last executing test programs:

28.054067785s ago: executing program 3 (id=2754):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040))
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000000)={'wg2\x00'})
socket(0x10, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x4780, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd', @ANYRESHEX=r1, @ANYBLOB, @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x8, 0x6, &(0x7f0000006680))
umount2(&(0x7f00000002c0)='./file0\x00', 0xb)
syz_open_dev$video(&(0x7f0000000000), 0x8, 0x20202)
syz_open_dev$audion(&(0x7f0000000040), 0x1ff, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x80000000, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x76, 0x101a01)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1cf)
r2 = creat(&(0x7f00000002c0)='./file1\x00', 0x40)
ioctl$sock_proto_private(r2, 0x89e5, &(0x7f0000000300)="6218633c30a215e8f12b4d06")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)

27.531391269s ago: executing program 3 (id=2755):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000529000/0x2000)=nil, 0x2000, 0x16)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000040)=0xa0000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0x439, 0x70bd40, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x9801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x71516}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0xe68e}]}, 0x48}, 0x1, 0x0, 0x0, 0x24000007}, 0x0)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0x50483, 0x21401}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @local}, @IFLA_IPTUN_LINK={0x8, 0x1, r6}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20048044}, 0x24000000)
r7 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r7)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
sendmsg$nl_route(r0, 0x0, 0x24040040)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

26.6542519s ago: executing program 2 (id=2756):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0x75, 0x109301)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x6f, 0x0, 0x9, 0x0, 0xe999, 0xfa11, 0xffffffff}, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000500), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
write$binfmt_misc(r2, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c527d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}})
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000001c0)={r5, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r4, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000000040)={&(0x7f0000000300)=[0x0, 0x0, 0x0], &(0x7f0000000040), 0x3, r6, 0xcccccccc})
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16)
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], 0x0, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
r7 = gettid()
kcmp$KCMP_EPOLL_TFD(0x0, r7, 0x7, 0xffffffffffffffff, 0x0)

26.415672136s ago: executing program 1 (id=2758):
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x13)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x24, r1, 0x1, 0x4070bd28, 0x1, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x24}}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000001100010025bd7000ffdbdf2500000000", @ANYRES32=r3], 0x20}}, 0x8080)

26.136901655s ago: executing program 1 (id=2760):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000580)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0xbc3d, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r4 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
openat(r1, &(0x7f0000000100)='./file1\x00', 0x10d443, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
r5 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r5)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f0000000080)="13", 0x1, 0xfffffffffffffffd)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r4, 0x0, 0x0)
unshare(0xe060400)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc1105518, 0x0)

25.938170789s ago: executing program 2 (id=2761):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0}, 0x1, 0x0, 0x0, 0x51}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000003c0)=@newqdisc={0x138, 0x24, 0xd0f, 0x200000, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x6}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x108, 0x2, [@TCA_GRED_STAB={0x104, 0x2, "abcc61b4e508c02286f1bafc7a22c407a52b0e13291c865d493f15736245f220cd4e40006df455836aa3bd3aaa2c9b95578719c46f89e01798d28b6d63cf7465ea95bd97b018b7afaccdcb28bb42d677b73c44e790f0875fb4b795ca95b7dd712d2c5d69945535f92f74a71236743acd06103cd77bd07f2df5989ee40e409b077cc85e96554beb53c986a216051bd5979a8cfcfe9f98be58ffcf44f6cfda8579dbaedceee578bfd1fb554b6e185e9315425ef0a3fc69d17ede93fc7c46357990f7acfdb8216ea52f604b9f12033688caa4b04adecfc926b3f6ca25bcb5432905e3f30ccbf10cf0f2d00858ba2bbd2702b8d4a7a7c744fbaa2fa35b1c586020d6"}]}}]}, 0x138}, 0x1, 0x0, 0x0, 0x845}, 0x24008004)

25.865104996s ago: executing program 3 (id=2762):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
close(r3)
socket$unix(0x1, 0x2, 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000500)=@xdp={0x2c, 0x0, r2, 0xc}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000180)="2703", 0x2}], 0x1}, 0x4)

25.788908732s ago: executing program 2 (id=2763):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000900)=ANY=[], 0xfc}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="c40000001900674c2cbd70000000000000000000000000000000000000000000ac1eff0100000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0100000000000000000000000000000000000020000000000000000000000000000000000000000000008000000000000000000000000000fcffffffffffffff0000000000000000b0ac00000000000000000000000000000000000000000000000400000000000000000002000000000a00100001"], 0xc4}}, 0x4c050)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003082f00fe88a43de1a400000000000000007d01ff020000000000000000000000000001"], 0xfdef)

24.344414959s ago: executing program 1 (id=2765):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000240)={0x38, 0x9, 0x8, 0x8001, 0x0, 0x4, 0x6, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$SNDCTL_SEQ_OUTOFBAND(0xffffffffffffffff, 0x40085112, 0x0)
timerfd_create(0x0, 0x0)
clock_adjtime(0x0, 0x0)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x2f)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmmsg$sock(r3, &(0x7f00000044c0), 0x4000000000001c0, 0x0)
ioctl$PTP_EXTTS_REQUEST2(0xffffffffffffffff, 0x40603d10, 0x0)
recvfrom(r4, &(0x7f0000000040)=""/60, 0x3c, 0x40, 0x0, 0x0)
r5 = ioctl$KVM_CREATE_GUEST_MEMFD(r0, 0xc040aed4, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r0, 0x40a0ae49, &(0x7f0000000180)={0x4, 0x4, 0x6000, 0xa7000, &(0x7f0000ffc000/0x2000)=nil, 0x0, r5})
r6 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_PRE_FAULT_MEMORY(r6, 0xc040aed5, &(0x7f00000000c0)={0xd000, 0x522ca32015d0bed2})
ioctl$KVM_GET_XSAVE(r6, 0x9000aea4, 0x0)
ioctl$XFS_IOC_PATH_TO_FSHANDLE(0xffffffffffffffff, 0xc0385868, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)

22.906356138s ago: executing program 1 (id=2767):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x10b701)
ioctl$USBDEVFS_CLAIM_PORT(r2, 0x80045518, &(0x7f0000000040)=0x1)
syz_emit_ethernet(0x46, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
setgroups(0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r6, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000240)={0x1, 0x1, 0x0, &(0x7f0000000200)=""/51, 0x0, 0x8000000})
dup(0xffffffffffffffff)
ioctl$VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f00000001c0)=0x304008000)
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000005e00010028bd7000fedbdf2500000000", @ANYRES32=r1, @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x400}, 0x20040840)

22.416789818s ago: executing program 0 (id=2768):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x8, 0x0, 0x8}, 0x0, 0x0, 0x1, 0x0, 0x1}, {{@in6=@mcast2, 0x2, 0x6c}, 0xa, @in=@empty, 0x0, 0x5, 0x0, 0xb7}}, 0xe8)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)

22.157931112s ago: executing program 0 (id=2769):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040))
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000000)={'wg2\x00'})
socket(0x10, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x4780, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', 0x0, 0x80, &(0x7f0000002140)=ANY=[])
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x8, 0x6, &(0x7f0000006680))
umount2(&(0x7f00000002c0)='./file0\x00', 0xb)
syz_open_dev$video(&(0x7f0000000000), 0x8, 0x20202)
syz_open_dev$audion(&(0x7f0000000040), 0x1ff, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x80000000, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x76, 0x101a01)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1341, 0x0)

21.999699993s ago: executing program 0 (id=2770):
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x13)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)={0x24, r1, 0x1, 0x4070bd28, 0x1, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}]}, 0x24}}, 0x18)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f00000001c0)={'batadv_slave_0\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="200000001100010025bd7000ffdbdf2500000000", @ANYRES32=r3], 0x20}}, 0x8080)

21.407703995s ago: executing program 3 (id=2771):
r0 = syz_open_dev$usbfs(&(0x7f0000000240), 0x75, 0x109301)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x6f, 0x0, 0x9, 0x0, 0xe999, 0xfa11, 0xffffffff}, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
r3 = syz_open_dev$dri(&(0x7f0000000500), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
write$binfmt_misc(r2, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r1, 0x4c0a, &(0x7f00000002c0)={r2, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c527d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}})
openat$binfmt(0xffffffffffffff9c, 0x0, 0x41, 0x1ff)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
r4 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r4, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r4, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000100)=[<r5=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r4, 0xc02064b6, &(0x7f00000001c0)={r5, <r6=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r4, 0xc01064c8, &(0x7f0000000280)={0x1, 0x0, &(0x7f0000000200)=[0x0]})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r4, 0xc02064b9, &(0x7f0000000040)={&(0x7f0000000300)=[0x0, 0x0, 0x0], &(0x7f0000000040), 0x3, r6, 0xcccccccc})
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
madvise(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x16)
move_pages(0x0, 0x1, &(0x7f0000000040)=[&(0x7f0000ff9000/0x2000)=nil], 0x0, 0x0, 0x0)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r0, 0x8108551b, &(0x7f0000002600)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded22c87eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"})
r7 = gettid()
kcmp$KCMP_EPOLL_TFD(0x0, r7, 0x7, 0xffffffffffffffff, 0x0)

21.258597478s ago: executing program 0 (id=2773):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000529000/0x2000)=nil, 0x2000, 0x16)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000040)=0xa0000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0x439, 0x70bd40, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x9801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x71516}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0xe68e}]}, 0x48}, 0x1, 0x0, 0x0, 0x24000007}, 0x0)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0x50483, 0x21401}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @local}, @IFLA_IPTUN_LINK={0x8, 0x1, r6}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20048044}, 0x24000000)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
sendmsg$nl_route(r0, 0x0, 0x24040040)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

21.199848387s ago: executing program 2 (id=2774):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
fcntl$setstatus(r0, 0x4, 0xc00)
read$char_usb(r0, &(0x7f00000000c0)=""/30, 0x1e)
read$char_usb(r0, &(0x7f00000001c0)=""/185, 0xb9)

21.036161567s ago: executing program 3 (id=2775):
openat$udambuf(0xffffffffffffff9c, 0x0, 0x2)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc0000000109021b0001000000000904000001a7a00f00090582de", @ANYRESDEC], 0x0)
sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newlink={0x4c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0x2a240}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_LINK={0x8, 0x1, 0x4}, @IFLA_XFRM_IF_ID={0x8, 0x2, 0x1}]}}}, @IFLA_LINK={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x24008000}, 0x800)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040), 0x100, 0x0)
ioctl$KVM_SET_TSC_KHZ_cpu(r2, 0xaea2, 0x1)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000004c0)={0x26, 'aead\x00', 0x0, 0x0, 'rfc4543(gcm(aes))\x00'}, 0x58)
bind$alg(r3, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(generic-gcm-aesni)\x00'}, 0x58)

20.961041024s ago: executing program 1 (id=2776):
syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000580)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0xbc3d, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
openat(r0, &(0x7f0000000100)='./file1\x00', 0x10d443, 0x1ff)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
close(0xffffffffffffffff)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0)
r3 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
keyctl$read(0xb, r3, &(0x7f0000000240)=""/112, 0x349b7f55)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab?P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb8\x10\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\x03\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7vC\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})

19.625147811s ago: executing program 0 (id=2778):
r0 = epoll_create1(0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = epoll_create1(0x0)
r3 = fcntl$dupfd(r2, 0x0, r1)
r4 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r2, &(0x7f0000000000)={0x20000002})
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f0000000040)={0x20000001})
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r0, &(0x7f0000000080))

19.546634026s ago: executing program 4 (id=2779):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000040))
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000000)={'wg2\x00'})
socket(0x10, 0x3, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100), 0x4780, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000), 0x20001, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000002140)=ANY=[@ANYBLOB='fd', @ANYRESHEX=r1, @ANYBLOB=',rootmode=0000000', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x8, 0x6, &(0x7f0000006680))
umount2(&(0x7f00000002c0)='./file0\x00', 0xb)
syz_open_dev$video(&(0x7f0000000000), 0x8, 0x20202)
syz_open_dev$audion(&(0x7f0000000040), 0x1ff, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x80000000, 0x0)
syz_open_dev$usbfs(&(0x7f0000000040), 0x76, 0x101a01)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0, 0x1cf)
r2 = creat(&(0x7f00000002c0)='./file1\x00', 0x40)
ioctl$sock_proto_private(r2, 0x89e5, &(0x7f0000000300)="6218633c30a215e8f12b4d06")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)

19.323875426s ago: executing program 0 (id=2780):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x803, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000001c0)={0x68b, <r1=>0x0}, 0x8)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
getsockopt$XDP_STATISTICS(0xffffffffffffffff, 0x11b, 0x7, 0x0, &(0x7f00000000c0))
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r3 = memfd_create(&(0x7f00000025c0)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1cs1F59\xcdR\xc1\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9b\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa\xe7\xd6\xa3', 0x6)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r3, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
userfaultfd(0x801)
r5 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendmmsg$inet6(r5, 0x0, 0x0, 0x20000800)
shutdown(r5, 0x1)
r6 = getpid()
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2)
ptrace$getregs(0xc, r6, 0x6, &(0x7f00000004c0)=""/243)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x35}, 0x94)

19.240704581s ago: executing program 4 (id=2781):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
close(r3)
socket$unix(0x1, 0x2, 0x0)
fcntl$setstatus(r0, 0x4, 0x2000)
r4 = socket$kcm(0x11, 0x3, 0x0)
sendmsg$kcm(r4, &(0x7f00000000c0)={&(0x7f0000000500)=@xdp={0x2c, 0x0, r2, 0xc}, 0x80, &(0x7f0000000340)=[{&(0x7f0000000180)="2703", 0x2}], 0x1}, 0x4)

19.118900479s ago: executing program 1 (id=2782):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x8e40, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff5644d, 0x70b923, 0x7fffe, {0x0, 0x0, 0x0, r6, {}, {0xb, 0xb}, {0xf, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x808, 0x205, 0x1, 0xc}, 0xb, 0x0, 0x32, 0x5, 0xa, 0x2, 0x9, 0xd, 0x1, 0x1, {0xffff1c72, 0x23, 0x7, 0xc, 0xfffffffe, 0x7583}}}}]}, 0x78}}, 0x8000)
sendto$packet(r3, &(0x7f0000000240)="bad33075218151db00316f3a277f953286ddd1dc9119f992e83de525e4a40e81692d09dc6b6b0ef1", 0x5ea, 0x2000041, &(0x7f0000000080)={0x11, 0x88a8, 0x0, 0x1, 0xda, 0x6, @remote}, 0x14)

18.991933636s ago: executing program 4 (id=2783):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000780)=ANY=[@ANYBLOB="12010000cf8bed20d90f25004029000000010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x24, &(0x7f0000000700)=ANY=[@ANYBLOB="201109"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000200)={0x1, 0x6, 0x2, &(0x7f0000000040)={0x12, "cc9efc7ddb01702fa9a7ff7d040b00000000000700"}})

18.889067317s ago: executing program 3 (id=2784):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000900)=ANY=[], 0xfc}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="c40000001900674c2cbd70000000000000000000000000000000000000000000ac1eff0100000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0100000000000000000000000000000000000020000000000000000000000000000000000000000000008000000000000000000000000000fcffffffffffffff0000000000000000b0ac00000000000000000000000000000000000000000000000400000000000000000002000000000a00100001"], 0xc4}}, 0x4c050)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003082f00fe88a43de1a400000000000000007d01ff020000000000000000000000000001"], 0xfdef)

17.955890287s ago: executing program 2 (id=2785):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000019100)='net/udp6\x00')
r2 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
waitid(0x0, r2, 0x0, 0xb, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000080)={0x5, 0x7})
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565b, &(0x7f0000000000)={0x6})
r3 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet(r3, &(0x7f0000006d40)=[{{&(0x7f0000000100)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000180)=[{&(0x7f0000000140)='j', 0x1}], 0x1}}, {{&(0x7f0000000840)={0x2, 0x4e20, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000002a00)=[{&(0x7f0000000880)='*', 0x1}], 0x1}}], 0x2, 0x48000)

17.684547237s ago: executing program 2 (id=2786):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x10b701)
ioctl$USBDEVFS_CLAIM_PORT(r2, 0x80045518, &(0x7f0000000040)=0x1)
syz_emit_ethernet(0x46, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
setgroups(0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r6, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000240)={0x1, 0x1, 0x0, &(0x7f0000000200)=""/51, 0x0, 0x8000000})
dup(0xffffffffffffffff)
ioctl$VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f00000001c0)=0x304008000)
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000005e00010028bd7000fedbdf2500000000", @ANYRES32=r1, @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x400}, 0x20040840)

17.268063622s ago: executing program 4 (id=2787):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha384\x00'}, 0x58)
r1 = timerfd_create(0x0, 0x0)
timerfd_settime(r1, 0x3, &(0x7f0000000100)={{}, {0x0, 0x989680}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000a40)=ANY=[@ANYBLOB], 0x74}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840)
r3 = socket$kcm(0xa, 0x922000000003, 0x11)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000004f40)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x54}}, 0x0)
sendmsg$kcm(r3, &(0x7f0000000000)={&(0x7f0000000500)=@l2tp6={0xa, 0x0, 0x3, @loopback, 0x1, 0xfffffffe}, 0x80, 0x0}, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
recvmsg(0xffffffffffffffff, 0x0, 0x0)

17.067519375s ago: executing program 4 (id=2788):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[], 0x50)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
r1 = socket(0x23, 0x6, 0x1000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x0, &(0x7f0000000040)})
ioctl$sock_FIOGETOWN(r2, 0x8903, 0x0)
sched_setattr(0x0, &(0x7f0000000180)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x100000001, 0xffffffff, 0x108, 0x65aa}, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
symlink(&(0x7f0000000000)='.\x00', &(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000940)={0x84, &(0x7f0000000380)={0x0, 0x10, 0xd, "5e6424818327b2369deca65eb2"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r4, &(0x7f0000000100)=[{&(0x7f00000000c0)='4', 0x1}], 0x1)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f00000037c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@ipv6_deladdrlabel={0x38, 0x48, 0x301, 0x70bd2d, 0x25dfdbfc, {0xa, 0x0, 0x80, 0x0, 0x0, 0x5}, [@IFAL_ADDRESS={0x14, 0x1, @loopback}, @IFAL_LABEL={0x8, 0x2, 0x9}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000881}, 0x44040)
recvfrom$rxrpc(r1, &(0x7f00000003c0)=""/92, 0x5c, 0x100, &(0x7f0000000140)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e24, @local}}, 0x24)
write$sysctl(r4, &(0x7f0000000180)='4\x00', 0x2)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f00000002c0)={0x84, &(0x7f0000000500)=ANY=[@ANYRESDEC=r4, @ANYRES8, @ANYRESDEC, @ANYBLOB="8a96b5b1cb41cc6cddf50c4be17d728e2cb3436818b951770e0a3d79c92880699e5b2909179886496f13e415cab9d0794d54cf5075903075bdae1e574e0f3dac3688937db0571810ef9590d1d96f7ac3f72953ed90e080d8f34d0d1580a37ead8131174b4b5bb9dcd2be17607e41d1d42048f1504974f9bbdb2bc99676069585e5b7c27e6c5080406e6442926ca111eff156e0", @ANYRES16=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

15.11445524s ago: executing program 4 (id=2789):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000529000/0x2000)=nil, 0x2000, 0x16)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000040)=0xa0000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0x439, 0x70bd40, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x9801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x71516}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0xe68e}]}, 0x48}, 0x1, 0x0, 0x0, 0x24000007}, 0x0)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0x50483, 0x21401}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @local}, @IFLA_IPTUN_LINK={0x8, 0x1, r6}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20048044}, 0x24000000)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
sendmsg$nl_route(r0, 0x0, 0x24040040)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

4.166040468s ago: executing program 32 (id=2780):
openat$binderfs(0xffffffffffffff9c, 0x0, 0x803, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000001c0)={0x68b, <r1=>0x0}, 0x8)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
getsockopt$XDP_STATISTICS(0xffffffffffffffff, 0x11b, 0x7, 0x0, &(0x7f00000000c0))
syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r3 = memfd_create(&(0x7f00000025c0)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1cs1F59\xcdR\xc1\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9b\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa\xe7\xd6\xa3', 0x6)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r3, 0x0)
r4 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/59, 0x304000, 0x800, 0x0, 0x3}, 0x20)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
userfaultfd(0x801)
r5 = socket$inet6(0xa, 0x1, 0x8010000000000084)
sendmmsg$inet6(r5, 0x0, 0x0, 0x20000800)
shutdown(r5, 0x1)
r6 = getpid()
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2)
ptrace$getregs(0xc, r6, 0x6, &(0x7f00000004c0)=""/243)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x3}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x35}, 0x94)

3.649587184s ago: executing program 33 (id=2782):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0), 0x8e40, 0x0)
close(r1)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x5, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000300)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff5644d, 0x70b923, 0x7fffe, {0x0, 0x0, 0x0, r6, {}, {0xb, 0xb}, {0xf, 0xb}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x6, 0x808, 0x205, 0x1, 0xc}, 0xb, 0x0, 0x32, 0x5, 0xa, 0x2, 0x9, 0xd, 0x1, 0x1, {0xffff1c72, 0x23, 0x7, 0xc, 0xfffffffe, 0x7583}}}}]}, 0x78}}, 0x8000)
sendto$packet(r3, &(0x7f0000000240)="bad33075218151db00316f3a277f953286ddd1dc9119f992e83de525e4a40e81692d09dc6b6b0ef1", 0x5ea, 0x2000041, &(0x7f0000000080)={0x11, 0x88a8, 0x0, 0x1, 0xda, 0x6, @remote}, 0x14)

3.391214247s ago: executing program 34 (id=2784):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000900)=ANY=[], 0xfc}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="c40000001900674c2cbd70000000000000000000000000000000000000000000ac1eff0100000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0100000000000000000000000000000000000020000000000000000000000000000000000000000000008000000000000000000000000000fcffffffffffffff0000000000000000b0ac00000000000000000000000000000000000000000000000400000000000000000002000000000a00100001"], 0xc4}}, 0x4c050)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003082f00fe88a43de1a400000000000000007d01ff020000000000000000000000000001"], 0xfdef)

2.041170641s ago: executing program 35 (id=2786):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="02000000040000000800"], 0x48)
r2 = syz_open_dev$usbfs(&(0x7f0000000080), 0x75, 0x10b701)
ioctl$USBDEVFS_CLAIM_PORT(r2, 0x80045518, &(0x7f0000000040)=0x1)
syz_emit_ethernet(0x46, 0x0, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x88, 0x30, 0x1, 0x0, 0x0, {}, [{0x74, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x2c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x10000000000002)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_usbip_server_init(0x6)
setgroups(0x0, 0x0)
syz_open_dev$tty20(0xc, 0x4, 0x1)
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r6, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r6, 0x4028af11, &(0x7f0000000240)={0x1, 0x1, 0x0, &(0x7f0000000200)=""/51, 0x0, 0x8000000})
dup(0xffffffffffffffff)
ioctl$VHOST_SET_FEATURES(r6, 0x4008af00, &(0x7f00000001c0)=0x304008000)
sendmsg$nl_route(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c0000005e00010028bd7000fedbdf2500000000", @ANYRES32=r1, @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x400}, 0x20040840)

0s ago: executing program 36 (id=2789):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000529000/0x2000)=nil, 0x2000, 0x16)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r3, 0x7a7, &(0x7f0000000040)=0xa0000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r4 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000240)=@newlink={0x48, 0x10, 0x439, 0x70bd40, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, 0x9801}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x71516}, @IFLA_GSO_MAX_SEGS={0x8, 0x28, 0xe68e}]}, 0x48}, 0x1, 0x0, 0x0, 0x24000007}, 0x0)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x40, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0x50483, 0x21401}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x8}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @local}, @IFLA_IPTUN_LINK={0x8, 0x1, r6}]}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20048044}, 0x24000000)
write$6lowpan_enable(0xffffffffffffffff, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r6, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
sendmsg$nl_route(r0, 0x0, 0x24040040)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

