last executing test programs:

2m57.774985083s ago: executing program 3 (id=1126):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
socket$inet_tcp(0x2, 0x1, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8926, 0x0)
bind$tipc(0xffffffffffffffff, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x41}, 0x3}}, 0x10)
listen(0xffffffffffffffff, 0x0)
accept4(r0, &(0x7f00000002c0)=@xdp, &(0x7f0000000140)=0x80, 0x80800)

2m56.624189313s ago: executing program 3 (id=1128):
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="16000000000000000400"], 0x48)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f00000000c0)={0x18, 0x0, 0x0, {0xfffffffffffffffe}}, 0x18)
socket(0x9, 0x7, 0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000000)={'pim6reg1\x00', @link_local})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r1, 0x890b, &(0x7f0000000380)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6, @bcast, @bpq0, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r2, &(0x7f0000000200)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}}, 0x1c)
connect$rose(r2, &(0x7f0000000180)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x40)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2m55.320562041s ago: executing program 3 (id=1131):
memfd_create(&(0x7f0000000800)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd \xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\x83P\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\xd66hv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfa\x87$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00#\xb9F,e\xfa\xd7\xa2\xeb\xb1\xc9\xbe#\x92\xf3\x19\xe6\x83(\xfe\xf8i\xb9\xc1\xa0w\xea\xbf\xe5\x8d\xe9\x14\x130\xc3\xa5|/_\t\x98\xc3\xa7\x95!\xdf*\a\xd7\xfcv|\xb3Zc\xcf~\xf6\xe2\xa86Q\x9a$\x80\x85\x8b\t\xbf\xe6(\x12\xe0\xe1e\x81x]a\x145\xa7\xd2\n\x11h\xb9\xf5g\xc4%&\xbaRy\x8f\x85Q\xb9W\xe5\x06\xe2\xb3ryk}\x86\xc6\x04\x03i\x10\xa8\xc4\xcd`\xb8\xcfT))\xb7\x15\b%\xc8uC(C\x01\x1by\xbf \x10\xe8k\xea\x80\xd0P|\x11\xe5\xb9\x1d^\x92j\xb0\xa7\x1d', 0x7)
openat$udambuf(0xffffff9c, &(0x7f0000000000), 0x2)
openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
syz_open_dev$tty1(0xc, 0x4, 0x2)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_io_uring_setup(0x52bc, &(0x7f0000000580)={0x0, 0xbbda, 0x13500}, 0x0, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
socket(0x840000000002, 0x3, 0xff)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

2m54.648532604s ago: executing program 3 (id=1133):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
r2 = syz_open_dev$sndmidi(&(0x7f0000000180), 0x2, 0x149002)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x59c4, 0x8, 0x1000, 0x5cd}, &(0x7f0000000300)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, &(0x7f0000000740), 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0xc, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1})
io_uring_enter(r3, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)
getpid()

2m41.715638147s ago: executing program 3 (id=1144):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000540))
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000000c0)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/75, 0x0})
r2 = dup(r1)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x0, r2})
syz_emit_ethernet(0x3a, 0x0, 0x0)

2m40.386216311s ago: executing program 3 (id=1150):
socket$xdp(0x2c, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000240))
write$dsp(r1, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)

2m23.062394236s ago: executing program 32 (id=1150):
socket$xdp(0x2c, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x0)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42f82, 0x0)
ioctl$SNDCTL_DSP_SPEED(r1, 0xc0045002, &(0x7f0000000240))
write$dsp(r1, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)

1m4.819393857s ago: executing program 4 (id=1293):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8c}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
r1 = syz_open_dev$sg(&(0x7f0000000440), 0xa, 0x241)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f0000000080)=ANY=[])
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000000)={'\x00', 0x7bf, 0xe, 0x401, 0xfffffffffffffff9, 0x1, 0xffffffffffffffff})

1m3.871654624s ago: executing program 4 (id=1295):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi4\x00', 0x400, 0x0)
ioctl$COMEDI_INSNLIST(r0, 0x8010640b, &(0x7f00000be640)={0x0, &(0x7f00000be500)})

1m3.665404098s ago: executing program 4 (id=1296):
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_udplite(0xa, 0x2, 0x88)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000d80)=ANY=[@ANYBLOB="120000000a0000000400000002"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x8, 0x8000}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_udp(0x2, 0x2, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x6, 0x100000001, 0x3, 0xffffffff, 0x2627bc41, 0xba4, 0xffff, 0xfffffffffffffff8}, 0x0, &(0x7f00000000c0)={0x7ff, 0x7, 0x72d, 0x8, 0x0, 0x6, 0x1, 0x82}, &(0x7f0000000100)={0x0, 0x3938700}, 0x0)

1m2.401162617s ago: executing program 4 (id=1297):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
listen(r0, 0x6d5)
socket$vsock_stream(0x28, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
r1 = syz_init_net_socket$bt_bnep(0x1f, 0x3, 0x4)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=@newlink={0x34, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x600, 0x0, 0x0, 0x6}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}]}, 0x34}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, &(0x7f0000001540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r1, 0x800442d2, &(0x7f0000000180)={0x7, &(0x7f0000000200)=[{0x0, 0x0, 0x0, @local}, {0x0, 0x0, 0x0, @remote}, {0x0, 0x0, 0x0, @broadcast}, {0x0, 0x0, 0x0, @dev}, {0x0, 0x0, 0x0, @link_local}, {0x0, 0x0, 0x0, @remote}, {0x0, 0x0, 0x0, @local}]})
syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='d\x00'], 0x64}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x3, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000a5f5fde31abc816a3c47e25a6d0cbe49ba8f9f869f35d1f710db6bfcbc49ec9533ac8127d4fda8164789e9e388271e9c36391f21fff45c1d1f7f6ce7ee817fc1c55153f68f7fc70c5f8a08ec61fefba9683096e59c0d4d7ccc0db823b9dc38069c2336e1630f16e835b390646094d13a13b8257228c34b6c665ca1b31f383239f4b6fe1ab766ca4c337128614dd8f3b5e70283111c2f17fa6a8e67b6453b8fc7f84f3ce1e943219521e80cf60612b3431725290910629c1614aa6e13b92374763bb2d2318166f12e1b0340defc05"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000005c0)={{r4, <r5=>r4}, &(0x7f0000000600), &(0x7f0000000640)=r3}, 0x1c)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0xd, &(0x7f0000000780)=ANY=[@ANYBLOB="1800000000000080000000003500000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000000000000018120000", @ANYRES32=r4, @ANYBLOB="0000000000000000b703000000000000940000000c62cdcd440000000000000095"], &(0x7f0000000080)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x4d, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)

1m2.00188862s ago: executing program 4 (id=1299):
ioctl$DRM_IOCTL_INFO_BUFS(0xffffffffffffffff, 0xc0106418, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10f1}, 0x94)
memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xfffffffffffffff7, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f0000000500)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000800000, 0xf, 0x80000002, 0x2}, 0x0, 0x0)

1m0.993753803s ago: executing program 4 (id=1302):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r1 = syz_create_resource$binfmt(0x0)
openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = getuid()
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x413, &(0x7f00000003c0)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000050000,user_id=', @ANYRESDEC=r4, @ANYBLOB=',group_id=', @ANYRESDEC=r3, @ANYBLOB=',dont_hash,fsname=}\'!-,appraise_type=imasig,func=KEXEC_KERNEL_CHECK,euid<', @ANYRESDEC=r4, @ANYBLOB=',context=root,\x00'])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002000)=""/102400, 0x19000)
r6 = socket$inet(0x10, 0x3, 0x0)
timer_create(0x0, 0x0, 0x0)
sendmsg(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000440)="4c0000001200ff09ff3a150099a283ff04b8008000f0ffff0000000600401500240036001fc411a0b598bc593ab6821148a730cc33a49868c62b2ca654a6613b6aab", 0x42}, {&(0x7f0000000080)='G%\t\x00\x00\x00\x00\x00\x00\x00', 0xa}], 0x2}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
recvmmsg(r6, &(0x7f0000001300)=[{{0x0, 0x0, 0x0}}], 0x300, 0x48, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002800)={0x2020}, 0x2020)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000300)=0x1, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x85, 0x0, &(0x7f00000010c0))
fstat(r7, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x400}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/tty/ldiscs\x00', 0x0, 0x0)
setreuid(r8, r8)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)

45.025676268s ago: executing program 33 (id=1302):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e24, @multicast2}, 0x10)
r1 = syz_create_resource$binfmt(0x0)
openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = getuid()
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x413, &(0x7f00000003c0)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000050000,user_id=', @ANYRESDEC=r4, @ANYBLOB=',group_id=', @ANYRESDEC=r3, @ANYBLOB=',dont_hash,fsname=}\'!-,appraise_type=imasig,func=KEXEC_KERNEL_CHECK,euid<', @ANYRESDEC=r4, @ANYBLOB=',context=root,\x00'])
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000002000)=""/102400, 0x19000)
r6 = socket$inet(0x10, 0x3, 0x0)
timer_create(0x0, 0x0, 0x0)
sendmsg(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000440)="4c0000001200ff09ff3a150099a283ff04b8008000f0ffff0000000600401500240036001fc411a0b598bc593ab6821148a730cc33a49868c62b2ca654a6613b6aab", 0x42}, {&(0x7f0000000080)='G%\t\x00\x00\x00\x00\x00\x00\x00', 0xa}], 0x2}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
recvmmsg(r6, &(0x7f0000001300)=[{{0x0, 0x0, 0x0}}], 0x300, 0x48, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000002800)={0x2020}, 0x2020)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000300)=0x1, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff})
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x85, 0x0, &(0x7f00000010c0))
fstat(r7, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x400}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
openat$procfs(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/tty/ldiscs\x00', 0x0, 0x0)
setreuid(r8, r8)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)

11.586288473s ago: executing program 0 (id=1366):
sched_setscheduler(0x0, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f00000000c0)={0x18, 0x0, 0x0, {0xfffffffffffffffe}}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000000)={'pim6reg1\x00', @link_local})
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r1, 0x890b, &(0x7f0000000380)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x6, @bcast, @bpq0, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
r2 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r2, &(0x7f0000000200)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}}, 0x1c)
connect$rose(r2, &(0x7f0000000180)=@full={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x1, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @default, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast]}, 0x40)

9.267043641s ago: executing program 1 (id=1370):
r0 = fsopen(&(0x7f0000000000)='rpc_pipefs\x00', 0x0)
r1 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f00000000c0)={'pcmmio\x00', [0x4f27, 0x0, 0x4, 0x4, 0x5, 0x5, 0x4, 0x7, 0x54c6cff3, 0xfd, 0xfffffffe, 0x1, 0x1, 0x1, 0x6, 0x101, 0xb27b, 0x7f, 0x3, 0x4000002f, 0x89, 0xcaa3, 0x0, 0x20001e5b, 0x3, 0xe66, 0x3, 0x8, 0x4086, 0x0, 0xfffffff8]})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x4e20, 0x0, @empty, 0x9}}, 0x0, 0x0, 0x3fc, 0x0, 0x32, 0x7}, 0x9c)
r6 = syz_open_dev$vim2m(&(0x7f0000000580), 0x3, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r6, 0xc0d05605, &(0x7f0000000100)={0x2, @win={{0xfffffffd, 0x0, 0x42474752}, 0x0, 0x0, 0x0, 0x8dae, 0x0}})
ioctl$VIDIOC_ENUM_FMT(0xffffffffffffffff, 0xc0585611, &(0x7f00000000c0)={0x0, 0xb, 0x0, "3e58f67896b2f2098200902177392faff604cb7ef87e7610bc39ef64257f5d33"})
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
close(r0)

7.259755151s ago: executing program 1 (id=1372):
fsmount(0xffffffffffffffff, 0x1, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffea7, &(0x7f0000000040)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = open(&(0x7f0000000040)='./file1\x00', 0x80242, 0x4e)
write$FUSE_CREATE_OPEN(r1, &(0x7f0000000180)={0xa0, 0xfffffffffffffff5, 0x0, {{0x4, 0x1, 0x5, 0x6, 0x3, 0x1, {0x1, 0x180, 0xff, 0x5, 0x100, 0x7cf4, 0x9, 0x7ffffffd, 0xfffffffe, 0x8000, 0x0, 0xee00, 0x0, 0x3ff, 0x1}}, {0x0, 0x11}}}, 0xa0)
sendfile(r1, r1, &(0x7f0000000080), 0x4d9b6eaf)

6.889970748s ago: executing program 0 (id=1373):
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

6.748305617s ago: executing program 0 (id=1374):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c", 0x15)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10)
ioctl$sock_netdev_private(r2, 0x8914, &(0x7f0000000000))

6.325470393s ago: executing program 0 (id=1375):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64d0, &(0x7f0000000280)={0x3, 0x0, 0x6, 0x3})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x35c, 0x0)
r1 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r2 = open$dir(&(0x7f0000000100)='./file0\x00', 0x80000, 0x113)
accept$alg(0xffffffffffffffff, 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r1, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r3, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x3c)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0x1, 0x7, 0x0)
mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000080)=0x3, 0x8, 0x0)

4.543924432s ago: executing program 2 (id=1377):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ftruncate(r0, 0x403)

4.441272534s ago: executing program 1 (id=1378):
fsopen(&(0x7f0000000280)='nfs\x00', 0x1)
pipe(&(0x7f0000000080))
syz_open_dev$sg(0x0, 0xffff0000, 0x2842)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
syz_open_dev$usbfs(&(0x7f0000000100), 0x45e, 0x101781)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180), 0x40080, 0x0)
socket(0x10, 0x3, 0x9)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F', 0x1)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300), 0x111, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0xfffc, 0x2, @empty, 0xa09c}, {0xa, 0x2, 0xfffffffe, @dev={0xfe, 0x80, '\x00', 0x39}}, 0xffffffffffffffff, 0x40099d}}, 0x37)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0xffffffff}, 0x8)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

4.144018422s ago: executing program 1 (id=1379):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64d0, &(0x7f0000000280)={0x3, 0x0, 0x6, 0x3})
r1 = socket$inet6(0xa, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
r2 = openat$tcp_congestion(0xffffffffffffff9c, &(0x7f0000000240), 0x35c, 0x0)
preadv(r2, &(0x7f0000000040)=[{&(0x7f00000013c0)=""/4096, 0x5}], 0x1, 0x5, 0x0)
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r4 = open$dir(&(0x7f0000000100)='./file0\x00', 0x80000, 0x113)
accept$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, &(0x7f0000000080), 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', 0xffffffffffffffff, 0x0, 0xd}, 0x18)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r4, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r3, &(0x7f0000000300)="ca0e808bb35bdabb", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r6, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x3c)
mbind(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4002, &(0x7f0000000000)=0x1, 0x7, 0x0)
mbind(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x2, &(0x7f0000000080)=0x3, 0x8, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x4000000, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)

4.072316179s ago: executing program 2 (id=1380):
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="1201000000030020f003176c40000000000109022472510000000009040000120701030009050102000000000009058202", @ANYRESDEC], 0x0)
socket$netlink(0x10, 0x3, 0x10)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r1, 0x84, 0x81, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x9)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x80000000)
read$char_usb(r2, 0x0, 0x0)

