 0xc0c00)
ioctl$IOC_PR_PREEMPT(r1, 0x40046109, &(0x7f0000000040)={0xd0, 0xfffffffffffffffe})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r2, 0xffffffffffffffff, 0x0)

10m34.530426699s ago: executing program 9 (id=6688):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x7f, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xffffffff}, 0x20)
listen(r0, 0x2)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x7f, @ipv4={'\x00', '\xff\xff', @multicast1}, 0xffffffff}, 0x20)
listen(r1, 0x2)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000040)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0637bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd000000100001000c081000418e224e0004fcff", 0x58}], 0x1)

10m34.23522979s ago: executing program 1 (id=6691):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x300)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='tmpfs\x00', 0x0, 0x0)
creat(&(0x7f0000000440)='./file0/file0\x00', 0x188)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x2}}, './file0\x00'})

10m34.026067705s ago: executing program 9 (id=6692):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x10c5408, 0x0)
pipe2(&(0x7f0000000040), 0x800)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='blkio.bfq.sectors_recursive\x00', 0x275a, 0x0)
setuid(0xee01)
ioctl$FS_IOC_RESVSP(r0, 0xc0189436, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x2, 0x3})

10m33.83652481s ago: executing program 1 (id=6695):
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='ntfs3\x00', 0x1000080, 0x0)

10m33.777337504s ago: executing program 9 (id=6696):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
unshare(0x22020600)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x23e9c9e, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x28a5291, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x8020000)

10m33.480751508s ago: executing program 9 (id=6702):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r3, &(0x7f0000001d80)='.\x00', 0x8000, &(0x7f0000001dc0)={0xb, 0x0, 0x80000}, 0x20)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000580)=@ipv4_newroute={0x38, 0x18, 0x35f32a6dfa748ddd, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x3}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_VXLAN={0xc, 0x2, 0x0, 0x1, @LWTUNNEL_IP_OPT_VXLAN_GBP={0x8}}}}]}, 0x38}}, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_emit_vhci(&(0x7f0000000080)=@HCI_EVENT_PKT={0x4, @hci_ev_key_refresh_complete={{0x30, 0x3}, {0x0, 0xc9}}}, 0x6)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'netdevsim0\x00', &(0x7f00000002c0)=@ethtool_sfeatures={0x33, 0x1, [{0xfe, 0x80000000}]}})

10m31.797181531s ago: executing program 9 (id=6712):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r4, 0x1}, 0xc)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000080)={r5, 0x8004}, 0x8)
getsockopt$bt_hci(r1, 0x84, 0x7f, &(0x7f0000000080)=""/4057, &(0x7f0000000000)=0xfd9)

10m31.403593911s ago: executing program 41 (id=6712):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x11, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70500000800000085000000a700000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r4, 0x1}, 0xc)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000080)={r5, 0x8004}, 0x8)
getsockopt$bt_hci(r1, 0x84, 0x7f, &(0x7f0000000080)=""/4057, &(0x7f0000000000)=0xfd9)

10m25.459733008s ago: executing program 4 (id=6780):
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000040)={{{@in6=@private2, @in=@rand_addr=0x64010101, 0x4e22, 0x2000, 0x2, 0xd1e4, 0xa, 0xa0, 0x0, 0xa3}, {0xfffffffffffffffe, 0x0, 0x5, 0x0, 0x0, 0x7, 0x100002000, 0x3}, {0x3, 0xfffffffffffffffc, 0x0, 0xffffffffffff3826}, 0x0, 0x6e6bba, 0x1, 0x0, 0x0, 0x3}, {{@in6=@dev={0xfe, 0x80, '\x00', 0x23}, 0xfffffffd, 0x33}, 0x14, @in=@multicast1, 0xfffffffd, 0x4, 0x0, 0x0, 0x3, 0x7, 0xfffffffe}}, 0xe8)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000140)=0xffffffff, 0x4)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0xc, &(0x7f0000000180)=0x40000000, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

10m25.3332314s ago: executing program 4 (id=6783):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_INC(r0, 0x40045701, &(0x7f0000000040)=0x9)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x4, <r3=>r1})
ioctl$DMA_BUF_SET_NAME_A(r3, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x7, 0x7f, 0xa9, 0x4d, 0x6, 0x5f, 0x9, 0x15, 0xffff2d37, 0xff7fff01, 0x6, 0x5, 0x7, 0x5, 0x6, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x5, 0x8, 0x80004c74, 0x10000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x18e, 0x6, 0x6, 0x0, 0x6, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432f6, 0xc8, 0xf1, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x66abcbd2, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x381, 0x4, 0xb, 0x4, 0x9, 0x8, 0x40, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x8000003, 0x3, 0x4000009, 0x6, 0x0, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x3ff, 0x5, 0xfffffffd, 0x100, 0x4, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x9, 0x86, 0x3, 0x303c, 0x3e3, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x200, 0x200, 0x80, 0x3, 0x5, 0x2950bfaf, 0x1000, 0xa2, 0x4, 0xa9, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0xffffffff, 0x5, 0x1c, 0x120000, 0x7ff, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce4, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x2, 0x10000, 0x4, 0x7fff, 0xffff, 0xa620, 0x1, 0x5, 0x1, 0x2000002, 0x150, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x5, 0xc8, 0x1, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9622, 0x7, 0xaf, 0x20000008, 0x5, 0x226, 0x2, 0x5, 0x0, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x530e, 0x6c1b, 0x0, 0x4, 0x5, 0x7ff, 0xd7, 0x200, 0xb, 0xfffffff8]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

10m25.217322242s ago: executing program 4 (id=6785):
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)={0x14, 0x2a, 0x107, 0xfffffffc, 0x0, {0x5, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0x488c4}, 0xc000)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = open$dir(&(0x7f0000000080)='./file0\x00', 0xc402, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000003bc0)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000}, 0x94)
write$P9_RVERSION(r1, &(0x7f0000000c40)=ANY=[], 0x13)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000003c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000280)='./file0\x00', &(0x7f0000000300)=[0x5, 0x7], &(0x7f0000000180), 0x0, 0x2, 0x1}}, 0x40)
mmap$xdp(&(0x7f0000ffd000/0x1000)=nil, 0x1000, 0x2000006, 0x12, r0, 0x200000000000000)

10m24.376485645s ago: executing program 4 (id=6796):
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x10031, 0xffffffffffffffff, 0x65be1000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0)
r2 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)

10m22.34283355s ago: executing program 4 (id=6811):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000280)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x300)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x7}}, './file0\x00'})

10m22.11387359s ago: executing program 4 (id=6814):
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r3, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
write$binfmt_aout(r1, 0x0, 0xffffffdb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)

10m18.727726659s ago: executing program 42 (id=6695):
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f0000000100))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='ntfs3\x00', 0x1000080, 0x0)

10m7.031224508s ago: executing program 43 (id=6814):
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffefffff6, 0x20031, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = dup(r0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x13, r3, 0x2000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
write$binfmt_aout(r1, 0x0, 0xffffffdb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x9)

3m36.133283005s ago: executing program 5 (id=11988):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'netdevsim0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}, @IFLA_MACVLAN_MACADDR_MODE={0x8}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x4c}}, 0x0)

3m35.939760533s ago: executing program 5 (id=11992):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x111, 0x3, 0x1, 0x4)

3m35.816070593s ago: executing program 5 (id=11993):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, 0x0)

3m35.541976364s ago: executing program 5 (id=11997):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x8, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000e00000850000001b000000b700000000fa000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r1, r0}, 0xc)

3m35.428228922s ago: executing program 5 (id=12001):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000080)={0x8})
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)

3m35.26616272s ago: executing program 5 (id=12004):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f00000014c0)=ANY=[@ANYBLOB="050000000000000069113200000000008510000002000000850000000500000095000000000000009500c4050000000077d8f3b423cdac8d80000000000000102be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d756751dfb265a0e3ccae669e173a649c1cfd6587d452d6453559c3421eed73d5661cfe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff050011bbecc2f4e6779af2551ce935b0f327cb3f011a7d0660d1a13ed38ae89d24e1cebfba2f87925bfacba83109751fe6c0541cd027edd68149ee99eebc677d6dd4aed4af7500d7900a63278f4e92895614cd50cbe43a1ed2526814bcf11887d8dc91dd6f469f9740bf3a73b100000000000009d27d753a3066a096e9e086cea20e0000b6670c3df2660900000000000000447c106a08893ed20fa7a050fbbef9e326e827e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada127414d0b2877ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000000000000000000000000000000000000000000000000000000000000000000005233226ee7b4de17ff24000c52f4ebf1c893bb97734a83584898eccb26f3b789cfc4cd985fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4e48f35530a0af4aac9d07713f05de969c38331973d55a17690b6f7f9ccbe44b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cfde6c25a3836978d2efa286a87f7a32417f1b825a16857aa54a859989d893ad4bf9180ca85ed3ee19843e13f642af0c90f8fca010812ccb3758ec9afe9f8db501b4061f60f06e8410c96edd9701a64657d5b3983c4ac41b154eebfe64d2c2ef1816cb11565679eb6640b32a49fd991811dfb258713624a757a6cc4fff48a27dab16ebbd8405a1abd85e0e946b9fe8e1dfa80eddb3ed496aa46b5eea7c7119f09e2d9d48a1d7367611d7c68cd1cd02074d6e38074230417d2d4424de5897bd110e6294bcfe98000bfa6e9919b956fa369d5e652e6cbe58d52990e65c6b7aac9553ca7d273d7a43e536be2f212f8788c2d1b3929f466c1ef408b2a8e71029a65f2a2f21f710acfd1b9f9ce56114a69e6f9e2861a8a56d9d604a56e2dbcd2fbe9cb4db180a145785f94b27a380dffa612eee33056cd0824374f1bf2f89de1bb4fa70d6c8000000001342faa8040807c0276b5ac9647e7491c1e21cd5bfdce4ddcc1b7f50a4a51d87fb0000000000000000000000000050b5d4375adcef4b0365e0a910a1d3ff536f18efaa6d163fbeb8c92072153d8d10f30884b8b15bf441a42935eaaef2d9a277a83fb74c00a041d97fb2f23223cc784be3f11f9992225ab0edbe92b25c5c41905583108a4b68984338a916d3ea05ecca45f99beecf56341075ed4387159b563501166f7a8abcbcd38c5852ef7f624ca8a2f91a17304a92919f66bc72534c0e197679796a667d987abea7a09d263988539b0d89bef76cac0f3d3ea4a139e108a4bdc148695a7518e425dba2b8acaa1ef7c736c88cea7c93bbc366ec3d8a5897a5e40442772784ffe1808e6335edb6fe1125c548698fcd02c74945ab7dffa618ff39fb89b633b74b5572d41dbac30051f5b263ed9a5a590d45c6eb37a059f9117a9923b4f8e78bba39b6801d2a57bea49bfe546c765d8a52a6bec46a26c022f7508ddd6c7e6161ba51408ba085fb506fd53173d1bf33d3a633568888bfc657f524a156dd54bcb16355c9a4200a7afcadff35f7e97ce8f63aa4f5686dbfab1d13128cde60a40a5721b281ee2d8f4e81c2673e159dd4d8cc11211865a9063b85dab4dc66898ff30b1116aed68403133e79abfbb29cdda78328755c282ff47ce9cbbae753da77a38a5b931cee09c8ebf7974862266f6ee2c3e19833869ba4ef05a99d851aa52d721ee9166e11e50da5ca162823d0c8f89cadac1b1d8bf9134408383104f4a20279fc249b1bfdab79878013773945056304a93179d0d3d6425eede4762b417c1ee8029af2d0b81f6aa2df229dcdaca1e97b184e267690ddd5b90999ef19b5b41d72afdd704c926d9c4a72f2886f73a9e71e5df7403ef6d965e60c938b856edfab81af093f650341de767e3b53fd000000002f764fd240d9fb6eaf864db2b58069eded19fcc4a229c72ee14d424f3d388e3c9d5af2e49f374f7915ee31a3e6c5a0ecfc4e8468d0f2955726d30eedaafc0a251335961796c1e9c2d674509c9eb1062cbe6f68a0323330edbd5224ad7b003e91d8b89e2552cb35c39d2b81addf19be15f455d592dc67f8eb0c631ca7b24d972f5fbb462367738832b7b19663f8cc2ca56e49bad4bd791a8277dfe2261265679b383ab4455fcd02d4686c4fa30d05a53b8e3a228947a16e9329bc9ce25659ad305b1f849128a573aa6fc639de8245067893278df9e1e60a5acdfea4d60415a1beafc4476bd5eaf3d55f05279b63fff168419ad0415bcc3c94f36a9ad19c8bad110eae5dac5bbd9ff33a2e0fb32b9ed37f6193fccb131d45e244479cb123140e0a3ddc39b5546f1e9534133894d95b5de60dbbbcd2936a56a8d42c275385319d11ad49ffd786d187c63a1b2f32d216655ab774d07092044fa526bbd9e7d810421d186e985edcdcd39ec406fb21f94abe57fbdd63d223778a0fd81c17ac2249eb17f1b6e81688e205b657140a77519bcc5f5e7934b724b6f80d065eaa55d017f5b4900c038cd9adbf0ed8e2b05ee372be51147728438c9f980f38293cbb470f722a2b303f9f5ca59ec778733b77a07c97f700000000200000007649cc4b6ab82e9d1cd2e0834b05b51679d5081504038ca0ef0ff01dc554548f86cd1e3eeaee4564f9345d1112ae364ed7ad4511a82fb82b0e9569ca901337058c534f891bcdc81f8756306f9223f5560000000000000000000000000000dae4f25530803f1d21b41f57b89084010334a66351d546380d71fc788a732aec27bbb888f1aee49ab7d418489d5caff0560ef4398cc005c49642366d7004a10093bf46c4d953ae9f13508e42df39e3082511f336a49423a6dfe3861cb476f7c6e0bf65b853ee2a913462ffc50fde069ae009663be77de752f2e5de736d101811d0e876d4de9485b91fd2e3950357c71766a2d663c4869ebd7c60c5aa92f44aae89cf5e4b2da7d372cb9fc486271379207f4a70d41b64d304b71fbf56a0007e2bb2807b2dcd36ad55c115d5e551dd7782f2ae7b7eebd975ce65504ea4897292fd44ae7b1262404276a5c689a8baec8148e39677719309ac73dee5679b9c49286919381caec61bed27b428cb4c861980c15637d667010b88b7fc0cd945f3d9f871e87c0d92da12e46ee2456b42fedfd4f0a4000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6}, 0x70)
unshare(0x600)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d00)={r0, 0xe800, 0x0}, 0x10)

3m20.128372694s ago: executing program 44 (id=12004):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x3, 0x6, &(0x7f00000014c0)=ANY=[@ANYBLOB="050000000000000069113200000000008510000002000000850000000500000095000000000000009500c4050000000077d8f3b423cdac8d80000000000000102be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d756751dfb265a0e3ccae669e173a649c1cfd6587d452d6453559c3421eed73d5661cfe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff050011bbecc2f4e6779af2551ce935b0f327cb3f011a7d0660d1a13ed38ae89d24e1cebfba2f87925bfacba83109751fe6c0541cd027edd68149ee99eebc677d6dd4aed4af7500d7900a63278f4e92895614cd50cbe43a1ed2526814bcf11887d8dc91dd6f469f9740bf3a73b100000000000009d27d753a3066a096e9e086cea20e0000b6670c3df2660900000000000000447c106a08893ed20fa7a050fbbef9e326e827e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada127414d0b2877ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000000000000000000000000000000000000000000000000000000000000000000005233226ee7b4de17ff24000c52f4ebf1c893bb97734a83584898eccb26f3b789cfc4cd985fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4e48f35530a0af4aac9d07713f05de969c38331973d55a17690b6f7f9ccbe44b138efc20a546d3d5227e23b03f2a834391ad24fe7d9b20cfde6c25a3836978d2efa286a87f7a32417f1b825a16857aa54a859989d893ad4bf9180ca85ed3ee19843e13f642af0c90f8fca010812ccb3758ec9afe9f8db501b4061f60f06e8410c96edd9701a64657d5b3983c4ac41b154eebfe64d2c2ef1816cb11565679eb6640b32a49fd991811dfb258713624a757a6cc4fff48a27dab16ebbd8405a1abd85e0e946b9fe8e1dfa80eddb3ed496aa46b5eea7c7119f09e2d9d48a1d7367611d7c68cd1cd02074d6e38074230417d2d4424de5897bd110e6294bcfe98000bfa6e9919b956fa369d5e652e6cbe58d52990e65c6b7aac9553ca7d273d7a43e536be2f212f8788c2d1b3929f466c1ef408b2a8e71029a65f2a2f21f710acfd1b9f9ce56114a69e6f9e2861a8a56d9d604a56e2dbcd2fbe9cb4db180a145785f94b27a380dffa612eee33056cd0824374f1bf2f89de1bb4fa70d6c8000000001342faa8040807c0276b5ac9647e7491c1e21cd5bfdce4ddcc1b7f50a4a51d87fb0000000000000000000000000050b5d4375adcef4b0365e0a910a1d3ff536f18efaa6d163fbeb8c92072153d8d10f30884b8b15bf441a42935eaaef2d9a277a83fb74c00a041d97fb2f23223cc784be3f11f9992225ab0edbe92b25c5c41905583108a4b68984338a916d3ea05ecca45f99beecf56341075ed4387159b563501166f7a8abcbcd38c5852ef7f624ca8a2f91a17304a92919f66bc72534c0e197679796a667d987abea7a09d263988539b0d89bef76cac0f3d3ea4a139e108a4bdc148695a7518e425dba2b8acaa1ef7c736c88cea7c93bbc366ec3d8a5897a5e40442772784ffe1808e6335edb6fe1125c548698fcd02c74945ab7dffa618ff39fb89b633b74b5572d41dbac30051f5b263ed9a5a590d45c6eb37a059f9117a9923b4f8e78bba39b6801d2a57bea49bfe546c765d8a52a6bec46a26c022f7508ddd6c7e6161ba51408ba085fb506fd53173d1bf33d3a633568888bfc657f524a156dd54bcb16355c9a4200a7afcadff35f7e97ce8f63aa4f5686dbfab1d13128cde60a40a5721b281ee2d8f4e81c2673e159dd4d8cc11211865a9063b85dab4dc66898ff30b1116aed68403133e79abfbb29cdda78328755c282ff47ce9cbbae753da77a38a5b931cee09c8ebf7974862266f6ee2c3e19833869ba4ef05a99d851aa52d721ee9166e11e50da5ca162823d0c8f89cadac1b1d8bf9134408383104f4a20279fc249b1bfdab79878013773945056304a93179d0d3d6425eede4762b417c1ee8029af2d0b81f6aa2df229dcdaca1e97b184e267690ddd5b90999ef19b5b41d72afdd704c926d9c4a72f2886f73a9e71e5df7403ef6d965e60c938b856edfab81af093f650341de767e3b53fd000000002f764fd240d9fb6eaf864db2b58069eded19fcc4a229c72ee14d424f3d388e3c9d5af2e49f374f7915ee31a3e6c5a0ecfc4e8468d0f2955726d30eedaafc0a251335961796c1e9c2d674509c9eb1062cbe6f68a0323330edbd5224ad7b003e91d8b89e2552cb35c39d2b81addf19be15f455d592dc67f8eb0c631ca7b24d972f5fbb462367738832b7b19663f8cc2ca56e49bad4bd791a8277dfe2261265679b383ab4455fcd02d4686c4fa30d05a53b8e3a228947a16e9329bc9ce25659ad305b1f849128a573aa6fc639de8245067893278df9e1e60a5acdfea4d60415a1beafc4476bd5eaf3d55f05279b63fff168419ad0415bcc3c94f36a9ad19c8bad110eae5dac5bbd9ff33a2e0fb32b9ed37f6193fccb131d45e244479cb123140e0a3ddc39b5546f1e9534133894d95b5de60dbbbcd2936a56a8d42c275385319d11ad49ffd786d187c63a1b2f32d216655ab774d07092044fa526bbd9e7d810421d186e985edcdcd39ec406fb21f94abe57fbdd63d223778a0fd81c17ac2249eb17f1b6e81688e205b657140a77519bcc5f5e7934b724b6f80d065eaa55d017f5b4900c038cd9adbf0ed8e2b05ee372be51147728438c9f980f38293cbb470f722a2b303f9f5ca59ec778733b77a07c97f700000000200000007649cc4b6ab82e9d1cd2e0834b05b51679d5081504038ca0ef0ff01dc554548f86cd1e3eeaee4564f9345d1112ae364ed7ad4511a82fb82b0e9569ca901337058c534f891bcdc81f8756306f9223f5560000000000000000000000000000dae4f25530803f1d21b41f57b89084010334a66351d546380d71fc788a732aec27bbb888f1aee49ab7d418489d5caff0560ef4398cc005c49642366d7004a10093bf46c4d953ae9f13508e42df39e3082511f336a49423a6dfe3861cb476f7c6e0bf65b853ee2a913462ffc50fde069ae009663be77de752f2e5de736d101811d0e876d4de9485b91fd2e3950357c71766a2d663c4869ebd7c60c5aa92f44aae89cf5e4b2da7d372cb9fc486271379207f4a70d41b64d304b71fbf56a0007e2bb2807b2dcd36ad55c115d5e551dd7782f2ae7b7eebd975ce65504ea4897292fd44ae7b1262404276a5c689a8baec8148e39677719309ac73dee5679b9c49286919381caec61bed27b428cb4c861980c15637d667010b88b7fc0cd945f3d9f871e87c0d92da12e46ee2456b42fedfd4f0a4000000000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x6}, 0x70)
unshare(0x600)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d00)={r0, 0xe800, 0x0}, 0x10)

