last executing test programs:

19.386517708s ago: executing program 3 (id=2499):
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='uid_map\x00')
mount$binderfs(&(0x7f0000000000), &(0x7f0000000080)='./binderfs\x00', &(0x7f00000000c0), 0x10824, &(0x7f0000000340)={[{@max={'max', 0x3d, 0xfffffffffffffffc}}, {@stats}, {@stats}, {}, {@stats}, {@max={'max', 0x3d, 0x7}}, {@max={'max', 0x3d, 0x2}}]})
writev(r0, &(0x7f00000002c0)=[{&(0x7f0000000280)='0', 0x1}], 0x1)
openat$autofs(0xffffffffffffff9c, &(0x7f0000000240), 0x4000, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000eeb0f320b4040210c6cd010203010902120001008000000904"], 0x0)

18.627271746s ago: executing program 3 (id=2506):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000380)="0f20d835080000000f22d80f090f01cb66b8f0000f00d007bbc035040000000f22c0660f3a21fe809a00700000180166baf80cb8d1bed58def66bafc0cb04beeab0fc731", 0x44}], 0x1, 0x51, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000380)="0f20d835080000000f22d80f090f01cb66b8f0000f00d007bbc035040000000f22c0660f3a21fe809a00700000180166baf80cb8d1bed58def66bafc0cb04beeab0fc731", 0x44}], 0x1, 0x51, 0x0, 0x0)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000080)={0x0, &(0x7f0000000400)=[@code={0xa, 0x8b, {"6566420f132066baa000b000eeb9c7090000b800980000ba000000000f30f3426c65f30f09b907040000b852000000ba000000000f30f2400f5842a8c744240000200000c74424020a750000c7442406000000000f011424c744240006962cf1c744240205000000c7442406000000000f01142466b808018ed8"}}, @uexit={0x0, 0x18}, @rdmsr={0x32, 0x18, {0x98f}}, @cpuid={0x14, 0x18, {0x8f9d, 0x6}}, @in_dx={0x82, 0x20, {0xc110}}, @in_dx={0x82, 0x20, {0xc1c8, 0x3}}, @in_dx={0x82, 0x20, {0xee29, 0x4}}, @rdmsr={0x32, 0x18, {0x30b}}, @rdmsr={0x32, 0x0, {0xbed}}, @uexit={0x0, 0x18, 0x9}, @code={0xa, 0x68, {"0fc76bf866470f2ba800980000650f1c7e0e0f185bc4c744240035000000c744240200000000ff2c2466ba200066b8800066ef66ba4200ed0f20c035000000200f22c066baf80cb8a64c3e86ef66bafc0cecf080245729"}}, @in_dx={0x82, 0x20, {0x4ad6, 0x5}}, @wrmsr={0x1e, 0x0, {0x2b9, 0x5}}, @cpuid={0x14, 0x18, {0x7}}, @wr_crn={0x46, 0x20, {0x4, 0x10000000006}}, @out_dx={0xaa, 0x81, {0xcbe, 0x1}}, @rdmsr={0x32, 0x18, {0xa3d}}], 0x29b}) (async)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000080)={0x0, &(0x7f0000000400)=[@code={0xa, 0x8b, {"6566420f132066baa000b000eeb9c7090000b800980000ba000000000f30f3426c65f30f09b907040000b852000000ba000000000f30f2400f5842a8c744240000200000c74424020a750000c7442406000000000f011424c744240006962cf1c744240205000000c7442406000000000f01142466b808018ed8"}}, @uexit={0x0, 0x18}, @rdmsr={0x32, 0x18, {0x98f}}, @cpuid={0x14, 0x18, {0x8f9d, 0x6}}, @in_dx={0x82, 0x20, {0xc110}}, @in_dx={0x82, 0x20, {0xc1c8, 0x3}}, @in_dx={0x82, 0x20, {0xee29, 0x4}}, @rdmsr={0x32, 0x18, {0x30b}}, @rdmsr={0x32, 0x0, {0xbed}}, @uexit={0x0, 0x18, 0x9}, @code={0xa, 0x68, {"0fc76bf866470f2ba800980000650f1c7e0e0f185bc4c744240035000000c744240200000000ff2c2466ba200066b8800066ef66ba4200ed0f20c035000000200f22c066baf80cb8a64c3e86ef66bafc0cecf080245729"}}, @in_dx={0x82, 0x20, {0x4ad6, 0x5}}, @wrmsr={0x1e, 0x0, {0x2b9, 0x5}}, @cpuid={0x14, 0x18, {0x7}}, @wr_crn={0x46, 0x20, {0x4, 0x10000000006}}, @out_dx={0xaa, 0x81, {0xcbe, 0x1}}, @rdmsr={0x32, 0x18, {0xa3d}}], 0x29b})
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0, 0x24}], 0x1, 0x20, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(r1, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0, 0x24}], 0x1, 0x20, 0x0, 0x0)
setsockopt$MRT_INIT(r2, 0x0, 0xc8, &(0x7f0000000040), 0x4)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

18.054114403s ago: executing program 3 (id=2509):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000ac0)={'wpan0\x00', <r1=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_KEY(0xffffffffffffffff, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001340)={0x40, r0, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_SEC_KEY={0x24, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x20, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x40}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}]}]}]}, 0x40}}, 0x20008080)

17.524954261s ago: executing program 3 (id=2512):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="fc010000190001000000000000000000fc0200000000000000000000000000000000000000000000000000000000000000000003000000000a00000087000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000980ff000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000fdffffffffffffff0000000000000000000000030000000044010500ac1414bb000000000000000000000000000000003200000000000000ac14141d000000000000000000000000000000000200ff00000000000400000001000000fe800000000000000000000000000025000000003200000000000000ffffffff000000000000000000000000e2ff000000010000fcffffff0200000000000000ac1414aa000000000000000000000000000000003c00000002000000fe880000000000000000000000000101000000000103"], 0x1fc}}, 0x4004000)

17.448686998s ago: executing program 3 (id=2516):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000012c0)={0xe, 0xe, &(0x7f0000001440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000010200b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000030000001800000000000000000000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x9, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)

17.392867689s ago: executing program 3 (id=2517):
r0 = syz_open_dev$dri(0x0, 0x1ff, 0x101000)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0x200, 0x8, 0x40})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000280)={0x3, 0x0, 0x1, 0x0, 0xd, 0x1ff, 0x1}) (async)
r1 = fsopen(0x0, 0x0) (async)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = accept$packet(0xffffffffffffffff, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000540)=0x14)
getsockname$packet(r2, &(0x7f0000000580)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000005c0)=0x14)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0) (async, rerun: 64)
sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x1400200bce) (async, rerun: 64)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) (async, rerun: 32)
r3 = syz_open_dev$MSR(&(0x7f0000000380), 0x20000000002, 0x0) (rerun: 32)
read$msr(r3, &(0x7f0000002700)=""/102360, 0x18fd8) (async)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0) (async)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r4, 0xc01064c8, &(0x7f00000003c0)={0x1, 0x0, &(0x7f0000000400)=[0x0]}) (async)
pipe2(&(0x7f0000001040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x84000)
write$P9_RGETLOCK(r6, &(0x7f00000000c0)=ANY=[], 0xffffff6a) (async)
pipe2(&(0x7f0000000240)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x0)
tee(r5, r7, 0x6, 0x0) (async)
tee(r5, r7, 0x60000000000, 0x0) (async)
ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f0000000a40)={0x0, 0xfffffffffffffcd8, 0x0, 0x0, 0x100000, 0x5, 0xfffffff0, 0xf, {0x0, 0x3, 0xfff, 0x6, 0x4, 0xfffc, 0x55, 0xea8e, 0x1000, 0x200, 0x33, 0x7ff, 0x1, 0x8, "3a9f418fa48005a896fda0a346a2303715b0cc7745269abf80c4cfce2fb2012c"}})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000340)={&(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0, 0x0, 0x0], &(0x7f00000002c0)=[<r8=>0x0, 0x0], &(0x7f0000000300)=[0x0, 0x0], 0x6, 0x3, 0x2, 0x2})
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r0, 0xc01064ab, &(0x7f00000004c0)={0xd, 0x0, r8})
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x4, 0x9, 0x4)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0) (async)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x11c0, 0x0) (async)
mount$tmpfs(0x0, &(0x7f0000000000)='./file4\x00', &(0x7f0000000040), 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="83706feb33f8be00"]) (async)
getpid()
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)

13.710577144s ago: executing program 4 (id=2534):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
ftruncate(0xffffffffffffffff, 0x8800000)
socket$kcm(0x10, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x2, 0x13, &(0x7f0000000080)=ANY=[@ANYBLOB="18080000000400000000000000080003851000000600000018000000", @ANYRES32, @ANYBLOB="00000000000000006608000000090000180000000000000000000000000000009500000000000000360a020000000000180100382020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b50a000000000000850000000600000095"], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x1e}, 0x94)

13.482904351s ago: executing program 4 (id=2536):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000012c0)={&(0x7f0000001180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0xa, [@struct={0x8, 0x1, 0x0, 0x4, 0x1, 0x7, [{0x1, 0x3}]}]}, {0x0, [0x5f, 0x2e, 0x0, 0x2e, 0x2e, 0x2e, 0x5f, 0x2e]}}, &(0x7f0000001280)=""/3, 0x3a, 0x3, 0x1, 0x10}, 0x20)
r0 = syz_open_dev$dri(&(0x7f0000000040), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000180)={0x0, &(0x7f00000000c0)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
r2 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x1, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0x18, &(0x7f00000006c0)=ANY=[@ANYBLOB="180000000000000000000000ffffffff180800002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000400008500000004000000b7080000000000007baaf8ff00000000b5080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70500000800000085000000b300000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000280)={0x1b, 0x0, 0x0, 0x10000, 0x0, r2, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x3}, 0x50)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000240)={&(0x7f0000000100)=[0x0, 0x0, <r3=>0x0, 0x0, 0x0, 0x0], &(0x7f0000000140)=[0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000200)=[0x0], 0x6, 0x4, 0x4, 0x1})
ioctl$DRM_IOCTL_MODE_PAGE_FLIP(r0, 0xc01864b0, &(0x7f0000000080)={r1, r3, 0xa, 0x3e, 0x1000000000003})
r4 = syz_usb_connect(0x3, 0x2d, &(0x7f00000000c0)=ANY=[@ANYRES16=r1], 0x0)
r5 = syz_usb_connect$hid(0x2, 0x36, 0x0, 0x0)
syz_usb_control_io(r5, &(0x7f00000003c0)={0x2c, &(0x7f0000000140)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$rtl8150(r4, 0x0, 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)

12.686967472s ago: executing program 4 (id=2540):
bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="120000002400000008"], 0x48)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0xca02})
r1 = socket$netlink(0x10, 0x3, 0x0)
preadv(r0, &(0x7f0000001300)=[{&(0x7f00000000c0)=""/124, 0xe}], 0x3e8, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
r2 = syz_open_procfs(0x0, &(0x7f00000003c0)='fd/3\x00')
r3 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000400)=ANY=[@ANYBLOB="1201000000000040c41090ea00000000000109022400010000002009040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r3, 0x0, 0x0)
syz_usb_control_io(r3, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r3, 0x0, &(0x7f0000000500)={0x2c, 0x0, 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="2001d4"], 0x0})
syz_usb_control_io$hid(r3, 0x0, &(0x7f0000000540)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="20010e"], 0x0})
syz_usb_control_io(r3, 0x0, 0x0)
r4 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
syz_usb_control_io$uac1(r3, 0x0, &(0x7f0000000580)={0x44, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000000180)={0x0, 0x18, 0x4, &(0x7f0000000240)={0x97, "a52422ffd60775c221c4031d467d6648a97569b7d49cc4492d050600000000ff00"}})
fchdir(r2)
openat$cgroup_ro(r2, &(0x7f0000000040)='memory.numa_stat\x00', 0x0, 0x0)
r5 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r5, 0x50009404, &(0x7f00000004c0)={0x3, 0x0, 0x37})
syz_mount_image$msdos(&(0x7f0000000040), &(0x7f0000001200)='./file0\x00', 0x1000000, &(0x7f0000000180)=ANY=[@ANYBLOB="646f74732c6e66732c646f733178666c6f7070792c6e6f646f74732c6e66733d6e6f7374616c655f726f2c666c7573682c008eb4d920a22020bfdff5756435b12a0741fd1d465211f5e7b380a7ee206d42a73a617299a081afae08d58be01e67c53899fbbe703082609ea782556e161a2850300c071e10398738f9ee2d29a732e66c2cd256bd7cdd55b6ff8ce37a4300"/155], 0x1, 0x11ab, &(0x7f0000001280)="$eJzs209rI2UcB/Bf/2hramv9V20vPuhFL4PtwZOXIi1IA0rbCK0gTGmqITEJmRwS8VDw5snXIR69CeIb6LvwVgTZvfS0s2yztNvSPewu28Du53PJF74ZeB4GBp5hfqef//Zj86jIjvJ+TE5MxHQ3Ip2lSDEZUzFyHJ/8snn31529/a31anVjO6XN9d3Vz1JKCx/8/e3Pf3z4T3/umz8X/pqJk8XvTv9f+/dk6WT59N7uD40iNYrU7vRTng46nX5+0Kqnw0bRzFL6ulXPi3pqtIt670p/1Op0u8OUtw/nK91evShS3h6mZn2Y+p3U7w1T/n3eaKcsy9J8JXgWtd/PyrKMKMtX4tUoy7J8LSoxF6/HfCzEG7EYb8Zb8Xa8E+/GUrwX78fy+b/GvW4AAAAAAAAAAAAAAAAAAAB4sZj/BwAAAAAAAAAAAAAAAAAAgPEz/w8AAAAAAAAAAAAAAAAAAADjZ/4fAAAAAAAAAAAAAAAAAAAAxm9nb39rvVrd2E5pNuK/40FtUBv9jvrNL6sbn6Zzi5dX3RkMalMX/eqoT1f7mag87Ndu7Gfj449G/YPui6+q1/qVOHz+2wcAAICXQpYu3Hi+z7LH9aP0yPuBa+f36ViZvrVt8JSK4U/NvNWq9wRBEC7CuJ9M3IbLmz7ulQAAAAAAAAAAAPAkbuNzwnHvEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjPDhwLAAAAAAjzt06jYwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK4KAAD//7AGljE=")
timer_create(0x3, 0x0, &(0x7f0000001b40)=<r6=>0x0)
timer_create(0x1, 0x0, &(0x7f0000000000)=<r7=>0x0)
timer_settime(r7, 0x1, &(0x7f0000000880)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000240)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
timer_settime(r6, 0x0, &(0x7f0000000140)={{0x0, 0x3938700}}, 0x0)
rt_sigprocmask(0x0, &(0x7f00000000c0)={[0xfffffeffffffffff]}, 0x0, 0x8)
timer_settime(r7, 0x0, &(0x7f0000000040)={{0x77359400}}, 0x0)
rt_sigaction(0xe, &(0x7f00000000c0)={&(0x7f0000000180)="f30f1efc6645f10f0808c482adbcaf07000000c4e1fd5aa13c9c43713ef2400f1ed3c4c2e93be7f2262e669f8f88a4a2e100430f12957b2c0000653ed9fa", 0x80000004, 0x0, {[0x7ffc]}}, 0x0, 0x8, &(0x7f0000000200))
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)

8.657954699s ago: executing program 0 (id=2557):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c010000190001000000000000000000200100000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffbf0000000000000200000000000000000000000000000000010000000000000000000000000000400009000000000000000000000000000000000000000000000084000500ac1414aa0000000000000000000000000000000033000000000000007f0000010000000000000000000000000000000001030000000000000000000000000000ac1e0101000000000000000000000000000000003300000000000000fe800000000000000000000000a7d44b04bf7dc37e"], 0x13c}}, 0x0)

8.542868867s ago: executing program 0 (id=2558):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000c000000000000000fe41d0744bf7d5d2cf000000950000009fd49e14435168203b"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="b6f307917d3b7748922142f252fa", 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xc, &(0x7f0000000d40)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007b000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x1)
ioctl$KVM_GET_MSRS_cpu(r5, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xc001001b, 0x0, 0x4}]})
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r6 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r6, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r7 = dup3(r6, r2, 0x0)
r8 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r8, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a, 0x4})
ioctl$BINDER_WRITE_READ(r7, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
mmap$binder(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1, 0x11, r2, 0x8)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x50, 0x0, &(0x7f0000000540)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x60, 0x18, &(0x7f00000002c0)={@flat=@handle={0x73682a85, 0x1000, 0x1}, @fda={0x66646185, 0x4, 0x0, 0x1d}, @ptr={0x70742a85, 0x1, &(0x7f0000000640)=""/191, 0xbf, 0x2, 0x4}}, &(0x7f0000000100)={0x0, 0x18, 0x38}}}, @dead_binder_done], 0x0, 0x0, 0x0})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
r9 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000500)=ANY=[@ANYRESDEC=r1], 0x0)
syz_usb_control_io$hid(r9, 0x0, 0x0)
syz_usb_control_io$hid(r9, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="002208000000a20100c3"], 0x0}, 0x0)
r10 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
r11 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_S_FMT(r11, 0xc0d05605, &(0x7f00000001c0)={0xc, @sdr={0x3234564e, 0x6}})
ioctl$HIDIOCGNAME(r10, 0x80404806, 0x0)

8.312686932s ago: executing program 4 (id=2559):
syz_open_dev$ptys(0xc, 0x3, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r1 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r1, &(0x7f00000006c0)=[{{&(0x7f0000000100)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}, 0xfffffffc}, 0x1c, 0x0}}, {{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000240)="aa", 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000300)="307ddfb9", 0x4}, {&(0x7f0000000340)="ced98c1a5f5a93258dfa9a8c31878af8d7be921a531da9e6c50efdba96722424d55ce610a4d9b534b3aa09618dfc04f5504e30a263ad3fedf0a7381a", 0x3c}], 0x2}}], 0x3, 0x2000c8c0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r2)
sendmsg$NLBL_CIPSOV4_C_ADD(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)=ANY=[@ANYBLOB="d0000000", @ANYRES16=r3, @ANYBLOB="010000000000000000000100000008000100000000000400048008000c8004000b800800020001000000a00008801c0007800837d73ec300000008000600000000000800050000000000240007800800050000230000"], 0xd0}}, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}]}, &(0x7f00000002c0)=0x10)
sendmsg$NBD_CMD_RECONFIGURE(r2, &(0x7f0000000380)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000140)={0x54, 0x0, 0x31, 0x70bd27, 0x25dfdbfe, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}, @NBD_ATTR_SERVER_FLAGS={0xc, 0x5, 0x3c}, @NBD_ATTR_SERVER_FLAGS={0xc}, @NBD_ATTR_CLIENT_FLAGS={0xc, 0x6, 0x1}]}, 0x54}, 0x1, 0x0, 0x0, 0x20004044}, 0x40000)
sendmmsg$inet6(r1, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000280)="93503d", 0x3}], 0x1}}], 0x1, 0x40)
recvmmsg(r0, &(0x7f00000046c0)=[{{0x0, 0x0, &(0x7f0000000800)=[{0x0}, {&(0x7f0000001280)=""/79, 0x4f}], 0x2}, 0xc8b}], 0x1, 0x120, 0x0)
syz_usb_connect(0x3, 0x36, &(0x7f0000000200)={{0x12, 0x1, 0x0, 0xac, 0x2d, 0x8c, 0x20, 0xc52, 0x2861, 0x137, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x89, 0x1, 0x2, 0x87, 0x70, 0x2a, 0x0, [], [{{0x9, 0x5, 0xc, 0x10, 0x20, 0x8, 0x4, 0x4}}, {{0x9, 0x5, 0x8, 0x1, 0x0, 0x8, 0x2, 0x7}}]}}]}}]}}, 0x0)

7.560830127s ago: executing program 4 (id=2562):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$LOOP_GET_STATUS64(0xffffffffffffffff, 0x4c05, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0xcc, &(0x7f0000000280)={@broadcast, @multicast1, 0x0, "7ea97ddb2ac127ffa5b7216fe75ebaa2855a422a8bf8ec7caf003751804500", 0x0, 0x0, 0x4, 0xfffffffe}, 0x3c)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0xcc, 0x0, 0x0)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0xcc, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000007000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)