3.588754654s ago: executing program 0 (id=1381):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0xe0000000, 0x5e490420, 0x2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f000000e3c0)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d838aae8c05dd22d0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20, 0x0, 0x7f}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000006340)="7c7a6a069306f2c5ddf91f36944f207a1bd11284b4445fa3507bbc5def2e6fec4bb7c6001eafe381e277221f30085acd5d0c251f7c60c23874c04db6aa516f773dd2e57e746d1a085193c8b7664fceb1fe764d87f4395c66e5d4eee443a555692ebe80f3a11b8be74963f1a18c1d0cd71dec65e609e065e14615d2e8b283e55b4aa8b485f81ce52443d61fac9f08cf34f2997c05a63f98f988cfcea9a5650b37dff5817e5033b3912c226bd9bf68b528dec710584242fbdcf7dd0d55e394d3742039e6960bb589fb9ba18ac8e9e82cdbd08e9b584d0a8224cae3e9dd91e25699549007dc0d99165a73cda1c99fc48f6bfdb900c60e4481222505c58cc1108fbaf317d361d1f2d78f6db6e14b283ca9f1927f4f8a0f6f52818be03c7b257aec57f06a0a4279131a2bb0a13b23ab188ea50a686abb2f7e4d0f7a166f358e4cb886b7fbdf51cd9a153410dcc4cc5db7e8e94cc9ba2371a328480ad20f51d7fa012f367a0a8f9c882c47b5f714f0e1b35f72b2261989513c1428d648aa8ab8c12c87dfea38d5be0d49097fce804c9cd2ac8f61b68579853129351e3bcdbdae3371d2b12a150d94b3097161c226c50a1d2c1f8b4c10a986e21dbbb854ad1d26d0ce5d950835d14664ee8f58c537f5256b761b4707fe8d46cc1658798d285310a1cff127b1280cab3f1f633569391d5a7cc08aa1d108b93c38df397d90bbb81753930934df7dcaf8f960dff660fe239aa15cf48872668cacf4d664dc0809fe9d780ab202c3a968abb56655267c907eb3343809b2407105a5c14d53a3b17a9a1552314d27e13daf48a2bb7b2c9fc15aba9ae1d6325c11fbe8432c067efa72878ca56c6463b6cf4d29646905422908a4a1f7741d0049febed4fc2b7cc27154031e50a0ab297826383935bef6a0f968db92128e8a940509b5368146bdcacc852b9d0b4ae9624635f9e69f3a7bc8e6f3340c7de46f49feb20a46f11aef464fa6696a60865bdd0c40b1c411c9661fa9f6393a33a7eb4afaef3eb1ab4634a42baeea780ac6c0c4fc8cf7a92cf0592f993ac85bdfd6c18ba4b7cf4c4438a8330413de8365b4a080234f59edefca0c5ce9697b20cc7b71d04438c00cf3d557bd03b5e1b86e167d2d6e09714135ef720667d0f2e7ca54da419d1bf6722eda31381059216009cd8c99ba1d7f9ebc1bc021457a195fa5be2f0727a84cf4cac5e080f22c836a4955d5ed06bee2eec0d39abc5f459ac43596fee3b341dfbd7ce6f4e57ea42e1e8d4f65880b8b77d2ee27dc1efe95ff1bacf5aa14933456b68645380d0f2ef6284b9946857456d64f4cb656998e99e3e286f596b31c69a69d0ee8444ed838ca2f0ead1be9538e4e927239d0e65a3f871dcad33881f69592eed93a9fafc934aefa67bb87d582d0ae4cfbb5c50325774bbc259a277749751228d3610f95fd56e9fbccb288eca1b14c8255b6996a59c91efbb08440ed91cdd53b0aab82600906904cee2a117a06157e24fa822e1cf4f9db4c2e8a5e842cfc503e578e69002fbae194b6bc7c8b69aac7359292109b712eb49d21946f5ea2745ab77ef59950dcfd926df2aef20e85f2a14554aabb417f15c725c73edd4853926ad6c525afa2c65de213cee799c18d1ced9424d10d7076fc5862579702a5f91031381f41cb8d9899ab514cfa1c8c51437df9710271d8cf69e8900921cba296703f1a7b5234500c1625884fea594d836a930b06142a6e577cd9c2a32cae65e712624abeeffc423a5d5ed7bd75fcb1a82ecec8acd0da9918a5c7c189f14f8cdf37062f93b87f9188501556060ffc6eac435cb1624f2af688316366e03cfb869eacf83d9d45fce910c3347f810b614c2e4291e70471ca2b574241c3f3d9740c6a45c7296a2f275acbde72e513ef4e5a1123a57c2eb1bd023af716c16a7747204338f60b6e3ac514af50b21952c21592aefb6149828a5183ba581d5ee8647f374645ff941bab67bef760ce353b456c4b51c5d3a0c5372b1773b944ad67a92937dd838e1b6f550a1dca975d6230e430bcc278afed54e0621008b2f850107b0244359e3747be5282630452d432e5df0fd160795effed150f9396a7da5a1e4dce0c8f62280ff2fbfaa813859a671208b4b9f05fe450729b0efad83a790acd688a90e5fee5550de4ddeac70ecd125ad076c4e2b68652e6ea520e2b6b339b4b9dc219d853e06b9aa79d022e53607213fc254e15ec3e6b776d2b562997e0fe52b98c58e1c0316b22a4219460053da87e7baff7dc1892c2de2f324dd1169b977f3a6698d0234c78de3e46ba5824f3e373f264e8d28fbb4cc108a41fdecd4b629d92b0a65f84366bf504eb5a894ba40c89f9df854dc469fa174ac85cb8d2adfdc099ca9848a1032b2e2f375bd1544dfb69e33492e1a4b921ad7ff17c4c7e357ff69f42d2301c302ee2ed313f0e9a20ebfe028a8737d6e38bf179940179cb779b70c2276264cb4f23249db7d5f179baa842b70f5b287cf74ce1ff6b70a56be8f2fe15aeadca229804923d28a793838bc605eaf5dcd362f757577ebdac54b09fd73326720d3522d002a41a3b5f2450f48286a5ea45836b5ee77fc415f47e0716049ec2610d607737fd5a73b066b4876f9d744f6b3486b088dd3bfc3d393a27c6c799ce078e2ee348257b5ec1ba9de76da2a67ca912dc2dd5afc70834ceecbb8bd41f6e790294cacd5891bef1b4e2124dcd6dffdedee8f16b3bddc030429dcb0f98e6fe0649cb14eed3293fa4933b2ab8c0ec0ff4dbbced1e32dceb317252e715b872b00478cbd7b0275b7394a0ccfe9887410b32f1ce9266b3b83470ec982cf908507d3ad0cc366bff3759388b624701b3e0dc0e7928386b155b50b42a8e352622516beeeddfb79866a2eb1d360802cd19d62fd171267a0fece5f54e315a8cd49c41072f2a7a0baab5aadae2c1ff28e285b642f8d3869321bd18b4aed107feaa12d055b179a8ab7b50e2796d287a196e280d527b526c45c8aa98696d88a02d923d06fedf51336c0695c218e70448073921971093ea44b5352e10ce6cec26d082b93f69958165bd986f56650a62224c2d9fd044bd8fefd33544c6bd141b4cc211a087fa57c09e195c8edffe559048db738d1395f5e2625dd7cd035b8c76aad6c238fb52a7c5ff0965fc7122a5899746ca88abd699d6078623722fff92726e18613519f2b1927504fd5cb7a38ffa373c3883022f0387953530834affb5f05e0f44c24caa75561b2b63994493ab857fdc30900586fed09298d846e5936869b43d81c4b91902028e57a8f2da16355ccb7a77d29ecc8e66015e979b2f3edc5b8d77c45348dea55c9ed6b7465acf899f4bc1a7edcae0b0daf69ff85c504eea1294620b6d3dbb004575044a5ae7c110010c2cf39827fbdab3b42ac35d147fc53bb5e7de6c47091dc80c14b8da494b2e913d1a52085e29af19edc4a417346c5a896a3851cb6132511e0627d190b77623c8a3bb6085eff22ede7127f7988a1d388fb70ea20d5c1b2424c5aa83532bc5162a5d177968b4a46583f2d4b92d04a5f19145221aeaf724d92ea1d4dfb53021b47585bbe5ce35f8d09a83e13fdb1de8e52dc646d41e810879ce9c830959c3ee93f11a16d030d141863244395e3f847505fe6d9594a34009fec9a743c033b9793335684cc5c3d0eb0ad094f40a60264b02cd88c583c850d99c5b9c6c5dcef467ca3ea38f2aa42f5657cd940aeb12960efa18d571e4f958b9cd90918e069a486d84f214617ce29c0f2c26bf84f12f5036f26a8de0c8359f572654bf5ee06d38f741c464976d95ae3fdda45c2ed2d08ef71d3590e82d235e0fa357c568158791a195d4a2d9615e1edc85be64cfd169f925ffc4f636f86783cf43624a77bdb9b172228097f02f391df00668dafbd9932298b23cfadfd1b8d14a25cb408a440f930f0813de73c1eb2eb4b3c802d718a672453d0038965c6dc98db96fb4e06f1fda72782d0839d4e8b477ebdb2c73510db44f643ec7dc4fcb837806853caa35cf622aff9d44381d3f7adae00650cbb6f0334ceca14ec982dfb5817d7fd49251c203b6463a09c14885f754603291ccf0a7ceaa57284ee751774fa5ad72f9f7a32fa542947af40601e98057895f2869d4ec2db0d73930962535fc9e12ba7e6777cb458592bee505b367012ebd27b256fa0fac1452cf3b28eab573549b7c7a13752ca0189768f738d5f8030fe999f7bdc466d67bb32937ae469f1a1e21fac2ae2ab92a0a260bf0e9ce20625e82f88d0ed4d13876aed768765d77433bb9137d92d622df502aef574de82fe28063128fe5a1787ced99734c2f3f221e80d3baefd367d01d950ee1bc981b4b5ff86b2a96ab78fa3c1201303cab473103d89bb185afc77dd2cb7ac1564045036fe9fcf85af5d73a7553bc45bf5e221564540982db2f81e612e7c1715d3498b8d7851c0160146d6eaae9e30c81dedfca8e7122fcb69b26b396629b723f1e1822b8d5d8f2ac583728a5ab40010f88aa42f37f2031a3e99d8d6661e63f86f65af521066ea6af89c89e1748521b8368cd03409e895a941025ee777653f55e66cd1a0cca21308666260c3b9a306ddadb322eb1d09f7b27fd570cd35b6ec88bb391e3ae4745e17fb4dd7aef1d75b4ebb91e6e7789b241566d7c0cc97a3a126ed50b0cb621e015414f62641afd85bad78470463f86d8287aa56d331911c23c4cae8e5dfea33f3789c03d61f51c590417b5ff9f1aa35ab6a15364296c5f9399216ce565210a4075ac5e43e916850774a127f9174d95b43d839e056b4a7d679bb8804951ca171c0b59f4d6f32c4fe8f908b9a1614591f5d1e1cf3348e02317ec4655c693417a4c4e7007a8db02faa1634f8eea9c9bbe5b149ce2279953a54884392dc7251dd38670fd59d9d1da5203340909d50f779e864339014bcb545d825cdcccedc558a1d01a2784b8f499ce9fa2ddb0dd1dc0b93d1b282a96cb4ecf152474dbc4b2853b30c8e5fcea85bdab949f5eb1e98d81c102c349f680230082db5aba9e20209c35b16598507d28211b49763b598a7e60519d5b28b67c027cb2657cf2ac7c7455291fcfe63f0b43afcd3afaea934da97c209d02e5b47a686c1c284aeee5d662fd9d9be7c576259d9f1a36fc0f7fe329a1da1dbe078381233940745fc28a56db98b1a8442325168158e3f0b3cbf8a368d19dd20cdfc1c4f3893a30a49223050159b0bb8b7c59ca705ae25453988d87ca6cdd2bd2fe37847ba67cbcf7a494925a8598b7b50a741c9ced10ea08e35c422b79265561a07f40ebb89bc46069a1c1ad95949fe757a76ff6b5386a043abc967c367a9d86b54d374e573540dfc1f6d396f398abe9735f523b778fd124ac1e1eb832a66dd4b1838a50e6a4eb1b95b8a60a94f067b24d1194976c539d5ec287a261bf25904575be3ff49e7411a8dc09739649828124c14fc2b89dad1f3f5725db2e45f5a447cd3e4bdf9e1e95c5ad7c76fcf0c1021cb6c32e6985e1d113030d534eecb0dff2554183ee18da2da5d21a8b994a81f05e0e6ae89b20bffb4be333d1956270da23e9905830921b1f3d615a56a20b11d45ccd1d22b910e33f475a92c31fa5b4675ddee18336d0ee7b75c07df2a9d4ad53d83142219a00aef15e1e9dace0f039d63a530fdf671a54aba3882dad0d439632af5576726c3aa095cc1a0a03063e8a6581b78bef501acc24b05a0150d8f683c90e8e5e283a49f898906dab926e544ead48cb9bf9a6e1bf140b5273443b8cb8166b2d8a5464a3e9d9f4246ac81ea91b33a0b399dde9f5efaf792bb04cfa028f40b7c92db2d9c33e16ef58b9263350879ea94e581a1187b2d1931b1cd7606a76bd8943b7c3098a33bdf476960af7bdf2854b1336e72feb603b8bb2242df0839d157843d369a50a615068ff5d99ecebe8dc19158a6c654e853cedf860a727bf8140c062f5d307fdcd150ad0af03d2c3a913b91047858ed6382d2d2d30f5c0bd419c2cd4047f225107ea8bf4a3a69384f16b5b5bb2655bdb750db4e975794592987df95f6a90374b0a08769b2c957faa16a21270196afba76b4527f01f0c5db7fa16e2da81fc49336e20bc3ee1ccbcb62255c84513d9ceb706f03c25000517070c03b7bce838e6b6cbc7f767959fbd62e11ab7ea6d760cff674a4296e6185eb348028b472290922160f3ea36c22c8375a016f505017c0a0e041dd8e52b4f19ccfc701109a19391a059d77db239d40a06d84a6f0ccd08aaad764e53ad1da19ee825a4d25ca7cd538289bffe135486ec1614e28b3682c7081a1b0a2c7272f4e36f6d0d9e68d84209126dc59312d48eed1c63c90efeadd472259392c28746abf394c5c6c97d3fb00b70a74c313a817ee1719c33f16d58f297fc7eacbca5803df115745079c5434e851ad6c1f0e8ba0bdbb66cbb6789b89a23526b476ad0f2cea0907e72702f93d37bdfe7b39fb9b33fb1111e58f5c45db8cc38afe4e03a318aa0690afb870a67aeda7da9640fdad1e1f551dd4757c69b4f523b616e502514a2e35495916f2e5ddab1ad9534644d99ec56e818caba173773aa5e45104deb869b23063eaea5542d3bc503a6948b83779aa46879443cad02477451b46429f1f67560c31d4377f96031ab94866a73be753c4ab91cc6576c3991c3423103ebae604e887c56cbacb9e95b8b46300b62e698a6456a0d175cf682eacabbe301e0b0ea34f963daed0dc6c1b75fa5e3870959913e69e61911d9ff646e9c6bab33fe566871027e861577c4d7fdfdf94ce7ac1a3f6d29daf28d660431a89c0b56c4b95090e2ca5df62c1e5c5dbf98f067751819d4c5914aa33883b7b521aab30d14e1cfae74fcf3ad4b2cf9448009d3223ad984e0c50f92d465573a6fc2894f8a5d4e855316738ecfd6a6c157d39b5c44d80a7cba944cf9f7a701899859821cf2bc248459f7a350fefba53c1481a7197f024f2eb74251455c06f4b82dfcf3ccf3e3b98b898fa1b16c310125e5e9fd4019acccbe91b4d842ddd52ee56f6d3112dec80159d6d3ef93bca70e7afcccb223361c39addbe3c429934cd0ae35f36a8f6309f08e36b27341db1f21fd8a148b239361b31a85f53bd1ad49fadace6c64d5f4363427fb2f268e8aec6d81cdb7f1252baa4652dc55881661114bf98cdf17190379591f0e22dc97e790f53f463bbb0ad0ead78ddf7dfe2e26052acc31cfe52b822afd5ec5c75957106cb5c368c09252ff3e4f624d90e599279fb985ecdb7d8880dfe05ac2d2da83e34e2b9b88f5dd60107a4509902fcddf4a36605e5c7a2606a4aea9fd4b5b24ca6b67d6945d133869cf9276d8c30b08c2a9f4bf03f4e0b956fd5f3c80b958ac5c41e4115b6708799c3102bd8b6c7fe17ff8c3f89c7437255faf69d1e16074086dd44d038bc0211ac74743169b462dbc085d77bf45eea72bf8348308bf48feea02d739a0fee9fbf71023ef8c6828da1aec8618cc2345ff663f88bc52a990e6b9591425435b0c7900ea4068f5aa6345e94254e259a71290fa23281658a6a165d1dee10dcb355518264824665ff2c5538de9ae4487782911f79e0bb09bc2c2d8e0d91b33cbec839075c9b38c848e9d2fad7368e96c1932042c3e85fd95b7d4500e6cae9e649082e9d5ca6f2cf91fc7ecaccc1049525d4325003424cacbd6eb5b8cc30b6893bd1ef46a8e7cbcc87dc2dda5c802ef1f8bb607c7457eb161254dc0feb60ed5ed0383fdb4db91d7e41d45c8eb80c1981e801ef05703f97f8710a2e00eb0559f854f700f946937b9e68c75ad6d0015d5d79be5423d0d846bc76f92ea7ebb0302b3d3c695c0aafa83b2bf029a444709cbf2cefbdcc7eaf3dd7a16f8ca8c861e883db10d433f7fec547be45e6829962e430bb3c93e8cdfb342c1cb7e53d8a6ea625d5574c4b4303f61c4338a658e652ab2bc0029c0a78a5114f495a439956909cf42128cb4348affbecb20b7fea98e22160e9a58e7666a00e7b37fbec4bd3860d66a39d1232a57e8cc50710c5c666f7efa98f16f9a02d843c94b0842a383945d06899998ff2fd01ffb58ab53ea89b2c93634c48d0420edb9791b8e451b35b534b8b2874c4859c684cd14afb5335a2555c75ad9df018635bb7131a7ef204ccecfed33a675fc51687e3f8818406fbf58e7b5fde1ca96153817e1b632e89a78d967eb6a34af1dac0d9ffa448b7b9bac27afc305a7b47febbe0a37036c18aef6852b1b2759d67479f9edb169e796d949844a1624b1e832a2eee9be36dc5866d6fde431cfcbd4e305d322c9dd07f83b5b361daaa74bfc9fbce8b447210c327468659ecbb0a5fc20d0cb79de7d1d70bf251c81d5f38711f3f4bd4752685b077058beb465711b1359d2a7d2f59216c5a807121bb97e7ccacc46526e4072f1d6de3b487d492fed0995e2273fa3bb115bd08d32d8e57eb2aa8f9d3b81babd1b8334c3a5e69422b75502ced3793d07b9bdf38e9d9fa1d2e48c7886dfc41985e8ffc49f09c4ba58ddc3b4cbf562b591f8939ced5d18214a77cc753075334a157373cc33cbc07a731cd6342492f5e05f78108e627bc88777203c76632bbe0120924c7a51bbfc9dc789a5695b7c95ef544935032fb81d499c454a2d78727875c20bc8a48a9f23cf6595c17c9cdaa8d04bab8ac567ebd3bbcdb40e11f1893fea3970f176f75f38d17d6ee1bd4ab76c660723a776bc72319199ab82c40ac4a9f4f475e8fd4643a4be8601cb5172e112c236c7c430078601bf183a59a03885e994c1116a9d4ef275790ff2417ffd85b43274fc57654466fa394958aeb11f343c3439604af13997011af70b67df1a9dfa4cdb751a2dc3e5bbf42f7b9ebc6dcebb2dbdc57d7a2cef7409dba307b7cf6eab148a924566341d035cabc877c68d0fbfaebdd39c16304b63a1bae376fb4650708bf5695dfd7ffc01f43f0021f622de0b116ea494454497337a0ec469963de7f9d2b1d6c5a7a0a7835777a78a2b9e16eec696446981d2fea550f011419b96f7b2018d027b87fc715521b0302bd7b5b3bc5f033346029eced73df07dd1bb1f91848376b40b9e9da7233e7832edcc7b54ef6fd320d19efce78d58ea7020fbbdf77612dc8a4f3281915ac9706f346e405b9f489f8f2e9a2decb8d18bec1e5f735a4ec69bba4dc5d36c9c1cc50b92fe67b2cdd53fa671c0cbe331abdf46787e7c9912b951aa20700dba6cf5a209fe5c9c61ef62a8e2e572ec774b2d0f42d570633fc44d44826e848d47a8f386a5704e0a3eaf1d06617181aeb166334ab55d5aedccb27abf19a42a480930e25465721336c70a2ea7799d21a3659124ac9503efc99c1b13ca2b9723e3e338055f9b3cef7502017ebbb09a64b06462db353a5c562101cb7fbf29e056deeb1ff0c7bc877210c941c87401ceae52bcecc83e87655069ab931bd813c1a87d67554f5d2cf435e6dd92a515c22f5d5a9a44ebc81e9c4849104343b80824005619312a9e349d996e366d381da42edad1a560bf5e31ecd049e92ceaf42954958600a7868599fe10e9b34587368d3044250c3d1a8ba6c8dcb6d318d4f9e71c2d33fc74cb57620a8343258d072f3aa767b4b178f3f66d5a713dae2426296c12edf9ee37636869e30df64cd3855fae20bc7602c1b7e6c8246ed4be71231a5ec7b5e7a9ebb08bf8667d8f2900ecdb0a0addc14a2328eebc448db13013e6a3c1a661065e5ac0a04b5171bd84c9d9d947a6c31257ed13a966530c5e20168c100117cf82b4c00ea3ad00ea65e1af89535b3f11a1418ddad33db8cec281543732d2ff4eab54b12cc95f7d872e75bc01bf6c580540b0e26413c6c2321ddfb0447bdb6acf05ddf2bb92534a3a5f37d6da882289f6fefc6a213cdfcf34902137fa3b982b2b4c27c611f08909a18405482f1e3a2bf3635d3e970457541da16e37bb3c422cceeb484bb64c78724431a543ecf4ca851914c1555e3b785ec87bba3769927f6c29f80e7ae8632bdb9acdddf7c3b5580740d9b2bfc25086c9566844136f3fac74f429121f86c378c68c20a194b0c98b1e92991954cbf60477e217a2e25297fc7b18972e40c531ec19e1eea193bbc8893392d8528c6a0375bcb4b082d20d5c47cb330bbb4b74b91ab55d4a0d3e1dee8182c581e8e70ac30108eeb7185c6ea3f786881ad124e1404651ee95cdb0fbb0d0f4a2b43c795ec1cd4e46234a88862d57903ce878b641004fb637341e5d6bf5163f1a3467b828f6eea96c3c2bb79503687867e11eec32dec452e0fdd2eaacfc0a477ee839ef049855da734d18212142dfe2a95ab9ad9bc4f98c3bfa34134c7e6c9f8669303314d4e8c1bc5475e8fcf418cbdb3246ebf393d911cdfee8f2550dc1593ece59ced81a4ffb2484f9c8ebed0aed8d418138445c4e96b209adcc4afd70f09901662daa2c8c557d6039768d97e6b9518f0de4ac2e0187ba08a4a9128d3e632fca102137338b5e568f12c7bd28db772c800fb5f4d4e683b201840731bb7c034235cd73313cde88891bbb31597bb537696e6c987302297f9717b8053779aed447d33ef9129e84d3031fa9b453bd5731fb010ffd19a9133e0ccbec2461cdd31ba294d68c60a8535b15584bab6e6d0ce6c1cef4755bd5f7d90f4debb40af1437a19a96ef9c0709692156152091c7efb58f2d39a65b96416dc09e8091ae08d9be5235a3c1ec062862baa1aab788f28e83ba4635cecc6671f2320f42b4f711e7d0fcad89d6727d3630da1ef35e32dee39eda665946abe6224f17f2acc29e62518fd51eb7f193d9bb16c38204069098c293fdce24c1c79229fd08622a4256b581cffce12e46c20248dc902753f0e3c91f9685b3d45f984620e262b3487d67d152f1c50de3fd2067a9d3debf715f346dd2f712c55545336a9036ba82bb06cfae59a48d083c3388f77790c9639fa0a9c33f4c66c7513042bffb765c2a4b3657dddf0ea094d8d79018f66c8ef8e9df980a89906275edf4a467a5db0a623976899f0efd167aab6ff385cdde59027a95a570277cb94ebce503906c28527e3114eb9ed739d0c2f4cf82786b35c0054718f47381ed8ce9b107e1f1019be5fc877166da667036f0c1b84e2b5118b5f4babc052d997e5f1e8c4cf45eb26430b74d9e1df3735b8d5df559903143d983e974bed6cc608c2580a991bdd3628ec676d348de8752cafa80c1661f162e35c25fc0ba0198423f83214fed800f9355ac8ea67951cfeeb3736b50c1e14d45d33aa25fc72c38702bd5dd217842e54114f4799c45ff1b7cec9729382ff7fc3ff80cbe1a13d03e19eecd7de676f6791fe34143ae30c97da9623907d974a37b65d0ef5d46b718d58541c6b1902814de71218ca7396ceb5fdacdc3cf4d110862402e7cc6254f1e44e28593fd443290262db75fd482ce1d305d6bf9fd3e5e0efbedac5a4d097650b111e6e9e1b2c66a23ac5bf27ed78d25d1a54c16ca4287126736c2f17ab73e683798c29d16481775ada8e20d94b00b6b29654b18f60e2853fdc7d3ba55d7df660db90288b6f440efd19f0478047b12c7b07ab2b1c9529597e6462d20612e6c3b6d1b1d11305f8ddc811860450504b7cbf9794edd0d07c25ab6307d74afdce958355eb919dcb1fcb8038c6dd5e774ee398dc8553a9ddeb551f", 0x2000, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x18}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000005c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f00000003c0)='GPL\x00', 0x1, 0x0, 0x0, 0x40f00, 0xa, '\x00', 0x0, 0x2}, 0x94)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r6, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
writev(r2, &(0x7f00000008c0)=[{&(0x7f0000000980)="9c", 0x1}], 0x1)
dup3(r0, r2, 0x6700000000000000)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)

