last executing test programs:

3.512052538s ago: executing program 1 (id=5176):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$lock(r1, 0x6, &(0x7f0000000000)={0x0, 0x0, 0x8})
fcntl$lock(r1, 0x26, &(0x7f0000000280)={0x1, 0x0, 0x9, 0xb6bc})
fcntl$lock(r1, 0x7, &(0x7f0000000140)={0x1, 0x1, 0x92, 0x5, r0})
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000201, 0x0, 0x0, 0x0)

2.617180199s ago: executing program 1 (id=5177):
socket$pppl2tp(0x18, 0x1, 0x1)
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x3}}, 0x26)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x3, r0, {0x2, 0x4e21, @broadcast}, 0x2, 0x9800, 0xfffffffd}}, 0x2e)
r2 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r2, &(0x7f00000000c0)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x2, 0x3}}, 0x26)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
ioctl$PPPIOCATTCHAN(r3, 0x40047438, &(0x7f0000000500)=0x2)
ioctl$PPPIOCBRIDGECHAN(r3, 0x40047435, &(0x7f0000000200)=0x1)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f00000000c0), 0x88001, 0x0)
ioctl$PPPIOCATTCHAN(r4, 0x40047438, &(0x7f0000000500)=0x2)
ioctl$PPPIOCBRIDGECHAN(r4, 0x40047435, &(0x7f0000000200)=0x1)

2.54376445s ago: executing program 1 (id=5179):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0xb, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x48043)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000180)={0x0, 0x2, 0x10}, 0xc)
r2 = dup(r0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c)
pipe2$9p(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r4, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a)
splice(r3, 0x0, r0, 0x0, 0xffff, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
write$P9_RSETATTR(r2, &(0x7f00000002c0)={0x7, 0x1b, 0x2}, 0x7)

2.527546083s ago: executing program 2 (id=5180):
futex(0x0, 0x5, 0x0, 0x0, 0x0, 0xc5000002)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000180)=0x800, 0x4)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f00000000c0)=0x20000, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'dummy0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008188040f46ecdb4cb9cca7480e1211000000e3bd012a128748b429021627e305dd2b7a146efb4400", 0x2e}], 0x1}, 0x4048004)
r4 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r4, &(0x7f0000019440)=[{&(0x7f0000000200)="480000001400190d7ebdeb75fd0d8c562c84d8c033ed7a80ffe0090f000060000000a2bc5603ca00000f7f89000000200000004a2471083ec6991778581acb6c0101ff0000000309", 0x48}], 0x1)

2.283837259s ago: executing program 2 (id=5188):
personality(0x500006)
io_setup(0x8, &(0x7f0000000100))
setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x39, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000440)=ANY=[@ANYBLOB="b0000000"], 0xb0)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
mknod$loop(&(0x7f00000002c0)='./file0/../file0/file0\x00', 0xffff6000, 0x0)

2.151879663s ago: executing program 2 (id=5189):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="14000000000000002900000000000014000000000000002900000034000000fdffffff00000000180000000000000029000000040000000400000000000000d80000000000000029000000360000005e17000000000000000100000100010800000000000000000728000000030800ff0f66090000000000000700000000000000010000000000000001000000000000000864c8a110995d43"], 0x188}}], 0x1, 0x810)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000640)="3013f93f6a23826aeaa571d88a1fc628ec108a5ce411744d4e3ae79c5374eb3bdc7564d840b7d870c0da80f5", 0x2c}], 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="10000000001d83000744d63c000100000008"], 0x10}, 0x40000)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

2.10664764s ago: executing program 2 (id=5190):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="14000000000000002900000000000014000000000000002900000034000000fdffffff00000000180000000000000029000000040000000400000000000000d80000000000000029000000360000005e17000000000000000100000100010800000000000000000728000000030800ff0f66090000000000000700000000000000010000000000000001000000000000000864c8a110995d"], 0x188}}], 0x1, 0x810)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x4)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000640)="3013f93f6a23826aeaa571d88a1fc628ec108a5ce411744d4e3ae79c5374eb3bdc7564d840b7d870c0da80f54b31a033a88be722054380", 0x37}], 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="10000000001d83000744d63c000100000008"], 0x10}, 0x40000)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

2.065055858s ago: executing program 3 (id=5191):
r0 = syz_usb_connect$lan78xx(0x3, 0x3f, &(0x7f0000000900)={{0x12, 0x1, 0x200, 0xff, 0xff, 0xff, 0x40, 0x424, 0x7850, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d}}]}}, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000000)={0x34, &(0x7f0000000080)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000940)={0x34, &(0x7f0000000680)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000080)={0x84, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000d40)={0x84, &(0x7f0000000540)={0x0, 0x3}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, &(0x7f0000000ac0)={0x34, &(0x7f00000006c0)={0x20, 0x13, 0x3, "47b2db"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000880)={0x34, &(0x7f00000006c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000e00)={0x84, &(0x7f0000001000)={0x40, 0x11}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000c80)={0x40, 0x1e, 0x1, 0x6}, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)

1.99678431s ago: executing program 2 (id=5192):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$uac3(r0, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000180)={0x40, 0xe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1.655123809s ago: executing program 1 (id=5193):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "ff"}]}, 0x24}}, 0x0)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r10, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000c80)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000003a00000008000300", @ANYRES32=r5, @ANYBLOB="05005b"], 0x24}}, 0x0)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x8}]}, 0x24}}, 0x0)

1.594146263s ago: executing program 1 (id=5194):
r0 = socket$alg(0x26, 0x5, 0x0)
add_key$user(&(0x7f0000002f00), &(0x7f0000002f40)={'syz', 0x2}, &(0x7f0000003280)='#', 0x1, 0xfffffffffffffffd)
add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)="7f552b84e40eb0d1e0c60392d34009a8d15935f66db347340898c2e0f212f85cad7ac3f784dfae9e2c53707f5981b94efba342bf6ea89c2fe35ff39a38881be90a1e482e8d0fdf58964318951543a417277a0e3a0adb9989076d5c1b9941a2", 0x5f, 0xffffffffffffffff)
bind$alg(r0, &(0x7f0000000400)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede-generic)\x00'}, 0x58)
keyctl$dh_compute(0x17, 0x0, &(0x7f00000010c0)=""/48, 0x30, &(0x7f0000001180)={0x0})
syz_usb_connect$hid(0x4, 0x0, 0x0, &(0x7f00000007c0)={0xa, &(0x7f0000000280)={0xa, 0x6, 0x110, 0xf7, 0x0, 0xd2, 0xe9150fff66bda987, 0x7}, 0x0, 0x0})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=ANY=[], 0x7c}}, 0xc048)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000740)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a78000000060a0b0400000000000000000200000038000480340001800b00010074617267657400002400028010000100434f4e4e5345434d41524b0005000300ef00000008000240000000000900010073797a30000000000900020073797a3200000000140005800800024000000000080001"], 0xa0}}, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140), 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000005440)=[{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000300)="837648860a5dfc82a052fd9702397eb415d9308a77b2db7e4cb8f4b16328bed8c1ed41e265eec88a50f8d2d90ead2e7fd342ab7e3a6f99504e07253b99e9f99d1cf2f87b3d28ead88c16f413a611c68ff4f2ad5361e11fe9895620b71f245e3e9fd8656e12e71e3670dd47325dee837c2209aef83c8d36f057744441a087249e9a52c22a4c0433e26b45d00ba5d2a0f57d7ea5fbd4a9a2422051ddc763c3455822f936adf00a0a81e1ebc5edbceb3e31a86dd0", 0xb3}], 0x1, &(0x7f00000003c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18, 0x4800}], 0x1, 0x4004000)
recvmmsg(r1, 0x0, 0x0, 0x60, 0x0)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="04020709000410c04f3d"], 0xa)

1.574531411s ago: executing program 0 (id=5195):
socket$inet_sctp(0x2, 0x5, 0x84)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000300)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='batadv_slave_1\x00', 0x10)
r2 = socket$inet(0x2, 0x801, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r2, 0x0, 0xffffffffffffffb5, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
shutdown(r2, 0x1)
sendto$inet(r0, 0x0, 0x0, 0x2004cfac, &(0x7f0000000200)={0x2, 0x4e23, @empty}, 0x10)

1.44860127s ago: executing program 0 (id=5196):
r0 = landlock_create_ruleset(&(0x7f0000000080)={0xc0d8, 0x1, 0x3}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x0)
landlock_restrict_self(r0, 0x6)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)

1.448461064s ago: executing program 3 (id=5197):
futex(&(0x7f0000000000), 0x5, 0x0, 0x0, &(0x7f00000000c0), 0xc5000002)
openat$ocfs2_control(0xffffff9c, &(0x7f0000000140), 0x60000, 0x0)
getpid()
syz_genetlink_get_family_id$team(0x0, 0xffffffffffffffff)
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/5, 0x214000, 0x800}, 0x20)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000180)=0x800, 0x4)
r1 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f00000000c0)=0x20000, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000400)={'dummy0\x00', <r2=>0x0})
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)
bind$xdp(r0, &(0x7f0000000100)={0x2c, 0x0, r2}, 0x10)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008188040f46ecdb4cb9cca7480e1211000000e3bd012a128748b429021627e305dd2b7a146efb4400", 0x2e}], 0x1}, 0x4048004)

1.382249295s ago: executing program 0 (id=5198):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="14000000000000002900000000000014000000000000002900000034000000fdffffff00000000180000000000000029000000040000000400000000000000d80000000000000029000000360000005e17000000000000000100000100010800000000000000000728000000030800ff0f66090000000000000700000000000000010000000000000001000000000000000864c8a110995d43"], 0x188}}], 0x1, 0x810)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000640)="3013f93f6a23826aeaa571d88a1fc628ec108a5ce411744d4e3ae79c5374eb3bdc7564d840b7d870c0da80f54b31", 0x2e}], 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="10000000001d83000744d63c000100000008"], 0x10}, 0x40000)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

1.27931698s ago: executing program 3 (id=5199):
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="14000000000000002900000000000014000000000000002900000034000000fdffffff00000000180000000000000029000000040000000400000000000000d80000000000000029000000360000005e17000000000000000100000100010800000000000000000728000000030800ff0f66090000000000000700000000000000010000000000000001000000000000000864c8a110995d43"], 0x188}}], 0x1, 0x810)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000640)="3013f93f6a23826aeaa571d88a1fc628ec108a5ce411744d4e3ae79c5374eb3bdc7564d840b7d870c0da80f5", 0x2c}], 0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="10000000001d83000744d63c000100000008"], 0x10}, 0x40000)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

1.23120437s ago: executing program 0 (id=5200):
r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f00000021c0)={0x2020, 0x0, <r3=>0x0, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000040)={0x50, 0x0, r3, {0x7, 0x1f, 0x8, 0xffffffffd24b2432, 0x83, 0xffff, 0x0, 0xabe6, 0x0, 0x0, 0x80, 0x8001}}, 0x50)
syz_fuse_handle_req(r2, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r2, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485e4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2205eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad24c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)={0x78, 0x0, 0x80, {0xc, 0x3, 0x0, {0xfffffffffffffffd, 0x0, 0xfffffffffffffffc, 0x0, 0x8, 0xffffffff, 0xfffffffe, 0x0, 0x80000, 0x8000, 0x0, 0x0, r4, 0x1, 0x3}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
writev(r5, &(0x7f0000000200)=[{&(0x7f00000003c0)='n', 0xfdef}], 0x1)
dup3(r2, r5, 0x6700000000000000)
close_range(r1, 0xffffffffffffffff, 0x0)
execveat$binfmt(0xffffffffffffff9c, r0, 0x0, 0x0, 0x0)

1.198527793s ago: executing program 0 (id=5201):
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000100)=@sack_info={0x0, 0x7, 0x4}, 0xc)
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000180)={0x0, &(0x7f0000000100)})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)={0x14, 0x14, 0x1, 0x0, 0x0, {0x2}}, 0x14}}, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xc45, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0x3, 0x4002004c2, 0x7ff, 0x9, 0x6, 0x400, 0x80, 0x89, 0x0, 0x3, 0x8d], 0x100000, 0x2c08c6})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NLBL_MGMT_C_LISTALL(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, 0x0}, 0x90)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.097606102s ago: executing program 3 (id=5202):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0xb, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x48043)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000180)={0x0, 0x2, 0x10}, 0xc)
r2 = dup(r0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xce20, 0x6, @empty, 0x2d}}, 0x7, 0x1, 0xf06, 0x3, 0xb4, 0x7f, 0x9}, 0x9c)
pipe2$9p(&(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r4, &(0x7f0000000000)={0x7, 0x1b, 0x2}, 0xffffff9a)
splice(r3, 0x0, r0, 0x0, 0xffff, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
write$P9_RSETATTR(r2, &(0x7f00000002c0)={0x7, 0x1b, 0x2}, 0x7)

582.717589ms ago: executing program 1 (id=5203):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000340)=0x7)
ioprio_set$uid(0x3, 0x0, 0x0)
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x2)
r3 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r3, r3)
setpgid(0x0, r3)
fchdir(r2)
r4 = inotify_init1(0x800)
inotify_add_watch(r4, &(0x7f0000000000)='./file1\x00', 0x9)

582.069564ms ago: executing program 0 (id=5211):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
r1 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x2]}, 0x8, 0x0)
read$FUSE(r1, &(0x7f0000001b40)={0x2020}, 0x205c)
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x21}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x8000, 0x3ff})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
recvmsg(r3, &(0x7f000000c1c0)={0x0, 0x0, 0x0}, 0x20)

218.603814ms ago: executing program 2 (id=5204):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
socket$netlink(0x10, 0x3, 0x4)
socket(0x10, 0x803, 0x0)
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x140, 0x1a0)
fanotify_init(0x1, 0x101801)
openat$dir(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x1300, 0x1d)
socket$igmp6(0xa, 0x3, 0x2)
socket$packet(0x11, 0x3, 0x300)
syz_open_dev$dvb_frontend(&(0x7f00000015c0), 0x0, 0x400)
r0 = socket(0x2, 0x3, 0x6)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r0, @ANYBLOB='\a'], 0x0)

155.318328ms ago: executing program 3 (id=5205):
r0 = openat(0xffffffffffffff9c, 0x0, 0x1611c2, 0x4)
ftruncate(r0, 0x8800000)
r1 = open(&(0x7f00000001c0)='./bus\x00', 0x4c27e, 0x53)
close(r1)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOW_IOVAS(r2, 0x3b82, &(0x7f0000000180)={0x18, 0x0, 0x0, 0x0, 0x0})
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)
socket$l2tp(0x2, 0x2, 0x73)
r4 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r4, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSARP(r5, 0x8955, &(0x7f00000003c0)={{0x2, 0x4e22, @empty}, {0x20000010304, @local}, 0x6, {0x2, 0x4e20, @rand_addr=0x64010101}})

