last executing test programs:

5.37864104s ago: executing program 0 (id=1353):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = openat$thread_pidfd(0xffffffffffffff9c, 0x0, 0x80, 0x0)
sync_file_range(r4, 0x10000, 0x6, 0x3)
sendmsg$nl_route_sched(r2, 0x0, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {}, {0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_EMATCHES={0x10, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x5}}, @TCA_EMATCH_TREE_LIST={0x4}]}]}}]}, 0x44}}, 0x0)
ppoll(&(0x7f0000000000)=[{r0, 0x8108}], 0x1, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)=0x10)
r5 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CONG_MONITOR(r5, 0x114, 0x3f, &(0x7f0000000240), 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000b, 0x8012, r0, 0x0)
r6 = syz_io_uring_setup(0xed0, &(0x7f0000000400)={0x0, 0x6e2, 0x10300, 0x2}, &(0x7f0000000100)=<r7=>0x0, &(0x7f0000000080)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r6, 0xa3d, 0x0, 0x0, 0x0, 0xff39)

4.359111737s ago: executing program 0 (id=1365):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd70102030109"], 0x0)
r0 = syz_io_uring_setup(0x1370, 0x0, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[0xffffffffffffffff], 0x1})
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

4.227684219s ago: executing program 2 (id=1367):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x5, 0x4, 0x7fdf, 0x1}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0x3, &(0x7f00000001c0)=@framed, &(0x7f0000000800)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = dup2(r1, r0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000000)='sys_enter\x00', r2}, 0x18)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
ftruncate(r3, 0x80)

4.14178612s ago: executing program 2 (id=1370):
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x80000)
socket$unix(0x1, 0x5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200))
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000280), 0x40203, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
dup(r0)
syz_io_uring_setup(0x38ff, &(0x7f0000000300)={0x0, 0x200000, 0x10100, 0x80000}, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
r1 = socket$nl_route(0x10, 0x3, 0x0)
fsopen(&(0x7f0000000000)='bpf\x00', 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000", @ANYRES32=r3, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r4], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r3, {0xffe0}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0)

4.010492022s ago: executing program 1 (id=1372):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000e00)={[{@resgid}, {}, {@quota}, {@noauto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@discard}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x5}}, {@orlov}]}, 0xfc, 0x56f, &(0x7f0000003780)="$eJzs3d9rW1UcAPDvTdPup66DMdQHGezByVy6tv6YIDgfRYcDfZ+hzcpouowmHWsduD24F19kCCIOxD/Adx+H/4B/xUAHQ0bRBxEiN73psjZp2i4z2fL5wG3Pyb23535z7vf2nNyEBDC0jqU/chEvR8Q3ScShlnX5yFYeW9tu9eH1mXRJol7/9M8kkuyx5vZJ9vtAVnkpIn79KuJkbnO71eWV+WK5XFrM6hO1hSsT1eWVU5cWinOludLlqenpM29NT737zts9i/X1839//8ndD898fXz1u5/vH76dxNk4mK1rjeMJ3GitHCv+m5VG4+yGDSd70NggSfp9AOzKSJbno5FeAw7FSJb1wPPvy4ioA0Mqkf8wpJrjgObcvkfz4GfGgw/WJkCN2Mda48+vvTYSextzo/2ryWMzo3S+O96D9tM2fvnjzu10ia1fh9jXpQ6wIzduRsTpfH7z9T/Jrn+7d7rx4vHWNrYxbP9/oJ/upuOfN9qN/3Lr459oM/450CZ3d6N7/ufu96CZjtLx33ttx7/rl67xkaz2QmPMN5pcvFQunY6IFyPiRNS73vo4s3qv3mld6/gvXdL2m2PB7Dju5/c8vs9ssVaMiLFdhvyYBzcjXsm3iz9Z7/+kTf+nz8f5bbZxtHTn1U7rusf/dNV/initbf8/6tZk6/uTE43zYaJ5Vmz2162jv3Vqv9/xp/2/f+v4x5PW+7XVnbfx495/Sp3W7fb8H0s+a5SbSXCtWKstTkaMJR9vfnzq0b7NenP7NP4Tx7e+/rU7/9PJ1+fbjP/WkVsdNx2E/p/dUf/vvHDvoy9+6NT+9vr/zUbpRPZIdv1rLztXtnuAT/r8AQAAAAAAwCDJRcTBSHKF9XIuVyisvb/jSOzPlSvV2smLlaXLs9H4rOx4jOaad7oPtbwfYjJ7P2yzPrWhPh0RhyPi25F9jXphplKe7XfwAAAAAAAAAAAAAAAAAAAAMCAOdPj8f+r3kX4fHfDUNb7YYE+/jwLoh65f+d+Lb3oCBlLX/AeeW/Ifhpf8h+El/2F4yX8YXvIfhpf8h+El/wEAAAAAAAAAAAAAAAAAAAAAAAAAAKCnzp87ly711YfXZ9L67NXlpfnK1VOzpep8YWFppjBTWbxSmKtU5sqlwkxlodvfK1cqVyanYunaRK1UrU1Ul1cuLFSWLtcuXFoozpUulEb/l6gAAAAAAAAAAAAAAAAAAADg2VJdXpkvlsulRYWOhfdjIA7jaQa4Zle75wclCoUOhZtZ9+5srz5elAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgg/8CAAD//4yLMZo=")
chdir(&(0x7f0000000240)='./file0\x00')
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000007000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x103042, 0x0)

4.003532202s ago: executing program 2 (id=1373):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a20000000000a01080000000000000000020000090900010073797a31000000007c000000030a01040000000000000000020000060900010073797a31000000000900030073797a3000000000140004800800014000000003080002400000006408000a40000000020b00070066696c7465720000280008800c00014000000000000002000c00"], 0xc4}, 0x1, 0x0, 0x0, 0x24004900}, 0x2000)

3.924185614s ago: executing program 1 (id=1375):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x14, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x28, '\x00', 0x0, @lirc_mode2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000300)='sys_enter\x00', r1}, 0x10)
getuid()

3.888545905s ago: executing program 2 (id=1376):
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
fcntl$setsig(r0, 0xa, 0x41)
close(r0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1f00"/20, @ANYRES32=0x1], 0x48)
r1 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB='V?\x00\x00-\x00Y'], 0xfe33)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000000100083973e37011ab1dfa345009fd21989b14cf0984f218d0ff9f11a82bc5635a9d9013e7fb3aba2e400d482d56cf8ac3bddaf9a816c776cc11714a2edd396cc9debe201f8cd35a85d21bc6cde0be5bb6bd2bbc3ae8501848512e720997b3327c1099a27ad350babc079c3a2cd372dcd3598b2e447ecc762aa105069a23f638aee21e83d7c6b1fed409f7f17", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000140)={0x0, 0x6, 0x4, {0xb, @pix={0x0, 0x7f, 0x39565559, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0xa, 0x0, 0x0, 0x7ffc1ffb}, {0x6, 0x10, 0x2, 0x5}]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="480000000906010800000000000020000200feff0900020073797a310000000008000940000004390500010007000000100008800c00078008000940"], 0x48}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
syz_emit_ethernet(0x66, &(0x7f00000000c0)=ANY=[@ANYBLOB="ffffff4503005800000000001cd91670000000e0000001240600a80000000010000800000086dd88a888be05000000000000000100000000000000080022eb00000000200000000200000000000000000000000800645800000053"], 0x0)
setns(0xffffffffffffffff, 0x2000000)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0xc0, 0x78, 0xa, 0x40, 0x112a, 0x1, 0x9e7f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0xa, 0x6b, 0xc5, 0x0, [], [{{0x9, 0x5, 0x6, 0x22}}]}}]}}]}}, 0x0)

3.834429556s ago: executing program 1 (id=1378):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='kfree\x00'}, 0x18)
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x0)
write$cgroup_int(r0, &(0x7f0000000000)=0xfe8e, 0x12)

3.774851227s ago: executing program 1 (id=1379):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x24, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x50)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4f107e25af178d056e1b1e40bd75b013f7484fae0bc447b1ffaf34819fe3ad1a634c94345e26e1e68dec08723a37b05d1594a66a4718a51d4d67fc880c9d640f4eacc509873f1a103c87f69"], &(0x7f0000000100)='GPL\x00'}, 0x41)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
syz_mount_image$iso9660(&(0x7f0000000940), &(0x7f0000000140)='./cgroup\x00', 0x4c0, &(0x7f00000014c0)=ANY=[@ANYBLOB='iocharset=cp936,dmode=0x0000000000000006,showassoc,sbsector=0x0000000000000003,map=acorn,mode=0x0000000000000003,hide,overriderockperm,nocompress,iocharset=macturkish,map=acorn,mode=0x0000000000000000,sbsector=0x0000000000000005,hide,smackfsfloor=dmode,appraise_type=imasig,fowner<', @ANYRESDEC=0x0, @ANYBLOB="2c636f6ee6a3fecb358b746578743d726f6f742c7365636c616265872c7375626a5f747970653d726f6f746d6f64652c6f626a5f757365723d5c2c21282c617d6469742c6f6f742c0000000000000000000000000028aff9d5253deedda5c190f08b12c5ae9889f517a88c68afd1b0280de4a412d0532c6517d55f670293c9596199929aa9c6b7ba0d8eb9ebf1550aeadedf005d35d080621a310faace1d50afe8e7c9e1015fd17a8fa8a2733aa707590ac7df52d99dff0792ccc2357daf3633091a818e77ad23c7dc8c95da8bbdd1f67c1d2ea6a4293fbd1f2f1e3ef2bfdb637dfac7b172e78c50c120fbcfb19cc918a63e2e87a3d78c98a6a37bbc2797102ba5d6452bc9858588cb82b2b1684fb5158b48c92474d47e50cbddee904873f99232a4600ac9b8bc800e60a7f55b2bbd93aee4841f09f6e434c381bd8b94edec6d816f413f71cb962296e5ea8f7389bc21c7"], 0x41, 0x92d, &(0x7f00000009c0)="$eJzs3U9vHGcZAPBnNl7iulWakrRx3ENXTYxMBM7uRkmIcsHxrp0tay+yHakVFwNxURSLIgpSqDgECXEiggPiALccOUX00hPKp+DAJR+AS8TJN6N3dp049f5xLMfrur+fNDv/nnmfZ/LOzivb2Z3gq2xzczOf9rh+6x8HWSyHz43ak4ePHqTpd/fjG3EsLmdfRIxGRCliJCLGI4qztaXWwoCG7kasRsTjiCwijkd7viurkf0p3ni+/jiyv6e8vHqbfK0N+/oDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDDKJutlcuVLJqNxVsflnrLHwHeZ/9We61Cei20BuaNyNIUo6Nbj/oeP/V899vp5f040147kz+QPEbjs9ffOXn91Ehh6/g+BR2IT3/z2d0fr6+v/XLYhQzJfH2xsdxqLMzM10uN5Vbp2pUr5Ys355ZLc41mffmj5ZX6Qml2qT6z0loqTc1+u1S5du1SqT79UevW4nxtplnf2nj1u9Vy+Urpg+kf1meWlluLFz+YXp692Wg2G4vzeUzanWKupgvxB42V0kp9ZqFU+vjO+tqlQUWmoMpugqqDgqrlarVSqVYrVy5fu3y1XB7ZsaH8JbEjYvgXLcO17/dw2KvNzvgPAAAAHF1Z/jv29PN/Mf89fBZzjWa9POyyAAAAgH2U/+X/TJoVI+K1zlY//wMAAMBRMvgzdgMjsu/E2XbE2dvt+e1OxD+P5xFjc41mfXq21bxeiW89+7Rf99aK+X8/uBAT7aiJsfZ8rBPV+eTgaIqqTF+vxIV4tx3x7tS5NDs31SWy2o7sfPKm1CfyUooEgKPu/QHj8W7G/wsx2Y6YnEiDaYxMdBlZy0ZWADgsnn2DzStcGPY5AgAvMkoDAAAAAAAAAAAAAAAAAAAAAAAAAADA/juI7/+3YMHCV21h2HcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICvpyziWLfthYjjEVGOiIsHX9Wrc3/YBQxZthEbcS9ODLsOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICjpvP9/4Voz19vb4qRQsRkRKxGxI+GXeOedH2qQcTGQddxyGz7/v/U57GZxUi72yMrztaWWgup+/NnPxSePHz0IE17yZMaSBle6IZOht5HvZUfNVZb+/Turz75Ral2Iy/yxspcs7Ywv/T954HvZJ9HlKI9bdmq97eT//pzlzP/PJ3p7vLO5XlrO/Oe6XZ0/7z93Flfq6ZMK/UPV3798zv3tu36ZkxEnJuKmHox08/S1CPTRBT7ZcueZn/ITsRfYzXv//SvkW1mqYvezM//tY/vrK9N//ST9ds9ajoZ4xFxO2J09zWN5/eTrvKrrlBMWct5UHo5PaC9vra1WOlxDm/F2YgYe6lzONv7HHID/t07FV3qUdGpeO+le/q9ARm7yp5m/8luxr/j99ue/1FI/T8Zu3l3ppg8ctuV0jOy0I7Mz7zat82e70r2ptBv5x/jJ/G9Z/1f2Hb/7/TVwdyPtmU8oPdFPiKd/tKI1Ln79DqmU+fpdlSPOt+O8xEjEy91Rzk/4I6y8/jibs+zt+xp9rdsKv4X9z3/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOPyyiGPdthciJiPiZES8mdZLEZv7ka8wlsV/T+xHS3tzf3ipD4VsIzbiXgyxBwAAAAAAAADYTzdqTx4+epCmLK0ei/PZFxGj7b/0j0TEyewvxdnaUmthQEPFiNWIeLyHGtJx8cbz9cdpbXwPDQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcGT9PwAA//+M+Lai")

3.652999789s ago: executing program 1 (id=1380):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200008, &(0x7f0000000380)={[{@nolazytime}, {@auto_da_alloc}, {@sysvgroups}, {@norecovery}, {@jqfmt_vfsv0}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@user_xattr}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
r0 = open(&(0x7f0000000340)='./file1\x00', 0x4000, 0x0)
preadv2(r0, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0)