2.019893342s ago: executing program 2 (id=1382):
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, 0x0, &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, &(0x7f0000000180))

1.929679163s ago: executing program 2 (id=1383):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c", 0x15)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000300), 0xffffffffffffffff)
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0x10)
ioctl$sock_netdev_private(r2, 0x8914, &(0x7f0000000000))

1.788241166s ago: executing program 0 (id=1384):
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f00000004c0)=ANY=[@ANYBLOB="1201000000030020f003176c40000000000109022472510000000009040000120701030009050102000000000009058202", @ANYRESDEC], 0x0)
socket$netlink(0x10, 0x3, 0x10)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r1, 0x84, 0x81, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x9)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
read$char_usb(0xffffffffffffffff, 0x0, 0x0)

1.753663699s ago: executing program 2 (id=1385):
ioctl$DRM_IOCTL_INFO_BUFS(0xffffffffffffffff, 0xc0106418, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10f1}, 0x94)
memfd_create(&(0x7f00000000c0)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec', 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0xfffffffffffffff7, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f0000000500)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000800000, 0xf, 0x80000002, 0x2}, 0x0, 0x0)

1.062530443s ago: executing program 1 (id=1386):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
write$proc_mixer(0xffffffffffffffff, 0x0, 0xb8)
openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000080)='/proc/asound/card0/oss_mixer\x00', 0x0, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f0000000180), 0x2, 0x149002)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_RECVMSG={0xa, 0x45, 0x3, 0xffffffffffffffff, 0x0, &(0x7f00000010c0)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {0x0, 0x28}, {0x0}], 0x3}, 0x0, 0x40000000, 0x1, {0x2}})
r2 = syz_io_uring_setup(0x74d, &(0x7f0000000100)={0x0, 0x59c4, 0x8, 0x1000, 0x5cd}, &(0x7f0000000300)=<r3=>0x0, &(0x7f0000000040)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r2, 0x0, &(0x7f0000000740), 0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_ACCEPT={0xd, 0xc, 0x1, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81800, 0x1})
io_uring_enter(r2, 0x749f, 0x4, 0x0, 0x0, 0xfffffffffffffef5)
getpid()

1.226871ms ago: executing program 1 (id=1387):
r0 = socket$pppoe(0x18, 0x1, 0x0)
fsopen(0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r2 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_init_net_socket$ax25(0x3, 0x2, 0xcb)
connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0xfffe, @empty, 'batadv_slave_1\x00'}}, 0x1e)

0s ago: executing program 2 (id=1388):
fsopen(&(0x7f0000000280)='nfs\x00', 0x1)
pipe(&(0x7f0000000080))
syz_open_dev$sg(0x0, 0xffff0000, 0x2842)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$inet_tcp(0x2, 0x1, 0x0)
openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
syz_open_dev$usbfs(&(0x7f0000000100), 0x45e, 0x101781)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180), 0x40080, 0x0)
socket(0x10, 0x3, 0x9)
openat$zero(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F', 0x1)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000001400), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300), 0x111, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0xfffc, 0x2, @empty, 0xa09c}, {0xa, 0x2, 0xfffffffe, @dev={0xfe, 0x80, '\x00', 0x39}}, 0xffffffffffffffff, 0x40099d}}, 0x37)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0xffffffff}, 0x8)
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100), 0x86}], 0x2)

kernel console output (not intermixed with test programs):