0s ago: executing program 3 (id=5206):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r4=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r4, 0x8b26, &(0x7f0000000000)={'wlan1\x00', @random="000010c20800"})

kernel console output (not intermixed with test programs):

ce found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  196.567485][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.591120][   T10] usb 3-1: Product: syz
[  196.602637][   T10] usb 3-1: Manufacturer: syz
[  196.612779][   T10] usb 3-1: SerialNumber: syz
[  196.701382][ T5914] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[  196.715700][ T5914] cdc_ncm 4-1:1.0: dwNtbInMaxSize=4 is too small. Using 2048
[  196.729988][ T5914] cdc_ncm 4-1:1.0: setting rx_max = 2048
[  196.856548][   T10] usb 3-1: selecting invalid altsetting 0
[  196.872275][   T10] uvcvideo 3-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  196.883893][   T10] uvcvideo 3-1:220.0: No valid video chain found.
[  196.907463][   T10] usb 3-1: selecting invalid altsetting 0
[  196.926725][   T10] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  196.956149][   T10] usb 3-1: USB disconnect, device number 20
[  196.969073][ T5914] cdc_ncm 4-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  197.030699][ T5914] usb 4-1: USB disconnect, device number 20
[  197.058387][ T5914] cdc_ncm 4-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM (NO ZLP)
[  197.107394][T10120] netlink: 'syz.1.1730': attribute type 1 has an invalid length.
[  197.124024][T10120] netlink: 'syz.1.1730': attribute type 4 has an invalid length.
[  197.142809][T10120] netlink: 9462 bytes leftover after parsing attributes in process `syz.1.1730'.
[  197.461968][T10132] netlink: 'syz.1.1736': attribute type 3 has an invalid length.
[  197.701417][T10144] sctp: [Deprecated]: syz.0.1743 (pid 10144) Use of int in max_burst socket option.
[  197.701417][T10144] Use struct sctp_assoc_value instead
[  197.721789][T10146] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1742'.
[  197.747953][T10146] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1742'.
[  197.845435][T10148] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1744'.
[  197.981508][T10154] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1745'.
[  198.013267][T10154] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1745'.
[  199.028433][T10197] overlayfs: failed to clone upperpath
[  199.726019][T10214] netlink: 642 bytes leftover after parsing attributes in process `syz.1.1771'.
[  200.066632][T10221] fuse: fd is not a fuse device
[  200.190698][T10227] netlink: 'syz.1.1775': attribute type 4 has an invalid length.
[  200.260659][T10227] netlink: 'syz.1.1775': attribute type 4 has an invalid length.
[  202.781453][   T51] Bluetooth: hci0: connection err: -111
[  203.438082][T10376] 9pnet: p9_errstr2errno: server reported unknown error 0000
[  203.580104][ T5914] libceph: connect (1)[c::]:6789 error -101
[  203.590461][ T5914] libceph: mon0 (1)[c::]:6789 connect error
[  203.621941][ T5914] libceph: connect (1)[c::]:6789 error -101
[  203.629646][ T5914] libceph: mon0 (1)[c::]:6789 connect error
[  203.853381][ T5914] libceph: connect (1)[c::]:6789 error -101
[  203.859955][ T5914] libceph: mon0 (1)[c::]:6789 connect error
[  203.893526][ T5914] libceph: connect (1)[c::]:6789 error -101
[  203.905878][ T5914] libceph: mon0 (1)[c::]:6789 connect error
[  204.182827][ T5906] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  204.352601][ T5906] usb 3-1: Using ep0 maxpacket: 8
[  204.363922][ T5906] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  204.380427][ T5906] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  204.393357][T10384] ceph: No mds server is up or the cluster is laggy
[  204.406134][   T10] libceph: connect (1)[c::]:6789 error -101
[  204.416457][T10391] ceph: No mds server is up or the cluster is laggy
[  204.423800][ T5906] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  204.434331][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  204.447408][   T10] libceph: connect (1)[c::]:6789 error -101
[  204.453875][ T5906] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  204.464940][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  204.470902][ T5906] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  204.485406][ T5906] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  204.496706][T10428] tipc: Started in network mode
[  204.498055][ T5906] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.508321][T10428] tipc: Node identity c63b8bc87a8, cluster identity 4711
[  204.525831][T10428] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  204.553198][T10429] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  204.584294][T10427] tipc: Disabling bearer <eth:syzkaller0>
[  204.734569][ T5906] usb 3-1: usb_control_msg returned -32
[  204.741611][ T5906] usbtmc 3-1:16.0: can't read capabilities
[  205.294858][ T5957] usb 3-1: USB disconnect, device number 21
[  205.422521][ T5906] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  205.585678][ T5906] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  205.602470][ T5906] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.615516][ T5906] usb 4-1: config 0 descriptor??
[  205.959004][T10501] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  206.033464][T10505] netlink: 'syz.0.1889': attribute type 9 has an invalid length.
[  206.042014][T10505] netlink: 'syz.0.1889': attribute type 11 has an invalid length.
[  206.054943][T10505] netlink: 'syz.0.1889': attribute type 12 has an invalid length.
[  206.066005][T10505] netlink: 210020 bytes leftover after parsing attributes in process `syz.0.1889'.
[  206.078140][T10505] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1889'.
[  206.115585][ T5914] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  206.282567][ T5914] usb 3-1: Using ep0 maxpacket: 8
[  206.289697][ T5914] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  206.301475][ T5914] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  206.312608][ T5914] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  206.323518][ T5914] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  206.340899][ T5914] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  206.362616][ T5914] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  206.371941][ T5914] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.601016][ T5914] usb 3-1: usb_control_msg returned -32
[  206.607121][ T5914] usbtmc 3-1:16.0: can't read capabilities
[  206.870101][ T5906] usb 4-1: Cannot set autoneg
[  206.876305][ T5906] MOSCHIP usb-ethernet driver 4-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  206.917381][ T5906] usb 4-1: USB disconnect, device number 21
[  207.372856][T10556] usbtmc 3-1:16.0: usb_control_msg returned -32
[  207.425630][T10558] input: syz0 as /devices/virtual/input/input13
[  207.516103][ T5906] usb 3-1: USB disconnect, device number 22
[  207.953800][ T5906] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  208.046414][T10585] overlayfs: failed to resolve './cgroup': -2
[  208.115790][ T5906] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  208.155674][ T5906] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  208.165632][ T5906] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  208.174083][ T5906] usb 4-1: Product: syz
[  208.183275][ T5906] usb 4-1: Manufacturer: syz
[  208.193403][ T5906] usb 4-1: SerialNumber: syz
[  208.232502][ T5851] Bluetooth: hci3: command 0x0406 tx timeout
[  208.361095][T10602] overlayfs: failed to clone lowerpath
[  208.418241][ T5906] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 22 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  208.671764][    C1] usblp0: nonzero write bulk status received: -71
[  208.679840][  T808] usb 4-1: USB disconnect, device number 22
[  208.693948][  T808] usblp0: removed
[  209.194285][T10611] "syz.1.1934" (10611) uses obsolete ecb(arc4) skcipher
[  209.750111][   T51] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  209.906338][T10634] 9pnet: p9_errstr2errno: server reported unknown error 0x0000
[  210.034571][ T5906] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  210.202499][ T5906] usb 4-1: Using ep0 maxpacket: 8
[  210.218262][ T5906] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  210.245535][ T5906] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  210.273689][ T5906] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.295494][ T5906] usb 4-1: config 0 descriptor??
[  210.313565][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  210.451521][T10646] netlink: 'syz.0.1946': attribute type 3 has an invalid length.
[  210.508146][ T5906] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  210.929483][ T5957] usb 4-1: USB disconnect, device number 23
[  212.099700][   T30] audit: type=1326 audit(1773695544.678:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10709 comm="syz.0.1975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccff99c799 code=0x7ffc0000
[  212.155255][   T30] audit: type=1326 audit(1773695544.678:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10709 comm="syz.0.1975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccff99c799 code=0x7ffc0000
[  212.189042][   T30] audit: type=1326 audit(1773695544.678:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10709 comm="syz.0.1975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccff99c799 code=0x7ffc0000
[  212.214155][   T30] audit: type=1326 audit(1773695544.678:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10709 comm="syz.0.1975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccff99c799 code=0x7ffc0000
[  212.262609][   T30] audit: type=1326 audit(1773695544.678:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10709 comm="syz.0.1975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fccff99c799 code=0x7ffc0000
[  212.300665][   T30] audit: type=1326 audit(1773695544.678:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10709 comm="syz.0.1975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccff99c799 code=0x7ffc0000
[  212.326676][   T30] audit: type=1326 audit(1773695544.678:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10709 comm="syz.0.1975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccff99c799 code=0x7ffc0000
[  212.355043][   T30] audit: type=1326 audit(1773695544.678:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10709 comm="syz.0.1975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccff99c799 code=0x7ffc0000
[  212.398208][   T30] audit: type=1326 audit(1773695544.678:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10709 comm="syz.0.1975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fccff99c799 code=0x7ffc0000
[  212.448689][   T30] audit: type=1326 audit(1773695544.678:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10709 comm="syz.0.1975" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccff99c799 code=0x7ffc0000
[  213.274579][T10751] netlink: 'syz.2.1990': attribute type 4 has an invalid length.
[  213.291230][T10751] netlink: 'syz.2.1990': attribute type 4 has an invalid length.
[  214.542488][  T808] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  214.693869][  T808] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  214.709072][  T808] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  214.718566][  T808] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  214.726848][  T808] usb 4-1: Product: syz
[  214.731040][  T808] usb 4-1: Manufacturer: syz
[  214.735714][  T808] usb 4-1: SerialNumber: syz
[  214.960451][  T808] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 24 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  215.760431][T10852] fuse: fd is not a fuse device
[  215.769080][T10852] overlayfs: failed to clone lowerpath
[  215.957817][T10858] overlayfs: failed to clone upperpath
[  216.350790][T10868] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2045'.
[  217.584437][T10914] fuse: fd is not a fuse device
[  218.165213][T10928] 9pnet: p9_errstr2errno: server reported unknown error di0
[  218.366448][T10942] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2077'.
[  218.799992][T10963] netlink: 64 bytes leftover after parsing attributes in process `syz.0.2086'.
[  218.889768][T10969] netlink: 'syz.2.2089': attribute type 9 has an invalid length.
[  218.899925][T10969] netlink: 'syz.2.2089': attribute type 11 has an invalid length.
[  218.909758][T10969] netlink: 'syz.2.2089': attribute type 12 has an invalid length.
[  218.918225][T10969] netlink: 210020 bytes leftover after parsing attributes in process `syz.2.2089'.
[  218.928502][T10969] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2089'.
[  219.531118][T11003] Invalid ELF header magic: != ELF
[  219.689960][T11011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2106'.
[  219.708860][T11011] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2106'.
[  220.725551][T11035] overlayfs: failed to clone upperpath
[  220.733590][T11035] overlayfs: failed to clone lowerpath
[  221.775215][  T808] usb 4-1: USB disconnect, device number 24
[  221.793563][  T808] usblp0: removed
[  222.294422][T11083] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  222.568080][T11091] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  223.072555][ T5914] usb 3-1: new full-speed USB device number 23 using dummy_hcd
[  223.245761][ T5914] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  223.277758][ T5914] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  223.310627][ T5914] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  223.335520][ T5914] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.361459][ T5914] usb 3-1: Product: syz
[  223.365888][ T5914] usb 3-1: Manufacturer: syz
[  223.371442][ T5914] usb 3-1: SerialNumber: syz
[  223.410771][ T5914] usb 3-1: 0:2 : does not exist
[  223.613499][ T5914] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  223.735672][T11139] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2163'.
[  223.768488][ T5914] usb 3-1: USB disconnect, device number 23
[  223.849756][T10974] udevd[10974]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  225.135473][   T24] IPVS: starting estimator thread 0...
[  225.214917][T11192] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[  225.232571][T11188] IPVS: using max 37 ests per chain, 88800 per kthread
[  225.340081][T11194] 
@0Ù: renamed from bond_slave_1 (while UP)
[  227.347041][T11272] netlink: 'syz.1.2221': attribute type 9 has an invalid length.
[  227.362670][T11272] netlink: 'syz.1.2221': attribute type 11 has an invalid length.
[  227.382519][T11272] netlink: 'syz.1.2221': attribute type 12 has an invalid length.
[  227.404492][T11272] netlink: 210020 bytes leftover after parsing attributes in process `syz.1.2221'.
[  227.418924][T11272] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2221'.
[  227.420330][T11276] "syz.3.2222" (11276) uses obsolete ecb(arc4) skcipher
[  227.719670][T11285] netlink: 'syz.1.2226': attribute type 58 has an invalid length.
[  227.759744][T11285] netlink: 'syz.1.2226': attribute type 58 has an invalid length.
[  228.009013][T11302] netlink: 'syz.2.2233': attribute type 4 has an invalid length.
[  228.043320][T11302] netlink: 'syz.2.2233': attribute type 4 has an invalid length.
[  229.054997][T11324] netlink: 9896 bytes leftover after parsing attributes in process `syz.1.2240'.
[  229.714221][ T5914] libceph: connect (1)[c::]:6789 error -101
[  229.720371][ T5914] libceph: mon0 (1)[c::]:6789 connect error
[  229.768388][ T5914] libceph: connect (1)[c::]:6789 error -101
[  229.775028][ T5914] libceph: mon0 (1)[c::]:6789 connect error
[  229.999176][   T10] libceph: connect (1)[c::]:6789 error -101
[  230.008529][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  230.033389][   T10] libceph: connect (1)[c::]:6789 error -101
[  230.044373][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  230.536881][   T10] libceph: connect (1)[c::]:6789 error -101
[  230.546256][T11336] ceph: No mds server is up or the cluster is laggy
[  230.546482][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  230.559182][T11339] ceph: No mds server is up or the cluster is laggy
[  230.575562][   T10] libceph: connect (1)[c::]:6789 error -101
[  230.585332][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  231.212638][   T10] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  231.364935][   T10] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  231.388428][   T10] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  231.411734][   T10] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  231.422224][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.451282][T11380] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  231.472286][   T10] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  231.688333][   T10] usb 4-1: USB disconnect, device number 25
[  232.137112][T11414] fuse: fd is not a fuse device
[  233.662970][   T10] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  233.812528][   T10] usb 4-1: Using ep0 maxpacket: 16
[  233.831489][   T10] usb 4-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  233.857349][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.877635][   T10] usb 4-1: config 0 descriptor??
[  233.905035][   T10] gspca_main: sonixj-2.14.0 probing 0471:0327
[  234.576153][   T30] kauditd_printk_skb: 17 callbacks suppressed
[  234.576171][   T30] audit: type=1326 audit(1773695567.158:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.1.2305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d4119c799 code=0x7ffc0000
[  234.617520][   T30] audit: type=1326 audit(1773695567.158:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.1.2305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d4119c799 code=0x7ffc0000
[  234.652026][   T30] audit: type=1326 audit(1773695567.158:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.1.2305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d4119c799 code=0x7ffc0000