29.282309468s ago: executing program 3 (id=15245):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x26, &(0x7f00000006c0)={0x0, 0x0, 0xac1d})
fcntl$lock(r0, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x7})
fcntl$lock(r0, 0x5, &(0x7f00000000c0)={0x0, 0x0, 0x9, 0x1})

29.118930381s ago: executing program 3 (id=15250):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, 0x0, 0x0, 0x2, 0x0)
socket$kcm(0x29, 0x5, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000240)='net/kcm\x00')
preadv(r4, 0x0, 0x0, 0x185, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$swradio(0x0, 0x1, 0x2)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
read$FUSE(r4, &(0x7f0000001380)={0x2020}, 0x2020)

27.994365321s ago: executing program 3 (id=15270):
r0 = syz_open_dev$loop(&(0x7f0000000240), 0xffffffff7ffffffd, 0x160862)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/pm_freeze_timeout', 0x82802, 0xf)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000080)={r1, 0x0, {0x0, 0x0, 0x0, 0x4, 0x4000000000000ffd, 0x0, 0x0, 0x1e, 0xc, "faf98317e5a1149989fc8dbe43ea6acc96e3a2503dc3bd3fe37d58128bbad0099cebdc25f5ab60c9e6d680f985881a7beda9d69098c8b534464c516bdd8a0f35", "32d8cc26f7061a74df2cfc06c89f3d9e234b30c50997d3bef409ff2176ff7bfe55cd4a5d83cd4a524bd3ffe70c7f3f800b2f7b6aa54cc50a1fcaed1e831fa79a", "715237601a8ca5b07dcc141802c4dacf162e43ac61f7ad330000000000a04100", [0xfffffffffffffce8, 0xa]}})
pwritev(r0, &(0x7f0000000500)=[{&(0x7f0000000380)="9e", 0x1}], 0x1, 0x5, 0xfffffff9)

26.994467323s ago: executing program 3 (id=15282):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x6a855000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
utimensat(0xffffffffffffffff, 0x0, &(0x7f0000000580)={{0x0, 0x3ffffffe}, {0x0, 0x3ffffffe}}, 0x0)

26.875946959s ago: executing program 0 (id=15285):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x0, @dev}, 0x18, 0x0}}], 0x6c00, 0x48)
sendto$inet6(r0, 0x0, 0x0, 0x10, &(0x7f0000000140)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, 0xffffff69}, 0x1c)

26.742650881s ago: executing program 7 (id=15286):
r0 = syz_open_procfs(0x0, &(0x7f0000000100)='comm\x00')
write$binfmt_script(r0, &(0x7f0000000040)={'#! ', './file0', [{0x20, '&\\/%'}]}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='status\x00')
preadv(r1, &(0x7f0000000000)=[{&(0x7f0000000240)=""/135, 0x87}], 0x1, 0x0, 0x0)

26.634925791s ago: executing program 0 (id=15288):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x14, 0x4, 0x8, 0x6, 0x4, 0x1}, 0x50)
r1 = socket$inet6(0xa, 0x80002, 0x0)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @empty}, 0x1c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000340)={r0, &(0x7f0000000280), &(0x7f0000001840)=@udp6=r1}, 0x20)

26.52935745s ago: executing program 7 (id=15289):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000032500000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000850000000f000000bf91000000000000b7020000002000008500000084000000b70000000000000095"], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000180)='sys_enter\x00', r1}, 0x18)
sync()

26.468974378s ago: executing program 0 (id=15290):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18"], 0x0, 0x1}, 0x94)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_mptcp_buf(r0, 0x11c, 0x4, &(0x7f00000000c0)=""/206, &(0x7f0000000080)=0xce)

26.277331367s ago: executing program 0 (id=15294):
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0xf, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000940)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r0, 0xc05064a7, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000008c0)=[0x0], &(0x7f00000190c0), 0x0, 0x1, 0x0, 0x0, r1})

26.038422925s ago: executing program 7 (id=15297):
r0 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000040)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$set_timeout(0xf, r0, 0x4b2)
clock_settime(0x0, &(0x7f0000000240)={0x77359400})
keyctl$restrict_keyring(0xa, r0, &(0x7f0000000300)='asymmetric\x00', &(0x7f0000000000)='id:cb2e')

26.024959847s ago: executing program 0 (id=15298):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='binder\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
lremovexattr(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)=@known='trusted.overlay.metacopy\x00')

25.892027122s ago: executing program 0 (id=15300):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x4, 0x5, &(0x7f0000000240)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x28}, @call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xf, 0x0, &(0x7f0000000040)="e027c2e8680dc3824b4714826c880c", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

25.666554713s ago: executing program 8 (id=15301):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000140)={0x0, 0xdffffffe, 0x80, 0x0, 0x0, "8100e1c8e80b598c36ff000800"})
r1 = syz_open_pts(r0, 0x141601)
write(r1, 0x0, 0x0)

25.665093917s ago: executing program 3 (id=15302):
r0 = io_uring_setup(0x68af, &(0x7f0000000480)={0x0, 0x0, 0x1880, 0x1})
r1 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e22, @empty}}, 0x80, &(0x7f0000000140)=[{&(0x7f0000000ac0)="ee", 0xfffffe5e}], 0x1, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000000040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b57000000860f5878c37ffe36e1165814d435be5b317c6c8189587d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988ab013f40afe403041323110f62055394412158e7a3adb148d641aa40d4ab077fe34232aa8b31851466d0998a61d7da0c86d70000001010"], 0x10b8}, 0x8000)
close_range(r0, 0xffffffffffffffff, 0x0)

25.457249092s ago: executing program 8 (id=15304):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1900000004000000040000000200000000", @ANYRES32=0x1, @ANYRES32=0x0, @ANYRES32], 0x48)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="0003230c1100"})
r0 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="36400000250091"], 0xfe33)

25.305210604s ago: executing program 8 (id=15305):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=@base={0x8, 0x4, 0x4, 0x4}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000025000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000540)='sys_exit\x00', r1}, 0x18)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)

25.1586272s ago: executing program 8 (id=15307):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0xf0b, 0x70bd2b, 0x25dfdc00, {0x60, 0x0, 0x0, 0x0, {0x7, 0x6a9f0eede9332711}, {0xfff3, 0xffff}, {0xfff3, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_OVERHEAD={0x8, 0x6, 0x8f}, @TCA_CAKE_DIFFSERV_MODE={0x8, 0x3, 0x4}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x44045}, 0x10)
mount(0x0, 0x0, &(0x7f0000000140)='tracefs\x00', 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e"], 0x50}}, 0x4000000)

25.007469999s ago: executing program 8 (id=15308):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000001800), 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000040)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

24.886983235s ago: executing program 7 (id=15310):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a003080"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x2500, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0)

24.851193359s ago: executing program 8 (id=15311):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0100, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'\x00', 0x2})
ioctl$TUNSETDEBUG(r0, 0x400454c9, 0xffffffffffffffff)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x17)

24.602964004s ago: executing program 3 (id=15313):
r0 = getpid()
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0xb0)

24.600855696s ago: executing program 7 (id=15323):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000001180)=ANY=[@ANYBLOB="12010000090003206d0414c34000ffff000109022400010400a000090400000103010100093700086ce82201000905815f"], 0x0)
syz_usb_control_io$uac1(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x5, 0x60, 0x6, 0x4, 0x2, 0xffff, 0xb530}}}, 0x0)

24.012656185s ago: executing program 7 (id=15314):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000540)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0xfffffffffffffed9, 0x2, [@TCA_HTB_INIT={0xf}]}}]}, 0x48}}, 0x0)

10.382415619s ago: executing program 45 (id=15300):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={<r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}], 0x18}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x4, 0x5, &(0x7f0000000240)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x28}, @call={0x85, 0x0, 0x0, 0x23}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xf, 0x0, &(0x7f0000000040)="e027c2e8680dc3824b4714826c880c", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

9.720923443s ago: executing program 46 (id=15311):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0xc0100, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'\x00', 0x2})
ioctl$TUNSETDEBUG(r0, 0x400454c9, 0xffffffffffffffff)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x17)

9.412721584s ago: executing program 47 (id=15313):
r0 = getpid()
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RELOAD(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r2, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_NETNS_PID={0x8, 0x8b, r0}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4040010}, 0xb0)

8.859061574s ago: executing program 48 (id=15314):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000540)=@newqdisc={0x48, 0x24, 0xf0b, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0xfffffffffffffed9, 0x2, [@TCA_HTB_INIT={0xf}]}}]}, 0x48}}, 0x0)

287.876963ms ago: executing program 2 (id=15494):
r0 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0xf7fa, 0x3180, 0x8000, 0x1d8}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_UNLINKAT={0x24, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x200})
io_uring_enter(r0, 0x627, 0x4c1, 0x43, 0x0, 0x30)

241.936538ms ago: executing program 2 (id=15495):
syz_open_dev$usbfs(&(0x7f0000000100), 0x205, 0x8401)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000001140)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x4}]})
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x20000000)
close_range(r0, 0xffffffffffffffff, 0x0)

179.844664ms ago: executing program 2 (id=15496):
syz_open_dev$radio(&(0x7f00000000c0), 0x3, 0x2)
io_setup(0x8, &(0x7f0000004200)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f0000000040)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x2}])

71.393855ms ago: executing program 2 (id=15497):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000200)={0x46, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0xc0145b0e, 0x0)

60.13407ms ago: executing program 2 (id=15498):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
recvmsg(r0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x122)
connect$packet(r0, &(0x7f0000000200)={0x1f, 0xf8, 0x0, 0x1, 0x1}, 0x14)
shutdown(r0, 0x1)

0s ago: executing program 2 (id=15499):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000d80)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000002c0)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdfc, {0x0, 0x0, 0x0, r2, {0x7, 0xfff1}, {0xa, 0xffff}, {0xc, 0xffe0}}}, 0x24}, 0x1, 0x0, 0x0, 0x404009c}, 0x4000080)

kernel console output (not intermixed with test programs):