3.517921741s ago: executing program 1 (id=1383):
bind$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r2, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
r3 = io_uring_setup(0x1fc4, 0x0)
r4 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000040), 0x20000, 0x0)
r5 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000001c0), 0x2)
r6 = memfd_create(&(0x7f0000000940)='y\x105\xfb\xf7u\x83%\b\x00\x00\x00\x00\x00\x00\x00\xea_\xccZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x10\x00\x00\x00\x04\x879\xa24\xa9a\b\x00\xb2\xd3\xcbZJ\x7fa\xc4\x1acB\xaa\xc1\xfb Q\x96\xd9xJ2\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea\b\x00\x00\x00\x00\x00\x00\x00\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9V\x01A\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\a\x00\x01vRk\xaabB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\x80\x81\xa0\xa2-g\b\x99\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecn\x02\xc8\xc4\f\x04\x99\xf6\xfc\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xc8L\xae\x1ff\xcf\xb3\xb65\x12\x89\x02\x82t\x0f\xb0\xe89\x16\fO\x19\x91\xfd\x10\x0e\xa7r\x12\xab\xd4\xd1d\xad\f\x11\xb3\xb3c\xe2\xfe\xcd\x9f7\xa1\x14\xfa\xe2\xdf\x7f\xf4NG\xe3\xeb\x18\xde|\xb3\xf5S\x9a\x04\xb4Lry\xa9\xd6\xfb\xbc\n+N\xf7\xf6\x87\x95\xd9+\xd2sc/\x06\xaa#K3,k\xf3(\xcc\xc7\xb47\xfa\xc3\x1c\x91!\xd3\xd2`-\xa2xrR\x1c\x81i\x87u|29Q\xdf\xed\x10\x9b\x930\xa8v\xa0\x88\xa4t\x17\xb2\xca9\x02\x03\xc9P\xcc\xe0\xb7\x9c\x82\xb4\x03\x83e\xee\x95\xccO\x1b\x83\f\n{\xf3\x12\x90\xcf\x10\xb5>\b3\x80\x8d\xb2%7\x10\xeee\xe4\xc3\xb2^\xad\xb6~\xa2\xbdE\xbf\x91\vqt\x81\xbd\x19\xde\x81\tw\xd4p\xd1\x8aNJ\xb3M\a\xc4\xfa\xb0,$\x81j\xb4Hs\x93>\x16U\xd0t\xe4\xca0T\xb7\xf7\x9d4\b\xd9\xdeps\xec\xa0\nJ\xa5\xfe\xda{(\xee\xb5\x11?\xc3I-\x8bc\xc9\xfb\a\xe5\xab\xf8v1\xdc\xc5\x8c\xebs1\x81\xca\x81l\xa12\xff<\xf5\x12\xcc+\xd4\xab\x84\x16\xa4+\x0e\xd4\x02\xe3\xaa1\xeam\x8ce\xb4r\x0eo&3wff\xe6\x91\x7f\xba\xad\x05\xdd\xc0+\"\xa5\x80\'#\xfd\x9dA&\xee \x18\xe5\x17\x1bd\xd0\xb9\x90\xde\xec\xe4M\xe5\x06\x03r\fc\x8c\x10\x99x\xec`e`\xc3F\xdf\xbc\xa8\xff\x05\xe6\xea\xc3u\xd7\t\x88<\"\xf7!\xd6\x0e\xbbE^\xcd\xb0\x15g\xe6\xf2?y1\x9f\xd3\x95\xc4E\xd0\xb4\x16`r\x14\xad\x02\x17\x9a\x86I]\x02f\xd3\xc9\xe1H\xd7c\xcaQ\x8cE7\xcc\xcf=\xf3\xf7\xb9\xf6s\x88\bZi\b*w\xc5;\x88\r\xab\xa1\t\xf1\x02)5\x00\x84', 0xb)
ftruncate(r6, 0xffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000001e80)=ANY=[@ANYBLOB="cb16000210010000b70700000100f0ff5070000000000000480000000820000095000000000000002ba7e1d30c04aa8b3382022ce2a1d97411a0f6b599e83f24a3aa81d36bb7019c13bd23212fb56f040026fbfefc4a056bdc17487902317142fac7e7be168c1886d0d4d94f2f4eb45c652fbc1626cca2a28d67893547db51ee988e6e06c8cedf7ceb9fc40400ae5e4aa74c92c6a51cbf9b0a4def23d410f6accd364158a4591c559f76c0130bfc4e90a6341865c3f5ab3e89cf6c662ed4148d3b3e22278d00031e5388ee5c867de2c6211d6ececb0c18ce74c4dae15cb7947c491b8bea3fd2f73902ebcfcf4982277d9800011b405bbf7b02433a9bcd715f5888b2007f000000001c000000010000000000000600000000309329170ee5b567e70f00c484d339c480f70006a10f58fa64533500000000000000000000000031000000000000001208e75a89faffbfb11b7dc6ea31001e846c12423a169f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617de7a6520655a80d0900f4d433623c850af895abba14f6fbd7fbad1f98e26ad4deaf1a4f294b2a431ab9142f3a06d54740a4bc5e3abd378af7c9676a08ef74c48785f895b4ec8d1141d5e8744d7f09ab4df6027bf48cabecead649f96ea24d3287a7b01ab84d336f3c0f45a0642d6f2c494160cb7f46ce680eeb80157eb23f9902519ac655fa73103170cbc496d7122034b85e7e87a2db762cbb253fbd76b9117c1a11d18aa2040c5f0c289906000000000000005ffe91ff799a11d9b219c00c369a12bf8685b862d0dbdd956cbda1bae489bcef5ae59136aaadc59609f4d42617c0e6066938b521a0f2e2467a6c435ad5b800262a5da053ced5e95394e500000072737638ac44fb61310e2df511c60b3c88113996a81fb64bce5eb95ce91738640ff7ae6ed6b62086e699955926934389cdf9bcffff3ffd86fe9ce05268bf8a3958f2206cdc7095682c14f10be1075832956762b2dcc6251e7b74cb1da627e332765511c58215bf84d253e8778e6e8ffe4ea50b076446f35efffc806b340658342d2d9e1ef68c6ef3e98407d2fcefb34a0000000000000000895ddbb76122b1222e4da37177fe833e4fcaa67997e92a206ebd085bd9f90008d3fdd528efe6c1dca17f45ba5e8bd3153a0077bb43f8a63dd390d18f0239b41da1a52383a4c6768ca1bb66b8fb3c5000f6f246fd20356a60769b461b6cdf133de073b1df08ae09268b0073bb97d88d741a5546e76caf4b6b1387ff37ec13d262dae0260be74cdf7bb6d3107597430ef5bbd476bb9d69b2aef9f3cb644b4bf01ccf16d40720939daf2af469bdfb361b9c015dd026fd0fffe3c66f5c343afb78a7cfd852f3e05c089887d7df2ff4f9982030019421af6b78ff9c444a17091875cfe4eab0e7f50eb69c860b1613a6b4f5af04f9c635d8d646c89f8b85f820ce7464c731deba39f9ff7b815f7b0acba754c01ed8bf1bba0010a8c6a2b966d861f9dd547abf2e9b23e5607f00f80b58fd76e4bc46c84799aa792cdaeb6cfb858e577dacff607ba513250e13ae696cd6ed7d318190a93b9ee07927efca6b8d1f5980994690bbe002db5146439d906a0d4aef065214b15666cdca81091b69acee2c7ce0821fc19e0891f0b53469f935c5ac420100010000000000fb53faf4420638489e6a1c696d8c414a87b60000000000080000b6be15579518540000bc2d061827ae6349a045b780893771524a424335b9fc34616ee9f09141057262530b7c2f7c9b969938779736ece7b470078ac0b1b4b528000000009866e99948a9096672ec9f3800c2fc35ba6516e542624c47bdba76a816c3a3dd6c3fa87a3ec91df199a9af91a7babf2b8d0e7b77e6dfb4bbc9817847b705000000a1000000000000ab8353f3800f045b90b0eaab6d731199c9447eabbc8c740183aff5389742e47de5000000826a570d14310700cf2ae3366ebdb7f1000000000000333c00e6addbf4c71ffad6bfb5babb49109f92a5a52042c425190a6e3f1a8a3abfe6059da9c952cf35c98ce7616355493d280f2d0be99e18fd0900c769e7eb4edc1c03a33676080000007229e0237c1e34641848531712ff09e89fb062a3e66f4f3c9d7a7fc9aab1ced0ae679733830039cb61ea0691f0b4e0b33194404e643243c3841e1e7fe301f7f47a7f89512d92e83624e3de705bdfbfd0e5e381398e9d5428a00cc8a6d097d97e6ac8bd09b1a5577920a650114a522c1e2dcdc4f606fcbcee91770a9fada34d38cd7976a9228a0a0dd8661be8162e966aac26bea4c11458cd6ce22ddf7054cdd0a60ef3ec000000000000000000425cb75dc7ec92e9a5d29f9c99697d2a98ae0a9f35e4196c3faeb7a690bf897846f6f0f1c163d6075119169d55d10da9ad0e4b2c636d200000009baaf94e2b2c48e70d8453f832eecfb1de2a3f38a5c986de9e37737dac74db251d5e9ea2b8ed39e91a7a17d01b49f7aaff7c4c73c3484bdcab362838ed940035b270a3646ef55b9f070ae14466b3acef9f8b28fb938a237e2e068ae4a6bce4407b54cc14614c2cdf877f000000000000000000000000bdcf23144e6c16b9235552aed83b6428f34d88c258a9ad16386bba51b60838fb11bc193a206b5a25b7233b222e4e68e0d1e88f26b9a45b6c29469530a37ea92aaf421cdcc1f594ecfaff9a79b56f8b380380020000"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
fcntl$addseals(r6, 0x409, 0x7)
r7 = ioctl$UDMABUF_CREATE(r5, 0x40187542, &(0x7f00000002c0)={r6, 0x0, 0x0, 0x8000})
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000300)=@raw={'raw\x00', 0x9, 0x3, 0x2f0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x278, 0xffffffff, 0xffffffff, 0x278, 0xffffffff, 0x3, &(0x7f0000000080), {[{{@ipv6={@mcast2, @mcast2, [0xffffffff, 0xffffff00, 0xff], [0xff000000, 0xff, 0xffffffff, 0xff000000], 'veth0_virt_wifi\x00', 'veth0_virt_wifi\x00', {0xff}, {}, 0x3a, 0x5, 0x0, 0x28}, 0x0, 0xa8, 0xe8}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x9, 0xf6, {0x938f}}}}, {{@uncond, 0x0, 0xd8, 0x138, 0x0, {}, [@common=@frag={{0x30}, {[0x0, 0x39], 0x9, 0x0, 0x1}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, [0xffffff00, 0xff, 0xff], 0x4e20, 0x4e23, 0x4e20, 0x4e21, 0x1, 0xa1a9, 0x7, 0x7, 0x2f}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x350)
r8 = fcntl$dupfd(r7, 0x0, r7)
r9 = socket$nl_route(0x10, 0x3, 0x0)
r10 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r10, 0x8933, &(0x7f0000000180)={'vxcan0\x00', <r11=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r11, {0xb, 0x6}, {0xffff, 0xfff9}, {0x1}}}, 0x24}}, 0x4)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r4, 0xc00c642e, &(0x7f0000000180)={0x0, 0x0, r8})
syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000fe07124081173809499b0102030109022400010010000009040000028b86470009040000000000000009"], 0x0)
r12 = socket(0x2, 0x5, 0x0)
sendmmsg$inet_sctp(r12, &(0x7f0000000bc0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000001c0)=[{0x0}], 0x1, &(0x7f0000000140)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c0000000000000000002b0388edb6556900"/50, @ANYRES32=0x0], 0x30}], 0x1, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8983, &(0x7f0000000240)={0x2, 'veth1_to_bridge\x00', {0x7}})
close_range(r3, 0xffffffffffffffff, 0x0)

2.820399183s ago: executing program 3 (id=1389):
semtimedop(0x0, 0x0, 0x0, 0x0)
semop(0x0, &(0x7f0000001240)=[{}], 0x1)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0)

2.702521095s ago: executing program 3 (id=1390):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa802, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000009c0000000b"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000006c0)='kfree\x00', r5}, 0x18)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x939e02dc105d5baa, 0x2}, {0xe}, {0x8, 0xfff1}}}, 0x24}}, 0x40004)

2.148298694s ago: executing program 2 (id=1391):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@newtfilter={0x7c, 0x2c, 0xd27, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, r2, {0xfff2, 0x4}, {}, {0x5, 0x10}}, [@filter_kind_options=@f_flow={{0x2d}, {0xfffffffffffffe45, 0x2, [@TCA_FLOW_EMATCHES={0x40, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xfffb}}, @TCA_EMATCH_TREE_LIST={0x34, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x1, 0x0, 0x0, {{0x7, 0x7, 0x2}, {{0x0, 0x1, 0x0, 0x1}, {0x0, 0x1, 0x1, 0x1}}}}, @TCF_EM_META={0x1c, 0x2, 0x0, 0x0, {{0xfffb, 0x4, 0x5}, [@TCA_EM_META_HDR={0xc, 0x1, {{}, {0x5, 0x8}}}, @TCA_EM_META_LVALUE={0x4}]}}]}]}]}}, @TCA_RATE={0x6, 0x5, {0x1, 0x4}}]}, 0x7c}, 0x1, 0x0, 0x0, 0x400c021}, 0x20040054)

1.006379583s ago: executing program 0 (id=1392):
syz_open_dev$sndpcmc(&(0x7f0000000000), 0x0, 0x80000)
socket$unix(0x1, 0x5, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200))
socket$netlink(0x10, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
openat$ttynull(0xffffffffffffff9c, &(0x7f0000000280), 0x40203, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
dup(r0)
syz_io_uring_setup(0x38ff, &(0x7f0000000300)={0x0, 0x200000, 0x10100, 0x80000}, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
r1 = socket$nl_route(0x10, 0x3, 0x0)
fsopen(&(0x7f0000000000)='bpf\x00', 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc", @ANYRES32=r3, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r4], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r3, {0xffe0}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0)

314.107045ms ago: executing program 2 (id=1393):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
execve(0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x8a}, [@ldst={0x6, 0x0, 0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x48)
syz_usb_connect$hid(0x5, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201010200000010f3044d074000010203010902240001010330050904000801030101000921ff00010122b00b09058103100002ba0789cb482962837892be6bdc1a607fb4dc147ae1176297427d500b3e27"], 0x0)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1, 0x0, 0x0, 0x2000000}, 0x20)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000100)="1800000016005f0214fffffffffffff807000000feffff7f", 0x18)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
sendmsg$nl_route(r2, 0x0, 0x0)
openat$sndtimer(0xffffffffffffff9c, &(0x7f00000044c0), 0x141802)
socket$inet6_udp(0xa, 0x2, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000a00)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000a40)=0x14)
setgid(0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, &(0x7f0000002280)={@initdev, @loopback}, &(0x7f00000022c0)=0xc)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r3)

282.596275ms ago: executing program 0 (id=1394):
r0 = memfd_create(&(0x7f0000000bc0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85Q\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~Mx\x02\x00(v\xe6`\x026\xfcgC\xb5\xf0\x13.zb\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x80\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F91 ^x\x85\x80[\xa3B\n#!\xc2R\xdd\xf4)\xba\x1e\xfb6U\xabc\xda\x9a)\xc3\x9a\x06\xc5\xccP)\xdf.\xa7-\x84\xdf8\xbf\xfc1^}B\xee\xccR/z\x1e\xe8\x1e\x99\x99\n\xf4u\xd4\xbd^L\xb2j\xda\xff\x1d\x10\xc8\xad\xbd_OI\xb1\xe8y\x003\a\x06\x92\x8e\n\x8b\xf3\xd4G\x85\xbd\x1a\x81+3\x99jq\xd1\xacK^\xef\xb6!8\xcd?\x1e\\\x16W2\xbd4$zn\xa9\x7f\x9dE\xaf\x0f\xdb\xe0\xfa\x10\xc3\xb2\xf8\x80\x8c\xec$\xda\xc0\x94y1\t\xc5`\xda\xca\xd1\xab:\x18\x10\x9b\xd0w', 0x0)
write$binfmt_misc(r0, &(0x7f0000000180)="e502", 0x2)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="0b00000007000000010001004900000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000580), &(0x7f00000005c0)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000650000000800000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000140)='kmem_cache_free\x00', r3}, 0x10)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

194.261177ms ago: executing program 3 (id=1395):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x15, 0x3, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x1e}}, &(0x7f0000000080)='GPL\x00', 0x4, 0x98, &(0x7f00000001c0)=""/152, 0x40f00}, 0x94)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, 0x0, 0x0}, 0x94)

174.365027ms ago: executing program 0 (id=1396):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000140)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/tcp6\x00')
pread64(r1, &(0x7f00000000c0)=""/169, 0xa9, 0x4fd7)

156.266817ms ago: executing program 3 (id=1397):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a80)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fdff00000000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000002d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0xe, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001780)=ANY=[@ANYBLOB="200000001000010700000000000000000a0000000c0002006e6c3830323131"], 0x20}}, 0x0)

55.807309ms ago: executing program 3 (id=1398):
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000440)={&(0x7f0000001fc0)={0x4c0, 0x0, 0x10, 0x70bd2c, 0x25dfdbfe, {{}, {@void, @val={0xc, 0x99, {0x6, 0x5f}}}}, [@NL80211_ATTR_DURATION={0x8, 0x57, 0xffffffff}, @NL80211_ATTR_FRAME={0x416, 0x33, @reassoc_req={{{0x0, 0x0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1}, {0x2}, @device_a, @broadcast, @from_mac, {0x9}, @value=@ver_80211n={0x0, 0x6, 0x0, 0x3, 0x0, 0x3, 0x0, 0x0, 0x1}}, 0x1012, 0x7, @device_a, {0x0, 0x6, @default_ap_ssid}, @val={0x1, 0x4, [{0x12}, {0xc}, {0xc, 0x1}, {0x9, 0x1}]}, @val={0x2d, 0x1a, {0x300, 0x0, 0x0, 0x0, {0x10001, 0x3, 0x0, 0x259, 0x0, 0x0, 0x1, 0x2, 0x1}, 0x8, 0x800, 0x3}}, [{0xdd, 0x13, "c0178b979ea0907e64f86dc8c879099b75bee1"}, {0xdd, 0x9a, "88d9b8d5c21239e0b21953bdfe843cd036b2d09fe760cde293125a05811e5b983addd14710acc51caeb0966ed41097077157afaf9385d1fe3303b163b88cafe118d234b5ff37c231ced120ba0f36522819481494b0f3cccd1a7c0f5e9292c5b98f08405436b43d1943b75befd8cf732371b66eaf5e2a8de5445ba39c8eb372bd7866e58eefb8d4713523cedb1d4b873b43e603f3fa21c30edb99"}, {0xdd, 0xa9, "d5a4d8297fbb8c8028ba2426756193db09436af3f391e9f8fb57810d3b71d9ae99301a8de0d3e711b4427a346d4a60ffcf7cb078cdbe2b2f2b685075b465f009a64dc2314feb46d32d6297160bb4c33660855abac6a3f721001d14f2ebe8cb924c0324bce143b348195b390aaacc68ba9f94e18aea4eddc69af2cac48020347429fe058daf5ff505cdae3d25fd9ef4fbd934a34be741d9c3499e5176116e20e5aa7f09bace36812885"}, {0xdd, 0x94, "e40d9b7894cdaf3963247290e8bc27036e97a326d1167f1edca6c27def93331b627994b9cc997bdbbaab5eb4a0d8dd5d0f465717b4949e8e5ae7abb2322969cd470445bd60b3c6f1777295fff0f928c58f0b2f4ad7a02597cc2fc309ca27787e1300158ff2cf258c7b685400a6508c28762f3d783bcf1a8c50a1ddc108c56b7edcf8b6d20938bb8fd59c22f0557470c10b543ac3"}, {0xdd, 0xd5, "2c3a0de19d84258be5670c8b009a46515ee3b108a03f155dd97b1790ff57c2f1803b26cc9e776ad948f39111b449a685f6808c988471f98cb87ebf5c177eabc67a48c63b39de322fbb397e9191661ddc4b90c164f6535f86ecf858a1d4e09dd1585b87428463251a153629f9b8834b0f881fc6a34af1feccc60fa3ee6266645588f238e684c9c86f41562c962862a24d31ee7b8e234bd127467668fab21465d359ad01bc0b7abc878ef37e1b68afbb05f53d0a7a3084305c6d7faabdd16c41cc98262d71cdc121c8fae5491a669cffba6dab60dfb7"}, {0xdd, 0x6a, "f48e7192a754ab5f2dcdd09e083dbf93438466070cec5f40d1fbff00074eee0ac62178866a45c6b02174638bdbc4c7aa9390e672864aec7b4c2f2e0703619300256db29560a5736fd0196f32315a643cd23b0ef29943c1b6e512251ec8f5f97714b9cd3fabe4633465c9"}, {0xdd, 0x8b, "c7eb2efa02debe2c942e23933974f567a22ea8e4212a8738de284f2c37d6959159eb7691a0bb8e01593b5798fc53a843a2781805fe02bb45bba707f1ccd30fbda62a097693785d8ef747ef40d7cfff8177948def618aa0c026672ffc91e4805cd289f724e46a63d4e7b7b1bb9a86c505a9cc3398fd1363c5e7b876d32cbf3300f4b0cb417b1a23519e1c7a"}]}}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xef}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xc}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0xbb0}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x3}, @NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x4}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x1000}], @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_OFFCHANNEL_TX_OK={0x4}, @NL80211_ATTR_DURATION={0x8, 0x57, 0x7e2}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x28e}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}, @NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0x2e0}, @NL80211_ATTR_CENTER_FREQ1={0x8, 0xa0, 0x4}], @NL80211_ATTR_TX_NO_CCK_RATE={0x4}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x4}]}, 0x4c0}, 0x1, 0x0, 0x0, 0x24011}, 0x404c000)
sendmsg$can_raw(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000880)=@canfd={{0x1, 0x1}, 0x39, 0x0, 0x0, 0x0, "3992ca995e968b0b065f7922b761528f0199602d1e09faf0c0f1c2db040f957a34b2aa413157e3ec06fdcf6128269e6763e9c19b00d4eb026a6375a22b930a64"}, 0x48}, 0x1, 0x0, 0x0, 0x8490}, 0x1)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000300)="d8000000180081064e81f782db4cb904021d0800fe067c05e8fe55a10a0005000140020003600e41b0000900ac0006fc1100000004000500014002000000035c3b61c1d67f6f94007174cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001b14d6d930dfe1d9d322fe7c4650b5b9bd6ee6f63f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0adff010000000000000dd6e4edef3d93452a09004b43370e9703890723f97e46bb5c0754", 0xd6}], 0x1}, 0x20004804)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400})

54.909959ms ago: executing program 0 (id=1399):
open(&(0x7f0000000280)='.\x00', 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x822b01)
fcntl$setsig(r0, 0xa, 0x41)
close(r0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1f00"/20, @ANYRES32=0x1], 0x48)
r1 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[@ANYBLOB='V?\x00\x00-\x00Y'], 0xfe33)
bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000000000000000100083973e37011ab1dfa345009fd21989b14cf0984f218d0ff9f11a82bc5635a9d9013e7fb3aba2e400d482d56cf8ac3bddaf9a816c776cc11714a2edd396cc9debe201f8cd35a85d21bc6cde0be5bb6bd2bbc3ae8501848512e720997b3327c1099a27ad350babc079c3a2cd372dcd3598b2e447ecc762aa105069a23f638aee21e83d7c6b1fed409f7f17", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/14], 0x48)
ioctl$VIDIOC_CREATE_BUFS(0xffffffffffffffff, 0xc100565c, &(0x7f0000000140)={0x0, 0x6, 0x4, {0xb, @pix={0x0, 0x7f, 0x39565559, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}}})
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x2, &(0x7f0000000040)=[{0xa, 0x0, 0x0, 0x7ffc1ffb}, {0x6, 0x10, 0x2, 0x5}]})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000140)=ANY=[@ANYBLOB="480000000906010800000000000020000200feff0900020073797a310000000008000940000004390500010007000000100008800c00078008000940"], 0x48}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
syz_emit_ethernet(0x66, &(0x7f00000000c0)=ANY=[@ANYBLOB="ffffff4503005800000000001cd91670000000e0000001240600a80000000010000800000086dd88a888be05000000000000000100000000000000080022eb00000000200000000200000000000000000000000800645800000053"], 0x0)
setns(0xffffffffffffffff, 0x2000000)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0xc0, 0x78, 0xa, 0x40, 0x112a, 0x1, 0x9e7f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0xa, 0x6b, 0xc5, 0x0, [], [{{0x9, 0x5, 0x6, 0x22}}]}}]}}]}}, 0x0)