5.414999967s ago: executing program 2 (id=2565):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f0000000240)={[{@dioread_nolock}]}, 0xfe, 0x249, &(0x7f0000000800)="$eJzs3T9oJFUcB/DvzO56JrfIqY0g/gER0UA4O8HmbBQO5DhEBBVORGyURIgJdomVjYXWKqlsgtgZLSVNsFEEq6gpYiNosDBYaLGyO4nEZDWaXXfizecDk5nJvDe/N+x8324zuwEa60KSS0laSWaSdJIUhxvcXS0X9ndXpzavJb3eEz8Vg3bVfuWg3/kkK0keSrJRFnmpnSytP7Pzy9Zj97252Ln3/fWnpyZ6kft2d7Yf33vvyhsfXX5w6YuvfrhS5FK6f7qu8SuG/K9dJLf8F8XOiKJd9wj4J66+9uHX/dzfmuSeQf47KVO9eG8t3LDRyQPv/lXft3/88vZJjhUYv16v038PXOkBjVMm6aYoZ5NU22U5O1t9hv+mNV2+PL/w6syL84tzL9Q9UwHj0k22H/3k3Mfnj+T/+1aVf+B/YPp03fr5f/Lq2rf97b3WmMcEnE13VKt+/meeW74/8g+NI//QXPIPzSX/0FzyD80l/9Bc8g/Xsc7fH5Z/aC75h+aSf2iuw/kHAJqld67uJ5CButQ9/wAAAAAAAAAAAAAAAAAAAMetTm1eO1gmVfOzd5LdR5K0h9VvDX6POLlx8Hf656Lf7A9F1W0kz9414glG9EHNT1/f9F299T+/s976y3PJyutJLrbbx++/Yv/+O72bTzjeeX7EAv9ScWT/4acmW/+o39bqrX95K/m0P/9cHDb/lLltsB4+/3RP/orlE73y64gnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYGJ+DwAA//8NTG1W")
truncate(0x0, 0x20fffffffc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
writev(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000940)=ANY=[@ANYBLOB="e80100000001050500000000000000000a0000003c0002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000060000010c00028005000100000000003c0001800c00028005000100000000002c00018014000300ff020d40f799000000000000000000011400040020010000000000000000000000000001080007400000000010000d800c000380060002004e210000080007400000000da800068004000380080002006401010124000380060001004e230000060001004e230000060001004e210000060002004e24000008000200e0000002340003ec060002004e230000060002004e240000060001004e200000060002004e200000060002004e230000060001004e200000340004000000000000000000000000000000000008000200ac1414aa140005000000000000000000000000000000000008000100e000000284000e801400018008000100ac141409080002000a0101010600034000000000060003400001000006000340000300000c00028005"], 0x1e8}}, 0x0)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
pipe(0x0)
write(0xffffffffffffffff, &(0x7f0000000340), 0x11000)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_setup(0x6a45, &(0x7f0000000500)={0x0, 0x86f7, 0x10100, 0x3}, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x6ce6, 0x0, 0x34, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0x2000084c, &(0x7f00000003c0)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESDEC=0x0, @ANYBLOB=',discard,\x00', @ANYBLOB="3a8d75a267b001234a1e919d26dfdd0d8b316510e9c9cf606c6db6505304ee2649c88f03f9ef98bcebc5d721a7081b3509e543147eec5a0fa6d6eb57eed4197249efe6fa10323b6cf959897b3f1908c82c14974d31b0d080f8c86c196c0ee8eb707a73d201bbe15a02a37118aa1d4aaa4d2484b05dbb73e44387f620f46a3a2e06436e6296b05bd07717accf667e0331c0f323a7529f6b471ec30340347d3f405257c8bad57ddef290ea1d376a20", @ANYRESOCT=0x0, @ANYRES8, @ANYRESDEC, @ANYBLOB="51060c4f1adb6e795b70e7edcdc5cd30e197bb9cceacee351e08a6e2ee4650101fb28229b16aecf828a55c8aa0efd840e40fef6612e7b389eb304c41e39360e1f5cb6f78bd7100bd30bbd42aa24b2dc9171d068e92ac848e", @ANYRES64, @ANYRESDEC], 0x81, 0x151a, &(0x7f0000002a80)="$eJzs3AuYjtX6MPB1r7UexjTpbZLDsO51P7xpsEyS5JCQQ5IkSZJTQtIkSUJiyClpSEKOk+QwhOQwjUnjfD7knDTZ0iRJSEiyvku7/2fvr713//3V9/m+Pffvuhbrnue97/d+3nuueZ/nva6Zb3qOqteifu1mRCT+EPjrfylCiBghxDAhxDVCiEAIUSm+Uvyl4wUUpPyxJ2F/rgfTr3QH7Eri+edtPP+8jeeft/H88zaef97G88/beP55G8+fsbxs+5xi1/LKu+sKf/7v4Y89K/tD+P3/P0hu+clfbCx/fa9/I4Xnn7fx/PM2nn/exvPP23j+eRvP/z9frX9xjOeft/H8GcvLrvTnz/8frZhfX7Ir3cefuq7wtx9jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsTzinL9MCyH+a3+l+2KMMcYYY4wxxtifx+e/0h0wxhhjjDHGGGPs/zwQUiihRSDyifwiRhQQseIqESeuFgXFNSIirhXx4jpRSFwvCosioqgoJhJEcVFCGIHCChKhKClKiai4QZQWN4pEUUaUFeWEE+VFkrhJVBA3i4riFlFJ3Coqi9tEFVFVVBPVxe2ihrhD1BS1RG1xp6gj6op6or64SzQQd4uG4h7RSNwrGov7RBNxv2gqHhDNxIOiuXhItBAPi5biEdFKtBZtRFvR7n8r/wXRV7wo+on+IkUMEAPFS2KQGCyGiKFimHhZDBeviBHiVZEqRopR4jUxWrwuxog3xFgxTowXb4oJYqKYJCaLKWKqSBNviWnibTFdvCNmiJlilpgt0sUcMVe8K+aJ+WKBeE8sFO+LRWKxWCKWigzxgcgUy0SW+FAsFx+JbLFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHbxsdghdopdYrfYI/aKfeITsV98Kg6Iz0SO+PzfzD/7v+T3AgECJEjQoCEf5IMYiIFYiIU4iIOCUBAiEIF4iIdCUAgKQ2EoCkUhARKgBJQABAQCgpJQEqIQhdJQGhIhEcpCWXDgIAmSoALcDBWhIlSCSlAZKkMVqApVoTpUhxpQA2pCTagNtaEO1IF6UA/ugrvgbmgIDaERNILG0BiaQBNoCk2hGTSD5tAcWkALaAktoRW0gjbQBtpBO2gP7aEDdIBO0Ak6Q2foAl0gGZKhK3SFbtANukN36AE9oCf0hF7QG3rDC/ACvAgvQn+oIwfAQBgIg2AQDIGhMBRehuHwCrwCr0IqjIRR8Bq8Bq/DGDgDY2EcjIfxUENOhEkwGUhOhTRIg2kwDabDdJgBM2EmzIZ0mANzYS7Mg/kwH96DhfD+ufdhMSyGpZABGZAJyyALsmA5nIVsWAErYRWshjWwGtbBelgHG2ETbIQtsAW2wTb4GD6GnbATdsNu2At74RP4BD6FTyEVciAHDsJBOASH4DAchlzIhSNwBI7CUTgGx+A4HIcTcBJOwUk4DafhDJyFc3AOzsN5uADPJXzVfG+ZDalCXqKllvlkPhkjY2SsjJVxMk4WlAVlREZkvIyXhWQhWVgWlkVlUZkgE2QJWUKiREkylCVlSRmVUVlalpaJMlGWlWWlk04mySRZQVaQFWVFWUneKivL22QVWVV2dNVldVlDdnI1ZS1ZW9aWdWRdWU/Wl/VlA9lANpQNZSPZSDaWjWUTeb9sKgfAEHhQXppMCzkSWspR0Eq2lm1kW/k6PCrbyzHQQXaUneTjchyMhS6yvUuWT8muchJ0k8/IyfCs7CGnQk/5vOwle8s+8gXZV3Zw/WR/OQMGyIFyNgySg+UQOVTOg7ry0sTqyVdlqhwpR8nX5FJ4XY6Rb8ixcpwcL9+UE+REOUlOllPkVJkm35LT5NtyunxHzpAz5Sw5W6bLOXKufFfOk/PlAvmeXCjfl4vkYrlELpUZ8gOZKZfJLPmhXC4/ktlyhVwpV8nVco1cK9fJ9XKD3Cg3yc1yi9wqt8nt8mO5Q+6Uu+RuuUfulfvkJ3K//FQekJ/JHPm5PCj/Ig/JL+Rh+aXMlV/JI/JreVR+I4/Jb+Vx+Z08IU/KU/J7eVr+IM/Is/Kc/FGelz/JC/JneVF6KRQoqZTSKlD5VH4VowqoWHWVilNXq4LqGhVR16p4dZ0qpK5XhVURVVQVUwmquCqhjEJlFalQlVSlVFTdoEqrG1WiKqPKqnLKqfIqSd2kKqibVUV1i6qkblWV1W2qiqqqqqnq6nZVQ92haqpaqra6U9VRdVU9VV/dpRqou1VDdY9qpO5VjdV9qom6XzVVD6hm6kHVXD2kWqiHVUv1iGqlWqs2qq1qpx5V7dVjqoPqqDqpx1Vn9YTqop5Uyeop1VU9rbqpZ1R39azqoZ5TPdXzqpfqrfqon9VF5VU/1V+lqAFqoHpJDVKD1RA1VA1TL6vh6hU1Qr2qUtVINUq9pkar19UY9YYaq8ap8epNNUFNVJPUZDVFTVVp6i01Tb2tpqt31Aw1U81Ss1W6mqOG/FppwX8j/+1/kD/il2ffprarj9UOtVPtUrvVHrVX7VP71H61Xx1QB1SOylEH1UF1SB1Sh9Vhlaty1RF1RB1VR9UxdUwdV8fVCXVS/ai+V6fVD+qMOqvOqh/VeXVeXfj1NRAatNRKax3ofDq/jtEFdKy+Ssfpq3VBfY2O6Gt1vL5OF9LX68K6iC6qi+kEXVyX0Eajtpp0qEvqUjqqb9Cl9Y06UZfRZXU57XR5naRv+sP5v9dfO91Ot9ftdQfdQXfSnXRn3Vl30V10sk7WXXVX3U130911d91D99A9dU/dS/fSfXQf3Vf31f10P52iU/RA/ZIepAfrIXqoHqZf1sP1cD1Cj9CpOlWP0qP0aD1aj9Fj9Fg9Vo/X4/UEPUFP0pP0FD1Fp+k0PU1P09P1dD1Dz9Cz9CydrtP1XD1Xz9Pz9AK9QC/UC/UivUgv0Ut0hs7QmTpTZ+ksvVwv19l6hV6hV+lVeo1eo9fpdXqD3qA36U16i96is/V2vV3v0Dv0Lr1L79F79D69T+/X+/UBfUDn6Bx9UB/Uh/QhfVgf1rk6Vx/RR/RRfVQf08f0cX1cn9An9Cl9Sp/Wp/UZfUaf0+f0eX1eX9AX9EV98dJlXyADGehAB/mCfEFMEBPEBrFBXBAXFAwKBpEgEsQH8UGh4PqgcFAkKBoUCxKC4kGJwAQY2ICCMCgZlAqiwQ1B6eDGIDEoE5QNygUuKB8kBTcFFYKbg4rBLUGl4NagcnBbUCWoGlQLqge3BzWCO4KaQa2gdnBnUCeoG9QL6gdVJ/71mvSeoFFwb9A4uC9oEtwfNA0eCJoFDwbNg4eCFsHDQcvgkaBV0DpoE7QN2v1b9e8KGgR3Bw2Df1bf+zNFHnP9TH+TYgaYgeYlM8gMNkPMUDPMvGyGm1fMCPOqSTUjzSjzmhltXjdjzBtmrBlnxps3zQQz0Uwyk80UM9WkmbfMNPO2mW7eMTPMTDPLzDbpZo6Za94188x8s8C8Zxaa980is9gsMUtNhvnAZJplJst8aJabj0y2WWFWmlVmtVlj1pp1Zr3ZYDaaTWaz2WK2mm1mu/nY7DA7zS6z2+wxe80+84nZbz41B8xnJsd8bg6av5hD5gtz2Hxpcs1X5oj52hw135hj5ltz3HxnTpiT5pT53pw2P5gz5qw5Z340581P5oL52Vw0/tLF/aW3d9SoMR/mwxiMwViMxTiMw4JYECMYwXiMx0JYCAtjYSyKRTEBE7AElsBLCAlLYkmMYhRLY2lMxEQsi2XRocMkTMIKWAErYkWshJWwMlbGKlgFq2E1vB1vxzvwDqyFtfBOvBPrYl2sj/WxATbAhtgQG2EjbIyNsQk2wabYFJthM2yOzbEFtsCW2BJbYStsg22wHbbD9tgeO2AH7ISdsDN2xi7YBZMxGbtiV+yG3bA7dsce2AN7Yk/shb2wD/bBvtgX+2E/TMEUHIgDcRAOwiE4BIfhMByOw3EEjsBUTMVROApH42gcg2NwLI7D8fgmTsCJOAkn4xScimmYhtNwGk7H6TgDZ+AsnIXpmI5zcS7Ow3m4ABfgQlyIi3ARLsElmIEZmImZmIVZuByXYzZm40pciatxNa7Ftbge1+NG3IibcTNuxa24HbfjDtyBu3AX7sE9uA/34X7cjwfwAOZgDh7Eg3gID+FhPIy5mItH8AgexaN4DI/hcTyOJ/AEnsJTeBpP4xk8g+fwHJ7Hn/AC/owX0WOMlSLWXmXj7NW2oL3GxtgC9m/joraYTbDFbQlrbGFb5O9itNYm2jK2rC1nnS1vk+xNv4mr2Kq2mq1ub7c17B225m/iBvZu29DeYxvZe219e9ffxY3tfbaJfdg2tY/YZra1bW7b2hb2YdvSPmJb2da2jW1rO9snbBf7pE22T9mu9unfxJl2mV1vN9iNdpPdbz+15+yP9qj9xp63P9l+tr8dZl+2w+0rdoR91abakb+Jx9s37QQ70U6yk+0UO/U38Sw726bbOXaufdfOs/N/E2fYD+xCm2UX2cV2iV36S3yppyz7oV1uP7LZdoVdaVfZ1XaNXWvX/c9eV9ktdqvdZvfZT+wOu9PusrvtHrv3l/jSeRywn9kc+7k9Yr+2h+wX9rA9ZnPtV7/El87vmP3WHrff2RP2pD1lv7en7Q/2jD37y/lfOvfv7c/2ovVWEJAkRZoCykf5KYYKUCxdRXF0NRWkayhC11I8XUeF6HoqTEWoKBWjBCpOJcgQkiWikEpSKYrSDVSabqREKkNlqRw5Kk9JdBNVoJupIt1ClehWqky3URWqStWoOt1ONegOqkm1qDbdSXWoLtWj+nQXNaC7qSHdQ43oXmpM91ETup+a0gPUjB6k5vQQtaCHqSU9Qq2oNbWhttSOHqX29Bh1oI7UiR6nzvQEdaEnKZmeoq70NHWjZ6g7PUs96DnqSc9TL+pNfegF6ksvUj/qTyk0gAbSSzSIBtMQGkrD6GUaTq/QCHqVUmkkjaLXaDS9TmPoDRpL42g8vUkTaCJNosk0haZSGr1F0+htmk7v0AyaSbNoNqXTHJpL79I8mk8L6D1aSO/TIlpMS2gpZdAHlEnLKIs+pOX0EWXTClpJq2g1raG1tI7W0wbaSJtoM22hrbSNttPHtIN20i7aTXtoL+2jT2g/fUoH6DPKoc/pIP2FDtEXdJi+pFz6io7Q13SUvqFj9C0dp+/oBJ2kU/Q9naYf6AydpXP0I52nn+gC/UwXyZMIIZShCnUYhPnC/GFMWCCMDa8K48Krw4LhNWEkvDaMD68LC4XXh4XDImHRsFiYEBYPS4QmxNCGFIZhybBUGA1vCEuHN4aJYZmwbFgudGH5MCm8KawQ3hxWDG8JK4W3hpXD28IqYdXw4Xurh7eHNcI7wpphrbB2eGdYJ6wb1gvrh3eFDcK7w4bhPWGj8N6wYnhf2CS8P2waPhA2Cx8Mm4cPhS3Ch8OW4SNhq7B12CZsG7YLHw3bh4+FHcKOYafw8bBz+ETYJXwyTA6fCruGT//u8ZRwQDgwfCl8KfT+HrUkujSaEf0gmhldFs2KfhhdHv0omh1dEV0ZXRVdHV0TXRtdF10f3RDdGN0U3RzdEt0a3Rb1vn5+4cBJp5x2gcvn8rsYV8DFuqtcnLvaFXTXuIi71sW761whd70r7Iq4oq6YS3DFXQlnHDrryIWupCvlou4GV9rd6BJdGVfWlXPOlXdJrq1r59q59u4x18F1dJ3c4+5x94R7wj3pnnRPua7uadfNPeO6u2ddD/ece84973q53q6Pe8H1dS+6fq6/S3EpbqAb6Aa5QW6IG+KGuWFuuBvuRrgRLtWlulFulBvtRrsxbowb68a68W68m+AmuElukpviprg0l+amuWluupvuZrgZbpab5dJdupvr5rp5bp5b4Ba4hYkL3SK3yC1xS1yGy3CZLtNluSy33C132S7brXQr3Wq32q11a916t95tdBvdZrfZbXVb3Xa33e1wO9wut8vtcXvcPrfP7Xf73QF3wOW4HHfQHXSH3CF32H3pct1X7oj72h1137hj7lt33H3nTriT7pT73p12P7gz7qw75350591P7oL72V103qVF3opMi7wdmR55JzIjMjMyKzI7kh6ZE5kbeTcyLzI/siDyXmRh5P3IosjiyJLI0khG5INIZmRZJCvyYWR55KNIdmRFZGVkVWR1ZE3E++I7Ql/Sl/JRf4Mv7W/0ib6ML+vLeefL+yR/k6/gb/YV/S2+kr/VV/a3+Sq+qq/mH/GtfGvfxrf17fyjvr1/zHfwHX0n/7jv7J/wXfyTPtk/5bv6p303/4zv7p/1Pfxzvqd/3vfyvX0f/4Lv61/0/Xx/n+IH+IH+JT/ID/ZD/FA/zL/sh/tX/Aj/qk/1I/0o/5of7V/3Y/wbfqwf58f7N/0EP9FP8pP9FD/Vp/m3/DT/tp/u3/Ez/Ew/y8/26X6On+vf9fP8fL/Av+cX+vf9Ir/YL/FLfYb/wGf6ZT7Lf+iX+498tl/hV/pVfrVf49f6dX693+A3+k1+s9/it/ptfrv/2O/wO/0uv9vv8Xv9Pv+J3+8/9Qf8Zz7Hf+4P+r/4Q/4Lf9h/6XP9V/6I/9of9d/4Y/5bf9x/50/4k/6U/96f9j/4M/6sP+d/9Of9T/6C/9lf5N9ZY4wxxhj7b9la+F8fH/APviZ/XZcMFEJcvbNY7t8eV0KIzb/WHSwTOkeEEE/17/ngf606dVJSUn59bLYSQanFQojI5fx84nK84pd/k0VHUeEf9jdY9j5Pv1M/eqsQsX+TEyMuxytEJ/HEL/Vv/if1H318fGbl8Fz8v6i/WIjEUpdzCojL8eX6Ff9J/SLtf6f/Al+kCdHhb3LixOX4cv0k8Zh4WiT/3SMZY4wxxhhjjLG/Giyrdf+9++dL9+cJ+nJOfnE5vnz/+Y/vzxljjDHGGGOMMXblPdu7z5OPJid37M6bP7wB+H+iDd7w5k/YXOmfTIwxxhhjjLE/2+WL/ivdCWOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlnf93/hzYlf6HBljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLEr7X8EAAD//7MxObU=")

5.368711548s ago: executing program 0 (id=2567):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
shmat(0x0, &(0x7f0000ff9000/0x1000)=nil, 0x4000)
shmctl$IPC_RMID(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x20400, 0x0)
ioctl$COMEDI_DEVCONFIG(r6, 0x40946400, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000084000000060a010400000000000000000100000008000b40000000005c0004802c000180090001007866726d000000001c0002800800024000000006050003000000000008000140000000092c00018008000100636d7000207387690500038005000100ac000000080001400000000908000240000000050900010073797a3000000000140000001100010000000000000000000000000a88f17fd060"], 0xf8}, 0x1, 0x0, 0x0, 0x4}, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f00000003c0)='wg1\x00', 0x4)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast2}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x6)

4.752679706s ago: executing program 1 (id=2568):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f0000000100)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x8}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x8}}, {{0x6, 0x0, 0xb, 0xa}, {0xf}}, [@printk={@lu, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0x2, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x7, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000080)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}, 0x90)