074 extends beyond EOD, truncated
[  680.197319][T11460] Dev loop6: unable to read RDB block 7
[  680.240870][T11460]  loop6: AHDI p2 p3
[  680.257507][T11460] loop6: partition table partially beyond EOD, truncated
[  680.296901][T11460] loop6: p2 size 157513074 extends beyond EOD, truncated
[  680.686116][T11475] netlink: 'syz.1.1865': attribute type 1 has an invalid length.
[  680.695211][T11475] netlink: 'syz.1.1865': attribute type 2 has an invalid length.
[  680.709985][T11475] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1865'.
[  681.003903][ T5995] udevd[5995]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  683.582301][T11517] device syzkaller0 entered promiscuous mode
[  685.596052][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  685.602420][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  685.951949][T11535] netlink: 'syz.0.1880': attribute type 1 has an invalid length.
[  685.959918][T11535] netlink: 'syz.0.1880': attribute type 2 has an invalid length.
[  687.002709][ T4316] usb 2-1: new full-speed USB device number 19 using dummy_hcd
[  687.199846][ T4316] usb 2-1: config index 0 descriptor too short (expected 28277, got 36)
[  687.259433][ T4316] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  687.323115][ T4316] usb 2-1: config 0 has no interfaces?
[  687.346059][ T4316] usb 2-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  687.384738][ T4316] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  688.280765][ T4316] usb 2-1: config 0 descriptor??
[  688.587817][T11555] loop2: detected capacity change from 0 to 7
[  688.616704][ T5995] Dev loop2: unable to read RDB block 7
[  688.625620][ T5995]  loop2: AHDI p2 p3
[  688.629619][ T5995] loop2: partition table partially beyond EOD, truncated
[  688.800557][T11555] Dev loop2: unable to read RDB block 7
[  688.821332][T11555]  loop2: AHDI p2 p3
[  688.828007][T11555] loop2: partition table partially beyond EOD, truncated
[  689.655958][ T3638] Dev loop2: unable to read RDB block 7
[  689.681341][ T3638]  loop2: AHDI p2 p3
[  689.685316][ T3638] loop2: partition table partially beyond EOD, truncated
[  690.249233][ T4316] usb 2-1: USB disconnect, device number 19
[  692.266241][T11524] netlink: 'syz.3.1877': attribute type 13 has an invalid length.
[  693.999208][T11596] 9pnet_virtio: no channels available for device memory.events
[  694.835294][T11591] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  695.170059][T11605] netlink: 'syz.2.1896': attribute type 1 has an invalid length.
[  695.178024][T11605] netlink: 'syz.2.1896': attribute type 2 has an invalid length.
[  695.214577][T11605] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1896'.
[  695.377138][T11608] ipt_ECN: cannot use operation on non-tcp rule
[  695.786707][T11616] input: syz1 as /devices/virtual/input/input6
[  697.462027][T11635] device syzkaller0 entered promiscuous mode
[  697.476312][T11639] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  699.312106][T11648] netlink: 'syz.4.1905': attribute type 1 has an invalid length.
[  699.326590][T11648] netlink: 'syz.4.1905': attribute type 2 has an invalid length.
[  700.612875][T11663] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  701.500611][T11672] ipt_ECN: cannot use operation on non-tcp rule
[  703.346797][T11648] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1905'.
[  703.366786][T11648] 8021q: adding VLAN 0 to HW filter on device bond0
[  703.375151][T11648] 8021q: adding VLAN 0 to HW filter on device team0
[  703.383444][T11648] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  703.404562][T11669] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1910'.
[  704.348929][T11702] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  704.723335][T11709] netlink: 'syz.0.1920': attribute type 13 has an invalid length.
[  704.800434][T11712] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  706.493169][T11721] loop6: detected capacity change from 0 to 7
[  706.510507][ T5995] Dev loop6: unable to read RDB block 7
[  706.539826][ T5995]  loop6: AHDI p2 p3
[  706.562929][ T5995] loop6: partition table partially beyond EOD, truncated
[  706.613002][ T5995] loop6: p2 size 157513074 extends beyond EOD, truncated
[  706.646475][T11721] Dev loop6: unable to read RDB block 7
[  706.695174][T11721]  loop6: AHDI p2 p3
[  706.733882][T11723] ipt_ECN: cannot use operation on non-tcp rule
[  706.764430][T11721] loop6: partition table partially beyond EOD, truncated
[  706.798902][T11721] loop6: p2 size 157513074 extends beyond EOD, truncated
[  707.327985][T11728] device syzkaller0 entered promiscuous mode
[  708.520063][T11747] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  709.512441][T11758] netlink: 14 bytes leftover after parsing attributes in process `syz.1.1933'.
[  710.113954][T11775] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  712.006435][T11782] ipt_ECN: cannot use operation on non-tcp rule
[  712.142752][T11787] device syzkaller0 entered promiscuous mode
[  712.360810][T11791] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1940'.
[  712.498710][T11798] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  712.819666][ T4316] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  713.022132][ T4316] usb 5-1: config index 0 descriptor too short (expected 28277, got 36)
[  713.060242][ T4316] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  713.144005][ T4316] usb 5-1: config 0 has no interfaces?
[  713.171165][ T4316] usb 5-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  713.199151][ T4316] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  713.295321][ T4316] usb 5-1: config 0 descriptor??
[  713.373134][T11806] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1942'.
[  714.018407][T11806] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  714.027434][T11806] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  714.176543][T11806] 8021q: adding VLAN 0 to HW filter on device bond0
[  714.185118][T11806] 8021q: adding VLAN 0 to HW filter on device team0
[  714.195508][T11806] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  714.483931][T11817] loop2: detected capacity change from 0 to 7
[  714.493887][ T5995] Dev loop2: unable to read RDB block 7
[  714.502210][ T5995]  loop2: AHDI p2 p3
[  714.517233][ T5995] loop2: partition table partially beyond EOD, truncated
[  714.600032][T11817] Dev loop2: unable to read RDB block 7
[  714.631189][T11817]  loop2: AHDI p2 p3
[  714.665838][T11817] loop2: partition table partially beyond EOD, truncated
[  715.563286][T11832] device syzkaller0 entered promiscuous mode
[  715.973387][ T4311] usb 5-1: USB disconnect, device number 16
[  719.596892][T11875] lo: Caught tx_queue_len zero misconfig
[  720.170492][T11896] device syzkaller0 entered promiscuous mode
[  722.515069][  T128] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  722.704727][  T128] usb 2-1: Using ep0 maxpacket: 16
[  722.711410][  T128] usb 2-1: config 128 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  722.734983][  T128] usb 2-1: config 128 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  722.747773][  T128] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  722.758066][  T128] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  723.292246][  T128] mcp2221 0003:04D8:00DD.0003: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.1-1/input0
[  723.302594][T11927] binder: 11926:11927 ioctl 400c620e 200000000100 returned -22
[  723.511562][  T128] usb 2-1: USB disconnect, device number 20
[  725.032192][T11941] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  725.076161][T11941] random: crng reseeded on system resumption
[  726.194770][T11945] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1982'.
[  726.704154][T11962] device syzkaller0 entered promiscuous mode
[  727.906547][T11986] tipc: Failed to remove unknown binding: 66,1,1/0:906377133/906377135
[  728.542076][T11993] device syzkaller0 entered promiscuous mode
[  728.580004][T11996] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1996'.
[  730.128293][T12018] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  732.941620][T12024] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2003'.
[  732.956535][T12024] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  732.980112][T12042] device syzkaller1 entered promiscuous mode
[  733.000802][T12047] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2009'.
[  733.270816][T12056] ipt_ECN: cannot use operation on non-tcp rule
[  733.449375][  T128] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  733.545326][T12066] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  733.639328][  T128] usb 2-1: Using ep0 maxpacket: 32
[  733.646269][  T128] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  733.716759][  T128] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  733.777551][  T128] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  733.855281][  T128] usb 2-1: Product: syz
[  733.863355][  T128] usb 2-1: Manufacturer: syz
[  733.876810][  T128] usb 2-1: SerialNumber: syz
[  733.898510][  T128] usb 2-1: config 0 descriptor??
[  733.908501][T12051] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  734.229657][  T128] usb 2-1: USB disconnect, device number 21
[  734.765866][T12090] device syzkaller0 entered promiscuous mode
[  734.818663][  T128] usb 2-1: new full-speed USB device number 22 using dummy_hcd
[  734.978586][  T128] usb 2-1: device descriptor read/64, error -71
[  735.258437][  T128] usb 2-1: new full-speed USB device number 23 using dummy_hcd
[  735.428374][  T128] usb 2-1: device descriptor read/64, error -71
[  735.554207][  T128] usb usb2-port1: attempt power cycle
[  735.997745][  T128] usb 2-1: new full-speed USB device number 24 using dummy_hcd
[  736.058029][  T128] usb 2-1: device descriptor read/8, error -71
[  738.496585][T12106] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2024'.
[  738.930819][T12132] device vlan3 entered promiscuous mode
[  738.949551][T12132] device bond0 entered promiscuous mode
[  738.955152][T12132] device bond_slave_0 entered promiscuous mode
[  738.971408][   T26] kauditd_printk_skb: 68 callbacks suppressed
[  738.971422][   T26] audit: type=1326 audit(1773183115.092:683): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12128 comm="syz.2.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8099c799 code=0x7ffc0000
[  739.003761][T12132] device bond_slave_1 entered promiscuous mode
[  739.006822][  T128] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  739.040950][   T26] audit: type=1326 audit(1773183115.142:684): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12128 comm="syz.2.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f5d8099c799 code=0x7ffc0000
[  739.117668][   T26] audit: type=1326 audit(1773183115.142:685): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12128 comm="syz.2.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8099c799 code=0x7ffc0000
[  739.179939][   T26] audit: type=1326 audit(1773183115.142:686): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12128 comm="syz.2.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f5d8099c799 code=0x7ffc0000
[  739.212851][   T26] audit: type=1326 audit(1773183115.142:687): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12128 comm="syz.2.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8099c799 code=0x7ffc0000
[  739.236609][  T128] usb 5-1: Using ep0 maxpacket: 8
[  739.245399][  T128] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  739.251376][   T26] audit: type=1326 audit(1773183115.142:688): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12128 comm="syz.2.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=29 compat=0 ip=0x7f5d8099c799 code=0x7ffc0000
[  739.295303][  T128] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  739.319497][   T26] audit: type=1326 audit(1773183115.142:689): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12128 comm="syz.2.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8099c799 code=0x7ffc0000
[  739.355703][  T128] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  739.378737][   T26] audit: type=1326 audit(1773183115.192:690): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12128 comm="syz.2.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5d8099c799 code=0x7ffc0000
[  739.412435][  T128] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  739.578372][  T128] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  739.873649][  T128] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  739.896356][   T26] audit: type=1326 audit(1773183115.192:691): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12128 comm="syz.2.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5d8099c799 code=0x7ffc0000
[  740.006609][   T26] audit: type=1326 audit(1773183115.192:692): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12128 comm="syz.2.2031" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5d8099c799 code=0x7ffc0000
[  740.133734][  T128] usb 5-1: GET_CAPABILITIES returned 0
[  740.141723][  T128] usbtmc 5-1:16.0: can't read capabilities
[  740.259013][T12156] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2038'.
[  740.342413][  T128] usb 5-1: USB disconnect, device number 17
[  740.583582][T12162] device syzkaller0 entered promiscuous mode
[  742.043755][T12183] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  742.215036][T12185] netlink: 'syz.2.2046': attribute type 1 has an invalid length.
[  742.223275][T12185] netlink: 'syz.2.2046': attribute type 2 has an invalid length.
[  744.769631][T12185] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2046'.
[  746.210354][T12216] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2054'.
[  746.379698][T12228] netlink: 'syz.3.2058': attribute type 13 has an invalid length.
[  746.612761][ T8537] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[  746.805216][ T8537] usb 5-1: config 0 has no interfaces?
[  746.810772][ T8537] usb 5-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  746.848009][ T8537] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  746.906899][ T8537] usb 5-1: config 0 descriptor??
[  746.987210][T12232] netlink: 'syz.2.2057': attribute type 1 has an invalid length.
[  746.994929][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  746.995028][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  747.147362][T12234] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2057'.
[  747.435262][T12232] netlink: 'syz.2.2057': attribute type 2 has an invalid length.
[  747.768793][T12234] 8021q: adding VLAN 0 to HW filter on device bond0
[  747.787573][T12234] 8021q: adding VLAN 0 to HW filter on device team0
[  747.879778][T12234] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  747.937946][T12248] device syzkaller0 entered promiscuous mode
[  748.741336][ T8537] usb 5-1: USB disconnect, device number 18
[  749.960227][T12279] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  752.002084][T12294] netlink: 'syz.1.2066': attribute type 1 has an invalid length.
[  752.010055][T12294] netlink: 'syz.1.2066': attribute type 2 has an invalid length.
[  752.024704][T12294] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2066'.
[  753.341845][T12298] netlink: 'syz.2.2069': attribute type 13 has an invalid length.
[  754.070556][T12319] ipt_ECN: cannot use operation on non-tcp rule
[  754.884741][T12334] netlink: 'syz.2.2074': attribute type 1 has an invalid length.
[  755.086784][T12335] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2074'.
[  755.203717][T12334] netlink: 'syz.2.2074': attribute type 2 has an invalid length.
[  755.288195][T12335] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  755.459786][T12337] device syzkaller0 entered promiscuous mode
[  755.616677][T12345] input: syz0 as /devices/virtual/input/input7
[  757.206644][T12363] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  757.217519][ T8537] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  757.408635][ T8537] usb 3-1: Using ep0 maxpacket: 16
[  757.426601][ T8537] usb 3-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice=38.b7
[  757.474293][ T8537] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  757.513676][ T8537] usb 3-1: Product: syz
[  757.527804][ T8537] usb 3-1: Manufacturer: syz
[  757.544800][ T8537] usb 3-1: SerialNumber: syz
[  757.564875][ T8537] usb 3-1: config 0 descriptor??
[  757.603463][ T8537] hub 3-1:0.0: bad descriptor, ignoring hub
[  757.615980][ T8537] hub: probe of 3-1:0.0 failed with error -5
[  759.782655][T12368] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2083'.
[  759.831783][T12368] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  759.844030][T12368] 8021q: adding VLAN 0 to HW filter on device bond0
[  759.852967][T12368] 8021q: adding VLAN 0 to HW filter on device team0
[  759.883821][T12368] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  760.259417][T12377] netlink: 'syz.4.2084': attribute type 1 has an invalid length.
[  760.283557][T12377] netlink: 'syz.4.2084': attribute type 2 has an invalid length.
[  760.296670][T12377] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2084'.
[  760.396117][ T4316] usb 3-1: USB disconnect, device number 20
[  760.831901][T12384] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2088'.
[  761.010526][T12390] team0: Caught tx_queue_len zero misconfig
[  762.223814][T12409] netlink: 'syz.1.2092': attribute type 1 has an invalid length.
[  762.231961][T12409] netlink: 'syz.1.2092': attribute type 2 has an invalid length.
[  762.385078][T12409] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2092'.
[  762.522726][T12409] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  762.530649][T12409] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  762.544202][T12409] 8021q: adding VLAN 0 to HW filter on device bond0
[  762.558299][T12409] 8021q: adding VLAN 0 to HW filter on device team0
[  762.650128][T12409] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  763.293114][T12414] device syzkaller0 entered promiscuous mode
[  764.293301][T12429] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2096'.
[  764.653914][ T4311] usb 5-1: new full-speed USB device number 19 using dummy_hcd
[  764.851575][ T4311] usb 5-1: config index 0 descriptor too short (expected 28277, got 36)
[  764.874722][ T4311] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  764.896680][ T4311] usb 5-1: config 0 has no interfaces?
[  764.908854][ T4311] usb 5-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  764.928090][ T4311] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  764.962860][ T4311] usb 5-1: config 0 descriptor??
[  766.607138][T12451] ipt_ECN: cannot use operation on non-tcp rule
[  766.789683][ T8537] usb 5-1: USB disconnect, device number 19
[  766.859080][   T26] kauditd_printk_skb: 2 callbacks suppressed
[  766.859094][   T26] audit: type=1326 audit(1773183142.996:695): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12454 comm="syz.4.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  766.887930][   T26] audit: type=1326 audit(1773183142.996:696): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12454 comm="syz.4.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  766.911679][   T26] audit: type=1326 audit(1773183143.006:697): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12454 comm="syz.4.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  766.955421][   T26] audit: type=1326 audit(1773183143.006:698): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12454 comm="syz.4.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  767.055814][   T26] audit: type=1326 audit(1773183143.006:699): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12454 comm="syz.4.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  767.081267][   T26] audit: type=1326 audit(1773183143.006:700): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12454 comm="syz.4.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  767.104112][   T26] audit: type=1326 audit(1773183143.006:701): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12454 comm="syz.4.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  767.133248][   T26] audit: type=1326 audit(1773183143.006:702): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12454 comm="syz.4.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  767.232717][   T26] audit: type=1326 audit(1773183143.006:703): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12454 comm="syz.4.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  767.290268][   T26] audit: type=1326 audit(1773183143.006:704): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12454 comm="syz.4.2102" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  768.323341][T12482] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  768.342647][T12457] DRBG: could not allocate digest TFM handle: hmac(sha512)
[  768.873845][T12446] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2099'.
[  768.887222][T12446] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  768.895993][T12446] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  770.001150][T12489] siw: device registration error -23
[  770.511385][T12493] 9pnet_virtio: no channels available for device syz
[  771.973066][T12509] netlink: 'syz.2.2110': attribute type 1 has an invalid length.
[  771.985713][T12509] netlink: 'syz.2.2110': attribute type 2 has an invalid length.
[  772.000987][T12509] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2110'.
[  772.034329][T12509] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  772.408301][T12516] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2112'.
[  772.999549][  T128] usb 4-1: new full-speed USB device number 17 using dummy_hcd
[  773.213354][  T128] usb 4-1: config index 0 descriptor too short (expected 28277, got 36)
[  773.230859][  T128] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  773.333379][  T128] usb 4-1: config 0 has no interfaces?
[  773.418599][  T128] usb 4-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  773.480669][  T128] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  773.560500][  T128] usb 4-1: config 0 descriptor??
[  773.966775][T12535] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2118'.
[  773.978483][T12535] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  774.117715][T12535] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  775.698315][T12550] siw: device registration error -23
[  776.358049][T12551] 9pnet_virtio: no channels available for device memory.events
[  777.765742][ T8537] usb 4-1: USB disconnect, device number 17
[  777.777542][  T128] usb 2-1: new full-speed USB device number 26 using dummy_hcd
[  778.086110][  T128] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  778.158584][  T128] usb 2-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[  778.206943][  T128] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  778.265797][  T128] usb 2-1: Product: syz
[  778.295756][  T128] usb 2-1: Manufacturer: syz
[  778.304631][  T128] usb 2-1: SerialNumber: syz
[  778.325005][T12570] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  778.336202][  T128] usb 2-1: config 0 descriptor??
[  779.084816][T12581] netlink: 'syz.3.2128': attribute type 1 has an invalid length.
[  779.118662][T12581] netlink: 'syz.3.2128': attribute type 2 has an invalid length.
[  779.229432][T12581] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2128'.
[  779.516968][T12581] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  779.573167][T12581] 8021q: adding VLAN 0 to HW filter on device bond0
[  779.607986][T12581] 8021q: adding VLAN 0 to HW filter on device team0