0s ago: executing program 3 (id=1400):
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x39)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x800}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, 0x0, &(0x7f0000000300))
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000100)='kmem_cache_free\x00', r0}, 0x18)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ee}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000500)={r2, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x4, 0x600, 0x1}}, 0x20)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
sendmsg$inet6(r1, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)

kernel console output (not intermixed with test programs):

  284.888140][ T8185] ip6gretap0: left promiscuous mode
[  285.070462][   T54] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  285.294695][   T54] usb 1-1: Using ep0 maxpacket: 32
[  285.362931][   T54] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  285.374730][ T2191] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  285.389630][   T54] usb 1-1: config 0 has no interfaces?
[  285.405869][   T54] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  285.418642][   T54] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  285.433215][   T54] usb 1-1: Product: syz
[  285.456849][   T54] usb 1-1: Manufacturer: syz
[  285.477698][   T54] usb 1-1: SerialNumber: syz
[  285.545965][   T54] usb 1-1: config 0 descriptor??
[  285.624883][    T8] usb 3-1: new full-speed USB device number 27 using dummy_hcd
[  285.653131][ T2191] usb 4-1: Using ep0 maxpacket: 16
[  285.745658][ T8189] netlink: 'syz.3.698': attribute type 29 has an invalid length.
[  285.840582][    T8] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  285.866305][    T8] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  285.880308][    T8] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  285.890856][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.913362][ T1185] usb 1-1: USB disconnect, device number 41
[  286.132579][    T8] usb 3-1: usb_control_msg returned -32
[  286.159427][    T8] usbtmc 3-1:16.0: can't read capabilities
[  286.307350][    T8] usb 3-1: USB disconnect, device number 27
[  286.809232][ T8204] netlink: 4 bytes leftover after parsing attributes in process `syz.2.703'.
[  288.195503][ T8218] netlink: 4 bytes leftover after parsing attributes in process `syz.0.708'.
[  288.257201][ T8218] bridge0: entered promiscuous mode
[  288.262792][ T8218] macvtap4: entered promiscuous mode
[  288.307253][ T8218] macvtap4: entered allmulticast mode
[  288.328119][ T8218] bridge0: entered allmulticast mode
[  288.390802][ T8222] bridge0: left allmulticast mode
[  288.398935][ T8222] bridge0: left promiscuous mode
[  288.438462][ T2191] usb 4-1: unable to get BOS descriptor or descriptor too short
[  288.455914][ T2191] usb 4-1: unable to read config index 0 descriptor/start: -71
[  288.472936][ T2191] usb 4-1: can't read configurations, error -71
[  288.816424][ T8230] netlink: 4 bytes leftover after parsing attributes in process `syz.3.712'.
[  288.874665][ T5858] usb 1-1: new full-speed USB device number 42 using dummy_hcd
[  289.114963][ T5858] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  289.145732][ T5858] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  289.170924][ T5858] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  289.192099][ T5858] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.419364][ T5858] usb 1-1: usb_control_msg returned -32
[  289.446511][ T5858] usbtmc 1-1:16.0: can't read capabilities
[  289.517628][ T5858] usb 1-1: USB disconnect, device number 42
[  289.754764][ T2191] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  289.974656][ T2191] usb 4-1: Using ep0 maxpacket: 16
[  290.398701][ T8259] netlink: 4 bytes leftover after parsing attributes in process `syz.1.721'.
[  290.574915][    T9] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  290.824772][    T9] usb 1-1: Using ep0 maxpacket: 16
[  290.852790][ T8256] netlink: 'syz.0.718': attribute type 29 has an invalid length.
[  291.934988][    T8] usb 3-1: new full-speed USB device number 28 using dummy_hcd
[  293.077674][    T8] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  293.089325][    T8] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  293.103713][ T2191] usb 4-1: unable to get BOS descriptor or descriptor too short
[  293.113874][    T8] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  293.124951][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  293.136971][ T2191] usb 4-1: unable to read config index 0 descriptor/start: -71
[  293.147876][ T2191] usb 4-1: can't read configurations, error -71
[  293.307602][ T8282] netlink: 4 bytes leftover after parsing attributes in process `syz.3.730'.
[  293.379070][    T8] usb 3-1: usb_control_msg returned -32
[  293.415849][    T8] usbtmc 3-1:16.0: can't read capabilities
[  293.488708][    T8] usb 3-1: USB disconnect, device number 28
[  294.067493][    T9] usb 1-1: unable to get BOS descriptor or descriptor too short
[  294.105964][    T9] usb 1-1: unable to read config index 0 descriptor/start: -71
[  294.125424][    T9] usb 1-1: can't read configurations, error -71
[  294.325825][ T8308] netlink: 4 bytes leftover after parsing attributes in process `syz.2.740'.
[  294.804676][    T9] usb 1-1: new high-speed USB device number 44 using dummy_hcd
[  294.904752][ T2191] usb 3-1: new full-speed USB device number 29 using dummy_hcd
[  295.024702][    T9] usb 1-1: Using ep0 maxpacket: 16
[  295.111737][ T2191] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  295.146765][ T2191] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  295.164963][ T5858] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  295.186953][ T2191] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  295.234669][ T2191] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.496560][ T2191] usb 3-1: usb_control_msg returned -32
[  295.522599][ T2191] usbtmc 3-1:16.0: can't read capabilities
[  295.571483][ T2191] usb 3-1: USB disconnect, device number 29
[  295.754633][ T5858] usb 2-1: Using ep0 maxpacket: 16
[  295.853266][ T8322] netlink: 'syz.1.746': attribute type 29 has an invalid length.
[  295.983803][ T8334] netlink: 4 bytes leftover after parsing attributes in process `syz.3.751'.
[  297.139559][ T8349] loop3: detected capacity change from 0 to 2048
[  297.204980][ T8349] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  297.413962][ T8353] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  297.434455][ T8353] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 272 with error 28
[  297.448471][ T8353] EXT4-fs (loop3): This should not happen!! Data will be lost
[  297.448471][ T8353] 
[  297.459236][ T8353] EXT4-fs (loop3): Total free blocks count 0
[  297.468458][ T8353] EXT4-fs (loop3): Free/Dirty block details
[  297.476713][ T8353] EXT4-fs (loop3): free_blocks=2415919104
[  297.485517][ T8353] EXT4-fs (loop3): dirty_blocks=272
[  297.501133][ T8353] EXT4-fs (loop3): Block reservation details
[  297.508908][ T8353] EXT4-fs (loop3): i_reserved_data_blocks=17
[  297.924663][    T9] usb 1-1: unable to get BOS descriptor or descriptor too short
[  297.958163][    T9] usb 1-1: unable to read config index 0 descriptor/start: -71
[  297.967405][    T9] usb 1-1: can't read configurations, error -71
[  297.976290][    T9] usb usb1-port1: attempt power cycle
[  298.081637][ T8359] netlink: 8 bytes leftover after parsing attributes in process `syz.0.759'.
[  298.139836][ T8361] netlink: 4 bytes leftover after parsing attributes in process `syz.2.760'.
[  298.194666][ T5858] usb 2-1: unable to get BOS descriptor or descriptor too short
[  298.219969][ T5858] usb 2-1: unable to read config index 0 descriptor/start: -71
[  298.230319][   T11] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  298.237415][ T5858] usb 2-1: can't read configurations, error -71
[  298.484985][    T9] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  298.511152][ T8367] kvm: kvm [8366]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0xc2) = 0xec0000000003
[  298.521622][ T8367] kvm: kvm [8366]: vcpu0, guest rIP: 0x28e Unhandled WRMSR(0xc1) = 0xee0000000003
[  298.541991][    T9] usb 1-1: Using ep0 maxpacket: 8
[  298.544700][ T5791] usb 3-1: new full-speed USB device number 30 using dummy_hcd
[  298.554105][    T9] usb 1-1: config 0 has an invalid interface number: 246 but max is 0
[  298.573063][    T9] usb 1-1: config 0 has no interface number 0
[  298.595994][    T9] usb 1-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3
[  298.613309][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  298.634856][    T9] usb 1-1: Product: syz
[  298.639708][    T9] usb 1-1: Manufacturer: syz
[  298.644442][    T9] usb 1-1: SerialNumber: syz
[  298.665940][    T9] usb 1-1: config 0 descriptor??
[  298.742033][ T5791] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  298.757548][ T5791] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  298.767567][    T9] msi2500 1-1:0.246: Registered as swradio24
[  298.773326][ T5791] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  298.782592][    T9] msi2500 1-1:0.246: SDR API is still slightly experimental and functionality changes may follow
[  298.787651][ T5791] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.904036][ T8359] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  298.924167][ T8359] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  298.963242][   T54] usb 1-1: USB disconnect, device number 45
[  299.023393][ T5791] usb 3-1: GET_CAPABILITIES returned 0
[  299.030820][ T5791] usbtmc 3-1:16.0: can't read capabilities
[  299.234756][   T54] usb 3-1: USB disconnect, device number 30
[  299.676970][ T8388] loop1: detected capacity change from 0 to 512
[  299.689148][ T8388] EXT4-fs: Ignoring removed bh option
[  299.717796][ T8388] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  299.802725][ T8388] EXT4-fs (loop1): 1 truncate cleaned up
[  299.863707][ T8388] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  299.963480][ T8393] netlink: 4 bytes leftover after parsing attributes in process `syz.2.770'.
[  299.987740][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  300.065810][ T5873] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  300.270913][ T5873] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  300.294701][ T5873] usb 1-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  300.303842][ T5873] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  300.315756][ T5873] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.635385][ T5873] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  300.844658][ T5873] usb 2-1: Using ep0 maxpacket: 16
[  300.864963][ T8400] netlink: 'syz.1.771': attribute type 29 has an invalid length.
[  300.994693][ T5858] usb 4-1: new full-speed USB device number 39 using dummy_hcd
[  301.187917][ T5858] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  301.198298][ T5858] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  301.212195][ T5858] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  301.221728][ T5858] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  301.443158][ T5858] usb 4-1: GET_CAPABILITIES returned 0
[  301.449072][ T5858] usbtmc 4-1:16.0: can't read capabilities
[  301.656388][ T5858] usb 4-1: USB disconnect, device number 39
[  302.635267][ T5858] usb 1-1: USB disconnect, device number 46
[  302.642108][ T8386] delete_channel: no stack
[  303.247468][ T8432] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  303.296063][ T8430] tipc: Resetting bearer <eth:syzkaller0>
[  303.422222][ T5873] usb 2-1: unable to get BOS descriptor or descriptor too short
[  303.475942][ T5873] usb 2-1: unable to read config index 0 descriptor/start: -71
[  303.483856][ T5873] usb 2-1: can't read configurations, error -71
[  304.264752][    T9] usb 4-1: new full-speed USB device number 40 using dummy_hcd
[  304.346679][ T5858] tipc: Node number set to 2886997007
[  304.463965][    T9] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  304.481493][    T9] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  304.503031][    T9] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  304.512463][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  304.736855][    T9] usb 4-1: GET_CAPABILITIES returned 0
[  304.742723][    T9] usbtmc 4-1:16.0: can't read capabilities
[  304.952832][ T5791] usb 4-1: USB disconnect, device number 40
[  305.550308][ T8430] tipc: Disabling bearer <eth:syzkaller0>
[  305.788326][ T8459] netlink: 16178 bytes leftover after parsing attributes in process `syz.1.793'.
[  305.826348][ T8459] netlink: 8 bytes leftover after parsing attributes in process `syz.1.793'.
[  305.924736][    T9] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  306.104667][ T5873] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  306.116335][    T9] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  306.137985][    T9] usb 4-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  306.159089][    T9] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  306.179633][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  306.316964][ T5873] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  306.326786][ T5873] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  306.341321][ T5873] usb 2-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  306.352205][ T5873] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  306.360444][ T5873] usb 2-1: Product: syz
[  306.364877][ T5873] usb 2-1: Manufacturer: syz
[  306.370722][ T5873] usb 2-1: SerialNumber: syz
[  306.378484][ T5873] usb 2-1: config 0 descriptor??
[  306.387132][ T5873] redrat3 2-1:0.0: Couldn't find all endpoints
[  306.589842][ T5873] usb 2-1: USB disconnect, device number 46
[  307.194736][   T54] usb 1-1: new high-speed USB device number 47 using dummy_hcd
[  307.404795][   T54] usb 1-1: Using ep0 maxpacket: 16
[  307.730738][ T8478] netlink: 'syz.0.794': attribute type 29 has an invalid length.
[  308.664793][ T8486] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  308.687401][ T2191] usb 4-1: USB disconnect, device number 41
[  308.697446][ T8484] tipc: Resetting bearer <eth:syzkaller0>
[  308.705025][ T8452] delete_channel: no stack
[  309.718677][    T9] tipc: Node number set to 3148794516
[  309.905345][   T54] usb 1-1: unable to get BOS descriptor or descriptor too short
[  309.927155][   T54] usb 1-1: unable to read config index 0 descriptor/start: -71
[  309.944879][   T54] usb 1-1: can't read configurations, error -71
[  310.369407][ T8503] loop0: detected capacity change from 0 to 1024
[  310.377008][ T8503] EXT4-fs: Ignoring removed bh option
[  310.383481][ T8503] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  310.419156][ T8503] EXT4-fs error (device loop0): ext4_quota_enable:7129: comm syz.0.802: inode #2304: comm syz.0.802: iget: illegal inode #
[  310.442641][ T8503] EXT4-fs (loop0): Remounting filesystem read-only
[  310.451769][ T8503] EXT4-fs warning (device loop0): ext4_enable_quotas:7173: Failed to enable quota tracking (type=2, err=-117, ino=2304). Please run e2fsck to fix.
[  310.469236][ T8503] EXT4-fs (loop0): mount failed
[  311.186440][ T8484] tipc: Disabling bearer <eth:syzkaller0>
[  311.273914][ T8515] loop1: detected capacity change from 0 to 164
[  311.320952][ T8515] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  311.376975][ T8515] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  311.394256][ T8517] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.804'.
[  311.417769][ T8515] Symlink component flag not implemented
[  311.429986][ T8515] Symlink component flag not implemented
[  311.452704][ T8515] Symlink component flag not implemented (7)
[  311.475863][ T8515] Symlink component flag not implemented (116)
[  311.523492][ T8517] netlink: 8 bytes leftover after parsing attributes in process `syz.0.804'.
[  311.555092][ T8517] netlink: 8 bytes leftover after parsing attributes in process `syz.0.804'.
[  311.864773][ T5791] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[  312.060857][ T5791] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  312.087696][ T5858] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  312.103141][ T5791] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  312.129488][ T5791] usb 1-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  312.145244][ T5791] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  312.162270][ T5791] usb 1-1: Product: syz
[  312.170363][ T5791] usb 1-1: Manufacturer: syz
[  312.178899][ T5791] usb 1-1: SerialNumber: syz
[  312.194631][ T5791] usb 1-1: config 0 descriptor??
[  312.204736][ T2191] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  312.223693][ T5791] redrat3 1-1:0.0: Couldn't find all endpoints
[  312.309324][ T5858] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  312.331948][ T5858] usb 4-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  312.345793][ T5858] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  312.364674][ T5858] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  312.407762][ T2191] usb 2-1: Using ep0 maxpacket: 16
[  312.426697][ T5858] usb 1-1: USB disconnect, device number 49
[  312.662734][ T8536] lo speed is unknown, defaulting to 1000
[  313.457550][ T8546] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  313.509177][ T8543] tipc: Resetting bearer <eth:syzkaller0>
[  315.301477][ T2191] usb 2-1: unable to get BOS descriptor or descriptor too short
[  315.330054][ T2191] usb 2-1: unable to read config index 0 descriptor/start: -71
[  315.356391][ T2191] usb 2-1: can't read configurations, error -71
[  316.141913][ T8543] tipc: Disabling bearer <eth:syzkaller0>
[  316.157556][ T5791] usb 4-1: USB disconnect, device number 42
[  316.180944][ T8527] delete_channel: no stack
[  316.323182][ T8557] netlink: 8 bytes leftover after parsing attributes in process `syz.3.815'.
[  316.629166][ T8568] loop0: detected capacity change from 0 to 2048
[  316.660872][ T8568] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  316.715256][ T5791] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  316.795656][ T8568] EXT4-fs error (device loop0): ext4_find_extent:936: inode #2: comm syz.0.820: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  316.833145][ T8568] EXT4-fs (loop0): Remounting filesystem read-only
[  316.891622][ T5803] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.964632][ T5791] usb 4-1: Using ep0 maxpacket: 8
[  316.977192][ T5791] usb 4-1: config 0 has an invalid interface number: 246 but max is 0
[  316.996008][ T5791] usb 4-1: config 0 has no interface number 0
[  317.009656][ T5791] usb 4-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3
[  317.024214][ T5791] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  317.045500][ T5791] usb 4-1: Product: syz
[  317.077912][ T5791] usb 4-1: Manufacturer: syz
[  317.086676][ T5791] usb 4-1: SerialNumber: syz
[  317.099038][ T5791] usb 4-1: config 0 descriptor??
[  317.125013][ T8575] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.821'.
[  317.163456][ T5791] msi2500 4-1:0.246: Registered as swradio24
[  317.174452][ T5791] msi2500 4-1:0.246: SDR API is still slightly experimental and functionality changes may follow
[  317.249869][ T8575] netlink: 8 bytes leftover after parsing attributes in process `syz.0.821'.
[  317.260131][ T8575] netlink: 8 bytes leftover after parsing attributes in process `syz.0.821'.
[  317.351758][ T8557] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  317.425715][ T8557] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  317.463949][ T5845] usb 4-1: USB disconnect, device number 43
[  317.485250][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  317.491644][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  317.669488][ T5791] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[  317.815457][ T8583] loop2: detected capacity change from 0 to 512
[  319.488512][ T8582] sched: RT throttling activated
[  320.522601][ T8583] workqueue: Failed to create a rescuer kthread for wq "ext4-rsv-conversion": -EINTR
[  320.522969][ T8583] EXT4-fs: failed to create workqueue
[  320.540263][ T8583] EXT4-fs (loop2): mount failed
[  321.388073][ T5791] usb 1-1: device descriptor read/all, error -71
[  321.774250][ T8597] loop3: detected capacity change from 0 to 2048
[  321.864382][ T8597] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  321.923682][ T8608] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  322.017195][ T8598] tipc: Resetting bearer <eth:syzkaller0>
[  322.048137][ T8609] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  322.095901][ T8609] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 234 with error 28
[  322.138907][ T8609] EXT4-fs (loop3): This should not happen!! Data will be lost
[  322.138907][ T8609] 
[  322.154159][ T8609] EXT4-fs (loop3): Total free blocks count 0
[  322.160650][ T8609] EXT4-fs (loop3): Free/Dirty block details
[  322.167985][ T8609] EXT4-fs (loop3): free_blocks=2415919104
[  322.176765][ T8609] EXT4-fs (loop3): dirty_blocks=240