1461.982783][ T5875] usb 4-1: Manufacturer: syz
[ 1461.982800][ T5875] usb 4-1: SerialNumber: syz
[ 1462.035670][ T5875] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1462.050922][T32263] netlink: 84 bytes leftover after parsing attributes in process `syz.5.11590'.
[ 1462.240106][   T10] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1462.681853][   T31] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1462.694210][T28223] usb 6-1: new full-speed USB device number 21 using dummy_hcd
[ 1462.884059][T28223] usb 6-1: config 0 has an invalid interface number: 168 but max is 0
[ 1462.884090][T28223] usb 6-1: config 0 has no interface number 0
[ 1462.884140][T28223] usb 6-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06
[ 1462.884165][T28223] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1462.904002][T28223] usb 6-1: config 0 descriptor??
[ 1462.952631][T32287] netlink: 8 bytes leftover after parsing attributes in process `syz.8.11603'.
[ 1463.148911][T19090] usb 4-1: USB disconnect, device number 34
[ 1463.225967][T17585] Bluetooth: hci3: Malformed LE Event: 0x0d
[ 1463.249174][T28223] usb 6-1: string descriptor 0 read error: -71
[ 1463.273041][T28223] usb-storage 6-1:0.168: USB Mass Storage device detected
[ 1463.293230][T28223] usb-storage 6-1:0.168: Quirks match for vid 05ab pid 0060: 2
[ 1463.416541][T28223] usb 6-1: USB disconnect, device number 21
[ 1463.521715][   T10] usb 4-1: Service connection timeout for: 256
[ 1463.521741][   T10] ath9k_htc 4-1:1.0: ath9k_htc: Unable to initialize HTC services
[ 1463.567585][   T10] ath9k_htc: Failed to initialize the device
[ 1463.591584][T19090] usb 4-1: ath9k_htc: USB layer deinitialized
[ 1463.811834][ T5917] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1464.303635][T32340] hugetlbfs: Bad value 't' for mount option 'size'
[ 1464.303635][T32340] 
[ 1465.049233][T19090] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1465.411840][T28223] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[ 1465.564128][T28223] usb 4-1: Using ep0 maxpacket: 8
[ 1465.567029][T28223] usb 4-1: config 0 interface 0 altsetting 247 endpoint 0x81 has an invalid bInterval 202, changing to 11
[ 1465.567068][T28223] usb 4-1: config 0 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[ 1465.567097][T28223] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1465.567133][T28223] usb 4-1: New USB device found, idVendor=054c, idProduct=09cc, bcdDevice= 0.00
[ 1465.567158][T28223] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1465.581668][T28223] usb 4-1: config 0 descriptor??
[ 1465.955300][T32415] netlink: 104 bytes leftover after parsing attributes in process `syz.5.11660'.
[ 1466.002090][T14035] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1466.052014][T28223] playstation 0003:054C:09CC.002C: hidraw0: USB HID vff.ed Device [HID 054c:09cc] on usb-dummy_hcd.3-1/input0
[ 1466.213896][T28223] playstation 0003:054C:09CC.002C: Failed to retrieve feature with reportID 18: -71
[ 1466.213929][T28223] playstation 0003:054C:09CC.002C: Failed to retrieve DualShock4 pairing info: -71
[ 1466.213981][T28223] playstation 0003:054C:09CC.002C: Failed to get MAC address from DualShock4
[ 1466.213999][T28223] playstation 0003:054C:09CC.002C: Failed to create dualshock4.
[ 1466.262837][T28223] playstation 0003:054C:09CC.002C: probe with driver playstation failed with error -71
[ 1466.286221][ T5917] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1466.286769][T28223] usb 4-1: USB disconnect, device number 35
[ 1467.280776][T32461] netlink: 28 bytes leftover after parsing attributes in process `syz.7.11683'.
[ 1467.280891][T32461] netlink: 7 bytes leftover after parsing attributes in process `syz.7.11683'.
[ 1467.286500][ T3526] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1467.345732][T19090] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1467.372279][ T5917] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1467.523654][   T37] audit: type=1326 audit(1764146447.700:1316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32468 comm="syz.3.11688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d894bf749 code=0x7ffc0000
[ 1467.523715][   T37] audit: type=1326 audit(1764146447.700:1317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32468 comm="syz.3.11688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d894bf749 code=0x7ffc0000
[ 1467.529593][   T37] audit: type=1326 audit(1764146447.700:1318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32468 comm="syz.3.11688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=74 compat=0 ip=0x7f0d894bf749 code=0x7ffc0000
[ 1467.529653][   T37] audit: type=1326 audit(1764146447.700:1319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32468 comm="syz.3.11688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d894bf749 code=0x7ffc0000
[ 1467.529701][   T37] audit: type=1326 audit(1764146447.700:1320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32468 comm="syz.3.11688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d894bf749 code=0x7ffc0000
[ 1469.399691][T32497] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1469.532968][ T5917] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1470.562957][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1471.042132][ T3526] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1471.081909][   T37] audit: type=1326 audit(1764146451.250:1321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=32586 comm="syz.3.11743" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0d894bf749 code=0x0
[ 1471.612411][ T5917] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1471.938684][T32619] netlink: 56 bytes leftover after parsing attributes in process `syz.7.11758'.
[ 1472.119025][T32629] tmpfs: Unknown parameter 'no'
[ 1472.274190][ T5874] kernel read not supported for file /vcsu (pid: 5874 comm: kworker/0:4)
[ 1472.536800][T32655] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11775'.
[ 1472.642215][ T5917] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1472.984612][T32677] netlink: 44 bytes leftover after parsing attributes in process `syz.5.11785'.
[ 1472.984645][T32677] netlink: 43 bytes leftover after parsing attributes in process `syz.5.11785'.
[ 1472.984663][T32677] netlink: 'syz.5.11785': attribute type 6 has an invalid length.
[ 1472.984679][T32677] netlink: 'syz.5.11785': attribute type 5 has an invalid length.
[ 1472.984693][T32677] netlink: 43 bytes leftover after parsing attributes in process `syz.5.11785'.
[ 1473.045589][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1473.671956][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1473.701281][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1474.218931][T17585] Bluetooth: hci3: unexpected event for opcode 0x200b
[ 1474.235822][T32725] netlink: 4 bytes leftover after parsing attributes in process `syz.7.11808'.
[ 1474.402019][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1474.618570][T32738] xt_socket: unknown flags 0xd0
[ 1474.731947][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1474.969813][T19090] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1475.763200][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1475.951791][  T325] netlink: 'syz.8.11841': attribute type 6 has an invalid length.
[ 1475.953350][  T325] netlink: 'syz.8.11841': attribute type 6 has an invalid length.
[ 1476.244214][   T43] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1476.687366][  T366] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11862'.
[ 1476.687398][  T366] netlink: 8 bytes leftover after parsing attributes in process `syz.7.11862'.
[ 1476.802699][T19090] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1477.842309][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1478.125187][   T37] audit: type=1326 audit(1764146458.300:1322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=442 comm="syz.5.11899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42efa4f749 code=0x7ffc0000
[ 1478.129536][   T37] audit: type=1326 audit(1764146458.300:1323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=442 comm="syz.5.11899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42efa4f749 code=0x7ffc0000
[ 1478.129613][   T37] audit: type=1326 audit(1764146458.300:1324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=442 comm="syz.5.11899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f42efa4f749 code=0x7ffc0000
[ 1478.129663][   T37] audit: type=1326 audit(1764146458.300:1325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=442 comm="syz.5.11899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42efa4f749 code=0x7ffc0000
[ 1478.129714][   T37] audit: type=1326 audit(1764146458.300:1326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=442 comm="syz.5.11899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42efa4f749 code=0x7ffc0000
[ 1478.130492][   T37] audit: type=1326 audit(1764146458.300:1327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=442 comm="syz.5.11899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42efa4f749 code=0x7ffc0000
[ 1478.130545][   T37] audit: type=1326 audit(1764146458.300:1328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=442 comm="syz.5.11899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42efa4f749 code=0x7ffc0000
[ 1478.130604][   T37] audit: type=1326 audit(1764146458.300:1329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=442 comm="syz.5.11899" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f42efa4f749 code=0x7ffc0000
[ 1478.802687][ T3526] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1478.879287][   T11] blk_print_req_error: 5 callbacks suppressed
[ 1478.879311][   T11] I/O error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 2
[ 1479.001820][ T5917] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1479.435088][  T506] tipc: Enabling of bearer <udp:s> rejected, failed to enable media
[ 1479.691739][  T520] comedi comedi3: pcl730: I/O port conflict (0x40404f26,4)
[ 1480.141802][T19090] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1480.474433][  T562] 9pnet_fd: Insufficient options for proto=fd
[ 1481.229700][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1481.236039][T28223] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[ 1481.334109][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1481.387401][T19090] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1481.440622][T17585] Bluetooth: hci1: Dropping invalid advertising data
[ 1481.440663][T17585] Bluetooth: hci1: Malformed LE Event: 0x02
[ 1481.462106][T28223] usb 4-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[ 1481.462137][T28223] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1481.462158][T28223] usb 4-1: Product: syz
[ 1481.462173][T28223] usb 4-1: Manufacturer: syz
[ 1481.462190][T28223] usb 4-1: SerialNumber: syz
[ 1481.526401][T28223] usb 4-1: config 0 descriptor??
[ 1481.551174][T28223] i2c-tiny-usb 4-1:0.0: version 6d.cc found at bus 004 address 036
[ 1482.061462][T27338] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1482.065130][   T43] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1482.183555][T28223] i2c i2c-2: failure reading functionality
[ 1482.193291][T28223] i2c i2c-2: connected i2c-tiny-usb device
[ 1482.216707][  T637] hsr0: entered promiscuous mode
[ 1482.217564][  T637] macsec1: entered promiscuous mode
[ 1482.218196][T28223] usb 4-1: USB disconnect, device number 36
[ 1482.371031][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1482.431947][T19090] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1482.462323][  T638] bond0: option min_links: invalid value (18446744073709551613)
[ 1482.462353][  T638] bond0: option min_links: allowed values 0 - 2147483647
[ 1483.110017][  T673] [U] 
[ 1483.110084][  T673] [U] K{�
[ 1483.110615][  T673] [U] �T �1��Š�F���Fˊ�`G�Jǘ�G���������O��/�MC�
[ 1483.143778][  T673] [U] T�ؖ/,�~�Ĝ��J���}8���'O1��"�7-΂JQ�K��W��Q�5C%"�H12��Y������X�`���ȼ`+��(�¿!(���Z'�TXLN�I�G�J����ݭ�P�~�7�!���"ب���(�5�OBܤ�̓J�
[ 1483.144789][  T673] [U] �K\&�}6�6�X�HX��Ե���.`�A�$�40|϶��9��ި����U��4��ĮVBZ��}�W�M�T���Q��ΦR�4��
[ 1483.148974][  T673] [U] ".H6��"�KÇ[����J�4��I�N��[Z(��C|T�]Z{��3�C=��X�Ԟ˅�4�W�)\T�XJ��SH{Q;̹���T��+���G��߮D�.˂�>Y����WUH�FN����HL]S�2���\G%�O�&Z)�К'�PUL�_<�     �ذ�Ү��`ұT��ޜ���;_�"(�U{7J��2X �/�'��C���I����H�C�ճ�V�=��AI�%W�ES� R��J�Μ���G��R��͡HI
���A��6-�D��V�� I"��Nƨ ��ASC~4���8C�*�OO5/ߜJ�~���W�VK+����3��Y)��M���V��YQƽ�DTR�
OTPEM%F��EJ�A5��T_-X~�^AAۂҘ�Q��
[ 1483.184861][  T673] [U]         +�W�G?]��'A:    ��)�
����' B>T���F/��<'�U�'��H�I�.+]E�.�-ɿ߿�%��>2`�^U�8F.�6��3��+�A�«���G3�P��6:�^0��T��V�'E�T����YC�N��Rϩ�N�PJ�;�Z����ۑ8!��\م�A�ʖ2��$е�­WI.��#��/BAI���`��4J��D�Y@�Z��GW�5˿B��ٜ�N�Y"VI2��
[ 1483.201781][  T673] [U] ܾ�4B`˗H�T�_K5�T�YJ���9��C�$BR�L�NUL��9W���|�G�"ʃ�%�ڶ�C�؝���Q��
 ��3��Q��N^HP*��$   �.�7Yӱ�2�
[ 1483.203008][  T673] [U] �?���H��*����3͝7�ɍ�^#Q�"0~���(�O�XL�B�,'V��=���C�S���G�S��0�ւ��`���ه��=1(�ξ��P#�2DO*Ƀ
[ 1483.205722][  T673] [U] �S��G������GU��D-{���|&�����ѐ2��L�C_��!`��OZ֥�B��%>�RѶ�WχݎSS�H"�YA4�O.�Y��ď�RTԶ�B�[+/<<R�B����|ФE���۠�V96#���ͤʦJ�U�%
S851���ҩS�P��\��?Q�|L��QX�0�K�1ORɴ2��|��D�F���ِ��2ޔ���0��H�}C[/����PX^��O
[ 1483.208615][  T673] [U] �؛���(J�Л��M��XZ�;�����؝_����*3�3��5�\�XM��U��AK!AQ`��;FЕ�I+��VUH���M�J��Ʒ��Z�C��Z���)_ǟ�  ԑ�&�֡��A�XTO���_� ڼ�:���%��P���Cֲ�Y�+_�ܛ��}U�M��ƫC�!KJ�7пG��=B�
[ 1483.254226][  T673] [U] ٽ�F�%�XA��L�2R*G��VW��$��J     �A��F����+ؾ9̈́VI�֗�Kپ�1}_��
��%�R6��(]��/��ؐřYܺ��Hä���R G��RN/ܫ�#!�D����%���D��-{�$�VU��T���$:MTR�E�C1V�D~��];[�����SQ����(��E,X�8�"�
��G�D�ڵ2@T8���҃����T8.RC+�@�ʦ�P�U�
P����C���'ńYL�-SS1E?�7�O���^]����C�½H]�JKR]RKQ܆��ݣ޴OTC��X���4�N�  ��&����ڋ��@�:M7�~�+�W*���XM��>>��{Q���
_�՝LX8�U����{�Z��ؐ)��7?�RR;�C�R�Hײڣ����1�>)�Mă‰�T���(��Aϝ�}9�ڥ�J*Mќ�ġ�'L��Q    �DW��ظ=��|Q�   �Æ�W;5��Ž�!�DB�X`ɧ�/��E�`Ʀ\
[ 1483.267017][  T673] [U] M��X��"�{;�ե�٘_�O2��)�O��.2�W2ʲ��Y���X_  HPϱ�S�D����:]�{�����Ƚ
[ 1483.269899][  T673] [U] I,�>�Ӥ ��5�1��^1�N4�OǶ�'0�?֒I�9W.�_.�W�A���V��`)�Z���C6GIӹ�A��XL[����F�*��O�W)+��'\N�
[K@����2�Ǭ���P"^`���   ؿ
[ 1483.270140][  T673] [U] 22��Ʃ�۩X?0;3U�
[ 1483.290618][  T673] [U] ޜ�
ƍ�SOBX�8�W�4��(�~/���K�U��ԖOQ�E+�G�-Y�GY_
�>V�����3.H�ә]̈́�2��)�D�,        ��      �D~�D���+�W;A\�F
P��Ș|$��)�
KؐI���ɿK�YT^R���Ǚ���A=�#�ܜ       �Ϳ�AE��T�1��ݯ4K�.E"R�S|П�S���:��>P��R�"Z�ڭ���#P!�KY"�}��F�N84ܳ��Hޱ�O��S��̫%DLW�MƲ�
[ 1483.295209][  T673] [U] [�['XN�'�����,MR��/����1D=!D�X91B�
WǻR�LF���K̤Z��#�`̑L؛�˜��B~�M���
[ 1483.298281][  T673] [U] �L�>�сD+�D�����"5�ʍ�H3<���IR=F^�F�N��������V���D�OIO�:U�>�Y�
[ 1483.298779][  T673] [U] 'B�6V�20�ķǞ��׌�"T8�{9�FW��]���̩�
[ 1483.306357][  T673] [U] �72މ���U�C6����τI]8C��TۨQSK�Y��I��¹ �|V'�TV/��G�$[� 9KH`�"ܑ��}��[^=��0�]��%�̂T�����F�_V�4C���
[ 1483.306448][  T673] [U] �EC�
[ 1483.309019][  T673] [U] ���|���<��:^�3$7NK~�-�@��?��/MTL��۾�I�WȬ@G~T�{��P�+�$�JP|���I�RIӍPM� ��Y� ڔ8�T���V�����,�L�,�
[ 1483.332703][  T672] [U] �K�����)0���~ܳʪ�IP'�F�ҜZ��R���@B�]�5��{��ʼ�'�8�ƥF��UTQUD
ǩ�K;7ͪ0C[��Y���YC���ذM��L�8�T�͚�5���RX����W� X���OQHVI'8����L�
[ 1483.442269][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1483.449620][ T3526] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1484.232824][  T710] IPVS: sync thread started: state = BACKUP, mcast_ifn = bond0, syncid = 8, id = 0
[ 1484.233179][  T705] IPVS: stopping backup sync thread 710 ...
[ 1484.342083][  T713] netlink: 'syz.8.12028': attribute type 2 has an invalid length.
[ 1484.342107][  T713] netlink: 244 bytes leftover after parsing attributes in process `syz.8.12028'.
[ 1484.482227][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1484.572562][ T3526] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1485.351102][  T744] xfs: Unexpected value for 'norecovery'
[ 1485.522831][ T5917] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1486.562292][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1487.604603][ T5917] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1487.772482][ T3526] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1488.644225][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1488.648763][T17573] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1488.750293][  T877] netlink: 12 bytes leftover after parsing attributes in process `syz.7.12106'.
[ 1489.387443][  T901] vivid-000: disconnect
[ 1489.388197][  T899] vivid-000: reconnect
[ 1489.500796][  T907] netlink: 32 bytes leftover after parsing attributes in process `syz.3.12121'.
[ 1489.580251][  T911] misc userio: Invalid payload size
[ 1489.588112][  T911] misc userio: The device must be registered before sending interrupts
[ 1489.682251][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1489.682691][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1489.962485][ T5874] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[ 1490.129269][ T5874] usb 4-1: Using ep0 maxpacket: 16
[ 1490.132304][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1490.132341][ T5874] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 1490.132386][ T5874] usb 4-1: New USB device found, idVendor=046d, idProduct=c623, bcdDevice= 0.00
[ 1490.132412][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1490.183746][ T5874] usb 4-1: config 0 descriptor??
[ 1490.344607][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[ 1490.344685][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[ 1490.354999][   T50] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1490.551950][   T10] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[ 1490.633434][ T5874] logitech 0003:046D:C623.002D: unexpected long global item
[ 1490.634334][ T5874] logitech 0003:046D:C623.002D: parse failed
[ 1490.634441][ T5874] logitech 0003:046D:C623.002D: probe with driver logitech failed with error -22
[ 1490.704540][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1490.704575][   T10] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1490.704602][   T10] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[ 1490.704625][   T10] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[ 1490.704668][   T10] usb 9-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[ 1490.704692][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1490.722416][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1490.782175][   T10] usb 9-1: config 0 descriptor??
[ 1490.807879][  T960] netlink: 8 bytes leftover after parsing attributes in process `syz.7.12142'.
[ 1490.816702][T27338] usb 4-1: USB disconnect, device number 37
[ 1491.012100][   T10] hdpvr 9-1:0.0: firmware version 0x4b dated �ׯZ�Z�[���q���kw����$�$DB�����ύ�q5���
[ 1491.012125][   T10] hdpvr 9-1:0.0: untested firmware, the driver might not work.
[ 1491.425543][  T975] netlink: 'syz.7.12149': attribute type 38 has an invalid length.
[ 1491.531869][   T10] hdpvr 9-1:0.0: Could not setup controls
[ 1491.532662][   T10] hdpvr 9-1:0.0: registering videodev failed
[ 1491.564015][   T10] hdpvr 9-1:0.0: probe with driver hdpvr failed with error -71
[ 1491.593150][   T10] usb 9-1: USB disconnect, device number 9
[ 1491.762104][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1492.802775][T27338] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1492.881664][T28223] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[ 1493.042018][T28223] usb 9-1: Using ep0 maxpacket: 32
[ 1493.046553][T28223] usb 9-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1493.046590][T28223] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1493.046629][T28223] usb 9-1: New USB device found, idVendor=046d, idProduct=c225, bcdDevice= 0.00
[ 1493.046654][T28223] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1493.095244][T28223] usb 9-1: config 0 descriptor??
[ 1493.527256][   T50] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1493.558543][T28223] hid_parser_main: 92 callbacks suppressed
[ 1493.558571][T28223] lg-g15 0003:046D:C225.002E: unknown main item tag 0x0
[ 1493.558652][T28223] lg-g15 0003:046D:C225.002E: unknown main item tag 0x0
[ 1493.558682][T28223] lg-g15 0003:046D:C225.002E: unknown main item tag 0x0
[ 1493.558712][T28223] lg-g15 0003:046D:C225.002E: unknown main item tag 0x0
[ 1493.558743][T28223] lg-g15 0003:046D:C225.002E: unknown main item tag 0x0
[ 1493.558772][T28223] lg-g15 0003:046D:C225.002E: unknown main item tag 0x0
[ 1493.653716][T28223] lg-g15 0003:046D:C225.002E: hidraw0: USB HID vb.27 Device [HID 046d:c225] on usb-dummy_hcd.8-1/input0
[ 1493.728372][T28223] usb 9-1: USB disconnect, device number 10