[  234.686649][   T30] audit: type=1326 audit(1773695567.158:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.1.2305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3d4119c799 code=0x7ffc0000
[  234.719319][   T30] audit: type=1326 audit(1773695567.158:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.1.2305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d4119c799 code=0x7ffc0000
[  234.787598][   T30] audit: type=1326 audit(1773695567.158:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.1.2305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d4119c799 code=0x7ffc0000
[  234.842899][   T30] audit: type=1326 audit(1773695567.158:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.1.2305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d4119c799 code=0x7ffc0000
[  234.888150][   T30] audit: type=1326 audit(1773695567.158:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.1.2305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d4119c799 code=0x7ffc0000
[  234.912573][   T30] audit: type=1326 audit(1773695567.168:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.1.2305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f3d4119c799 code=0x7ffc0000
[  234.937720][   T30] audit: type=1326 audit(1773695567.168:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11486 comm="syz.1.2305" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3d4119c799 code=0x7ffc0000
[  235.142058][   T10] gspca_sonixj: reg_w1 err -71
[  235.162691][   T10] sonixj 4-1:0.0: probe with driver sonixj failed with error -71
[  235.186451][   T10] usb 4-1: USB disconnect, device number 26
[  235.632563][   T10] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  235.786528][   T10] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  235.801540][   T10] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1023
[  235.814860][   T10] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  235.824699][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  235.833782][   T10] usb 3-1: Product: syz
[  235.838604][   T10] usb 3-1: Manufacturer: syz
[  235.846092][   T10] usb 3-1: SerialNumber: syz
[  236.060621][T11520] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  236.092483][ T5914] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  236.256508][ T5914] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  236.271927][ T5914] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  236.281312][ T5914] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  236.289474][ T5914] usb 4-1: Product: syz
[  236.293856][ T5914] usb 4-1: Manufacturer: syz
[  236.298518][ T5914] usb 4-1: SerialNumber: syz
[  236.515930][ T5914] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 27 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  236.679970][T11520] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  236.883167][    C0] net_ratelimit: 15 callbacks suppressed
[  236.883181][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  236.896951][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  236.907193][   T10] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  236.913895][   T10] cdc_ncm 3-1:1.0: dwNtbInMaxSize=4 is too small. Using 2048
[  236.921334][   T10] cdc_ncm 3-1:1.0: setting rx_max = 2048
[  236.967377][T11560] overlayfs: failed to clone upperpath
[  237.148729][   T10] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  237.170881][   T10] usb 3-1: USB disconnect, device number 24
[  237.180123][   T10] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[  238.236556][T11594] IPv4: Oversized IP packet from 172.20.20.24
[  238.247093][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  238.253608][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  238.265046][    C0] usblp0: nonzero write bulk status received: -71
[  238.265527][  T808] usb 4-1: USB disconnect, device number 27
[  238.308948][  T808] usblp0: removed
[  238.718991][T11611] overlayfs: failed to clone upperpath
[  242.118662][T11633] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  242.949147][ T5891] libceph: connect (1)[c::]:6789 error -101
[  242.959701][ T5891] libceph: mon0 (1)[c::]:6789 connect error
[  242.992995][   T30] kauditd_printk_skb: 88 callbacks suppressed
[  242.993020][   T30] audit: type=1800 audit(1773695575.578:136): pid=11697 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2391" name="file0" dev="ramfs" ino=29728 res=0 errno=0
[  243.234499][ T5891] libceph: connect (1)[c::]:6789 error -101
[  243.249901][ T5891] libceph: mon0 (1)[c::]:6789 connect error
[  243.430256][T11721] overlayfs: failed to clone upperpath
[  243.499559][T11725] overlayfs: failed to clone upperpath
[  243.661601][T11734] 9pnet: p9_errstr2errno: server reported unknown error di0
[  243.723638][T11690] ceph: No mds server is up or the cluster is laggy
[  243.781484][ T5891] libceph: connect (1)[c::]:6789 error -101
[  243.797219][ T5891] libceph: mon0 (1)[c::]:6789 connect error
[  243.992841][T11756] sctp: [Deprecated]: syz.1.2418 (pid 11756) Use of int in maxseg socket option.
[  243.992841][T11756] Use struct sctp_assoc_value instead
[  244.235828][T11770] fuse: fd is not a fuse device
[  244.592481][  T808] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  244.744852][  T808] usb 3-1: Using ep0 maxpacket: 32
[  244.752588][  T808] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  244.761162][  T808] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  244.782660][  T808] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  244.798989][  T808] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  244.814650][  T808] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  244.828015][  T808] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  244.841152][  T808] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  244.852621][  T808] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.865384][  T808] usb 3-1: config 0 descriptor??
[  245.111605][  T808] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 25 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  245.169885][  T808] usb 3-1: USB disconnect, device number 25
[  245.198633][  T808] usblp0: removed
[  245.642514][  T808] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  245.696458][T11831] fuse: fd is not a fuse device
[  245.760297][T11835] fuse: fd is not a fuse device
[  245.813360][  T808] usb 3-1: Using ep0 maxpacket: 32
[  245.830892][  T808] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  245.853839][  T808] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  245.878096][  T808] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  245.899014][  T808] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  245.911387][  T808] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  245.922926][  T808] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  245.938734][  T808] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  245.949631][  T808] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.969671][  T808] usb 3-1: config 0 descriptor??
[  246.209323][  T808] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 26 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  246.273429][T11861] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2456'.
[  246.285598][T11861] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2456'.
[  246.444502][  T808] usb 3-1: USB disconnect, device number 26
[  246.480497][  T808] usblp0: removed
[  247.660838][T11914] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2182154216 (4364308432 ns) > initial count (507749598 ns). Using initial count to start timer.
[  247.744142][T11917] netlink: 566 bytes leftover after parsing attributes in process `syz.0.2476'.
[  248.042457][T11926] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2481'.
[  248.057646][T11926] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2481'.
[  248.536888][T11943] overlayfs: failed to clone upperpath
[  249.452990][T11976] netlink: 'syz.1.2500': attribute type 9 has an invalid length.
[  249.473069][T11976] netlink: 'syz.1.2500': attribute type 11 has an invalid length.
[  249.497057][T11976] netlink: 'syz.1.2500': attribute type 12 has an invalid length.
[  249.501568][   T30] audit: type=1326 audit(1773695582.078:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11977 comm="syz.0.2501" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fccff99c799 code=0x0
[  249.511250][T11976] netlink: 210020 bytes leftover after parsing attributes in process `syz.1.2500'.
[  249.547169][T11976] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2500'.
[  250.112456][   T29] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  250.262945][   T29] usb 3-1: Using ep0 maxpacket: 32
[  250.270188][   T29] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  250.278861][   T29] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  250.287980][   T29] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  250.297255][   T29] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  250.306958][   T29] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  250.318669][   T29] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  250.331875][   T29] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  250.342100][   T29] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.354146][   T29] usb 3-1: config 0 descriptor??
[  250.578973][   T29] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 27 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  250.594183][   T29] usb 3-1: USB disconnect, device number 27
[  250.603792][   T29] usblp0: removed
[  250.699038][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88803327ac00: rx timeout, send abort
[  250.710871][    C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff88803327ac00: 0x0f000: (3) A timeout occurred and this is the connection abort to close the session.
[  251.032884][   T10] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  251.192586][   T10] usb 3-1: Using ep0 maxpacket: 32
[  251.200681][   T10] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  251.209310][   T10] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  251.218027][   T10] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  251.227148][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  251.237849][   T10] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  251.247631][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  251.262281][   T10] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  251.271809][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  251.283614][   T10] usb 3-1: config 0 descriptor??
[  251.306179][   T30] audit: type=1804 audit(1773695583.888:138): pid=12016 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.2520" name="file1" dev="tmpfs" ino=2399 res=1 errno=0
[  251.503090][   T10] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 28 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  252.094598][ T5914] usb 3-1: USB disconnect, device number 28
[  252.121482][ T5914] usblp0: removed
[  252.194524][   T10] libceph: connect (1)[c::]:6789 error -101
[  252.201132][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  252.263277][T12042] ceph: No mds server is up or the cluster is laggy
[  252.350539][T12054] overlayfs: failed to clone upperpath
[  252.483757][T12062] netlink: 'syz.0.2539': attribute type 1 has an invalid length.
[  252.500178][T12062] netlink: 'syz.0.2539': attribute type 4 has an invalid length.
[  252.514056][T12062] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.2539'.
[  253.710966][T12104] netlink: 'syz.2.2555': attribute type 58 has an invalid length.
[  253.770200][T12104] netlink: 'syz.2.2555': attribute type 58 has an invalid length.
[  254.088419][T12128] overlayfs: failed to clone upperpath
[  255.049696][T12155] netlink: 'syz.1.2576': attribute type 4 has an invalid length.
[  255.078435][T12155] netlink: 'syz.1.2576': attribute type 1 has an invalid length.
[  255.097343][T12155] netlink: 15314 bytes leftover after parsing attributes in process `syz.1.2576'.
[  255.519782][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  255.528265][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  255.684040][T12166] dvmrp0: entered allmulticast mode
[  255.828468][T12174] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2583'.
[  256.583959][T12203] fuse: Bad value for 'fd'
[  256.769852][   T30] audit: type=1800 audit(1773695589.348:139): pid=12210 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2597" name="nullb0" dev="tmpfs" ino=2536 res=0 errno=0
[  256.819879][T12207] input: syz0 as /devices/virtual/input/input14
[  257.139133][T12232] netlink: 'syz.1.2608': attribute type 11 has an invalid length.
[  257.759028][T12243] netlink: 'syz.1.2612': attribute type 9 has an invalid length.
[  257.767037][T12243] netlink: 'syz.1.2612': attribute type 11 has an invalid length.
[  257.775603][T12243] netlink: 'syz.1.2612': attribute type 12 has an invalid length.
[  257.793025][T12243] netlink: 210020 bytes leftover after parsing attributes in process `syz.1.2612'.
[  257.832046][T12243] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2612'.
[  258.893744][T12287] netlink: 'syz.3.2631': attribute type 3 has an invalid length.
[  259.462493][   T29] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  259.634187][   T29] usb 3-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  259.643940][   T29] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  259.657786][   T29] usb 3-1: config 0 descriptor??
[  259.668909][   T29] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  259.827773][T12330] netlink: 'syz.1.2650': attribute type 9 has an invalid length.
[  259.838940][T12330] netlink: 'syz.1.2650': attribute type 11 has an invalid length.
[  259.847266][T12330] netlink: 'syz.1.2650': attribute type 12 has an invalid length.
[  259.858129][T12330] netlink: 210020 bytes leftover after parsing attributes in process `syz.1.2650'.
[  259.869597][T12330] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2650'.
[  260.017963][  T808] IPVS: starting estimator thread 0...
[  260.057174][T12342] netlink: 'syz.1.2655': attribute type 4 has an invalid length.
[  260.086440][T12342] netlink: 'syz.1.2655': attribute type 4 has an invalid length.
[  260.112571][T12340] IPVS: using max 32 ests per chain, 76800 per kthread
[  260.890443][   T29] usb 3-1: USB disconnect, device number 29
[  261.500990][   T30] audit: type=1800 audit(1773695594.078:140): pid=12371 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.2667" name="SYSV00000000" dev="tmpfs" ino=2 res=0 errno=0
[  261.662174][T12380] overlayfs: failed to clone lowerpath
[  261.982506][   T29] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  262.134241][   T29] usb 3-1: config 0 has no interfaces?
[  262.139765][   T29] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  262.149103][   T29] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.159647][   T29] usb 3-1: config 0 descriptor??
[  262.375128][T12387] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.388661][T12387] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  262.399445][T12387] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  262.416570][T12387] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  262.428005][   T29] usb 3-1: USB disconnect, device number 30
[  262.883395][   T29] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  262.970306][T12429] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2695'.
[  263.063588][   T29] usb 3-1: Using ep0 maxpacket: 16
[  263.087287][   T29] usb 3-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice= 0.00
[  263.097620][   T29] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.106190][   T29] usb 3-1: Product: syz
[  263.110507][   T29] usb 3-1: Manufacturer: syz
[  263.116698][   T29] usb 3-1: SerialNumber: syz
[  263.160773][   T29] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622
[  263.162231][T12434] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2695'.
[  263.177218][T12434] nbd: nbd64 already in use
[  263.670821][T12462] overlayfs: failed to clone upperpath
[  263.757848][   T29] gspca_pac7302: reg_w() failed i: ff v: 01 error -71
[  263.769505][   T29] gspca_pac7302 3-1:1.0: probe with driver gspca_pac7302 failed with error -71
[  263.786144][   T29] usb 3-1: USB disconnect, device number 31
[  264.874063][   T10] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  265.652478][   T10] usb 3-1: Using ep0 maxpacket: 8
[  265.663903][T12533] overlayfs: failed to clone upperpath
[  265.681773][   T10] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  265.699506][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.715695][   T10] usb 3-1: Product: syz
[  265.719911][   T10] usb 3-1: Manufacturer: syz
[  265.724981][   T10] usb 3-1: SerialNumber: syz
[  265.733057][   T10] usb 3-1: config 0 descriptor??
[  265.950430][   T10] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  266.162246][   T30] audit: type=1326 audit(1773695598.738:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12549 comm="syz.3.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  266.197003][   T30] audit: type=1326 audit(1773695598.738:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12549 comm="syz.3.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  266.264298][   T30] audit: type=1326 audit(1773695598.768:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12549 comm="syz.3.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  266.310936][   T30] audit: type=1326 audit(1773695598.798:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12549 comm="syz.3.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  266.381744][   T30] audit: type=1326 audit(1773695598.798:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12549 comm="syz.3.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  266.461638][   T30] audit: type=1326 audit(1773695598.808:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12549 comm="syz.3.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  266.527429][   T30] audit: type=1326 audit(1773695598.808:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12549 comm="syz.3.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  266.582512][   T30] audit: type=1326 audit(1773695598.808:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12549 comm="syz.3.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  266.650105][   T30] audit: type=1326 audit(1773695598.808:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12549 comm="syz.3.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f12a4d3db19 code=0x7ffc0000