er overrun
[  267.873383][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.013293][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.096727][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.128185][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.161092][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.189510][ T5896] usb 5-1: config 0 has an invalid interface number: 172 but max is 0
[  268.189533][ T5896] usb 5-1: config 0 has no interface number 0
[  268.298999][ T5896] usb 5-1: New USB device found, idVendor=16d5, idProduct=650a, bcdDevice=83.b1
[  268.299026][ T5896] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.299042][ T5896] usb 5-1: Product: syz
[  268.299054][ T5896] usb 5-1: Manufacturer: syz
[  268.299066][ T5896] usb 5-1: SerialNumber: syz
[  268.377332][ T5896] usb 5-1: config 0 descriptor??
[  268.390974][ T5896] qmi_wwan 5-1:0.172: bogus CDC Union: master=0, slave=0
[  268.640180][ T7369] netlink: 'syz.2.412': attribute type 1 has an invalid length.
[  268.747132][    C0] vkms_vblank_simulate: vblank timer overrun
[  268.784348][ T5889] usb 4-1: new full-speed USB device number 12 using dummy_hcd
[  268.823548][ T5896] qmi_wwan 5-1:0.172: probe with driver qmi_wwan failed with error -22
[  269.912398][ T7376] netlink: 12 bytes leftover after parsing attributes in process `syz.2.414'.
[  270.406334][ T5889] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  270.406366][ T5889] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[  270.406406][ T5889] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  270.406425][ T5889] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  270.418073][ T7368] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  270.418191][ T7368] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  270.500709][ T5889] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  270.582114][ T5896] usb 5-1: USB disconnect, device number 15
[  271.677035][    C0] vkms_vblank_simulate: vblank timer overrun
[  271.929258][ T5889] usb 4-1: USB disconnect, device number 12
[  272.087855][ T7385] vlan2: entered allmulticast mode
[  272.087874][ T7385] veth1: entered allmulticast mode
[  274.452129][    C0] vkms_vblank_simulate: vblank timer overrun
[  275.120633][    C0] vkms_vblank_simulate: vblank timer overrun
[  275.262761][ T5896] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  275.317413][    C0] vkms_vblank_simulate: vblank timer overrun
[  275.441413][ T5896] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  275.441436][ T5896] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  275.441458][ T5896] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  275.441470][ T5896] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.487304][ T7416] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  275.504855][ T5896] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  276.046828][ T1602] usb 4-1: USB disconnect, device number 13
[  276.147883][ T7433] 8021q: adding VLAN 0 to HW filter on device bond1
[  276.600351][   T10] hid_parser_main: 8 callbacks suppressed
[  276.600377][   T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[  276.600405][   T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[  276.600429][   T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[  276.600452][   T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[  276.600476][   T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[  276.600499][   T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[  276.600522][   T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[  276.600546][   T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[  276.600569][   T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[  276.600591][   T10] hid-generic 0003:0004:0000.0003: unknown main item tag 0x0
[  276.617316][   T10] hid-generic 0003:0004:0000.0003: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  277.258715][ T7442] fido_id[7442]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  278.897633][ T7436] bond1: (slave wlan0): Enslaving as an active interface with an up link
[  279.493735][    C1] vkms_vblank_simulate: vblank timer overrun
[  279.646539][ T5932] usb 1-1: new low-speed USB device number 18 using dummy_hcd
[  279.801670][ T5932] usb 1-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  279.801705][ T5932] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  279.801719][ T5932] usb 1-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  279.804396][ T5932] usb 1-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  279.804430][ T5932] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  279.804443][ T5932] usb 1-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  280.767972][ T5932] usb 1-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  280.768010][ T5932] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  280.768023][ T5932] usb 1-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  280.995016][ T5932] usb 1-1: string descriptor 0 read error: -22
[  280.995155][ T5932] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  280.995174][ T5932] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.056435][ T5932] adutux 1-1:168.0: interrupt endpoints not found
[  281.179818][ T7479] tty tty1: ldisc open failed (-12), clearing slot 0
[  281.412685][ T5896] usb 1-1: USB disconnect, device number 18
[  282.527819][    C1] vkms_vblank_simulate: vblank timer overrun
[  282.728753][    C1] vkms_vblank_simulate: vblank timer overrun
[  283.483125][    C1] vkms_vblank_simulate: vblank timer overrun
[  283.794908][    C1] vkms_vblank_simulate: vblank timer overrun
[  283.858862][    C1] vkms_vblank_simulate: vblank timer overrun
[  283.982544][    C1] vkms_vblank_simulate: vblank timer overrun
[  284.459785][ T5869] usb 1-1: new full-speed USB device number 19 using dummy_hcd
[  284.616510][ T5869] usb 1-1: config 0 has an invalid interface number: 172 but max is 0
[  284.616536][ T5869] usb 1-1: config 0 has no interface number 0
[  284.619532][ T5869] usb 1-1: New USB device found, idVendor=16d5, idProduct=650a, bcdDevice=83.b1
[  284.619546][ T5869] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  284.619622][ T5869] usb 1-1: Product: syz
[  284.619643][ T5869] usb 1-1: Manufacturer: syz
[  284.619652][ T5869] usb 1-1: SerialNumber: syz
[  284.627197][ T5869] usb 1-1: config 0 descriptor??
[  284.689378][ T5869] qmi_wwan 1-1:0.172: bogus CDC Union: master=0, slave=0
[  284.906679][ T5869] qmi_wwan 1-1:0.172: probe with driver qmi_wwan failed with error -22
[  285.065733][    C1] vkms_vblank_simulate: vblank timer overrun
[  285.247023][    C1] vkms_vblank_simulate: vblank timer overrun
[  287.571796][ T7527] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  288.270584][ T1228] usb 1-1: USB disconnect, device number 19
[  288.432773][ T5869] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  288.604519][ T5869] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  288.604539][ T5869] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  288.604560][ T5869] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  288.604571][ T5869] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.661744][ T7534] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  288.673068][   T10] usb 4-1: new low-speed USB device number 14 using dummy_hcd
[  288.677413][ T5869] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  288.802036][ T7543] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  288.815280][ T7543] syzkaller0: entered promiscuous mode
[  288.815302][ T7543] syzkaller0: entered allmulticast mode
[  288.825362][   T10] usb 4-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  288.825414][   T10] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  288.825437][   T10] usb 4-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  288.826755][   T10] usb 4-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  288.826803][   T10] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  288.826826][   T10] usb 4-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  288.828026][   T10] usb 4-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  288.828077][   T10] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  288.828101][   T10] usb 4-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  288.831382][   T10] usb 4-1: string descriptor 0 read error: -22
[  288.831543][   T10] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  288.831565][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.970322][   T10] adutux 4-1:168.0: interrupt endpoints not found
[  289.108540][ T5869] usb 5-1: USB disconnect, device number 16
[  289.272968][ T7542] tipc: Resetting bearer <eth:syzkaller0>
[  289.298418][   T10] usb 4-1: USB disconnect, device number 14
[  289.497575][ T7542] tipc: Disabling bearer <eth:syzkaller0>
[  291.281168][   T10] hid_parser_main: 8 callbacks suppressed
[  291.281188][   T10] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  291.281218][   T10] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  291.281242][   T10] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  291.281266][   T10] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  291.281289][   T10] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  291.281313][   T10] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  291.281337][   T10] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  291.281360][   T10] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  291.281384][   T10] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  291.281408][   T10] hid-generic 0003:0004:0000.0004: unknown main item tag 0x0
[  291.384308][   T10] hid-generic 0003:0004:0000.0004: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  292.406814][    C0] vkms_vblank_simulate: vblank timer overrun
[  292.742899][ T7561] fido_id[7561]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  294.021809][    C0] vkms_vblank_simulate: vblank timer overrun
[  294.247699][    C0] vkms_vblank_simulate: vblank timer overrun
[  294.926910][    C0] vkms_vblank_simulate: vblank timer overrun
[  295.469323][    C0] vkms_vblank_simulate: vblank timer overrun
[  295.730924][    C0] vkms_vblank_simulate: vblank timer overrun
[  296.231058][    C0] vkms_vblank_simulate: vblank timer overrun
[  297.776752][    C0] vkms_vblank_simulate: vblank timer overrun
[  298.803337][    C0] vkms_vblank_simulate: vblank timer overrun
[  298.890087][    C0] vkms_vblank_simulate: vblank timer overrun
[  301.362327][    C0] vkms_vblank_simulate: vblank timer overrun
[  303.936297][ T7639] sch_fq: defrate 4294967295 ignored.
[  309.643751][ T5808] dvb-usb: did not find the firmware file 'dvb-usb-az6027-03.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  309.643829][ T5808] dvb_usb_az6027 2-1:0.0: probe with driver dvb_usb_az6027 failed with error -110
[  309.695867][ T5808] usb 2-1: USB disconnect, device number 12
[  310.353568][ T5889] usb 2-1: new low-speed USB device number 13 using dummy_hcd
[  310.662786][   T10] usb 1-1: new full-speed USB device number 20 using dummy_hcd
[  310.702794][ T5889] usb 2-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  310.702839][ T5889] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  310.702853][ T5889] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  310.703762][ T5889] usb 2-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  310.703794][ T5889] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  310.703807][ T5889] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  310.705033][ T5889] usb 2-1: config 168 has an invalid descriptor of length 255, skipping remainder of the config
[  310.705063][ T5889] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  310.705076][ T5889] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  310.826232][ T5889] usb 2-1: string descriptor 0 read error: -22
[  310.826404][ T5889] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  310.826424][ T5889] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.851525][   T10] usb 1-1: config 0 has an invalid interface number: 172 but max is 0
[  310.851541][   T10] usb 1-1: config 0 has no interface number 0
[  310.872116][   T10] usb 1-1: New USB device found, idVendor=16d5, idProduct=650a, bcdDevice=83.b1
[  310.872149][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.872166][   T10] usb 1-1: Product: syz
[  310.872178][   T10] usb 1-1: Manufacturer: syz
[  310.872190][   T10] usb 1-1: SerialNumber: syz
[  310.915767][   T10] usb 1-1: config 0 descriptor??
[  310.960217][   T10] qmi_wwan 1-1:0.172: bogus CDC Union: master=0, slave=0
[  311.022401][ T5889] adutux 2-1:168.0: interrupt endpoints not found
[  311.265260][    C1] vkms_vblank_simulate: vblank timer overrun
[  311.287760][   T10] qmi_wwan 1-1:0.172: probe with driver qmi_wwan failed with error -22
[  311.305880][ T5889] usb 2-1: USB disconnect, device number 13
[  311.646653][    C1] vkms_vblank_simulate: vblank timer overrun
[  312.285540][    C1] vkms_vblank_simulate: vblank timer overrun
[  312.373484][    C1] vkms_vblank_simulate: vblank timer overrun
[  312.957156][   T10] usb 1-1: USB disconnect, device number 20
[  313.120341][    C1] vkms_vblank_simulate: vblank timer overrun
[  313.177370][ T7683] fuse: Bad value for 'fd'
[  313.329213][    C1] vkms_vblank_simulate: vblank timer overrun
[  313.571054][ T7686] overlayfs: failed to resolve './file1': -2
[  313.572561][    C1] vkms_vblank_simulate: vblank timer overrun
[  314.109690][    C1] vkms_vblank_simulate: vblank timer overrun
[  315.554388][ T7702] netlink: 4 bytes leftover after parsing attributes in process `syz.0.499'.
[  317.090659][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  317.090731][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  317.585651][ T7702] veth0_macvtap: left promiscuous mode
[  318.059164][    C0] vkms_vblank_simulate: vblank timer overrun
[  318.255773][ T7712] sch_fq: defrate 4294967295 ignored.
[  318.638932][    C0] vkms_vblank_simulate: vblank timer overrun
[  318.933630][    C0] vkms_vblank_simulate: vblank timer overrun
[  319.405802][    C0] vkms_vblank_simulate: vblank timer overrun
[  319.472816][ T5808] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  319.670383][    C0] vkms_vblank_simulate: vblank timer overrun
[  320.423642][    C0] vkms_vblank_simulate: vblank timer overrun
[  320.439025][ T5808] usb 4-1: config 0 has an invalid interface number: 172 but max is 0
[  320.439049][ T5808] usb 4-1: config 0 has no interface number 0
[  320.489666][    C0] vkms_vblank_simulate: vblank timer overrun
[  320.514512][ T5808] usb 4-1: New USB device found, idVendor=16d5, idProduct=650a, bcdDevice=83.b1
[  320.514537][ T5808] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.514560][ T5808] usb 4-1: Product: syz
[  320.514571][ T5808] usb 4-1: Manufacturer: syz
[  320.514584][ T5808] usb 4-1: SerialNumber: syz
[  320.522862][ T5808] usb 4-1: config 0 descriptor??
[  320.619761][ T5808] qmi_wwan 4-1:0.172: bogus CDC Union: master=0, slave=0
[  321.176058][    C0] vkms_vblank_simulate: vblank timer overrun
[  321.362483][ T7714] siw: device registration error -23
[  321.398671][ T5808] qmi_wwan 4-1:0.172: probe with driver qmi_wwan failed with error -22
[  321.423907][ T5808] usb 4-1: USB disconnect, device number 15
[  322.475270][    C0] vkms_vblank_simulate: vblank timer overrun
[  322.552792][ T7623] usb 2-1: new low-speed USB device number 14 using dummy_hcd
[  322.597621][ T7732] netlink: 4 bytes leftover after parsing attributes in process `syz.2.507'.
[  322.705712][ T7732] veth0_macvtap: left promiscuous mode
[  322.705802][ T7735] fuse: Bad value for 'fd'
[  322.713945][ T7623] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  322.714000][ T7623] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  322.714024][ T7623] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  322.715660][ T7623] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  322.715709][ T7623] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  322.715732][ T7623] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  322.719795][ T7623] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  322.719844][ T7623] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  322.719866][ T7623] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  322.732475][ T7623] usb 2-1: string descriptor 0 read error: -22
[  322.732777][ T7623] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  322.732799][ T7623] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.751397][ T7623] adutux 2-1:168.0: interrupt endpoints not found
[  323.333471][ T7623] usb 2-1: USB disconnect, device number 14
[  323.930655][ T7744] overlayfs: failed to resolve './file1': -2
[  324.985226][ T7751] syzkaller0: entered promiscuous mode
[  324.985250][ T7751] syzkaller0: entered allmulticast mode
[  325.192816][ T7623] usb 1-1: new low-speed USB device number 21 using dummy_hcd
[  325.404301][ T7623] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  325.404350][ T7623] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  325.404363][ T7623] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  325.404376][ T7623] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  325.404389][ T7623] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  325.405564][ T7623] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  325.405596][ T7623] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  325.405610][ T7623] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  325.405622][ T7623] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  325.405634][ T7623] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  325.406539][ T7623] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  325.406568][ T7623] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  325.406581][ T7623] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  325.406593][ T7623] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  325.406605][ T7623] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  327.357716][    C0] vkms_vblank_simulate: vblank timer overrun
[  328.097408][    C0] vkms_vblank_simulate: vblank timer overrun
[  328.206214][ T7770] overlayfs: failed to resolve './file1': -2
[  328.256688][ T7623] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  328.256706][ T7623] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  328.263058][ T7623] usb 1-1: can't set config #168, error -71
[  328.270143][ T7623] usb 1-1: USB disconnect, device number 21
[  328.600925][    C0] vkms_vblank_simulate: vblank timer overrun
[  328.952389][    C0] vkms_vblank_simulate: vblank timer overrun
[  332.182766][ T5889] usb 2-1: new low-speed USB device number 15 using dummy_hcd
[  332.432105][    C1] vkms_vblank_simulate: vblank timer overrun
[  332.473730][ T5889] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  332.473763][ T5889] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  332.473776][ T5889] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  332.474755][ T5889] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  332.474786][ T5889] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  332.474799][ T5889] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  332.475748][ T5889] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  332.475778][ T5889] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  332.475791][ T5889] usb 2-1: config 168 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  332.478755][ T5889] usb 2-1: string descriptor 0 read error: -22
[  332.478838][ T5889] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  332.478849][ T5889] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  332.492405][ T5889] adutux 2-1:168.0: interrupt endpoints not found
[  332.684967][ T7806] fuse: Unknown parameter '01777777777777777777777'
[  332.783128][    C1] vkms_vblank_simulate: vblank timer overrun
[  333.365060][    C1] vkms_vblank_simulate: vblank timer overrun
[  333.398193][ T5896] usb 2-1: USB disconnect, device number 15
[  334.022804][ T1228] usb 3-1: new low-speed USB device number 14 using dummy_hcd
[  334.342756][ T1228] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  334.342807][ T1228] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  334.342820][ T1228] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  334.342833][ T1228] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  334.342845][ T1228] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  334.344997][ T1228] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  334.345027][ T1228] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  334.345040][ T1228] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  334.345051][ T1228] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  334.345064][ T1228] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  334.349596][ T1228] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  334.349628][ T1228] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  334.349641][ T1228] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  334.349653][ T1228] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  334.349665][ T1228] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  336.562982][ T7823] syzkaller0: entered promiscuous mode
[  336.563014][ T7823] syzkaller0: entered allmulticast mode
[  337.010668][ T1228] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  337.010696][ T1228] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.045933][ T1228] usb 3-1: can't set config #168, error -71
[  337.059060][ T1228] usb 3-1: USB disconnect, device number 14
[  337.216785][ T7835] netlink: 4 bytes leftover after parsing attributes in process `syz.2.534'.
[  338.399230][ T7855] netlink: 4 bytes leftover after parsing attributes in process `syz.2.540'.
[  338.626626][    C0] vkms_vblank_simulate: vblank timer overrun
[  339.250007][    C0] vkms_vblank_simulate: vblank timer overrun
[  339.517557][    C0] vkms_vblank_simulate: vblank timer overrun
[  339.814116][    C0] vkms_vblank_simulate: vblank timer overrun
[  340.225411][    C0] vkms_vblank_simulate: vblank timer overrun
[  340.453865][    C0] vkms_vblank_simulate: vblank timer overrun
[  341.186982][    C0] vkms_vblank_simulate: vblank timer overrun
[  341.492277][ T7873] GUP no longer grows the stack in syz.1.541 (7873): 200000004000-20000000a000 (200000002000)
[  341.492322][ T7873] CPU: 0 UID: 0 PID: 7873 Comm: syz.1.541 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  341.492338][ T7873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  341.492353][ T7873] Call Trace:
[  341.492362][ T7873]  <TASK>
[  341.492369][ T7873]  dump_stack_lvl+0x189/0x250
[  341.492400][ T7873]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.492419][ T7873]  ? __pfx__printk+0x10/0x10
[  341.492433][ T7873]  ? find_vma+0xe7/0x160
[  341.492460][ T7873]  __get_user_pages+0x22f0/0x2860
[  341.492510][ T7873]  get_user_pages_remote+0x2f1/0xac0
[  341.492528][ T7873]  ? __pfx_mtree_load+0x10/0x10
[  341.492551][ T7873]  ? __pfx_get_user_pages_remote+0x10/0x10
[  341.492571][ T7873]  ? __access_remote_vm+0x367/0x7d0
[  341.492592][ T7873]  __access_remote_vm+0x211/0x7d0
[  341.492624][ T7873]  ? __pfx___access_remote_vm+0x10/0x10
[  341.492644][ T7873]  ? set_page_refcounted+0xa0/0x1e0
[  341.492665][ T7873]  ? alloc_pages_noprof+0xe4/0x1e0
[  341.492686][ T7873]  proc_pid_cmdline_read+0x433/0x810
[  341.492699][ T7873]  ? __asan_memset+0x22/0x50
[  341.492719][ T7873]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  341.492735][ T7873]  ? rw_verify_area+0x2ac/0x4e0
[  341.492754][ T7873]  vfs_readv+0x5b3/0x850
[  341.492772][ T7873]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  341.492787][ T7873]  ? __pfx_vfs_readv+0x10/0x10
[  341.492816][ T7873]  ? __fget_files+0x2a/0x420
[  341.492836][ T7873]  ? __fget_files+0x3a6/0x420
[  341.492852][ T7873]  ? __fget_files+0x2a/0x420
[  341.492875][ T7873]  __x64_sys_preadv+0x19a/0x2a0
[  341.492894][ T7873]  ? __pfx___x64_sys_preadv+0x10/0x10
[  341.492914][ T7873]  ? do_syscall_64+0xbe/0xfa0
[  341.492933][ T7873]  do_syscall_64+0xfa/0xfa0
[  341.492947][ T7873]  ? lockdep_hardirqs_on+0x9c/0x150
[  341.492962][ T7873]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.492976][ T7873]  ? clear_bhb_loop+0x60/0xb0
[  341.492992][ T7873]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  341.493004][ T7873] RIP: 0033:0x7f32813cefc9
[  341.493022][ T7873] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  341.493034][ T7873] RSP: 002b:00007f327f5f4038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  341.493055][ T7873] RAX: ffffffffffffffda RBX: 00007f3281626180 RCX: 00007f32813cefc9
[  341.493066][ T7873] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000006
[  341.493075][ T7873] RBP: 00007f3281451f91 R08: 0000000000000000 R09: 0000000000000000
[  341.493083][ T7873] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  341.493092][ T7873] R13: 00007f3281626218 R14: 00007f3281626180 R15: 00007ffeb016e318
