last executing test programs:

2.768482584s ago: executing program 2 (id=1450):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000005, 0x12, r0, 0x99922000) (async)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x2)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_inet_tcp_SIOCOUTQNSD(r2, 0x894b, &(0x7f0000000000))
ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000240)={0x14, 0x2, 0x8, 0x4, 0x2, 0x8}) (async)
r3 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) (async)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000180)={<r5=>0xffffffffffffffff})
r6 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r7, 0x89f1, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f00000000c0)=@ethtool_link_settings={0x4d, 0x10001, 0x7, 0x5, 0x82, 0x8, 0xfa, 0x40, 0xce, 0x5, [0x6, 0x0, 0x4b, 0x5f15, 0x0, 0x188, 0xffffffff, 0x2], [0xe2]}}) (async)
sendmsg$DEVLINK_CMD_TRAP_SET(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x58, 0x0, 0x20, 0x70bd2d, 0x25dfdbfd, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x1c}, {0x5, 0x83, 0x1}}]}, 0x58}, 0x1, 0x0, 0x0, 0x24040000}, 0x4050)
getsockopt$inet_pktinfo(r5, 0x119, 0x8, 0x0, 0x0)
r8 = socket$kcm(0x10, 0x7, 0x0)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f00000004c0)="d8000000180081064e81f782db4cb904021d0800fe02fe02e8fe50a10a000725250000000c600e41b0000900ac00080325000000160015000a00ff150048035c3b61c1d67f6f94007134cf6efb8000a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5ae24e25ccca9e00360db79826835d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9000001008af26c8b7b55f4d2a6823a45", 0xd8}], 0x1}, 0x0) (async)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000540), r9) (async)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000580)={'wlan0\x00', <r11=>0x0})
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)={0x20, r10, 0x1, 0x70bd28, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_REKEY_DATA={0x4}]}, 0x20}}, 0x0) (async)
sendmsg$DEVLINK_CMD_RATE_GET(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="14000000", @ANYRES16=r4, @ANYBLOB="010700000000ffffffff41"], 0x34}}, 0x4c000) (async)
r12 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r12, 0x4b63, 0x4) (async)
r13 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r13, 0x8933, &(0x7f0000000180)={'batadv_slave_1\x00', <r14=>0x0})
setsockopt$packet_add_memb(r13, 0x107, 0x1, &(0x7f0000000000)={r14, 0x1, 0x6, @local}, 0x10)
setsockopt$packet_add_memb(r13, 0x107, 0x2, &(0x7f00000005c0)={r14, 0x1, 0x6, @broadcast}, 0x10) (async)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r5, 0x89f8, &(0x7f0000000400)={'sit0\x00', &(0x7f0000000380)={'syztnl2\x00', 0x0, 0x20, 0x7800, 0x10000, 0xa, {{0xc, 0x4, 0x1, 0x0, 0x30, 0x66, 0x0, 0x9, 0x29, 0x0, @empty, @dev={0xac, 0x14, 0x14, 0x22}, {[@lsrr={0x83, 0x1b, 0x7b, [@private=0xa010102, @private=0xa010101, @remote, @broadcast, @multicast2, @rand_addr=0x64010101]}]}}}}}) (async)
sendmsg$inet(r3, &(0x7f0000000440)={&(0x7f0000000200)={0x2, 0x4e22, @multicast2}, 0x10, &(0x7f0000000340)=[{&(0x7f0000000300)="7276d1aba3f9233a43bbe82d671f043123d7d5e958e2bf317bb9e721edcdef4ad788d27b7d53f7fb8a72bfe81c28b54f97bd", 0x32}], 0x1, &(0x7f00000005c0)=ANY=[@ANYBLOB="11000000000000000000000001000000040000000000000011000000000000000000000001000000100000000000000014000000000000000000000001000000060000000000000028000000000000000000000007000000071793000000000a010100e0000002ac141420ac1e0001001400000000000000000000000200000002000000000000001c000000000000000000000008000000", @ANYRES32=r14, @ANYBLOB="0a010102ac1e0001000000001400000000000000000000000100000009000000000000001400000000000000000000000100000005000000000000001c000000000000000000000008000000", @ANYRES32=0x0, @ANYBLOB="050000010080000000000000"], 0xf8}, 0x0)

2.55167153s ago: executing program 2 (id=1452):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0x13, &(0x7f0000000000)=0x80000, 0x4)
r2 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x55d800, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r2, 0x45809000)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
connect(r3, &(0x7f0000000080)=@hci={0x1f, 0x4, 0x3}, 0x80)

2.42207353s ago: executing program 2 (id=1453):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000700)=ANY=[@ANYBLOB="0a000001bbbbbbbbbbbb00000600000086dd67f8463b00280000fe80000000000000000000faffffff1ffc02000000000000000000000000000100040031"], 0x62)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000006c0)={'bridge_slave_0\x00', 0x600})
syz_usb_connect(0x2, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="12011001e5a58108e10634a39d030102030109021b0001ff05d00809044b7b016b87f3070905090200020774048e3a2573"], 0x0)
r3 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x20011, r3, 0xf648e000)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r5 = socket$kcm(0x21, 0x2, 0x2)
write$binfmt_script(r4, &(0x7f0000000000)={'#! ', './file0', [{0x20, '/dev/rnullb0\x00'}, {0x20, '/dev/ppp\x00'}, {0x20, '/dev/ppp\x00'}, {0x20, '/dev/rnullb0\x00'}, {0x20, '/dev/rnullb0\x00'}, {0x20, '/dev/ppp\x00'}, {0x20, '%'}, {0x20, ']+'}], 0xa, "17b32013fdd0dd5d2105d521f671f1686c91186057b3cc1f892061ce043f49e18e6fe8cd3ab805509576fbc5057661f3a1da4f81230adc3896313d1f0becef3c1241127f49c7a477220e6214dc07e1ae732545184b7caee18df94eb4d3d8f64529ba36261591"}, 0xbe)
sendmsg$kcm(r5, &(0x7f0000000140)={&(0x7f0000000280)=@rxrpc=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e24, @loopback}}, 0x80, 0x0, 0x0, &(0x7f0000000600)=ANY=[], 0x10b8}, 0x200008c0)

2.044580755s ago: executing program 3 (id=1456):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(cast5)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ad73364256408b0011021f", 0xb)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$alg(r1, &(0x7f0000000300)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x800}], 0x1, 0x40008040)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r1)
ioctl$BLKTRACESTOP(0xffffffffffffffff, 0x1275, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r3, 0x29, 0x30, &(0x7f00000001c0)=ANY=[@ANYBLOB="00400000000000000a004e20ffffffdbff", @ANYBLOB="915be95680c817fe75f03b85824be41e8cd3d5584a64e57c1296ede62a59394e37ff57d5ae0b69a7ad63c8c9a76ab021972f6c52941f25601e7a93c1907fb58326856ff661d816a57cc635714d56a464c82df17b8e75a09bcf05fbf438dcda8281aa20c7f94ec516e9b98cc11843cacbb4b01ac2639b2a7d"], 0x210)
ioctl$FS_IOC_SETFSLABEL(r2, 0x41009432, &(0x7f0000000380)="4120c28399d78a78006cdf5d0af1ca8383e55a01959d1146a5c13745eaea1c0d9ba74ee25241fe048a0af747fc99ff260866554cd04d3846bf6e1603ac727b0c4dbfe3080000002999b8de46973a6d5d332910d30700000000000000a019c88a3cc211ff40ceeb17f31b63bbc2ff5909aaf40fca0d548fb3827e0ce409392cd9cd468802b7d87c47a7853858ed07b0cd052992b84faade48edcc60cc8d351be805b3754a5ad1a01bb1811afe1096d8484afaef2d030000003e38696180abed9b24175cddaeb710efbdc3f05a68e5a28f36ce6926b8a53e6ab12b93815f88c5295100")
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
syz_emit_vhci(&(0x7f0000000340)=ANY=[@ANYBLOB="040f0401010308"], 0x7)
setsockopt$inet6_int(r4, 0x29, 0x1a, 0x0, 0x0)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r4, 0x8983, &(0x7f0000000280)={0x2, 'pimreg1\x00', {0x3}, 0x5df})
mount(&(0x7f0000000000)=@rnullb, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000080)='msdos\x00', 0x4020, 0x0)

1.845858488s ago: executing program 3 (id=1460):
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='fusectl\x00', 0x20080c4, 0x0)

1.788431457s ago: executing program 1 (id=1461):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x11, r0, 0xf648e000)
madvise(&(0x7f000026d000/0x2000)=nil, 0x2000, 0x16)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000001180)={0x18, 0x55, 0x1, 0x70bd2b, 0x0, {0x2}, [@typed={0x4, 0x120}]}, 0x18}, 0x1, 0x0, 0x0, 0x4c504}, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
socket$tipc(0x1e, 0x0, 0x0)

1.705051266s ago: executing program 3 (id=1462):
r0 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x82)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r0, 0x0)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x20020009, 0x0, &(0x7f0000000240)={0x20, 0x0, 0xfffc, 0x360, 0x7}, 0x1a, 0x7, 0x60000000, 0x0, 0x4, 0x101, 0x0})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r3, 0x4004ae99, &(0x7f00000001c0)=0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000240)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r3, 0x4400ae8f, &(0x7f0000000440)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34cf2645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6424923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff0000f5620000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe656c9c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000240)='vxfs\x00', 0x20080c4, 0x0)

1.533635529s ago: executing program 1 (id=1464):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000380)='/dev/comedi4\x00', 0x8000, 0x0)
ioctl$COMEDI_INSN(r0, 0x8028640c, &(0x7f0000000000)={0xc000003, 0x186, &(0x7f0000001180)=[0x81, 0x401, 0x1, 0x8, 0x8, 0x0, 0x60, 0x5, 0x2, 0xe1, 0x7, 0xceae, 0x8, 0x0, 0x80, 0x5, 0x3, 0x3, 0x8ce5, 0x101, 0x7fff, 0x7fff, 0x13, 0x85, 0x7, 0x3, 0x80000000, 0x0, 0xfffffeff, 0x5, 0x2, 0xd, 0xffffff5b, 0x8, 0x10000, 0x1, 0x2, 0x3, 0xfffffff1, 0x7, 0x2, 0x4, 0x208, 0x7e8, 0x5, 0xf0c6, 0xd, 0x9, 0xdaf, 0x3, 0xff, 0xfffffff8, 0x4, 0x2560, 0x7, 0x200, 0x8, 0x7, 0x7, 0xf73, 0xd, 0x101, 0x3, 0x4, 0x10001, 0x8, 0xfffffffc, 0x7fff, 0x9, 0x401, 0x74, 0x0, 0x7, 0x3, 0x8, 0x4474, 0x3, 0x41d, 0x8b79, 0x93d, 0x8001, 0x0, 0x8, 0x262c, 0x80, 0x4, 0x65, 0x8001, 0x3, 0x3, 0x8, 0x6ee, 0xd01, 0x1000, 0x0, 0x9, 0x5, 0x4, 0x7, 0x50, 0x53, 0x4, 0x1, 0x1, 0x8, 0xd, 0x9, 0x2, 0x28897d8b, 0xec4f, 0x0, 0x0, 0xfffff000, 0xa, 0xfffffffc, 0x10, 0xfffffffa, 0x1, 0x8, 0xcff2, 0x60000, 0x81, 0x7e, 0xcf7e, 0x4, 0x9, 0x1, 0x5, 0x7, 0x3, 0x2, 0x3, 0x8, 0x7cb4, 0x7, 0x5, 0xfffffeff, 0x2, 0x6, 0x8, 0x81, 0x3, 0xffffffff, 0x1ff, 0x6, 0x80, 0x1ffc, 0x1, 0x401, 0x79, 0x8, 0xce61, 0x80000000, 0x3, 0x1ff, 0x2, 0x9, 0x400, 0x8, 0x8, 0x3, 0x7, 0x401, 0xc, 0xfffffffd, 0x52, 0xda5e, 0x80000001, 0x6, 0x4, 0xd6, 0x5, 0x5, 0x8, 0x80, 0x6, 0x2, 0x8001, 0x2, 0x0, 0x4, 0x10, 0x6, 0x7ff, 0x0, 0xffffffff, 0x7ff, 0x2, 0x9, 0x6, 0x7, 0x1, 0x9, 0x80000001, 0x2, 0xfffffffc, 0x5e4, 0x8, 0x80000000, 0x100, 0xffffffff, 0x45, 0x10001, 0x7, 0x1, 0x7f, 0x1000, 0x0, 0x3, 0x2, 0x6, 0x7fffffff, 0xffff, 0x6, 0x873, 0x6, 0x689, 0x1, 0x101, 0x6, 0x0, 0xfffffffb, 0x1, 0x3d11, 0x5, 0xdd1, 0xf4f0, 0x4, 0x7b3, 0xc5f, 0x4, 0x1, 0x400, 0x81, 0x6, 0xa89, 0x5, 0x2, 0x2, 0x5, 0x5, 0x0, 0xa, 0x2, 0x8, 0x208000, 0xfffffff7, 0xfffffffc, 0xff, 0x9, 0x0, 0x9, 0x4, 0x7678, 0x1, 0x1394, 0xb, 0x23, 0x2, 0x10, 0x6d4, 0x7, 0xffffffff, 0x9, 0x401, 0x5, 0x4, 0x35, 0x1000, 0x8, 0x7f, 0x1, 0x799, 0x5, 0x6, 0x4, 0x16, 0x20000, 0x93, 0x5, 0x2, 0x0, 0xff, 0x7f, 0x2, 0x4, 0x8, 0x1000, 0x8, 0xd, 0x401, 0x100, 0xffffd889, 0xc, 0xbe27, 0x3, 0x0, 0xd04e, 0x1ff, 0x80000000, 0x8, 0xfffffae8, 0xd9, 0x7, 0x6972, 0x3, 0xb, 0x7, 0xf9, 0x2, 0x6, 0x1c, 0xc2f, 0x5, 0xb3, 0x66, 0x4, 0x400, 0x6, 0x71, 0x8, 0x6, 0x7fff, 0x8000, 0x25, 0x1a, 0x80000001, 0x0, 0x400, 0x1, 0x2, 0xffff4a06, 0x5, 0x6372, 0x93, 0x0, 0x8, 0x1ff, 0x8, 0x0, 0x929, 0xd, 0x8, 0x2, 0x8, 0xc, 0xfffffff7, 0x71, 0x7, 0x2, 0x4, 0x6b, 0xb, 0x9, 0x5, 0xe25, 0x7, 0x1d84, 0x9e0, 0x7, 0x1, 0x4, 0xca2a, 0x30, 0x0, 0xffffffff, 0x3, 0x8, 0xc0000, 0x42133ad5, 0xd88, 0x80000000, 0x7, 0x0, 0xfffffff8, 0x6, 0xfffffffc, 0x7, 0x6, 0x5, 0x6, 0x8, 0x2, 0x80, 0xda, 0x0, 0x10000, 0xb, 0x7fff, 0xd7c], 0x0, 0x5})

1.400115766s ago: executing program 1 (id=1466):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_PIT2(r2, 0x4038ae7a, &(0x7f0000000240)={[{0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xefd}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}]})
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
r4 = ioctl$TIOCGPTPEER(r3, 0x5441, 0x1)
ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f0000000240)={0xed5, 0xbd2, 0x5, 0xb23, 0x2, 0x3f00})
openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$KVM_SET_PIT2(r2, 0x4038ae7a, &(0x7f0000000240)={[{0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xefd}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20}]}) (async)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) (async)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0) (async)
ioctl$TIOCGPTPEER(r3, 0x5441, 0x1) (async)
ioctl$VT_RESIZEX(r4, 0x560a, &(0x7f0000000240)={0xed5, 0xbd2, 0x5, 0xb23, 0x2, 0x3f00}) (async)

1.176310818s ago: executing program 0 (id=1467):
r0 = creat(&(0x7f0000000140)='./file0\x00', 0x71)
mount(&(0x7f0000000180)=@rnullb, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='bfs\x00', 0x208003, 0x0)
r1 = syz_usb_connect(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100001a77aa4094225b4210a20102030109022400010000000009040000029233500009050602ff030000000905ba3e79"], 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000240)=ANY=[@ANYBLOB="40010400000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r1, 0x0, &(0x7f0000000540)={0x44, &(0x7f0000000200)={0x40, 0x1, 0x1a, "84fb4099a09ffea22448df42545cc21ec03ff6c83c7a0d139de9"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r1, 0x0, 0x0)
r2 = socket(0x11, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r4=>0x0})
bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @remote}, 0x14)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4)
sendmsg$netlink(r2, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="020114008cdc18000e3580009f000114600000060600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0ab42e32a097dbd4be5ffca88faca"], 0xdd12}, {&(0x7f0000000440)=ANY=[], 0x10}], 0x2}, 0x20040051)
syz_usb_control_io$hid(r1, 0x0, &(0x7f0000000600)={0x2c, &(0x7f0000000080)=ANY=[@ANYBLOB="20010100b537d2e5c07a7d39c0b150b7d7a24b4f2a2aaf3a677056ff3082f6ca803e074b04e7c3b725b2d8550ad0375a29bb050d0d0e9dadef7d797cbd32e84fad0596646a75ba00e64f7bfea1f991fbd6b99ca3e6839816bc"], 0x0, 0x0, 0x0, 0x0})
fcntl$getown(r0, 0x9)
creat(&(0x7f0000000140)='./file0\x00', 0x71) (async)
mount(&(0x7f0000000180)=@rnullb, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='bfs\x00', 0x208003, 0x0) (async)
syz_usb_connect(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100001a77aa4094225b4210a20102030109022400010000000009040000029233500009050602ff030000000905ba3e79"], 0x0) (async)
syz_usb_control_io$cdc_ncm(r1, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000240)=ANY=[@ANYBLOB="40010400000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io$cdc_ncm(r1, 0x0, &(0x7f0000000540)={0x44, &(0x7f0000000200)={0x40, 0x1, 0x1a, "84fb4099a09ffea22448df42545cc21ec03ff6c83c7a0d139de9"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io$printer(r1, 0x0, 0x0) (async)
socket(0x11, 0x3, 0x0) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f00000005c0)={'gre0\x00'}) (async)
bind$packet(r2, &(0x7f0000000180)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @remote}, 0x14) (async)
setsockopt$packet_int(r2, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4) (async)
sendmsg$netlink(r2, &(0x7f0000002ac0)={0x0, 0x0, &(0x7f0000000540)=[{&(0x7f0000000280)=ANY=[@ANYBLOB="020114008cdc18000e3580009f000114600000060600ac141414e0000003808a8972bd0b72e41082b1a3d2061fd7fdfe4b88942a31f48597e36e039b1c599db6e466749c2d4c8303a0f7fbda34fb8825f80200e3c0ab42e32a097dbd4be5ffca88faca"], 0xdd12}, {&(0x7f0000000440)=ANY=[], 0x10}], 0x2}, 0x20040051) (async)
syz_usb_control_io$hid(r1, 0x0, &(0x7f0000000600)={0x2c, &(0x7f0000000080)=ANY=[@ANYBLOB="20010100b537d2e5c07a7d39c0b150b7d7a24b4f2a2aaf3a677056ff3082f6ca803e074b04e7c3b725b2d8550ad0375a29bb050d0d0e9dadef7d797cbd32e84fad0596646a75ba00e64f7bfea1f991fbd6b99ca3e6839816bc"], 0x0, 0x0, 0x0, 0x0}) (async)
fcntl$getown(r0, 0x9) (async)

1.129468768s ago: executing program 1 (id=1468):
mount(&(0x7f0000000080)=@sg0, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000240)='hfs\x00', 0x1040081, 0x0)