[  322.182041][ T8609] EXT4-fs (loop3): Block reservation details
[  322.192050][ T8609] EXT4-fs (loop3): i_reserved_data_blocks=15
[  322.998824][ T2191] tipc: Node number set to 3688549657
[  323.135987][ T8618] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.833'.
[  323.240127][ T8618] netlink: 8 bytes leftover after parsing attributes in process `syz.0.833'.
[  323.262426][ T8618] netlink: 8 bytes leftover after parsing attributes in process `syz.0.833'.
[  323.555807][ T5791] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  323.749515][ T5791] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  323.759545][ T5791] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  323.773552][ T5791] usb 1-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  323.790275][ T5791] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.799497][ T5791] usb 1-1: Product: syz
[  323.803719][ T5791] usb 1-1: Manufacturer: syz
[  323.810548][ T5791] usb 1-1: SerialNumber: syz
[  323.830027][ T5791] usb 1-1: config 0 descriptor??
[  323.844689][ T5791] redrat3 1-1:0.0: Couldn't find all endpoints
[  324.050702][ T5791] usb 1-1: USB disconnect, device number 52
[  324.364021][ T8598] tipc: Disabling bearer <eth:syzkaller0>
[  324.372785][ T8612] netlink: 'syz.2.830': attribute type 20 has an invalid length.
[  324.518920][   T48] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  324.526662][   T28] audit: type=1107 audit(1753396870.758:57): pid=8620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  324.836118][ T8635] loop1: detected capacity change from 0 to 2048
[  324.866284][ T8635] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  324.897086][   T28] audit: type=1326 audit(1753396871.128:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8634 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3758e9a9 code=0x7ffc0000
[  324.920188][   T28] audit: type=1326 audit(1753396871.148:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8634 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3758e9a9 code=0x7ffc0000
[  324.946438][   T28] audit: type=1326 audit(1753396871.148:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8634 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca3758e9a9 code=0x7ffc0000
[  324.972274][   T28] audit: type=1326 audit(1753396871.148:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8634 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3758e9a9 code=0x7ffc0000
[  324.996737][   T28] audit: type=1326 audit(1753396871.148:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8634 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3758e9a9 code=0x7ffc0000
[  325.019523][   T28] audit: type=1326 audit(1753396871.148:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8634 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fca3758e9a9 code=0x7ffc0000
[  325.047546][   T28] audit: type=1326 audit(1753396871.148:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8634 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3758e9a9 code=0x7ffc0000
[  325.071104][ T5858] usb 1-1: new full-speed USB device number 53 using dummy_hcd
[  325.097243][   T28] audit: type=1326 audit(1753396871.158:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8634 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3758e9a9 code=0x7ffc0000
[  325.132631][   T28] audit: type=1326 audit(1753396871.158:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8634 comm="syz.1.841" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca3758e9a9 code=0x7ffc0000
[  325.163146][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.272773][ T8643] netlink: 'syz.3.842': attribute type 20 has an invalid length.
[  325.282660][ T5858] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  325.298509][ T5858] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  325.345170][ T5858] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  325.356112][ T5858] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  325.381181][ T8645] syzkaller0: entered promiscuous mode
[  325.404088][ T8645] syzkaller0: entered allmulticast mode
[  325.579415][ T5858] usb 1-1: GET_CAPABILITIES returned 0
[  325.622684][ T5858] usbtmc 1-1:16.0: can't read capabilities
[  325.787065][ T6952] usb 1-1: USB disconnect, device number 53
[  326.094656][ T5791] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  326.302230][ T8652] loop3: detected capacity change from 0 to 2048
[  326.326374][ T5791] usb 3-1: Using ep0 maxpacket: 32
[  326.380049][ T8652] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  326.420735][ T5791] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  326.504000][ T5791] usb 3-1: config 0 has no interface number 0
[  326.566013][ T5791] usb 3-1: config 0 interface 184 has no altsetting 0
[  326.633850][ T8655] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  326.637374][ T5791] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  326.673158][ T5791] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.689012][ T5791] usb 3-1: Product: syz
[  326.699153][ T5791] usb 3-1: Manufacturer: syz
[  326.703917][ T5791] usb 3-1: SerialNumber: syz
[  326.704448][ T8655] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 184 with error 28
[  326.725748][ T8655] EXT4-fs (loop3): This should not happen!! Data will be lost
[  326.725748][ T8655] 
[  326.766452][ T5791] usb 3-1: config 0 descriptor??
[  326.794627][ T8655] EXT4-fs (loop3): Total free blocks count 0
[  326.815505][ T5791] smsc75xx v1.0.0
[  326.819223][ T5791] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  326.831241][ T8655] EXT4-fs (loop3): Free/Dirty block details
[  326.863642][ T8655] EXT4-fs (loop3): free_blocks=2415919104
[  326.870833][ T5791] smsc75xx: probe of 3-1:0.184 failed with error -22
[  326.883068][ T8655] EXT4-fs (loop3): dirty_blocks=192
[  326.914956][ T8655] EXT4-fs (loop3): Block reservation details
[  326.930401][ T8655] EXT4-fs (loop3): i_reserved_data_blocks=12
[  326.942141][ T8660] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.847'.
[  327.042784][ T8660] netlink: 8 bytes leftover after parsing attributes in process `syz.0.847'.
[  327.057903][ T8660] netlink: 8 bytes leftover after parsing attributes in process `syz.0.847'.
[  327.357940][ T5791] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  327.563181][ T5791] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  327.574030][ T5791] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  327.599988][ T5791] usb 1-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  327.610352][ T5791] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  327.628699][ T5791] usb 1-1: Product: syz
[  327.642702][ T5791] usb 1-1: Manufacturer: syz
[  327.648651][ T5791] usb 1-1: SerialNumber: syz
[  327.666406][ T5791] usb 1-1: config 0 descriptor??
[  327.683950][ T5791] redrat3 1-1:0.0: Couldn't find all endpoints
[  327.890729][ T6952] usb 1-1: USB disconnect, device number 54
[  329.110244][ T2898] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  329.623620][ T8694] netlink: 16178 bytes leftover after parsing attributes in process `syz.3.856'.
[  329.689309][ T8694] netlink: 8 bytes leftover after parsing attributes in process `syz.3.856'.
[  329.696150][ T8691] netlink: 'syz.1.853': attribute type 20 has an invalid length.
[  329.710908][ T8694] netlink: 8 bytes leftover after parsing attributes in process `syz.3.856'.
[  329.994645][ T5791] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  330.092047][ T5858] usb 3-1: USB disconnect, device number 31
[  330.206610][ T5791] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  330.231242][ T5791] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  330.248431][ T5791] usb 4-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  330.276257][ T5791] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  330.288008][ T5791] usb 4-1: Product: syz
[  330.298999][ T5791] usb 4-1: Manufacturer: syz
[  330.303669][ T5791] usb 4-1: SerialNumber: syz
[  330.321927][ T5791] usb 4-1: config 0 descriptor??
[  330.337067][ T5791] redrat3 4-1:0.0: Couldn't find all endpoints
[  330.539665][ T5791] usb 4-1: USB disconnect, device number 44
[  330.969615][ T8700] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.978675][ T8700] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.306962][ T8712] loop3: detected capacity change from 0 to 2048
[  331.354043][ T8712] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  331.493184][ T8716] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  331.514889][ T8716] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 686 with error 28
[  331.527974][ T8716] EXT4-fs (loop3): This should not happen!! Data will be lost
[  331.527974][ T8716] 
[  331.537803][ T8716] EXT4-fs (loop3): Total free blocks count 0
[  331.544040][ T8716] EXT4-fs (loop3): Free/Dirty block details
[  331.554055][ T8716] EXT4-fs (loop3): free_blocks=2415919104
[  331.560570][ T8716] EXT4-fs (loop3): dirty_blocks=688
[  331.565956][ T8716] EXT4-fs (loop3): Block reservation details
[  331.572074][ T8716] EXT4-fs (loop3): i_reserved_data_blocks=43
[  332.145691][ T8700] netdevsim netdevsim0 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  332.154142][ T8700] netdevsim netdevsim0 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  332.162844][ T8700] netdevsim netdevsim0 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  332.171502][ T8700] netdevsim netdevsim0 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  332.237828][ T8700] macvtap1: left promiscuous mode
[  332.242901][ T8700] macvtap1: left allmulticast mode
[  332.250035][ T8700] macvtap2: left promiscuous mode
[  332.258402][ T8700] macvtap2: left allmulticast mode
[  332.263755][ T8700] vlan2: left promiscuous mode
[  332.268842][ T8700] syz_tun: left promiscuous mode
[  332.274081][ T8700] macvtap3: left promiscuous mode
[  332.279376][ T8700] macvtap3: left allmulticast mode
[  332.284752][ T8700] macvtap4: left promiscuous mode
[  332.289914][ T8700] macvtap4: left allmulticast mode
[  332.360893][ T8702] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  332.379296][ T8697] tipc: Resetting bearer <eth:syzkaller0>
[  332.517193][ T1314] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  332.863132][ T5845] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  333.068033][ T5845] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  333.087840][ T5845] usb 1-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  333.107239][ T5845] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  333.127529][ T5845] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.313383][ T8697] tipc: Disabling bearer <eth:syzkaller0>
[  334.938973][ T8744] syzkaller0: entered promiscuous mode
[  334.953778][ T8744] syzkaller0: entered allmulticast mode
[  335.065150][ T5858] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  335.270870][ T5858] usb 3-1: Using ep0 maxpacket: 32
[  335.282773][ T5858] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  335.313226][ T5858] usb 3-1: config 0 has no interface number 0
[  335.320397][ T5858] usb 3-1: config 0 interface 184 has no altsetting 0
[  335.340222][ T5858] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  335.360509][ T5858] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.425185][ T5858] usb 3-1: Product: syz
[  335.497905][ T5858] usb 3-1: Manufacturer: syz
[  335.505034][ T5858] usb 3-1: SerialNumber: syz
[  335.511922][ T5858] usb 3-1: config 0 descriptor??
[  335.523763][ T5858] smsc75xx v1.0.0
[  335.528249][ T5858] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  335.565942][ T5858] smsc75xx: probe of 3-1:0.184 failed with error -22
[  338.276672][    T9] usb 1-1: USB disconnect, device number 55
[  338.296852][ T8723] delete_channel: no stack
[  338.332824][ T5858] usb 3-1: USB disconnect, device number 32
[  338.397463][ T8750] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  338.417063][ T8750] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  338.433867][ T8750] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  338.444258][ T8750] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  338.697112][ T8759] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  338.733137][ T8758] tipc: Resetting bearer <eth:syzkaller0>
[  339.677748][ T5791] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  339.865705][ T5791] usb 3-1: Using ep0 maxpacket: 32
[  339.877494][ T5791] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  339.887112][ T5791] usb 3-1: config 0 has no interface number 0
[  339.893752][ T5791] usb 3-1: config 0 interface 184 has no altsetting 0
[  339.918060][ T5791] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  339.931867][ T5791] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.951068][ T5791] usb 3-1: Product: syz
[  339.960643][ T5791] usb 3-1: Manufacturer: syz
[  339.966866][ T5791] usb 3-1: SerialNumber: syz
[  339.985750][ T5791] usb 3-1: config 0 descriptor??
[  340.075563][ T5791] smsc75xx v1.0.0
[  340.079363][ T5791] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  340.095437][ T5791] smsc75xx: probe of 3-1:0.184 failed with error -22
[  340.414849][ T5799] Bluetooth: hci2: command 0x0c1a tx timeout
[  340.420961][ T5799] Bluetooth: hci0: command 0x0c1a tx timeout
[  340.505431][ T5799] Bluetooth: hci3: command 0x0c1a tx timeout
[  340.505464][   T50] Bluetooth: hci1: command 0x0c1a tx timeout
[  341.152284][ T8758] tipc: Disabling bearer <eth:syzkaller0>
[  341.332637][ T8792] loop1: detected capacity change from 0 to 2048
[  341.362246][ T8792] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  341.517908][ T8800] lo speed is unknown, defaulting to 1000
[  341.559942][ T8801] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  341.577371][ T8801] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 222 with error 28
[  341.592943][ T8801] EXT4-fs (loop1): This should not happen!! Data will be lost
[  341.592943][ T8801] 
[  341.607924][ T8801] EXT4-fs (loop1): Total free blocks count 0
[  341.614199][ T8801] EXT4-fs (loop1): Free/Dirty block details
[  341.620836][ T8801] EXT4-fs (loop1): free_blocks=2415919104
[  341.628152][ T8801] EXT4-fs (loop1): dirty_blocks=224
[  341.633510][ T8801] EXT4-fs (loop1): Block reservation details
[  341.640700][ T8801] EXT4-fs (loop1): i_reserved_data_blocks=14
[  341.746024][   T48] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  341.991296][ T8810] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  341.997967][ T8810] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  342.004989][ T8810] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  342.012481][ T8810] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  342.516746][ T8818] loop3: detected capacity change from 0 to 2048
[  342.589679][ T8818] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  342.707038][ T5858] usb 3-1: USB disconnect, device number 33
[  342.829889][ T8822] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  342.884793][ T8822] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 316 with error 28
[  342.936842][ T8822] EXT4-fs (loop3): This should not happen!! Data will be lost
[  342.936842][ T8822] 
[  342.969984][ T8822] EXT4-fs (loop3): Total free blocks count 0
[  342.987449][ T8822] EXT4-fs (loop3): Free/Dirty block details
[  342.993657][ T8822] EXT4-fs (loop3): free_blocks=2415919104
[  343.017347][ T8822] EXT4-fs (loop3): dirty_blocks=320
[  343.040519][ T8822] EXT4-fs (loop3): Block reservation details
[  343.080057][ T8822] EXT4-fs (loop3): i_reserved_data_blocks=20
[  343.103208][ T8816] syz.1.887[8816] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  343.103318][ T8816] syz.1.887[8816] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  343.474804][   T48] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  343.611767][ T8832] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  343.668092][ T8830] tipc: Resetting bearer <eth:syzkaller0>
[  343.935739][   T50] Bluetooth: hci0: command 0x0c1a tx timeout
[  344.024765][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[  344.031023][   T50] Bluetooth: hci1: command 0x0c1a tx timeout
[  344.032624][ T5799] Bluetooth: hci2: command 0x0c1a tx timeout
[  344.948337][ T8841] loop0: detected capacity change from 0 to 2048
[  344.996604][ T8841] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  345.178055][ T8844] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  345.197525][ T8844] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 210 with max blocks 468 with error 28
[  345.210851][ T8844] EXT4-fs (loop0): This should not happen!! Data will be lost
[  345.210851][ T8844] 
[  345.222866][ T8844] EXT4-fs (loop0): Total free blocks count 0
[  345.229386][ T8844] EXT4-fs (loop0): Free/Dirty block details
[  345.235502][ T8844] EXT4-fs (loop0): free_blocks=2415919104
[  345.241321][ T8844] EXT4-fs (loop0): dirty_blocks=688
[  345.247695][ T8844] EXT4-fs (loop0): Block reservation details
[  345.253737][ T8844] EXT4-fs (loop0): i_reserved_data_blocks=43
[  345.369035][   T42] EXT4-fs (loop0): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  346.187640][    T9] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  346.384728][    T9] usb 1-1: Using ep0 maxpacket: 32
[  346.402470][    T9] usb 1-1: config 0 has an invalid interface number: 184 but max is 0
[  346.416497][    T9] usb 1-1: config 0 has no interface number 0
[  346.422708][    T9] usb 1-1: config 0 interface 184 has no altsetting 0
[  346.460647][    T9] usb 1-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  346.461454][ T8830] tipc: Disabling bearer <eth:syzkaller0>
[  346.477270][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.486339][    T9] usb 1-1: Product: syz
[  346.490637][    T9] usb 1-1: Manufacturer: syz
[  346.506488][    T9] usb 1-1: SerialNumber: syz
[  346.540803][    T9] usb 1-1: config 0 descriptor??
[  346.562708][    T9] smsc75xx v1.0.0
[  346.598077][    T9] smsc75xx 1-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  346.663489][    T9] smsc75xx: probe of 1-1:0.184 failed with error -22
[  346.878059][   T28] kauditd_printk_skb: 26 callbacks suppressed
[  346.878075][   T28] audit: type=1326 audit(1753396893.108:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8858 comm="syz.1.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3758e9a9 code=0x7ffc0000
[  346.986569][   T28] audit: type=1326 audit(1753396893.108:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8858 comm="syz.1.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3758e9a9 code=0x7ffc0000
[  347.075888][   T28] audit: type=1326 audit(1753396893.118:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8858 comm="syz.1.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fca3758e9a9 code=0x7ffc0000
[  347.153047][   T28] audit: type=1326 audit(1753396893.158:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8858 comm="syz.1.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3758e9a9 code=0x7ffc0000
[  347.269039][   T28] audit: type=1326 audit(1753396893.158:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8858 comm="syz.1.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7fca3758e9a9 code=0x7ffc0000
[  347.301895][   T28] audit: type=1326 audit(1753396893.158:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8858 comm="syz.1.900" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca3758e9a9 code=0x7ffc0000
[  347.504621][ T5858] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  347.699860][ T8875] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  347.711864][ T8875] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  347.723595][ T8875] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  347.735679][ T8875] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  347.756697][ T5858] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  347.771260][ T5858] usb 3-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  347.788283][ T5858] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  347.818106][ T5858] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  348.064703][    T9] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  348.264675][    T9] usb 2-1: Using ep0 maxpacket: 8
[  348.280535][    T9] usb 2-1: config 0 has an invalid interface number: 246 but max is 0
[  348.301622][    T9] usb 2-1: config 0 has no interface number 0
[  348.336256][    T9] usb 2-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3
[  348.345690][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  348.353901][    T9] usb 2-1: Product: syz
[  348.360729][    T9] usb 2-1: Manufacturer: syz
[  348.367445][    T9] usb 2-1: SerialNumber: syz
[  348.391722][    T9] usb 2-1: config 0 descriptor??
[  348.535373][    T9] msi2500 2-1:0.246: Registered as swradio24
[  348.554323][    T9] msi2500 2-1:0.246: SDR API is still slightly experimental and functionality changes may follow
[  348.609594][ T8877] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  348.684950][ T8877] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  348.737782][    T9] usb 2-1: USB disconnect, device number 49
[  348.887765][ T2191] usb 1-1: USB disconnect, device number 56