[  266.692942][   T30] audit: type=1326 audit(1773695598.808:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12549 comm="syz.3.2745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f12a4d3db19 code=0x7ffc0000
[  266.773096][   T10] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  266.810273][   T10] usb 3-1: USB disconnect, device number 32
[  267.387570][T12572] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2754'.
[  267.397672][T12572] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2754'.
[  268.588689][T12616] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  268.836595][    C1] vcan0: j1939_tp_rxtimer: 0xffff88803327c800: rx timeout, send abort
[  268.845124][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88803327c800: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  269.050511][T12627] overlayfs: failed to clone upperpath
[  269.449214][T12646] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2793'.
[  269.477740][T12648] sctp: [Deprecated]: syz.2.2785 (pid 12648) Use of int in maxseg socket option.
[  269.477740][T12648] Use struct sctp_assoc_value instead
[  269.561179][T12650] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2793'.
[  269.607806][T12650] nbd: device at index 64 is going down
[  269.819112][T10974] udevd[10974]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  270.477592][T12700] overlayfs: failed to clone upperpath
[  272.429272][T12734] evm: overlay not supported
[  272.707824][T12716] Set syz1 is full, maxelem 65536 reached
[  273.687275][T12751] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2829'.
[  273.755422][T12753] netlink: 104 bytes leftover after parsing attributes in process `syz.3.2831'.
[  273.772527][  T808] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  273.932536][  T808] usb 3-1: Using ep0 maxpacket: 16
[  273.947503][  T808] usb 3-1: config index 0 descriptor too short (expected 59940, got 74)
[  273.959712][  T808] usb 3-1: config 0 has too many interfaces: 61, using maximum allowed: 32
[  273.970597][  T808] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  273.981188][  T808] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 61
[  273.992036][  T808] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  274.005636][  T808] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  274.016353][  T808] usb 3-1: SerialNumber: syz
[  274.031572][  T808] usb 3-1: config 0 descriptor??
[  274.037490][ T5851] Bluetooth: hci3: unexpected event 0x2f length: 509 > 260
[  274.247872][  T808] usb 3-1: USB disconnect, device number 33
[  276.515434][   T30] kauditd_printk_skb: 549 callbacks suppressed
[  276.515452][   T30] audit: type=1326 audit(1773695609.098:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12895 comm="syz.3.2884" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x0
[  277.034217][T12909] fuse: fd is not a fuse device
[  277.050900][T12907] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3226730814 (413021544192 ns) > initial count (323102724736 ns). Using initial count to start timer.
[  278.076709][ T5851] Bluetooth: hci1: command 0x0406 tx timeout
[  278.909364][T12978] fuse: fd is not a fuse device
[  279.017832][T12983] netlink: 'syz.1.2923': attribute type 9 has an invalid length.
[  279.025940][T12983] netlink: 'syz.1.2923': attribute type 11 has an invalid length.
[  279.034259][T12983] netlink: 'syz.1.2923': attribute type 12 has an invalid length.
[  279.042181][T12983] netlink: 210020 bytes leftover after parsing attributes in process `syz.1.2923'.
[  279.057163][T12983] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2923'.
[  279.182614][   T10] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  279.346893][   T10] usb 3-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  279.365191][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.381242][   T10] usb 3-1: Product: syz
[  279.386910][   T10] usb 3-1: Manufacturer: syz
[  279.398200][   T10] usb 3-1: SerialNumber: syz
[  279.408107][   T10] usb 3-1: config 0 descriptor??
[  279.421723][   T10] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  280.397504][T13051] fuse: Bad value for 'fd'
[  280.826057][   T10] gspca_sunplus: reg_w_riv err -71
[  280.840535][   T10] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  280.863892][   T10] usb 3-1: USB disconnect, device number 34
[  280.969586][T13076] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2961'.
[  281.467091][T13081] input: syz1 as /devices/virtual/input/input15
[  282.159613][T13114] fuse: fd is not a fuse device
[  282.202073][T13117] pimreg: entered allmulticast mode
[  282.208984][T13117] pimreg: left allmulticast mode
[  282.232911][ T5914] usb 3-1: new low-speed USB device number 35 using dummy_hcd
[  282.405078][ T5914] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  282.416702][ T5914] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  282.429145][ T5914] usb 3-1: New USB device found, idVendor=0c70, idProduct=f0b6, bcdDevice= 0.00
[  282.442666][ T5914] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.465970][ T5914] usb 3-1: config 0 descriptor??
[  282.753047][    C0] vxcan0: j1939_tp_rxtimer: 0xffff88805a33ec00: rx timeout, send abort
[  282.761667][    C0] vxcan0: j1939_xtp_rx_abort_one: 0xffff88805a33ec00: 0x0f000: (3) A timeout occurred and this is the connection abort to close the session.
[  282.883421][ T5914] aquacomputer_d5next 0003:0C70:F0B6.000B: item fetching failed at offset 5/7
[  282.893057][ T5914] aquacomputer_d5next 0003:0C70:F0B6.000B: probe with driver aquacomputer_d5next failed with error -22
[  283.091610][  T808] usb 3-1: USB disconnect, device number 35
[  283.338897][T13140] overlayfs: failed to clone upperpath
[  283.504821][T13151] fuse: fd is not a fuse device
[  283.539857][T13153] fuse: fd is not a fuse device
[  283.932512][  T808] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  284.082739][  T808] usb 3-1: Using ep0 maxpacket: 8
[  284.090096][  T808] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  284.105214][  T808] usb 3-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  284.117788][  T808] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.132567][  T808] usb 3-1: config 0 descriptor??
[  284.150091][  T808] gspca_main: vc032x-2.14.0 probing 046d:0892
[  284.507772][T13203] netlink: 'syz.0.3013': attribute type 9 has an invalid length.
[  284.522605][T13203] netlink: 'syz.0.3013': attribute type 11 has an invalid length.
[  284.530491][T13203] netlink: 'syz.0.3013': attribute type 12 has an invalid length.
[  284.538760][T13203] netlink: 210020 bytes leftover after parsing attributes in process `syz.0.3013'.
[  284.548863][T13203] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3013'.
[  284.669692][   T51] Bluetooth: hci0: connection err: -111
[  285.561460][ T5957] usb 3-1: USB disconnect, device number 36
[  285.757448][T13230] fuse: Bad value for 'fd'
[  286.209005][T13243] netlink: 'syz.2.3029': attribute type 3 has an invalid length.
[  288.081362][T13296] fuse: root generation should be zero
[  288.525816][T13317] fuse: Bad value for 'fd'
[  288.618095][T13324] fuse: Bad value for 'fd'
[  288.722331][   T30] audit: type=1800 audit(1773695621.298:701): pid=13330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3066" name="SYSV00000000" dev="tmpfs" ino=2 res=0 errno=0
[  289.100128][T13351] cgroup: Setting release_agent not allowed
[  289.522466][ T5914] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  289.686702][ T5914] usb 3-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  289.721507][ T5914] usb 3-1: config 1 interface 0 has no altsetting 0
[  289.739921][ T5914] usb 3-1: string descriptor 0 read error: -22
[  289.748380][ T5914] usb 3-1: New USB device found, idVendor=17ef, idProduct=60a4, bcdDevice= 0.40
[  289.769615][ T5914] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  290.371647][ T5914] hid_parser_main: 5 callbacks suppressed
[  290.371671][ T5914] lenovo 0003:17EF:60A4.000C: unknown main item tag 0x0
[  290.417524][ T5914] lenovo 0003:17EF:60A4.000C: unknown main item tag 0x0
[  290.434701][ T5914] lenovo 0003:17EF:60A4.000C: unknown main item tag 0x0
[  290.452900][ T5914] lenovo 0003:17EF:60A4.000C: unknown main item tag 0x0
[  290.467473][ T5914] lenovo 0003:17EF:60A4.000C: unknown main item tag 0x0
[  290.492492][ T5914] lenovo 0003:17EF:60A4.000C: unknown main item tag 0x0
[  290.503637][ T5914] lenovo 0003:17EF:60A4.000C: unknown main item tag 0x0
[  290.519888][ T5914] lenovo 0003:17EF:60A4.000C: unknown main item tag 0x0
[  290.536889][ T5914] lenovo 0003:17EF:60A4.000C: unknown main item tag 0x0
[  290.562499][ T5914] lenovo 0003:17EF:60A4.000C: unknown main item tag 0x0
[  290.706064][ T5914] lenovo 0003:17EF:60A4.000C: hidraw0: USB HID v0.01 Device [HID 17ef:60a4] on usb-dummy_hcd.2-1/input0
[  290.751667][ T5914] usb 3-1: USB disconnect, device number 37
[  290.895340][T13383] fido_id[13383]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  291.431922][T13394] fuse: Bad value for 'fd'
[  292.276374][T13416] overlayfs: failed to clone upperpath
[  292.579420][T13438] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3109'.
[  292.636510][T13437] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3303861288 (422894244864 ns) > initial count (241705619456 ns). Using initial count to start timer.
[  293.237215][T13468] fuse: fd is not a fuse device
[  293.947103][T13506] overlayfs: failed to clone upperpath
[  294.448029][T13520] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  294.469635][T13520] overlayfs: failed to set xattr on upper
[  294.482038][T13520] overlayfs: ...falling back to redirect_dir=nofollow.
[  294.493651][T13520] overlayfs: ...falling back to index=off.
[  294.626428][T13522] netlink: 'syz.1.3147': attribute type 29 has an invalid length.
[  294.662179][T13522] netlink: 'syz.1.3147': attribute type 29 has an invalid length.
[  294.697599][T13522] netlink: 500 bytes leftover after parsing attributes in process `syz.1.3147'.
[  295.166674][T13524] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3148'.
[  295.177993][T13524] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3148'.
[  295.239955][T13528] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  295.547949][T13548] fuse: fd is not a fuse device
[  296.183415][T13581] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.3171'.
[  296.195896][T13572] tipc: Started in network mode
[  296.204922][T13572] tipc: Node identity ac14140f, cluster identity 4711
[  296.216524][T13572] tipc: New replicast peer: 10.1.1.0
[  296.222204][T13572] tipc: Enabled bearer <udp:syz2>, priority 10
[  296.688163][T13600] fuse: Bad value for 'fd'
[  296.697692][T13601] fuse: fd is not a fuse device
[  297.001228][T13616] overlayfs: failed to clone upperpath
[  297.232721][ T5957] tipc: Node number set to 2886997007
[  297.666916][T13630] netlink: 'syz.3.3190': attribute type 1 has an invalid length.
[  297.679875][T13630] netlink: 'syz.3.3190': attribute type 4 has an invalid length.
[  297.689029][T13630] netlink: 9462 bytes leftover after parsing attributes in process `syz.3.3190'.
[  298.333681][T13646] fuse: fd is not a fuse device
[  298.404692][T13649] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[  298.411343][T13649] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[  299.422642][ T5891] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  299.500808][T13689] netlink: 104 bytes leftover after parsing attributes in process `syz.0.3211'.
[  299.572465][ T5891] usb 3-1: Using ep0 maxpacket: 16
[  301.092847][T13709] overlayfs: failed to clone upperpath
[  301.446240][T13724] fuse: fd is not a fuse device
[  302.196480][ T5891] usb 3-1: unable to get BOS descriptor or descriptor too short
[  302.211165][ T5891] usb 3-1: no configurations
[  302.224405][ T5891] usb 3-1: can't read configurations, error -22
[  303.279988][T13787] fuse: fd is not a fuse device
[  304.285776][T13833] netlink: 'syz.0.3284': attribute type 1 has an invalid length.
[  304.293727][T13833] netlink: 'syz.0.3284': attribute type 4 has an invalid length.
[  304.301519][T13833] netlink: 9462 bytes leftover after parsing attributes in process `syz.0.3284'.
[  305.360539][T13875] tipc: Failed to remove unknown binding: 66,1,1/0:1969011937/1969011939
[  305.389286][T13875] tipc: Failed to remove unknown binding: 66,1,1/0:1969011937/1969011939
[  309.907780][T13976] netlink: 'syz.3.3335': attribute type 9 has an invalid length.
[  309.916839][T13976] netlink: 'syz.3.3335': attribute type 11 has an invalid length.
[  309.932052][T13976] netlink: 'syz.3.3335': attribute type 12 has an invalid length.
[  309.940732][T13976] netlink: 210020 bytes leftover after parsing attributes in process `syz.3.3335'.
[  309.974075][T13976] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3335'.
[  310.871179][T14028] fuse: fd is not a fuse device
[  310.927296][T14033] fuse: fd is not a fuse device
[  310.943865][T14034] KVM: debugfs: duplicate directory 14034-4
[  311.098406][T14044] fuse: fd is not a fuse device
[  311.256300][T14053] netlink: 'syz.1.3369': attribute type 10 has an invalid length.
[  311.264363][T14053] netlink: 156 bytes leftover after parsing attributes in process `syz.1.3369'.
[  311.428918][T14053] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3369'.
[  311.503247][T14053] : entered promiscuous mode
[  311.769635][T14076] overlayfs: failed to clone upperpath
[  311.849495][T14078] netlink: 'syz.2.3381': attribute type 5 has an invalid length.
[  311.886262][T14078] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3381'.
[  312.368349][T14100] fuse: fd is not a fuse device
[  312.426544][T14103] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  312.435621][T14103] overlayfs: failed to set xattr on upper
[  312.441397][T14103] overlayfs: ...falling back to index=off.
[  312.450451][T14103] overlayfs: ...falling back to uuid=null.
[  312.587332][T14113] fuse: fd is not a fuse device
[  312.842124][T14131] fuse: fd is not a fuse device
[  312.938527][T14138] netlink: 14 bytes leftover after parsing attributes in process `syz.1.3406'.
[  312.942027][T14134] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3405'.
[  313.127885][T14148] fuse: fd is not a fuse device
[  313.759475][T14166] fuse: fd is not a fuse device
[  314.200326][T14183] fuse: fd is not a fuse device
[  314.207245][T14183] overlayfs: failed to clone upperpath
[  314.413830][T14192] fuse: Bad value for 'fd'
[  314.752198][T14208] overlayfs: failed to clone upperpath
[  314.873510][T14214] fuse: Bad value for 'fd'
[  315.472846][T14228] fuse: fd is not a fuse device
[  315.840288][T14232] fuse: Bad value for 'fd'
[  316.964152][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  316.970540][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  317.003732][ T5957] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  317.163457][ T5957] usb 3-1: Using ep0 maxpacket: 16
[  317.176139][ T5957] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  317.202270][ T5957] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  317.232526][ T5957] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  317.249846][ T5957] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  317.269558][ T5957] usb 3-1: Product: syz
[  317.279899][ T5957] usb 3-1: Manufacturer: syz
[  317.289829][ T5957] usb 3-1: SerialNumber: syz
[  317.304459][ T5957] usb 3-1: config 0 descriptor??
[  317.326716][ T5957] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  317.343513][ T5957] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[  317.931680][ T5957] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  317.949597][ T5957] em28xx 3-1:0.0: Config register raw data: 0xf4
[  317.962420][ T5957] em28xx 3-1:0.0: I2S Audio (3 sample rate(s))
[  317.982450][ T5957] em28xx 3-1:0.0: No AC97 audio processor
[  318.319090][T14287] fuse: fd is not a fuse device
[  318.767872][ T5957] usb 3-1: USB disconnect, device number 40
[  319.709732][T14323] fuse: fd is not a fuse device
[  319.775954][T14329] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3489'.
[  319.898027][T14337] overlayfs: failed to clone upperpath
[  320.243625][T14354] fuse: fd is not a fuse device
[  320.271561][T14356] fuse: fd is not a fuse device
[  320.547579][T14375] fuse: fd is not a fuse device
[  320.659597][T14383] netlink: 703 bytes leftover after parsing attributes in process `syz.1.3511'.
[  320.936837][T14398] netlink: 'syz.0.3516': attribute type 21 has an invalid length.
[  320.945861][T14398] netlink: 'syz.0.3516': attribute type 6 has an invalid length.
[  320.954890][T14398] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3516'.
[  321.066680][T14403] fuse: fd is not a fuse device
[  321.281441][   T51] Bluetooth: hci3: unexpected event for opcode 0x2023
[  321.422732][T14416] overlayfs: failed to clone upperpath
[  321.472428][   T29] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  321.644104][   T29] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  321.655471][   T29] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  321.667073][   T29] usb 3-1: config 1 interface 1 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  321.681298][   T29] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  321.690827][   T29] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  321.699193][   T29] usb 3-1: Product: syz