1.009357387s ago: executing program 1 (id=1469):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000140), 0x4)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x1)
ioctl$MEDIA_IOC_G_TOPOLOGY(r1, 0x922, 0x0)
r2 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_TRANSPORT(r2, 0x114, 0x8, &(0x7f0000000380), 0x4)
setsockopt$RDS_FREE_MR(r2, 0x114, 0x3, &(0x7f0000000040)={{}, 0x6e}, 0x10)
setsockopt$inet_tcp_int(r1, 0x6, 0x6, &(0x7f0000000340)=0x4, 0x4)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000000c0)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xd}}, 0x6}, 0x1c)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000000380)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)="3de6", 0x2}], 0x1}}], 0x1, 0x48819)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010100}]}, &(0x7f0000000180)=0x4b)
r5 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r6 = fcntl$dupfd(r5, 0x0, r5)
sendto$inet(r6, 0x0, 0xfffffffffffffff4, 0x81d0378bfa63f12e, 0x0, 0x0)
sendto$inet6(r3, &(0x7f0000000400)="25eed0aee8c79f49b53c108367401019c41e56367aa3f23916ddf42df6a5ca47adc0f14939ee362a401f6425b5933ed45ac2e4089f33e87ea4fa53cb6f37fa25746f5805cefb6f78a3d525962f72cff39e3fd9074e3260c84fdfced1c00ba3c8cfcd6220a22b568b9ea6d0e366394ae3490b19d046c22e484b0aa11954836b45d4047ab5007b7b758a16f51f05661f02e1cc365db0bf3b54c3c468a8b5462008bc5ffb9db10bed599639774620b78184ada2301d9d494c2c7622d859213c2d7cc96412661b8f8afb818669f98776b43d6f8c598c00e43ade1e0808a35608882523edf4820dc6b1de1a71cb3dcec7265acaaeab264a1082660423eaf763e3d5e6756b9d2e4115906f4284e5e11388dae00c59c49d5bdc02592fbd96f69a586c8e6f36af50d6de76993809225f4a7dfbd1e7feee4438420c40ee1587ef9279cba9847f32d185f2405d680fd8776df5edc7c149279dc808c693dab77ec90071fff6b0b63f5eaadf5e2118dbeebbeb235b90b8b1b871af2ebc579d404578310950526b7be662a9d89be66d6a02522e7352357c02c3a56f8ff816331bd070041ba511613602956381e6d78b645d02dbc77a188168b6312a0998fe17cfd2940c8e5d39e5a95c50f8b0cee4a9c145b23997f830c08fe2e8af162363f4e14d78fd1275af0192483de50d521d85ed5dd21e51e9fba69d7c208ae998c914f5a2393f0594abb1228eb6df78d022707d2e705854e20338e898482ced2d8b853d8cd972bf7d2df97c7fbc2fffb60e9ec9335bf4e98c6d53244dabe2d1d038c75476b620b9263bda96ec2c61f3306dfcfb9f023c3c9678e0ef245b8c3de356f4c4dfe2d791e213b592f8106467517bd0eb3be609108ac41507edb9029c1975fe0c08e461b66b0850a9faf160e658fd770266fa0c70deab155084869592563fe0c136728a2999c6a5d40891a0de089cec58b1ffe2d40e44513b3d51c8c34935b75a351d0d7f9049e6e488585c819437a4e7b338cd5772a744fe79a21327f919ef4bdb9936a5dccd353a45e2642b8cad7aea0152de1d15577c37eff9fc206115e1ed9612183f5aa55ba23b2e2b77432f038b3cc3f0c189414de1402b002ba4464448d74fac86d1ab674a4eb3d8b6e8af11ee37145026fdedb952097fa069ddd516a76c8a647c0faf5a47a75a7294b0eba99291457e4614f0e985bd363de3593590e6f303e511220ce37e1e66711dac26dadaa5f26ab172ef6c7a2f53ed66c0813867e1d53e769efafac557c3977836517f216c53625d8752073fed32346d274613fef1f874d71a632a48220978d6efbf4fb938a46777f05b10cc71d1996772e2536a22b171e2cabffb9099e73026e56210a6162140681048fa9e55388619d83278ea60e5421eaade222b61237aae0d6684f19e090d88da58d0f8e0b4725c41bfc94a5a066d842f768d7ecc527ae2f8ed793ef072da9258db0d11d36637c4765afed52049524efb6feaaa3239dcce104e0889fb10e6a4b7923b4932fecafb1add915f673426c5d6fe7f0290ee8df38763c3737a8bdb4e78b64dd66831440a5dc4e14ccbd14a13f1c513773b9daf0e06cab2bf564b57c8145af47cc64a539fa8326467b318b2e8df6b6cec365f53a3745f4a6cc3d5bfcbe3f11f48713a9568b0fda6f5d88c0d889862e9f36c4f2664da2341b2002d340a4ffb524fa4ae475c2de3842e9c10354a8aa5ee08dcd538ebe243cd8f502cc2fca6dfc7e84a9c844a9be36e198b78d7ab7161f2f590b61fdf175035dee46c5620c9c02ea6b2f7b5d1edee27ba642832a64f7f2dd88a80937bf92d187a4a3dda7cc981b1cbd09416c418af48af5cfef16adb3ebf966a2fe7cbfb1a42b20eeea1c5f5406e644c4561d6e7009ae32331b5c372eccd802c962a56a994c793b145523b1c52356ffc8d0eef096851598692ca35f3d458890493a9883a61501d0fbc92d4543fa753a33bc954544a128a0e02d229737ca4432f9e013b4eba209b7b043eafd698bd756bd6c931798b07b7f62852ce7b3e38c6a3e3ce45535a8f383b57d3217881e7a62aa933809a6b0934b5e63f5617337971b515ccf38208be292107c1a83af71f1d5cc93cf96c1baaae648fa360f7a1a51eace114ba9b1a05db6dedd55ffe78a0e028c42346252a4e27d659447083f30850b02acda5903ca7605fcc9f22015f4c9ea924e7055d4d983a2cbb20a53cc4124bb300bbfb2628565fd09c6702b2d6dd15cff149c0fe7404a297500c4ca3186ccf88c7f46e3d6bf138ec31ba901c42e5ad349ff36c1572df219a1fca81b2aad102c2767006dd82a741cb6024231101e52bef3c581fe339377167620a8e443fead98c800ad9a25dd40e9af5a789bbafc6d742fa9a1b18e01a87cfa2c914ae559b4e63f9ca50943cfe8143d276ca84c814a0f8e8ee2c0a34a65b09856ac5e78bf92344d9b8394a4c2a60800dae54b10caf40bb09b47526e6707141d4f0a013a6e3567daf6db158b7886d84245b865216e916584149c5b84110dd677a756dc1e76c0d2f4e29fe6a67dd4f550b64936cd642adfff786fb89146b447195162ac8ef682874e20fca482bdce967eeb8c68503ad5ce7374b57df9541e1d7a848d863a5cc6dcbeed060103352e90eed71d60cd2be1ec63d98e25d652656601fd70910491b6f2ec81bec992eed2a5e749c93026375a197d93b88b626320340bdca0061d097505bd608543a25eb455f082700ceb2a4361eed56f1d93c40f84050b91a768830f36e6c5044b0df74cccd22dee667e4c597db72e9d3b9e59684130e07699edc511934a270288d5b52b6179c5abf048ede9d5e0d2d0d845dd63962523622d0564fdfdebd4503304681ec758083c639d11b4e2d47e0e63c5f6e7e96d6f2d6c58bdd8df926879c2047794b343b9ceeefa88e96b762cfc469739c933594627bc7e547f8c3cbeb0903473e8d4b323d5021e80dc4f2b0db7ce6f3da41790a4faf682a21593dfcf2e672e471aeceac0746510485f432ef35f68b5e5b2942525ef5c915236f4893e2281f05c586220041d9685ce8c59315cd783932691ae67e1ad85814af28a253d562b00c8503a0a7bf7dd73ee66641a59606c83fc783966c54cb183a812cfd135c945dcb752c29fae0d55c5b35659361d866b790010eeb98a4909038e6870e4b79c756612761e53831186b840840558dc25361c5ccb919222a9effef676b1e68e7d06a596b712e0adcf2d1972d92d979d95ee44ace518e3f95311cd51f7e48f79775233ae1b2500ca1779ed92cd575e85391d1c7a283d19e008379e9ccd2706f9c191094d31ca0e4e8148776250302774111ef74b980613bd350f6043e8b745f6134336e615e65d491a2c552407a9b87c2aa2883c2d829441ac92ebd11b4425ced9f5d68aeb034a7e6cacb0cc22267cf8f6b3d8a49371b392b0ac9d1845ca7a3e016a3161cd0099e459fdb05719660edaab4f7f2ee5cabe8802222a3acb2551106a63a1b29d5700742619dd758476a95f5b9f98422d54b0104f01f78ca632dae4e7294a4ba6083882ca7f406d97e6049d32fed8864671fb03992e902d463175de1fc784d0b2bc14023f850a3258658755ac00daa52abc1e824527a028b9bff2abd893e58169c736c26fc16e16dfaf132ca505bb9bff4c058763f54f0f36177e510e0ec237dba1f2c5d051158872ae09e7c2177e7cd366fd706b96ad75604c0477b715871602f00e5020d2112536bd255469d94a2ecf73557aa562da2df3aa12224e2f2a1cef614c5320a72bc54c81712205613f9fbe4449722aeaf130585ee52d993b37b18946958894cf2d795770d831fc6097e5795db584dadcafd5faf9352d31d9968a1bc09b32fd126a897dfa18b07910595446c28cffc0b76c046a1db4dbe14bebf0a44d68ddb6d4c073d5e79fb2788a5fdbfa0df9d6084bca32f7bd135ac843c728c040fdf2e10d1cf691508ae64aa3c40d0a198160c3b32d1d02399b509b88c82d77ca6a2bd81adaf671efdd790741a3f67023417fdb734fc697b456af920b1831ba52df170e1c45c3149ee393972a6b9dc97dd4aca5df478c4a593c76ee67ae259fc414bcad85098692f7e9aa660bb27c3ee6e96171ee240919c636aca69d875543d04d6cf48305a785422f4b4f5a99525a0951448acf33e8fc438b32b31eae7169cc82daba924d51708fd2f64c9076cfc7ad03da98051316209d66eb752346adcbc696dfb13000a77fa3655fdfca05b41ca01247c5d8e385cda3c8e2b65f9b34679130f99c81838e3ae716ab9fc9f07f6267d0197a43ed163e5025a11cb9fc1cec83e253d3c8a2d3a8f697ceaa3772bcf37ed8f0151b47e82bf270e549fc5651541a9da77aa128b193bb98f6e023cae58237daa93ddfa781394cd4c4a2519d4a0ea8a60bef2bd0e7bcac51999e6a916ea3a5566845ae498c048a7d036b1bfb1e59ed700421b0019ff1c1aee887b90cc8e1be4669e44dadb3468593b24e4b8d2c3365b95932d00503a82ce2dba2622986a14967a16233924bbf03a33d5a018274f44ccf31959057a696f63b4d5a319b81d8674cfe615807bdad84f79a1bc3a679bfd5fd24bca93a49c355e1d0c4cf42162111413c328b6df45191d5a38ef9e6e525590332eee19e20174ec5ce53e5ff5988a1135bd49dc1ebed1004afd6c77b79c607f074e8a7bd348706921201b49f656a9218cd3073ae9dccee23d99840c18e7d9eb1c6028f94c5e234a2fa05a350ad23e10a6e6ed6a592cf48877a32dc147f32eb05817e0e438d78c8ff4d5ef22d8747f88ebe57b96ed8a4d00729dd659361bf9198477562a4daec9f60c7a73f18f537db5e43c75edd13c98d224a614fe684835bda1e84cf441fa3240eab03e241fd4f84e594cc82a6acc80ecc74e6ca93e3d9706075cda806a6da92a73a57b5af5be2d8e97500dd2c920fc36d19b4f8673b45fd13ea736aeeaaa5872f6d95ce3fd560a9377f12e0b2440ff9f2986e5c1495f66e7e45cf4822e33670dd150e184c30ee769d9df212ca8a73928188ed025759260b7bcdfe21ff326bb01641305d874316c9d28889fbbdedd1fdf2174558625b3bf161c9fd312b2e41223e03939e04ee3e9fd6779ef6155279ab275949a0e7b84e54daa6eff264e079d5e41744234b86e712f48fd56b1481ed9e7a1c074b0f1a1b3a4c5286fa8d07df3c9eb161401286d09881bd52cd5ac0dd6d84bab3fd907d0fc572c8e4e00060cf6274026e3c3568bc6df507ee2c407d6c77e8a0fca12c40a5e590d4b0ad6a534929986adf883937893fe8a61407341b314796124652d3f94962ed1b25126d1e63aebbe4d2b1c148e98c570838212e253049496da922ea734b19f27a4f17e46a70e2d5a4fa97d2b5df5e0fe0795183e1e6d9be3726909d408dbda8332e59c95180aedfdbca78843fb062f9ed25f5df9cb7635a2214e6c7471913fe8f31b4458133c3cec6d6976e837c8d3da4556b257cb016d5cd0d7a832a4741c2b5693d162ca14f697b4f490a606951b0af34a1de42008e85caeecfad118ed787dd27829fab887fb07bc096a079ac23f78cd6258849e5f30626f222de9015925e944ce7933cf580578a6e14aab46e1a23e1af9a82dfb946ecb6de82bb7843b1ff731631a9c9466bc547a32a38744934a3e88e1f761f23504375d062e9f8d921776e18b8e210aaa20f4d416f481bc497a6a47a022636ab85f91d34b94654a4b39aebc77c40c1493ee44d5ffb2039f830bebefcf5b4ac693d67cc7f9e7bbc363fc3cd888ff85e749e0415ecc5fc70297722b9005aebc", 0x1000, 0x4000, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, &(0x7f0000000240)=""/158, 0x9e, 0x1, 0x0}, &(0x7f0000000180)=0x40)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000001c0)={<r7=>0x0, @in={{0x2, 0x4e21, @broadcast}}, 0xff, 0x10}, &(0x7f0000000280)=0x90)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000002c0)={0x9, 0x3a40, 0x200, 0x7, 0x7565, 0x9, 0x0, 0x0, r7}, &(0x7f0000000300)=0x20)
mount(&(0x7f0000000000)=@rnullb, &(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000040)='tmpfs\x00', 0x200002, 0x0)
r8 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000380), 0x4100)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r8, 0xc08c5332, &(0x7f0000000100)={0x8b6, 0x7f, 0x0, 'queue0\x00', 0xfffffffd})

952.461018ms ago: executing program 0 (id=1470):
r0 = syz_open_dev$vim2m(&(0x7f00000052c0), 0x3ff, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc058565d, &(0x7f0000000000)={0x0, 0x3})
r1 = fsopen(&(0x7f0000000100)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
fchdir(r2)
setsockopt$inet_int(r2, 0x0, 0x16, &(0x7f0000000000)=0x4, 0x4)
syz_open_dev$vim2m(&(0x7f00000052c0), 0x3ff, 0x2) (async)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc058565d, &(0x7f0000000000)={0x0, 0x3}) (async)
fsopen(&(0x7f0000000100)='configfs\x00', 0x0) (async)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0) (async)
fsmount(r1, 0x0, 0x0) (async)
fchdir(r2) (async)
setsockopt$inet_int(r2, 0x0, 0x16, &(0x7f0000000000)=0x4, 0x4) (async)

884.19593ms ago: executing program 2 (id=1471):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0) (async)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
write$rfkill(r1, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x1}, 0x8) (async)
write$rfkill(r1, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x1}, 0x8)
creat(0x0, 0x4) (async)
r2 = creat(0x0, 0x4)
ioctl$VHOST_VDPA_SET_CONFIG_CALL(0xffffffffffffffff, 0x4004af77, &(0x7f0000000180)=0x9) (async)
ioctl$VHOST_VDPA_SET_CONFIG_CALL(0xffffffffffffffff, 0x4004af77, &(0x7f0000000180)=0x9)
prlimit64(0x0, 0x0, 0x0, 0x0) (async)
prlimit64(0x0, 0x0, 0x0, 0x0)
pipe2(0x0, 0x0)
fadvise64(r0, 0x1000, 0x6542, 0x4)
syz_open_dev$evdev(&(0x7f0000000140), 0xfb, 0xc0000)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000040)='vegas\x00', 0x6)
r4 = syz_open_dev$evdev(&(0x7f00000001c0), 0x8, 0x10000)
symlinkat(&(0x7f0000000200)='./file0\x00', r2, &(0x7f0000000240)='./file0\x00') (async)
symlinkat(&(0x7f0000000200)='./file0\x00', r2, &(0x7f0000000240)='./file0\x00')
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000600)=ANY=[@ANYBLOB="140100001e000100000000000000000007"], 0x114}], 0x1}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r6=>0xffffffffffffffff})
sendmmsg(r6, &(0x7f0000003f40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001b80)=[{0x408, 0x1, 0x1, "62e1cf6111809460d79d98166e0894b9dd9be9395ddcb9aeb3d2ba29ddbef3493eb04f7b5e7d41c1440e4d3e76e06dcb279473c858a477abd89249670e258e88bd68e9955963557fdef8e94a34bf76126c3ebd3765c5a83955ea3ec2f549098b104d261b9c0f4def2249970af216ba4eca729bca1dddf06efb5d96db9acbe6d061aee4234cb09d5b02764dd1782f677f42be18722957f39e40afcb0bffd0a77a9ff46216462be4f27aacfefb754fa1e9b9922dc19dcd178849c2b96f075d1541d39d103d92c7153791f9653db140e631e6c006338235225be2c4c99eb14c68db1b6f840600c8a3ee9f6e1b5ac973b14f79141326e3520e368ca262a89fd22ab67ba0b4399304c37bb18756865f6d738162f778015dc09465667be08079e64ddd96d694531996207694039c0b265d7f7ae26746d7082c87889f60603143df207c4a7b87eea1118ff818c50e33a54a107985abdc860d65d7f92a0eeb3889d0647f2bb491e0b9fd77c6f5ec60b2d555017919e02e80fa0cfcadf878721b668f5240d819ed26b9ea263edf4a4dfebde53c87ff6c79ba12bf568ece8f85efe65b50edbc7bc3f9e4205a6a1e714edf7559d1d3c36efd88ba18ad9a4f006b7aa3fe8838129403cc4bae437ccfc0dbc1b7a625a7f48ae50b81a5e1553ae36d2287aad7f1223fdbd3a07e8d8bb5fdcce40a743629cc2c74075a1eaa7833872d5361cfeea1882e36a40272fcaac337b3956d321ec232854efc1b573138bd17fe5a38169cb10fe975521085394af6115a90703f6b24bc2af0c6e4249c13ef465611927f56511c9ab11f205ac6f64e73973d6c0a3875e00189584fba531cf6c931572791e7735a550ced06a2c6ae96c3245a401e89411b14eeeebc73ac2b99af153d71c99e3f29685b8dfd3ccd40bc45b7e8fcd45b79d44ce145ca3195ffd129b15b234c6dfaf0e801d31d683f3486b8d9b9af5c6ebd2b79b329be8d59b0545c3343297ee5e221ea8999980807d0e3e70a5e905d4d53abae5f20a93b1c3fda659c768d9e778755d9ae31bb1f01e3cb88b5e552ef2919b03bb2042a931dce3b8108ccb5b1eed51e2f42ba323f1024243183a2a202b8a733b5f0d3711afb466d7ca6bbf28273f26043c2e0c4308fc3312354b09b1e488372151df88732e01b0fc0af0cdcd91b87934030f18f87133b810ba1208443cfd0652fc195712e915399b01c361096c0b315943b1d5c123505a34c5091c59a124a6ad2566aad9a072d2a77449e418dfb2018b0680784dce9402f35bb3b9bf04381a76f3f63ba85c46da11d77fbc81d51a5f55c3b83575a2aaec4df5c57a534c5f3a6cc6e0f39f4616a4372f0638914dc9971bc596d2636544e9cb40f09982bf7fec24f6a84a694b60048550371ede29e256d99d5190ad07afc8a2763595bca2676f3"}], 0x408}}], 0x2, 0x0)
ioctl$EVIOCGKEYCODE(r4, 0x80084504, &(0x7f00000003c0)=""/211)
dup3(r1, r2, 0x0) (async)
dup3(r1, r2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x4580b000)
lseek(r0, 0x7, 0x0)
futex(&(0x7f0000000100)=0x1, 0x2, 0x2, 0x0, &(0x7f00000000c0), 0x4)
creat(&(0x7f0000000000)='./file0\x00', 0xcc)

866.803349ms ago: executing program 0 (id=1472):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa02, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x12, r0, 0x45809000) (async)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r1, 0x0, 0x0)
getsockopt$inet6_int(r1, 0x29, 0x9, &(0x7f0000000000), &(0x7f0000000040)=0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) (async)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0) (async)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0) (async)
fchdir(r2) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0\x00', 0x0, 0x991018, 0x0) (async)
umount2(&(0x7f0000000080)='./file0\x00', 0x1) (async)
setsockopt$sock_int(r1, 0x1, 0x24, &(0x7f0000000080)=0x80, 0x4)

668.200526ms ago: executing program 3 (id=1473):
creat(&(0x7f0000001380)='./file0\x00', 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockname$tipc(r1, 0x0, &(0x7f0000000080))
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000000)="d8000000180081064e80f782db44b9040a1d080000000000000055a10a0015400100142603600e1208009e00000004010400160040000540feffff7f036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef409fd2ee0125b91643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d28a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3060000000000000081ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b4337812398", 0xd8}], 0x1}, 0x0)
mount(&(0x7f0000000000)=@rnullb, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ntfs3\x00', 0x8000, 0x0)

662.377549ms ago: executing program 0 (id=1474):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000380)='/dev/comedi4\x00', 0x8000, 0x0)
ioctl$COMEDI_INSN(r0, 0x8028640c, &(0x7f0000000000)={0xc000003, 0x185, &(0x7f0000001180)=[0x81, 0x401, 0x1, 0x8, 0x8, 0x0, 0x60, 0x5, 0x2, 0xe1, 0x7, 0xceae, 0x8, 0x0, 0x80, 0x5, 0x3, 0x3, 0x8ce5, 0x101, 0x7fff, 0x7fff, 0x13, 0x85, 0x7, 0x3, 0x80000000, 0x0, 0xfffffeff, 0x5, 0x2, 0xd, 0xffffff5b, 0x8, 0x10000, 0x1, 0x2, 0x3, 0xfffffff1, 0x7, 0x2, 0x4, 0x208, 0x7e8, 0x5, 0xf0c6, 0xd, 0x9, 0xdaf, 0x3, 0xff, 0xfffffff8, 0x4, 0x2560, 0x7, 0x200, 0x8, 0x7, 0x7, 0xf73, 0xd, 0x101, 0x3, 0x4, 0x10001, 0x8, 0xfffffffc, 0x7fff, 0x9, 0x401, 0x74, 0x0, 0x7, 0x3, 0x8, 0x4474, 0x3, 0x41d, 0x8b79, 0x93d, 0x8001, 0x0, 0x8, 0x262c, 0x80, 0x4, 0x65, 0x8001, 0x3, 0x3, 0x8, 0x6ee, 0xd01, 0x1000, 0x0, 0x9, 0x5, 0x4, 0x7, 0x50, 0x53, 0x4, 0x1, 0x1, 0x8, 0xd, 0x9, 0x2, 0x28897d8b, 0xec4f, 0x0, 0x0, 0xfffff000, 0xa, 0xfffffffc, 0x10, 0xfffffffa, 0x1, 0x8, 0xcff2, 0x60000, 0x81, 0x7e, 0xcf7e, 0x4, 0x9, 0x1, 0x5, 0x7, 0x3, 0x2, 0x3, 0x8, 0x7cb4, 0x7, 0x5, 0xfffffeff, 0x2, 0x6, 0x8, 0x81, 0x3, 0xffffffff, 0x1ff, 0x6, 0x80, 0x1ffc, 0x1, 0x401, 0x79, 0x8, 0xce61, 0x80000000, 0x3, 0x1ff, 0x2, 0x9, 0x400, 0x8, 0x8, 0x3, 0x7, 0x401, 0xc, 0xfffffffd, 0x52, 0xda5e, 0x80000001, 0x6, 0x4, 0xd6, 0x5, 0x5, 0x8, 0x80, 0x6, 0x2, 0x8001, 0x2, 0x0, 0x4, 0x10, 0x6, 0x7ff, 0x0, 0xffffffff, 0x7ff, 0x2, 0x9, 0x6, 0x7, 0x1, 0x9, 0x80000001, 0x2, 0xfffffffc, 0x5e4, 0x8, 0x80000000, 0x100, 0xffffffff, 0x45, 0x10001, 0x7, 0x1, 0x7f, 0x1000, 0x0, 0x3, 0x2, 0x6, 0x7fffffff, 0xffff, 0x6, 0x873, 0x6, 0x689, 0x1, 0x101, 0x6, 0x0, 0xfffffffb, 0x1, 0x3d11, 0x5, 0xdd1, 0xf4f0, 0x4, 0x7b3, 0xc5f, 0x4, 0x1, 0x400, 0x81, 0x6, 0xa89, 0x5, 0x2, 0x2, 0x5, 0x5, 0x0, 0xa, 0x2, 0x8, 0x208000, 0xfffffff7, 0xfffffffc, 0xff, 0x9, 0x0, 0x9, 0x4, 0x7678, 0x1, 0x1394, 0xb, 0x23, 0x2, 0x10, 0x6d4, 0x7, 0xffffffff, 0x9, 0x401, 0x5, 0x4, 0x35, 0x1000, 0x8, 0x7f, 0x1, 0x799, 0x5, 0x6, 0x4, 0x16, 0x20000, 0x93, 0x5, 0x2, 0x0, 0xff, 0x7f, 0x2, 0x4, 0x8, 0x1000, 0xd, 0x401, 0x100, 0xffffd889, 0xc, 0xbe27, 0x3, 0x0, 0xd04e, 0x1ff, 0x80000000, 0x8, 0xfffffae8, 0xd9, 0x7, 0x6972, 0x3, 0xb, 0x7, 0xf9, 0x2, 0x6, 0x1c, 0xc2f, 0x5, 0xb3, 0x66, 0x4, 0x400, 0x6, 0x71, 0x8, 0x6, 0x7fff, 0x8000, 0x25, 0x1a, 0x80000001, 0x0, 0x400, 0x1, 0x2, 0xffff4a06, 0x5, 0x6372, 0x93, 0x0, 0x8, 0x1ff, 0x8, 0x0, 0x929, 0xd, 0x8, 0x2, 0x8, 0xc, 0xfffffff7, 0x71, 0x7, 0x2, 0x4, 0x6b, 0xb, 0x9, 0x5, 0xe25, 0x7, 0x1d84, 0x9e0, 0x7, 0x1, 0x4, 0xca2a, 0x30, 0x0, 0xffffffff, 0x3, 0x8, 0xc0000, 0x42133ad5, 0xd88, 0x80000000, 0x7, 0x0, 0xfffffff8, 0x6, 0xfffffffc, 0x7, 0x6, 0x5, 0x6, 0x8, 0x2, 0x80, 0xda, 0x0, 0x10000, 0xb, 0x7fff, 0xd7c], 0x0, 0x5})

