last executing test programs:

2m12.728663413s ago: executing program 2 (id=2229):
socket$nl_xfrm(0x10, 0x3, 0x6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]})
gettid()
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x8000, 0x0, 0x0, 0x33e}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x47ba, 0x0, 0x0, 0x0, 0x0)

2m11.553426294s ago: executing program 2 (id=2237):
setsockopt$inet_sctp6_SCTP_ADD_STREAMS(0xffffffffffffffff, 0x84, 0x79, &(0x7f00000001c0)={0x0, 0xc2, 0x7}, 0x8)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
sendto$inet(0xffffffffffffffff, &(0x7f0000000140)='^', 0x1, 0x0, 0x0, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x880, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x228], 0x80a0000})
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x2, 0x6, 0x0, 0x0, 0x401}, 0x14)
r2 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x48802)
ioctl$SCSI_IOCTL_SEND_COMMAND(r2, 0x1, &(0x7f0000000040)={0x0, 0x73, 0xa8})
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

2m11.058948313s ago: executing program 2 (id=2243):
setsockopt$inet6_IPV6_HOPOPTS(0xffffffffffffffff, 0x29, 0x48, 0x0, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000003180)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0xf84, 0x7}, 0x1c)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000cc0), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
syz_emit_ethernet(0x36, &(0x7f0000000180)={@multicast, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @dev, @private}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x3}}}}}}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
write$cgroup_subtree(r1, &(0x7f0000000180)=ANY=[], 0x36)

2m5.598503704s ago: executing program 2 (id=2265):
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000001240)='./file0\x00', 0x10, &(0x7f0000000a80)=ANY=[@ANYBLOB="00e789da34e04a1ffbc2f05cefeb4ee6d5ae1071124b2c2fb684f5c7ac05000000c7880f67e775c748f6381a3e01e7f93330b30b90bbb4d2b697899a16f2df4fa2a8f06ac2c5352ddcae2b83672ef3d9f532e55f4e798924ac6332751e737383f6890d2dcfcbdbd41940a64c7b4374674e7bb6dd0d1b8d3d62f6d77b0282e166e2ce4c353d2d4d315a81146bf46a1508ef0d2ddc7d0b447fe17b85b292d13cea2256a16cab12d75a852bc680da7ea837480feb2e0500001e0000000000003bc18c52d0351cd285197b0641569048b5b416ba1c570000000000100083794afff0a9eed63b1226b18c4b455ab222d7ae1be52a22e8ec8bf2c0c7d99770415863f50aa18bcb66061a29bc55105f3482ed752f882d224a386b51836c1b437036b677156e22e174ff516dbab0b2cdf52bee43c4ffffffffffffffffd9487b8663a339b98df63b4bf3e97f02d6f1e7e65f968dd90841506355d9ac40f1b434c8a9b5bd91a70c53a5aadbebd9ed9d0a55bd47a967163e0c02753f8895bfbf1b41b5490667c241068d59983ae1d0f03e650f5357425284b76d793e25a2558fa437e38b8200000000630000000000000000000000000000000000000000000000e911000000000066e073c14bb74617079e0b6ecfc830db14244567fd8f4e4e5903eaf983786e28295783f130b95dc37f59a658000e88047db7783ce8a9cba6c255902cfb83946ea3f5f7a8cee911b2b37ae4b01e65ea86d5ea7ae17b2a9bc250c9b8fc9fbc04617939bdd13457954172d18701768f8a461bee740f2d82ae566d2e30a93ad2b201a6d16a93c75a950cc437e7f25d3aadddb8edd028d84490b6bafd636aa4fb482a8a4b3987dafe58e742448c4b36b03790090198145dee533257bb9050554f8cace210a5bc5c768f83e99019f7c00ff9ca679768dbba3f7d21c545c99c2f7688f7030fe37121d625d1f81018feb74c9d48eebdf1702550b097271ab9bd38c62f4b31fd9482c05ba0", @ANYRES16], 0x1, 0x11dc, &(0x7f0000001280)="$eJzs3MGLG1UcB/Bf19rW1N2sWqstiA+96GVo9uBFL0G2IA0obSO0gjB1JxoyJiETFiJi9eTVv0M8ehPEm1724t/gbS8eexBHTNR2l3hYdDewfD6X/OD3vuQ9BgbeMG/23/jq40Gvynr5NNbOnIm1cUR6kCLFWvzt83j19R9/euHWnbs32p3O9s2Urrdvt15LKW28+P17n37z0g/Ti+9+u/Hd+djbfH//161f9i7vXdn//fZH/Sr1qzQcTVOe7o1G0/xeWaSdfjXIUnqnLPKqSP1hVUwO9HvlaDyepXy4s94YT4qqSvlwlgbFLE1HaTqZpfzDvD9MWZal9UbwX3S/flDXdURdPx7noq7r+oloxMV4MtZjI5qxGU/F0/FMXIpn43I8F8/HlfmoVc8bAAAAAAAAAAAAAAAAAAAAThfn/wEAAAAAAAAAAAAAAAAAAGD1bt25e6Pd6WzfTOlCRPnlbne3u/hd9Nu96EcZRVyLZvwW89P/C4v6+lud7WtpbjO+KO//lb+/233sYL41/5zA0nxrkU8H8+ej8Wh+K5pxaXl+a2n+Qrzy8iP5LJrx8wcxijJ24s/sw/xnrZTefLtzKH91Pg4AAABOgyz9Y+n+Pcv+rb/IH+H5wKH99dm4ena1ayeimn0yyMuymBxbcS6O/S8UCsX/XKz6zsRJeHjRVz0TAAAAAAAAAAAAjuIkXidc9RoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA/2IFjAQAAAABh/tZpdGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBVAAAA//8xgdSv")
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
chroot(&(0x7f00000000c0)='./file0/../file0/../file0/file0\x00')
r0 = syz_open_procfs(0x0, &(0x7f0000000700)='net/softnet_stat\x00')
preadv(r0, &(0x7f00000002c0)=[{&(0x7f0000000140)=""/170, 0xaa}], 0x1, 0x7f, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r4, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, &(0x7f0000000340)={{{@in=@local, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x4, 0x0, 0xfffffffffffffffc, 0x0, 0xfffffffffffffffc}, {}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x33}, 0xfffffffd, 0x33}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x6}, 0x0, 0x3, 0x0, 0xfd}}, 0xe8)
sendmmsg(r4, &(0x7f0000000480), 0x21, 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
lstat(&(0x7f0000000540)='./file0/../file0/../file0\x00', &(0x7f0000000580))