[  341.493118][ T7873]  </TASK>
[  341.861958][ T5896] usb 3-1: new low-speed USB device number 15 using dummy_hcd
[  342.543349][    C0] vkms_vblank_simulate: vblank timer overrun
[  342.575179][ T5896] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  342.575234][ T5896] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  342.575258][ T5896] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  342.575281][ T5896] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  342.575303][ T5896] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  342.576854][ T5896] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  342.576904][ T5896] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  342.576928][ T5896] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  342.576950][ T5896] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  342.576973][ T5896] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  342.578344][ T5896] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  342.578392][ T5896] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  342.578416][ T5896] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  342.578438][ T5896] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  342.578461][ T5896] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  342.899695][    C0] vkms_vblank_simulate: vblank timer overrun
[  343.070389][ T7870] uprobe: syz.3.542:7870 failed to unregister, leaking uprobe
[  343.070472][ T7870] uprobe: syz.3.542:7870 failed to unregister, leaking uprobe
[  343.091735][ T7882] netlink: 4 bytes leftover after parsing attributes in process `syz.4.546'.
[  343.178740][ T7882] veth0_macvtap: left promiscuous mode
[  343.320263][    C0] vkms_vblank_simulate: vblank timer overrun
[  343.351506][    C0] vkms_vblank_simulate: vblank timer overrun
[  344.530998][ T7891] syzkaller0: entered promiscuous mode
[  344.531014][ T7891] syzkaller0: entered allmulticast mode
[  344.554506][ T5896] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  344.554532][ T5896] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  344.561357][ T5896] usb 3-1: can't set config #168, error -71
[  344.632934][ T5896] usb 3-1: USB disconnect, device number 15
[  345.305632][ T5896] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  345.684728][ T7904] overlayfs: failed to resolve './file1': -2
[  346.270111][ T5896] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  346.270144][ T5896] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  346.270181][ T5896] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  346.270201][ T5896] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  346.436226][ T7898] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  346.461892][ T5896] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  346.861521][    C0] vkms_vblank_simulate: vblank timer overrun
[  346.891197][    C0] vkms_vblank_simulate: vblank timer overrun
[  347.131301][    C0] vkms_vblank_simulate: vblank timer overrun
[  347.302388][ T5896] usb 3-1: USB disconnect, device number 16
[  347.583466][    C0] vkms_vblank_simulate: vblank timer overrun
[  347.770106][ T7924] sch_fq: defrate 4294967295 ignored.
[  348.362930][ T7915] tipc: Started in network mode
[  348.362958][ T7915] tipc: Node identity 3ec59fb0bcc9, cluster identity 4711
[  348.365119][ T7915] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  348.443583][    C0] vkms_vblank_simulate: vblank timer overrun
[  348.661396][    C0] vkms_vblank_simulate: vblank timer overrun
[  348.706195][ T7912] tipc: Disabling bearer <eth:syzkaller0>
[  349.703692][   T44] tipc: Node number set to 2181865392
[  349.770294][    C0] vkms_vblank_simulate: vblank timer overrun
[  350.089088][ T7943] fuse: Invalid rootmode
[  350.092547][ T7945] netlink: 4 bytes leftover after parsing attributes in process `syz.2.559'.
[  351.404648][    C0] vkms_vblank_simulate: vblank timer overrun
[  351.837642][    C0] vkms_vblank_simulate: vblank timer overrun
[  353.111679][    C0] vkms_vblank_simulate: vblank timer overrun
[  353.353041][ T7961] netlink: 4 bytes leftover after parsing attributes in process `syz.4.564'.
[  353.631379][    C0] vkms_vblank_simulate: vblank timer overrun
[  353.851602][    C0] vkms_vblank_simulate: vblank timer overrun
[  353.986803][    C0] vkms_vblank_simulate: vblank timer overrun
[  354.278112][    C0] vkms_vblank_simulate: vblank timer overrun
[  354.521099][    C0] vkms_vblank_simulate: vblank timer overrun
[  354.850153][    C0] vkms_vblank_simulate: vblank timer overrun
[  355.126804][    C0] vkms_vblank_simulate: vblank timer overrun
[  355.625673][ T7977] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  356.146522][ T7990] netlink: 4 bytes leftover after parsing attributes in process `syz.0.568'.
[  356.679722][    C0] vkms_vblank_simulate: vblank timer overrun
[  356.862503][ T7996] netlink: 'syz.1.570': attribute type 1 has an invalid length.
[  356.943776][ T7999] netlink: 8 bytes leftover after parsing attributes in process `syz.1.570'.
[  356.980437][ T7999] vlan3: entered allmulticast mode
[  356.980450][ T7999] bridge0: entered allmulticast mode
[  357.066920][ T8000] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  357.067766][ T8000] syzkaller0: entered promiscuous mode
[  357.067794][ T8000] syzkaller0: entered allmulticast mode
[  357.239430][    C0] vkms_vblank_simulate: vblank timer overrun
[  357.264233][ T7998] tipc: Resetting bearer <eth:syzkaller0>
[  357.394407][    C0] vkms_vblank_simulate: vblank timer overrun
[  357.988221][    C0] vkms_vblank_simulate: vblank timer overrun
[  358.377808][    C0] vkms_vblank_simulate: vblank timer overrun
[  358.578562][    C0] vkms_vblank_simulate: vblank timer overrun
[  358.643027][   T10] tipc: Node number set to 2883071832
[  358.660223][ T8005] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  358.703348][ T8012] netlink: 4 bytes leftover after parsing attributes in process `syz.0.575'.
[  358.921586][    C0] vkms_vblank_simulate: vblank timer overrun
[  358.993872][    C0] vkms_vblank_simulate: vblank timer overrun
[  359.189366][    C0] vkms_vblank_simulate: vblank timer overrun
[  359.351832][ T7998] tipc: Disabling bearer <eth:syzkaller0>
[  359.809348][ T8013] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  359.885753][ T8021] netlink: 4 bytes leftover after parsing attributes in process `syz.4.576'.
[  360.379622][    C0] vkms_vblank_simulate: vblank timer overrun
[  360.626404][    C0] vkms_vblank_simulate: vblank timer overrun
[  360.851282][ T8034] overlayfs: overlapping lowerdir path
[  361.114651][    C0] vkms_vblank_simulate: vblank timer overrun
[  361.367735][    C0] vkms_vblank_simulate: vblank timer overrun
[  361.417590][    C0] vkms_vblank_simulate: vblank timer overrun
[  361.563863][    C0] vkms_vblank_simulate: vblank timer overrun
[  362.847471][ T8045] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  364.050888][ T8059] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  365.057709][ T5869] usb 3-1: new low-speed USB device number 17 using dummy_hcd
[  365.147238][ T8066] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  365.148057][ T8066] syzkaller0: entered promiscuous mode
[  365.148076][ T8066] syzkaller0: entered allmulticast mode
[  365.193174][ T8065] tipc: Resetting bearer <eth:syzkaller0>
[  365.214425][ T5869] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  365.214477][ T5869] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  365.214496][ T5869] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  365.214509][ T5869] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  365.214521][ T5869] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  365.215565][ T5869] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  365.215613][ T5869] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  365.215630][ T5869] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  365.215643][ T5869] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  365.215655][ T5869] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  365.216672][ T5869] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  365.216724][ T5869] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  365.216739][ T5869] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  365.216751][ T5869] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  365.216764][ T5869] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  365.845275][ T8073] overlayfs: overlapping lowerdir path
[  366.672552][ T8065] tipc: Disabling bearer <eth:syzkaller0>
[  368.191053][ T5869] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  368.191082][ T5869] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  368.266562][ T5869] usb 3-1: can't set config #168, error -71
[  368.286683][ T5869] usb 3-1: USB disconnect, device number 17
[  368.313430][ T8092] netlink: 4 bytes leftover after parsing attributes in process `syz.1.598'.
[  368.408682][ T8098] netlink: 4 bytes leftover after parsing attributes in process `syz.0.597'.
[  368.422325][ T8092] veth0_macvtap: left promiscuous mode
[  369.086833][ T8109] overlayfs: failed to resolve './file1': -2
[  369.673499][    C1] vkms_vblank_simulate: vblank timer overrun
[  369.712732][    C1] vkms_vblank_simulate: vblank timer overrun
[  369.921592][    C1] vkms_vblank_simulate: vblank timer overrun
[  370.330005][    C1] vkms_vblank_simulate: vblank timer overrun
[  370.465755][ T8116] netlink: 4 bytes leftover after parsing attributes in process `syz.2.602'.
[  371.291187][    C1] vkms_vblank_simulate: vblank timer overrun
[  371.716635][    C1] vkms_vblank_simulate: vblank timer overrun
[  372.348576][    C1] vkms_vblank_simulate: vblank timer overrun
[  373.892182][ T8143] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  373.893136][ T8143] syzkaller0: entered promiscuous mode
[  373.893158][ T8143] syzkaller0: entered allmulticast mode
[  373.906017][    C1] vkms_vblank_simulate: vblank timer overrun
[  374.068194][    C1] vkms_vblank_simulate: vblank timer overrun
[  374.627094][    C1] vkms_vblank_simulate: vblank timer overrun
[  374.633244][ T8138] tipc: Resetting bearer <eth:syzkaller0>
[  374.682365][    C1] vkms_vblank_simulate: vblank timer overrun
[  374.972369][ T8138] tipc: Disabling bearer <eth:syzkaller0>
[  375.149751][ T8161] netlink: 4 bytes leftover after parsing attributes in process `syz.1.612'.
[  375.182735][ T7623] usb 3-1: new low-speed USB device number 18 using dummy_hcd
[  375.326282][    C0] vkms_vblank_simulate: vblank timer overrun
[  375.639940][    C0] vkms_vblank_simulate: vblank timer overrun
[  375.667762][ T7623] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  375.667813][ T7623] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  375.667838][ T7623] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  375.667861][ T7623] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  375.667882][ T7623] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  375.668987][ T7623] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  375.669034][ T7623] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  375.669058][ T7623] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  375.669080][ T7623] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  375.669103][ T7623] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  375.748884][ T8164] netlink: 4 bytes leftover after parsing attributes in process `syz.3.614'.
[  375.800192][ T7623] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[  375.800246][ T7623] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  375.800278][ T7623] usb 3-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  375.800301][ T7623] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  375.800323][ T7623] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  375.906129][ T8164] veth0_macvtap: left promiscuous mode
[  378.521249][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  378.521347][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  383.212426][ T7623] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  383.212480][ T7623] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  383.246652][ T7623] usb 3-1: can't set config #168, error -71
[  383.249395][ T7623] usb 3-1: USB disconnect, device number 18
[  383.784150][ T8191] netlink: 'syz.2.619': attribute type 11 has an invalid length.
[  383.933706][ T8193] netlink: 'syz.2.619': attribute type 29 has an invalid length.
[  383.933735][ T8193] netlink: 'syz.2.619': attribute type 3 has an invalid length.
[  383.933763][ T8193] netlink: 76 bytes leftover after parsing attributes in process `syz.2.619'.
[  384.282967][ T1228] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  384.502886][ T1228] usb 3-1: Using ep0 maxpacket: 8
[  385.073256][ T1228] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  385.079742][ T1228] usb 3-1: New USB device found, idVendor=0572, idProduct=0041, bcdDevice=70.54
[  385.079759][ T1228] usb 3-1: New USB device strings: Mfr=1, Product=34, SerialNumber=7
[  385.079769][ T1228] usb 3-1: Product: syz
[  385.079776][ T1228] usb 3-1: Manufacturer: syz
[  385.079782][ T1228] usb 3-1: SerialNumber: syz
[  385.125346][ T1228] usb 3-1: config 0 descriptor??
[  385.130633][ T1228] gspca_main: conex-2.14.0 probing 0572:0041
[  387.020121][ T1228] usb 3-1: USB disconnect, device number 19
[  387.142357][ T8218] fuse: Bad value for 'fd'
[  387.187802][ T8219] netlink: 4 bytes leftover after parsing attributes in process `syz.0.626'.
[  387.340555][    C0] vkms_vblank_simulate: vblank timer overrun
[  387.472643][    C0] vkms_vblank_simulate: vblank timer overrun
[  387.650195][    C0] vkms_vblank_simulate: vblank timer overrun
[  388.538718][    C0] vkms_vblank_simulate: vblank timer overrun
[  388.779436][    C0] vkms_vblank_simulate: vblank timer overrun
[  388.994946][    C0] vkms_vblank_simulate: vblank timer overrun
[  389.064144][ T8228] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  389.154876][ T8229] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  389.454890][    C0] vkms_vblank_simulate: vblank timer overrun
[  389.624090][ T8246] sch_fq: defrate 4294967295 ignored.
[  390.273523][    C0] vkms_vblank_simulate: vblank timer overrun
[  392.022614][    C0] vkms_vblank_simulate: vblank timer overrun
[  392.238800][ T8257] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  392.300873][    C0] vkms_vblank_simulate: vblank timer overrun
[  392.911799][ T8264] fuse: Bad value for 'fd'
[  392.962765][ T8268] netlink: 4 bytes leftover after parsing attributes in process `syz.4.640'.
[  395.817468][ T8292] netlink: 4 bytes leftover after parsing attributes in process `syz.1.646'.
[  396.194562][ T8299] netlink: 4 bytes leftover after parsing attributes in process `syz.4.647'.
[  398.962733][ T1602] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  399.044181][ T8320] fuse: Unknown parameter 'user_i00000000000000000000'
[  399.112787][ T1602] usb 4-1: Using ep0 maxpacket: 32
[  399.114380][ T1602] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC4, changing to 0x84
[  399.114397][ T1602] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  399.116471][ T1602] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=51.16
[  399.116485][ T1602] usb 4-1: New USB device strings: Mfr=154, Product=2, SerialNumber=3
[  399.116495][ T1602] usb 4-1: Product: syz
[  399.116502][ T1602] usb 4-1: Manufacturer: syz
[  399.116509][ T1602] usb 4-1: SerialNumber: syz
[  399.120240][ T1602] usb 4-1: config 0 descriptor??
[  399.222635][ T1602] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  399.973946][ T8329] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  399.974503][ T8329] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  400.180023][ T8334] netlink: 'syz.2.658': attribute type 1 has an invalid length.
[  400.235743][ T8338] netlink: 28 bytes leftover after parsing attributes in process `syz.2.658'.
[  400.258439][ T8334] 8021q: adding VLAN 0 to HW filter on device bond2
[  400.332693][ T8340] netlink: 4 bytes leftover after parsing attributes in process `syz.4.657'.
[  400.443303][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.567757][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.674047][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.774930][    C0] vkms_vblank_simulate: vblank timer overrun
[  400.835696][   T58] usb 4-1: Failed to submit usb control message: -110
[  400.837059][   T58] usb 4-1: unable to send the bmi data to the device: -110
[  400.837078][   T58] usb 4-1: unable to get target info from device
[  400.837103][   T58] usb 4-1: could not get target info (-110)
[  400.845084][   T58] usb 4-1: could not probe fw (-110)
[  400.876230][ T5889] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  400.926851][ T8334] vlan2: entered allmulticast mode
[  400.941534][ T8334] bond2: (slave vlan2): making interface the new active one
[  400.943389][ T8334] bond2: (slave vlan2): Enslaving as an active interface with an up link
[  401.161030][    C0] vkms_vblank_simulate: vblank timer overrun
[  401.162694][ T5889] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  401.162717][ T5889] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  401.162734][ T5889] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  401.162750][ T5889] usb 2-1: config 1 has no interface number 1
[  401.162787][ T5889] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  401.190529][ T5889] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  401.190553][ T5889] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  401.190570][ T5889] usb 2-1: Product: syz
[  401.190583][ T5889] usb 2-1: Manufacturer: syz
[  401.190603][ T5889] usb 2-1: SerialNumber: syz
[  402.456493][ T8346] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  402.456527][ T8346] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  402.456537][ T8346] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  402.456549][ T8346] overlayfs: missing 'lowerdir'
[  402.457328][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.581490][ T1602] usb 4-1: USB disconnect, device number 16
[  402.642095][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.799076][    C0] vkms_vblank_simulate: vblank timer overrun
[  402.958666][ T5889] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  402.958722][ T5889] usb 2-1: MIDIStreaming interface descriptor not found
[  403.026707][ T8357] netlink: 4 bytes leftover after parsing attributes in process `syz.3.661'.
[  403.069522][ T8362] netlink: 4 bytes leftover after parsing attributes in process `syz.0.662'.
[  403.152905][    C0] vkms_vblank_simulate: vblank timer overrun
[  403.456403][    C0] vkms_vblank_simulate: vblank timer overrun
[  403.588435][    C0] vkms_vblank_simulate: vblank timer overrun
[  403.905138][    C0] vkms_vblank_simulate: vblank timer overrun
[  403.962822][ T5934] usb 5-1: new low-speed USB device number 17 using dummy_hcd
[  404.012454][ T5889] usb 2-1: USB disconnect, device number 16
[  404.234382][ T5934] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  404.234434][ T5934] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  404.234458][ T5934] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  404.234479][ T5934] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  404.243328][ T5934] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  404.244564][ T5934] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  404.244613][ T5934] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  404.244636][ T5934] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  404.244658][ T5934] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  404.244681][ T5934] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  404.248360][ T5934] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  404.248409][ T5934] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  404.248432][ T5934] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  404.248454][ T5934] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  404.248476][ T5934] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  404.251925][ T5934] usb 5-1: string descriptor 0 read error: -22
[  404.252074][ T5934] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  404.252094][ T5934] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  404.504976][ T5934] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  404.552926][ T8369] udevd[8369]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  404.790715][ T8382] netlink: 'syz.1.665': attribute type 11 has an invalid length.
[  404.889028][ T8383] netlink: 'syz.1.665': attribute type 29 has an invalid length.
[  404.889047][ T8383] netlink: 'syz.1.665': attribute type 3 has an invalid length.
[  404.889059][ T8383] netlink: 76 bytes leftover after parsing attributes in process `syz.1.665'.
[  405.224085][ T5896] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  405.664369][ T8390] fuse: Unknown parameter 'user_i00000000000000000000'
[  405.683680][ T5896] usb 2-1: Using ep0 maxpacket: 8
[  405.739915][ T5896] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  405.778832][ T5896] usb 2-1: New USB device found, idVendor=0572, idProduct=0041, bcdDevice=70.54
[  405.778858][ T5896] usb 2-1: New USB device strings: Mfr=1, Product=34, SerialNumber=7
[  405.778875][ T5896] usb 2-1: Product: syz
[  405.778888][ T5896] usb 2-1: Manufacturer: syz
[  405.778900][ T5896] usb 2-1: SerialNumber: syz
[  405.804796][ T5896] usb 2-1: config 0 descriptor??
[  405.811466][ T5896] gspca_main: conex-2.14.0 probing 0572:0041
[  406.061993][ T8394] netlink: 'syz.2.669': attribute type 11 has an invalid length.
[  406.103844][ T5889] usb 5-1: USB disconnect, device number 17
[  406.211573][ T8396] netlink: 'syz.2.669': attribute type 29 has an invalid length.
[  406.211649][ T8396] netlink: 'syz.2.669': attribute type 3 has an invalid length.
[  406.211662][ T8396] netlink: 76 bytes leftover after parsing attributes in process `syz.2.669'.
[  406.993388][ T5932] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  407.162702][ T5932] usb 3-1: Using ep0 maxpacket: 8
[  407.230347][ T5932] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  407.265592][ T5932] usb 3-1: New USB device found, idVendor=0572, idProduct=0041, bcdDevice=70.54
[  407.265615][ T5932] usb 3-1: New USB device strings: Mfr=1, Product=34, SerialNumber=7
[  407.265625][ T5932] usb 3-1: Product: syz
[  407.265631][ T5932] usb 3-1: Manufacturer: syz
[  407.265714][ T5932] usb 3-1: SerialNumber: syz
[  407.370050][ T5932] usb 3-1: config 0 descriptor??
[  407.399074][ T5932] gspca_main: conex-2.14.0 probing 0572:0041
[  407.404155][ T8407] netlink: 'syz.3.672': attribute type 11 has an invalid length.
[  407.548926][ T8408] netlink: 'syz.3.672': attribute type 29 has an invalid length.
[  407.548947][ T8408] netlink: 'syz.3.672': attribute type 3 has an invalid length.
[  407.549049][ T8408] netlink: 76 bytes leftover after parsing attributes in process `syz.3.672'.
[  408.020093][   T10] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  408.302791][   T10] usb 4-1: Using ep0 maxpacket: 8
[  408.318490][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  408.434708][ T5932] videodev: could not get a free minor
[  408.434722][ T5932] gspca_main: video_register_device err -23
[  408.437619][ T5932] conex 3-1:0.0: probe with driver conex failed with error -23
[  408.540974][   T10] usb 4-1: New USB device found, idVendor=0572, idProduct=0041, bcdDevice=70.54
[  408.541002][   T10] usb 4-1: New USB device strings: Mfr=1, Product=34, SerialNumber=7
[  408.541020][   T10] usb 4-1: Product: syz
[  408.541032][   T10] usb 4-1: Manufacturer: syz
[  408.541045][   T10] usb 4-1: SerialNumber: syz
[  408.578727][   T10] usb 4-1: config 0 descriptor??
[  408.591636][   T10] gspca_main: conex-2.14.0 probing 0572:0041
[  409.173022][   T10] videodev: could not get a free minor
[  409.173031][   T10] gspca_main: video_register_device err -23
[  409.173214][   T10] conex 4-1:0.0: probe with driver conex failed with error -23
[  410.059582][   T10] usb 3-1: USB disconnect, device number 20
[  410.212800][ T5896] usb 2-1: USB disconnect, device number 17
[  410.556409][ T8420] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  410.556427][ T8420] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  410.556432][ T8420] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[  410.556438][ T8420] overlayfs: missing 'lowerdir'
[  410.684376][ T5869] usb 4-1: USB disconnect, device number 17
[  411.256959][ T8436] fuse: Unknown parameter 'user_id00000000000000000000'
[  412.138512][ T8449] netlink: 4 bytes leftover after parsing attributes in process `syz.3.683'.
[  414.593945][ T8475] netlink: 4 bytes leftover after parsing attributes in process `syz.1.691'.
[  415.364515][ T8483] fuse: Unknown parameter 'user_id00000000000000000000'