455.634461ms ago: executing program 3 (id=1475):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x141342, 0x0)
r1 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000180)={r1, r1, 0x1, 0x13, &(0x7f0000000040)="25f2dd3d9271b35c45c67c24bdf761578330a0", 0x0, 0xf9, 0x5, 0x80, 0x9, 0x1, 0x10001, 'syz0\x00'})
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r1, 0x800448d2, &(0x7f0000000240)={0x2, &(0x7f0000000400)=[{}, {@none}]})
syz_clone(0x100411, 0x0, 0x0, 0x0, 0x0, 0x0)
sendfile(r0, r0, 0x0, 0x7ffff000)

419.802593ms ago: executing program 0 (id=1476):
mount(&(0x7f0000000100)=@rnullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f0000000080)='pipefs\x00', 0x808000, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, 0x0, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)

230.309727ms ago: executing program 2 (id=1477):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0x220100, 0x0)
ioprio_set$pid(0x1, 0x0, 0x0)
r1 = openat$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000), 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000040)=ANY=[@ANYBLOB="00637075202b72640461202b625764b48d34"], 0x12)
syz_clone(0xc2004e11, 0x0, 0x2e, 0x0, 0x0, 0x0)
syz_clone(0x800, &(0x7f0000000180)="fa344c1735b8a61f764d74840c1c6fdf77792050be5774bf22fd5ec71f4268873640a7", 0x23, 0x0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000580)='/proc/tty/drivers\x00', 0x0, 0x0)
read$FUSE(r3, &(0x7f0000000640)={0x2020, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x2020)
fcntl$lock(r3, 0x24, &(0x7f0000000000)={0x0, 0x1, 0x7fffffffffffffff, 0x9, r4})
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="050000000000000000000600000008000300", @ANYRES8=r2, @ANYBLOB="08004e01"], 0x24}, 0x1, 0x0, 0x0, 0x2000c0e0}, 0x24048015)
sendfile(r0, r0, 0x0, 0x7ffff000)

192.671945ms ago: executing program 0 (id=1478):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f00000006c0)={'bridge_slave_0\x00', 0x600})
syz_usb_connect(0x2, 0x2d, &(0x7f0000000240)=ANY=[@ANYBLOB="12011001e5a58108e10634a39d030102030109021b0001ff05d00809044b7b016b87f3070905090200020774048e3a2573"], 0x0)
r1 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x20011, r1, 0xf648e000)
openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r2, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
setsockopt$sock_int(r2, 0x1, 0xa, &(0x7f0000000100)=0x3, 0x4)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8b18, &(0x7f0000000000)={'wlan1\x00'})
connect$inet(r2, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r2, &(0x7f0000000340)='\x00', 0x1, 0x4c001, 0x0, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a0038001d001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)
recvmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000004140)=[{&(0x7f0000000240)=""/212, 0xd4}], 0x1}, 0x0)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, &(0x7f0000000300)=0x10)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c03000017"], 0x34c}}, 0x44)
recvfrom$inet(r2, &(0x7f0000000080)=""/35, 0x23, 0x14142, 0x0, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
timer_create(0x2, 0x0, &(0x7f0000000480))
timer_settime(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000000)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
userfaultfd(0x801)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
socket$kcm(0x21, 0x2, 0x2)
r6 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f00000000c0), 0x400042, 0x0)
write$binfmt_script(r6, &(0x7f0000000000)={'#! ', './file0', [{0x20, '/dev/rnullb0\x00'}, {0x20, '/dev/ppp\x00'}, {0x20, '/dev/ppp\x00'}, {0x20, '/dev/rnullb0\x00'}, {0x20, '/dev/rnullb0\x00'}, {0x20, '/dev/ppp\x00'}, {0x20, '%'}, {0x20, ']+'}], 0xa, "17b32013fdd0dd5d2105d521f671f1686c91186057b3cc1f892061ce043f49e18e6fe8cd3ab805509576fbc5057661f3a1da4f81230adc3896313d1f0becef3c1241127f49c7a477220e6214dc07e1ae732545184b7caee18df94eb4d3d8f64529ba36261591"}, 0xbe)

68.817875ms ago: executing program 2 (id=1479):
r0 = creat(&(0x7f0000001380)='./file0\x00', 0x4)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x31, 0xffffffffffffffff, 0x0)
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r2, 0xc0045005, &(0x7f0000000040)=0x10000)
r3 = dup2(r2, r2)
read$FUSE(r3, &(0x7f0000002680)={0x2020}, 0x2020)
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f00000001c0)={0x0, "0092938eda08a5513db99d08fdae429e4ae4c5bac9dd8259be4ee64b32c65e0a"})
ioctl$KVM_SET_MSRS(r0, 0x4008ae89, &(0x7f00000030c0)=ANY=[@ANYRES32=r1, @ANYRES64=r0, @ANYRESHEX=r1, @ANYRES64=r4, @ANYBLOB="f566d7c8afac07f8b44eb7a7ba9ae6109f3a75c88c402837ab7891038bded7b99cc219de2a3c921eab3e5a48322180fd7fd7583955cd86399bf9f79a6ceebbbe4ba54ed8dbd4840ff92d13b24adefca6cf8d961c6ea266663109cde35304cedf0266058cae6b940673396703051b3a340f8784d52ba9e20df405e7d407e71e018abfbeb747120eab677e4dac0e1a7cbcb74e0e2412de947f32ff3574740840fdf67ec8d224dd2ee8cd7c3574d856a18f25cbd8418a8155b6c685d2333722a2d40994b9aeb04fd9c69a95428a5b07b7cc81ea6e9945125893be51b6d6ab5c19503fb55165b909d28ac1e231b282d3de84ac1ba818da42d094d16d68be95728bf24221af16fc88f9f0021ea0f63f63c25e3aa97fa0f7d8a8602751a7a8b1ecaae735481622040942969c96afe6315f9de87fc7c7e6ec0756f96580a5ecd5873c72c2849fb06ff206893f75c0794289c27db6fdcdd170b4a0dec1004703d47199dd312631601b23ec728a830ef8104e9ccbd87fd2b412b81f16a67604cc57cc1be3aa93ecc13da8e0cbed96d32bead285e0275fdf9899cb1d71fb2db57528f676c7bbfb48845e1759cb3b9960d30918df1e10c849c599f2c2d124aef5557098f2a01e33ed051a802c96af230411a2440c586badbb71afae19a10bd5c658a31efdbf40d104e03021cc261669032a6345bfbdd5aabc0619f71fdbed35d6061aa4569ea6c165a7e8272677601da8b7ecb1216e5114352e0b10e48beb4d199fc10e556594f9b6079050dcf03859f1570f21a8df8af875dfd5d20583046115285aada9fe80b7720bba3ce0a62476361d273de5e26f6bf7c0210434a45533dda5c0ff94b8e48ec67c7d78ac542d78a8019eba813818a6eebda1445a98eb1b8799d7e808388df25dfcf1a5d7cb5401be36eed7c99abb02cc428ec4e27bc4e4313f19a591d1857537bb6c1ddb169f0edf0053249d46545218b626c47e8bd4087db3d7d8f8e2851655f8312ef9360a8cb1fa70abcc0228a30918aefd8e209c96f70bf9c14596172a640284be59811f5881d47220dbb50d4ff516bfc5a1fe254cde7732a343b53b9e7ce1e348e0ec5823a9ae5cbb337b697f02ef293ddeedfc3351e0da8f862b020bc3e57ee4d77f212ed774a778dbd74f0393fb1ae8e39a42ef2f9db32972e795db5e2ee9a85dc666361497fb3931551929cf4d4e8bd1b1148c34cb8fb33028031e81f3481af537c3f62a1c08835dce61632ebd5526d8d3a6d4215aed48a1b7812ec9f3c7e4daf62e9a02b9f974d0870055d84a03489e3d4bfaed94be2a4a8b1f5ab33c35954d22f0845e74c9dc2348ce5247a76f0dfc9c16e612b372ec02ce6c85b234da1336080ee2018e0173a3d16157ca67b051449fac0e5809c68c8f7795146547c18fc87bb76fc1e2de7ea16df5f6c3fdcea13054aed5cdaacbe9e797b056d3532e1890dc98851fe79012c1537e846416d3a619059a4d781a474f5b52af57841d6f55d48d110144f424e6e7f2d8be7c73949886e255e7867a93a4381ca853e3c31de60ffa03451a93e273e6489151e2772608844afb3c3c2e3c52d8d8167ed1b874740231cfbc44217db122813d394d8d042da6e084dc96ec2b5ee8f1c7186bbf0d3116112c972c307c96282baff70e9fc6cc67df5843c25c67a272513e73609387e4eec3b3821715d1a30db9f7161ad4406a3aa355cd291e735d9407d695cfc5201b622914bfe7b06ef3251a755b43547834ab2124967cd87609ac31c3bf53bb0d881c99a16b4547e18f274a796257f40ba30a8c60e8afdb886f4f27e32cb2301ba9b8cf638ed621cf68303be9c90dfa17aca365e51638f7c089f4476ad37c9544ccdc24924c47e8c5145183f5b86f331afd757024080d3eb66a7cfe1c3dc00132ee19a63bd7bbf99b6f5a456b9e69a389bee53446e2bd4c36252922e60e33c5c007f4dd6da5eb99e970ce4157186dfaf55262ff65219c1eb003dc248c001ecb72dcadc70f5c513d64063537f55b1485a8f1cc59015c35e05aee7ebe070d25f8482392cd156cdbbe9698f78b7a0ec0ae1e5895024fe84da7c902cc11d8790a63ee35a2fd9a80ea32a2d02bf66b055225ebf8ef08fe3619d5f910aba6493f4e0a38522bd9bb264f754d4791ad869b0a5703abc567938fff03722b1b46a52c9e8d8a59c5fb11be5c78b8abb71e7a2ad4213d1746cfb57541480ed1379dc19cfde70d4eb5b248e6a43a6b635a569e343b2de6896c8833ea550e75548be7985b0030c2e2792de0e6ebebbc57d772f5df3b8ea26243c77c098187e282060a9c3ff197bb199b7dba65ca4d5ef879a7a64a25066bd90c8f2ae5bf33e845c27e99dc35dd4fcae07301aa15c10597f6b5e30974b363f9be02ae96d7e4e29d22de8bd91f316bb7ebd09f1bef175340371010e9854c00cd6d8e0a529b17116e710e0a4bc63423218a65bf9309cb58eb83094a25070e91951626d9306c16908bc2f30ed6c46057020a1ca02a67956b213b5b9d57de15d7a031831d7e83b618c098cf20e62e923bf26e79eaaba5d1a77fe4135dbf01def7c4fc1bc93bddd0d64cb38eb34aeff43d9f415b8e9c26b03c34ebacf804f0751bb86fd948c4bf1b4417941e15f1f048b503220ef37832369e9d9f0549f04f0bd4cd6fd9158fc1735b0c7fba9fa71056385b32a656532a50f013bef0d4a93a09445e7e8094f35c8ad6523fe37b23e069d348fe9edb72ce85483ac9b837081050dbc53b047c0ee8cc2b819612f2a30aa7a17da0fad96a8f72543ce28e7cf57ca8ef50ec31b25c67263d7d621e1f43af4653f5aadb34f6eb8488dfafc8267746bc878521ef865bb2bacf35100f0a68f179ea3e5d26822b6dd11cc6c3b74f225c6d51235b0b78d50ac184eae04369c35027386a6e46f0f83d194f104c13dde1954debd1f5be6138526fd37390bc8d6723f01499c1979bb46d7fa002421e93066fdaed2ca83f91a7721fc0e8da35eb470f29c746922a00983a0c62d5c51bb92049f4f47b6bb69df37ca462bae44432e77dd96599c8809772077a1f132bfae473c94d6e7e2ae71c979c392127b07f8dd1904757fa11c767382ec7ee31a8de18b751c7f23fd03189318144dad32162133739d23254f21cea67faa52402f48cf22d32ad09e4451c035af272f45a477fce6e8d37c28acea7967caac61eb6250969444a1b1f6084d5c1f429d4ca4b5e48a55c55958767f9229a9c1cb751c5eaf3197e1c5472a9410bbc590f4f6e3fa54e906e54c7243df4fb2767ed5e01bbfaf02cee1050f4a6f878998b104e87c01e565fa316b96f7536b4516b03ab5a567cdae19476b4852ac09bc707cafe0a63f551f55767c6ddf849486af83cde41fc43788cca5ce6c9f9caafa9834e53ccfba5e602e8b284e663f4556143c4232346cd410433c6759d62b491bb7442ddc6d2a1de44d46806edafdab9844248d96d0dd3a8847e46ac00c6d4598b265372df824fbecf080007ca154ec4aabb681fe17ad96a5263430ea0a12e08abacdb55b1a3bc933402846a083c8a9b702eabe285b24b1b280877d296410b629af30781185e9aa02d49ad1d631dff5f489079710f94049551b5ac305bc26c763182684838e8d8dd972326bdd112a31b764ccb648c51ce21430c164318116ea7578e8d2adb64da1934dc3564459f812d6f8510992e378944cea55f9d3f9165bc100325d3e16b668643d30d60f3e25143c735d8e7c4cd1a447451c5b8ea3903c11e74b9c0c8213fac3cdcf194503840baa8e69c9e63180e82c797369e55db21568db3b29897b3025aa82723da0e5ff9504629f4e3e009f134e4b4af563395ee6b60f76108c14842bff093a70ef393f1d4f1c633b648a59e09df19fcf48236cbebb7265fcadac5be0b52cf3ca8a76822c67ab326fa69dc9da107fd50f2e93323a6330c67cc093632d8ecb950cecca708729bc9bbf5b2c13cb2587e11a05d334f8891c9d4544530f618cc8b88df854dde56dd2b278c4a2d74cb0bcad030a1162fa77668bec0bed3d09d8fd144d8cee7b905230255ace1016e435e7ef754c4c9744321985adae48c802fa1233be60538b3ff592dbb7799cc5f7f055f27800a35ee0d9dd68546276a1cabb3c819eaf5de342b290bd3bb7cc3116c9b4c2de63a49b0d946b935245f816f6d26dd50a6138c9073c1915f0dee148ee4ee1edca905cffbc0571027ff46d65be68c4c7a8c4e7ddd59649dd5a20404c0cf894c7a7107bd439b57401900b1ed8ba0f2929de258768b2c2f7c4a8310a706c23e1944da0b5cfade3abd91edcc0bbbe2766f043da2c4eca8e87be5d5d9dddfb65633655194a0009399ee3c9b7702800cbb5886dbb6abf8f944f9e9b6ce1e9b487b10992881b3568a03b881d83007c0a8cd8f34d96c2bb29fd5214a44720aeff9a607a3da19d94953f92a836e0b7ca29c8d0c9c5a72c329bdd39a0a696ee822d1e44e5496a971aee582c275f45f71a9f7a32b1cf993ae506459693b1197f58b60b8c90c31fb64858cb9b636af2057dd4548d0b07385bc761f5e5652645be8c63d13867a8f377948a077e7644078559ad2b7fc7fcf8c5613c2f62ff7eccc611bcf38510465c6523efcce1e5e9dc344b1fcac7be1cba94778eb81f4de7c19c07052372830f3be7acc18e0e114e2371302afea62f3533904ac40072fa171f6bd40a09625c638d2912f4d9f4a84a61d1c9ccf4afe4158e48674f25acda48440150b6025b74d08118297b020a4c4c37c8d2aee18b7b84191a479d13d29b3ebb5cea8c7a61d821e0d8fd2e5ac3dee547aa4e2dbb2f6d56f81224ce41db41f362f482efa1b9fadf98ec14cba86a8ef509a6500ef5d6d2ed9e488c88c11a94ebf21d43db5c1745bbd10c356c7cd1829f9e568931b31fca2db19b469a98e0f6317b08f9a3bc44025753dfaff97b8b83137f1db1767604e6d80c8eb79a2cd325ffe0cd8d5a031df7d89057a64b0997b761e56e90dce98513bfa43fa7d6807a1dadb61d5b04d49d9611c145a20bea5b7183dfe882e972f88ce447f4eee8eaa3fee03f6c5f8f1cec70bf92335c503512e2ee84751a4ccec11b215b5b0ea94eb74ec88abddeb261cc56f48162721cc3273cd5672cbb6fdf2c39aa57f9daec62c6a27d56b835069075d91c39d8c82b48ecf167ff670b01e37aa5b24e2f938bb609112c8315a5b380f17476a0f82b6e6d3594f9738b055e952a17b63a587ba91b4705fbd6f35ae7bfff696b08d3a13cb4592827fc7e17c0a44f64dc8e9c2622be9175d9c04d4613922d4d7bbb5630862d4117d6e94532b2847609a973966b7d332c321a01f13adfcb6b5e417f277d0fc644327bf6fb6cf79cc4ed9103856dfbe19d48c0e14e249c597a583375fc986371f3d51fa323f1bf91ef94de6d98b7a7f15f81c7426c4c6411daa1806bec8ef66760f7f67599198b0ed4d97985036f7bb33491bfb4a6221dc1ef1767868f4acb8b24a12b0cd5dda97a2fd9019908e13a3c010f0e716e21eed2623b659204bb68ea8414c5fe86d323acbfbb1cbc84acd89e430400d3d36114744fde32db51247d805e4382fe4ce29a53750702bf0847410b378dd90ad44107ba1a0a98ce53d37db357834db4b9924c633b8372754070b50f5f87e384d6fa82228c7145a58bca70f69d76cd841e6b0132ff84459de01472517f447adb7c24d46c7f45a295986213d7b2113bb051f030a6ae48fc99fba03e1a5b3024893ac6b90ed280cead38e1dacd643ce7176a7fd7bc239809cecc873144682550189cd7adf39436f8ae0d8233337462f0d503e2c26", @ANYBLOB="01af7ce15a9806f8f8967210dc1b854151ea5886d76bab846640a808377f5b1e1c84115272a40df8842ea4863d0c8a5b4c8499b24d89527ffb76fed1995aeddb16d93af7fd7713ca68d0cb1cd7fb20ce0e949ab432a825d477d3fedff854b4037addd85e21275feb1eb7558008998da2c492f6e24fc246313a49b435faef0008552d68491f34f253b038e0719d1395e77d840c11e8e7", @ANYRESHEX=r0])
r5 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r6, 0x4068aea3, &(0x7f0000000240)={0xbe, 0x0, 0x1})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000240), 0xffffffffffffffff)
r9 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r10 = dup(r9)
write$UHID_INPUT(r10, &(0x7f0000002080)={0x9, {"a2e339084fc752f91b2909094bf70e0dd038e7ff7fc6e5539b3263078b089b39333b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31300d316d0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df0784c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02ccf156f3da001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a5031e54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d618e462071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58ceecce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af44863c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ef9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766cf3817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000510b000000000000000000000000000000000000000000000000ac6b429961f8c30a00", 0x1028}}, 0xfffffd00)
ioctl$BLKCRYPTOGENERATEKEY(r0, 0xc030128a, &(0x7f0000000100)={&(0x7f0000000080)=""/106, 0x6a})
sendmsg$IPVS_CMD_GET_SERVICE(r7, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000000)=ANY=[@ANYBLOB="14000000", @ANYRES16=r8, @ANYBLOB="1107006e2900fbdbdf2504000000"], 0x14}, 0x1, 0x0, 0x0, 0x24004894}, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000040), &(0x7f0000048000), 0x0)
io_pgetevents(0x0, 0x7, 0x3, &(0x7f00000002c0)=[{}, {}, {}], &(0x7f0000000140)={0x0, 0x3938700}, &(0x7f0000000340)={&(0x7f0000000200)={[0x1]}, 0x8})
exit(0x0)
syz_kvm_setup_cpu$x86(r5, r6, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, 0x0}], 0x1, 0x36, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r11=>0xffffffffffffffff, <r12=>0xffffffffffffffff})
sendmsg$tipc(r12, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200), 0x0, 0x0, 0x0, 0x20000000}, 0x4000041)
close(r12)
close(r11)

20.391258ms ago: executing program 1 (id=1480):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000001, 0x11, r0, 0xf648e000)
r1 = socket$kcm(0x10, 0x2, 0x0)
r2 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x2710, @hyper}, 0x10, 0x80000)
connect$vsock_stream(r2, &(0x7f0000000040)={0x28, 0x0, 0x0, @hyper}, 0x10)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x33fe0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