2m4.283690139s ago: executing program 2 (id=2272):
r0 = socket$kcm(0x10, 0x2, 0x10)
r1 = syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r1, 0xc0d05605, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x410000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_fuse_handle_req(r3, &(0x7f0000004340)="265ed300624cee917954148609d0f2ac52561da46fe5c8ce8b3d649d8b59dfb0c633a2151990de893de399d507986121aa114fd87163065d2988807d3e0953e6b084d8b607280f9207193bb76a79bb6d4f638d070435bddb76667d5dee6329e71b2c9befbb22bbde0c1b6da63b845f2c28d2c5f4deb07b4ae015fc576702112f75a755e76b6dc450719f63cd1939961e4c895f9054760c61f933bf74d185520f9aebaf3ab397a2089640ec41ab5cfe6c828b53c4cc544f9812034c719e712532763eff6e69ad7cc4d2f29f97ccce18f298ce417251430929d422e21cac05093609d97896d0beb7d4cce9f1975f01e7dd29ea061a868bb6607b7cf88a2e33dd5c5db31cbead98e06c2c7add9012b0483fe662532c81ab1a1ca8f20f1cd9020e06c2bdade3f311d08b47503b5b63b279a9be019006e6929670f53d5688c194e9f046d2322d71bc26245e698cd44d655c59b2e0ff43771a386abc38cd6e493e0a475ef525fa78671fd9954e7df71a3b7c7ed90379dffa4fd76f0367eca11c1d8de813979951eccc8c93b4f9fdb4785c0a9d207e65742bdd358e9dfbf29203c36b91fdd78db55b53ad1e713e32fc1f47bf3390f3db8dfbd514b4b31095c818e18b63ebad5cc3b406557f3a9380c5025ab11c64522b1752b2296bb00b7750ab82704ba197f26ab76e35da02ae87d25669d54d212aa680b579773c889902782d1c8067b16ff957bfa70cd8af4c366c1629e871cfb033d46c0d308c3ff5072fd8e23ee02986a128051b8e6dbaa2bc46bdc8772d923f2906eef68015bdb4cd66a2525269a91cbd7336c930c08190a8606d762c768d164d05eea38d63e99e1fab83ce2683b885e1619065acb1bed0bfd63e3cea5c9d7c9994df4036aa17f9eb0850f9eb42b17b19926fd9d814529c3cf4397e3f38f9626f0bb4f229b51c35773cbecc42ba22f8346c9c3a6f3ca7d8b25d0bbf30baf48bde92ea192e2484ef9b2160492edb5f2ce296b0b6b420d020b7d14d780db436b1a23b733051369536eae7c7148927c3ba3a968516039b0b14d9918a41a1bdd5002847e1c3d02f0dc2235857a9797038d164591757820e7d74dbadd42b8903f20434c6ac0f401fdbfcbed5dd3c5b5fb0ce1f9c81e8d1037fde8dd3fef1d5d7af6af8f36c0f4462909dbf694cc6fe80070bd5fac5a5ca4dffae4b2c67892f7c53af3644ffec29ab3d791bd7934ad38929a9d5fb9ecf10b9dec62e315ccb0e0de60bb1620daa8154a4cdec98d94d42ac1a4b5f8da6afcb7dfb53544fbbcaa3aa444182ff25064ace51a825fe89236e850a2c90e1c7db17871ea809c4a11a26f49b213cab87d4a42b747546fb9b15068faf1a8556f909f2c47202e7b65cddc708ded90bdde68725b787bdc2d4eeda60204bd0028f07ffc3052f93eb6343d1b2a9a5292e6574baa4a096fda6dd54f6d39e9462b6839b8ee2426e3fbf42a016dc0963145e602f2b0c351f123df48f608f74b04fc7e9cd018e7ab25bc1c12f8f58c0b2dce5714faa54820ef72f38566e3d776ea2d5b061a2e94710176f15d2221420abad8b8b733de253e602277848e7f1e0eb4d07f5eb0cc4d9f874e632007cbca23a5d7e4109cf5c4fafe5f607149bac37938734b77d9b183cf76014aa61507bd4eb44524e8326c58932c8b9f6a10e334cc602b5b8c956c7cb5ffa099274b599fc9c58327f85553e00263e548c93c89edf7a7c83cc10348662fc344c85378572a40b49ae65972fb40abd5e0a38af48207983f86c7bb6bf9b7853c4b1fb522d135a83bbdbb78130b4df3aa7cfa930868cd5a2d995ca9fe4f64c79485ab19d85b0c82a72f4a09ccab267320a61208ccef13c3546ab0f16e34cdc56d6e48a6d9c14c626528a3b191e3723b19d4388d5b9b61c7aec726b8752455f96e888ba7af82c127796e9b67432d1f60a3470c7bf4b924cf10f06a3e3f64c60c7c2b0fba4d1ebe4e52014b4052c2ba0d5b649c46e5cdc6c7159faff2adad2db2d3db9f4f9e9735ba28b7aa1c6c2fea9dab6c9617160d182dfc13e18f44e73c4377df42080d08a87fcfd46b4a4f30205457ad19ddd473fc3a67153d04e960f1dc7556fb158a1d584eb2bde917792892a30e9cd25d37a318cf06bd6541463adaf5d12adc50252f364ba05f89182018ded2179c23a1fc0b31d87139da39298b8d387446c70c4577a27f6df841d9f43106bc1bf44f5c7a41460e2afc9eea98f8e256919c0befd53d7d015412391963c9ad39a19aad265cdbd609628e1913adc2467b69c00865a88635c46a851e7252cf3dc5c3cc5dcb04e97c0742d1a844556744036c97710dd9b55f661506f36cfef2c6b7305b63f5c33469b33ad09e1b593a7ddfc97777954c71c8e4857ca49aa7e5de0d25d760f633660e1fd783cdc43b00a0ec149cc9c8385807c2f6b4cb255d6a15ac75ef63d0871b176d503f332c069ccfa7a2bacd11999ea792024b35c9faae5bf02bd5c844d04d9680c1fe35c2d90ce808b45932e754e4e1dd142ba5a7bd9ecdf7717094ed4359eba666fbdc1e849ccede72b0b37f0b8bc4f76b99222f8d199de11dbd0ff396236f4a37aab955126a60c9f0d457c7a394920aa9014611e5d994c8373516f061dcc5ac881bdda5132b5ee984b15fd007828401c72df63c2efbc5f0e8545310ce65d0635dc73f0cb1c796c24b7ee62616116c13369ceb74ff8bda64a98e903dfcfd88b3c0c5f86191bcc8342578f23dc70fa6ceebde822ffedb7587a3f204d330be4977bbbc2529cf0ddf4c85b17f1088f48d878e72fb00e15a6144231108be816d2718c360e2fa8a236691c775a9a0ef3559696e9b8f85eec0aa2b1c4f01a2df6065bd31b23dd37718613fcbbb1566dc0607bf487c1a91f2b39a83755a6048e46d02ede0f5aaea8ee9e245d6c37891f5ebc9bb7ad2462b4ea4f1167b8c8e97e2f7b62c1c98ae0b808ee6033818d28a00ee72120820b2227da50d7f66d3318f6acc6398c81e529c5cb0df75e303954c2fa828760c1133fdbdf1fd7675b8634bdb496b054b91672fc7ac344a37bf60988870d54e5baf91334db883b2c69acb50676c2f871fd577747dd1d26c00a56e757b6a0edcd609ef5c3b3ef669ced2af5f19ad19194d04f23ff23546df47bc67ad596672a40cca2e87f8fcc3a318e37c73f9f50bd06926c74078356ddddba42ee273e0c33c2fc6cdd1fd50daa6ed3b7b6ce558f89449fca6d8b05c90639283d44e14a854eb29d65ce5b9552597072cb148ccea15ef430630559293afaf204f22a890fc3009a2bc1b0844a49668354a940fbd0d5919faadfe5cb80e4c93d138ae28269a99c877426298b9ec7f01e9005da2d7977f34103de38b2f65bdc1c899ba96745ca977c46db6003b1ab840e677f0d8960b4e9f71e82fb89a8cc0702739276ec7a040c69e6dc0e439658d420737a2f6cbe7cb1ce904f4a39dbe8284971e527ef50976c89855f75d5e129a09a117a5c042411696f8a3bf02879a287b2b1ea2a6e1adaed0374341113bb8363f33aacd361339c9c06b4bd6e04f8fbf1f120f1992856608426d44abb6cc429a075c7bd22bdffc9493f218286f8eb585001fdf79327c8c17d462cc2ca5b435d444659767150c6e1000a74f001be398a1bb48863d3a4d4a71a4623e1721b003d7d2c038fdb405b814f37a95a6a53bbb365dddeefb83451676c7b57a23dd1d523958e2e2eb8d889c47cb7aa515e9b11b2c3accfe6739a8ef56b7a02adfd63ec9f9232c38e2aef3773a9a7d6f4844ea1d609f146f19e6c46fb6b961b8037e5d9ba34c0ca5c10a668ddc5d6f4c7951732f68c56ad9c1b3e53e09d33d9b377258ab2de957c8adcd4b68923ed6eaf2441e2d888d1d4653c5686ab712a82ca16cf475009e238e5a8df04ca2fa719e6308bd60026deea44355a6e878157ffc7f14a8d34275a9ed5f810ea4ed1827e4c91998aebe9aacbae14d95eed96a9de17463ae852f53d2bf3e92df959564e9550c1eeb0b052c00cd44c07b7f021cdad5c70908a74bca9ec4fa372f491aeadb297e8f571de1b376ef1b7194d8e434ba3867940606521399595be0ec4daab0b45c42e439adc5cbecc7310025ed8761a1d78adf3ee6b223577e473423cece99cde0807269de6929624ed1739b2380ed4688779ce9808595e9b87ed6f42d89b1676014cb8c9a3f7484aacdf794f056439fd1e5233de23141d5b87ca95b54721a01212666e8067cf683025f1219f4d0569c8cfb2d6ed67e7f051e2ef9d0b70a390ac7d53bf9c4e537c74afd223e311341583282ac6e4ab209a591ab0f4d7205512a74a01cd33b57d993fc5c548a757d757e1f32272c22b86fb2428b338eac75c21e4ce3fbfdc6f04a62856610308e65dca82a7637d7113a48c6ce0357fa454f6d58a1b61698c7b65dc9b8678f9d279b883f76e04ad1f1154e2f490afb7e397ce65ce297f6599b0671f3129bc87cf4221d8ce101f71a1df23b6343dc3d6e35ee2eb0a1e37e67e091fab994b8948e956320d7e512308641a129526ff2e73ba026fb72fd3da3482fde5374d54bc3ed6ae53f2b9b4d222db5f3126760285683ecbbd0f8b5bb964e5a1cfe404ce21588a21c2244e0f76520e139992f65a15299548f4dc5e4d1e54acf7592ee1f04e36987606bf10e4632c79d00e1ed985553b00a8e828dd193f5cbd7101cd36745804d474532fc51e708c7f124bf9231b9a7bd1ca4446060535054b4bfd5a61607f3ae45cf1deebfb9d8710e5523c8cd03565cd378e77b1b3323a7d97f28fd1a13aa40626abf69d7b66ee9db3d604b293966347a4fb36d089078f9808bc209109690ea47941ad7c146367b78eee93131a57b5e12690b7288ffecf22f39f308a80457ac6052b8f477bafc15a3ab30cfa3cbd7dda9803e5a5664694e77f528087de197c02fd4d133e29133b9aa4377bcc0b62801982b999b6e7f76dff371dfd998704e340b4e5da88384fa8cf08d747c977105e4574bda02c56361338a0a9bd800e94c861a31d5d64d71cb65c0655f5b5cf5f900e348d7cc05d9c2dcf711859cbb8ffa54065e2e5462f4c1d80d28e5d5400090d4bf61565422b8df0f34f7a7c1e153d39c9d7340d15b8db226d323b4e3c50fd8aaa87ec9e5c3fbb3ad66462c6ec5ff31877024d119fdb7a16e69d324ca9819512c45c3852409f4899a41a4d16ca77dc3dba1ffbdc2af2fccaba1f04e048444154d5019a267bbcd440d7bb3516e9741e5f9c3ef1135e8c0d70e3c7800c10c000e9cfbddbb5aba9e43b3dc0164f92733590f6921bfb53aa1466a53b6146113795fc13d1621b3cbe0eadec02c469a4899232c23a5a88a9d659984c22ee523b5c5de84223a0f0f9bf1fcdb1efb4709252c0fab477823bf2505f9a2e4a36d0bdae824ecad15a4c313f0c9eb4423ea249710e353e61264630927f778c01978f5b50213d71fd746e40009432bf50b7932b7659942f0d1b6375b87d9b038ce271d7333ed282beb3925a330d881ac7611d3e8b869601b146fd82c06b340ae4823c4c429af4c15f2a2a2bdf383788e86b68c001866a86188cfd71b02bc8abef13703264f3ad08ff6602e15ff84715b7796541c87e26b0c6e086211943e52629f8c1e71fdaec972ab5a2c690c78b08d65651ae4b64070f7bb37931119881ef14c4c8e228d67d34f1c9eb855b39ad6e615bf24f7b453a76547edf2fa025c53bda95d783fb3f735852f28318a8a67c8ceb5279d380d724ee6eb2e76ba8807a0865fcafac50d09a92b85d27a238e4461a80cbbeaed62a844c17e498f6457aa642ebbd0aaeabf127b8f8fbdc2e28ff7fafaafe3016603461f256d7fca690a8643b9697800b3cd59e09ecae48baabccb63cad4a627f6bfba0759f1c186977e9698e6fbc16ec9d1c95ca8e2e075a1eed3ba6223e4df44be7da59a444715a78fdb90a1645c069ca0fd1609b7dce29ffa11f17266c32856f9ebc853c0c7cbbbd82667a5106b5b63f5328ae9d653dc5dd53194988f0e421db3851eee53c557e40a7ad293a22ffd3445d296347cef4187aab3c9c3c2a8e40be66919c30cef3de8125f3cc7342a43791cf1b3b117af99b04e0fd8170f17f4ba25bdcb24965501025188a430df86239d369a6e2c9245e914fe4be3a1eb48e22e2e1c72caeb4b0d1b69e8a817cc7ddf644d33e56ae32215604f267a80754619440ddb3621280a4b388c14ca19dfd398d744977849247d0bbc55d5a54ef062ad3cb3689168b28a0981946fa01737e081101b9c571d0ec4e5775159daccc110588fbd35bf6f0d55f99da967a3d3db1999e158958d7ce128571efaabc09c1aa7137c35f3edf7cfff386a79ba5acfa974366c442207a39ce67afc8469c2ddc6f45413dd654d9f59ae7fd31115dfeccc43c27bbcffab119106735b7782f9694a3e30159aee341f04540a54443562cafad5cf3336c6e900332b053d7c93bab45d8846cb5b880e11b979c13dfea06267932d89e258ef30768ec2ce1d7b020609a5ea6ad9eda78219542567029d1d4d2ffe797b7f95f16b8f599390b0b630decdc6e17593b7e4992d48e62c27cca2e423eded85cd4b436065496984d59044d38f317d0ba649837e5377ab3793c3f66c0509eb37ba365c94273b3cad97c5f607bcd312cdf3c8605dd5569e293d21c588969d7bfb17a228b53f2cd0387995945253c6ec8fad3777cafafcbb9151a54e653a142b5ad0c62682b8ec4b99f525dd853f75c17ae6264b7bf975138de9932d40be9f35ce25dd2a1e307fcf506eb6db8803c19b9880f96299ef58a6bdf32708346db540dae112b0f7ebfbe6f3f46635b7d98e232cc91eff2aa9c7fed6dd53d448db2fb8fc4c0dd661d47585c7966f9338f165e53b3d7777dd844be6a6c8885d95b839a32ea0bc83ec0ef8a5bd11b666d11fd8e27561d8afc4686e978ba31ff2f812f81a6a82956b95a0cce2966a37a4b9e33bd297ab8b1667f6ca5a6be65e4485a305651a4230b7a010a960b035dfb7a8474dec1965c6a9177f62484817807e0dc43ab2770b27adcb40f76c0e78639c55fdecb6c008f2e859ed496818b48e5fbe32376fb3c434afc0ff780867e7374a8d659cc1580e49678f4542e5cd3e54d5f4bd1ff6d186827d588ace5a8adf437dea11def7b57b6b8c992b86695d09c65aaf532d6b8cf12686df8b07bfb5a8aef7944f04c8bd00d500b8b7eb24516dbec0f5514dc48f70eb26a2b78042fb6b4726a20fcf73ccc9a14b75bb82e558e8bc4f7ff5453850f83d12896e9abf322e5b81b6efe679c8c98ee092e06302f9f1472931dbe5a815ac38b1bff79363c4f846caa755ab3ed5b60a938d5f1a9e10950aaa0c5d10c5c4f09abb8ce6b98867e6f8644e3b9d603f07f9c2d1044600635d432ce796b0b96baf572238711302f8fe486f3bd4b5a0463eefb0cb04271393cb1b47b033db62840b4c535da356de3db90961deefbf43060d57b303489aaf9c3bed935f8750d47b8e6aed8eba71f08d93246c92c7cfddea99f6e052bf18e787aca4cc04779dda1f67a420cbb5fbcee2f2ae28be664fad18b478e171dc3699116ae71421b86a5fa9732767c994f38519874b33f07b12b8baa5bc672017cb1e2c8e8897e541358da9a9e3bf8bf57ad3541fb434534190ddb95a5ad701e20548b269268fef7c20c15adb8a86dc8ed756f760370ef2bfff1261349b535b77f67a4118dc8f95c70e977ae39c7c77f2d4e2248028439b72325c033c68684fc8dd6050f0449e2c87debc00fb8bd5d1d9b9f31219b4243cb089362b345f2b9aa7089eb618e1407223ef1022dbaa856197f6cd8dcb7fc53afc16731e0f21b45a17fdc2c49bfd9f14e454c98536c507c3aca95ad57be395ea9d737a4a3237825cf102ca080e013230cd7a46e91237b2214a2b175ffb390ac9f12e5dd3124ffe1e152e148371425c6ae5c603715d5439e0f9e49e8048b56489ce79c26df2dab6ad0c8ac0b37e5d4fe10061f44f3d2314e1ee6245ed600c62a9c448faf905267cdb125ed7dd2a7a539770bd1ddeefd13a521991cae16160cadef434edc23fec333ec7b328c4a6213c5040848e835c6b3e0aebcae1d5884f7e8f654adb512c2f0227fae83ddae0dfa848e0ba9344404ef1d6da880f8eac71fb7e02f197859fdc1ec634dca3f46932e5f022689ed253e60f232e1acd96fce398961d62c4d63d7f37d48c26175298658c224bc1db73b8baaeab139065a9bd004bcaa24493c17f09961c09bd0cb828a8cb3cab56df2991646ff370040bc8507d3d16e66dc075c8d302c6586dbee27b32f93ea563a2692f65ada174e35bcd8cd3214c1a38cc00c90067828b9980da7dec04fbeaa2e550c8d069712efd0853e7daf007b0de5c9e361d75c40ad5f9f2923c10ea479e5852ad35f232d6d141ca7b4328c9d72dc5c247d1431688b2a325d88582733953ee50f997a5d8324cdcb01fda11a773093f344fb38b55c5f9e7706e1024cfb4f2e47544ebbaf792de3c4d8f1522e9d9ce73fdaf1740d3dc134a78b53c6167aec45c730016b8ad9d9bc4042b6835a5ff34c9d36da7418719a86be6637c896fa4a4eda862a9e73ab97e5a977aebf0fe64a7d507dc210a677873e155fe4b2cc3a96e558f4d54db6fc5fcdf166c4cd58bb5d1721378ccff170c0eba14b990ef610606909c205e34aabd15eb7a62406df5451871b18ae3cfb5af37b7f7bb2be80590d3be02c5d0c4143be66efcbe13c6927f54ed27884b3d6a73e90516552a0bbd81f7c76ed5f84ecfef2225e52b9cf6021895716aa29b540750eb64b31cd7be1e9fdaaf132681b23cfb2742fbeb4d1f40fd0bb1d13ba044b252f2f04b0d5fcb121977486c5754a569b81be7577cc0c9e918affbf9abc1b6dd567aab66b7e2aca396e79d53ced9695a65a704bbd9700b55ac8c968c5f43557060c6507a3557c8762a7dc8263eaba22d51fb7df435e20beeaa700609d774d1e212e7493b672324e1a907fc1546cdf7d4ff88029dd7e9c92fc530e3f55b6c1b103c69f14859524d07e454a3c5f987e01d21d9a5a6f842370cc3dadcde1b5822b0d0c47883dfee62b9b7209c3a7c399ed34604e164f806e68a5a24a53d0c5beccdc1389e87a5894061f95e7e8e8bf84ead6e7fb155938230f22b426d9041e8bea72dae14911824db9b65bb0ea0d0404cc8fabcb8f1863e13c8475beb68138e043dd67bf1b0d7e038f9f3d25c8ab1a52173af6b46d8260d677bf066058e89dd18b03fa20e79938dab01876102992f9df49dbe983526b9e0bc83c15cb9d52511eff20d18dcdd316bf334b98aed9024051b87bd3d767054470f4b7f59a207e9b9f17827497bec146aa1b0d18ef54ae5927c64b05f34c8508a0cfea02cf59b3c97a1d3e83a00b7ca495167f411b3f41c1409a8ac007e1cb08ef83c4cbe38117d4b1ef9b58dc0092371b1dbb1a1834f780282dc2f3b6bf36fd0dcc7619c28785b76910757376adfb014ca9ff8bfa3e291e7cba2caa05efad48b1506337b61f74b7b0f4abc18846af682f34708bbee9dee76837bcd192876d1861a20b3e77c9984aff5ebf0a2a4741d6e43b4ac056ea138e79230144578bfd4ae82b84ed109e4d5ff0f955ca481ac0231cae963b7d4db76d89d07e265973a16899fb3a6f8dba53473954589134b520e680f4c5e707fd056e75edb194004b81a40bce0407b6c294078b77e8abd8873c01f6918b2c7c6095c9f23b9841e90e8acde53ba60cd78911cac6fc2ef6bb5fcbb0d3da3e63d70b47495f2177afce5da37c59efde49aae133761847a6f0c8aa374790522ba04d466bd1f7860f53371f5eb2f506c5bc7bb6ab449e4a5c37866c31684b285cf5da17f36434b809f69c542c989449fd0eca50f5eacf8080cbbe8b84d1183095ae7416b8f2b98311451cf7cad2d8fb721e589f9e611376430359cf855444fd1415011e8c313834bf0e217ac7b03f8add941427b0d15b56378b2cd1e3925008c16cd5f95dd149c7e050e0a153e4333e63bd14816b4357fbaa5f706af6ee225057eb599bbe5714c9ff23204d1902230569839d8836e6b2525570b00eca8534aa0c29cf62dce61ec66d9c195be81279b698ec8565fd6754f636b9288247657efdb2b6356a82f014a1e6b24926fdd67810ef0a01295c664980f2057ca17362b0a5888c23ac21842f931a7d57cdeea73c4848c6c1cce20be979faa611f86509ce031fb4102a0fd30bea4f4f840c75d238362a2c4f8de16e81733ca90119f8c1ae148b184d0b113685594088ad8a947455dcfb782f8beb69e255dbed46ae2ee6f094168a52501fc68ed669fac390cd9320ba16d69c86d6f642aea836bb1d7c14593f15d8d33d452d8c87003d7ada1995e2b43f788b4ab00ec6f58869968f098218a3ca21a6f369d47a14cd3de7de8357902e8ecfb5f2e6beb5d3d32a6a6224fe3d6dc5c06eb117af0ab396acfcae58b2b1b9981cc71cc1cde07491b6b6d97e04c10ff216393dd28737d31c8f2cc9ebe161b96d407088b2bc456c331b676a0d7dca3df7f7080697d154fa14f351fd467e30b4ac3f4eb7b4adfb173ff20594cfe539c775c4275795d54782bae4b59cc64a45740ff73d21f5d6cf39e10bae4fbc48ac7799023796d7408ff9220a07a49552b18c5e35f98082297d2b4a0932e4d224c6807d49bf9b5de2eff1a8130da56124ecb5509241fe95be11eb0df066f5f819bc7db0f1ee90ea0aaf4ca4458ae7b5105d574de028c82714ad0d53bfc8ffab31c57762b38e433d6991d83ba5616162e27e8ac122c145547c4abe18260c6d32c755a44390ed41241ef375e1f5a4311263881a02dae71f837206413fc37ddf40a9bb72256d1625ee0b94c1c5715809bdb24224cd0698a5802a83e2328dfa22b80e31b9a5c7dc2fe0c68545905368806c308334c194803eed4a24a96bc5021b837a293dde7ba22b9ed27369b3584deda6489bd1b3fa2925beeacb7d3be367fd014547f82b4561c0120978b6ec2b32ac2634589b819a2c94fd20c081fe9eac7b0745f73a1981e21b05b1bd97a9a1d7218c0e6d0e473e15a1a7465cea98ba0c72af2f270b6a61bc51d1a0a9603b91fcdcc7314fe7aa007ecffe6c7eebf5a65e82a96325e86f9aec39feac6eee9501495c74000ec1f0923e79ad1fbf6dc581539047537794151473e00be353b3b8dbb6da0053826c7bdf16c43867cc9cab9d1220466ca29ef2d6172c4c0ff9067eba9d9775225efaeab1b8c634b4001d2a5c01628bd5550c4573fa017afa3f501f1a6b7d7a483dc0885ab9c2ee959a596ffbb68c7ea99e48f4304697edf7fdba5567735ace3433c15aa59863f87e4605206a31ccf268588de7ed37fcacf6bde80c68ad53de63feb4399cce137c5776abd15395402af07250938aa1c466511bd5754f9cf2f938faa37a683996c801c8fc8aae36a706c5d6e2d36e96ab77eec817ce4d56d2bcf5a43702a883b127a1da8b6ceae1b82573a9e9e9e297560f8d65a1f5fd4bf3d45af0841e691b6e637bd8b9f7c8e51b813b818b0baf2d9c5c9d116781d327b4b43309c7265612089f1dce60a41fd0aff4bcd1335d696f01cee7b371e13584c731a3c3ef7e1b9f3f41f91c4dc647b948c93a99c1ae79f5f530c68c3cc28bbd", 0x2000, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x86, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000016c0)=[{{&(0x7f0000000300)=@rc, 0x80, &(0x7f0000000280)=[{&(0x7f00000000c0)=""/11, 0xb}, {&(0x7f0000000440)=""/252, 0xfc}], 0x2, &(0x7f0000000540)=""/141, 0x8d}, 0x100000}, {{&(0x7f0000000600)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, &(0x7f00000008c0)=[{&(0x7f0000000740)=""/112, 0x70}, {&(0x7f0000001800)=""/206, 0xce}, {&(0x7f0000000800)=""/146, 0x92}, {&(0x7f0000000d40)=""/198, 0xc6}], 0x4, &(0x7f0000000e40)=""/78, 0x4e}, 0x5}], 0x2, 0x10043, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x4, 0x0)
r4 = syz_open_dev$vbi(0x0, 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r4, 0xc0045627, &(0x7f00000001c0)=0x2)
ioctl$VIDIOC_G_SLICED_VBI_CAP(r4, 0xc0745645, &(0x7f0000000100)={0x6, [0x1, 0x0, 0x2, 0x2, 0x1, 0x5, 0x0, 0x2, 0x7, 0x10, 0x0, 0x2, 0x7, 0x3, 0xf, 0x8, 0x7, 0x22, 0x3, 0xcc, 0x1, 0x9, 0x8001, 0x3, 0x7, 0xff00, 0x0, 0x8, 0x0, 0x9, 0x4, 0x5, 0x8000, 0xf, 0xd4b, 0x5, 0x8, 0x3, 0xfff, 0x3e, 0x10, 0x7, 0x7, 0x43e, 0x5, 0x0, 0x2, 0x2], 0x4})
socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$MEDIA_IOC_ENUM_LINKS(0xffffffffffffffff, 0xc0287c02, &(0x7f0000000100)={0x80000000, 0x0, 0x0})
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030033000b35d25a806c8c6f00f90224fc6010c2080000000200053582c137143e37000c068005", 0x29}], 0x1}, 0x4000840)

2m3.70446175s ago: executing program 2 (id=2276):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000011c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000100)={0x18, r1, 0x1, 0x0, &(0x7f00000002c0)=[{0x8000000000000000, 0xefffffffffff7ffe}]})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x2, r1, 0x0, 0x0, 0x0, 0x5})

2m3.257574058s ago: executing program 32 (id=2276):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000011c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r0, 0x3b82, &(0x7f0000000100)={0x18, r1, 0x1, 0x0, &(0x7f00000002c0)=[{0x8000000000000000, 0xefffffffffff7ffe}]})
ioctl$IOMMU_IOAS_MAP(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x2, r1, 0x0, 0x0, 0x0, 0x5})

30.450981256s ago: executing program 4 (id=2694):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b3f2})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000001480)={'geneve0\x00', 0x400})
socket(0x1, 0x803, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r5}]}, 0x44}}, 0x0)

28.256697969s ago: executing program 4 (id=2701):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000001e00100000000000000000180100002020702500000000002120207b1af8ff00000000bfa100000000000007010000fcffffffb702000004000000b7030000000000de850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095000000000000002d55710c64e30cd8655910b3eb2d1451a6bf4b04dc0af703f4c87963ba8fd1c024815f140290fb3f659193ae297fdcd50b6dc8d41dff00000000000000e272e53a081168e74d7189f0e655f66e08f0e108968d80ea3cac636a830bea16f1e27d5761f66d6e252599ca89adacf4e13a2013988c4222d7cf1ff84820012fd6f16b20de6f1ea6691dcee8e86fa2109aa7898fe15f2c973463c482db5da9926d158ee55592221796e273ccf22a8ce8dd3674739087015098b80e9842e82aa484b0247773b358f02338ba5950707984fb201d101bfd1f78b0ea4f397c22d94b5a34491cf3f671af9dacdf409cc1f8d960358d99d506f9966fc7f6294bd71f8671a68b43621c9444d8ffe5c0827fbb8725eeeb52f472cbc857d860dccc18268bcc9f25a53578f5d1264ca6618dfbdd5c68790793e9d58c4347be3177a4936d603565c373b97b3aab1f1e5db56c"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x22, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x44)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0}, 0x10)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f000001a000))
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f0000001fc0)=ANY=[], 0x0, 0x2b6, &(0x7f0000000800)="$eJzs3cGKW1UYAOD/Zu5koiIZxI0ieKEuXA0dt25mlArirJQs1IUGm4IkodBCoBGMXfUJXPoePoIL3egTCG4Fd+1i5MjNvbdJaJJKG1Oo37c6nHP+c/5zz5DJJv/98o3x8PrNLO7e/z06nSxaZ3EWD7I4jlY0vos8AIDnx4OU4q/0JJF5a/fZAAD7UP3/rzzrXACA/fjk088+Or+4uPZxUXTite69SS+LiPG9Sa8aP78RX8coPfyGkNJq+4MPL65FXpSO463xbNIrI8df/FKvf/5nRIxiEKfRjeP18adFZSl+NukdxotRxPmNwybVbry6Pv6dNfHRa8fbV+b5tyJiECfRjV+/ipsxiutRxi7ivz0tivfT9/e/+bzcpozPWtE7ms9bSAf7vBcAAAAAAAAAAAAAAAAAAAAAAJ5vJ0WRVeV75vV7yq66/s7B5Xz8pGgcr9bnqeKzZqGr0Y3LSFGX6Jml+KGpr3O1KIpUT1zE5/F67sUCAAAAAAAAAAAAAAAAAAAAULp9Zzrsj0aDWztpNNUAmp/1P+k6Z0s9b8Z02D/YvODRv99rudpAmevWyZHnsaPH8rjGC2U+O1/5qLncK82RB83F7HSvV96rFp0O+0U91DzkYT973F6d6uLSnR8XQ5G342kTS/M/icu0eqedh6muRrV39DTaL60d+jultDGqWO5594/qjuqebF5io5788m8/T7fsflg31h6wbHQevYufNh9n40fGwVN/6AAAAAAAAAAAAAAAAAAAAGstfvS7ZvDu1tDWf5YUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzZ4v3/TaMTEas9jzRmdfC2OXWjHbduP+MjAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8D/wTwAAAP//9w9SyQ==")
chdir(&(0x7f0000000540)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file6\x00', 0x0)