[  416.982992][ T8494] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  418.827277][ T8508] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  418.835837][ T8518] fuse: Unknown parameter 'user_id00000000000000000000'
[  419.121788][ T8526] netlink: 4 bytes leftover after parsing attributes in process `syz.0.708'.
[  419.777982][ T8533] netlink: 4 bytes leftover after parsing attributes in process `syz.1.709'.
[  421.054639][ T8547] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  421.076907][ T8547] syzkaller0: entered promiscuous mode
[  421.076930][ T8547] syzkaller0: entered allmulticast mode
[  421.173349][ T8544] tipc: Resetting bearer <eth:syzkaller0>
[  421.790365][ T8544] tipc: Disabling bearer <eth:syzkaller0>
[  421.834585][ T8561] fuse: Bad value for 'fd'
[  422.056334][ T8568] netlink: 'syz.0.717': attribute type 11 has an invalid length.
[  422.575847][ T5869] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  423.194395][ T5869] usb 1-1: Using ep0 maxpacket: 8
[  423.308369][ T5869] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  423.323299][ T5869] usb 1-1: New USB device found, idVendor=0572, idProduct=0041, bcdDevice=70.54
[  423.323315][ T5869] usb 1-1: New USB device strings: Mfr=1, Product=34, SerialNumber=7
[  423.323326][ T5869] usb 1-1: Product: syz
[  423.323333][ T5869] usb 1-1: Manufacturer: syz
[  423.323340][ T5869] usb 1-1: SerialNumber: syz
[  423.327025][ T5869] usb 1-1: config 0 descriptor??
[  423.383306][ T5869] gspca_main: conex-2.14.0 probing 0572:0041
[  424.799268][ T8596] fuse: Bad value for 'fd'
[  424.849472][   T10] usb 1-1: USB disconnect, device number 22
[  425.265866][ T8604] overlayfs: overlapping lowerdir path
[  425.378797][ T8605] netlink: 16 bytes leftover after parsing attributes in process `syz.0.732'.
[  426.570489][ T8609] syzkaller0: entered promiscuous mode
[  426.570513][ T8609] syzkaller0: entered allmulticast mode
[  427.458516][    C0] vkms_vblank_simulate: vblank timer overrun
[  427.736333][    C0] vkms_vblank_simulate: vblank timer overrun
[  427.958698][    C0] vkms_vblank_simulate: vblank timer overrun
[  428.174882][    C0] vkms_vblank_simulate: vblank timer overrun
[  428.414883][ T8633] netlink: 4 bytes leftover after parsing attributes in process `syz.0.741'.
[  428.606277][    C0] vkms_vblank_simulate: vblank timer overrun
[  428.894311][    C0] vkms_vblank_simulate: vblank timer overrun
[  429.173821][ T8642] netlink: 4 bytes leftover after parsing attributes in process `syz.4.744'.
[  429.381059][    C0] vkms_vblank_simulate: vblank timer overrun
[  429.688251][    C0] vkms_vblank_simulate: vblank timer overrun
[  430.093926][    C0] vkms_vblank_simulate: vblank timer overrun
[  431.059127][    C0] vkms_vblank_simulate: vblank timer overrun
[  431.257124][ T8667] syzkaller0: entered promiscuous mode
[  431.257141][ T8667] syzkaller0: entered allmulticast mode
[  432.722154][ T8685] netlink: 'syz.2.754': attribute type 11 has an invalid length.
[  433.135232][ T8689] overlayfs: overlapping lowerdir path
[  433.210631][ T8690] netlink: 16 bytes leftover after parsing attributes in process `syz.4.757'.
[  434.029053][ T5896] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  434.192906][ T5896] usb 3-1: Using ep0 maxpacket: 8
[  434.196996][ T5896] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  434.202092][ T5896] usb 3-1: New USB device found, idVendor=0572, idProduct=0041, bcdDevice=70.54
[  434.202117][ T5896] usb 3-1: New USB device strings: Mfr=1, Product=34, SerialNumber=7
[  434.202136][ T5896] usb 3-1: Product: syz
[  434.202148][ T5896] usb 3-1: Manufacturer: syz
[  434.202160][ T5896] usb 3-1: SerialNumber: syz
[  434.209584][ T5896] usb 3-1: config 0 descriptor??
[  434.215388][ T5896] gspca_main: conex-2.14.0 probing 0572:0041
[  435.236322][    C1] vkms_vblank_simulate: vblank timer overrun
[  435.338689][    C1] vkms_vblank_simulate: vblank timer overrun
[  435.390719][ T8701] netlink: 12 bytes leftover after parsing attributes in process `syz.1.759'.
[  435.405274][    C1] vkms_vblank_simulate: vblank timer overrun
[  436.038255][    C1] vkms_vblank_simulate: vblank timer overrun
[  436.343116][    C1] vkms_vblank_simulate: vblank timer overrun
[  436.853449][ T5932] usb 3-1: USB disconnect, device number 21
[  438.471915][    C1] vkms_vblank_simulate: vblank timer overrun
[  440.210723][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  440.210766][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  442.153388][ T8749] netlink: 4 bytes leftover after parsing attributes in process `syz.4.772'.
[  443.807374][ T8754] netlink: 12 bytes leftover after parsing attributes in process `syz.1.773'.
[  444.439215][ T8762] netlink: 4 bytes leftover after parsing attributes in process `syz.4.774'.
[  447.423781][ T8796] netlink: 4 bytes leftover after parsing attributes in process `syz.4.783'.
[  448.842720][   T10] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  448.992691][   T10] usb 5-1: Using ep0 maxpacket: 32
[  448.994599][   T10] usb 5-1: config 0 has an invalid interface number: 59 but max is 0
[  448.994613][   T10] usb 5-1: config 0 has no interface number 0
[  448.994631][   T10] usb 5-1: config 0 interface 59 has no altsetting 0
[  448.996964][   T10] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  448.996978][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  448.996988][   T10] usb 5-1: Product: syz
[  448.996995][   T10] usb 5-1: Manufacturer: syz
[  448.997002][   T10] usb 5-1: SerialNumber: syz
[  449.063524][   T10] usb 5-1: config 0 descriptor??
[  449.066082][   T10] smsc75xx v1.0.0
[  449.066092][   T10] smsc75xx 5-1:0.59 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  449.068650][   T10] smsc75xx 5-1:0.59: probe with driver smsc75xx failed with error -22
[  449.108037][ T8810] netlink: 4 bytes leftover after parsing attributes in process `syz.2.787'.
[  449.480739][    C0] vkms_vblank_simulate: vblank timer overrun
[  449.571908][    C0] vkms_vblank_simulate: vblank timer overrun
[  451.326484][ T8835] netlink: 4 bytes leftover after parsing attributes in process `syz.3.793'.
[  451.483222][    C0] vkms_vblank_simulate: vblank timer overrun
[  451.752450][    C0] vkms_vblank_simulate: vblank timer overrun
[  451.817595][    C0] vkms_vblank_simulate: vblank timer overrun
[  451.952197][ T5896] usb 5-1: USB disconnect, device number 18
[  452.903409][    C0] vkms_vblank_simulate: vblank timer overrun
[  456.184542][    C0] vkms_vblank_simulate: vblank timer overrun
[  456.299813][    C0] vkms_vblank_simulate: vblank timer overrun
[  458.007967][    C1] vkms_vblank_simulate: vblank timer overrun
[  458.282715][ T5896] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  458.432836][ T5896] usb 2-1: Using ep0 maxpacket: 32
[  458.822749][ T5896] usb 2-1: config 0 has an invalid interface number: 59 but max is 0
[  458.822776][ T5896] usb 2-1: config 0 has no interface number 0
[  458.822809][ T5896] usb 2-1: config 0 interface 59 has no altsetting 0
[  458.829911][ T5896] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  458.829936][ T5896] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  458.829953][ T5896] usb 2-1: Product: syz
[  458.829965][ T5896] usb 2-1: Manufacturer: syz
[  458.829978][ T5896] usb 2-1: SerialNumber: syz
[  458.885656][ T5896] usb 2-1: config 0 descriptor??
[  458.898974][ T5896] smsc75xx v1.0.0
[  458.898984][ T5896] smsc75xx 2-1:0.59 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  458.899130][ T5896] smsc75xx 2-1:0.59: probe with driver smsc75xx failed with error -22
[  459.522752][ T5932] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  459.710375][ T5932] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  459.710408][ T5932] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  459.710445][ T5932] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  459.710465][ T5932] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  459.846945][ T8899] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  459.867921][ T5932] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  461.435300][ T1602] usb 2-1: USB disconnect, device number 18
[  461.437461][ T5932] usb 1-1: USB disconnect, device number 23
[  465.302712][ T5896] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  465.454570][ T5896] usb 5-1: Using ep0 maxpacket: 8
[  465.456202][ T5896] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  465.458033][ T5896] usb 5-1: New USB device found, idVendor=0572, idProduct=0041, bcdDevice=70.54
[  465.458047][ T5896] usb 5-1: New USB device strings: Mfr=1, Product=34, SerialNumber=7
[  465.458058][ T5896] usb 5-1: Product: syz
[  465.458064][ T5896] usb 5-1: Manufacturer: syz
[  465.458071][ T5896] usb 5-1: SerialNumber: syz
[  465.465600][ T5896] usb 5-1: config 0 descriptor??
[  465.468495][ T5896] gspca_main: conex-2.14.0 probing 0572:0041
[  465.692715][ T5932] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  465.842689][ T5932] usb 3-1: Using ep0 maxpacket: 32
[  465.847176][ T5932] usb 3-1: config 0 has an invalid interface number: 59 but max is 0
[  465.847198][ T5932] usb 3-1: config 0 has no interface number 0
[  465.847226][ T5932] usb 3-1: config 0 interface 59 has no altsetting 0
[  465.850461][ T5932] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  465.850485][ T5932] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  465.850503][ T5932] usb 3-1: Product: syz
[  465.850513][ T5932] usb 3-1: Manufacturer: syz
[  465.850520][ T5932] usb 3-1: SerialNumber: syz
[  465.863746][ T5932] usb 3-1: config 0 descriptor??
[  465.890123][ T5932] smsc75xx v1.0.0
[  465.890138][ T5932] smsc75xx 3-1:0.59 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  465.890396][ T5932] smsc75xx 3-1:0.59: probe with driver smsc75xx failed with error -22
[  467.294404][ T5932] usb 5-1: USB disconnect, device number 19
[  468.161121][ T5932] usb 3-1: USB disconnect, device number 22
[  473.691218][ T9004] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  476.300555][ T9051] netlink: 'syz.3.856': attribute type 11 has an invalid length.
[  476.613317][ T1228] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  476.772653][ T1228] usb 4-1: Using ep0 maxpacket: 8
[  476.775014][ T1228] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  476.777089][ T1228] usb 4-1: New USB device found, idVendor=0572, idProduct=0041, bcdDevice=70.54
[  476.777103][ T1228] usb 4-1: New USB device strings: Mfr=1, Product=34, SerialNumber=7
[  476.777113][ T1228] usb 4-1: Product: syz
[  476.777120][ T1228] usb 4-1: Manufacturer: syz
[  476.777127][ T1228] usb 4-1: SerialNumber: syz
[  476.781207][ T1228] usb 4-1: config 0 descriptor??
[  476.839708][ T1228] gspca_main: conex-2.14.0 probing 0572:0041
[  477.175785][ T1228] usb 4-1: USB disconnect, device number 18
[  483.822526][ T9105] netlink: 'syz.0.872': attribute type 11 has an invalid length.
[  484.442830][ T5889] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  484.712908][ T5889] usb 1-1: Using ep0 maxpacket: 8
[  484.794859][ T5889] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  485.316053][ T5889] usb 1-1: New USB device found, idVendor=0572, idProduct=0041, bcdDevice=70.54
[  485.316081][ T5889] usb 1-1: New USB device strings: Mfr=1, Product=34, SerialNumber=7
[  485.316100][ T5889] usb 1-1: Product: syz
[  485.316111][ T5889] usb 1-1: Manufacturer: syz
[  485.316123][ T5889] usb 1-1: SerialNumber: syz
[  485.323844][ T5889] usb 1-1: config 0 descriptor??
[  485.384283][ T5889] gspca_main: conex-2.14.0 probing 0572:0041
[  486.228731][ T5889] usb 1-1: USB disconnect, device number 24
[  486.310670][ T5896] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  486.703541][ T5896] usb 2-1: Using ep0 maxpacket: 32
[  486.874890][ T5896] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC4, changing to 0x84
[  486.874918][ T5896] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  486.880723][ T5896] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=51.16
[  486.880739][ T5896] usb 2-1: New USB device strings: Mfr=154, Product=2, SerialNumber=3
[  486.880751][ T5896] usb 2-1: Product: syz
[  486.880759][ T5896] usb 2-1: Manufacturer: syz
[  486.880766][ T5896] usb 2-1: SerialNumber: syz
[  486.946854][ T5896] usb 2-1: config 0 descriptor??
[  487.135932][ T5896] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  487.422858][ T9142] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  487.423391][ T9142] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  489.068572][ T1127] usb 2-1: Failed to submit usb control message: -110
[  489.068609][ T1127] usb 2-1: unable to send the bmi data to the device: -110
[  489.068625][ T1127] usb 2-1: unable to get target info from device
[  489.068638][ T1127] usb 2-1: could not get target info (-110)
[  489.068719][ T1127] usb 2-1: could not probe fw (-110)
[  489.150091][ T1602] usb 2-1: USB disconnect, device number 19
[  491.526386][ T1271] Bluetooth: hci5: Frame reassembly failed (-84)
[  491.535414][ T1127] Bluetooth: hci5: Frame reassembly failed (-84)
[  491.537937][ T1408] Bluetooth: hci5: Frame reassembly failed (-84)
[  491.538018][ T1408] Bluetooth: hci5: Frame reassembly failed (-84)
[  491.538092][ T1408] Bluetooth: hci5: Frame reassembly failed (-84)
[  491.538162][ T1408] Bluetooth: hci5: Frame reassembly failed (-84)
[  493.562930][ T5809] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  499.558401][ T9243] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  501.396437][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  501.396478][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  501.998380][ T9265] netlink: 4 bytes leftover after parsing attributes in process `syz.0.918'.
[  505.845433][ T9281] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  506.927125][ T9287] syz.4.924 (9287): drop_caches: 2
[  515.479813][ T9362] fuse: Unknown parameter 'grou00000000000000000000'
[  515.664714][ T9356] uprobe: syz.2.949:9356 failed to unregister, leaking uprobe
[  515.889107][ T9367] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  517.334229][    C0] vkms_vblank_simulate: vblank timer overrun
[  517.336908][ T9385] program syz.1.957 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  517.648462][    C0] vkms_vblank_simulate: vblank timer overrun
[  518.060005][    C0] vkms_vblank_simulate: vblank timer overrun
[  518.284902][    C0] vkms_vblank_simulate: vblank timer overrun
[  518.452719][    C0] vkms_vblank_simulate: vblank timer overrun
[  518.623390][    C0] vkms_vblank_simulate: vblank timer overrun
[  518.800984][    C0] vkms_vblank_simulate: vblank timer overrun
[  518.935336][    C0] vkms_vblank_simulate: vblank timer overrun
[  519.234054][    C0] vkms_vblank_simulate: vblank timer overrun
[  519.331509][    C0] vkms_vblank_simulate: vblank timer overrun
[  524.934561][ T9404] netlink: 12 bytes leftover after parsing attributes in process `syz.2.964'.
[  525.095370][ T9405] netlink: 12 bytes leftover after parsing attributes in process `syz.2.964'.
[  525.728088][    C0] vkms_vblank_simulate: vblank timer overrun
[  525.951236][    C0] vkms_vblank_simulate: vblank timer overrun
[  527.006812][    C0] vkms_vblank_simulate: vblank timer overrun
[  527.490314][    C0] vkms_vblank_simulate: vblank timer overrun
[  527.571053][    C0] vkms_vblank_simulate: vblank timer overrun
[  527.609096][    C0] vkms_vblank_simulate: vblank timer overrun
[  527.801843][    C0] vkms_vblank_simulate: vblank timer overrun
[  527.946064][    C0] vkms_vblank_simulate: vblank timer overrun
[  528.048009][    C0] vkms_vblank_simulate: vblank timer overrun
[  528.071579][ T9419] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  528.842722][    C0] vkms_vblank_simulate: vblank timer overrun
[  532.160547][ T9451] loop2: detected capacity change from 0 to 1
[  532.421278][ T9401] Dev loop2: unable to read RDB block 1
[  532.421329][ T9401]  loop2: unable to read partition table
[  532.421583][ T9401] loop2: partition table beyond EOD, truncated
[  532.443939][ T9451] Dev loop2: unable to read RDB block 1
[  532.444062][ T9451]  loop2: unable to read partition table
[  532.453973][ T9451] loop2: partition table beyond EOD, truncated
[  532.454017][ T9451] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  533.720962][ T5169] Dev loop2: unable to read RDB block 1
[  533.721007][ T5169]  loop2: unable to read partition table
[  533.721243][ T5169] loop2: partition table beyond EOD, truncated
[  535.182748][   T31] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  535.332657][   T31] usb 1-1: Using ep0 maxpacket: 32
[  535.336608][   T31] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC4, changing to 0x84
[  535.336635][   T31] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  535.341512][   T31] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=51.16
[  535.341536][   T31] usb 1-1: New USB device strings: Mfr=154, Product=2, SerialNumber=3
[  535.341554][   T31] usb 1-1: Product: syz
[  535.341566][   T31] usb 1-1: Manufacturer: syz
[  535.341579][   T31] usb 1-1: SerialNumber: syz
[  535.428927][   T31] usb 1-1: config 0 descriptor??
[  535.467828][   T31] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  535.808556][ T9488] ptm ptm1: ldisc open failed (-12), clearing slot 1
[  535.842180][ T9490] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  535.842778][ T9490] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  536.740395][   T58] usb 1-1: Failed to submit usb control message: -110
[  536.741279][   T58] usb 1-1: unable to send the bmi data to the device: -110
[  536.741478][   T58] usb 1-1: unable to get target info from device
[  536.741493][   T58] usb 1-1: could not get target info (-110)
[  536.743408][   T58] usb 1-1: could not probe fw (-110)
[  536.964427][ T5896] usb 1-1: USB disconnect, device number 25
[  539.062135][ T9516] netlink: 64 bytes leftover after parsing attributes in process `syz.2.999'.
[  540.877193][ T1602] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  541.153712][ T1602] usb 5-1: Using ep0 maxpacket: 32
[  541.209004][    C1] vkms_vblank_simulate: vblank timer overrun
[  541.224415][ T1602] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC4, changing to 0x84
[  541.224443][ T1602] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  541.229111][ T1602] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=51.16
[  541.229135][ T1602] usb 5-1: New USB device strings: Mfr=154, Product=2, SerialNumber=3
[  541.229152][ T1602] usb 5-1: Product: syz
[  541.229165][ T1602] usb 5-1: Manufacturer: syz
[  541.229177][ T1602] usb 5-1: SerialNumber: syz
[  541.444752][ T1602] usb 5-1: config 0 descriptor??
[  541.494777][ T1602] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  541.704936][ T9545] netlink: 'syz.1.1009': attribute type 1 has an invalid length.
[  541.780129][ T9548] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1009'.
[  541.796586][ T9549] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  541.797134][ T9549] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  543.162455][ T6296] usb 5-1: Failed to submit usb control message: -110
[  543.162491][ T6296] usb 5-1: unable to send the bmi data to the device: -110
[  543.162507][ T6296] usb 5-1: unable to get target info from device
[  543.183999][ T6296] usb 5-1: could not get target info (-110)
[  543.184162][ T6296] usb 5-1: could not probe fw (-110)
[  543.232853][ T9558] uprobe: syz.0.1012:9558 failed to unregister, leaking uprobe
[  543.260680][ T1228] usb 5-1: USB disconnect, device number 20
[  543.567698][ T9534] Falling back ldisc for ttyprintk.
[  543.893059][ T9568] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1016'.
[  545.049587][    C1] vkms_vblank_simulate: vblank timer overrun
[  545.177059][    C1] vkms_vblank_simulate: vblank timer overrun
[  545.388835][ T9563] syz.1.1014 (9563): drop_caches: 2
[  545.569314][    C1] vkms_vblank_simulate: vblank timer overrun
[  545.605512][    C1] vkms_vblank_simulate: vblank timer overrun
[  546.005385][    C1] vkms_vblank_simulate: vblank timer overrun
[  549.863595][    C1] vkms_vblank_simulate: vblank timer overrun
[  549.891672][ T9597] uprobe: syz.1.1025:9597 failed to unregister, leaking uprobe
[  550.927546][    C1] vkms_vblank_simulate: vblank timer overrun
[  551.243127][    C1] vkms_vblank_simulate: vblank timer overrun
[  551.321618][    C1] vkms_vblank_simulate: vblank timer overrun
[  552.874097][    C1] vkms_vblank_simulate: vblank timer overrun
[  552.912325][    C1] vkms_vblank_simulate: vblank timer overrun
[  553.025131][    C1] vkms_vblank_simulate: vblank timer overrun
[  553.531460][    C1] vkms_vblank_simulate: vblank timer overrun
[  554.030348][    C1] vkms_vblank_simulate: vblank timer overrun
[  554.204177][    C1] vkms_vblank_simulate: vblank timer overrun
[  555.230902][    C1] vkms_vblank_simulate: vblank timer overrun
[  555.371535][    C1] vkms_vblank_simulate: vblank timer overrun
[  555.643152][ T9627] program syz.4.1037 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  557.795844][    C1] vkms_vblank_simulate: vblank timer overrun
[  557.834352][ T9656] uprobe: syz.2.1044:9656 failed to unregister, leaking uprobe
[  558.084608][    C1] vkms_vblank_simulate: vblank timer overrun
[  558.791052][    C1] vkms_vblank_simulate: vblank timer overrun
[  558.961401][    C1] vkms_vblank_simulate: vblank timer overrun
[  559.731652][    C1] vkms_vblank_simulate: vblank timer overrun
[  560.015437][    C1] vkms_vblank_simulate: vblank timer overrun
[  560.161696][    C1] vkms_vblank_simulate: vblank timer overrun
[  560.219359][    C1] vkms_vblank_simulate: vblank timer overrun
[  560.609650][    C1] vkms_vblank_simulate: vblank timer overrun
[  561.070517][    C1] vkms_vblank_simulate: vblank timer overrun
[  561.656544][    C1] vkms_vblank_simulate: vblank timer overrun
[  562.109878][ T9703] trusted_key: encrypted_key: insufficient parameters specified
[  562.883487][ T9705] program syz.1.1059 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  562.965654][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  562.965724][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  563.063657][ T9702] blktrace: Concurrent blktraces are not allowed on sg0
[  563.252759][ T5896] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  563.427101][ T5896] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  563.427198][ T5896] usb 4-1: config 0 has no interfaces?
[  563.468762][ T5896] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  563.468789][ T5896] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  563.468809][ T5896] usb 4-1: Product: syz
[  563.468821][ T5896] usb 4-1: Manufacturer: syz
[  563.468834][ T5896] usb 4-1: SerialNumber: syz
[  563.511979][ T5896] usb 4-1: config 0 descriptor??
[  564.590084][ T5896] usb 4-1: USB disconnect, device number 19
[  565.475426][ T9720] uprobe: syz.2.1063:9720 failed to unregister, leaking uprobe
[  567.471058][ T9738] trusted_key: encrypted_key: insufficient parameters specified
[  568.174986][    C0] vkms_vblank_simulate: vblank timer overrun
[  573.487105][    C0] vkms_vblank_simulate: vblank timer overrun
[  573.749399][    C0] vkms_vblank_simulate: vblank timer overrun
[  574.248368][    C0] vkms_vblank_simulate: vblank timer overrun
[  574.796111][    C0] vkms_vblank_simulate: vblank timer overrun
[  575.041001][    C0] vkms_vblank_simulate: vblank timer overrun
[  575.182900][ T9782] netlink: 'syz.0.1080': attribute type 1 has an invalid length.
[  575.457099][ T9786] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1080'.
[  576.019156][ T9776] mkiss: ax0: crc mode is auto.
[  576.305006][    C0] vkms_vblank_simulate: vblank timer overrun
[  576.382078][    C0] vkms_vblank_simulate: vblank timer overrun
[  577.189065][    C0] vkms_vblank_simulate: vblank timer overrun
[  577.283018][ T9800] program syz.3.1086 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  577.285342][ T9800] blktrace: Concurrent blktraces are not allowed on sg0
[  579.948128][    C0] vkms_vblank_simulate: vblank timer overrun
[  579.973078][    C0] vkms_vblank_simulate: vblank timer overrun
[  587.666892][   T37] audit: type=1326 audit(1761402658.874:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9831 comm="syz.2.1099" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7faa873cefc9 code=0x0
[  588.185245][    C1] vkms_vblank_simulate: vblank timer overrun
[  588.518156][ T9833] syz.2.1099 (9833) used greatest stack depth: 16696 bytes left
[  590.422312][    C1] vkms_vblank_simulate: vblank timer overrun
[  590.983490][    C1] vkms_vblank_simulate: vblank timer overrun
[  591.210290][    C1] vkms_vblank_simulate: vblank timer overrun
[  591.533629][ T9873] ptm ptm0: ldisc open failed (-12), clearing slot 0
[  591.789304][ T9881] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1114'.
[  592.389632][    C1] vkms_vblank_simulate: vblank timer overrun
[  592.728595][    C1] vkms_vblank_simulate: vblank timer overrun
[  593.467994][    C1] vkms_vblank_simulate: vblank timer overrun