[ 1493.842096][ T5917] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1493.848990][   T12] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1494.882823][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1495.415070][ T1130] program syz.8.12213 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1495.446796][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[ 1495.921998][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1496.082533][   T43] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1496.722066][T27338] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1496.991702][T27338] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1497.463356][ T1208] 9pnet_fd: Insufficient options for proto=fd
[ 1498.034865][ T1228] netlink: 32 bytes leftover after parsing attributes in process `syz.7.12253'.
[ 1498.035541][T28223] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1498.568661][T17573] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1498.729430][ T1242] netlink: 'syz.8.12262': attribute type 6 has an invalid length.
[ 1498.729456][ T1242] netlink: 104 bytes leftover after parsing attributes in process `syz.8.12262'.
[ 1498.882860][   T43] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1499.323878][ T5121] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1499.390340][ T5121] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1499.394662][ T5121] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1499.396102][ T5121] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1499.399962][ T5121] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1499.462889][T28223] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[ 1499.611622][T28223] usb 9-1: Using ep0 maxpacket: 32
[ 1499.614375][T28223] usb 9-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1499.614398][T28223] usb 9-1: config 0 interface 0 altsetting 16 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1499.614417][T28223] usb 9-1: config 0 interface 0 altsetting 16 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1499.614436][T28223] usb 9-1: config 0 interface 0 altsetting 16 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1499.614452][T28223] usb 9-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[ 1499.614472][T28223] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1499.614497][T28223] usb 9-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[ 1499.614514][T28223] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1499.627455][T28223] usb 9-1: config 0 descriptor??
[ 1499.764472][ T1272] usb usb1: check_ctrlrecip: process 1272 (syz.3.12275) requesting ep 01 but needs 81
[ 1499.922279][T27338] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[ 1500.046705][T28223] hid-thrustmaster 0003:044F:B65D.002F: unknown main item tag 0x0
[ 1500.046750][T28223] hid-thrustmaster 0003:044F:B65D.002F: unknown main item tag 0x0
[ 1500.046788][T28223] hid-thrustmaster 0003:044F:B65D.002F: unknown main item tag 0x0
[ 1500.046817][T28223] hid-thrustmaster 0003:044F:B65D.002F: unknown main item tag 0x0
[ 1500.046847][T28223] hid-thrustmaster 0003:044F:B65D.002F: unknown main item tag 0x0
[ 1500.156725][T28223] hid-thrustmaster 0003:044F:B65D.002F: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.8-1/input0
[ 1500.156996][T28223] hid-thrustmaster 0003:044F:B65D.002F: setup data couldn't be sent
[ 1500.263202][    C1] hid-thrustmaster 0003:044F:B65D.002F: URB to get model id failed with error -71
[ 1500.272829][ T5917] usb 9-1: USB disconnect, device number 11
[ 1500.486881][   T50] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1500.642056][ T1294] openvswitch: netlink: nsh attribute has unmatched MD type 0.
[ 1500.642098][ T1294] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1500.923479][ T1301] netlink: 8 bytes leftover after parsing attributes in process `syz.7.12287'.
[ 1501.205287][   T50] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1501.525375][T17585] Bluetooth: hci3: command tx timeout
[ 1501.889320][   T50] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1502.523883][   T50] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1502.576389][ T1348] netlink: 48 bytes leftover after parsing attributes in process `syz.8.12308'.
[ 1503.078458][ T1261] chnl_net:caif_netlink_parms(): no params data found
[ 1503.411682][ T5917] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[ 1503.575547][ T5917] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1503.575580][ T5917] usb 4-1: config 0 has no interface number 0
[ 1503.575642][ T5917] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1503.575671][ T5917] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1503.575711][ T5917] usb 4-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[ 1503.575737][ T5917] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1503.602946][T17585] Bluetooth: hci3: command tx timeout
[ 1503.653587][ T5917] usb 4-1: config 0 descriptor??
[ 1503.927893][ T1261] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1503.928134][ T1261] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1503.928936][ T1261] bridge_slave_0: entered allmulticast mode
[ 1503.984215][ T1261] bridge_slave_0: entered promiscuous mode
[ 1504.046432][ T1261] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1504.046768][ T1261] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1504.047128][ T1261] bridge_slave_1: entered allmulticast mode
[ 1504.090169][ T1261] bridge_slave_1: entered promiscuous mode
[ 1504.098032][ T5917] prodikeys 0003:041E:2801.0030: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.3-1/input1
[ 1504.099886][ T5917] hid_prodikeys: hid-prodikeys: failed to find output report
[ 1504.099886][ T5917] 
[ 1504.275269][   T50] bridge_slave_1: left allmulticast mode
[ 1504.275300][   T50] bridge_slave_1: left promiscuous mode
[ 1504.275550][   T50] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1504.332273][   T10] usb 4-1: USB disconnect, device number 38
[ 1504.383210][   T50] bridge_slave_0: left allmulticast mode
[ 1504.383244][   T50] bridge_slave_0: left promiscuous mode
[ 1504.383504][   T50] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1505.029448][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1505.164923][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1505.305541][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1505.416112][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1505.595994][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1505.714063][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1505.732405][T17585] Bluetooth: hci3: command tx timeout
[ 1505.766250][ T1477] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12368'.
[ 1505.839451][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1506.169309][ T1493] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1506.330010][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1506.390769][   T50] dvmrp0 (unregistering): left allmulticast mode
[ 1506.465028][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1506.567462][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1506.868159][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1506.985263][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1507.014475][ T1524] ptrace attach of "./syz-executor exec"[26763] was attempted by " ��      ��      �      ��      ��      ��      ��              ��      ��      ��                 ����                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     
[ 1507.159244][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1507.365721][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1507.465688][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1507.761753][T17585] Bluetooth: hci3: command tx timeout
[ 1507.960176][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1508.074475][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1508.237785][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1508.457737][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1508.671588][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1508.766147][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1508.868000][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1508.941660][   T50] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1509.025588][   T50] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1509.084688][   T50] bond0 (unregistering): Released all slaves
[ 1509.426471][ T1261] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1509.437579][ T1261] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1509.492646][   T50] IPVS: stopping backup sync thread 30981 ...
[ 1510.266653][ T1627] netlink: 104 bytes leftover after parsing attributes in process `syz.8.12440'.
[ 1510.596086][ T1261] team0: Port device team_slave_0 added
[ 1510.665517][ T1261] team0: Port device team_slave_1 added
[ 1511.365908][ T1678] netlink: 182 bytes leftover after parsing attributes in process `syz.7.12465'.
[ 1511.658942][ T1261] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1511.658961][ T1261] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1511.658991][ T1261] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1511.677883][ T1261] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1511.677906][ T1261] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1511.677945][ T1261] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1511.769194][ T1695] netlink: 12 bytes leftover after parsing attributes in process `syz.8.12472'.
[ 1511.769278][ T1695] netlink: 'syz.8.12472': attribute type 2 has an invalid length.
[ 1511.769296][ T1695] netlink: 44 bytes leftover after parsing attributes in process `syz.8.12472'.
[ 1512.366424][ T1261] hsr_slave_0: entered promiscuous mode
[ 1512.367934][ T1261] hsr_slave_1: entered promiscuous mode
[ 1512.368972][ T1261] debugfs: 'hsr0' already exists in 'hsr'
[ 1512.368999][ T1261] Cannot create hsr debugfs directory
[ 1512.611793][   T50] hsr_slave_0: left promiscuous mode
[ 1512.662158][   T50] hsr_slave_1: left promiscuous mode
[ 1512.663341][   T50] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1512.663370][   T50] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1512.742825][   T50] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1512.742857][   T50] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1512.928472][   T50] veth1_macvtap: left promiscuous mode
[ 1512.928587][   T50] veth0_macvtap: left promiscuous mode
[ 1512.928875][   T50] veth1_vlan: left promiscuous mode
[ 1512.929062][   T50] veth0_vlan: left promiscuous mode
[ 1517.042931][   T50] team0 (unregistering): Port device team_slave_1 removed
[ 1517.403321][   T50] team0 (unregistering): Port device team_slave_0 removed
[ 1521.952099][ T5874] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[ 1522.104690][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1522.104731][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1522.104757][ T5874] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1522.104803][ T5874] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1522.104828][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1522.110334][ T5874] usb 4-1: config 0 descriptor??
[ 1522.631251][ T5874] plantronics 0003:047F:FFFF.0031: unbalanced delimiter at end of report description
[ 1522.639370][ T5874] plantronics 0003:047F:FFFF.0031: parse failed
[ 1522.639488][ T5874] plantronics 0003:047F:FFFF.0031: probe with driver plantronics failed with error -22
[ 1522.816809][   T50] IPVS: stop unused estimator thread 0...
[ 1522.907422][ T5874] usb 4-1: USB disconnect, device number 39
[ 1523.821733][ T5917] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[ 1523.875701][ T1261] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1523.938434][ T1261] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1523.971656][ T5917] usb 9-1: Using ep0 maxpacket: 32
[ 1523.974031][ T5917] usb 9-1: config 0 has an invalid interface number: 184 but max is 0
[ 1523.974060][ T5917] usb 9-1: config 0 has no interface number 0
[ 1523.974122][ T5917] usb 9-1: config 0 interface 184 has no altsetting 0
[ 1523.977309][ T5917] usb 9-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1523.977342][ T5917] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1523.977366][ T5917] usb 9-1: Product: syz
[ 1523.977382][ T5917] usb 9-1: Manufacturer: syz
[ 1523.977399][ T5917] usb 9-1: SerialNumber: syz
[ 1524.041820][ T5917] usb 9-1: config 0 descriptor??
[ 1524.049814][ T5917] smsc75xx v1.0.0
[ 1524.086407][ T1261] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1524.141392][ T1261] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1524.588731][ T1261] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1524.695042][ T1261] 8021q: adding VLAN 0 to HW filter on device team0
[ 1524.712610][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1524.717741][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1524.787935][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1524.789016][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1524.947380][ T5917] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[ 1524.947415][ T5917] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1524.947960][ T5917] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1524.947987][ T5917] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[ 1524.948008][ T5917] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[ 1524.948036][ T5917] smsc75xx 9-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1524.948328][ T5917] smsc75xx 9-1:0.184: probe with driver smsc75xx failed with error -71
[ 1525.034630][ T5917] usb 9-1: USB disconnect, device number 12
[ 1525.602463][ T5874] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[ 1525.767192][ T5874] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1525.767224][ T5874] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1525.768529][ T5874] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1525.768568][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1525.768590][ T5874] usb 4-1: SerialNumber: syz
[ 1526.031834][ T1261] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1526.073357][ T5874] usb 4-1: 0:2 : does not exist
[ 1526.228297][ T5874] usb 4-1: USB disconnect, device number 40
[ 1526.336185][ T1261] veth0_vlan: entered promiscuous mode
[ 1526.411976][ T1261] veth1_vlan: entered promiscuous mode
[ 1526.554830][ T1261] veth0_macvtap: entered promiscuous mode
[ 1526.610092][ T1261] veth1_macvtap: entered promiscuous mode
[ 1526.663277][ T1261] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1526.719020][ T1261] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1526.812198][   T50] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1526.813630][ T3526] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1526.814240][ T3526] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1526.814650][ T3526] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1527.364188][   T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1527.364212][   T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1527.521665][ T1499] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1527.521687][ T1499] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1527.680344][ T2068] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1528.016141][ T2076] netlink: 8 bytes leftover after parsing attributes in process `syz.0.12254'.
[ 1529.287878][ T2130] netlink: 16 bytes leftover after parsing attributes in process `syz.0.12675'.
[ 1529.791642][T17780] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[ 1529.941606][T17780] usb 4-1: Using ep0 maxpacket: 16
[ 1529.944011][T17780] usb 4-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1529.944049][T17780] usb 4-1: config 0 interface 0 has no altsetting 0
[ 1529.944095][T17780] usb 4-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[ 1529.944120][T17780] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1529.950707][T17780] usb 4-1: config 0 descriptor??
[ 1530.391186][ T2178] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12697'.
[ 1530.442801][T17780] nzxt-smart2 0003:1E71:2009.0032: unknown main item tag 0x0
[ 1530.442844][T17780] nzxt-smart2 0003:1E71:2009.0032: unknown main item tag 0x0
[ 1530.442868][T17780] nzxt-smart2 0003:1E71:2009.0032: unknown main item tag 0x0
[ 1530.442891][T17780] nzxt-smart2 0003:1E71:2009.0032: unknown main item tag 0x0
[ 1530.442914][T17780] nzxt-smart2 0003:1E71:2009.0032: unknown main item tag 0x0
[ 1530.495662][T17780] nzxt-smart2 0003:1E71:2009.0032: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.3-1/input0
[ 1530.637009][T17780] usb 4-1: USB disconnect, device number 41
[ 1532.527202][ T2235] netlink: 4 bytes leftover after parsing attributes in process `syz.7.12723'.
[ 1532.527422][ T2235] netlink: 39 bytes leftover after parsing attributes in process `syz.7.12723'.
[ 1532.870312][ T2254] netlink: 20 bytes leftover after parsing attributes in process `syz.0.12731'.
[ 1532.870346][ T2254] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12731'.
[ 1532.875575][ T2254] netlink: 20 bytes leftover after parsing attributes in process `syz.0.12731'.
[ 1532.875620][ T2254] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12731'.
[ 1532.981691][ T5874] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[ 1533.131924][ T5874] usb 9-1: Using ep0 maxpacket: 16
[ 1533.134725][ T5874] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1533.134786][ T5874] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1533.134817][ T5874] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1533.134842][ T5874] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1533.134867][ T5874] usb 9-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1533.136456][ T5874] usb 9-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1533.136485][ T5874] usb 9-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1533.136506][ T5874] usb 9-1: Manufacturer: syz
[ 1533.153755][ T5874] usb 9-1: config 0 descriptor??
[ 1533.442155][ T5121] Bluetooth: hci4: command 0x0406 tx timeout
[ 1533.631643][ T5874] rc_core: IR keymap rc-hauppauge not found
[ 1533.631666][ T5874] Registered IR keymap rc-empty
[ 1533.631832][ T5874] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1533.652046][ T5874] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1533.674763][ T5874] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0
[ 1533.694789][ T5874] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0/input70
[ 1533.720863][ T5874] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1533.731908][ T5874] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1533.752431][ T5874] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1533.773519][ T5874] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1533.791662][ T5874] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1533.811777][ T5874] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1533.835397][ T5874] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1533.853305][ T5874] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1533.871830][ T5874] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1533.892108][ T5874] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1533.915818][ T5874] mceusb 9-1:0.0: Error: mce write submit urb error = -90
[ 1533.967902][ T5874] mceusb 9-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1533.968967][ T5874] mceusb 9-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1534.050708][ T5874] usb 9-1: USB disconnect, device number 13
[ 1534.681931][ T2313] program syz.0.12756 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1534.958580][   T37] audit: type=1326 audit(1764146515.130:1330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2321 comm="syz.0.12760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a648eb829 code=0x7ffc0000
[ 1534.958656][   T37] audit: type=1326 audit(1764146515.130:1331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2321 comm="syz.0.12760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a648eb829 code=0x7ffc0000
[ 1534.958710][   T37] audit: type=1326 audit(1764146515.130:1332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2321 comm="syz.0.12760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a648eb829 code=0x7ffc0000
[ 1534.958761][   T37] audit: type=1326 audit(1764146515.130:1333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2321 comm="syz.0.12760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a648eb829 code=0x7ffc0000
[ 1534.958812][   T37] audit: type=1326 audit(1764146515.130:1334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2321 comm="syz.0.12760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a648eb829 code=0x7ffc0000
[ 1534.958865][   T37] audit: type=1326 audit(1764146515.130:1335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2321 comm="syz.0.12760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a648eb829 code=0x7ffc0000