4.681330808s ago: executing program 2 (id=2569):
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140), 0x80000, 0x0)
ioctl$BTRFS_IOC_BALANCE_V2(0xffffffffffffffff, 0xc4009420, &(0x7f0000000f80)={0x17, 0x5, {0x3, @struct={0xffffffff, 0x7}, <r1=>0x0, 0x8, 0xaf, 0x8000000000000001, 0x4, 0x4, 0x400, @usage=0xfffffffffffffffd, 0x2, 0x4, [0x7fff, 0x9, 0x3, 0x4e, 0x80000001, 0x401]}, {0xdee, @struct={0x7fff, 0x7}, 0x0, 0x0, 0x8, 0x9, 0x40, 0xffff, 0x4d3, @struct={0x101, 0x8}, 0x4, 0x9, [0x5, 0x7, 0x4, 0xffffffffffffffff, 0x0, 0x6]}, {0x8000000000000001, @usage=0x42, 0x0, 0x6, 0x2, 0x800000000000000, 0x4, 0x5, 0xe2, @usage=0x3, 0x80000001, 0xf, [0x5, 0x1, 0x6, 0x5, 0x400]}, {0x9cf, 0x3, 0xfffffffffffffffa}})
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000001380)={r1, 0x8, 0x8})
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x16, &(0x7f0000000040)={[{@grpjquota}, {@noblock_validity}, {@auto_da_alloc_val}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@user_xattr}, {@noblock_validity}, {@nomblk_io_submit}, {@nolazytime}, {@grpid}, {@nobarrier}]}, 0x0, 0x4f0, &(0x7f0000000640)="$eJzs3d9rW9cdAPDvla38dGZn20MWWGaWDCdskex4ScwesgzG9hTYlr2nxpaNsWwZS05iE4pD/4BCKW2hT33qS6F/QKHkTyiFQPte2tJSmqR56EurIumqtV0pdlLLCtbnAyf33F/+nqOgo3N0DroB9KzhiLgaEX0RcS4iBtPjmTTFeiPVrnv08M5ULSVRrV7/OokkPdb8W0m6PZredigi/vfviHhQrW6NW15dm58sFgvL6X6+srCUL6+unZ9bmJwtzBYWx8fHLk1cnrg4MfrMdbu5IT8UEVf++flrL7/9ryvv/+XWJze+PPtirbwD6fmN9dhNjdckW38tmvojYrkTwbqgL61PttsFAQBgR2r9019HxB/r/f/B6Kv35gAAAID9pPr3gfrcTRUAAADYtzL1NbBJJpeu9x2ITCaXa6zh/W0cyRRL5cqfZ0ori9ONtbJDkc3MzBULo+la4aHIJrX9sXSNbXP/wpb98Yg4HhGvDh6u7+emSsXpbn/5AQAAAD3i6Jbx/+PBxvgfAAAA2GeGul0AAAAAoOOM/wEAAGD/M/4HAACAfe0/167VUrX5/Ovpm6sr86Wb56cL5fncwspUbqq0vJSbLZVm67/Zt7Dd3yuWSkt/jcWV2/lKoVzJl1fXbiyUVhYrN+Y2PQIbAAAA2EPH/3Dv4yQi1v92uJ4iiTiQnst2uWxAZ2We5uLPOlcOYO/1dbsAQNf0d7sAQNcY4wPJNufbLt75YPfLAgAAdMbI77bM/4f5f+gVTzX/D+wr5v+hd7WY/7ckAHpEVg8Ael7n5/+r1acqEAAAsOsG6inJ5NK5wIHIZHK5iGP1xwJkk5m5YmE0In4VER8NZg/W9sfqdybbjhkAAAAAAAAAAAAAAAAAAAAAAAAAgIZqNYnqM3j8LDcBAAAAXRGR+SJJn/81MnhmYOv3AweSbwfr24i49eb1129PVirLY7XjD348XnkjPX5hmy8bPGwcAAAA9kRznN4cxwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAbnr08M5UM+1l3K/+ERFDreL3x6H69lBkI+LIN0n0b7gviYi+XYi/fjciTrSKn9SKFUNpKbbGz0TE4S7HP7oL8aGX3au1P1dbvf8yMVzftn7/9afpl9rY/tWag43xm+1fX5v279gOY5y8/26+bfy7ESf7W7c/zfhJm/in20Y8uGnvhf+vrbW7svpWxEjLz59kU6x8ZWEpX15dOz+3MDlbmC0sjo+PXZq4PHFxYjQ/M1cspP+2jPHK79/7/kn1P9Im/tA29T/Ttv6bfXf/9sPfNLLZVvHPnt4cfzg9d6JN/Ez62fenNF87P9LMrzfyG51658NTafZnH1m1+NNt6r/d///ZHdb/3H9f+nSHlwIAe6C8ujY/WSwWljueGW59qtkj2qtiyDx/mb7YfKTZ9d/tWLVu63NS5ec/08VGCQAA6IifOv07uHjThPvBzhUKAAAAAAAAAAAAAAAAAAAAesxe/JzY1pjr3akqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAT/RAAAP//b2XLiA==")
connect$unix(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000004b64ffec850000007d000000850000000e00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='io_uring_link\x00', r2, 0x0, 0x4}, 0x18)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000000)='io_uring_link\x00', r3, 0x0, 0x4}, 0x18)
r4 = syz_io_uring_setup(0x110, &(0x7f0000000380)={0x0, 0xfffffff8}, &(0x7f00000007c0)=<r5=>0x0, &(0x7f0000000800)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x44, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x40000022})
io_uring_enter(r4, 0x47f6, 0x0, 0x0, 0x0, 0x0)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r7 = socket(0x1e, 0x805, 0x0)
connect$tipc(r7, &(0x7f0000000000)=@id, 0x10)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x5, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0xe}, [@func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffe}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x2}]}, &(0x7f0000000100)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000005c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb01001800000000000000a0000000a0000000060000000a0000b36f000004080000000a000000040000000a00000009000000010000005dddffff0500000002000000040000000900000000000008040000000f00000005000005bf40961a0900000002000000020000000e00000005000000000000000d00000002000000010000000f000000010000006bb700000000000001000000020000000f000000000000110100000000000000020000000000000904000000000000302e00fb9fb7a538b9fa144a6e76b33c015bd5f44db13573da6088a0ff9f0735e3fe6c455715dc07e54d2386107f0a1ae80772419f7a"], 0x0, 0xbe, 0x0, 0x1, 0x2, 0x10000}, 0x28)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000f40)={r8, 0xe0, &(0x7f0000000e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000c80)=[0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x8, 0x4, &(0x7f0000000cc0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000d00)=[0x0, 0x0, 0x0, 0x0], 0x0, 0x7f, &(0x7f0000000d40)=[{}, {}], 0x10, 0x10, &(0x7f0000000d80), 0x0, 0x0, 0xe4, 0x8, 0x8, &(0x7f0000000e00)}}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r8}, 0x18)
r9 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x860b01)
ioctl$EVIOCSFF(r9, 0x40304580, &(0x7f0000000b40)={0x51, 0xfffe, 0xf001, {0xffff, 0x1}, {0x45, 0x2}, @ramp={0x400, 0x3, {0x9, 0x1000, 0xfffe, 0x4}}})
write$char_usb(r9, &(0x7f0000000040)="e2", 0x2250)
r10 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='&\x00\x00\x00\a'], 0x50)
r11 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write(r10, &(0x7f0000000000)='\"', 0x1)
bind$bt_hci(r11, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r11, &(0x7f0000000000), 0xd)

3.769968649s ago: executing program 0 (id=2570):
socket$kcm(0x10, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1e)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x40020, &(0x7f0000000480)=ANY=[@ANYBLOB='gid'])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x3, &(0x7f00000000c0)={<r3=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r4, &(0x7f0000000340)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_BIND(r4, &(0x7f00000000c0)={0x14, 0x88, 0xfa00, {r5, 0x10, 0x0, @in={0x2, 0x4e23, @empty}}}, 0x90)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000540)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000500)=0x1, r3, 0x0, 0x2, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f00000001c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000180)=0x1, r3, 0x0, 0x1, 0x4}}, 0x20)
write$RDMA_USER_CM_CMD_BIND_IP(r2, &(0x7f00000002c0)={0x2, 0x28, 0xfa00, {0x0, {0xa, 0x4e23, 0xfffffffd, @empty, 0x5}, r3}}, 0x30)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000040)={<r7=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r6, &(0x7f00000002c0)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000280)=0x1, r7, 0x0, 0x1, 0x4}}, 0x20)
close_range(r1, 0xffffffffffffffff, 0x0)

3.768337698s ago: executing program 2 (id=2571):
syz_open_dev$radio(&(0x7f0000000000), 0xffffffffffffffff, 0x2)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000280)={@ifindex, 0x2e, 0x1, 0x7ff, &(0x7f0000000140)=[0x0], 0x1, 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f00000001c0)=[0x0, 0x0, 0x0], &(0x7f0000000240)=[0x0], <r2=>0x0}, 0x40)
r3 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)={@fallback=r3, r0, 0x19, 0x1, r0, @void, @value=r0, @void, @void, r2}, 0x20)
r4 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="12011f00abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0)
syz_usb_control_io(r4, &(0x7f0000000340)={0x2c, &(0x7f00000001c0)=ANY=[@ANYBLOB="201006000000065f"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$cdc_ecm(r4, 0x0, 0x0)
syz_usb_control_io$uac1(r4, 0x0, &(0x7f0000000480)={0x44, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mount$9p_fd(0x0, &(0x7f0000000300)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
openat(r0, &(0x7f0000000040)='./file0\x00', 0x18ac1, 0x19)
r5 = syz_open_dev$video4linux(&(0x7f0000000100), 0x4ac, 0x8000)
ioctl$VIDIOC_DBG_G_CHIP_INFO(r5, 0xc0c85666, &(0x7f0000000340)={{0x2, @name="318a07e8b28a4ee7d89a5098129d4331f81f73c284cc4b25d1ce961379b470f2"}, "ccdb49edf1c27ffdb57b5077a550553a0d63e3ad2074e0e78e2721e8952afcff", 0x6})

3.744582619s ago: executing program 1 (id=2572):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c010000190001000000000000000000200100000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000000000033000000000000000000000000000000000000000000000000000000ffffffffffffffbf0000000000000200000000000000000000000000000000000000000000000000000000000000400009000000000000000000000000000000000000000000000084000500ac1414aa000000000000000000000000000000003300"], 0x13c}}, 0x0)

3.18689899s ago: executing program 1 (id=2573):
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$SNAPSHOT_SET_SWAP_AREA(r0, 0x400c330d, &(0x7f0000000040)={0x5, 0x8})
r1 = socket(0x10, 0x803, 0x0)
r2 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$vhost_msg_v2(r2, &(0x7f0000000640)={0x2, 0x0, {0x0, 0x0, 0x0}}, 0x1a)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000016c0)={0x2, &(0x7f0000001680)=[{0x6c}, {0x6}]})
sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
r3 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r3, 0x40946400, &(0x7f00000000c0)={'pcl726\x00', [0x4f26, 0x6, 0x2, 0x401, 0x1, 0xcc7, 0xfff, 0x5c952399, 0x5, 0x3ff, 0x802, 0x1600, 0x1, 0x1, 0x9, 0xe1cb, 0x6, 0xfffffff8, 0x4, 0x395, 0x80001089, 0xfffffffd, 0x0, 0xfffffff5, 0xffffeadb, 0x3, 0x40003e, 0x8, 0x4, 0x8000000, 0x100]})
getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001500)=0x14)
r4 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
r5 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000100), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="14000000100001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$WG_CMD_SET_DEVICE(r6, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c020000", @ANYRES16=r5], 0x21c}, 0x1, 0x0, 0x0, 0x20040010}, 0x4008804)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x40, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
r10 = dup(r9)
ioctl$KVM_SET_MSRS(r10, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="010000000008000082000040"])
ioctl$VIDIOC_S_OUTPUT(r4, 0xc004562f, &(0x7f0000000000)=0x1)
ioctl$VIDIOC_S_DV_TIMINGS(r4, 0xc0845657, &(0x7f0000000380)={0x0, @bt={0x2d0, 0x190, 0x1, 0x0, 0xb, 0x1, 0x7, 0x1, 0x2, 0x4, 0x722, 0x13, 0x0, 0x7f, 0x3e, 0xb763599953cb091d, {0x0, 0x6fd8e84b}, 0x0, 0xed}})
getsockname$packet(r1, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
r11 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)
sendmsg$L2TP_CMD_SESSION_DELETE(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r11, @ANYBLOB="01002cbd701004000000050000000600010005000000080009009d9318bb3d68a4b594b7e853899feb883c9d7b000008000c00a86ce5b6"], 0x34}, 0x1, 0x0, 0x0, 0x20008000}, 0x30)
sendmsg$L2TP_CMD_TUNNEL_MODIFY(r1, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0xa204}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r11, @ANYBLOB="000129bd7000fedbdf2503c54fe5cea2e9cfc800000000000000"], 0x20}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000)

3.149813939s ago: executing program 0 (id=2574):
socket$inet_udp(0x2, 0x2, 0x0)
shmat(0x0, &(0x7f0000ff9000/0x1000)=nil, 0x4000)
shmctl$IPC_RMID(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r0}, 0x10)
syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x20400, 0x0)
socket$inet6(0xa, 0x80002, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000084000000060a010400000000000000000100000008000b40000000005c0004802c000180090001007866726d000000001c0002800800024000000006050003000000000008000140000000092c00018008000100636d7000207387690500038005000100ac000000080001400000000908000240000000050900010073797a3000000000140000001100010000000000000000000000000a88f17fd060"], 0xf8}, 0x1, 0x0, 0x0, 0x4}, 0x0)

2.389253601s ago: executing program 4 (id=2575):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8000}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000002240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x2, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b70000000c000000bca30000000000002403000020feffff620af8fff8ffffff71a4f8ff000000001f03000000000000e5000200000000002604fdffff02000014010000033800001d130000000300007a0a00fe0000001f0f14000000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f300020000fe275daf51efd601b6bf01c8e8b1b526375ee4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff61623604000000000000006a89adaf17b0a6041bdeebdfd1f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564163427afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101a3062cd54f9ff51d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566d674e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48153baae244e7bf573eac34b781337ad5905c6bbf1137548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a90144022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab540b8d7b4ead35a385e0b4a26b702396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb11883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcd857ab15e355713767c536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ced301efeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef0981000000000000ff0f40b1888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fc08001011e32f80fb60e14b9eee094277bbc170882c8890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e3f753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bb25b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963342aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b6ef9d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec035d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf79a43746979f99f6a1527f004f1e37a3926937e84fb478199dc1020f4beb98b8074bf7df8b5e783637da740800000000000000c55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a6a2740000000000000000000000000000000000000000000a0009dd14b38f2f4426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4100260ffcd8f1d04166d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb0000000000000005375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10baa804a707f0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d34d3757b1450fdb0a9a69f432e277f3a0386eb2bd3305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07618b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e040000003c3ffad44d2a376def42e41e9fc31678257e040fa7cf32c221aaac08000000000000001a00000000000000000000173570f0c11ae694b0f7a4f9c2f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d641ef02e4d5295d756e110522a7a945b93fb705b95b6aae27a8fb33732ce1da1c0b1af8eb9222a06e984ab1e6984c8bdc12360627137ab67b6b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481efe46a4ce86be0b1d8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0c6cb4bed8594a39bd76d3ef8a7ab014e787596db796bd93a36c2880423291e3bccc86f66ba792ff4d87b3f80e5908779e51c5e9055fc5b23605cd000c723187ef09dcf4b07b06a9342f3f62ee7acddff292082c1f4d8eb9561f80873a09a1ae0c9af1121175e5600f43a1179484502009759264a5729f07c2b218fa36ba2316a99aaad0130df83d0bda1e711290f78c143ea143967b00adcd77e6ad5e48d839ea61aadb83e4d071c54691924a3830d3e7b5c198bb0ed623153590000000000000000004b985ea1702f34f2f85b168c083e810ed567e3f1979b9ed1a4bf6a10dac825c96a0828b335de445a4880bb6474157efd1a72ca46ae4cbe3ab648c9bc4867a5a4cb87d7d6d55475b34b3cb6aa9e2337d4e04a37e35109752522ac9b186ddd80c47da6a2f4ef7bb909c975520000000000000000000000219cf5c1376ab33786f6b856d354e90a2733f78f2d188057cead3480eade49d55b770fad7fa000d23da6275768810b6b2df91d3a991ea98d929d271696c258d5b735d5db11df434e7dd1b7c1ca05cea3977df564115f4ec6ffab1d2ff8a642ca50934b3fbe44b0abeba9df209566984a29dfc0466e439a94e177b3c4d5f6e92b8176b9d6ddeeeb196fa964217f88e1acc180aaa4"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xfffffffffffffd27}, 0x48)

2.207710218s ago: executing program 0 (id=2576):
syz_usb_connect$cdc_ncm(0x0, 0x72, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
syz_io_uring_setup(0x7cc2, 0x0, 0x0, &(0x7f0000001000))
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
bind$xdp(0xffffffffffffffff, &(0x7f0000000100)={0x2c, 0x2}, 0x10)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a0100000000000000fff5010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000080002400000000010000380140001007465616d3000000000000000000000005c000000160a0101000b000000000000010000000900020073797a30000000000900010073797a3000000000300003802c00038014"], 0xfc}}, 0x0)

1.658382728s ago: executing program 1 (id=2577):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, 0x0)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f0000000c80)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000001340)={0x40, r1, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_KEY={0x24, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x20, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x3}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x40}, @NL802154_KEY_ID_ATTR_MODE={0x8, 0x1, 0x3}]}]}]}, 0x40}}, 0x20008080)

1.476349689s ago: executing program 1 (id=2578):
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001e40)={0x6, 0x43, &(0x7f0000001a80)=ANY=[@ANYBLOB="1800000077f80000000000000100000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000184a0000010000000000000000000000b7080000000000007b8af8ff00000000b7080000040000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb702000008000000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b70500000800000085000000a5000000d0a8e0ffffffffff1840000003000000000000000000000018150000", @ANYRES32, @ANYBLOB="00000000000000008520000001000000b7080000000000007b8af8ff00000000b7080000070000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="00000000000000a7000000000000000085000000a5000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000030000008500000006000000850000004b00000018110000", @ANYRES32=0x1, @ANYBLOB="0000000000000000b7080000050000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b7020000020000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000580)='GPL\x00', 0x6, 0x14, &(0x7f0000000140)=""/20, 0x41000, 0x50, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f00000001c0)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000400)={0x3, 0x6, 0xff, 0x400}, 0x10, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000440)=[{0x2, 0x3, 0xa, 0x5}, {0x2, 0x5, 0x7, 0x2}, {0x1, 0x2, 0x401, 0x8}, {0x1, 0x5, 0x1, 0x5}, {0x4, 0x2, 0x1, 0x1}, {0x2, 0x4, 0x9, 0xa}], 0x10, 0x5}, 0x94)

1.344037991s ago: executing program 2 (id=2579):
r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000000)='syz1\x00', 0x200002, 0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100), 0x119200, 0x0)
syz_clone3(0x0, 0x0)
r2 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000ac0)=ANY=[@ANYBLOB="180000000000000000000000000000001801000078"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
lseek(0xffffffffffffffff, 0xcbe, 0x0)
accept4$x25(r2, &(0x7f0000000180), &(0x7f0000000200)=0x12, 0x80000)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ptrace$pokeuser(0x6, r7, 0x358, 0x0)
ioctl$FIDEDUPERANGE(r0, 0xc0189436, &(0x7f0000000180)={0xfffffffffffffffb, 0x1, 0x1, 0x0, 0x0, [{{r1}, 0x3}]})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = semget$private(0x0, 0x6, 0x0)
semtimedop(r8, &(0x7f0000000040)=[{0x0, 0x1}], 0x1, 0x0)
semop(r8, &(0x7f00000000c0)=[{}, {}], 0x2)

1.342587899s ago: executing program 1 (id=2580):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
shmat(0x0, &(0x7f0000ff9000/0x1000)=nil, 0x4000)
shmctl$IPC_RMID(0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa10000000000000701"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x54, '\x00', 0x0, @fallback=0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x20400, 0x0)
ioctl$COMEDI_DEVCONFIG(r5, 0x40946400, 0x0)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, 0x0, 0x0)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000084000000060a010400000000000000000100000008000b40000000005c0004802c000180090001007866726d000000001c0002800800024000000006050003000000000008000140000000092c00018008000100636d7000207387690500038005000100ac000000080001400000000908000240000000050900010073797a3000000000140000001100010000000000000000000000000a88f17fd060"], 0xf8}, 0x1, 0x0, 0x0, 0x4}, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f00000003c0)='wg1\x00', 0x4)
connect$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @multicast2}, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x6)

423.119498ms ago: executing program 2 (id=2581):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = syz_open_dev$mouse(0x0, 0x0, 0x2042)
read$fb(r1, 0x0, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, 0x0, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000580)=ANY=[@ANYBLOB="40010000100001000000000800000000aca47601000000000000000000004000fe8000000000000000000000000000bb00020000000000000000200000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff0000000000000000000000000000000033000000ac1414aa0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000ffffffffffffffff0000008056000000000000000000000000000000000000000000000000000000100000000900000002000000feffffff0000000002000100000000000000000048000100736861323536000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000b0000"], 0x140}}, 0x0)
set_mempolicy(0x1, &(0x7f0000000100)=0xd01c, 0x6)
syz_open_procfs(0x0, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={0x0}, 0x18)
dup(0xffffffffffffffff)