[  593.468124][    C1] vkms_vblank_simulate: vblank timer overrun
[  593.669887][ T9899] syzkaller0: entered promiscuous mode
[  593.669912][ T9899] syzkaller0: entered allmulticast mode
[  594.463211][    C1] vkms_vblank_simulate: vblank timer overrun
[  595.639650][    C1] vkms_vblank_simulate: vblank timer overrun
[  596.892196][    C1] vkms_vblank_simulate: vblank timer overrun
[  597.041285][    C1] vkms_vblank_simulate: vblank timer overrun
[  597.320037][    C1] vkms_vblank_simulate: vblank timer overrun
[  597.593695][    C1] vkms_vblank_simulate: vblank timer overrun
[  608.919420][    C0] vkms_vblank_simulate: vblank timer overrun
[  608.920626][ T9959] uprobe: syz.2.1138:9959 failed to unregister, leaking uprobe
[  610.502874][    C0] vkms_vblank_simulate: vblank timer overrun
[  610.768648][ T9935] syz.0.1132 (9935): drop_caches: 2
[  611.722664][    C0] vkms_vblank_simulate: vblank timer overrun
[  612.108866][    C0] vkms_vblank_simulate: vblank timer overrun
[  612.777280][    C0] vkms_vblank_simulate: vblank timer overrun
[  614.166359][ T9995] program syz.0.1151 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  614.167357][ T9995] blktrace: Concurrent blktraces are not allowed on sg0
[  614.522732][ T5934] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  615.576589][ T5934] usb 2-1: Using ep0 maxpacket: 32
[  615.979639][ T5934] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC4, changing to 0x84
[  615.979657][ T5934] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  615.981456][ T5934] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=51.16
[  615.981471][ T5934] usb 2-1: New USB device strings: Mfr=154, Product=2, SerialNumber=3
[  615.981481][ T5934] usb 2-1: Product: syz
[  615.981488][ T5934] usb 2-1: Manufacturer: syz
[  615.981495][ T5934] usb 2-1: SerialNumber: syz
[  616.046167][ T5934] usb 2-1: config 0 descriptor??
[  616.073463][ T5934] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  616.382133][T10018] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  616.408439][T10018] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  617.757384][ T1127] usb 2-1: Failed to submit usb control message: -110
[  617.757405][ T1127] usb 2-1: unable to send the bmi data to the device: -110
[  617.757414][ T1127] usb 2-1: unable to get target info from device
[  617.757421][ T1127] usb 2-1: could not get target info (-110)
[  617.757628][ T1127] usb 2-1: could not probe fw (-110)
[  617.808069][ T1228] usb 2-1: USB disconnect, device number 20
[  620.281173][T10044] syzkaller0: entered promiscuous mode
[  620.281196][T10044] syzkaller0: entered allmulticast mode
[  622.256848][    C1] vkms_vblank_simulate: vblank timer overrun
[  622.291401][T10051] uprobe: syz.2.1164:10051 failed to unregister, leaking uprobe
[  622.411659][    C1] vkms_vblank_simulate: vblank timer overrun
[  622.494488][    C1] vkms_vblank_simulate: vblank timer overrun
[  623.058661][    C1] vkms_vblank_simulate: vblank timer overrun
[  624.280070][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  624.280112][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  630.435749][ T5809] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  630.440690][ T5809] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  630.446309][ T5809] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  630.447867][ T5809] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  630.448648][ T5809] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  630.453348][ T5934] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  630.460402][ T9179] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  630.473650][ T9179] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  630.474100][ T9179] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  630.475271][ T9179] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  630.476078][ T9179] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  631.991687][    C1] vkms_vblank_simulate: vblank timer overrun
[  632.471235][    C1] vkms_vblank_simulate: vblank timer overrun
[  632.556008][    C1] vkms_vblank_simulate: vblank timer overrun
[  632.890112][    C1] vkms_vblank_simulate: vblank timer overrun
[  632.977363][    C1] vkms_vblank_simulate: vblank timer overrun
[  633.087482][    C1] vkms_vblank_simulate: vblank timer overrun
[  633.308289][    C1] vkms_vblank_simulate: vblank timer overrun
[  633.869698][ T5809] Bluetooth: hci5: command tx timeout
[  633.952676][ T5934] usb 1-1: Using ep0 maxpacket: 32
[  634.086770][    C1] vkms_vblank_simulate: vblank timer overrun
[  634.153858][ T5934] usb 1-1: device descriptor read/all, error -71
[  635.872776][ T5809] Bluetooth: hci5: command tx timeout
[  640.693958][ T5809] Bluetooth: hci5: command tx timeout
[  642.756134][ T9179] Bluetooth: hci5: command tx timeout
[  642.879626][T10115] syzkaller0: entered promiscuous mode
[  642.879651][T10115] syzkaller0: entered allmulticast mode
[  643.879849][T10132] uprobe: syz.1.1182:10132 failed to unregister, leaking uprobe
[  644.252925][   T37] audit: type=1326 audit(1761402715.454:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10139 comm="syz.4.1185" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff1a8a5efc9 code=0x0
[  645.150526][    C1] vkms_vblank_simulate: vblank timer overrun
[  645.315769][T10153] vim2m vim2m.0: Fourcc format (0x42474752) invalid.
[  646.174366][    C1] vkms_vblank_simulate: vblank timer overrun
[  646.380816][    C1] vkms_vblank_simulate: vblank timer overrun
[  646.693947][T10162] No control pipe specified
[  648.062158][ T6294] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  649.126707][ T6294] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  649.382616][ T1228] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  649.589287][    C1] vkms_vblank_simulate: vblank timer overrun
[  649.672943][ T1228] usb 5-1: Using ep0 maxpacket: 32
[  649.764783][    C1] vkms_vblank_simulate: vblank timer overrun
[  650.387483][    C1] vkms_vblank_simulate: vblank timer overrun
[  650.596781][ T1228] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  650.596805][ T1228] usb 5-1: config 0 has no interface number 0
[  650.596849][ T1228] usb 5-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  650.596867][ T1228] usb 5-1: config 0 interface 1 has no altsetting 0
[  650.605282][ T1228] usb 5-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[  650.605306][ T1228] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  650.605323][ T1228] usb 5-1: Product: syz
[  650.605335][ T1228] usb 5-1: Manufacturer: syz
[  650.605345][ T1228] usb 5-1: SerialNumber: syz
[  650.669918][ T1228] usb 5-1: config 0 descriptor??
[  650.835800][    C1] vkms_vblank_simulate: vblank timer overrun
[  650.949031][ T1228] cx231xx 5-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces
[  650.978082][ T1228] cx231xx 5-1:0.1: Failed to read PCB config
[  650.978214][ T1228] cx231xx 5-1:0.1: probe with driver cx231xx failed with error -71
[  651.000128][ T1228] usb 5-1: USB disconnect, device number 21
[  651.587006][ T6294] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  651.645907][T10078] chnl_net:caif_netlink_parms(): no params data found
[  651.903127][ T1228] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  652.151036][ T1228] usb 5-1: Using ep0 maxpacket: 32
[  652.198114][ T1228] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  652.198137][ T1228] usb 5-1: config 0 has no interface number 0
[  652.198182][ T1228] usb 5-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  652.198201][ T1228] usb 5-1: config 0 interface 1 has no altsetting 0
[  652.235260][ T1228] usb 5-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[  652.235285][ T1228] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  652.235295][ T1228] usb 5-1: Product: syz
[  652.235302][ T1228] usb 5-1: Manufacturer: syz
[  652.235309][ T1228] usb 5-1: SerialNumber: syz
[  652.283325][ T1228] usb 5-1: config 0 descriptor??
[  652.490200][ T6294] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  652.557563][ T1228] cx231xx 5-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces
[  652.602393][ T1228] cx231xx 5-1:0.1: Failed to read PCB config
[  652.608606][ T1228] cx231xx 5-1:0.1: probe with driver cx231xx failed with error -71
[  652.624198][ T1228] usb 5-1: USB disconnect, device number 22
[  652.884834][T10196] No control pipe specified
[  653.226489][T10209] overlayfs: overlapping lowerdir path
[  653.337383][T10210] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1201'.
[  654.023187][T10078] bridge0: port 1(bridge_slave_0) entered blocking state
[  654.023325][T10078] bridge0: port 1(bridge_slave_0) entered disabled state
[  654.023544][T10078] bridge_slave_0: entered allmulticast mode
[  654.027359][T10078] bridge_slave_0: entered promiscuous mode
[  654.056439][T10078] bridge0: port 2(bridge_slave_1) entered blocking state
[  654.057718][T10078] bridge0: port 2(bridge_slave_1) entered disabled state
[  654.057913][T10078] bridge_slave_1: entered allmulticast mode
[  654.149678][T10078] bridge_slave_1: entered promiscuous mode
[  659.106054][T10236] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1212'.
[  659.128919][T10078] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  659.177393][T10078] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  659.223708][T10243] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1214'.
[  659.265492][T10244] loop2: detected capacity change from 0 to 1
[  659.269241][T10244] Dev loop2: unable to read RDB block 1
[  659.269292][T10244]  loop2: unable to read partition table
[  659.269513][T10244] loop2: partition table beyond EOD, truncated
[  659.269530][T10244] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  659.832870][    C0] vkms_vblank_simulate: vblank timer overrun
[  659.922795][T10078] team0: Port device team_slave_0 added
[  659.956569][T10078] team0: Port device team_slave_1 added
[  660.191416][    C0] vkms_vblank_simulate: vblank timer overrun
[  660.234743][ T6294] bridge_slave_1: left allmulticast mode
[  660.234888][ T6294] bridge_slave_1: left promiscuous mode
[  660.237326][ T6294] bridge0: port 2(bridge_slave_1) entered disabled state
[  660.320618][T10253] fuse: Invalid rootmode
[  660.359605][ T6294] bridge_slave_0: left allmulticast mode
[  660.359632][ T6294] bridge_slave_0: left promiscuous mode
[  660.359918][ T6294] bridge0: port 1(bridge_slave_0) entered disabled state
[  660.710205][    C0] vkms_vblank_simulate: vblank timer overrun
[  660.837557][    C0] vkms_vblank_simulate: vblank timer overrun
[  660.950240][    C0] vkms_vblank_simulate: vblank timer overrun
[  663.145715][    C0] vkms_vblank_simulate: vblank timer overrun
[  663.728752][    C0] vkms_vblank_simulate: vblank timer overrun
[  663.921435][    C0] vkms_vblank_simulate: vblank timer overrun
[  665.399866][    C0] vkms_vblank_simulate: vblank timer overrun
[  666.881108][    C0] vkms_vblank_simulate: vblank timer overrun
[  667.574921][T10303] fuse: Invalid rootmode
[  670.913054][    C0] vkms_vblank_simulate: vblank timer overrun
[  670.938110][    C0] vkms_vblank_simulate: vblank timer overrun
[  670.987201][    C0] vkms_vblank_simulate: vblank timer overrun
[  671.048979][    C0] vkms_vblank_simulate: vblank timer overrun
[  671.165886][    C0] vkms_vblank_simulate: vblank timer overrun
[  673.134119][ T6294] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  673.195155][ T6294] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  673.214534][ T6294] bond0 (unregistering): Released all slaves
[  673.529724][T10277] syzkaller0: entered promiscuous mode
[  673.529749][T10277] syzkaller0: entered allmulticast mode
[  674.444620][ T6294] tipc: Left network mode
[  674.469810][T10078] batman_adv: batadv0: Adding interface: batadv_slave_0
[  674.469823][T10078] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  674.469845][T10078] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  675.797417][T10078] batman_adv: batadv0: Adding interface: batadv_slave_1
[  675.797428][T10078] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  675.797443][T10078] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  676.282692][ T1602] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  677.205897][    C0] vkms_vblank_simulate: vblank timer overrun
[  677.302592][ T1602] usb 2-1: Using ep0 maxpacket: 32
[  677.304638][ T1602] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  677.304661][ T1602] usb 2-1: config 0 has no interface number 0
[  677.304706][ T1602] usb 2-1: config 0 interface 1 altsetting 9 has an invalid descriptor for endpoint zero, skipping
[  677.304725][ T1602] usb 2-1: config 0 interface 1 has no altsetting 0
[  677.308892][ T1602] usb 2-1: New USB device found, idVendor=0572, idProduct=58a5, bcdDevice=27.0a
[  677.308907][ T1602] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  677.308916][ T1602] usb 2-1: Product: syz
[  677.308923][ T1602] usb 2-1: Manufacturer: syz
[  677.308930][ T1602] usb 2-1: SerialNumber: syz
[  677.408635][ T1602] usb 2-1: config 0 descriptor??
[  677.707670][T10341] fuse: Bad value for 'rootmode'
[  677.772392][ T1602] cx231xx 2-1:0.1: New device syz syz @ 480 Mbps (0572:58a5) with 1 interfaces
[  677.786268][ T1602] cx231xx 2-1:0.1: Failed to read PCB config
[  677.786334][ T1602] cx231xx 2-1:0.1: probe with driver cx231xx failed with error -71
[  677.833713][ T1602] usb 2-1: USB disconnect, device number 21
[  679.445523][T10078] hsr_slave_0: entered promiscuous mode
[  679.447019][T10078] hsr_slave_1: entered promiscuous mode
[  679.451238][T10078] debugfs: 'hsr0' already exists in 'hsr'
[  679.451253][T10078] Cannot create hsr debugfs directory
[  679.828807][T10361] syzkaller0: entered promiscuous mode
[  679.828833][T10361] syzkaller0: entered allmulticast mode
[  681.308376][T10371] fuse: Bad value for 'rootmode'
[  681.390102][   T37] audit: type=1326 audit(1761402752.594:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10374 comm="syz.0.1253" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8e6f44efc9 code=0x0
[  681.809104][    C0] vkms_vblank_simulate: vblank timer overrun
[  681.933178][ T6294] hsr_slave_0: left promiscuous mode
[  681.972997][ T6294] hsr_slave_1: left promiscuous mode
[  681.975678][ T6294] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  681.975774][ T6294] batman_adv: batadv0: Removing interface: batadv_slave_0
[  682.036769][ T6294] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  682.036786][ T6294] batman_adv: batadv0: Removing interface: batadv_slave_1
[  682.511259][ T6294] veth1_macvtap: left promiscuous mode
[  682.517175][ T6294] veth1_vlan: left promiscuous mode
[  682.517659][ T6294] veth0_vlan: left promiscuous mode
[  682.582972][T10394] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1257'.
[  683.555584][T10397] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  685.072772][    C0] vkms_vblank_simulate: vblank timer overrun
[  685.122329][    C0] vkms_vblank_simulate: vblank timer overrun
[  685.240488][    C0] vkms_vblank_simulate: vblank timer overrun
[  685.329194][    C0] vkms_vblank_simulate: vblank timer overrun
[  685.950306][    C0] vkms_vblank_simulate: vblank timer overrun
[  686.632586][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  686.632672][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  686.762521][    C0] vkms_vblank_simulate: vblank timer overrun
[  686.962940][    C0] vkms_vblank_simulate: vblank timer overrun
[  687.155241][T10415] vim2m vim2m.0: Fourcc format (0x42474752) invalid.
[  687.374605][    C0] vkms_vblank_simulate: vblank timer overrun
[  694.070588][ T6294] team0 (unregistering): Port device team_slave_1 removed
[  694.104530][ T5809] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  694.107145][ T5809] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  694.108164][ T5809] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  694.111531][ T5809] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  694.112043][ T5809] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  694.550747][ T6294] team0 (unregistering): Port device team_slave_0 removed
[  696.269290][ T5809] Bluetooth: hci3: command tx timeout
[  696.853005][T10429] netlink: 'syz.2.1267': attribute type 12 has an invalid length.
[  697.752612][ T5889] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  698.016852][ T5889] usb 1-1: Using ep0 maxpacket: 32
[  698.154220][ T5889] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  698.154245][ T5889] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  698.154263][ T5889] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  698.154313][ T5889] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  698.154330][ T5889] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  698.154350][ T5889] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 14385, setting to 1024
[  698.154373][ T5889] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  698.154393][ T5889] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  698.154430][ T5889] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  698.154449][ T5889] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  698.272967][ T5889] usb 1-1: config 0 descriptor??
[  698.274200][T10459] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  698.525565][ T5809] Bluetooth: hci3: command tx timeout
[  698.601575][ T5889] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 28 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  698.710743][    C0] usblp0: nonzero read bulk status received: -71
[  698.711885][T10459] usblp0: error -71 reading from printer
[  698.720139][    C0] usblp0: nonzero read bulk status received: -71
[  698.748325][   T10] usb 1-1: USB disconnect, device number 28
[  699.303064][   T10] usblp0: removed
[  699.660900][T10478] program syz.1.1276 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  699.717919][T10481] blktrace: Concurrent blktraces are not allowed on sg0
[  700.596220][ T9179] Bluetooth: hci3: command tx timeout
[  702.270893][T10499] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  702.971188][ T9179] Bluetooth: hci3: command tx timeout
[  703.291148][T10441] chnl_net:caif_netlink_parms(): no params data found
[  704.572663][ T1602] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  704.729015][ T1602] usb 3-1: Using ep0 maxpacket: 32
[  704.738084][ T1602] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xC4, changing to 0x84
[  704.738113][ T1602] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  704.768969][ T1602] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=51.16
[  704.768994][ T1602] usb 3-1: New USB device strings: Mfr=154, Product=2, SerialNumber=3
[  704.769011][ T1602] usb 3-1: Product: syz
[  704.769022][ T1602] usb 3-1: Manufacturer: syz
[  704.769035][ T1602] usb 3-1: SerialNumber: syz
[  704.812051][ T1602] usb 3-1: config 0 descriptor??
[  704.856233][ T1602] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  704.919095][T10441] bridge0: port 1(bridge_slave_0) entered blocking state
[  704.919224][T10441] bridge0: port 1(bridge_slave_0) entered disabled state
[  704.919500][T10441] bridge_slave_0: entered allmulticast mode
[  704.922145][T10441] bridge_slave_0: entered promiscuous mode
[  704.981025][T10441] bridge0: port 2(bridge_slave_1) entered blocking state
[  704.981242][T10441] bridge0: port 2(bridge_slave_1) entered disabled state
[  704.981423][T10441] bridge_slave_1: entered allmulticast mode
[  704.993064][T10441] bridge_slave_1: entered promiscuous mode
[  705.092647][ T7623] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  705.100844][T10545] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  705.101543][T10545] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  705.248533][ T7623] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  705.248564][ T7623] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  705.248657][ T7623] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  705.248677][ T7623] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  705.299061][T10540] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  705.313489][ T7623] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  705.647696][ T7623] usb 5-1: USB disconnect, device number 23
[  705.891036][ T6294] bridge_slave_1: left allmulticast mode
[  705.891063][ T6294] bridge_slave_1: left promiscuous mode
[  705.891294][ T6294] bridge0: port 2(bridge_slave_1) entered disabled state
[  705.927130][T10551] udevd[10551]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  705.954944][ T6296] usb 3-1: Failed to submit usb control message: -110
[  705.954976][ T6296] usb 3-1: unable to send the bmi data to the device: -110
[  705.954993][ T6296] usb 3-1: unable to get target info from device
[  705.955005][ T6296] usb 3-1: could not get target info (-110)
[  705.955101][ T6296] usb 3-1: could not probe fw (-110)
[  706.007812][ T6294] bridge_slave_0: left allmulticast mode
[  706.007837][ T6294] bridge_slave_0: left promiscuous mode
[  706.008084][ T6294] bridge0: port 1(bridge_slave_0) entered disabled state
[  706.870818][    C1] vkms_vblank_simulate: vblank timer overrun
[  707.292819][    C1] vkms_vblank_simulate: vblank timer overrun
[  707.420079][   T10] usb 3-1: USB disconnect, device number 23
[  707.732202][    C1] vkms_vblank_simulate: vblank timer overrun
[  707.867418][T10568] program syz.4.1293 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  707.888555][T10568] blktrace: Concurrent blktraces are not allowed on sg0
[  708.555097][ T6294] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  709.217381][ T6294] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  709.886765][ T6294] bond0 (unregistering): Released all slaves
[  709.957957][T10441] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  710.080175][T10441] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  710.195469][   T37] audit: type=1326 audit(1761402781.394:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=10585 comm="syz.0.1298" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8e6f44efc9 code=0x0
[  710.572854][ T6294] hsr_slave_0: left promiscuous mode
[  710.613176][ T6294] hsr_slave_1: left promiscuous mode
[  710.617800][ T6294] batman_adv: batadv0: Removing interface: batadv_slave_0
[  710.655734][ T6294] batman_adv: batadv0: Removing interface: batadv_slave_1
[  724.793942][ T6294] team0 (unregistering): Port device team_slave_1 removed
[  725.294942][ T6294] team0 (unregistering): Port device team_slave_0 removed
[  725.930599][T10624] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1310'.
[  728.712074][T10441] team0: Port device team_slave_0 added
[  728.725075][T10441] team0: Port device team_slave_1 added
[  728.953282][ T5809] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  728.962980][ T5809] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  728.965905][ T5809] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  728.967442][ T5809] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  728.992221][ T5809] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  729.403448][T10649] netlink: 'syz.1.1316': attribute type 12 has an invalid length.
[  730.136329][T10441] batman_adv: batadv0: Adding interface: batadv_slave_0
[  730.136345][T10441] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  730.136368][T10441] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  730.213733][T10441] batman_adv: batadv0: Adding interface: batadv_slave_1
[  730.213749][T10441] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  730.213772][T10441] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  731.756080][ T5809] Bluetooth: hci5: command tx timeout
[  733.791341][T10441] hsr_slave_0: entered promiscuous mode
[  733.792683][ T5809] Bluetooth: hci5: command tx timeout
[  733.821414][T10441] hsr_slave_1: entered promiscuous mode
[  733.840923][T10441] debugfs: 'hsr0' already exists in 'hsr'
[  733.840948][T10441] Cannot create hsr debugfs directory
[  734.232587][   T10] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  734.382554][   T10] usb 1-1: Using ep0 maxpacket: 32
[  734.384514][   T10] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  734.384528][   T10] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  734.384539][   T10] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  734.384583][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  734.384594][   T10] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  734.384605][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 14385, setting to 1024
[  734.384618][   T10] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  734.384629][   T10] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  734.384650][   T10] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  734.384661][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  734.395003][   T10] usb 1-1: config 0 descriptor??
