last executing test programs:

7m40.846532883s ago: executing program 32 (id=4219):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB="050000000808"], 0x80}}, 0x0)
sendmsg$can_bcm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=ANY=[@ANYBLOB="06000000200d"], 0x80}, 0x1, 0x0, 0x0, 0x4000010}, 0x20000000)

7m34.449379015s ago: executing program 33 (id=4324):
setrlimit(0x0, &(0x7f0000000980)={0x0, 0x62})
setitimer(0x2, &(0x7f0000000040)={{0x0, 0x2710}, {0x0, 0x2710}}, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x5, &(0x7f0000000280)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400400142603600e122f00160006000600a8000600200002400700027c035c0461c1d67f6f94007134cf6efb807ca007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x0)

6m16.787596705s ago: executing program 34 (id=6510):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000080)={0x77359400}, &(0x7f0000000200))

4m34.181290958s ago: executing program 35 (id=8172):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000e00)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004070000000000000500000000000e1ff95000000000000002ba76bb33123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee04000000670d25010000020000040000009fc404000000c788b277beee11bf9b0a4def23d410f6accd3641110bec4e90a6341965dac03d04683712a0b09edc9e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e3e8eea3fd8cf49827ca311f5b87e1ca8433a8acd715f5888b2007f0000000000000000010000000000fb00010000000000414027efc84293af6a22000000005335001db43a5c000000000000000024000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000000cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617da7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdc2ba9d580609e31c30891f7e5ff7fd6fce424c2200af6c3784a1975fa657de38a3a32a4fd67ce446ac5431d07db79240acaf091231b986e77d05d988d6edc71df48dca02113a38300c2bf2b5543ffc1669557b3819d8c396d2c2361629d1022f722ec23812770d72cd0010000007889b8c7044f563a1f68d4eff895fdbc463f747c08f40105869035000000000000000000000000000000000000000000000000080000003ddf4aa4b1c8baa0ae6feb6737c275dc2740f742b5425f1d581961471cdb0500000000000000d4123f955267fe4a75c114f874e086287547d4099aeec9f1538ee25a365ccf4a9b604e88e12ff25184d4e3c6f7f623559435b26b50fb7113000000f0bc440550ee91302f5a000000000000000000000000006d0000e67ccc00148ac4c43021cce9f24f4b2f9492c32e7af05c648978d9980ba49789906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec2c3f4523110c0acef5383b5a2720caeb68f1e9c05b05d89467ded84da093dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696ad3a042a7097ddefe0671f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32881dfd15dc84e79d326337e21e041654f06bd7f000000000000000000000000000000282ffe0000000009350cfa3ab109ab4a7d95938c5334a0dd177f1a7389ee570d95e543a27546d3770740f354df6dd6b1bfe4104d2262f33f596d606ccce75a3c3d5f9ad94a7316b0c6ad14f1398a6b39b07121f636da418b34d48677cf8d2d99ee8ac50142bcdcc73dd73cc6ec46896ffb35ac82ac7a9309ea07396d2814dc630ad1a9913934849be25f7b81b59aaa9fa2e9d6ecafcfa1de81b2d3581ab1138537f98d2240b6c2bf40569da4e2bb77532ab9220347d78319617d17e14f7331486e86b2145980b95c88ae11b1c6b6ea6c2b2311d6ce6315cc451dd50ac746acd59d075b41f9a747894956b10453ccf6527d8f579256e9849bbaf6c7c84362209d3d2320101d57"], &(0x7f0000000140)='GPL\x00'}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f00000002c0)=r1, 0x4)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000003c0)="d800000018007b18e00212ba0d8105040a0a1100fe0f040b067c55a1bc0009001e0006990300000015000500fe800000000000000300014002000c0901ac04000bd67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b01602b2a10c11ce1b14d6d930dfe1d9d322fe04fb95cae8c9010000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad8ffd5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd601edef3d93452a92307f00000e97031e9f05e9f16e9cb5", 0xd2}, {&(0x7f00000004c0)="f80ec2e2badd", 0x6}], 0x2, 0x0, 0x0, 0x2663}, 0x0)

3m34.450231679s ago: executing program 36 (id=9662):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000b80)={0x44, &(0x7f0000000900)=ANY=[@ANYBLOB="400981"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_ep_write(r0, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000")
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x80000000)
readv(r1, &(0x7f0000000180)=[{&(0x7f0000000340)=""/217, 0xd9}], 0x1)

3m3.926717148s ago: executing program 6 (id=10226):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000900)=ANY=[@ANYBLOB="8c0000001000370400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000006c0012800e00010069703665727370616e000000580002801400060020010000000000000000000000000002050016000100000014000700fc0200000000000000000000000000000400120005000800", @ANYRES32=0x0, @ANYBLOB="080004"], 0x8c}}, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000940)=ANY=[@ANYBLOB="4400000011002901800000000000000007000000", @ANYRES32=r1, @ANYBLOB="00000000000000001c001a800800028004000500080000003e"], 0x44}}, 0x0)

3m3.834479474s ago: executing program 6 (id=10227):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x121800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000300)={0x79, 0x0, 0x2f3})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_GET_LAPIC(r2, 0x8400ae8e, &(0x7f0000001600))

3m3.720140856s ago: executing program 6 (id=10230):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x121602, 0x0)
r1 = syz_io_uring_setup(0xed0, &(0x7f0000000140)={0x0, 0x100003, 0x10300, 0x2, 0x302}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000500)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0xa3d, 0x0, 0x0, 0x0, 0xff39)
ioctl$TCSBRKP(r0, 0x5425, 0x0)

3m3.390397323s ago: executing program 6 (id=10234):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

3m3.389238334s ago: executing program 6 (id=10235):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000180)={&(0x7f00000003c0)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000500)={0x0, 0x0, r2, r3, 0x6d, 0x2001, 0x2, 0x200, {0x80000000, 0x5, 0x6, 0xe, 0x8000, 0x0, 0x3, 0x22, 0x9, 0x800, 0x7, 0x60b, 0x72, 0x9, "6f4f1b7a30d057b30bd15586b7445443c515947436419c2cd5ae7297dceeaabe"}})

3m2.981059841s ago: executing program 6 (id=10242):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x80000, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
r2 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000300))
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r0, &(0x7f0000000000)={0x2})

3m2.947271796s ago: executing program 37 (id=10242):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x80000, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
r2 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000300))
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r0, &(0x7f0000000000)={0x2})

3m1.568033998s ago: executing program 4 (id=10270):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

3m1.424431015s ago: executing program 4 (id=10271):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000014c0)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0xffff, 0x14}, @mpls={[], @ipv4=@igmp={{0x5, 0x4, 0x3, 0x22, 0xfc0, 0x68, 0x0, 0x7, 0x2, 0x0, @rand_addr=0x64010102, @remote}, {0x11, 0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2e}, "36e650a885fbac500bd0f05081b1f211edbb87f21a0156f1130e488bc9e2ceb7215ec06b0dfc375aa4c1a93dd51783f9c9987b903d884a033f871c730788699be13dedeaf350e1d2b78f5ca818cfd2c4726db5daeda1cc6c42767a3435fd6ec26fe199676d6531c6c6e9c85de8f4fd2336089f4bbcc3cdb25b9c49c640bac466127b9d6284dbd08e1ac9834163cbfcd31b17684511327803d71638b2d3a8ab5da11b0b35774be213bd1a7628efb88b34c24d3ee35e0f373b3ba888328f66cbb798611a5247a682e1262595f7d1d4b2be60c2316f0edbee68c4d429b3d48dcf6ec0a092ec91477dc030e32dd4e1106064799372ee76a2e7991df45a61fd7264ce5aacc437c22197a97cdeb772ca3e401d826f5cc46c94d14a191102f1fc44ba55df63eba610aee1a510ef35e61f6f72457b6d9222f211906d1a60c7ce70142c860b726e167320c3038f1b53a740f418a231ab1a2f0f181d17c84e263c4811cf188a0d90c6440be4cac8fa250cd8d7e4e250f8552045beb96cbd2c8dafa611277f10ba97bcbe3420611459c296b2dd7f65e5f71bbf902d3db8900436037e6dabf37931439ae9bd06d48baed951b1ecd6c6b2929fdacd7b8fa09e891ff1f8d47ed6a5eccaedf8dd1f35a83d1982ba4d56da8394f0cfc13e52ff61d74d2cbcd59f8491da3c32dc5941a5f93153fb6e85fc993f459fc21975ae7f69b6ae9c035c4c1b4711ffe2951788382ef91890990c6613e0f175034df44c48e34fa636d9eca78a7b2a872c41509075a5dcc126ec7e5e67b53ec02574def5f2a0f0be0b59cbdf164d7bd51eb9c57f122289ff252589cc6cbdf8e43168717492aea9d2fd42c3d94e898154a02abc6829e8b89ea7ee3b23bcd31200aac89afdf8d81086eeeea78e06401164621d7d195e2d666963c72a0af1178b4ad44509375fe931ccca1e1c7861a3d3e20e0f7200f548ecac4ed250321d612f0c313cb629484a06e30f4e20ae46a74bf90d40fe42568a66e708e6f5f8b4de453786b1c58f7ad2f1035a3d7fb4685521f674ab92cd6cc9e418b0f7b8a9bb9cfa1f4d64555d19bc32e427a31ae29eb44a7b160dfc896b9ae0de9d548e910e6885f45ef2cc52c4e1b62ba8f664c4fe74fb43bda9d0d6736d7846780b8cab074cac9996072fb85449ce8f96b4bbed1e07472b516df29e25d6cdc49f1bba3058aac0694bc1a15f9c077ceafc988a582619822fa752ff1bf170651b9d3c82e15bbde546c034fb06823aeaaa9aeba9900320bfb81159a93f0de80df7a55e61ec0974d3335673aeea33bef534da77f3b0156486a1bef4080cc67b3cd90dbe36bea90cbe03f1272c89c8436e29f460a169bc2af2f6503c2180f1437013bbe63303ff3efc6c3fccfa6bff8217168e190d74086f7502f6bbd127a4d39588b637bde59a5f70e087a2e84b5e70ffe8971ea2ac23ecdf95090a6b2ae8c7958496137ae09430542548919d9c27f5bad1d671d36537fa3373ec3b1102fb02fa39e6f64d3e489365ca05fcfbd0374bbba5034eaa113ce288de76ef49d5b2869dcafe1bb0542c64a60944c71b7108db8469c8fc68d5776aaaa3fe634ad98d961f0d8309fe9d38178f867d9b9f47fe40179cf589e30d5c8645128711c471ab5efc1096194a104542e0e42def4e9bdffea61950703d78398449f2ed1cf2c00cbcbd1a596443606e0d48b70930689bba704d3a1bd19784472b615e2dae90567180e116172f845e3ccf2b9cbeea3a195801ca5e0263743a4410a25f89bce5589865ec7addb824ff8c94b94947fff23011d6a05fa6d2b01e896d427feff9a2dd934b1d4ebbe851bf0e53f811d1c033b375efaaa5d3b6c2c088e02a616547d4f3268edcc3b7cc6988437d32b924b2cb8cd5ec06557666aab5946989d97598c968991c646c9dbbf765ad3702d643cc4d6292e56ac46d18fe4f0977dfbd174150870ce8b922be578e763efd5f0895cbb50ebb43c1c804e8cefd12335b4c304d7112b577878fa88134ea5a0820db1ab7c919bb7aee92c4510668178d6d31511f8d7471adc246340aa19623f9ee95b38e7b8fc889a7bab2e4bc6a7af13df00a094b5a0b208cea769eb2f3422d71229229b412905c2a7b02c0c0877efb883cf6682a470266f96fbc644f7eae1744f9d237a718178e9ac7f2d16939631335773e500cb9ab4eafad1edd915a2b477134a71c836a20027412ae5d510eea0049494df24024f7e502668b07b9c1ff854c692d5fb2d3763ea46bddc54172f7b87f2875f5da6f5f6b74bd8d334b4415044a117b5de428d89905fb8a40681b528dcc0ce1aef6352a286901d8e8f9927f5d9c284fb5de777dc6b9909492bcc57171704c44a7cdb111b67da8be5127169078fe61482c1da95d701d8ade539371cde3e696cb638c7b9f5844ecad75a633cdbe97b2f86d91954ff6178a429de01800cd9cecf8fd680926e7972ac4b182f5810977bb8caa504a9a22bc817459ac0e79873ff833579a60718c6dc1944cd006c95ee0b52b44030a45a97f49e0fadc8903f7093215c5f8b4d5d5a8f42b3532d747accb3fa7a7ebc72af988ca7eb562d9858ca59ee23772f5eb01198b4233bb8ddd169d0833870c9926c14305ca0041fdd1a2e4d62613b84b3962b9812301c4ce06b002c7286726eb45ffcb1b8f3e51d4b257843a0b1e3a7873f6e8c0e3dc00766e4a9e9ecc14626b25d5cd3cb79aa98273a9bf016f23a805055a89705dfe1aff42a32b95fe0f34a29d180bf30e6906bb801a5173f91294b7c6c1ddba46d5b840a8cfb9296318c61f600a1cb105abc4afaaac7caff449f59d7d0918d6e2d1141e155fd532b8ae0c244de8b09b1392af9429dd56a708fdbd06c221b26503a8440616996259affc7055da601f31139bb5e893379032d5b9b875b808efb45481900083f18dbdc19155c03e7c8f5bd8e89facc8849dd549f301f7e7b6e3fe6930a8a406f6ae38c8974a0351167d1b4c02ba3989655293705ecf0fff1f300069197eef15159bb70ecd2bcfd9d429ab538c3a28e13c2840173421d139f4ade9f821987d1b238c2b568e885b7ae708971d34eaeb77b893ec900d395950283c5943715ba907c013ed6122f61e43a9c566359f7012b8c2cca08bd97e930d12d5992759ad1cc0ca2ccdd1de3b6d51cbbc68faaef10bce75db9ad7594ef047ca0bf49aff3e440d46d4cb64d2c07264369aac689e96858f86ab19da855f1ddaca906eec3aa93f0c273e9fd326a71b77dfac90b8961a11e9fc302ebd3c780fae1e4dcda7b9ce82a72aea899f674e086ccf933251349a91cd20de85ba299a7ba8d5a7540d5add21b63f3f29809a3d9b19a4375858153e222c46efe28f63f7bc90bed712681c0884986a1b7ed7746915b87f6911fa46a382e71f47b17d068101a482c854e1866381d5ac7ccfe703fb4bcbc2bf2b9f5bfa1d09c1c26e63c984745c93734bcad8c1c80114c0c7749da6601a942d0659846f2d4bec963900196e3080fc2be867f96d77c2bb89f408b1c4c493d82d65d7792e6073440437eb0c56ae63398ca044fb255f566c13a8af39c473c61506c38f4381b2edcc4844ee0cd7c6cceda7f8aa829ed928bb1baa290e28fd35e5bd9ed7f3f5295a5e9b38b268de6edc5499f26671d7c3e1a3269346835bd81acbd052796c69792f23dadfd29404cc1284a675036553aff1a3539633c74de7635870bae7bcef06fe0de748273da000bdcb093b019c1c55bb8f9f9fdeffb9d11caff0eaad1d059cbc299cf03790ea221da834bd938b46267474dc0942d2c7bf7d34dea13d81332c067282c5c2e9fae302afc0295b47000114b8f98b05adccd58ad9afbf4d84124b2d54a7312643aca6804b959620d8748543e7a4a4062ce94704aaa87f75a2224eb3ebfca1292983feb940c226866ff64a8300705bc67467d0966cd0a9d42fe69c18ea59a4b5e993159b026e4a35eaec897201baa967e52b1b6f9154dd971b94569cf55ba683a7a2360f0a7fe5f8850fb5f4862c6c16edd52f3a99bc94a1577ca538bd3efeec9474a3a325bf6a51b8b077bf04ef3eb193076803ac310e139aebe2359dbc2d1c93e428b1f3c75cf590fcfc2e3dadbb6fce5818df695cc1d11bae0652ebbd5ddb570f67ef697c98a47ca0acc7a7b23b57869856f1b0da85f22d1c144753fa9732dc4e70942588ebfc1aa2ea6c469b025f008414873907193e9a692c47039a88eefc695d9462eb17dc5609abb548d27ea690596425e95c90ddc35b5ba48a9921ab882d8dcacdff8905d924f7fb30bae3a425754ec0786c6181818cff0b466ed3244ae8c36409b79a8296f7e7b0d9b2cd425b49adaac909c8cfa5173875093abac3d515ac179b7abbd60592571225ea6357486c360f3c6f565e26e583faf8be18786c9c3869c63a018fc6b7d2124c65ee38b1073bb8a9e94faed36a9e440848dd4b8859d356aaa5dc90b174139e5147e53c45901a0d6e929f4febba565bc9755f234d3d356c795bc232a9df90aa787f03e037302932bfbcf5040ef5cfd0a18685d05c52aadb9826deeb45dd0db79ae92e5e80c3b2c905e070a7ec21a1f7538fc240000042e0917508b65bef25bce7a27988a7ce850c844d9935e1f2c5d551390a0f90b2760c59a7f01b24eacfd08094dbf47348abc2a86f3c0a38052a697df57dcd9f0877fd81a1c8a98182a1b805d17480f120739d13c9041f95e1243b570ad811ee01caf83f5f29a1442a5a2019ae41e7ac1d1a56c01af05ef95446420ec6138ddb472577d162f6c5547069836a54848cdf3d32a4396f0e307562cfbc6cf11bd7cbc7a33e27f41e399a5cdd9ffeb2afc376a3c965aa873cf725081009f9f7cb8ddf7c9f258d548a255ea1aedd87358c4df87d77cf290dfd19ae4e174de9766b9855dbd34ef22a0eadb585b5d3bfdf3718d8c455570ca63979d62812aa74c806c142a974a69161d501a3e850dfa40ffe919818e0ab3c524724646141117a447ed1970fbdef891cf115d58eba6d878d9090a7e7a427e7df9a1e38383122ca18c7b842e3ddd04b936b57ad2271710480557e51b390b1059ae06212aecaa4538dbf71ea4eb4d5892ba55b2840976d0ed6b0696b5327b355cf3dedfca0cee5b93b5aca143ae7e7554920c982f04f76fdf26b390229079de333e47752547caff13d78cf75a3a13c5bd4f2a4285d12a86e3933762178716c47efc4c351d3d2e6dab97584d822bb64e0665e428a7d1a36f35c4f14f9158bdc95e3b2b10ae19ba79b9faef8e931e63d092b9dc3d1816164b3d7af1da090937d3741d8e11854cabd1c9d2ac072ac1b00fce837ebedeac663f259054c525db7e33830b1c0bcfa43195504324ccece855907ff85f003f50bba907e25b601c0427dab7f21000ba45f5bf30d5eede252c23c4ec6cadffb45efcb0cf976477cf5ace2b0bb3b57794f19c500c7c0557f949421260e503b52386bb146cd15673f705b39222360874eee15e8a618e5411be260805b46eb61d7cc704f79952fcd12bffc8f57925458cfad59cc6c7bbf0a417a27893fabdc65faf30c818065be6aefe841b50560f387854d996ab3474b2178eb71b1cc719008edacf3ec951ba022a1f3797b7fd0c45796d0c028fc07e92a5b1e8c5d3e8ba90622736405fb202c8d361cd620ad175b1325a13ecd55ceaf7a"}}}}, 0xfce)