0s ago: executing program 2 (id=2582):
socket$kcm(0x10, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
add_key$user(0x0, 0x0, 0x0, 0x0, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, 0x0, &(0x7f0000000140))
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
r3 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r4, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000340)={r5, 0x0, 0x0, 0x0, 0x1, [<r6=>0x0], [0x0, 0x7], [0x0, 0x80000002, 0x2], [0x0, 0x0, 0x1, 0x1]})
ioctl$DRM_IOCTL_GEM_FLINK(r2, 0xc008640a, &(0x7f0000000000)={r6})
r7 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r7, 0x0, 0x0, 0x0)
sendmsg$IPSET_CMD_LIST(r7, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x8018)
connect$x25(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
syz_emit_ethernet(0x0, 0x0, 0x0)
r8 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi3\x00', 0xaa544, 0x0)
ioctl$COMEDI_DEVCONFIG(r8, 0x40946400, &(0x7f0000000080)={'c6xdigio\x00', [0x401, 0x181, 0x2, 0x3, 0x14000000, 0x0, 0xfffffffc, 0x2, 0xffd, 0x7ffe, 0x3, 0x723, 0x404, 0x2, 0x8000013, 0xa7, 0xffffffa7, 0x8000b, 0x34d, 0x6e, 0x0, 0x4000009, 0x200, 0xe2df, 0x9, 0x20000001, 0x4, 0x505e, 0x7, 0xf58, 0x6]})

kernel console output (not intermixed with test programs):