[  779.776719][T12581] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  780.878469][T12607] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2136'.
[  781.518314][T12615] syz.4.2138 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  781.662417][ T4311] usb 2-1: USB disconnect, device number 26
[  781.995186][  T128] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  782.186630][  T128] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  782.219375][  T128] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  782.258418][  T128] usb 4-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00
[  782.316390][  T128] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  782.394575][  T128] usb 4-1: config 0 descriptor??
[  782.825379][  T128] logitech-djreceiver 0003:046D:C71F.0004: unknown main item tag 0x7
[  782.869349][  T128] logitech-djreceiver 0003:046D:C71F.0004: hidraw0: USB HID v0.00 Device [HID 046d:c71f] on usb-dummy_hcd.3-1/input0
[  783.028562][  T128] usb 4-1: USB disconnect, device number 18
[  783.407931][T12628] fido_id[12628]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  783.883524][T12633] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2142'.
[  783.969539][T12636] device syzkaller0 entered promiscuous mode
[  784.329793][T12641] netlink: 'syz.1.2144': attribute type 1 has an invalid length.
[  784.351976][T12641] netlink: 'syz.1.2144': attribute type 2 has an invalid length.
[  784.371168][T12641] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2144'.
[  784.396752][T12641] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  784.419663][T12641] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  784.746972][T12649] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  784.868112][T12653] device syzkaller0 entered promiscuous mode
[  784.942503][T12655] netlink: 'syz.4.2149': attribute type 1 has an invalid length.
[  784.952600][  T125] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  785.010310][T12655] 8021q: adding VLAN 0 to HW filter on device bond1
[  785.146147][  T125] usb 3-1: Using ep0 maxpacket: 32
[  785.152920][  T125] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  785.188074][T12661] vivid-001: =================  START STATUS  =================
[  785.201153][T12661] vivid-001: Radio HW Seek Mode: Bounded
[  785.211569][  T125] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  785.221400][T12661] vivid-001: Radio Programmable HW Seek: false
[  785.230950][  T125] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  785.240622][T12661] vivid-001: RDS Rx I/O Mode: Block I/O
[  785.250709][  T125] usb 3-1: Product: syz
[  785.266371][T12661] vivid-001: Generate RBDS Instead of RDS: false
[  785.273939][  T125] usb 3-1: Manufacturer: syz
[  785.278552][  T125] usb 3-1: SerialNumber: syz
[  785.286515][T12661] vivid-001: RDS Reception: true
[  785.297366][T12661] vivid-001: RDS Program Type: 0 inactive
[  785.315640][  T125] usb 3-1: config 0 descriptor??
[  785.321065][T12646] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  785.339108][T12661] vivid-001: RDS PS Name:  inactive
[  785.353439][T12661] vivid-001: RDS Radio Text:  inactive
[  785.409194][T12661] vivid-001: RDS Traffic Announcement: false inactive
[  785.426504][T12661] vivid-001: RDS Traffic Program: false inactive
[  785.434812][T12661] vivid-001: RDS Music: false inactive
[  785.447703][T12661] vivid-001: ==================  END STATUS  ==================
[  785.553956][T12668] device syzkaller1 entered promiscuous mode
[  786.832805][T12677] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2155'.
[  787.312408][  T128] usb 4-1: new full-speed USB device number 19 using dummy_hcd
[  787.514027][  T128] usb 4-1: config index 0 descriptor too short (expected 28277, got 36)
[  787.538154][  T128] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  787.572298][  T128] usb 4-1: config 0 has no interfaces?
[  787.577926][  T128] usb 4-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  787.602431][  T128] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  787.621844][ T4316] usb 3-1: USB disconnect, device number 21
[  787.647842][T12683] ipt_ECN: cannot use operation on non-tcp rule
[  787.702962][  T128] usb 4-1: config 0 descriptor??
[  788.322539][T12691] device syzkaller0 entered promiscuous mode
[  788.401535][T12694] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  788.451365][T12694] random: crng reseeded on system resumption
[  788.855016][T12700] netlink: 'syz.4.2161': attribute type 1 has an invalid length.
[  788.880791][T12700] netlink: 'syz.4.2161': attribute type 2 has an invalid length.
[  789.368562][T12708] fuse: Bad value for 'fd'
[  789.390301][T12700] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2161'.
[  789.689391][T12710] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2163'.
[  790.350785][ T4316] usb 4-1: USB disconnect, device number 19
[  790.613478][T12720] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2166'.
[  790.638055][T12720] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  790.688562][T12720] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  791.367437][T12742] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  792.299120][T12755] netlink: 'syz.3.2179': attribute type 1 has an invalid length.
[  792.394127][T12755] 8021q: adding VLAN 0 to HW filter on device bond4
[  792.472492][T12759] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2178'.
[  792.899774][  T128] usb 2-1: new full-speed USB device number 27 using dummy_hcd
[  793.104704][  T128] usb 2-1: config index 0 descriptor too short (expected 28277, got 36)
[  793.123413][  T128] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  793.171006][  T128] usb 2-1: config 0 has no interfaces?
[  793.200297][  T128] usb 2-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  793.244969][  T128] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  793.305843][T12771] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  793.325904][  T128] usb 2-1: config 0 descriptor??
[  793.498027][T12772] random: crng reseeded on system resumption
[  795.423928][ T4316] usb 2-1: USB disconnect, device number 27
[  795.466503][T12791] syz.0.2186 uses obsolete (PF_INET,SOCK_PACKET)
[  796.268337][T12805] netlink: 'syz.4.2191': attribute type 1 has an invalid length.
[  796.381576][T12805] 8021q: adding VLAN 0 to HW filter on device bond2
[  797.318189][T12825] netlink: 'syz.2.2198': attribute type 13 has an invalid length.
[  797.338968][T12826] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2197'.
[  798.331104][T12842] device syzkaller0 entered promiscuous mode
[  802.493342][T12848] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2205'.
[  802.510261][T12848] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  802.519478][T12848] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  802.710950][T12865] device syzkaller0 entered promiscuous mode
[  805.783414][T12901] siw: device registration error -23
[  808.415062][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  808.421356][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  811.014055][T12950] netlink: 'syz.3.2229': attribute type 1 has an invalid length.
[  811.032914][T12950] netlink: 'syz.3.2229': attribute type 2 has an invalid length.
[  811.094371][T12950] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2229'.
[  811.106931][T12950] device lo entered promiscuous mode
[  811.234227][T12950] device tunl0 entered promiscuous mode
[  811.396201][T12950] device gre0 entered promiscuous mode
[  811.467653][T12950] device gretap0 entered promiscuous mode
[  811.501993][T12950] device erspan0 entered promiscuous mode
[  811.510940][T12950] device ip_vti0 entered promiscuous mode
[  811.519736][T12950] device ip6_vti0 entered promiscuous mode
[  811.529361][T12950] device sit0 entered promiscuous mode
[  811.538246][T12950] device ip6tnl0 entered promiscuous mode
[  811.547533][T12950] device ip6gre0 entered promiscuous mode
[  811.604960][T12950] device syz_tun entered promiscuous mode
[  811.653330][T12950] device ip6gretap0 entered promiscuous mode
[  811.666711][T12950] device bridge0 entered promiscuous mode
[  811.706453][T12955] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  811.718234][T12950] device vcan0 entered promiscuous mode
[  811.788783][   T26] kauditd_printk_skb: 14 callbacks suppressed
[  811.788794][   T26] audit: type=1326 audit(1773183187.938:719): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12958 comm="syz.1.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  811.835529][T12950] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  811.870201][ T4316] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  811.883708][T12960] loop6: detected capacity change from 0 to 7
[  811.904458][ T5995] Dev loop6: unable to read RDB block 7
[  811.911156][ T5995]  loop6: AHDI p2 p3
[  811.917056][ T5995] loop6: partition table partially beyond EOD, truncated
[  811.936724][ T5995] loop6: p2 size 157513074 extends beyond EOD, truncated
[  811.956514][T12960] Dev loop6: unable to read RDB block 7
[  811.967064][T12960]  loop6: AHDI p2 p3
[  811.975854][T12960] loop6: partition table partially beyond EOD, truncated
[  812.000123][T12960] loop6: p2 size 157513074 extends beyond EOD, truncated
[  812.050067][T12950] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  812.060059][   T26] audit: type=1326 audit(1773183187.938:720): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12958 comm="syz.1.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  812.085388][ T4316] usb 3-1: Using ep0 maxpacket: 16
[  812.099303][T12950] device bond0 entered promiscuous mode
[  812.105890][ T4316] usb 3-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice=38.b7
[  812.137069][ T4316] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  812.152763][T12950] device bond_slave_0 entered promiscuous mode
[  812.159275][T12950] device bond_slave_1 entered promiscuous mode
[  812.170501][   T26] audit: type=1326 audit(1773183187.978:721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12958 comm="syz.1.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  812.198096][ T4316] usb 3-1: Product: syz
[  812.207905][ T4316] usb 3-1: Manufacturer: syz
[  812.233827][ T4316] usb 3-1: SerialNumber: syz
[  812.257626][ T4316] usb 3-1: config 0 descriptor??
[  812.282933][ T4316] hub 3-1:0.0: bad descriptor, ignoring hub
[  812.285793][T12950] device team0 entered promiscuous mode
[  812.314282][ T4316] hub: probe of 3-1:0.0 failed with error -5
[  812.314294][   T26] audit: type=1326 audit(1773183187.978:722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12958 comm="syz.1.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  812.314324][   T26] audit: type=1326 audit(1773183187.978:723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12958 comm="syz.1.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  812.388484][T12950] device team_slave_0 entered promiscuous mode
[  812.395236][T12950] device team_slave_1 entered promiscuous mode
[  812.415021][T12950] device dummy0 entered promiscuous mode
[  812.425207][T12950] device nlmon0 entered promiscuous mode
[  812.438426][T12950] device caif0 entered promiscuous mode
[  812.451473][   T26] audit: type=1326 audit(1773183187.978:724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12958 comm="syz.1.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  812.488138][T12950] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  812.527295][   T26] audit: type=1326 audit(1773183187.978:725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12958 comm="syz.1.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  812.601889][ T4316] usb 3-1: USB disconnect, device number 22
[  812.608005][   T26] audit: type=1326 audit(1773183187.978:726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12958 comm="syz.1.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  812.719193][   T26] audit: type=1326 audit(1773183187.978:727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12958 comm="syz.1.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  812.852062][   T26] audit: type=1326 audit(1773183187.978:728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12958 comm="syz.1.2233" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  812.929225][T12972] loop2: detected capacity change from 0 to 7
[  813.032445][ T5995] Dev loop2: unable to read RDB block 7
[  813.038067][ T5995]  loop2: AHDI p2 p3
[  813.048552][ T5995] loop2: partition table partially beyond EOD, truncated
[  813.078051][ T5995] loop2: p2 start 1702059890 is beyond EOD, truncated
[  813.137646][T12972] Dev loop2: unable to read RDB block 7
[  813.159938][T12972]  loop2: AHDI p2 p3
[  813.201642][T12976] device syzkaller0 entered promiscuous mode
[  813.219534][T12972] loop2: partition table partially beyond EOD, truncated
[  813.238876][T12972] loop2: p2 start 1702059890 is beyond EOD, truncated
[  814.225998][T12989] vivid-003: =================  START STATUS  =================
[  814.279164][T12989] vivid-003: Radio HW Seek Mode: Bounded
[  814.299197][T12989] vivid-003: Radio Programmable HW Seek: false
[  814.313953][T12989] vivid-003: RDS Rx I/O Mode: Block I/O
[  814.329028][T12989] vivid-003: Generate RBDS Instead of RDS: false
[  814.357134][T12989] vivid-003: RDS Reception: true
[  814.379063][T12989] vivid-003: RDS Program Type: 0 inactive
[  814.395052][T12989] vivid-003: RDS PS Name:  inactive
[  814.417576][T12989] vivid-003: RDS Radio Text:  inactive
[  814.433879][T12989] vivid-003: RDS Traffic Announcement: false inactive
[  814.457989][T12989] vivid-003: RDS Traffic Program: false inactive
[  814.498468][T12989] vivid-003: RDS Music: false inactive
[  814.510338][T12989] vivid-003: ==================  END STATUS  ==================
[  814.944628][T12997] relay: one or more items not logged [item size (56) > sub-buffer size (3)]
[  816.186265][T13010] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  816.232889][T13010] random: crng reseeded on system resumption
[  816.690196][T13015] netlink: 'syz.1.2247': attribute type 1 has an invalid length.
[  816.724125][T13015] netlink: 'syz.1.2247': attribute type 2 has an invalid length.
[  817.899161][T13021] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  819.053541][T12982] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2238'.
[  819.070487][T12982] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  819.097949][T13015] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2247'.
[  819.163483][T13015] device lo entered promiscuous mode
[  819.189785][T13015] device tunl0 entered promiscuous mode
[  819.243911][T13015] device gre0 entered promiscuous mode
[  819.285579][T13015] device gretap0 entered promiscuous mode
[  819.325772][T13015] device erspan0 entered promiscuous mode
[  819.381000][T13015] device ip_vti0 entered promiscuous mode
[  819.429939][T13015] device ip6_vti0 entered promiscuous mode
[  819.480845][T13015] device sit0 entered promiscuous mode
[  819.542189][T13015] device ip6tnl0 entered promiscuous mode
[  819.563057][T13015] device ip6gre0 entered promiscuous mode
[  819.585268][T13015] device syz_tun entered promiscuous mode
[  819.598665][T13015] device ip6gretap0 entered promiscuous mode
[  819.620951][T13015] device bridge0 entered promiscuous mode
[  819.633912][T13015] device vcan0 entered promiscuous mode
[  819.645879][T13015] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  819.669341][T13015] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  819.695239][T13045] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2254'.
[  819.707727][T13015] device team0 entered promiscuous mode
[  819.720256][T13015] device team_slave_0 entered promiscuous mode
[  819.736198][T13015] device team_slave_1 entered promiscuous mode
[  819.755830][T13015] device nlmon0 entered promiscuous mode
[  819.781741][T13015] device caif0 entered promiscuous mode
[  819.800321][T13015] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  820.146015][ T4316] usb 3-1: new full-speed USB device number 23 using dummy_hcd
[  820.465967][ T4316] usb 3-1: device descriptor read/64, error -71
[  821.366093][T13060] netlink: 'syz.3.2258': attribute type 2 has an invalid length.
[  821.587895][ T4316] usb 3-1: new full-speed USB device number 24 using dummy_hcd
[  821.955124][ T4316] usb 3-1: device descriptor read/64, error -71
[  822.434957][T13069] siw: device registration error -23
[  823.277300][ T4316] usb usb3-port1: attempt power cycle
[  823.854357][ T4316] usb 3-1: new full-speed USB device number 25 using dummy_hcd
[  824.931746][T13078] batman_adv: batadv0: Adding interface: macsec1
[  824.941934][T13078] batman_adv: batadv0: The MTU of interface macsec1 is too small (1468) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  824.969099][T13078] batman_adv: batadv0: Interface activated: macsec1
[  825.121785][ T4316] usb 3-1: device descriptor read/8, error -71
[  825.607784][T13089] netlink: 'syz.2.2265': attribute type 13 has an invalid length.
[  825.698546][T13093] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2264'.
[  825.739889][T13093] device lo left promiscuous mode
[  825.783854][T13093] device tunl0 left promiscuous mode
[  825.790288][T13093] device gre0 left promiscuous mode
[  825.801427][T13093] device gretap0 left promiscuous mode
[  825.821479][T13093] device erspan0 left promiscuous mode
[  825.828930][T13093] device ip_vti0 left promiscuous mode
[  825.839844][T13093] device ip6_vti0 left promiscuous mode
[  825.872818][T13093] device sit0 left promiscuous mode
[  825.903958][T13093] device ip6tnl0 left promiscuous mode
[  825.910252][T13093] device ip6gre0 left promiscuous mode
[  825.918244][T13093] device syz_tun left promiscuous mode
[  825.928764][T13093] device ip6gretap0 left promiscuous mode
[  825.949464][T13093] device bridge0 left promiscuous mode
[  825.965096][T13093] device vcan0 left promiscuous mode
[  825.970929][T13093] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  825.984889][T13093] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  826.000505][T13093] device bond0 left promiscuous mode
[  826.006491][T13093] device bond_slave_0 left promiscuous mode
[  826.014282][T13093] device bond_slave_1 left promiscuous mode
[  826.022600][T13093] device team0 left promiscuous mode
[  826.028184][T13093] device team_slave_0 left promiscuous mode
[  826.034494][T13093] device team_slave_1 left promiscuous mode
[  826.044261][T13093] device dummy0 left promiscuous mode
[  826.050436][T13093] device nlmon0 left promiscuous mode
[  826.066371][T13093] device caif0 left promiscuous mode
[  826.073676][T13093] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  826.717061][T13101] netlink: 'syz.4.2268': attribute type 1 has an invalid length.
[  826.726554][T13101] netlink: 'syz.4.2268': attribute type 2 has an invalid length.
[  826.739873][T13101] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2268'.
[  826.750813][T13101] device lo entered promiscuous mode
[  826.764372][T13101] device tunl0 entered promiscuous mode
[  826.776950][T13101] device gre0 entered promiscuous mode
[  826.834277][T13101] device gretap0 entered promiscuous mode
[  826.853178][T13101] device erspan0 entered promiscuous mode
[  826.898558][T13101] device ip_vti0 entered promiscuous mode
[  826.935642][T13101] device ip6_vti0 entered promiscuous mode
[  826.947400][T13101] device sit0 entered promiscuous mode
[  826.958672][T13101] device ip6tnl0 entered promiscuous mode
[  826.970470][T13101] device ip6gre0 entered promiscuous mode
[  826.990464][T13101] device syz_tun entered promiscuous mode
[  827.007989][T13101] device ip6gretap0 entered promiscuous mode
[  827.019661][T13101] device bridge0 entered promiscuous mode
[  827.033239][T13101] device vcan0 entered promiscuous mode
[  827.050502][T13101] device bond0 entered promiscuous mode
[  827.060590][T13101] device bond_slave_0 entered promiscuous mode
[  827.069176][T13101] device bond_slave_1 entered promiscuous mode
[  827.090601][T13101] 8021q: adding VLAN 0 to HW filter on device bond0
[  827.106191][T13101] device team0 entered promiscuous mode
[  827.112847][T13101] device team_slave_0 entered promiscuous mode
[  827.119866][T13101] device team_slave_1 entered promiscuous mode
[  827.136832][T13101] 8021q: adding VLAN 0 to HW filter on device team0
[  827.150382][T13101] device dummy0 entered promiscuous mode
[  827.167441][T13101] device nlmon0 entered promiscuous mode
[  827.180160][T13101] device caif0 entered promiscuous mode
[  827.187183][T13101] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  827.994987][T13111] loop2: detected capacity change from 0 to 7
[  828.112931][T13111] Dev loop2: unable to read RDB block 7
[  828.118550][T13111]  loop2: AHDI p2 p3
[  828.132900][T13111] loop2: partition table partially beyond EOD, truncated
[  828.494999][T13117] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  828.541132][T13111] loop2: p2 start 1702059890 is beyond EOD, truncated
[  828.797857][T13125] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  828.822124][ T3638] Dev loop2: unable to read RDB block 7
[  828.831847][ T3638]  loop2: AHDI p2 p3
[  828.846632][ T3638] loop2: partition table partially beyond EOD, truncated
[  828.855236][ T3638] loop2: p2 start 1702059890 is beyond EOD, truncated
[  829.124265][T13128] netlink: 'syz.2.2274': attribute type 2 has an invalid length.
[  831.593763][T13163] netlink: 'syz.4.2282': attribute type 1 has an invalid length.
[  831.604318][T13163] netlink: 'syz.4.2282': attribute type 2 has an invalid length.
[  831.616996][T13163] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2282'.
[  831.627246][T13163] device lo left promiscuous mode
[  831.636646][T13157] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  831.651870][T13163] device tunl0 left promiscuous mode
[  831.702659][T13163] device gre0 left promiscuous mode
[  831.726757][T13163] device gretap0 left promiscuous mode
[  831.759802][T13163] device erspan0 left promiscuous mode
[  831.786993][T13163] device ip_vti0 left promiscuous mode
[  831.804034][T13163] device ip6_vti0 left promiscuous mode
[  831.821695][T13163] device sit0 left promiscuous mode
[  831.840397][T13163] device ip6tnl0 left promiscuous mode
[  831.871457][T13163] device ip6gre0 left promiscuous mode
[  831.937057][T13163] device syz_tun left promiscuous mode
[  832.057804][T13163] device ip6gretap0 left promiscuous mode
[  832.116009][T13163] device bridge0 left promiscuous mode
[  832.135769][T13163] device vcan0 left promiscuous mode
[  832.146237][T13163] device bond0 left promiscuous mode
[  832.152031][T13163] device bond_slave_0 left promiscuous mode
[  832.158154][T13163] device bond_slave_1 left promiscuous mode
[  832.181587][T13163] device team0 left promiscuous mode
[  832.205664][T13163] device team_slave_0 left promiscuous mode
[  832.230620][T13163] device team_slave_1 left promiscuous mode
[  832.256284][T13163] device dummy0 left promiscuous mode
[  832.302071][T13163] device nlmon0 left promiscuous mode
[  832.338586][T13163] device caif0 left promiscuous mode
[  832.767316][   T26] kauditd_printk_skb: 28 callbacks suppressed
[  832.767330][   T26] audit: type=1326 audit(1773183208.928:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13168 comm="syz.0.2285" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb9f2b9c799 code=0x0
[  833.476423][T13190] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  836.423179][T13207] netlink: 'syz.1.2298': attribute type 1 has an invalid length.
[  836.430970][T13207] netlink: 'syz.1.2298': attribute type 2 has an invalid length.