3m1.227629967s ago: executing program 4 (id=10275):
prctl$PR_SET_SECUREBITS(0x1c, 0x1d)
setuid(0xee01)
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x5)
preadv(r0, 0x0, 0x0, 0x0, 0x0)

3m1.142278132s ago: executing program 4 (id=10276):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x23e9c9e, 0x0)
mount$bind(&(0x7f0000000280)='./file0/file0\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, 0x28e3291, 0x0)

3m1.130697502s ago: executing program 4 (id=10278):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0xce, 0x0, 0x6}]})

3m0.770978985s ago: executing program 4 (id=10287):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x400, &(0x7f0000000500)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})

3m0.711748023s ago: executing program 38 (id=10287):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x400, &(0x7f0000000500)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@metacopy_on}]})

2m33.100126249s ago: executing program 2 (id=10857):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000300)=0x20, 0x4)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000000340)=""/4096, 0x1000}], 0x1)
write$binfmt_misc(r0, &(0x7f0000000300), 0x6)

2m33.020649378s ago: executing program 2 (id=10858):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2002, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x40000105, 0x0, 0x1}]})
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000040))

2m32.746810573s ago: executing program 2 (id=10859):
mkdir(&(0x7f0000000000)='./file0\x00', 0x2)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x8002, 0x0)
chdir(&(0x7f0000000300)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.kill\x00', 0x275a, 0x0)
read$FUSE(r0, &(0x7f0000002780)={0x2020}, 0xffffffffffffff41)

2m32.51428909s ago: executing program 2 (id=10865):
mkdirat(0xffffffffffffff9c, &(0x7f0000000800)='./file0\x00', 0x44)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1)

2m32.128970326s ago: executing program 2 (id=10877):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x97)
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000100)=0x2000004)
pwritev(r0, &(0x7f0000000040)=[{&(0x7f0000000240)="00214717a70700000000030600710a5e31163ceb9d0671200000000510000000000080ffff03425d4d50e7182ce0ab6d0000", 0x32}], 0x1, 0x3, 0x7)

2m31.790815511s ago: executing program 2 (id=10882):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x1e0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000080), 0x8, &(0x7f0000000700)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)

2m31.633608472s ago: executing program 39 (id=10882):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x1e0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000080), 0x8, &(0x7f0000000700)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0)

2m2.022519784s ago: executing program 9 (id=11503):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001040)=ANY=[@ANYBLOB="4c0000000d0a010800000000000000000a0000010900020073797a31000000000900010073797a3100000000200003801c0000800c000180060002"], 0x4c}, 0x1, 0x0, 0x0, 0x4000805}, 0x8000)

2m1.986397398s ago: executing program 9 (id=11507):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_GSI_ROUTING(r1, 0x4008ae6a, &(0x7f0000000280)={0x1, 0x0, [{0x3, 0x5, 0x0, 0x0, @adapter={0x5, 0x7fffffffffffffff, 0x8000000000000001, 0x80, 0x3}}]})
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000000)={0x3, 0x8248})

2m1.834863093s ago: executing program 9 (id=11510):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_wait_time\x00', 0x26e1, 0x0)
close(r0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0x6, 0x40, 0x40, 0x41}, 0x48)
ioctl$SIOCSIFHWADDR(r0, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100ffffffff"})

2m1.788964976s ago: executing program 9 (id=11511):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
unlinkat(r1, &(0x7f00000011c0)='./file0\x00', 0x0)

2m1.788709273s ago: executing program 9 (id=11512):
r0 = socket$inet(0x2, 0x3, 0x8)
setsockopt$inet_int(r0, 0x0, 0x5, &(0x7f0000000080)=0x7, 0x4)
r1 = socket$inet(0x2, 0x3, 0x6)
r2 = dup3(r0, r1, 0x0)
setsockopt$inet_int(r2, 0x0, 0x5, 0x0, 0x0)

2m1.729920823s ago: executing program 9 (id=11514):
r0 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r0, &(0x7f0000000040)={0x4, 0xfffffffffffffd80, 0xfa00, {0xffffffffffffffff, 0xd}}, 0xfffffe01)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
creat(&(0x7f00000000c0)='./file1\x00', 0x0)

2m1.636837212s ago: executing program 40 (id=11514):
r0 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r0, &(0x7f0000000040)={0x4, 0xfffffffffffffd80, 0xfa00, {0xffffffffffffffff, 0xd}}, 0xfffffe01)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
creat(&(0x7f00000000c0)='./file1\x00', 0x0)

1m43.539136798s ago: executing program 1 (id=11814):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x118)
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0x9361, 0x0)

1m43.530423367s ago: executing program 1 (id=11815):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000004300), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x406, 0x80801)
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000100)={0x1, r2})
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f00000000c0)={0x1, 0xffffffffffffffff, 0x1})

1m43.319777582s ago: executing program 1 (id=11819):
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x103000, 0x8d)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0)
close(0x3)

1m43.197205852s ago: executing program 1 (id=11824):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(&(0x7f0000001900)='.\x00', &(0x7f0000000380)='./file0/file0\x00', 0x0, 0x2a05004, 0x0)
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)

1m43.131421002s ago: executing program 1 (id=11829):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
r1 = epoll_create(0x3ff)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180)={0x20000008})

1m42.83917488s ago: executing program 1 (id=11837):
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x181)
write$cgroup_int(r0, &(0x7f0000000540), 0xfffffdd8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

1m42.7591533s ago: executing program 41 (id=11837):
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
r0 = creat(&(0x7f0000000040)='./bus\x00', 0x181)
write$cgroup_int(r0, &(0x7f0000000540), 0xfffffdd8)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)

57.590002532s ago: executing program 3 (id=12402):
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001200), 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f000002f000/0x4000)=nil, 0x4000, 0x8)

56.745090701s ago: executing program 3 (id=12409):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000380)={0x0, 0x6}, &(0x7f00000003c0)=0x8)

56.65002256s ago: executing program 3 (id=12410):
syz_usb_connect(0x1, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904010001faf40d00090582239f"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x800000000000)
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000002000)={0x0, 0xec25, 0x1000, 0x2, 0x3d7}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f0000000000)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x847ba, 0x79c, 0xe, 0x0, 0x0)

53.616044512s ago: executing program 3 (id=12441):
mkdirat(0xffffffffffffff9c, &(0x7f0000000800)='./file0\x00', 0x44)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000100)='proc\x00', 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x1)

53.615480922s ago: executing program 3 (id=12442):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
creat(&(0x7f0000000080)='./file0/file1\x00', 0x90)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff})
pipe2$9p(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000004500), 0x0, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000}]}})
write$P9_RVERSION(r2, &(0x7f0000000080)=ANY=[@ANYBLOB="150000006bffff", @ANYRES16=r1], 0x15)

53.340356555s ago: executing program 3 (id=12444):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x881, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000300)={0x1, 0x0, [{0x40000021, 0x0, 0x1b3}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

53.279616992s ago: executing program 42 (id=12444):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x881, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000300)={0x1, 0x0, [{0x40000021, 0x0, 0x1b3}]})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.158956347s ago: executing program 5 (id=13292):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000340)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000006c0)=@newchain={0x43c, 0x64, 0x100, 0x70bd29, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x7}, {0xfff1}, {0xc, 0xe}}, [@f_rsvp6={{0xa}, {0x40c, 0x2, [@TCA_RSVP_POLICE={0x408, 0x5, [@TCA_POLICE_RATE={0x404, 0x2, [0x85, 0x8, 0x4, 0x9, 0x4, 0x9, 0xcf, 0x775, 0xfffffffa, 0x3, 0xa2, 0x4, 0x4, 0x7fff, 0x3, 0xf, 0x4, 0x3, 0x6, 0x2, 0x8, 0x7, 0x6, 0xffffffff, 0x9, 0x78, 0x1, 0x2, 0x4, 0x1, 0xfffffee8, 0x5, 0x9, 0xa, 0x5, 0x8000, 0xd9, 0x0, 0x16, 0x0, 0x8, 0xfffffffa, 0x1ff, 0x5, 0x3ff, 0x7, 0x0, 0x5, 0xfffffff7, 0x8, 0x50ea, 0x6, 0x8001, 0x9, 0xb0e0, 0xf, 0x5, 0x8, 0x3, 0x0, 0x4, 0x5b23, 0x5, 0x8, 0x2, 0xee, 0x7fffffff, 0x7fffffff, 0x3, 0x172, 0x5ae27a20, 0x5, 0x6, 0x4, 0x200, 0x1ff, 0x3, 0x400, 0xe6b3, 0xd171, 0x6, 0x1ff, 0x7, 0x699213b0, 0x9, 0xa, 0x12, 0x3, 0x4, 0x0, 0x100, 0x5, 0x6793, 0x0, 0x1, 0xfffffffa, 0x9, 0x80000000, 0x7, 0x5, 0x0, 0x80000000, 0x400, 0x35, 0x7, 0x5, 0x8, 0x6, 0x9, 0x0, 0x1, 0x5, 0x2, 0x2, 0x2, 0x7ff, 0x40, 0x7f, 0x5fece1ea, 0xbf7, 0x8, 0x78, 0xe, 0x80000000, 0x6, 0x8, 0x5, 0xe, 0x5, 0x200, 0x4, 0x4, 0x0, 0x0, 0x1, 0x3, 0xb, 0x70, 0x2, 0x1, 0x9, 0x1800000, 0x9, 0xbff, 0x4, 0x6, 0x800, 0x7, 0x5, 0x3, 0x0, 0x6, 0x0, 0x2, 0x6, 0x800, 0x3ff, 0x9, 0x3, 0xcc, 0xc60, 0x3, 0x8, 0x4, 0x1, 0x0, 0x7, 0x2, 0x6, 0xc, 0x4, 0x32, 0x2, 0x8, 0x1000, 0x2, 0x4, 0x4, 0x2, 0xffff, 0xb37, 0x7fff, 0xbec, 0x8, 0x5, 0x1, 0x5, 0x0, 0x1, 0xffff, 0x7f, 0x3, 0x94f, 0xc91, 0x9, 0x3, 0x2, 0xd46, 0xf, 0x200, 0x0, 0x8, 0x7fffffff, 0x0, 0x8, 0x2, 0x1, 0xb, 0x18000000, 0x4, 0x5, 0xd756, 0x6, 0x3, 0x800, 0xd3, 0x2, 0x6, 0x9, 0x4, 0x7, 0x5, 0xaec, 0x100, 0x0, 0xfffffffb, 0x40, 0xfffffffe, 0x3, 0xa, 0x7f, 0x1, 0x9c, 0x400, 0x5, 0x8000, 0x8, 0x8, 0x9, 0x6, 0xffffff7f, 0xee2b, 0x7, 0xeaf, 0x3, 0x401, 0x7, 0x7f, 0x5f, 0x1000, 0x7, 0x9, 0x7, 0x8001, 0x9, 0x3]}]}]}}]}, 0x43c}, 0x1, 0x0, 0x0, 0x1}, 0x40881)
recvmmsg(r1, &(0x7f0000006fc0)=[{{0x0, 0x0, &(0x7f0000001f80)=[{&(0x7f0000000d40)=""/13, 0xd}, {&(0x7f0000000d80)=""/247, 0xf7}], 0x2}, 0x3}], 0x1, 0x1, 0x0)