[ 1534.958916][   T37] audit: type=1326 audit(1764146515.130:1336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2321 comm="syz.0.12760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a648eb829 code=0x7ffc0000
[ 1534.958967][   T37] audit: type=1326 audit(1764146515.130:1337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2321 comm="syz.0.12760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a648eb829 code=0x7ffc0000
[ 1534.964867][   T37] audit: type=1326 audit(1764146515.130:1338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2321 comm="syz.0.12760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f7a648eb829 code=0x7ffc0000
[ 1534.964939][   T37] audit: type=1326 audit(1764146515.140:1339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2321 comm="syz.0.12760" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a6494f749 code=0x7ffc0000
[ 1535.804790][ T2350] netlink: 44 bytes leftover after parsing attributes in process `syz.0.12775'.
[ 1535.875337][ T2353] netlink: 'syz.8.12776': attribute type 5 has an invalid length.
[ 1537.151231][ T2417] netlink: 8 bytes leftover after parsing attributes in process `syz.3.12806'.
[ 1537.805157][ T5874] kernel write not supported for file /1134/net/xfrm_stat (pid: 5874 comm: kworker/0:4)
[ 1539.512203][ T2497] netlink: 20 bytes leftover after parsing attributes in process `syz.8.12834'.
[ 1540.684991][ T5874] kernel write not supported for file /adsp1 (pid: 5874 comm: kworker/0:4)
[ 1541.001974][ T2560] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12858'.
[ 1541.129496][   T37] kauditd_printk_skb: 123 callbacks suppressed
[ 1541.129520][   T37] audit: type=1326 audit(1764146521.290:1463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2562 comm="syz.3.12859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d894bf749 code=0x7ffc0000
[ 1541.129575][   T37] audit: type=1326 audit(1764146521.290:1464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2562 comm="syz.3.12859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d894bf749 code=0x7ffc0000
[ 1541.186207][   T37] audit: type=1326 audit(1764146521.360:1465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2562 comm="syz.3.12859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0d894bf749 code=0x7ffc0000
[ 1541.186270][   T37] audit: type=1326 audit(1764146521.360:1466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2562 comm="syz.3.12859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d894bf749 code=0x7ffc0000
[ 1541.186321][   T37] audit: type=1326 audit(1764146521.360:1467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2562 comm="syz.3.12859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d894bf749 code=0x7ffc0000
[ 1541.187159][   T37] audit: type=1326 audit(1764146521.360:1468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2562 comm="syz.3.12859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f0d894bf749 code=0x7ffc0000
[ 1541.187209][   T37] audit: type=1326 audit(1764146521.360:1469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2562 comm="syz.3.12859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d894bf749 code=0x7ffc0000
[ 1541.187248][   T37] audit: type=1326 audit(1764146521.360:1470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2562 comm="syz.3.12859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d894bf749 code=0x7ffc0000
[ 1541.188090][   T37] audit: type=1326 audit(1764146521.360:1471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2562 comm="syz.3.12859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7f0d894bf749 code=0x7ffc0000
[ 1541.188137][   T37] audit: type=1326 audit(1764146521.360:1472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=2562 comm="syz.3.12859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d894bf749 code=0x7ffc0000
[ 1541.229463][ T2568] Process accounting resumed
[ 1541.837272][ T2594] netlink: 4 bytes leftover after parsing attributes in process `syz.7.12872'.
[ 1541.897622][ T2600] loop5: detected capacity change from 0 to 7
[ 1541.966168][ T2605] netlink: 'syz.8.12875': attribute type 1 has an invalid length.
[ 1542.012252][ T2600] Dev loop5: unable to read RDB block 7
[ 1542.012311][ T2600]  loop5: unable to read partition table
[ 1542.012549][ T2600] loop5: partition table beyond EOD, truncated
[ 1542.012579][ T2600] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1542.213376][ T2617] netlink: 4 bytes leftover after parsing attributes in process `syz.7.12880'.
[ 1542.351745][ T2624] syzkaller0: tun_chr_ioctl cmd 1074025677
[ 1542.351947][ T2624] syzkaller0: linktype set to 1
[ 1542.580964][ T2642] tap0: tun_chr_ioctl cmd 1074025677
[ 1542.581208][ T2642] tap0: linktype set to 773
[ 1543.065120][ T2668] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1543.088916][ T2668] bond0: (slave bond1): Enslaving as an active interface with an up link
[ 1544.155963][   T31] kernel read not supported for file /newroot/560 (pid: 31 comm: kworker/1:0)
[ 1545.263921][ T2793] ������: renamed from vlan0 (while UP)
[ 1545.441998][ T2803] netlink: 20 bytes leftover after parsing attributes in process `syz.3.12952'.
[ 1545.498401][ T2805] netlink: 20 bytes leftover after parsing attributes in process `syz.3.12952'.
[ 1545.771172][ T5121] Bluetooth: hci3: command 0x0405 tx timeout
[ 1545.832523][ T2821] Bluetooth: MGMT ver 1.23
[ 1545.836340][ T2821] Bluetooth: hci1: expected 104 bytes, got 2 bytes
[ 1545.941364][    C0] vcan0: j1939_tp_rxtimer: 0xffff888034336400: rx timeout, send abort
[ 1546.029691][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1546.368475][ T2856] nbd: nbd3 already in use
[ 1546.441486][    C0] vcan0: j1939_tp_rxtimer: 0xffff888034336400: abort rx timeout. Force session deactivation
[ 1546.651325][ T2873] netlink: 148 bytes leftover after parsing attributes in process `syz.7.12978'.
[ 1547.939730][ T2951] netlink: 7 bytes leftover after parsing attributes in process `syz.7.13009'.
[ 1548.987807][ T2994] netlink: 56 bytes leftover after parsing attributes in process `syz.3.13031'.
[ 1548.987986][ T2994] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13031'.
[ 1548.989730][ T2995] IPv6: NLM_F_CREATE should be specified when creating new route
[ 1550.551916][ T5875] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[ 1550.589684][ T3060] netlink: 36 bytes leftover after parsing attributes in process `syz.0.13061'.
[ 1550.711347][ T5875] usb 9-1: Using ep0 maxpacket: 8
[ 1550.721745][ T5875] usb 9-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1550.721783][ T5875] usb 9-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1550.721809][ T5875] usb 9-1: config 0 interface 0 has no altsetting 0
[ 1550.721847][ T5875] usb 9-1: New USB device found, idVendor=1b96, idProduct=0004, bcdDevice= 0.00
[ 1550.721870][ T5875] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1550.751016][ T5875] usb 9-1: config 0 descriptor??
[ 1550.995567][ T3066] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1551.228706][ T5875] ntrig 0003:1B96:0004.0033: unknown main item tag 0x0
[ 1551.228750][ T5875] ntrig 0003:1B96:0004.0033: unknown main item tag 0x0
[ 1551.228781][ T5875] ntrig 0003:1B96:0004.0033: unknown main item tag 0x0
[ 1551.228813][ T5875] ntrig 0003:1B96:0004.0033: unknown main item tag 0x0
[ 1551.228843][ T5875] ntrig 0003:1B96:0004.0033: unknown main item tag 0x0
[ 1551.244368][ T5875] ntrig 0003:1B96:0004.0033: hidraw0: USB HID v0.00 Device [HID 1b96:0004] on usb-dummy_hcd.8-1/input0
[ 1551.450931][ T5875] usb 9-1: USB disconnect, device number 14
[ 1551.781297][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[ 1551.781411][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[ 1551.905816][ T3089] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1552.793871][ T3122] netlink: 844 bytes leftover after parsing attributes in process `syz.7.13089'.
[ 1553.125393][ T3131] erspan0: entered promiscuous mode
[ 1553.314149][ T3143] netlink: 28 bytes leftover after parsing attributes in process `syz.0.13100'.
[ 1554.251831][T17780] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[ 1554.421956][T17780] usb 4-1: Using ep0 maxpacket: 8
[ 1554.426136][T17780] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[ 1554.426168][T17780] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1554.450820][T17780] pvrusb2: Hardware description: Terratec Grabster AV400
[ 1554.450844][T17780] pvrusb2: **********
[ 1554.450853][T17780] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[ 1554.450869][T17780] pvrusb2: Important functionality might not be entirely working.
[ 1554.450880][T17780] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[ 1554.450896][T17780] pvrusb2: **********
[ 1554.616111][ T3205] netlink: 8 bytes leftover after parsing attributes in process `syz.8.13130'.
[ 1554.616151][ T3205] netlink: 8 bytes leftover after parsing attributes in process `syz.8.13130'.
[ 1554.678924][ T2369] pvrusb2: Invalid write control endpoint
[ 1554.768345][ T2369] pvrusb2: Invalid write control endpoint
[ 1554.768363][ T2369] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[ 1554.768376][ T2369] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[ 1554.768386][ T2369] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[ 1554.768398][ T2369] pvrusb2: Device being rendered inoperable
[ 1554.768509][ T2369] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[ 1554.768586][ T2369] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[ 1554.769623][ T2369] pvrusb2: Attached sub-driver cx25840
[ 1554.769636][ T2369] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[ 1554.769649][ T2369] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[ 1554.817789][ T3212] netlink: 8 bytes leftover after parsing attributes in process `syz.7.13132'.
[ 1554.817830][ T3212] netlink: 8 bytes leftover after parsing attributes in process `syz.7.13132'.
[ 1554.895355][ T5875] usb 4-1: USB disconnect, device number 42
[ 1554.963253][T17780] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[ 1555.111970][T17780] usb 9-1: Using ep0 maxpacket: 32
[ 1555.114400][T17780] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1555.114462][T17780] usb 9-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1555.114507][T17780] usb 9-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1555.114534][T17780] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1555.123920][T17780] usb 9-1: config 0 descriptor??
[ 1555.130991][T17780] hub 9-1:0.0: bad descriptor, ignoring hub
[ 1555.131041][T17780] hub 9-1:0.0: probe with driver hub failed with error -5
[ 1555.443788][T17780] usb 9-1: USB disconnect, device number 15
[ 1558.028853][ T3360] tipc: New replicast peer: 255.255.255.255
[ 1558.030815][ T3360] tipc: Enabled bearer <udp:syz2>, priority 7
[ 1558.751791][ T3399] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1559.377794][ T3432] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1559.378723][ T3432] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1559.379329][ T3432] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1559.379412][ T3432] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1559.379702][ T3432] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1559.379778][ T3432] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1559.380073][ T3432] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1559.380153][ T3432] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1559.380427][ T3432] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1559.486716][ T3439] sctp: [Deprecated]: syz.8.13239 (pid 3439) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1559.486716][ T3439] Use struct sctp_sack_info instead
[ 1559.898995][ T3461] netlink: 'syz.7.13251': attribute type 2 has an invalid length.
[ 1560.059422][ T3469] mac80211_hwsim hwsim21 wlan0: entered promiscuous mode
[ 1560.071651][ T5874] usb 9-1: new high-speed USB device number 16 using dummy_hcd
[ 1560.079621][ T3469] macsec2: entered promiscuous mode
[ 1560.079897][ T3469] macsec2: entered allmulticast mode
[ 1560.079917][ T3469] mac80211_hwsim hwsim21 wlan0: entered allmulticast mode
[ 1560.221566][ T5874] usb 9-1: Using ep0 maxpacket: 16
[ 1560.224134][ T5874] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 192, changing to 11
[ 1560.224173][ T5874] usb 9-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[ 1560.224201][ T5874] usb 9-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[ 1560.225766][ T5874] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1560.225797][ T5874] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1560.225821][ T5874] usb 9-1: SerialNumber: syz
[ 1560.247439][ T3442] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[ 1560.492239][ T5874] cdc_ether 9-1:1.0: probe with driver cdc_ether failed with error -22
[ 1560.512271][ T5874] usb 9-1: USB disconnect, device number 16
[ 1560.993198][ T3509] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13274'.
[ 1561.097674][ T3513] netlink: 'syz.7.13278': attribute type 11 has an invalid length.
[ 1561.097702][ T3513] netlink: 190972 bytes leftover after parsing attributes in process `syz.7.13278'.
[ 1561.195987][ T3518] netlink: 212360 bytes leftover after parsing attributes in process `syz.8.13277'.
[ 1561.607825][ T3538] netlink: 12 bytes leftover after parsing attributes in process `syz.0.13288'.
[ 1561.607869][ T3538] netlink: 'syz.0.13288': attribute type 7 has an invalid length.
[ 1561.607886][ T3538] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13288'.
[ 1564.940846][ T3659] program syz.3.13343 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1566.285310][ T3709] binder: 3708:3709 ioctl c0306201 200000000640 returned -22
[ 1566.390022][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1567.166892][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1567.314950][ T3749] binder: 3748:3749 ioctl 40046205 0 returned -22
[ 1567.936797][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1567.948993][ T5875] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[ 1568.017098][ T3778] netlink: 256 bytes leftover after parsing attributes in process `syz.0.13398'.
[ 1568.017126][ T3778] netlink: 72 bytes leftover after parsing attributes in process `syz.0.13398'.
[ 1568.101559][ T5875] usb 4-1: Using ep0 maxpacket: 8
[ 1568.124849][ T5875] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[ 1568.124885][ T5875] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1568.124908][ T5875] usb 4-1: Product: syz
[ 1568.124925][ T5875] usb 4-1: Manufacturer: syz
[ 1568.124941][ T5875] usb 4-1: SerialNumber: syz
[ 1568.167647][ T5875] usb 4-1: config 0 descriptor??
[ 1568.181144][ T5875] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[ 1568.181204][ T5875] usb 4-1: setting power ON
[ 1568.181224][ T5875] dvb-usb: bulk message failed: -22 (2/0)
[ 1568.229181][ T5875] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1568.242504][ T5875] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[ 1568.242573][ T5875] usb 4-1: media controller created
[ 1568.296612][ T5875] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1568.330799][ T5875] usb 4-1: selecting invalid altsetting 6
[ 1568.330823][ T5875] usb 4-1: digital interface selection failed (-22)
[ 1568.330840][ T5875] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[ 1568.354023][ T5875] usb 4-1: setting power OFF
[ 1568.354057][ T5875] dvb-usb: bulk message failed: -22 (2/0)
[ 1568.354079][ T5875] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[ 1568.354094][ T5875] (NULL device *): no alternate interface
[ 1568.432720][ T5875] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[ 1568.436756][ T5875] usb 4-1: USB disconnect, device number 43
[ 1568.736805][ T3801] netlink: 40 bytes leftover after parsing attributes in process `syz.7.13409'.
[ 1568.737203][ T3801] netlink: 32 bytes leftover after parsing attributes in process `syz.7.13409'.
[ 1569.601734][ T5874] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[ 1569.773940][ T5874] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1569.774008][ T5874] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1569.775633][ T5874] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1569.775662][ T5874] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1569.775683][ T5874] usb 4-1: Manufacturer: syz
[ 1569.781372][ T5874] usb 4-1: config 0 descriptor??
[ 1569.971896][ T5874] rc_core: IR keymap rc-hauppauge not found
[ 1569.971919][ T5874] Registered IR keymap rc-empty
[ 1569.973526][ T5874] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[ 1569.978356][ T5874] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input71
[ 1569.978854][ T3859] 9pnet_fd: Insufficient options for proto=fd
[ 1570.089019][ T5917] usb 4-1: USB disconnect, device number 44
[ 1571.011936][ T5917] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[ 1571.161600][ T5917] usb 4-1: Using ep0 maxpacket: 16
[ 1571.164148][ T5917] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1571.164179][ T5917] usb 4-1: config 1 has no interface number 1
[ 1571.164229][ T5917] usb 4-1: config 1 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1571.164252][ T5917] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[ 1571.164297][ T5917] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1571.167331][ T5917] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1571.167362][ T5917] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1571.167385][ T5917] usb 4-1: Product: syz
[ 1571.167401][ T5917] usb 4-1: Manufacturer: syz
[ 1571.167416][ T5917] usb 4-1: SerialNumber: syz
[ 1571.707586][ T5917] usb 4-1: 2:1 : UAC_AS_GENERAL descriptor not found
[ 1572.145393][   T31] usb 4-1: USB disconnect, device number 45
[ 1572.218868][ T3953] netlink: 16 bytes leftover after parsing attributes in process `syz.8.13480'.
[ 1572.586907][   T31] kernel write not supported for file bpf-prog (pid: 31 comm: kworker/1:0)
[ 1573.605330][ T4016] netlink: 12 bytes leftover after parsing attributes in process `syz.8.13510'.
[ 1574.023531][ T4033] syzkaller0: tun_chr_ioctl cmd 2147767520
[ 1574.437355][ T4058] netlink: 12 bytes leftover after parsing attributes in process `syz.8.13530'.
[ 1576.138674][ T4110] netlink: 16 bytes leftover after parsing attributes in process `syz.8.13555'.
[ 1576.540386][ T4123] sp0: Synchronizing with TNC
[ 1576.555327][ T4122] [U] �``
[ 1576.674806][ T4131] 9pnet_fd: Insufficient options for proto=fd
[ 1577.571888][ T4179] netlink: 'syz.0.13586': attribute type 14 has an invalid length.
[ 1577.781730][ T5917] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[ 1577.931623][ T5917] usb 9-1: Using ep0 maxpacket: 8
[ 1577.934296][ T5917] usb 9-1: config 255 has too many interfaces: 255, using maximum allowed: 32
[ 1577.934329][ T5917] usb 9-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config
[ 1577.934359][ T5917] usb 9-1: config 255 has 1 interface, different from the descriptor's value: 255
[ 1577.934416][ T5917] usb 9-1: config 255 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1577.934462][ T5917] usb 9-1: New USB device found, idVendor=056a, idProduct=0045, bcdDevice= 0.00
[ 1577.934487][ T5917] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1578.202184][ T5917] usb 9-1: string descriptor 0 read error: -71
[ 1578.207090][ T5917] usbhid 9-1:255.0: couldn't find an input interrupt endpoint
[ 1578.225543][ T5917] usb 9-1: USB disconnect, device number 17
[ 1578.479833][ T4215] program syz.0.13605 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1579.510945][ T4257] netlink: 28 bytes leftover after parsing attributes in process `syz.8.13625'.
[ 1581.889222][ T4324] netlink: 27 bytes leftover after parsing attributes in process `syz.7.13656'.
[ 1583.278299][ T4374] netlink: 4 bytes leftover after parsing attributes in process `syz.0.13680'.
[ 1584.097372][ T4411] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[ 1584.103583][ T4411] 
@0�: renamed from bond_slave_1 (while UP)
[ 1584.635092][ T4435] netlink: 28 bytes leftover after parsing attributes in process `syz.7.13708'.
[ 1584.742494][ T4439] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1585.475935][ T4468] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1586.071587][ T5874] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[ 1586.095034][ T4494] macvlan0: entered promiscuous mode
[ 1586.112912][ T4494] netlink: 'syz.8.13738': attribute type 1 has an invalid length.
[ 1586.112940][ T4494] netlink: 'syz.8.13738': attribute type 2 has an invalid length.