0s ago: executing program 3 (id=1481):
r0 = openat$rnullb(0xffffffffffffff9c, &(0x7f0000001140), 0xa00, 0x0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000040)={'netdevsim0\x00', &(0x7f0000000180)=@ethtool_ringparam={0x11, 0x0, 0xfffffffc, 0x0, 0xffff2aef, 0x5, 0x800, 0x80000, 0x1000}})
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x442, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x8002002)
r5 = socket$inet(0x2, 0x3, 0x1)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r6, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000280)={0x44, 0x0, 0x8, 0x101, 0x0, 0x0, {0x7, 0x0, 0x8}, [@CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0x806}, @CTA_TIMEOUT_NAME={0x9, 0x1, 'syz0\x00'}, @CTA_TIMEOUT_DATA={0x14, 0x4, 0x0, 0x1, @tcp=[@CTA_TIMEOUT_TCP_CLOSE={0x8, 0x8, 0x1, 0x0, 0x8}, @CTA_TIMEOUT_TCP_LAST_ACK={0x8}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x84}]}, 0x44}}, 0x800)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@rand_addr=' \x01\x00', 0x2, 0x2b}, 0xa, @in6=@private1, 0x0, 0x4}]}]}, 0xfc}}, 0x0)
setsockopt$SO_BINDTODEVICE(r5, 0x1, 0x19, &(0x7f00000002c0)='veth1_virt_wifi\x00', 0x10)
sendmsg$inet(r5, &(0x7f0000000040)={&(0x7f00000000c0)={0x2, 0x4e21, @private=0xa010102}, 0x10, &(0x7f0000000180)=[{&(0x7f00000001c0)='\b\x00', 0x2}], 0x1, 0x0, 0x0, 0xe0000000}, 0x810)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r4, 0x4068aea3, &(0x7f0000000240)={0xbe, 0x0, 0x1})
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f00000002c0)={0x1, 0x0, [{0x4b564d01, 0x0, 0xffffffffffffffff}]})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, &(0x7f0000000080)={&(0x7f00000004c0)={0x2fc, 0x20, 0x300, 0x70bd2a, 0x25dfdbff, {0x1a}, [@nested={0xd5, 0xc6, 0x0, 0x1, [@nested={0x4, 0x106}, @generic="5b682b26ab9eb5ba72dbcdc123b08b970cb43d2061146621c6a639730e4a8c83f9e6286d8aca96cc89c7e1a5c53f46e6814742994769e57d98b991eb81de47d32ac1ff653e95ec4568a2d9e5f6f8ab43a150cc9c9edbe76a9ed7012dee8128b2e404fd72aced6a4aa2670307cef479ae88f41984c2ca44978f7926641b97af49440eae03538b54c2ad2d2ccb3d63387e901afbd49b2eb32fb961e6b526b92956f6744d0e37503ddaae0566e442dd25341583e8aa256fae69a9e70aa2642c84f4627e4a5caebd6906b0122e1615"]}, @generic="2a16d5f5222470c6ff34d134118d2a3ac5666022d408bac70443d252e1667b5e0c290c1d714a7fc5083120669a2279223cc6ead2b4fb1d302f8e34fa94e78cf8da7d725cfe292512f1e49e0c10565855e847d5117792b147d059cbc7adb4fb7f9bc212e7374ca8b2af1d89fe9b08216ee22637bf53b8b5b54f124cfdbc4e4483e860db7aa39e39cfa2366b9ee2388471f1e772c8ea4043e4adf4ad9b048582ee7e16a02246ea", @generic="af83022e27ca020814811556abe76918b97499599922320fd0f1ce5a290de362abfb028cc3dbdc9638060bde91b1f336345bd879e48d2ea1ee0fc80581d486c52e29cb77757d114d9aa423d8a09078d94b402acb1584336ee9e15713098f362dfb7126de006d8d0b356fa9642411da5582f347f465911a2abe9acc3d527cc82c9208b5049017420146c041220d341e2db833ed4108cecea977b786c2f3ab07f92999f6f101f3127c8dbad9c3caeeaa2ea3a429d629cf2cbdeaca46413db22f4d090d1e254bcf813a531a174439d54e180aa96096e687622dcf118a9a5a5bc063fdbf1a58247a6a2e87", @nested={0x7e, 0xd1, 0x0, 0x1, [@generic="a4d3064e948e907ab6f2f7803195eaadef7949ac6cac0dcbeb7428f66a837569634a71f9ffad0f3dd3ebf60047c31a998771a4bc3737fd03f2d95b563fa4dc8f777a712070a9b693dfe2b85c0dbc7ee200da8f58596b6c84dc55b9a8d8546b8f01d317de3cb352c6f59370fa896fd9c38787f93ea404", @nested={0x4, 0xaf}]}]}, 0x2fc}, 0x1, 0x0, 0x0, 0x20000810}, 0x0)
mmap(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x2000002, 0x20011, r0, 0x446ac000)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x1)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000904000/0x1000)=nil, 0x1000)
mlock(&(0x7f00007c0000/0x1000)=nil, 0x1000)

kernel console output (not intermixed with test programs):