27.540398003s ago: executing program 4 (id=2709):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x1010000, &(0x7f0000000e40)=ANY=[@ANYBLOB='nobarrier,decompose,nls=cp936,gid=', @ANYRESHEX=0xee01, @ANYBLOB="2c626172726965722c756d61736b3d30303030303030303030303030303030303030343030342c0000a7b04339467661b236f69117d062071c62ba59c021917032b4bc3681eac13867d5802a6898aef3"], 0x0, 0x6e6, &(0x7f00000017c0)="$eJzs3U1sHGf9B/DvrNcbbyq52/77kj9CitWICBpI7CwlQUIiIIRyqCASl15N4jRWnDSyXZREiLhA4QgnlEMPRSgcekIckIo4IMoZCYl77pE4cIs4YDSzs/au353Edho+H2l2ntl5Xn7z22dmd8eJNsD/rPNvZXQpRc6fePNmuX3/Xnfu/r3utX45yaEkjaTZW6W4nhSfJOfSW/L/5ZN1d8Vm47zx4OMPjt/9qNvbatZLVb+xVbtVy1uMsFQvmUgyUq93qblZfxc36O/OrrouVuIuE3asnzg4aMvrLO2m+Q7OW+BpdycZGd3g+U5yOMlY/Tkg9dWhsc/hPXG7usoBAADA02lkuwrPP8zD3Mz4/oQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAz4ai95uBRb00+uWJFPXv/3+3rlZptQ423G18cZv971/ep0AAAAAAAAAA4MkbXS0efZiHuZnx/vZyUf3N/7Vq46Xq8bm8m4XMZD4nczPTWcxi5jOVjI4P9Nm6Ob24OD+1vuWvUrZcXl6+U7c8naRTNRlseXofjhsAAAAAAAAAnl0/zvmMH3QQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwqEhGeqtqealf7qTRTDKWpFXWW0r+1C9/mv35oAMAAACAvdeu1+PFf3qF5aL6zv9K9b1/LO/mehYzm8XMZSaXqnsBvW/9jb8vdefu3+teK5f1HX/jn7uKo+oxyUje22TkyarGyystzufb+V5OZCIXMp/Z/CDTWcxMJtIuDyLTKdJp9+5edPpxDsc7Und1biiUC2tjO7pm+0gVSTuXM1vFdjIXW/3eGlWNIkfup5P0RvtDK1mToffK7BRfr+0wR5cGXq9f1vdlasvP77CPvdGpjnx0JSOTZe7rbLywce77djlP1o40lcbKPaiXVkcpN9eO1M/593eT88P1usz1z4Zz/qTt8lba2kycTqOefckrwzm/8bm7Lw43/sI//nLhSuP61SuXF07s4SHtqdF+YW0mugOZeHXr2VdnYq7MxNLOMzG69omxxziOJ6hVZ6N3YdvZ1fJbVWk6rw1MwXdyKTM5k8lM5Wwm89WcTndohr08lNdm99pwTqpzrbH++tbeIvhjnx+o9PNtKu+vMi8vDOR18ErXqfbVz5z7RSYHsvTi1rPvUd4Fmp+pC+UYP1l5x3kaDGWivjb3o+u/QW2SiV8vl48Lc9evzl+ZvrHD8Y7X6/K0fX/42vybxz6Yx1LOl/KK26y2qpy0+/Ol3Pd/K9EO56tV/8Wl166xbt/LK/s6Gc9svrPpmdqqP8Ot76m379UN93WrfUcG9g19ysk7mas+hawxsT9ZBWDHDr9+uNV+0P5b+8P2T9tX2m+OffPQ2UOfbWX0r80/jvyu8dvG14rX82F+lPGDjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4FC7duX52em5uZ38NC6xHHSmPbOvee21mH6SRbj1XUhdZeZ+MpKPxrbMtstLNHo/8+yRZ1Wo89RLH387mcyE+kw/4Pp1XPLI/sonmz32rjOs0sjA29gkdX6xxafd3TuTo99+/loebtDJwywDPu1OK1G6cWbt3+0uy16bdn3p65fvrsmbNnul+Z+vKpy7NzM5O9x4OOEtgLC7dujxx0DAAAAAAAAAAAAMDu1P/6f/GR/zNDc5s6rfmFjUc+ut+HCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHxKnX8ro0spMjV5crLcvn+vO1cu/fJqzWaSRpLih0nxSXIuvSWdge6KzcZ548HHHxy/+1F3ta9mv35jq3Y7s1QvmUgyUq+3d2iDbtb3d3Ggv6VHCq9YOcIyYcf6iYOD9t8AAAD//zrG8zg=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000040)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fsmount(r3, 0x0, 0x5)
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xc, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0xd, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)

25.68009578s ago: executing program 4 (id=2717):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file0\x00', 0x3000490, &(0x7f0000000280)={[{@lazytime}, {@usrjquota}, {@errors_remount}, {@bsdgroups}, {@auto_da_alloc}, {@jqfmt_vfsv1}, {@nouid32}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@grpjquota}, {}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
socket$inet6(0xa, 0x2, 0x0)
fanotify_init(0x4, 0x101000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x34)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

24.717444576s ago: executing program 4 (id=2724):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r1}, 0x0, 0x0}, 0x20)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
setsockopt$MRT6_INIT(0xffffffffffffffff, 0x29, 0xc8, 0x0, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x30, 0x80, 0x0, 0x0, 0xee01}}}, 0xb8}}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000900)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a00404000000000f1f1e9c0063caffc83855db43df55dac3dac5236cee7128fc540eb8f6fff6e9a6e48aa594afbc2a6ef2e6743", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB='\x00'/112], 0xb8}}, 0x0)

22.833224614s ago: executing program 4 (id=2728):
writev(0xffffffffffffffff, &(0x7f0000000280)=[{&(0x7f0000000040)}], 0x1)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_REKEY_OFFLOAD(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4040055}, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

15.383948896s ago: executing program 3 (id=2746):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000001100)='./file0\x00', 0x3000490, &(0x7f0000000280)={[{@lazytime}, {@usrjquota}, {@errors_remount}, {@bsdgroups}, {@auto_da_alloc}, {@jqfmt_vfsv1}, {@nouid32}, {@journal_dev={'journal_dev', 0x3d, 0x7}}, {@grpjquota}, {}]}, 0x45, 0x7b1, &(0x7f00000004c0)="$eJzs3c9rHNcdAPDvrFY/7VYqFFr3JCi0BuNV5ap2C4Wq9FAKNRjaUw+1xWotHK20RrsylhCJTQjkEkhCbsnF5/y8hFzz45BL8n8EGyeRTRxyCAqzP6SVtCvvOtKuHX8+MNZ7M2/2ve+82TfPmtFuAE+tyfSfTMSJiHg5iRivr08iYrCaykbM1so92NzIp0sSW1v/+Sqplrm/uZGPpn1Sx+qZX0fExy9EnMrsr7e8tr44VywWVur5qcrS1any2vrpK0tzC4WFwvLZ6ZmZM+f+dO7s4cX6zefrx++88s/fvzP73fO/evelT5KYjeP1bc1xHJbJmKwfk8H0EO7yj8OurG/ef7aDQk1nQPYoG0OX0o4ZqPfKiRiPgYP6Z7SXLQMAjspzEbHVzkDbLQDAEy2pXf//1u92AAC90vg9wP3NjXxj6e9vJHrr7t8jYqQWf+P+Zm1Ltn7PbqR6H3TsfrLrzkgSEROHUP9kRLzxwf/fSpc4ovuQAK3cuBkRlyYm94//yb5nFrr1h9arF5ozk3s2Gv+gdz5M5z9/bjX/y2zPf6LF/Ge4xXv3UTz8/Z+5fQjVtJXO//7a9Gzbg6b46yYG6rmfVed8g8nlK8VCOrb9PCJOxuBwmp8+oI6T976/125b8/zv61efeTOtP/25UyJzOzu8e5/5ucrcj4m52d2bEb/Jtoo/Hf+Hq/2ftJn/Xuiwjn/95cXX221L40/jbSz74z9aW7ciftey/5PtMsmBzydOVU+HqcZJ0cJ7szHWrv7J7E7/p0taf+P/Ar2Q9v/YwfFPJM3Pa5Y7funtp8U+uzX+UbtCzed/6/hbn/9DyX+r6aH6uutzlcrKdMRQ8u/968/s7NvIN8qn8Z/8bev3f2P8a3H+/y99/UsdHojsnS/ffvT4j1Ya/3xX/d91IkYeLA60q7+z/p/ZtU8n41+nDXzU4wYAAAAAAAAAAAAAAAAAAAAAAAAA3chExPFIMrntdCaTy9W+w/uXMZYplsqVU5dLq8vzUf2u7IkYzDQ+6nK86fNQp+ufh9/In9mT/2NE/CIiXhsereZz+VJxvt/BAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDdsTbf/5/6YnhP4YF+tBAAOBIjLuwA8LRJstl+NwEA6LWRrkqPHlk7AIDe6e76DwD8FLj+A8DT5yHX/71/BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADdunD+fLpsfbu5kU/z89fWVhdL107PF8qLuaXVfC5fWrmaWyiVFoqFXL601PaFbtR+FEulqzOxvHp9qlIoV6bKa+sXl0qry5WLV5bmFgoXC4M9iwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOldeW1+cKxYLKxJ9SSx+WuuHx6U9Et0l4kat/x6X9hxeIoZ2RonR/gxOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+AHwIAAP//4VQjgA==")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000340)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
socket$inet6(0xa, 0x2, 0x0)
fanotify_init(0x4, 0x101000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x34)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

14.990351628s ago: executing program 3 (id=2748):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x3, 'dh\x00', 0x1, 0x7, 0x49}, 0x2c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@gettfilter={0x24, 0x2e, 0x301}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000003700)={0x77359400})
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e21, 0x3, 'wrr\x00', 0x4, 0x81, 0x5}, {@rand_addr=0xac1414aa, 0x4e23, 0x3, 0x1cb, 0x12d5c, 0x12d5c}}, 0x44)

12.747849606s ago: executing program 3 (id=2753):
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001500)={'lo\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6(0xa, 0x40000080806, 0x0)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, 0x0)
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, 0x0)
ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000140)={0x60, 0x3, &(0x7f0000001000/0x3000)=nil, &(0x7f000039f000/0x2000)=nil, 0x7fffffff, 0x0, 0x0, 0x6, 0x47, 0x2, 0x8})
openat$audio1(0xffffffffffffff9c, 0x0, 0x68000, 0x0)
pipe(0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ipv6_route\x00')
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x8ef0256c11f0acff, 0x31, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000c5000000d000000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, @void, @value}, 0x94)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)={0xcc, 0x0, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x36}, {0x6, 0x16, 0x3}, {0x5, 0x12, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x100}, {0x6, 0x16, 0x7}, {0x5}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x1}, {0x6, 0x16, 0x5}, {0x5}}]}, 0xcc}}, 0x800)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
writev(r4, &(0x7f0000000140)=[{&(0x7f00000000c0)=']', 0x1}], 0x1)

11.276637869s ago: executing program 0 (id=2761):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b3f2})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000001480)={'geneve0\x00', 0x400})
socket(0x1, 0x803, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000180)={'bond0\x00', <r2=>0x0})
r3 = socket(0x1, 0x803, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x15, 0x10, 0x8, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000780)=@newlink={0x44, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x44}}, 0x0)

10.352268815s ago: executing program 1 (id=2763):
r0 = socket$inet6(0xa, 0x80002, 0x0)
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x800)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
unshare(0x28000800)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r2 = open(&(0x7f00000001c0)='.\x00', 0x20000, 0x0)
r3 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
symlinkat(&(0x7f00000000c0)='./file1\x00', r3, &(0x7f0000000100)='./file1\x00')
ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x40049366, &(0x7f0000000180))
ioctl$AUTOFS_IOC_CATATONIC(r2, 0x9362, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e24, 0x1ff, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x2a}}, 0x6}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4001c00)

8.66959842s ago: executing program 1 (id=2764):
r0 = syz_open_dev$vbi(&(0x7f0000000340), 0x3, 0x2)
ioctl$VIDIOC_G_STD(r0, 0x80085617, &(0x7f00000002c0))

8.411251972s ago: executing program 1 (id=2765):
r0 = socket$alg(0x26, 0x5, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x8)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_emit_vhci(&(0x7f0000000580)=ANY=[@ANYBLOB], 0xa)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETMODE(r4, 0x4b3a, 0x1)
ioctl$TCXONC(r4, 0x4b3a, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni\x00'}, 0x58)
accept4$alg(r0, 0x0, 0x0, 0x80800)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6", 0x3)
socket$rds(0x15, 0x5, 0x0)

7.2366985s ago: executing program 1 (id=2766):
signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x6ecab362f451a72b, &(0x7f0000000700)=ANY=[@ANYBLOB, @ANYRESOCT=r1])
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="6501000014"], 0x188}}, 0x0)

7.20167115s ago: executing program 3 (id=2767):
syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f0000000800)={{0x12, 0x1, 0x0, 0x2, 0x0, 0x0, 0x10, 0x525, 0xa4a1, 0x40, 0x0, 0x0, 0xffffffffffff8001, 0x1, [{{0x9, 0x2, 0x44, 0x1, 0x1, 0x0, 0x90, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x16, 0x2, 0x2, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x9}, {0xd}}, {[{}], {{0x9, 0x5, 0x82, 0x2, 0x0, 0x0, 0x0, 0x53}}, {{0x9, 0x5, 0x3, 0x2, 0x200}}}}}]}}]}}, 0x0)

6.620672108s ago: executing program 0 (id=2769):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
close(r0)

6.271304022s ago: executing program 0 (id=2770):
r0 = syz_open_dev$usbfs(0x0, 0xd, 0x20041)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000140)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000000)={0x80, 0x0, 0x0, 0x0, 0x2}, 0x36, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000600)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0)
ioctl$USBDEVFS_REAPURBNDELAY(r0, 0x4004550d, 0x0)

6.109663225s ago: executing program 5 (id=2771):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r0)
socket$kcm(0xa, 0x2, 0x3a)
ioctl$SIOCSIFHWADDR(r0, 0x8922, &(0x7f0000002280)={'team0\x00', @random="2b0100004ec6"})

5.884526532s ago: executing program 0 (id=2772):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000080000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r1}, 0x10)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x10)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000140)={'pim6reg1\x00', 0x1})
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r3)

5.819839832s ago: executing program 5 (id=2773):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, 0x0}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

5.452838485s ago: executing program 3 (id=2774):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005411000060ec97000198"], 0xfdef)

4.712181665s ago: executing program 1 (id=2775):
socket$nl_route(0x10, 0x3, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x87}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$IPVS_CMD_GET_INFO(0xffffffffffffffff, 0x0, 0x0)
getrlimit(0x4, 0x0)

4.028532101s ago: executing program 1 (id=2776):
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000180)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB=' '], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000001500)={'lo\x00'})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6(0xa, 0x40000080806, 0x0)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x80002, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, 0x0)
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, 0x0)
ioctl$PAGEMAP_SCAN(0xffffffffffffffff, 0xc0606610, &(0x7f0000000140)={0x60, 0x3, &(0x7f0000001000/0x3000)=nil, &(0x7f000039f000/0x2000)=nil, 0x7fffffff, 0x0, 0x0, 0x6, 0x47, 0x2, 0x8})
openat$audio1(0xffffffffffffff9c, 0x0, 0x68000, 0x0)
pipe(0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ipv6_route\x00')
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x8ef0256c11f0acff, 0x31, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000c5000000d000000095"], &(0x7f0000000200)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, @void, @value}, 0x94)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f0000000300)={0xcc, 0x0, 0x1, 0x70bd27, 0x25dfdbfb, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x36}, {0x6, 0x16, 0x3}, {0x5, 0x12, 0x1}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x3}}, {0x8, 0xb, 0x100}, {0x6, 0x16, 0x7}, {0x5}}, {{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x2}}, {0x8, 0xb, 0x1}, {0x6, 0x16, 0x5}, {0x5}}]}, 0xcc}}, 0x800)
r4 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
writev(r4, &(0x7f0000000140)=[{&(0x7f00000000c0)=']', 0x1}], 0x1)

2.84856142s ago: executing program 5 (id=2777):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x3, 'dh\x00', 0x1, 0x7, 0x49}, 0x2c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0xffffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@gettfilter={0x24, 0x2e, 0x301}, 0x24}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000003700)={0x77359400})
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e21, 0x3, 'wrr\x00', 0x4, 0x81, 0x5}, {@rand_addr=0xac1414aa, 0x4e23, 0x3, 0x1cb, 0x12d5c, 0x12d5c}}, 0x44)

2.700222925s ago: executing program 0 (id=2778):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
io_uring_setup(0x807f7d, &(0x7f00000002c0)={0x0, 0x10000, 0x10, 0x3})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x57)
recvmmsg(0xffffffffffffffff, &(0x7f0000000b40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/11, 0xb}}], 0x5df, 0x2, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0xa0800, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$TIOCMIWAIT(r4, 0x545c, 0x7cb7562f2d67)
ioctl$TIOCMSET(r4, 0x5418, &(0x7f0000000540)=0xfffffe03)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="5c0000000206050000000000000000000700000014000780080008400000009808000640000a00000500010006000000050005000200000005000400000000000900020073797a310000000010000300686173683a69702c6d6163"], 0x5c}}, 0x20000000)
ioctl$VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045613, &(0x7f0000000140)=0x7)
sendto$inet6(0xffffffffffffffff, &(0x7f0000847fff)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x0, 0x0, @loopback={0xfec0ffffffffffff, 0x1c9ae7fffe9a6f34}}, 0x1c)
shutdown(0xffffffffffffffff, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000840)=[{{0x0, 0x41, 0x0}}], 0x414, 0x406, 0x0)

1.226340177s ago: executing program 5 (id=2779):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
close(r0)

1.12873722s ago: executing program 3 (id=2780):
madvise(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xe)
r0 = gettid()
process_vm_writev(r0, &(0x7f0000000000)=[{&(0x7f00008f9f09)=""/247, 0xf7}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/231, 0xffffff4e}], 0x23a, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
syz_clone(0x48100280, 0x0, 0x0, 0x0, 0x0, 0x0)

467.68979ms ago: executing program 5 (id=2781):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x4c890)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
gettid()
mount$afs(&(0x7f0000000100)=ANY=[@ANYBLOB="2373797a313a73797a30060000000000"], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_netprio_ifpriomap(r1, &(0x7f0000000280), 0x2, 0x0)
writev(r2, &(0x7f0000000380)=[{&(0x7f00000004c0)}], 0x1)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
listen(0xffffffffffffffff, 0x0)
syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x30008c0, &(0x7f0000000540)=ANY=[@ANYBLOB="71756965742c636f6465706167653d64656661756c742c696f636861727365743d69736f383835392d332c71756965742c706172743d3078303030303030303030303030303030352c0092e73659b6f19fbbe01b9cc908dab9ad4d60fd5d2fe7f6f2a8504daf6ce25e47ccd96db758f99cd394edcacf7d6641565eb30fdd75538e1b4b26856e0d8d3dd5696871fea56befab9d6054e8a3d7ec6b0446b9854be7c547de0e6327b26b688927c436320bf5a8f3da0d373f123f05a7c23bc44cb09b3569c1a2e6a53db85a352c84d2be28861582595be300b40f1569d42e14addbebd853776fc5f01715e85eeaa188002d9d98f77bbecf7e075f264e052bb8cdbe5dfa461764272d3bb874306cf0962de8b667984388934fb1b44cc555064550a2df4ea53d3974a652e6dcf8ba8b5264497efdc53ec674"], 0x11, 0x2b6, &(0x7f0000000200)="$eJzs3U9rE0EYx/HfbNI22lK3tiJ4rBb0Ilov4iUieRGeRG0iFENFrfjnVMWTiN69+xZ8EV4U34CePPkC6mllZifZJLvZTUOTber3Aw2b7D47z2T/zDyBsgLw37rV+Pn52m/7Z6SKKtK7G1IgqSZVJZ3R2dqznd3t3Xarmbejiouwf0ZxpElts7XTygq1cS7CC+27qpZ6P8NkRFF081fZSaB07urPEEgL/up062tTzyzf6zHj9g45j1lj9rWvF1ouOw8AQLn8+B/4cX7Jz9+DQNrww/6RHP/HtV92AhMX5a7tGf9dlRUZe3xPuVVJvedKOLs+6FSJo7Q8N/B+XvGZ1TfBNEVVpcslOPFgu926vPWo3Qz0RnWvZ7M199qMT92OgmzXM2rTHCP03WTPKBddH+ZsHzbj/J9L6st/dcwWx2a+mu/mjgn1Sc3u/K8aGXuY3JEKB45UnP+V4Xt0vQztVvK3jXq9HvRtsuIaOedb8Ap6WcuuSNQ5o1bU/wNBWJSnizo9EBX37mpB1Gpm1Gbn3ZCotb4o25vu2Ty8vUkzH8xts64/+qJGz/w/sPltKPfKTK4asxEPBe4bj/szn91c1e0zTI0c6cul+y0uDEv9b/49DQfwXvd1XctPX756WGm3W0/swr2MhcdL3U/m3kqZ25S8oL3kkwVFTmrjzqA0zcQuHeoO7f2jcGN7lR2Jg3KsFxrfpnsilbFQ8v0JU5Ec9LIzQUnsvMvE9V9Sr1TjyZ59CTPn6SP+EOD3GNk5dreCS2KjeEYu6eSBKrjF4RVcuuZK1Yyu5jp/Uboweouhz/OYMA390F1+/wcAAAAAAAAAAAAAAAAAAJg10/h3grL7CAAAAAAAAAAAAAAAAAAAAADArOs+/1ed5/9qtOf/Dj6K5TCf//txRzz/F5i8fwEAAP//FZd8vg==")
r3 = memfd_create(&(0x7f00000003c0)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\xea7\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\x0f<\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xcd\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00\xd5\xf3\\\x00\xbe]Et\xad*\xecj\x02\xc8\xc4\f\x04\x99\xf6\xfc', 0x3)
unshare(0x8000400)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='smaps_rollup\x00')
lseek(r4, 0x4, 0x21001000)
recvmmsg(r3, 0x0, 0x0, 0x100, &(0x7f0000001240))
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x2, 0x0, &(0x7f0000000000))
setsockopt$MRT6_FLUSH(0xffffffffffffffff, 0x29, 0xd4, &(0x7f0000000080)=0x8, 0x4)
openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
close(0xffffffffffffffff)