[ 1586.232097][ T5874] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1586.232132][ T5874] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1586.232155][ T5874] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1586.232213][ T5874] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1586.232243][ T5874] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1586.234166][ T5874] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1586.234198][ T5874] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1586.234220][ T5874] usb 4-1: Product: syz
[ 1586.234236][ T5874] usb 4-1: Manufacturer: syz
[ 1586.263745][ T5874] cdc_wdm 4-1:1.0: skipping garbage
[ 1586.263771][ T5874] cdc_wdm 4-1:1.0: skipping garbage
[ 1586.296008][ T5874] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[ 1586.296050][ T5874] cdc_wdm 4-1:1.0: Unknown control protocol
[ 1586.522317][ T5874] usb 4-1: USB disconnect, device number 46
[ 1588.270511][   T37] kauditd_printk_skb: 1 callbacks suppressed
[ 1588.270533][   T37] audit: type=1400 audit(1587.614:1474): lsm=SMACK fn=smack_inode_permission action=denied subject="y" object="_" requested=wx pid=4576 comm="syz.0.13778" name="146" dev="tmpfs" ino=751
[ 1589.154943][ T4554] netlink: 40 bytes leftover after parsing attributes in process `syz.3.13767'.
[ 1589.194120][ T4558] macvlan2: entered promiscuous mode
[ 1589.194147][ T4558] bridge0: entered promiscuous mode
[ 1589.226288][ T4589] bond0: entered promiscuous mode
[ 1589.226315][ T4589] bond_slave_0: entered promiscuous mode
[ 1589.226559][ T4589] bond_slave_1: entered promiscuous mode
[ 1589.262305][ T4589] batadv_slave_0: entered promiscuous mode
[ 1589.263475][ T4589] batadv_slave_0: left promiscuous mode
[ 1589.286878][ T4589] bond0: left promiscuous mode
[ 1589.286904][ T4589] bond_slave_0: left promiscuous mode
[ 1589.287171][ T4589] bond_slave_1: left promiscuous mode
[ 1589.500462][ T4609] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[ 1589.500494][ T4609] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1589.541077][ T4609] vhci_hcd vhci_hcd.0: Device attached
[ 1589.553247][ T4612] vhci_hcd vhci_hcd.0: pdev(3) rhport(1) sockfd(5)
[ 1589.553276][ T4612] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[ 1589.553329][ T4612] vhci_hcd vhci_hcd.0: Device attached
[ 1589.586131][ T4609] vhci_hcd vhci_hcd.0: pdev(3) rhport(2) sockfd(7)
[ 1589.586161][ T4609] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1589.586220][ T4609] vhci_hcd vhci_hcd.0: Device attached
[ 1589.616018][ T4609] vhci_hcd vhci_hcd.0: pdev(3) rhport(3) sockfd(9)
[ 1589.616051][ T4609] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1589.616119][ T4609] vhci_hcd vhci_hcd.0: Device attached
[ 1589.623349][ T4610] vhci_hcd: connection closed
[ 1589.632057][ T4615] vhci_hcd: connection closed
[ 1589.661831][ T4613] vhci_hcd: connection closed
[ 1589.696316][ T4619] vhci_hcd: connection closed
[ 1589.721597][T14035] vhci_hcd: stop threads
[ 1589.726795][T14035] vhci_hcd: release socket
[ 1589.761206][T14035] vhci_hcd: disconnect device
[ 1589.772062][T14035] vhci_hcd: stop threads
[ 1589.772083][T14035] vhci_hcd: release socket
[ 1589.772164][T14035] vhci_hcd: disconnect device
[ 1589.772603][T14035] vhci_hcd: stop threads
[ 1589.772613][T14035] vhci_hcd: release socket
[ 1589.772678][T14035] vhci_hcd: disconnect device
[ 1589.775774][T14035] vhci_hcd: stop threads
[ 1589.775792][T14035] vhci_hcd: release socket
[ 1589.776005][T14035] vhci_hcd: disconnect device
[ 1591.782179][ T5874] usb 9-1: new high-speed USB device number 18 using dummy_hcd
[ 1591.962354][ T5874] usb 9-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1591.962390][ T5874] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1591.962413][ T5874] usb 9-1: Product: syz
[ 1591.962429][ T5874] usb 9-1: Manufacturer: syz
[ 1591.962445][ T5874] usb 9-1: SerialNumber: syz
[ 1592.047674][ T5874] usb 9-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1592.075751][T17780] usb 9-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1593.621507][T17780] usb 9-1: Service connection timeout for: 256
[ 1593.621535][T17780] ath9k_htc 9-1:1.0: ath9k_htc: Unable to initialize HTC services
[ 1594.182906][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1594.657969][ T5874] usb 9-1: USB disconnect, device number 18
[ 1594.706773][T17780] ath9k_htc: Failed to initialize the device
[ 1594.714634][ T5874] usb 9-1: ath9k_htc: USB layer deinitialized
[ 1595.031592][   T10] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[ 1595.182190][   T10] usb 4-1: Using ep0 maxpacket: 16
[ 1595.194516][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1595.194570][   T10] usb 4-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1595.194596][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1595.200606][   T10] usb 4-1: config 0 descriptor??
[ 1595.655305][ T4780] netlink: 24 bytes leftover after parsing attributes in process `syz.8.13869'.
[ 1595.655338][ T4780] netlink: 24 bytes leftover after parsing attributes in process `syz.8.13869'.
[ 1595.761279][   T10] elan 0003:04F3:0755.0034: hidraw0: USB HID v0.05 Device [HID 04f3:0755] on usb-dummy_hcd.3-1/input0
[ 1596.097997][   T10] usb 4-1: USB disconnect, device number 47
[ 1596.703393][ T4814] hub 1-0:1.0: USB hub found
[ 1596.705119][ T4814] hub 1-0:1.0: 1 port detected
[ 1598.748469][ T4871] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[ 1598.792144][T17573] Bluetooth: hci5: Frame reassembly failed (-84)
[ 1598.955838][ T4880] loop5: detected capacity change from 0 to 7
[ 1599.650419][ T4880] Dev loop5: unable to read RDB block 7
[ 1599.650479][ T4880]  loop5: unable to read partition table
[ 1599.650832][ T4880] loop5: partition table beyond EOD, truncated
[ 1599.650855][ T4880] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1600.187438][ T4920] netlink: 'syz.8.13935': attribute type 4 has an invalid length.
[ 1600.749028][ T4949] input: syz0 as /devices/virtual/input/input72
[ 1600.801616][ T5121] Bluetooth: hci5: command 0x1003 tx timeout
[ 1600.833190][T17585] Bluetooth: hci5: Opcode 0x1003 failed: -110
[ 1601.450935][ T4978] netlink: 48 bytes leftover after parsing attributes in process `syz.0.13964'.
[ 1601.591549][ T5917] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[ 1601.709631][ T4992] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13971'.
[ 1601.741571][ T5917] usb 9-1: Using ep0 maxpacket: 16
[ 1601.747490][ T5917] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1601.747543][ T5917] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1601.747569][ T5917] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1601.789712][ T5917] usb 9-1: config 0 descriptor??
[ 1601.825034][ T4996] netlink: 20 bytes leftover after parsing attributes in process `syz.0.13973'.
[ 1602.248584][ T5917] mcp2221 0003:04D8:00DD.0035: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.8-1/input0
[ 1602.475838][ T5020] netlink: 8 bytes leftover after parsing attributes in process `syz.0.13984'.
[ 1602.641127][T17780] usb 9-1: USB disconnect, device number 19
[ 1602.841355][ T5032] net_ratelimit: 68 callbacks suppressed
[ 1602.841382][ T5032] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[ 1603.046635][   T37] audit: type=1326 audit(1602.394:1475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5042 comm="syz.0.13997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a6494f749 code=0x7ffc0000
[ 1603.049356][   T37] audit: type=1326 audit(1602.394:1476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5042 comm="syz.0.13997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a6494f749 code=0x7ffc0000
[ 1603.102038][   T37] audit: type=1326 audit(1602.454:1477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5042 comm="syz.0.13997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7a6494f749 code=0x7ffc0000
[ 1603.110353][   T37] audit: type=1326 audit(1602.454:1478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5042 comm="syz.0.13997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a6494f749 code=0x7ffc0000
[ 1603.110665][   T37] audit: type=1326 audit(1602.454:1479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5042 comm="syz.0.13997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a6494f749 code=0x7ffc0000
[ 1603.111213][   T37] audit: type=1326 audit(1602.454:1480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5042 comm="syz.0.13997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f7a6494f749 code=0x7ffc0000
[ 1603.120241][   T37] audit: type=1326 audit(1602.464:1481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5042 comm="syz.0.13997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a6494f749 code=0x7ffc0000
[ 1603.120321][   T37] audit: type=1326 audit(1602.464:1482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5042 comm="syz.0.13997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a6494f749 code=0x7ffc0000
[ 1603.123699][   T37] audit: type=1326 audit(1602.474:1483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5042 comm="syz.0.13997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=103 compat=0 ip=0x7f7a6494f749 code=0x7ffc0000
[ 1603.124146][   T37] audit: type=1326 audit(1602.474:1484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5042 comm="syz.0.13997" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a6494f749 code=0x7ffc0000
[ 1603.552321][ T5062] bond0: Caught tx_queue_len zero misconfig
[ 1604.223757][ T5092] netlink: 168 bytes leftover after parsing attributes in process `syz.0.14018'.
[ 1604.537285][ T5114] overlayfs: failed to clone lowerpath
[ 1605.183963][ T5152] netlink: 20 bytes leftover after parsing attributes in process `syz.0.14043'.
[ 1605.184087][ T5152] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[ 1605.184102][ T5152] IPv6: NLM_F_CREATE should be set when creating new route
[ 1605.184164][ T5152] IPv6: NLM_F_CREATE should be set when creating new route
[ 1605.273551][ T5159] sctp: [Deprecated]: syz.7.14045 (pid 5159) Use of int in maxseg socket option.
[ 1605.273551][ T5159] Use struct sctp_assoc_value instead
[ 1605.509580][ T5172] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[ 1605.509614][ T5172] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[ 1605.509664][ T5172] overlayfs: conflicting lowerdir path
[ 1605.714751][ T5179] vcan0: tx address claim with dlc 0
[ 1606.190454][ T5201] binder: 5200:5201 ioctl 4018620d 0 returned -22
[ 1607.621599][ T5874] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[ 1607.857390][ T5874] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[ 1607.857425][ T5874] usb 4-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3
[ 1607.857449][ T5874] usb 4-1: Product: syz
[ 1607.857465][ T5874] usb 4-1: Manufacturer: syz
[ 1607.857481][ T5874] usb 4-1: SerialNumber: syz
[ 1607.864500][ T5874] usb 4-1: config 0 descriptor??
[ 1607.875436][ T5874] ch341 4-1:0.0: ch341-uart converter detected
[ 1608.728822][ T5874] usb 4-1: failed to send control message: -71
[ 1608.728884][ T5874] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[ 1608.734223][ T5874] usb 4-1: USB disconnect, device number 48
[ 1608.737082][ T5874] ch341 4-1:0.0: device disconnected
[ 1608.783825][ T5289] netlink: 20 bytes leftover after parsing attributes in process `syz.7.14104'.
[ 1609.013530][ T5301] ipvlan0: entered promiscuous mode
[ 1609.014145][ T5298] ipvlan0: left promiscuous mode
[ 1609.674627][ T5336] netlink: 16 bytes leftover after parsing attributes in process `syz.3.14127'.
[ 1609.783130][ T5342] netlink: 4 bytes leftover after parsing attributes in process `syz.8.14130'.
[ 1610.375557][ T5374] netlink: 28 bytes leftover after parsing attributes in process `syz.8.14145'.
[ 1611.515054][ T5432] netlink: 36 bytes leftover after parsing attributes in process `syz.0.14176'.
[ 1612.493421][   T37] kauditd_printk_skb: 1 callbacks suppressed
[ 1612.493441][   T37] audit: type=1326 audit(1611.844:1486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5474 comm="syz.7.14192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4019e5b829 code=0x7ffc0000
[ 1612.494229][   T37] audit: type=1326 audit(1611.844:1487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5474 comm="syz.7.14192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4019e5b829 code=0x7ffc0000
[ 1612.494288][   T37] audit: type=1326 audit(1611.844:1488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5474 comm="syz.7.14192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4019ebf749 code=0x7ffc0000
[ 1612.494339][   T37] audit: type=1326 audit(1611.844:1489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5474 comm="syz.7.14192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4019ebf749 code=0x7ffc0000
[ 1612.497578][   T37] audit: type=1326 audit(1611.844:1490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5474 comm="syz.7.14192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4019e5b829 code=0x7ffc0000
[ 1612.498073][   T37] audit: type=1326 audit(1611.844:1491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5474 comm="syz.7.14192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4019e5b829 code=0x7ffc0000
[ 1612.498528][   T37] audit: type=1326 audit(1611.844:1492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5474 comm="syz.7.14192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4019e5b829 code=0x7ffc0000
[ 1612.498583][   T37] audit: type=1326 audit(1611.844:1493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5474 comm="syz.7.14192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4019ebf749 code=0x7ffc0000
[ 1612.498878][   T37] audit: type=1326 audit(1611.844:1494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5474 comm="syz.7.14192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4019ebf749 code=0x7ffc0000
[ 1612.499411][   T37] audit: type=1326 audit(1611.844:1495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5474 comm="syz.7.14192" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f4019e5b829 code=0x7ffc0000
[ 1612.581590][T27338] usb 9-1: new low-speed USB device number 20 using dummy_hcd
[ 1612.829670][T27338] usb 9-1: config index 0 descriptor too short (expected 6427, got 27)
[ 1612.829702][T27338] usb 9-1: config 0 has an invalid interface number: 21 but max is 0
[ 1612.829724][T27338] usb 9-1: config 0 has no interface number 0
[ 1612.829779][T27338] usb 9-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt
[ 1612.829823][T27338] usb 9-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[ 1612.829850][T27338] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1612.885252][T27338] usb 9-1: config 0 descriptor??
[ 1612.887686][ T5462] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1613.214997][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[ 1613.215077][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[ 1613.530901][T27338] input: USB Keyspan Remote 06cd:0202 as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.21/input/input73
[ 1613.761993][T27338] usb 9-1: USB disconnect, device number 20
[ 1613.762085][    C1] keyspan_remote 9-1:0.21: keyspan_irq_recv - usb_submit_urb failed with result: -19
[ 1614.149278][ T5524] netlink: 8 bytes leftover after parsing attributes in process `syz.7.14213'.
[ 1614.851472][ T5557] netlink: 666 bytes leftover after parsing attributes in process `syz.0.14228'.
[ 1615.681663][   T31] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[ 1615.837221][   T31] usb 1-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[ 1615.837255][   T31] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1615.837277][   T31] usb 1-1: Product: syz
[ 1615.837293][   T31] usb 1-1: Manufacturer: syz
[ 1615.837310][   T31] usb 1-1: SerialNumber: syz
[ 1615.887071][   T31] usb 1-1: config 0 descriptor??
[ 1615.900226][   T31] gspca_main: sq905c-2.14.0 probing 2770:9052
[ 1616.727684][   T31] usb 1-1: USB disconnect, device number 36
[ 1618.204032][ T5696] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14289'.
[ 1618.204059][ T5696] netlink: 4 bytes leftover after parsing attributes in process `syz.0.14289'.
[ 1618.204089][ T5696] netlink: 'syz.0.14289': attribute type 18 has an invalid length.
[ 1618.204106][ T5696] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14289'.
[ 1618.974393][ T5725] netlink: 28 bytes leftover after parsing attributes in process `syz.8.14303'.
[ 1618.974434][ T5725] netlink: 28 bytes leftover after parsing attributes in process `syz.8.14303'.
[ 1619.697502][ T5761] block nbd3: not configured, cannot reconfigure
[ 1619.967922][   T10] usb 9-1: new high-speed USB device number 21 using dummy_hcd
[ 1620.124138][   T10] usb 9-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1620.124173][   T10] usb 9-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1620.124196][   T10] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1620.124256][   T10] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 1620.124285][   T10] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 1620.126556][   T10] usb 9-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1620.126586][   T10] usb 9-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1620.126608][   T10] usb 9-1: Product: syz
[ 1620.126624][   T10] usb 9-1: Manufacturer: syz
[ 1620.145176][   T10] cdc_wdm 9-1:1.0: skipping garbage
[ 1620.145201][   T10] cdc_wdm 9-1:1.0: skipping garbage
[ 1620.169022][   T10] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[ 1620.169051][   T10] cdc_wdm 9-1:1.0: Unknown control protocol
[ 1620.351694][T28223] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[ 1620.521575][T28223] usb 4-1: Using ep0 maxpacket: 8
[ 1620.523891][T28223] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[ 1620.523935][T28223] usb 4-1: config 179 has no interface number 0
[ 1620.524001][T28223] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1620.524030][T28223] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1620.524061][T28223] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1620.524088][T28223] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 1620.524117][T28223] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1620.524163][T28223] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1620.524188][T28223] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1620.630460][ T5779] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1620.648250][ T5803] netlink: 4 bytes leftover after parsing attributes in process `syz.7.14337'.
[ 1621.093378][ T5874] usb 4-1: USB disconnect, device number 49
[ 1621.093398][    C1] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1621.093549][    C1] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1621.206374][   T37] kauditd_printk_skb: 95 callbacks suppressed
[ 1621.206395][   T37] audit: type=1326 audit(1620.554:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5820 comm="syz.7.14347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4019ebf749 code=0x7ffc0000
[ 1621.206449][   T37] audit: type=1326 audit(1620.554:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5820 comm="syz.7.14347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4019ebf749 code=0x7ffc0000
[ 1621.217638][   T37] audit: type=1326 audit(1620.564:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5820 comm="syz.7.14347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4019ebf749 code=0x7ffc0000
[ 1621.225397][   T37] audit: type=1326 audit(1620.564:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5820 comm="syz.7.14347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4019ebf749 code=0x7ffc0000
[ 1621.226693][   T37] audit: type=1326 audit(1620.574:1595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5820 comm="syz.7.14347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4019ebf749 code=0x7ffc0000
[ 1621.226752][   T37] audit: type=1326 audit(1620.574:1596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5820 comm="syz.7.14347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4019ebf749 code=0x7ffc0000
[ 1621.227421][   T37] audit: type=1326 audit(1620.574:1597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5820 comm="syz.7.14347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4019ebf749 code=0x7ffc0000
[ 1621.228139][   T37] audit: type=1326 audit(1620.574:1598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5820 comm="syz.7.14347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4019ebf749 code=0x7ffc0000
[ 1621.228474][   T37] audit: type=1326 audit(1620.574:1599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5820 comm="syz.7.14347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=199 compat=0 ip=0x7f4019ebf749 code=0x7ffc0000