[  349.189316][ T8887] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  349.221656][ T8885] tipc: Resetting bearer <eth:syzkaller0>
[  349.365599][ T8889] netlink: 12 bytes leftover after parsing attributes in process `syz.1.907'.
[  349.544615][   T50] Bluetooth: hci0: command 0x0c1a tx timeout
[  349.778957][ T5799] Bluetooth: hci1: command 0x0c1a tx timeout
[  349.785385][ T5101] Bluetooth: hci2: command 0x0c1a tx timeout
[  349.791481][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[  351.366823][ T8885] tipc: Disabling bearer <eth:syzkaller0>
[  351.387615][    T9] usb 3-1: USB disconnect, device number 34
[  351.396565][ T8870] delete_channel: no stack
[  351.625435][ T8904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.912'.
[  351.783073][ T8911] loop3: detected capacity change from 0 to 164
[  351.849297][ T8911] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  351.874094][ T8911] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  351.896592][ T8911] Symlink component flag not implemented
[  351.902876][ T8911] Symlink component flag not implemented
[  351.929699][ T8911] Symlink component flag not implemented (7)
[  351.942999][ T8911] Symlink component flag not implemented (116)
[  352.044881][    T9] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  352.166629][ T8923] netlink: 16178 bytes leftover after parsing attributes in process `syz.3.919'.
[  352.224710][    T9] usb 2-1: Using ep0 maxpacket: 32
[  352.238137][    T9] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  352.265116][    T9] usb 2-1: config 0 has no interface number 0
[  352.273987][    T9] usb 2-1: config 0 interface 184 has no altsetting 0
[  352.286012][    T9] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  352.303518][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.304214][ T8923] netlink: 8 bytes leftover after parsing attributes in process `syz.3.919'.
[  352.331316][ T8923] netlink: 8 bytes leftover after parsing attributes in process `syz.3.919'.
[  352.352695][    T9] usb 2-1: Product: syz
[  352.371166][    T9] usb 2-1: Manufacturer: syz
[  352.382851][    T9] usb 2-1: SerialNumber: syz
[  352.394787][    T9] usb 2-1: config 0 descriptor??
[  352.413512][    T9] smsc75xx v1.0.0
[  352.419991][    T9] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  352.441200][    T9] smsc75xx: probe of 2-1:0.184 failed with error -22
[  352.494710][ T5858] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  352.624661][ T5845] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  352.728770][ T5858] usb 1-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  352.739694][ T5858] usb 1-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  352.759982][ T5858] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  352.780348][ T5858] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  352.868345][ T5845] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  352.878275][ T5845] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  352.906621][ T5845] usb 4-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  352.916237][ T5845] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.924747][ T5845] usb 4-1: Product: syz
[  352.929262][ T5845] usb 4-1: Manufacturer: syz
[  352.934043][ T5845] usb 4-1: SerialNumber: syz
[  352.951559][ T5845] usb 4-1: config 0 descriptor??
[  352.966077][ T5845] redrat3 4-1:0.0: Couldn't find all endpoints
[  353.168318][ T5845] usb 4-1: USB disconnect, device number 45
[  353.493627][ T8925] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  353.565181][ T8925] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  353.582729][ T8925] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  353.597412][ T8925] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  354.574858][   T50] Bluetooth: hci0: command 0x0c1a tx timeout
[  354.598677][ T8935] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  354.627048][ T8934] tipc: Resetting bearer <eth:syzkaller0>
[  355.554116][ T5845] usb 2-1: USB disconnect, device number 50
[  355.623425][ T5799] Bluetooth: hci2: command 0x0c1a tx timeout
[  355.625300][ T2191] tipc: Node number set to 4076619024
[  355.629908][   T50] Bluetooth: hci1: command 0x0c1a tx timeout
[  355.697711][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[  356.771294][ T8934] tipc: Disabling bearer <eth:syzkaller0>
[  356.795453][ T5845] usb 1-1: USB disconnect, device number 57
[  356.803678][ T8920] delete_channel: no stack
[  356.972020][ T8944] netlink: 28 bytes leftover after parsing attributes in process `syz.0.924'.
[  357.228424][ T8957] loop3: detected capacity change from 0 to 1024
[  357.253450][ T8957] EXT4-fs: Ignoring removed bh option
[  357.275795][ T8957] EXT4-fs: Ignoring removed nomblk_io_submit option
[  357.310244][ T8957] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  357.378791][ T8957] syz.3.929[8957] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  357.378966][ T8957] syz.3.929[8957] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  357.539400][ T8964] netlink: 20 bytes leftover after parsing attributes in process `syz.3.929'.
[  357.850546][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.011861][ T8969] netlink: 4 bytes leftover after parsing attributes in process `,&#^%'.
[  358.153024][ T8965] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  358.163911][ T8965] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  358.165612][ T8965] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  358.166062][ T8965] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  358.529096][ T8978] loop2: detected capacity change from 0 to 1024
[  358.536651][ T5858] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  358.568964][ T8978] EXT4-fs: Ignoring removed orlov option
[  358.617442][ T8978] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  358.676296][ T8978] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  358.742885][ T8982] netlink: 28 bytes leftover after parsing attributes in process `syz.1.936'.
[  358.798977][ T5858] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  358.835758][ T8978] EXT4-fs error (device loop2): ext4_find_dest_de:2115: inode #12: block 7: comm syz.2.933: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[  358.867354][ T5858] usb 4-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  359.046937][ T8978] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2867: Unable to expand inode 12. Delete some EAs or run e2fsck.
[  359.060458][ T5858] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  359.075474][ T5858] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  359.922899][   T50] Bluetooth: hci0: command 0x0c1a tx timeout
[  360.068871][ T8988] EXT4-fs error (device loop2): ext4_check_all_de:666: inode #12: block 7: comm syz.2.933: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0
[  360.159402][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  360.175649][ T5799] Bluetooth: hci1: command 0x0c1a tx timeout
[  360.175655][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[  360.175703][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  360.264343][ T2191] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x1
[  360.279694][ T2191] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0
[  360.292284][ T2191] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0
[  360.314385][ T2191] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0
[  360.333587][ T2191] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0
[  360.363158][ T2191] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x2
[  360.387521][ T2191] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0
[  360.404974][ T2191] hid-generic 0000:007F:FFFFFFFE.0001: unknown main item tag 0x0
[  360.412923][ T2191] hid-generic 0000:007F:FFFFFFFE.0001: collection stack underflow
[  360.422283][ T2191] hid-generic 0000:007F:FFFFFFFE.0001: item 0 0 0 12 parsing failed
[  360.433916][ T2191] hid-generic: probe of 0000:007F:FFFFFFFE.0001 failed with error -22
[  360.654756][ T5858] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  360.854614][ T5858] usb 3-1: Using ep0 maxpacket: 16
[  360.886509][ T8994] netlink: 'syz.2.939': attribute type 29 has an invalid length.
[  360.899543][ T8999] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.941'.
[  360.944061][ T8999] netlink: 8 bytes leftover after parsing attributes in process `syz.0.941'.
[  360.953637][ T8999] netlink: 8 bytes leftover after parsing attributes in process `syz.0.941'.
[  361.017439][ T5858] usb 3-1: unable to get BOS descriptor or descriptor too short
[  361.030000][ T5858] usb 3-1: unable to read config index 0 descriptor/start: -71
[  361.038320][ T5858] usb 3-1: can't read configurations, error -71
[  361.224370][ T5873] usb 4-1: USB disconnect, device number 46
[  361.232030][ T8974] delete_channel: no stack
[  361.240245][ T2191] usb 1-1: new high-speed USB device number 58 using dummy_hcd
[  361.320199][ T9003] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  361.436918][ T2191] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  361.449827][ T2191] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  361.467060][ T2191] usb 1-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  361.477341][ T2191] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  361.486901][ T2191] usb 1-1: Product: syz
[  361.492024][ T2191] usb 1-1: Manufacturer: syz
[  361.514689][ T2191] usb 1-1: SerialNumber: syz
[  361.526976][ T2191] usb 1-1: config 0 descriptor??
[  361.561029][ T2191] redrat3 1-1:0.0: Couldn't find all endpoints
[  361.765177][ T2191] usb 1-1: USB disconnect, device number 58
[  361.835759][ T6952] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  362.056703][ T6952] usb 4-1: config 0 has no interfaces?
[  362.063143][ T6952] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  362.063167][ T6952] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  362.063182][ T6952] usb 4-1: Product: syz
[  362.063192][ T6952] usb 4-1: Manufacturer: syz
[  362.063203][ T6952] usb 4-1: SerialNumber: syz
[  362.066444][ T6952] usb 4-1: config 0 descriptor??
[  362.409627][ T9026] netlink: 4 bytes leftover after parsing attributes in process `syz.3.945'.
[  362.455896][ T9026] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  362.479572][ T9026] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  362.544875][ T6952] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  362.944659][ T6952] usb 3-1: Using ep0 maxpacket: 32
[  362.962110][ T6952] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  362.974689][ T6952] usb 3-1: config 0 has no interface number 0
[  362.982054][ T6952] usb 3-1: config 0 interface 184 has no altsetting 0
[  363.009464][ T6952] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  363.026032][ T6952] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  363.040609][ T6952] usb 3-1: Product: syz
[  363.047752][ T6952] usb 3-1: Manufacturer: syz
[  363.052387][ T6952] usb 3-1: SerialNumber: syz
[  363.085902][ T6952] usb 3-1: config 0 descriptor??
[  363.114246][ T6952] smsc75xx v1.0.0
[  363.167370][ T6952] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  363.241918][ T6952] smsc75xx: probe of 3-1:0.184 failed with error -22
[  363.254670][ T2191] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  363.437732][ T2191] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  363.461681][ T2191] usb 2-1: config 27 has 0 interfaces, different from the descriptor's value: 1
[  363.480816][ T2191] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  363.497701][ T2191] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  363.505983][ T5873] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  363.714615][ T5873] usb 1-1: Using ep0 maxpacket: 16
[  363.730490][ T9042] netlink: 'syz.0.954': attribute type 29 has an invalid length.
[  363.966550][ T5873] usb 1-1: unable to get BOS descriptor or descriptor too short
[  363.993391][ T5873] usb 1-1: unable to read config index 0 descriptor/start: -71
[  364.011874][ T5873] usb 1-1: can't read configurations, error -71
[  364.604645][ T2191] usb 4-1: USB disconnect, device number 47
[  365.107725][ T6952] usb 3-1: USB disconnect, device number 37
[  365.178741][ T9055] loop2: detected capacity change from 0 to 164
[  365.194432][ T9055] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  365.213111][ T9055] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  365.222745][ T9055] Symlink component flag not implemented
[  365.230465][ T9055] Symlink component flag not implemented
[  365.236804][ T9055] Symlink component flag not implemented (7)
[  365.242931][ T9055] Symlink component flag not implemented (116)
[  365.348991][ T9057] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.959'.
[  365.408201][ T9057] netlink: 8 bytes leftover after parsing attributes in process `syz.2.959'.
[  365.417316][ T9057] netlink: 8 bytes leftover after parsing attributes in process `syz.2.959'.
[  365.528949][ T9060] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  365.537210][ T9059] tipc: Resetting bearer <eth:syzkaller0>
[  365.714637][ T6952] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  365.937034][ T6952] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  365.947146][ T6952] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  365.959675][ T6952] usb 3-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  365.968855][ T6952] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  365.976968][ T6952] usb 3-1: Product: syz
[  365.981192][ T6952] usb 3-1: Manufacturer: syz
[  365.985974][ T6952] usb 3-1: SerialNumber: syz
[  366.000511][ T6952] usb 3-1: config 0 descriptor??
[  366.023171][ T6952] redrat3 3-1:0.0: Couldn't find all endpoints
[  366.234127][ T5858] usb 3-1: USB disconnect, device number 38
[  367.390840][ T9059] tipc: Disabling bearer <eth:syzkaller0>
[  367.403442][ T5791] usb 2-1: USB disconnect, device number 51
[  367.415433][ T9033] delete_channel: no stack
[  367.555788][ T9064] netlink: 4 bytes leftover after parsing attributes in process `,&#^%'.
[  367.559851][ T9066] loop3: detected capacity change from 0 to 1024
[  367.607863][ T9066] EXT4-fs: Ignoring removed orlov option
[  367.637791][ T9066] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  367.703755][ T9066] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  367.834670][    T9] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  367.854899][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.014846][ T5858] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  368.058185][    T9] usb 3-1: Using ep0 maxpacket: 8
[  368.059908][ T9079] netlink: 20 bytes leftover after parsing attributes in process `syz.1.967'.
[  368.128528][    T9] usb 3-1: config 0 has an invalid interface number: 246 but max is 0
[  368.210514][    T9] usb 3-1: config 0 has no interface number 0
[  368.234168][ T5858] usb 1-1: config 0 has no interfaces?
[  368.244187][    T9] usb 3-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3
[  368.268964][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.282786][    T9] usb 3-1: Product: syz
[  368.284121][ T5858] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  368.294978][    T9] usb 3-1: Manufacturer: syz
[  368.300868][    T9] usb 3-1: SerialNumber: syz
[  368.313082][    T9] usb 3-1: config 0 descriptor??
[  368.385404][    T9] msi2500 3-1:0.246: Registered as swradio24
[  368.401975][ T5858] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.413582][    T9] msi2500 3-1:0.246: SDR API is still slightly experimental and functionality changes may follow
[  368.429647][ T5858] usb 1-1: Product: syz
[  368.433857][ T5858] usb 1-1: Manufacturer: syz
[  368.447041][ T5858] usb 1-1: SerialNumber: syz
[  368.455665][ T5858] usb 1-1: config 0 descriptor??
[  368.465827][ T5791] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  368.529084][ T9068] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  368.604947][ T9068] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  368.684905][ T5845] usb 3-1: USB disconnect, device number 39
[  368.735429][ T5791] usb 4-1: Using ep0 maxpacket: 32
[  368.749829][ T5791] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  368.778729][ T5791] usb 4-1: config 0 has no interface number 0
[  368.797161][ T5791] usb 4-1: config 0 interface 184 has no altsetting 0
[  368.819444][ T5791] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  368.854771][ T5791] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.876406][ T5791] usb 4-1: Product: syz
[  368.880627][ T5791] usb 4-1: Manufacturer: syz
[  368.888064][ T5791] usb 4-1: SerialNumber: syz
[  368.908336][ T5791] usb 4-1: config 0 descriptor??
[  368.929550][ T5791] smsc75xx v1.0.0
[  368.933243][ T5791] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  368.948387][ T9087] netlink: 4 bytes leftover after parsing attributes in process `syz.0.965'.
[  368.972518][ T5791] smsc75xx: probe of 4-1:0.184 failed with error -22
[  368.981183][ T9087] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  369.003161][ T9087] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  369.137775][ T9081] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  369.146540][ T9081] batman_adv: batadv0: Removing interface: batadv_slave_0
[  369.158781][ T9081] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  369.167576][ T9081] batman_adv: batadv0: Removing interface: batadv_slave_1
[  369.444246][ T9081] batadv0 (unregistering): left allmulticast mode
[  371.491321][ T5791] usb 1-1: USB disconnect, device number 61
[  371.568343][ T9110] netlink: 20 bytes leftover after parsing attributes in process `syz.0.976'.
[  371.706886][ T9113] netlink: 40 bytes leftover after parsing attributes in process `syz.0.977'.
[  371.722187][ T5791] usb 4-1: USB disconnect, device number 48
[  372.297716][ T9122] netlink: 16178 bytes leftover after parsing attributes in process `syz.1.981'.
[  372.364670][ T9122] netlink: 8 bytes leftover after parsing attributes in process `syz.1.981'.
[  372.705122][ T5791] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  372.899461][ T5791] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  372.963493][ T9133] netlink: 24 bytes leftover after parsing attributes in process `syz.3.985'.
[  372.995412][ T9102] delete_channel: no stack
[  373.003130][ T5791] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  373.036667][ T5791] usb 2-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  373.074012][ T5791] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.164666][   T54] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  373.203206][ T5791] usb 2-1: Product: syz
[  373.233906][ T5791] usb 2-1: Manufacturer: syz
[  373.250405][ T5791] usb 2-1: SerialNumber: syz
[  373.269741][ T5791] usb 2-1: config 0 descriptor??
[  373.285742][ T5791] redrat3 2-1:0.0: Couldn't find all endpoints
[  373.438681][   T54] usb 1-1: config 0 has no interfaces?
[  373.517062][ T2191] usb 2-1: USB disconnect, device number 52
[  373.524251][   T54] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  373.543690][   T54] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.562552][   T54] usb 1-1: Product: syz
[  373.568968][   T54] usb 1-1: Manufacturer: syz
[  373.576507][   T54] usb 1-1: SerialNumber: syz
[  373.652363][   T54] usb 1-1: config 0 descriptor??
[  374.112640][ T9151] netlink: 4 bytes leftover after parsing attributes in process `syz.0.984'.
[  374.266528][ T9144] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  374.284748][ T9144] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  374.304295][ T9144] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  374.356568][ T9154] loop1: detected capacity change from 0 to 1024
[  374.364288][ T9154] EXT4-fs: Ignoring removed bh option
[  374.375090][ T9144] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  374.383578][ T9154] EXT4-fs: Ignoring removed nomblk_io_submit option
[  374.397039][ T9151] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  374.420076][ T9151] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  374.491225][ T9154] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  374.628190][ T9154] syz.1.989[9154] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  374.628296][ T9154] syz.1.989[9154] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  374.722167][ T9154] netlink: 20 bytes leftover after parsing attributes in process `syz.1.989'.
[  375.091503][ T9163] netlink: 40 bytes leftover after parsing attributes in process `syz.3.991'.
[  375.200193][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.774714][   T50] Bluetooth: hci0: command 0x0c1a tx timeout
[  375.854780][ T2191] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  376.000354][ T5858] usb 1-1: USB disconnect, device number 62
[  376.044670][ T2191] usb 2-1: device descriptor read/64, error -71
[  376.068250][ T9172] netlink: 24 bytes leftover after parsing attributes in process `syz.0.995'.
[  376.315213][ T2191] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  376.334830][   T50] Bluetooth: hci1: command 0x0c1a tx timeout
[  376.341853][ T5799] Bluetooth: hci2: command 0x0c1a tx timeout