156.71584ms ago: executing program 5 (id=2782):
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
rename(&(0x7f0000000400)='./bus\x00', &(0x7f0000000f00)='./file0\x00')
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)

0s ago: executing program 0 (id=2783):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x15, 0x3, 'sed\x00', 0x1, 0x4, 0x72}, 0x2c)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='hfs\x00', 0x0, &(0x7f0000000140)='!\x00')
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000004180)={0x2020, 0x0, <r1=>0x0}, 0x2020)
r2 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000059770c40c009030243d3000000010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
write$FUSE_OPEN(r0, &(0x7f00000002c0)={0x20, 0x0, r1}, 0x20)

kernel console output (not intermixed with test programs):

ltsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  448.091718][   T46] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  448.101347][   T46] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.109835][   T46] usb 4-1: Product: syz
[  448.114041][   T46] usb 4-1: Manufacturer: syz
[  448.386029][ T5886] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  448.566963][ T5886] usb 2-1: Using ep0 maxpacket: 16
[  448.587217][ T5886] usb 2-1: config 0 has no interfaces?
[  448.632967][ T5886] usb 2-1: config 0 has no interfaces?
[  448.644083][ T5886] usb 2-1: config 0 has no interfaces?
[  448.670793][   T46] usb 4-1: SerialNumber: syz
[  448.683614][ T5886] usb 2-1: New USB device found, idVendor=046d, idProduct=08b5, bcdDevice=d7.01
[  448.688133][   T46] cdc_ncm 4-1:1.0: skipping garbage
[  448.698880][   T46] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found
[  448.705746][   T46] cdc_ncm 4-1:1.0: bind() failure
[  448.726127][ T5886] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=0
[  448.734154][ T5886] usb 2-1: Product: syz
[  448.763822][ T5886] usb 2-1: Manufacturer: syz
[  448.784621][ T5886] usb 2-1: config 0 descriptor??
[  448.862137][T10305] Cannot find add_set index 0 as target
[  448.996332][   T46] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  449.025726][ T7054] usb 5-1: USB disconnect, device number 29
[  449.047410][ T2149] usb 2-1: USB disconnect, device number 31
[  449.185372][T10308] netlink: 580 bytes leftover after parsing attributes in process `syz.4.1547'.
[  450.055944][   T46] usb 3-1: Using ep0 maxpacket: 8
[  450.071056][   T46] usb 3-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  450.084575][   T46] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.093445][   T46] usb 3-1: Product: syz
[  450.098264][   T46] usb 3-1: Manufacturer: syz
[  450.102889][   T46] usb 3-1: SerialNumber: syz
[  450.111365][   T46] usb 3-1: config 0 descriptor??
[  450.232414][T10319] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1551'.
[  450.920971][   T46] usb 4-1: USB disconnect, device number 40
[  450.973301][T10334] loop1: detected capacity change from 0 to 1764
[  450.998634][T10334] iso9660: Unknown parameter 'noroce'
[  451.511399][T10343] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1559'.
[  451.813775][T10356] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1560'.
[  451.927711][T10355] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1561'.
[  453.572942][T10395] loop3: detected capacity change from 0 to 764
[  453.590386][T10399] syz_tun: entered allmulticast mode
[  453.679980][T10396] syz_tun: left allmulticast mode
[  455.039068][T10411] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  455.080495][T10411] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  455.448070][T10423] tipc: Started in network mode
[  455.453002][T10423] tipc: Node identity 7f000001, cluster identity 4711
[  455.472951][T10423] tipc: Enabled bearer <udp:syz2>, priority 10
[  456.355147][T10436] tipc: Started in network mode
[  456.370649][T10436] tipc: Node identity 7f000001, cluster identity 4711
[  456.393904][T10436] tipc: Enabled bearer <udp:syz2>, priority 10
[  456.588575][ T5848] tipc: Node number set to 2130706433
[  457.135300][T10448] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1591'.
[  457.396026][ T7054] tipc: Node number set to 2130706433
[  457.434302][T10461] 9pnet_fd: Insufficient options for proto=fd
[  457.771341][T10465] xt_CT: You must specify a L4 protocol and not use inversions on it
[  459.102797][ T5886] usb 1-1: new full-speed USB device number 28 using dummy_hcd
[  459.895946][ T5886] usb 1-1: config 0 has an invalid interface number: 93 but max is 0
[  459.996069][ T5886] usb 1-1: config 0 has no interface number 0
[  460.072598][ T5886] usb 1-1: New USB device found, idVendor=10b8, idProduct=1bb4, bcdDevice=34.65
[  460.118602][ T5886] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  460.141668][ T5886] usb 1-1: Product: syz
[  460.148766][ T5886] usb 1-1: Manufacturer: syz
[  460.153786][ T5886] usb 1-1: SerialNumber: syz
[  460.310127][T10488] loop4: detected capacity change from 0 to 1024
[  460.323164][ T5886] usb 1-1: config 0 descriptor??
[  460.628277][ T5886] dvb-usb: found a 'DiBcom TFE7090PVR reference design' in warm state.
[  460.645120][ T5886] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  460.662759][ T5886] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  460.672159][ T5886] usb 1-1: media controller created
[  460.742576][ T5886] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  460.868486][T10492] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1605'.
[  461.606929][   T12] hfsplus: b-tree write err: -5, ino 4
[  461.841556][ T5886] DVB: Unable to find symbol dib7000p_attach()
[  461.861739][T10503] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1608'.
[  461.875992][ T5886] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  461.895651][ T5886] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  461.914918][ T5886] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  461.929791][ T5886] usb 1-1: media controller created
[  461.950760][ T5886] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  462.003904][ T5886] dib0700: the master dib7090 has to be initialized first
[  462.020409][ T5886] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  462.156219][ T5886] rc_core: IR keymap rc-dib0700-rc5 not found
[  462.169913][ T5886] Registered IR keymap rc-empty
[  462.184684][ T5886] dvb-usb: could not initialize remote control.
[  462.199057][ T5886] dvb-usb: DiBcom TFE7090PVR reference design successfully initialized and connected.
[  462.231189][ T5886] usb 1-1: USB disconnect, device number 28
[  462.385425][ T5886] dvb-usb: DiBcom TFE7090PVR reference design successfully deinitialized and disconnected.
[  463.036784][T10516] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1612'.
[  463.046320][T10516] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1612'.
[  463.218001][T10517] loop1: detected capacity change from 0 to 1024
[  463.231323][T10517] hfsplus: Unknown parameter '	'
[  463.776907][T10522] loop4: detected capacity change from 0 to 764
[  465.175614][    T9] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  465.328247][    T9] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has an invalid bInterval 243, changing to 11
[  465.347553][T10540] fuse: Bad value for 'fd'
[  465.353696][    T9] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 57378, setting to 1024
[  465.369098][    T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  465.384239][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  465.399545][    T9] usb 2-1: Product: syz
[  465.407332][    T9] usb 2-1: Manufacturer: syz
[  465.415807][    T9] usb 2-1: SerialNumber: syz
[  465.659968][T10554] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1626'.
[  466.376833][T10566] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1629'.
[  466.386293][T10566] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1629'.
[  466.471493][T10566] loop2: detected capacity change from 0 to 1024
[  466.482615][T10566] hfsplus: Unknown parameter '	'
[  467.160049][    T9] cdc_ncm 2-1:1.0: bind() failure
[  467.196843][    T9] cdc_ncm 2-1:1.1: probe with driver cdc_ncm failed with error -71
[  467.205626][    T9] cdc_mbim 2-1:1.1: probe with driver cdc_mbim failed with error -71
[  467.220198][    T9] usbtest 2-1:1.1: probe with driver usbtest failed with error -71
[  467.265660][    T9] usb 2-1: USB disconnect, device number 32
[  467.867192][T10583] fuse: Bad value for 'fd'
[  468.127391][T10591] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1639'.
[  468.509045][T10602] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1642'.
[  468.518489][T10602] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1642'.
[  469.298500][   T46] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  469.469284][   T46] usb 2-1: config 0 has no interfaces?
[  469.508872][   T46] usb 2-1: New USB device found, idVendor=0c45, idProduct=8008, bcdDevice=e1.85
[  469.536164][   T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  469.567157][   T46] usb 2-1: config 0 descriptor??
[  469.692559][T10619] fuse: Bad value for 'fd'
[  469.720201][T10617] loop2: detected capacity change from 0 to 1024
[  469.778300][   T46] usb 2-1: USB disconnect, device number 33
[  471.113920][T10640] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  471.473489][T10648] fuse: Bad value for 'fd'
[  471.738867][T10657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  471.747804][T10655] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1667'.
[  471.763914][T10657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  472.008158][T10663] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1669'.
[  472.472006][T10678] fuse: Bad value for 'fd'
[  472.545882][ T5886] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  472.639601][T10682] loop2: detected capacity change from 0 to 128
[  472.715914][ T5886] usb 4-1: Using ep0 maxpacket: 8
[  472.731347][ T5886] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  472.763290][ T5886] usb 4-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  472.796024][ T5886] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  472.823532][ T5886] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  472.877206][ T5886] usbtmc 4-1:16.0: bulk endpoints not found
[  473.258804][T10692] netlink: 580 bytes leftover after parsing attributes in process `syz.1.1682'.
[  474.483462][T10706] fuse: Bad value for 'fd'
[  474.906026][T10716] netlink: 'syz.2.1692': attribute type 1 has an invalid length.
[  475.175966][T10718] netlink: 580 bytes leftover after parsing attributes in process `syz.1.1693'.
[  475.367858][ T5886] usb 4-1: USB disconnect, device number 41
[  476.408057][T10741] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  476.418784][T10741] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  477.276416][ T5886] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  477.432124][T10751] loop4: detected capacity change from 0 to 1024
[  477.444318][T10751] ext4: Bad value for 'barrier'
[  477.458521][ T5886] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[  477.481557][ T5886] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  477.525998][    T9] usb 1-1: new full-speed USB device number 29 using dummy_hcd
[  477.541312][ T5886] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  477.588073][ T5886] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  477.633176][ T5886] usb 4-1: Manufacturer: syz
[  477.662256][ T5886] usb 4-1: config 0 descriptor??
[  477.690596][    T9] usb 1-1: device descriptor read/64, error -71
[  477.817828][ T5886] rc_core: IR keymap rc-hauppauge not found
[  477.981296][ T5886] Registered IR keymap rc-empty
[  478.132206][    T9] usb 1-1: new full-speed USB device number 30 using dummy_hcd
[  478.216801][ T5886] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  478.325929][ T5886] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input41
[  478.439508][    C0] igorplugusb 4-1:0.0: receive overflow invalid: 16
[  478.446741][    T9] usb 1-1: device descriptor read/64, error -71
[  478.576794][    T9] usb usb1-port1: attempt power cycle
[  478.665786][    C0] hrtimer: interrupt took 61671 ns
[  478.686772][ T5886] usb 4-1: USB disconnect, device number 42
[  478.938084][    T9] usb 1-1: new full-speed USB device number 31 using dummy_hcd
[  479.024566][    T9] usb 1-1: device descriptor read/8, error -71
[  479.276178][    T9] usb 1-1: new full-speed USB device number 32 using dummy_hcd
[  479.326054][ T5886] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  479.344281][    T9] usb 1-1: device descriptor read/8, error -71
[  479.486477][    T9] usb usb1-port1: unable to enumerate USB device
[  479.516538][ T5886] usb 5-1: Using ep0 maxpacket: 8
[  479.540271][ T5886] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  479.562694][ T5886] usb 5-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  479.577437][ T5886] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  479.587271][ T5886] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  479.618601][ T5886] usbtmc 5-1:16.0: bulk endpoints not found
[  481.502126][T10809] netlink: 'syz.0.1727': attribute type 31 has an invalid length.
[  481.981088][T10823] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  482.019376][T10823] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  482.144279][    T9] usb 5-1: USB disconnect, device number 30
[  482.270583][T10829] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1731'.
[  483.106815][T10831] loop4: detected capacity change from 0 to 1024
[  483.121384][T10831] ext4: Bad value for 'barrier'
[  484.328984][T10853] Context (ID=0x4d8) not attached to queue pair (handle=0x1:0x8000)
[  484.362129][T10854] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1742'.
[  484.626099][   T46] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  484.796285][   T46] usb 5-1: Using ep0 maxpacket: 8
[  484.823669][   T46] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  484.845584][   T46] usb 5-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  484.867618][   T46] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  484.886293][   T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.914346][   T46] usbtmc 5-1:16.0: bulk endpoints not found
[  485.107909][ T5887] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  485.227788][T10878] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1750'.
[  486.076197][ T5887] usb 4-1: Using ep0 maxpacket: 32
[  486.093167][ T5887] usb 4-1: config 0 interface 0 has no altsetting 0
[  486.123614][ T5887] usb 4-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  486.142477][ T5887] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  486.156056][ T5887] usb 4-1: Product: syz
[  486.160269][ T5887] usb 4-1: Manufacturer: syz
[  486.164898][ T5887] usb 4-1: SerialNumber: syz
[  486.310156][ T5887] usb 4-1: config 0 descriptor??
[  486.651930][T10895] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1758'.
[  486.675931][   T25] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  486.732979][ T5887] gs_usb 4-1:0.0: Configuring for 1 interfaces
[  486.853814][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  486.882294][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  486.904369][   T25] usb 2-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  486.918639][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  486.933662][ T5887] gs_usb 4-1:0.0: Couldn't get bit timing const for channel 0 (-EREMOTEIO)
[  486.939109][   T25] usb 2-1: config 0 descriptor??
[  486.980671][ T5887] gs_usb 4-1:0.0: probe with driver gs_usb failed with error -121
[  487.414743][ T5886] usb 5-1: USB disconnect, device number 31
[  487.526572][T10911] netlink: 'syz.0.1764': attribute type 12 has an invalid length.
[  488.019675][   T25] hid-steam 0003:28DE:1142.0007: item fetching failed at offset 4/5
[  488.207060][   T25] hid-steam 0003:28DE:1142.0007: steam_probe:parse of hid interface failed
[  488.261560][   T25] hid-steam 0003:28DE:1142.0007: probe with driver hid-steam failed with error -22
[  488.421127][   T25] usb 2-1: USB disconnect, device number 34
[  488.430038][ T5887] usb 4-1: USB disconnect, device number 43
[  488.521303][T10914] loop4: detected capacity change from 0 to 1764
[  488.555555][T10914] iso9660: Unknown parameter 'noroce'
[  489.909638][T10935] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1768'.
[  490.476901][T10952] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1772'.
[  491.017312][T10964] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  491.056454][T10964] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  491.665320][T10973] loop3: detected capacity change from 0 to 1764
[  491.717256][T10973] iso9660: Unknown parameter 'noroce'
[  493.354638][T10995] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1786'.
[  494.193590][T11006] loop3: detected capacity change from 0 to 1764
[  494.205348][T11006] iso9660: Unknown parameter 'noroce'
[  494.253811][T11007] input: syz0 as /devices/virtual/input/input45
[  495.467704][T11020] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1796'.
[  495.757938][T11026] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1795'.
[  495.933257][T11027] loop3: detected capacity change from 0 to 1024
[  495.945823][T11027] hfsplus: Unknown parameter '	'
[  497.965021][T11041] program syz.4.1804 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  498.186374][T11055] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  498.502525][T11064] 9pnet_fd: Insufficient options for proto=fd
[  498.823408][T11069] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1810'.
[  499.001277][T11070] loop4: detected capacity change from 0 to 1024
[  499.014946][T11070] hfsplus: Unknown parameter '	'
[  499.464281][T11064] xt_CT: You must specify a L4 protocol and not use inversions on it
[  499.739711][T11075] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1812'.
[  499.799357][T11076] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  499.984877][T11078] vlan0: entered allmulticast mode
[  500.032290][T11078] hsr0: entered allmulticast mode
[  500.037627][T11078] hsr_slave_0: entered allmulticast mode
[  500.043427][T11078] hsr_slave_1: entered allmulticast mode
[  500.054247][T11078] hsr0: left allmulticast mode
[  500.092451][T11078] hsr_slave_0: left allmulticast mode
[  500.132623][T11078] hsr_slave_1: left allmulticast mode
[  501.046353][T11104] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1824'.
[  501.216606][T11105] loop2: detected capacity change from 0 to 1024
[  501.227892][T11105] hfsplus: Unknown parameter '	'
[  501.842575][T11108] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1822'.
[  502.067601][T11112] loop4: detected capacity change from 0 to 764
[  502.261588][T11118] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  502.348899][T11123] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1829'.
[  504.808492][T11160] 9pnet_fd: Insufficient options for proto=fd
[  505.117816][T11165] xt_CT: You must specify a L4 protocol and not use inversions on it
[  505.952344][T11164] loop4: detected capacity change from 0 to 1024
[  507.032476][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  507.042384][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  507.082092][ T2963] hfsplus: b-tree write err: -5, ino 4
[  508.009086][   T29] audit: type=1326 audit(1738896760.379:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11181 comm="syz.4.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f628338cde9 code=0x7fc00000
[  508.107990][   T29] audit: type=1326 audit(1738896760.379:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11181 comm="syz.4.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f628338cde9 code=0x7fc00000
[  508.130832][   T29] audit: type=1326 audit(1738896760.379:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11181 comm="syz.4.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f628338cde9 code=0x7fc00000
[  508.159573][   T29] audit: type=1326 audit(1738896760.379:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11181 comm="syz.4.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f628338cde9 code=0x7fc00000
[  508.182924][   T29] audit: type=1326 audit(1738896760.379:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11181 comm="syz.4.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f628338cde9 code=0x7fc00000
[  508.276098][   T29] audit: type=1326 audit(1738896760.399:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11181 comm="syz.4.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f628338cde9 code=0x7fc00000
[  508.435888][   T29] audit: type=1326 audit(1738896760.399:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11181 comm="syz.4.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f628338cde9 code=0x7fc00000
[  508.576824][   T29] audit: type=1326 audit(1738896760.399:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11181 comm="syz.4.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f628338cde9 code=0x7fc00000
[  508.634780][   T29] audit: type=1326 audit(1738896760.399:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11181 comm="syz.4.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f628338cde9 code=0x7fc00000
[  508.716244][   T29] audit: type=1326 audit(1738896760.399:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11181 comm="syz.4.1849" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f628338cde9 code=0x7fc00000
[  508.760626][T11213] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1863'.
[  508.798116][T11213] bridge0: port 2(bridge_slave_1) entered disabled state
[  508.972742][T11223] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  509.055631][T11225] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1866'.
[  509.213953][T11228] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1867'.
[  509.328061][T11225] bond0: (slave bond_slave_1): Releasing backup interface
[  509.368413][T11233] program syz.0.1869 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  509.956250][T11247] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  509.969304][T11247] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  510.345885][ T5887] usb 1-1: new full-speed USB device number 33 using dummy_hcd
[  510.519325][ T5887] usb 1-1: config 0 has no interfaces?
[  510.539781][ T5887] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  510.558426][ T5887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  510.579416][ T5887] usb 1-1: Product: syz
[  510.592866][ T5887] usb 1-1: Manufacturer: syz
[  510.613330][ T5887] usb 1-1: SerialNumber: syz
[  510.637176][ T5887] usb 1-1: config 0 descriptor??
[  510.684606][T11264] loop2: detected capacity change from 0 to 764
[  511.844256][T11270] program syz.4.1882 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  512.931022][T11313] fuse: Unknown parameter '0x0000000000000003'
[  513.123646][   T25] usb 1-1: USB disconnect, device number 33
[  513.796875][T11336] fuse: Unknown parameter '0x0000000000000003'
[  514.913535][T11359] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  514.937723][T11359] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  514.975975][ T5887] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  515.080866][T11368] syz.0.1925: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  515.098181][T11368] CPU: 0 UID: 0 PID: 11368 Comm: syz.0.1925 Not tainted 6.14.0-rc1-next-20250206-syzkaller #0
[  515.098208][T11368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  515.098222][T11368] Call Trace:
[  515.098230][T11368]  <TASK>