4.078632641s ago: executing program 5 (id=13293):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r0, 0x5)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
flock(r1, 0x5)
r2 = syz_open_procfs(0x0, &(0x7f0000000480)='fdinfo/3\x00')
read$eventfd(r2, &(0x7f0000000280), 0x8)

4.077236012s ago: executing program 5 (id=13296):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000100)={0x1, 0x0, 0x7fffffffffffffef, 0x20002})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000180)={0x24, 0x0, 0x0, &(0x7f0000000000)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, "2313"}, @global=@item_012={0x2, 0x1, 0x0, "e53f"}, @main=@item_4={0x3, 0x0, 0x9, "b2938f8d"}, @local=@item_012={0x2, 0x2, 0x2, "9000"}, @global=@item_4={0x3, 0x1, 0x0, "0900be00"}, @main=@item_4={0x3, 0x0, 0x8}, @global=@item_4={0x3, 0x1, 0xa, "a90da1f6"}, @local=@item_4={0x3, 0x2, 0x0, "00000400"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
ioctl$EVIOCGKEYCODE_V2(r1, 0x80284504, &(0x7f0000000100)=""/95)

2.809609051s ago: executing program 0 (id=13314):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)

2.809477544s ago: executing program 0 (id=13315):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$packet(0x11, 0x3, 0x300)
socketpair(0x1, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
getpeername$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r0, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0xdd86, r2}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000080)='O', 0x1}], 0x1}}], 0x1, 0x0)

2.749825156s ago: executing program 0 (id=13316):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040260933334000000000010902240001000000000904000001030100000921000000012201000905810308"], 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009ac0b620110f2110"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, &(0x7f0000000100)=""/178, 0xb2)
syz_usb_ep_write(r0, 0x81, 0x1, &(0x7f00000000c0)="ad")

2.448487689s ago: executing program 5 (id=13320):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x3, 0x2000007d, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xf}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)

2.447971014s ago: executing program 5 (id=13322):
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000280), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000040)={0x4000001, 0x71, 0x1})
pread64(r0, 0x0, 0x2000, 0x1)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffff7f}]})
close_range(r1, 0xffffffffffffffff, 0x0)

1.559167423s ago: executing program 7 (id=13335):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'macvlan0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000010c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="440000001000010400"/20, @ANYRES32=r1, @ANYBLOB="00001700000000001c0037800b0001206970768a616e08000c0002800600010000000000050027"], 0x44}, 0x1, 0x0, 0x0, 0x50}, 0x48044)
r2 = socket$netlink(0x10, 0x3, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)

1.386215508s ago: executing program 7 (id=13336):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="4c000000100039042abd70000000000000000000", @ANYRES32=r1, @ANYBLOB="01180200031100002c0012800e00010069703665727370616e0000001800028008001500a8bc0d00040012"], 0x4c}}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010428bd70000300000000000000", @ANYRES32=r1, @ANYBLOB="00904900e5080000340012800e00010069703665727370616e0000002000028004001200050016000100000008000100be54ef07dfd3fb57751d4ecc80f398044b"], 0x54}, 0x1, 0x0, 0x0, 0x10}, 0x12)

1.29046779s ago: executing program 7 (id=13338):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000140)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000005c0)=0x56)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4000000010003904000000000000000080040000", @ANYRES32=r2, @ANYBLOB="01980000000000002000128008000100736974001400028006000e000600000008000100", @ANYRES64=r2], 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendto$packet(r0, &(0x7f0000000600)="05d936277c6f54220002097844ffcf8bd1846f7f83477ca1b278e3e4018a34844b9d62cbd7cd2a62", 0x28, 0x8c1, &(0x7f00000000c0)={0x11, 0x86dd, r2, 0x1, 0x4, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

1.159434991s ago: executing program 7 (id=13340):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e24, 0x2, @loopback, 0x5}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000004c0)=@gcm_256={{0x303, 0x3a}, "56db7a27adf81000", "acef1a3a330723599e69856bf21ad6caf77c9a99b7bbebfa6dc371290d0e3808", "33681901"}, 0x38)
sendto$inet6(r0, &(0x7f0000000000)="c3c1fb4953776d60ea72eeab013f34953a", 0x11, 0x80, 0x0, 0x0)

1.093439971s ago: executing program 7 (id=13342):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(cast6)\x00'}, 0x58)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x8031, 0xffffffffffffffff, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000004c0), r1)

752.356875ms ago: executing program 8 (id=13345):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./file0/../file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000180)='./file0/file0\x00', &(0x7f0000000140)='./file0\x00', 0x0, 0x2181099, 0x0)
umount2(&(0x7f0000000380)='./file0\x00', 0x0)

676.495625ms ago: executing program 8 (id=13346):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8000000850000000500000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000400)={@ifindex, r0, 0x2f}, 0x20)
bpf$BPF_PROG_DETACH(0x9, &(0x7f00000001c0)={@cgroup=r0, r2, 0x2f, 0x10, 0x4, @void, @value=r0}, 0x20)

671.537813ms ago: executing program 8 (id=13347):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19, '\x00', 0x0, @fallback=0x33}, 0x94)
r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000500)={0x0, 0x7736, 0x80, 0x0, 0x269}, &(0x7f0000000140)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x18, 0x0, 0x0, 0x0, &(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x9})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

529.666989ms ago: executing program 8 (id=13348):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000003c0)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r2, {0x9, 0xe}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_CT_MARK={0x8, 0x5f, 0x67}]}}]}, 0x3c}}, 0x0)

449.948732ms ago: executing program 0 (id=13349):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_TSC_KHZ_vm(r1, 0xaea2, 0x800000080000000)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_TSC_KHZ_cpu(r2, 0xaea2, 0x8)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

403.912647ms ago: executing program 8 (id=13350):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup(r1, &(0x7f0000000080)='syz1\x00', 0x200002, 0x0)
r3 = openat$cgroup_type(r2, &(0x7f00000001c0), 0x2, 0x0)
write$cgroup_int(r3, &(0x7f0000000040)=0xfffffffffffffffd, 0x12)

307.421539ms ago: executing program 8 (id=13351):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x10002, 0x1, 0x1})
r1 = gettid()
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000040)=0x6)
timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

295.492677ms ago: executing program 0 (id=13352):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
madvise(&(0x7f00004c0000/0x4000)=nil, 0x4000, 0x66)

109.886281ms ago: executing program 7 (id=13353):
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{0x0}, {0x0}, {&(0x7f00000003c0)}], 0x3}], 0x1, 0x40800)
sendmsg$kcm(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f903", 0x11}], 0x1}, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb79100a6c52d922ba2a05dd4242"], 0xfdef)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000540)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x3, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

11.693701ms ago: executing program 0 (id=13354):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22, 0x0, @rand_addr, 0xfffffffd}, 0x1c)
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2, &(0x7f0000000240)=0x9, 0x4)
setsockopt$sock_int(r0, 0x1, 0x2, &(0x7f00000002c0)=0x10401, 0x4)
bind$inet6(r1, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)

0s ago: executing program 5 (id=13355):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x8000, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f0000000040), 0x10001, &(0x7f00000001c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
unshare(0x22020600)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1)
fstatfs(r1, 0x0)

kernel console output (not intermixed with test programs):