ce number 58
[  253.280095][ T5215]  loop2: AHDI p1 p2 p3
[  253.289569][ T5215] loop2: partition table partially beyond EOD, truncated
[  253.299952][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  253.307254][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  253.383545][ T9405] gfs2: not a GFS2 filesystem
[  253.421297][ T6225] udevd[6225]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  253.453392][ T5846] usb 1-1: Firmware: major: 0, minor: 0, hardware type: ATUSB (2)
[  253.470104][ T5846] usb 1-1: Firmware version (0.0) predates our first public release.
[  253.489024][ T5846] usb 1-1: Please update to version 0.2 or newer
[  253.496920][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  253.635409][ T7821] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  253.665541][ T9382] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  253.678382][ T9382] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  253.730809][ T9382] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  253.738618][ T9382] VFS: Can't find a romfs filesystem on dev rnullb0.
[  253.738618][ T9382] 
[  253.825125][ T7821] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  253.836116][ T7821] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.845440][ T7821] usb 3-1: Product: syz
[  253.849655][ T7821] usb 3-1: Manufacturer: syz
[  253.854284][ T7821] usb 3-1: SerialNumber: syz
[  253.885487][ T7821] usb 3-1: config 0 descriptor??
[  253.893898][ T7821] ch341 3-1:0.0: ch341-uart converter detected
[  253.945350][   T10] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  253.950279][ T9417] netlink: 'syz.3.987': attribute type 29 has an invalid length.
[  254.052275][ T5857] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  254.104401][   T10] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  254.123319][   T10] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  254.135390][   T10] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  254.144578][   T10] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  254.157147][   T10] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  254.175898][   T10] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  254.189565][   T10] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  254.197991][   T10] usb 2-1: Product: syz
[  254.202851][   T10] usb 2-1: Manufacturer: syz
[  254.217225][   T10] cdc_wdm 2-1:1.0: skipping garbage
[  254.222583][   T10] cdc_wdm 2-1:1.0: skipping garbage
[  254.230763][   T10] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  254.238752][   T10] cdc_wdm 2-1:1.0: Unknown control protocol
[  254.426121][ T5930] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  254.523243][ T9407] UDF-fs: warning (device rnullb0): udf_load_vrs: No VRS found
[  254.556140][ T9407] UDF-fs: Scanning with blocksize 4096 failed
[  254.563520][ T7821] usb 3-1: failed to send control message: -71
[  254.576108][ T7821] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  254.588897][ T5930] usb 4-1: Using ep0 maxpacket: 16
[  254.602700][ T7821] usb 3-1: USB disconnect, device number 46
[  254.611036][ T5930] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  254.632315][ T7821] ch341 3-1:0.0: device disconnected
[  254.636380][ T5930] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  254.659020][ T5930] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  254.676963][ T5930] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  254.694269][ T5930] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  254.721644][ T5930] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  254.741172][ T5930] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  254.759159][ T5930] usb 4-1: Manufacturer: syz
[  254.775497][ T5930] usb 4-1: config 0 descriptor??
[  255.055162][ T5930] rc_core: IR keymap rc-hauppauge not found
[  255.067515][ T5930] Registered IR keymap rc-empty
[  255.072539][ T5930] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  255.095987][ T5930] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  255.118576][ T5215] Dev loop2: unable to read RDB block 7
[  255.124289][ T5215]  loop2: AHDI p1 p2 p3
[  255.131265][ T5930] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  255.143037][ T5215] loop2: partition table partially beyond EOD, truncated
[  255.156611][ T5930] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input33
[  255.170233][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  255.177551][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  255.191562][ T9424] /dev/rnullb0: Can't open blockdev
[  255.215210][ T5930] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  255.245298][ T5930] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  255.267972][ T5930] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  255.295440][ T5930] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  255.315130][ T5930] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  255.335178][ T5930] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  255.355160][ T5930] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  255.375216][ T5930] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  255.395496][ T5930] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  255.415136][ T5930] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  255.437299][ T5930] mceusb 4-1:0.0: Registered  with mce emulator interface version 1
[  255.445459][ T5930] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  255.468150][ T5930] usb 4-1: USB disconnect, device number 43
[  255.758284][ T9467] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  255.768904][ T9467] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  255.904481][ T5215] Dev loop2: unable to read RDB block 7
[  255.915318][ T5215]  loop2: AHDI p1 p2 p3
[  255.919600][ T5215] loop2: partition table partially beyond EOD, truncated
[  255.927816][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  255.934669][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  255.992636][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  256.054956][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  256.072599][ T6015] udevd[6015]: symlink '../../loop3' '/dev/disk/by-diskseq/73.tmp-b7:3' failed: Read-only file system
[  256.112060][ T5215] Dev loop2: unable to read RDB block 7
[  256.122124][ T5215]  loop2: AHDI p1 p2 p3
[  256.133721][ T5215] loop2: partition table partially beyond EOD, truncated
[  256.140766][ T9477] FAT-fs (rnullb0): bogus number of reserved sectors
[  256.140802][ T9477] FAT-fs (rnullb0): Can't find a valid FAT filesystem
[  256.154919][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  256.164940][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  256.213272][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  256.259095][ T6015] udevd[6015]: symlink '../../loop3' '/dev/disk/by-diskseq/73.tmp-b7:3' failed: Read-only file system
[  256.306612][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  256.372898][ T5997] udevd[5997]: symlink '../../loop3' '/dev/disk/by-diskseq/73.tmp-b7:3' failed: Read-only file system
[  256.400887][ T9483] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  256.424615][ T9486] /dev/rnullb0: Can't open blockdev
[  256.431147][ T9483] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  256.446896][ T9483] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  256.467150][ T9483] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  256.655092][   T10] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  256.729719][ T7821] usb 2-1: USB disconnect, device number 59
[  256.795185][   T10] usb 4-1: device descriptor read/64, error -71
[  256.811887][ T9492] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  256.841922][ T9494] openvswitch: netlink: Key 22 has unexpected len 2 expected 4
[  256.849203][ T9492] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  256.864418][ T9496] /dev/rnullb0: Can't open blockdev
[  257.056221][   T10] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  257.073139][ T5215] Dev loop2: unable to read RDB block 7
[  257.088474][ T5215]  loop2: AHDI p1 p2 p3
[  257.092733][ T5215] loop2: partition table partially beyond EOD, truncated
[  257.113283][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  257.121294][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  257.179941][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  257.205836][   T10] usb 4-1: device descriptor read/64, error -71
[  257.223912][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  257.253554][ T9512] /dev/rnullb0: Can't open blockdev
[  257.281988][ T5215] Dev loop2: unable to read RDB block 7
[  257.287789][ T5215]  loop2: AHDI p1 p2 p3
[  257.292073][ T5215] loop2: partition table partially beyond EOD, truncated
[  257.301903][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  257.314441][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  257.325783][   T10] usb usb4-port1: attempt power cycle
[  257.354224][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  257.471891][ T5215] Dev loop2: unable to read RDB block 7
[  257.478135][ T5215]  loop2: AHDI p1 p2 p3
[  257.482477][ T5215] loop2: partition table partially beyond EOD, truncated
[  257.493116][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  257.501215][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  257.561049][ T5215] Dev loop2: unable to read RDB block 7
[  257.571355][ T5215]  loop2: AHDI p1 p2 p3
[  257.577502][ T5215] loop2: partition table partially beyond EOD, truncated
[  257.584863][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  257.597107][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  257.624248][ T9523] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1015'.
[  257.637590][ T9523] syzkaller1: entered promiscuous mode
[  257.643289][ T9523] syzkaller1: entered allmulticast mode
[  257.675318][   T10] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  257.705966][   T10] usb 4-1: device descriptor read/8, error -71
[  257.724229][ T5215] Dev loop2: unable to read RDB block 7
[  257.736189][ T5215]  loop2: AHDI p1 p2 p3
[  257.740479][ T5215] loop2: partition table partially beyond EOD, truncated
[  257.749418][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  257.756923][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  257.951857][   T10] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  257.988310][   T10] usb 4-1: device descriptor read/8, error -71
[  258.095456][   T10] usb usb4-port1: unable to enumerate USB device
[  258.205097][ T5921] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  258.355125][ T5921] usb 2-1: Using ep0 maxpacket: 8
[  258.362331][ T5921] usb 2-1: config index 0 descriptor too short (expected 5924, got 36)
[  258.370799][ T5921] usb 2-1: config 250 has an invalid interface number: 228 but max is -1
[  258.379349][ T5921] usb 2-1: config 250 has 1 interface, different from the descriptor's value: 0
[  258.389772][ T5921] usb 2-1: config 250 has no interface number 0
[  258.396185][ T5921] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  258.407983][ T5921] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  258.421433][ T5921] usb 2-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  258.431904][ T5921] usb 2-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  258.443159][ T5921] usb 2-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  258.457026][ T5921] usb 2-1: config 250 interface 228 has no altsetting 0
[  258.471060][ T5921] usb 2-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  258.480394][ T5921] usb 2-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  258.482513][ T5215] Dev loop2: unable to read RDB block 7
[  258.495134][ T5921] usb 2-1: Product: syz
[  258.499343][ T5921] usb 2-1: SerialNumber: syz
[  258.505660][ T5215]  loop2: AHDI p1 p2 p3
[  258.509989][ T5215] loop2: partition table partially beyond EOD, truncated
[  258.519990][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  258.528266][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  258.529096][ T5921] hub 2-1:250.228: bad descriptor, ignoring hub
[  258.565306][ T5921] hub 2-1:250.228: probe with driver hub failed with error -5
[  258.614150][ T9536] /dev/rnullb0: Can't open blockdev
[  258.652506][ T5215] Dev loop2: unable to read RDB block 7
[  258.658828][ T5215]  loop2: AHDI p1 p2 p3
[  258.663145][ T5215] loop2: partition table partially beyond EOD, truncated
[  258.670636][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  258.677773][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  258.708100][ T9541] /dev/rnullb0: Can't open blockdev
[  258.735824][ T5921] usblp 2-1:250.228: usblp0: USB Bidirectional printer dev 60 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  258.840088][ T9543] /dev/rnullb0: Can't open blockdev
[  258.867163][ T5215] Dev loop2: unable to read RDB block 7
[  258.872814][ T5215]  loop2: AHDI p1 p2 p3
[  258.877117][ T5215] loop2: partition table partially beyond EOD, truncated
[  258.884416][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  258.893535][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  258.902584][ T9545] syzkaller1: left promiscuous mode
[  258.909118][ T9545] syzkaller1: left allmulticast mode
[  258.964449][ T5215] Dev loop2: unable to read RDB block 7
[  258.973670][ T5215]  loop2: AHDI p1 p2 p3
[  258.993378][ T5215] loop2: partition table partially beyond EOD, truncated
[  259.009569][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  259.022285][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  259.084338][ T5215] Dev loop2: unable to read RDB block 7
[  259.094473][ T5215]  loop2: AHDI p1 p2 p3
[  259.099744][ T5215] loop2: partition table partially beyond EOD, truncated
[  259.101486][ T5921] usb 2-1: USB disconnect, device number 60
[  259.107368][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  259.120369][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  259.132210][ T5921] usblp0: removed
[  259.153886][ T9556] /dev/rnullb0: Can't open blockdev
[  259.415187][ T5921] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  259.524449][ T9560] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  259.532954][ T9560] /dev/rnullb0: Can't open blockdev
[  259.589154][ T5921] usb 3-1: Using ep0 maxpacket: 16
[  259.623865][ T5921] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  259.644460][ T5921] usb 3-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  259.665367][ T5921] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.685733][ T5921] usb 3-1: config 0 descriptor??
[  259.734239][ T9567] binder: 9563:9567 ioctl c0306201 200000000640 returned -22
[  259.958248][ T7821] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  260.002065][ T9573] /dev/rnullb0: Can't open blockdev
[  260.050513][ T9575] /dev/rnullb0: Can't open blockdev
[  260.108600][ T5921] mcp2221 0003:04D8:00DD.000C: unknown main item tag 0x0
[  260.124851][ T5921] mcp2221 0003:04D8:00DD.000C: unknown main item tag 0x0
[  260.125216][ T7821] usb 2-1: Using ep0 maxpacket: 8
[  260.132655][ T5921] mcp2221 0003:04D8:00DD.000C: unknown main item tag 0x0
[  260.141806][ T7821] usb 2-1: unable to get BOS descriptor or descriptor too short
[  260.144122][ T5921] mcp2221 0003:04D8:00DD.000C: unknown main item tag 0x0
[  260.164326][ T5921] mcp2221 0003:04D8:00DD.000C: unknown main item tag 0x0
[  260.165266][ T7821] usb 2-1: config 4 interface 0 has no altsetting 0
[  260.172455][ T5921] mcp2221 0003:04D8:00DD.000C: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.2-1/input0
[  260.202166][ T7821] usb 2-1: string descriptor 0 read error: -22
[  260.208921][ T7821] usb 2-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  260.219151][ T7821] usb 2-1: New USB device strings: Mfr=2, Product=0, SerialNumber=3
[  260.235766][ T7821] usb 2-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  260.254555][ T7821] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  260.281533][ T7821] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  260.292956][ T7821] usb 2-1: media controller created
[  260.301670][ T9556] binder: 9555:9556 ioctl c0306201 2000000003c0 returned -14
[  260.323193][ T9556] ieee802154 phy0 wpan0: encryption failed: -22
[  260.381512][ T9581] /dev/rnullb0: Can't open blockdev
[  260.382105][ T9582] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  260.401284][ T7821] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  260.424194][ T9582] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  260.494246][ T9586] /dev/rnullb0: Can't open blockdev
[  260.516730][   T10] usb 3-1: USB disconnect, device number 48
[  260.589772][ T5215] Dev loop2: unable to read RDB block 7
[  260.605107][ T5215]  loop2: AHDI p1 p2 p3
[  260.609376][ T5215] loop2: partition table partially beyond EOD, truncated
[  260.620936][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  260.631766][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  260.740252][ T5215] Dev loop2: unable to read RDB block 7
[  260.746984][ T5215]  loop2: AHDI p1 p2 p3
[  260.751507][ T5215] loop2: partition table partially beyond EOD, truncated
[  260.760124][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  260.767649][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  260.812387][ T9592] /dev/rnullb0: Can't open blockdev
[  260.832756][   T30] audit: type=1326 audit(2000000082.590:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9591 comm="syz.3.1040" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f67f618e929 code=0x0
[  260.988600][ T1307] ieee802154 phy0 wpan0: encryption failed: -22
[  260.996139][ T1307] ieee802154 phy1 wpan1: encryption failed: -22
[  261.023451][ T9597] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  261.032560][ T9597] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  261.075402][ T5846] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  261.169696][ T7821] usb 2-1: USB disconnect, device number 61
[  261.235284][ T5846] usb 3-1: Using ep0 maxpacket: 16
[  261.248116][ T5846] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  261.265070][ T5846] usb 3-1: config 1 has no interface number 1
[  261.275374][ T5846] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  261.309834][ T5846] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  261.319747][ T5846] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.333111][ T5846] usb 3-1: Product: syz
[  261.341057][ T5846] usb 3-1: Manufacturer: syz
[  261.349219][ T5846] usb 3-1: SerialNumber: syz
[  261.571410][ T9594] Can't find a SQUASHFS superblock on rnullb0
[  261.580107][ T9594] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  261.589102][ T9594] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  261.611197][ T5846] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  261.632641][ T5846] usb 3-1: USB disconnect, device number 49
[  261.637087][ T7821] usb 2-1: new full-speed USB device number 62 using dummy_hcd
[  261.686817][ T5997] udevd[5997]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  261.724305][ T6015] udevd[6015]: symlink '../../loop3' '/dev/disk/by-diskseq/73.tmp-b7:3' failed: Read-only file system
[  261.807878][ T7821] usb 2-1: config 255 has an invalid interface number: 75 but max is 0
[  261.822264][ T5997] udevd[5997]: symlink '../../loop3' '/dev/disk/by-diskseq/73.tmp-b7:3' failed: Read-only file system
[  261.840374][ T7821] usb 2-1: config 255 has no interface number 0
[  261.847103][ T7821] usb 2-1: config 255 interface 75 altsetting 123 endpoint 0x9 has invalid maxpacket 512, setting to 64
[  261.864152][ T7821] usb 2-1: config 255 interface 75 has no altsetting 0
[  261.869916][   T30] audit: type=1326 audit(2000000083.620:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9615 comm="syz.3.1046" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f67f618e929 code=0x0
[  261.898227][ T7821] usb 2-1: New USB device found, idVendor=06e1, idProduct=a334, bcdDevice= 3.9d
[  261.907434][ T7821] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  261.915510][ T7821] usb 2-1: Product: syz
[  261.921775][ T7821] usb 2-1: Manufacturer: syz
[  261.927048][ T7821] usb 2-1: SerialNumber: syz
[  261.943444][ T9610] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[  262.003731][ T9620] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  262.176574][ T5215] Dev loop2: unable to read RDB block 7
[  262.188786][ T5215]  loop2: AHDI p1 p2 p3
[  262.194756][ T5215] loop2: partition table partially beyond EOD, truncated
[  262.203578][ T9610] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.212070][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  262.212231][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  262.226941][ T9610] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  262.310850][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  262.398089][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  262.430529][ T7821] dvb-usb: found a 'KWorld/ADSTech Instant DVB-T USB2.0' in warm state.
[  262.450261][ T7821] dvb-usb: bulk message failed: -22 (3/0)
[  262.461364][ T7821] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  262.473168][ T7821] dvbdev: DVB: registering new adapter (KWorld/ADSTech Instant DVB-T USB2.0)
[  262.482419][ T7821] usb 2-1: media controller created
[  262.489625][ T7821] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  262.510969][ T7821] dvb-usb: bulk message failed: -22 (6/0)
[  262.518385][ T7821] dvb-usb: no frontend was attached by 'KWorld/ADSTech Instant DVB-T USB2.0'
[  262.532720][ T7821] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input36
[  262.550130][ T7821] dvb-usb: schedule remote query interval to 150 msecs.
[  262.558885][ T7821] dvb-usb: KWorld/ADSTech Instant DVB-T USB2.0 successfully initialized and connected.
[  262.574733][ T7821] usb 2-1: USB disconnect, device number 62
[  262.585529][ T5846] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  262.630363][ T7821] dvb-usb: KWorld/ADSTech Instant DVB-T USB2.0 successfully deinitialized and disconnected.
[  262.712831][ T9638] omfs: Invalid superblock (0)
[  262.757066][ T5846] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  262.772260][ T5997] udevd[5997]: symlink '../../loop3' '/dev/disk/by-diskseq/73.tmp-b7:3' failed: Read-only file system
[  262.790316][ T5846] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  262.805473][ T5846] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  262.817017][   T30] audit: type=1326 audit(2000000084.580:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.0.1055" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f70daf8e929 code=0x0
[  262.845394][ T5846] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.861578][ T5846] usb 3-1: config 0 descriptor??
[  262.897622][ T5997] udevd[5997]: symlink '../../loop3' '/dev/disk/by-diskseq/73.tmp-b7:3' failed: Read-only file system
[  262.983973][ T5997] udevd[5997]: symlink '../../loop3' '/dev/disk/by-diskseq/73.tmp-b7:3' failed: Read-only file system
[  263.135709][ T5997] udevd[5997]: symlink '../../loop3' '/dev/disk/by-diskseq/73.tmp-b7:3' failed: Read-only file system
[  263.166346][ T9654] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  263.178776][ T9656] netlink: 240 bytes leftover after parsing attributes in process `syz.3.1059'.
[  263.287948][ T5846] cm6533_jd 0003:0D8C:0022.000D: unknown main item tag 0x0
[  263.303192][ T5846] cm6533_jd 0003:0D8C:0022.000D: unknown main item tag 0x0
[  263.330216][ T5997] udevd[5997]: symlink '../../loop3' '/dev/disk/by-diskseq/73.tmp-b7:3' failed: Read-only file system
[  263.336169][ T5846] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0D8C:0022.000D/input/input37
[  263.425916][ T5846] cm6533_jd 0003:0D8C:0022.000D: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0
[  263.489007][ T9628] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  263.512773][ T9628] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  263.571732][ T9668] ./file0: Can't lookup blockdev
[  263.713675][ T5846] usb 3-1: USB disconnect, device number 50
[  263.800826][   T30] audit: type=1800 audit(2000000085.550:47): pid=9676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1065" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  263.971472][   T30] audit: type=1326 audit(2000000085.730:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9678 comm="syz.1.1067" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa403d8e929 code=0x7fc00000
[  264.249803][ T5215] Dev loop2: unable to read RDB block 7
[  264.255538][ T5215]  loop2: AHDI p1 p2 p3
[  264.259814][ T5215] loop2: partition table partially beyond EOD, truncated
[  264.270629][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  264.280454][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  264.315312][ T5846] usb 2-1: new full-speed USB device number 63 using dummy_hcd
[  264.465494][ T5921] usb 4-1: new full-speed USB device number 48 using dummy_hcd
[  264.515806][ T9687] gfs2: not a GFS2 filesystem
[  264.524089][ T5846] usb 2-1: unable to get BOS descriptor or descriptor too short
[  264.540979][ T9702] EXT4-fs (rnullb0): VFS: Can't find ext4 filesystem
[  264.554430][ T5846] usb 2-1: unable to read config index 0 descriptor/start: -71
[  264.564838][ T5846] usb 2-1: can't read configurations, error -71
[  264.637393][ T5921] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  264.658387][ T5921] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  264.670619][ T5921] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid maxpacket 121, setting to 64
[  264.686066][ T5921] usb 4-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  264.695319][ T5921] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  264.703345][ T5921] usb 4-1: Product: syz
[  264.708258][ T5921] usb 4-1: Manufacturer: syz
[  264.712906][ T5921] usb 4-1: SerialNumber: syz
[  264.726056][ T5921] usb 4-1: config 0 descriptor??
[  264.732848][ T9694] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  264.740600][ T9694] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  264.752306][ T5921] usb 4-1: ucan: probing device on interface #0
[  264.791695][ T5215] Dev loop2: unable to read RDB block 7
[  264.798019][ T5215]  loop2: AHDI p1 p2 p3
[  264.802249][ T5215] loop2: partition table partially beyond EOD, truncated
[  264.809594][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  264.816576][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  264.914488][ T9708] Can't find a SQUASHFS superblock on rnullb0
[  264.956170][ T5921] usb 4-1: ucan: device protocol version 0 is not supported
[  264.963769][ T5921] usb 4-1: ucan: probe failed; try to update the device firmware
[  265.147187][ T5215] Dev loop2: unable to read RDB block 7
[  265.174736][ T1221] usb 4-1: USB disconnect, device number 48
[  265.189370][ T5215]  loop2: AHDI p1 p2 p3
[  265.197194][ T5215] loop2: partition table partially beyond EOD, truncated
[  265.227580][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  265.234442][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  265.296980][ T5215] Dev loop2: unable to read RDB block 7
[  265.310758][ T5215]  loop2: AHDI p1 p2 p3
[  265.318463][ T5215] loop2: partition table partially beyond EOD, truncated
[  265.338587][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  265.370764][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  265.472285][   T30] audit: type=1326 audit(2000000087.230:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9722 comm="syz.2.1080" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f783ff8e929 code=0x0
[  265.499628][ T9728] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  265.602129][ T9731] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  265.643801][ T9731] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  265.680554][ T9740] qnx4: no qnx4 filesystem (no root dir).
[  265.809451][ T9743] comedi: No check for data length of config insn id 129 is implemented
[  265.821070][ T9743] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  265.833306][ T9743] comedi: Assuming n=426 is correct
[  265.964402][ T9749] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  266.225440][ T7821] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  266.254451][ T5215] Dev loop2: unable to read RDB block 7
[  266.263119][ T5215]  loop2: AHDI p1 p2 p3
[  266.268677][ T5215] loop2: partition table partially beyond EOD, truncated
[  266.280039][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  266.295033][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  266.400782][ T7821] usb 4-1: unable to read config index 0 descriptor/start: -61
[  266.413050][ T7821] usb 4-1: can't read configurations, error -61
[  266.423625][ T9763] /dev/rnullb0: Can't open blockdev
[  266.500729][ T5215] Dev loop2: unable to read RDB block 7
[  266.520929][ T5215]  loop2: AHDI p1 p2 p3
[  266.526757][ T5215] loop2: partition table partially beyond EOD, truncated
[  266.534040][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  266.565043][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  266.575133][ T7821] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  266.670371][ T9774] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1091'.
[  266.749655][ T7821] usb 4-1: unable to read config index 0 descriptor/start: -61
[  266.757444][ T7821] usb 4-1: can't read configurations, error -61
[  266.767966][ T7821] usb usb4-port1: attempt power cycle
[  266.908019][ T9779] netlink: 'syz.0.1092': attribute type 4 has an invalid length.
[  266.927415][ T9781] XFS (rnullb0): Invalid superblock magic number
[  266.942640][ T9779] netlink: 3657 bytes leftover after parsing attributes in process `syz.0.1092'.
[  267.125143][ T7821] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  267.154523][ T9792] comedi: No check for data length of config insn id 129 is implemented
[  267.158628][ T7821] usb 4-1: unable to read config index 0 descriptor/start: -61
[  267.169361][ T9792] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  267.181313][ T9792] comedi: Assuming n=425 is correct
[  267.185796][ T7821] usb 4-1: can't read configurations, error -61
[  267.315220][ T7821] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  267.356906][ T7821] usb 4-1: unable to read config index 0 descriptor/start: -61
[  267.357051][ T5215] Dev loop2: unable to read RDB block 7
[  267.364517][ T7821] usb 4-1: can't read configurations, error -61
[  267.376364][ T7821] usb usb4-port1: unable to enumerate USB device
[  267.379950][ T5215]  loop2: AHDI p1 p2 p3
[  267.389399][ T5215] loop2: partition table partially beyond EOD, truncated
[  267.404207][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  267.413294][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  267.444883][ T9798] XFS (rnullb0): Invalid superblock magic number
[  267.452709][ T9806] tty tty2: ldisc open failed (-12), clearing slot 1
[  267.492955][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  267.543907][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  267.611592][ T9816] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1100'.
[  267.632946][ T9816] XFS (nullb0): Invalid superblock magic number
[  268.055225][ T7821] usb 2-1: new full-speed USB device number 65 using dummy_hcd
[  268.209757][ T7821] usb 2-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  268.219095][ T7821] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.227582][ T7821] usb 2-1: Product: syz
[  268.231761][ T7821] usb 2-1: Manufacturer: syz
[  268.236707][ T7821] usb 2-1: SerialNumber: syz
[  268.246143][ T7821] usb 2-1: config 0 descriptor??
[  268.271730][ T5215] Dev loop2: unable to read RDB block 7
[  268.277631][ T5215]  loop2: AHDI p1 p2 p3
[  268.281918][ T5215] loop2: partition table partially beyond EOD, truncated