[  321.703872][   T29] usb 3-1: Manufacturer: syz
[  321.708561][   T29] usb 3-1: SerialNumber: syz
[  321.716888][T14422] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  321.723959][T14422] overlayfs: failed to set xattr on upper
[  321.726891][   T29] cdc_mbim 3-1:1.0: skipping garbage
[  321.729745][T14422] overlayfs: ...falling back to redirect_dir=nofollow.
[  321.741958][T14422] overlayfs: ...falling back to uuid=null.
[  321.748000][T14422] overlayfs: conflicting lowerdir path
[  321.935460][T14408] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  321.989862][   T51] Bluetooth: hci0: connection err: -111
[  322.763745][   T29] cdc_mbim 3-1:1.0: bind() failure
[  322.797876][   T29] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  322.805093][   T29] cdc_ncm 3-1:1.1: bind() failure
[  322.826356][   T29] usb 3-1: USB disconnect, device number 41
[  324.017701][T14485] overlayfs: failed to clone upperpath
[  324.146052][T14489] overlayfs: failed to clone upperpath
[  324.788066][T14520] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  324.802560][T14520] overlayfs: failed to set xattr on upper
[  324.808476][T14520] overlayfs: ...falling back to redirect_dir=nofollow.
[  324.816366][T14520] overlayfs: ...falling back to index=off.
[  324.822968][T14520] overlayfs: ...falling back to uuid=null.
[  324.834598][T14520] overlayfs: ...falling back to xino=off.
[  325.169447][T14537] overlayfs: failed to clone upperpath
[  325.243299][T14539] fuse: fd is not a fuse device
[  325.475682][T14547] netlink: 'syz.1.3579': attribute type 10 has an invalid length.
[  325.498742][T14547] veth0_vlan: entered allmulticast mode
[  325.531966][T14548] netlink: 'syz.1.3579': attribute type 10 has an invalid length.
[  325.579851][T14547] veth0_vlan: left promiscuous mode
[  325.617164][T14547] veth0_vlan: entered promiscuous mode
[  325.638234][T14547] team0: Device veth0_vlan failed to register rx_handler
[  325.681267][T14548] ipvlan1: entered promiscuous mode
[  325.705753][T14548] team0: Device ipvlan1 failed to register rx_handler
[  325.919181][T14556] fuse: fd is not a fuse device
[  325.976172][   T51] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  325.987673][   T51] CPU: 0 UID: 0 PID: 51 Comm: kworker/u9:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  325.987705][   T51] Tainted: [L]=SOFTLOCKUP
[  325.987713][   T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  325.987726][   T51] Workqueue: hci3 hci_rx_work
[  325.987770][   T51] Call Trace:
[  325.987778][   T51]  <TASK>
[  325.987787][   T51]  dump_stack_lvl+0xe8/0x150
[  325.987820][   T51]  sysfs_create_dir_ns+0x271/0x2a0
[  325.987850][   T51]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  325.987880][   T51]  ? do_raw_spin_unlock+0xf5/0x210
[  325.987911][   T51]  kobject_add_internal+0x62b/0xd00
[  325.987944][   T51]  kobject_add+0x163/0x240
[  325.987972][   T51]  ? __pfx_kobject_add+0x10/0x10
[  325.987995][   T51]  ? _raw_spin_unlock+0x28/0x50
[  325.988028][   T51]  ? get_device_parent+0x366/0x3a0
[  325.988164][   T51]  device_add+0x408/0xb70
[  325.988199][   T51]  hci_conn_add_sysfs+0xd5/0x210
[  325.988237][   T51]  le_conn_complete_evt+0xf1d/0x1430
[  325.988272][   T51]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  325.988295][   T51]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  325.988320][   T51]  ? __pfx___mutex_lock+0x10/0x10
[  325.988340][   T51]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  325.988360][   T51]  ? skb_pull_data+0xfb/0x200
[  325.988391][   T51]  hci_le_conn_complete_evt+0x187/0x470
[  325.988422][   T51]  hci_event_packet+0x7af/0x12c0
[  325.988457][   T51]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  325.988480][   T51]  ? __pfx_hci_event_packet+0x10/0x10
[  325.988516][   T51]  ? kcov_remote_start+0x49a/0x7a0
[  325.988543][   T51]  ? hci_send_to_monitor+0xe2/0x590
[  325.988572][   T51]  hci_rx_work+0x3ee/0x1040
[  325.988621][   T51]  ? process_one_work+0x8bb/0x1780
[  325.988651][   T51]  process_one_work+0x9ab/0x1780
[  325.988704][   T51]  ? __pfx_process_one_work+0x10/0x10
[  325.988733][   T51]  ? do_raw_spin_lock+0x12b/0x2f0
[  325.988774][   T51]  worker_thread+0xba8/0x11e0
[  325.988819][   T51]  kthread+0x388/0x470
[  325.988843][   T51]  ? __pfx_worker_thread+0x10/0x10
[  325.988873][   T51]  ? __pfx_kthread+0x10/0x10
[  325.988899][   T51]  ret_from_fork+0x51e/0xb90
[  325.988932][   T51]  ? __pfx_ret_from_fork+0x10/0x10
[  325.988959][   T51]  ? __switch_to+0xc7d/0x1450
[  325.988989][   T51]  ? __pfx_kthread+0x10/0x10
[  325.989014][   T51]  ret_from_fork_asm+0x1a/0x30
[  325.989051][   T51]  </TASK>
[  325.990105][   T51] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  326.126350][T14565] overlayfs: failed to clone upperpath
[  326.129577][   T51] Bluetooth: hci3: failed to register connection device
[  326.580456][T14575] fuse: fd is not a fuse device
[  326.825084][T14585] fuse: fd is not a fuse device
[  326.971920][T14591] fuse: fd is not a fuse device
[  327.360507][T14611] overlayfs: failed to clone upperpath
[  327.405054][T14613] overlayfs: failed to clone upperpath
[  327.520980][T14620] fuse: fd is not a fuse device
[  327.797857][T14635] tipc: Failed to remove unknown binding: 66,1,1/0:777727126/777727128
[  327.909030][T14640] netlink: 'syz.1.3619': attribute type 4 has an invalid length.
[  327.936251][T14640] netlink: 'syz.1.3619': attribute type 4 has an invalid length.
[  328.017527][T14642] "syz.0.3620" (14642) uses obsolete ecb(arc4) skcipher
[  328.615449][T14634] tipc: Failed to remove unknown binding: 66,1,1/0:777727126/777727128
[  328.624037][T14634] tipc: Failed to remove unknown binding: 66,1,1/0:777727126/777727128
[  328.953739][T14678] fuse: fd is not a fuse device
[  329.193735][T14689] fuse: fd is not a fuse device
[  329.281097][T14693] overlayfs: failed to clone upperpath
[  329.440393][T14705] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3649'.
[  329.768540][T14732] fuse: fd is not a fuse device
[  329.930921][T14743] overlayfs: failed to clone upperpath
[  330.092722][T14753] fuse: fd is not a fuse device
[  330.427168][T14780] fuse: fd is not a fuse device
[  330.537443][T14788] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  330.548658][T14788] overlayfs: failed to set xattr on upper
[  330.557217][T14788] overlayfs: ...falling back to redirect_dir=nofollow.
[  330.564736][T14788] overlayfs: ...falling back to index=off.
[  330.570683][T14788] overlayfs: ...falling back to uuid=null.
[  330.577090][T14788] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[  330.651930][T14791] fuse: fd is not a fuse device
[  330.717142][T14793] fuse: fd is not a fuse device
[  331.016390][T14801] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3690'.
[  331.291411][T14814] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3697'.
[  332.505005][T14852] netlink: 60 bytes leftover after parsing attributes in process `syz.3.3714'.
[  332.525163][T14852] unsupported nlmsg_type 40
[  333.368444][T14883] overlayfs: failed to clone upperpath
[  333.946020][T14903] netlink: 'syz.1.3735': attribute type 10 has an invalid length.
[  333.977183][T14902] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  333.996833][T14902] block device autoloading is deprecated and will be removed.
[  334.096216][T14903] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  334.122574][T14903] team0: Failed to send options change via netlink (err -105)
[  334.144659][T14903] team0: Port device netdevsim0 added
[  334.451623][T14915] overlayfs: failed to clone upperpath
[  334.795187][T14932] fuse: fd is not a fuse device
[  335.002554][ T5891] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  335.082146][T14943] fuse: fd is not a fuse device
[  335.175999][ T5891] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  335.235249][ T5891] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  335.245112][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  335.266843][ T5891] usb 3-1: Product: syz
[  335.277004][T14951] fuse: fd is not a fuse device
[  335.279210][ T5891] usb 3-1: Manufacturer: syz
[  335.286633][ T5891] usb 3-1: SerialNumber: syz
[  335.500782][ T5891] usblp 3-1:1.0: usblp0: USB Unidirectional printer dev 42 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  335.758974][ T5891] usb 3-1: USB disconnect, device number 42
[  335.771364][ T5891] usblp0: removed
[  336.143536][T14975] fuse: fd is not a fuse device
[  336.596450][T14995] overlayfs: failed to clone upperpath
[  336.802770][T15003] fuse: fd is not a fuse device
[  337.542870][T15030] fuse: fd is not a fuse device
[  338.809098][T15088] overlayfs: failed to clone upperpath
[  339.295469][T15116] fuse: fd is not a fuse device
[  342.832149][T15170] fuse: fd is not a fuse device
[  342.846085][T15172] fuse: fd is not a fuse device
[  343.490168][T15199] netlink: 'syz.3.3858': attribute type 10 has an invalid length.
[  343.514148][T15199] team0: Device vxcan1 is of different type
[  343.613638][T15204] netlink: 156 bytes leftover after parsing attributes in process `syz.3.3860'.
[  344.117790][T15226] netlink: 'syz.0.3869': attribute type 2 has an invalid length.
[  344.130363][T15226] netlink: 'syz.0.3869': attribute type 2 has an invalid length.
[  344.229633][T15228] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  344.240610][T15228] overlayfs: failed to set xattr on upper
[  344.253481][T15228] overlayfs: ...falling back to redirect_dir=nofollow.
[  344.260480][T15228] overlayfs: ...falling back to metacopy=off.
[  344.268687][T15228] overlayfs: ...falling back to index=off.
[  344.275349][T15228] overlayfs: ...falling back to uuid=null.
[  344.456806][T15232] fuse: fd is not a fuse device
[  345.163757][T15242] fuse: fd is not a fuse device
[  345.270727][T15246] fuse: fd is not a fuse device
[  345.534760][T15254] 9pnet: p9_errstr2errno: server reported unknown error 0x000000
[  345.847651][T15270] tipc: Failed to remove unknown binding: 66,1,1/0:4268100414/4268100416
[  347.021379][T15289] fuse: fd is not a fuse device
[  347.210760][T15295] fuse: fd is not a fuse device
[  347.878153][T15324] overlay: filesystem on ./file0 not supported
[  347.953520][T15329] fuse: fd is not a fuse device
[  348.300000][T15349] overlayfs: failed to clone upperpath
[  349.228682][T15379] fuse: fd is not a fuse device
[  350.140509][T15411] fuse: fd is not a fuse device
[  350.334520][T15419] fuse: fd is not a fuse device
[  350.694986][T15436] fuse: fd is not a fuse device
[  350.802254][T15438] fuse: fd is not a fuse device
[  350.901197][T15440] fuse: fd is not a fuse device
[  351.001724][T15442] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  351.032255][T15442] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  351.059008][T15445] fuse: fd is not a fuse device
[  353.693136][T15486] Set syz1 is full, maxelem 65536 reached
[  353.872038][T15491] fuse: fd is not a fuse device
[  353.993777][  T808] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  354.017143][T15493] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3980'.
[  354.080250][T15495] fuse: fd is not a fuse device
[  354.106458][T15496] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3980'.
[  354.152469][  T808] usb 3-1: Using ep0 maxpacket: 16
[  354.169511][  T808] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  354.191978][  T808] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  354.217448][  T808] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  354.232415][  T808] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  354.251720][  T808] usb 3-1: Product: syz
[  354.258687][  T808] usb 3-1: Manufacturer: syz
[  354.264723][  T808] usb 3-1: SerialNumber: syz
[  354.273921][T15500] netlink: 168 bytes leftover after parsing attributes in process `syz.3.3982'.
[  354.275214][  T808] usb 3-1: config 0 descriptor??
[  354.304012][  T808] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  354.330108][  T808] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[  354.746331][T15504] fuse: fd is not a fuse device
[  354.836346][T15507] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3986'.
[  354.866259][T15507] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3986'.
[  354.910511][  T808] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  354.926701][  T808] em28xx 3-1:0.0: Config register raw data: 0xfffffffb
[  355.638458][T15556] fuse: fd is not a fuse device
[  355.741815][  T808] em28xx 3-1:0.0: Unknown AC97 audio processor detected!
[  355.758144][  T808] em28xx 3-1:0.0: couldn't setup AC97 register 2
[  355.777905][  T808] em28xx 3-1:0.0: couldn't setup AC97 register 4
[  355.796374][  T808] em28xx 3-1:0.0: couldn't setup AC97 register 6
[  355.811841][  T808] em28xx 3-1:0.0: couldn't setup AC97 register 54
[  355.825153][  T808] em28xx 3-1:0.0: couldn't setup AC97 register 56
[  355.854262][  T808] usb 3-1: USB disconnect, device number 43
[  355.976372][T15563] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4010'.
[  356.042696][T15567] fuse: fd is not a fuse device
[  356.649514][T15587] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4021'.
[  356.739818][T15593] fuse: fd is not a fuse device
[  356.768657][T15595] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4026'.
[  357.008058][T15610] fuse: fd is not a fuse device
[  357.055394][T15613] fuse: fd is not a fuse device
[  357.119602][T15618] fuse: fd is not a fuse device
[  357.190126][T15624] netlink: 679 bytes leftover after parsing attributes in process `syz.0.4039'.
[  358.138458][T15664] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4056'.
[  358.419010][T15675] fuse: fd is not a fuse device
[  358.825706][   T30] audit: type=1326 audit(1773695697.403:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15682 comm="syz.1.4063" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3d4119c799 code=0x0
[  359.427508][T15694] fuse: fd is not a fuse device
[  360.533881][   T30] audit: type=1800 audit(1773695699.103:703): pid=15727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.4079" name="bus" dev="ramfs" ino=42688 res=0 errno=0
[  360.665190][T15735] __nla_validate_parse: 2 callbacks suppressed
[  360.665209][T15735] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4082'.
[  361.037901][T15744] netlink: 'syz.2.4086': attribute type 10 has an invalid length.
[  361.061050][T15744] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  361.108644][T15749] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4084'.
[  361.130413][T15749] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4084'.
[  361.202262][T15756] fuse: fd is not a fuse device
[  361.251220][T15760] fuse: fd is not a fuse device
[  361.622511][ T5891] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  361.787975][ T5891] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  361.822539][ T5891] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  361.847068][ T5891] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  361.864104][ T5891] usb 3-1: config 0 descriptor??
[  361.881699][ T5891] pwc: Askey VC010 type 2 USB webcam detected.
[  362.092899][T15791] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4103'.
[  362.102044][T15791] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4103'.
[  362.190115][T15795] fuse: fd is not a fuse device
[  362.285623][ T5891] pwc: recv_control_msg error -32 req 02 val 2b00
[  362.297333][ T5891] pwc: recv_control_msg error -32 req 02 val 2700
[  362.313458][ T5891] pwc: recv_control_msg error -32 req 02 val 2c00
[  362.330660][ T5891] pwc: recv_control_msg error -32 req 04 val 1000
[  362.345157][ T5891] pwc: recv_control_msg error -32 req 04 val 1300
[  362.363247][ T5891] pwc: recv_control_msg error -32 req 04 val 1400
[  362.584964][ T5891] pwc: recv_control_msg error -71 req 02 val 2100
[  362.614499][ T5891] pwc: recv_control_msg error -71 req 04 val 1500
[  362.625000][ T5891] pwc: recv_control_msg error -71 req 02 val 2500
[  362.637418][ T5891] pwc: recv_control_msg error -71 req 02 val 2400
[  362.649480][ T5891] pwc: recv_control_msg error -71 req 02 val 2600
[  362.663090][ T5891] pwc: recv_control_msg error -71 req 02 val 2900
[  362.671989][ T5891] pwc: recv_control_msg error -71 req 02 val 2800
[  362.680985][ T5891] pwc: recv_control_msg error -71 req 04 val 1100
[  362.695752][ T5891] pwc: recv_control_msg error -71 req 04 val 1200
[  362.698272][T15814] netlink: 28 bytes leftover after parsing attributes in process `syz.3.4111'.
[  362.720955][ T5891] pwc: Registered as video103.
[  362.743780][ T5891] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input16
[  362.786735][ T5891] usb 3-1: USB disconnect, device number 44
[  362.860623][T15819] fuse: fd is not a fuse device
[  363.472810][ T5891] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  363.632480][ T5891] usb 3-1: Using ep0 maxpacket: 32
[  363.647624][ T5891] usb 3-1: config 0 has an invalid interface number: 188 but max is 0
[  363.662440][ T5891] usb 3-1: config 0 has no interface number 0
[  363.672898][ T5891] usb 3-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  363.690538][ T5891] usb 3-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  363.703459][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  363.711734][ T5891] usb 3-1: Product: syz
[  363.716610][ T5891] usb 3-1: Manufacturer: syz
[  363.721422][ T5891] usb 3-1: SerialNumber: syz
[  363.733097][ T5891] usb 3-1: config 0 descriptor??
[  363.746550][T15831] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  363.968600][T15831] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  364.327773][T15855] fuse: fd is not a fuse device
[  364.665388][T15866] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4132'.