 nbd5: Dead connection, failed to find a fallback
[  565.780668][T27206] block nbd5: shutting down sockets
[  565.785073][T27206] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  565.789755][T27206] Buffer I/O error on dev nbd5, logical block 0, async page read
[  565.796070][T27206] I/O error, dev nbd5, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  565.800013][T27206] Buffer I/O error on dev nbd5, logical block 1, async page read
[  565.803609][T27206] I/O error, dev nbd5, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  565.807803][T27206] Buffer I/O error on dev nbd5, logical block 2, async page read
[  565.811275][T27206] I/O error, dev nbd5, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  565.815389][T27206] Buffer I/O error on dev nbd5, logical block 3, async page read
[  565.818932][T27206] I/O error, dev nbd5, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  565.823566][T27206] Buffer I/O error on dev nbd5, logical block 0, async page read
[  565.827414][T27206] I/O error, dev nbd5, sector 2 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  565.832411][T27206] Buffer I/O error on dev nbd5, logical block 1, async page read
[  565.835960][T27206] I/O error, dev nbd5, sector 4 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  565.840220][T27206] Buffer I/O error on dev nbd5, logical block 2, async page read
[  565.843942][T27206] I/O error, dev nbd5, sector 6 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  565.848215][T27206] Buffer I/O error on dev nbd5, logical block 3, async page read
[  565.851702][T27206] Buffer I/O error on dev nbd5, logical block 0, async page read
[  565.855408][T27206] ldm_validate_partition_table(): Disk read failed.
[  565.858441][T27206] Dev nbd5: unable to read RDB block 0
[  565.861221][T27206]  nbd5: unable to read partition table
[  565.876657][T32401] netlink: 56 bytes leftover after parsing attributes in process `syz.1.11548'.
[  565.891021][T27206] ldm_validate_partition_table(): Disk read failed.
[  565.894529][T27206] Dev nbd5: unable to read RDB block 0
[  565.898065][T27206]  nbd5: unable to read partition table
[  565.909164][ T1191] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  565.913605][ T1191] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  565.940653][T32403] bridge1: entered promiscuous mode
[  565.947385][T32403] bridge1: entered allmulticast mode
[  565.952148][T32403] team0: Port device bridge1 added
[  565.966355][ T1191] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  565.969016][ T1191] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  565.988440][T32403] bridge0: port 3(team0) entered blocking state
[  565.992269][T32403] bridge0: port 3(team0) entered disabled state
[  565.994408][T32403] team0: entered allmulticast mode
[  565.996080][T32403] team_slave_0: entered allmulticast mode
[  565.998106][T32403] team_slave_1: entered allmulticast mode
[  566.003914][T32403] team0: entered promiscuous mode
[  566.005550][T32403] team_slave_0: entered promiscuous mode
[  566.007429][T32403] team_slave_1: entered promiscuous mode
[  566.009742][T32403] bridge0: port 3(team0) entered blocking state
[  566.012071][T32403] bridge0: port 3(team0) entered forwarding state
[  566.411566][   T54] usb 13-1: new full-speed USB device number 17 using dummy_hcd
[  566.572876][   T54] usb 13-1: config 0 has no interfaces?
[  566.578353][   T54] usb 13-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  566.582192][   T54] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  566.585860][   T54] usb 13-1: Product: syz
[  566.587753][   T54] usb 13-1: Manufacturer: syz
[  566.589744][   T54] usb 13-1: SerialNumber: syz
[  566.595193][   T54] usb 13-1: config 0 descriptor??
[  566.764347][ T5946] Bluetooth: hci1: command tx timeout
[  566.814381][T26266] usb 13-1: USB disconnect, device number 17
[  567.231535][   T71] usb 5-1: new low-speed USB device number 26 using dummy_hcd
[  567.403291][   T71] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  567.411460][   T71] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  567.415224][   T71] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  567.419858][   T71] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  567.424519][   T71] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  567.439812][T32464] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  567.446487][   T71] hub 5-1:1.0: bad descriptor, ignoring hub
[  567.449119][   T71] hub 5-1:1.0: probe with driver hub failed with error -5
[  567.456984][   T71] cdc_wdm 5-1:1.0: skipping garbage
[  567.459146][   T71] cdc_wdm 5-1:1.0: skipping garbage
[  567.465533][   T71] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  567.468230][   T71] cdc_wdm 5-1:1.0: Unknown control protocol
[  567.636771][T32486] ubi31: attaching mtd0
[  567.807577][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  568.207331][  T843] usb 5-1: USB disconnect, device number 26
[  568.209484][T32464] cdc_wdm 5-1:1.0: Error autopm - -16
[  568.341578][  T843] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  568.361850][   T54] usb 6-1: new high-speed USB device number 59 using dummy_hcd
[  568.492234][  T843] usb 5-1: Using ep0 maxpacket: 8
[  568.497097][  T843] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  568.501504][  T843] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  568.504941][  T843] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  568.509437][  T843] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  568.514520][  T843] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  568.517709][  T843] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  568.529409][  T843] hub 5-1:1.0: bad descriptor, ignoring hub
[  568.534636][  T843] hub 5-1:1.0: probe with driver hub failed with error -5
[  568.537940][  T843] cdc_wdm 5-1:1.0: skipping garbage
[  568.540882][   T54] usb 6-1: config index 0 descriptor too short (expected 45, got 36)
[  568.541859][  T843] cdc_wdm 5-1:1.0: skipping garbage
[  568.544537][   T54] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  568.550405][   T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  568.550835][  T843] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  568.554338][   T54] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  568.556587][  T843] cdc_wdm 5-1:1.0: Unknown control protocol
[  568.559744][   T54] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  568.567921][   T54] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  568.572001][   T54] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  568.582434][   T54] usb 6-1: config 0 descriptor??
[  568.853661][ T5946] Bluetooth: hci1: command tx timeout
[  568.856248][  T843] usb 5-1: USB disconnect, device number 27
[  569.012005][   T54] plantronics 0003:047F:FFFF.001D: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  569.254021][   T71] usb 6-1: USB disconnect, device number 59
[  569.638317][T32569] syzkaller1: entered promiscuous mode
[  569.640745][T32569] syzkaller1: entered allmulticast mode
[  569.752195][   T54] usb 13-1: new low-speed USB device number 18 using dummy_hcd
[  569.917066][   T54] usb 13-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  569.920674][   T54] usb 13-1: config 1 has 1 interface, different from the descriptor's value: 2
[  569.931418][   T54] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 26984, setting to 8
[  569.934900][   T54] usb 13-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  569.937958][   T54] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  569.947863][T32564] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  569.963428][   T54] hub 13-1:1.0: bad descriptor, ignoring hub
[  569.967021][   T54] hub 13-1:1.0: probe with driver hub failed with error -5
[  569.969867][   T54] cdc_wdm 13-1:1.0: skipping garbage
[  569.972082][   T54] cdc_wdm 13-1:1.0: skipping garbage
[  569.977227][   T54] cdc_wdm 13-1:1.0: cdc-wdm0: USB WDM device
[  569.979329][   T54] cdc_wdm 13-1:1.0: Unknown control protocol
[  570.030697][T32611] netlink: 12 bytes leftover after parsing attributes in process `syz.1.11639'.
[  570.095027][T32620] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes
[  570.303810][T32647] dummy0: entered promiscuous mode
[  570.306881][T32647] macvtap0: entered promiscuous mode
[  570.309451][T32647] macvtap0: entered allmulticast mode
[  570.314882][T32647] dummy0: entered allmulticast mode
[  570.318360][T32647] team0: Device macvtap0 is up. Set it down before adding it as a team port
[  570.324249][T32647] dummy0: left allmulticast mode
[  570.326835][T32647] dummy0: left promiscuous mode
[  570.714791][T32564] cdc_wdm 13-1:1.0: Error autopm - -16
[  570.715037][   T71] usb 13-1: USB disconnect, device number 18
[  570.731537][  T843] usb 6-1: new full-speed USB device number 60 using dummy_hcd
[  570.851480][   T71] usb 13-1: new high-speed USB device number 19 using dummy_hcd
[  570.903311][  T843] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  570.907235][  T843] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  570.912815][  T843] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  570.916661][  T843] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.923553][ T5946] Bluetooth: hci1: command tx timeout
[  571.002071][   T71] usb 13-1: Using ep0 maxpacket: 8
[  571.006999][   T71] usb 13-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  571.013183][   T71] usb 13-1: config 1 has 1 interface, different from the descriptor's value: 2
[  571.017167][   T71] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  571.022325][   T71] usb 13-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  571.027052][   T71] usb 13-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  571.030991][   T71] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  571.039656][   T71] hub 13-1:1.0: bad descriptor, ignoring hub
[  571.042785][   T71] hub 13-1:1.0: probe with driver hub failed with error -5
[  571.046370][   T71] cdc_wdm 13-1:1.0: skipping garbage
[  571.048784][   T71] cdc_wdm 13-1:1.0: skipping garbage
[  571.053562][   T71] cdc_wdm 13-1:1.0: cdc-wdm0: USB WDM device
[  571.056276][   T71] cdc_wdm 13-1:1.0: Unknown control protocol
[  571.138950][  T843] usb 6-1: usb_control_msg returned -32
[  571.141618][  T843] usbtmc 6-1:16.0: can't read capabilities
[  571.361780][   T71] usb 13-1: USB disconnect, device number 19
[  572.041508][T26266] usb 13-1: new high-speed USB device number 20 using dummy_hcd
[  572.201464][T26266] usb 13-1: Using ep0 maxpacket: 8
[  572.204955][T26266] usb 13-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  572.209215][T26266] usb 13-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  572.213352][T26266] usb 13-1: config 0 interface 0 has no altsetting 0
[  572.215864][T26266] usb 13-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  572.219838][T26266] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  572.225575][T26266] usb 13-1: config 0 descriptor??
[  572.641229][T26266] hid_parser_main: 20 callbacks suppressed
[  572.641243][T26266] mcp2221 0003:04D8:00DD.001E: unknown main item tag 0x0
[  572.647044][T26266] mcp2221 0003:04D8:00DD.001E: unknown main item tag 0x0
[  572.649482][T26266] mcp2221 0003:04D8:00DD.001E: unknown main item tag 0x0
[  572.652524][T26266] mcp2221 0003:04D8:00DD.001E: unknown main item tag 0x0
[  572.655638][T26266] mcp2221 0003:04D8:00DD.001E: unknown main item tag 0x0
[  572.659522][T26266] mcp2221 0003:04D8:00DD.001E: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.8-1/input0
[  572.840460][T32684] i2c i2c-2: unsupported multi-msg i2c transaction
[  572.844362][  T843] usb 13-1: USB disconnect, device number 20
[  573.489971][  T843] usb 6-1: USB disconnect, device number 60
[  574.073027][T32735] tipc: Started in network mode
[  574.075302][T32735] tipc: Node identity ac14140f, cluster identity 4711
[  574.078435][T32735] tipc: New replicast peer: 255.255.255.255
[  574.081587][T32735] tipc: Enabled bearer <udp:syz2>, priority 10
[  574.841728][ T6213] usb 6-1: new high-speed USB device number 61 using dummy_hcd
[  575.001988][ T6213] usb 6-1: Using ep0 maxpacket: 32
[  575.005956][ T6213] usb 6-1: config index 0 descriptor too short (expected 35577, got 27)
[  575.009551][ T6213] usb 6-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  575.013732][ T6213] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 92
[  575.017565][ T6213] usb 6-1: config 1 has no interface number 0
[  575.020229][ T6213] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  575.025668][ T6213] usb 6-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  575.030970][ T6213] usb 6-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  575.035158][ T6213] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.047410][ T6213] snd_usb_pod 6-1:1.1: Line 6 Pocket POD found
[  575.201643][ T6030] tipc: Node number set to 2886997007
[  575.262188][ T6213] snd_usb_pod 6-1:1.1: set_interface failed
[  575.264157][ T6213] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now disconnected
[  575.271527][ T6213] snd_usb_pod 6-1:1.1: probe with driver snd_usb_pod failed with error -71
[  575.281673][ T6213] usb 6-1: USB disconnect, device number 61
[  575.843415][  T328] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11720'.
[  575.892702][  T328] team0: Port device team_slave_0 removed
[  576.061692][   T54] usb 13-1: new high-speed USB device number 21 using dummy_hcd
[  576.151936][  T335] warn_alloc: 1 callbacks suppressed
[  576.151948][  T335] syz.3.11723: page allocation failure: order:10, mode:0x40cc0(GFP_KERNEL|__GFP_COMP), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  576.158681][  T335] CPU: 3 UID: 0 PID: 335 Comm: syz.3.11723 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  576.158701][  T335] Tainted: [L]=SOFTLOCKUP
[  576.158705][  T335] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  576.158713][  T335] Call Trace:
[  576.158718][  T335]  <TASK>
[  576.158723][  T335]  dump_stack_lvl+0x100/0x190
[  576.158744][  T335]  warn_alloc.cold+0x95/0x1c1
[  576.158764][  T335]  ? __pfx_warn_alloc+0x10/0x10
[  576.158782][  T335]  ? psi_memstall_leave+0x19c/0x2e0
[  576.158801][  T335]  ? __pfx___might_resched+0x10/0x10
[  576.158821][  T335]  __alloc_frozen_pages_noprof+0xf36/0x2ba0
[  576.158847][  T335]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  576.158872][  T335]  ? kasan_quarantine_put+0x104/0x240
[  576.158889][  T335]  ? lockdep_hardirqs_on+0x78/0x100
[  576.158905][  T335]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  576.158925][  T335]  ? policy_nodemask+0xed/0x4f0
[  576.158944][  T335]  alloc_pages_mpol+0x1fb/0x550
[  576.158962][  T335]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  576.158988][  T335]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  576.159013][  T335]  ? raw_alloc_io_data+0x14d/0x1c0
[  576.159032][  T335]  ___kmalloc_large_node+0x104/0x150
[  576.159058][  T335]  __kmalloc_large_node_noprof+0x1c/0x70
[  576.159082][  T335]  __kmalloc_noprof+0x5be/0x850
[  576.159116][  T335]  raw_alloc_io_data+0x14d/0x1c0
[  576.159136][  T335]  raw_ioctl+0x1214/0x2b80
[  576.159156][  T335]  ? __pfx_raw_ioctl+0x10/0x10
[  576.159169][  T335]  ? __pfx_raw_ioctl+0x10/0x10
[  576.159180][  T335]  __ia32_compat_sys_ioctl+0x2cf/0x360
[  576.159198][  T335]  __do_fast_syscall_32+0xe3/0x8c0
[  576.159216][  T335]  do_fast_syscall_32+0x32/0x70
[  576.159233][  T335]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  576.159246][  T335] RIP: 0023:0xf7fd7f6c
[  576.159256][  T335] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  576.159267][  T335] RSP: 002b:00000000f549650c EFLAGS: 00000292 ORIG_RAX: 0000000000000036
[  576.159278][  T335] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0085504
[  576.159285][  T335] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  576.159291][  T335] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  576.159297][  T335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  576.159304][  T335] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  576.159317][  T335]  </TASK>
[  576.159321][  T335] Mem-Info:
[  576.217576][   T54] usb 13-1: Using ep0 maxpacket: 32
[  576.218962][  T335] active_anon:730 inactive_anon:1326 isolated_anon:0
[  576.218962][  T335]  active_file:1306 inactive_file:15689 isolated_file:0
[  576.218962][  T335]  unevictable:1768 dirty:453 writeback:0
[  576.218962][  T335]  slab_reclaimable:7923 slab_unreclaimable:80417
[  576.218962][  T335]  mapped:23082 shmem:1793 pagetables:2001
[  576.218962][  T335]  sec_pagetables:317 bounce:0
[  576.218962][  T335]  kernel_misc_reclaimable:0
[  576.218962][  T335]  free:59621 free_pcp:554 free_cma:0