[  268.294021][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  268.302599][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  268.349305][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  268.388461][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  268.460933][ T7821] usb 2-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  268.520989][ T5215] Dev loop2: unable to read RDB block 7
[  268.534262][ T5215]  loop2: AHDI p1 p2 p3
[  268.539697][ T5215] loop2: partition table partially beyond EOD, truncated
[  268.552156][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  268.553312][ T9837] Can't find a SQUASHFS superblock on rnullb0
[  268.559394][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  268.621831][ T5215] Dev loop2: unable to read RDB block 7
[  268.637672][ T5215]  loop2: AHDI p1 p2 p3
[  268.641897][ T5215] loop2: partition table partially beyond EOD, truncated
[  268.650359][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  268.663485][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  268.706416][ T9842] bond0: (slave rose0): Error: Device is in use and cannot be enslaved
[  268.729463][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  268.782009][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  268.823153][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  268.886944][ T5215] Dev loop2: unable to read RDB block 7
[  268.892673][ T5215]  loop2: AHDI p1 p2 p3
[  268.898877][ T5215] loop2: partition table partially beyond EOD, truncated
[  268.908834][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  268.915847][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  268.961322][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  269.031468][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  269.100086][ T6015] udevd[6015]: symlink '../../loop3' '/dev/disk/by-diskseq/73.tmp-b7:3' failed: Read-only file system
[  269.166612][ T9855] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  269.233787][ T9855] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  269.256025][ T9857] /dev/rnullb0: Can't open blockdev
[  269.266193][ T9855] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  269.276232][ T9855] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  269.615584][   T10] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  269.787253][   T10] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[  269.805747][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.835581][   T10] usb 4-1: config 0 descriptor??
[  269.940027][ T5215] Dev loop2: unable to read RDB block 7
[  269.946039][ T5215]  loop2: AHDI p1 p2 p3
[  269.950269][ T5215] loop2: partition table partially beyond EOD, truncated
[  269.958823][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  269.967809][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  270.052803][ T9859] gfs2: not a GFS2 filesystem
[  270.077773][   T10] ath6kl: Failed to submit usb control message: -71
[  270.093379][   T10] ath6kl: unable to send the bmi data to the device: -71
[  270.095537][ T9865] gfs2: not a GFS2 filesystem
[  270.101615][   T10] ath6kl: Unable to send get target info: -71
[  270.113924][   T10] ath6kl: Failed to init ath6kl core: -71
[  270.123428][   T10] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -71
[  270.126991][ T9865] batadv_slave_1: entered promiscuous mode
[  270.145680][   T10] usb 4-1: USB disconnect, device number 53
[  270.151776][ T9865] 8021q: VLANs not supported on nr0
[  270.162363][ T9864] batadv_slave_1: left promiscuous mode
[  270.194677][ T5215] Dev loop2: unable to read RDB block 7
[  270.203780][ T5215]  loop2: AHDI p1 p2 p3
[  270.210840][ T5215] loop2: partition table partially beyond EOD, truncated
[  270.219910][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  270.227803][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  270.314430][ T9830] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  270.332563][ T9830] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  270.347321][ T7821] dvb_usb_rtl28xxu 2-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  270.360179][ T7821] usb 2-1: USB disconnect, device number 65
[  271.125691][ T9889] comedi: No check for data length of config insn id 129 is implemented
[  271.155247][ T9889] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  271.164524][ T9889] comedi: Assuming n=423 is correct
[  271.182878][ T9891] afs: Unknown parameter 'autŒ‘Ç\—ÝXûÄŸÄ£¶Óïocell'
[  271.207914][ T9891] /dev/rnullb0: Can't open blockdev
[  271.382291][ T5215] Dev loop2: unable to read RDB block 7
[  271.398152][ T5215]  loop2: AHDI p1 p2 p3
[  271.408440][ T5215] loop2: partition table partially beyond EOD, truncated
[  271.428074][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  271.444371][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  271.589676][ T9898] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1123'.
[  271.605721][ T9897] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1123'.
[  271.721916][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1.6.16)
[  271.780915][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1.6.16)
[  271.803242][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1.6.16)
[  271.823774][ T5215] Dev loop2: unable to read RDB block 7
[  271.830702][ T5215]  loop2: AHDI p1 p2 p3
[  271.845275][ T5215] loop2: partition table partially beyond EOD, truncated
[  271.857491][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  271.869319][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  271.877508][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  271.927389][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  271.938961][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  271.949795][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  271.963759][ T9916] /dev/rnullb0: Can't open blockdev
[  271.997666][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.038421][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.063762][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.081731][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.094627][ T9920] comedi: No check for data length of config insn id 129 is implemented
[  272.105521][ T5846] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  272.120356][ T5215] Dev loop2: unable to read RDB block 7
[  272.126089][ T9920] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  272.135759][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.145791][ T5215]  loop2: AHDI p1 p2 p3
[  272.149997][ T5215] loop2: partition table partially beyond EOD, truncated
[  272.158390][ T9920] comedi: Assuming n=422 is correct
[  272.159080][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.174417][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  272.181451][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  272.188534][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.218644][ T9921] /dev/rnullb0: Can't open blockdev
[  272.224847][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.244008][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.255480][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.268137][ T9923] /dev/rnullb0: Can't open blockdev
[  272.276234][ T5846] usb 4-1: Using ep0 maxpacket: 16
[  272.280660][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.299535][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.299709][ T5846] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  272.317161][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.346075][ T5846] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  272.358402][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.362466][ T5846] usb 4-1: Product: syz
[  272.374777][ T5215] Dev loop2: unable to read RDB block 7
[  272.382455][ T5846] usb 4-1: Manufacturer: syz
[  272.385693][ T5215]  loop2: AHDI p1 p2 p3
[  272.391554][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.392612][ T5846] usb 4-1: SerialNumber: syz
[  272.402927][ T5215] loop2: partition table partially beyond EOD, truncated
[  272.419773][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  272.420195][ T5846] usb 4-1: config 0 descriptor??
[  272.430092][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.441474][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  272.448584][ T5846] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  272.454201][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.471329][ T9925] /dev/rnullb0: Can't open blockdev
[  272.479270][ T5846] usb 4-1: Detected FT232H
[  272.490695][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.534571][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  272.547649][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.573534][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  272.585835][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.596618][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.618484][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.631749][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.647486][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.650403][ T9910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  272.664942][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.683153][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.699101][ T9910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  272.708186][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.732560][ T9910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  272.744378][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.766233][ T9910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  272.787962][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.809287][ T9910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  272.827331][ T9929] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1134'.
[  272.838336][ T9931] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1134'.
[  272.850556][ T9929] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1134'.
[  272.865113][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.893757][ T9929] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  272.915989][ T9929] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  272.925365][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.939083][ T9910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  272.939737][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  272.965536][ T9910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  272.995537][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.009664][ T9910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  273.015119][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.043740][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.054150][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.086499][ T5215] Dev loop2: unable to read RDB block 7
[  273.092099][ T5215]  loop2: AHDI p1 p2 p3
[  273.094667][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.099064][ T9910] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  273.124786][ T5215] loop2: partition table partially beyond EOD, truncated
[  273.132266][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.132908][ T5215] loop2: p1 start 1601398130 is beyond EOD, 
[  273.146996][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.165171][ T5215] truncated
[  273.168468][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  273.199419][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.214365][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.224128][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.234264][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.244062][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.254675][ T5856] udevd[5856]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  273.256332][ T9910] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  273.336442][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.352312][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  273.373705][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.395610][ T5846] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  273.415476][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.465180][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.479012][ T9944] /dev/rnullb0: Can't open blockdev
[  273.510611][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.535127][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.544756][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (1986356271.1667588911.35)
[  273.570110][ T9948] /dev/rnullb0: Can't open blockdev
[  273.635187][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (134464.1870987264.35)
[  273.664072][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (134464.1870987264.35)
[  273.674869][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (134464.1870987264.35)
[  273.688420][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (134464.1870987264.35)
[  273.703014][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (134464.1870987264.35)
[  273.714913][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (134464.1870987264.35)
[  273.724645][ T9911] dlm: plock device version mismatch: kernel (1.2.0), user (134464.1870987264.35)
[  273.767853][ T5215] Dev loop2: unable to read RDB block 7
[  273.773486][ T5215]  loop2: AHDI p1 p2 p3
[  273.796844][ T5215] loop2: partition table partially beyond EOD, truncated
[  273.804207][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  273.825483][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  273.880436][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  273.920695][ T9958] kvm: kvm [9957]: vcpu1, guest rIP: 0xfff0 Unhandled WRMSR(0xc0010007) = 0x1000500000000
[  273.952238][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  273.990422][ T5846] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[  274.017838][ T5846] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  274.077743][ T5846] usb 4-1: USB disconnect, device number 54
[  274.109966][ T5846] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  274.137620][ T5846] ftdi_sio 4-1:0.0: device disconnected
[  274.154193][ T9958] af_packet: tpacket_rcv: packet too big, clamped from 280 to 4294967272. macoff=96
[  274.171604][ T5215] Dev loop2: unable to read RDB block 7
[  274.185496][ T5215]  loop2: AHDI p1 p2 p3
[  274.189714][ T5215] loop2: partition table partially beyond EOD, truncated
[  274.232675][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  274.247161][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  274.290845][ T5215] Dev loop2: unable to read RDB block 7
[  274.302285][ T5215]  loop2: AHDI p1 p2 p3
[  274.310991][ T5215] loop2: partition table partially beyond EOD, truncated
[  274.329488][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  274.362614][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  274.418404][ T5215] Dev loop2: unable to read RDB block 7
[  274.424125][ T5215]  loop2: AHDI p1 p2 p3
[  274.429287][ T5215] loop2: partition table partially beyond EOD, truncated
[  274.437983][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  274.444791][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  274.451738][ T5930] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  274.503431][ T6225] udevd[6225]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  274.561489][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  274.599714][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  274.618668][ T5930] usb 2-1: Using ep0 maxpacket: 16
[  274.626349][ T5930] usb 2-1: config 0 has an invalid interface number: 68 but max is 0
[  274.634482][ T5930] usb 2-1: config 0 has no interface number 0
[  274.672197][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  274.683612][ T5930] usb 2-1: config 0 interface 68 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  274.720951][ T5930] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=dc.c4
[  274.739356][ T5930] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.770620][ T5930] usb 2-1: Product: syz
[  274.774856][ T5930] usb 2-1: Manufacturer: syz
[  274.796294][ T5930] usb 2-1: SerialNumber: syz
[  274.833379][ T5930] usb 2-1: config 0 descriptor??
[  274.889885][ T5930] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  274.964329][ T9984] ISOFS: Unable to identify CD-ROM format.
[  275.267014][ T5215] Dev loop2: unable to read RDB block 7
[  275.290738][ T5215]  loop2: AHDI p1 p2 p3
[  275.297974][T10004] netlink: 'syz.3.1154': attribute type 1 has an invalid length.
[  275.308623][ T5215] loop2: partition table partially beyond EOD, truncated
[  275.325237][T10004] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1154'.
[  275.335194][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  275.339571][   T10] usb 2-1: USB disconnect, device number 66
[  275.342218][   T12] usb 2-1: Failed to read usb control message: -71
[  275.355399][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  275.363409][   T12] usb 2-1: Unable to read the bmi data from the device: -71
[  275.372637][T10004] /dev/rnullb0: Can't open blockdev
[  275.386922][   T12] usb 2-1: unable to get target info from device
[  275.411013][   T12] usb 2-1: could not get target info (-71)
[  275.434235][   T12] usb 2-1: could not probe fw (-71)
[  275.653839][T10015] netlink: 228 bytes leftover after parsing attributes in process `syz.3.1158'.
[  275.678630][T10015] /dev/rnullb0: Can't open blockdev
[  275.754028][T10019] netlink: 'syz.3.1160': attribute type 2 has an invalid length.
[  275.763553][T10019] netlink: 'syz.3.1160': attribute type 2 has an invalid length.
[  275.771043][   T30] audit: type=1326 audit(2000000097.530:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10018 comm="syz.3.1160" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f67f618e929 code=0x0
[  275.946467][   T30] audit: type=1326 audit(2000000097.710:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10026 comm="syz.0.1162" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f70daf8e929 code=0x0
[  275.969192][ T5215] Dev loop2: unable to read RDB block 7
[  275.974932][ T5215]  loop2: AHDI p1 p2 p3
[  275.979868][ T5215] loop2: partition table partially beyond EOD, truncated
[  275.988379][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  275.995533][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  276.082494][ T5215] Dev loop2: unable to read RDB block 7
[  276.091670][ T5215]  loop2: AHDI p1 p2 p3
[  276.096090][ T5215] loop2: partition table partially beyond EOD, truncated
[  276.103568][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  276.115097][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  276.179881][ T5215] Dev loop2: unable to read RDB block 7
[  276.187951][ T5215]  loop2: AHDI p1 p2 p3
[  276.192244][ T5215] loop2: partition table partially beyond EOD, truncated
[  276.200652][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  276.209948][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  276.386332][ T5215] Dev loop2: unable to read RDB block 7
[  276.392119][ T5215]  loop2: AHDI p1 p2 p3
[  276.396722][ T5215] loop2: partition table partially beyond EOD, truncated
[  276.404135][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  276.411224][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  276.498993][T10042] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  276.522848][T10042] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(8)
[  276.529529][T10042] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  276.542503][T10042] vhci_hcd vhci_hcd.0: Device attached
[  276.775523][   T10] usb 37-1: new low-speed USB device number 2 using vhci_hcd
[  276.785077][ T7821] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  276.841997][T10054] exFAT-fs (rnullb0): invalid boot record signature
[  276.854596][T10054] exFAT-fs (rnullb0): failed to read boot sector
[  276.861358][T10054] exFAT-fs (rnullb0): failed to recognize exfat type
[  276.925130][ T5911] usb 2-1: new full-speed USB device number 67 using dummy_hcd
[  276.954395][ T7821] usb 3-1: Using ep0 maxpacket: 16
[  276.962032][ T7821] usb 3-1: config 0 has no interfaces?
[  276.967899][ T7821] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  276.978489][ T7821] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.989459][ T7821] usb 3-1: config 0 descriptor??
[  277.127059][ T5911] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  277.135333][ T5911] usb 2-1: config 0 has no interface number 0
[  277.141455][ T5911] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  277.160992][ T5911] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64
[  277.178370][ T5911] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  277.188393][ T5911] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  277.207112][ T5911] usb 2-1: config 0 descriptor??
[  277.208184][T10042] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.216785][T10048] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[  277.238644][T10042] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  277.258373][ T1221] usb 3-1: USB disconnect, device number 51
[  277.264481][T10043] usb 37-1: recv xbuf, 0
[  277.285711][   T59] vhci_hcd: stop threads
[  277.290437][   T59] vhci_hcd: release socket
[  277.301871][   T59] vhci_hcd: disconnect device
[  277.345215][   T10] vhci_hcd: vhci_device speed not set
[  277.426375][T10068] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1174'.
[  277.532502][T10073] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.541689][T10073] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  277.564267][T10076] ntfs3(rnullb0): Primary boot signature is not NTFS.
[  277.573265][T10076] ntfs3(rnullb0): Alternative boot signature is not NTFS.
[  277.644201][ T5911] usbhid 2-1:0.1: can't add hid device: -71
[  277.651623][ T5911] usbhid 2-1:0.1: probe with driver usbhid failed with error -71
[  277.669146][ T5911] usb 2-1: USB disconnect, device number 67
[  277.737845][T10082] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  277.747232][T10082] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  277.809457][ T5215] Dev loop2: unable to read RDB block 7
[  277.822389][ T5215]  loop2: AHDI p1 p2 p3
[  277.830666][ T5215] loop2: partition table partially beyond EOD, truncated
[  277.838323][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  277.846270][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  277.873665][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  277.911461][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  277.943662][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  277.966718][T10087] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1180'.
[  277.996013][ T5215] Dev loop2: unable to read RDB block 7
[  278.001706][ T5215]  loop2: AHDI p1 p2 p3
[  278.006427][ T5215] loop2: partition table partially beyond EOD, truncated
[  278.013733][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  278.023593][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  278.040032][T10089] vxfs: WRONG superblock magic 00000000 at 1
[  278.046181][T10089] vxfs: WRONG superblock magic 00000000 at 8
[  278.052239][T10089] vxfs: can't find superblock.
[  278.060126][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  278.092787][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  278.146779][ T5215] Dev loop2: unable to read RDB block 7
[  278.152400][ T5215]  loop2: AHDI p1 p2 p3
[  278.165120][ T5215] loop2: partition table partially beyond EOD, truncated
[  278.179052][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  278.197313][T10095] ntfs3(rnullb0): Primary boot signature is not NTFS.
[  278.204673][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  278.242549][T10095] ntfs3(rnullb0): Alternative boot signature is not NTFS.
[  278.251422][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  278.293683][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  278.395238][ T5215] Dev loop2: unable to read RDB block 7
[  278.400853][ T5215]  loop2: AHDI p1 p2 p3
[  278.422162][ T5215] loop2: partition table partially beyond EOD, truncated
[  278.439060][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  278.459363][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  278.469241][T10104] Can't find a SQUASHFS superblock on rnullb0
[  278.518828][ T5215] Dev loop2: unable to read RDB block 7
[  278.525374][ T5215]  loop2: AHDI p1 p2 p3
[  278.529574][ T5215] loop2: partition table partially beyond EOD, truncated
[  278.554885][T10109] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1189'.
[  278.564538][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  278.568247][T10109] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  278.601182][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  278.648985][ T5856] udevd[5856]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  278.655094][   T10] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  278.682502][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  278.706963][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  278.795184][   T10] usb 2-1: device descriptor read/64, error -71
[  278.845496][ T5930] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  278.995068][ T5930] usb 3-1: Using ep0 maxpacket: 32
[  279.001946][ T5930] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  279.012051][ T5930] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x6 has invalid wMaxPacketSize 0
[  279.022458][ T5930] usb 3-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  279.036666][ T5930] usb 3-1: config 0 interface 0 has no altsetting 0
[  279.043328][ T5930] usb 3-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  279.052713][   T10] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  279.056776][ T5930] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  279.077296][ T5930] usb 3-1: config 0 descriptor??
[  279.195399][   T10] usb 2-1: device descriptor read/64, error -71
[  279.306224][   T10] usb usb2-port1: attempt power cycle
[  279.500615][ T5930] hid-thrustmaster 0003:044F:B65D.000E: unknown main item tag 0x0
[  279.513722][ T5930] hid-thrustmaster 0003:044F:B65D.000E: unknown main item tag 0x0
[  279.523075][ T5930] hid-thrustmaster 0003:044F:B65D.000E: unknown main item tag 0x0
[  279.533330][ T5930] hid-thrustmaster 0003:044F:B65D.000E: unknown main item tag 0x0
[  279.537340][T10124] fuse: Bad value for 'group_id'
[  279.541820][ T5930] hid-thrustmaster 0003:044F:B65D.000E: unknown main item tag 0x0
[  279.557924][T10124] fuse: Bad value for 'group_id'
[  279.577263][ T5930] hid-thrustmaster 0003:044F:B65D.000E: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.2-1/input0
[  279.590089][ T5930] hid-thrustmaster 0003:044F:B65D.000E: Unexpected non-int endpoint
[  279.658294][   T10] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[  279.698537][    C1] hid-thrustmaster 0003:044F:B65D.000E: URB to get model id failed with error -71
[  279.705497][   T10] usb 2-1: device descriptor read/8, error -71
[  279.708906][ T5930] usb 3-1: USB disconnect, device number 52
[  279.975434][   T10] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[  280.005612][   T10] usb 2-1: device descriptor read/8, error -71
[  280.015161][ T5846] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  280.117504][   T10] usb usb2-port1: unable to enumerate USB device
[  280.175058][ T5846] usb 4-1: Using ep0 maxpacket: 32
[  280.182031][ T5846] usb 4-1: config 8 has an invalid interface number: 203 but max is 0
[  280.190601][ T5846] usb 4-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  280.202004][ T5846] usb 4-1: config 8 has no interface number 0
[  280.208340][ T5846] usb 4-1: config 8 interface 203 altsetting 1 has an endpoint descriptor with address 0x93, changing to 0x83
[  280.220122][ T5846] usb 4-1: config 8 interface 203 altsetting 1 endpoint 0x83 has invalid maxpacket 1040, setting to 1024
[  280.241611][ T5846] usb 4-1: config 8 interface 203 altsetting 1 bulk endpoint 0x83 has invalid maxpacket 1024
[  280.253562][ T5846] usb 4-1: config 8 interface 203 altsetting 1 endpoint 0xB has invalid wMaxPacketSize 0
[  280.268079][ T5215] Dev loop2: unable to read RDB block 7
[  280.273765][ T5846] usb 4-1: config 8 interface 203 altsetting 1 bulk endpoint 0xB has invalid maxpacket 0
[  280.283721][ T5215]  loop2: AHDI p1 p2 p3
[  280.288077][ T5215] loop2: partition table partially beyond EOD, truncated
[  280.295207][ T5846] usb 4-1: config 8 interface 203 altsetting 1 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  280.308757][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  280.315711][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  280.321327][T10143] /dev/rnullb0: Can't open blockdev
[  280.322572][ T5846] usb 4-1: config 8 interface 203 has no altsetting 0
[  280.351471][ T5846] usb 4-1: New USB device found, idVendor=054c, idProduct=06c3, bcdDevice=eb.7a
[  280.369235][ T5215] Dev loop2: unable to read RDB block 7
[  280.374873][ T5846] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  280.386438][ T5215]  loop2: AHDI p1 p2 p3
[  280.390644][ T5215] loop2: partition table partially beyond EOD, truncated
[  280.400080][ T5846] usb 4-1: Product: syz
[  280.404285][ T5846] usb 4-1: Manufacturer: syz
[  280.409387][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  280.416449][ T5846] usb 4-1: SerialNumber: syz
[  280.427721][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  280.435317][T10129] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  280.758090][ T5846] port100 4-1:8.203: NFC: Could not get supported command types
[  280.779214][ T5846] usb 4-1: USB disconnect, device number 55
[  281.247881][ T5215] Dev loop2: unable to read RDB block 7
[  281.253591][ T5215]  loop2: AHDI p1 p2 p3
[  281.258166][ T5215] loop2: partition table partially beyond EOD, truncated
[  281.265948][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  281.273672][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  281.374958][ T5215] Dev loop2: unable to read RDB block 7
[  281.383854][ T5215]  loop2: AHDI p1 p2 p3
[  281.402046][ T5215] loop2: partition table partially beyond EOD, truncated
[  281.418987][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  281.434794][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  281.528630][ T5215] Dev loop2: unable to read RDB block 7
[  281.528663][ T5215]  loop2: AHDI p1 p2 p3
[  281.528691][ T5215] loop2: partition table partially beyond EOD, truncated
[  281.528867][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  281.528888][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  281.644114][T10165] tty tty23: ldisc open failed (-12), clearing slot 22
[  282.140844][T10196] zonefs (rnullb0) ERROR: Not a zoned block device
[  282.405861][ T5846] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  282.419238][T10203] syz.3.1214 (10203) used greatest stack depth: 16216 bytes left
[  282.556252][T10216] ./cgroup: Can't lookup blockdev
[  282.585960][ T5846] usb 3-1: Using ep0 maxpacket: 8
[  282.602369][ T5846] usb 3-1: New USB device found, idVendor=061d, idProduct=c120, bcdDevice=e3.67
[  282.620181][ T5846] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.631571][ T5846] usb 3-1: config 0 descriptor??
[  282.652405][ T5846] quatech2 3-1:0.0: Quatech 2nd gen USB to Serial Driver converter detected
[  282.855214][T10228] omfs: Invalid superblock (0)
[  282.886393][T10168] FAT-fs (rnullb0): bogus number of reserved sectors
[  282.907591][T10168] FAT-fs (rnullb0): Can't find a valid FAT filesystem
[  282.918293][ T5846] usb 3-1: qt2_attach - failed to power on unit: -71
[  282.928658][ T5846] quatech2 3-1:0.0: probe with driver quatech2 failed with error -71
[  282.945371][ T5846] usb 3-1: USB disconnect, device number 53
[  283.163006][T10233] XFS (rnullb0): Invalid superblock magic number
[  283.290306][T10243] TCP: TCP_TX_DELAY enabled
[  283.549285][ T5215] Dev loop2: unable to read RDB block 7
[  283.559595][ T5215]  loop2: AHDI p1 p2 p3