[  364.740913][T15869] fuse: fd is not a fuse device
[  365.607042][ T5891] asix 3-1:0.188 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  365.630407][ T5891] asix 3-1:0.188 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  365.652209][ T5891] asix 3-1:0.188: probe with driver asix failed with error -71
[  365.675052][ T5891] usb 3-1: USB disconnect, device number 45
[  366.174291][T15889] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4140'.
[  367.842901][ T5891] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  367.970765][T15934] fuse: fd is not a fuse device
[  368.002471][ T5891] usb 3-1: Using ep0 maxpacket: 16
[  368.015672][ T5891] usb 3-1: config 0 has an invalid interface number: 41 but max is 0
[  368.034339][ T5891] usb 3-1: config 0 has no interface number 0
[  368.046944][ T5891] usb 3-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  368.070079][ T5891] usb 3-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  368.091420][ T5891] usb 3-1: config 0 interface 41 has no altsetting 0
[  368.108848][ T5891] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  368.127361][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.145826][ T5891] usb 3-1: Product: syz
[  368.150756][ T5891] usb 3-1: Manufacturer: syz
[  368.163797][ T5891] usb 3-1: SerialNumber: syz
[  368.180231][ T5891] usb 3-1: config 0 descriptor??
[  368.193796][T15923] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  368.222239][T15923] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  368.302321][T15938] overlayfs: failed to clone upperpath
[  368.448519][T15923] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  368.466725][T15923] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  368.742108][T15955] fuse: fd is not a fuse device
[  369.087724][ T5891] CoreChips 3-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  369.277999][T15965] netlink: 703 bytes leftover after parsing attributes in process `syz.0.4172'.
[  370.316487][ T5891] CoreChips 3-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[  370.335271][ T5891] CoreChips 3-1:0.41 (unnamed net_device) (uninitialized): Failed to reset PHY: -71
[  370.366288][ T5891] CoreChips 3-1:0.41: probe with driver CoreChips failed with error -71
[  370.393544][ T5891] usb 3-1: USB disconnect, device number 46
[  371.182727][ T5891] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  371.188065][T16011] fuse: fd is not a fuse device
[  371.307551][   T51] Bluetooth: hci2: unknown advertising packet type: 0x69
[  371.307630][   T51] Bluetooth: hci2: Malformed LE Event: 0x02
[  371.354963][ T5891] usb 3-1: Using ep0 maxpacket: 32
[  371.381149][ T5891] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  371.396976][ T5891] usb 3-1: config 0 has no interface number 0
[  371.425525][ T5891] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  371.447237][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  371.465462][ T5891] usb 3-1: Product: syz
[  371.480030][ T5891] usb 3-1: Manufacturer: syz
[  371.492439][ T5891] usb 3-1: SerialNumber: syz
[  371.508541][ T5891] usb 3-1: config 0 descriptor??
[  371.724342][T16033] overlayfs: failed to clone upperpath
[  371.787293][T16037] netlink: 'syz.3.4202': attribute type 83 has an invalid length.
[  371.847797][T16040] netlink: 'syz.3.4202': attribute type 83 has an invalid length.
[  371.920784][T16042] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000
[  371.946506][ T5891] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  371.957401][ T5891] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  372.403809][T16058] fuse: fd is not a fuse device
[  372.470092][T16061] netlink: 'syz.0.4212': attribute type 4 has an invalid length.
[  372.561580][T16066] overlayfs: failed to clone upperpath
[  372.759913][T16080] overlayfs: failed to clone upperpath
[  372.836755][T16083] overlayfs: failed to clone upperpath
[  372.893869][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  373.043224][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[  373.179681][ T5891] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  373.198669][ T5891] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71
[  373.221454][ T5891] usb 3-1: USB disconnect, device number 47
[  373.269646][T16090] fuse: fd is not a fuse device
[  373.780923][T16104] fuse: fd is not a fuse device
[  373.936166][T16115] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4237'.
[  373.956129][T16115] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4237'.
[  374.072637][ T5891] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  374.156531][   T51] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  374.166147][   T51] CPU: 1 UID: 0 PID: 51 Comm: kworker/u9:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  374.166179][   T51] Tainted: [L]=SOFTLOCKUP
[  374.166187][   T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  374.166200][   T51] Workqueue: hci3 hci_rx_work
[  374.166240][   T51] Call Trace:
[  374.166248][   T51]  <TASK>
[  374.166255][   T51]  dump_stack_lvl+0xe8/0x150
[  374.166289][   T51]  sysfs_create_dir_ns+0x271/0x2a0
[  374.166319][   T51]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  374.166348][   T51]  ? do_raw_spin_unlock+0xf5/0x210
[  374.166379][   T51]  kobject_add_internal+0x62b/0xd00
[  374.166409][   T51]  kobject_add+0x163/0x240
[  374.166437][   T51]  ? __pfx_kobject_add+0x10/0x10
[  374.166460][   T51]  ? _raw_spin_unlock+0x28/0x50
[  374.166492][   T51]  ? get_device_parent+0x366/0x3a0
[  374.166526][   T51]  device_add+0x408/0xb70
[  374.166559][   T51]  hci_conn_add_sysfs+0xd5/0x210
[  374.166592][   T51]  le_conn_complete_evt+0xf1d/0x1430
[  374.166626][   T51]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  374.166649][   T51]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  374.166672][   T51]  ? __pfx___mutex_lock+0x10/0x10
[  374.166691][   T51]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  374.166710][   T51]  ? skb_pull_data+0xfb/0x200
[  374.166740][   T51]  hci_le_conn_complete_evt+0x187/0x470
[  374.166770][   T51]  hci_event_packet+0x7af/0x12c0
[  374.166807][   T51]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  374.166830][   T51]  ? __pfx_hci_event_packet+0x10/0x10
[  374.166863][   T51]  ? kcov_remote_start+0x49a/0x7a0
[  374.166896][   T51]  ? hci_send_to_monitor+0xe2/0x590
[  374.166925][   T51]  hci_rx_work+0x3ee/0x1040
[  374.166966][   T51]  ? process_one_work+0x8bb/0x1780
[  374.166996][   T51]  process_one_work+0x9ab/0x1780
[  374.167046][   T51]  ? __pfx_process_one_work+0x10/0x10
[  374.167074][   T51]  ? do_raw_spin_lock+0x12b/0x2f0
[  374.167115][   T51]  worker_thread+0xba8/0x11e0
[  374.167160][   T51]  kthread+0x388/0x470
[  374.167184][   T51]  ? __pfx_worker_thread+0x10/0x10
[  374.167214][   T51]  ? __pfx_kthread+0x10/0x10
[  374.167239][   T51]  ret_from_fork+0x51e/0xb90
[  374.167270][   T51]  ? __pfx_ret_from_fork+0x10/0x10
[  374.167295][   T51]  ? __switch_to+0xc7d/0x1450
[  374.167321][   T51]  ? __pfx_kthread+0x10/0x10
[  374.167344][   T51]  ret_from_fork_asm+0x1a/0x30
[  374.167378][   T51]  </TASK>
[  374.167406][   T51] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  374.242620][ T5891] usb 3-1: Using ep0 maxpacket: 16
[  374.248393][   T51] Bluetooth: hci3: failed to register connection device
[  374.267443][ T5891] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  374.420529][T16135] fuse: fd is not a fuse device
[  374.444120][ T5891] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  374.459065][ T5891] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  374.468375][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  374.477177][ T5891] usb 3-1: Product: syz
[  374.481620][ T5891] usb 3-1: Manufacturer: syz
[  374.486414][ T5891] usb 3-1: SerialNumber: syz
[  374.494249][ T5891] usb 3-1: config 0 descriptor??
[  374.502929][ T5891] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  374.534793][ T5891] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[  375.059860][T16153] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4255'.
[  375.069188][T16153] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4255'.
[  375.106180][ T5891] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  375.120610][ T5891] em28xx 3-1:0.0: Config register raw data: 0xfffffffb
[  375.197140][T16157] fuse: fd is not a fuse device
[  375.269457][T16163] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4260'.
[  375.396653][T16168] fuse: fd is not a fuse device
[  375.752568][ T5891] em28xx 3-1:0.0: AC97 command still being executed: not handled properly!
[  375.761528][ T5891] em28xx 3-1:0.0: Unknown AC97 audio processor detected!
[  375.941609][ T5891] em28xx 3-1:0.0: couldn't setup AC97 register 2
[  375.956595][ T5891] em28xx 3-1:0.0: couldn't setup AC97 register 4
[  375.963683][ T5891] em28xx 3-1:0.0: couldn't setup AC97 register 6
[  375.970523][ T5891] em28xx 3-1:0.0: couldn't setup AC97 register 54
[  375.978120][ T5891] em28xx 3-1:0.0: couldn't setup AC97 register 56
[  375.991646][ T5891] usb 3-1: USB disconnect, device number 48
[  377.302669][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  377.591864][T16227] overlayfs: failed to clone upperpath
[  377.612194][T16225] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4279'.
[  377.635132][T16225] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4279'.
[  377.934189][T16238] fuse: fd is not a fuse device
[  378.349992][T16249] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.398550][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  378.405255][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  378.545341][T16249] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.647881][T16249] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.728843][T16249] netdevsim netdevsim1 netdevsim0 (unregistering): left allmulticast mode
[  378.740795][T16249] team0: Port device netdevsim0 removed
[  378.750181][T16249] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  378.821652][T16273] fuse: fd is not a fuse device
[  378.888940][   T36] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  378.905502][   T36] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  378.921403][   T36] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  378.944155][   T36] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  379.757676][T16288] fuse: fd is not a fuse device
[  380.963634][T16325] overlayfs: failed to clone upperpath
[  382.732903][   T29] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  382.897846][   T29] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  382.922157][   T29] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.942725][   T29] usb 3-1: Product: syz
[  382.950446][   T29] usb 3-1: Manufacturer: syz
[  382.960564][   T29] usb 3-1: SerialNumber: syz
[  383.173894][T16403] 9pnet: p9_errstr2errno: server reported unknown error 0x00000000
[  383.392607][   T29] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  383.404832][   T29] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  383.794104][T16412] overlayfs: failed to clone upperpath
[  383.838325][T16414] fuse: fd is not a fuse device
[  384.338111][T16431] batadv_slave_0: entered promiscuous mode
[  384.353186][T16431] netlink: 'syz.1.4367': attribute type 10 has an invalid length.
[  384.361926][T16431] netlink: 55 bytes leftover after parsing attributes in process `syz.1.4367'.
[  384.584884][T16430] batadv_slave_0: left promiscuous mode
[  384.676143][T16435] netlink: 168 bytes leftover after parsing attributes in process `syz.1.4369'.
[  384.827106][   T29] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000040. ret = -EPROTO
[  384.858507][   T29] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -EPROTO
[  384.886858][T16438] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  384.898623][   T29] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  384.922510][   T29] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  384.943615][   T29] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  384.954706][T16438] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  384.983727][   T29] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  385.012925][   T29] usb 3-1: USB disconnect, device number 49
[  385.753509][T16452] fuse: fd is not a fuse device
[  386.052687][T16463] netlink: 896 bytes leftover after parsing attributes in process `syz.0.4378'.
[  386.077002][T16463] openvswitch: netlink: Key 24 has unexpected len 2 expected 4
[  386.085546][T16463] netlink: 896 bytes leftover after parsing attributes in process `syz.0.4378'.
[  386.094719][T16463] openvswitch: netlink: Key 24 has unexpected len 2 expected 4
[  386.104222][T16463] netlink: 896 bytes leftover after parsing attributes in process `syz.0.4378'.
[  386.122557][T16463] openvswitch: netlink: Key 24 has unexpected len 2 expected 4
[  386.141873][T16463] netlink: 896 bytes leftover after parsing attributes in process `syz.0.4378'.
[  386.160317][T16463] openvswitch: netlink: Key 24 has unexpected len 2 expected 4
[  386.169210][T16463] netlink: 896 bytes leftover after parsing attributes in process `syz.0.4378'.
[  386.178994][T16463] openvswitch: netlink: Key 24 has unexpected len 2 expected 4
[  386.187618][T16463] netlink: 896 bytes leftover after parsing attributes in process `syz.0.4378'.
[  386.198056][T16463] openvswitch: netlink: Key 24 has unexpected len 2 expected 4
[  386.206581][T16463] netlink: 896 bytes leftover after parsing attributes in process `syz.0.4378'.
[  386.218518][T16463] netlink: 896 bytes leftover after parsing attributes in process `syz.0.4378'.
[  386.403939][T16470] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  386.413754][T16470] overlayfs: failed to set xattr on upper
[  386.427080][T16470] overlayfs: ...falling back to redirect_dir=nofollow.
[  386.436793][T16470] overlayfs: ...falling back to index=off.
[  386.443481][T16470] overlayfs: ...falling back to uuid=null.
[  386.454410][T16471] overlayfs: workdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  386.889202][T16485] fuse: fd is not a fuse device
[  387.339978][   T30] audit: type=1326 audit(1773695725.913:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16503 comm="syz.0.4402" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fccff99c799 code=0x0
[  387.908031][T16511] fuse: fd is not a fuse device
[  387.999246][   T51] Bluetooth: hci2: adv larger than maximum supported
[  387.999272][   T51] Bluetooth: hci2: Malformed LE Event: 0x0d
[  390.247673][T16584] fuse: fd is not a fuse device
[  390.446398][T16586] net_ratelimit: 129 callbacks suppressed
[  390.446412][T16586] openvswitch: netlink: Duplicate or invalid key (type 0).
[  390.459449][T16586] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  390.468869][T16586] openvswitch: netlink: Duplicate or invalid key (type 0).
[  390.476387][T16586] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  390.485907][T16586] openvswitch: netlink: Duplicate or invalid key (type 0).
[  390.493180][T16586] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  390.502666][T16586] openvswitch: netlink: Duplicate or invalid key (type 0).
[  390.509882][T16586] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  390.519635][T16586] openvswitch: netlink: Duplicate or invalid key (type 0).
[  390.527139][T16586] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  390.886029][T16604] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  390.893424][T16604] overlayfs: failed to set xattr on upper
[  390.899398][T16604] overlayfs: ...falling back to redirect_dir=nofollow.
[  390.906525][T16604] overlayfs: ...falling back to index=off.
[  390.912537][T16604] overlayfs: ...falling back to uuid=null.
[  390.924540][T16604] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[  391.080889][   T30] audit: type=1326 audit(1773695729.653:705): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16606 comm="syz.0.4442" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fccff99c799 code=0x0
[  391.733163][T16624] __nla_validate_parse: 33 callbacks suppressed
[  391.733182][T16624] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4439'.
[  391.857569][T16628] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4441'.
[  391.882667][T16628] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4441'.
[  393.081338][T16655] netlink: 'syz.3.4453': attribute type 11 has an invalid length.
[  393.121212][T16657] overlayfs: failed to clone upperpath
[  393.358812][   T30] audit: type=1800 audit(1773695731.933:706): pid=16666 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.4458" name="bus" dev="ramfs" ino=48241 res=0 errno=0
[  393.430986][T16671] netlink: 31 bytes leftover after parsing attributes in process `syz.1.4460'.
[  393.521566][T16673] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  393.589782][T16673] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  393.658328][T16673] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  393.858569][T16677] overlayfs: failed to clone upperpath
[  394.071267][T16683] fuse: fd is not a fuse device
[  394.138025][   T51] Bluetooth: hci1: adv larger than maximum supported
[  394.138079][   T51] Bluetooth: hci1: Malformed LE Event: 0x0d
[  394.161480][T16690] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4469'.
[  394.246602][T16694] netlink: 679 bytes leftover after parsing attributes in process `syz.3.4470'.
[  394.305037][T16697] fuse: fd is not a fuse device
[  394.319226][T16699] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  394.327824][T16699] overlayfs: failed to set xattr on upper
[  394.334180][T16699] overlayfs: ...falling back to redirect_dir=nofollow.
[  394.341613][T16699] overlayfs: ...falling back to index=off.
[  394.349669][T16699] overlayfs: ...falling back to uuid=null.
[  394.357245][T16699] overlayfs: failed to clone lowerpath
[  394.919322][T16721] tipc: Failed to remove unknown binding: 66,0,0/0:346611370/346611371