[  376.414776][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[  376.494654][ T2191] usb 2-1: device descriptor read/64, error -71
[  376.528624][ T9182] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.998'.
[  376.592306][ T9182] netlink: 8 bytes leftover after parsing attributes in process `syz.0.998'.
[  376.601603][ T9182] netlink: 8 bytes leftover after parsing attributes in process `syz.0.998'.
[  376.617325][ T2191] usb usb2-port1: attempt power cycle
[  376.884600][ T5858] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  377.044671][ T2191] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  377.054677][    T9] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  377.086315][ T5858] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  377.097794][ T2191] usb 2-1: device descriptor read/8, error -71
[  377.104277][ T5858] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  377.121474][ T5858] usb 1-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  377.130751][ T5858] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  377.139013][ T5858] usb 1-1: Product: syz
[  377.144640][ T5858] usb 1-1: Manufacturer: syz
[  377.149298][ T5858] usb 1-1: SerialNumber: syz
[  377.160735][ T5858] usb 1-1: config 0 descriptor??
[  377.177631][ T5858] redrat3 1-1:0.0: Couldn't find all endpoints
[  377.244617][    T9] usb 3-1: Using ep0 maxpacket: 8
[  377.252403][    T9] usb 3-1: config 0 has an invalid interface number: 246 but max is 0
[  377.263425][    T9] usb 3-1: config 0 has no interface number 0
[  377.276647][    T9] usb 3-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3
[  377.291410][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  377.300120][    T9] usb 3-1: Product: syz
[  377.306543][    T9] usb 3-1: Manufacturer: syz
[  377.313617][    T9] usb 3-1: SerialNumber: syz
[  377.323979][    T9] usb 3-1: config 0 descriptor??
[  377.364951][ T2191] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  377.394438][ T5858] usb 1-1: USB disconnect, device number 63
[  377.421439][    T9] msi2500 3-1:0.246: Registered as swradio24
[  377.433605][ T2191] usb 2-1: device descriptor read/8, error -71
[  377.443925][    T9] msi2500 3-1:0.246: SDR API is still slightly experimental and functionality changes may follow
[  377.560970][ T9187] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  377.574909][ T2191] usb usb2-port1: unable to enumerate USB device
[  377.583184][ T9187] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  377.596009][ T2191] usb 3-1: USB disconnect, device number 40
[  378.187884][ T9197] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1002'.
[  378.574744][ T2191] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  378.686401][ T9201] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1004'.
[  378.772012][ T2191] usb 3-1: config 0 has no interfaces?
[  378.790116][ T2191] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  378.821076][ T2191] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  378.829825][ T2191] usb 3-1: Product: syz
[  378.834219][ T2191] usb 3-1: Manufacturer: syz
[  378.840007][ T2191] usb 3-1: SerialNumber: syz
[  378.852450][ T2191] usb 3-1: config 0 descriptor??
[  378.901865][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  378.908567][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  379.066436][ T9208] sctp: [Deprecated]: syz.0.1007 (pid 9208) Use of int in max_burst socket option deprecated.
[  379.066436][ T9208] Use struct sctp_assoc_value instead
[  379.144234][ T9180] delete_channel: no stack
[  379.213882][ T9210] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1003'.
[  379.256742][ T9210] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  379.269849][ T9210] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  379.294688][ T2191] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  379.498106][ T2191] usb 2-1: config 0 has no interfaces?
[  379.524718][ T2191] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  379.534397][ T2191] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.542651][ T2191] usb 2-1: Product: syz
[  379.547220][ T2191] usb 2-1: Manufacturer: syz
[  379.551948][ T2191] usb 2-1: SerialNumber: syz
[  379.568051][ T2191] usb 2-1: config 0 descriptor??
[  379.833550][ T9220] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  379.840588][ T9220] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  379.886596][ T9220] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  379.893432][ T9220] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  380.942275][ T9233] syzkaller0: entered promiscuous mode
[  380.951301][ T9233] syzkaller0: entered allmulticast mode
[  381.624683][   T50] Bluetooth: hci0: command 0x0c1a tx timeout
[  381.856987][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  381.940620][ T5799] Bluetooth: hci1: command 0x0c1a tx timeout
[  381.944690][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[  382.003789][ T5858] usb 2-1: USB disconnect, device number 57
[  383.211919][ T9238] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1014'.
[  383.212349][ T2191] usb 3-1: USB disconnect, device number 41
[  383.281559][ T9242] syz.2.1016[9242] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  383.281704][ T9242] syz.2.1016[9242] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  383.317229][ T9243] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1015'.
[  383.442347][ T9245] loop1: detected capacity change from 0 to 2048
[  383.487124][ T9245]  loop1: p1 < > p4
[  383.496367][ T9245] loop1: p4 size 8388608 extends beyond EOD, truncated
[  383.854731][ T2191] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  383.913578][ T5800] udevd[5800]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  383.931779][ T5802] udevd[5802]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  384.084661][ T2191] usb 4-1: Using ep0 maxpacket: 16
[  384.107109][ T9252] netlink: 'syz.3.1018': attribute type 29 has an invalid length.
[  384.519203][ T9263] loop2: detected capacity change from 0 to 164
[  384.558698][ T9263] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  384.834007][ T9272] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1025'.
[  385.276729][ T9270] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  385.285012][ T9270] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  385.293436][ T9270] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  385.304653][ T9270] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  385.641359][ T5873] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  385.747133][ T9287] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1029'.
[  385.928110][ T5873] usb 3-1: config 0 has no interfaces?
[  385.946852][ T5873] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  385.967449][ T5873] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  385.993695][ T5873] usb 3-1: Product: syz
[  386.002264][ T5873] usb 3-1: Manufacturer: syz
[  386.012377][ T5873] usb 3-1: SerialNumber: syz
[  386.029413][ T5873] usb 3-1: config 0 descriptor??
[  386.383727][ T9289] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1024'.
[  386.537761][ T9289] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  386.555156][ T9289] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  386.797492][ T2191] usb 4-1: unable to get BOS descriptor or descriptor too short
[  386.825200][ T2191] usb 4-1: unable to read config index 0 descriptor/start: -71
[  386.864636][ T2191] usb 4-1: can't read configurations, error -71
[  386.974822][   T50] Bluetooth: hci0: command 0x0c1a tx timeout
[  387.294725][   T50] Bluetooth: hci1: command 0x0c1a tx timeout
[  387.300822][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  387.374753][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[  387.628360][ T9298] loop1: detected capacity change from 0 to 164
[  387.641789][ T9298] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  387.970225][ T9302] loop3: detected capacity change from 0 to 1024
[  387.993708][ T9302] EXT4-fs: Ignoring removed orlov option
[  388.012485][ T9302] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  388.050254][ T9302] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  388.111501][ T9302] EXT4-fs error (device loop3): ext4_find_dest_de:2115: inode #12: block 7: comm syz.3.1034: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[  388.183760][    T8] usb 3-1: USB disconnect, device number 42
[  388.223090][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  388.419128][ T9307] syzkaller0: entered promiscuous mode
[  388.427878][ T9307] syzkaller0: entered allmulticast mode
[  388.435871][ T9312] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1038'.
[  388.908055][    T8] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  389.109899][    T8] usb 3-1: Using ep0 maxpacket: 16
[  389.120112][ T9322] netlink: 'syz.2.1039': attribute type 29 has an invalid length.
[  391.514776][ T5873] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  391.808025][ T5873] usb 4-1: config 0 has no interfaces?
[  391.932924][ T5873] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  391.942972][ T5873] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.953811][ T5873] usb 4-1: Product: syz
[  391.971776][ T5873] usb 4-1: Manufacturer: syz
[  391.990492][ T5873] usb 4-1: SerialNumber: syz
[  392.035895][ T5873] usb 4-1: config 0 descriptor??
[  392.482008][ T9348] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  392.505387][ T9348] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  392.533512][ T9348] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  392.547575][ T9354] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1045'.
[  392.606338][ T9348] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  392.695949][ T9351] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  392.705274][ T9351] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  392.769312][    T8] usb 3-1: unable to get BOS descriptor or descriptor too short
[  392.792490][    T8] usb 3-1: unable to read config index 0 descriptor/start: -71
[  392.848450][ T9356] loop1: detected capacity change from 0 to 1024
[  392.858705][    T8] usb 3-1: can't read configurations, error -71
[  392.898852][ T9356] EXT4-fs: Ignoring removed orlov option
[  392.989678][ T9356] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  393.020221][ T9356] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  393.139559][ T9356] EXT4-fs error (device loop1): ext4_find_dest_de:2115: inode #12: block 7: comm syz.1.1046: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[  393.282445][ T9364] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1048'.
[  393.313446][ T5790] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  393.494873][ T9366] syzkaller0: entered promiscuous mode
[  393.507619][ T9366] syzkaller0: entered allmulticast mode
[  393.780491][   T50] Bluetooth: hci0: command 0x0c1a tx timeout
[  394.576664][   T50] Bluetooth: hci1: command 0x0c1a tx timeout
[  394.577381][ T5799] Bluetooth: hci2: command 0x0c1a tx timeout
[  394.656065][ T5799] Bluetooth: hci3: command 0x0c1a tx timeout
[  396.111635][    T9] usb 4-1: USB disconnect, device number 51
[  396.187154][ T9382] loop3: detected capacity change from 0 to 164
[  396.231733][ T9382] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  396.297351][ T9382] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[  396.322625][ T9382] Symlink component flag not implemented
[  396.338551][ T9382] Symlink component flag not implemented
[  396.345173][ T9382] Symlink component flag not implemented (7)
[  396.351220][ T9382] Symlink component flag not implemented (116)
[  396.421849][ T9388] loop1: detected capacity change from 0 to 1024
[  396.429481][ T9388] EXT4-fs: Ignoring removed nobh option
[  396.441123][ T9388] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  396.452505][ T9388] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  396.473079][ T9388] EXT4-fs (loop1): corrupt root inode, run e2fsck
[  396.495639][ T9388] EXT4-fs (loop1): mount failed
[  397.214663][   T54] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  397.437782][   T54] usb 3-1: config 0 has no interfaces?
[  397.469401][   T54] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  397.486608][   T54] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.504338][   T54] usb 3-1: Product: syz
[  397.526662][   T54] usb 3-1: Manufacturer: syz
[  397.540255][   T54] usb 3-1: SerialNumber: syz
[  397.567399][   T54] usb 3-1: config 0 descriptor??
[  397.792954][ T9412] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  397.861211][ T9412] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  397.868151][ T9412] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  397.874808][ T9412] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  398.072534][ T9427] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1060'.
[  398.120874][ T9427] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  398.131316][ T9427] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  399.374971][   T50] Bluetooth: hci0: command 0x0c1a tx timeout
[  399.556200][ T9452] loop3: detected capacity change from 0 to 512
[  399.674396][ T5800] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  399.776455][ T9454] x_tables: duplicate underflow at hook 1
[  399.953118][ T5799] Bluetooth: hci2: command 0x0c1a tx timeout
[  399.959618][ T5799] Bluetooth: hci3: command 0x0c1a tx timeout
[  399.974168][   T50] Bluetooth: hci1: command 0x0c1a tx timeout
[  400.373296][    T8] usb 3-1: USB disconnect, device number 45
[  400.508405][ T9464] syzkaller0: entered promiscuous mode
[  400.514236][ T9464] syzkaller0: entered allmulticast mode
[  401.348281][   T28] audit: type=1326 audit(1753396947.444:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9481 comm="syz.3.1083" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f621198e9a9 code=0x0
[  402.792576][ T5791] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  402.814998][ T9477] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1082'.
[  403.037614][ T5791] usb 4-1: config 0 has no interfaces?
[  403.085355][ T5791] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  403.108418][ T5791] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  403.134629][ T5791] usb 4-1: Product: syz
[  403.143731][ T5791] usb 4-1: Manufacturer: syz
[  403.148406][ T5791] usb 4-1: SerialNumber: syz
[  403.169115][ T5791] usb 4-1: config 0 descriptor??
[  403.430411][ T6952] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[  403.581083][ T9506] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1085'.
[  403.635768][ T9506] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  403.651981][ T6952] usb 1-1: Using ep0 maxpacket: 8
[  403.654308][ T9506] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  403.666671][ T6952] usb 1-1: config 0 has an invalid interface number: 246 but max is 0
[  403.676312][ T6952] usb 1-1: config 0 has no interface number 0
[  403.689774][ T6952] usb 1-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3
[  403.699695][ T6952] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  403.708121][ T6952] usb 1-1: Product: syz
[  403.724630][ T6952] usb 1-1: Manufacturer: syz
[  403.736229][ T6952] usb 1-1: SerialNumber: syz
[  403.768472][ T6952] usb 1-1: config 0 descriptor??
[  403.973541][ T6952] msi2500 1-1:0.246: Registered as swradio24
[  403.998846][ T6952] msi2500 1-1:0.246: SDR API is still slightly experimental and functionality changes may follow
[  404.040546][ T9499] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  404.055110][ T9517] loop2: detected capacity change from 0 to 1024
[  404.063637][ T9499] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  404.083833][ T9517] EXT4-fs: Ignoring removed orlov option
[  404.155011][ T6952] usb 1-1: USB disconnect, device number 64
[  404.162243][ T9517] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  404.251742][ T9517] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  404.326361][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  404.398418][ T9523] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1094'.
[  404.592626][ T9525] loop2: detected capacity change from 0 to 2364
[  405.188899][ T9546] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1103'.
[  405.207278][ T9547] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  405.300125][ T9549] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1104'.
[  405.701659][    T9] usb 4-1: USB disconnect, device number 52
[  405.811064][ T9555] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1107'.
[  406.091485][ T9562] Driver unsupported XDP return value 0 on prog  (id 170) dev N/A, expect packet loss!
[  406.339880][ T9570] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1113'.
[  406.503292][ T9577] syz.0.1116[9577] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  406.503455][ T9577] syz.0.1116[9577] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  406.525028][    T9] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  406.592623][    T9] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  406.697197][ T9581] loop1: detected capacity change from 0 to 2048
[  406.784168][ T9583] fido_id[9583]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  406.798716][ T9581]  loop1: p1 < > p4
[  406.823964][ T9581] loop1: p4 size 8388608 extends beyond EOD, truncated
[  406.930029][    T9] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  406.957949][ T5800] udevd[5800]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  406.961793][ T5802] udevd[5802]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[  407.103677][    T9] usb 4-1: device descriptor read/64, error -71
[  407.119241][ T9589] loop1: detected capacity change from 0 to 2048
[  407.204135][ T9589] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  407.402712][ T9593] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  407.438191][ T9593] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 660 with error 28
[  407.465272][ T9593] EXT4-fs (loop1): This should not happen!! Data will be lost
[  407.465272][ T9593] 
[  407.475761][ T9593] EXT4-fs (loop1): Total free blocks count 0
[  407.481945][ T9593] EXT4-fs (loop1): Free/Dirty block details
[  407.489117][ T9593] EXT4-fs (loop1): free_blocks=2415919104
[  407.504119][ T9593] EXT4-fs (loop1): dirty_blocks=672
[  407.504287][    T9] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  407.509364][ T9593] EXT4-fs (loop1): Block reservation details
[  407.509379][ T9593] EXT4-fs (loop1): i_reserved_data_blocks=42
[  407.840772][    T9] usb 4-1: device descriptor read/64, error -71
[  407.972990][    T9] usb usb4-port1: attempt power cycle
[  408.079584][   T42] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  408.457435][    T9] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  408.482697][    T8] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[  408.534150][    T9] usb 4-1: device descriptor read/8, error -71
[  408.764230][    T8] usb 1-1: config 0 has no interfaces?
[  408.776929][    T8] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  408.798249][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.818299][    T8] usb 1-1: Product: syz
[  408.822541][    T8] usb 1-1: Manufacturer: syz
[  408.827848][    T9] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  408.843763][    T8] usb 1-1: SerialNumber: syz
[  408.881222][    T9] usb 4-1: device descriptor read/8, error -71
[  408.891717][    T8] usb 1-1: config 0 descriptor??
[  408.954230][ T9622] netlink: 3 bytes leftover after parsing attributes in process `syz.2.1132'.
[  408.964390][ T9622] 0ªX¹¦À: renamed from caif0
[  409.017724][ T9622] 0ªX¹¦À: entered allmulticast mode
[  409.023152][ T9622] A link change request failed with some changes committed already. Interface 
60ªX¹¦À may have been left with an inconsistent configuration, please check.
[  409.042980][    T9] usb usb4-port1: unable to enumerate USB device
[  409.259443][ T2191] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  409.499319][ T2191] usb 2-1: Using ep0 maxpacket: 16
[  409.866959][ T2191] usb 2-1: unable to get BOS descriptor or descriptor too short
[  409.886710][ T2191] usb 2-1: unable to read config index 0 descriptor/start: -71
[  409.908192][ T2191] usb 2-1: can't read configurations, error -71
[  409.917256][ T9575] delete_channel: no stack
[  410.030354][ T9648] loop3: detected capacity change from 0 to 512
[  410.049686][ T9648] EXT4-fs: Ignoring removed mblk_io_submit option
[  410.063823][ T9648] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  410.077654][ T9648] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  410.101480][ T9648] EXT4-fs (loop3): 1 truncate cleaned up
[  410.110809][ T9648] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  410.170281][ T9648] netlink: 830 bytes leftover after parsing attributes in process `syz.3.1138'.
[  410.186490][   T28] audit: type=1326 audit(1753396955.603:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f621198e9a9 code=0x7ffc0000
[  410.230357][ T9648] 9pnet_fd: Insufficient options for proto=fd