[  576.224796][   T54] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  576.225769][  T335] Node 0 active_anon:136kB inactive_anon:72kB active_file:304kB inactive_file:1232kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:20kB dirty:12kB writeback:0kB shmem:3544kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8512kB pagetables:1276kB sec_pagetables:1132kB all_unreclaimable? yes Balloon:0kB
[  576.227371][   T54] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  576.227398][   T54] usb 13-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  576.235893][  T335] Node 1 active_anon:2784kB inactive_anon:5132kB active_file:4920kB inactive_file:61324kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:92308kB dirty:1800kB writeback:0kB shmem:3628kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7428kB pagetables:6728kB sec_pagetables:136kB all_unreclaimable? no Balloon:0kB
[  576.235951][  T335] Node 0 DMA free:4100kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:132kB unevictable:0kB writepending:0kB zspages:20kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:60kB local_pcp:0kB free_cma:0kB
[  576.236014][  T335] lowmem_reserve[]: 0 285 285 285 285
[  576.236052][  T335] Node 0 DMA32 free:32716kB boost:16384kB min:29456kB low:32724kB high:35992kB reserved_highatomic:0KB free_highatomic:0KB active_anon:136kB inactive_anon:72kB active_file:304kB inactive_file:1100kB unevictable:3536kB writepending:12kB zspages:652kB present:1032196kB managed:292588kB mlocked:0kB bounce:0kB free_pcp:484kB local_pcp:0kB free_cma:0kB
[  576.240927][   T54] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  576.243182][  T335] lowmem_reserve[]: 0 0 0 0 0
[  576.243229][  T335] Node 1 DMA32 free:201212kB boost:0kB min:47140kB low:58924kB high:70708kB reserved_highatomic:0KB free_highatomic:0KB active_anon:2784kB inactive_anon:5132kB active_file:4920kB inactive_file:61324kB unevictable:3536kB writepending:1800kB zspages:6244kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:2156kB local_pcp:0kB free_cma:0kB
[  576.243292][  T335] lowmem_reserve[]: 0 0 0 0 0
[  576.243332][  T335] Node 0 DMA: 194*4kB (U) 84*8kB (U) 38*16kB (UM) 30*32kB (UM) 11*64kB (UM) 1*128kB (M) 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4104kB
[  576.243482][  T335] Node 0 DMA32: 720*4kB (UE) 475*8kB (UME) 240*16kB (UME) 216*32kB (UME) 90*64kB (UME) 30*128kB (UME) 6*256kB (UM) 2*512kB (M) 3*1024kB (UM) 0*2048kB 0*4096kB = 32664kB
[  576.272879][   T54] usb 13-1: config 0 descriptor??
[  576.282672][  T335] Node 1 DMA32: 3690*4kB (UME) 6524*8kB (UME) 4910*16kB (UME) 291*32kB (UME) 92*64kB (UME) 48*128kB (UME) 34*256kB (UME) 21*512kB (UM) 9*1024kB (U) 1*2048kB (U) 0*4096kB = 197576kB
[  576.397791][  T335] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  576.402126][  T335] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  576.406218][  T335] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  576.410144][  T335] Node 1 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  576.414004][  T335] 19898 total pagecache pages
[  576.415552][  T335] 723 pages in swap cache
[  576.417000][  T335] Free swap  = 91920kB
[  576.418347][  T335] Total swap = 124996kB
[  576.419803][  T335] 524155 pages RAM
[  576.421107][  T335] 0 pages HighMem/MovableOnly
[  576.422731][  T335] 210115 pages reserved
[  576.424151][  T335] 0 pages cma reserved
[  576.714740][   T54] savu 0003:1E7D:2D5A.001F: hiddev0,hidraw1: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.8-1/input0
[  576.968103][T32427] usb 13-1: USB disconnect, device number 21
[  577.769027][  T394] netlink: 'syz.8.11739': attribute type 1 has an invalid length.
[  577.772524][  T394] netlink: 88 bytes leftover after parsing attributes in process `syz.8.11739'.
[  577.776241][  T394] netlink: 1 bytes leftover after parsing attributes in process `syz.8.11739'.
[  577.779865][  T394] netlink: 'syz.8.11739': attribute type 1 has an invalid length.
[  577.783419][  T394] netlink: 634 bytes leftover after parsing attributes in process `syz.8.11739'.
[  578.088781][   T54] usb 13-1: new high-speed USB device number 22 using dummy_hcd
[  578.263073][   T54] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  578.266748][   T54] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  578.270061][   T54] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  578.274469][   T54] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  578.277479][   T54] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  578.281476][   T54] usb 13-1: config 0 descriptor??
[  578.373083][  T429] netlink: 44 bytes leftover after parsing attributes in process `syz.3.11754'.
[  578.502198][  T436] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  578.568092][  T442] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11760'.
[  578.571672][  T442] netlink: 'syz.1.11760': attribute type 20 has an invalid length.
[  578.574748][  T442] netlink: 'syz.1.11760': attribute type 21 has an invalid length.
[  578.706279][   T54] plantronics 0003:047F:FFFF.0020: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[  578.875540][  T462] input: syz0 as /devices/virtual/input/input102
[  578.962999][  T843] usb 13-1: USB disconnect, device number 22
[  579.173666][  T471] input: syz1 as /devices/virtual/input/input103
[  579.238299][  T474] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11774'.
[  579.287021][   T40] kauditd_printk_skb: 54 callbacks suppressed
[  579.287032][   T40] audit: type=1326 audit(2000000765.958:3269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=476 comm="syz.1.11776" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f64f6c code=0x0
[  579.418227][  T482] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  579.516723][  T488] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  579.519723][  T488] IPv6: NLM_F_CREATE should be set when creating new route
[  579.842071][  T506] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11789'.
[  580.129879][   T54] hid-generic 0000:0000:0000.0021: unknown main item tag 0x0
[  580.155392][  T525] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.11797'.
[  580.195787][   T54] hid-generic 0000:0000:0000.0021: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  580.233067][  T529] fido_id[529]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  580.246094][  T531] overlay: filesystem on ./file0 not supported as upperdir
[  580.685828][  T569] netlink: 4 bytes leftover after parsing attributes in process `syz.3.11817'.
[  580.976152][  T591] netlink: 7 bytes leftover after parsing attributes in process `syz.8.11826'.
[  581.409039][ T6213] hid-generic 0005:15C2:5508.0022: item fetching failed at offset 0/9
[  581.411918][ T6213] hid-generic 0005:15C2:5508.0022: probe with driver hid-generic failed with error -22
[  581.464806][ T5951] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  581.470519][ T5951] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  581.474848][ T5951] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  581.478662][ T5951] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  581.485168][ T5951] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  581.523993][  T620] ip6_vti0 speed is unknown, defaulting to 1000
[  581.562493][  T628] netlink: 4 bytes leftover after parsing attributes in process `syz.8.11845'.
[  581.634663][  T620] lo speed is unknown, defaulting to 1000
[  581.680705][  T634] input: syz0 as /devices/virtual/input/input104
[  581.828654][  T620] chnl_net:caif_netlink_parms(): no params data found
[  581.868596][  T620] bridge0: port 1(bridge_slave_0) entered blocking state
[  581.870901][  T620] bridge0: port 1(bridge_slave_0) entered disabled state
[  581.873903][  T620] bridge_slave_0: entered allmulticast mode
[  581.876640][  T620] bridge_slave_0: entered promiscuous mode
[  581.879926][  T620] bridge0: port 2(bridge_slave_1) entered blocking state
[  581.882401][  T620] bridge0: port 2(bridge_slave_1) entered disabled state
[  581.884719][  T620] bridge_slave_1: entered allmulticast mode
[  581.887466][  T620] bridge_slave_1: entered promiscuous mode
[  581.902656][  T620] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  581.907646][  T620] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  581.923785][  T620] team0: Port device team_slave_0 added
[  581.927121][  T620] team0: Port device team_slave_1 added
[  581.941150][  T620] batman_adv: batadv0: Adding interface: batadv_slave_0
[  581.943709][  T620] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  581.952203][  T620] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  581.956982][  T620] batman_adv: batadv0: Adding interface: batadv_slave_1
[  581.959314][  T620] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  581.967948][  T620] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  582.006560][  T620] hsr_slave_0: entered promiscuous mode
[  582.009158][  T620] hsr_slave_1: entered promiscuous mode
[  582.011695][  T620] debugfs: 'hsr0' already exists in 'hsr'
[  582.013585][  T620] Cannot create hsr debugfs directory
[  582.052871][  T657] netlink: 64 bytes leftover after parsing attributes in process `syz.0.11856'.
[  582.596597][  T620] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  582.611755][  T620] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  582.620674][  T620] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  582.626517][  T620] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  582.686544][  T620] 8021q: adding VLAN 0 to HW filter on device bond0
[  582.696153][  T620] 8021q: adding VLAN 0 to HW filter on device team0
[  582.701243][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  582.703656][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  582.713613][ T1191] bridge0: port 2(bridge_slave_1) entered blocking state
[  582.716061][ T1191] bridge0: port 2(bridge_slave_1) entered forwarding state
[  582.844612][  T620] 8021q: adding VLAN 0 to HW filter on device batadv0
[  582.979557][  T620] veth0_vlan: entered promiscuous mode
[  582.985632][  T620] veth1_vlan: entered promiscuous mode
[  583.000145][  T620] veth0_macvtap: entered promiscuous mode
[  583.004593][  T620] veth1_macvtap: entered promiscuous mode
[  583.013991][  T620] batman_adv: batadv0: Interface activated: batadv_slave_0
[  583.019924][  T620] batman_adv: batadv0: Interface activated: batadv_slave_1
[  583.029439][ T1191] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  583.032864][ T1191] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  583.036511][ T1191] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  583.039548][ T1191] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  583.096749][ T1191] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  583.099296][ T1191] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  583.126663][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  583.129225][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  583.466474][  T785] netlink: 52 bytes leftover after parsing attributes in process `syz.5.11884'.
[  583.571739][ T5951] Bluetooth: hci3: command tx timeout
[  584.260061][   T40] audit: type=1800 audit(2000000770.928:3270): pid=839 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.11899" name="SYSV00000000" dev="tmpfs" ino=1 res=0 errno=0
[  584.681654][ T5946] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  585.281852][   T54] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  585.641800][ T5946] Bluetooth: hci3: command tx timeout
[  586.601571][ T5951] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  586.602081][ T5946] Bluetooth: hci5: command 0x1003 tx timeout
[  587.721726][ T5946] Bluetooth: hci3: command tx timeout
[  589.801701][ T5946] Bluetooth: hci3: command tx timeout
[  590.158690][ T5348] udevd[5348]: worker [15002] /devices/virtual/block/nbd1 timeout; kill it
[  590.162014][ T5348] udevd[5348]: seq 17928 '/devices/virtual/block/nbd1' killed
[  594.041725][T28359] block nbd1: Possible stuck request ffff8880278c8000: control (read@0,4096B). Runtime 300 seconds
[  595.817552][ T6030] libceph: connect (1)[c::]:6789 error -101
[  595.820468][ T6030] libceph: mon0 (1)[c::]:6789 connect error
[  595.860676][   T54] libceph: connect (1)[b::]:6789 error -101
[  595.863346][   T54] libceph: mon0 (1)[b::]:6789 connect error
[  596.094142][ T6030] libceph: connect (1)[c::]:6789 error -101
[  596.095198][ T1005] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  596.096193][ T6030] libceph: mon0 (1)[c::]:6789 connect error
[  596.124817][   T54] libceph: connect (1)[b::]:6789 error -101
[  596.127731][   T54] libceph: mon0 (1)[b::]:6789 connect error
[  596.142588][ T1010] netlink: 'syz.5.11954': attribute type 3 has an invalid length.
[  596.611869][T27807] libceph: connect (1)[c::]:6789 error -101
[  596.621037][T27807] libceph: mon0 (1)[c::]:6789 connect error
[  596.632077][   T54] libceph: connect (1)[b::]:6789 error -101
[  596.634179][   T54] libceph: mon0 (1)[b::]:6789 connect error
[  596.643322][  T967] ceph: No mds server is up or the cluster is laggy
[  596.643328][  T981] ceph: No mds server is up or the cluster is laggy
[  596.826029][ T1052] ip6_vti0 speed is unknown, defaulting to 1000
[  596.883052][ T1057] veth1_vlan: left promiscuous mode
[  596.909404][ T1052] lo speed is unknown, defaulting to 1000
[  598.163826][ T1115] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  598.208437][ T1116] can0: slcan on ptm0.
[  598.501565][   T54] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[  598.652107][   T54] usb 10-1: Using ep0 maxpacket: 8
[  598.655191][   T54] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  598.659094][   T54] usb 10-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  598.662895][   T54] usb 10-1: config 0 interface 0 has no altsetting 0
[  598.665893][   T54] usb 10-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  598.669241][   T54] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  598.678166][   T54] usb 10-1: config 0 descriptor??
[  598.733370][ T1111] can0 (unregistered): slcan off ptm0.
[  599.091007][   T54] mcp2221 0003:04D8:00DD.0023: unknown main item tag 0x0
[  599.096564][   T54] mcp2221 0003:04D8:00DD.0023: unknown main item tag 0x0
[  599.098959][   T54] mcp2221 0003:04D8:00DD.0023: unknown main item tag 0x0
[  599.101844][   T54] mcp2221 0003:04D8:00DD.0023: unknown main item tag 0x0
[  599.104241][   T54] mcp2221 0003:04D8:00DD.0023: unknown main item tag 0x0
[  599.106966][   T54] mcp2221 0003:04D8:00DD.0023: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[  599.291669][ T6015] usb 10-1: USB disconnect, device number 21
[  599.674420][ T1172] netlink: 212368 bytes leftover after parsing attributes in process `syz.8.12004'.
[  599.693011][ T1174] netlink: 16 bytes leftover after parsing attributes in process `syz.0.12005'.
[  599.747871][ T1177] netlink: 16 bytes leftover after parsing attributes in process `syz.0.12005'.
[  599.872747][ T1175] sr 2:0:0:0: [sr0] CDROM not ready.  Make sure there is a disc in the drive.
[  599.990010][   T40] audit: type=1326 audit(2000000786.658:3271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1187 comm="syz.5.12011" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f57f6c code=0x0
[  600.125383][ T1202] netlink: 36 bytes leftover after parsing attributes in process `syz.8.12016'.
[  600.821546][ T1230] ip6_vti0 speed is unknown, defaulting to 1000
[  600.908315][ T1230] lo speed is unknown, defaulting to 1000
[  601.092682][   T40] audit: type=1326 audit(2000000787.768:3272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1248 comm="syz.5.12037" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f57f6c code=0x0
[  601.791074][ T1280] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.12050'.
[  601.859758][ T1286] input input105: cannot allocate more than FF_MAX_EFFECTS effects
[  601.954757][ T1295] netlink: 15 bytes leftover after parsing attributes in process `syz.3.12057'.
[  602.066181][ T1307] ip6gre1: entered promiscuous mode
[  602.068239][ T1307] ip6gre1: entered allmulticast mode
[  602.071774][ T1299] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  602.074320][ T1299] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  602.084478][ T1299] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  602.111306][ T1299] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  602.121888][ T1299] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  602.129578][ T1299] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  602.134148][ T1310] ip6_vti0 speed is unknown, defaulting to 1000
[  602.245077][ T1310] lo speed is unknown, defaulting to 1000
[  602.500681][ T1341] Invalid argument reading file caps for ./file0
[  602.824158][ T1369] netlink: 'syz.5.12086': attribute type 2 has an invalid length.
[  602.927693][ T1383] vivid-006: disconnect
[  602.929829][ T1382] vivid-006: reconnect
[  603.034355][ T1391] tipc: Started in network mode