[  734.396828][T10691] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  734.648137][   T10] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 29 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  734.845165][    C0] usblp0: nonzero read bulk status received: -71
[  734.845223][T10691] usblp0: error -71 reading from printer
[  734.849702][ T5808] usb 1-1: USB disconnect, device number 29
[  734.860280][ T5808] usblp0: removed
[  735.054709][ T6294] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  735.062594][ T5869] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  735.062949][   T31] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  735.222550][ T5869] usb 3-1: Using ep0 maxpacket: 16
[  735.222670][   T31] usb 2-1: Using ep0 maxpacket: 32
[  735.224971][ T5869] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  735.225286][   T31] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  735.225299][   T31] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  735.225308][   T31] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  735.225336][   T31] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  735.225347][   T31] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  735.225358][   T31] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 14385, setting to 1024
[  735.225443][   T31] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  735.225463][   T31] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  735.225501][   T31] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  735.225521][   T31] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  735.228912][ T5869] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  735.228935][ T5869] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  735.228953][ T5869] usb 3-1: Product: syz
[  735.228964][ T5869] usb 3-1: Manufacturer: syz
[  735.228976][ T5869] usb 3-1: SerialNumber: syz
[  735.231722][   T31] usb 2-1: config 0 descriptor??
[  735.247421][ T5869] usb 3-1: config 0 descriptor??
[  735.322713][T10695] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  735.369465][ T5869] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  735.369879][ T5869] em28xx 3-1:0.0: DVB interface 0 found: bulk
[  735.697643][   T31] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 22 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  735.700619][ T6294] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  737.010312][ T5809] Bluetooth: hci5: command tx timeout
[  737.073684][ T5869] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  737.239047][ T5869] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  737.239075][ T5869] em28xx 3-1:0.0: board has no eeprom
[  737.302542][ T5869] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  737.302568][ T5869] em28xx 3-1:0.0: dvb set to bulk mode.
[  737.303089][ T5896] em28xx 3-1:0.0: Binding DVB extension
[  737.486194][ T5896] em28xx 3-1:0.0: Registering input extension
[  737.623847][    C1] usblp0: nonzero read bulk status received: -71
[  737.641457][T10695] usblp0: error -71 reading from printer
[  737.641734][    C0] usblp0: nonzero read bulk status received: -71
[  737.874653][ T1602] usb 3-1: USB disconnect, device number 24
[  737.880234][ T1602] em28xx 3-1:0.0: Disconnecting em28xx
[  737.880392][ T1602] em28xx 3-1:0.0: Closing input extension
[  737.955117][ T1602] em28xx 3-1:0.0: Freeing device
[  738.478481][ T6294] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  738.723812][ T5869] usb 2-1: USB disconnect, device number 22
[  738.742963][ T5869] usblp0: removed
[  739.117764][ T5809] Bluetooth: hci5: command tx timeout
[  741.080640][ T6294] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  744.494210][T10641] chnl_net:caif_netlink_parms(): no params data found
[  745.034396][T10441] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  745.256876][T10441] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  745.604266][ T5869] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  746.573466][ T5869] usb 1-1: Using ep0 maxpacket: 32
[  746.929226][ T5869] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  746.929293][ T5869] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  746.929350][ T5869] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  746.929513][ T5869] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  746.929571][ T5869] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  746.929642][ T5869] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 14385, setting to 1024
[  746.929666][ T5869] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  746.929686][ T5869] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  746.929726][ T5869] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  746.929788][ T5869] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  747.178711][ T1321] ieee802154 phy0 wpan0: encryption failed: -22
[  747.178995][ T1321] ieee802154 phy1 wpan1: encryption failed: -22
[  747.442096][ T5869] usb 1-1: config 0 descriptor??
[  747.547847][T10765] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  747.859669][ T5869] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 30 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  747.886536][T10441] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  747.976893][T10441] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  748.064989][    C0] usblp0: nonzero read bulk status received: -71
[  748.066354][T10765] usblp0: error -71 reading from printer
[  748.066620][    C0] usblp0: nonzero read bulk status received: -71
[  748.192562][ T5809] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  748.253310][   T10] usb 1-1: USB disconnect, device number 30
[  748.259451][   T10] usblp0: removed
[  748.675793][T10641] bridge0: port 1(bridge_slave_0) entered blocking state
[  748.675927][T10641] bridge0: port 1(bridge_slave_0) entered disabled state
[  748.676121][T10641] bridge_slave_0: entered allmulticast mode
[  748.678984][T10641] bridge_slave_0: entered promiscuous mode
[  748.705709][T10641] bridge0: port 2(bridge_slave_1) entered blocking state
[  748.707681][T10641] bridge0: port 2(bridge_slave_1) entered disabled state
[  748.708106][T10641] bridge_slave_1: entered allmulticast mode
[  748.716037][T10641] bridge_slave_1: entered promiscuous mode
[  751.034183][ T6294] bridge_slave_1: left allmulticast mode
[  751.034211][ T6294] bridge_slave_1: left promiscuous mode
[  751.034446][ T6294] bridge0: port 2(bridge_slave_1) entered disabled state
[  751.136934][ T6294] bridge_slave_0: left allmulticast mode
[  751.136952][ T6294] bridge_slave_0: left promiscuous mode
[  751.137109][ T6294] bridge0: port 1(bridge_slave_0) entered disabled state
[  754.196646][ T9179] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  754.232736][ T9179] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  754.234044][ T9179] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  754.254239][ T9179] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  754.269722][ T9179] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  754.451821][T10828] autofs: Unknown parameter 'fd0x0000000000000000'
[  755.952607][   T31] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  756.125774][   T31] usb 3-1: Using ep0 maxpacket: 32
[  757.032867][ T5809] Bluetooth: hci2: command tx timeout
[  757.035777][   T31] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  757.035793][   T31] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  757.035803][   T31] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  757.035835][   T31] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  757.035846][   T31] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  757.035857][   T31] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 14385, setting to 1024
[  757.035869][   T31] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  757.035880][   T31] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  757.035903][   T31] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  757.035913][   T31] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  757.040469][   T31] usb 3-1: config 0 descriptor??
[  757.041257][T10835] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  757.376529][   T31] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 25 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  757.581497][ T1602] usb 3-1: USB disconnect, device number 25
[  757.693253][ T1602] usblp0: removed
[  759.074991][ T9179] Bluetooth: hci2: command tx timeout
[  759.275705][T10856] autofs: Unknown parameter 'fd0x0000000000000000'
[  760.628691][ T6294] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  760.665555][ T6294] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  760.686954][ T6294] bond0 (unregistering): Released all slaves
[  761.152558][ T9179] Bluetooth: hci2: command tx timeout
[  761.315536][ T6294] bond1 (unregistering): (slave vlan2): Releasing active interface
[  761.337393][ T6294] bond1 (unregistering): Released all slaves
[  761.373925][T10862] netlink: 'syz.1.1364': attribute type 12 has an invalid length.
[  762.473464][ T6294] tipc: Left network mode
[  762.477142][T10641] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  762.689231][T10641] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  763.235943][ T9179] Bluetooth: hci2: command tx timeout
[  764.475528][T10880] vim2m vim2m.0: Fourcc format (0x42474752) invalid.
[  764.702596][   T10] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  764.852556][   T10] usb 3-1: Using ep0 maxpacket: 32
[  764.854992][   T10] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  764.855016][   T10] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  764.855034][   T10] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  764.855088][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  764.855108][   T10] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  764.855130][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 14385, setting to 1024
[  764.855154][   T10] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  764.855175][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  764.855213][   T10] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  764.855232][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  765.014080][   T10] usb 3-1: config 0 descriptor??
[  765.032563][T10882] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  765.249790][   T10] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 26 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  765.434293][T10890] autofs: Unknown parameter 'fd0x0000000000000000'
[  765.455428][   T31] usb 3-1: USB disconnect, device number 26
[  765.459406][   T31] usblp0: removed
[  765.865570][T10641] team0: Port device team_slave_0 added
[  765.879348][T10641] team0: Port device team_slave_1 added
[  767.804950][T10896] uprobe: syz.0.1375:10896 failed to unregister, leaking uprobe
[  768.493954][   T31] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  768.652569][   T31] usb 3-1: Using ep0 maxpacket: 32
[  768.693475][   T31] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  768.693532][   T31] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  768.693700][   T31] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  768.693817][   T31] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  768.693870][   T31] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  768.693924][   T31] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 14385, setting to 1024
[  768.694183][   T31] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  768.694911][   T31] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  768.695695][   T31] usb 3-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  768.696275][   T31] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  768.887051][   T31] usb 3-1: config 0 descriptor??
[  768.904077][T10919] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  769.151627][   T31] usblp 3-1:0.0: usblp0: USB Bidirectional printer dev 27 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  769.191329][T10641] batman_adv: batadv0: Adding interface: batadv_slave_0
[  769.191340][T10641] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  769.191355][T10641] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  769.192379][T10920] uprobe: syz.1.1379:10920 failed to unregister, leaking uprobe
[  769.366195][    C1] usblp0: nonzero read bulk status received: -71
[  769.366796][T10919] usblp0: error -71 reading from printer
[  769.367053][    C1] usblp0: nonzero read bulk status received: -71
[  769.408594][T10641] batman_adv: batadv0: Adding interface: batadv_slave_1
[  769.408608][T10641] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  769.408631][T10641] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  769.468222][   T31] usb 3-1: USB disconnect, device number 27
[  769.786087][    C1] vkms_vblank_simulate: vblank timer overrun
[  770.318312][    C1] vkms_vblank_simulate: vblank timer overrun
[  770.343852][   T31] usblp0: removed
[  770.642736][ T6294] hsr_slave_0: left promiscuous mode
[  770.744827][ T6294] hsr_slave_1: left promiscuous mode
[  770.989505][ T1602] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  771.134683][ T6294] veth1_macvtap: left promiscuous mode
[  771.134839][ T6294] veth1_vlan: left promiscuous mode
[  771.134941][ T6294] veth0_vlan: left promiscuous mode
[  771.172529][ T1602] usb 1-1: Using ep0 maxpacket: 32
[  771.174580][ T1602] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  771.174604][ T1602] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  771.174621][ T1602] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  771.174676][ T1602] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  771.174696][ T1602] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  771.174716][ T1602] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 14385, setting to 1024
[  771.174731][ T1602] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024
[  771.174742][ T1602] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  771.174764][ T1602] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  771.174775][ T1602] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  771.189190][ T1602] usb 1-1: config 0 descriptor??
[  771.234290][T10941] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  772.169893][ T1602] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 31 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  772.368530][ T1602] usb 1-1: USB disconnect, device number 31
[  772.383357][ T1602] usblp0: removed
[  772.755512][    C0] ==================================================================
[  772.755524][    C0] BUG: KASAN: slab-use-after-free in rose_send_frame+0x73/0x220
[  772.755554][    C0] Read of size 8 at addr ffff88805ce72020 by task ktimers/0/16
[  772.755564][    C0] 
[  772.755577][    C0] CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  772.755590][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  772.755600][    C0] Call Trace:
[  772.755607][    C0]  <TASK>
[  772.755612][    C0]  dump_stack_lvl+0x189/0x250
[  772.755629][    C0]  ? __kasan_check_byte+0x12/0x40
[  772.755644][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  772.755658][    C0]  ? lock_release+0x4b/0x3e0
[  772.755673][    C0]  ? __virt_addr_valid+0x4a5/0x5c0
[  772.755688][    C0]  print_report+0xca/0x240
[  772.755702][    C0]  ? rose_send_frame+0x73/0x220
[  772.755716][    C0]  kasan_report+0x118/0x150
[  772.755728][    C0]  ? __alloc_skb+0x112/0x2d0
[  772.755739][    C0]  ? rose_send_frame+0x73/0x220
[  772.755755][    C0]  rose_send_frame+0x73/0x220
[  772.755770][    C0]  rose_t0timer_expiry+0x143/0x360
[  772.755785][    C0]  call_timer_fn+0x17e/0x5f0
[  772.755799][    C0]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  772.755814][    C0]  ? call_timer_fn+0xbe/0x5f0
[  772.755826][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  772.755841][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  772.755854][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  772.755866][    C0]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  772.755881][    C0]  __run_timer_base+0x648/0x970
[  772.755896][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  772.755912][    C0]  run_timer_softirq+0xb7/0x180
[  772.755924][    C0]  handle_softirqs+0x22f/0x710
[  772.755938][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  772.755952][    C0]  run_ktimerd+0xcf/0x190
[  772.755965][    C0]  ? __pfx_run_ktimerd+0x10/0x10
[  772.755978][    C0]  ? schedule+0x91/0x360
[  772.755990][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  772.756003][    C0]  smpboot_thread_fn+0x542/0xa60
[  772.756015][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  772.756028][    C0]  kthread+0x711/0x8a0
[  772.756042][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  772.756054][    C0]  ? __pfx_kthread+0x10/0x10
[  772.756068][    C0]  ? rt_spin_unlock+0x150/0x200
[  772.756078][    C0]  ? rt_spin_unlock+0x161/0x200
[  772.756088][    C0]  ? __pfx_kthread+0x10/0x10
[  772.756101][    C0]  ret_from_fork+0x4bc/0x870
[  772.756114][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  772.756126][    C0]  ? __switch_to_asm+0x39/0x70
[  772.756136][    C0]  ? __switch_to_asm+0x33/0x70
[  772.756146][    C0]  ? __pfx_kthread+0x10/0x10
[  772.756159][    C0]  ret_from_fork_asm+0x1a/0x30
[  772.756173][    C0]  </TASK>
[  772.756177][    C0] 
[  772.756182][    C0] Allocated by task 9455:
[  772.756187][    C0]  kasan_save_track+0x3e/0x80
[  772.756199][    C0]  __kasan_kmalloc+0x93/0xb0
[  772.756210][    C0]  __kmalloc_cache_noprof+0x1ef/0x6c0
[  772.756222][    C0]  rose_add_node+0x26f/0xf20
[  772.756230][    C0]  rose_rt_ioctl+0xd74/0x1300
[  772.756238][    C0]  rose_ioctl+0x3ce/0x8b0
[  772.756250][    C0]  sock_do_ioctl+0xdc/0x300
[  772.756261][    C0]  sock_ioctl+0x579/0x790
[  772.756272][    C0]  __se_sys_ioctl+0xff/0x170
[  772.756282][    C0]  do_syscall_64+0xfa/0xfa0
[  772.756293][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  772.756302][    C0] 
[  772.756304][    C0] Freed by task 29:
[  772.756309][    C0]  kasan_save_track+0x3e/0x80
[  772.756319][    C0]  __kasan_save_free_info+0x46/0x50
[  772.756328][    C0]  __kasan_slab_free+0x5c/0x80
[  772.756339][    C0]  kfree+0x197/0x950
[  772.756349][    C0]  rose_timer_expiry+0x4cb/0x600
[  772.756359][    C0]  call_timer_fn+0x17e/0x5f0
[  772.756371][    C0]  __run_timer_base+0x648/0x970
[  772.756380][    C0]  run_timer_softirq+0xb7/0x180
[  772.756391][    C0]  handle_softirqs+0x22f/0x710
[  772.756401][    C0]  run_ktimerd+0xcf/0x190
[  772.756412][    C0]  smpboot_thread_fn+0x542/0xa60
[  772.756423][    C0]  kthread+0x711/0x8a0
[  772.756435][    C0]  ret_from_fork+0x4bc/0x870
[  772.756444][    C0]  ret_from_fork_asm+0x1a/0x30
[  772.756454][    C0] 
[  772.756456][    C0] The buggy address belongs to the object at ffff88805ce72000
[  772.756456][    C0]  which belongs to the cache kmalloc-512 of size 512
[  772.756465][    C0] The buggy address is located 32 bytes inside of
[  772.756465][    C0]  freed 512-byte region [ffff88805ce72000, ffff88805ce72200)
[  772.756477][    C0] 
[  772.756480][    C0] The buggy address belongs to the physical page:
[  772.756491][    C0] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5ce70
[  772.756501][    C0] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  772.756510][    C0] anon flags: 0x80000000000040(head|node=0|zone=1)
[  772.756523][    C0] page_type: f5(slab)
[  772.756537][    C0] raw: 0080000000000040 ffff88813ff26c80 0000000000000000 dead000000000001
[  772.756546][    C0] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  772.756555][    C0] head: 0080000000000040 ffff88813ff26c80 0000000000000000 dead000000000001
[  772.756563][    C0] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  772.756572][    C0] head: 0080000000000002 ffffea0001739c01 00000000ffffffff 00000000ffffffff
[  772.756580][    C0] head: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000004
[  772.756585][    C0] page dumped because: kasan: bad access detected
[  772.756593][    C0] page_owner tracks the page as allocated
[  772.756597][    C0] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1567, tgid 1567 (kworker/u8:12), ts 90080096038, free_ts 0
[  772.756617][    C0]  post_alloc_hook+0x240/0x2a0
[  772.756629][    C0]  get_page_from_freelist+0x28c0/0x2960
[  772.756642][    C0]  __alloc_frozen_pages_noprof+0x181/0x370
[  772.756656][    C0]  alloc_pages_mpol+0xd1/0x380
[  772.756669][    C0]  allocate_slab+0x96/0x350
[  772.756678][    C0]  ___slab_alloc+0xb12/0x13f0
[  772.756686][    C0]  __slab_alloc+0xc6/0x1f0
[  772.756694][    C0]  __kmalloc_noprof+0x14b/0x7d0
[  772.756705][    C0]  fib6_info_alloc+0x30/0xf0
[  772.756719][    C0]  ip6_route_info_create+0x142/0x860
[  772.756727][    C0]  addrconf_f6i_alloc+0x1d2/0x450
[  772.756736][    C0]  ipv6_add_addr+0x56e/0x10e0
[  772.756748][    C0]  addrconf_add_linklocal+0x28f/0x600
[  772.756760][    C0]  addrconf_addr_gen+0x490/0x580
[  772.756769][    C0]  addrconf_init_auto_addrs+0x62d/0xa30
[  772.756778][    C0]  addrconf_notify+0xacc/0x1010
[  772.756787][    C0] page_owner free stack trace missing
[  772.756791][    C0] 
[  772.756793][    C0] Memory state around the buggy address:
[  772.756799][    C0]  ffff88805ce71f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  772.756806][    C0]  ffff88805ce71f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  772.756812][    C0] >ffff88805ce72000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  772.756817][    C0]                                ^
[  772.756823][    C0]  ffff88805ce72080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  772.756829][    C0]  ffff88805ce72100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  772.756835][    C0] ==================================================================
[  772.756850][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  772.756858][    C0] CPU: 0 UID: 0 PID: 16 Comm: ktimers/0 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  772.756870][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  772.756876][    C0] Call Trace:
[  772.756880][    C0]  <TASK>
[  772.756884][    C0]  dump_stack_lvl+0x99/0x250
[  772.756898][    C0]  ? __asan_memcpy+0x40/0x70
[  772.756909][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  772.756923][    C0]  ? __pfx__printk+0x10/0x10
[  772.756937][    C0]  vpanic+0x237/0x6d0
[  772.756947][    C0]  ? __pfx_vpanic+0x10/0x10
[  772.756958][    C0]  panic+0xb9/0xc0
[  772.756967][    C0]  ? __pfx_panic+0x10/0x10
[  772.756976][    C0]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  772.756989][    C0]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  772.757003][    C0]  ? rose_send_frame+0x73/0x220
[  772.757017][    C0]  check_panic_on_warn+0x89/0xb0
[  772.757027][    C0]  ? rose_send_frame+0x73/0x220
[  772.757040][    C0]  end_report+0x78/0x160
[  772.757053][    C0]  kasan_report+0x129/0x150
[  772.757066][    C0]  ? __alloc_skb+0x112/0x2d0
[  772.757076][    C0]  ? rose_send_frame+0x73/0x220
[  772.757091][    C0]  rose_send_frame+0x73/0x220
[  772.757106][    C0]  rose_t0timer_expiry+0x143/0x360
[  772.757121][    C0]  call_timer_fn+0x17e/0x5f0
[  772.757134][    C0]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  772.757148][    C0]  ? call_timer_fn+0xbe/0x5f0
[  772.757160][    C0]  ? __pfx_call_timer_fn+0x10/0x10
[  772.757175][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  772.757187][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  772.757199][    C0]  ? __pfx_rose_t0timer_expiry+0x10/0x10
[  772.757213][    C0]  __run_timer_base+0x648/0x970
[  772.757228][    C0]  ? __pfx___run_timer_base+0x10/0x10
[  772.757244][    C0]  run_timer_softirq+0xb7/0x180
[  772.757256][    C0]  handle_softirqs+0x22f/0x710
[  772.757270][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  772.757283][    C0]  run_ktimerd+0xcf/0x190
[  772.757296][    C0]  ? __pfx_run_ktimerd+0x10/0x10
[  772.757308][    C0]  ? schedule+0x91/0x360
[  772.757321][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  772.757332][    C0]  smpboot_thread_fn+0x542/0xa60
[  772.757344][    C0]  ? smpboot_thread_fn+0x4d/0xa60
[  772.757358][    C0]  kthread+0x711/0x8a0
[  772.757372][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  772.757385][    C0]  ? __pfx_kthread+0x10/0x10
[  772.757398][    C0]  ? rt_spin_unlock+0x150/0x200
[  772.757408][    C0]  ? rt_spin_unlock+0x161/0x200
[  772.757418][    C0]  ? __pfx_kthread+0x10/0x10
[  772.757431][    C0]  ret_from_fork+0x4bc/0x870
[  772.757443][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  772.757456][    C0]  ? __switch_to_asm+0x39/0x70
[  772.757466][    C0]  ? __switch_to_asm+0x33/0x70
[  772.757475][    C0]  ? __pfx_kthread+0x10/0x10
[  772.757489][    C0]  ret_from_fork_asm+0x1a/0x30
[  772.757503][    C0]  </TASK>
[  772.757747][    C0] Kernel Offset: disabled