[  836.439669][T13207] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2298'.
[  836.448938][T13207] device lo left promiscuous mode
[  836.461623][T13207] device tunl0 left promiscuous mode
[  836.472183][T13207] device gre0 left promiscuous mode
[  836.494391][T13207] device gretap0 left promiscuous mode
[  836.507256][T13207] device erspan0 left promiscuous mode
[  836.522752][T13207] device ip_vti0 left promiscuous mode
[  836.532670][T13207] device ip6_vti0 left promiscuous mode
[  836.546191][T13207] device sit0 left promiscuous mode
[  836.632289][T13207] device ip6tnl0 left promiscuous mode
[  836.648064][T13207] device ip6gre0 left promiscuous mode
[  836.669196][T13207] device syz_tun left promiscuous mode
[  836.845193][T13211] netlink: 14 bytes leftover after parsing attributes in process `syz.4.2297'.
[  836.875844][T13207] device ip6gretap0 left promiscuous mode
[  836.906797][T13207] device bridge0 left promiscuous mode
[  836.917750][T13207] device vcan0 left promiscuous mode
[  836.978363][T13207] device team0 left promiscuous mode
[  836.983669][T13207] device team_slave_0 left promiscuous mode
[  836.989829][T13207] device team_slave_1 left promiscuous mode
[  837.017412][T13207] device nlmon0 left promiscuous mode
[  837.023491][T13207] device caif0 left promiscuous mode
[  837.029335][T13207] batman_adv: batadv0: Interface deactivated: macsec1
[  837.828212][T13220] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2300'.
[  838.754543][T13239] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  839.158366][T13245] netlink: 'syz.4.2306': attribute type 13 has an invalid length.
[  840.032170][T13259] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  841.617964][T13283] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  841.754063][T13283] random: crng reseeded on system resumption
[  842.143886][T13288] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2318'.
[  843.567514][T13300] tipc: Failed to remove unknown binding: 66,1,1/0:3207889952/3207889954
[  843.871043][   T26] audit: type=1326 audit(1773183220.034:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz.4.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  843.919172][   T26] audit: type=1326 audit(1773183220.034:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz.4.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  843.946228][   T26] audit: type=1326 audit(1773183220.064:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz.4.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  843.962583][T13312] loop6: detected capacity change from 0 to 7
[  843.990769][   T26] audit: type=1326 audit(1773183220.064:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz.4.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  844.016660][ T5995] Dev loop6: unable to read RDB block 7
[  844.022276][ T5995]  loop6: AHDI p2 p3
[  844.036387][ T5995] loop6: partition table partially beyond EOD, truncated
[  844.063329][ T5995] loop6: p2 size 157513074 extends beyond EOD, truncated
[  844.099993][   T26] audit: type=1326 audit(1773183220.064:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz.4.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  844.140809][T13312] Dev loop6: unable to read RDB block 7
[  844.146754][T13312]  loop6: AHDI p2 p3
[  844.151877][T13312] loop6: partition table partially beyond EOD, truncated
[  844.170970][T13312] loop6: p2 size 157513074 extends beyond EOD, truncated
[  844.322297][   T26] audit: type=1326 audit(1773183220.064:763): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz.4.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  844.398724][   T26] audit: type=1326 audit(1773183220.064:764): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz.4.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  844.473532][T13320] netlink: 'syz.3.2327': attribute type 1 has an invalid length.
[  844.485469][T13320] netlink: 'syz.3.2327': attribute type 2 has an invalid length.
[  844.613238][   T26] audit: type=1326 audit(1773183220.064:765): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz.4.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  844.830019][ T5995] udevd[5995]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  844.845239][   T26] audit: type=1326 audit(1773183220.064:766): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz.4.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  845.084099][   T26] audit: type=1326 audit(1773183220.064:767): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13304 comm="syz.4.2324" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  846.808823][T13349] device syzkaller0 entered promiscuous mode
[  846.875066][T13352] loop6: detected capacity change from 0 to 7
[  846.908658][ T5995] Dev loop6: unable to read RDB block 7
[  846.915830][ T5995]  loop6: AHDI p2 p3
[  846.919786][ T5995] loop6: partition table partially beyond EOD, truncated
[  846.971657][ T5995] loop6: p2 size 157513074 extends beyond EOD, truncated
[  847.004123][T13352] Dev loop6: unable to read RDB block 7
[  847.011816][T13352]  loop6: AHDI p2 p3
[  847.016312][T13352] loop6: partition table partially beyond EOD, truncated
[  847.067071][T13352] loop6: p2 size 157513074 extends beyond EOD, truncated
[  847.534417][T13369] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2345'.
[  847.772033][T13375] netlink: 'syz.0.2347': attribute type 1 has an invalid length.
[  847.868749][T13375] 8021q: adding VLAN 0 to HW filter on device bond2
[  848.350461][T13387] vivid-004: =================  START STATUS  =================
[  848.396124][T13387] vivid-004: Radio HW Seek Mode: Bounded
[  848.427646][T13387] vivid-004: Radio Programmable HW Seek: false
[  848.488550][T13387] vivid-004: RDS Rx I/O Mode: Block I/O
[  848.521083][T13387] vivid-004: Generate RBDS Instead of RDS: false
[  848.551986][T13387] vivid-004: RDS Reception: true
[  848.557014][T13387] vivid-004: RDS Program Type: 0 inactive
[  848.596185][T13387] vivid-004: RDS PS Name:  inactive
[  848.626902][T13387] vivid-004: RDS Radio Text:  inactive
[  848.672201][T13387] vivid-004: RDS Traffic Announcement: false inactive
[  848.775867][T13387] vivid-004: RDS Traffic Program: false inactive
[  848.814489][T13387] vivid-004: RDS Music: false inactive
[  848.860646][T13387] vivid-004: ==================  END STATUS  ==================
[  849.541329][ T4316] usb 3-1: new full-speed USB device number 27 using dummy_hcd
[  849.773933][ T4316] usb 3-1: config index 0 descriptor too short (expected 28277, got 36)
[  849.812091][ T4316] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  849.884699][ T4316] usb 3-1: config 0 has no interfaces?
[  849.919950][ T4316] usb 3-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  849.960514][ T4316] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  850.040010][ T4316] usb 3-1: config 0 descriptor??
[  852.094317][ T4316] usb 3-1: USB disconnect, device number 27
[  852.371306][T13445] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  852.877163][T13461] netlink: 'syz.4.2368': attribute type 1 has an invalid length.
[  852.957767][T13461] 8021q: adding VLAN 0 to HW filter on device bond3
[  852.966837][T13459] ipt_ECN: cannot use operation on non-tcp rule
[  855.299904][T13501] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2378'.
[  855.648269][ T4316] usb 2-1: new full-speed USB device number 28 using dummy_hcd
[  855.808247][ T4316] usb 2-1: device descriptor read/64, error -71
[  855.962842][T13513] netlink: 'syz.4.2381': attribute type 1 has an invalid length.
[  856.051887][T13513] 8021q: adding VLAN 0 to HW filter on device bond4
[  856.078047][ T4316] usb 2-1: new full-speed USB device number 29 using dummy_hcd
[  856.238084][ T4316] usb 2-1: device descriptor read/64, error -71
[  856.368092][ T4316] usb usb2-port1: attempt power cycle
[  856.777802][ T4316] usb 2-1: new full-speed USB device number 30 using dummy_hcd
[  856.818108][ T4316] usb 2-1: device descriptor read/8, error -71
[  857.090203][ T4316] usb 2-1: new full-speed USB device number 31 using dummy_hcd
[  857.149589][ T4316] usb 2-1: device descriptor read/8, error -71
[  857.277825][ T4316] usb usb2-port1: unable to enumerate USB device
[  858.059709][ T4316] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  858.174462][T13539] netlink: 'syz.0.2386': attribute type 2 has an invalid length.
[  858.268731][ T4316] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  858.299299][ T4316] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  858.342833][ T4316] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  858.373243][ T4316] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  858.393603][ T4316] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  858.472901][ T4316] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  858.518682][T13548] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  858.543118][ T4316] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  858.574005][ T4316] usb 2-1: Product: syz
[  858.587640][ T4316] usb 2-1: Manufacturer: syz
[  858.624834][ T4316] cdc_wdm 2-1:1.0: skipping garbage
[  858.648378][ T4316] cdc_wdm 2-1:1.0: skipping garbage
[  858.675000][ T4316] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  858.688034][ T4316] cdc_wdm 2-1:1.0: Unknown control protocol
[  859.366489][ T4316] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  859.594316][ T4316] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  859.632442][ T4316] usb 4-1: config 0 interface 0 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  859.704375][ T4316] usb 4-1: config 0 interface 0 has no altsetting 0
[  859.721527][ T4316] usb 4-1: New USB device found, idVendor=0463, idProduct=1215, bcdDevice= 0.00
[  859.741952][ T4316] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  859.785668][ T4316] usb 4-1: config 0 descriptor??
[  859.831790][ T4316] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  860.672705][ T4316] usb 2-1: USB disconnect, device number 32
[  861.308693][T13578] tipc: Failed to remove unknown binding: 66,1,1/0:3615420340/3615420342
[  862.714788][T13590] siw: device registration error -23
[  863.454533][T13590] 9pnet_virtio: no channels available for device syz
[  864.506081][T13596] device syzkaller1 entered promiscuous mode
[  864.929674][ T4316] usb 4-1: USB disconnect, device number 20
[  865.063761][T13602] netlink: 'syz.0.2403': attribute type 2 has an invalid length.
[  865.689214][T13613] relay: one or more items not logged [item size (56) > sub-buffer size (3)]
[  865.837681][T13617] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2407'.
[  866.282652][T13617] 8021q: adding VLAN 0 to HW filter on device bond0
[  866.290790][T13617] 8021q: adding VLAN 0 to HW filter on device team0
[  866.327458][T13617] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  867.615566][   T26] kauditd_printk_skb: 77 callbacks suppressed
[  867.615577][   T26] audit: type=1326 audit(1773183243.796:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13633 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f2b9c799 code=0x7ffc0000
[  867.676866][T13637] loop6: detected capacity change from 0 to 7
[  867.793400][ T5995] Dev loop6: unable to read RDB block 7
[  867.799011][ T5995]  loop6: AHDI p2 p3
[  867.813193][T13638] netlink: 'syz.2.2411': attribute type 1 has an invalid length.
[  867.821848][T13638] netlink: 'syz.2.2411': attribute type 2 has an invalid length.
[  867.852375][T13638] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2411'.
[  867.870043][ T5995] loop6: partition table partially beyond EOD, truncated
[  867.889455][   T26] audit: type=1326 audit(1773183243.826:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13633 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f2b9c799 code=0x7ffc0000
[  867.938753][ T5995] loop6: p2 size 157513074 extends beyond EOD, truncated
[  867.977828][T13637] Dev loop6: unable to read RDB block 7
[  867.983475][T13637]  loop6: AHDI p2 p3
[  867.996743][T13637] loop6: partition table partially beyond EOD, truncated
[  868.033783][T13637] loop6: p2 size 157513074 extends beyond EOD, truncated
[  868.094637][   T26] audit: type=1326 audit(1773183243.836:847): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13633 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fb9f2b9c799 code=0x7ffc0000
[  868.265065][   T26] audit: type=1326 audit(1773183243.836:848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13633 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f2b9c799 code=0x7ffc0000
[  868.280029][ T5995] udevd[5995]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  868.391907][   T26] audit: type=1326 audit(1773183243.836:849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13633 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f2b9c799 code=0x7ffc0000
[  869.671395][T13644] 9pnet_virtio: no channels available for device syz
[  869.813996][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  869.820399][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  869.929120][   T26] audit: type=1326 audit(1773183243.836:850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13633 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb9f2b9c799 code=0x7ffc0000
[  869.933801][ T5995] udevd[5995]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  870.721775][   T26] audit: type=1326 audit(1773183243.836:851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13633 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f2b9c799 code=0x7ffc0000
[  870.861011][   T26] audit: type=1326 audit(1773183243.836:852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13633 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fb9f2b9c799 code=0x7ffc0000
[  870.987589][   T26] audit: type=1326 audit(1773183243.836:853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13633 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb9f2b9c799 code=0x7ffc0000
[  871.094768][   T26] audit: type=1326 audit(1773183243.836:854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13633 comm="syz.0.2410" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fb9f2b9c799 code=0x7ffc0000
[  871.247299][T13669] netlink: 'syz.1.2420': attribute type 1 has an invalid length.
[  871.271951][T13669] 8021q: adding VLAN 0 to HW filter on device bond2
[  872.535870][T13690] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2424'.
[  872.705837][T13690] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  872.723086][T13690] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  872.744537][T13690] 8021q: adding VLAN 0 to HW filter on device bond0
[  872.766730][T13690] 8021q: adding VLAN 0 to HW filter on device team0
[  872.805603][T13690] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  873.598846][T13704] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2428'.
[  873.787179][T13707] device syzkaller1 entered promiscuous mode
[  873.897341][ T4316] usb 5-1: new full-speed USB device number 20 using dummy_hcd
[  874.117749][ T4316] usb 5-1: config 1 has an invalid interface number: 128 but max is 1
[  874.142628][ T4316] usb 5-1: config 1 has an invalid descriptor of length 129, skipping remainder of the config
[  874.185620][ T4316] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  874.226244][ T4316] usb 5-1: config 1 has no interface number 0
[  874.246665][T13713] netlink: 'syz.2.2432': attribute type 1 has an invalid length.
[  874.286314][ T4316] usb 5-1: config 1 interface 128 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  874.336220][T13713] 8021q: adding VLAN 0 to HW filter on device bond3
[  874.381347][ T4316] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  874.408904][ T4316] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  874.419003][ T4316] usb 5-1: Product: syz
[  874.425463][ T4316] usb 5-1: Manufacturer: syz
[  874.430698][ T4316] usb 5-1: SerialNumber: syz
[  874.550307][ T4316] cdc_wdm: probe of 5-1:1.128 failed with error -22
[  874.769792][   T26] kauditd_printk_skb: 37 callbacks suppressed
[  874.769803][   T26] audit: type=1326 audit(1773183250.959:892): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0da99c799 code=0x7ffc0000
[  874.823743][   T26] audit: type=1326 audit(1773183250.989:893): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0da99c799 code=0x7ffc0000
[  874.863175][T13726] loop6: detected capacity change from 0 to 7
[  874.876696][T13729] device syzkaller0 entered promiscuous mode
[  874.922097][T13726] Dev loop6: unable to read RDB block 7
[  874.927781][T13726]  loop6: AHDI p2 p3
[  874.933070][T13726] loop6: partition table partially beyond EOD, truncated
[  874.957630][   T26] audit: type=1326 audit(1773183250.989:894): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fc0da99c799 code=0x7ffc0000
[  875.000866][T13726] loop6: p2 size 157513074 extends beyond EOD, truncated
[  875.091965][ T5995] udevd[5995]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  875.135967][   T26] audit: type=1326 audit(1773183250.989:895): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0da99c799 code=0x7ffc0000
[  875.214273][T13735] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  875.258117][   T26] audit: type=1326 audit(1773183250.989:896): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0da99c799 code=0x7ffc0000
[  875.333001][   T26] audit: type=1326 audit(1773183250.989:897): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc0da99c799 code=0x7ffc0000
[  875.432227][   T26] audit: type=1326 audit(1773183250.989:898): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0da99c799 code=0x7ffc0000
[  875.583477][   T26] audit: type=1326 audit(1773183250.989:899): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0da99c799 code=0x7ffc0000
[  875.703380][   T26] audit: type=1326 audit(1773183250.989:900): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7fc0da99c799 code=0x7ffc0000
[  875.768232][  T128] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  875.840973][   T26] audit: type=1326 audit(1773183250.989:901): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13721 comm="syz.3.2434" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc0da99c799 code=0x7ffc0000
[  875.988159][  T128] usb 2-1: Using ep0 maxpacket: 16
[  876.053548][  T128] usb 2-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice=38.b7
[  876.076348][  T128] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  876.171688][  T128] usb 2-1: Product: syz
[  876.181804][  T128] usb 2-1: Manufacturer: syz
[  876.200454][  T128] usb 2-1: SerialNumber: syz
[  876.212508][  T128] usb 2-1: config 0 descriptor??
[  876.269308][  T128] hub 2-1:0.0: bad descriptor, ignoring hub
[  876.275255][  T128] hub: probe of 2-1:0.0 failed with error -5
[  876.406170][T13757] netlink: 'syz.2.2441': attribute type 1 has an invalid length.
[  876.433211][T13757] netlink: 'syz.2.2441': attribute type 2 has an invalid length.
[  876.523859][T13757] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2441'.
[  877.304697][T13709] usb 5-1: USB disconnect, device number 20
[  879.066738][T10582] usb 2-1: USB disconnect, device number 33
[  879.673919][T13796] loop6: detected capacity change from 0 to 7
[  879.702422][ T5995] Dev loop6: unable to read RDB block 7
[  879.712177][ T5995]  loop6: AHDI p2 p3
[  879.730835][ T5995] loop6: partition table partially beyond EOD, truncated
[  879.794601][ T5995] loop6: p2 size 157513074 extends beyond EOD, truncated
[  879.851645][T13796] Dev loop6: unable to read RDB block 7
[  879.862017][T13796]  loop6: AHDI p2 p3
[  879.873653][T13796] loop6: partition table partially beyond EOD, truncated
[  879.897804][T13796] loop6: p2 size 157513074 extends beyond EOD, truncated
[  879.949752][   T26] kauditd_printk_skb: 94 callbacks suppressed
[  879.949765][   T26] audit: type=1326 audit(1773183256.142:996): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13795 comm="syz.4.2449" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x7ffc0000
[  880.057249][ T5995] udevd[5995]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  880.119803][ T5995] udevd[5995]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  880.125190][T13804] device syzkaller0 entered promiscuous mode
[  880.313415][T13810] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2452'.
[  881.075622][ T4316] usb 5-1: new full-speed USB device number 21 using dummy_hcd
[  881.104462][T13825] netlink: 'syz.3.2456': attribute type 1 has an invalid length.
[  881.147872][T13825] netlink: 'syz.3.2456': attribute type 2 has an invalid length.
[  881.313566][T13825] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2456'.
[  881.375904][ T4316] usb 5-1: too many configurations: 109, using maximum allowed: 8
[  881.675314][ T4316] usb 5-1: unable to read config index 0 descriptor/start: -61
[  881.804635][ T4316] usb 5-1: can't read configurations, error -61
[  882.045354][ T4316] usb 5-1: new full-speed USB device number 22 using dummy_hcd
[  882.269061][ T4316] usb 5-1: too many configurations: 109, using maximum allowed: 8
[  882.313341][ T4316] usb 5-1: unable to read config index 0 descriptor/start: -61
[  882.328663][ T4316] usb 5-1: can't read configurations, error -61
[  882.358290][ T4316] usb usb5-port1: attempt power cycle
[  882.784815][ T4316] usb 5-1: new full-speed USB device number 23 using dummy_hcd
[  882.898921][ T4316] usb 5-1: too many configurations: 109, using maximum allowed: 8
[  882.960307][ T4316] usb 5-1: unable to read config index 0 descriptor/start: -61
[  882.979439][ T4316] usb 5-1: can't read configurations, error -61
[  883.023954][T13851] netlink: 'syz.3.2461': attribute type 13 has an invalid length.
[  883.144658][ T4316] usb 5-1: new full-speed USB device number 24 using dummy_hcd
[  883.424184][   T26] audit: type=1326 audit(1773183259.604:997): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13854 comm="syz.1.2463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  883.477666][T13856] loop6: detected capacity change from 0 to 7
[  883.508837][ T5995] Dev loop6: unable to read RDB block 7
[  883.521503][ T5995]  loop6: AHDI p2 p3
[  883.545050][ T5995] loop6: partition table partially beyond EOD, truncated
[  883.552935][   T26] audit: type=1326 audit(1773183259.644:998): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13854 comm="syz.1.2463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  883.634341][ T5995] loop6: p2 size 157513074 extends beyond EOD, truncated
[  883.665594][T13856] Dev loop6: unable to read RDB block 7
[  883.677112][T13856]  loop6: AHDI p2 p3
[  883.678264][   T26] audit: type=1326 audit(1773183259.644:999): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13854 comm="syz.1.2463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  883.681088][T13856] loop6: partition table partially beyond EOD, truncated
[  883.748361][T13856] loop6: p2 size 157513074 extends beyond EOD, truncated
[  883.817295][   T26] audit: type=1326 audit(1773183259.644:1000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13854 comm="syz.1.2463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  883.932069][   T26] audit: type=1326 audit(1773183259.644:1001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13854 comm="syz.1.2463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  884.064085][   T26] audit: type=1326 audit(1773183259.644:1002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13854 comm="syz.1.2463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  884.233277][   T26] audit: type=1326 audit(1773183259.644:1003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13854 comm="syz.1.2463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  884.376010][ T5995] udevd[5995]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  884.388031][   T26] audit: type=1326 audit(1773183259.644:1004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13854 comm="syz.1.2463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  884.538977][   T26] audit: type=1326 audit(1773183259.644:1005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13854 comm="syz.1.2463" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f41a2b9c799 code=0x7ffc0000