[  394.932510][T16721] tipc: Failed to remove unknown binding: 66,0,0/0:346611370/346611371
[  394.987101][T16725] fuse: fd is not a fuse device
[  395.146443][T16730] fuse: fd is not a fuse device
[  395.365222][   T30] audit: type=1326 audit(1773695733.943:707): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16735 comm="syz.3.4486" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x0
[  395.870803][T16741] fuse: fd is not a fuse device
[  395.925715][T16743] fuse: fd is not a fuse device
[  396.296224][T16763] tipc: Failed to remove unknown binding: 66,0,0/4:2684826454/2684826455
[  396.321214][T16763] tipc: Failed to remove unknown binding: 66,0,0/4:2684826454/2684826455
[  396.336751][T16766] fuse: fd is not a fuse device
[  396.847038][   T30] audit: type=1326 audit(1773695735.423:708): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16786 comm="syz.2.4507" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fae4839c799 code=0x0
[  397.692288][T16810] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4523'.
[  397.819455][T16812] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  397.832302][T16812] block device autoloading is deprecated and will be removed.
[  397.983886][T16825] netlink: 'syz.1.4520': attribute type 10 has an invalid length.
[  398.017927][T16825] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  398.141979][T16835] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4526'.
[  398.155812][T16835] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4526'.
[  398.507252][T16847] netlink: 'syz.2.4531': attribute type 83 has an invalid length.
[  398.574364][T16848] netlink: 'syz.2.4531': attribute type 83 has an invalid length.
[  399.557258][   T30] audit: type=1326 audit(1773695738.133:709): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16864 comm="syz.0.4544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fccff99c799 code=0x7fc00000
[  399.672793][   T30] audit: type=1326 audit(1773695738.133:710): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16864 comm="syz.0.4544" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fccff99c799 code=0x7fc00000
[  400.339480][T16876] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4548'.
[  400.632956][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  400.657329][T16885] fuse: fd is not a fuse device
[  401.020551][T16898] fuse: fd is not a fuse device
[  401.129398][T16900] fuse: fd is not a fuse device
[  401.789333][T16910] fuse: fd is not a fuse device
[  401.999496][T16912] fuse: fd is not a fuse device
[  402.093734][T16919] fuse: fd is not a fuse device
[  402.250504][   T30] audit: type=1326 audit(1773695740.823:711): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16926 comm="syz.3.4560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x7fc00000
[  402.281171][   T30] audit: type=1326 audit(1773695740.853:712): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16926 comm="syz.3.4560" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f12a4d9c799 code=0x7fc00000
[  402.360091][T16930] netlink: 'syz.0.4562': attribute type 11 has an invalid length.
[  402.368726][T16930] netlink: 'syz.0.4562': attribute type 11 has an invalid length.
[  402.378559][T16930] netlink: 'syz.0.4562': attribute type 11 has an invalid length.
[  402.389472][T16930] netlink: 'syz.0.4562': attribute type 11 has an invalid length.
[  402.399564][T16930] netlink: 'syz.0.4562': attribute type 11 has an invalid length.
[  402.409075][T16930] netlink: 'syz.0.4562': attribute type 11 has an invalid length.
[  402.418943][T16930] netlink: 'syz.0.4562': attribute type 11 has an invalid length.
[  402.428128][T16930] netlink: 'syz.0.4562': attribute type 11 has an invalid length.
[  402.436967][T16930] netlink: 'syz.0.4562': attribute type 11 has an invalid length.
[  402.445731][T16930] netlink: 'syz.0.4562': attribute type 11 has an invalid length.
[  402.481084][T16929] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  403.151002][T16948] fuse: fd is not a fuse device
[  403.504742][T16975] fuse: fd is not a fuse device
[  404.025956][T17004] fuse: fd is not a fuse device
[  404.092849][T17008] fuse: fd is not a fuse device
[  404.157254][T17012] fuse: fd is not a fuse device
[  404.351454][T17024] fuse: fd is not a fuse device
[  404.531412][T17026] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000
[  404.717621][T17038] netlink: 'syz.3.4610': attribute type 83 has an invalid length.
[  404.780140][T17043] netlink: 'syz.3.4610': attribute type 83 has an invalid length.
[  404.868703][T17046] overlayfs: failed to clone upperpath
[  405.567932][T17057] overlayfs: failed to clone upperpath
[  405.578582][T17059] fuse: fd is not a fuse device
[  405.724541][T17067] fuse: fd is not a fuse device
[  406.081698][T17090] overlayfs: failed to clone upperpath
[  406.120436][T17093] netlink: 'syz.2.4632': attribute type 4 has an invalid length.
[  406.311590][T17105] fuse: fd is not a fuse device
[  406.628765][T17115] overlayfs: failed to clone upperpath
[  406.999741][T17132] overlayfs: failed to clone upperpath
[  407.093213][T17135] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4651'.
[  407.103139][T17135] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4651'.
[  407.223200][T17139] netlink: 'syz.2.4653': attribute type 83 has an invalid length.
[  407.244778][T17142] fuse: fd is not a fuse device
[  407.281633][T17144] overlayfs: failed to clone upperpath
[  407.289760][T17145] netlink: 'syz.2.4653': attribute type 83 has an invalid length.
[  407.777783][   T51] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[  407.789256][   T51] CPU: 0 UID: 0 PID: 51 Comm: kworker/u9:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  407.789277][   T51] Tainted: [L]=SOFTLOCKUP
[  407.789282][   T51] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  407.789294][   T51] Workqueue: hci2 hci_rx_work
[  407.789328][   T51] Call Trace:
[  407.789336][   T51]  <TASK>
[  407.789344][   T51]  dump_stack_lvl+0xe8/0x150
[  407.789377][   T51]  sysfs_create_dir_ns+0x271/0x2a0
[  407.789403][   T51]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  407.789419][   T51]  ? do_raw_spin_unlock+0xf5/0x210
[  407.789435][   T51]  kobject_add_internal+0x62b/0xd00
[  407.789452][   T51]  kobject_add+0x163/0x240
[  407.789466][   T51]  ? __pfx_kobject_add+0x10/0x10
[  407.789478][   T51]  ? _raw_spin_unlock+0x28/0x50
[  407.789494][   T51]  ? get_device_parent+0x366/0x3a0
[  407.789513][   T51]  device_add+0x408/0xb70
[  407.789529][   T51]  hci_conn_add_sysfs+0xd5/0x210
[  407.789547][   T51]  le_conn_complete_evt+0xf1d/0x1430
[  407.789565][   T51]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  407.789577][   T51]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  407.789590][   T51]  ? __pfx___mutex_lock+0x10/0x10
[  407.789601][   T51]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  407.789610][   T51]  ? skb_pull_data+0xfb/0x200
[  407.789626][   T51]  hci_le_conn_complete_evt+0x187/0x470
[  407.789642][   T51]  hci_event_packet+0x7af/0x12c0
[  407.789660][   T51]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  407.789675][   T51]  ? __pfx_hci_event_packet+0x10/0x10
[  407.789694][   T51]  ? kcov_remote_start+0x49a/0x7a0
[  407.789708][   T51]  ? hci_send_to_monitor+0xe2/0x590
[  407.789723][   T51]  hci_rx_work+0x3ee/0x1040
[  407.789745][   T51]  ? process_one_work+0x8bb/0x1780
[  407.789760][   T51]  process_one_work+0x9ab/0x1780
[  407.789793][   T51]  ? __pfx_process_one_work+0x10/0x10
[  407.789808][   T51]  ? do_raw_spin_lock+0x12b/0x2f0
[  407.789830][   T51]  worker_thread+0xba8/0x11e0
[  407.789853][   T51]  kthread+0x388/0x470
[  407.789867][   T51]  ? __pfx_worker_thread+0x10/0x10
[  407.789882][   T51]  ? __pfx_kthread+0x10/0x10
[  407.789895][   T51]  ret_from_fork+0x51e/0xb90
[  407.789912][   T51]  ? __pfx_ret_from_fork+0x10/0x10
[  407.789926][   T51]  ? __switch_to+0xc7d/0x1450
[  407.789941][   T51]  ? __pfx_kthread+0x10/0x10
[  407.789954][   T51]  ret_from_fork_asm+0x1a/0x30
[  407.789973][   T51]  </TASK>
[  407.789998][   T51] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  408.029691][   T51] Bluetooth: hci2: failed to register connection device
[  408.410888][T17172] fuse: fd is not a fuse device
[  408.478409][T17174] overlayfs: failed to clone upperpath
[  408.657601][T17180] netlink: 'syz.1.4670': attribute type 29 has an invalid length.
[  408.682751][T17182] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4671'.
[  408.691811][T17182] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4671'.
[  408.819943][T17192] fuse: fd is not a fuse device
[  408.891819][T17196] fuse: fd is not a fuse device
[  409.418681][T17220] fuse: fd is not a fuse device
[  410.855458][T17246] fuse: fd is not a fuse device
[  411.260357][T17257] fuse: fd is not a fuse device
[  411.539940][T17276] fuse: fd is not a fuse device
[  411.750419][T17278] fuse: fd is not a fuse device
[  411.795526][T17280] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4717'.
[  411.821970][T17285] netlink: 'syz.3.4709': attribute type 29 has an invalid length.
[  411.889454][T17280] nbd: socks must be embedded in a SOCK_ITEM attr
[  411.905426][T17252] block nbd64: NBD_DISCONNECT
[  411.908113][T17289] fuse: fd is not a fuse device
[  411.919988][T17287] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4717'.
[  411.929679][T17287] nbd: device at index 64 is going down
[  412.159857][T17252] udevd[17252]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[  412.626905][T17322] fuse: fd is not a fuse device
[  412.627136][T17316] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  412.758023][T17316] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  412.813448][T17316] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  412.899319][T17316] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  412.989221][   T13] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  413.005655][   T13] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  413.021388][   T13] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  413.039689][   T13] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  413.559023][T17332] 9pnet: p9_errstr2errno: server reported unknown error 0x00000000
[  413.729401][T17345] tipc: Failed to remove unknown binding: 66,0,0/2886997007:2164842397/2164842399
[  413.740534][T17345] tipc: Failed to remove unknown binding: 66,0,0/2886997007:2164842397/2164842398
[  413.757310][T17345] tipc: Failed to remove unknown binding: 66,0,0/2886997007:2164842397/2164842399
[  413.766841][T17345] tipc: Failed to remove unknown binding: 66,0,0/2886997007:2164842397/2164842398
[  414.103956][T17362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4741'.
[  414.112988][T17362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4741'.
[  414.923707][   T30] audit: type=1326 audit(1773695753.503:713): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17371 comm="syz.3.4745" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x0
[  415.021835][T17379] fuse: fd is not a fuse device
[  415.218965][   T30] audit: type=1326 audit(1773695753.793:714): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17380 comm="syz.1.4750" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3d4119c799 code=0x0
[  415.394417][T17396] fuse: fd is not a fuse device
[  415.578566][T17405] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  415.602431][T17405] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  415.644248][T17409] fuse: fd is not a fuse device
[  415.736093][T17412] fuse: fd is not a fuse device
[  415.892510][T17420] fuse: fd is not a fuse device
[  415.966132][T17424] fuse: Bad value for 'fd'
[  416.264407][T17433] netlink: 14 bytes leftover after parsing attributes in process `syz.1.4768'.
[  416.284199][T17433] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  416.314356][T17433] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  416.340000][T17433] bond0 (unregistering): (slave wlan1): Releasing backup interface
[  416.370616][T17433] bond0 (unregistering): Released all slaves
[  416.669493][T17452] fuse: Bad value for 'fd'
[  417.706384][T17470] fuse: fd is not a fuse device
[  417.832001][T17475] batadv_slave_0: entered promiscuous mode
[  417.842982][T17475] netlink: 'syz.0.4784': attribute type 10 has an invalid length.
[  417.850890][T17475] netlink: 55 bytes leftover after parsing attributes in process `syz.0.4784'.
[  417.865718][T17474] batadv_slave_0: left promiscuous mode
[  418.029247][T17484] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4789'.
[  419.721277][   T30] audit: type=1326 audit(1773695758.293:715): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17536 comm="syz.0.4807" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fccff99c799 code=0x0
[  421.107990][T17586] overlayfs: failed to clone upperpath
[  421.129781][T17588] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4825'.
[  421.138821][T17588] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4825'.
[  422.719495][   T51] Bluetooth: hci1: unexpected event for opcode 0x0413
[  423.280118][T17656] fuse: fd is not a fuse device
[  424.218145][T17682] fuse: fd is not a fuse device
[  424.449532][   T51] Bluetooth: hci0: unexpected event for opcode 0x0413
[  424.851335][T17703] fuse: fd is not a fuse device
[  424.907971][T17707] fuse: fd is not a fuse device
[  424.929277][T17709] fuse: fd is not a fuse device
[  425.207753][T17716] could not allocate digest TFM handle cryptd(blake2b-160)
[  425.908465][T17741] fuse: fd is not a fuse device
[  425.965104][T17745] fuse: fd is not a fuse device
[  426.224576][T17761] tipc: Started in network mode
[  426.235995][T17761] tipc: Node identity ac1414aa, cluster identity 4711
[  426.251196][T17761] tipc: Enabled bearer <udp:syz2>, priority 10
[  426.286437][T17761] tipc: Enabled bearer <eth:veth0_macvtap>, priority 0
[  426.794862][   T51] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  426.805131][   T51] Bluetooth: hci1: Injecting HCI hardware error event
[  426.814201][   T51] Bluetooth: hci1: hardware error 0x00
[  427.270262][T17789] overlayfs: failed to clone upperpath
[  427.362890][ T5880] tipc: Node number set to 2886997162
[  427.714900][T17814] netlink: 104 bytes leftover after parsing attributes in process `syz.3.4911'.
[  428.358245][T17823] fuse: fd is not a fuse device
[  428.474198][ T5851] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  428.489799][ T5851] Bluetooth: hci0: Injecting HCI hardware error event
[  428.498876][ T5849] Bluetooth: hci0: hardware error 0x00
[  428.665770][T17837] fuse: fd is not a fuse device
[  428.780597][T17845] fuse: fd is not a fuse device
[  428.862556][   T24] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  428.877610][   T51] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  429.046196][   T24] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  429.055637][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.064315][   T24] usb 3-1: Product: syz
[  429.068672][   T24] usb 3-1: Manufacturer: syz
[  429.073376][   T24] usb 3-1: SerialNumber: syz
[  429.237442][T17855] overlayfs: failed to clone upperpath
[  429.492037][   T24] net_ratelimit: 167 callbacks suppressed
[  429.492054][   T24] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  429.510895][   T24] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  429.708153][T17866] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4934'.
[  429.719325][T17866] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4934'.
[  429.899980][T17871] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4936'.
[  429.912707][T17871] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4936'.
[  430.553199][ T5849] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  430.732571][   T24] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPIPE
[  430.945620][   T24] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001000. ret = -EPROTO
[  430.958251][   T24] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x0000011c. ret = -EPROTO
[  430.970293][   T24] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  430.979984][   T24] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  430.990375][   T24] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  431.006449][   T24] usb 3-1: USB disconnect, device number 50
[  431.556603][T17885] binder: 17884:17885 ioctl c0306201 200000000380 returned -14
[  431.922639][T17906] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  431.922639][T17906] The task syz.3.4950 (17906) triggered the difference, watch for misbehavior.
[  431.962437][ T5880] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  432.112496][ T5880] usb 3-1: Using ep0 maxpacket: 8
[  432.121085][ T5880] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  432.130704][ T5880] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  432.138826][ T5880] usb 3-1: Product: syz
[  432.143042][ T5880] usb 3-1: Manufacturer: syz
[  432.147637][ T5880] usb 3-1: SerialNumber: syz
[  432.158103][ T5880] usb 3-1: config 0 descriptor??
[  432.373391][ T5880] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  432.685176][T17922] netlink: 'syz.0.4955': attribute type 10 has an invalid length.
[  432.752403][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  432.890766][T17929] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4960'.
[  433.181814][T17942] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4962'.
[  433.190973][T17942] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4962'.
[  433.788012][ T5880] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  433.823442][ T5880] usb 3-1: USB disconnect, device number 51
[  433.907006][T17953] fuse: fd is not a fuse device
[  434.365298][T17959] netlink: 'syz.2.4967': attribute type 10 has an invalid length.
[  434.398500][T17959] team0: Device vxcan1 is of different type
[  435.334601][T17975] overlayfs: failed to clone upperpath