[ 1621.229024][   T37] audit: type=1326 audit(1620.574:1600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=5820 comm="syz.7.14347" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4019ebf749 code=0x7ffc0000
[ 1621.842501][ T5844] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0
[ 1622.757976][   T10] usb 9-1: USB disconnect, device number 21
[ 1622.852127][ T5892] netlink: 'syz.0.14379': attribute type 14 has an invalid length.
[ 1623.361611][   T10] usb 9-1: new high-speed USB device number 22 using dummy_hcd
[ 1623.444484][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[ 1623.511571][   T10] usb 9-1: Using ep0 maxpacket: 8
[ 1623.518842][   T10] usb 9-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1623.518877][   T10] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1623.518901][   T10] usb 9-1: Product: syz
[ 1623.518918][   T10] usb 9-1: Manufacturer: syz
[ 1623.518933][   T10] usb 9-1: SerialNumber: syz
[ 1623.564990][   T10] usb 9-1: config 0 descriptor??
[ 1623.582697][   T10] gspca_main: se401-2.14.0 probing 047d:5003
[ 1623.744516][ T5916] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14388'.
[ 1623.975302][   T10] gspca_se401: ExtraFeatures: 255
[ 1623.975323][   T10] gspca_se401: Too many frame sizes
[ 1624.193295][   T10] usb 9-1: USB disconnect, device number 22
[ 1624.538546][ T5935] vcan0: tx drop: invalid sa for name 0x0000000000000001
[ 1624.874298][ T5945] netlink: 'syz.8.14404': attribute type 11 has an invalid length.
[ 1624.874358][ T5945] netlink: 24 bytes leftover after parsing attributes in process `syz.8.14404'.
[ 1625.413076][ T5971] netlink: 8 bytes leftover after parsing attributes in process `syz.8.14416'.
[ 1625.801585][ T5874] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[ 1625.951747][ T5874] usb 1-1: Using ep0 maxpacket: 16
[ 1625.954149][ T5874] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1625.954211][ T5874] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1625.954244][ T5874] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1625.954267][ T5874] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1625.954293][ T5874] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1625.955716][ T5874] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1625.955747][ T5874] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1625.955769][ T5874] usb 1-1: Manufacturer: syz
[ 1626.048694][ T5874] usb 1-1: config 0 descriptor??
[ 1626.441546][ T5874] rc_core: IR keymap rc-hauppauge not found
[ 1626.441572][ T5874] Registered IR keymap rc-empty
[ 1626.441741][ T5874] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1626.469092][ T5874] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1626.477632][ T5976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1626.478168][ T5976] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1626.503652][ T5874] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[ 1626.508293][ T5874] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input74
[ 1626.540585][ T5874] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1626.551825][ T5874] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1626.572864][ T5874] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1626.591690][ T5874] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1626.611906][ T5874] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1626.632062][ T5874] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1626.651617][ T5874] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1626.677492][ T5874] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1626.692099][ T5874] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1626.711675][ T5874] mceusb 1-1:0.0: Error: mce write submit urb error = -90
[ 1626.744894][ T5874] mceusb 1-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1626.744932][ T5874] mceusb 1-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1626.751615][T28223] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[ 1626.803041][ T5874] usb 1-1: USB disconnect, device number 37
[ 1626.901582][T28223] usb 4-1: Using ep0 maxpacket: 8
[ 1626.904122][T28223] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1626.904181][T28223] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1626.904207][T28223] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1626.914019][T28223] usb 4-1: config 0 descriptor??
[ 1627.153465][T28223] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1627.799235][ T1499] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1627.800740][ T1499] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1627.800790][ T1499] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1627.800934][ T1499] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1627.921793][T27338] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[ 1628.085594][T27338] usb 1-1: Using ep0 maxpacket: 32
[ 1628.088518][T27338] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1628.088547][T27338] usb 1-1: config 0 has no interface number 0
[ 1628.098964][T27338] usb 1-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[ 1628.099002][T27338] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1628.099029][T27338] usb 1-1: Product: syz
[ 1628.099058][T27338] usb 1-1: Manufacturer: syz
[ 1628.099076][T27338] usb 1-1: SerialNumber: syz
[ 1628.122434][T27338] usb 1-1: config 0 descriptor??
[ 1628.135842][T27338] usb 1-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[ 1628.135876][T27338] usb 1-1: selecting invalid altsetting 1
[ 1628.135928][T27338] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[ 1628.175961][T27338] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 1628.176392][T27338] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[ 1628.176462][T27338] usb 1-1: media controller created
[ 1628.217355][ T6072] netlink: 20 bytes leftover after parsing attributes in process `syz.8.14464'.
[ 1628.260091][ T1499] bond0: (slave bond1): link status definitely down, disabling slave
[ 1628.334431][T27338] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1628.413782][T27338] usb 1-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[ 1628.413843][T27338] zl10353_read_register: readreg error (reg=127, ret==-71)
[ 1628.417202][T27338] usb 1-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[ 1628.617177][T27338] usb 1-1: USB disconnect, device number 38
[ 1628.784395][ T6093] netlink: 24 bytes leftover after parsing attributes in process `syz.7.14474'.
[ 1629.498920][ T5874] usb 4-1: USB disconnect, device number 50
[ 1629.770112][ T6142] netlink: 20 bytes leftover after parsing attributes in process `syz.8.14496'.
[ 1629.881632][ T5874] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[ 1630.031547][ T5874] usb 4-1: Using ep0 maxpacket: 8
[ 1630.034273][ T5874] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1630.034333][ T5874] usb 4-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[ 1630.034359][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1630.076927][ T5874] usb 4-1: config 0 descriptor??
[ 1630.096294][ T5874] gspca_main: vc032x-2.14.0 probing 046d:0892
[ 1630.892120][ T6167] netlink: 24 bytes leftover after parsing attributes in process `syz.0.14510'.
[ 1630.922985][ T5874] gspca_vc032x: reg_w err -71
[ 1630.923159][ T5874] vc032x 4-1:0.0: probe with driver vc032x failed with error -71
[ 1630.954580][ T5874] usb 4-1: USB disconnect, device number 51
[ 1631.397186][   T37] audit: type=1326 audit(1630.744:1601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6207 comm="syz.8.14530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe929af749 code=0x7ffc0000
[ 1631.402047][   T37] audit: type=1326 audit(1630.754:1602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6207 comm="syz.8.14530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe929af749 code=0x7ffc0000
[ 1631.466040][   T37] audit: type=1326 audit(1630.814:1603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6207 comm="syz.8.14530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe929af749 code=0x7ffc0000
[ 1631.466100][   T37] audit: type=1326 audit(1630.814:1604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6207 comm="syz.8.14530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe929af749 code=0x7ffc0000
[ 1631.472076][   T37] audit: type=1326 audit(1630.814:1605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6207 comm="syz.8.14530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7efe929af749 code=0x7ffc0000
[ 1631.472143][   T37] audit: type=1326 audit(1630.824:1606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6207 comm="syz.8.14530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe929af749 code=0x7ffc0000
[ 1631.472198][   T37] audit: type=1326 audit(1630.824:1607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6207 comm="syz.8.14530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe929af749 code=0x7ffc0000
[ 1631.473538][   T37] audit: type=1326 audit(1630.824:1608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6207 comm="syz.8.14530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe929af749 code=0x7ffc0000
[ 1631.473601][   T37] audit: type=1326 audit(1630.824:1609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6207 comm="syz.8.14530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efe929af749 code=0x7ffc0000
[ 1631.475881][   T37] audit: type=1326 audit(1630.824:1610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6207 comm="syz.8.14530" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7efe929af749 code=0x7ffc0000
[ 1632.255714][ T5874] hid-generic FFFF:0007:0000.0036: unknown main item tag 0x0
[ 1632.255757][ T5874] hid-generic FFFF:0007:0000.0036: unknown main item tag 0x0
[ 1632.255788][ T5874] hid-generic FFFF:0007:0000.0036: unknown main item tag 0x0
[ 1632.255818][ T5874] hid-generic FFFF:0007:0000.0036: unknown main item tag 0x0
[ 1632.255848][ T5874] hid-generic FFFF:0007:0000.0036: unknown main item tag 0x0
[ 1632.255878][ T5874] hid-generic FFFF:0007:0000.0036: unknown main item tag 0x0
[ 1632.255907][ T5874] hid-generic FFFF:0007:0000.0036: unknown main item tag 0x0
[ 1632.255937][ T5874] hid-generic FFFF:0007:0000.0036: unknown main item tag 0x0
[ 1632.255967][ T5874] hid-generic FFFF:0007:0000.0036: unknown main item tag 0x0
[ 1632.255997][ T5874] hid-generic FFFF:0007:0000.0036: unknown main item tag 0x0
[ 1632.365475][ T5874] hid-generic FFFF:0007:0000.0036: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[ 1632.868737][ T6270] mac80211_hwsim hwsim41 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1632.911816][ T6277] netlink: 'syz.7.14562': attribute type 2 has an invalid length.
[ 1634.371565][T27338] usb 9-1: new high-speed USB device number 23 using dummy_hcd
[ 1634.503496][ T6350] netlink: 36 bytes leftover after parsing attributes in process `syz.7.14596'.
[ 1634.541851][T27338] usb 9-1: Using ep0 maxpacket: 8
[ 1634.545917][T27338] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1634.545951][T27338] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1634.545978][T27338] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1634.546004][T27338] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1634.546050][T27338] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1634.546076][T27338] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1634.792705][T27338] usb 9-1: usb_control_msg returned -32
[ 1634.792757][T27338] usbtmc 9-1:16.0: can't read capabilities
[ 1634.849938][T27338] usb 9-1: USB disconnect, device number 23
[ 1635.606724][   T50] wlan1: Trigger new scan to find an IBSS to join
[ 1636.405924][ T6437] bond0: option primary: mode dependency failed, not supported in mode balance-rr(0)
[ 1638.562478][   T50] wlan1: Trigger new scan to find an IBSS to join
[ 1638.675135][ T6539] overlayfs: failed to clone lowerpath
[ 1638.751983][   T10] usb 9-1: new high-speed USB device number 24 using dummy_hcd
[ 1638.911637][   T10] usb 9-1: Using ep0 maxpacket: 8
[ 1638.914027][   T10] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1638.914059][   T10] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1638.914086][   T10] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[ 1638.914115][   T10] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1638.914141][   T10] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1638.914187][   T10] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1638.914233][   T10] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1639.197022][   T10] usb 9-1: GET_CAPABILITIES returned 0
[ 1639.197076][   T10] usbtmc 9-1:16.0: can't read capabilities
[ 1639.369888][ T6567] program syz.0.14697 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1639.404170][ T5917] usb 9-1: USB disconnect, device number 24
[ 1639.687322][ T6580] netlink: 148 bytes leftover after parsing attributes in process `syz.7.14704'.
[ 1640.593861][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1640.664412][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1640.962138][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1641.159891][ T6628] netlink: 8 bytes leftover after parsing attributes in process `syz.0.14726'.
[ 1641.521883][ T3558] wlan1: Trigger new scan to find an IBSS to join
[ 1641.631635][ T6648] netlink: 68 bytes leftover after parsing attributes in process `syz.0.14733'.
[ 1641.839923][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1642.236651][ T6676] openvswitch: netlink: nsh attr 0 has unexpected len 29281 expected 0
[ 1642.236696][ T6676] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1642.253833][   T37] kauditd_printk_skb: 10 callbacks suppressed
[ 1642.253858][   T37] audit: type=1326 audit(1641.604:1621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=6672 comm="syz.7.14748" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f4019ebf749 code=0x0
[ 1642.500438][T14035] wlan1: Creating new IBSS network, BSSID 2e:aa:7c:ba:b5:28
[ 1642.717021][ T6694] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1642.957686][ T6705] netlink: 280 bytes leftover after parsing attributes in process `syz.8.14763'.
[ 1644.003761][ T6758] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1644.306496][ T6774] netlink: 'syz.3.14796': attribute type 3 has an invalid length.
[ 1644.306524][ T6774] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14796'.
[ 1644.641786][T27338] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[ 1644.791541][T27338] usb 1-1: Using ep0 maxpacket: 16
[ 1644.793898][T27338] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 1644.793934][T27338] usb 1-1: config 0 has no interface number 0
[ 1644.793985][T27338] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1644.794015][T27338] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1644.794055][T27338] usb 1-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[ 1644.794080][T27338] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1644.864006][T27338] usb 1-1: config 0 descriptor??
[ 1645.515644][T27338] input: HID 28bd:0071 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.1/0003:28BD:0071.0037/input/input75
[ 1645.587269][T27338] input: HID 28bd:0071 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.1/0003:28BD:0071.0037/input/input76
[ 1645.604560][T27338] uclogic 0003:28BD:0071.0037: input,hidraw0: USB HID v0.02 Keypad [HID 28bd:0071] on usb-dummy_hcd.0-1/input1
[ 1645.716620][T27338] usb 1-1: USB disconnect, device number 39
[ 1645.746702][ T6836] netlink: 92 bytes leftover after parsing attributes in process `syz.8.14827'.
[ 1646.308312][ T6853] netlink: 24 bytes leftover after parsing attributes in process `syz.8.14834'.
[ 1646.945845][ T6879] ptrace attach of "./syz-executor exec"[26763] was attempted by ""[6879]
[ 1647.464250][T28293] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[ 1647.464856][ T6909] netlink: 204 bytes leftover after parsing attributes in process `syz.3.14862'.
[ 1647.613659][T28293] usb 1-1: Using ep0 maxpacket: 8
[ 1647.624602][T28293] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1647.624641][T28293] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1647.624666][T28293] usb 1-1: Product: syz
[ 1647.624684][T28293] usb 1-1: Manufacturer: syz
[ 1647.624702][T28293] usb 1-1: SerialNumber: syz
[ 1647.638819][T28293] usb 1-1: config 0 descriptor??
[ 1647.660884][T28293] gspca_main: se401-2.14.0 probing 047d:5003
[ 1648.056275][T28293] gspca_se401: ExtraFeatures: 18
[ 1648.285000][T28293] input: se401 as /devices/platform/dummy_hcd.0/usb1/1-1/input/input77
[ 1648.301987][T28293] usb 1-1: USB disconnect, device number 40
[ 1649.112152][ T6956] mac80211_hwsim hwsim22 wlan1: (WE) : Wireless Event (cmd=0x8B1A) too big (33)
[ 1650.531239][ T6974] Falling back ldisc for ttyS3.
[ 1650.909288][ T6994] netlink: 16390 bytes leftover after parsing attributes in process `syz.0.14900'.
[ 1651.622080][   T50] wlan1: Trigger new scan to find an IBSS to join
[ 1652.357586][T17585] Bluetooth: hci4: unexpected event for opcode 0x202f
[ 1652.981544][ T5917] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[ 1653.179479][ T5917] usb 4-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[ 1653.179511][ T5917] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1653.179533][ T5917] usb 4-1: Product: syz
[ 1653.179547][ T5917] usb 4-1: Manufacturer: syz
[ 1653.179563][ T5917] usb 4-1: SerialNumber: syz
[ 1653.236314][ T5917] usb 4-1: config 0 descriptor??
[ 1653.258876][ T7074] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1653.468833][ T5917] usb-storage 4-1:0.0: USB Mass Storage device detected
[ 1653.730102][T28223] usb 4-1: USB disconnect, device number 52
[ 1653.900634][ T7074] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1654.057190][ T7119] netlink: 'syz.0.14960': attribute type 9 has an invalid length.
[ 1654.570922][ T1499] wlan1: Trigger new scan to find an IBSS to join
[ 1654.628819][ T7074] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1655.321104][ T7074] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1655.874073][ T1499] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1656.079746][   T50] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1656.152803][ T7174] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1656.193298][T14035] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1656.246606][T14035] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1656.388431][ T7181] dvmrp1: tun_chr_ioctl cmd 1074025673
[ 1657.403002][ T7234] netlink: 12 bytes leftover after parsing attributes in process `syz.0.15010'.
[ 1657.601803][T14035] wlan1: Trigger new scan to find an IBSS to join
[ 1658.525805][T14035] wlan1: Creating new IBSS network, BSSID 9a:eb:17:e3:70:5f
[ 1658.703649][ T7305] fuse: Bad value for 'user_id'
[ 1658.703670][ T7305] fuse: Bad value for 'user_id'
[ 1660.041593][   T31] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[ 1660.194631][   T31] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1660.194663][   T31] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1660.194988][ T7378] netlink: 220 bytes leftover after parsing attributes in process `syz.3.15082'.
[ 1660.218134][   T31] usb 1-1: config 0 descriptor??
[ 1660.229699][   T31] cp210x 1-1:0.0: cp210x converter detected
[ 1660.403625][ T7384] tap0: tun_chr_ioctl cmd 1074025677
[ 1660.403874][ T7384] tap0: linktype set to 805
[ 1660.635096][   T31] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -32
[ 1660.663185][   T31] usb 1-1: cp210x converter now attached to ttyUSB0
[ 1660.751746][ T7396] bond0: entered promiscuous mode
[ 1660.751772][ T7396] bond_slave_0: entered promiscuous mode
[ 1660.752422][ T7396] 
@0�: entered promiscuous mode
[ 1660.755489][ T7396] dummy0: entered promiscuous mode
[ 1660.766632][ T7396] hsr1: entered promiscuous mode
[ 1660.766736][ T7396] hsr1: entered allmulticast mode
[ 1660.766753][ T7396] bond0: entered allmulticast mode
[ 1660.766771][ T7396] bond_slave_0: entered allmulticast mode
[ 1660.766793][ T7396] 
@0�: entered allmulticast mode
[ 1660.767013][ T7396] dummy0: entered allmulticast mode
[ 1660.849065][   T31] usb 1-1: USB disconnect, device number 41
[ 1660.883798][   T31] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1661.000728][ T7404] netlink: 452 bytes leftover after parsing attributes in process `syz.3.15094'.
[ 1661.002795][   T31] cp210x 1-1:0.0: device disconnected
[ 1661.929448][ T7453] netlink: 44 bytes leftover after parsing attributes in process `syz.3.15118'.
[ 1662.144453][ T7463] vcan0: tx drop: invalid da for name 0x00000000000000f5
[ 1662.176932][T17585] Bluetooth: hci4: unexpected event for opcode 0x0c5a
[ 1662.685206][ T5917] kernel read not supported for file /bluetooth/6lowpan_control (pid: 5917 comm: kworker/1:7)