[  884.796380][ T4316] usb 5-1: device descriptor read/8, error -71
[  884.913847][ T4316] usb usb5-port1: unable to enumerate USB device
[  885.393547][ T4316] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  885.613386][ T4316] usb 5-1: Using ep0 maxpacket: 32
[  885.620161][ T4316] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  885.776444][ T4316] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  885.866564][T13883] netlink: 'syz.3.2472': attribute type 1 has an invalid length.
[  885.874787][T13883] netlink: 'syz.3.2472': attribute type 2 has an invalid length.
[  885.903200][ T4316] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  885.928177][T13884] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  885.943909][ T4316] usb 5-1: Product: syz
[  886.019372][T13883] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2472'.
[  886.044046][ T4316] usb 5-1: Manufacturer: syz
[  886.061758][ T4316] usb 5-1: SerialNumber: syz
[  886.081739][ T4316] usb 5-1: config 0 descriptor??
[  886.112099][T13865] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  887.810459][T13915] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2477'.
[  888.139992][T10582] usb 5-1: USB disconnect, device number 25
[  888.334265][ T4316] usb 2-1: new full-speed USB device number 34 using dummy_hcd
[  888.555372][ T4316] usb 2-1: too many configurations: 109, using maximum allowed: 8
[  888.570236][ T4316] usb 2-1: unable to read config index 0 descriptor/start: -61
[  888.705842][ T4316] usb 2-1: can't read configurations, error -61
[  888.840156][T13934] netlink: 'syz.0.2481': attribute type 1 has an invalid length.
[  888.851050][T13934] netlink: 'syz.0.2481': attribute type 2 has an invalid length.
[  888.867430][T13934] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2481'.
[  888.876758][ T4316] usb 2-1: new full-speed USB device number 35 using dummy_hcd
[  889.202622][ T4316] usb 2-1: too many configurations: 109, using maximum allowed: 8
[  889.302958][ T4316] usb 2-1: unable to read config index 0 descriptor/start: -61
[  889.518530][ T4316] usb 2-1: can't read configurations, error -61
[  889.554425][ T4316] usb usb2-port1: attempt power cycle
[  890.031077][ T4316] usb 2-1: new full-speed USB device number 36 using dummy_hcd
[  890.075405][ T4316] usb 2-1: too many configurations: 109, using maximum allowed: 8
[  890.103809][ T4316] usb 2-1: unable to read config index 0 descriptor/start: -61
[  890.130275][ T4316] usb 2-1: can't read configurations, error -61
[  890.321016][ T4316] usb 2-1: new full-speed USB device number 37 using dummy_hcd
[  890.371919][ T4316] usb 2-1: too many configurations: 109, using maximum allowed: 8
[  890.420396][ T4316] usb 2-1: unable to read config index 0 descriptor/start: -61
[  890.523692][T13941] relay: one or more items not logged [item size (56) > sub-buffer size (3)]
[  890.545281][ T4316] usb 2-1: can't read configurations, error -61
[  890.621175][ T4316] usb usb2-port1: unable to enumerate USB device
[  891.154310][T13952] netlink: 'syz.2.2485': attribute type 1 has an invalid length.
[  891.164967][T13952] netlink: 'syz.2.2485': attribute type 2 has an invalid length.
[  891.174027][T13952] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2485'.
[  891.433755][T13952] 8021q: adding VLAN 0 to HW filter on device bond0
[  891.514845][T13952] 8021q: adding VLAN 0 to HW filter on device team0
[  891.555350][T13952] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  891.678587][T13962] ipt_ECN: cannot use operation on non-tcp rule
[  891.750275][ T4316] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  891.990086][ T4316] usb 5-1: Using ep0 maxpacket: 32
[  891.996692][ T4316] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  892.034409][ T4316] usb 5-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  892.074982][ T4316] usb 5-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  892.106935][ T4316] usb 5-1: Product: syz
[  892.115739][ T4316] usb 5-1: Manufacturer: syz
[  892.152044][ T4316] usb 5-1: SerialNumber: syz
[  892.172524][ T4316] usb 5-1: config 0 descriptor??
[  892.190692][T13957] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  894.247951][T13978] tunl0: Caught tx_queue_len zero misconfig
[  894.375175][ T4316] usb 5-1: USB disconnect, device number 26
[  894.679146][T13986] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  895.402900][   T26] kauditd_printk_skb: 44 callbacks suppressed
[  895.402915][   T26] audit: type=1326 audit(1773183271.600:1050): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13987 comm="syz.4.2497" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0e5d39c799 code=0x0
[  896.938056][T14018] ipt_ECN: cannot use operation on non-tcp rule
[  897.460464][T14029] netlink: 'syz.3.2503': attribute type 1 has an invalid length.
[  897.472249][T14029] netlink: 'syz.3.2503': attribute type 2 has an invalid length.
[  897.484750][T14029] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2503'.
[  897.603017][T14036] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  899.015858][T14044] netlink: 'syz.4.2506': attribute type 1 has an invalid length.
[  899.052969][T14046] relay: one or more items not logged [item size (56) > sub-buffer size (3)]
[  899.072369][T14044] netlink: 'syz.4.2506': attribute type 2 has an invalid length.
[  899.131489][T14044] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2506'.
[  902.042117][T14087] netlink: 'syz.2.2516': attribute type 1 has an invalid length.
[  902.050149][T14087] netlink: 'syz.2.2516': attribute type 2 has an invalid length.
[  902.653853][T14087] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2516'.
[  902.817733][T14087] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  902.922486][T14094] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2518'.
[  902.931645][T14094] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2518'.
[  903.647563][T14103] device syzkaller0 entered promiscuous mode
[  905.729887][T14133] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  906.770755][T14151] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  907.894823][T14168] lo: Caught tx_queue_len zero misconfig
[  910.969278][T14197] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  911.069299][T14200] netlink: 'syz.1.2549': attribute type 1 has an invalid length.
[  911.077518][T14200] netlink: 'syz.1.2549': attribute type 2 has an invalid length.
[  911.091520][T14200] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2549'.
[  912.266802][T14211] device syzkaller0 entered promiscuous mode
[  912.291382][T14216] netlink: 'syz.0.2553': attribute type 1 has an invalid length.
[  912.301240][T14216] netlink: 'syz.0.2553': attribute type 2 has an invalid length.
[  912.363742][T14216] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2553'.
[  916.616826][T14263] batman_adv: batadv0: Removing interface: batadv_slave_0
[  917.198142][ T4316] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  917.277165][T14279] netlink: 'syz.0.2568': attribute type 1 has an invalid length.
[  917.285589][T14279] netlink: 'syz.0.2568': attribute type 2 has an invalid length.
[  917.299154][T14279] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2568'.
[  917.407491][ T4316] usb 4-1: Using ep0 maxpacket: 32
[  917.414387][ T4316] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  917.496057][ T4316] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  917.558479][ T4316] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  917.751747][ T4316] usb 4-1: Product: syz
[  917.795878][ T4316] usb 4-1: Manufacturer: syz
[  917.824244][ T4316] usb 4-1: SerialNumber: syz
[  917.845545][ T4316] usb 4-1: config 0 descriptor??
[  917.874500][T14275] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  919.713535][T14294] device syzkaller1 entered promiscuous mode
[  919.926983][T10582] usb 4-1: USB disconnect, device number 21
[  920.187892][T14310] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  920.714098][T14322] netlink: 'syz.4.2581': attribute type 1 has an invalid length.
[  920.723625][T14322] netlink: 'syz.4.2581': attribute type 2 has an invalid length.
[  920.733848][T14322] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2581'.
[  920.750955][T14322] 8021q: adding VLAN 0 to HW filter on device bond0
[  920.759461][T14322] 8021q: adding VLAN 0 to HW filter on device team0
[  920.769450][T14322] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  923.069607][T14340] ipt_ECN: cannot use operation on non-tcp rule
[  923.574417][T10582] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  923.777644][T10582] usb 3-1: Using ep0 maxpacket: 32
[  923.786118][T14358] loop2: detected capacity change from 0 to 7
[  923.793186][ T5995] Dev loop2: unable to read RDB block 7
[  923.802341][ T5995]  loop2: AHDI p2 p3
[  923.807078][T10582] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  923.847737][ T5995] loop2: partition table partially beyond EOD, truncated
[  923.848416][T14353] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  923.880425][T10582] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  923.894825][T10582] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  923.910081][T10582] usb 3-1: Product: syz
[  923.915519][T14358] Dev loop2: unable to read RDB block 7
[  923.918992][T10582] usb 3-1: Manufacturer: syz
[  923.921182][T14358]  loop2: AHDI p2 p3
[  923.928386][T10582] usb 3-1: SerialNumber: syz
[  923.933681][T14358] loop2: partition table partially beyond EOD, truncated
[  923.950133][T10582] usb 3-1: config 0 descriptor??
[  923.958572][T14347] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  924.999464][   T26] audit: type=1326 audit(1773183301.205:1051): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14361 comm="syz.3.2592" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc0da99c799 code=0x0
[  926.506476][ T4316] usb 3-1: USB disconnect, device number 28
[  926.647953][T14394] device syzkaller1 entered promiscuous mode
[  927.707071][T14416] MPTCP: kernel_bind error, err=-98
[  928.182140][ T4316] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  928.209108][T14425] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2611'.
[  928.422076][ T4316] usb 2-1: Using ep0 maxpacket: 32
[  928.433061][ T4316] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  928.480280][ T4316] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  928.508860][ T4316] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  928.541996][ T4316] usb 2-1: Product: syz
[  928.555017][ T4316] usb 2-1: Manufacturer: syz
[  928.562300][ T4316] usb 2-1: SerialNumber: syz
[  928.583282][ T4316] usb 2-1: config 0 descriptor??
[  928.599192][T14420] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  928.800051][T14434] device syzkaller1 entered promiscuous mode
[  930.372316][T14443] netlink: 'syz.2.2618': attribute type 1 has an invalid length.
[  930.380188][T14443] netlink: 'syz.2.2618': attribute type 2 has an invalid length.
[  930.392084][T14443] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2618'.
[  930.403416][T14443] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  930.915644][T10582] usb 2-1: USB disconnect, device number 38
[  931.173858][T14453] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  931.223008][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  931.229357][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  931.530365][ T4316] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  931.750206][ T4316] usb 2-1: Using ep0 maxpacket: 16
[  931.774836][ T4316] usb 2-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice=38.b7
[  931.800320][ T4316] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  931.826669][ T4316] usb 2-1: Product: syz
[  931.845259][ T4316] usb 2-1: Manufacturer: syz
[  931.857100][ T4316] usb 2-1: SerialNumber: syz
[  931.897687][ T4316] usb 2-1: config 0 descriptor??
[  931.950202][T14474] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2624'.
[  931.965411][ T4316] hub 2-1:0.0: bad descriptor, ignoring hub
[  932.091658][ T4316] hub: probe of 2-1:0.0 failed with error -5
[  932.678278][T14482] device syzkaller0 entered promiscuous mode
[  932.919613][ T4316] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  933.114884][ T4316] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  933.134518][ T4316] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  933.167402][ T4316] usb 5-1: Product: syz
[  933.177634][ T4316] usb 5-1: Manufacturer: syz
[  933.188875][ T4316] usb 5-1: SerialNumber: syz
[  933.571371][ T4316] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71
[  933.627812][ T4316] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -71
[  933.674268][ T4316] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71
[  933.728195][ T4316] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  933.786630][ T4316] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  933.851769][ T4316] lan78xx: probe of 5-1:1.0 failed with error -71
[  933.900649][ T4316] usb 5-1: USB disconnect, device number 27
[  934.179178][  T125] usb 2-1: USB disconnect, device number 39
[  935.229891][  T125] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  935.428403][  T125] usb 4-1: Using ep0 maxpacket: 32
[  935.435534][  T125] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  935.529271][  T125] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  935.539474][  T125] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  935.547738][  T125] usb 4-1: Product: syz
[  935.552479][  T125] usb 4-1: Manufacturer: syz
[  935.557115][  T125] usb 4-1: SerialNumber: syz
[  935.568105][  T125] usb 4-1: config 0 descriptor??
[  935.575561][T14505] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  937.897250][T10582] usb 4-1: USB disconnect, device number 22
[  938.014909][T14487] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  938.026915][T14488] device syzkaller0 entered promiscuous mode
[  938.039518][T14511] netlink: 'syz.0.2632': attribute type 1 has an invalid length.
[  938.048586][T14511] netlink: 'syz.0.2632': attribute type 2 has an invalid length.
[  938.077545][T14512] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2632'.
[  938.189931][T14512] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  938.214469][T14512] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  938.226032][T14512] 8021q: adding VLAN 0 to HW filter on device bond0
[  938.233993][T14512] 8021q: adding VLAN 0 to HW filter on device team0
[  938.246060][T14512] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  938.268220][T14488] tipc: Resetting bearer <eth:syzkaller0>
[  938.311109][T14488] tipc: Disabling bearer <eth:syzkaller0>
[  938.339827][T14523] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2634'.
[  938.667813][T10582] usb 5-1: new full-speed USB device number 28 using dummy_hcd
[  938.747192][ T4316] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  938.878834][T10582] usb 5-1: unable to read config index 0 descriptor/start: -61
[  938.892512][T10582] usb 5-1: can't read configurations, error -61
[  939.026652][ T4316] usb 2-1: Using ep0 maxpacket: 8
[  939.066667][T10582] usb 5-1: new full-speed USB device number 29 using dummy_hcd
[  939.104224][ T4316] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  939.194018][ T4316] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  939.488532][ T4316] usb 2-1: New USB device found, idVendor=0402, idProduct=5602, bcdDevice=35.76
[  939.497212][T10582] usb 5-1: unable to read config index 0 descriptor/start: -61
[  939.516155][T10582] usb 5-1: can't read configurations, error -61
[  939.553092][T10582] usb usb5-port1: attempt power cycle
[  939.700114][ T4316] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  939.772541][ T4316] usb 2-1: Product: syz
[  939.794602][ T4316] usb 2-1: Manufacturer: syz
[  939.819710][ T4316] usb 2-1: SerialNumber: syz
[  939.850044][ T4316] usb 2-1: config 0 descriptor??
[  939.939535][T14547] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2641'.
[  939.986056][T10582] usb 5-1: new full-speed USB device number 30 using dummy_hcd
[  940.057789][T10582] usb 5-1: unable to read config index 0 descriptor/start: -61
[  940.110351][T10582] usb 5-1: can't read configurations, error -61
[  940.275914][T10582] usb 5-1: new full-speed USB device number 31 using dummy_hcd
[  940.369475][T10582] usb 5-1: unable to read config index 0 descriptor/start: -61
[  940.395645][T10582] usb 5-1: can't read configurations, error -61
[  940.453933][T10582] usb usb5-port1: unable to enumerate USB device
[  941.164123][T14555] rtc_cmos 00:00: Alarms can be up to one day in the future
[  941.982191][ T4316] rtc_cmos 00:00: Alarms can be up to one day in the future
[  941.982412][ T4316] rtc_cmos 00:00: Alarms can be up to one day in the future
[  941.982588][ T4316] rtc_cmos 00:00: Alarms can be up to one day in the future
[  941.982768][ T4316] rtc_cmos 00:00: Alarms can be up to one day in the future
[  941.982783][ T4316] rtc rtc0: __rtc_set_alarm: err=-22
[  942.530878][ T4316] usb 2-1: USB disconnect, device number 40
[  943.696155][T14589] loop6: detected capacity change from 0 to 7
[  943.737640][ T5995] Dev loop6: unable to read RDB block 7
[  943.744540][ T5995]  loop6: AHDI p2 p3
[  943.768043][ T5995] loop6: partition table partially beyond EOD, truncated
[  943.811769][ T5995] loop6: p2 size 157513074 extends beyond EOD, truncated
[  943.859517][T14589] Dev loop6: unable to read RDB block 7
[  943.897737][T14589]  loop6: AHDI p2 p3
[  943.924842][T14589] loop6: partition table partially beyond EOD, truncated
[  943.959250][T14589] loop6: p2 size 157513074 extends beyond EOD, truncated
[  944.574618][ T5995] udevd[5995]: inotify_add_watch(7, /dev/loop6p2, 10) failed: No such file or directory
[  944.605614][T14598] netlink: 'syz.4.2654': attribute type 10 has an invalid length.
[  944.615832][T14598] bond0: (slave wlan1): Opening slave failed
[  944.615982][T14595] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2652'.
[  944.918373][T14615] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2656'.
[  945.273557][T10582] usb 5-1: new full-speed USB device number 32 using dummy_hcd
[  945.498858][T10582] usb 5-1: unable to read config index 0 descriptor/start: -61
[  945.513508][T10582] usb 5-1: can't read configurations, error -61
[  945.684344][T10582] usb 5-1: new full-speed USB device number 33 using dummy_hcd
[  945.881619][T10582] usb 5-1: unable to read config index 0 descriptor/start: -61
[  945.901524][T10582] usb 5-1: can't read configurations, error -61
[  945.940380][T10582] usb usb5-port1: attempt power cycle
[  946.392880][T10582] usb 5-1: new full-speed USB device number 34 using dummy_hcd
[  946.479260][T10582] usb 5-1: unable to read config index 0 descriptor/start: -61
[  946.495259][T10582] usb 5-1: can't read configurations, error -61
[  946.682750][T10582] usb 5-1: new full-speed USB device number 35 using dummy_hcd
[  946.745082][T10582] usb 5-1: unable to read config index 0 descriptor/start: -61
[  946.764120][T10582] usb 5-1: can't read configurations, error -61
[  946.799872][T10582] usb usb5-port1: unable to enumerate USB device
[  947.254426][T14631] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2660'.
[  947.873791][T14635] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  948.246554][T14642] trusted_key: encrypted_key: insufficient parameters specified
[  948.758897][T14652] loop6: detected capacity change from 0 to 7
[  948.786205][ T5995] Dev loop6: unable to read RDB block 7
[  948.796136][ T5995]  loop6: AHDI p2 p3
[  948.829573][ T5995] loop6: partition table partially beyond EOD, truncated
[  948.855165][ T5995] loop6: p2 size 157513074 extends beyond EOD, truncated
[  948.882812][T14652] Dev loop6: unable to read RDB block 7
[  948.890983][T14652]  loop6: AHDI p2 p3
[  948.916858][T14652] loop6: partition table partially beyond EOD, truncated
[  948.943766][T14652] loop6: p2 size 157513074 extends beyond EOD, truncated
[  948.959962][T14656] device syzkaller1 entered promiscuous mode
[  950.161985][T14669] device syzkaller0 entered promiscuous mode
[  950.340946][T10582] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  950.553001][T10582] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  950.596204][T10582] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  950.618294][T10582] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  950.633890][T10582] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  950.657816][T10582] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  950.690324][T10582] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  950.707790][T10582] usb 2-1: Manufacturer: syz
[  950.741030][T10582] usb 2-1: config 0 descriptor??
[  950.818788][T14685] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  951.154578][T10582] appleir 0003:05AC:8243.0005: unknown main item tag 0x0
[  951.168616][T10582] appleir 0003:05AC:8243.0005: No inputs registered, leaving
[  951.194265][T10582] appleir 0003:05AC:8243.0005: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  951.462611][T10582] usb 2-1: USB disconnect, device number 41
[  952.085734][T14703] trusted_key: encrypted_key: insufficient parameters specified
[  952.317922][T14708] device syzkaller0 entered promiscuous mode
[  952.965914][T14719] batman_adv: batadv0: Removing interface: batadv_slave_0
[  953.465827][T14726] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  953.679317][  T128] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  953.849417][  T128] usb 3-1: device descriptor read/64, error -71
[  953.928293][T14734] loop6: detected capacity change from 0 to 7
[  953.978556][ T5995] Dev loop6: unable to read RDB block 7
[  953.994599][ T5995]  loop6: AHDI p2 p3
[  954.003129][ T5995] loop6: partition table partially beyond EOD, truncated
[  954.018760][ T5995] loop6: p2 size 157513074 extends beyond EOD, truncated
[  954.033268][T14734] Dev loop6: unable to read RDB block 7
[  954.043443][T14734]  loop6: AHDI p2 p3
[  954.047845][T14734] loop6: partition table partially beyond EOD, truncated
[  954.066041][T14734] loop6: p2 size 157513074 extends beyond EOD, truncated
[  954.129804][  T128] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  954.190822][T14741] device syzkaller0 entered promiscuous mode
[  954.299193][  T128] usb 3-1: device descriptor read/64, error -71
[  954.358897][T10582] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  954.439501][  T128] usb usb3-port1: attempt power cycle
[  954.558940][T10582] usb 5-1: Using ep0 maxpacket: 16
[  954.573071][T10582] usb 5-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice=38.b7
[  954.595190][T10582] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  954.613929][T10582] usb 5-1: Product: syz
[  954.628335][T10582] usb 5-1: Manufacturer: syz
[  954.638620][T10582] usb 5-1: SerialNumber: syz
[  954.666627][T10582] usb 5-1: config 0 descriptor??
[  954.679632][T10582] hub 5-1:0.0: bad descriptor, ignoring hub
[  954.685766][T10582] hub: probe of 5-1:0.0 failed with error -5
[  954.848658][  T128] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  954.907439][  T128] usb 3-1: device descriptor read/8, error -71