[  515.098239][T11368]  dump_stack_lvl+0x241/0x360
[  515.098275][T11368]  ? __pfx_dump_stack_lvl+0x10/0x10
[  515.098299][T11368]  ? __pfx__printk+0x10/0x10
[  515.098355][T11368]  ? __rcu_read_unlock+0xa1/0x110
[  515.098388][T11368]  warn_alloc+0x278/0x410
[  515.098446][T11368]  ? __vmalloc_node_range_noprof+0x106/0x1380
[  515.098479][T11368]  ? __pfx_warn_alloc+0x10/0x10
[  515.098513][T11368]  ? kasan_save_track+0x3f/0x80
[  515.098542][T11368]  ? __kasan_kmalloc+0x98/0xb0
[  515.098576][T11368]  ? xsk_setsockopt+0x4ea/0x950
[  515.098606][T11368]  ? do_sock_setsockopt+0x3af/0x720
[  515.098634][T11368]  ? __x64_sys_setsockopt+0x1ee/0x280
[  515.098662][T11368]  ? do_syscall_64+0xf3/0x230
[  515.098692][T11368]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.098739][T11368]  __vmalloc_node_range_noprof+0x126/0x1380
[  515.098822][T11368]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  515.098862][T11368]  ? __kasan_kmalloc+0x98/0xb0
[  515.098905][T11368]  vmalloc_user_noprof+0x74/0x80
[  515.098934][T11368]  ? xskq_create+0xb6/0x170
[  515.098953][T11368]  xskq_create+0xb6/0x170
[  515.098977][T11368]  xsk_init_queue+0xa1/0x100
[  515.099016][T11368]  xsk_setsockopt+0x4ea/0x950
[  515.099054][T11368]  ? __pfx_xsk_setsockopt+0x10/0x10
[  515.099087][T11368]  ? __pfx_aa_sk_perm+0x10/0x10
[  515.099125][T11368]  ? aa_sock_opt_perm+0xfd/0x1b0
[  515.099157][T11368]  ? __pfx_xsk_setsockopt+0x10/0x10
[  515.099187][T11368]  do_sock_setsockopt+0x3af/0x720
[  515.099228][T11368]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  515.099267][T11368]  ? __fget_files+0x395/0x410
[  515.099290][T11368]  ? __fget_files+0x2a/0x410
[  515.099329][T11368]  __x64_sys_setsockopt+0x1ee/0x280
[  515.099373][T11368]  do_syscall_64+0xf3/0x230
[  515.099399][T11368]  ? clear_bhb_loop+0x35/0x90
[  515.099434][T11368]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  515.099472][T11368] RIP: 0033:0x7f4a5a38cde9
[  515.099496][T11368] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  515.099514][T11368] RSP: 002b:00007f4a5b16b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  515.099535][T11368] RAX: ffffffffffffffda RBX: 00007f4a5a5a5fa0 RCX: 00007f4a5a38cde9
[  515.099570][T11368] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  515.099583][T11368] RBP: 00007f4a5a40e2a0 R08: 0000000000000004 R09: 0000000000000000
[  515.099596][T11368] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  515.099610][T11368] R13: 0000000000000000 R14: 00007f4a5a5a5fa0 R15: 00007ffd5e3b6138
[  515.099653][T11368]  </TASK>
[  515.099751][T11368] Mem-Info:
[  515.379162][T11368] active_anon:5864 inactive_anon:0 isolated_anon:0
[  515.379162][T11368]  active_file:17299 inactive_file:38462 isolated_file:0
[  515.379162][T11368]  unevictable:768 dirty:134 writeback:0
[  515.379162][T11368]  slab_reclaimable:10492 slab_unreclaimable:101794
[  515.379162][T11368]  mapped:29529 shmem:1448 pagetables:1096
[  515.379162][T11368]  sec_pagetables:0 bounce:0
[  515.379162][T11368]  kernel_misc_reclaimable:0
[  515.379162][T11368]  free:1325235 free_pcp:402 free_cma:0
[  515.396011][ T5887] usb 5-1: Using ep0 maxpacket: 8
[  515.424500][    C1] vkms_vblank_simulate: vblank timer overrun
[  515.438826][ T5887] usb 5-1: config 0 has an invalid interface number: 35 but max is 0
[  515.447239][ T5887] usb 5-1: config 0 has no interface number 0
[  515.452520][T11368] Node 0 active_anon:23456kB inactive_anon:0kB active_file:69196kB inactive_file:153776kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:118116kB dirty:536kB writeback:0kB shmem:4256kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:11024kB pagetables:4384kB sec_pagetables:0kB all_unreclaimable? no
[  515.453524][ T5887] usb 5-1: too many endpoints for config 0 interface 35 altsetting 0: 135, using maximum allowed: 30
[  515.485745][    C1] vkms_vblank_simulate: vblank timer overrun
[  515.546286][T11368] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:48kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  515.561860][ T5887] usb 5-1: config 0 interface 35 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 135
[  515.576502][    C1] vkms_vblank_simulate: vblank timer overrun
[  515.670829][T11368] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  515.672708][ T5887] usb 5-1: New USB device found, idVendor=0c00, idProduct=00b3, bcdDevice=2d.ea
[  515.697960][    C1] vkms_vblank_simulate: vblank timer overrun
[  515.737420][T11368] lowmem_reserve[]: 0 2491 2491 0 0
[  515.743155][T11368] Node 0 DMA32 free:1375972kB boost:0kB min:34184kB low:42728kB high:51272kB reserved_highatomic:0KB active_anon:23420kB inactive_anon:0kB active_file:69196kB inactive_file:153192kB unevictable:1536kB writepending:536kB present:3129332kB managed:2550852kB mlocked:0kB bounce:0kB free_pcp:2284kB local_pcp:1688kB free_cma:0kB
[  515.799832][ T5887] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  515.808787][ T5887] usb 5-1: Product: syz
[  515.812981][ T5887] usb 5-1: Manufacturer: syz
[  515.817820][T11368] lowmem_reserve[]: 0 0 0 0 0
[  515.835652][ T5887] usb 5-1: SerialNumber: syz
[  515.841010][T11368] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB active_anon:36kB inactive_anon:0kB active_file:0kB inactive_file:584kB unevictable:0kB writepending:0kB present:1048580kB managed:620kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  515.881425][ T5887] usb 5-1: config 0 descriptor??
[  515.925954][T11368] lowmem_reserve[]: 0 0 0 0 0
[  515.930930][T11368] Node 1 Normal free:3909796kB boost:0kB min:55708kB low:69632kB high:83556kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:72kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:16kB local_pcp:0kB free_cma:0kB
[  515.982260][T11384] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1930'.
[  516.084976][T11368] lowmem_reserve[]: 0 0 0 0 0
[  516.095888][T11368] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  516.145904][T11368] Node 0 DMA32: 111*4kB (ME) 689*8kB (UME) 608*16kB (UME) 301*32kB (UME) 353*64kB (UME) 86*128kB (UME) 72*256kB (UM) 53*512kB (UM) 28*1024kB (UME) 13*2048kB (UM) 297*4096kB (UM) = 1376292kB
[  516.170842][T11368] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  516.212894][T11368] Node 1 Normal: 203*4kB (U) 59*8kB (UME) 46*16kB (UME) 208*32kB (UME) 105*64kB (UME) 35*128kB (UME) 13*256kB (UM) 7*512kB (UM) 4*1024kB (UM) 4*2048kB (U) 945*4096kB (ME) = 3909796kB
[  516.269393][T11368] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  516.299591][T11368] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  516.356526][ T5887] usb 5-1: USB disconnect, device number 32
[  516.358877][T11368] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  516.390461][T11390] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1934'.
[  516.417123][T11368] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  516.456273][T11368] 57211 total pagecache pages
[  516.468044][T11368] 0 pages in swap cache
[  516.472945][T11368] Free swap  = 124740kB
[  516.483792][T11368] Total swap = 124996kB
[  516.489164][T11368] 2097051 pages RAM
[  516.493634][T11368] 0 pages HighMem/MovableOnly
[  516.498549][T11368] 427552 pages reserved
[  516.502745][T11368] 0 pages cma reserved
[  516.955982][ T5932] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  517.133949][ T5932] usb 2-1: Using ep0 maxpacket: 8
[  517.150445][ T5932] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  517.165825][ T5932] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  517.195901][ T5932] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  517.206067][ T5932] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  517.225830][ T5932] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  517.245862][ T5932] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  517.246014][ T5886] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  517.254918][ T5932] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  517.284723][ T5932] usbtmc 2-1:16.0: probe with driver usbtmc failed with error -22
[  517.445954][ T5886] usb 5-1: Using ep0 maxpacket: 16
[  517.458855][ T5886] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  517.492093][ T5886] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  517.513474][ T5886] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  517.541038][ T5886] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  517.566379][ T5886] usb 5-1: config 0 descriptor??
[  517.756938][T11422] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1946'.
[  518.029656][ T5886] hid-multitouch 0003:1FD2:6007.0008: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.4-1/input0
[  518.202843][ T5886] usb 5-1: USB disconnect, device number 33
[  518.252855][T11437] loop7: detected capacity change from 0 to 16384
[  518.320590][T11437] I/O error, dev loop7, sector 896 op 0x1:(WRITE) flags 0x800 phys_seg 16 prio class 2
[  518.331014][T11437] Buffer I/O error on dev loop7, logical block 112, lost async page write
[  518.342060][T11437] Buffer I/O error on dev loop7, logical block 113, lost async page write
[  518.351553][T11437] Buffer I/O error on dev loop7, logical block 114, lost async page write
[  518.361730][T11437] Buffer I/O error on dev loop7, logical block 115, lost async page write
[  518.370969][T11437] Buffer I/O error on dev loop7, logical block 116, lost async page write
[  518.380680][T11437] Buffer I/O error on dev loop7, logical block 117, lost async page write
[  518.390368][T11437] Buffer I/O error on dev loop7, logical block 118, lost async page write
[  518.401870][T11437] Buffer I/O error on dev loop7, logical block 119, lost async page write
[  518.411492][T11437] Buffer I/O error on dev loop7, logical block 120, lost async page write
[  518.421815][T11437] Buffer I/O error on dev loop7, logical block 121, lost async page write
[  519.258394][T11454] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  519.340296][T11460] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1962'.
[  519.468899][T11460] bond0: (slave bond_slave_1): Releasing backup interface
[  519.806867][ T5887] usb 2-1: USB disconnect, device number 35
[  519.976086][ T5932] usb 1-1: new full-speed USB device number 34 using dummy_hcd
[  520.219467][ T5932] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  520.244948][ T5932] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  520.268290][ T5932] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  520.284582][ T5932] usb 1-1: Product: syz
[  520.289899][ T5932] usb 1-1: Manufacturer: syz
[  520.294614][ T5932] usb 1-1: SerialNumber: syz
[  520.336223][ T5932] usb 1-1: config 0 descriptor??
[  520.352242][T11479] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  520.811043][T11491] tipc: Started in network mode
[  520.816618][T11491] tipc: Node identity 40090000002000002d2e00000000002e, cluster identity 4711
[  521.857709][T11524] tipc: Cannot configure node identity twice
[  522.801287][T11555] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2001'.
[  522.828802][ T5887] usb 1-1: USB disconnect, device number 34
[  523.586519][   T46] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  523.775978][   T46] usb 4-1: Using ep0 maxpacket: 32
[  523.794007][   T46] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576
[  524.116573][   T46] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 20
[  525.016461][T11584] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  525.099418][   T46] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  525.115823][   T46] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  525.123874][   T46] usb 4-1: SerialNumber: syz
[  525.301638][T11569] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  525.347930][   T46] cdc_acm 4-1:1.0: Control and data interfaces are not separated!
[  525.707408][T11602] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  525.736808][T11602] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  525.763395][   T46] cdc_acm 4-1:1.0: ttyACM0: USB ACM device
[  525.781277][   T46] usb 4-1: USB disconnect, device number 44
[  526.778885][T11624] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2025'.
[  527.127500][T11631] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2028'.
[  528.044697][T11660] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2041'.
[  528.106329][    T8] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  528.236907][ T5932] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  528.268877][    T8] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  528.304322][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  528.356502][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  528.374208][    T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  528.411650][    T8] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  528.426010][ T5932] usb 2-1: Using ep0 maxpacket: 8
[  528.436274][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  528.447332][ T5932] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  528.466456][    T8] usb 4-1: config 0 descriptor??
[  528.478610][ T5932] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  528.482246][T11671] netlink: 40 bytes leftover after parsing attributes in process `syz.0.2046'.
[  528.497150][ T5932] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  528.524370][ T5932] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  528.544086][ T5932] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  528.599459][ T5932] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  528.863753][ T5932] usb 2-1: usb_control_msg returned -32
[  528.880575][ T5932] usbtmc 2-1:16.0: can't read capabilities
[  528.908433][ T5932] usb 2-1: USB disconnect, device number 36
[  528.932328][    T8] plantronics 0003:047F:FFFF.0009: ignoring exceeding usage max
[  528.969275][    T8] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving
[  529.025700][    T8] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  529.401699][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  529.401719][   T29] audit: type=1326 audit(1738896781.769:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11691 comm="syz.2.2056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a0578cde9 code=0x7ffc0000
[  529.511539][   T29] audit: type=1326 audit(1738896781.769:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11691 comm="syz.2.2056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a0578cde9 code=0x7ffc0000
[  529.604299][   T29] audit: type=1326 audit(1738896781.799:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11691 comm="syz.2.2056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f7a0578cde9 code=0x7ffc0000
[  529.687719][   T29] audit: type=1326 audit(1738896781.799:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11691 comm="syz.2.2056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a0578cde9 code=0x7ffc0000
[  529.801806][   T29] audit: type=1326 audit(1738896781.799:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11691 comm="syz.2.2056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a0578cde9 code=0x7ffc0000
[  529.876477][   T29] audit: type=1326 audit(1738896781.799:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11691 comm="syz.2.2056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f7a0578cde9 code=0x7ffc0000
[  529.925563][   T29] audit: type=1326 audit(1738896781.809:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11691 comm="syz.2.2056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a0578cde9 code=0x7ffc0000
[  529.982317][   T29] audit: type=1326 audit(1738896781.809:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11691 comm="syz.2.2056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f7a0578cde9 code=0x7ffc0000
[  530.046029][   T29] audit: type=1326 audit(1738896781.809:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11691 comm="syz.2.2056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a0578cde9 code=0x7ffc0000
[  530.107698][   T29] audit: type=1326 audit(1738896781.819:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11691 comm="syz.2.2056" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f7a0578cde9 code=0x7ffc0000
[  530.854783][T11726] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  531.052505][ T5887] usb 4-1: USB disconnect, device number 45
[  531.142796][T11734] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2073'.
[  531.313829][T11740] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2076'.
[  531.622166][T11751] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  531.661224][T11751] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  531.727222][T11751] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  531.770393][T11751] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  532.103403][T11761] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  532.435997][    T8] usb 5-1: new full-speed USB device number 34 using dummy_hcd
[  532.613377][    T8] usb 5-1: config 0 has an invalid interface number: 93 but max is 0
[  532.635867][    T8] usb 5-1: config 0 has no interface number 0
[  532.645531][    T8] usb 5-1: New USB device found, idVendor=10b8, idProduct=1bb4, bcdDevice=34.65
[  532.686035][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  532.694129][    T8] usb 5-1: Product: syz
[  532.726309][    T8] usb 5-1: Manufacturer: syz
[  532.740485][    T8] usb 5-1: SerialNumber: syz
[  532.759808][    T8] usb 5-1: config 0 descriptor??
[  532.987232][    T8] dvb-usb: found a 'DiBcom TFE7090PVR reference design' in warm state.
[  533.031877][    T8] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  533.060872][    T8] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  533.091742][    T8] usb 5-1: media controller created
[  533.120926][    T8] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  533.299824][    T8] DVB: Unable to find symbol dib7000p_attach()
[  533.320423][    T8] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  533.345487][    T8] dvb-usb: will use the device's hardware PID filter (table count: 32).
[  533.371480][    T8] dvbdev: DVB: registering new adapter (DiBcom TFE7090PVR reference design)
[  533.392752][    T8] usb 5-1: media controller created
[  533.404063][    T8] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  533.422959][    T8] dib0700: the master dib7090 has to be initialized first
[  533.430469][    T8] dvb-usb: no frontend was attached by 'DiBcom TFE7090PVR reference design'
[  533.605879][    T8] rc_core: IR keymap rc-dib0700-rc5 not found
[  533.616938][    T8] Registered IR keymap rc-empty
[  533.622444][    T8] dvb-usb: could not initialize remote control.
[  533.630466][    T8] dvb-usb: DiBcom TFE7090PVR reference design successfully initialized and connected.
[  533.725932][    T8] usb 5-1: USB disconnect, device number 34
[  533.751994][T11795] random: crng reseeded on system resumption
[  533.927834][    T8] dvb-usb: DiBcom TFE7090PVR reference design successfully deinitialized and disconnected.
[  534.243602][T11802] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2097'.
[  537.206028][T10756] psmouse serio5: Failed to reset mouse on : -5
[  538.260005][T11846] loop7: detected capacity change from 0 to 16384
[  539.448258][T11859] loop4: detected capacity change from 0 to 512
[  539.485532][T11859] EXT4-fs (loop4): blocks per group (34) and clusters per group (32768) inconsistent
[  539.685526][T11859] loop4: detected capacity change from 0 to 1024
[  539.772957][T11859] netlink: 'syz.4.2119': attribute type 11 has an invalid length.
[  540.323416][T11874] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2125'.
[  541.026036][T10756] misc userio: Buffer overflowed, userio client isn't keeping up
[  541.136198][T11881] program syz.2.2127 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  541.848548][   T25] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  541.928969][T11892] loop2: detected capacity change from 0 to 1024
[  542.260765][T10756] input: PS/2 Generic Mouse as /devices/serio5/input/input48
[  542.285844][   T25] usb 5-1: Using ep0 maxpacket: 16
[  542.293293][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  542.305090][   T25] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  542.316263][   T25] usb 5-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  542.325408][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  542.353176][   T25] usb 5-1: config 0 descriptor??
[  542.566164][T10756] psmouse serio5: Failed to enable mouse on 
[  543.066089][T11895] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  543.106286][T11895] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  543.112564][ T1119] hfsplus: b-tree write err: -5, ino 4
[  543.130117][   T25] hid (null): bogus close delimiter
[  543.247665][   T25] hid-generic 0003:0158:0100.000A: unknown main item tag 0x0
[  543.255136][   T25] hid-generic 0003:0158:0100.000A: unknown main item tag 0x0
[  543.334914][   T25] hid-generic 0003:0158:0100.000A: bogus close delimiter
[  543.363674][   T25] hid-generic 0003:0158:0100.000A: item 0 0 2 10 parsing failed
[  543.404942][   T25] hid-generic 0003:0158:0100.000A: probe with driver hid-generic failed with error -22
[  543.479454][   T25] usb 5-1: USB disconnect, device number 35
[  545.932085][T11934] loop4: detected capacity change from 0 to 2048
[  546.010316][T11934] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  546.056344][ T5887] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  546.231946][ T5887] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  546.260687][ T5887] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  546.302828][ T5887] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  546.333583][ T5887] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  546.358039][ T5887] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  546.373221][ T5887] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  546.395149][ T5887] usb 1-1: config 0 descriptor??
[  546.417948][T11931] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  546.840088][T11960] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  546.853095][T11960] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  546.887276][T11960] loop2: detected capacity change from 0 to 1024
[  546.898743][T11960] EXT4-fs: Ignoring removed bh option
[  546.911579][ T5887] plantronics 0003:047F:FFFF.000B: unknown main item tag 0xd
[  546.944727][ T5887] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  546.985167][T11960] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  547.028418][ T5887] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  547.615543][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  549.013342][ T5887] usb 1-1: USB disconnect, device number 35
[  549.097729][T12005] wireguard0: entered promiscuous mode
[  549.147948][T12005] wireguard0: entered allmulticast mode
[  549.398494][T12024] loop2: detected capacity change from 0 to 1024
[  549.437965][T12024] EXT4-fs (loop2): can't mount with journal_checksum, fs mounted w/o journal
[  549.543461][T12024] loop2: detected capacity change from 0 to 1024
[  549.587967][T12024] EXT4-fs: Ignoring removed orlov option
[  549.615506][T12024] EXT4-fs: Ignoring removed nomblk_io_submit option
[  549.743214][T12024] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  551.238506][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  552.843394][T12082] fuse: Bad value for 'fd'
[  553.103081][T12094] loop4: detected capacity change from 0 to 128
[  553.152103][T12091] I/O error, dev loop7, sector 640 op 0x1:(WRITE) flags 0x800 phys_seg 16 prio class 2