[  603.036136][ T1391] tipc: Node identity ac14142f, cluster identity 4711
[  603.038547][ T1391] tipc: New replicast peer: 0.0.0.0
[  603.040722][ T1391] tipc: Enabled bearer <udp:syz2>, priority 10
[  603.044209][ T1391] tipc: New replicast peer: 255.255.255.255
[  603.146414][ T1393] kvm: apic: phys broadcast and lowest prio
[  603.560409][ T6015] libceph: connect (1)[c::]:6789 error -101
[  603.562553][ T6015] libceph: mon0 (1)[c::]:6789 connect error
[  603.601614][ T1415] ceph: No mds server is up or the cluster is laggy
[  603.715410][   T40] audit: type=1326 audit(2000000790.388:3273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1420 comm="syz.8.12108" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3f6c code=0x7ffc0000
[  603.723067][   T40] audit: type=1326 audit(2000000790.388:3274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1420 comm="syz.8.12108" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3f6c code=0x7ffc0000
[  603.731486][   T40] audit: type=1326 audit(2000000790.398:3275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1420 comm="syz.8.12108" exe="/syz-executor" sig=0 arch=40000003 syscall=259 compat=1 ip=0xf7fc3f6c code=0x7ffc0000
[  603.739067][   T40] audit: type=1326 audit(2000000790.398:3276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1420 comm="syz.8.12108" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3f6c code=0x7ffc0000
[  603.751475][   T40] audit: type=1326 audit(2000000790.398:3277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1420 comm="syz.8.12108" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc3f6c code=0x7ffc0000
[  603.758342][   T40] audit: type=1326 audit(2000000790.398:3278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1420 comm="syz.8.12108" exe="/syz-executor" sig=0 arch=40000003 syscall=260 compat=1 ip=0xf7fc3f6c code=0x7ffc0000
[  603.765572][   T40] audit: type=1326 audit(2000000790.398:3279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1420 comm="syz.8.12108" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc3f88 code=0x7ffc0000
[  603.772415][   T40] audit: type=1326 audit(2000000790.398:3280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1420 comm="syz.8.12108" exe="/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7fc3f88 code=0x7ffc0000
[  603.954304][ T1433] 9pnet: p9_errstr2errno: server reported unknown error ÿÿ
[  604.031565][  T763] tipc: Node number set to 2886997039
[  604.041993][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  604.121633][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  604.123238][ T5951] Bluetooth: hci1: command 0x0c1a tx timeout
[  606.201622][ T5951] Bluetooth: hci3: command 0x0c1a tx timeout
[  606.201692][ T5946] Bluetooth: hci1: command 0x0c1a tx timeout
[  608.281599][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  608.281625][ T5951] Bluetooth: hci1: command 0x0c1a tx timeout
[  614.674844][ T1502] ip6_vti0 speed is unknown, defaulting to 1000
[  614.782065][ T6015] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  614.799429][ T1502] lo speed is unknown, defaulting to 1000
[  614.961445][ T6015] usb 5-1: Using ep0 maxpacket: 32
[  614.965705][ T6015] usb 5-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  614.969715][ T6015] usb 5-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  614.975138][ T6015] usb 5-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  614.978960][ T6015] usb 5-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  614.985338][ T6015] usb 5-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  614.988632][ T6015] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  614.991592][ T6015] usb 5-1: Product: syz
[  614.993069][ T6015] usb 5-1: Manufacturer: syz
[  614.994788][ T6015] usb 5-1: SerialNumber: syz
[  615.004178][    C3] imon 5-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  615.014355][ T6015] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:155.0/input/input106
[  615.231678][ T6015] imon 5-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  615.234657][ T6015]  (id 0x00)
[  615.291948][ T6015] rc_core: IR keymap rc-imon-pad not found
[  615.294162][ T6015] Registered IR keymap rc-empty
[  615.295919][ T6015] imon 5-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  615.299421][ T6015] imon 5-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  615.419067][ T1548] netlink: 120 bytes leftover after parsing attributes in process `syz.3.12147'.
[  615.433437][ T6015] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:155.0/rc/rc0
[  615.440653][ T6015] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:155.0/rc/rc0/input107
[  615.460755][ T6015] imon 5-1:155.0: iMON device (15c2:ffdc, intf0) on usb<5:28> initialized
[  615.623359][ T1490] imon:display_open: display port is already open
[  615.630227][  T830] usb 5-1: USB disconnect, device number 28
[  615.806819][ T1573] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12159'.
[  616.172894][ T1607] netlink: 44 bytes leftover after parsing attributes in process `syz.0.12171'.
[  616.175909][ T1607] netlink: 43 bytes leftover after parsing attributes in process `syz.0.12171'.
[  616.178964][ T1607] netlink: 'syz.0.12171': attribute type 5 has an invalid length.
[  616.183527][ T1607] netlink: 43 bytes leftover after parsing attributes in process `syz.0.12171'.
[  616.701586][T32427] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  616.711480][  T830] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[  616.851608][T32427] usb 5-1: Using ep0 maxpacket: 8
[  616.856170][T32427] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  616.860541][T32427] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  616.881443][T32427] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  616.885228][T32427] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  616.889959][T32427] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  616.893132][T32427] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  616.905599][  T830] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  616.909796][  T830] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  616.914462][  T830] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  616.918118][  T830] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  616.926157][ T1641] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  616.932584][  T830] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  617.105394][T32427] usb 5-1: GET_CAPABILITIES returned 0
[  617.107249][T32427] usbtmc 5-1:16.0: can't read capabilities
[  617.213370][  T763] usb 10-1: USB disconnect, device number 22
[  617.306824][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.309983][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.313038][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.315867][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.318704][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.321586][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.324599][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.327460][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.331388][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.334456][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.337719][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.340638][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.343556][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.346470][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.349378][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.352340][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  617.357443][   T29] usb 5-1: USB disconnect, device number 29
[  617.386927][ T1666] netlink: 'syz.3.12199': attribute type 12 has an invalid length.
[  617.389579][ T1666] netlink: 'syz.3.12199': attribute type 29 has an invalid length.
[  617.392433][ T1666] netlink: 148 bytes leftover after parsing attributes in process `syz.3.12199'.
[  617.396744][ T1666] netlink: 'syz.3.12199': attribute type 2 has an invalid length.
[  617.400148][ T1666] netlink: 'syz.3.12199': attribute type 3 has an invalid length.
[  617.405201][ T1666] netlink: 11 bytes leftover after parsing attributes in process `syz.3.12199'.
[  617.562652][ T5951] Bluetooth: hci1: command 0x0c1a tx timeout
[  618.114102][ T1703] netdevsim netdevsim8 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  618.180652][ T1703] netdevsim netdevsim8 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  618.237046][ T1703] netdevsim netdevsim8 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  618.296625][ T1703] netdevsim netdevsim8 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  618.409083][   T80] netdevsim netdevsim8 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  618.424821][   T46] netdevsim netdevsim8 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  618.438730][T20858] netdevsim netdevsim8 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  618.452464][   T80] netdevsim netdevsim8 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  618.464098][ T1711] input: syz1 as /devices/virtual/input/input108
[  618.764602][ T1730] netlink: 4 bytes leftover after parsing attributes in process `syz.3.12228'.
[  618.790627][ T1728] 9pnet: p9_errstr2errno: server reported unknown error ./file0
[  618.832317][ T1735] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12230'.
[  618.835595][ T1735] netlink: 12 bytes leftover after parsing attributes in process `syz.0.12230'.
[  618.880286][   T40] kauditd_printk_skb: 221 callbacks suppressed
[  618.880299][   T40] audit: type=1326 audit(2000000805.548:3502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1740 comm="syz.5.12231" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57f6c code=0x7ffc0000
[  618.890026][   T40] audit: type=1326 audit(2000000805.548:3503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1740 comm="syz.5.12231" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57f6c code=0x7ffc0000
[  618.897673][   T40] audit: type=1326 audit(2000000805.558:3504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1740 comm="syz.5.12231" exe="/syz-executor" sig=0 arch=40000003 syscall=430 compat=1 ip=0xf7f57f6c code=0x7ffc0000
[  618.911140][   T40] audit: type=1326 audit(2000000805.558:3505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1740 comm="syz.5.12231" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57f6c code=0x7ffc0000
[  618.919092][   T40] audit: type=1326 audit(2000000805.558:3506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1740 comm="syz.5.12231" exe="/syz-executor" sig=0 arch=40000003 syscall=431 compat=1 ip=0xf7f57f6c code=0x7ffc0000
[  618.928918][   T40] audit: type=1326 audit(2000000805.558:3507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1740 comm="syz.5.12231" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57f6c code=0x7ffc0000
[  618.949126][   T40] audit: type=1326 audit(2000000805.558:3508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1740 comm="syz.5.12231" exe="/syz-executor" sig=0 arch=40000003 syscall=432 compat=1 ip=0xf7f57f6c code=0x7ffc0000
[  618.960126][   T40] audit: type=1326 audit(2000000805.558:3509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1740 comm="syz.5.12231" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57f6c code=0x7ffc0000
[  618.969721][   T40] audit: type=1326 audit(2000000805.558:3510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1740 comm="syz.5.12231" exe="/syz-executor" sig=0 arch=40000003 syscall=304 compat=1 ip=0xf7f57f6c code=0x7ffc0000
[  618.979122][   T40] audit: type=1326 audit(2000000805.558:3511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1740 comm="syz.5.12231" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f57f6c code=0x7ffc0000
[  619.211441][ T6030] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  619.315443][ T1767] bond1: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  619.322449][ T1767] bond1: (slave lo): Enslaving as an active interface with an up link
[  619.342607][ T1767] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  619.357628][ T1770] ip6_vti0 speed is unknown, defaulting to 1000
[  619.377198][ T6030] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  619.382954][ T6030] usb 5-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  619.389944][ T6030] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  619.394098][ T6030] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  619.397994][ T6030] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  619.402504][ T6030] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  619.407327][ T6030] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  619.410371][ T6030] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  619.413546][ T6030] usb 5-1: Product: syz
[  619.414993][ T6030] usb 5-1: Manufacturer: syz
[  619.433877][ T1748] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  619.437246][ T6030] cdc_wdm 5-1:1.0: skipping garbage
[  619.440206][ T6030] cdc_wdm 5-1:1.0: skipping garbage
[  619.446686][ T6030] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  619.448727][ T6030] cdc_wdm 5-1:1.0: Unknown control protocol
[  619.525193][ T1770] lo speed is unknown, defaulting to 1000
[  619.641596][T26266] usb 13-1: new high-speed USB device number 23 using dummy_hcd
[  619.644023][ T5951] Bluetooth: hci1: command 0x0c1a tx timeout
[  619.660958][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  619.663722][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  619.666535][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  619.669296][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  619.672125][    C0] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  619.674044][ T6213] kernel write not supported for file /cdc-wdm0 (pid: 6213 comm: kworker/3:5)
[  619.674898][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  619.680578][    C0] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[  619.682078][ T6213] usb 5-1: USB disconnect, device number 30
[  619.791498][T26266] usb 13-1: Using ep0 maxpacket: 16
[  619.795237][T26266] usb 13-1: config 0 has no interfaces?
[  619.799582][T26266] usb 13-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  619.804171][T26266] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  619.807707][T26266] usb 13-1: Product: syz
[  619.809678][T26266] usb 13-1: Manufacturer: syz
[  619.812143][T26266] usb 13-1: SerialNumber: syz
[  619.817006][T26266] usb 13-1: config 0 descriptor??
[  619.988585][ T1776] tipc: Started in network mode
[  619.990709][ T1776] tipc: Node identity 080211000001, cluster identity 4711
[  619.994013][ T1776] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  620.082284][ T6030] usb 13-1: USB disconnect, device number 23
[  621.001575][T31511] tipc: Node number set to 134418688
[  621.178960][ T1819] 9pnet: p9_errstr2errno: server reported unknown error 000
[  621.777614][ T1854] kvm: Disabled LAPIC found during irq injection
[  621.931838][ T1863] __nla_validate_parse: 3 callbacks suppressed
[  621.931882][ T1863] netlink: 212348 bytes leftover after parsing attributes in process `syz.5.12281'.
[  623.252436][ T1936] netlink: 67 bytes leftover after parsing attributes in process `syz.8.12315'.
[  623.771736][ T1966] netlink: 'syz.3.12327': attribute type 12 has an invalid length.
[  623.774824][ T1966] netlink: 'syz.3.12327': attribute type 29 has an invalid length.
[  623.778031][ T1966] netlink: 148 bytes leftover after parsing attributes in process `syz.3.12327'.
[  623.782073][ T1966] netlink: 59 bytes leftover after parsing attributes in process `syz.3.12327'.
[  624.126472][T28359] block nbd1: Possible stuck request ffff8880278c8000: control (read@0,4096B). Runtime 330 seconds
[  624.226627][ T1994] loop9: detected capacity change from 0 to 7
[  624.229581][T27206] Dev loop9: unable to read RDB block 7
[  624.241431][T27206]  loop9: unable to read partition table
[  624.243449][T27206] loop9: partition table beyond EOD, truncated
[  624.256076][ T1994] Dev loop9: unable to read RDB block 7
[  624.258223][ T1994]  loop9: unable to read partition table
[  624.260241][ T1994] loop9: partition table beyond EOD, truncated
[  624.262992][ T1994] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  624.682635][ T2028] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.12355'.
[  624.970263][ T2055] 9pnet: p9_errstr2errno: server reported unknown error 0x0000
[  625.032244][ T2064] ip6_vti0 speed is unknown, defaulting to 1000
[  625.158029][ T2064] lo speed is unknown, defaulting to 1000
[  625.582552][T31511] hid-generic 0000:0000:0000.0024: unknown main item tag 0x0
[  625.647632][T31511] hid-generic 0000:0000:0000.0024: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  625.709752][ T2093] ip6_vti0 speed is unknown, defaulting to 1000