[  955.188508][  T128] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  955.229606][  T128] usb 3-1: device descriptor read/8, error -71
[  955.368737][  T128] usb usb3-port1: unable to enumerate USB device
[  956.215411][T14768] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  956.855107][T14782] device syzkaller0 entered promiscuous mode
[  957.139723][  T128] usb 5-1: USB disconnect, device number 36
[  957.306486][T14796] device syzkaller0 entered promiscuous mode
[  957.325982][T14798] loop6: detected capacity change from 0 to 7
[  957.345277][ T5995] Dev loop6: unable to read RDB block 7
[  957.351657][ T5995]  loop6: AHDI p2 p3
[  957.374433][ T5995] loop6: partition table partially beyond EOD, truncated
[  957.385604][ T5995] loop6: p2 size 157513074 extends beyond EOD, truncated
[  957.429941][T14798] Dev loop6: unable to read RDB block 7
[  957.436703][T14798]  loop6: AHDI p2 p3
[  957.444753][T14798] loop6: partition table partially beyond EOD, truncated
[  957.469087][T14798] loop6: p2 size 157513074 extends beyond EOD, truncated
[  958.389908][T14815] kAFS: unable to lookup cell '(,c¾Ì'
[  959.236634][ T4316] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  959.402778][ T4316] usb 2-1: device descriptor read/64, error -71
[  959.685322][ T4316] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  959.853033][ T4316] usb 2-1: device descriptor read/64, error -71
[  959.981140][ T4316] usb usb2-port1: attempt power cycle
[  960.398615][ T4316] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  960.441008][ T4316] usb 2-1: device descriptor read/8, error -71
[  960.715869][ T4316] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  960.767503][ T4316] usb 2-1: device descriptor read/8, error -71
[  960.900419][ T4316] usb usb2-port1: unable to enumerate USB device
[  961.544358][T14829] device syzkaller0 entered promiscuous mode
[  961.885202][T10582] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  962.077741][T10582] usb 4-1: Using ep0 maxpacket: 16
[  962.087193][T10582] usb 4-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice=38.b7
[  962.099252][T10582] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  962.109432][T10582] usb 4-1: Product: syz
[  962.118064][T10582] usb 4-1: Manufacturer: syz
[  962.122934][T10582] usb 4-1: SerialNumber: syz
[  962.134404][T10582] usb 4-1: config 0 descriptor??
[  962.146796][T10582] hub 4-1:0.0: bad descriptor, ignoring hub
[  962.160193][T10582] hub: probe of 4-1:0.0 failed with error -5
[  962.725522][T14856] MPTCP: kernel_bind error, err=-98
[  962.844205][T14858] netlink: 'syz.2.2727': attribute type 1 has an invalid length.
[  962.860585][T14858] netlink: 'syz.2.2727': attribute type 2 has an invalid length.
[  962.877940][T14858] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2727'.
[  963.981421][T14861] device syzkaller0 entered promiscuous mode
[  964.653936][ T4316] usb 4-1: USB disconnect, device number 23
[  965.711421][T14878] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  966.704121][T14863] lo: Caught tx_queue_len zero misconfig
[  966.731515][T14868] netlink: 'syz.3.2730': attribute type 21 has an invalid length.
[  966.761040][T14868] netlink: 120 bytes leftover after parsing attributes in process `syz.3.2730'.
[  966.783773][T14868] netlink: 'syz.3.2730': attribute type 1 has an invalid length.
[  966.801858][T14868] netlink: 9 bytes leftover after parsing attributes in process `syz.3.2730'.
[  967.558879][T14904] netlink: 'syz.1.2739': attribute type 1 has an invalid length.
[  967.571245][T14905] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2738'.
[  967.589179][T14904] netlink: 'syz.1.2739': attribute type 2 has an invalid length.
[  967.815608][T14904] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2739'.
[  968.604435][T10582] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  968.831702][T10582] usb 3-1: Using ep0 maxpacket: 16
[  968.843389][T10582] usb 3-1: New USB device found, idVendor=0644, idProduct=8021, bcdDevice=38.b7
[  968.907063][T10582] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  968.947179][T10582] usb 3-1: Product: syz
[  968.952289][T10582] usb 3-1: Manufacturer: syz
[  968.961800][T10582] usb 3-1: SerialNumber: syz
[  968.983939][T10582] usb 3-1: config 0 descriptor??
[  969.012600][T10582] hub 3-1:0.0: bad descriptor, ignoring hub
[  969.028788][T10582] hub: probe of 3-1:0.0 failed with error -5
[  969.410393][T14919] device syzkaller0 entered promiscuous mode
[  969.512241][T14925] usb usb1: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  969.701292][T13709] usb 2-1: new full-speed USB device number 46 using dummy_hcd
[  969.916216][T13709] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  969.935433][T13709] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  969.944620][T13709] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  969.955042][T13709] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  969.965986][T13709] usb 2-1: config 0 descriptor??
[  970.213340][T13709] usb 2-1: string descriptor 0 read error: -71
[  970.234636][T13709] usb 2-1: USB disconnect, device number 46
[  971.402620][ T4311] usb 3-1: USB disconnect, device number 33
[  971.907219][T14939] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  972.547419][T14954] netlink: 'syz.4.2753': attribute type 1 has an invalid length.
[  972.563661][T14954] netlink: 'syz.4.2753': attribute type 2 has an invalid length.
[  972.594768][T14954] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2753'.
[  973.928753][T14964] loop2: detected capacity change from 0 to 7
[  973.950001][ T5995] Dev loop2: unable to read RDB block 7
[  973.955584][ T5995]  loop2: AHDI p2 p3
[  973.988890][ T5995] loop2: partition table partially beyond EOD, truncated
[  974.018333][T14964] Dev loop2: unable to read RDB block 7
[  974.039128][T14964]  loop2: AHDI p2 p3
[  974.043187][T14964] loop2: partition table partially beyond EOD, truncated
[  974.638011][T14981] ucma_write: process 1972 (syz.1.2760) changed security contexts after opening file descriptor, this is not allowed.
[  974.652292][T14984] lo: Caught tx_queue_len zero misconfig
[  974.765368][T14986] device syzkaller0 entered promiscuous mode
[  978.080909][T15021] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  978.988162][T15028] batman_adv: batadv0: Removing interface: batadv_slave_0
[  979.173850][T15030] loop2: detected capacity change from 0 to 7
[  979.195546][ T5995] Dev loop2: unable to read RDB block 7
[  979.211943][ T5995]  loop2: AHDI p2 p3
[  979.231108][ T5995] loop2: partition table partially beyond EOD, truncated
[  979.272599][T15030] Dev loop2: unable to read RDB block 7
[  979.292259][T15030]  loop2: AHDI p2 p3
[  979.307411][T15030] loop2: partition table partially beyond EOD, truncated
[  979.646233][ T4311] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  979.796383][T10582] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  979.806773][ T4311] usb 3-1: device descriptor read/64, error -71
[  979.813720][T15049] trusted_key: encrypted_key: key user:syz not found
[  980.000799][T10582] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 14385, setting to 1024
[  980.053551][T10582] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  980.064180][T10582] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  980.079657][T10582] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  980.089694][ T4311] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  980.102074][T10582] usb 4-1: config 0 descriptor??
[  980.110520][T15042] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  980.246012][ T4311] usb 3-1: device descriptor read/64, error -71
[  980.376797][ T4311] usb usb3-port1: attempt power cycle
[  980.785736][ T4311] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  980.826327][ T4311] usb 3-1: device descriptor read/8, error -71
[  981.105538][ T4311] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  981.146143][ T4311] usb 3-1: device descriptor read/8, error -71
[  981.266579][ T4311] usb usb3-port1: unable to enumerate USB device
[  981.500208][T15075] device syzkaller0 entered promiscuous mode
[  981.919162][ T4316] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  982.105330][ T4316] usb 5-1: Using ep0 maxpacket: 32
[  982.119440][ T4316] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  982.174158][ T4316] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  982.251661][ T4316] usb 5-1: config 0 descriptor??
[  982.479801][ T4316] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  982.514075][ T4316] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  982.533585][ T4316] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  982.543938][ T4316] usb 5-1: media controller created
[  982.594101][ T4316] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  982.688545][ T4316] az6027: usb out operation failed. (-71)
[  982.709961][ T4316] az6027: usb out operation failed. (-71)
[  982.740621][ T4316] stb0899_attach: Driver disabled by Kconfig
[  982.768110][ T4316] az6027: no front-end attached
[  982.768110][ T4316] 
[  982.788980][ T4316] az6027: usb out operation failed. (-71)
[  982.819558][ T4316] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  982.851185][ T4316] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input8
[  982.884384][ T4316] dvb-usb: schedule remote query interval to 400 msecs.
[  982.898253][ T4316] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  982.940796][ T4316] usb 5-1: USB disconnect, device number 37
[  983.735832][T15098] vhci_hcd: Failed attach request for unsupported USB speed: super-speed-plus
[  992.633738][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  992.640126][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  998.275445][ T4277] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  998.286609][ T4277] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  998.296094][ T4277] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  998.304495][ T4277] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  998.314359][T15121] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  998.322919][T15121] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  998.810539][ T4277] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  998.820753][ T4277] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  998.834175][ T4277] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  998.842867][ T4277] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  998.854050][ T4277] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  998.863139][T15127] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  998.879300][T15127] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  998.888984][T15127] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  998.896331][T15127] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  998.938068][ T4277] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  998.945407][ T4277] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  998.977494][T15127] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  998.993006][T15121] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  999.002874][T15121] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  999.011560][T15121] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  999.027357][T15121] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  999.035004][T15121] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  999.042737][T15121] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  999.184152][T15121] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  999.195982][T15121] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  999.206022][T15121] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  999.214496][T15121] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  999.222427][T15121] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  999.230367][T15121] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[ 1000.396143][T15121] Bluetooth: hci5: command 0x0409 tx timeout
[ 1001.026054][T15121] Bluetooth: hci6: command 0x0409 tx timeout
[ 1001.115719][T15121] Bluetooth: hci7: command 0x0409 tx timeout
[ 1001.147491][T15127] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[ 1001.159187][T15127] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[ 1001.168291][T15127] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[ 1001.176808][ T4277] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[ 1001.185335][ T4277] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[ 1001.192661][ T4277] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[ 1001.265584][ T4277] Bluetooth: hci8: command 0x0409 tx timeout
[ 1002.475052][ T4277] Bluetooth: hci5: command 0x041b tx timeout
[ 1003.114861][ T4277] Bluetooth: hci6: command 0x041b tx timeout
[ 1003.184517][ T4277] Bluetooth: hci7: command 0x041b tx timeout
[ 1003.264638][ T4277] Bluetooth: hci9: command 0x0409 tx timeout
[ 1003.344525][ T4277] Bluetooth: hci8: command 0x041b tx timeout
[ 1004.554122][ T4277] Bluetooth: hci5: command 0x040f tx timeout
[ 1005.183676][ T4277] Bluetooth: hci6: command 0x040f tx timeout
[ 1005.263582][ T4277] Bluetooth: hci7: command 0x040f tx timeout
[ 1005.353736][ T4277] Bluetooth: hci9: command 0x041b tx timeout
[ 1005.423482][ T4277] Bluetooth: hci8: command 0x040f tx timeout
[ 1006.632896][ T4277] Bluetooth: hci5: command 0x0419 tx timeout
[ 1007.282383][ T4277] Bluetooth: hci6: command 0x0419 tx timeout
[ 1007.342483][ T4277] Bluetooth: hci7: command 0x0419 tx timeout
[ 1007.422392][ T4277] Bluetooth: hci9: command 0x040f tx timeout
[ 1007.512640][ T4277] Bluetooth: hci8: command 0x0419 tx timeout
[ 1009.511535][ T4277] Bluetooth: hci9: command 0x0419 tx timeout
[ 1040.856880][ T3638] udevd[3638]: worker [5995] /devices/platform/dummy_hcd.3/usb4/4-1 is taking a long time
[ 1044.386325][ T3638] udevd[3638]: worker [6453] /devices/platform/dummy_hcd.4/usb5/5-1/input/input8/event4 is taking a long time
[ 1054.051804][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.058152][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1060.387147][T15121] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[ 1060.398956][T15121] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[ 1060.408055][T15121] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[ 1060.417255][T15127] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[ 1060.424955][T15127] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[ 1060.433682][T15127] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[ 1060.647772][T15121] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[ 1060.660170][T15121] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[ 1060.668771][T15121] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[ 1060.677420][T15121] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[ 1060.687304][T15121] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[ 1060.695428][T15121] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[ 1060.759664][ T4277] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[ 1060.775906][ T4277] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[ 1060.791333][ T4277] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[ 1060.807526][ T4277] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[ 1060.816183][ T4277] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[ 1060.824314][ T4277] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[ 1061.184728][T15121] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[ 1061.202008][T15121] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[ 1061.211022][T15121] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[ 1061.219889][T15121] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[ 1061.228216][ T4280] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[ 1061.236708][T15121] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[ 1061.239539][T15128] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[ 1061.253699][T15121] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[ 1061.263902][ T4277] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[ 1061.273835][T15121] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[ 1061.287313][ T4277] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[ 1061.295816][ T4277] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[ 1062.515008][ T4277] Bluetooth: hci10: command 0x0409 tx timeout
[ 1062.755798][ T4277] Bluetooth: hci11: command 0x0409 tx timeout
[ 1062.924828][ T4277] Bluetooth: hci12: command 0x0409 tx timeout
[ 1063.314586][ T4277] Bluetooth: hci14: command 0x0409 tx timeout
[ 1063.322113][ T4277] Bluetooth: hci13: command 0x0409 tx timeout
[ 1064.593895][ T4277] Bluetooth: hci10: command 0x041b tx timeout
[ 1064.843820][ T4277] Bluetooth: hci11: command 0x041b tx timeout
[ 1064.993787][ T4277] Bluetooth: hci12: command 0x041b tx timeout
[ 1065.393504][ T4277] Bluetooth: hci13: command 0x041b tx timeout
[ 1065.399647][ T4277] Bluetooth: hci14: command 0x041b tx timeout
[ 1066.682935][ T4277] Bluetooth: hci10: command 0x040f tx timeout
[ 1066.912682][ T4277] Bluetooth: hci11: command 0x040f tx timeout
[ 1067.082703][ T4277] Bluetooth: hci12: command 0x040f tx timeout
[ 1067.472521][ T4277] Bluetooth: hci14: command 0x040f tx timeout
[ 1067.478679][ T4277] Bluetooth: hci13: command 0x040f tx timeout
[ 1068.751839][ T4277] Bluetooth: hci10: command 0x0419 tx timeout
[ 1068.991766][ T4277] Bluetooth: hci11: command 0x0419 tx timeout
[ 1069.161644][ T4277] Bluetooth: hci12: command 0x0419 tx timeout
[ 1069.551534][ T4277] Bluetooth: hci13: command 0x0419 tx timeout
[ 1069.557677][ T4277] Bluetooth: hci14: command 0x0419 tx timeout
[ 1115.451246][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[ 1115.457591][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[ 1122.650376][T15127] Bluetooth: hci5: command 0x0406 tx timeout
[ 1122.654792][ T4277] Bluetooth: hci6: command 0x0406 tx timeout
[ 1122.656494][T15127] Bluetooth: hci7: command 0x0406 tx timeout
[ 1122.662393][ T4277] Bluetooth: hci8: command 0x0406 tx timeout
[ 1124.495283][T15128] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[ 1124.506132][T15128] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[ 1124.514579][T15128] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[ 1124.522614][T15128] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[ 1124.530541][T15128] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3
[ 1124.538113][T15128] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[ 1124.850605][ T4277] Bluetooth: hci16: unexpected cc 0x0c03 length: 249 > 1
[ 1124.864635][ T4277] Bluetooth: hci16: unexpected cc 0x1003 length: 249 > 9
[ 1124.881182][ T4277] Bluetooth: hci16: unexpected cc 0x1001 length: 249 > 9
[ 1124.890045][ T4277] Bluetooth: hci16: unexpected cc 0x0c23 length: 249 > 4
[ 1124.899475][ T4277] Bluetooth: hci16: unexpected cc 0x0c25 length: 249 > 3
[ 1124.913706][ T4277] Bluetooth: hci16: unexpected cc 0x0c38 length: 249 > 2
[ 1124.983294][T15128] Bluetooth: hci17: unexpected cc 0x0c03 length: 249 > 1
[ 1124.992923][T15128] Bluetooth: hci18: unexpected cc 0x0c03 length: 249 > 1
[ 1124.993724][T15121] Bluetooth: hci17: unexpected cc 0x1003 length: 249 > 9
[ 1125.015284][T15121] Bluetooth: hci17: unexpected cc 0x1001 length: 249 > 9
[ 1125.024477][T15121] Bluetooth: hci17: unexpected cc 0x0c23 length: 249 > 4
[ 1125.032089][T15121] Bluetooth: hci18: unexpected cc 0x1003 length: 249 > 9
[ 1125.032100][T15128] Bluetooth: hci17: unexpected cc 0x0c25 length: 249 > 3
[ 1125.051056][T15121] Bluetooth: hci17: unexpected cc 0x0c38 length: 249 > 2
[ 1125.058398][T15121] Bluetooth: hci18: unexpected cc 0x1001 length: 249 > 9
[ 1125.070933][T15121] Bluetooth: hci19: unexpected cc 0x0c03 length: 249 > 1
[ 1125.093746][T15121] Bluetooth: hci18: unexpected cc 0x0c23 length: 249 > 4
[ 1125.093793][T15166] Bluetooth: hci19: unexpected cc 0x1003 length: 249 > 9
[ 1125.110535][T15166] Bluetooth: hci19: unexpected cc 0x1001 length: 249 > 9
[ 1125.118061][T15166] Bluetooth: hci18: unexpected cc 0x0c25 length: 249 > 3
[ 1125.119433][T15121] Bluetooth: hci19: unexpected cc 0x0c23 length: 249 > 4
[ 1125.134467][T15166] Bluetooth: hci18: unexpected cc 0x0c38 length: 249 > 2
[ 1125.134966][T15121] Bluetooth: hci19: unexpected cc 0x0c25 length: 249 > 3
[ 1125.149491][T15166] Bluetooth: hci19: unexpected cc 0x0c38 length: 249 > 2
[ 1126.562890][T15166] Bluetooth: hci15: command 0x0409 tx timeout
[ 1126.962836][T15166] Bluetooth: hci16: command 0x0409 tx timeout
[ 1127.122669][T15166] Bluetooth: hci17: command 0x0409 tx timeout
[ 1127.202639][T15166] Bluetooth: hci19: command 0x0409 tx timeout
[ 1127.216366][T15166] Bluetooth: hci18: command 0x0409 tx timeout
[ 1127.762170][T15166] Bluetooth: hci9: command 0x0406 tx timeout
[ 1128.641933][T15166] Bluetooth: hci15: command 0x041b tx timeout
[ 1129.041700][T15166] Bluetooth: hci16: command 0x041b tx timeout
[ 1129.201749][T15166] Bluetooth: hci17: command 0x041b tx timeout
[ 1129.281612][T15166] Bluetooth: hci18: command 0x041b tx timeout
[ 1129.287763][T15166] Bluetooth: hci19: command 0x041b tx timeout
[ 1130.720719][T15166] Bluetooth: hci15: command 0x040f tx timeout
[ 1131.120632][T15166] Bluetooth: hci16: command 0x040f tx timeout
[ 1131.280574][T15166] Bluetooth: hci17: command 0x040f tx timeout
[ 1131.360582][T15166] Bluetooth: hci19: command 0x040f tx timeout
[ 1131.366728][T15166] Bluetooth: hci18: command 0x040f tx timeout
[ 1132.799780][T15166] Bluetooth: hci15: command 0x0419 tx timeout
[ 1133.199702][T15166] Bluetooth: hci16: command 0x0419 tx timeout
[ 1133.369606][T15166] Bluetooth: hci17: command 0x0419 tx timeout
[ 1133.439650][T15166] Bluetooth: hci18: command 0x0419 tx timeout
[ 1133.445796][T15166] Bluetooth: hci19: command 0x0419 tx timeout
[ 1142.325151][   T27] INFO: task khugepaged:35 blocked for more than 143 seconds.
[ 1142.332963][   T27]       Not tainted syzkaller #0
[ 1142.354266][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1142.371796][   T27] task:khugepaged      state:D stack:28280 pid:35    ppid:2      flags:0x00004000
[ 1142.405530][   T27] Call Trace:
[ 1142.408883][   T27]  <TASK>
[ 1142.427188][   T27]  __schedule+0x11d1/0x40e0
[ 1142.431791][   T27]  ? __sched_text_start+0x8/0x8
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 1142.499859][   T27]  ? __mutex_trylock_common+0x86/0x260
[ 1142.512521][   T27]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1142.523917][   T27]  schedule+0xb9/0x180
[ 1142.528117][   T27]  schedule_preempt_disabled+0xf/0x20
[ 1142.533527][   T27]  __mutex_lock+0x562/0xaf0
[ 1142.547906][   T27]  ? __mutex_lock+0x3b2/0xaf0
[ 1142.552647][   T27]  ? __lru_add_drain_all+0x66/0x800
[ 1142.579590][   T27]  ? mutex_lock_nested+0x10/0x10
[ 1142.584603][   T27]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[ 1142.603866][   T27]  ? lockdep_hardirqs_on+0x94/0x140
[ 1142.613731][   T27]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1142.635133][   T27]  __lru_add_drain_all+0x66/0x800
[ 1142.640236][   T27]  khugepaged+0x183/0x19a0
[ 1142.656907][   T27]  ? start_stop_khugepaged+0x160/0x160
[ 1142.671226][   T27]  ? wake_bit_function+0x200/0x200
[ 1142.687792][   T27]  ? wake_bit_function+0x200/0x200
[ 1142.692965][   T27]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[ 1142.722616][   T27]  ? lockdep_hardirqs_on+0x94/0x140
[ 1142.761169][   T27]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1142.772387][   T27]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1142.787345][   T27]  ? __kthread_parkme+0x162/0x1c0
[ 1142.792451][   T27]  kthread+0x29d/0x330