[  553.193268][T12091] buffer_io_error: 6 callbacks suppressed
[  553.193288][T12091] Buffer I/O error on dev loop7, logical block 80, lost async page write
[  553.236418][T12091] Buffer I/O error on dev loop7, logical block 81, lost async page write
[  553.253056][T12091] Buffer I/O error on dev loop7, logical block 82, lost async page write
[  553.272293][T12091] Buffer I/O error on dev loop7, logical block 83, lost async page write
[  553.296353][T12091] Buffer I/O error on dev loop7, logical block 84, lost async page write
[  553.308569][T12091] Buffer I/O error on dev loop7, logical block 85, lost async page write
[  553.317665][T12091] Buffer I/O error on dev loop7, logical block 86, lost async page write
[  553.333178][T12091] Buffer I/O error on dev loop7, logical block 87, lost async page write
[  553.341802][T12091] Buffer I/O error on dev loop7, logical block 88, lost async page write
[  553.356515][T12091] Buffer I/O error on dev loop7, logical block 89, lost async page write
[  553.627229][T10756] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  553.820368][T12113] fuse: Bad value for 'fd'
[  553.829044][T10756] usb 4-1: Using ep0 maxpacket: 32
[  553.842601][T10756] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  553.866577][T10756] usb 4-1: config 0 has no interface number 0
[  553.872747][T10756] usb 4-1: config 0 interface 184 has no altsetting 0
[  553.943885][T10756] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  553.975543][T10756] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  554.001682][T10756] usb 4-1: Product: syz
[  554.011828][T10756] usb 4-1: Manufacturer: syz
[  554.026418][T10756] usb 4-1: SerialNumber: syz
[  554.044525][T10756] usb 4-1: config 0 descriptor??
[  554.070214][T10756] smsc75xx v1.0.0
[  554.097873][T12120] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  554.137059][T12120] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  554.425943][    T8] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  554.459025][T12128] program syz.0.2223 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  554.598516][    T8] usb 5-1: config 0 has an invalid interface number: 182 but max is 0
[  554.612754][    T8] usb 5-1: config 0 has an invalid interface association descriptor of length 2, skipping
[  554.623199][    T8] usb 5-1: config 0 has no interface number 0
[  554.629837][    T8] usb 5-1: config 0 interface 182 altsetting 0 endpoint 0x7 has invalid maxpacket 2047, setting to 64
[  554.655878][    T8] usb 5-1: New USB device found, idVendor=0471, idProduct=0330, bcdDevice=29.01
[  554.675597][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  554.780323][    T8] usb 5-1: config 0 descriptor??
[  555.054411][    T8] usb 5-1: string descriptor 0 read error: -71
[  555.101207][    T8] gspca_main: sonixj-2.14.0 probing 0471:0330
[  555.115208][    T8] gspca_sonixj: reg_w1 err -71
[  555.124867][    T8] sonixj 5-1:0.182: probe with driver sonixj failed with error -71
[  555.190839][    T8] usb 5-1: USB disconnect, device number 36
[  555.316545][T10756] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000044: -71
[  555.339333][T10756] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_DATA
[  555.398348][T10756] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  555.445788][T10756] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  555.470509][T10756] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  555.496638][T10756] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  555.536261][T10756] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -71
[  555.564810][T10756] usb 4-1: USB disconnect, device number 46
[  555.787543][T12141] fuse: Bad value for 'fd'
[  556.373289][T12158] loop4: detected capacity change from 0 to 2048
[  556.429654][T12158]  loop4: p4 < >
[  556.611144][   T29] kauditd_printk_skb: 14 callbacks suppressed
[  556.611164][   T29] audit: type=1326 audit(1738896808.979:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12142 comm="syz.2.2229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a0578cde9 code=0x7fc00000
[  557.015189][T12163] loop4: detected capacity change from 0 to 4096
[  557.097253][T12165] program syz.2.2237 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  557.365176][T12163] EXT4-fs (loop4): Test dummy encryption mode enabled
[  557.406622][T12163] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a042c018, mo2=0003]
[  557.414913][T12163] System zones: 0-5
[  557.429942][T12163] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  557.464951][T12176] loop3: detected capacity change from 0 to 1024
[  557.492714][T12176] EXT4-fs: Ignoring removed nobh option
[  557.496263][ T5837] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  557.498593][T12176] EXT4-fs: Ignoring removed bh option
[  557.544667][T12176] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  557.586538][T12183] af_packet: tpacket_rcv: packet too big, clamped from 54 to 4294967286. macoff=82
[  557.744643][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  557.763979][T12183] syzkaller0: entered promiscuous mode
[  557.788787][T12183] syzkaller0: entered allmulticast mode
[  559.139140][T12207] loop4: detected capacity change from 0 to 8192
[  559.146921][T12207] vfat: Unknown parameter ''
[  559.406185][T12211] program syz.3.2253 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  559.555934][    T8] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  559.752327][    T8] usb 2-1: Using ep0 maxpacket: 32
[  559.765031][    T8] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  559.795188][    T8] usb 2-1: config 0 has no interface number 0
[  559.836761][    T8] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  559.866127][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  559.880834][    T8] usb 2-1: Product: syz
[  559.897523][    T8] usb 2-1: Manufacturer: syz
[  559.902185][    T8] usb 2-1: SerialNumber: syz
[  559.929316][T12219] loop3: detected capacity change from 0 to 512
[  559.947249][    T8] usb 2-1: config 0 descriptor??
[  559.971959][    T8] smsc95xx v2.0.0
[  560.014606][T12219] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  560.034367][T12223] Cannot find add_set index 0 as target
[  560.036814][T12219] ext4 filesystem being mounted at /445/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  560.110967][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  561.385259][    T8] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[  561.409009][    T8] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  561.420638][    T8] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  561.432347][    T8] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[  561.454717][    T8] usb 2-1: USB disconnect, device number 37
[  563.225471][T12246] program syz.0.2266 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  563.271742][T12242] loop2: detected capacity change from 0 to 8192
[  564.210941][T12261] loop4: detected capacity change from 0 to 128
[  564.228476][T12261] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  564.249292][T12261] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  564.653312][    T8] usb 3-1: USB disconnect, device number 19
[  564.902266][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  565.043999][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  565.211494][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  565.384201][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  565.970365][   T12] bridge_slave_1: left allmulticast mode
[  566.000856][   T12] bridge_slave_1: left promiscuous mode
[  566.027824][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  566.033573][T12294] loop3: detected capacity change from 0 to 512
[  566.076473][   T12] bridge_slave_0: left allmulticast mode
[  566.094830][   T12] bridge_slave_0: left promiscuous mode
[  566.112244][T12294] EXT4-fs (loop3): Test dummy encryption mode enabled
[  566.134816][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  566.156529][T12294] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  566.220822][T12294] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00cc018, mo2=0002]
[  566.244330][T12294] System zones: 1-12
[  566.266997][T12294] EXT4-fs (loop3): 1 truncate cleaned up
[  566.288678][T12294] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  566.585149][T12311] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  566.647470][T12311] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  566.667818][T12311] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  566.680178][T12311] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  566.692066][T12311] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  566.700931][T12311] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  566.753108][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  566.768816][ T5850] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  566.791009][ T5850] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  566.804738][ T5850] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  566.818385][ T5850] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  566.832844][ T5850] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  566.840610][ T5850] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  567.650309][   T29] audit: type=1326 audit(1738896820.035:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12341 comm="syz.0.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a5a38cde9 code=0x7ffc0000
[  568.041268][   T29] audit: type=1326 audit(1738896820.097:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12341 comm="syz.0.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a5a38cde9 code=0x7ffc0000
[  568.206316][   T29] audit: type=1326 audit(1738896820.159:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12341 comm="syz.0.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f4a5a38cde9 code=0x7ffc0000
[  568.283618][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  568.300373][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  568.407219][   T29] audit: type=1326 audit(1738896820.159:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12341 comm="syz.0.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a5a38cde9 code=0x7ffc0000
[  568.507657][T12342] loop4: detected capacity change from 0 to 8192
[  568.551769][   T29] audit: type=1326 audit(1738896820.169:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12341 comm="syz.0.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a5a38cde9 code=0x7ffc0000
[  568.655913][T12353] loop3: detected capacity change from 0 to 1024
[  568.666119][   T29] audit: type=1326 audit(1738896820.179:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12341 comm="syz.0.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f4a5a38cde9 code=0x7ffc0000
[  568.720828][T12353] EXT4-fs: Ignoring removed nobh option
[  569.002760][T12311] Bluetooth: hci0: command tx timeout
[  569.023840][T12353] EXT4-fs: Ignoring removed bh option
[  569.050982][   T29] audit: type=1326 audit(1738896820.190:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12341 comm="syz.0.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a5a38cde9 code=0x7ffc0000
[  569.790841][   T29] audit: type=1326 audit(1738896820.190:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12341 comm="syz.0.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a5a38cde9 code=0x7ffc0000
[  569.813930][   T29] audit: type=1326 audit(1738896820.190:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12341 comm="syz.0.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f4a5a38cde9 code=0x7ffc0000
[  570.015523][T12353] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  570.033203][   T29] audit: type=1326 audit(1738896820.200:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12341 comm="syz.0.2298" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a5a38cde9 code=0x7ffc0000
[  570.292488][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  571.060359][   T25] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  571.081527][T12311] Bluetooth: hci0: command tx timeout
[  571.324974][   T25] usb 1-1: New USB device found, idVendor=0547, idProduct=0201, bcdDevice=11.64
[  571.401317][   T25] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  571.472286][   T25] usb 1-1: Product: syz
[  571.499769][   T25] usb 1-1: Manufacturer: syz
[  571.516054][   T25] usb 1-1: SerialNumber: syz
[  571.529605][   T25] usb 1-1: config 0 descriptor??
[  571.557225][   T25] dvb-usb: found a 'Nebula Electronics uDigiTV DVB-T USB2.0)' in warm state.
[  571.610872][   T25] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  571.637553][   T25] dvbdev: DVB: registering new adapter (Nebula Electronics uDigiTV DVB-T USB2.0))
[  571.652064][   T25] usb 1-1: media controller created
[  571.662841][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  571.689527][   T12] bond0 (unregistering): Released all slaves
[  571.731447][T12348] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  571.801339][   T25] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  571.888103][   T12] tipc: Disabling bearer <udp:syz2>
[  571.907892][   T12] tipc: Left network mode
[  572.170216][   T25] DVB: Unable to find symbol mt352_attach()
[  572.381093][ T5886] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  572.479371][   T25] DVB: Unable to find symbol nxt6000_attach()
[  572.493670][   T25] dvb-usb: no frontend was attached by 'Nebula Electronics uDigiTV DVB-T USB2.0)'
[  572.537576][   T25] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input52
[  572.893842][   T25] dvb-usb: schedule remote query interval to 1000 msecs.
[  572.952829][   T25] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0) successfully initialized and connected.
[  573.049561][   T25] dvb-usb: bulk message failed: -22 (7/0)
[  573.201142][   T25] dvb-usb: bulk message failed: -22 (7/0)
[  573.235376][T12311] Bluetooth: hci0: command tx timeout
[  573.458635][ T5886] usb 2-1: Using ep0 maxpacket: 32
[  573.546755][    T8] usb 1-1: USB disconnect, device number 36
[  573.559120][ T5886] usb 2-1: config 0 interface 0 has no altsetting 0
[  573.572013][ T5886] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  573.585645][ T5886] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  573.593752][ T5886] usb 2-1: Product: syz
[  573.597950][ T5886] usb 2-1: Manufacturer: syz
[  573.602666][ T5886] usb 2-1: SerialNumber: syz
[  573.633482][ T5886] usb 2-1: config 0 descriptor??
[  573.770707][    T8] dvb-usb: Nebula Electronics uDigiTV DVB-T USB2.0 successfully deinitialized and disconnected.
[  574.112131][ T5886] gs_usb 2-1:0.0: Configuring for 1 interfaces
[  574.121740][   T12] hsr_slave_0: left promiscuous mode
[  574.153477][   T12] hsr_slave_1: left promiscuous mode
[  574.175163][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  574.196285][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  574.206918][T12404] loop3: detected capacity change from 0 to 1024
[  574.216844][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  574.229225][T12404] ext4: Bad value for 'barrier'
[  574.241024][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  574.410185][   T12] veth1_macvtap: left promiscuous mode
[  574.416339][   T12] veth0_macvtap: left promiscuous mode
[  575.418931][   T12] veth1_vlan: left promiscuous mode
[  575.438285][   T12] veth0_vlan: left promiscuous mode
[  575.487746][T12311] Bluetooth: hci0: command tx timeout
[  575.494847][ T5886] gs_usb 2-1:0.0: Disabling termination support for channel 0 (-ETIMEDOUT)
[  576.872168][T12423] loop3: detected capacity change from 0 to 512
[  577.753231][T12423] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  577.766029][T12423] ext4 filesystem being mounted at /proc/1191/cgroup supports timestamps until 2038-01-19 (0x7fffffff)
[  577.779323][T12423] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  577.872273][   T12] pimreg (unregistering): left allmulticast mode
[  578.240589][T12432] loop3: detected capacity change from 0 to 256
[  578.301878][T12432] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  578.841731][T12438] loop3: detected capacity change from 0 to 512
[  578.887421][T12438] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  578.967089][T12438] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  579.087125][T12438] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[  579.146103][T12438] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  579.206945][T12438] System zones: 0-2, 18-18, 34-34
[  579.228235][T12438] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1145: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  579.349992][T12438] EXT4-fs (loop3): 1 truncate cleaned up
[  579.389200][T12438] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  579.643038][ T2149] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  579.866538][ T2149] usb 5-1: Using ep0 maxpacket: 32
[  580.245295][ T2149] usb 5-1: config 0 interface 0 has no altsetting 0
[  580.281609][ T2149] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  580.305942][ T2149] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  580.328617][ T2149] usb 5-1: Product: syz
[  580.331453][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  580.348055][ T2149] usb 5-1: Manufacturer: syz
[  580.352695][ T2149] usb 5-1: SerialNumber: syz
[  580.366226][ T2149] usb 5-1: config 0 descriptor??
[  580.581338][   T12] team0 (unregistering): Port device team_slave_1 removed
[  580.635160][   T12] team0 (unregistering): Port device team_slave_0 removed
[  581.153352][ T2149] gs_usb 5-1:0.0: Configuring for 1 interfaces
[  581.742602][ T2149] gs_usb 5-1:0.0: Disabling termination support for channel 0 (-EREMOTEIO)
[  582.698254][ T5886] usb 2-1: USB disconnect, device number 38
[  582.879183][ T2149] usb 5-1: USB disconnect, device number 37
[  583.172551][T10756] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  583.382571][T10756] usb 1-1: Using ep0 maxpacket: 32
[  583.400654][T10756] usb 1-1: config 0 has no interfaces?
[  583.427992][T10756] usb 1-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  583.459695][T10756] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  583.495708][T10756] usb 1-1: config 0 descriptor??
[  583.563076][T12309] chnl_net:caif_netlink_parms(): no params data found
[  583.573084][T12475] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  583.579992][T12475] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  583.639006][T12475] vhci_hcd vhci_hcd.0: Device attached
[  583.887514][T10756] usb 35-1: new high-speed USB device number 2 using vhci_hcd
[  584.167355][T12493] netlink: 68 bytes leftover after parsing attributes in process `syz.4.2334'.
[  584.304977][ T2149] usb 1-1: USB disconnect, device number 37
[  584.481888][T12309] bridge0: port 1(bridge_slave_0) entered blocking state
[  584.515011][T12309] bridge0: port 1(bridge_slave_0) entered disabled state
[  584.535309][T12309] bridge_slave_0: entered allmulticast mode
[  584.566442][T12309] bridge_slave_0: entered promiscuous mode
[  584.609514][T12309] bridge0: port 2(bridge_slave_1) entered blocking state
[  584.666955][T12309] bridge0: port 2(bridge_slave_1) entered disabled state
[  584.674271][T12309] bridge_slave_1: entered allmulticast mode
[  584.703981][T12309] bridge_slave_1: entered promiscuous mode
[  584.941697][T12309] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  585.275553][T12482] vhci_hcd: connection reset by peer
[  585.285684][T12309] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  585.324822][   T62] vhci_hcd: stop threads
[  585.349419][   T62] vhci_hcd: release socket
[  585.375800][   T62] vhci_hcd: disconnect device
[  585.590560][T12309] team0: Port device team_slave_0 added
[  585.667897][T12309] team0: Port device team_slave_1 added
[  585.682368][    T9] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  585.884853][    T9] usb 5-1: Using ep0 maxpacket: 32
[  585.901951][T12309] batman_adv: batadv0: Adding interface: batadv_slave_0
[  585.903496][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  585.935451][T12309] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  585.993573][    T9] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  586.003585][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  586.018605][T12309] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  586.022510][    T9] usb 5-1: Product: syz
[  586.052195][    T9] usb 5-1: Manufacturer: syz
[  586.068538][    T9] usb 5-1: SerialNumber: syz
[  586.089513][    T9] usb 5-1: config 0 descriptor??
[  586.124495][T12309] batman_adv: batadv0: Adding interface: batadv_slave_1
[  586.148028][T12309] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  586.201573][T12309] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  586.613181][T12309] hsr_slave_0: entered promiscuous mode
[  586.644198][T12309] hsr_slave_1: entered promiscuous mode
[  586.681112][T12309] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  586.712844][T12309] Cannot create hsr debugfs directory
[  586.877089][    T9] gs_usb 5-1:0.0: Configuring for 1 interfaces
[  587.016410][T12540] netlink: 80 bytes leftover after parsing attributes in process `syz.0.2345'.
[  587.221109][    T9] gs_usb 5-1:0.0: Disabling termination support for channel 0 (-EREMOTEIO)
[  587.370055][ T5932] usb 4-1: new full-speed USB device number 47 using dummy_hcd
[  587.442576][    T9] usb 5-1: USB disconnect, device number 38
[  587.545955][ T5932] usb 4-1: config 0 has an invalid interface number: 93 but max is 0
[  587.751802][T12309] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  587.817668][ T5932] usb 4-1: config 0 has no interface number 0
[  587.828203][ T5932] usb 4-1: New USB device found, idVendor=10b8, idProduct=1bb4, bcdDevice=34.65
[  587.865848][ T5932] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  587.891576][T12309] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  587.919038][ T5932] usb 4-1: Product: syz
[  587.923325][ T5932] usb 4-1: Manufacturer: syz
[  588.007579][ T5932] usb 4-1: SerialNumber: syz
[  588.200855][ T5932] usb 4-1: config 0 descriptor??
[  588.276831][T12309] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  588.580049][ T5932] dvb-usb: found a 'DiBcom TFE7090PVR reference design' in cold state, will try to load a firmware
[  588.641574][T12309] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  588.804602][ T5932] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  588.839103][ T5932] dib0700: firmware download failed at 7 with -22
[  589.014348][T12571] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  589.159768][T12309] 8021q: adding VLAN 0 to HW filter on device bond0
[  589.175716][    T9] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  589.239713][T12309] 8021q: adding VLAN 0 to HW filter on device team0
[  589.277551][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  589.284908][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  589.338782][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  589.346912][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  589.357405][    T9] usb 1-1: Using ep0 maxpacket: 8
[  589.375437][    T9] usb 1-1: config 0 interface 0 altsetting 64 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  589.400270][    T9] usb 1-1: config 0 interface 0 has no altsetting 0
[  589.423431][    T9] usb 1-1: New USB device found, idVendor=056a, idProduct=0059, bcdDevice= 0.00
[  589.439237][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  589.456541][    T9] usb 1-1: config 0 descriptor??