[  410.233321][   T28] audit: type=1326 audit(1753396955.631:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f621198e9a9 code=0x7ffc0000
[  410.284651][   T28] audit: type=1326 audit(1753396955.631:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f621198e9a9 code=0x7ffc0000
[  410.309824][   T28] audit: type=1326 audit(1753396955.631:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f621198e9a9 code=0x7ffc0000
[  410.313509][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.333818][   T28] audit: type=1326 audit(1753396955.640:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f621198e9a9 code=0x7ffc0000
[  410.364873][    C0] vkms_vblank_simulate: vblank timer overrun
[  410.374054][   T28] audit: type=1326 audit(1753396955.640:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f621198e9a9 code=0x7ffc0000
[  410.415627][   T28] audit: type=1326 audit(1753396955.640:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f621198e9a9 code=0x7ffc0000
[  410.438119][    C0] vkms_vblank_simulate: vblank timer overrun
[  410.477759][   T28] audit: type=1326 audit(1753396955.640:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f621198e9a9 code=0x7ffc0000
[  410.566617][   T28] audit: type=1326 audit(1753396955.640:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f621198e9a9 code=0x7ffc0000
[  410.624859][   T28] audit: type=1326 audit(1753396955.640:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9647 comm="syz.3.1138" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f621198e9a9 code=0x7ffc0000
[  411.020940][ T9660] loop1: detected capacity change from 0 to 2364
[  411.254684][ T6952] usb 1-1: USB disconnect, device number 65
[  411.517738][ T9672] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1146'.
[  411.552262][ T9672] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1146'.
[  412.133916][ T9683] serio: Serial port ptm0
[  412.338119][ T9668] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  412.344466][ T9668] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  412.350904][ T9668] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  412.357308][ T9668] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  412.672210][ T6952] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  412.822400][ T9693] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  412.853499][ T9692] tipc: Disabling bearer <eth:syzkaller0>
[  412.888727][ T6952] usb 2-1: Using ep0 maxpacket: 16
[  412.906176][ T6952] usb 2-1: unable to get BOS descriptor or descriptor too short
[  412.924625][ T6952] usb 2-1: unable to read config index 0 descriptor/start: -71
[  412.942625][ T6952] usb 2-1: can't read configurations, error -71
[  413.113948][ T9700] loop3: detected capacity change from 0 to 1024
[  413.128745][ T9700] EXT4-fs: Ignoring removed orlov option
[  413.185367][ T9700] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  413.223945][ T9700] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  413.267844][ T5873] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[  413.322724][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.428906][ T9705] netlink: 16178 bytes leftover after parsing attributes in process `syz.3.1158'.
[  413.477132][ T5873] usb 1-1: config 0 has no interfaces?
[  413.505382][ T5873] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  413.524955][ T9705] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1158'.
[  413.534653][ T9705] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1158'.
[  413.558198][ T5873] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  413.591064][ T5873] usb 1-1: Product: syz
[  413.603359][ T5873] usb 1-1: Manufacturer: syz
[  413.615239][ T5873] usb 1-1: SerialNumber: syz
[  413.640702][ T5873] usb 1-1: config 0 descriptor??
[  413.867084][   T54] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  413.980050][ T9715] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1162'.
[  414.071730][   T54] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  414.085070][   T54] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  414.112221][   T54] usb 4-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  414.122770][   T54] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  414.142408][   T54] usb 4-1: Product: syz
[  414.156568][   T54] usb 4-1: Manufacturer: syz
[  414.172753][   T54] usb 4-1: SerialNumber: syz
[  414.188076][   T54] usb 4-1: config 0 descriptor??
[  414.197806][   T54] redrat3 4-1:0.0: Couldn't find all endpoints
[  414.418614][   T54] usb 4-1: USB disconnect, device number 57
[  414.427106][   T50] Bluetooth: hci0: command 0x0c1a tx timeout
[  414.514076][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  414.600554][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[  414.601682][ T9456] Bluetooth: hci1: command 0x0c1a tx timeout
[  415.196556][ T5873] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  415.289815][ T9748] batadv_slave_0: entered promiscuous mode
[  415.413282][ T5873] usb 2-1: Using ep0 maxpacket: 16
[  415.436062][ T5873] usb 2-1: unable to get BOS descriptor or descriptor too short
[  415.464623][ T5873] usb 2-1: unable to read config index 0 descriptor/start: -71
[  415.476970][ T5873] usb 2-1: can't read configurations, error -71
[  416.172003][   T54] usb 1-1: USB disconnect, device number 66
[  416.570166][ T9765] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.1179'.
[  416.640020][ T9768] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1179'.
[  417.720724][ T9751] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  417.720749][ T9456] Bluetooth: hci0: command 0x0c1a tx timeout
[  418.450574][ T9751] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  418.458575][ T9751] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  418.464939][ T9751] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  418.667063][   T28] kauditd_printk_skb: 34 callbacks suppressed
[  418.667080][   T28] audit: type=1326 audit(1753396963.439:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  418.698807][   T28] audit: type=1326 audit(1753396963.439:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  418.771977][ T5873] usb 1-1: new high-speed USB device number 67 using dummy_hcd
[  418.780614][   T28] audit: type=1326 audit(1753396963.439:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  418.803291][ T2191] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  418.825031][   T28] audit: type=1326 audit(1753396963.439:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  418.857667][   T28] audit: type=1326 audit(1753396963.439:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  418.882365][   T28] audit: type=1326 audit(1753396963.439:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  418.907985][   T28] audit: type=1326 audit(1753396963.467:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  418.955346][   T28] audit: type=1326 audit(1753396963.467:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  418.979424][   T28] audit: type=1326 audit(1753396963.476:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=13 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  419.004517][   T28] audit: type=1326 audit(1753396963.476:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9772 comm="syz.2.1182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  419.029120][ T5873] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  419.039117][ T5873] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  419.061769][ T5873] usb 1-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  419.071733][ T5873] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.085498][ T5873] usb 1-1: Product: syz
[  419.091028][ T5873] usb 1-1: Manufacturer: syz
[  419.097460][ T5873] usb 1-1: SerialNumber: syz
[  419.108828][ T5873] usb 1-1: config 0 descriptor??
[  419.128011][ T5873] redrat3 1-1:0.0: Couldn't find all endpoints
[  419.237886][    T8] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  419.263167][ T9785] loop3: detected capacity change from 0 to 2048
[  419.299753][ T9787] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1187'.
[  419.325112][ T9785]  loop3: p1 < > p4
[  419.331844][ T9785] loop3: p4 size 8388608 extends beyond EOD, truncated
[  419.351386][ T5791] usb 1-1: USB disconnect, device number 67
[  419.469788][    T8] usb 3-1: config 0 has no interfaces?
[  419.488377][    T8] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  419.498665][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.506999][    T8] usb 3-1: Product: syz
[  419.512030][    T8] usb 3-1: Manufacturer: syz
[  419.516674][    T8] usb 3-1: SerialNumber: syz
[  419.563766][    T8] usb 3-1: config 0 descriptor??
[  419.750536][ T5802] udevd[5802]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  419.763402][ T5801] udevd[5801]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  419.786786][ T9791] loop3: detected capacity change from 0 to 2048
[  419.795533][ T9791] EXT4-fs: Ignoring removed nobh option
[  419.880034][ T9795] lo speed is unknown, defaulting to 1000
[  420.111233][ T9456] Bluetooth: hci2: command 0x0c1a tx timeout
[  420.722035][ T9456] Bluetooth: hci3: command 0x0c1a tx timeout
[  420.728229][ T9456] Bluetooth: hci1: command 0x0c1a tx timeout
[  420.911754][ T9791] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  421.090858][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  421.528041][ T9819] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1196'.
[  421.710175][ T9807] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  421.829264][ T9807] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  421.836704][ T9807] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  421.844843][ T9807] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  421.920926][ T9825] netlink: 16178 bytes leftover after parsing attributes in process `syz.0.1199'.
[  421.970990][ T9825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1199'.
[  421.991347][ T9825] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1199'.
[  422.141692][    T8] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  422.185969][ T6952] usb 3-1: USB disconnect, device number 46
[  422.303591][ T2191] usb 1-1: new high-speed USB device number 68 using dummy_hcd
[  422.371364][    T8] usb 4-1: Using ep0 maxpacket: 32
[  422.385522][    T8] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  422.400588][    T8] usb 4-1: config 0 has no interface number 0
[  422.413917][    T8] usb 4-1: config 0 interface 184 has no altsetting 0
[  422.426541][    T8] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  422.436520][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  422.466529][    T8] usb 4-1: Product: syz
[  422.481278][    T8] usb 4-1: Manufacturer: syz
[  422.485956][    T8] usb 4-1: SerialNumber: syz
[  422.493927][    T8] usb 4-1: config 0 descriptor??
[  422.501992][    T8] smsc75xx v1.0.0
[  422.512259][    T8] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  422.523057][    T8] smsc75xx: probe of 4-1:0.184 failed with error -22
[  422.535661][ T2191] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  422.558850][ T2191] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  422.575545][ T2191] usb 1-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  422.587917][ T2191] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  422.611083][ T2191] usb 1-1: Product: syz
[  422.621064][ T2191] usb 1-1: Manufacturer: syz
[  422.628962][ T2191] usb 1-1: SerialNumber: syz
[  422.636719][ T2191] usb 1-1: config 0 descriptor??
[  422.648222][ T9832] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1202'.
[  422.657984][ T2191] redrat3 1-1:0.0: Couldn't find all endpoints
[  422.678415][ T9832] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1202'.
[  422.880117][   T54] usb 1-1: USB disconnect, device number 68
[  423.527914][   T50] Bluetooth: hci0: command 0x0c1a tx timeout
[  423.584580][ T9842] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1205'.
[  424.048051][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[  424.048218][ T5101] Bluetooth: hci2: command 0x0c1a tx timeout
[  424.061913][ T9456] Bluetooth: hci1: command 0x0c1a tx timeout
[  424.158635][ T9855] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1211'.
[  424.250705][   T28] kauditd_printk_skb: 8 callbacks suppressed
[  424.250723][   T28] audit: type=1326 audit(1753396968.590:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9857 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  424.341021][   T28] audit: type=1326 audit(1753396968.590:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9857 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  424.378174][   T28] audit: type=1326 audit(1753396968.599:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9857 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  424.431979][   T28] audit: type=1326 audit(1753396968.599:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9857 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  424.474763][ T9866] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1215'.
[  424.499384][    T8] usb 4-1: USB disconnect, device number 59
[  424.516166][   T28] audit: type=1326 audit(1753396968.599:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9857 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  424.559636][   T28] audit: type=1326 audit(1753396968.599:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9857 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  424.605460][   T28] audit: type=1326 audit(1753396968.599:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9857 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  424.683507][   T28] audit: type=1326 audit(1753396968.599:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9857 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  424.732581][   T28] audit: type=1326 audit(1753396968.599:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9857 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  424.759658][   T28] audit: type=1326 audit(1753396968.599:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9857 comm="syz.2.1212" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8faad8e9a9 code=0x7ffc0000
[  424.970221][ T9880] netlink: 128 bytes leftover after parsing attributes in process `syz.3.1223'.
[  425.004875][ T9882] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1221'.
[  425.526479][ T9891] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  425.535398][ T9891] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  425.542476][ T9891] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  425.551203][ T9891] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  425.874755][ T2191] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  426.111913][ T9911] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1233'.
[  426.191224][ T2191] usb 3-1: no configurations
[  426.243593][ T2191] usb 3-1: can't read configurations, error -22
[  426.509444][ T2191] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  426.548378][ T9917] syzkaller0: entered promiscuous mode
[  426.561543][ T9917] syzkaller0: entered allmulticast mode
[  426.583111][    T8] usb 1-1: new high-speed USB device number 69 using dummy_hcd
[  426.774511][ T2191] usb 3-1: no configurations
[  426.803645][    T8] usb 1-1: Using ep0 maxpacket: 16
[  426.827094][ T2191] usb 3-1: can't read configurations, error -22
[  426.915893][ T2191] usb usb3-port1: attempt power cycle
[  427.504014][ T2191] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  427.514857][ T9456] Bluetooth: hci0: command 0x0c1a tx timeout
[  427.559308][ T2191] usb 3-1: no configurations
[  427.587389][ T2191] usb 3-1: can't read configurations, error -22
[  427.764312][ T2191] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  427.780866][ T9456] Bluetooth: hci3: command 0x0c1a tx timeout
[  427.787140][ T9456] Bluetooth: hci1: command 0x0c1a tx timeout
[  427.793645][ T5101] Bluetooth: hci2: command 0x0c1a tx timeout
[  427.905047][ T2191] usb 3-1: no configurations
[  427.909719][ T2191] usb 3-1: can't read configurations, error -22
[  427.942021][ T2191] usb usb3-port1: unable to enumerate USB device
[  428.983495][ T9889] delete_channel: no stack
[  430.408271][    T8] usb 1-1: unable to get BOS descriptor or descriptor too short
[  430.431388][    T8] usb 1-1: unable to read config index 0 descriptor/start: -71
[  430.463322][    T8] usb 1-1: can't read configurations, error -71
[  430.617116][ T9933] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1239'.
[  430.638767][ T9937] loop3: detected capacity change from 0 to 1024
[  430.655629][ T9937] EXT4-fs: Ignoring removed orlov option
[  430.663303][ T9937] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  430.677675][ T9939] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1242'.
[  430.747464][ T9937] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  430.822296][ T9937] EXT4-fs error (device loop3): ext4_find_dest_de:2115: inode #12: block 7: comm syz.3.1241: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[  431.051785][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  433.582047][   T50] Bluetooth: hci0: command 0x0c1a tx timeout
[  433.589137][ T9953] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  434.090101][ T9953] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  434.096364][ T9953] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  434.102616][ T9953] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  434.346706][ T9980] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1252'.
[  434.427115][    T8] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  434.622102][   T54] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  434.643827][    T8] usb 2-1: Using ep0 maxpacket: 16
[  434.850637][   T54] usb 4-1: Using ep0 maxpacket: 8
[  434.859775][   T54] usb 4-1: config 0 has an invalid interface number: 246 but max is 0
[  434.875330][   T54] usb 4-1: config 0 has no interface number 0
[  434.888554][   T54] usb 4-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=16.b3
[  434.903954][   T54] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  434.919108][   T54] usb 4-1: Product: syz
[  434.926366][   T54] usb 4-1: Manufacturer: syz
[  434.934325][   T54] usb 4-1: SerialNumber: syz
[  434.947693][   T54] usb 4-1: config 0 descriptor??
[  435.096162][   T54] msi2500 4-1:0.246: Registered as swradio24
[  435.107483][   T54] msi2500 4-1:0.246: SDR API is still slightly experimental and functionality changes may follow
[  435.197680][ T9979] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  435.213411][ T9979] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  435.245817][ T2191] usb 4-1: USB disconnect, device number 60
[  435.738825][ T9998] syzkaller0: entered promiscuous mode
[  435.744387][ T9998] syzkaller0: entered allmulticast mode
[  435.835891][   T50] Bluetooth: hci2: command 0x0c1a tx timeout
[  436.016807][    T8] usb 2-1: unable to get BOS descriptor or descriptor too short
[  436.038264][    T8] usb 2-1: unable to read config index 0 descriptor/start: -71
[  436.070943][    T8] usb 2-1: can't read configurations, error -71
[  436.141051][ T2191] kernel write not supported for file /942/attr/exec (pid: 2191 comm: kworker/0:3)
[  436.269731][   T50] Bluetooth: hci1: command 0x0c1a tx timeout
[  436.361432][   T50] Bluetooth: hci3: command 0x0c1a tx timeout
[  438.227627][T10018] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1264'.
[  438.251629][T10013] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1261'.
[  438.901870][   T54] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[  439.595060][T10040] syzkaller0: entered promiscuous mode
[  439.600701][T10040] syzkaller0: entered allmulticast mode
[  439.606376][   T54] usb 4-1: Using ep0 maxpacket: 16
[  442.352630][T10055] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1275'.
[  442.353350][   T54] usb 4-1: unable to get BOS descriptor or descriptor too short
[  442.382716][   T54] usb 4-1: unable to read config index 0 descriptor/start: -71
[  442.401807][   T54] usb 4-1: can't read configurations, error -71
[  442.506420][T10064] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1277'.
[  442.863618][T10079] syzkaller0: entered promiscuous mode
[  442.869270][T10079] syzkaller0: entered allmulticast mode
[  442.877824][T10083] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1286'.
[  443.187469][ T6952] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  443.400719][ T6952] usb 3-1: Using ep0 maxpacket: 16
[  443.734825][ T1286] ieee802154 phy0 wpan0: encryption failed: -22
[  443.741234][ T1286] ieee802154 phy1 wpan1: encryption failed: -22
[  446.118524][ T5791] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  446.408480][ T6952] usb 3-1: unable to get BOS descriptor or descriptor too short
[  446.418043][ T5791] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  446.431083][ T6952] usb 3-1: unable to read config index 0 descriptor/start: -71
[  446.438801][ T5791] usb 2-1: config 0 has no interfaces?
[  446.444450][ T6952] usb 3-1: can't read configurations, error -71