[ 1142.809300][   T27]  ? start_stop_khugepaged+0x160/0x160
[ 1142.821761][   T27]  ? kthread_blkcg+0xd0/0xd0
[ 1142.846682][   T27]  ret_from_fork+0x1f/0x30
[ 1142.851183][   T27]  </TASK>
[ 1142.854334][   T27] INFO: task acpid:3623 blocked for more than 143 seconds.
[ 1142.889679][   T27]       Not tainted syzkaller #0
[ 1142.894761][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1142.920132][   T27] task:acpid           state:D stack:21680 pid:3623  ppid:1      flags:0x00004002
[ 1142.931764][   T27] Call Trace:
[ 1142.953110][   T27]  <TASK>
[ 1142.961199][   T27]  __schedule+0x11d1/0x40e0
[ 1142.965851][   T27]  ? __sched_text_start+0x8/0x8
[ 1142.970846][   T27]  ? __mutex_trylock_common+0x86/0x260
[ 1142.991247][   T27]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1143.002772][   T27]  schedule+0xb9/0x180
[ 1143.006975][   T27]  schedule_preempt_disabled+0xf/0x20
[ 1143.012478][   T27]  __mutex_lock+0x562/0xaf0
[ 1143.022416][   T27]  ? __mutex_lock+0x3b2/0xaf0
[ 1143.027513][   T27]  ? synchronize_rcu_expedited+0x3c0/0x890
[ 1143.033635][   T27]  ? mutex_lock_nested+0x10/0x10
[ 1143.043827][   T27]  ? do_raw_spin_lock+0x128/0x2f0
[ 1143.048957][   T27]  ? __rwlock_init+0x140/0x140
[ 1143.053743][   T27]  ? do_raw_spin_unlock+0x11d/0x230
[ 1143.064120][   T27]  synchronize_rcu_expedited+0x3c0/0x890
[ 1143.069872][   T27]  ? synchronize_rcu+0x3f0/0x3f0
[ 1143.079959][   T27]  ? mark_lock+0x94/0x320
[ 1143.084335][   T27]  ? __lock_acquire+0x13cf/0x7d10
[ 1143.089628][   T27]  ? verify_lock_unused+0x140/0x140
[ 1143.100160][   T27]  ? verify_lock_unused+0x140/0x140
[ 1143.105479][   T27]  synchronize_rcu+0x128/0x3f0
[ 1143.110272][   T27]  ? schedule_delayed_monitor_work+0x160/0x160
[ 1143.133273][   T27]  ? evdev_release+0x1ee/0x800
[ 1143.141642][   T27]  ? __lock_acquire+0x7d10/0x7d10
[ 1143.149003][   T27]  ? __rwlock_init+0x140/0x140
[ 1143.154054][   T27]  ? do_raw_spin_unlock+0x11d/0x230
[ 1143.162662][   T27]  evdev_release+0x1f3/0x800
[ 1143.169415][   T27]  ? evdev_open+0x5b0/0x5b0
[ 1143.174164][   T27]  __fput+0x22c/0x920
[ 1143.183127][   T27]  task_work_run+0x1d0/0x260
[ 1143.204295][   T27]  ? task_work_cancel+0x220/0x220
[ 1143.216262][   T27]  ? exit_to_user_mode_loop+0x3b/0x110
[ 1143.221794][   T27]  exit_to_user_mode_loop+0xe6/0x110
[ 1143.243984][   T27]  exit_to_user_mode_prepare+0xee/0x180
[ 1143.264451][   T27]  syscall_exit_to_user_mode+0x16/0x40
[ 1143.269975][   T27]  do_syscall_64+0x58/0xa0
[ 1143.292619][   T27]  ? clear_bhb_loop+0x60/0xb0
[ 1143.301479][   T27]  ? clear_bhb_loop+0x60/0xb0
[ 1143.310287][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1143.320403][   T27] RIP: 0033:0x7fcf750ef407
[ 1143.329331][   T27] RSP: 002b:00007ffca66d63f0 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
[ 1143.341730][   T27] RAX: 0000000000000000 RBX: 00007fcf75065740 RCX: 00007fcf750ef407
[ 1143.354001][   T27] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000a
[ 1143.371641][   T27] RBP: 00007ffca66d65b0 R08: 0000000000000000 R09: 0000000000000000
[ 1143.383746][   T27] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000040
[ 1143.400658][   T27] R13: 00007ffca66d66b0 R14: 000055b3c26cf7fe R15: 00007ffca66d66b0
[ 1143.430827][   T27]  </TASK>
[ 1143.433993][   T27] INFO: task kworker/0:5:4316 blocked for more than 144 seconds.
[ 1143.460942][   T27]       Not tainted syzkaller #0
[ 1143.479696][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1143.501977][   T27] task:kworker/0:5     state:D stack:22160 pid:4316  ppid:2      flags:0x00004000
[ 1143.521493][   T27] Workqueue: usb_hub_wq hub_event
[ 1143.530701][   T27] Call Trace:
[ 1143.534016][   T27]  <TASK>
[ 1143.548482][   T27]  __schedule+0x11d1/0x40e0
[ 1143.553079][   T27]  ? preempt_schedule_common+0xa5/0xd0
[ 1143.570208][   T27]  ? __sched_text_start+0x8/0x8
[ 1143.581014][   T27]  ? preempt_schedule_thunk+0x16/0x18
[ 1143.593951][   T27]  schedule+0xb9/0x180
[ 1143.604127][   T27]  synchronize_rcu_expedited+0x7ad/0x890
[ 1143.614066][   T27]  ? synchronize_rcu+0x3f0/0x3f0
[ 1143.627784][   T27]  ? wake_bit_function+0x200/0x200
[ 1143.633514][   T27]  ? input_unregister_handle+0x1b0/0x1c0
[ 1143.650900][   T27]  synchronize_rcu+0x128/0x3f0
[ 1143.662104][   T27]  ? schedule_delayed_monitor_work+0x160/0x160
[ 1143.676434][   T27]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[ 1143.682137][   T27]  ? mutex_unlock+0x10/0x10
[ 1143.688673][   T27]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[ 1143.698116][   T27]  ? mutex_unlock+0x10/0x10
[ 1143.702671][   T27]  ? __input_release_device+0xa5/0x230
[ 1143.710201][   T27]  ? input_unregister_handle+0x1b0/0x1c0
[ 1143.719061][   T27]  kbd_disconnect+0x19/0x30
[ 1143.723600][   T27]  __input_unregister_device+0x366/0x5f0
[ 1143.731365][   T27]  input_unregister_device+0x97/0xf0
[ 1143.746181][   T27]  dvb_usb_remote_exit+0xe2/0x150
[ 1143.751271][   T27]  dvb_usb_device_exit+0x1b8/0x340
[ 1143.779261][   T27]  ? lockdep_hardirqs_on+0x94/0x140
[ 1143.784554][   T27]  ? dvb_usb_device_init+0x2460/0x2460
[ 1143.790032][   T27]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1143.819605][   T27]  ? __lock_acquire+0x7d10/0x7d10
[ 1143.824722][   T27]  ? usb_disable_interface+0x319/0x350
[ 1143.830207][   T27]  usb_unbind_interface+0x1ee/0x860
[ 1143.859259][   T27]  ? kernfs_remove_by_name_ns+0x113/0x150
[ 1143.865107][   T27]  ? usb_driver_release_interface+0x1b0/0x1b0
[ 1143.871198][   T27]  device_release_driver_internal+0x522/0x850
[ 1143.914158][   T27]  bus_remove_device+0x2e2/0x400
[ 1143.919169][   T27]  device_del+0x6af/0xaf0
[ 1143.923531][   T27]  ? kill_device+0x160/0x160
[ 1143.953013][   T27]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 1143.979177][   T27]  ? usb_disconnect+0x107/0x8a0
[ 1143.984163][   T27]  ? mutex_lock_nested+0x10/0x10
[ 1143.989127][   T27]  ? _raw_spin_lock_irq+0xb7/0xf0
[ 1144.019288][   T27]  ? _raw_spin_lock_irqsave+0x100/0x100
[ 1144.025180][   T27]  usb_disable_device+0x3e2/0x890
[ 1144.030239][   T27]  usb_disconnect+0x348/0x8a0
[ 1144.059109][   T27]  hub_event+0x1e50/0x5560
[ 1144.063640][   T27]  ? hub_post_resume+0x120/0x120
[ 1144.079079][   T27]  ? read_lock_is_recursive+0x10/0x10
[ 1144.085028][   T27]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1144.090949][   T27]  ? _raw_spin_unlock+0x40/0x40
[ 1144.101674][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1144.106957][   T27]  ? process_one_work+0x7b0/0x1160
[ 1144.112097][   T27]  process_one_work+0x8a2/0x1160
[ 1144.122395][   T27]  ? worker_detach_from_pool+0x240/0x240
[ 1144.128178][   T27]  ? _raw_spin_lock_irq+0xb7/0xf0
[ 1144.133229][   T27]  ? _raw_spin_lock_irqsave+0x100/0x100
[ 1144.183922][   T27]  ? kthread_data+0x4b/0xc0
[ 1144.188509][   T27]  worker_thread+0xd27/0x1270
[ 1144.193227][   T27]  ? __kthread_parkme+0x162/0x1c0
[ 1144.203567][   T27]  kthread+0x29d/0x330
[ 1144.207721][   T27]  ? worker_clr_flags+0x1a0/0x1a0
[ 1144.212778][   T27]  ? kthread_blkcg+0xd0/0xd0
[ 1144.243222][   T27]  ret_from_fork+0x1f/0x30
[ 1144.247777][   T27]  </TASK>
[ 1144.269455][   T27] INFO: task kworker/u4:6:4322 blocked for more than 145 seconds.
[ 1144.277466][   T27]       Not tainted syzkaller #0
[ 1144.282410][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1144.296119][   T27] task:kworker/u4:6    state:D stack:22928 pid:4322  ppid:2      flags:0x00004000
[ 1144.320414][   T27] Workqueue: events_unbound fsnotify_connector_destroy_workfn
[ 1144.343243][   T27] Call Trace:
[ 1144.350831][   T27]  <TASK>
[ 1144.353839][   T27]  __schedule+0x11d1/0x40e0
[ 1144.358380][   T27]  ? __sched_text_start+0x8/0x8
[ 1144.363251][   T27]  ? kthread_data+0x4b/0xc0
[ 1144.397428][   T27]  ? wq_worker_sleeping+0x60/0x280
[ 1144.402608][   T27]  schedule+0xb9/0x180
[ 1144.419251][   T27]  schedule_timeout+0xbd/0x2d0
[ 1144.436475][   T27]  ? console_conditional_schedule+0x40/0x40
[ 1144.442432][   T27]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 1144.468895][   T27]  ? lock_chain_count+0x20/0x20
[ 1144.488890][   T27]  ? _raw_spin_lock_irq+0xb7/0xf0
[ 1144.508976][   T27]  ? _raw_spin_lock_irqsave+0x100/0x100
[ 1144.514720][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1144.519946][   T27]  ? lockdep_hardirqs_on+0x94/0x140
[ 1144.530362][   T27]  ? wait_for_completion+0x276/0x5a0
[ 1144.536033][   T27]  wait_for_completion+0x2c7/0x5a0
[ 1144.541190][   T27]  ? io_schedule+0xd0/0xd0
[ 1144.550912][   T27]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1144.568832][   T27]  ? debug_object_active_state+0x6a/0x380
[ 1144.574702][   T27]  __synchronize_srcu+0x2b9/0x350
[ 1144.579758][   T27]  ? synchronize_srcu_expedited+0x20/0x20
[ 1144.609227][   T27]  ? rcu_read_lock_any_held+0x130/0x130
[ 1144.614915][   T27]  ? __rwlock_init+0x140/0x140
[ 1144.619743][   T27]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1144.653315][   T27]  ? ktime_get_mono_fast_ns+0x199/0x1b0
[ 1144.659010][   T27]  ? synchronize_srcu+0x192/0x1b0
[ 1144.688732][   T27]  ? process_one_work+0x7b0/0x1160
[ 1144.693971][   T27]  fsnotify_connector_destroy_workfn+0x40/0xa0
[ 1144.700172][   T27]  ? process_one_work+0x7b0/0x1160
[ 1144.728830][   T27]  process_one_work+0x8a2/0x1160
[ 1144.733906][   T27]  ? worker_detach_from_pool+0x240/0x240
[ 1144.739564][   T27]  ? _raw_spin_lock_irq+0xb7/0xf0
[ 1144.783627][   T27]  ? _raw_spin_lock_irqsave+0x100/0x100
[ 1144.789331][   T27]  ? kthread_data+0x4b/0xc0
[ 1144.799018][   T27]  worker_thread+0xaa2/0x1270
[ 1144.803820][   T27]  kthread+0x29d/0x330
[ 1144.807904][   T27]  ? worker_clr_flags+0x1a0/0x1a0
[ 1144.812951][   T27]  ? kthread_blkcg+0xd0/0xd0
[ 1144.858735][   T27]  ret_from_fork+0x1f/0x30
[ 1144.863250][   T27]  </TASK>
[ 1144.866370][   T27] INFO: task kworker/u4:8:4542 blocked for more than 145 seconds.
[ 1144.893590][   T27]       Not tainted syzkaller #0
[ 1144.898596][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1144.928617][   T27] task:kworker/u4:8    state:D stack:23120 pid:4542  ppid:2      flags:0x00004000
[ 1144.952921][   T27] Workqueue: events_unbound fsnotify_mark_destroy_workfn
[ 1144.965836][   T27] Call Trace:
[ 1144.969156][   T27]  <TASK>
[ 1144.972102][   T27]  __schedule+0x11d1/0x40e0
[ 1144.985130][   T27]  ? __sched_text_start+0x8/0x8
[ 1144.990052][   T27]  ? kthread_data+0x4b/0xc0
[ 1145.013511][   T27]  ? wq_worker_sleeping+0x60/0x280
[ 1145.018717][   T27]  schedule+0xb9/0x180
[ 1145.022815][   T27]  schedule_timeout+0xbd/0x2d0
[ 1145.048823][   T27]  ? console_conditional_schedule+0x40/0x40
[ 1145.054845][   T27]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 1145.060853][   T27]  ? lock_chain_count+0x20/0x20
[ 1145.098791][   T27]  ? _raw_spin_lock_irq+0xb7/0xf0
[ 1145.103943][   T27]  ? _raw_spin_lock_irqsave+0x100/0x100
[ 1145.109513][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1145.133449][   T27]  ? lockdep_hardirqs_on+0x94/0x140
[ 1145.138707][   T27]  ? wait_for_completion+0x276/0x5a0
[ 1145.158169][   T27]  wait_for_completion+0x2c7/0x5a0
[ 1145.173660][   T27]  ? io_schedule+0xd0/0xd0
[ 1145.178148][   T27]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1145.218583][   T27]  ? debug_object_active_state+0x6a/0x380
[ 1145.224420][   T27]  __synchronize_srcu+0x2b9/0x350
[ 1145.229474][   T27]  ? synchronize_srcu_expedited+0x20/0x20
[ 1145.257920][   T27]  ? rcu_read_lock_any_held+0x130/0x130
[ 1145.268662][   T27]  ? __rwlock_init+0x140/0x140
[ 1145.273512][   T27]  ? synchronize_srcu+0x192/0x1b0
[ 1145.278561][   T27]  ? process_one_work+0x7b0/0x1160
[ 1145.318938][   T27]  fsnotify_mark_destroy_workfn+0x106/0x2f0
[ 1145.324975][   T27]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1145.330896][   T27]  ? fsnotify_connector_destroy_workfn+0xa0/0xa0
[ 1145.361436][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1145.366740][   T27]  ? process_one_work+0x7b0/0x1160
[ 1145.371882][   T27]  process_one_work+0x8a2/0x1160
[ 1145.408730][   T27]  ? worker_detach_from_pool+0x240/0x240
[ 1145.414509][   T27]  ? _raw_spin_lock_irq+0xb7/0xf0
[ 1145.419570][   T27]  ? _raw_spin_lock_irqsave+0x100/0x100
[ 1145.443295][   T27]  ? kthread_data+0x4b/0xc0
[ 1145.447879][   T27]  worker_thread+0xaa2/0x1270
[ 1145.452592][   T27]  ? _raw_spin_unlock_irqrestore+0xbc/0x120
[ 1145.463650][   T27]  ? __kthread_parkme+0x162/0x1c0
[ 1145.468740][   T27]  kthread+0x29d/0x330
[ 1145.472828][   T27]  ? worker_clr_flags+0x1a0/0x1a0
[ 1145.482028][   T27]  ? kthread_blkcg+0xd0/0xd0
[ 1145.487769][   T27]  ret_from_fork+0x1f/0x30
[ 1145.492233][   T27]  </TASK>
[ 1145.499363][   T27] INFO: task udevd:5995 blocked for more than 146 seconds.
[ 1145.507840][   T27]       Not tainted syzkaller #0
[ 1145.512797][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1145.528803][   T27] task:udevd           state:D stack:22928 pid:5995  ppid:3638   flags:0x00004002
[ 1145.539522][   T27] Call Trace:
[ 1145.542830][   T27]  <TASK>
[ 1145.549987][   T27]  __schedule+0x11d1/0x40e0
[ 1145.555892][   T27]  ? __sched_text_start+0x8/0x8
[ 1145.560775][   T27]  ? __mutex_trylock_common+0x86/0x260
[ 1145.570243][   T27]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1145.577570][   T27]  schedule+0xb9/0x180
[ 1145.581686][   T27]  schedule_preempt_disabled+0xf/0x20
[ 1145.591153][   T27]  __mutex_lock+0x562/0xaf0
[ 1145.597823][   T27]  ? __mutex_lock+0x3b2/0xaf0
[ 1145.602553][   T27]  ? uevent_show+0x16c/0x320
[ 1145.611223][   T27]  ? mutex_lock_nested+0x10/0x10
[ 1145.617442][   T27]  uevent_show+0x16c/0x320
[ 1145.621901][   T27]  dev_attr_show+0x50/0xb0
[ 1145.630488][   T27]  sysfs_kf_seq_show+0x349/0x4b0
[ 1145.636706][   T27]  ? device_get_ownership+0xa0/0xa0
[ 1145.641948][   T27]  seq_read_iter+0x49b/0xd50
[ 1145.650738][   T27]  ? common_file_perm+0x171/0x1c0
[ 1145.657104][   T27]  vfs_read+0x4a7/0xa00
[ 1145.661558][   T27]  ? do_raw_spin_unlock+0x11d/0x230
[ 1145.670981][   T27]  ? kernel_read+0x1e0/0x1e0
[ 1145.676757][   T27]  ? __x64_sys_newfstat+0x19a/0x220
[ 1145.681997][   T27]  ? __fdget_pos+0x2b5/0x360
[ 1145.692417][   T27]  ksys_read+0x14c/0x250
[ 1145.702176][   T27]  ? vfs_write+0xa30/0xa30
[ 1145.715839][   T27]  ? lockdep_hardirqs_on+0x94/0x140
[ 1145.721181][   T27]  do_syscall_64+0x4c/0xa0
[ 1145.740681][   T27]  ? clear_bhb_loop+0x60/0xb0
[ 1145.754319][   T27]  ? clear_bhb_loop+0x60/0xb0
[ 1145.759059][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1145.785620][   T27] RIP: 0033:0x7f76944a7407
[ 1145.790089][   T27] RSP: 002b:00007ffc23093690 EFLAGS: 00000202 ORIG_RAX: 0000000000000000
[ 1145.813406][   T27] RAX: ffffffffffffffda RBX: 00007f7694c3e880 RCX: 00007f76944a7407
[ 1145.821439][   T27] RDX: 0000000000001000 RSI: 0000564dab44ea00 RDI: 0000000000000008
[ 1145.855345][   T27] RBP: 00007f76945efff0 R08: 0000000000000000 R09: 0000000000000000
[ 1145.886233][   T27] R10: 0000000000000000 R11: 0000000000000202 R12: 000000000000000a
[ 1145.903065][   T27] R13: 00007f76945efea0 R14: 0000000000000000 R15: 0000564dab4715a0
[ 1145.911228][   T27]  </TASK>
[ 1145.933070][   T27] INFO: task udevd:6453 blocked for more than 146 seconds.
[ 1145.941024][   T27]       Not tainted syzkaller #0
[ 1145.968318][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1146.008103][   T27] task:udevd           state:D stack:24944 pid:6453  ppid:3638   flags:0x00004002
[ 1146.020106][   T27] Call Trace:
[ 1146.048134][   T27]  <TASK>
[ 1146.051138][   T27]  __schedule+0x11d1/0x40e0
[ 1146.057269][   T27]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[ 1146.088636][   T27]  ? __sched_text_start+0x8/0x8
[ 1146.094363][   T27]  ? do_raw_spin_lock+0x128/0x2f0
[ 1146.100326][   T27]  ? prepare_to_wait_event+0x430/0x470
[ 1146.128100][   T27]  schedule+0xb9/0x180
[ 1146.132688][   T27]  synchronize_rcu_expedited+0x7ad/0x890
[ 1146.158070][   T27]  ? synchronize_rcu+0x3f0/0x3f0
[ 1146.163255][   T27]  ? mark_lock+0x94/0x320
[ 1146.167617][   T27]  ? wake_bit_function+0x200/0x200
[ 1146.172755][   T27]  ? __lock_acquire+0x13cf/0x7d10
[ 1146.204338][   T27]  ? verify_lock_unused+0x140/0x140
[ 1146.209643][   T27]  ? verify_lock_unused+0x140/0x140
[ 1146.223004][   T27]  synchronize_rcu+0x128/0x3f0
[ 1146.227850][   T27]  ? schedule_delayed_monitor_work+0x160/0x160
[ 1146.257912][   T27]  ? evdev_release+0x1ee/0x800
[ 1146.262747][   T27]  ? __lock_acquire+0x7d10/0x7d10
[ 1146.292894][   T27]  ? __rwlock_init+0x140/0x140
[ 1146.297744][   T27]  ? do_raw_spin_unlock+0x11d/0x230
[ 1146.308280][   T27]  evdev_release+0x1f3/0x800
[ 1146.313012][   T27]  ? evdev_open+0x5b0/0x5b0
[ 1146.317538][   T27]  __fput+0x22c/0x920
[ 1146.321538][   T27]  task_work_run+0x1d0/0x260
[ 1146.353887][   T27]  ? task_work_cancel+0x220/0x220
[ 1146.359080][   T27]  ? exit_to_user_mode_loop+0x3b/0x110
[ 1146.382829][   T27]  exit_to_user_mode_loop+0xe6/0x110
[ 1146.388184][   T27]  exit_to_user_mode_prepare+0xee/0x180
[ 1146.412816][   T27]  syscall_exit_to_user_mode+0x16/0x40
[ 1146.418453][   T27]  do_syscall_64+0x58/0xa0
[ 1146.429297][   T27]  ? clear_bhb_loop+0x60/0xb0
[ 1146.434067][   T27]  ? clear_bhb_loop+0x60/0xb0
[ 1146.438790][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1146.462785][   T27] RIP: 0033:0x7f76944a7407
[ 1146.467693][   T27] RSP: 002b:00007ffc23096da0 EFLAGS: 00000202 ORIG_RAX: 0000000000000003
[ 1146.492833][   T27] RAX: 0000000000000000 RBX: 00007f7694c3e880 RCX: 00007f76944a7407
[ 1146.500961][   T27] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000008
[ 1146.532933][   T27] RBP: 00007f7694c3e6e8 R08: 0000000000000000 R09: 0000000000000000
[ 1146.540971][   T27] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000016
[ 1146.592713][   T27] R13: 0000564d6bac5f40 R14: 0000564d6bac5f50 R15: 000000000000000c
[ 1146.600781][   T27]  </TASK>
[ 1146.622761][   T27] INFO: task kworker/u4:11:8197 blocked for more than 147 seconds.
[ 1146.630706][   T27]       Not tainted syzkaller #0
[ 1146.662705][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1146.672053][   T27] task:kworker/u4:11   state:D stack:23152 pid:8197  ppid:2      flags:0x00004000
[ 1146.722823][   T27] Workqueue: events_unbound linkwatch_event
[ 1146.728789][   T27] Call Trace:
[ 1146.732162][   T27]  <TASK>
[ 1146.752672][   T27]  __schedule+0x11d1/0x40e0
[ 1146.757272][   T27]  ? __sched_text_start+0x8/0x8
[ 1146.762151][   T27]  ? __mutex_trylock_common+0x86/0x260
[ 1146.792670][   T27]  ? wq_worker_sleeping+0x60/0x280
[ 1146.797869][   T27]  schedule+0xb9/0x180
[ 1146.801960][   T27]  schedule_preempt_disabled+0xf/0x20
[ 1146.842624][   T27]  __mutex_lock+0x562/0xaf0
[ 1146.847204][   T27]  ? __mutex_lock+0x3b2/0xaf0
[ 1146.851905][   T27]  ? linkwatch_event+0xa/0x50
[ 1146.882617][   T27]  ? mutex_lock_nested+0x10/0x10
[ 1146.887632][   T27]  ? _raw_spin_unlock+0x40/0x40
[ 1146.892504][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1146.917844][   T27]  ? process_one_work+0x7b0/0x1160
[ 1146.942614][   T27]  linkwatch_event+0xa/0x50
[ 1146.947177][   T27]  process_one_work+0x8a2/0x1160
[ 1146.952151][   T27]  ? worker_detach_from_pool+0x240/0x240
[ 1146.992550][   T27]  ? _raw_spin_lock_irq+0xb7/0xf0
[ 1146.997638][   T27]  ? _raw_spin_lock_irqsave+0x100/0x100
[ 1147.032564][   T27]  ? kthread_data+0x4b/0xc0
[ 1147.037140][   T27]  worker_thread+0xaa2/0x1270
[ 1147.041849][   T27]  ? _raw_spin_unlock_irqrestore+0xbc/0x120
[ 1147.072564][   T27]  ? __kthread_parkme+0x162/0x1c0
[ 1147.077663][   T27]  kthread+0x29d/0x330
[ 1147.081746][   T27]  ? worker_clr_flags+0x1a0/0x1a0
[ 1147.112532][   T27]  ? kthread_blkcg+0xd0/0xd0
[ 1147.117185][   T27]  ret_from_fork+0x1f/0x30
[ 1147.121636][   T27]  </TASK>
[ 1147.147673][   T27] INFO: task syz.0.2780:15070 blocked for more than 148 seconds.
[ 1147.174899][   T27]       Not tainted syzkaller #0
[ 1147.179883][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1147.209840][   T27] task:syz.0.2780      state:D stack:25136 pid:15070 ppid:4267   flags:0x00004004
[ 1147.242441][   T27] Call Trace:
[ 1147.245771][   T27]  <TASK>
[ 1147.248734][   T27]  __schedule+0x11d1/0x40e0
[ 1147.279997][   T27]  ? __sched_text_start+0x8/0x8
[ 1147.302464][   T27]  schedule+0xb9/0x180
[ 1147.306592][   T27]  schedule_timeout+0xbd/0x2d0
[ 1147.311379][   T27]  ? console_conditional_schedule+0x40/0x40
[ 1147.342373][   T27]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 1147.348429][   T27]  ? lock_chain_count+0x20/0x20
[ 1147.372326][   T27]  ? _raw_spin_lock_irq+0xb7/0xf0
[ 1147.377419][   T27]  ? _raw_spin_lock_irqsave+0x100/0x100
[ 1147.412387][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1147.417674][   T27]  ? lockdep_hardirqs_on+0x94/0x140
[ 1147.442291][   T27]  ? wait_for_completion+0x276/0x5a0
[ 1147.447675][   T27]  wait_for_completion+0x2c7/0x5a0
[ 1147.462325][   T27]  ? io_schedule+0xd0/0xd0
[ 1147.466808][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1147.472031][   T27]  ? __flush_work+0x10d/0xae0
[ 1147.492276][   T27]  __flush_work+0x952/0xae0
[ 1147.496875][   T27]  ? __flush_work+0x10d/0xae0
[ 1147.501575][   T27]  ? flush_work+0x20/0x20
[ 1147.512494][   T27]  ? move_linked_works+0x250/0x250
[ 1147.517682][   T27]  ? wq_worker_last_func+0x40/0x40
[ 1147.562255][   T27]  ? _raw_spin_unlock_irqrestore+0x10d/0x120
[ 1147.568303][   T27]  ? _raw_spin_unlock+0x40/0x40
[ 1147.592271][   T27]  ? _find_next_bit+0x87/0x130
[ 1147.597109][   T27]  __lru_add_drain_all+0x6a0/0x800
[ 1147.622297][   T27]  __se_sys_mbind+0x483/0x810
[ 1147.627050][   T27]  ? __ia32_sys_get_robust_list+0x100/0x100
[ 1147.652310][   T27]  ? __x64_sys_mbind+0xf0/0xf0
[ 1147.657149][   T27]  ? lock_chain_count+0x20/0x20
[ 1147.662028][   T27]  ? __x64_sys_mbind+0x1d/0xf0
[ 1147.692175][   T27]  do_syscall_64+0x4c/0xa0
[ 1147.696659][   T27]  ? clear_bhb_loop+0x60/0xb0
[ 1147.701358][   T27]  ? clear_bhb_loop+0x60/0xb0
[ 1147.732178][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1147.738138][   T27] RIP: 0033:0x7fb9f2b9c799
[ 1147.762179][   T27] RSP: 002b:00007fb9f0dd5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[ 1147.770666][   T27] RAX: ffffffffffffffda RBX: 00007fb9f2e16090 RCX: 00007fb9f2b9c799
[ 1147.822121][   T27] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000200000001000
[ 1147.830153][   T27] RBP: 00007fb9f2c32c99 R08: 0000000000000000 R09: 0000000000000002
[ 1147.862076][   T27] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1147.870108][   T27] R13: 00007fb9f2e16128 R14: 00007fb9f2e16090 R15: 00007ffc3b265428
[ 1147.922144][   T27]  </TASK>
[ 1147.925217][   T27] INFO: task syz.1.2782:15074 blocked for more than 148 seconds.
[ 1147.952032][   T27]       Not tainted syzkaller #0
[ 1147.957176][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1147.992009][   T27] task:syz.1.2782      state:D stack:26096 pid:15074 ppid:4275   flags:0x00004004
[ 1148.001280][   T27] Call Trace:
[ 1148.032006][   T27]  <TASK>
[ 1148.034996][   T27]  __schedule+0x11d1/0x40e0
[ 1148.039531][   T27]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[ 1148.062106][   T27]  ? queue_work_on+0x196/0x1f0
[ 1148.066944][   T27]  ? __sched_text_start+0x8/0x8
[ 1148.071813][   T27]  ? wq_worker_last_func+0x40/0x40
[ 1148.084794][   T27]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1148.090748][   T27]  ? prepare_to_wait_event+0x430/0x470
[ 1148.109047][   T27]  schedule+0xb9/0x180
[ 1148.113227][   T27]  synchronize_rcu_expedited+0x6e6/0x890
[ 1148.118893][   T27]  ? synchronize_rcu+0x3f0/0x3f0
[ 1148.138257][   T27]  ? fib6_run_gc+0x1e1/0x2a0
[ 1148.148425][   T27]  ? fib6_run_gc+0x1e1/0x2a0
[ 1148.153181][   T27]  ? sync_rcu_exp_done_unlocked+0x140/0x140
[ 1148.159115][   T27]  ? __might_sleep+0xd0/0xd0
[ 1148.181252][   T27]  ? wake_bit_function+0x200/0x200