ss `syz.1.1737'.
[  536.317507][T12090] netlink: 'syz.3.1739': attribute type 2 has an invalid length.
[  538.485053][T12116] EXT4-fs: Ignoring removed nomblk_io_submit option
[  538.513142][T12116] I/O error, dev loop1, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  538.535150][T12116] EXT4-fs (loop1): unable to read superblock
[  538.857759][T12122] debugfs: Bad value for 'gid'
[  538.873683][T12122] debugfs: Bad value for 'gid'
[  540.782480][ T5976] usb 1-1: new full-speed USB device number 33 using dummy_hcd
[  540.933538][T12137] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  540.946093][T12137] block device autoloading is deprecated and will be removed.
[  541.205726][ T5976] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  541.247396][ T5976] usb 1-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  541.289064][ T5976] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  541.322965][ T5976] usb 1-1: Product: syz
[  541.505132][ T5976] usb 1-1: Manufacturer: syz
[  541.523233][ T5976] usb 1-1: SerialNumber: syz
[  542.069769][ T5976] usb 1-1: config 0 descriptor??
[  542.254350][ T5976] asix 1-1:0.0: probe with driver asix failed with error -22
[  542.390144][ T5976] usb 1-1: USB disconnect, device number 33
[  542.482693][   T30] audit: type=1800 audit(1758399254.040:3694): pid=12148 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1755" name="file0" dev="fuse" ino=0 res=0 errno=0
[  542.502901][    C0] vkms_vblank_simulate: vblank timer overrun
[  542.517746][T12155] bond4: entered promiscuous mode
[  542.534997][T12155] bond4: entered allmulticast mode
[  542.655645][T12155] 8021q: adding VLAN 0 to HW filter on device bond4
[  542.974148][T12168] __nla_validate_parse: 1 callbacks suppressed
[  542.974168][T12168] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1764'.
[  543.529387][T12155] bond4 (unregistering): Released all slaves
[  543.884625][T12185] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1771'.
[  544.478078][T12191] ceph: No mds server is up or the cluster is laggy
[  544.485433][  T980] libceph: connect (1)[c::]:6789 error -101
[  544.495012][T12187] vfat: Bad value for 'utf8'
[  544.506299][  T980] libceph: mon0 (1)[c::]:6789 connect error
[  544.514883][T12189] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1772'.
[  544.541972][T12189] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1772'.
[  544.634964][T12189] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1772'.
[  545.593176][ T5929] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  545.762817][ T5929] usb 1-1: Using ep0 maxpacket: 32
[  545.824212][ T5929] usb 1-1: config 0 has an invalid interface number: 137 but max is 0
[  545.832531][ T5929] usb 1-1: config 0 has no interface number 0
[  545.861611][ T5929] usb 1-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  545.861639][ T5929] usb 1-1: config 0 interface 137 has no altsetting 0
[  545.865411][ T5929] usb 1-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  545.865440][ T5929] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  545.865458][ T5929] usb 1-1: Product: syz
[  545.865472][ T5929] usb 1-1: Manufacturer: syz
[  545.865484][ T5929] usb 1-1: SerialNumber: syz
[  545.868112][ T5929] usb 1-1: config 0 descriptor??
[  545.870711][ T5929] ftdi_sio 1-1:0.137: FTDI USB Serial Device converter detected
[  545.888535][T12217] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  545.954356][ T5929] usb 1-1: Detected SIO
[  545.960015][ T5929] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  545.990268][ T5929] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  546.002405][T12215] bond3: entered promiscuous mode
[  546.017178][T12215] bond3: entered allmulticast mode
[  546.064154][T12215] 8021q: adding VLAN 0 to HW filter on device bond3
[  546.704773][T12215] bond3 (unregistering): Released all slaves
[  546.724859][T12229] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  547.412008][T12239] vfat: Bad value for 'utf8'
[  547.428889][ T5944] usb 1-1: USB disconnect, device number 34
[  547.472452][ T5944] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  547.501243][ T5944] ftdi_sio 1-1:0.137: device disconnected
[  547.663844][T12249] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1787'.
[  548.116278][ T5944] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  548.403036][ T5944] usb 1-1: Using ep0 maxpacket: 8
[  548.443770][ T5944] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  548.457759][ T5944] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  548.468437][ T5944] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  548.507626][ T5944] usb 1-1: New USB device found, idVendor=0bfd, idProduct=001a, bcdDevice=5a.c8
[  548.517220][ T5944] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  548.532833][ T5944] usb 1-1: Product: syz
[  548.605668][ T5944] usb 1-1: Manufacturer: syz
[  548.701194][ T5944] usb 1-1: SerialNumber: syz
[  548.820047][ T5944] usb 1-1: config 0 descriptor??
[  548.841743][ T5944] kvaser_usb 1-1:0.0: error -ENODEV: Cannot get usb endpoint(s)
[  549.051251][T12248] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  549.882920][T12248] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  549.946570][  T980] usb 1-1: USB disconnect, device number 35
[  549.994236][T12274] bond4: entered promiscuous mode
[  550.032101][T12274] bond4: entered allmulticast mode
[  550.083497][T12274] 8021q: adding VLAN 0 to HW filter on device bond4
[  550.718735][T12274] bond4 (unregistering): Released all slaves
[  550.730409][T12285] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1798'.
[  550.739769][T12285] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1798'.
[  550.759438][T12285] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1798'.
[  551.266484][T12295] veth0: entered promiscuous mode
[  551.632669][ T6005] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  551.713509][T12302] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1801'.
[  551.723675][T12302] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1801'.
[  552.141218][T12290] veth0: left promiscuous mode
[  552.217048][ T6005] usb 3-1: Using ep0 maxpacket: 32
[  552.238072][ T6005] usb 3-1: config 0 has an invalid interface number: 137 but max is 0
[  552.272712][ T6005] usb 3-1: config 0 has no interface number 0
[  552.293492][ T6005] usb 3-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  552.310962][T12307] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1803'.
[  552.366485][ T6005] usb 3-1: config 0 interface 137 has no altsetting 0
[  552.405492][ T6005] usb 3-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  552.418755][ T6005] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  552.430517][ T6005] usb 3-1: Product: syz
[  552.436008][ T6005] usb 3-1: Manufacturer: syz
[  552.441079][ T6005] usb 3-1: SerialNumber: syz
[  552.450570][ T6005] usb 3-1: config 0 descriptor??
[  552.474999][ T6005] ftdi_sio 3-1:0.137: FTDI USB Serial Device converter detected
[  552.507707][ T6005] usb 3-1: Detected SIO
[  552.513481][ T6005] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  552.548754][ T6005] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  554.064433][ T6005] usb 3-1: USB disconnect, device number 40
[  554.208940][ T6005] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  554.245364][ T6005] ftdi_sio 3-1:0.137: device disconnected
[  556.074296][  T983] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  556.241220][T12362] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1819'.
[  556.279965][T12360] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1816'.
[  556.302821][  T983] usb 3-1: Using ep0 maxpacket: 16
[  556.324821][  T983] usb 3-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  556.342678][  T983] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.356571][  T983] usb 3-1: config 0 descriptor??
[  556.378736][  T983] gspca_main: sonixj-2.14.0 probing 0471:0327
[  556.391398][T12373] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1821'.
[  556.415146][T12373] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1821'.
[  556.428123][T12373] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1821'.
[  556.861359][ T6005] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  557.608288][  T983] gspca_sonixj: reg_r err -110
[  557.613270][  T983] sonixj 3-1:0.0: probe with driver sonixj failed with error -110
[  557.662691][ T6005] usb 1-1: Using ep0 maxpacket: 32
[  557.669736][ T6005] usb 1-1: config 0 has an invalid interface number: 137 but max is 0
[  557.679204][ T6005] usb 1-1: config 0 has no interface number 0
[  557.685716][ T6005] usb 1-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  557.698661][ T6005] usb 1-1: config 0 interface 137 has no altsetting 0
[  557.891823][ T6005] usb 1-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  557.903616][ T6005] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  557.913015][ T6005] usb 1-1: Product: syz
[  557.917789][ T6005] usb 1-1: Manufacturer: syz
[  557.922425][ T6005] usb 1-1: SerialNumber: syz
[  557.930088][ T6005] usb 1-1: config 0 descriptor??
[  557.938021][ T6005] ftdi_sio 1-1:0.137: FTDI USB Serial Device converter detected
[  558.024848][ T5944] usb 3-1: USB disconnect, device number 41
[  558.123978][T12407] netlink: 'syz.2.1830': attribute type 10 has an invalid length.
[  558.126323][ T6005] usb 1-1: Detected SIO
[  558.138163][ T6005] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  558.147863][ T6005] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  558.182235][T12410] netlink: 'syz.2.1830': attribute type 10 has an invalid length.
[  558.771633][T12411] ceph: No mds server is up or the cluster is laggy
[  558.790329][ T6005] libceph: connect (1)[c::]:6789 error -13
[  558.809272][ T6005] libceph: mon0 (1)[c::]:6789 connect error
[  558.826524][T12407] team0: Port device dummy0 added
[  558.941600][T12410] team0: Port device dummy0 removed
[  558.984980][T12410] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  559.336393][T12437] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  559.336393][T12437] The task syz.1.1836 (12437) triggered the difference, watch for misbehavior.
[  559.370066][T12437] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  559.383096][ T5944] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  559.394793][T12437] exFAT-fs (loop1): unable to read boot sector
[  559.406005][T12437] exFAT-fs (loop1): failed to read boot sector
[  559.418072][  T983] usb 1-1: USB disconnect, device number 36
[  559.439277][  T983] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  559.453904][T12437] exFAT-fs (loop1): failed to recognize exfat type
[  559.463322][  T983] ftdi_sio 1-1:0.137: device disconnected
[  559.590575][ T5944] usb 3-1: device descriptor read/64, error -71
[  560.142998][ T5944] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  560.311507][ T5944] usb 3-1: device descriptor read/64, error -71
[  560.461622][ T5944] usb usb3-port1: attempt power cycle
[  561.643066][  T983] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  561.900015][ T5944] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  561.921402][T12467] ceph: No mds server is up or the cluster is laggy
[  561.933562][ T6005] libceph: connect (1)[c::]:6789 error -101
[  561.956274][ T6005] libceph: mon0 (1)[c::]:6789 connect error
[  562.222982][ T5944] usb 3-1: device descriptor read/8, error -71
[  562.229530][  T983] usb 2-1: Using ep0 maxpacket: 8
[  562.239747][  T983] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  562.254643][  T983] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  562.279334][  T983] pvrusb2: Hardware description: Terratec Grabster AV400
[  562.288887][  T983] pvrusb2: **********
[  562.295338][  T983] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  562.383404][  T983] pvrusb2: Important functionality might not be entirely working.
[  562.439160][  T983] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  562.508099][  T983] pvrusb2: **********
[  562.542977][ T2344] pvrusb2: Invalid write control endpoint
[  562.830694][T12480] ceph: No mds server is up or the cluster is laggy
[  562.840220][ T5976] libceph: connect (1)[c::]:6789 error -101
[  562.876115][ T5976] libceph: mon0 (1)[c::]:6789 connect error
[  563.168822][ T2344] pvrusb2: Invalid write control endpoint
[  563.179157][ T2344] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  563.190982][ T2344] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  563.199075][ T2344] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  563.210919][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  563.219851][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  563.271979][T12457] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  563.281825][T12483] netlink: 92 bytes leftover after parsing attributes in process `syz.0.1848'.
[  563.291957][ T2344] pvrusb2: Device being rendered inoperable
[  563.323401][T12457] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  563.341840][ T2344] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  563.355922][T12483] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1848'.
[  563.384129][ T2344] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  563.402630][T12483] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1848'.
[  563.464303][ T5944] usb 2-1: USB disconnect, device number 44
[  563.486446][ T2344] pvrusb2: Attached sub-driver cx25840
[  563.504158][ T2344] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  563.517336][ T2344] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  563.558821][T12495] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1851'.
[  563.772883][ T5929] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  563.802678][ T5994] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  563.922778][ T5929] usb 1-1: Using ep0 maxpacket: 32
[  563.929872][ T5929] usb 1-1: config 0 has an invalid interface number: 137 but max is 0
[  563.938657][ T5929] usb 1-1: config 0 has no interface number 0
[  563.945200][ T5929] usb 1-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  563.955855][ T5929] usb 1-1: config 0 interface 137 has no altsetting 0
[  563.965342][ T5929] usb 1-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  563.972767][ T5994] usb 3-1: Using ep0 maxpacket: 32
[  563.975721][ T5929] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  563.981953][ T5994] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  563.988638][ T5929] usb 1-1: Product: syz
[  563.988658][ T5929] usb 1-1: Manufacturer: syz
[  563.988671][ T5929] usb 1-1: SerialNumber: syz
[  563.999888][ T5929] usb 1-1: config 0 descriptor??
[  564.002774][ T5994] usb 3-1: config 0 has no interface number 0
[  564.025181][ T5929] ftdi_sio 1-1:0.137: FTDI USB Serial Device converter detected
[  564.026125][ T5994] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  564.043161][ T5994] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  564.044033][ T5929] usb 1-1: Detected SIO
[  564.051338][ T5994] usb 3-1: Product: syz
[  564.058218][ T5929] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  564.070041][ T5929] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  564.072614][ T5994] usb 3-1: Manufacturer: syz
[  564.104382][ T5994] usb 3-1: SerialNumber: syz
[  564.113560][ T5994] usb 3-1: config 0 descriptor??
[  564.121785][ T5994] smsc95xx v2.0.0
[  564.167948][T12505] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  564.181518][T12505] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  564.194107][T12505] FAT-fs (loop1): unable to read boot sector
[  564.366499][ T5994] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  564.412750][ T5994] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  564.683856][ T5994] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000104: -71
[  564.711526][ T5994] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71
[  564.734329][   T30] audit: type=1326 audit(1758399276.290:3695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12515 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0538ec29 code=0x7ffc0000
[  564.792297][ T5994] usb 3-1: USB disconnect, device number 46
[  564.816894][T12516] I/O error, dev loop2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  564.830845][T12516] hfs: can't find a HFS filesystem on dev loop2
[  564.841510][   T30] audit: type=1326 audit(1758399276.290:3696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12515 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0538ec29 code=0x7ffc0000
[  564.877078][   T30] audit: type=1326 audit(1758399276.300:3697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12515 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=453 compat=0 ip=0x7fce0538ec29 code=0x7ffc0000
[  564.928076][   T30] audit: type=1326 audit(1758399276.300:3698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12515 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0538ec29 code=0x7ffc0000
[  564.967840][   T30] audit: type=1326 audit(1758399276.300:3699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12515 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0538ec29 code=0x7ffc0000
[  564.992407][    C0] vkms_vblank_simulate: vblank timer overrun
[  565.073465][   T30] audit: type=1326 audit(1758399276.300:3700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12515 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fce0538ec29 code=0x7ffc0000
[  565.175381][   T30] audit: type=1326 audit(1758399276.300:3701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12515 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0538ec29 code=0x7ffc0000
[  565.229508][   T30] audit: type=1326 audit(1758399276.300:3702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12515 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fce0538ec29 code=0x7ffc0000
[  565.264869][   T30] audit: type=1326 audit(1758399276.330:3703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12515 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0538ec29 code=0x7ffc0000
[  565.543185][T12522] netlink: 'syz.1.1858': attribute type 5 has an invalid length.
[  565.718798][   T30] audit: type=1326 audit(1758399276.330:3704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12515 comm="syz.2.1857" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0538ec29 code=0x7ffc0000
[  565.763142][ T5929] usb 1-1: USB disconnect, device number 37
[  565.773177][ T5929] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  565.784056][ T5929] ftdi_sio 1-1:0.137: device disconnected
[  565.816617][T12516] overlay: ./file0 is not a directory
[  566.203808][T12537] bond0: (slave ip6gretap0): Error: Device can not be enslaved while up
[  567.740542][T12538] binder: 12534:12538 ioctl 40087543 2000000000c0 returned -22
[  568.240076][T12556] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1866'.
[  568.778393][T12562] vfat: Bad value for 'utf8'
[  568.819011][T12564] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1870'.
[  569.416683][T12564] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1870'.
[  569.532102][T12592] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1877'.
[  569.542290][T12592] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1877'.
[  569.622660][ T6005] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  569.854102][ T6005] usb 3-1: device descriptor read/64, error -71
[  570.013259][T12590] debugfs: Bad value for 'gid'
[  570.022447][T12590] debugfs: Bad value for 'gid'
[  570.242722][ T6005] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  570.422868][ T6005] usb 3-1: device descriptor read/64, error -71
[  570.536409][ T6005] usb usb3-port1: attempt power cycle
[  570.787164][T12597] dvmrp0: entered allmulticast mode
[  571.022929][ T6005] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  571.073325][ T6005] usb 3-1: device descriptor read/8, error -71
[  571.491294][ T6005] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  571.521783][ T6005] usb 3-1: device descriptor read/8, error -71
[  571.643937][ T6005] usb usb3-port1: unable to enumerate USB device
[  571.680940][T12621] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  571.714154][T12621] CIFS mount error: No usable UNC path provided in device string!
[  571.714154][T12621] 
[  571.765471][T12621] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  572.419905][T12633] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1891'.
[  572.447340][T12633] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1891'.
[  572.470454][T12633] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  573.994679][T12662] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1899'.
[  574.100061][T12662] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1899'.
[  574.215319][ T5944] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  574.432785][ T5944] usb 3-1: Using ep0 maxpacket: 8
[  574.565275][T12680] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1903'.
[  574.643620][ T5944] usb 3-1: unable to get BOS descriptor or descriptor too short
[  574.662776][T12593] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  574.847409][ T5944] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  574.862730][ T5944] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  574.903594][ T5944] usb 3-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84
[  574.931439][ T5944] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  574.932101][T12682] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  574.952618][ T5944] usb 3-1: Product: syz
[  574.960239][ T5944] usb 3-1: Manufacturer: syz
[  574.982793][ T5944] usb 3-1: SerialNumber: syz
[  574.994096][T12593] usb 1-1: device descriptor read/64, error -71
[  575.013191][ T5944] usb 3-1: config 0 descriptor??
[  575.026662][ T5944] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  575.099117][ T5944] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -2
[  575.253050][T12593] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  575.415009][T12657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  575.462042][T12657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  575.514289][T12593] usb 1-1: device descriptor read/64, error -71
[  575.548746][T12657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  575.592423][T12657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  575.650336][ T6005] usb 3-1: USB disconnect, device number 51
[  575.675668][T12593] usb usb1-port1: attempt power cycle
[  575.985229][   T30] kauditd_printk_skb: 68 callbacks suppressed
[  575.985380][   T30] audit: type=1326 audit(1758399287.450:3773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12696 comm="syz.3.1909" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb7db8ec29 code=0x0
[  576.014081][    C1] vkms_vblank_simulate: vblank timer overrun
[  576.131709][T12593] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  576.181075][T12593] usb 1-1: device descriptor read/8, error -71
[  576.279350][T12710] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  576.340321][T12714] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1917'.
[  576.381164][T12716] netlink: 212 bytes leftover after parsing attributes in process `syz.2.1918'.
[  576.422686][T12593] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  576.442429][T12720] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1920'.
[  576.451849][T12720] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1920'.
[  576.467040][T12593] usb 1-1: device descriptor read/8, error -71
[  576.473491][ T6005] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  576.584688][T12593] usb usb1-port1: unable to enumerate USB device
[  576.637677][ T6005] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  576.669925][ T6005] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  576.722837][ T6005] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  576.739933][ T6005] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  576.760663][ T6005] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  576.772469][ T6005] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  576.781548][ T6005] usb 2-1: Manufacturer: syz
[  576.796057][ T6005] usb 2-1: config 0 descriptor??
[  576.809501][T12738] tipc: New replicast peer: 255.255.255.255
[  576.816828][T12738] tipc: Enabled bearer <udp:syz2>, priority 10
[  577.307185][T12706] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  577.501240][T12706] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  577.594450][ T6005] appleir 0003:05AC:8243.0009: unknown main item tag 0x0
[  577.704863][ T6005] appleir 0003:05AC:8243.0009: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  577.742460][T12748] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1930'.
[  577.795674][T12756] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1935'.
[  577.807609][T12756] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1935'.
[  577.826805][  T983] usb 2-1: USB disconnect, device number 45
[  578.997307][T12784] block nbd1: not configured, cannot reconfigure
[  579.192639][ T5976] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  579.292691][ T6005] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  579.342741][ T5976] usb 1-1: Using ep0 maxpacket: 16
[  579.349812][ T5976] usb 1-1: too many configurations: 60, using maximum allowed: 8
[  579.374711][ T5976] usb 1-1: New USB device found, idVendor=0471, idProduct=032c, bcdDevice=ba.e9
[  579.389745][ T5976] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=204
[  579.404420][ T5976] usb 1-1: Product: syz
[  579.409818][ T5976] usb 1-1: Manufacturer: syz
[  579.414602][ T5976] usb 1-1: SerialNumber: syz
[  579.422217][ T5976] usb 1-1: config 0 descriptor??
[  579.431228][ T5976] pwc: Philips SPC 880NC USB webcam detected.
[  579.454708][ T6005] usb 2-1: Using ep0 maxpacket: 32
[  579.470310][ T6005] usb 2-1: config 0 has an invalid interface number: 137 but max is 0
[  579.478775][ T6005] usb 2-1: config 0 has no interface number 0
[  579.485955][ T6005] usb 2-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  579.496927][ T6005] usb 2-1: config 0 interface 137 has no altsetting 0
[  579.534011][ T6005] usb 2-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  579.571443][ T6005] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  579.591118][ T6005] usb 2-1: Product: syz
[  579.598212][ T6005] usb 2-1: Manufacturer: syz
[  579.609377][ T6005] usb 2-1: SerialNumber: syz
[  579.718739][ T5976] pwc: Warning: more than 1 configuration available.
[  579.790951][ T5976] pwc: Failed to set LED on/off time (-71)
[  579.801762][ T6005] usb 2-1: config 0 descriptor??
[  579.856785][ T5976] pwc: send_video_command error -71
[  579.897651][ T6005] ftdi_sio 2-1:0.137: FTDI USB Serial Device converter detected
[  579.918015][ T5976] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  579.979643][ T5976] Philips webcam 1-1:0.0: probe with driver Philips webcam failed with error -71
[  580.001181][ T6005] usb 2-1: Detected SIO
[  580.018865][ T6005] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  580.131871][ T5976] usb 1-1: USB disconnect, device number 42
[  580.148750][ T6005] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  580.838912][T12808] debugfs: Bad value for 'gid'
[  580.844107][T12808] debugfs: Bad value for 'gid'
[  581.959542][T12818] __nla_validate_parse: 5 callbacks suppressed
[  581.959562][T12818] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1952'.
[  581.991619][ T5929] usb 2-1: USB disconnect, device number 46
[  582.012155][ T5929] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  582.034217][ T5929] ftdi_sio 2-1:0.137: device disconnected
[  582.041942][T12818] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1952'.
[  582.079045][T12818] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1952'.
[  582.323001][T12593] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  582.552989][ T5976] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  582.724258][T12593] usb 3-1: Using ep0 maxpacket: 32
[  582.736397][ T5976] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 0
[  582.765205][ T5976] usb 1-1: can't read configurations, error -22
[  582.780253][T12593] usb 3-1: config 0 has an invalid interface number: 137 but max is 0
[  582.790566][T12593] usb 3-1: config 0 has no interface number 0
[  582.800913][T12593] usb 3-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  582.811180][T12593] usb 3-1: config 0 interface 137 has no altsetting 0
[  582.821607][T12593] usb 3-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  582.831041][T12593] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  582.840755][T12593] usb 3-1: Product: syz
[  582.849340][T12593] usb 3-1: Manufacturer: syz
[  582.956163][T12593] usb 3-1: SerialNumber: syz
[  582.964658][T12593] usb 3-1: config 0 descriptor??
[  582.975621][T12593] ftdi_sio 3-1:0.137: FTDI USB Serial Device converter detected
[  582.984792][T12593] usb 3-1: Detected SIO
[  582.989249][T12593] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  583.500338][ T5976] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  583.515888][T12593] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  583.656004][ T5976] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 0
[  583.665138][ T5976] usb 1-1: can't read configurations, error -22
[  583.671929][ T5976] usb usb1-port1: attempt power cycle
[  583.714207][T12857] fuse: Bad value for 'rootmode'
[  583.848438][T12866] (unnamed net_device) (uninitialized): (slave bond_slave_1): Device is not our slave
[  583.859078][T12866] (unnamed net_device) (uninitialized): option active_slave: invalid value (bond_slave_1)
[  583.971618][T12875] netlink: 92 bytes leftover after parsing attributes in process `syz.1.1969'.
[  583.983792][T12875] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1969'.
[  583.993916][T12875] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1969'.
[  584.023002][ T5976] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  584.031937][T12869] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1967'.
[  584.061485][T12877] block nbd1: not configured, cannot reconfigure
[  584.075192][ T5976] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 0
[  584.089802][ T5976] usb 1-1: can't read configurations, error -22
[  584.381452][ T5976] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  584.409292][ T5976] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 0
[  584.418514][ T5976] usb 1-1: can't read configurations, error -22
[  584.426782][ T5976] usb usb1-port1: unable to enumerate USB device
[  584.579751][T12593] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  584.773339][T12593] usb 2-1: Using ep0 maxpacket: 32
[  584.794363][T12593] usb 2-1: config 0 has an invalid interface number: 137 but max is 0
[  584.824222][T12593] usb 2-1: config 0 has no interface number 0
[  584.858490][T12593] usb 2-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  584.876940][T12593] usb 2-1: config 0 interface 137 has no altsetting 0
[  584.903051][T12593] usb 2-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  584.923035][T12593] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  584.931656][T12593] usb 2-1: Product: syz
[  584.943037][T12593] usb 2-1: Manufacturer: syz
[  584.947946][T12593] usb 2-1: SerialNumber: syz
[  584.960411][ T5944] usb 3-1: USB disconnect, device number 52
[  584.969379][T12593] usb 2-1: config 0 descriptor??
[  585.134672][T12593] ftdi_sio 2-1:0.137: FTDI USB Serial Device converter detected
[  585.211565][T12593] usb 2-1: Detected SIO
[  585.221855][T12593] ftdi_sio ttyUSB1: Overriding wMaxPacketSize on endpoint 8