[  435.751596][T17985] netlink: 'syz.1.4978': attribute type 10 has an invalid length.
[  435.765916][T17985] team0: Device vxcan1 is of different type
[  437.011453][T18014] pimreg: entered allmulticast mode
[  437.197685][T18021] netlink: 'syz.0.4993': attribute type 10 has an invalid length.
[  437.234436][T18021] 8021q: adding VLAN 0 to HW filter on device team0
[  437.257926][T18021] bond0: (slave team0): Enslaving as an active interface with an up link
[  437.398584][T18028] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  437.419721][T18028] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  437.428501][ T5891] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  437.547761][T18034] netlink: 'syz.0.5000': attribute type 4 has an invalid length.
[  437.563091][   T30] audit: type=1326 audit(1773695776.133:716): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18035 comm="syz.3.4999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  437.586620][T18034] netlink: 'syz.0.5000': attribute type 4 has an invalid length.
[  437.604589][ T5891] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  437.614320][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.623139][   T30] audit: type=1326 audit(1773695776.143:717): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18035 comm="syz.3.4999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  437.652548][ T5891] usb 3-1: Product: syz
[  437.662144][ T5891] usb 3-1: Manufacturer: syz
[  437.673026][ T5891] usb 3-1: SerialNumber: syz
[  437.689462][   T30] audit: type=1326 audit(1773695776.173:718): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18035 comm="syz.3.4999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  437.742660][   T30] audit: type=1326 audit(1773695776.173:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18035 comm="syz.3.4999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  437.765275][   T30] audit: type=1326 audit(1773695776.173:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18035 comm="syz.3.4999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  437.796162][   T30] audit: type=1326 audit(1773695776.173:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18035 comm="syz.3.4999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  437.819969][   T30] audit: type=1326 audit(1773695776.173:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18035 comm="syz.3.4999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  437.857162][T18040] pimreg: entered allmulticast mode
[  437.875246][   T30] audit: type=1326 audit(1773695776.173:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18035 comm="syz.3.4999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  437.904774][   T30] audit: type=1326 audit(1773695776.193:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18035 comm="syz.3.4999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  437.930016][   T30] audit: type=1326 audit(1773695776.193:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18035 comm="syz.3.4999" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f12a4d9c799 code=0x7ffc0000
[  437.965459][T18044] fuse: fd is not a fuse device
[  438.020065][T18048] fuse: fd is not a fuse device
[  438.105946][ T5891] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPIPE
[  438.118038][ T5891] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPIPE
[  439.059688][T18071] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5015'.
[  439.363940][T18090] netlink: 4 bytes leftover after parsing attributes in process `syz.3.5020'.
[  439.828944][T18092] netlink: 'syz.1.5022': attribute type 4 has an invalid length.
[  439.841560][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  439.847240][T18092] netlink: 'syz.1.5022': attribute type 4 has an invalid length.
[  439.848027][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  440.118870][ T5891] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000080. ret = -EPROTO
[  440.150935][ T5891] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  440.167145][ T5891] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  440.185395][ T5891] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  440.201785][ T5891] usb 3-1: USB disconnect, device number 52
[  440.397003][T18105] fuse: fd is not a fuse device
[  440.900343][T18123] fuse: fd is not a fuse device
[  441.943749][T18161] fuse: Bad value for 'group_id'
[  441.958886][T18161] fuse: Bad value for 'group_id'
[  442.115606][T18171] overlayfs: failed to clone upperpath
[  442.333456][T18177] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000
[  443.603544][T18224] netlink: 'syz.3.5077': attribute type 11 has an invalid length.
[  443.720202][T18230] overlayfs: failed to clone upperpath
[  444.076618][T18243] netlink: 'syz.0.5086': attribute type 4 has an invalid length.
[  444.460219][T18256] overlayfs: failed to clone upperpath
[  445.578449][T18272] fuse: fd is not a fuse device
[  446.389534][T18293] overlayfs: failed to clone upperpath
[  446.784218][T18301] fuse: fd is not a fuse device
[  447.326685][T18328] fuse: fd is not a fuse device
[  447.646162][   T30] kauditd_printk_skb: 19 callbacks suppressed
[  447.646187][   T30] audit: type=1804 audit(1773695786.223:745): pid=18345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.5124" name="bus" dev="ramfs" ino=54039 res=1 errno=0
[  447.674103][   T30] audit: type=1804 audit(1773695786.253:746): pid=18345 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.5124" name="bus" dev="ramfs" ino=54039 res=1 errno=0
[  448.491874][T18358] fuse: fd is not a fuse device
[  449.821670][T18384] fuse: fd is not a fuse device
[  449.990369][T18392] netlink: 14 bytes leftover after parsing attributes in process `syz.3.5140'.
[  450.012528][T18392] team0: Port device team_slave_0 removed
[  450.339374][T18406] netlink: 'syz.0.5147': attribute type 29 has an invalid length.
[  450.359649][T18406] netlink: 'syz.0.5147': attribute type 29 has an invalid length.
[  450.372046][T18406] netlink: 500 bytes leftover after parsing attributes in process `syz.0.5147'.
[  450.586067][T18420] netlink: 14 bytes leftover after parsing attributes in process `syz.0.5153'.
[  450.608237][T18420] team0: Port device team_slave_0 removed
[  451.170898][T18438] netlink: 'syz.1.5160': attribute type 29 has an invalid length.
[  451.181128][T18438] netlink: 'syz.1.5160': attribute type 29 has an invalid length.
[  451.193465][T18438] netlink: 500 bytes leftover after parsing attributes in process `syz.1.5160'.
[  452.283990][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  452.292742][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[  452.301468][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  452.310149][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  452.393003][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  454.330929][T18501] netlink: 14 bytes leftover after parsing attributes in process `syz.2.5180'.
[  454.972445][ T5880] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  455.134800][ T5880] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  455.149513][ T5880] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  455.181502][ T5880] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  455.206988][ T5880] usb 3-1: config 0 descriptor??
[  455.230091][ T5880] pwc: Askey VC010 type 2 USB webcam detected.
[  455.235033][ T5849] Bluetooth: hci3: Malformed Event: 0x02
[  455.351129][T18540] netlink: 14 bytes leftover after parsing attributes in process `syz.3.5197'.
[  455.517846][T18547] fuse: fd is not a fuse device
[  455.631991][ T5880] pwc: recv_control_msg error -32 req 02 val 2b00
[  455.647718][ T5880] pwc: recv_control_msg error -32 req 02 val 2700
[  455.665582][ T5880] pwc: recv_control_msg error -32 req 02 val 2c00
[  455.683007][ T5880] pwc: recv_control_msg error -32 req 04 val 1000
[  455.698944][ T5880] pwc: recv_control_msg error -32 req 04 val 1300
[  455.706293][ T5880] pwc: recv_control_msg error -32 req 04 val 1400
[  455.713302][ T5880] pwc: recv_control_msg error -32 req 02 val 2000
[  455.720286][ T5880] pwc: recv_control_msg error -32 req 02 val 2100
[  455.730379][ T5880] pwc: recv_control_msg error -32 req 04 val 1500
[  455.737959][ T5880] pwc: recv_control_msg error -32 req 02 val 2500
[  455.745676][ T5880] pwc: recv_control_msg error -32 req 02 val 2400
[  455.954863][ T5880] pwc: recv_control_msg error -71 req 02 val 2900
[  455.961779][ T5880] pwc: recv_control_msg error -71 req 02 val 2800
[  455.969221][ T5880] pwc: recv_control_msg error -71 req 04 val 1100
[  455.976137][ T5880] pwc: recv_control_msg error -71 req 04 val 1200
[  455.985548][ T5880] pwc: Registered as video103.
[  455.992654][ T5880] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input17
[  456.018679][ T5880] usb 3-1: USB disconnect, device number 53
[  562.722493][    C1] ------------[ cut here ]------------
[  562.728978][    C1] 1
[  562.728995][    C1] WARNING: kernel/rcu/tree_stall.h:1049 at rcu_check_gp_start_stall+0x2e4/0x470, CPU#1: syz.0.5211/18561
[  562.742602][    C1] Modules linked in:
[  562.747057][    C1] CPU: 1 UID: 0 PID: 18561 Comm: syz.0.5211 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  562.757997][    C1] Tainted: [L]=SOFTLOCKUP
[  562.762294][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  562.772326][    C1] RIP: 0010:rcu_check_gp_start_stall+0x2e4/0x470
[  562.778636][    C1] Code: ff ff 48 c7 c7 e0 74 73 9a be 04 00 00 00 e8 53 d1 83 00 4c 89 f7 b8 01 00 00 00 87 05 e5 d6 c6 18 85 c0 0f 85 17 ff ff ff 90 <0f> 0b 90 48 81 ff 80 31 b6 8e 74 47 48 c7 c0 e0 74 54 90 48 c1 e8
[  562.798214][    C1] RSP: 0018:ffffc90000a08d98 EFLAGS: 00010046
[  562.804254][    C1] RAX: 0000000000000000 RBX: 0000000000000246 RCX: ffffffff81ac9ded
[  562.812209][    C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8eb63180
[  562.820154][    C1] RBP: ffffc90000a08f18 R08: 0000000000000003 R09: 0000000000000004
[  562.828100][    C1] R10: dffffc0000000000 R11: fffffbfff34e6e9c R12: 0000000000002904
[  562.836047][    C1] R13: dffffc0000000000 R14: ffffffff8eb63180 R15: dffffc0000000000
[  562.843993][    C1] FS:  00007fcd008096c0(0000) GS:ffff888124ee2000(0000) knlGS:0000000000000000
[  562.852913][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  562.859486][    C1] CR2: 00007fae4844eddd CR3: 00000000356fa000 CR4: 00000000003526f0
[  562.867431][    C1] DR0: 0000000000000008 DR1: 0000000000000002 DR2: 0000000000000081
[  562.875378][    C1] DR3: ffffffffefffff14 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  562.883353][    C1] Call Trace:
[  562.886608][    C1]  <IRQ>
[  562.889428][    C1]  rcu_core+0x3fe/0x1070
[  562.893651][    C1]  ? sched_clock+0x3f/0x60
[  562.898065][    C1]  ? sched_clock_cpu+0x74/0x440
[  562.902893][    C1]  ? ktime_get+0x45/0x220
[  562.907202][    C1]  ? __pfx_sched_clock_cpu+0x10/0x10
[  562.912466][    C1]  ? __pfx_rcu_core+0x10/0x10
[  562.917126][    C1]  handle_softirqs+0x22a/0x870
[  562.921869][    C1]  ? __irq_exit_rcu+0xca/0x220
[  562.926612][    C1]  __irq_exit_rcu+0xca/0x220
[  562.931202][    C1]  irq_exit_rcu+0x9/0x30
[  562.935421][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  562.941070][    C1]  </IRQ>
[  562.943999][    C1]  <TASK>
[  562.946924][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  562.952879][    C1] RIP: 0010:do_syscall_64+0xa8/0xf80
[  562.958136][    C1] Code: 00 48 8b 7d 08 48 89 7b 08 e8 a4 83 00 00 0f 1f 44 00 00 0f 1f 44 00 00 90 e8 f4 3f 10 f6 90 90 e8 9d 3f 10 f6 fb 4d 8b 6f 08 <41> f6 c5 bf 74 7b 41 f6 c5 20 74 12 4c 89 f7 e8 64 31 f1 f5 41 bc
[  562.977719][    C1] RSP: 0018:ffffc9000201fef0 EFLAGS: 00000202
[  562.983767][    C1] RAX: 0000000004f8a443 RBX: ffffc9000201fef0 RCX: 0000000000000046
[  562.991722][    C1] RDX: 0000000000000000 RSI: ffffffff8e257836 RDI: ffffffff8c4a6280
[  562.999695][    C1] RBP: ffffc9000201ff38 R08: ffffffff905441f7 R09: 1ffffffff20a883e
[  563.007640][    C1] R10: dffffc0000000000 R11: fffffbfff20a883f R12: 000000000000000f
[  563.015583][    C1] R13: 0000000000000000 R14: ffffc9000201ff48 R15: ffff88807b9abd00
[  563.023537][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.029576][    C1]  ? clear_bhb_loop+0x40/0x90
[  563.034227][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.040092][    C1] RIP: 0033:0x7fccff93db19
[  563.044500][    C1] Code: 11 06 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 0c 25
[  563.064078][    C1] RSP: 002b:00007fcd00808a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  563.072463][    C1] RAX: ffffffffffffffda RBX: 00007fccffc15fa0 RCX: 00007fccff93db19
[  563.080408][    C1] RDX: 00007fcd00808a80 RSI: 00007fcd00808bb0 RDI: 0000000000000021
[  563.088351][    C1] RBP: 00007fccffa32c99 R08: 0000000000000000 R09: 0000000000000000
[  563.096298][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  563.104242][    C1] R13: 00007fccffc16038 R14: 00007fccffc15fa0 R15: 00007ffc43230628
[  563.112197][    C1]  </TASK>
[  563.115205][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  563.122495][    C1] CPU: 1 UID: 0 PID: 18561 Comm: syz.0.5211 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  563.133397][    C1] Tainted: [L]=SOFTLOCKUP
[  563.137691][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  563.147755][    C1] Call Trace:
[  563.151020][    C1]  <IRQ>
[  563.153840][    C1]  vpanic+0x56c/0xa60
[  563.157800][    C1]  ? __pfx__printk+0x10/0x10
[  563.162364][    C1]  ? __pfx_vpanic+0x10/0x10
[  563.166837][    C1]  ? is_bpf_text_address+0x292/0x2b0
[  563.172100][    C1]  ? is_bpf_text_address+0x26/0x2b0
[  563.177278][    C1]  panic+0xc5/0xd0
[  563.181016][    C1]  ? __pfx_panic+0x10/0x10
[  563.185423][    C1]  __warn+0x315/0x4f0
[  563.189409][    C1]  ? rcu_check_gp_start_stall+0x2e4/0x470
[  563.195130][    C1]  ? rcu_check_gp_start_stall+0x2e4/0x470
[  563.200827][    C1]  __report_bug+0x29a/0x540
[  563.205316][    C1]  ? rcu_check_gp_start_stall+0x2e4/0x470
[  563.211038][    C1]  ? __pfx___report_bug+0x10/0x10
[  563.216041][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[  563.220958][    C1]  ? __lock_acquire+0x6b5/0x2cf0
[  563.225874][    C1]  ? rcu_check_gp_start_stall+0x2e4/0x470
[  563.231569][    C1]  report_bug+0x16a/0x220
[  563.235912][    C1]  ? rcu_check_gp_start_stall+0x2e4/0x470
[  563.241606][    C1]  ? rcu_check_gp_start_stall+0x2e6/0x470
[  563.247301][    C1]  handle_bug+0x9c/0x200
[  563.251519][    C1]  exc_invalid_op+0x1a/0x50
[  563.255995][    C1]  asm_exc_invalid_op+0x1a/0x20
[  563.260818][    C1] RIP: 0010:rcu_check_gp_start_stall+0x2e4/0x470
[  563.267137][    C1] Code: ff ff 48 c7 c7 e0 74 73 9a be 04 00 00 00 e8 53 d1 83 00 4c 89 f7 b8 01 00 00 00 87 05 e5 d6 c6 18 85 c0 0f 85 17 ff ff ff 90 <0f> 0b 90 48 81 ff 80 31 b6 8e 74 47 48 c7 c0 e0 74 54 90 48 c1 e8
[  563.286719][    C1] RSP: 0018:ffffc90000a08d98 EFLAGS: 00010046
[  563.292761][    C1] RAX: 0000000000000000 RBX: 0000000000000246 RCX: ffffffff81ac9ded
[  563.300706][    C1] RDX: 0000000000000001 RSI: 0000000000000004 RDI: ffffffff8eb63180
[  563.308656][    C1] RBP: ffffc90000a08f18 R08: 0000000000000003 R09: 0000000000000004
[  563.316599][    C1] R10: dffffc0000000000 R11: fffffbfff34e6e9c R12: 0000000000002904
[  563.324575][    C1] R13: dffffc0000000000 R14: ffffffff8eb63180 R15: dffffc0000000000
[  563.332532][    C1]  ? rcu_check_gp_start_stall+0x2cd/0x470
[  563.338403][    C1]  ? rcu_check_gp_start_stall+0x2cd/0x470
[  563.344099][    C1]  rcu_core+0x3fe/0x1070
[  563.348327][    C1]  ? sched_clock+0x3f/0x60
[  563.352722][    C1]  ? sched_clock_cpu+0x74/0x440
[  563.357551][    C1]  ? ktime_get+0x45/0x220
[  563.361858][    C1]  ? __pfx_sched_clock_cpu+0x10/0x10
[  563.367119][    C1]  ? __pfx_rcu_core+0x10/0x10
[  563.371793][    C1]  handle_softirqs+0x22a/0x870
[  563.376538][    C1]  ? __irq_exit_rcu+0xca/0x220
[  563.381285][    C1]  __irq_exit_rcu+0xca/0x220
[  563.385883][    C1]  irq_exit_rcu+0x9/0x30
[  563.390103][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  563.395716][    C1]  </IRQ>
[  563.398622][    C1]  <TASK>
[  563.401552][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  563.407504][    C1] RIP: 0010:do_syscall_64+0xa8/0xf80
[  563.412776][    C1] Code: 00 48 8b 7d 08 48 89 7b 08 e8 a4 83 00 00 0f 1f 44 00 00 0f 1f 44 00 00 90 e8 f4 3f 10 f6 90 90 e8 9d 3f 10 f6 fb 4d 8b 6f 08 <41> f6 c5 bf 74 7b 41 f6 c5 20 74 12 4c 89 f7 e8 64 31 f1 f5 41 bc
[  563.432354][    C1] RSP: 0018:ffffc9000201fef0 EFLAGS: 00000202
[  563.438395][    C1] RAX: 0000000004f8a443 RBX: ffffc9000201fef0 RCX: 0000000000000046
[  563.446340][    C1] RDX: 0000000000000000 RSI: ffffffff8e257836 RDI: ffffffff8c4a6280
[  563.454285][    C1] RBP: ffffc9000201ff38 R08: ffffffff905441f7 R09: 1ffffffff20a883e
[  563.462268][    C1] R10: dffffc0000000000 R11: fffffbfff20a883f R12: 000000000000000f
[  563.470237][    C1] R13: 0000000000000000 R14: ffffc9000201ff48 R15: ffff88807b9abd00
[  563.478191][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.484261][    C1]  ? clear_bhb_loop+0x40/0x90
[  563.488916][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  563.494783][    C1] RIP: 0033:0x7fccff93db19
[  563.499174][    C1] Code: 11 06 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 0c 25
[  563.518752][    C1] RSP: 002b:00007fcd00808a80 EFLAGS: 00000202 ORIG_RAX: 000000000000000f
[  563.527139][    C1] RAX: ffffffffffffffda RBX: 00007fccffc15fa0 RCX: 00007fccff93db19
[  563.535086][    C1] RDX: 00007fcd00808a80 RSI: 00007fcd00808bb0 RDI: 0000000000000021
[  563.543052][    C1] RBP: 00007fccffa32c99 R08: 0000000000000000 R09: 0000000000000000
[  563.551016][    C1] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000
[  563.558962][    C1] R13: 00007fccffc16038 R14: 00007fccffc15fa0 R15: 00007ffc43230628
[  563.566917][    C1]  </TASK>
[  564.636489][    C1] Shutting down cpus with NMI
[  564.641454][    C1] Kernel Offset: disabled
[  564.645770][    C1] Rebooting in 86400 seconds..