[  625.772233][ T2094] fido_id[2094]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  625.846410][ T2107] smc: net device bond0 applied user defined pnetid SYZ2
[  625.849365][ T2107] netlink: 14 bytes leftover after parsing attributes in process `syz.0.12389'.
[  625.857132][ T2107] smc: removing net device bond0 with user defined pnetid SYZ2
[  625.861986][ T2107] bond0 (unregistering): Released all slaves
[  625.927535][   T40] kauditd_printk_skb: 20 callbacks suppressed
[  625.927552][   T40] audit: type=1326 audit(2000000812.598:3532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2108 comm="syz.8.12390" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fc3f6c code=0x0
[  625.946197][ T2093] lo speed is unknown, defaulting to 1000
[  626.115160][ T2120] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  626.118234][ T2120] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  626.211682][ T2122] netlink: 20 bytes leftover after parsing attributes in process `syz.5.12395'.
[  629.111843][   T71] usb 13-1: new high-speed USB device number 24 using dummy_hcd
[  629.247068][ T1416] ieee802154 phy0 wpan0: encryption failed: -22
[  629.272834][   T71] usb 13-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  629.276018][ T2203] netlink: 'syz.5.12426': attribute type 3 has an invalid length.
[  629.276437][   T71] usb 13-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  629.279854][ T2203] netlink: 666 bytes leftover after parsing attributes in process `syz.5.12426'.
[  629.283904][   T71] usb 13-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  629.290807][   T71] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  629.295570][ T2188] raw-gadget.1 gadget.8: fail, usb_ep_enable returned -22
[  629.299773][   T71] usb 13-1: Quirk or no altset; falling back to MIDI 1.0
[  629.370955][ T2207] netlink: 'syz.5.12428': attribute type 9 has an invalid length.
[  629.373772][ T2207] netlink: 'syz.5.12428': attribute type 11 has an invalid length.
[  629.376688][ T2207] netlink: 'syz.5.12428': attribute type 12 has an invalid length.
[  629.379262][ T2207] netlink: 210020 bytes leftover after parsing attributes in process `syz.5.12428'.
[  629.383458][ T2207] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12428'.
[  629.505056][   T71] usb 13-1: USB disconnect, device number 24
[  629.933227][ T2224] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.12435'.
[  630.881067][ T2245] netlink: 212368 bytes leftover after parsing attributes in process `syz.5.12445'.
[  630.967526][ T5951] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  630.974746][ T5951] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  630.980266][ T5951] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  630.984996][ T5951] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  630.987739][ T5951] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  631.018508][ T2248] ip6_vti0 speed is unknown, defaulting to 1000
[  631.028554][ T2254] smc: net device bond0 applied user defined pnetid SYZ2
[  631.032502][ T2254] netlink: 14 bytes leftover after parsing attributes in process `syz.5.12447'.
[  631.052947][ T2254] smc: removing net device bond0 with user defined pnetid SYZ2
[  631.061783][ T2254] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  631.073556][ T2254] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  631.077630][ T2254] bond0 (unregistering): Released all slaves
[  631.131903][ T2248] lo speed is unknown, defaulting to 1000
[  631.401479][   T71] usb 13-1: new high-speed USB device number 25 using dummy_hcd
[  631.430626][ T2248] chnl_net:caif_netlink_parms(): no params data found
[  631.497772][ T2248] bridge0: port 1(bridge_slave_0) entered blocking state
[  631.500143][ T2248] bridge0: port 1(bridge_slave_0) entered disabled state
[  631.502966][ T2248] bridge_slave_0: entered allmulticast mode
[  631.506229][ T2248] bridge_slave_0: entered promiscuous mode
[  631.509586][ T2248] bridge0: port 2(bridge_slave_1) entered blocking state
[  631.512215][ T2248] bridge0: port 2(bridge_slave_1) entered disabled state
[  631.515073][ T2248] bridge_slave_1: entered allmulticast mode
[  631.518846][ T2248] bridge_slave_1: entered promiscuous mode
[  631.540001][ T2248] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  631.545988][ T2248] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  631.552750][   T71] usb 13-1: config index 0 descriptor too short (expected 45, got 36)
[  631.555559][   T71] usb 13-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  631.559416][   T71] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  631.563264][   T71] usb 13-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  631.566431][   T71] usb 13-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  631.570609][   T71] usb 13-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  631.571150][ T2248] team0: Port device team_slave_0 added
[  631.573925][   T71] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  631.577891][ T2248] team0: Port device team_slave_1 added
[  631.579940][   T71] usb 13-1: config 0 descriptor??
[  631.609847][ T2248] batman_adv: batadv0: Adding interface: batadv_slave_0
[  631.612747][ T2248] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  631.630333][ T2248] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  631.636647][ T2248] batman_adv: batadv0: Adding interface: batadv_slave_1
[  631.639494][ T2248] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  631.649327][ T2248] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  631.674372][ T2248] hsr_slave_0: entered promiscuous mode
[  631.676873][ T2248] hsr_slave_1: entered promiscuous mode
[  631.679054][ T2248] debugfs: 'hsr0' already exists in 'hsr'
[  631.680965][ T2248] Cannot create hsr debugfs directory
[  631.786857][ T2268] syz.5.12451: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz5,mems_allowed=0-1
[  631.793196][ T2268] CPU: 1 UID: 0 PID: 2268 Comm: syz.5.12451 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  631.793215][ T2268] Tainted: [L]=SOFTLOCKUP
[  631.793219][ T2268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  631.793227][ T2268] Call Trace:
[  631.793231][ T2268]  <TASK>
[  631.793236][ T2268]  dump_stack_lvl+0x100/0x190
[  631.793261][ T2268]  warn_alloc.cold+0x95/0x1c1
[  631.793284][ T2268]  ? __pfx_warn_alloc+0x10/0x10
[  631.793310][ T2268]  ? kasan_save_stack+0x3f/0x50
[  631.793335][ T2268]  ? kasan_save_stack+0x30/0x50
[  631.793351][ T2268]  ? kasan_save_track+0x14/0x30
[  631.793369][ T2268]  ? xskq_create+0xfb/0x1d0
[  631.793384][ T2268]  __vmalloc_node_range_noprof+0x1252/0x1530
[  631.793404][ T2268]  ? xskq_create+0xfb/0x1d0
[  631.793420][ T2268]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  631.793440][ T2268]  ? xskq_create+0xfb/0x1d0
[  631.793451][ T2268]  vmalloc_user_noprof+0x9e/0xe0
[  631.793465][ T2268]  ? xskq_create+0xfb/0x1d0
[  631.793478][ T2268]  xskq_create+0xfb/0x1d0
[  631.793492][ T2268]  xsk_setsockopt+0x56f/0xab0
[  631.793506][ T2268]  ? __pfx_xsk_setsockopt+0x10/0x10
[  631.793517][ T2268]  ? find_held_lock+0x2b/0x80
[  631.793529][ T2268]  ? aa_sock_opt_perm+0xfe/0x1b0
[  631.793546][ T2268]  ? __pfx_xsk_setsockopt+0x10/0x10
[  631.793558][ T2268]  do_sock_setsockopt+0xf3/0x1d0
[  631.793579][ T2268]  __sys_setsockopt+0x119/0x190
[  631.793596][ T2268]  __ia32_sys_setsockopt+0xbc/0x160
[  631.793611][ T2268]  ? __do_fast_syscall_32+0x94/0x8c0
[  631.793628][ T2268]  ? lockdep_hardirqs_on+0x78/0x100
[  631.793644][ T2268]  __do_fast_syscall_32+0xe3/0x8c0
[  631.793662][ T2268]  do_fast_syscall_32+0x32/0x70
[  631.793679][ T2268]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  631.793693][ T2268] RIP: 0023:0xf7f57f6c
[  631.793703][ T2268] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  631.793713][ T2268] RSP: 002b:00000000f541650c EFLAGS: 00000292 ORIG_RAX: 000000000000016e
[  631.793724][ T2268] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000000000011b
[  631.793730][ T2268] RDX: 0000000000000002 RSI: 0000000080000280 RDI: 0000000000000004
[  631.793737][ T2268] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  631.793743][ T2268] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000
[  631.793749][ T2268] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  631.793763][ T2268]  </TASK>
[  631.793767][ T2268] Mem-Info:
[  631.880474][ T2268] active_anon:1230 inactive_anon:1197 isolated_anon:0
[  631.880474][ T2268]  active_file:8990 inactive_file:1470 isolated_file:0
[  631.880474][ T2268]  unevictable:1768 dirty:340 writeback:0
[  631.880474][ T2268]  slab_reclaimable:7983 slab_unreclaimable:85951
[  631.880474][ T2268]  mapped:22454 shmem:1780 pagetables:1735
[  631.880474][ T2268]  sec_pagetables:329 bounce:0
[  631.880474][ T2268]  kernel_misc_reclaimable:0
[  631.880474][ T2268]  free:56307 free_pcp:2675 free_cma:0
[  631.900245][ T2268] Node 0 active_anon:64kB inactive_anon:40kB active_file:1200kB inactive_file:1232kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:2068kB dirty:12kB writeback:0kB shmem:3544kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:8352kB pagetables:1276kB sec_pagetables:1136kB all_unreclaimable? yes Balloon:0kB
[  631.913958][ T2268] Node 1 active_anon:4856kB inactive_anon:4748kB active_file:34760kB inactive_file:4648kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:87748kB dirty:1348kB writeback:0kB shmem:3576kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:7652kB pagetables:5664kB sec_pagetables:180kB all_unreclaimable? no Balloon:0kB
[  631.926920][ T2268] Node 0 DMA free:4036kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:16kB inactive_anon:0kB active_file:128kB inactive_file:132kB unevictable:0kB writepending:0kB zspages:16kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:136kB local_pcp:0kB free_cma:0kB
[  631.937818][ T2268] lowmem_reserve[]: 0 285 285 285 285
[  631.939605][ T2268] Node 0 DMA32 free:30052kB boost:16384kB min:29456kB low:32724kB high:35992kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:40kB active_file:1072kB inactive_file:1100kB unevictable:3536kB writepending:12kB zspages:600kB present:1032196kB managed:292588kB mlocked:0kB bounce:0kB free_pcp:1108kB local_pcp:156kB free_cma:0kB
[  631.950169][ T2268] lowmem_reserve[]: 0 0 0 0 0
[  631.951845][ T2268] Node 1 DMA32 free:191140kB boost:4096kB min:51236kB low:63020kB high:74804kB reserved_highatomic:0KB free_highatomic:0KB active_anon:4856kB inactive_anon:4748kB active_file:34760kB inactive_file:4648kB unevictable:3536kB writepending:1348kB zspages:5944kB present:1048432kB managed:948212kB mlocked:0kB bounce:0kB free_pcp:9456kB local_pcp:1840kB free_cma:0kB
[  631.962086][ T2268] lowmem_reserve[]: 0 0 0 0 0
[  631.963670][ T2268] Node 0 DMA: 141*4kB (UM) 90*8kB (UM) 40*16kB (UM) 32*32kB (UM) 11*64kB (UM) 1*128kB (M) 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4036kB
[  631.968556][ T2268] Node 0 DMA32: 697*4kB (UME) 498*8kB (UME) 257*16kB (UME) 209*32kB (UME) 89*64kB (UME) 29*128kB (UME) 4*256kB (UM) 2*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 30052kB
[  631.974000][ T2268] Node 1 DMA32: 3355*4kB (UE) 6183*8kB (UE) 4978*16kB (UM) 285*32kB (UME) 104*64kB (UME) 48*128kB (UME) 30*256kB (UME) 21*512kB (UME) 0*1024kB 0*2048kB 2*4096kB (U) = 191076kB
[  631.979560][ T2268] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  631.982711][ T2268] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  631.985740][ T2268] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  631.988811][ T2268] Node 1 hugepages_total=2 hugepages_free=1 hugepages_surp=0 hugepages_size=2048kB
[  631.991937][ T2268] 13590 total pagecache pages
[  631.993473][ T2268] 1329 pages in swap cache
[  631.994930][ T2268] Free swap  = 93988kB
[  631.996265][ T2268] Total swap = 124996kB
[  631.997626][ T2268] 524155 pages RAM
[  631.998855][ T2268] 0 pages HighMem/MovableOnly
[  631.998913][   T71] plantronics 0003:047F:FFFF.0025: reserved main item tag 0xd
[  632.000409][ T2268] 210115 pages reserved
[  632.004252][ T2268] 0 pages cma reserved
[  632.015181][   T71] plantronics 0003:047F:FFFF.0025: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[  632.111324][ T2271] 9pnet: p9_errstr2errno: server reported unknown error ile1
[  632.253551][   T71] usb 13-1: USB disconnect, device number 25
[  632.310177][ T2248] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  632.315101][ T2248] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  632.319408][ T2248] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  632.323812][ T2248] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  632.382635][ T2248] 8021q: adding VLAN 0 to HW filter on device bond0
[  632.394562][ T2248] 8021q: adding VLAN 0 to HW filter on device team0
[  632.401670][   T46] bridge0: port 1(bridge_slave_0) entered blocking state
[  632.404639][   T46] bridge0: port 1(bridge_slave_0) entered forwarding state
[  632.413084][ T1191] bridge0: port 2(bridge_slave_1) entered blocking state
[  632.416283][ T1191] bridge0: port 2(bridge_slave_1) entered forwarding state
[  632.580382][ T2248] 8021q: adding VLAN 0 to HW filter on device batadv0
[  632.757358][ T2248] veth0_vlan: entered promiscuous mode
[  632.774722][ T2248] veth1_vlan: entered promiscuous mode
[  632.797685][ T2248] veth0_macvtap: entered promiscuous mode
[  632.802351][ T2248] veth1_macvtap: entered promiscuous mode
[  632.818228][ T2294] syzkaller1: entered promiscuous mode
[  632.820749][ T2294] syzkaller1: entered allmulticast mode
[  632.827753][ T2248] batman_adv: batadv0: Interface activated: batadv_slave_0
[  632.863196][ T2248] batman_adv: batadv0: Interface activated: batadv_slave_1
[  632.870511][  T154] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  632.875925][  T154] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  632.883489][  T154] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  632.887466][  T154] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  632.947531][  T223] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  632.950241][  T223] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  632.985122][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  632.987985][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  633.081886][ T5951] Bluetooth: hci1: command tx timeout
[  633.449270][ T2336] netlink: 212348 bytes leftover after parsing attributes in process `syz.8.12472'.
[  633.452732][ T2336] netlink: Unknown conntrack attr (0)
[  633.698247][ T2365] netlink: 304 bytes leftover after parsing attributes in process `syz.7.12479'.
[  633.847240][   T40] audit: type=1804 audit(2000000820.518:3533): pid=2376 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.12488" name="/newroot/376/file1" dev="tmpfs" ino=1970 res=1 errno=0
[  634.337494][ T2410] netlink: 'syz.8.12500': attribute type 3 has an invalid length.
[  635.125684][ T2406] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  635.128229][ T5946] Bluetooth: hci1: Opcode 0x206a failed: -112
[  635.134186][ T2406] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  635.136209][ T2406] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  635.143159][ T2406] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  635.200601][ T2439] syzkaller1: entered promiscuous mode
[  635.203142][ T2439] syzkaller1: entered allmulticast mode
[  635.771972][   T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
[  636.008011][   T40] audit: type=1804 audit(2000000822.678:3534): pid=2475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.12529" name="/newroot/156/file1" dev="tmpfs" ino=833 res=1 errno=0
[  636.033965][ T2476] netlink: 304 bytes leftover after parsing attributes in process `syz.8.12528'.
[  636.361483][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout
[  637.161509][ T5946] Bluetooth: hci1: command 0x0419 tx timeout
[  637.492941][ T2500] ip6_vti0 speed is unknown, defaulting to 1000
[  637.582066][ T2500] lo speed is unknown, defaulting to 1000
[  637.790757][ T2510] netlink: 212348 bytes leftover after parsing attributes in process `syz.0.12542'.
[  637.801808][ T2510] netlink: Unknown conntrack attr (0)
[  637.826798][ T2512] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12548'.
[  637.939430][ T2527] netlink: 304 bytes leftover after parsing attributes in process `syz.5.12541'.
[  638.032363][ T2532] IPv4: Oversized IP packet from 127.202.26.0
[  638.420823][ T2560] veth0: entered promiscuous mode
[  638.434764][ T2560] veth0: left promiscuous mode
[  639.195610][ T2583] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  639.203287][ T2583] tipc: Disabling bearer <eth:syzkaller0>
[  639.259366][ T5946] Bluetooth: hci1: command 0x0419 tx timeout
[  639.468464][ T2597] bond2: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  639.476722][ T2597] bond2: (slave lo): Enslaving as an active interface with an up link