[  585.230175][ T5944] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  585.265838][T12593] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB1
[  585.274698][ T5944] ftdi_sio 3-1:0.137: device disconnected
[  586.699301][T12916] netlink: 'syz.2.1980': attribute type 1 has an invalid length.
[  586.735462][T12916] bond3: (slave gretap1): making interface the new active one
[  586.744047][T12916] bond3: (slave gretap1): Enslaving as an active interface with an up link
[  586.987290][T12919] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1981'.
[  587.236515][  T983] usb 2-1: USB disconnect, device number 47
[  587.259215][  T983] ftdi_sio ttyUSB1: FTDI USB Serial Device converter now disconnected from ttyUSB1
[  587.271922][   T30] audit: type=1326 audit(1758399298.820:3774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12913 comm="syz.2.1980" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fce0538ec29 code=0x0
[  587.299211][  T983] ftdi_sio 2-1:0.137: device disconnected
[  587.634315][T12931] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1985'.
[  587.662738][T12931] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1985'.
[  587.682464][T12931] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1985'.
[  587.953029][T12593] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  587.983071][ T6005] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  588.122992][T12593] usb 1-1: Using ep0 maxpacket: 32
[  588.137517][T12593] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9
[  588.237242][ T6005] usb 3-1: Using ep0 maxpacket: 32
[  588.246585][ T6005] usb 3-1: config 0 has an invalid interface number: 137 but max is 0
[  588.255517][ T6005] usb 3-1: config 0 has no interface number 0
[  588.262942][ T6005] usb 3-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  588.265680][T12593] usb 1-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  588.318765][ T6005] usb 3-1: config 0 interface 137 has no altsetting 0
[  588.424066][T12942] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1988'.
[  588.433248][T12942] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1988'.
[  588.487863][T12593] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  588.497849][T12593] usb 1-1: Product: syz
[  588.503796][T12593] usb 1-1: Manufacturer: syz
[  588.504045][ T6005] usb 3-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  588.539111][T12593] usb 1-1: SerialNumber: syz
[  588.548131][ T6005] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  588.558435][T12593] usb 1-1: config 0 descriptor??
[  588.564671][ T6005] usb 3-1: Product: syz
[  588.564676][T12934] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  588.579527][T12593] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input20
[  588.604314][ T6005] usb 3-1: Manufacturer: syz
[  588.610496][ T6005] usb 3-1: SerialNumber: syz
[  588.626740][ T6005] usb 3-1: config 0 descriptor??
[  588.648948][ T6005] ftdi_sio 3-1:0.137: FTDI USB Serial Device converter detected
[  588.661999][ T6005] usb 3-1: Detected SIO
[  588.667511][ T6005] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  588.679615][ T6005] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  589.461669][T12953] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  590.614280][T12963] debugfs: Bad value for 'gid'
[  590.633681][T12963] debugfs: Bad value for 'gid'
[  590.652509][  T983] usb 3-1: USB disconnect, device number 53
[  590.669626][  T983] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  590.752924][  T983] ftdi_sio 3-1:0.137: device disconnected
[  590.802739][ T6005] usb 1-1: USB disconnect, device number 47
[  590.808878][    C1] usbtouchscreen 1-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  591.452774][ T6005] usb 1-1: new high-speed USB device number 48 using dummy_hcd
[  591.602876][ T6005] usb 1-1: Using ep0 maxpacket: 16
[  591.610009][ T6005] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  591.621172][ T6005] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  591.631182][ T6005] usb 1-1: config 0 interface 0 has no altsetting 0
[  591.637840][ T6005] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  591.647179][ T6005] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  591.657678][ T6005] usb 1-1: config 0 descriptor??
[  593.036895][ T5862] usb 2-1: new full-speed USB device number 48 using dummy_hcd
[  594.546961][T12987] random: crng reseeded on system resumption
[  594.568204][ T6005] usbhid 1-1:0.0: can't add hid device: -71
[  594.588984][ T6005] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  594.853653][T12991] netlink: 92 bytes leftover after parsing attributes in process `syz.0.2005'.
[  594.864232][T12991] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2005'.
[  594.865489][   T30] audit: type=1326 audit(1758399306.430:3775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12986 comm="syz.2.2003" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce0538ec29 code=0x0
[  594.874167][T12991] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2005'.
[  594.902977][ T6005] usb 1-1: USB disconnect, device number 48
[  594.937480][T12994] I/O error, dev loop1, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  594.949846][T12987] netlink: 280 bytes leftover after parsing attributes in process `syz.2.2003'.
[  595.000964][T12994] EXT4-fs (loop1): unable to read superblock
[  595.202169][T13003] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2006'.
[  595.213702][T13003] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2006'.
[  595.226206][T13003] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2006'.
[  595.403298][T13003] exFAT-fs (loop1): mounting with "discard" option, but the device does not support discard
[  595.403622][ T6005] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  595.414452][T13003] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  595.582180][T13003] exFAT-fs (loop1): unable to read boot sector
[  595.588945][T13003] exFAT-fs (loop1): failed to read boot sector
[  595.597525][T13003] exFAT-fs (loop1): failed to recognize exfat type
[  595.666477][T13007] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2008'.
[  595.677147][T13007] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2008'.
[  596.072635][ T6005] usb 1-1: Using ep0 maxpacket: 32
[  596.080092][ T6005] usb 1-1: config 0 has an invalid interface number: 137 but max is 0
[  596.102086][ T6005] usb 1-1: config 0 has no interface number 0
[  596.122497][ T6005] usb 1-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  596.136119][ T6005] usb 1-1: config 0 interface 137 has no altsetting 0
[  596.152144][ T6005] usb 1-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  596.172684][ T6005] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  596.226072][ T6005] usb 1-1: Product: syz
[  596.234767][ T6005] usb 1-1: Manufacturer: syz
[  596.243169][ T6005] usb 1-1: SerialNumber: syz
[  596.265196][ T6005] usb 1-1: config 0 descriptor??
[  596.282465][ T6005] ftdi_sio 1-1:0.137: FTDI USB Serial Device converter detected
[  596.307913][ T6005] usb 1-1: Detected SIO
[  596.319537][ T6005] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  596.355707][ T6005] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  596.742688][    T9] usb 2-1: new full-speed USB device number 49 using dummy_hcd
[  596.914636][    T9] usb 2-1: config 0 has an invalid interface number: 110 but max is 0
[  596.923434][    T9] usb 2-1: config 0 has no interface number 0
[  596.934184][    T9] usb 2-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=66.39
[  596.946033][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  596.955015][    T9] usb 2-1: Product: syz
[  596.959629][    T9] usb 2-1: Manufacturer: syz
[  596.964951][    T9] usb 2-1: SerialNumber: syz
[  596.972478][    T9] usb 2-1: config 0 descriptor??
[  596.980885][    T9] ftdi_sio 2-1:0.110: FTDI USB Serial Device converter detected
[  596.991513][    T9] ftdi_sio ttyUSB1: unknown device type: 0x6639
[  597.075017][T13032] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2017'.
[  597.185417][ T5862] usb 2-1: USB disconnect, device number 49
[  597.216579][ T5862] ftdi_sio 2-1:0.110: device disconnected
[  597.638425][T13042] EXT4-fs: Ignoring removed nomblk_io_submit option
[  597.650466][T13042] I/O error, dev loop2, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  597.665590][T13042] EXT4-fs (loop2): unable to read superblock
[  597.770445][T13048] random: crng reseeded on system resumption
[  597.794339][   T30] audit: type=1326 audit(1758399309.360:3776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13047 comm="syz.1.2022" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc4ab78ec29 code=0x0
[  597.855982][    T9] usb 1-1: USB disconnect, device number 49
[  597.871585][    T9] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  597.895777][    T9] ftdi_sio 1-1:0.137: device disconnected
[  598.369996][ T5862] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  598.579778][ T5862] usb 3-1: Using ep0 maxpacket: 16
[  598.703916][ T5862] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  598.759176][ T5862] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  598.769150][ T5862] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  598.777939][ T5862] usb 3-1: Product: syz
[  598.782429][ T5862] usb 3-1: Manufacturer: syz
[  598.787524][ T5862] usb 3-1: SerialNumber: syz
[  598.848124][ T5862] usb 3-1: config 0 descriptor??
[  598.868412][ T5862] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  598.889262][ T5862] em28xx 3-1:0.0: DVB interface 0 found: bulk
[  598.933837][T13079] overlayfs: failed to clone upperpath
[  599.013819][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  599.285642][T13099] overlayfs: failed to resolve './bus/file0': -2
[  599.355605][ T5862] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  599.448896][ T5862] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  599.465889][ T5862] em28xx 3-1:0.0: board has no eeprom
[  599.533869][ T5862] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  599.541742][ T5862] em28xx 3-1:0.0: dvb set to bulk mode.
[  599.547797][ T6005] usb 2-1: new full-speed USB device number 50 using dummy_hcd
[  599.559245][T12593] em28xx 3-1:0.0: Binding DVB extension
[  599.602448][ T5862] usb 3-1: USB disconnect, device number 54
[  599.629032][ T5862] em28xx 3-1:0.0: Disconnecting em28xx
[  599.703462][ T6005] usb 2-1: device descriptor read/64, error -71
[  599.733780][T12593] em28xx 3-1:0.0: Registering input extension
[  599.741006][ T5862] em28xx 3-1:0.0: Closing input extension
[  599.761652][ T5862] em28xx 3-1:0.0: Freeing device
[  599.790580][T13127] netlink: 'syz.4.2044': attribute type 14 has an invalid length.
[  599.805094][T13124] delete_channel: no stack
[  599.952625][ T6005] usb 2-1: new full-speed USB device number 51 using dummy_hcd
[  599.983868][   T30] audit: type=1326 audit(1758399567.545:3777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13141 comm="syz.4.2048" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6eee38ec29 code=0x0
[  600.124428][T13145] __nla_validate_parse: 17 callbacks suppressed
[  600.124449][T13145] netlink: 280 bytes leftover after parsing attributes in process `syz.4.2048'.
[  600.183604][ T6005] usb 2-1: device descriptor read/64, error -71
[  600.342249][T13153] netlink: 7 bytes leftover after parsing attributes in process `syz.0.2049'.
[  601.022901][ T6005] usb usb2-port1: attempt power cycle
[  601.227251][   T30] audit: type=1326 audit(1758399568.785:3778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13156 comm="syz.0.2052" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0d6298ec29 code=0x0
[  601.261396][T13159] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2053'.
[  601.271162][T13159] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2053'.
[  601.280817][T13159] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2053'.
[  601.351669][T13165] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2055'.
[  601.542783][ T6005] usb 2-1: new full-speed USB device number 52 using dummy_hcd
[  601.563344][ T6005] usb 2-1: device descriptor read/8, error -71
[  601.602835][T12593] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  601.635311][T13170] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2056'.
[  601.644424][T13170] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2056'.
[  601.653578][T13170] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2056'.
[  601.683009][T13167] overlayfs: conflicting options: nfs_export=on,index=off
[  601.747449][T13173] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2057'.
[  601.762852][T12593] usb 3-1: Using ep0 maxpacket: 32
[  601.770084][T12593] usb 3-1: config 0 has an invalid interface number: 137 but max is 0
[  601.779419][T12593] usb 3-1: config 0 has no interface number 0
[  601.789138][T12593] usb 3-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  601.799632][T12593] usb 3-1: config 0 interface 137 has no altsetting 0
[  601.806723][ T6005] usb 2-1: new full-speed USB device number 53 using dummy_hcd
[  601.817467][T12593] usb 3-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  601.828815][T12593] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  601.837199][T12593] usb 3-1: Product: syz
[  601.842087][ T6005] usb 2-1: device descriptor read/8, error -71
[  601.849676][T12593] usb 3-1: Manufacturer: syz
[  601.857421][T12593] usb 3-1: SerialNumber: syz
[  601.865732][T12593] usb 3-1: config 0 descriptor??
[  601.875640][T12593] ftdi_sio 3-1:0.137: FTDI USB Serial Device converter detected
[  601.885765][T12593] usb 3-1: Detected SIO
[  601.890187][T12593] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  601.900362][T12593] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  601.954596][ T6005] usb usb2-port1: unable to enumerate USB device
[  604.305541][   T30] audit: type=1326 audit(1758399571.865:3779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13202 comm="syz.4.2066" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6eee38ec29 code=0x0
[  604.333568][  T983] usb 3-1: USB disconnect, device number 55
[  604.360856][  T983] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  604.380889][  T983] ftdi_sio 3-1:0.137: device disconnected
[  604.564907][T13210] I/O error, dev loop2, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  604.575369][T13210] EXT4-fs (loop2): unable to read superblock
[  605.164707][T13213] __nla_validate_parse: 4 callbacks suppressed
[  605.164724][T13213] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2068'.
[  605.181405][T13213] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2068'.
[  605.191741][T13213] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2068'.
[  605.508220][T13213] exFAT-fs (loop2): mounting with "discard" option, but the device does not support discard
[  605.563658][T13213] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  605.688667][T13213] exFAT-fs (loop2): unable to read boot sector
[  605.695910][T13213] exFAT-fs (loop2): failed to read boot sector
[  605.713916][T13213] exFAT-fs (loop2): failed to recognize exfat type
[  606.465940][T13230] netlink: 212 bytes leftover after parsing attributes in process `syz.4.2074'.
[  606.614179][T13237] EXT4-fs: Ignoring removed nomblk_io_submit option
[  606.636397][T13237] I/O error, dev loop2, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  606.662314][T13223] overlayfs: missing 'workdir'
[  606.667862][T13237] EXT4-fs (loop2): unable to read superblock
[  606.762693][T12593] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  606.923080][T12593] usb 1-1: Using ep0 maxpacket: 16
[  607.439281][T12593] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 32
[  607.475144][T12593] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  607.487949][T12593] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  607.501912][T12593] usb 1-1: Product: syz
[  607.508508][T12593] usb 1-1: Manufacturer: ш
[  607.514428][T12593] usb 1-1: SerialNumber: syz
[  607.622047][T13252] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2083'.
[  607.633138][T13252] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2083'.
[  607.643078][T13252] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2083'.
[  607.959339][T12593] cdc_ncm 1-1:1.0: bind() failure
[  607.998632][T12593] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  608.029380][T12593] cdc_ncm 1-1:1.1: bind() failure
[  608.077015][T12593] usb 1-1: USB disconnect, device number 50
[  608.524847][T13269] netlink: 212 bytes leftover after parsing attributes in process `syz.2.2087'.
[  608.732721][ T5994] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  609.047230][T13274] vfat: Bad value for 'utf8'
[  609.224546][ T5994] usb 1-1: Using ep0 maxpacket: 16
[  609.237459][ T5994] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  609.252223][ T5994] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  609.285031][ T5994] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  609.295031][ T5994] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  609.318420][ T5994] usb 1-1: Product: syz
[  609.328658][ T5994] usb 1-1: Manufacturer: syz
[  609.340104][ T5994] usb 1-1: SerialNumber: syz
[  609.442485][T13285] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2093'.
[  609.454294][T13285] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2093'.
[  609.753184][  T983] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  610.605661][  T983] usb 3-1: Using ep0 maxpacket: 32
[  610.628614][  T983] usb 3-1: config 0 has an invalid interface number: 137 but max is 0
[  610.638061][T13294] __nla_validate_parse: 1 callbacks suppressed
[  610.638079][T13294] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2096'.
[  610.653928][  T983] usb 3-1: config 0 has no interface number 0
[  610.663281][  T983] usb 3-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  610.707935][  T983] usb 3-1: config 0 interface 137 has no altsetting 0
[  610.743564][  T983] usb 3-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  610.754366][  T983] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  610.766373][  T983] usb 3-1: Product: syz
[  610.781484][  T983] usb 3-1: Manufacturer: syz
[  610.794645][  T983] usb 3-1: SerialNumber: syz
[  610.817732][  T983] usb 3-1: config 0 descriptor??
[  610.840308][  T983] ftdi_sio 3-1:0.137: FTDI USB Serial Device converter detected
[  610.850158][  T983] usb 3-1: Detected SIO
[  610.854895][  T983] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  610.870853][  T983] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  611.536493][ T5994] usb 1-1: 0:2 : does not exist
[  611.804756][ T5994] usb 1-1: USB disconnect, device number 51
[  612.321777][  T983] usb 3-1: USB disconnect, device number 56
[  612.333161][  T983] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  612.345535][  T983] ftdi_sio 3-1:0.137: device disconnected
[  612.442386][T13311] netlink: 212 bytes leftover after parsing attributes in process `syz.2.2101'.
[  612.853697][  T983] usb 2-1: new full-speed USB device number 54 using dummy_hcd
[  612.978016][T13330] random: crng reseeded on system resumption
[  613.015060][  T983] usb 2-1: config 0 has an invalid interface number: 93 but max is 0
[  613.030828][  T983] usb 2-1: config 0 has no interface number 0
[  613.150190][   T30] audit: type=1326 audit(1758399580.585:3780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13328 comm="syz.2.2108" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce0538ec29 code=0x0
[  613.178602][  T983] usb 2-1: New USB device found, idVendor=10b8, idProduct=1bb4, bcdDevice=34.65
[  613.188397][  T983] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=67
[  613.201225][  T983] usb 2-1: Product: syz
[  613.201430][T13331] netlink: 280 bytes leftover after parsing attributes in process `syz.2.2108'.
[  613.219995][  T983] usb 2-1: Manufacturer: syz
[  613.237398][T13332] Invalid ELF header magic: != ELF
[  613.252364][  T983] usb 2-1: SerialNumber: syz
[  613.272827][  T983] usb 2-1: config 0 descriptor??
[  613.492773][  T983] dvb-usb: found a 'DiBcom TFE7090PVR reference design' in warm state.
[  613.507350][  T983] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  613.517716][  T983] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  613.527361][  T983] usb 2-1: media controller created
[  613.543401][  T983] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  613.621618][  T983] DVB: Unable to find symbol dib7000p_attach()
[  613.629574][  T983] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  613.639336][  T983] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  613.649593][  T983] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  613.663666][  T983] usb 2-1: media controller created
[  613.673860][  T983] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  613.694558][  T983] dib0700: the master dib7090 has to be initialized first
[  613.701997][  T983] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  613.784740][  T983] rc_core: IR keymap rc-dib0700-rc5 not found
[  613.791520][  T983] Registered IR keymap rc-empty
[  613.796958][  T983] dvb-usb: could not initialize remote control.
[  613.869088][  T983] dvb-usb: DiBcom TFE7090PVR reference design successfully initialized and connected.
[  614.603165][  T983] usb 2-1: USB disconnect, device number 54
[  614.714910][  T983] dvb-usb: DiBcom TFE7090PVR reference design successfully deinitialized and disconnected.
[  614.742128][T13350] netlink: 212 bytes leftover after parsing attributes in process `syz.3.2113'.
[  614.765332][T13348] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 2
[  614.865839][T13348] SQUASHFS error: Failed to read block 0x0: -5
[  614.875698][T13348] unable to read squashfs_super_block
[  616.056878][T13375] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2120'.
[  616.526706][ T5944] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  616.548621][T13378] netlink: 'syz.2.2122': attribute type 11 has an invalid length.
[  616.628537][T13378] I/O error, dev loop2, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  616.638342][T13378] EXT4-fs (loop2): unable to read superblock
[  616.710699][ T5944] usb 2-1: New USB device found, idVendor=0b95, idProduct=772b, bcdDevice=a2.4c
[  616.743951][ T5944] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  616.806949][ T5944] usb 2-1: Product: syz
[  616.815329][ T5944] usb 2-1: Manufacturer: syz
[  616.820231][ T5944] usb 2-1: SerialNumber: syz
[  616.834449][ T5944] usb 2-1: config 0 descriptor??
[  616.993080][ T5929] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  617.254683][ T5929] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  617.302845][ T5929] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  617.323790][ T5929] usb 3-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  617.335288][ T5929] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  617.348303][ T5929] usb 3-1: config 0 descriptor??
[  617.392660][  T983] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  617.509693][T13396] netlink: 212 bytes leftover after parsing attributes in process `syz.3.2126'.
[  617.542658][  T983] usb 1-1: Using ep0 maxpacket: 16
[  617.568093][  T983] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  617.602952][  T983] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  617.617086][  T983] usb 1-1: config 0 interface 0 has no altsetting 0
[  617.624499][  T983] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  617.634846][  T983] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  617.647800][  T983] usb 1-1: config 0 descriptor??
[  617.832354][ T5944] asix 2-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  617.858252][ T5944] asix 2-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  617.876707][ T5944] asix 2-1:0.0: probe with driver asix failed with error -71
[  617.892263][ T5944] usb 2-1: USB disconnect, device number 55
[  618.209131][T13408] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2131'.
[  618.220295][T13408] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2131'.
[  618.580970][ T5929] hid-led 0003:0FC5:B080.000A: probe with driver hid-led failed with error -71
[  618.621560][ T5929] usb 3-1: USB disconnect, device number 57
[  619.003830][T13416] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2133'.
[  619.036223][T13416] ADFS-fs (nullb0): error: can't find an ADFS filesystem on dev nullb0.
[  619.739533][T13417] ceph: No mds server is up or the cluster is laggy
[  619.919796][  T983] usbhid 1-1:0.0: can't add hid device: -71
[  619.919939][T12593] libceph: connect (1)[c::]:6789 error -101
[  619.926995][  T983] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  619.946449][  T983] usb 1-1: USB disconnect, device number 52
[  620.009940][T12593] libceph: mon0 (1)[c::]:6789 connect error
[  620.933326][T13449] netlink: 92 bytes leftover after parsing attributes in process `syz.1.2142'.
[  620.944184][T13449] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2142'.
[  620.955756][T13449] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2142'.
[  621.209248][T13469] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2147'.
[  621.255205][ T6005] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  621.291482][T13469] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2147'.
[  621.322597][T12593] usb 1-1: new full-speed USB device number 53 using dummy_hcd
[  621.422598][ T6005] usb 2-1: Using ep0 maxpacket: 32
[  621.429533][ T6005] usb 2-1: config 0 has an invalid interface number: 137 but max is 0
[  621.443326][ T6005] usb 2-1: config 0 has no interface number 0
[  621.459099][ T6005] usb 2-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  621.472870][ T6005] usb 2-1: config 0 interface 137 has no altsetting 0
[  621.485748][ T6005] usb 2-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  621.499535][T12593] usb 1-1: New USB device found, idVendor=0b48, idProduct=3007, bcdDevice=4f.64
[  621.512794][T12593] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  621.524993][ T6005] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  621.535092][T12593] usb 1-1: Product: syz
[  621.539487][T12593] usb 1-1: Manufacturer: syz
[  621.549080][ T6005] usb 2-1: Product: syz
[  621.553716][T12593] usb 1-1: SerialNumber: syz
[  621.562081][ T6005] usb 2-1: Manufacturer: syz
[  621.576112][ T6005] usb 2-1: SerialNumber: syz
[  621.582265][T12593] usb 1-1: config 0 descriptor??
[  621.602115][T12593] dvb-usb: found a 'Technotrend TT Connect S2-3600' in warm state.
[  621.612252][ T6005] usb 2-1: config 0 descriptor??
[  621.625611][ T6005] ftdi_sio 2-1:0.137: FTDI USB Serial Device converter detected
[  621.639174][T12593] pctv452e: pctv452e_power_ctrl: 1
[  621.639174][T12593] 
[  621.659391][ T6005] usb 2-1: Detected SIO
[  621.664261][T12593] usb 1-1: selecting invalid altsetting 3
[  621.679058][T12593] pctv452e: pctv452e_power_ctrl: Warning set interface returned: -22
[  621.679058][T12593] 
[  621.692328][ T6005] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  621.709299][ T6005] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  621.719594][T12593] dvb-usb: bulk message failed: -22 (5/0)
[  621.736991][T12593] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  621.760729][T12593] dvb-usb: Technotrend TT Connect S2-3600 error while loading driver (-19)
[  621.856894][T13432] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  621.865957][T13432] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  621.884931][ T5929] usb 1-1: USB disconnect, device number 53
[  622.738552][T13501] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2153'.
[  623.576950][ T5929] usb 3-1: new high-speed USB device number 58 using dummy_hcd
[  623.892024][ T5929] usb 3-1: Using ep0 maxpacket: 32
[  623.900431][ T5929] usb 3-1: config 0 has an invalid interface number: 2 but max is 0
[  623.909567][ T5929] usb 3-1: config 0 has no interface number 0
[  623.915993][ T5929] usb 3-1: config 0 interface 2 has no altsetting 0
[  623.924527][ T5929] usb 3-1: New USB device found, idVendor=05cc, idProduct=3353, bcdDevice=df.1e
[  623.934018][ T5929] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  623.942816][ T5929] usb 3-1: Product: syz
[  623.947017][ T5929] usb 3-1: Manufacturer: syz
[  623.951732][ T5929] usb 3-1: SerialNumber: syz
[  623.957102][T13420] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  623.963727][T12593] usb 2-1: USB disconnect, device number 56
[  624.055479][T12593] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  624.130666][T12593] ftdi_sio 2-1:0.137: device disconnected
[  624.441362][ T5929] usb 3-1: config 0 descriptor??
[  624.598246][T13420] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  624.609309][T13420] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  624.721175][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  624.729394][T13420] usb 1-1: Product: syz
[  624.730433][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  624.736297][ T5929] usb 3-1: [ueagle-atm] ADSL device founded vid (0X5CC) pid (0X3353) Rev (0XDF1E): ADI930
[  624.751072][T13420] usb 1-1: Manufacturer: syz
[  624.763158][T13420] usb 1-1: SerialNumber: syz
[  625.405924][T13551] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2167'.
[  625.684069][ T5929] ueagle-atm 3-1:0.2: usbatm_usb_probe: bind failed: -19!
[  625.706795][T13554] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[  626.121025][ T5929] usb 3-1: USB disconnect, device number 58
[  626.238124][T13559] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2169'.
[  626.248590][T13559] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2169'.
[  626.258210][T13559] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2169'.
[  626.352302][T13563] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2171'.
[  626.362928][T13564] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2171'.
[  626.469560][T13567] netlink: 92 bytes leftover after parsing attributes in process `syz.1.2172'.
[  626.480261][T13567] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2172'.
[  626.489629][T13567] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2172'.
[  626.558805][T13568] block nbd1: not configured, cannot reconfigure
[  626.720062][T13518] netlink: 'syz.0.2159': attribute type 1 has an invalid length.
[  626.753316][T13518] 8021q: adding VLAN 0 to HW filter on device bond6
[  626.779803][T13518] bond6: (slave gretap1): making interface the new active one
[  626.789443][T13518] bond6: (slave gretap1): Enslaving as an active interface with an up link
[  626.808224][T13420] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000040. ret = -EPROTO
[  626.821282][T13420] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPROTO
[  626.835648][T13420] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  626.848135][T13420] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  626.853666][ T6005] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  626.860044][T13420] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  626.875696][T13420] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71
[  626.888400][T13420] usb 1-1: USB disconnect, device number 54
[  626.930232][T13572] netlink: 'syz.4.2173': attribute type 3 has an invalid length.
[  626.938940][T13572] netlink: 3 bytes leftover after parsing attributes in process `syz.4.2173'.
[  627.012663][ T6005] usb 2-1: Using ep0 maxpacket: 32
[  627.021841][ T6005] usb 2-1: config 0 has an invalid interface number: 137 but max is 0
[  627.074738][ T6005] usb 2-1: config 0 has no interface number 0
[  627.081058][ T6005] usb 2-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  627.091796][ T6005] usb 2-1: config 0 interface 137 has no altsetting 0