[  283.569963][ T5215] loop2: partition table partially beyond EOD, truncated
[  283.594469][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  283.611052][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  283.675474][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  283.724340][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  284.191321][T10269] /dev/rnullb0: Can't open blockdev
[  284.369908][ T5215] Dev loop2: unable to read RDB block 7
[  284.412467][ T5215]  loop2: AHDI p1 p2 p3
[  284.421895][ T5215] loop2: partition table partially beyond EOD, truncated
[  284.435804][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  284.466312][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  284.532847][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  284.583038][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  284.795879][ T5215] Dev loop2: unable to read RDB block 7
[  284.806057][ T5215]  loop2: AHDI p1 p2 p3
[  284.813708][ T5215] loop2: partition table partially beyond EOD, truncated
[  284.834040][T10289] netlink: 'syz.2.1241': attribute type 4 has an invalid length.
[  284.848195][T10289] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1241'.
[  284.864501][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  284.900738][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  284.980128][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  285.014588][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  285.040537][T10296] qnx4: no qnx4 filesystem (no root dir).
[  285.045953][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  285.073919][T10297] affs: Unknown parameter 'Frp;"˜u	'
[  285.535068][ T1221] usb 4-1: new full-speed USB device number 56 using dummy_hcd
[  285.584622][T10318] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1251'.
[  285.646540][T10320] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  285.656696][   T10] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[  285.659591][T10320] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  285.687298][ T1221] usb 4-1: config 255 has an invalid interface number: 75 but max is 0
[  285.696526][ T1221] usb 4-1: config 255 has no interface number 0
[  285.702980][ T1221] usb 4-1: config 255 interface 75 altsetting 123 endpoint 0x9 has invalid maxpacket 512, setting to 64
[  285.714893][ T1221] usb 4-1: config 255 interface 75 has no altsetting 0
[  285.725144][ T1221] usb 4-1: New USB device found, idVendor=06e1, idProduct=a334, bcdDevice= 3.9d
[  285.734392][ T1221] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.743144][ T1221] usb 4-1: Product: syz
[  285.747636][ T1221] usb 4-1: Manufacturer: syz
[  285.752305][ T1221] usb 4-1: SerialNumber: syz
[  285.762205][T10308] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  285.802427][ T5215] Dev loop2: unable to read RDB block 7
[  285.808609][ T5215]  loop2: AHDI p1 p2 p3
[  285.812840][ T5215] loop2: partition table partially beyond EOD, truncated
[  285.815232][   T10] usb 2-1: Using ep0 maxpacket: 32
[  285.823112][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  285.837962][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  285.844040][   T10] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  285.857391][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.882332][   T10] usb 2-1: config 0 descriptor??
[  285.893315][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  285.899191][   T10] gspca_main: nw80x-2.14.0 probing 055f:d001
[  285.944401][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  286.236356][ T1221] dvb-usb: found a 'KWorld/ADSTech Instant DVB-T USB2.0' in warm state.
[  286.250385][ T1221] dvb-usb: bulk message failed: -22 (3/0)
[  286.260539][ T1221] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  286.285873][ T1221] dvbdev: DVB: registering new adapter (KWorld/ADSTech Instant DVB-T USB2.0)
[  286.297614][ T1221] usb 4-1: media controller created
[  286.304656][ T1221] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  286.339974][ T1221] dvb-usb: bulk message failed: -22 (6/0)
[  286.346414][ T1221] dvb-usb: no frontend was attached by 'KWorld/ADSTech Instant DVB-T USB2.0'
[  286.359702][ T5215] Dev loop2: unable to read RDB block 7
[  286.366422][ T5215]  loop2: AHDI p1 p2 p3
[  286.370623][ T5215] loop2: partition table partially beyond EOD, truncated
[  286.383942][ T1221] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input39
[  286.399649][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  286.411715][ T1221] dvb-usb: schedule remote query interval to 150 msecs.
[  286.425032][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  286.435108][ T1221] dvb-usb: KWorld/ADSTech Instant DVB-T USB2.0 successfully initialized and connected.
[  286.488335][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  286.507572][ T1221] usb 4-1: USB disconnect, device number 56
[  286.586099][T10312] omfs: Invalid superblock (0)
[  286.613567][T10312] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  286.615566][ T1221] dvb-usb: KWorld/ADSTech Instant DVB-T USB2.0 successfully deinitialized and disconnected.
[  286.643836][T10337] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  286.661103][T10341] hpfs: Bad magic ... probably not HPFS
[  286.669379][T10337] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  286.676229][T10312] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  286.752663][   T10] gspca_nw80x: reg_r err -71
[  286.765131][   T10] nw80x 2-1:0.0: probe with driver nw80x failed with error -71
[  286.789980][   T10] usb 2-1: USB disconnect, device number 72
[  286.909276][T10352] omfs: Invalid superblock (0)
[  287.188362][T10365] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  287.208602][T10365] syzkaller1: entered promiscuous mode
[  287.208626][T10365] syzkaller1: entered allmulticast mode
[  287.498297][ T5215] Dev loop2: unable to read RDB block 7
[  287.503932][ T5215]  loop2: AHDI p1 p2 p3
[  287.534823][ T5215] loop2: partition table partially beyond EOD, truncated
[  287.550780][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  287.567741][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  287.612587][ T5215] Dev loop2: unable to read RDB block 7
[  287.635134][ T5215]  loop2: AHDI p1 p2 p3
[  287.639428][ T5215] loop2: partition table partially beyond EOD, truncated
[  287.668165][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  287.687579][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  287.745627][   T10] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[  287.845399][ T7821] usb 4-1: new full-speed USB device number 57 using dummy_hcd
[  287.935253][   T10] usb 2-1: Using ep0 maxpacket: 8
[  287.942284][   T10] usb 2-1: config 0 has an invalid interface number: 52 but max is 0
[  287.950716][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  287.980118][ T5215] Dev loop2: unable to read RDB block 7
[  287.980177][   T10] usb 2-1: config 0 has no interface number 0
[  287.995810][   T10] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  288.000266][ T5215]  loop2: AHDI p1 p2 p3
[  288.007159][   T10] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  288.007191][   T10] usb 2-1: config 0 interface 52 has no altsetting 0
[  288.008677][   T10] usb 2-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  288.035898][ T5215] loop2: partition table partially beyond EOD, truncated
[  288.085592][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  288.092423][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  288.095127][   T10] usb 2-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[  288.107556][   T10] usb 2-1: Manufacturer: syz
[  288.128743][   T10] usb 2-1: config 0 descriptor??
[  288.163640][   T10] hub 2-1:0.52: bad descriptor, ignoring hub
[  288.180121][   T10] hub 2-1:0.52: probe with driver hub failed with error -5
[  288.381563][   T10] input: syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.52/input/input40
[  288.400897][T10389] ntfs3(rnullb0): Primary boot signature is not NTFS.
[  288.407893][T10391] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  288.423495][T10389] ntfs3(rnullb0): Alternative boot signature is not NTFS.
[  288.431217][T10391] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  288.571386][T10372] vxfs: WRONG superblock magic 00000000 at 1
[  288.578887][T10372] vxfs: WRONG superblock magic 00000000 at 8
[  288.585809][T10372] vxfs: can't find superblock.
[  288.685383][   T10] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  288.695977][ T1221] usb 2-1: USB disconnect, device number 73
[  288.734481][T10405] netlink: 4764 bytes leftover after parsing attributes in process `syz.3.1272'.
[  288.744591][T10393] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  288.835430][   T10] usb 3-1: Using ep0 maxpacket: 8
[  288.845977][   T10] usb 3-1: config 0 has no interfaces?
[  288.858833][   T10] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ee
[  288.869649][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.881853][   T10] usb 3-1: Product: syz
[  288.886525][   T10] usb 3-1: Manufacturer: syz
[  288.891214][   T10] usb 3-1: SerialNumber: syz
[  288.904817][   T10] usb 3-1: config 0 descriptor??
[  289.080278][T10412] comedi: No check for data length of config insn id 129 is implemented
[  289.094927][T10412] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  289.108820][T10412] comedi: Assuming n=409 is correct
[  289.140214][T10385] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  289.165467][T10385] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  289.198601][T10385] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  289.214945][T10385] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  289.243265][T10416] EXT4-fs (rnullb0): VFS: Can't find ext4 filesystem
[  289.264173][ T7821] usb 3-1: USB disconnect, device number 54
[  289.715114][ T7821] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[  289.831101][ T5215] Dev loop2: unable to read RDB block 7
[  289.846892][ T5215]  loop2: AHDI p1 p2 p3
[  289.851105][ T5215] loop2: partition table partially beyond EOD, truncated
[  289.872636][ T7821] usb 2-1: device descriptor read/64, error -71
[  289.891697][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  289.898923][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  289.906320][T10429] hfs: can't find a HFS filesystem on dev rnullb0
[  289.938796][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  289.979786][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  290.123158][ T5215] Dev loop2: unable to read RDB block 7
[  290.129724][ T5215]  loop2: AHDI p1 p2 p3
[  290.133928][ T5215] loop2: partition table partially beyond EOD, truncated
[  290.156723][ T7821] usb 2-1: new high-speed USB device number 75 using dummy_hcd
[  290.167457][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  290.172808][T10440] comedi: No check for data length of config insn id 129 is implemented
[  290.174568][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  290.203456][T10440] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  290.238333][T10440] comedi: Assuming n=408 is correct
[  290.291562][ T5856] udevd[5856]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  290.315077][ T7821] usb 2-1: device descriptor read/64, error -71
[  290.369821][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  290.426176][ T7821] usb usb2-port1: attempt power cycle
[  290.525800][ T5215] Dev loop2: unable to read RDB block 7
[  290.531449][ T5215]  loop2: AHDI p1 p2 p3
[  290.551189][ T5215] loop2: partition table partially beyond EOD, truncated
[  290.569330][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  290.585107][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  290.648884][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  290.680969][T10445] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1286'.
[  290.712634][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  290.783748][T10445] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1286'.
[  290.797573][ T7821] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[  290.835059][T10447] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1286'.
[  290.847166][T10448] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1286'.
[  290.856697][ T7821] usb 2-1: device descriptor read/8, error -71
[  291.047472][ T5215] Dev loop2: unable to read RDB block 7
[  291.063313][ T5215]  loop2: AHDI p1 p2 p3
[  291.075257][ T5215] loop2: partition table partially beyond EOD, truncated
[  291.100318][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  291.128292][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  291.229054][ T7821] usb 2-1: new high-speed USB device number 77 using dummy_hcd
[  291.241167][T10455] exFAT-fs (rnullb0): invalid boot record signature
[  291.248476][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  291.263310][T10455] exFAT-fs (rnullb0): failed to read boot sector
[  291.285828][ T7821] usb 2-1: device descriptor read/8, error -71
[  291.297472][T10456] netlink: 'syz.2.1287': attribute type 28 has an invalid length.
[  291.310278][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  291.323358][T10455] exFAT-fs (rnullb0): failed to recognize exfat type
[  291.369530][ T5215] Dev loop2: unable to read RDB block 7
[  291.384844][ T5215]  loop2: AHDI p1 p2 p3
[  291.389684][ T5215] loop2: partition table partially beyond EOD, truncated
[  291.409010][ T7821] usb usb2-port1: unable to enumerate USB device
[  291.414148][T10465] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1291'.
[  291.415821][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  291.436006][T10466] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1291'.
[  291.450805][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  291.489179][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  291.500877][T10469] sctp: [Deprecated]: syz.0.1292 (pid 10469) Use of struct sctp_assoc_value in delayed_ack socket option.
[  291.500877][T10469] Use struct sctp_sack_info instead
[  291.523106][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  291.579003][T10472] comedi: No check for data length of config insn id 129 is implemented
[  291.587815][T10472] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  291.589693][T10473] FAT-fs (rnullb0): bogus number of reserved sectors
[  291.597656][T10472] comedi: Assuming n=407 is correct
[  291.607601][T10473] FAT-fs (rnullb0): Can't find a valid FAT filesystem
[  291.609627][ T5930] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  291.651812][ T5215] Dev loop2: unable to read RDB block 7
[  291.660655][ T5215]  loop2: AHDI p1 p2 p3
[  291.664847][ T5215] loop2: partition table partially beyond EOD, truncated
[  291.684751][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  291.693879][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  291.723204][T10483] netlink: 104 bytes leftover after parsing attributes in process `syz.0.1296'.
[  291.777650][ T5930] usb 4-1: Using ep0 maxpacket: 8
[  291.798336][ T5930] usb 4-1: unable to get BOS descriptor or descriptor too short
[  291.824074][ T5930] usb 4-1: config 248 has an invalid interface number: 3 but max is 1
[  291.836079][ T5930] usb 4-1: config 248 has an invalid interface number: 111 but max is 1
[  291.848184][ T5930] usb 4-1: config 248 has no interface number 0
[  291.854486][ T5930] usb 4-1: config 248 has no interface number 1
[  291.862834][ T5930] usb 4-1: config 248 interface 3 has no altsetting 0
[  291.872488][ T5930] usb 4-1: config 248 interface 111 has no altsetting 0
[  291.890479][ T5930] usb 4-1: New USB device found, idVendor=05c6, idProduct=9212, bcdDevice=91.28
[  291.901441][ T5930] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  291.912644][ T5930] usb 4-1: Product: syz
[  291.921163][ T5930] usb 4-1: Manufacturer: syz
[  291.921209][ T5215] Dev loop2: unable to read RDB block 7
[  291.928865][ T5930] usb 4-1: SerialNumber: syz
[  291.932203][ T5215]  loop2: AHDI p1 p2 p3
[  291.940852][ T5215] loop2: partition table partially beyond EOD, truncated
[  291.951894][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  291.958996][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  292.076085][T10493] FAT-fs (rnullb0): bogus number of reserved sectors
[  292.086781][T10493] FAT-fs (rnullb0): Can't find a valid FAT filesystem
[  292.266468][ T5215] Dev loop2: unable to read RDB block 7
[  292.272104][ T5215]  loop2: AHDI p1 p2 p3
[  292.276380][ T5215] loop2: partition table partially beyond EOD, truncated
[  292.283589][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  292.290466][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  292.337213][T10501] Can't find a SQUASHFS superblock on rnullb0
[  292.515246][T10506] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  292.522522][T10506] VFS: Can't find a romfs filesystem on dev rnullb0.
[  292.522522][T10506] 
[  292.632559][T10512] comedi: No check for data length of config insn id 129 is implemented
[  292.642059][T10512] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  292.651867][T10512] comedi: Assuming n=406 is correct
[  292.732796][T10515] /dev/rnullb0: Can't open blockdev
[  292.817793][T10517] /dev/rnullb0: Can't open blockdev
[  293.074826][T10526] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1307'.
[  293.221538][ T5215] Dev loop2: unable to read RDB block 7
[  293.227291][ T5215]  loop2: AHDI p1 p2 p3
[  293.231993][ T5215] loop2: partition table partially beyond EOD, truncated
[  293.255244][ T5891] usb 2-1: new high-speed USB device number 78 using dummy_hcd
[  293.263051][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  293.270529][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  293.362984][ T5215] Dev loop2: unable to read RDB block 7
[  293.369626][ T5215]  loop2: AHDI p1 p2 p3
[  293.373831][ T5215] loop2: partition table partially beyond EOD, truncated
[  293.387356][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  293.394162][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  293.407463][ T5891] usb 2-1: device descriptor read/64, error -71
[  293.560804][T10539] qnx4: no qnx4 filesystem (no root dir).
[  293.617148][T10541] comedi: No check for data length of config insn id 129 is implemented
[  293.626968][T10541] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  293.636673][T10541] comedi: Assuming n=405 is correct
[  293.645084][ T5891] usb 2-1: new high-speed USB device number 79 using dummy_hcd
[  293.748358][T10549] /dev/rnullb0: Can't open blockdev
[  293.776462][ T5891] usb 2-1: device descriptor read/64, error -71
[  293.822876][T10551] /dev/rnullb0: Can't open blockdev
[  293.886715][ T5891] usb usb2-port1: attempt power cycle
[  294.091258][T10560] /dev/sg0: Can't lookup blockdev
[  294.225338][ T5891] usb 2-1: new high-speed USB device number 80 using dummy_hcd
[  294.253330][ T5891] usb 2-1: device descriptor read/8, error -71
[  294.350348][ T5215] Dev loop2: unable to read RDB block 7
[  294.357918][ T5215]  loop2: AHDI p1 p2 p3
[  294.362132][ T5215] loop2: partition table partially beyond EOD, truncated
[  294.379253][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  294.388127][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  294.410842][T10568] comedi: No check for data length of config insn id 129 is implemented
[  294.431410][T10568] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  294.454128][T10568] comedi: Assuming n=404 is correct
[  294.505108][ T5891] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[  294.529790][ T5215] Dev loop2: unable to read RDB block 7
[  294.535912][ T5891] usb 2-1: device descriptor read/8, error -71
[  294.535974][ T5215]  loop2: AHDI p1 p2 p3
[  294.549140][ T5215] loop2: partition table partially beyond EOD, truncated
[  294.569820][ T5930] usb 4-1: unknown number of interfaces: 2
[  294.575823][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  294.590737][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  294.598262][ T5930] usb 4-1: USB disconnect, device number 58
[  294.657639][ T5891] usb usb2-port1: unable to enumerate USB device
[  294.683923][T10572] FAT-fs (rnullb0): bogus number of reserved sectors
[  294.692410][T10574] /dev/rnullb0: Can't open blockdev
[  294.716232][T10572] FAT-fs (rnullb0): Can't find a valid FAT filesystem
[  294.739991][T10577] UDF-fs: warning (device rnullb0): udf_load_vrs: No VRS found
[  294.749888][T10577] UDF-fs: Scanning with blocksize 4096 failed
[  294.758871][ T5215] Dev loop2: unable to read RDB block 7
[  294.770513][ T5215]  loop2: AHDI p1 p2 p3
[  294.774714][ T5215] loop2: partition table partially beyond EOD, truncated
[  294.803631][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  294.814763][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  295.030846][T10589] XFS (rnullb0): Invalid superblock magic number
[  295.049452][ T5215] Dev loop2: unable to read RDB block 7
[  295.055712][ T5215]  loop2: AHDI p1 p2 p3
[  295.059924][ T5215] loop2: partition table partially beyond EOD, truncated
[  295.068422][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  295.078461][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  295.100500][ T5930] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  295.133394][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  295.137152][T10596] MTD: Attempt to mount non-MTD device "/dev/rnullb0"
[  295.157590][T10596] /dev/rnullb0: Can't open blockdev
[  295.183532][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  295.266321][ T5215] Dev loop2: unable to read RDB block 7
[  295.271940][ T5215]  loop2: AHDI p1 p2 p3
[  295.285087][ T5215] loop2: partition table partially beyond EOD, truncated
[  295.290035][ T5930] usb 4-1: unable to get BOS descriptor or descriptor too short
[  295.292344][ T5215] loop2: p1 start 1601398130 is beyond EOD, 
[  295.309347][ T5930] usb 4-1: config 9 has an invalid interface number: 73 but max is 0
[  295.314496][ T5215] truncated
[  295.320720][ T5930] usb 4-1: config 9 has no interface number 0
[  295.323556][ T5215] loop2: p2 start 1702059890 is beyond EOD, 
[  295.328037][T10603] ntfs3(rnullb0): Primary boot signature is not NTFS.
[  295.337267][ T5215] truncated
[  295.339806][ T5930] usb 4-1: config 9 interface 73 has no altsetting 0
[  295.356373][T10603] ntfs3(rnullb0): Alternative boot signature is not NTFS.
[  295.367915][ T5930] usb 4-1: New USB device found, idVendor=17a1, idProduct=0128, bcdDevice=6b.f1
[  295.377566][ T5930] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  295.398650][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  295.410378][ T5930] usb 4-1: Product: syz
[  295.414949][ T5930] usb 4-1: Manufacturer: syz
[  295.420532][ T5930] usb 4-1: SerialNumber: syz
[  295.459541][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  295.531837][ T5215] Dev loop2: unable to read RDB block 7
[  295.538420][ T5215]  loop2: AHDI p1 p2 p3
[  295.542640][ T5215] loop2: partition table partially beyond EOD, truncated
[  295.552112][T10612] Can't find a SQUASHFS superblock on rnullb0
[  295.556705][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  295.568478][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  295.601933][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  295.652042][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  295.805993][T10622] /dev/rnullb0: Can't open blockdev
[  296.242646][T10632] UDF-fs: warning (device rnullb0): udf_load_vrs: No VRS found
[  296.250981][T10632] UDF-fs: Scanning with blocksize 4096 failed
[  296.395077][ T5846] usb 2-1: new full-speed USB device number 82 using dummy_hcd
[  296.454045][ T5215] Dev loop2: unable to read RDB block 7
[  296.459843][ T5215]  loop2: AHDI p1 p2 p3
[  296.464299][ T5215] loop2: partition table partially beyond EOD, truncated
[  296.472089][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  296.481613][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  296.513331][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  296.547627][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  296.569605][ T5846] usb 2-1: config 255 has an invalid interface number: 75 but max is 0
[  296.585168][ T5846] usb 2-1: config 255 has no interface number 0
[  296.591490][ T5846] usb 2-1: config 255 interface 75 altsetting 123 endpoint 0x9 has invalid maxpacket 512, setting to 64
[  296.603315][ T5846] usb 2-1: config 255 interface 75 has no altsetting 0
[  296.604300][ T5215] Dev loop2: unable to read RDB block 7
[  296.613741][ T5846] usb 2-1: New USB device found, idVendor=06e1, idProduct=a334, bcdDevice= 3.9d
[  296.621651][ T5215]  loop2: AHDI p1 p2 p3
[  296.629522][ T5215] loop2: partition table partially beyond EOD, truncated
[  296.635169][ T5846] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  296.641051][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  296.651823][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  296.658942][ T5846] usb 2-1: Product: syz
[  296.663174][ T5846] usb 2-1: Manufacturer: syz
[  296.669330][ T5846] usb 2-1: SerialNumber: syz
[  296.679861][T10626] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  296.703156][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  296.731870][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  296.783259][ T5215] Dev loop2: unable to read RDB block 7
[  296.789372][ T5215]  loop2: AHDI p1 p2 p3
[  296.793728][ T5215] loop2: partition table partially beyond EOD, truncated
[  296.801770][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  296.809100][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  296.939164][T10644] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  296.957700][ T5215] Dev loop2: unable to read RDB block 7
[  296.963346][ T5215]  loop2: AHDI p1 p2 p3
[  296.963931][T10644] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  296.976507][ T5215] loop2: partition table partially beyond EOD, truncated
[  296.983813][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  297.003377][T10644] hpfs: Bad magic ... probably not HPFS
[  297.011607][T10646] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  297.026083][T10646] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  297.026139][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  297.083842][ T5846] dvb-usb: found a 'KWorld/ADSTech Instant DVB-T USB2.0' in warm state.
[  297.136337][ T5846] dvb-usb: bulk message failed: -22 (3/0)
[  297.186191][ T5846] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  297.215710][ T5846] dvbdev: DVB: registering new adapter (KWorld/ADSTech Instant DVB-T USB2.0)
[  297.224625][ T5846] usb 2-1: media controller created
[  297.240470][ T5846] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  297.258802][ T5846] dvb-usb: bulk message failed: -22 (6/0)
[  297.269219][ T5846] dvb-usb: no frontend was attached by 'KWorld/ADSTech Instant DVB-T USB2.0'
[  297.283101][ T5846] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input41
[  297.307513][ T5846] dvb-usb: schedule remote query interval to 150 msecs.
[  297.327982][ T5846] dvb-usb: KWorld/ADSTech Instant DVB-T USB2.0 successfully initialized and connected.
[  297.335203][ T5891] usb 3-1: new full-speed USB device number 55 using dummy_hcd
[  297.350610][ T5215] Dev loop2: unable to read RDB block 7
[  297.370176][ T5215]  loop2: AHDI p1 p2 p3
[  297.374400][ T5215] loop2: partition table partially beyond EOD, truncated
[  297.381884][ T5846] usb 2-1: USB disconnect, device number 82
[  297.391458][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  297.402824][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  297.418528][ T5846] dvb-usb: KWorld/ADSTech Instant DVB-T USB2.0 successfully deinitialized and disconnected.
[  297.524908][ T5215] Dev loop2: unable to read RDB block 7
[  297.543752][ T5215]  loop2: AHDI p1 p2 p3
[  297.552122][ T5215] loop2: partition table partially beyond EOD, truncated
[  297.571184][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  297.593971][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  297.709532][T10669] comedi: No check for data length of config insn id 129 is implemented
[  297.720875][T10669] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  297.733418][T10669] comedi: Assuming n=401 is correct
[  297.748173][ T5215] Dev loop2: unable to read RDB block 7
[  297.753817][ T5215]  loop2: AHDI p1 p2 p3
[  297.762804][ T5215] loop2: partition table partially beyond EOD, truncated
[  297.770381][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  297.778958][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  297.898779][ T5215] Dev loop2: unable to read RDB block 7
[  297.904461][ T5215]  loop2: AHDI p1 p2 p3
[  297.914497][ T5215] loop2: partition table partially beyond EOD, truncated
[  297.924566][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  297.933451][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  297.975841][T10679] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1357'.
[  297.985150][T10679] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1357'.
[  298.050003][T10682] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  298.068632][T10682] /dev/rnullb0: Can't open blockdev
[  298.075467][ T7821] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[  298.171615][ T5215] Dev loop2: unable to read RDB block 7
[  298.178990][ T5215]  loop2: AHDI p1 p2 p3
[  298.183340][ T5215] loop2: partition table partially beyond EOD, truncated
[  298.191834][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  298.200589][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  298.235074][ T7821] usb 2-1: Using ep0 maxpacket: 32
[  298.243058][ T7821] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  298.263780][ T7821] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  298.288145][T10686] /dev/rnullb0: Can't open blockdev
[  298.295708][ T7821] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  298.318596][ T7821] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  298.337869][ T5215] Dev loop2: unable to read RDB block 7
[  298.338800][ T7821] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.350653][ T5215]  loop2: AHDI p1 p2 p3
[  298.370086][ T5215] loop2: partition table partially beyond EOD, truncated
[  298.376618][ T7821] usb 2-1: config 0 descriptor??
[  298.388015][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  298.388896][T10672] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  298.395487][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  298.417248][ T7821] hub 2-1:0.0: USB hub found
[  298.621425][ T7821] hub 2-1:0.0: 2 ports detected
[  298.640695][T10698] comedi: No check for data length of config insn id 129 is implemented
[  298.660223][T10698] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  298.673771][T10698] comedi: Assuming n=400 is correct
[  298.716998][ T5215] Dev loop2: unable to read RDB block 7
[  298.735164][ T5215]  loop2: AHDI p1 p2 p3
[  298.749489][ T5215] loop2: partition table partially beyond EOD, truncated
[  298.762441][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  298.773880][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  299.157619][T10713] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  299.235996][T10713] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  299.373656][T10726] NILFS (rnullb0): couldn't find nilfs on the device
[  299.419373][T10719] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(38)
[  299.426031][T10719] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  299.435111][T10719] vhci_hcd vhci_hcd.0: Device attached
[  299.444142][T10724] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  299.456101][T10724] gfs2: not a GFS2 filesystem
[  299.625382][ T1221] vhci_hcd: vhci_device speed not set
[  299.685317][ T1221] usb 37-1: new full-speed USB device number 3 using vhci_hcd
[  299.785211][ T5857] Bluetooth: hci3: command 0x0c1a tx timeout