[  446.451369][ T5791] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  446.472095][ T5791] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  446.500739][ T5791] usb 2-1: config 0 descriptor??
[  447.166162][T10136] team0 (unregistering): Port device team_slave_0 removed
[  447.197686][T10136] team0 (unregistering): Port device team_slave_1 removed
[  447.568479][T10152] syz.0.1311[10152] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  447.568585][T10152] syz.0.1311[10152] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  447.585505][T10152] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1311'.
[  448.951375][ T6952] usb 2-1: USB disconnect, device number 66
[  448.964072][T10115] delete_channel: no stack
[  449.265149][T10177] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1319'.
[  449.465828][T10184] syz.0.1322[10184] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  449.465991][T10184] syz.0.1322[10184] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  449.509307][T10184] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1322'.
[  450.082514][ T5791] usb 4-1: new high-speed USB device number 63 using dummy_hcd
[  450.299548][ T5873] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  450.309410][ T5791] usb 4-1: unable to read config index 0 descriptor/start: -61
[  450.341071][ T5791] usb 4-1: can't read configurations, error -61
[  450.520498][ T5791] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[  450.520608][ T5873] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  450.570469][ T5873] usb 3-1: config 0 has no interfaces?
[  450.577321][ T5873] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  450.591229][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  450.606235][ T5873] usb 3-1: config 0 descriptor??
[  450.767248][ T5791] usb 4-1: unable to read config index 0 descriptor/start: -61
[  450.829741][ T5791] usb 4-1: can't read configurations, error -61
[  450.847477][ T5791] usb usb4-port1: attempt power cycle
[  451.039537][T10216] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1335'.
[  451.114192][T10220] syz.0.1337[10220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  451.114335][T10220] syz.0.1337[10220] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  451.136728][T10220] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1337'.
[  451.307211][ T5791] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[  451.366861][ T5791] usb 4-1: unable to read config index 0 descriptor/start: -61
[  451.387740][ T5791] usb 4-1: can't read configurations, error -61
[  451.494413][T10229] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1341'.
[  451.588470][ T5791] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[  451.636114][ T5791] usb 4-1: unable to read config index 0 descriptor/start: -61
[  451.648808][ T5791] usb 4-1: can't read configurations, error -61
[  451.656756][ T5791] usb usb4-port1: unable to enumerate USB device
[  451.716479][T10233] 9pnet_fd: Insufficient options for proto=fd
[  452.163084][T10250] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1350'.
[  452.292312][T10254] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1352'.
[  452.308755][T10254] macvtap5: entered promiscuous mode
[  452.314205][T10254] bridge0: entered promiscuous mode
[  452.319671][T10254] macvtap5: entered allmulticast mode
[  452.325214][T10254] bridge0: entered allmulticast mode
[  452.887070][ T5791] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  452.894719][ T5791] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  452.902966][ T5791] hid-generic 0000:0004:0000.0003: unknown main item tag 0x0
[  452.915126][ T5791] hid-generic 0000:0004:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  453.069000][ T5873] usb 3-1: USB disconnect, device number 53
[  453.075729][T10191] delete_channel: no stack
[  453.150542][T10263] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1356'.
[  453.182562][T10268] syz.3.1357[10268] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  453.182889][T10268] syz.3.1357[10268] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  453.227704][T10270] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1359'.
[  453.341370][T10274] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1361'.
[  453.388739][T10274] bridge0: entered promiscuous mode
[  453.398258][T10274] macvtap4: entered promiscuous mode
[  453.403880][T10274] macvtap4: entered allmulticast mode
[  453.441316][T10274] bridge0: entered allmulticast mode
[  453.497564][T10278] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  453.532421][T10277] tipc: Disabling bearer <eth:syzkaller0>
[  453.709857][T10293] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1370'.
[  453.809760][ T5791] usb 1-1: new high-speed USB device number 71 using dummy_hcd
[  453.824735][T10299] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1373'.
[  453.960400][T10307] netlink: 16178 bytes leftover after parsing attributes in process `syz.2.1376'.
[  454.011536][T10307] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1376'.
[  454.019519][ T5791] usb 1-1: unable to read config index 0 descriptor/start: -61
[  454.021328][T10307] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1376'.
[  454.040105][T10306] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  454.046939][ T5791] usb 1-1: can't read configurations, error -61
[  454.072197][T10304] tipc: Disabling bearer <eth:syzkaller0>
[  454.199694][ T5791] usb 1-1: new high-speed USB device number 72 using dummy_hcd
[  454.262796][T10318] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1382'.
[  454.322498][T10322] loop3: detected capacity change from 0 to 1024
[  454.330241][T10322] EXT4-fs: Ignoring removed orlov option
[  454.337102][T10322] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  454.340736][    T8] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  454.369607][T10322] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  454.404556][T10322] EXT4-fs error (device loop3): ext4_find_dest_de:2115: inode #12: block 7: comm syz.3.1384: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[  454.431927][ T5791] usb 1-1: unable to read config index 0 descriptor/start: -61
[  454.439583][ T5791] usb 1-1: can't read configurations, error -61
[  454.446514][ T5791] usb usb1-port1: attempt power cycle
[  454.477664][ T5788] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  454.566515][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  454.588232][    T8] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  454.623191][    T8] usb 3-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  454.633306][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.643542][    T8] usb 3-1: Product: syz
[  454.647988][    T8] usb 3-1: Manufacturer: syz
[  454.659925][    T8] usb 3-1: SerialNumber: syz
[  454.676229][ T5873] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  454.692818][    T8] usb 3-1: config 0 descriptor??
[  454.701304][    T8] redrat3 3-1:0.0: Couldn't find all endpoints
[  454.891699][ T5873] usb 2-1: config 0 has no interfaces?
[  454.903851][ T5791] usb 1-1: new high-speed USB device number 73 using dummy_hcd
[  454.916278][ T5873] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  454.941016][ T5873] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.949769][    T8] usb 3-1: USB disconnect, device number 54
[  454.960798][ T5791] usb 1-1: unable to read config index 0 descriptor/start: -61
[  454.969163][ T5791] usb 1-1: can't read configurations, error -61
[  454.972123][ T5873] usb 2-1: Product: syz
[  454.979720][ T5873] usb 2-1: Manufacturer: syz
[  454.990059][ T5873] usb 2-1: SerialNumber: syz
[  455.053359][ T5873] usb 2-1: config 0 descriptor??
[  455.118757][T10339] syzkaller0: entered promiscuous mode
[  455.127248][T10339] syzkaller0: entered allmulticast mode
[  455.152961][ T5791] usb 1-1: new high-speed USB device number 74 using dummy_hcd
[  455.194831][ T5791] usb 1-1: unable to read config index 0 descriptor/start: -61
[  455.202819][ T5791] usb 1-1: can't read configurations, error -61
[  455.213202][ T5791] usb usb1-port1: unable to enumerate USB device
[  455.568640][T10327] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  455.578610][T10327] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  455.801253][T10345] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1391'.
[  457.553737][T10356] process 'syz.0.1394' launched '/dev/fd/3' with NULL argv: empty string added
[  457.827095][T10370] BUG: assuming non migratable context at include/linux/filter.h:599
[  457.836012][T10370] in_atomic(): 0, irqs_disabled(): 0, migration_disabled() 0 pid: 10370, name: syz.3.1400
[  457.846404][T10370] 3 locks held by syz.3.1400/10370:
[  457.852028][T10370]  #0: ffff88801ab76d30 (sk_lock-AF_INET6){+.+.}-{0:0}, at: sctp_sendmsg+0xb92/0x27e0
[  457.862035][T10370]  #1: ffffffff8cd2fba0 (rcu_read_lock){....}-{1:2}, at: sctp_v6_xmit+0x65d/0x1230
[  457.871461][T10370]  #2: ffffffff8cd2fba0 (rcu_read_lock){....}-{1:2}, at: nf_hook+0x9e/0x370
[  457.881748][T10370] CPU: 0 PID: 10370 Comm: syz.3.1400 Not tainted 6.6.100-syzkaller #0
[  457.889947][T10370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  457.894015][ T5845] usb 3-1: new high-speed USB device number 55 using dummy_hcd
[  457.900033][T10370] Call Trace:
[  457.910964][T10370]  <TASK>
[  457.913923][T10370]  dump_stack_lvl+0x16c/0x230
[  457.918658][T10370]  ? show_regs_print_info+0x20/0x20
[  457.923894][T10370]  ? nf_nat_inet_fn+0x93e/0xbc0
[  457.928775][T10370]  __cant_migrate+0x234/0x2e0
[  457.933474][T10370]  ? __cant_sleep+0x210/0x210
[  457.938171][T10370]  ? nf_nat_ipv6_fn+0x21b/0x2d0
[  457.943047][T10370]  nf_hook_run_bpf+0x90/0x1e0
[  457.947738][T10370]  ? ip6table_filter_table_init+0x70/0xb0
[  457.953499][T10370]  ? bpf_nf_link_attach+0x810/0x810
[  457.958709][T10370]  ? nf_nat_ipv6_out+0x2f3/0x380
[  457.963662][T10370]  ? bpf_nf_link_attach+0x810/0x810
[  457.968865][T10370]  nf_hook_slow+0xbd/0x200
[  457.973293][T10370]  nf_hook+0x215/0x370
[  457.977371][T10370]  ? nf_hook_slow+0x1b4/0x200
[  457.982063][T10370]  ? nf_hook+0x9e/0x370
[  457.986233][T10370]  ? ip6_make_skb+0x4c0/0x4c0
[  457.990924][T10370]  ? nf_hook+0x2f0/0x370
[  457.995221][T10370]  ? ip6_output+0x3b0/0x3b0
[  457.999750][T10370]  ? nf_hook+0x9e/0x370
[  458.003916][T10370]  ? ip6_make_skb+0x4c0/0x4c0
[  458.008620][T10370]  ip6_output+0x272/0x3b0
[  458.012985][T10370]  ? ip6_output+0x3b0/0x3b0
[  458.017584][T10370]  ip6_xmit+0x10a7/0x1830
[  458.021971][T10370]  ? kasan_set_track+0x5f/0x70
[  458.026754][T10370]  ? ip6_autoflowlabel+0xe0/0xe0
[  458.031720][T10370]  ? read_lock_is_recursive+0x20/0x20
[  458.037220][T10370]  ? sctp_v6_xmit+0x65d/0x1230
[  458.042222][T10370]  sctp_v6_xmit+0x9e3/0x1230
[  458.046836][T10370]  ? __sctp_v6_cmp_addr+0x510/0x510
[  458.052078][T10370]  ? slab_free_freelist_hook+0x130/0x1b0
[  458.057754][T10370]  ? sctp_packet_transmit+0x14ab/0x2a30
[  458.063326][T10370]  ? kmem_cache_free+0xf8/0x280
[  458.068202][T10370]  sctp_packet_transmit+0x2488/0x2a30
[  458.073616][T10370]  sctp_packet_singleton+0x234/0x330
[  458.078917][T10370]  ? sctp_outq_select_transport+0x570/0x570
[  458.084838][T10370]  ? sctp_outq_select_transport+0x45d/0x570
[  458.090743][T10370]  ? sctp_transport_burst_limited+0x197/0x280
[  458.096834][T10370]  sctp_outq_flush+0x4f1/0x3100
[  458.101705][T10370]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  458.107622][T10370]  ? _raw_spin_unlock+0x40/0x40
[  458.112493][T10370]  ? rcu_is_watching+0x15/0xb0
[  458.117278][T10370]  ? enqueue_timer+0x225/0x530
[  458.122094][T10370]  ? sctp_outq_tail+0x8b0/0x8b0
[  458.126958][T10370]  ? sctp_outq_tail+0x604/0x8b0
[  458.131831][T10370]  ? sctp_outq_uncork+0x4d/0xa0
[  458.136707][T10370]  sctp_do_sm+0x52d6/0x59a0
[  458.141242][T10370]  ? sctp_generate_t3_rtx_event+0x340/0x340
[  458.147162][T10370]  ? __se_sys_sendmsg+0x1a5/0x270
[  458.152257][T10370]  ? __sk_mem_raise_allocated+0xaa9/0x1370
[  458.158090][T10370]  sctp_primitive_ASSOCIATE+0x95/0xc0
[  458.163479][T10370]  sctp_sendmsg_to_asoc+0x101c/0x17f0
[  458.168866][T10370]  ? __asan_memcpy+0x40/0x70
[  458.173476][T10370]  ? sctp_assoc_add_peer+0xcf3/0x13a0
[  458.179004][T10370]  ? sctp_sendmsg_check_sflags+0x2e0/0x2e0
[  458.184842][T10370]  ? __sctp_connect+0xd20/0xd20
[  458.189709][T10370]  ? __local_bh_enable_ip+0x12e/0x1c0
[  458.195097][T10370]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  458.200658][T10370]  ? security_sctp_bind_connect+0x89/0xb0
[  458.206389][T10370]  sctp_sendmsg+0x1941/0x27e0
[  458.211092][T10370]  ? sctp_getsockopt+0xb60/0xb60
[  458.216072][T10370]  ? aa_sk_perm+0x7fc/0x930
[  458.220594][T10370]  ? aa_af_perm+0x2b0/0x2b0
[  458.225115][T10370]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  458.231550][T10370]  ? sock_rps_record_flow+0x19/0x400
[  458.236844][T10370]  ? inet_send_prepare+0x260/0x260
[  458.241987][T10370]  ? inet_sendmsg+0xe9/0x2f0
[  458.246606][T10370]  ? inet_send_prepare+0x260/0x260
[  458.251912][T10370]  ____sys_sendmsg+0x5bf/0x950
[  458.256698][T10370]  ? __asan_memset+0x22/0x40
[  458.261598][T10370]  ? __sys_sendmsg_sock+0x30/0x30
[  458.266662][T10370]  ? __import_iovec+0x5f2/0x860
[  458.271544][T10370]  ? import_iovec+0x73/0xa0
[  458.276164][T10370]  ___sys_sendmsg+0x220/0x290
[  458.280856][T10370]  ? __sys_sendmsg+0x270/0x270
[  458.285674][T10370]  __se_sys_sendmsg+0x1a5/0x270
[  458.290542][T10370]  ? __x64_sys_sendmsg+0x80/0x80
[  458.295510][T10370]  ? lockdep_hardirqs_on+0x98/0x150
[  458.300730][T10370]  do_syscall_64+0x55/0xb0
[  458.305157][T10370]  ? clear_bhb_loop+0x40/0x90
[  458.309841][T10370]  ? clear_bhb_loop+0x40/0x90
[  458.314525][T10370]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  458.320448][T10370] RIP: 0033:0x7f621198e9a9
[  458.324880][T10370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  458.344541][T10370] RSP: 002b:00007f6212811038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  458.353053][T10370] RAX: ffffffffffffffda RBX: 00007f6211bb5fa0 RCX: 00007f621198e9a9
[  458.361040][T10370] RDX: 0000000004048043 RSI: 0000200000000800 RDI: 0000000000000004
[  458.369206][T10370] RBP: 00007f6211a10d69 R08: 0000000000000000 R09: 0000000000000000
[  458.377252][T10370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  458.385241][T10370] R13: 0000000000000000 R14: 00007f6211bb5fa0 R15: 00007fff949a3c48
[  458.393251][T10370]  </TASK>
[  458.402255][T10370] check_preemption_disabled: 60 callbacks suppressed
[  458.402273][T10370] BUG: using smp_processor_id() in preemptible [00000000] code: syz.3.1400/10370
[  458.418369][T10370] caller is nf_hook_run_bpf+0x157/0x1e0
[  458.423959][T10370] CPU: 0 PID: 10370 Comm: syz.3.1400 Tainted: G        W          6.6.100-syzkaller #0
[  458.433630][T10370] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  458.443700][T10370] Call Trace:
[  458.446992][T10370]  <TASK>
[  458.449947][T10370]  dump_stack_lvl+0x16c/0x230
[  458.454733][T10370]  ? show_regs_print_info+0x20/0x20
[  458.459965][T10370]  ? load_image+0x3b0/0x3b0
[  458.464512][T10370]  ? __cant_migrate+0x240/0x2e0
[  458.469399][T10370]  ? __cant_sleep+0x210/0x210
[  458.474098][T10370]  check_preemption_disabled+0x104/0x110
[  458.479765][T10370]  nf_hook_run_bpf+0x157/0x1e0
[  458.484563][T10370]  ? ip6table_filter_table_init+0x70/0xb0
[  458.490396][T10370]  ? bpf_nf_link_attach+0x810/0x810
[  458.495614][T10370]  ? nf_nat_ipv6_out+0x2f3/0x380
[  458.500588][T10370]  ? bpf_nf_link_attach+0x810/0x810
[  458.500748][ T5845] usb 3-1: Using ep0 maxpacket: 16
[  458.505808][T10370]  nf_hook_slow+0xbd/0x200
[  458.505842][T10370]  nf_hook+0x215/0x370
[  458.505864][T10370]  ? nf_hook_slow+0x1b4/0x200
[  458.505887][T10370]  ? nf_hook+0x9e/0x370
[  458.528386][T10370]  ? ip6_make_skb+0x4c0/0x4c0
[  458.533089][T10370]  ? nf_hook+0x2f0/0x370
[  458.537360][T10370]  ? ip6_output+0x3b0/0x3b0
[  458.541886][T10370]  ? nf_hook+0x9e/0x370
[  458.546056][T10370]  ? ip6_make_skb+0x4c0/0x4c0
[  458.550764][T10370]  ip6_output+0x272/0x3b0
[  458.555121][T10370]  ? ip6_output+0x3b0/0x3b0
[  458.559682][T10370]  ip6_xmit+0x10a7/0x1830
[  458.564038][T10370]  ? kasan_set_track+0x5f/0x70
[  458.568835][T10370]  ? ip6_autoflowlabel+0xe0/0xe0
[  458.573817][T10370]  ? read_lock_is_recursive+0x20/0x20
[  458.579216][T10370]  ? sctp_v6_xmit+0x65d/0x1230
[  458.584010][T10370]  sctp_v6_xmit+0x9e3/0x1230
[  458.588635][T10370]  ? __sctp_v6_cmp_addr+0x510/0x510
[  458.593944][T10370]  ? slab_free_freelist_hook+0x130/0x1b0
[  458.599598][T10370]  ? sctp_packet_transmit+0x14ab/0x2a30
[  458.605264][T10370]  ? kmem_cache_free+0xf8/0x280
[  458.610141][T10370]  sctp_packet_transmit+0x2488/0x2a30
[  458.615642][T10370]  sctp_packet_singleton+0x234/0x330
[  458.620956][T10370]  ? sctp_outq_select_transport+0x570/0x570
[  458.626968][T10370]  ? sctp_outq_select_transport+0x45d/0x570
[  458.632884][T10370]  ? sctp_transport_burst_limited+0x197/0x280
[  458.638988][T10370]  sctp_outq_flush+0x4f1/0x3100
[  458.643861][T10370]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  458.649779][T10370]  ? _raw_spin_unlock+0x40/0x40
[  458.654647][T10370]  ? rcu_is_watching+0x15/0xb0
[  458.659457][T10370]  ? enqueue_timer+0x225/0x530
[  458.664237][T10370]  ? sctp_outq_tail+0x8b0/0x8b0
[  458.669122][T10370]  ? sctp_outq_tail+0x604/0x8b0
[  458.674001][T10370]  ? sctp_outq_uncork+0x4d/0xa0
[  458.678971][T10370]  sctp_do_sm+0x52d6/0x59a0
[  458.683529][T10370]  ? sctp_generate_t3_rtx_event+0x340/0x340
[  458.689451][T10370]  ? __se_sys_sendmsg+0x1a5/0x270
[  458.694533][T10370]  ? __sk_mem_raise_allocated+0xaa9/0x1370
[  458.700365][T10370]  sctp_primitive_ASSOCIATE+0x95/0xc0
[  458.705760][T10370]  sctp_sendmsg_to_asoc+0x101c/0x17f0
[  458.711148][T10370]  ? __asan_memcpy+0x40/0x70
[  458.715768][T10370]  ? sctp_assoc_add_peer+0xcf3/0x13a0
[  458.721182][T10370]  ? sctp_sendmsg_check_sflags+0x2e0/0x2e0
[  458.727026][T10370]  ? __sctp_connect+0xd20/0xd20
[  458.731900][T10370]  ? __local_bh_enable_ip+0x12e/0x1c0
[  458.737295][T10370]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  458.743034][T10370]  ? security_sctp_bind_connect+0x89/0xb0
[  458.748795][T10370]  sctp_sendmsg+0x1941/0x27e0
[  458.753507][T10370]  ? sctp_getsockopt+0xb60/0xb60
[  458.758472][T10370]  ? aa_sk_perm+0x7fc/0x930
[  458.763095][T10370]  ? aa_af_perm+0x2b0/0x2b0
[  458.767616][T10370]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  458.774060][T10370]  ? sock_rps_record_flow+0x19/0x400
[  458.779365][T10370]  ? inet_send_prepare+0x260/0x260
[  458.784493][T10370]  ? inet_sendmsg+0xe9/0x2f0
[  458.789103][T10370]  ? inet_send_prepare+0x260/0x260
[  458.794323][T10370]  ____sys_sendmsg+0x5bf/0x950
[  458.799120][T10370]  ? __asan_memset+0x22/0x40
[  458.803734][T10370]  ? __sys_sendmsg_sock+0x30/0x30
[  458.808777][T10370]  ? __import_iovec+0x5f2/0x860
[  458.813660][T10370]  ? import_iovec+0x73/0xa0
[  458.818191][T10370]  ___sys_sendmsg+0x220/0x290
[  458.822896][T10370]  ? __sys_sendmsg+0x270/0x270
[  458.827729][T10370]  __se_sys_sendmsg+0x1a5/0x270
[  458.832602][T10370]  ? __x64_sys_sendmsg+0x80/0x80
[  458.837572][T10370]  ? lockdep_hardirqs_on+0x98/0x150
[  458.842789][T10370]  do_syscall_64+0x55/0xb0
[  458.847221][T10370]  ? clear_bhb_loop+0x40/0x90
[  458.851916][T10370]  ? clear_bhb_loop+0x40/0x90
[  458.856606][T10370]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  458.862524][T10370] RIP: 0033:0x7f621198e9a9
[  458.866963][T10370] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  458.886597][T10370] RSP: 002b:00007f6212811038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  458.895055][T10370] RAX: ffffffffffffffda RBX: 00007f6211bb5fa0 RCX: 00007f621198e9a9
[  458.903061][T10370] RDX: 0000000004048043 RSI: 0000200000000800 RDI: 0000000000000004
[  458.911046][T10370] RBP: 00007f6211a10d69 R08: 0000000000000000 R09: 0000000000000000
[  458.919119][T10370] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  458.927102][T10370] R13: 0000000000000000 R14: 00007f6211bb5fa0 R15: 00007fff949a3c48
[  458.935106][T10370]  </TASK>
[  459.003044][ T1185] usb 2-1: USB disconnect, device number 67
[  459.020811][    T8] usb 1-1: new high-speed USB device number 75 using dummy_hcd
[  459.218115][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  459.228050][    T8] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  459.244264][    T8] usb 1-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=9e.7f
[  459.254136][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  459.262945][    T8] usb 1-1: Product: syz
[  459.267267][    T8] usb 1-1: Manufacturer: syz
[  459.271986][    T8] usb 1-1: SerialNumber: syz
[  459.279102][    T8] usb 1-1: config 0 descriptor??
[  459.287618][    T8] redrat3 1-1:0.0: Couldn't find all endpoints
[  459.507797][ T6952] usb 1-1: USB disconnect, device number 75
[  460.788270][ T5845] usb 3-1: unable to get BOS descriptor or descriptor too short
[  460.807970][ T5845] usb 3-1: unable to read config index 0 descriptor/start: -71
[  460.825323][ T5845] usb 3-1: can't read configurations, error -71