[  627.103037][ T6005] usb 2-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  627.113738][ T6005] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  627.122721][ T6005] usb 2-1: Product: syz
[  627.127640][ T6005] usb 2-1: Manufacturer: syz
[  627.132406][ T6005] usb 2-1: SerialNumber: syz
[  627.141203][ T6005] usb 2-1: config 0 descriptor??
[  627.149681][ T6005] ftdi_sio 2-1:0.137: FTDI USB Serial Device converter detected
[  627.159496][ T6005] usb 2-1: Detected SIO
[  627.164142][ T6005] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  627.178768][ T6005] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  627.265644][T13582] bond0: (slave ip6gretap0): Error: Device can not be enslaved while up
[  627.305680][T13582] overlayfs: failed to clone upperpath
[  628.458562][T13597] comedi comedi1: bad chanlist[0]=0x00000004 chan=4 range length=1
[  628.556971][T13602] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2181'.
[  630.248810][T12593] usb 2-1: USB disconnect, device number 57
[  630.261494][T12593] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  630.284693][T12593] ftdi_sio 2-1:0.137: device disconnected
[  631.194937][T13643] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[  631.553380][ T5929] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  631.754583][ T5929] usb 2-1: config 4 has an invalid interface number: 100 but max is 0
[  631.765064][ T5929] usb 2-1: config 4 has an invalid interface number: 167 but max is 0
[  631.790854][ T5929] usb 2-1: config 4 has 2 interfaces, different from the descriptor's value: 1
[  631.827080][ T5929] usb 2-1: config 4 has no interface number 0
[  631.849433][ T5929] usb 2-1: config 4 has no interface number 1
[  631.865331][ T5929] usb 2-1: too many endpoints for config 4 interface 167 altsetting 196: 212, using maximum allowed: 30
[  631.895802][ T5929] usb 2-1: config 4 interface 167 altsetting 196 has 0 endpoint descriptors, different from the interface descriptor's value: 212
[  631.924967][ T5929] usb 2-1: config 4 interface 100 has no altsetting 0
[  631.932263][ T5929] usb 2-1: config 4 interface 167 has no altsetting 0
[  631.942757][ T5929] usb 2-1: New USB device found, idVendor=413c, idProduct=81cc, bcdDevice=92.8a
[  631.952152][ T5929] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  631.961357][ T5929] usb 2-1: Product: syz
[  631.965836][ T5929] usb 2-1: Manufacturer: syz
[  631.970679][ T5929] usb 2-1: SerialNumber: syz
[  632.498218][T13651] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  632.507304][T13651] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  632.635691][T13687] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  632.645315][T13687] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  632.663869][T13687] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  632.675831][T13687] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  633.662489][T13706] __nla_validate_parse: 2 callbacks suppressed
[  633.670767][T13706] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2207'.
[  633.754397][T13713] vfat: Bad value for 'utf8'
[  634.325105][T13420] usb 2-1: USB disconnect, device number 58
[  637.167575][T13765] debugfs: Bad value for 'gid'
[  637.177458][T13765] debugfs: Bad value for 'gid'
[  637.392757][ T6005] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  637.683007][ T6005] usb 2-1: Using ep0 maxpacket: 32
[  637.706799][ T6005] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 9
[  637.737975][ T6005] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  637.748542][ T6005] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  637.760082][ T6005] usb 2-1: Product: syz
[  637.768003][ T6005] usb 2-1: Manufacturer: syz
[  637.773932][ T6005] usb 2-1: SerialNumber: syz
[  637.838805][ T6005] usb 2-1: config 0 descriptor??
[  637.850350][T13767] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  637.885622][ T6005] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input23
[  638.443743][T13794] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2230'.
[  638.552044][T13800] netlink: 92 bytes leftover after parsing attributes in process `syz.0.2231'.
[  638.566643][T13800] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2231'.
[  638.578022][T13800] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2231'.
[  638.658760][T13803] block nbd0: not configured, cannot reconfigure
[  639.522889][T12593] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  639.923068][T12593] usb 1-1: Using ep0 maxpacket: 32
[  639.940077][T12593] usb 1-1: config 0 has an invalid interface number: 137 but max is 0
[  639.949085][T12593] usb 1-1: config 0 has no interface number 0
[  639.956917][T12593] usb 1-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  639.972772][T12593] usb 1-1: config 0 interface 137 has no altsetting 0
[  640.549913][T13824] workqueue: Failed to create a rescuer kthread for wq "ceph-watch-notify": -EINTR
[  640.672925][T12593] usb 1-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  640.692103][T12593] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  640.701397][T12593] usb 1-1: Product: syz
[  640.706112][T12593] usb 1-1: Manufacturer: syz
[  640.711357][T12593] usb 1-1: SerialNumber: syz
[  640.804733][T12593] usb 1-1: config 0 descriptor??
[  640.838408][  T983] usb 2-1: USB disconnect, device number 59
[  640.838589][    C1] usbtouchscreen 2-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19
[  640.865111][T12593] ftdi_sio 1-1:0.137: FTDI USB Serial Device converter detected
[  641.082370][T12593] usb 1-1: Detected SIO
[  641.087226][T12593] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  641.111936][T12593] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  641.213831][T13833] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2237'.
[  641.224349][T13833] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2237'.
[  641.737538][T13832] EXT4-fs: Ignoring removed nomblk_io_submit option
[  641.763838][T13832] I/O error, dev loop1, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  641.779070][T13832] EXT4-fs (loop1): unable to read superblock
[  642.195525][ T6005] usb 1-1: USB disconnect, device number 55
[  642.202964][T12593] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  642.242165][ T6005] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  642.263277][ T6005] ftdi_sio 1-1:0.137: device disconnected
[  642.339756][T13845] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2242'.
[  642.417359][T12593] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  642.470377][T12593] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  642.562934][T12593] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  642.576719][T12593] usb 2-1: config 1 has no interface number 1
[  642.587706][T12593] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  642.605243][T12593] usb 2-1: config 1 interface 2 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  642.630925][T12593] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  642.697051][T12593] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  642.745790][T12593] usb 2-1: Product: syz
[  642.803389][T12593] usb 2-1: Manufacturer: syz
[  642.847765][T12593] usb 2-1: SerialNumber: syz
[  643.250483][T13854] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2238'.
[  644.529599][T12593] usb 2-1: No endpoint at altset 1, falling back to MIDI 1.0
[  644.552070][T12593] usb 2-1: MIDIStreaming interface descriptor not found
[  645.313211][T12593] usb 2-1: USB disconnect, device number 60
[  645.588796][T13878] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2249'.
[  645.599455][T13878] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2249'.
[  646.160525][T13884] binder: 13874:13884 ioctl 40045569 b returned -22
[  646.598024][T13886] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2253'.
[  646.607897][T13886] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2253'.
[  646.619309][T13886] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2253'.
[  646.920929][T13896] netlink: 6 bytes leftover after parsing attributes in process `syz.1.2256'.
[  646.929994][T13896] netlink: 6 bytes leftover after parsing attributes in process `syz.1.2256'.
[  649.020799][T13909] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2257'.
[  649.442812][   T30] audit: type=1326 audit(1758399616.775:3781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13906 comm="syz.3.2258" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb7db8ec29 code=0x0
[  650.369796][T13932] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2265'.
[  650.381089][T13932] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2265'.
[  650.408526][  T983] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  650.879207][T13935] overlayfs: failed to clone upperpath
[  651.285234][T13935] 9pnet_fd: Insufficient options for proto=fd
[  651.581580][  T983] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  652.205296][  T983] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  652.248421][  T983] usb 2-1: Product: syz
[  652.260381][  T983] usb 2-1: Manufacturer: syz
[  652.438199][  T983] usb 2-1: SerialNumber: syz
[  653.075715][T13951] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2270'.
[  653.085509][T13951] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2270'.
[  653.096085][T13951] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2270'.
[  653.815527][ T5862] usb 3-1: new high-speed USB device number 59 using dummy_hcd
[  653.968860][T13964] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2272'.
[  653.992354][  T983] usb 2-1: can't set config #1, error -71
[  654.002056][ T5862] usb 3-1: Using ep0 maxpacket: 32
[  654.029972][ T5862] usb 3-1: config 0 has an invalid interface number: 137 but max is 0
[  654.050214][ T5862] usb 3-1: config 0 has no interface number 0
[  654.053067][  T983] usb 2-1: USB disconnect, device number 61
[  654.060251][ T5862] usb 3-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  654.088719][ T5862] usb 3-1: config 0 interface 137 has no altsetting 0
[  654.152121][ T5862] usb 3-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  654.175121][ T5862] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  654.185050][ T5862] usb 3-1: Product: syz
[  654.189847][ T5862] usb 3-1: Manufacturer: syz
[  654.222418][ T5862] usb 3-1: SerialNumber: syz
[  654.582102][ T5862] usb 3-1: config 0 descriptor??
[  654.596462][ T5862] ftdi_sio 3-1:0.137: FTDI USB Serial Device converter detected
[  654.603411][   T30] audit: type=1326 audit(1758399622.155:3782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13974 comm="syz.3.2278" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb7db8ec29 code=0x0
[  654.661617][ T5862] usb 3-1: Detected SIO
[  654.677202][ T5862] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  654.716649][ T5862] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  655.633698][T13997] vfat: Bad value for 'utf8'
[  655.804936][ T5862] usb 1-1: new full-speed USB device number 56 using dummy_hcd
[  655.917580][T12593] usb 3-1: USB disconnect, device number 59
[  655.985484][ T5862] usb 1-1: New USB device found, idVendor=0b48, idProduct=3007, bcdDevice=4f.64
[  656.000996][T12593] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  656.010998][ T5862] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  656.019494][T12593] ftdi_sio 3-1:0.137: device disconnected
[  656.027347][ T5862] usb 1-1: Product: syz
[  656.031812][ T5862] usb 1-1: Manufacturer: syz
[  656.041770][ T5862] usb 1-1: SerialNumber: syz
[  656.049846][ T5862] usb 1-1: config 0 descriptor??
[  656.063115][ T5862] dvb-usb: found a 'Technotrend TT Connect S2-3600' in warm state.
[  656.083673][ T5862] pctv452e: pctv452e_power_ctrl: 1
[  656.083673][ T5862] 
[  656.096693][ T5862] usb 1-1: selecting invalid altsetting 3
[  656.104518][ T5862] pctv452e: pctv452e_power_ctrl: Warning set interface returned: -22
[  656.104518][ T5862] 
[  656.133390][ T5862] dvb-usb: bulk message failed: -22 (5/0)
[  656.142442][ T5862] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  656.192419][ T5862] dvb-usb: Technotrend TT Connect S2-3600 error while loading driver (-19)
[  656.658811][T13420] usb 1-1: USB disconnect, device number 56
[  657.082469][T14024] overlayfs: failed to resolve './cgroup': -2
[  657.379964][T14039] I/O error, dev loop1, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  657.395006][T14039] EXT4-fs (loop1): unable to read superblock
[  657.463380][T14041] random: crng reseeded on system resumption
[  657.531032][T14042] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2297'.
[  657.543638][T14042] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2297'.
[  657.564021][T14042] netlink: 72 bytes leftover after parsing attributes in process `syz.1.2297'.
[  657.679576][   T30] audit: type=1326 audit(1758399625.235:3783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14040 comm="syz.0.2298" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0d6298ec29 code=0x0
[  657.720090][T14039] exFAT-fs (loop1): mounting with "discard" option, but the device does not support discard
[  657.730580][T14039] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  657.740282][T14039] exFAT-fs (loop1): unable to read boot sector
[  657.746832][T14039] exFAT-fs (loop1): failed to read boot sector
[  657.753282][T14039] exFAT-fs (loop1): failed to recognize exfat type
[  657.791635][T14045] netlink: 212 bytes leftover after parsing attributes in process `syz.2.2299'.
[  658.222641][  T983] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  658.310416][T14063] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[  658.789344][  T983] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  658.810034][  T983] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  658.830874][  T983] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  658.840321][  T983] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  658.852025][  T983] usb 2-1: config 0 descriptor??
[  659.286657][T14072] ceph: No mds server is up or the cluster is laggy
[  659.296149][ T5994] libceph: connect (1)[c::]:6789 error -101
[  659.343320][ T5994] libceph: mon0 (1)[c::]:6789 connect error
[  659.674467][  T983] cp2112 0003:10C4:EA90.000B: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0
[  659.755217][  T983] cp2112 0003:10C4:EA90.000B: error requesting version
[  659.772456][  T983] cp2112 0003:10C4:EA90.000B: probe with driver cp2112 failed with error -32
[  659.905269][T14079] ip6gretap0 speed is unknown, defaulting to 1000
[  659.960760][T14087] netlink: 212 bytes leftover after parsing attributes in process `syz.2.2312'.
[  660.190485][T14079] lo speed is unknown, defaulting to 1000
[  660.538132][T14099] netlink: 92 bytes leftover after parsing attributes in process `syz.0.2315'.
[  660.548221][T14099] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2315'.
[  660.586337][T14099] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2315'.
[  660.593180][  T983] usb 3-1: new full-speed USB device number 60 using dummy_hcd
[  660.801460][  T983] usb 3-1: config 0 has an invalid interface number: 113 but max is 0
[  660.837449][  T983] usb 3-1: config 0 has no interface number 0
[  660.972643][ T5929] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  662.054951][ T5929] usb 1-1: Using ep0 maxpacket: 32
[  662.970138][  T983] usb 3-1: config 0 interface 113 altsetting 2 has an endpoint descriptor with address 0xE7, changing to 0x87
[  662.993484][ T5929] usb 1-1: config 0 has an invalid interface number: 137 but max is 0
[  663.003686][ T5929] usb 1-1: config 0 has no interface number 0
[  663.009944][  T983] usb 3-1: config 0 interface 113 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  663.021059][ T5929] usb 1-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  663.032128][  T983] usb 3-1: config 0 interface 113 has no altsetting 0
[  663.039744][ T5929] usb 1-1: config 0 interface 137 has no altsetting 0
[  663.048781][ T5921] usb 2-1: USB disconnect, device number 62
[  663.058718][ T5929] usb 1-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  663.076830][ T5929] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  663.085898][ T5929] usb 1-1: Product: syz
[  663.090301][ T5929] usb 1-1: Manufacturer: syz
[  663.095303][ T5929] usb 1-1: SerialNumber: syz
[  663.102166][ T5929] usb 1-1: config 0 descriptor??
[  663.113749][ T5929] ftdi_sio 1-1:0.137: FTDI USB Serial Device converter detected
[  663.139973][ T5929] usb 1-1: Detected SIO
[  663.153472][ T5929] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  663.170798][ T5929] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  663.372445][  T983] usb 3-1: string descriptor 0 read error: -71
[  663.385541][  T983] usb 3-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[  663.395589][  T983] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  663.897269][  T983] usb 3-1: config 0 descriptor??
[  663.917877][  T983] usb 3-1: can't set config #0, error -71
[  663.932789][  T983] usb 3-1: USB disconnect, device number 60
[  663.952183][T14120] random: crng reseeded on system resumption
[  663.980146][   T30] audit: type=1326 audit(1758399631.535:3784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14119 comm="syz.2.2321" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce0538ec29 code=0x0
[  664.007023][T14122] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2322'.
[  664.016449][T14122] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2322'.
[  664.102145][T14122] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2322'.
[  664.288378][T14129] netlink: 212 bytes leftover after parsing attributes in process `syz.4.2324'.
[  664.583661][T14130] ceph: No mds server is up or the cluster is laggy
[  664.594318][T12593] libceph: connect (1)[c::]:6789 error -13
[  664.714192][T12593] libceph: mon0 (1)[c::]:6789 connect error
[  664.869963][T12593] usb 1-1: USB disconnect, device number 57
[  664.882133][T12593] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  664.894139][T12593] ftdi_sio 1-1:0.137: device disconnected
[  664.957987][T14138] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2327'.
[  665.117187][T14148] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2331'.
[  666.016378][T14155] bond4: entered promiscuous mode
[  666.036305][T14155] bond4: entered allmulticast mode
[  666.043964][T14155] 8021q: adding VLAN 0 to HW filter on device bond4
[  667.675823][T14180] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[  668.181262][T14155] bond4 (unregistering): Released all slaves
[  668.534800][T14193] random: crng reseeded on system resumption
[  668.563536][   T30] audit: type=1326 audit(1758399636.125:3785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14191 comm="syz.2.2344" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce0538ec29 code=0x0
[  669.147951][T14197] ceph: No mds server is up or the cluster is laggy
[  669.450291][T12593] libceph: connect (1)[c::]:6789 error -101
[  669.456721][T12593] libceph: mon0 (1)[c::]:6789 connect error
[  670.501776][T14218] comedi comedi3: comedi_config --init_data is deprecated
[  670.708897][T14223] bond0: (slave ip6gretap0): Error: Device can not be enslaved while up
[  670.733115][T14222] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  670.765334][T14224] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2354'.
[  670.811273][T14224] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2354'.
[  674.172856][T14224] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2354'.
[  674.915424][T14238] netlink: 92 bytes leftover after parsing attributes in process `syz.1.2355'.
[  675.025010][T14238] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2355'.
[  675.273843][T14238] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2355'.
[  675.352758][T14238] block nbd1: not configured, cannot reconfigure
[  675.382691][  T983] usb 3-1: new high-speed USB device number 61 using dummy_hcd
[  675.735465][  T983] usb 3-1: Using ep0 maxpacket: 32
[  675.980686][  T983] usb 3-1: device descriptor read/all, error -71
[  676.103684][T14255] vfat: Bad value for 'utf8'
[  676.134116][   T30] audit: type=1326 audit(1758399643.685:3786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14259 comm="syz.3.2364" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb7db8ec29 code=0x0
[  676.156477][    C0] vkms_vblank_simulate: vblank timer overrun
[  676.195745][ T5929] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  676.362885][ T5929] usb 2-1: Using ep0 maxpacket: 32
[  676.382952][ T5929] usb 2-1: config 0 has an invalid interface number: 137 but max is 0
[  676.405418][T14271] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[  676.441242][ T5929] usb 2-1: config 0 has no interface number 0
[  676.486420][ T5929] usb 2-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  676.555145][ T5929] usb 2-1: config 0 interface 137 has no altsetting 0
[  676.624787][ T5929] usb 2-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  676.681768][ T5929] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  676.727970][ T5929] usb 2-1: Product: syz
[  676.926140][ T5929] usb 2-1: Manufacturer: syz
[  676.931123][ T5929] usb 2-1: SerialNumber: syz
[  676.940444][ T5929] usb 2-1: config 0 descriptor??
[  676.950489][ T5929] ftdi_sio 2-1:0.137: FTDI USB Serial Device converter detected
[  676.960562][ T5929] usb 2-1: Detected SIO
[  676.965563][ T5929] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  676.975036][ T5929] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  677.075494][T14278] netlink: 56 bytes leftover after parsing attributes in process `syz.0.2368'.
[  677.118629][T14280] bond0: (slave ip6gretap0): Error: Device can not be enslaved while up
[  680.400019][  T983] usb 2-1: USB disconnect, device number 63
[  680.449484][  T983] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  680.487301][  T983] ftdi_sio 2-1:0.137: device disconnected
[  681.055473][T12593] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  681.123067][  T983] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  681.436894][T12593] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  681.474296][T12593] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  681.493104][T12593] usb 1-1: Product: syz
[  681.499957][T12593] usb 1-1: Manufacturer: syz
[  681.536342][T12593] usb 1-1: SerialNumber: syz
[  681.574943][  T983] usb 2-1: Using ep0 maxpacket: 8
[  681.586702][  T983] usb 2-1: unable to get BOS descriptor or descriptor too short
[  681.597781][  T983] usb 2-1: unable to read config index 0 descriptor/start: -71
[  681.610070][  T983] usb 2-1: can't read configurations, error -71
[  683.262169][ T5862] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  683.375216][T14338] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[  683.412918][ T5862] usb 2-1: device descriptor read/64, error -71
[  683.902596][ T5862] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  684.042741][ T5862] usb 2-1: device descriptor read/64, error -71
[  684.152922][ T5862] usb usb2-port1: attempt power cycle
[  684.309731][T14340] bond0: (slave ip6gretap0): Error: Device can not be enslaved while up
[  684.325402][T14340] netlink: 'syz.3.2385': attribute type 1 has an invalid length.
[  684.348901][T14340] 8021q: adding VLAN 0 to HW filter on device bond7
[  684.382113][T12593] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000040. ret = -EPROTO
[  684.396185][T14340] overlayfs: failed to clone upperpath
[  684.404832][T12593] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPROTO
[  684.423660][T12593] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  684.435897][T12593] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  684.447298][T12593] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  684.464000][T12593] lan78xx 1-1:1.0: probe with driver lan78xx failed with error -71
[  684.593250][ T5862] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  684.601952][T12593] usb 1-1: USB disconnect, device number 58
[  684.633228][ T5862] usb 2-1: device descriptor read/8, error -71
[  684.769051][ T5994] libceph: connect (1)[c::]:6789 error -101
[  684.804705][T14345] ceph: No mds server is up or the cluster is laggy
[  684.883789][ T5994] libceph: mon0 (1)[c::]:6789 connect error
[  684.913485][ T5862] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  685.036621][ T5862] usb 2-1: device descriptor read/8, error -71
[  685.204266][ T5862] usb usb2-port1: unable to enumerate USB device
[  685.279567][T14352] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2388'.
[  685.289489][T14352] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2388'.
[  685.360660][T14352] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2388'.
[  685.511093][T14354] bridge0: port 2(bridge_slave_1) entered disabled state
[  685.518586][T14354] bridge0: port 1(bridge_slave_0) entered disabled state
[  685.608243][T14365] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2393'.
[  685.643301][T14354] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  685.657181][T14354] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  685.769185][T11290] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 20004 - 0
[  685.816223][T11290] netdevsim netdevsim0 eth0: unset [1, 1] type 2 family 0 port 6081 - 0
[  685.832652][T11290] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 20004 - 0
[  685.841492][T11290] netdevsim netdevsim0 eth1: unset [1, 1] type 2 family 0 port 6081 - 0
[  685.854574][T11290] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 20004 - 0
[  685.864109][T11290] netdevsim netdevsim0 eth2: unset [1, 1] type 2 family 0 port 6081 - 0
[  685.874316][T11290] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 20004 - 0
[  685.884191][T11290] netdevsim netdevsim0 eth3: unset [1, 1] type 2 family 0 port 6081 - 0
[  686.056570][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  686.064389][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  686.116686][T14372] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2394'.
[  686.126383][T14372] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2394'.
[  686.418966][T14381] netlink: 92 bytes leftover after parsing attributes in process `syz.0.2398'.
[  686.429556][T14381] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2398'.
[  686.439062][T14381] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2398'.
[  686.606772][T14390] block nbd0: not configured, cannot reconfigure
[  686.921872][T14394] ceph: No mds server is up or the cluster is laggy
[  686.941876][T12593] libceph: connect (1)[c::]:6789 error -101
[  686.943124][T12593] libceph: mon0 (1)[c::]:6789 connect error
[  687.209293][T12593] libceph: connect (1)[c::]:6789 error -101
[  687.306105][T12593] libceph: mon0 (1)[c::]:6789 connect error
[  687.572847][ T6005] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  687.792820][ T6005] usb 1-1: Using ep0 maxpacket: 32
[  687.922141][ T6005] usb 1-1: config 0 has an invalid interface number: 137 but max is 0
[  687.931122][ T6005] usb 1-1: config 0 has no interface number 0
[  687.937898][ T6005] usb 1-1: config 0 interface 137 altsetting 1 endpoint 0x8 has invalid wMaxPacketSize 0
[  687.968501][ T6005] usb 1-1: config 0 interface 137 has no altsetting 0
[  687.992201][ T6005] usb 1-1: New USB device found, idVendor=0c52, idProduct=2861, bcdDevice= 1.37
[  688.016945][T14410] netlink: 'syz.3.2406': attribute type 21 has an invalid length.
[  688.036547][ T6005] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  688.045867][ T6005] usb 1-1: Product: syz
[  688.050163][ T6005] usb 1-1: Manufacturer: syz
[  688.055447][ T6005] usb 1-1: SerialNumber: syz
[  688.063664][ T6005] usb 1-1: config 0 descriptor??
[  688.072130][ T6005] ftdi_sio 1-1:0.137: FTDI USB Serial Device converter detected
[  688.081907][ T6005] usb 1-1: Detected SIO
[  688.095641][ T6005] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 8
[  688.106639][ T6005] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  688.119488][T14412] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2407'.
[  689.330400][T14432] 9pnet_fd: Insufficient options for proto=fd
[  689.578983][  T983] usb 1-1: USB disconnect, device number 59
[  689.593146][ T6005] usb 3-1: new high-speed USB device number 63 using dummy_hcd
[  689.606370][  T983] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  689.623591][  T983] ftdi_sio 1-1:0.137: device disconnected
[  689.764086][ T6005] usb 3-1: Using ep0 maxpacket: 8
[  689.768451][T14445] comedi comedi3: c6xdigio: I/O port conflict (0x401,3)
[  689.788574][ T6005] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  689.823049][ T6005] usb 3-1: config 0 has no interfaces?
[  689.900275][ T6005] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  689.925443][ T6005] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  690.117458][ T6005] usb 3-1: config 0 descriptor??
[  690.390314][   T30] audit: type=1326 audit(1758399657.945:3787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14426 comm="syz.2.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0538ec29 code=0x7ffc0000
[  690.415097][   T30] audit: type=1326 audit(1758399657.945:3788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14426 comm="syz.2.2412" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fce0538ec29 code=0x7ffc0000
[  690.614584][ T5921] usb 1-1: new full-speed USB device number 60 using dummy_hcd
[  690.774723][ T5921] usb 1-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  690.787671][ T5921] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  690.799654][ T5921] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 64
[  690.811306][ T5921] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  690.820607][ T5921] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  690.831422][T14451] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  692.950573][ T5929] usb 3-1: USB disconnect, device number 63
[  692.976719][ T5921] aiptek 1-1:17.0: Aiptek using 400 ms programming speed
[  692.992309][ T5921] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input24
[  693.044357][ T5921] usb 1-1: USB disconnect, device number 60
[  693.050603][    C0] aiptek 1-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  693.803244][T14476] __nla_validate_parse: 4 callbacks suppressed
[  693.809756][T14476] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2422'.
[  693.820424][T14476] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2422'.
[  694.240499][   T30] audit: type=1326 audit(1758399661.785:3789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14483 comm="syz.3.2428" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcb7db8ec29 code=0x0
[  694.307010][T14491] netlink: 'syz.0.2429': attribute type 4 has an invalid length.
[  694.592313][T12593] usb 3-1: new high-speed USB device number 64 using dummy_hcd
[  694.782617][T12593] usb 3-1: Using ep0 maxpacket: 32
[  694.804038][T12593] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[  694.814118][T12593] usb 3-1: config 0 has no interface number 0
[  694.923963][T12593] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  694.933664][T12593] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  694.942578][T12593] usb 3-1: Product: syz
[  694.951335][T12593] usb 3-1: Manufacturer: syz
[  694.962203][T12593] usb 3-1: SerialNumber: syz
[  694.976454][T12593] usb 3-1: config 0 descriptor??
[  695.056449][T12593] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  695.258855][T12593] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  695.271415][T12593] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  696.611428][T14526] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2439'.