[  589.709426][T12309] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  589.720926][T12309] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  589.743633][T10756] vhci_hcd: vhci_device speed not set
[  590.754909][ T5932] usb 4-1: USB disconnect, device number 47
[  590.823662][    T9] wacom 0003:056A:0059.000C: hidraw0: USB HID v0.f9 Device [HID 056a:0059] on usb-dummy_hcd.0-1/input0
[  590.918009][    T9] usb 1-1: USB disconnect, device number 38
[  591.128373][T12597] loop4: detected capacity change from 0 to 1024
[  591.188913][T12597] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  591.279588][T12597] EXT4-fs error (device loop4): ext4_map_blocks:707: inode #3: block 2: comm syz.4.2359: lblock 2 mapped to illegal pblock 2 (length 1)
[  591.306267][T12597] __quota_error: 7 callbacks suppressed
[  591.306287][T12597] Quota error (device loop4): write_blk: dquota write failed
[  591.343699][T12597] Quota error (device loop4): find_free_dqentry: Can't write quota data block 2
[  591.353007][ T5932] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  591.355964][T12597] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  591.374743][T12309] 8021q: adding VLAN 0 to HW filter on device batadv0
[  591.428211][T12597] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.2359: Failed to acquire dquot type 0
[  591.472674][T12597] EXT4-fs error (device loop4): ext4_map_blocks:673: inode #3: block 2: comm syz.4.2359: lblock 2 mapped to illegal pblock 2 (length 1)
[  591.514338][T12597] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  591.559774][ T5932] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  591.575993][T12597] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.2359: Failed to acquire dquot type 0
[  591.597842][ T5932] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  591.616868][T12597] EXT4-fs error (device loop4): ext4_free_blocks:6589: comm syz.4.2359: Freeing blocks not in datazone - block = 0, count = 4096
[  591.645840][ T5932] usb 2-1: config 0 descriptor??
[  591.666867][ T5932] cp210x 2-1:0.0: cp210x converter detected
[  591.674905][T12597] EXT4-fs error (device loop4): ext4_map_blocks:673: inode #3: block 2: comm syz.4.2359: lblock 2 mapped to illegal pblock 2 (length 1)
[  591.724582][T12597] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  591.746378][T12597] EXT4-fs error (device loop4): ext4_acquire_dquot:6927: comm syz.4.2359: Failed to acquire dquot type 0
[  591.774929][T12597] EXT4-fs (loop4): 1 orphan inode deleted
[  591.782973][T12597] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  591.831960][T12597] EXT4-fs (loop4): shut down requested (1)
[  591.870991][T10756] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  591.889676][ T5932] usb 2-1: cp210x converter now attached to ttyUSB0
[  591.950129][ T5837] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  592.041953][T10756] usb 1-1: Using ep0 maxpacket: 32
[  592.062843][T10756] usb 1-1: config 0 interface 0 has no altsetting 0
[  592.087192][T10756] usb 1-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  592.132954][T10756] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  592.142801][ T5932] usb 2-1: USB disconnect, device number 39
[  592.172873][T10756] usb 1-1: Product: syz
[  592.182688][ T5932] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  592.190624][T10756] usb 1-1: Manufacturer: syz
[  592.195373][T10756] usb 1-1: SerialNumber: syz
[  592.229645][ T5932] cp210x 2-1:0.0: device disconnected
[  592.240932][T10756] usb 1-1: config 0 descriptor??
[  592.250245][T12309] veth0_vlan: entered promiscuous mode
[  592.301942][T12309] veth1_vlan: entered promiscuous mode
[  592.405991][T12309] veth0_macvtap: entered promiscuous mode
[  592.444199][T12309] veth1_macvtap: entered promiscuous mode
[  592.510015][T12309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  592.528658][T12309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.540147][T12309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  592.563940][T12309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.573846][T12309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  592.621659][T12309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.637881][T12309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  592.681554][T12309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.698470][T10756] gs_usb 1-1:0.0: Configuring for 1 interfaces
[  592.723560][T12309] batman_adv: batadv0: Interface activated: batadv_slave_0
[  592.785549][T12309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  592.819471][T12309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.841446][T12309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  592.854071][T12309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.864695][T12309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  592.875928][T12309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.886540][T12309] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  592.929756][T12309] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  592.961414][T12309] batman_adv: batadv0: Interface activated: batadv_slave_1
[  593.002499][T12309] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  593.024433][T12309] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  593.050561][T12309] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  593.050599][T12309] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  593.151791][T10756] gs_usb 1-1:0.0: Disabling termination support for channel 0 (-EREMOTEIO)
[  593.283596][T12646] loop3: detected capacity change from 0 to 1024
[  593.284558][T12646] ext4: Bad value for 'barrier'
[  593.346021][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  593.346046][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  593.375788][    T8] usb 1-1: USB disconnect, device number 39
[  594.540281][T10358] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  594.540309][T10358] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  595.137605][T12674] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2375'.
[  595.568254][T12682] loop4: detected capacity change from 0 to 764
[  596.042294][T12694] loop4: detected capacity change from 0 to 256
[  596.163371][T12694] FAT-fs (loop4): Directory bread(block 64) failed
[  596.187228][T12694] FAT-fs (loop4): Directory bread(block 65) failed
[  596.215998][T12694] FAT-fs (loop4): Directory bread(block 66) failed
[  596.233067][T12694] FAT-fs (loop4): Directory bread(block 67) failed
[  596.244057][T12694] FAT-fs (loop4): Directory bread(block 68) failed
[  596.257037][T12694] FAT-fs (loop4): Directory bread(block 69) failed
[  596.266194][T12694] FAT-fs (loop4): Directory bread(block 70) failed
[  596.272779][T12694] FAT-fs (loop4): Directory bread(block 71) failed
[  596.283136][T12694] FAT-fs (loop4): Directory bread(block 72) failed
[  596.292376][T12694] FAT-fs (loop4): Directory bread(block 73) failed
[  596.308822][ T5932] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  596.361156][   T29] audit: type=1800 audit(1738896847.286:72): pid=12694 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2381" name="bus" dev="loop4" ino=68 res=0 errno=0
[  596.381463][    C1] vkms_vblank_simulate: vblank timer overrun
[  596.398638][T12694] syz.4.2381: attempt to access beyond end of device
[  596.398638][T12694] loop4: rw=2049, sector=1224, nr_sectors = 4 limit=256
[  596.422094][   T29] audit: type=1800 audit(1738896847.314:73): pid=12694 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2381" name="bus" dev="loop4" ino=68 res=0 errno=0
[  596.444358][T12694] buffer_io_error: 6 callbacks suppressed
[  596.444375][T12694] Buffer I/O error on dev loop4, logical block 306, lost async page write
[  596.484747][ T5932] usb 6-1: Using ep0 maxpacket: 32
[  596.510629][ T5932] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  596.539038][ T5932] usb 6-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= 5.f5
[  596.552892][ T5932] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  596.581595][ T5932] usb 6-1: Product: syz
[  596.587220][ T5932] usb 6-1: Manufacturer: syz
[  596.591943][ T5932] usb 6-1: SerialNumber: syz
[  596.593236][ T1119] kworker/u8:5: attempt to access beyond end of device
[  596.593236][ T1119] loop4: rw=1, sector=1224, nr_sectors = 4 limit=256
[  596.622378][ T1119] Buffer I/O error on dev loop4, logical block 306, lost async page write
[  596.627986][ T5932] usb 6-1: config 0 descriptor??
[  596.661616][T12698] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  596.692482][ T5932] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  596.926732][ T5932] usb 6-1: USB disconnect, device number 2
[  597.075271][    T8] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  597.257154][    T8] usb 5-1: Using ep0 maxpacket: 32
[  597.265984][ T5831] udevd[5831]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  597.301849][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  597.329191][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  597.346727][    T8] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  597.366306][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  597.382148][    T8] usb 5-1: config 0 descriptor??
[  597.395540][    T8] hub 5-1:0.0: USB hub found
[  597.651280][    T8] hub 5-1:0.0: config failed, can't read hub descriptor (err -22)
[  597.972184][    T8] hid-generic 0003:046D:C31C.000D: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.4-1/input0
[  598.261743][    T8] usb 5-1: USB disconnect, device number 39
[  598.340994][T12758] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2394'.
[  600.106693][T12791] loop3: detected capacity change from 0 to 512
[  600.156457][T12791] EXT4-fs: Ignoring removed orlov option
[  600.207549][T12791] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  600.313355][T12791] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c01c, mo2=0002]
[  600.347291][T12791] System zones: 1-12
[  600.390135][T12791] EXT4-fs (loop3): 1 truncate cleaned up
[  600.412754][T12791] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  600.553124][T12791] EXT4-fs error (device loop3): ext4_check_all_de:656: inode #12: block 7: comm syz.3.2403: bad entry in directory: inode out of bounds - offset=0, inode=16777215, rec_len=16, size=124 fake=0
[  600.581300][ T5886] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  600.801363][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  600.891617][ T5886] usb 6-1: Using ep0 maxpacket: 32
[  600.917715][ T5886] usb 6-1: config 0 interface 0 has no altsetting 0
[  600.932002][ T5886] usb 6-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  600.955757][ T5886] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.997006][ T5886] usb 6-1: Product: syz
[  601.030398][ T5886] usb 6-1: Manufacturer: syz
[  601.046497][ T5886] usb 6-1: SerialNumber: syz
[  601.079854][ T5886] usb 6-1: config 0 descriptor??
[  601.410846][T12827] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2416'.
[  601.465983][T12827] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2416'.
[  601.568138][ T5886] gs_usb 6-1:0.0: Configuring for 1 interfaces
[  602.054029][ T5886] gs_usb 6-1:0.0: Disabling termination support for channel 0 (-EREMOTEIO)
[  602.272381][    T9] usb 6-1: USB disconnect, device number 3
[  602.410682][T12837] program syz.4.2418 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  602.772911][ T5932] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  602.969184][ T5932] usb 2-1: config 0 has an invalid interface number: 255 but max is 0
[  603.016067][ T5932] usb 2-1: config 0 has no interface number 0
[  603.050958][ T5932] usb 2-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  603.113711][ T5932] usb 2-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  603.145578][T12848] loop5: detected capacity change from 0 to 16
[  603.178655][T12848] erofs (device loop5): mounted with root inode @ nid 36.
[  603.189652][ T5932] usb 2-1: config 0 interface 255 has no altsetting 0
[  603.230132][ T5932] usb 2-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  603.307012][ T5932] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  603.340385][ T5932] usb 2-1: config 0 descriptor??
[  603.584368][ T5932] usb 2-1: string descriptor 0 read error: -71
[  603.615880][ T5932] ums-realtek 2-1:0.255: USB Mass Storage device detected
[  603.928533][ T5932] usb 2-1: USB disconnect, device number 40
[  604.549573][T12881] loop3: detected capacity change from 0 to 128
[  604.666720][T12874] loop4: detected capacity change from 0 to 8192
[  605.276100][    T9] usb 4-1: new full-speed USB device number 48 using dummy_hcd
[  605.417851][T12904] loop5: detected capacity change from 0 to 4096
[  605.437976][T12904] EXT4-fs (loop5): filesystem too large to mount safely on this system
[  605.456520][ T5886] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  605.468359][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  605.481207][    T9] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  605.493331][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  605.506216][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  605.519959][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  605.546664][    T9] usb 4-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  605.557753][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  605.568313][    T9] usb 4-1: Product: syz
[  605.572677][    T9] usb 4-1: Manufacturer: syz
[  605.577847][    T9] usb 4-1: SerialNumber: syz
[  605.615825][    T9] usb 4-1: config 0 descriptor??
[  605.644540][ T5886] usb 1-1: Using ep0 maxpacket: 8
[  605.687388][ T5886] usb 1-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  605.703657][ T5886] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  605.711812][ T5886] usb 1-1: Product: syz
[  605.725814][ T5886] usb 1-1: Manufacturer: syz
[  605.732051][ T5886] usb 1-1: SerialNumber: syz
[  605.747508][ T5886] usb 1-1: config 0 descriptor??
[  605.857588][    T9] radio-si470x 4-1:0.0: si470x_get_report: usb_control_msg returned -32
[  605.871830][    T9] radio-si470x 4-1:0.0: probe with driver radio-si470x failed with error -5
[  605.914391][    T9] usb 4-1: USB disconnect, device number 48
[  605.934792][T12914] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2444'.
[  606.061341][T12917] loop5: detected capacity change from 0 to 128
[  606.080586][T12917] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  606.116861][T12917] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  607.254134][T12941] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2451'.
[  607.452766][T12949] loop3: detected capacity change from 0 to 16
[  607.505720][T12949] erofs (device loop3): mounted with root inode @ nid 36.
[  607.704786][T12955] loop4: detected capacity change from 0 to 256
[  607.771795][T12955] exfat: Invalid uid '0x00000000ffffffff'
[  608.338701][T12964] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2458'.
[  608.372686][T12964] bridge0: port 2(bridge_slave_1) entered disabled state
[  608.411860][T12969] loop3: detected capacity change from 0 to 1024
[  608.460828][T12969] EXT4-fs: Ignoring removed oldalloc option
[  608.481897][T12969] EXT4-fs: Ignoring removed bh option
[  608.559246][T12969] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: none.
[  608.808506][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  608.962712][   T46] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  609.176797][   T46] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  609.187569][   T46] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  609.226574][   T46] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  609.255855][   T46] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  609.290166][   T46] usb 5-1: SerialNumber: syz
[  609.495333][T13012] loop3: detected capacity change from 0 to 2048
[  609.516085][T13012] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  609.554521][   T46] usb 5-1: 0:2 : does not exist
[  609.570034][T13012] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  609.584142][T13012] UDF-fs: Scanning with blocksize 512 failed
[  609.597047][T13012] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  609.631526][T13012] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  609.649321][T13012] UDF-fs: Scanning with blocksize 1024 failed
[  609.668837][   T46] usb 5-1: USB disconnect, device number 40
[  609.709365][T13012] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  609.731750][T13012] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[  609.780985][T13012] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  609.810618][T13012] UDF-fs: Scanning with blocksize 2048 failed
[  609.827841][T13012] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  609.850482][T13012] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  609.887008][T13012] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[  609.908495][T13012] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  609.928013][ T6010] udevd[6010]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  609.956524][T13012] UDF-fs: Scanning with blocksize 4096 failed
[  609.979554][T13012] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1)
[  611.241967][T13037] syzkaller0: refused to change device tx_queue_len
[  611.340834][T13042] cgroup: Unknown subsys name 'cpuset'
[  612.214015][   T46] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  612.406338][   T46] usb 2-1: Using ep0 maxpacket: 32
[  612.434748][   T46] usb 2-1: config 0 has no interfaces?
[  612.456909][   T46] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  612.487932][   T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.540087][   T46] usb 2-1: config 0 descriptor??
[  612.901114][T13051] 9pnet_fd: Insufficient options for proto=fd
[  612.932660][    T9] usb 2-1: USB disconnect, device number 41
[  613.819859][T13081] loop4: detected capacity change from 0 to 1024
[  615.205059][ T2937] hfsplus: b-tree write err: -5, ino 4
[  615.251146][T13104] loop3: detected capacity change from 0 to 256
[  615.318853][T13104] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  616.564577][T13121] netlink: 'syz.3.2505': attribute type 10 has an invalid length.
[  618.685910][T13156] program syz.4.2515 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  619.278102][T13142] loop3: detected capacity change from 0 to 32768
[  619.335135][T13142] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2512 (13142)
[  619.628668][T13142] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  619.670509][T13142] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  619.771197][T13142] BTRFS info (device loop3): using free-space-tree
[  621.057015][T13142] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  621.871386][T13142] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  621.920769][T13142] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  621.973757][T13142] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  622.028745][T13142] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  622.112552][T13142] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  622.122124][T13142] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  622.247324][T13142] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  622.347882][T13142] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  622.380690][T13142] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  622.460911][T13142] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  622.515662][T13142] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  622.577489][T13142] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  622.979074][T13142] BTRFS error (device loop3): open_ctree failed: -12
[  629.168860][T13261] loop4: detected capacity change from 0 to 4096
[  629.215755][T13261] ntfs3: Unknown parameter 'noacsrules'
[  629.834761][T13281] loop4: detected capacity change from 0 to 512
[  629.861905][T13281] EXT4-fs: Ignoring removed nobh option
[  629.894332][T13281] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  630.229792][T13281] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[  632.026424][T13308] loop4: detected capacity change from 0 to 128
[  632.088831][T13308] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  632.185634][T13308] UDF-fs: error (device loop4): udf_read_inode: (ino 93) failed !bh
[  632.242510][T13308] UDF-fs: Scanning with blocksize 512 failed
[  632.259360][T13308] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  632.291349][T13308] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  632.313678][T13308] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  632.339578][T13308] UDF-fs: Scanning with blocksize 1024 failed
[  632.357945][T13308] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  632.392465][T13308] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  632.418861][T13308] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  632.443437][T13308] UDF-fs: Scanning with blocksize 2048 failed
[  632.465123][T13308] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  632.495067][T13308] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  632.531519][T13308] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  632.564037][T13308] UDF-fs: Scanning with blocksize 4096 failed
[  632.596333][T13308] UDF-fs: warning (device loop4): udf_fill_super: No partition found (1)
[  633.637901][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  633.651466][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  634.418406][T13348] fuse: Unknown parameter 'group_id00000000000000000000'
[  635.203945][T13360] loop4: detected capacity change from 0 to 2048
[  635.358118][T13360] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  635.399116][T13360] ext4 filesystem being mounted at /564/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  635.698943][ T5837] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  636.073251][T13355] loop3: detected capacity change from 0 to 32768
[  636.133928][T13355] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2567 (13355)
[  636.261879][T13355] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  636.309296][T13355] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  636.340293][T13355] BTRFS info (device loop3): disk space caching is enabled
[  636.350126][T13383] loop4: detected capacity change from 0 to 2048
[  636.383250][T13355] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  636.446115][T13383] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  636.816974][T13355] BTRFS info (device loop3): rebuilding free space tree
[  636.915588][ T5837] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  637.039782][T13412] hub 2-0:1.0: USB hub found
[  637.048206][T13412] hub 2-0:1.0: 1 port detected
[  637.702430][T13355] BTRFS info (device loop3): disabling free space tree
[  637.735755][T13355] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  637.801099][T13355] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  638.194127][ T5836] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  639.843986][T13456] loop4: detected capacity change from 0 to 1024
[  639.896994][T13456] ext4: Bad value for 'max_batch_time'
[  640.087064][T13461] fuse: Bad value for 'user_id'
[  640.091992][T13461] fuse: Bad value for 'user_id'
[  640.131363][T13465] netlink: 892 bytes leftover after parsing attributes in process `syz.5.2591'.
[  640.146402][T13463] loop3: detected capacity change from 0 to 2048
[  640.259085][T13463] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  640.324340][ T6010] udevd[6010]: incorrect nilfs2 checksum on /dev/loop3