[ 1148.190919][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1148.196219][   T27]  unregister_netdevice_many+0x9f4/0x1930
[ 1148.212687][   T27]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1148.218658][   T27]  ? alloc_netdev_mqs+0xf00/0xf00
[ 1148.235981][   T27]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 1148.249722][   T27]  ? lock_chain_count+0x20/0x20
[ 1148.254684][   T27]  ? queue_delayed_work_on+0x110/0x1f0
[ 1148.260165][   T27]  ? lockdep_hardirqs_on+0x94/0x140
[ 1148.280648][   T27]  unregister_netdevice_queue+0x324/0x370
[ 1148.293275][   T27]  ? delayed_work_timer_fn+0x80/0x80
[ 1148.298629][   T27]  ? list_netdevice+0x6c0/0x6c0
[ 1148.321439][   T27]  __tun_detach+0xd4a/0x1500
[ 1148.336297][   T27]  tun_chr_close+0x109/0x1b0
[ 1148.341038][   T27]  ? tun_chr_open+0x4d0/0x4d0
[ 1148.361916][   T27]  __fput+0x22c/0x920
[ 1148.365976][   T27]  task_work_run+0x1d0/0x260
[ 1148.370589][   T27]  ? task_work_cancel+0x220/0x220
[ 1148.397821][   T27]  ? exit_to_user_mode_loop+0x3b/0x110
[ 1148.406167][   T27]  exit_to_user_mode_loop+0xe6/0x110
[ 1148.411511][   T27]  exit_to_user_mode_prepare+0xee/0x180
[ 1148.429850][   T27]  syscall_exit_to_user_mode+0x16/0x40
[ 1148.440445][   T27]  do_syscall_64+0x58/0xa0
[ 1148.444971][   T27]  ? clear_bhb_loop+0x60/0xb0
[ 1148.449671][   T27]  ? clear_bhb_loop+0x60/0xb0
[ 1148.468919][   T27]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1148.482190][   T27] RIP: 0033:0x7f41a2b9c799
[ 1148.486657][   T27] RSP: 002b:00007fff609cd648 EFLAGS: 00000246 ORIG_RAX: 00000000000001b4
[ 1148.507011][   T27] RAX: 0000000000000000 RBX: 00007fff609cd730 RCX: 00007f41a2b9c799
[ 1148.525111][   T27] RDX: 0000000000000000 RSI: 000000000000001e RDI: 0000000000000003
[ 1148.541045][   T27] RBP: 00000000000efb04 R08: 0000000000000001 R09: 0000000000000000
[ 1148.556656][   T27] R10: 0000001b2e720000 R11: 0000000000000246 R12: 00007fff609cd770
[ 1148.574511][   T27] R13: 00007f41a2e15fac R14: 00000000000efbc0 R15: 00007f41a2e15fa0
[ 1148.590288][   T27]  </TASK>
[ 1148.598379][   T27] 
[ 1148.598379][   T27] Showing all locks held in the system:
[ 1148.612007][   T27] 1 lock held by rcu_tasks_kthre/12:
[ 1148.617333][   T27]  #0: ffffffff8cb2dfb0 (rcu_tasks.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00
[ 1148.644687][   T27] 1 lock held by rcu_tasks_trace/13:
[ 1148.650019][   T27]  #0: ffffffff8cb2e7d0 (rcu_tasks_trace.tasks_gp_mutex){+.+.}-{3:3}, at: rcu_tasks_one_gp+0x33/0xf00
[ 1148.678220][   T27] 1 lock held by khungtaskd/27:
[ 1148.683177][   T27]  #0: ffffffff8cb2d620 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x51/0x290
[ 1148.708456][   T27] 1 lock held by khugepaged/35:
[ 1148.713479][   T27]  #0: ffffffff8cbd46e8 (lock#3){+.+.}-{3:3}, at: __lru_add_drain_all+0x66/0x800
[ 1148.739784][   T27] 1 lock held by acpid/3623:
[ 1148.744460][   T27]  #0: ffffffff8cb332f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x3c0/0x890
[ 1148.775314][   T27] 1 lock held by klogd/3627:
[ 1148.779952][   T27] 2 locks held by getty/4025:
[ 1148.799479][   T27]  #0: ffff88802f99b098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[ 1148.826506][   T27]  #1: ffffc9000327b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x429/0x1390
[ 1148.851695][   T27] 6 locks held by kworker/0:5/4316:
[ 1148.856937][   T27]  #0: ffff88801ceda938 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x7b0/0x1160
[ 1148.890307][   T27]  #1: ffffc900047bfd00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x7b0/0x1160
[ 1148.919712][   T27]  #2: ffff888144f97190 (&dev->mutex){....}-{3:3}, at: hub_event+0x19f/0x5560
[ 1148.945075][   T27]  #3: ffff888051d4c190 (&dev->mutex){....}-{3:3}, at: usb_disconnect+0x107/0x8a0
[ 1148.967786][   T27]  #4: ffff888051d4b118 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xb2/0x850
[ 1148.995987][   T27]  #5: ffffffff8d831d08 (input_mutex){+.+.}-{3:3}, at: __input_unregister_device+0x2ee/0x5f0
[ 1149.027784][   T27] 2 locks held by kworker/u4:6/4322:
[ 1149.033248][   T27]  #0: ffff888017479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7b0/0x1160
[ 1149.058612][   T27]  #1: ffffc900047ffd00 (connector_reaper_work){+.+.}-{0:0}, at: process_one_work+0x7b0/0x1160
[ 1149.076141][   T27] 2 locks held by kworker/u4:8/4542:
[ 1149.082492][   T27]  #0: ffff888017479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7b0/0x1160
[ 1149.100285][   T27]  #1: ffffc90004eefd00 ((reaper_work).work){+.+.}-{0:0}, at: process_one_work+0x7b0/0x1160
[ 1149.112289][   T27] 4 locks held by udevd/5995:
[ 1149.116996][   T27]  #0: ffff88807cdb12f0 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xad/0xd50
[ 1149.133101][   T27]  #1: ffff88802f578c88 (&of->mutex){+.+.}-{3:3}, at: kernfs_seq_start+0x58/0x410
[ 1149.147078][   T27]  #2: ffff88802f05e918 (kn->active#5){.+.+}-{0:0}, at: kernfs_seq_start+0xae/0x410
[ 1149.161110][   T27]  #3: ffff888077540190 (&dev->mutex){....}-{3:3}, at: uevent_show+0x16c/0x320
[ 1149.175020][   T27] 3 locks held by kworker/u4:11/8197:
[ 1149.180460][   T27]  #0: ffff888017479138 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_one_work+0x7b0/0x1160
[ 1149.200091][   T27]  #1: ffffc90004ce7d00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_one_work+0x7b0/0x1160
[ 1149.211370][   T27]  #2: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xa/0x50
[ 1149.220392][   T27] 5 locks held by kworker/1:1/10582:
[ 1149.233312][   T27] 3 locks held by kworker/0:4/13709:
[ 1149.238642][   T27]  #0: ffff88814c9edd38 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_one_work+0x7b0/0x1160
[ 1149.255688][   T27]  #1: ffffc90003827d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_one_work+0x7b0/0x1160
[ 1149.272624][   T27]  #2: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x15/0x30
[ 1149.286882][   T27] 1 lock held by syz.0.2780/15070:
[ 1149.295048][   T27]  #0: ffffffff8cbd46e8 (lock#3){+.+.}-{3:3}, at: __lru_add_drain_all+0x66/0x800
[ 1149.309459][   T27] 2 locks held by syz.1.2782/15074:
[ 1149.317596][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3d/0x1b0
[ 1149.333483][   T27]  #1: ffffffff8cb332f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x2ec/0x890
[ 1149.348441][   T27] 1 lock held by syz.3.2784/15080:
[ 1149.369547][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: __tun_chr_ioctl+0x3fc/0x1e60
[ 1149.384985][   T27] 1 lock held by syz.3.2784/15081:
[ 1149.390139][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: devinet_ioctl+0x288/0x1af0
[ 1149.403153][   T27] 1 lock held by syz.2.2786/15098:
[ 1149.408308][   T27]  #0: ffff888077670070 (&dev->mutex#5){+.+.}-{3:3}, at: vhost_net_ioctl+0x18b/0x12a0
[ 1149.426328][   T27] 1 lock held by syz.2.2786/15102:
[ 1149.432445][   T27]  #0: ffff888077670070 (&dev->mutex#5){+.+.}-{3:3}, at: vhost_net_ioctl+0x22f/0x12a0
[ 1149.448951][   T27] 1 lock held by syz.2.2786/15104:
[ 1149.454967][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.471051][   T27] 3 locks held by vhost-15098/15103:
[ 1149.477252][   T27]  #0: ffffffff8cb56068 (cgroup_mutex){+.+.}-{3:3}, at: cgroup_attach_task_all+0x22/0xe0
[ 1149.493963][   T27]  #1: ffffffff8c9c9ef0 (cpu_hotplug_lock){++++}-{0:0}, at: cgroup_attach_lock+0xd/0x30
[ 1149.507760][   T27]  #2: ffffffff8cb56250 (cgroup_threadgroup_rwsem){++++}-{0:0}, at: cgroup_attach_task_all+0x2c/0xe0
[ 1149.526509][   T27] 1 lock held by syz.4.2789/15109:
[ 1149.535028][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.549325][   T27] 1 lock held by syz.4.2789/15110:
[ 1149.557732][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.572258][   T27] 1 lock held by syz.4.2789/15111:
[ 1149.577403][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.593602][   T27] 1 lock held by dhcpcd/15115:
[ 1149.598509][   T27]  #0: ffff888024e4c130 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xce0
[ 1149.615725][   T27] 1 lock held by syz-executor/15119:
[ 1149.621050][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.638954][   T27] 1 lock held by syz-executor/15123:
[ 1149.645685][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.661180][   T27] 1 lock held by syz-executor/15124:
[ 1149.666934][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.685585][   T27] 1 lock held by syz-executor/15129:
[ 1149.690923][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.705442][   T27] 1 lock held by syz-executor/15132:
[ 1149.710959][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.725819][   T27] 1 lock held by dhcpcd/15134:
[ 1149.730627][   T27]  #0: ffff88802492a130 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xce0
[ 1149.746018][   T27] 1 lock held by dhcpcd/15135:
[ 1149.750818][   T27]  #0: ffff88802f5a2130 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xce0
[ 1149.766642][   T27] 1 lock held by dhcpcd/15136:
[ 1149.774953][   T27]  #0: ffff88802f5a0130 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xce0
[ 1149.788435][   T27] 1 lock held by syz-executor/15140:
[ 1149.797686][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.810659][   T27] 1 lock held by syz-executor/15143:
[ 1149.819830][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.833019][   T27] 1 lock held by syz-executor/15145:
[ 1149.838338][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.855421][   T27] 1 lock held by syz-executor/15148:
[ 1149.860744][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.872889][   T27] 1 lock held by syz-executor/15149:
[ 1149.878216][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.894603][   T27] 1 lock held by syz-executor/15157:
[ 1149.899933][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.917713][   T27] 1 lock held by syz-executor/15159:
[ 1149.923318][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.939512][   T27] 1 lock held by syz-executor/15161:
[ 1149.945605][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.962160][   T27] 1 lock held by syz-executor/15162:
[ 1149.967520][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1149.982661][   T27] 1 lock held by syz-executor/15165:
[ 1149.987989][   T27]  #0: ffffffff8dd469e8 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x824/0xfc0
[ 1150.004851][   T27] 
[ 1150.007219][   T27] =============================================
[ 1150.007219][   T27] 
[ 1150.019124][   T27] NMI backtrace for cpu 0
[ 1150.023505][   T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0
[ 1150.030715][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1150.040786][   T27] Call Trace:
[ 1150.044071][   T27]  <TASK>
[ 1150.047007][   T27]  dump_stack_lvl+0x188/0x24e
[ 1150.051705][   T27]  ? irq_work_queue+0xb8/0x140
[ 1150.056493][   T27]  ? show_regs_print_info+0x12/0x12
[ 1150.061714][   T27]  ? load_image+0x400/0x400
[ 1150.066233][   T27]  ? vprintk_emit+0x59f/0x6a0
[ 1150.070924][   T27]  ? printk_sprint+0x460/0x460
[ 1150.075702][   T27]  nmi_cpu_backtrace+0x3e6/0x460
[ 1150.080657][   T27]  ? nmi_trigger_cpumask_backtrace+0x450/0x450
[ 1150.086827][   T27]  ? _printk+0xda/0x130
[ 1150.090991][   T27]  ? load_image+0x400/0x400
[ 1150.095506][   T27]  ? load_image+0x400/0x400
[ 1150.100019][   T27]  ? nmi_trigger_cpumask_backtrace+0xf3/0x450
[ 1150.106098][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[ 1150.112179][   T27]  nmi_trigger_cpumask_backtrace+0x1d4/0x450
[ 1150.118185][   T27]  watchdog+0xeee/0xf30
[ 1150.122361][   T27]  ? watchdog+0x1ed/0xf30
[ 1150.126704][   T27]  kthread+0x29d/0x330
[ 1150.130778][   T27]  ? hungtask_pm_notify+0x40/0x40
[ 1150.135828][   T27]  ? kthread_blkcg+0xd0/0xd0
[ 1150.140429][   T27]  ret_from_fork+0x1f/0x30
[ 1150.144869][   T27]  </TASK>
[ 1150.148375][   T27] Sending NMI from CPU 0 to CPUs 1:
[ 1150.153739][    C1] NMI backtrace for cpu 1
[ 1150.153751][    C1] CPU: 1 PID: 10582 Comm: kworker/1:1 Not tainted syzkaller #0
[ 1150.153766][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1150.153775][    C1] Workqueue: usb_hub_wq hub_event
[ 1150.153797][    C1] RIP: 0010:unwind_next_frame+0x1340/0x20b0
[ 1150.153817][    C1] Code: 24 68 e8 c5 a5 e8 08 e9 7f 05 00 00 49 89 f7 49 89 f5 4c 89 e0 4c 29 e8 48 89 c1 48 c1 f9 02 48 c1 e8 3f 48 01 c8 48 83 e0 fe <4d> 8d 74 45 00 4c 89 f0 48 c1 e8 03 48 b9 00 00 00 00 00 fc ff df
[ 1150.153829][    C1] RSP: 0018:ffffc900001e0310 EFLAGS: 00000046
[ 1150.153841][    C1] RAX: 0000000000000000 RBX: ffffc900001e03e8 RCX: 0000000000000000
[ 1150.153851][    C1] RDX: ffffffff8ea2bef2 RSI: ffffffff8e31e1a0 RDI: 0000000000000001
[ 1150.153861][    C1] RBP: ffffffff81726739 R08: 0000000000000001 R09: 000000000000000a
[ 1150.153870][    C1] R10: dffffc0000000000 R11: fffff5200003c089 R12: ffffffff8e31e1a0
[ 1150.153881][    C1] R13: ffffffff8e31e1a0 R14: 0000000000007267 R15: ffffffff8e31e1a0
[ 1150.153892][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 1150.153904][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1150.153914][    C1] CR2: 00007f0f67207000 CR3: 000000000c88e000 CR4: 00000000003506e0
[ 1150.153928][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1150.153936][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1150.153945][    C1] Call Trace:
[ 1150.153950][    C1]  <IRQ>
[ 1150.153960][    C1]  ? __hrtimer_run_queues+0x54a/0xd50
[ 1150.153979][    C1]  ? stack_trace_save+0xf0/0xf0
[ 1150.153995][    C1]  arch_stack_walk+0x10c/0x140
[ 1150.154014][    C1]  ? __hrtimer_run_queues+0x54a/0xd50
[ 1150.154030][    C1]  stack_trace_save+0xa6/0xf0
[ 1150.154045][    C1]  ? stack_trace_snprint+0xf0/0xf0
[ 1150.154065][    C1]  kasan_set_track+0x4b/0x70
[ 1150.154081][    C1]  ? kasan_set_track+0x4b/0x70
[ 1150.154096][    C1]  ? kasan_save_free_info+0x2d/0x50
[ 1150.154108][    C1]  ? ____kasan_slab_free+0x126/0x1e0
[ 1150.154124][    C1]  ? slab_free_freelist_hook+0x131/0x1a0
[ 1150.154139][    C1]  ? __kmem_cache_free+0xb6/0x1f0
[ 1150.154153][    C1]  ? skb_release_data+0x5db/0x7c0
[ 1150.154170][    C1]  ? consume_skb+0xa2/0x100
[ 1150.154185][    C1]  ? ath6kl_usb_recv_complete+0x1d2/0x4d0
[ 1150.154202][    C1]  ? __usb_hcd_giveback_urb+0x35f/0x520
[ 1150.154218][    C1]  ? dummy_timer+0xbf6/0x3090
[ 1150.154232][    C1]  ? __hrtimer_run_queues+0x54a/0xd50
[ 1150.154265][    C1]  ? __kmem_cache_free+0xb6/0x1f0
[ 1150.154279][    C1]  kasan_save_free_info+0x2d/0x50
[ 1150.154291][    C1]  ____kasan_slab_free+0x126/0x1e0
[ 1150.154309][    C1]  slab_free_freelist_hook+0x131/0x1a0
[ 1150.154326][    C1]  ? skb_release_data+0x5db/0x7c0
[ 1150.154343][    C1]  __kmem_cache_free+0xb6/0x1f0
[ 1150.154359][    C1]  skb_release_data+0x5db/0x7c0
[ 1150.154380][    C1]  consume_skb+0xa2/0x100
[ 1150.154397][    C1]  ath6kl_usb_recv_complete+0x1d2/0x4d0
[ 1150.154415][    C1]  __usb_hcd_giveback_urb+0x35f/0x520
[ 1150.154441][    C1]  dummy_timer+0xbf6/0x3090
[ 1150.154470][    C1]  ? mark_lock+0x94/0x320
[ 1150.154491][    C1]  ? lock_chain_count+0x20/0x20
[ 1150.154513][    C1]  ? dummy_free_streams+0x530/0x530
[ 1150.154530][    C1]  __hrtimer_run_queues+0x54a/0xd50
[ 1150.154547][    C1]  ? dummy_free_streams+0x530/0x530
[ 1150.154565][    C1]  ? hrtimer_interrupt+0x9c0/0x9c0
[ 1150.154579][    C1]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[ 1150.154598][    C1]  hrtimer_run_softirq+0x183/0x2a0
[ 1150.154615][    C1]  handle_softirqs+0x2a1/0x930
[ 1150.154632][    C1]  ? __irq_exit_rcu+0x13b/0x230
[ 1150.154647][    C1]  ? do_softirq+0x210/0x210
[ 1150.154662][    C1]  ? irqtime_account_irq+0xb2/0x1b0
[ 1150.154677][    C1]  __irq_exit_rcu+0x13b/0x230
[ 1150.154690][    C1]  ? irq_exit_rcu+0x20/0x20
[ 1150.154707][    C1]  irq_exit_rcu+0x5/0x20
[ 1150.154719][    C1]  sysvec_apic_timer_interrupt+0xa0/0xc0
[ 1150.154734][    C1]  </IRQ>
[ 1150.154738][    C1]  <TASK>
[ 1150.154743][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[ 1150.154759][    C1] RIP: 0010:unwind_next_frame+0x175/0x20b0
[ 1150.154775][    C1] Code: 24 08 74 08 4c 89 ff e8 79 43 9a 00 49 8b 2f 49 83 f6 01 49 c7 c4 20 87 89 8a 4c 29 f5 0f 84 6f 02 00 00 48 81 fd 00 00 00 81 <0f> 92 c0 48 81 fd 08 77 60 8a 0f 93 c1 08 c1 0f 85 d6 00 00 00 48
[ 1150.154786][    C1] RSP: 0018:ffffc9000dcce670 EFLAGS: 00000202
[ 1150.154798][    C1] RAX: 1ffff92001b99cf2 RBX: ffffc9000dcce748 RCX: ffffffff96bfd100
[ 1150.154808][    C1] RDX: dffffc0000000000 RSI: ffffffff8511f45f RDI: ffffffff8139198f
[ 1150.154819][    C1] RBP: ffffffff8511f45e R08: ffffc9000dcce810 R09: 000000000000000c
[ 1150.154829][    C1] R10: dffffc0000000000 R11: fffff52001b99cf5 R12: ffffffff8a898720
[ 1150.154839][    C1] R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc9000dcce790
[ 1150.154851][    C1]  ? driver_probe_device+0x4e/0x420
[ 1150.154870][    C1]  ? driver_probe_device+0x4f/0x420
[ 1150.154884][    C1]  ? unwind_next_frame+0xaf/0x20b0
[ 1150.154904][    C1]  ? driver_probe_device+0x4f/0x420
[ 1150.154923][    C1]  ? stack_trace_save+0xf0/0xf0
[ 1150.154938][    C1]  arch_stack_walk+0x10c/0x140
[ 1150.154955][    C1]  ? driver_probe_device+0x4f/0x420
[ 1150.154973][    C1]  stack_trace_save+0xa6/0xf0
[ 1150.154988][    C1]  ? stack_trace_snprint+0xf0/0xf0
[ 1150.155003][    C1]  ? kasan_set_track+0x60/0x70
[ 1150.155020][    C1]  ? kmem_cache_alloc_node+0x14d/0x320
[ 1150.155033][    C1]  ? __alloc_skb+0xfc/0x7e0
[ 1150.155048][    C1]  ? __netdev_alloc_skb+0x114/0x4f0
[ 1150.155068][    C1]  kasan_set_track+0x4b/0x70
[ 1150.155083][    C1]  ? kasan_set_track+0x4b/0x70
[ 1150.155097][    C1]  ? __kasan_kmalloc+0x8e/0xa0
[ 1150.155113][    C1]  ? __kmalloc_node_track_caller+0xae/0x230
[ 1150.155132][    C1]  ? __alloc_skb+0x22a/0x7e0
[ 1150.155147][    C1]  ? __netdev_alloc_skb+0x114/0x4f0
[ 1150.155162][    C1]  ? ath6kl_usb_post_recv_transfers+0x207/0x6f0
[ 1150.155177][    C1]  ? ath6kl_usb_power_on+0x66/0x280
[ 1150.155191][    C1]  ? ath6kl_core_init+0x1d6/0x1090
[ 1150.155204][    C1]  ? ath6kl_usb_probe+0x144a/0x1540
[ 1150.155217][    C1]  ? usb_probe_interface+0x5c5/0xb20
[ 1150.155232][    C1]  ? really_probe+0x2aa/0xc70
[ 1150.155246][    C1]  ? __driver_probe_device+0x18c/0x330
[ 1150.155261][    C1]  ? driver_probe_device+0x4f/0x420
[ 1150.155293][    C1]  ? __kmem_cache_alloc_node+0x140/0x260
[ 1150.155309][    C1]  __kasan_kmalloc+0x8e/0xa0
[ 1150.155325][    C1]  ? __netdev_alloc_skb+0x114/0x4f0
[ 1150.155341][    C1]  __kmalloc_node_track_caller+0xae/0x230
[ 1150.155360][    C1]  ? __netdev_alloc_skb+0x114/0x4f0
[ 1150.155376][    C1]  __alloc_skb+0x22a/0x7e0
[ 1150.155394][    C1]  __netdev_alloc_skb+0x114/0x4f0
[ 1150.155411][    C1]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1150.155426][    C1]  ? __alloc_skb+0x7e0/0x7e0
[ 1150.155446][    C1]  ? usb_hcd_submit_urb+0x32c/0x19c0
[ 1150.155467][    C1]  ath6kl_usb_post_recv_transfers+0x207/0x6f0
[ 1150.155490][    C1]  ath6kl_usb_power_on+0x66/0x280
[ 1150.155505][    C1]  ath6kl_core_init+0x1d6/0x1090
[ 1150.155519][    C1]  ? free_zapped_rcu+0x1f0/0x1f0
[ 1150.155540][    C1]  ? ath6kl_core_rx_complete+0x70/0x70
[ 1150.155553][    C1]  ? ath6kl_core_create+0x7d6/0x980
[ 1150.155568][    C1]  ? memcpy+0x3c/0x60
[ 1150.155580][    C1]  ? ath6kl_core_create+0x7d6/0x980
[ 1150.155596][    C1]  ath6kl_usb_probe+0x144a/0x1540
[ 1150.155618][    C1]  usb_probe_interface+0x5c5/0xb20
[ 1150.155637][    C1]  ? usb_register_driver+0x3d0/0x3d0
[ 1150.155651][    C1]  really_probe+0x2aa/0xc70
[ 1150.155667][    C1]  ? pm_runtime_barrier+0x147/0x1c0
[ 1150.155684][    C1]  __driver_probe_device+0x18c/0x330
[ 1150.155701][    C1]  driver_probe_device+0x4f/0x420
[ 1150.155718][    C1]  __device_attach_driver+0x2c6/0x510
[ 1150.155734][    C1]  ? coredump_store+0x90/0x90
[ 1150.155750][    C1]  bus_for_each_drv+0x184/0x210
[ 1150.155764][    C1]  ? coredump_store+0x90/0x90
[ 1150.155779][    C1]  ? subsys_find_device_by_id+0x360/0x360
[ 1150.155798][    C1]  __device_attach+0x2a8/0x480
[ 1150.155814][    C1]  ? device_attach+0x20/0x20
[ 1150.155830][    C1]  ? kobject_uevent_env+0x35f/0x8a0
[ 1150.155851][    C1]  bus_probe_device+0xbc/0x1e0
[ 1150.155864][    C1]  ? device_add+0x97c/0xfb0
[ 1150.155883][    C1]  device_add+0xa00/0xfb0
[ 1150.155905][    C1]  usb_set_configuration+0x1991/0x1fd0
[ 1150.155934][    C1]  usb_generic_driver_probe+0x89/0x150
[ 1150.155953][    C1]  usb_probe_device+0x139/0x270
[ 1150.155969][    C1]  ? usb_register_device_driver+0x230/0x230
[ 1150.155983][    C1]  really_probe+0x2aa/0xc70
[ 1150.155999][    C1]  ? pm_runtime_barrier+0x147/0x1c0
[ 1150.156015][    C1]  __driver_probe_device+0x18c/0x330
[ 1150.156032][    C1]  driver_probe_device+0x4f/0x420
[ 1150.156049][    C1]  __device_attach_driver+0x2c6/0x510
[ 1150.156065][    C1]  ? coredump_store+0x90/0x90
[ 1150.156081][    C1]  bus_for_each_drv+0x184/0x210
[ 1150.156096][    C1]  ? coredump_store+0x90/0x90
[ 1150.156111][    C1]  ? subsys_find_device_by_id+0x360/0x360
[ 1150.156130][    C1]  __device_attach+0x2a8/0x480
[ 1150.156146][    C1]  ? device_attach+0x20/0x20
[ 1150.156160][    C1]  ? __kmem_cache_free+0xb6/0x1f0
[ 1150.156176][    C1]  ? kobject_uevent_env+0x35f/0x8a0
[ 1150.156191][    C1]  bus_probe_device+0xbc/0x1e0
[ 1150.156205][    C1]  ? device_add+0x97c/0xfb0
[ 1150.156223][    C1]  device_add+0xa00/0xfb0
[ 1150.156245][    C1]  usb_new_device+0xd66/0x1650
[ 1150.156266][    C1]  ? lock_chain_count+0x20/0x20
[ 1150.156282][    C1]  ? usb_disconnect+0x8a0/0x8a0
[ 1150.156298][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1150.156312][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[ 1150.156326][    C1]  hub_event+0x2dcf/0x5560
[ 1150.156365][    C1]  ? hub_post_resume+0x120/0x120
[ 1150.156381][    C1]  ? read_lock_is_recursive+0x10/0x10
[ 1150.156397][    C1]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[ 1150.156412][    C1]  ? _raw_spin_unlock+0x40/0x40
[ 1150.156426][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1150.156447][    C1]  ? process_one_work+0x7b0/0x1160
[ 1150.156461][    C1]  process_one_work+0x8a2/0x1160
[ 1150.156483][    C1]  ? worker_detach_from_pool+0x240/0x240
[ 1150.156499][    C1]  ? _raw_spin_lock_irq+0xb7/0xf0
[ 1150.156513][    C1]  ? _raw_spin_lock_irqsave+0x100/0x100
[ 1150.156527][    C1]  ? kthread_data+0x4b/0xc0
[ 1150.156546][    C1]  worker_thread+0xaa2/0x1270
[ 1150.156569][    C1]  ? __kthread_parkme+0x162/0x1c0
[ 1150.156588][    C1]  kthread+0x29d/0x330
[ 1150.156599][    C1]  ? worker_clr_flags+0x1a0/0x1a0
[ 1150.156613][    C1]  ? kthread_blkcg+0xd0/0xd0
[ 1150.156626][    C1]  ret_from_fork+0x1f/0x30
[ 1150.156649][    C1]  </TASK>
[ 1150.171714][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[ 1150.171728][   T27] CPU: 0 PID: 27 Comm: khungtaskd Not tainted syzkaller #0
[ 1150.171745][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1150.171756][   T27] Call Trace:
[ 1150.171766][   T27]  <TASK>
[ 1150.171772][   T27]  dump_stack_lvl+0x188/0x24e
[ 1150.171799][   T27]  ? memcpy+0x3c/0x60
[ 1150.171816][   T27]  ? show_regs_print_info+0x12/0x12
[ 1150.171837][   T27]  ? load_image+0x400/0x400
[ 1150.171864][   T27]  panic+0x2e5/0x730
[ 1150.171879][   T27]  ? schedule_preempt_disabled+0x20/0x20
[ 1150.171904][   T27]  ? bpf_jit_dump+0xd0/0xd0
[ 1150.171919][   T27]  ? __irq_work_queue_local+0x12c/0x190
[ 1150.171946][   T27]  ? nmi_trigger_cpumask_backtrace+0x35b/0x450
[ 1150.171969][   T27]  ? nmi_trigger_cpumask_backtrace+0x360/0x450
[ 1150.171993][   T27]  watchdog+0xf2d/0xf30
[ 1150.172016][   T27]  ? watchdog+0x1ed/0xf30
[ 1150.172038][   T27]  kthread+0x29d/0x330
[ 1150.172053][   T27]  ? hungtask_pm_notify+0x40/0x40
[ 1150.172070][   T27]  ? kthread_blkcg+0xd0/0xd0
[ 1150.172087][   T27]  ret_from_fork+0x1f/0x30
[ 1150.172117][   T27]  </TASK>
[ 1150.173138][   T27] Kernel Offset: disabled
[ 1151.260512][   T27] Rebooting in 86400 seconds..