[ 1663.981723][T28293] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[ 1664.134011][T28293] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[ 1664.134048][T28293] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[ 1664.134076][T28293] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[ 1664.137212][T28293] usb 1-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[ 1664.137244][T28293] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1664.137266][T28293] usb 1-1: Product: syz
[ 1664.137283][T28293] usb 1-1: Manufacturer: syz
[ 1664.137299][T28293] usb 1-1: SerialNumber: syz
[ 1664.141935][ T5874] usb 9-1: new high-speed USB device number 25 using dummy_hcd
[ 1664.216812][T28293] usb 1-1: config 0 descriptor??
[ 1664.218307][ T7541] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1664.218520][ T7541] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1664.244301][T28293] usb 1-1: ucan: probing device on interface #0
[ 1664.328533][ T5874] usb 9-1: Using ep0 maxpacket: 8
[ 1664.337044][ T5874] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1664.337173][ T5874] usb 9-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 16
[ 1664.375627][ T5874] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1664.375726][ T5874] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1664.375750][ T5874] usb 9-1: Product: syz
[ 1664.375767][ T5874] usb 9-1: Manufacturer: syz
[ 1664.375782][ T5874] usb 9-1: SerialNumber: syz
[ 1664.622350][ T7564] netlink: 8 bytes leftover after parsing attributes in process `syz.7.15170'.
[ 1664.698729][ T5874] cdc_ncm 9-1:1.0: bind() failure
[ 1664.735844][ T5874] cdc_ncm 9-1:1.1: CDC Union missing and no IAD found
[ 1664.735893][ T5874] cdc_ncm 9-1:1.1: bind() failure
[ 1664.785128][ T5874] usb 9-1: USB disconnect, device number 25
[ 1664.886689][T28293] ucan 1-1:0.0: probe with driver ucan failed with error -22
[ 1664.920895][ T7572] dvmrp1: tun_chr_ioctl cmd 1074025677
[ 1664.921098][ T7572] dvmrp1: linktype set to 804
[ 1665.097448][ T5917] usb 1-1: USB disconnect, device number 42
[ 1666.161563][ T5874] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[ 1666.314670][ T5874] usb 4-1: config 0 has an invalid interface number: 117 but max is 0
[ 1666.314702][ T5874] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1666.314724][ T5874] usb 4-1: config 0 has no interface number 0
[ 1666.314777][ T5874] usb 4-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[ 1666.314803][ T5874] usb 4-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1666.345819][ T5874] usb 4-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[ 1666.345848][ T5874] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1666.345866][ T5874] usb 4-1: Product: syz
[ 1666.345878][ T5874] usb 4-1: Manufacturer: syz
[ 1666.345891][ T5874] usb 4-1: SerialNumber: syz
[ 1666.413036][ T5874] usb 4-1: config 0 descriptor??
[ 1667.102010][ T5874] usb 4-1: USB disconnect, device number 53
[ 1667.402629][T17585] Bluetooth: hci3: link tx timeout
[ 1667.407679][T17585] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1667.412966][T17585] Bluetooth: hci3: link tx timeout
[ 1667.412989][T17585] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[ 1669.325766][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1669.441713][T17585] Bluetooth: hci3: command 0x0405 tx timeout
[ 1669.605572][ T7759] netlink: 'syz.8.15257': attribute type 3 has an invalid length.
[ 1669.605595][ T7759] netlink: 8 bytes leftover after parsing attributes in process `syz.8.15257'.
[ 1670.017915][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1670.116971][ T7782] loop5: detected capacity change from 0 to 7
[ 1670.275865][ T7792] netlink: 4 bytes leftover after parsing attributes in process `syz.0.15274'.
[ 1670.511852][ T5874] usb 9-1: new high-speed USB device number 26 using dummy_hcd
[ 1670.665484][ T5874] usb 9-1: Using ep0 maxpacket: 16
[ 1670.675642][ T5874] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1670.675701][ T5874] usb 9-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1670.675725][ T5874] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1670.738624][ T5874] usb 9-1: config 0 descriptor??
[ 1670.889666][ T7782] Dev loop5: unable to read RDB block 7
[ 1670.889720][ T7782]  loop5: unable to read partition table
[ 1670.899529][ T7782] loop5: partition table beyond EOD, truncated
[ 1670.899558][ T7782] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1670.927013][    C1] invalid error, dev loop5, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 1 prio class 2
[ 1670.927060][    C1] buffer_io_error: 5 callbacks suppressed
[ 1670.927076][    C1] Buffer I/O error on dev loop5, logical block 0, lost async page write
[ 1671.192836][ T5874] mcp2221 0003:04D8:00DD.0038: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.8-1/input0
[ 1671.594709][ T5917] usb 9-1: USB disconnect, device number 26
[ 1672.529847][T14035] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1672.647331][ T7854] netlink: 16402 bytes leftover after parsing attributes in process `syz.8.15304'.
[ 1672.957081][ T7862] netlink: 8 bytes leftover after parsing attributes in process `syz.8.15307'.
[ 1672.957110][ T7862] netlink: 4 bytes leftover after parsing attributes in process `syz.8.15307'.
[ 1672.957139][ T7862] netlink: 'syz.8.15307': attribute type 6 has an invalid length.
[ 1673.297404][ T7868] netlink: 277 bytes leftover after parsing attributes in process `syz.7.15310'.
[ 1673.380612][ T7870] tap0: tun_chr_ioctl cmd 1074025677
[ 1673.380870][ T7870] tap0: linktype set to 23
[ 1674.651217][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[ 1674.651330][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[ 1688.096197][T17585] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1688.142026][T17585] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1688.146212][T17585] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1688.148151][T17585] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1688.149314][T17585] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1689.824789][T17585] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[ 1689.858768][T17585] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[ 1689.860725][T17585] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[ 1689.872701][T17585] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[ 1689.873590][T17585] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[ 1690.241982][ T5121] Bluetooth: hci5: command tx timeout
[ 1690.323942][T17585] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[ 1690.354000][T17585] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[ 1690.355995][T17585] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[ 1690.357267][T17585] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[ 1690.358383][T17585] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[ 1690.643035][T17573] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1690.829738][T17585] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[ 1690.863146][T17585] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[ 1690.865039][T17585] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[ 1690.866469][T17585] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[ 1690.867398][T17585] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1692.001569][T17585] Bluetooth: hci6: command tx timeout
[ 1692.321594][T17585] Bluetooth: hci5: command tx timeout
[ 1692.481677][T17585] Bluetooth: hci7: command tx timeout
[ 1692.962163][T17585] Bluetooth: hci8: command tx timeout
[ 1694.081855][T17585] Bluetooth: hci6: command tx timeout
[ 1694.406978][T17585] Bluetooth: hci5: command tx timeout
[ 1694.561688][T17585] Bluetooth: hci7: command tx timeout
[ 1695.041771][T17585] Bluetooth: hci8: command tx timeout
[ 1696.161572][T17585] Bluetooth: hci6: command tx timeout
[ 1696.481596][T17585] Bluetooth: hci5: command tx timeout
[ 1696.651536][T17585] Bluetooth: hci7: command tx timeout
[ 1697.121708][T17585] Bluetooth: hci8: command tx timeout
[ 1698.241538][T17585] Bluetooth: hci6: command tx timeout
[ 1698.721571][T17585] Bluetooth: hci7: command tx timeout
[ 1699.201714][T17585] Bluetooth: hci8: command tx timeout
[ 1736.087281][ T1319] ieee802154 phy0 wpan0: encryption failed: -22
[ 1736.087390][ T1319] ieee802154 phy1 wpan1: encryption failed: -22
[ 1748.229096][ T5121] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[ 1748.274741][ T5121] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[ 1748.291130][ T5121] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[ 1748.301331][ T5121] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[ 1748.302854][ T5121] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[ 1749.863512][ T5121] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[ 1749.890445][ T5121] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[ 1749.901774][ T5121] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[ 1749.904947][ T5121] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[ 1749.905842][ T5121] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[ 1750.064616][ T5121] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[ 1750.097405][ T5121] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[ 1750.099349][ T5121] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[ 1750.100788][ T5121] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[ 1750.125536][ T5121] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[ 1750.323223][T17585] Bluetooth: hci9: command tx timeout
[ 1750.440039][ T5121] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[ 1750.467877][ T5121] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[ 1750.469794][ T5121] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[ 1750.471314][ T5121] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[ 1750.494975][ T5121] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[ 1752.003294][T17585] Bluetooth: hci10: command tx timeout
[ 1752.241831][T17585] Bluetooth: hci11: command tx timeout
[ 1752.401693][T17585] Bluetooth: hci9: command tx timeout
[ 1752.561810][T17585] Bluetooth: hci12: command tx timeout
[ 1754.083185][T17585] Bluetooth: hci10: command tx timeout
[ 1754.321660][T17585] Bluetooth: hci11: command tx timeout
[ 1754.481574][T17585] Bluetooth: hci9: command tx timeout
[ 1754.641816][T17585] Bluetooth: hci12: command tx timeout
[ 1756.163012][T17585] Bluetooth: hci10: command tx timeout
[ 1756.401806][T17585] Bluetooth: hci11: command tx timeout
[ 1756.561764][T17585] Bluetooth: hci9: command tx timeout
[ 1756.721606][T17585] Bluetooth: hci12: command tx timeout
[ 1758.242963][T17585] Bluetooth: hci10: command tx timeout
[ 1758.482007][T17585] Bluetooth: hci11: command tx timeout
[ 1758.801611][T17585] Bluetooth: hci12: command tx timeout
[ 1777.181388][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 1777.181414][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P16
[ 1777.181445][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=186125, q=20193 ncpus=2)
[ 1777.181468][    C0] task:ktimers/0       state:R  running task     stack:20824 pid:16    tgid:16    ppid:2      task_flags:0x4208040 flags:0x00080000
[ 1777.181542][    C0] Call Trace:
[ 1777.181556][    C0]  <IRQ>
[ 1777.181568][    C0]  sched_show_task+0x49d/0x630
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1777.181633][    C0]  ? __pfx_sched_show_task+0x10/0x10
[ 1777.181655][    C0]  ? rcu_dump_cpu_stacks+0x79/0x4e0
[ 1777.181708][    C0]  ? wq_watchdog_touch+0xef/0x180
[ 1777.181735][    C0]  print_other_cpu_stall+0xf78/0x1340
[ 1777.181779][    C0]  ? __pfx_print_other_cpu_stall+0x10/0x10
[ 1777.181833][    C0]  rcu_sched_clock_irq+0xa47/0x11b0
[ 1777.181849][    C0]  ? do_raw_spin_unlock+0x122/0x240
[ 1777.181873][    C0]  ? __pfx_rcu_sched_clock_irq+0x10/0x10
[ 1777.181897][    C0]  update_process_times+0x235/0x2d0
[ 1777.181921][    C0]  tick_nohz_handler+0x39a/0x520
[ 1777.181948][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[ 1777.181966][    C0]  __hrtimer_run_queues+0x506/0xd40
[ 1777.182005][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1777.182028][    C0]  ? read_tsc+0x9/0x20
[ 1777.182052][    C0]  hrtimer_interrupt+0x45d/0xa90
[ 1777.182102][    C0]  __sysvec_apic_timer_interrupt+0x10b/0x410
[ 1777.182131][    C0]  sysvec_apic_timer_interrupt+0xa1/0xc0
[ 1777.182209][    C0]  </IRQ>
[ 1777.182215][    C0]  <TASK>
[ 1777.182222][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1777.182242][    C0] RIP: 0010:check_preemption_disabled+0x35/0x120
[ 1777.182259][    C0] Code: 48 8b 05 ce e4 e1 06 48 89 44 24 08 65 8b 05 d6 e4 e1 06 65 8b 0d cb e4 e1 06 f7 c1 ff ff ff 7f 74 23 65 48 8b 0d ab e4 e1 06 <48> 3b 4c 24 08 0f 85 cc 00 00 00 48 83 c4 10 5b 41 5e 41 5f 5d e9
[ 1777.182279][    C0] RSP: 0018:ffffc90000157948 EFLAGS: 00000202
[ 1777.182293][    C0] RAX: 0000000000000000 RBX: ffff88803765d4c0 RCX: 5fa81369ce852200
[ 1777.182304][    C0] RDX: 0000000000000100 RSI: ffffffff8b3ddfc0 RDI: ffffffff8b3ddf80
[ 1777.182315][    C0] RBP: ffffc90000157ae8 R08: 0000000000000000 R09: 0000000000000100
[ 1777.182326][    C0] R10: dffffc0000000000 R11: fffffbfff1dac84f R12: ffff8880b8828280
[ 1777.182338][    C0] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff88ddd9e0
[ 1777.182348][    C0]  ? __pfx_advance_sched+0x10/0x10
[ 1777.182422][    C0]  ? __pfx_advance_sched+0x10/0x10
[ 1777.182439][    C0]  rcu_is_watching+0x15/0xb0
[ 1777.182454][    C0]  ? __pfx_advance_sched+0x10/0x10
[ 1777.182471][    C0]  __hrtimer_run_queues+0x49c/0xd40
[ 1777.182510][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1777.182533][    C0]  ? ktime_get_update_offsets_now+0x3b2/0x3d0
[ 1777.182561][    C0]  hrtimer_run_softirq+0x1a3/0x2e0
[ 1777.182580][    C0]  handle_softirqs+0x22f/0x710
[ 1777.182608][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1777.182636][    C0]  run_ktimerd+0xcf/0x190
[ 1777.182658][    C0]  ? __pfx_run_ktimerd+0x10/0x10
[ 1777.182677][    C0]  ? schedule+0x91/0x360
[ 1777.182721][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[ 1777.182741][    C0]  smpboot_thread_fn+0x542/0xa60
[ 1777.182762][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[ 1777.182789][    C0]  kthread+0x711/0x8a0
[ 1777.182815][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1777.182835][    C0]  ? __pfx_kthread+0x10/0x10
[ 1777.182857][    C0]  ? rt_spin_unlock+0x150/0x200
[ 1777.182880][    C0]  ? rt_spin_unlock+0x161/0x200
[ 1777.182897][    C0]  ? __pfx_kthread+0x10/0x10
[ 1777.182922][    C0]  ret_from_fork+0x4bc/0x870
[ 1777.182942][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1777.182967][    C0]  ? __switch_to_asm+0x39/0x70
[ 1777.182984][    C0]  ? __switch_to_asm+0x33/0x70
[ 1777.182998][    C0]  ? __pfx_kthread+0x10/0x10
[ 1777.183022][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1777.183052][    C0]  </TASK>
[ 1777.183058][    C0] rcu: rcu_preempt kthread timer wakeup didn't happen for 10501 jiffies! g186125 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402
[ 1777.183076][    C0] rcu: 	Possible timer handling issue on cpu=0 timer-softirq=107584
[ 1777.183085][    C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g186125 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x402 ->cpu=0
[ 1777.183102][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 1777.183110][    C0] rcu: RCU grace-period kthread stack dump:
[ 1777.183116][    C0] task:rcu_preempt     state:I stack:26384 pid:18    tgid:18    ppid:2      task_flags:0x208040 flags:0x00080000
[ 1777.183163][    C0] Call Trace:
[ 1777.183169][    C0]  <TASK>
[ 1777.183178][    C0]  __schedule+0x16f3/0x4c20
[ 1777.183206][    C0]  ? do_raw_spin_unlock+0x122/0x240
[ 1777.183234][    C0]  ? __lock_acquire+0xab9/0xd20
[ 1777.183256][    C0]  ? __pfx___schedule+0x10/0x10
[ 1777.183296][    C0]  ? schedule+0x91/0x360
[ 1777.183320][    C0]  schedule+0x165/0x360
[ 1777.183343][    C0]  schedule_timeout+0x12b/0x270
[ 1777.183384][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[ 1777.183406][    C0]  ? __pfx_process_timeout+0x10/0x10
[ 1777.183427][    C0]  ? prepare_to_swait_event+0x341/0x380
[ 1777.183452][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[ 1777.183482][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[ 1777.183504][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1777.183527][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[ 1777.183548][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[ 1777.183575][    C0]  ? finish_swait+0xcd/0x1f0
[ 1777.183597][    C0]  rcu_gp_kthread+0x99/0x390
[ 1777.183621][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1777.183643][    C0]  ? __kthread_parkme+0x7b/0x200
[ 1777.183665][    C0]  ? __kthread_parkme+0x1a1/0x200
[ 1777.183691][    C0]  kthread+0x711/0x8a0
[ 1777.183716][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[ 1777.183738][    C0]  ? __pfx_kthread+0x10/0x10
[ 1777.183759][    C0]  ? rt_spin_unlock+0x150/0x200
[ 1777.183781][    C0]  ? rt_spin_unlock+0x161/0x200
[ 1777.183798][    C0]  ? __pfx_kthread+0x10/0x10
[ 1777.183823][    C0]  ret_from_fork+0x4bc/0x870
[ 1777.183844][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1777.183868][    C0]  ? __switch_to_asm+0x39/0x70
[ 1777.183883][    C0]  ? __switch_to_asm+0x33/0x70
[ 1777.183897][    C0]  ? __pfx_kthread+0x10/0x10
[ 1777.183922][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1777.183951][    C0]  </TASK>
[ 1777.183957][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 1777.183979][    C0] CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[ 1777.184005][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1777.184018][    C0] RIP: 0010:check_preemption_disabled+0x35/0x120
[ 1777.184040][    C0] Code: 48 8b 05 ce e4 e1 06 48 89 44 24 08 65 8b 05 d6 e4 e1 06 65 8b 0d cb e4 e1 06 f7 c1 ff ff ff 7f 74 23 65 48 8b 0d ab e4 e1 06 <48> 3b 4c 24 08 0f 85 cc 00 00 00 48 83 c4 10 5b 41 5e 41 5f 5d e9
[ 1777.184059][    C0] RSP: 0018:ffffc90000157948 EFLAGS: 00000202
[ 1777.184077][    C0] RAX: 0000000000000000 RBX: ffff88803765d4c0 RCX: 5fa81369ce852200
[ 1777.184093][    C0] RDX: 0000000000000100 RSI: ffffffff8b3ddfc0 RDI: ffffffff8b3ddf80
[ 1777.184109][    C0] RBP: ffffc90000157ae8 R08: 0000000000000000 R09: 0000000000000100
[ 1777.184125][    C0] R10: dffffc0000000000 R11: fffffbfff1dac84f R12: ffff8880b8828280
[ 1777.184142][    C0] R13: 0000000000000000 R14: 0000000000000001 R15: ffffffff88ddd9e0
[ 1777.184157][    C0] FS:  0000000000000000(0000) GS:ffff888126df6000(0000) knlGS:0000000000000000
[ 1777.184176][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1777.184192][    C0] CR2: 00007f2e32ad4005 CR3: 000000001c6f6000 CR4: 00000000003526f0
[ 1777.184211][    C0] Call Trace:
[ 1777.184217][    C0]  <TASK>
[ 1777.184225][    C0]  ? __pfx_advance_sched+0x10/0x10
[ 1777.184242][    C0]  rcu_is_watching+0x15/0xb0
[ 1777.184257][    C0]  ? __pfx_advance_sched+0x10/0x10
[ 1777.184278][    C0]  __hrtimer_run_queues+0x49c/0xd40
[ 1777.184337][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[ 1777.184359][    C0]  ? ktime_get_update_offsets_now+0x3b2/0x3d0
[ 1777.184387][    C0]  hrtimer_run_softirq+0x1a3/0x2e0
[ 1777.184405][    C0]  handle_softirqs+0x22f/0x710
[ 1777.184432][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[ 1777.184459][    C0]  run_ktimerd+0xcf/0x190
[ 1777.184480][    C0]  ? __pfx_run_ktimerd+0x10/0x10
[ 1777.184499][    C0]  ? schedule+0x91/0x360
[ 1777.184526][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[ 1777.184544][    C0]  smpboot_thread_fn+0x542/0xa60
[ 1777.184565][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[ 1777.184592][    C0]  kthread+0x711/0x8a0
[ 1777.184617][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[ 1777.184637][    C0]  ? __pfx_kthread+0x10/0x10
[ 1777.184657][    C0]  ? rt_spin_unlock+0x150/0x200
[ 1777.184679][    C0]  ? rt_spin_unlock+0x161/0x200
[ 1777.184696][    C0]  ? __pfx_kthread+0x10/0x10
[ 1777.184720][    C0]  ret_from_fork+0x4bc/0x870
[ 1777.184740][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[ 1777.184765][    C0]  ? __switch_to_asm+0x39/0x70
[ 1777.184779][    C0]  ? __switch_to_asm+0x33/0x70
[ 1777.184793][    C0]  ? __pfx_kthread+0x10/0x10
[ 1777.184817][    C0]  ret_from_fork_asm+0x1a/0x30
[ 1777.184846][    C0]  </TASK>
[ 1808.241748][ T5121] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[ 1808.441599][ T5121] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[ 1808.551859][ T5121] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[ 1808.611606][ T5121] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[ 1808.651640][ T5121] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2