[  640.327307][T13470] kAFS: unparsable volume name
[  640.413533][T13474] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  640.779627][T13463] syz.3.2579 (13463) used greatest stack depth: 17232 bytes left
[  641.180568][T13503] fuse: Bad value for 'user_id'
[  641.186104][T13503] fuse: Bad value for 'user_id'
[  645.425350][T13536] program syz.0.2612 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  645.502534][T13540] fuse: Bad value for 'user_id'
[  645.508710][T13540] fuse: Bad value for 'user_id'
[  646.063762][T13561] smb3: Unknown parameter 'aclİOl#W'
[  646.339749][T13541] loop3: detected capacity change from 0 to 32768
[  646.352195][T13541] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2616 (13541)
[  646.431918][T13541] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  646.464928][T13541] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  646.730754][T13541] BTRFS info (device loop3): rebuilding free space tree
[  646.865013][T13541] BTRFS info (device loop3): disabling free space tree
[  646.890907][T13541] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  646.924090][T13541] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  646.975182][T13595] program syz.1.2630 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  647.913943][T13609] btrfs: Unknown parameter '9
[  647.913943][T13609] model name	: Intel(R) Xeon(R) CPU @ 2.20GHz
[  647.913943][T13609] stepping	: 0
[  647.913943][T13609] microcode	: 0xffffffff
[  647.913943][T13609] cpu MHz		: 2199.998
[  647.913943][T13609] cache size	: 56320 KB
[  647.913943][T13609] physical id	: 0
[  647.913943][T13609] siblings	: 2
[  647.913943][T13609] core id		: 0
[  647.913943][T13609] cpu cores	: 1
[  647.913943][T13609] apicid		: 0
[  647.913943][T13609] initial apicid	: 0
[  647.913943][T13609] fpu		: yes
[  647.913943][T13609] fp'
[  648.791772][ T5836] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  648.909901][T13614] loop4: detected capacity change from 0 to 512
[  648.965869][T13614] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  649.083036][T13614] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2863: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  649.083693][T13614] EXT4-fs (loop4): 1 truncate cleaned up
[  649.086297][T13614] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  649.369768][ T5837] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  649.573883][ T5886] IPVS: starting estimator thread 0...
[  649.843573][T13623] IPVS: using max 19 ests per chain, 45600 per kthread
[  650.885425][T13635] netlink: 'syz.3.2642': attribute type 5 has an invalid length.
[  650.932180][T13635] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2642'.
[  651.097483][T13639] loop4: detected capacity change from 0 to 1024
[  651.136172][T13639] EXT4-fs: Ignoring removed nobh option
[  651.228508][T13639] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  651.660522][ T5837] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  653.068800][T13668] smb3: Unknown parameter 'aclİOl#W'
[  653.217238][T13669] vlan2: entered promiscuous mode
[  653.232576][T13669] team0: entered promiscuous mode
[  653.264827][T13669] team_slave_0: entered promiscuous mode
[  653.296951][T13669] team_slave_1: entered promiscuous mode
[  653.307003][T13669] vlan2: entered allmulticast mode
[  653.330794][T13676] program syz.1.2659 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  653.335806][T13669] team0: entered allmulticast mode
[  653.356329][T13669] team_slave_0: entered allmulticast mode
[  653.367595][T13669] team_slave_1: entered allmulticast mode
[  654.155022][T13703] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2669'.
[  654.960844][T13710] loop3: detected capacity change from 0 to 64
[  655.251506][T13717] overlayfs: failed to resolve './file0': -2
[  655.472764][T13725] program syz.1.2677 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  655.913275][T13737] loop3: detected capacity change from 0 to 1024
[  657.274160][T10358] hfsplus: b-tree write err: -5, ino 4
[  657.754933][T13759] loop3: detected capacity change from 0 to 1024
[  657.766070][T13761] program syz.1.2690 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  657.788735][T13759] EXT4-fs: Ignoring removed orlov option
[  657.846399][T13759] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  657.924479][T13759] ext4 filesystem being mounted at /526/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  658.070986][T13759] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 46 with max blocks 1 with error 28
[  658.106520][T13759] EXT4-fs (loop3): This should not happen!! Data will be lost
[  658.106520][T13759] 
[  658.133715][T13759] EXT4-fs (loop3): Total free blocks count 0
[  658.154681][T13759] EXT4-fs (loop3): Free/Dirty block details
[  658.168738][T13759] EXT4-fs (loop3): free_blocks=0
[  658.180212][T13759] EXT4-fs (loop3): dirty_blocks=0
[  658.198598][T13759] EXT4-fs (loop3): Block reservation details
[  658.213715][T13759] EXT4-fs (loop3): i_reserved_data_blocks=0
[  658.285233][T13770] macvlan2: entered promiscuous mode
[  658.352093][T13770] macvlan2: entered allmulticast mode
[  658.378063][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  658.395345][T13773] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  658.579581][T13773] batman_adv: batadv0: Removing interface: batadv_slave_0
[  660.511894][T13797] loop4: detected capacity change from 0 to 256
[  660.633882][T13809] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2703'.
[  660.940104][T13815] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2706'.
[  660.950784][T13815] bridge_slave_1: left promiscuous mode
[  660.981909][T13815] bridge0: port 2(bridge_slave_1) entered disabled state
[  661.046607][T13815] bridge_slave_0: left allmulticast mode
[  661.090085][T13815] bridge_slave_0: left promiscuous mode
[  661.099277][T13815] bridge0: port 1(bridge_slave_0) entered disabled state
[  661.254200][T13824] loop4: detected capacity change from 0 to 1024
[  661.377712][   T29] audit: type=1326 audit(1738896908.097:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.1.2712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf38d8cde9 code=0x7ffc0000
[  661.421213][   T29] audit: type=1326 audit(1738896908.097:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.1.2712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf38d8cde9 code=0x7ffc0000
[  661.729573][   T29] audit: type=1326 audit(1738896908.097:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.1.2712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fbf38d8cde9 code=0x7ffc0000
[  661.774564][   T29] audit: type=1326 audit(1738896908.097:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.1.2712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf38d8cde9 code=0x7ffc0000
[  661.806818][   T29] audit: type=1326 audit(1738896908.097:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.1.2712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf38d8cde9 code=0x7ffc0000
[  661.832078][   T29] audit: type=1326 audit(1738896908.097:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.1.2712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fbf38d8cde9 code=0x7ffc0000
[  662.299081][   T29] audit: type=1326 audit(1738896908.097:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.1.2712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf38d8cde9 code=0x7ffc0000
[  662.618441][   T29] audit: type=1326 audit(1738896908.097:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.1.2712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf38d8cde9 code=0x7ffc0000
[  662.746831][   T29] audit: type=1326 audit(1738896908.097:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.1.2712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7fbf38d8cde9 code=0x7ffc0000
[  662.769366][   T29] audit: type=1326 audit(1738896908.097:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13827 comm="syz.1.2712" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbf38d8cde9 code=0x7ffc0000
[  662.810252][ T5932] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  662.830861][ T2937] hfsplus: b-tree write err: -5, ino 4
[  663.003633][ T5932] usb 4-1: Using ep0 maxpacket: 32
[  663.038832][ T5932] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[  663.071650][ T5932] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  663.101878][ T5932] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[  663.134909][ T5932] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  663.164005][ T5932] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  663.173718][ T5932] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  663.222788][ T5932] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  663.243169][ T5932] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  663.257726][T13850] loop4: detected capacity change from 0 to 2048
[  663.275579][T13852] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2721'.
[  663.285660][ T5932] usb 4-1: config 0 descriptor??
[  663.492860][T13850] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  663.531526][ T5932] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 49 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  663.759935][ T5837] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  665.468531][ T5932] usb 4-1: USB disconnect, device number 49
[  665.509029][ T5932] usblp0: removed
[  665.728798][T13873] loop3: detected capacity change from 0 to 1024
[  667.014318][T12761] hfsplus: b-tree write err: -5, ino 4
[  667.216154][T13889] loop3: detected capacity change from 0 to 764
[  667.586364][T13891] loop3: detected capacity change from 0 to 2048
[  667.741684][T13891] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  667.992111][ T5850] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  668.015580][ T5850] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  668.062854][ T5850] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  668.072469][ T5850] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  668.080497][ T5850] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  668.089107][ T5850] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  668.171819][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  669.325130][ T5932] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  669.522810][ T5932] usb 4-1: Using ep0 maxpacket: 32
[  669.539462][ T5932] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[  669.557332][ T5932] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  669.566676][ T5932] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[  669.590893][ T5932] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  669.611429][ T5932] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  669.632225][ T5932] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  669.654897][ T5932] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  669.675450][ T5932] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  669.697555][ T5932] usb 4-1: config 0 descriptor??
[  669.934198][ T5932] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 50 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  670.312154][T12311] Bluetooth: hci5: command tx timeout
[  672.569021][T12311] Bluetooth: hci5: command tx timeout
[  672.696620][ T5932] usb 4-1: USB disconnect, device number 50
[  672.788214][ T5932] usblp0: removed
[  673.160767][T13927] loop3: detected capacity change from 0 to 2048
[  673.338808][T13927] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  673.450379][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  674.763583][T12311] Bluetooth: hci5: command tx timeout
[  675.933797][T12761] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  676.073036][    T8] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  676.086867][T12761] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  676.244440][    T8] usb 4-1: Using ep0 maxpacket: 32
[  676.246628][T12761] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  676.275155][    T8] usb 4-1: config index 0 descriptor too short (expected 29220, got 36)
[  676.305263][    T8] usb 4-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  676.332699][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 81
[  676.361667][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  676.377815][    T8] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  676.388774][    T8] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  676.410032][    T8] usb 4-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  676.419166][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  676.449653][    T8] usb 4-1: config 0 descriptor??
[  676.619433][T12761] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  676.711811][    T8] usblp 4-1:0.0: usblp0: USB Bidirectional printer dev 51 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  676.894770][T13897] chnl_net:caif_netlink_parms(): no params data found
[  676.988517][T12311] Bluetooth: hci5: command tx timeout
[  677.644102][T12761] bridge_slave_1: left allmulticast mode
[  677.652248][T12761] bridge_slave_1: left promiscuous mode
[  677.658170][T12761] bridge0: port 2(bridge_slave_1) entered disabled state
[  677.672686][T12761] bridge_slave_0: left allmulticast mode
[  677.680894][T12761] bridge_slave_0: left promiscuous mode
[  677.690934][T12761] bridge0: port 1(bridge_slave_0) entered disabled state
[  679.435161][ T5932] IPVS: starting estimator thread 0...
[  679.628151][T13985] IPVS: using max 23 ests per chain, 55200 per kthread
[  680.127122][ T5886] usb 4-1: USB disconnect, device number 51
[  680.143378][ T5886] usblp0: removed
[  681.422666][T12761] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  681.439369][T14002] netlink: 277 bytes leftover after parsing attributes in process `syz.1.2766'.
[  681.461526][T12761] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  681.473108][T12761] bond0 (unregistering): Released all slaves
[  681.500667][T12761] bond1 (unregistering): Released all slaves
[  681.652076][ T5886] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  681.829912][ T5886] usb 4-1: Using ep0 maxpacket: 16
[  681.854314][ T5886] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  681.873912][ T5886] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  681.889296][ T5886] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  681.900800][ T5886] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  681.934637][T12761] tipc: Left network mode
[  681.944188][T13897] bridge0: port 1(bridge_slave_0) entered blocking state
[  681.945679][ T5886] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22
[  681.970492][T13897] bridge0: port 1(bridge_slave_0) entered disabled state
[  681.990937][T13897] bridge_slave_0: entered allmulticast mode
[  682.031768][T13897] bridge_slave_0: entered promiscuous mode
[  682.044951][ T5886] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  682.055438][ T5886] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  682.063996][ T5886] usb 4-1: SerialNumber: syz
[  682.087083][T13897] bridge0: port 2(bridge_slave_1) entered blocking state
[  682.096092][ T5886] cdc_acm 4-1:1.0: Control and data interfaces are not separated!
[  682.109242][ T5886] cdc_acm 4-1:1.0: probe with driver cdc_acm failed with error -12
[  682.133947][T13897] bridge0: port 2(bridge_slave_1) entered disabled state
[  682.163678][T13897] bridge_slave_1: entered allmulticast mode
[  682.173249][T13897] bridge_slave_1: entered promiscuous mode
[  682.316137][ T5886] usb 4-1: USB disconnect, device number 52
[  682.521285][T13897] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  682.592985][T13897] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  682.875351][T12761] hsr_slave_0: left promiscuous mode
[  682.912925][T12761] hsr_slave_1: left promiscuous mode
[  682.937939][T12761] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  682.958006][T12761] batman_adv: batadv0: Removing interface: batadv_slave_0
[  682.989980][T12761] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  683.016314][T12761] batman_adv: batadv0: Removing interface: batadv_slave_1
[  683.113733][T12761] veth1_macvtap: left promiscuous mode
[  683.133646][T12761] veth0_macvtap: left promiscuous mode
[  683.152210][T12761] veth1_vlan: left promiscuous mode
[  683.162403][T12761] veth0_vlan: left promiscuous mode
[  684.727346][   T46] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  684.845539][T12761] team0 (unregistering): Port device team_slave_1 removed
[  684.895854][T12761] team0 (unregistering): Port device team_slave_0 removed
[  684.908264][   T46] usb 2-1: Using ep0 maxpacket: 32
[  684.915798][   T46] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  684.924918][   T46] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  684.934232][   T46] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  684.951185][   T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  684.961242][   T46] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  684.971221][   T46] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  684.985630][   T46] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  684.994963][   T46] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  685.020024][   T46] usb 2-1: config 0 descriptor??
[  685.257291][   T46] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 42 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  685.524231][T13897] team0: Port device team_slave_0 added
[  685.549346][T13897] team0: Port device team_slave_1 added
[  686.771627][T13897] batman_adv: batadv0: Adding interface: batadv_slave_0
[  686.804972][T13897] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  686.869995][T13897] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  687.054360][T13897] batman_adv: batadv0: Adding interface: batadv_slave_1
[  687.066510][T13897] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  687.241455][T13897] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  687.698742][T14054] Falling back ldisc for ttyprintk.
[  688.156846][T13897] hsr_slave_0: entered promiscuous mode
[  688.194192][T13897] hsr_slave_1: entered promiscuous mode
[  688.229366][T13897] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  688.261166][T13897] Cannot create hsr debugfs directory
[  688.463131][T14068] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000009: 0000 [#1] PREEMPT SMP KASAN PTI
[  688.475748][T14068] KASAN: null-ptr-deref in range [0x0000000000000048-0x000000000000004f]
[  688.484174][T14068] CPU: 0 UID: 0 PID: 14068 Comm: syz.5.2782 Not tainted 6.14.0-rc1-next-20250206-syzkaller #0
[  688.494402][T14068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  688.504451][T14068] RIP: 0010:clone_private_mount+0x184/0x3e0
[  688.510340][T14068] Code: 89 d8 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 48 83 c3 48 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 4d 89 fc 74 08 48 89 df e8 db dd e4 ff 48 8b 1b 31 ff
[  688.529975][T14068] RSP: 0018:ffffc9000b8f7958 EFLAGS: 00010206
[  688.536071][T14068] RAX: 0000000000000009 RBX: 0000000000000048 RCX: dffffc0000000000
[  688.544049][T14068] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff888028d79a50
[  688.552032][T14068] RBP: 0000000000000000 R08: ffffffff8ea81ca7 R09: 1ffffffff1d50394
[  688.560014][T14068] R10: dffffc0000000000 R11: fffffbfff1d50395 R12: ffff888028d79a40
[  688.567989][T14068] R13: ffff888028d79a60 R14: 1ffff11004de10a0 R15: ffff888026f08500
[  688.575970][T14068] FS:  00007f6d91ca76c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  688.584923][T14068] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  688.591518][T14068] CR2: 0000200000001000 CR3: 0000000063c5e000 CR4: 00000000003526f0
[  688.599505][T14068] Call Trace:
[  688.602799][T14068]  <TASK>
[  688.605731][T14068]  ? __die_body+0x5f/0xb0
[  688.610096][T14068]  ? die_addr+0xb0/0xe0
[  688.614280][T14068]  ? exc_general_protection+0x3dd/0x5d0
[  688.619855][T14068]  ? asm_exc_general_protection+0x26/0x30
[  688.625594][T14068]  ? clone_private_mount+0x184/0x3e0
[  688.630887][T14068]  ? clone_private_mount+0x83/0x3e0
[  688.636102][T14068]  ? _raw_spin_unlock+0x28/0x50
[  688.640969][T14068]  ovl_fill_super+0xe4c/0x3560
[  688.645747][T14068]  ? shrinker_register+0x118/0x230
[  688.650873][T14068]  ? __pfx_lock_release+0x10/0x10
[  688.655923][T14068]  ? __pfx_ovl_fill_super+0x10/0x10
[  688.661132][T14068]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  688.666960][T14068]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  688.672963][T14068]  ? sget_fc+0x909/0x9c0
[  688.677214][T14068]  ? __pfx_set_anon_super_fc+0x10/0x10
[  688.682683][T14068]  ? __pfx_ovl_fill_super+0x10/0x10
[  688.687888][T14068]  get_tree_nodev+0xb7/0x140
[  688.692489][T14068]  vfs_get_tree+0x90/0x2b0
[  688.696926][T14068]  do_new_mount+0x2be/0xb40
[  688.701436][T14068]  ? __pfx_do_new_mount+0x10/0x10
[  688.706469][T14068]  __se_sys_mount+0x2d6/0x3c0
[  688.711157][T14068]  ? __pfx___se_sys_mount+0x10/0x10
[  688.716361][T14068]  ? do_syscall_64+0x100/0x230
[  688.721229][T14068]  ? __x64_sys_mount+0x20/0xc0
[  688.726010][T14068]  do_syscall_64+0xf3/0x230
[  688.730527][T14068]  ? clear_bhb_loop+0x35/0x90
[  688.735229][T14068]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  688.741137][T14068] RIP: 0033:0x7f6d90d8cde9
[  688.745559][T14068] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  688.765183][T14068] RSP: 002b:00007f6d91ca7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  688.773616][T14068] RAX: ffffffffffffffda RBX: 00007f6d90fa5fa0 RCX: 00007f6d90d8cde9
[  688.781610][T14068] RDX: 0000200000000080 RSI: 00002000000000c0 RDI: 0000000000000000
[  688.789631][T14068] RBP: 00007f6d90e0e2a0 R08: 0000200000000400 R09: 0000000000000000
[  688.797620][T14068] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  688.805609][T14068] R13: 0000000000000000 R14: 00007f6d90fa5fa0 R15: 00007ffee9d1b278
[  688.813603][T14068]  </TASK>
[  688.816622][T14068] Modules linked in:
[  688.821472][T14068] ---[ end trace 0000000000000000 ]---
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  689.002782][T14068] RIP: 0010:clone_private_mount+0x184/0x3e0
[  689.019711][T14068] Code: 89 d8 48 83 c4 10 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc 48 83 c3 48 48 89 d8 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df <80> 3c 08 00 4d 89 fc 74 08 48 89 df e8 db dd e4 ff 48 8b 1b 31 ff
[  689.131306][ T5886] usb 2-1: USB disconnect, device number 42
[  689.165837][T14068] RSP: 0018:ffffc9000b8f7958 EFLAGS: 00010206
[  689.174606][ T5886] usblp0: removed
[  689.184255][T14068] RAX: 0000000000000009 RBX: 0000000000000048 RCX: dffffc0000000000
[  689.225026][T14068] RDX: 0000000000000001 RSI: 0000000000000008 RDI: ffff888028d79a50
[  689.242959][T14068] RBP: 0000000000000000 R08: ffffffff8ea81ca7 R09: 1ffffffff1d50394
[  689.289803][T14068] R10: dffffc0000000000 R11: fffffbfff1d50395 R12: ffff888028d79a40
[  689.324633][T14068] R13: ffff888028d79a60 R14: 1ffff11004de10a0 R15: ffff888026f08500
[  689.330121][T12761] IPVS: stop unused estimator thread 0...
[  689.332650][T14068] FS:  00007f6d91ca76c0(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  689.386059][T14068] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  689.409379][T14068] CR2: 000055ccf6fa3950 CR3: 0000000063c5e000 CR4: 00000000003526f0
[  689.417432][T14068] Kernel panic - not syncing: Fatal exception
[  689.423813][T14068] Kernel Offset: disabled
[  689.428140][T14068] Rebooting in 86400 seconds..