[  696.621980][T14526] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2439'.
[  697.736017][    C1] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[  697.744308][T12593] usb 3-1: USB disconnect, device number 64
[  697.773579][T12593] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  697.837989][T12593] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  697.901802][T12593] quatech2 3-1:0.51: device disconnected
[  698.132288][T14537] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2443'.
[  698.141897][T14537] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2443'.
[  699.358241][T14552] random: crng reseeded on system resumption
[  699.392654][   T30] audit: type=1326 audit(1758399666.945:3790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14551 comm="syz.1.2447" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc4ab78ec29 code=0x0
[  700.802920][ T5862] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  700.962643][ T5862] usb 1-1: Using ep0 maxpacket: 32
[  700.970067][ T5862] usb 1-1: config 0 has an invalid interface number: 51 but max is 0
[  700.978730][ T5862] usb 1-1: config 0 has no interface number 0
[  700.987095][ T5862] usb 1-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  700.996503][ T5862] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  701.004633][ T5862] usb 1-1: Product: syz
[  701.009053][ T5862] usb 1-1: Manufacturer: syz
[  701.013952][ T5862] usb 1-1: SerialNumber: syz
[  701.020599][ T5862] usb 1-1: config 0 descriptor??
[  701.028289][ T5862] quatech2 1-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  701.185964][T14574] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma?
[  701.291312][ T5862] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  701.315172][ T5862] usb 1-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  701.319182][T14578] netlink: 'syz.3.2456': attribute type 58 has an invalid length.
[  701.335453][T14578] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2456'.
[  701.464565][T14578] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2456'.
[  701.475672][T14578] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2456'.
[  701.685961][    C1] usb 1-1: qt2_read_bulk_callback - non-zero urb status: -71
[  701.689761][  T983] usb 1-1: USB disconnect, device number 61
[  701.704932][  T983] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  701.723207][  T983] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  701.736424][  T983] quatech2 1-1:0.51: device disconnected
[  703.092658][T14601] rdma_rxe: rxe_newlink: failed to add ip6gretap0
[  703.417278][   T30] audit: type=1326 audit(1758399670.975:3791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14604 comm="syz.4.2464" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6eee38ec29 code=0x0
[  704.468544][T14621] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2470'.
[  704.731104][T14635] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2474'.
[  704.792002][T14637] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2475'.
[  706.637008][   T30] audit: type=1326 audit(1758399674.195:3792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14667 comm="syz.4.2485" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6eee38ec29 code=0x0
[  706.674788][T14670] netlink: 212 bytes leftover after parsing attributes in process `syz.2.2486'.
[  707.212701][T12593] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  707.364551][T12593] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  707.375634][T12593] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  707.387853][T12593] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  707.406664][T12593] usb 1-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  707.447846][T12593] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  707.459373][T12593] usb 1-1: config 0 descriptor??
[  707.467802][T12593] em28xx 1-1:0.0: error: skipping audio endpoint 0x83, because it uses bulk transfers !
[  707.733724][  T983] usb 1-1: USB disconnect, device number 62
[  707.763811][T14684] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2490'.
[  708.704503][T14694] 9pnet_fd: Insufficient options for proto=fd
[  708.772912][T12593] usb 3-1: new high-speed USB device number 65 using dummy_hcd
[  708.972672][T12593] usb 3-1: Using ep0 maxpacket: 32
[  709.026608][T12593] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  709.369729][T12593] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  709.458265][T12593] usb 3-1: New USB device found, idVendor=0c70, idProduct=f00a, bcdDevice= 0.00
[  709.472047][T14706] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2496'.
[  709.557996][T12593] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  709.684244][T12593] usb 3-1: config 0 descriptor??
[  709.917316][T12593] aquacomputer_d5next 0003:0C70:F00A.000C: unknown main item tag 0x7
[  709.932084][T12593] aquacomputer_d5next 0003:0C70:F00A.000C: hidraw0: USB HID v0.00 Device [HID 0c70:f00a] on usb-dummy_hcd.2-1/input0
[  710.075410][   T30] audit: type=1326 audit(1758399677.625:3793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14719 comm="syz.4.2503" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6eee38ec29 code=0x0
[  710.117073][ T5921] usb 3-1: USB disconnect, device number 65
[  711.839751][T14753] I/O error, dev loop2, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  711.851947][T14757] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2514'.
[  711.882052][T14753] EXT4-fs (loop2): unable to read superblock
[  711.977612][T14753] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2513'.
[  711.987058][T14753] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2513'.
[  711.996252][T14753] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2513'.
[  712.015523][T14753] exFAT-fs (loop2): mounting with "discard" option, but the device does not support discard
[  712.026049][T14753] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  712.036051][T14753] exFAT-fs (loop2): unable to read boot sector
[  712.042221][T14753] exFAT-fs (loop2): failed to read boot sector
[  712.048632][T14753] exFAT-fs (loop2): failed to recognize exfat type
[  712.056713][ T5929] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[  712.525844][ T5929] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  712.540017][ T5929] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  712.747028][ T5921] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  712.758260][ T5929] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  713.221347][ T5929] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  713.231088][ T5929] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  713.268433][ T5929] usb 2-1: config 0 descriptor??
[  713.655263][ T5921] usb 1-1: config 1 has an invalid interface number: 7 but max is 0
[  713.671157][ T5921] usb 1-1: config 1 has no interface number 0
[  713.770616][ T5921] usb 1-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  713.797515][ T5929] plantronics 0003:047F:FFFF.000D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  713.809946][ T5921] usb 1-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  713.866576][ T5921] usb 1-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  713.889602][   T30] audit: type=1326 audit(1758399681.445:3794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14783 comm="syz.4.2524" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6eee38ec29 code=0x0
[  713.893158][ T5921] usb 1-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  713.911784][    C0] vkms_vblank_simulate: vblank timer overrun
[  713.962722][ T5921] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  713.962966][T14787] nftables ruleset with unbound chain
[  713.980929][ T5921] usb 1-1: Product: syz
[  713.996744][T14749] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  714.006086][T14749] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  714.031848][ T5929] usb 2-1: USB disconnect, device number 71
[  714.062552][ T5921] usb 1-1: Manufacturer: syz
[  714.067285][ T5921] usb 1-1: SerialNumber: syz
[  714.089440][T14764] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  714.267799][T14800] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  714.280612][T14800] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  714.292144][T14800] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  714.309736][T14764] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  714.324288][T14800] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  714.334690][T14800] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  714.351311][ T5868] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  714.394648][ T5868] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  714.402551][ T5868] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  714.411488][ T5868] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  714.419984][ T5868] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  714.477296][ T3527] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  714.490993][ T3527] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  714.554813][T14798] ip6gretap0 speed is unknown, defaulting to 1000
[  714.554833][ T5921] sierra_net 1-1:1.7 wwan0: register 'sierra_net' at usb-dummy_hcd.0-1, Sierra Wireless USB-to-WWAN Modem, 00:00:00:00:01:07
[  715.177857][ T5929] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[  715.191757][T14810] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  715.201647][T14810] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  715.227240][ T3527] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  715.246079][ T3527] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  715.259490][ T5921] sierra_net 1-1:1.7 wwan0: Submit SYNC failed -71
[  715.285052][ T5921] sierra_net 1-1:1.7 wwan0: Send SYNC failed, status -71
[  715.356915][ T5921] usb 1-1: USB disconnect, device number 63
[  715.363221][ T5929] usb 2-1: Using ep0 maxpacket: 32
[  715.370222][ T5929] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  715.384311][ T5921] sierra_net 1-1:1.7 wwan0: unregister 'sierra_net' usb-dummy_hcd.0-1, Sierra Wireless USB-to-WWAN Modem
[  715.406537][ T5929] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  715.427549][ T5929] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  715.452665][ T5929] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  715.485343][ T5929] usb 2-1: config 0 descriptor??
[  715.571615][ T3527] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  715.585181][ T3527] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  715.625217][T14798] lo speed is unknown, defaulting to 1000
[  715.712412][T14823] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2535'.
[  715.726657][ T3527] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  715.742623][ T3527] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  715.763503][ T5921] sierra_net 1-1:1.7 wwan0 (unregistered): usb_control_msg failed, status -19
[  715.943879][ T5929] ft260 0003:0403:6030.000E: unknown main item tag 0x7
[  716.152862][ T5929] ft260 0003:0403:6030.000E: chip code: 6424 8183
[  716.482657][ T5868] Bluetooth: hci2: command tx timeout
[  716.498497][ T5929] ft260 0003:0403:6030.000E: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.1-1/input0
[  716.711142][ T5929] ft260 0003:0403:6030.000E: failed to retrieve status: -32, no wakeup
[  716.784537][T14843] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[  716.807220][T14843] qnx6: wrong signature (magic) in superblock #1.
[  716.814901][T14843] qnx6: unable to read the first superblock
[  717.033841][ T5929] ft260 0003:0403:6030.000E: failed to retrieve status: -32
[  717.137896][T14834] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2538'.
[  717.313889][T14846] random: crng reseeded on system resumption
[  717.353399][    T9] usb 2-1: reset high-speed USB device number 72 using dummy_hcd
[  717.367056][T14847] i2c i2c-1: adapter quirk: 1st comb msg must be write (addr 0x0003, size 0, read)
[  717.368188][   T30] audit: type=1326 audit(1758399684.925:3795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14845 comm="syz.2.2541" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce0538ec29 code=0x0
[  717.471792][T14837] mmap: syz.0.2539 (14837): VmData 25841664 exceed data ulimit 10. Update limits or use boot option ignore_rlimit_data.
[  717.513010][ T3527] dvmrp1 (unregistering): left allmulticast mode
[  717.535970][ T3527] dvmrp0 (unregistering): left allmulticast mode
[  717.888831][ T3527] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  718.291630][ T3527] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  718.306211][ T3527] bond0 (unregistering): Released all slaves
[  718.322682][ T5921] usb 2-1: USB disconnect, device number 72
[  718.535675][ T3527] bond1 (unregistering): Released all slaves
[  718.547803][ T5868] Bluetooth: hci2: command tx timeout
[  719.514420][ T3527] bond2 (unregistering): Released all slaves
[  719.770308][ T3527] bond3 (unregistering): Released all slaves
[  719.794821][ T3527] bond4 (unregistering): Released all slaves
[  719.808662][ T3527] bond5 (unregistering): Released all slaves
[  719.821876][ T3527] bond6 (unregistering): Released all slaves
[  720.478537][T14882] netlink: 212 bytes leftover after parsing attributes in process `syz.1.2553'.
[  720.571215][T14884] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2554'.
[  720.580511][T14884] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2554'.
[  720.590012][T14884] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2554'.
[  720.626792][ T5868] Bluetooth: hci2: command tx timeout
[  720.801126][T14892] binder: BINDER_SET_CONTEXT_MGR already set
[  720.809364][T14892] binder: 14891:14892 ioctl 4018620d 200000000040 returned -16
[  720.867093][ T3527] bond7 (unregistering): Released all slaves
[  720.921239][T14798] chnl_net:caif_netlink_parms(): no params data found
[  721.070197][ T5994] usb 1-1: new full-speed USB device number 64 using dummy_hcd
[  721.138382][ T3527] tipc: Disabling bearer <udp:syz2>
[  721.206648][ T3527] tipc: Left network mode
[  721.213086][ T5994] usb 1-1: device descriptor read/64, error -71
[  721.366623][T14903] random: crng reseeded on system resumption
[  721.400491][   T30] audit: type=1326 audit(1758399688.955:3796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14902 comm="syz.1.2561" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc4ab78ec29 code=0x0
[  721.485568][T14798] bridge0: port 1(bridge_slave_0) entered blocking state
[  721.492769][ T5994] usb 1-1: new full-speed USB device number 65 using dummy_hcd
[  721.495904][T14798] bridge0: port 1(bridge_slave_0) entered disabled state
[  721.511304][T14798] bridge_slave_0: entered allmulticast mode
[  721.519905][T14798] bridge_slave_0: entered promiscuous mode
[  721.573619][T14798] bridge0: port 2(bridge_slave_1) entered blocking state
[  721.587512][T14798] bridge0: port 2(bridge_slave_1) entered disabled state
[  721.605106][T14798] bridge_slave_1: entered allmulticast mode
[  721.612761][T14798] bridge_slave_1: entered promiscuous mode
[  721.649491][ T5994] usb 1-1: device descriptor read/64, error -71
[  721.788721][ T5994] usb usb1-port1: attempt power cycle
[  721.926586][T14798] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  722.561038][T14798] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  722.681035][ T3527] hsr_slave_0: left promiscuous mode
[  722.689597][ T3527] hsr_slave_1: left promiscuous mode
[  722.696208][ T3527] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  722.704691][ T3527] batman_adv: batadv0: Removing interface: batadv_slave_0
[  722.711938][ T5868] Bluetooth: hci2: command tx timeout
[  722.740369][ T3527] veth1_macvtap: left promiscuous mode
[  722.748569][ T3527] veth0_macvtap: left promiscuous mode
[  722.755012][ T3527] veth1_vlan: left promiscuous mode
[  722.763576][ T3527] veth0_vlan: left promiscuous mode
[  722.855548][ T5994] usb 1-1: new full-speed USB device number 66 using dummy_hcd
[  723.066061][ T5994] usb 1-1: device descriptor read/8, error -71
[  723.234516][ T6005] libceph: connect (1)[c::]:6789 error -101
[  723.275370][T14917] ceph: No mds server is up or the cluster is laggy
[  723.372548][ T5994] usb 1-1: new full-speed USB device number 67 using dummy_hcd
[  723.392058][ T6005] libceph: mon0 (1)[c::]:6789 connect error
[  723.511701][ T5994] usb 1-1: device descriptor read/8, error -71
[  723.707127][ T5994] usb usb1-port1: unable to enumerate USB device
[  723.850441][T14924] I/O error, dev loop2, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  723.863651][T14924] EXT4-fs (loop2): unable to read superblock
[  724.286178][T14924] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2565'.
[  724.295581][T14924] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2565'.
[  724.304734][T14924] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2565'.
[  724.322542][T14924] exFAT-fs (loop2): mounting with "discard" option, but the device does not support discard
[  724.333011][T14924] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  724.342437][T14924] exFAT-fs (loop2): unable to read boot sector
[  724.348779][T14924] exFAT-fs (loop2): failed to read boot sector
[  724.355124][T14924] exFAT-fs (loop2): failed to recognize exfat type
[  724.374214][T14928] program syz.1.2566 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  724.551913][T14931] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2567'.
[  724.562708][T14931] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2567'.
[  724.635618][T14935] EXT4-fs: Ignoring removed nomblk_io_submit option
[  724.656003][T14935] I/O error, dev loop2, sector 2 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 2
[  724.685080][T14935] EXT4-fs (loop2): unable to read superblock
[  725.604307][ T3527] team0 (unregistering): Port device team_slave_1 removed
[  726.098470][ T3527] team0 (unregistering): Port device team_slave_0 removed
[  726.102709][T14948] random: crng reseeded on system resumption
[  726.130131][   T30] audit: type=1326 audit(1758399693.685:3797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14947 comm="syz.1.2573" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc4ab78ec29 code=0x0
[  726.231658][T14951] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2574'.
[  726.241008][T14951] netlink: 32 bytes leftover after parsing attributes in process `syz.0.2574'.
[  726.265747][ T5929] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[  726.454997][ T5929] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  726.465309][ T5929] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  726.484500][ T5929] usb 3-1: config 0 descriptor??
[  726.552033][ T3527] dummy0 (unregistering): left allmulticast mode
[  726.707927][ T5929] udl 3-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  726.810631][T14798] team0: Port device team_slave_0 added
[  726.823555][T14798] team0: Port device team_slave_1 added
[  726.896576][    T9] lo speed is unknown, defaulting to 1000
[  726.899226][T14798] batman_adv: batadv0: Adding interface: batadv_slave_0
[  726.910292][T14798] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  726.923219][    T9] syz0: Port: 1 Link DOWN
[  726.947553][T14798] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  726.989856][T14798] batman_adv: batadv0: Adding interface: batadv_slave_1
[  726.997957][T14798] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  727.011170][ T5929] [drm] Initialized udl 0.0.1 for 3-1:0.0 on minor 2
[  727.027103][T14798] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  727.084305][ T5929] [drm] Initialized udl on minor 2
[  727.148332][ T5929] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[  727.162805][ T5929] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  727.199386][T14959] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2576'.
[  727.317593][T14798] hsr_slave_0: entered promiscuous mode
[  727.326846][T14798] hsr_slave_1: entered promiscuous mode
[  727.335653][T14798] debugfs: 'hsr0' already exists in 'hsr'
[  727.341860][T14798] Cannot create hsr debugfs directory
[  727.363398][ T5929] kernel read not supported for file /radio0 (pid: 5929 comm: kworker/0:4)
[  727.392812][    T9] udl 3-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  727.408360][ T5929] usb 3-1: USB disconnect, device number 66
[  727.451569][    T9] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  727.703756][ T3527] IPVS: stop unused estimator thread 0...
[  728.774902][T14967] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2580'.
[  728.784479][T14967] netlink: 32 bytes leftover after parsing attributes in process `syz.1.2580'.
[  729.589803][T14979] comedi comedi3: c6xdigio: I/O port conflict (0x401,3)
[  729.598151][T14979] ==================================================================
[  729.606422][T14979] BUG: KASAN: slab-use-after-free in sysfs_remove_file_ns+0x3d/0x70
[  729.614742][T14979] Read of size 8 at addr ffff888024759e30 by task syz.2.2582/14979
[  729.622716][T14979] 
[  729.625035][T14979] CPU: 0 UID: 0 PID: 14979 Comm: syz.2.2582 Not tainted syzkaller #0 PREEMPT(full) 
[  729.625057][T14979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  729.625067][T14979] Call Trace:
[  729.625074][T14979]  <TASK>
[  729.625082][T14979]  dump_stack_lvl+0x189/0x250
[  729.625103][T14979]  ? __virt_addr_valid+0x1c8/0x5c0
[  729.625119][T14979]  ? rcu_is_watching+0x15/0xb0
[  729.625138][T14979]  ? __pfx_dump_stack_lvl+0x10/0x10
[  729.625152][T14979]  ? rcu_is_watching+0x15/0xb0
[  729.625170][T14979]  ? lock_release+0x4b/0x3e0
[  729.625188][T14979]  ? _raw_spin_lock_irqsave+0xb3/0xf0
[  729.625204][T14979]  ? __virt_addr_valid+0x1c8/0x5c0
[  729.625218][T14979]  ? __virt_addr_valid+0x4a5/0x5c0
[  729.625232][T14979]  print_report+0xca/0x240
[  729.625245][T14979]  ? sysfs_remove_file_ns+0x3d/0x70
[  729.625260][T14979]  kasan_report+0x118/0x150
[  729.625274][T14979]  ? sysfs_remove_file_ns+0x3d/0x70
[  729.625291][T14979]  sysfs_remove_file_ns+0x3d/0x70
[  729.625307][T14979]  bus_remove_driver+0x198/0x2f0
[  729.625324][T14979]  comedi_device_detach_locked+0x178/0x750
[  729.625346][T14979]  comedi_device_attach+0x5d4/0x720
[  729.625374][T14979]  comedi_unlocked_ioctl+0x5ff/0x1020
[  729.625389][T14979]  ? kasan_quarantine_put+0xdd/0x220
[  729.625411][T14979]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  729.625439][T14979]  ? preempt_schedule_irq+0xde/0x150
[  729.625463][T14979]  ? hook_file_ioctl+0x5/0x530
[  729.625479][T14979]  ? bpf_lsm_file_ioctl+0x9/0x20
[  729.625494][T14979]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  729.625509][T14979]  __se_sys_ioctl+0xfc/0x170
[  729.625528][T14979]  do_syscall_64+0xfa/0xfa0
[  729.625544][T14979]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.625557][T14979]  ? asm_sysvec_call_function_single+0x1a/0x20
[  729.625570][T14979]  ? clear_bhb_loop+0x60/0xb0
[  729.625585][T14979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.625598][T14979] RIP: 0033:0x7fce0538ec29
[  729.625614][T14979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  729.625627][T14979] RSP: 002b:00007fce061f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  729.625643][T14979] RAX: ffffffffffffffda RBX: 00007fce055d6090 RCX: 00007fce0538ec29
[  729.625654][T14979] RDX: 0000200000000080 RSI: 0000000040946400 RDI: 0000000000000009
[  729.625664][T14979] RBP: 00007fce05411e41 R08: 0000000000000000 R09: 0000000000000000
[  729.625673][T14979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  729.625682][T14979] R13: 00007fce055d6128 R14: 00007fce055d6090 R15: 00007ffff4d1f368
[  729.625698][T14979]  </TASK>
[  729.625703][T14979] 
[  729.888879][T14979] Allocated by task 6383:
[  729.893284][T14979]  kasan_save_track+0x3e/0x80
[  729.898130][T14979]  __kasan_kmalloc+0x93/0xb0
[  729.902889][T14979]  __kmalloc_cache_noprof+0x3d5/0x6f0
[  729.908451][T14979]  bus_add_driver+0x162/0x640
[  729.913125][T14979]  driver_register+0x23a/0x320
[  729.917881][T14979]  c6xdigio_attach+0x94/0x890
[  729.922548][T14979]  comedi_device_attach+0x51f/0x720
[  729.928006][T14979]  comedi_unlocked_ioctl+0x5ff/0x1020
[  729.933364][T14979]  __se_sys_ioctl+0xfc/0x170
[  729.937946][T14979]  do_syscall_64+0xfa/0xfa0
[  729.942522][T14979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  729.948398][T14979] 
[  729.950709][T14979] Freed by task 14445:
[  729.954965][T14979]  kasan_save_track+0x3e/0x80
[  729.960066][T14979]  __kasan_save_free_info+0x46/0x50
[  729.965366][T14979]  __kasan_slab_free+0x5c/0x80
[  729.970340][T14979]  kfree+0x19a/0x6d0
[  729.974334][T14979]  kobject_put+0x22b/0x480
[  729.978755][T14979]  bus_remove_driver+0x245/0x2f0
[  729.983682][T14979]  comedi_device_detach_locked+0x178/0x750
[  729.989475][T14979]  comedi_device_attach+0x5d4/0x720
[  729.994748][T14979]  comedi_unlocked_ioctl+0x5ff/0x1020
[  730.000534][T14979]  __se_sys_ioctl+0xfc/0x170
[  730.005240][T14979]  do_syscall_64+0xfa/0xfa0
[  730.009743][T14979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  730.015632][T14979] 
[  730.018131][T14979] The buggy address belongs to the object at ffff888024759e00
[  730.018131][T14979]  which belongs to the cache kmalloc-256 of size 256
[  730.032705][T14979] The buggy address is located 48 bytes inside of
[  730.032705][T14979]  freed 256-byte region [ffff888024759e00, ffff888024759f00)
[  730.046767][T14979] 
[  730.049282][T14979] The buggy address belongs to the physical page:
[  730.055780][T14979] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x24758
[  730.064909][T14979] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  730.073657][T14979] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  730.081983][T14979] page_type: f5(slab)
[  730.085961][T14979] raw: 00fff00000000040 ffff88801ac41b40 0000000000000000 dead000000000001
[  730.094723][T14979] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  730.103527][T14979] head: 00fff00000000040 ffff88801ac41b40 0000000000000000 dead000000000001
[  730.112623][T14979] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  730.121371][T14979] head: 00fff00000000001 ffffea000091d601 00000000ffffffff 00000000ffffffff
[  730.130045][T14979] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  730.138801][T14979] page dumped because: kasan: bad access detected
[  730.145314][T14979] page_owner tracks the page as allocated
[  730.151110][T14979] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 6044, tgid 6043 (syz.0.13), ts 91432979876, free_ts 91360052964
[  730.173117][T14979]  post_alloc_hook+0x240/0x2a0
[  730.177989][T14979]  get_page_from_freelist+0x21e4/0x22c0
[  730.184163][T14979]  __alloc_frozen_pages_noprof+0x181/0x370
[  730.190251][T14979]  alloc_pages_mpol+0x232/0x4a0
[  730.195181][T14979]  allocate_slab+0x96/0x3a0
[  730.199939][T14979]  ___slab_alloc+0xe94/0x1920
[  730.204783][T14979]  __slab_alloc+0x65/0x100
[  730.209493][T14979]  __kmalloc_cache_noprof+0x411/0x6f0
[  730.214942][T14979]  gact_init_net+0x65/0x190
[  730.219581][T14979]  ops_init+0x35c/0x5c0
[  730.223735][T14979]  setup_net+0xfe/0x320
[  730.227975][T14979]  copy_net_ns+0x31b/0x4d0
[  730.233445][T14979]  create_new_namespaces+0x3f3/0x720
[  730.238829][T14979]  unshare_nsproxy_namespaces+0x11c/0x170
[  730.244732][T14979]  ksys_unshare+0x4c8/0x8c0
[  730.249832][T14979]  __x64_sys_unshare+0x38/0x50
[  730.255016][T14979] page last free pid 5232 tgid 5232 stack trace:
[  730.261652][T14979]  __free_frozen_pages+0xbc4/0xd30
[  730.267481][T14979]  __slab_free+0x2e7/0x390
[  730.272265][T14979]  qlist_free_all+0x97/0x140
[  730.277106][T14979]  kasan_quarantine_reduce+0x148/0x160
[  730.282559][T14979]  __kasan_slab_alloc+0x22/0x80
[  730.287738][T14979]  kmem_cache_alloc_noprof+0x367/0x6e0
[  730.293287][T14979]  getname_flags+0xb8/0x540
[  730.297831][T14979]  do_sys_openat2+0xbc/0x1c0
[  730.302760][T14979]  __x64_sys_openat+0x138/0x170
[  730.307603][T14979]  do_syscall_64+0xfa/0xfa0
[  730.312092][T14979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  730.318735][T14979] 
[  730.321047][T14979] Memory state around the buggy address:
[  730.327025][T14979]  ffff888024759d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  730.335156][T14979]  ffff888024759d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  730.343464][T14979] >ffff888024759e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  730.352063][T14979]                                      ^
[  730.357896][T14979]  ffff888024759e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  730.366586][T14979]  ffff888024759f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  730.374998][T14979] ==================================================================
[  730.384108][    C0] vkms_vblank_simulate: vblank timer overrun
[  730.394099][T14979] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  730.401426][T14979] CPU: 0 UID: 0 PID: 14979 Comm: syz.2.2582 Not tainted syzkaller #0 PREEMPT(full) 
[  730.410886][T14979] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  730.421397][T14979] Call Trace:
[  730.424840][T14979]  <TASK>
[  730.427770][T14979]  dump_stack_lvl+0x99/0x250
[  730.432455][T14979]  ? __asan_memcpy+0x40/0x70
[  730.437058][T14979]  ? __pfx_dump_stack_lvl+0x10/0x10
[  730.442455][T14979]  ? __pfx__printk+0x10/0x10
[  730.447067][T14979]  vpanic+0x237/0x6d0
[  730.451050][T14979]  ? __pfx_vpanic+0x10/0x10
[  730.455649][T14979]  ? preempt_schedule+0xae/0xc0
[  730.460551][T14979]  panic+0xb9/0xc0
[  730.464443][T14979]  ? __pfx_panic+0x10/0x10
[  730.468955][T14979]  ? sysfs_remove_file_ns+0x3d/0x70
[  730.474349][T14979]  ? __pfx_panic+0x10/0x10
[  730.478778][T14979]  ? sysfs_remove_file_ns+0x3d/0x70
[  730.484067][T14979]  check_panic_on_warn+0x89/0xb0
[  730.489517][T14979]  ? sysfs_remove_file_ns+0x3d/0x70
[  730.495249][T14979]  end_report+0x78/0x160
[  730.499675][T14979]  kasan_report+0x129/0x150
[  730.504168][T14979]  ? sysfs_remove_file_ns+0x3d/0x70
[  730.509357][T14979]  sysfs_remove_file_ns+0x3d/0x70
[  730.514561][T14979]  bus_remove_driver+0x198/0x2f0
[  730.520280][T14979]  comedi_device_detach_locked+0x178/0x750
[  730.526092][T14979]  comedi_device_attach+0x5d4/0x720
[  730.531388][T14979]  comedi_unlocked_ioctl+0x5ff/0x1020
[  730.537161][T14979]  ? kasan_quarantine_put+0xdd/0x220
[  730.542644][T14979]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  730.548666][T14979]  ? preempt_schedule_irq+0xde/0x150
[  730.554821][T14979]  ? hook_file_ioctl+0x5/0x530
[  730.560117][T14979]  ? bpf_lsm_file_ioctl+0x9/0x20
[  730.565543][T14979]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  730.571526][T14979]  __se_sys_ioctl+0xfc/0x170
[  730.576215][T14979]  do_syscall_64+0xfa/0xfa0
[  730.580973][T14979]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  730.587116][T14979]  ? asm_sysvec_call_function_single+0x1a/0x20
[  730.593443][T14979]  ? clear_bhb_loop+0x60/0xb0
[  730.598219][T14979]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  730.604122][T14979] RIP: 0033:0x7fce0538ec29
[  730.608719][T14979] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  730.629890][T14979] RSP: 002b:00007fce061f0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  730.638649][T14979] RAX: ffffffffffffffda RBX: 00007fce055d6090 RCX: 00007fce0538ec29
[  730.646871][T14979] RDX: 0000200000000080 RSI: 0000000040946400 RDI: 0000000000000009
[  730.655119][T14979] RBP: 00007fce05411e41 R08: 0000000000000000 R09: 0000000000000000
[  730.663340][T14979] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  730.671587][T14979] R13: 00007fce055d6128 R14: 00007fce055d6090 R15: 00007ffff4d1f368
[  730.680140][T14979]  </TASK>
[  730.683645][T14979] Kernel Offset: disabled
[  730.688105][T14979] Rebooting in 86400 seconds..