[  299.862458][T10743] gfs2: not a GFS2 filesystem
[  299.973393][T10745] comedi: No check for data length of config insn id 129 is implemented
[  299.982464][T10745] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  299.992325][T10745] comedi: Assuming n=399 is correct
[  300.039649][T10728] vhci_hcd: connection reset by peer
[  300.046340][   T59] vhci_hcd: stop threads
[  300.052550][   T59] vhci_hcd: release socket
[  300.062370][ T5215] Dev loop2: unable to read RDB block 7
[  300.063078][   T59] vhci_hcd: disconnect device
[  300.079349][ T5215]  loop2: AHDI p1 p2 p3
[  300.083749][ T5215] loop2: partition table partially beyond EOD, truncated
[  300.091385][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  300.098516][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  300.148228][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  300.199795][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  300.390748][T10759] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.1380'.
[  300.409270][T10759] /dev/rnullb0: Can't open blockdev
[  300.425141][ T5921] usb 3-1: new high-speed USB device number 56 using dummy_hcd
[  300.445077][T10761] /dev/rnullb0: Can't open blockdev
[  300.524609][ T5930] gspca_main: t613-2.14.0 probing 17a1:0128
[  300.545908][ T5930] gspca_t613: unknown sensor 0000
[  300.551078][ T5930] t613 4-1:9.73: probe with driver t613 failed with error -22
[  300.595877][ T5921] usb 3-1: Using ep0 maxpacket: 8
[  300.626195][   T30] audit: type=1326 audit(2000000122.380:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10671 comm="syz.1.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa403d8e929 code=0x7ffc0000
[  300.648655][    C1] vkms_vblank_simulate: vblank timer overrun
[  300.686515][ T5921] usb 3-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  300.694330][   T30] audit: type=1326 audit(2000000122.420:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10671 comm="syz.1.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fa403d8e929 code=0x7ffc0000
[  300.698597][ T5921] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.762794][T10672] /dev/rnullb0: Can't open blockdev
[  300.762947][ T5921] usb 3-1: Product: syz
[  300.770551][   T30] audit: type=1326 audit(2000000122.500:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10671 comm="syz.1.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa403d8e929 code=0x7ffc0000
[  300.806048][ T5921] usb 3-1: Manufacturer: syz
[  300.833207][ T5921] usb 3-1: SerialNumber: syz
[  300.852515][ T5921] usb 3-1: config 0 descriptor??
[  300.865494][   T30] audit: type=1326 audit(2000000122.500:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10671 comm="syz.1.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa403d8e929 code=0x7ffc0000
[  300.891394][ T5921] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  300.892393][ T5891] usb 2-1: USB disconnect, device number 83
[  300.917954][T10772] comedi: No check for data length of config insn id 129 is implemented
[  300.923937][   T30] audit: type=1326 audit(2000000122.510:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10671 comm="syz.1.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa403d8e929 code=0x7ffc0000
[  300.953072][   T30] audit: type=1326 audit(2000000122.510:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10671 comm="syz.1.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa403d8e929 code=0x7ffc0000
[  300.981073][   T30] audit: type=1326 audit(2000000122.510:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10671 comm="syz.1.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa403d8e929 code=0x7ffc0000
[  301.007414][T10772] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  301.018481][T10772] comedi: Assuming n=398 is correct
[  301.023916][   T30] audit: type=1326 audit(2000000122.510:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10671 comm="syz.1.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa403d8e929 code=0x7ffc0000
[  301.047743][   T30] audit: type=1326 audit(2000000122.510:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10671 comm="syz.1.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa403d8e929 code=0x7ffc0000
[  301.073192][   T30] audit: type=1326 audit(2000000122.520:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10671 comm="syz.1.1355" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa403d8e929 code=0x7ffc0000
[  301.095433][    C1] vkms_vblank_simulate: vblank timer overrun
[  301.178935][T10780] /dev/rnullb0: Can't open blockdev
[  301.200790][T10780] netlink: 260 bytes leftover after parsing attributes in process `syz.3.1386'.
[  301.251507][T10782] /dev/rnullb0: Can't open blockdev
[  301.348112][T10786] /dev/rnullb0: Can't open blockdev
[  301.667126][T10799] comedi: No check for data length of config insn id 129 is implemented
[  301.695052][T10799] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  301.715583][T10799] comedi: Assuming n=397 is correct
[  301.740718][T10803] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  301.752832][T10803] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  301.773654][T10803] /dev/rnullb0: Can't open blockdev
[  301.819205][T10805] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1396'.
[  302.266379][ T5921] gspca_sonixj: reg_w1 err -110
[  302.345491][ T5921] sonixj 3-1:0.0: probe with driver sonixj failed with error -110
[  302.390156][ T5921] usb 3-1: USB disconnect, device number 56
[  302.554279][T10828] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1404'.
[  302.659243][T10834] comedi: No check for data length of config insn id 129 is implemented
[  302.667896][T10834] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  302.679134][T10834] comedi: Assuming n=396 is correct
[  302.848217][ T5215] Dev loop2: unable to read RDB block 7
[  302.857538][ T5215]  loop2: AHDI p1 p2 p3
[  302.862781][ T5215] loop2: partition table partially beyond EOD, truncated
[  302.874396][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  302.884091][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  302.892654][T10841] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1409'.
[  302.923451][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  302.935365][T10841] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1409'.
[  302.969375][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  302.997085][T10841] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  303.019321][T10841] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  303.125511][T10847] vxfs: WRONG superblock magic 00000000 at 1
[  303.131778][T10847] vxfs: WRONG superblock magic 00000000 at 8
[  303.138247][T10847] vxfs: can't find superblock.
[  303.308482][ T5215] Dev loop2: unable to read RDB block 7
[  303.314127][ T5215]  loop2: AHDI p1 p2 p3
[  303.332858][ T5215] loop2: partition table partially beyond EOD, truncated
[  303.343952][T10854] /dev/rnullb0: Can't open blockdev
[  303.357039][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  303.363877][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  303.413509][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  303.472158][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  303.504055][T10860] /dev/rnullb0: Can't open blockdev
[  303.546705][T10860] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1417'.
[  303.665150][ T5215] Dev loop2: unable to read RDB block 7
[  303.670763][ T5215]  loop2: AHDI p1 p2 p3
[  303.674950][ T5215] loop2: partition table partially beyond EOD, truncated
[  303.721015][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  303.735363][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  303.806061][ T6015] udevd[6015]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  303.873899][T10872] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  303.892229][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  303.895172][ T5891] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[  303.914305][T10872] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  303.943719][T10872] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  303.954528][T10872] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  303.970285][ T5857] Bluetooth: hci0: Unable to find connection with handle 0x0001
[  303.980231][T10872] /dev/rnullb0: Can't open blockdev
[  304.000597][T10874] XFS (rnullb0): Invalid superblock magic number
[  304.064393][ T5891] usb 2-1: device descriptor read/64, error -71
[  304.093309][ T5215] Dev loop2: unable to read RDB block 7
[  304.099459][ T5215]  loop2: AHDI p1 p2 p3
[  304.103653][ T5215] loop2: partition table partially beyond EOD, truncated
[  304.114934][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  304.121958][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  304.154392][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  304.188233][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  304.305131][ T5891] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[  304.407515][T10887] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  304.419546][T10887] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  304.437259][ T5891] usb 2-1: device descriptor read/64, error -71
[  304.455171][ T7821] usb 3-1: new high-speed USB device number 57 using dummy_hcd
[  304.547455][ T5891] usb usb2-port1: attempt power cycle
[  304.616129][ T7821] usb 3-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05
[  304.631064][ T7821] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  304.639503][ T7821] usb 3-1: Product: syz
[  304.643987][ T7821] usb 3-1: Manufacturer: syz
[  304.649041][ T7821] usb 3-1: SerialNumber: syz
[  304.659213][ T7821] usb 3-1: config 0 descriptor??
[  304.673190][ T7821] go7007 3-1:0.0: probe with driver go7007 failed with error -12
[  304.816639][ T1221] vhci_hcd: vhci_device speed not set
[  304.883293][T10885] /dev/rnullb0: Can't open blockdev
[  304.894480][ T5921] usb 3-1: USB disconnect, device number 57
[  304.905162][ T5891] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[  304.947635][ T5891] usb 2-1: device descriptor read/8, error -71
[  305.158454][T10898] /dev/rnullb0: Can't open blockdev
[  305.206525][ T5891] usb 2-1: new high-speed USB device number 87 using dummy_hcd
[  305.223744][T10901] /dev/rnullb0: Can't open blockdev
[  305.304311][T10903] syz.3.1431: attempt to access beyond end of device
[  305.304311][T10903] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  305.389549][ T5891] usb 2-1: device descriptor read/8, error -71
[  305.476233][ T5215] Dev loop2: unable to read RDB block 7
[  305.481861][ T5215]  loop2: AHDI p1 p2 p3
[  305.494112][ T5215] loop2: partition table partially beyond EOD, truncated
[  305.505037][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  305.513444][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  305.521311][ T5891] usb usb2-port1: unable to enumerate USB device
[  305.570877][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  305.624035][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  305.892358][T10922] serio: Serial port pty20
[  305.954152][T10924] /dev/rnullb0: Can't open blockdev
[  306.018793][T10929] syz.3.1439: attempt to access beyond end of device
[  306.018793][T10929] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0
[  306.032337][T10929] vxfs: unable to read disk superblock at 1
[  306.039273][T10929] syz.3.1439: attempt to access beyond end of device
[  306.039273][T10929] nbd3: rw=0, sector=16, nr_sectors = 2 limit=0
[  306.052691][T10929] vxfs: unable to read disk superblock at 8
[  306.058730][T10929] vxfs: can't find superblock.
[  306.112305][T10932] overlay: ./file0 is not a directory
[  306.174787][T10934] /dev/rnullb0: Can't open blockdev
[  306.219821][ T5215] Dev loop2: unable to read RDB block 7
[  306.235137][ T5215]  loop2: AHDI p1 p2 p3
[  306.239416][ T5215] loop2: partition table partially beyond EOD, truncated
[  306.253979][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  306.266162][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  306.303143][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  306.339833][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  306.363410][T10938] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  306.378358][T10938] /dev/loop2: Can't open blockdev
[  306.407846][T10942] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1444'.
[  306.423082][T10942] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1444'.
[  306.874684][T10951] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  306.884372][T10951] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  306.895861][T10951] Can't find a SQUASHFS superblock on rnullb0
[  307.008955][ T5215] Dev loop2: unable to read RDB block 7
[  307.014577][ T5215]  loop2: AHDI p1 p2 p3
[  307.022103][T10954] 9pnet_fd: Insufficient options for proto=fd
[  307.038140][ T5215] loop2: partition table partially beyond EOD, truncated
[  307.048375][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  307.065805][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  307.090356][T10959] binder: Bad value for 'stats'
[  307.092452][T10959] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  307.096999][T10959] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  307.137262][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  307.181119][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  307.220421][ T5215] Dev loop2: unable to read RDB block 7
[  307.227087][ T5215]  loop2: AHDI p1 p2 p3
[  307.231315][ T5215] loop2: partition table partially beyond EOD, truncated
[  307.239409][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  307.247101][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  307.299968][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  307.312557][T10966] UDF-fs: warning (device rnullb0): udf_load_vrs: No VRS found
[  307.337435][T10966] UDF-fs: Scanning with blocksize 4096 failed
[  307.353823][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  307.635190][ T1221] usb 3-1: new full-speed USB device number 58 using dummy_hcd
[  307.787130][ T1221] usb 3-1: config 255 has an invalid interface number: 75 but max is 0
[  307.826420][ T5857] Bluetooth: hci3: unexpected event for opcode 0x0803
[  307.828474][ T1221] usb 3-1: config 255 has no interface number 0
[  307.839927][ T1221] usb 3-1: config 255 interface 75 altsetting 123 endpoint 0x9 has invalid maxpacket 512, setting to 64
[  307.852401][ T1221] usb 3-1: config 255 interface 75 has no altsetting 0
[  307.862238][ T1221] usb 3-1: New USB device found, idVendor=06e1, idProduct=a334, bcdDevice= 3.9d
[  307.872981][ T1221] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.898821][ T1221] usb 3-1: Product: syz
[  307.906449][ T1221] usb 3-1: Manufacturer: syz
[  307.933539][ T1221] usb 3-1: SerialNumber: syz
[  307.964246][T10973] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  307.969956][T10991] netlink: 'syz.0.1459': attribute type 3 has an invalid length.
[  308.190668][T10999] kvm: vcpu 2: requested 128 ns lapic timer period limited to 200000 ns
[  308.215769][T10999] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  308.282229][T11008] comedi: No check for data length of config insn id 129 is implemented
[  308.288393][ T1221] dvb-usb: found a 'KWorld/ADSTech Instant DVB-T USB2.0' in warm state.
[  308.293990][T11008] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  308.310888][ T1221] dvb-usb: bulk message failed: -22 (3/0)
[  308.319970][T11008] comedi: Assuming n=390 is correct
[  308.331788][ T1221] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  308.341181][ T1221] dvbdev: DVB: registering new adapter (KWorld/ADSTech Instant DVB-T USB2.0)
[  308.365195][ T1221] usb 3-1: media controller created
[  308.386955][ T1221] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  308.430410][ T1221] dvb-usb: bulk message failed: -22 (6/0)
[  308.436804][T11012] UDF-fs: warning (device rnullb0): udf_load_vrs: No VRS found
[  308.444804][ T1221] dvb-usb: no frontend was attached by 'KWorld/ADSTech Instant DVB-T USB2.0'
[  308.454021][T11012] UDF-fs: Scanning with blocksize 4096 failed
[  308.480968][ T1221] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input42
[  308.523398][ T1221] dvb-usb: schedule remote query interval to 150 msecs.
[  308.536641][ T1221] dvb-usb: KWorld/ADSTech Instant DVB-T USB2.0 successfully initialized and connected.
[  308.561950][ T1221] usb 3-1: USB disconnect, device number 58
[  308.658751][T11020] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  308.676642][ T1221] dvb-usb: KWorld/ADSTech Instant DVB-T USB2.0 successfully deinitialized and disconnected.
[  308.695493][T11020] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  308.713010][T11024] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  308.742374][T11024] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  308.896048][ T5215] Dev loop2: unable to read RDB block 7
[  308.911938][ T5215]  loop2: AHDI p1 p2 p3
[  308.923940][ T5215] loop2: partition table partially beyond EOD, truncated
[  308.944009][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  308.967106][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  309.031419][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  309.099228][ T5997] udevd[5997]: symlink '../../loop2' '/dev/disk/by-diskseq/75.tmp-b7:2' failed: Read-only file system
[  309.170019][T11046] netlink: 'syz.3.1473': attribute type 21 has an invalid length.
[  309.194038][T11048] comedi: No check for data length of config insn id 129 is implemented
[  309.212870][T11046] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1473'.
[  309.214455][T11048] comedi: Add a check to check_insn_config_length in drivers/comedi/comedi_fops.c
[  309.234626][T11050] /dev/rnullb0: Can't open blockdev
[  309.237602][T11048] comedi: Assuming n=389 is correct
[  309.505448][ T5215] Dev loop2: unable to read RDB block 7
[  309.511074][ T5215]  loop2: AHDI p1 p2 p3
[  309.531703][ T5215] loop2: partition table partially beyond EOD, truncated
[  309.566643][ T5215] loop2: p1 start 1601398130 is beyond EOD, truncated
[  309.582324][ T5215] loop2: p2 start 1702059890 is beyond EOD, truncated
[  309.716530][T11065] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  309.761131][T11065] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  309.952339][T11074] ==================================================================
[  309.960476][T11074] BUG: KASAN: slab-use-after-free in xfrm_state_find+0x2cf2/0x5400
[  309.968416][T11074] Read of size 1 at addr ffff888057725870 by task syz.3.1481/11074
[  309.976336][T11074] 
[  309.978685][T11074] CPU: 0 UID: 0 PID: 11074 Comm: syz.3.1481 Not tainted 6.16.0-rc6-next-20250716-syzkaller #0 PREEMPT(full) 
[  309.978712][T11074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  309.978726][T11074] Call Trace:
[  309.978735][T11074]  <TASK>
[  309.978745][T11074]  dump_stack_lvl+0x189/0x250
[  309.978778][T11074]  ? __kasan_check_byte+0x12/0x40
[  309.978812][T11074]  ? __pfx_dump_stack_lvl+0x10/0x10
[  309.978840][T11074]  ? lock_release+0x4b/0x3e0
[  309.978867][T11074]  ? __virt_addr_valid+0x4a5/0x5c0
[  309.978899][T11074]  print_report+0xca/0x230
[  309.978920][T11074]  ? xfrm_state_find+0x2cf2/0x5400
[  309.978949][T11074]  kasan_report+0x118/0x150
[  309.978969][T11074]  ? xfrm_state_find+0x2cf2/0x5400
[  309.979003][T11074]  xfrm_state_find+0x2cf2/0x5400
[  309.979033][T11074]  ? __lock_acquire+0xab9/0xd20
[  309.979066][T11074]  ? xfrm_state_find+0x1da/0x5400
[  309.979099][T11074]  ? __pfx_xfrm_state_find+0x10/0x10
[  309.979157][T11074]  xfrm_resolve_and_create_bundle+0x768/0x2f80
[  309.979194][T11074]  ? xfrm_policy_lookup_bytype+0x2a7/0x1250
[  309.979220][T11074]  ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10
[  309.979258][T11074]  ? xfrm_policy_lookup_bytype+0x123/0x1250
[  309.979285][T11074]  ? xfrm_policy_lookup_bytype+0x11ef/0x1250
[  309.979326][T11074]  ? xfrm_expand_policies+0x41f/0x6a0
[  309.979351][T11074]  xfrm_lookup_with_ifid+0x58a/0x1a70
[  309.979379][T11074]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  309.979401][T11074]  ? __pfx__copy_from_iter+0x10/0x10
[  309.979431][T11074]  xfrm_lookup_route+0x3c/0x1c0
[  309.979528][T11074]  raw_sendmsg+0x1039/0x18b0
[  309.979565][T11074]  ? __pfx_raw_sendmsg+0x10/0x10
[  309.979601][T11074]  ? aa_sk_perm+0x81e/0x950
[  309.979627][T11074]  ? __pfx_aa_sk_perm+0x10/0x10
[  309.979650][T11074]  ? tomoyo_socket_sendmsg_permission+0x216/0x300
[  309.979681][T11074]  ? sock_rps_record_flow+0x19/0x410
[  309.979713][T11074]  ? inet_sendmsg+0x2f4/0x370
[  309.979742][T11074]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  309.979769][T11074]  __sock_sendmsg+0x19c/0x270
[  309.979803][T11074]  ____sys_sendmsg+0x505/0x830
[  309.979832][T11074]  ? __pfx_____sys_sendmsg+0x10/0x10
[  309.979861][T11074]  ? import_iovec+0x74/0xa0
[  309.979890][T11074]  ___sys_sendmsg+0x21f/0x2a0
[  309.979917][T11074]  ? __pfx____sys_sendmsg+0x10/0x10
[  309.979960][T11074]  ? __fget_files+0x2a/0x420
[  309.979986][T11074]  ? __fget_files+0x3a0/0x420
[  309.980016][T11074]  __x64_sys_sendmsg+0x19b/0x260
[  309.980043][T11074]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  309.980074][T11074]  ? rcu_is_watching+0x15/0xb0
[  309.980102][T11074]  ? do_syscall_64+0xbe/0x3b0
[  309.980126][T11074]  do_syscall_64+0xfa/0x3b0
[  309.980147][T11074]  ? lockdep_hardirqs_on+0x9c/0x150
[  309.980167][T11074]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.980187][T11074]  ? clear_bhb_loop+0x60/0xb0
[  309.980209][T11074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.980227][T11074] RIP: 0033:0x7f67f618e929
[  309.980245][T11074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  309.980264][T11074] RSP: 002b:00007f67f7066038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  309.980298][T11074] RAX: ffffffffffffffda RBX: 00007f67f63b5fa0 RCX: 00007f67f618e929
[  309.980312][T11074] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000007
[  309.980325][T11074] RBP: 00007f67f6210b39 R08: 0000000000000000 R09: 0000000000000000
[  309.980337][T11074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  309.980349][T11074] R13: 0000000000000000 R14: 00007f67f63b5fa0 R15: 00007ffc17246888
[  309.980371][T11074]  </TASK>
[  309.980380][T11074] 
[  310.331402][T11074] Allocated by task 10103:
[  310.335826][T11074]  kasan_save_track+0x3e/0x80
[  310.340515][T11074]  __kasan_slab_alloc+0x6c/0x80
[  310.345377][T11074]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  310.350842][T11074]  xfrm_state_alloc+0x24/0x2f0
[  310.355640][T11074]  xfrm_add_sa+0x17d1/0x4070
[  310.360238][T11074]  xfrm_user_rcv_msg+0x7a3/0xab0
[  310.365180][T11074]  netlink_rcv_skb+0x205/0x470
[  310.369948][T11074]  xfrm_netlink_rcv+0x79/0x90
[  310.374711][T11074]  netlink_unicast+0x75c/0x8e0
[  310.379484][T11074]  netlink_sendmsg+0x805/0xb30
[  310.384251][T11074]  __sock_sendmsg+0x21c/0x270
[  310.388934][T11074]  ____sys_sendmsg+0x505/0x830
[  310.393699][T11074]  ___sys_sendmsg+0x21f/0x2a0
[  310.398381][T11074]  __x64_sys_sendmsg+0x19b/0x260
[  310.403339][T11074]  do_syscall_64+0xfa/0x3b0
[  310.407869][T11074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  310.413766][T11074] 
[  310.416093][T11074] Freed by task 5930:
[  310.420076][T11074]  kasan_save_track+0x3e/0x80
[  310.424759][T11074]  kasan_save_free_info+0x46/0x50
[  310.429784][T11074]  __kasan_slab_free+0x62/0x70
[  310.434554][T11074]  kmem_cache_free+0x18f/0x400
[  310.439337][T11074]  xfrm_state_gc_task+0x52d/0x6b0
[  310.444364][T11074]  process_scheduled_works+0xae1/0x17b0
[  310.449913][T11074]  worker_thread+0x8a0/0xda0
[  310.454506][T11074]  kthread+0x70e/0x8a0
[  310.458579][T11074]  ret_from_fork+0x3f9/0x770
[  310.463180][T11074]  ret_from_fork_asm+0x1a/0x30
[  310.467941][T11074] 
[  310.470269][T11074] The buggy address belongs to the object at ffff888057725540
[  310.470269][T11074]  which belongs to the cache xfrm_state of size 928
[  310.484235][T11074] The buggy address is located 816 bytes inside of
[  310.484235][T11074]  freed 928-byte region [ffff888057725540, ffff8880577258e0)
[  310.498042][T11074] 
[  310.500389][T11074] The buggy address belongs to the physical page:
[  310.506821][T11074] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x57724
[  310.515591][T11074] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  310.524113][T11074] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  310.531671][T11074] page_type: f5(slab)
[  310.535667][T11074] raw: 00fff00000000040 ffff8881462b53c0 dead000000000122 0000000000000000
[  310.544285][T11074] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000
[  310.552889][T11074] head: 00fff00000000040 ffff8881462b53c0 dead000000000122 0000000000000000
[  310.561583][T11074] head: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000
[  310.570253][T11074] head: 00fff00000000002 ffffea00015dc901 00000000ffffffff 00000000ffffffff
[  310.578927][T11074] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  310.587590][T11074] page dumped because: kasan: bad access detected
[  310.593999][T11074] page_owner tracks the page as allocated
[  310.599717][T11074] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6014, tgid 6013 (syz.0.21), ts 96569904026, free_ts 30957461724
[  310.618648][T11074]  post_alloc_hook+0x240/0x2a0
[  310.623428][T11074]  get_page_from_freelist+0x21e4/0x22c0
[  310.628979][T11074]  __alloc_frozen_pages_noprof+0x181/0x370
[  310.634787][T11074]  alloc_pages_mpol+0x232/0x4a0
[  310.639649][T11074]  allocate_slab+0x8a/0x370
[  310.644157][T11074]  ___slab_alloc+0xbeb/0x1410
[  310.648838][T11074]  kmem_cache_alloc_noprof+0x283/0x3c0
[  310.654309][T11074]  xfrm_state_alloc+0x24/0x2f0
[  310.659078][T11074]  xfrm_add_sa+0x17d1/0x4070
[  310.663674][T11074]  xfrm_user_rcv_msg+0x7a3/0xab0
[  310.668629][T11074]  netlink_rcv_skb+0x205/0x470
[  310.673412][T11074]  xfrm_netlink_rcv+0x79/0x90
[  310.678091][T11074]  netlink_unicast+0x75c/0x8e0
[  310.682861][T11074]  netlink_sendmsg+0x805/0xb30
[  310.687650][T11074]  __sock_sendmsg+0x21c/0x270
[  310.692338][T11074]  ____sys_sendmsg+0x505/0x830
[  310.697139][T11074] page last free pid 1 tgid 1 stack trace:
[  310.703029][T11074]  __free_frozen_pages+0xbc4/0xd30
[  310.708154][T11074]  free_contig_range+0x1bd/0x4a0
[  310.713121][T11074]  destroy_args+0x7e/0x5d0
[  310.717551][T11074]  debug_vm_pgtable+0x404/0x420
[  310.722429][T11074]  do_one_initcall+0x233/0x820
[  310.727211][T11074]  do_initcall_level+0x137/0x1f0
[  310.732160][T11074]  do_initcalls+0x69/0xd0
[  310.736535][T11074]  kernel_init_freeable+0x3d9/0x590
[  310.741745][T11074]  kernel_init+0x1d/0x1d0
[  310.746089][T11074]  ret_from_fork+0x3f9/0x770
[  310.750696][T11074]  ret_from_fork_asm+0x1a/0x30
[  310.755495][T11074] 
[  310.757830][T11074] Memory state around the buggy address:
[  310.763474][T11074]  ffff888057725700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  310.771560][T11074]  ffff888057725780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  310.779626][T11074] >ffff888057725800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  310.787693][T11074]                                                              ^
[  310.795422][T11074]  ffff888057725880: fb fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc
[  310.803513][T11074]  ffff888057725900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  310.811587][T11074] ==================================================================
[  310.844559][T11074] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  310.851888][T11074] CPU: 1 UID: 0 PID: 11074 Comm: syz.3.1481 Not tainted 6.16.0-rc6-next-20250716-syzkaller #0 PREEMPT(full) 
[  310.863465][T11074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  310.873540][T11074] Call Trace:
[  310.876931][T11074]  <TASK>
[  310.879904][T11074]  dump_stack_lvl+0x99/0x250
[  310.884694][T11074]  ? __asan_memcpy+0x40/0x70
[  310.889322][T11074]  ? __pfx_dump_stack_lvl+0x10/0x10
[  310.894574][T11074]  ? __pfx__printk+0x10/0x10
[  310.899287][T11074]  vpanic+0x281/0x750
[  310.903281][T11074]  ? preempt_schedule+0xae/0xc0
[  310.908148][T11074]  ? __pfx_vpanic+0x10/0x10
[  310.912677][T11074]  ? preempt_schedule_common+0x83/0xd0
[  310.918155][T11074]  ? preempt_schedule+0xae/0xc0
[  310.923048][T11074]  ? __pfx_preempt_schedule+0x10/0x10
[  310.928475][T11074]  panic+0xb9/0xc0
[  310.932210][T11074]  ? __pfx_panic+0x10/0x10
[  310.936637][T11074]  ? _raw_spin_unlock_irqrestore+0xfd/0x110
[  310.942555][T11074]  ? xfrm_state_find+0x2cf2/0x5400
[  310.947683][T11074]  check_panic_on_warn+0x89/0xb0
[  310.952628][T11074]  ? xfrm_state_find+0x2cf2/0x5400
[  310.957754][T11074]  end_report+0x78/0x160
[  310.962086][T11074]  kasan_report+0x129/0x150
[  310.966591][T11074]  ? xfrm_state_find+0x2cf2/0x5400
[  310.971720][T11074]  xfrm_state_find+0x2cf2/0x5400
[  310.976670][T11074]  ? __lock_acquire+0xab9/0xd20
[  310.981547][T11074]  ? xfrm_state_find+0x1da/0x5400
[  310.986597][T11074]  ? __pfx_xfrm_state_find+0x10/0x10
[  310.991912][T11074]  xfrm_resolve_and_create_bundle+0x768/0x2f80
[  310.998099][T11074]  ? xfrm_policy_lookup_bytype+0x2a7/0x1250
[  311.003999][T11074]  ? __pfx_xfrm_resolve_and_create_bundle+0x10/0x10
[  311.010591][T11074]  ? xfrm_policy_lookup_bytype+0x123/0x1250
[  311.016497][T11074]  ? xfrm_policy_lookup_bytype+0x11ef/0x1250
[  311.022498][T11074]  ? xfrm_expand_policies+0x41f/0x6a0
[  311.027874][T11074]  xfrm_lookup_with_ifid+0x58a/0x1a70
[  311.033254][T11074]  ? __pfx_xfrm_lookup_with_ifid+0x10/0x10
[  311.039069][T11074]  ? __pfx__copy_from_iter+0x10/0x10
[  311.044373][T11074]  xfrm_lookup_route+0x3c/0x1c0
[  311.049240][T11074]  raw_sendmsg+0x1039/0x18b0
[  311.053848][T11074]  ? __pfx_raw_sendmsg+0x10/0x10
[  311.058807][T11074]  ? aa_sk_perm+0x81e/0x950
[  311.063435][T11074]  ? __pfx_aa_sk_perm+0x10/0x10
[  311.068296][T11074]  ? tomoyo_socket_sendmsg_permission+0x216/0x300
[  311.074724][T11074]  ? sock_rps_record_flow+0x19/0x410
[  311.080036][T11074]  ? inet_sendmsg+0x2f4/0x370
[  311.084726][T11074]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  311.090020][T11074]  __sock_sendmsg+0x19c/0x270
[  311.094717][T11074]  ____sys_sendmsg+0x505/0x830
[  311.099494][T11074]  ? __pfx_____sys_sendmsg+0x10/0x10
[  311.104798][T11074]  ? import_iovec+0x74/0xa0
[  311.109327][T11074]  ___sys_sendmsg+0x21f/0x2a0
[  311.114019][T11074]  ? __pfx____sys_sendmsg+0x10/0x10
[  311.119246][T11074]  ? __fget_files+0x2a/0x420
[  311.123846][T11074]  ? __fget_files+0x3a0/0x420
[  311.128532][T11074]  __x64_sys_sendmsg+0x19b/0x260
[  311.133476][T11074]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  311.138946][T11074]  ? rcu_is_watching+0x15/0xb0
[  311.143727][T11074]  ? do_syscall_64+0xbe/0x3b0
[  311.148415][T11074]  do_syscall_64+0xfa/0x3b0
[  311.152940][T11074]  ? lockdep_hardirqs_on+0x9c/0x150
[  311.158161][T11074]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.164241][T11074]  ? clear_bhb_loop+0x60/0xb0
[  311.168935][T11074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  311.174833][T11074] RIP: 0033:0x7f67f618e929
[  311.179258][T11074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  311.198868][T11074] RSP: 002b:00007f67f7066038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  311.207288][T11074] RAX: ffffffffffffffda RBX: 00007f67f63b5fa0 RCX: 00007f67f618e929
[  311.215263][T11074] RDX: 0000000000000810 RSI: 0000200000000040 RDI: 0000000000000007
[  311.223249][T11074] RBP: 00007f67f6210b39 R08: 0000000000000000 R09: 0000000000000000
[  311.231246][T11074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  311.239219][T11074] R13: 0000000000000000 R14: 00007f67f63b5fa0 R15: 00007ffc17246888
[  311.247204][T11074]  </TASK>
[  311.250573][T11074] Kernel Offset: disabled
[  311.254906][T11074] Rebooting in 86400 seconds..