[  639.481071][ T2597] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  639.729615][ T2616] ip6_vti0 speed is unknown, defaulting to 1000
[  639.821687][ T2625] Bluetooth: MGMT ver 1.23
[  639.878843][ T2616] lo speed is unknown, defaulting to 1000
[  640.022369][T32427] usb 10-1: new high-speed USB device number 23 using dummy_hcd
[  640.181490][T32427] usb 10-1: Using ep0 maxpacket: 16
[  640.184503][T32427] usb 10-1: config 0 has no interfaces?
[  640.187971][T32427] usb 10-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  640.191205][T32427] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  640.194002][T32427] usb 10-1: Product: syz
[  640.195507][T32427] usb 10-1: Manufacturer: syz
[  640.197452][T32427] usb 10-1: SerialNumber: syz
[  640.202896][T32427] usb 10-1: config 0 descriptor??
[  640.449544][ T2616] netlink: 28 bytes leftover after parsing attributes in process `syz.5.12574'.
[  640.512013][   T71] usb 10-1: USB disconnect, device number 23
[  640.630070][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  640.642024][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  640.645757][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  640.649737][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  641.321472][ T5946] Bluetooth: hci1: command 0x0419 tx timeout
[  641.818507][ T2709] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  642.213588][ T2724] netlink: 212348 bytes leftover after parsing attributes in process `syz.0.12609'.
[  642.269018][ T2726] kvm: Disabled LAPIC found during irq injection
[  642.706654][ T2774] netlink: 212348 bytes leftover after parsing attributes in process `syz.7.12627'.
[  643.025030][ T6015] libceph: connect (1)[c::]:6789 error -101
[  643.027692][ T6015] libceph: mon0 (1)[c::]:6789 connect error
[  643.281808][ T6015] libceph: connect (1)[c::]:6789 error -101
[  643.284320][ T6015] libceph: mon0 (1)[c::]:6789 connect error
[  643.401507][ T5946] Bluetooth: hci1: command 0x0419 tx timeout
[  643.801684][ T6015] libceph: connect (1)[c::]:6789 error -101
[  643.804416][ T6015] libceph: mon0 (1)[c::]:6789 connect error
[  643.851766][ T2793] ceph: No mds server is up or the cluster is laggy
[  643.905918][   T40] audit: type=1326 audit(2000000830.578:3535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2817 comm="syz.8.12645" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7fc3f6c code=0x0
[  644.312845][ T2827] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12649'.
[  644.323701][ T2823] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.338928][ T2827] hsr_slave_0: left promiscuous mode
[  644.342274][ T2827] hsr_slave_1: left promiscuous mode
[  644.449857][ T2823] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.595907][ T2823] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.703220][ T2823] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  644.791319][ T2838] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  644.821231][   T80] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  644.848398][   T46] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  644.863546][   T13] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  644.866342][   T13] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  644.902434][ T2848] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12654'.
[  644.915238][ T2848] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12654'.
[  645.277522][ T2884] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  645.402597][ T2884] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  645.499607][ T2884] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  645.502268][ T5946] Bluetooth: hci1: command 0x0419 tx timeout
[  645.652334][ T2884] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  645.659471][ T2902] loop9: detected capacity change from 0 to 7
[  645.671562][ T2902] Dev loop9: unable to read RDB block 7
[  645.673438][ T2902]  loop9: unable to read partition table
[  645.682348][ T2902] loop9: partition table beyond EOD, truncated
[  645.687430][ T2902] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[  645.808132][   T46] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  645.810939][   T46] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  645.824615][   T46] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  645.836571][  T223] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  647.104047][ T2962] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  647.215681][ T2962] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  647.276241][ T2962] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  647.338477][ T2962] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  647.449912][   T46] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  647.480623][   T46] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  647.484268][   T46] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  647.508203][ T1191] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  648.249310][ T3037] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  648.271257][ T3041] netdevsim netdevsim7 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  648.338692][ T3041] netdevsim netdevsim7 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  648.903655][ T3059] netlink: 'syz.5.12729': attribute type 12 has an invalid length.
[  648.906342][ T3059] netlink: 'syz.5.12729': attribute type 3 has an invalid length.
[  648.909277][ T3059] netlink: 'syz.5.12729': attribute type 4 has an invalid length.
[  648.912232][ T3059] netlink: 108 bytes leftover after parsing attributes in process `syz.5.12729'.
[  648.935197][ T3041] netdevsim netdevsim7 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  649.009017][ T3041] netdevsim netdevsim7 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  649.081084][   T60] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  649.105136][   T60] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  649.117425][  T154] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  649.129470][  T154] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  649.283061][ T3073] netlink: 'syz.5.12735': attribute type 4 has an invalid length.
[  649.293257][ T3077] netlink: 'syz.7.12737': attribute type 3 has an invalid length.
[  649.329439][ T3081] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12738'.
[  649.541338][T25862] hid-generic 0000:0000:0000.0026: unknown main item tag 0x0
[  649.545399][T25862] hid-generic 0000:0000:0000.0026: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  649.656073][ T3092] fido_id[3092]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  649.731583][  T763] usb 12-1: new high-speed USB device number 5 using dummy_hcd
[  649.744774][ T3099] syzkaller1: entered promiscuous mode
[  649.746736][ T3099] syzkaller1: entered allmulticast mode
[  649.901470][  T763] usb 12-1: Using ep0 maxpacket: 8
[  649.904553][  T763] usb 12-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  649.908163][  T763] usb 12-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0
[  649.911988][  T763] usb 12-1: config 0 interface 0 has no altsetting 0
[  649.914251][  T763] usb 12-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  649.917327][  T763] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  649.922071][  T763] usb 12-1: config 0 descriptor??
[  650.339268][  T763] mcp2221 0003:04D8:00DD.0027: unknown main item tag 0x0
[  650.341872][  T763] mcp2221 0003:04D8:00DD.0027: unknown main item tag 0x0
[  650.344201][  T763] mcp2221 0003:04D8:00DD.0027: unknown main item tag 0x0
[  650.346469][  T763] mcp2221 0003:04D8:00DD.0027: unknown main item tag 0x0
[  650.348741][  T763] mcp2221 0003:04D8:00DD.0027: unknown main item tag 0x0
[  650.351450][  T763] mcp2221 0003:04D8:00DD.0027: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.7-1/input0
[  650.463225][ T3107] netlink: 'syz.0.12750': attribute type 3 has an invalid length.
[  650.535551][T25862] usb 12-1: USB disconnect, device number 5
[  651.162750][ T3116] ip6_vti0 speed is unknown, defaulting to 1000
[  651.257008][ T3116] lo speed is unknown, defaulting to 1000
[  651.417908][ T3119] netlink: 4 bytes leftover after parsing attributes in process `syz.7.12754'.
[  651.701649][ T3127] netlink: 304 bytes leftover after parsing attributes in process `syz.0.12756'.
[  652.796400][ T3168] netlink: 'syz.0.12773': attribute type 1 has an invalid length.
[  652.810523][ T3168] smc: adding net device bond0 with user defined pnetid SYZ2
[  652.822271][ T3168] 8021q: adding VLAN 0 to HW filter on device bond0
[  652.845094][ T3168] bond0: (slave geneve2): making interface the new active one
[  652.848811][ T3168] bond0: (slave geneve2): Enslaving as an active interface with an up link
[  653.122723][ T3199] netlink: 'syz.8.12786': attribute type 1 has an invalid length.
[  653.138834][ T3199] 8021q: adding VLAN 0 to HW filter on device bond3
[  653.164838][ T3199] bond3: (slave geneve2): making interface the new active one
[  653.168386][ T3199] bond3: (slave geneve2): Enslaving as an active interface with an up link
[  653.673037][ T3236] ip6_vti0 speed is unknown, defaulting to 1000
[  653.718702][ T3238] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12800'.
[  653.762587][ T3236] lo speed is unknown, defaulting to 1000
[  653.990543][ T3244] netlink: 'syz.5.12801': attribute type 1 has an invalid length.
[  654.049494][ T3244] smc: adding net device bond0 with user defined pnetid SYZ2
[  654.054081][ T3244] 8021q: adding VLAN 0 to HW filter on device bond0
[  654.064247][ T3250] bond0: (slave geneve2): making interface the new active one
[  654.068407][ T3250] bond0: (slave geneve2): Enslaving as an active interface with an up link
[  654.103974][   T40] audit: type=1326 audit(2000000840.778:3536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3253 comm="syz.7.12807" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x0
[  654.212297][T28359] block nbd1: Possible stuck request ffff8880278c8000: control (read@0,4096B). Runtime 360 seconds
[  654.751846][ T3266] netlink: 4 bytes leftover after parsing attributes in process `syz.5.12811'.
[  655.421855][   T24] usb 12-1: new full-speed USB device number 6 using dummy_hcd
[  655.572685][   T24] usb 12-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  655.576074][   T24] usb 12-1: config 0 interface 0 altsetting 69 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  655.580433][   T24] usb 12-1: config 0 interface 0 has no altsetting 0
[  655.584955][   T24] usb 12-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.00
[  655.587972][   T24] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  655.596810][   T24] usb 12-1: config 0 descriptor??
[  655.601415][   T24] input: bcm5974 as /devices/platform/dummy_hcd.7/usb12/12-1/12-1:0.0/input/input110
[  655.810407][ T5333] bcm5974 12-1:0.0: could not read from device
[  655.812923][   T29] usb 12-1: USB disconnect, device number 6
[  655.815256][T15154] bcm5974 12-1:0.0: could not read from device
[  655.835944][ T3308] team0: Port device syz_tun added
[  656.301434][   T29] usb 10-1: new full-speed USB device number 24 using dummy_hcd
[  656.452699][   T29] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  656.456219][   T29] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  656.461109][   T29] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  656.465313][   T29] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  656.611601][T31511] usb 12-1: new high-speed USB device number 7 using dummy_hcd
[  656.675873][   T29] usb 10-1: usb_control_msg returned -32
[  656.678413][   T29] usbtmc 10-1:16.0: can't read capabilities
[  656.763068][T31511] usb 12-1: config 0 has no interfaces?
[  656.766860][T31511] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  656.770998][T31511] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  656.774573][T31511] usb 12-1: Product: syz
[  656.776458][T31511] usb 12-1: Manufacturer: syz
[  656.780461][T31511] usb 12-1: config 0 descriptor??
[  656.992298][T31511] usb 12-1: USB disconnect, device number 7
[  657.037105][ T3338] usbtmc 10-1:16.0: usbtmc_ioctl_request failed -32
[  657.040072][  T763] usb 10-1: USB disconnect, device number 24
[  657.321538][ T3351] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12847'.
[  657.641538][   T24] usb 12-1: new high-speed USB device number 8 using dummy_hcd
[  657.793859][   T24] usb 12-1: config 0 has no interfaces?
[  657.797715][   T24] usb 12-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  657.800952][   T24] usb 12-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  657.807078][   T24] usb 12-1: Product: syz
[  657.808485][   T24] usb 12-1: Manufacturer: syz
[  657.816341][   T24] usb 12-1: config 0 descriptor??
[  657.984731][ T3378] netlink: 16178 bytes leftover after parsing attributes in process `syz.8.12857'.
[  658.029102][   T24] usb 12-1: USB disconnect, device number 8
[  658.531465][   T71] usb 13-1: new full-speed USB device number 26 using dummy_hcd
[  658.683663][   T71] usb 13-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  658.687958][   T71] usb 13-1: config 0 interface 0 altsetting 69 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  658.693079][   T71] usb 13-1: config 0 interface 0 has no altsetting 0
[  658.695459][   T71] usb 13-1: New USB device found, idVendor=05ac, idProduct=0224, bcdDevice= 0.00
[  658.698579][   T71] usb 13-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  658.703506][   T71] usb 13-1: config 0 descriptor??
[  658.708164][   T71] input: bcm5974 as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:0.0/input/input111
[  658.900293][   T40] audit: type=1800 audit(2000000845.568:3537): pid=3412 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.12874" name="nullb0" dev="devtmpfs" ino=5256 res=0 errno=0
[  658.914462][ T5333] bcm5974 13-1:0.0: could not read from device
[  658.923197][ T5333] bcm5974 13-1:0.0: could not read from device
[  658.930595][ T5333] bcm5974 13-1:0.0: could not read from device
[  658.931572][   T71] usb 13-1: USB disconnect, device number 26
[  659.211577][T26266] usb 10-1: new high-speed USB device number 25 using dummy_hcd
[  659.382725][T26266] usb 10-1: config 0 has no interfaces?
[  659.386360][T26266] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  659.390290][T26266] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  659.394164][T26266] usb 10-1: Product: syz
[  659.395589][T26266] usb 10-1: Manufacturer: syz
[  659.405800][T26266] usb 10-1: config 0 descriptor??
[  659.614469][T26266] usb 10-1: USB disconnect, device number 25
[  660.261443][   T24] usb 10-1: new high-speed USB device number 26 using dummy_hcd
[  660.413035][   T24] usb 10-1: config 0 has no interfaces?
[  660.416449][   T24] usb 10-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  660.419428][   T24] usb 10-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  660.422405][   T24] usb 10-1: Product: syz
[  660.423879][   T24] usb 10-1: Manufacturer: syz
[  660.427360][   T24] usb 10-1: config 0 descriptor??
[  660.635406][   T24] usb 10-1: USB disconnect, device number 26
[  660.731437][  T763] usb 13-1: new high-speed USB device number 27 using dummy_hcd
[  660.791567][T25862] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  660.891491][  T763] usb 13-1: Using ep0 maxpacket: 32
[  660.897767][  T763] usb 13-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  660.902449][  T763] usb 13-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  660.906914][  T763] usb 13-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  660.910739][  T763] usb 13-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  660.922928][  T763] usb 13-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  660.926039][  T763] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  660.928693][  T763] usb 13-1: Product: syz
[  660.930085][  T763] usb 13-1: Manufacturer: syz
[  660.931852][  T763] usb 13-1: SerialNumber: syz
[  660.942911][    C1] imon 13-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  660.946102][  T763] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:155.0/input/input112
[  660.951430][T25862] usb 5-1: Using ep0 maxpacket: 8
[  660.956525][T25862] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  660.960682][T25862] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  660.965247][T25862] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  660.968718][T25862] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  660.978261][T25862] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  660.982154][T25862] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  661.191442][  T763] imon 13-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  661.194145][  T763]  (id 0x00)
[  661.199199][T25862] usb 5-1: GET_CAPABILITIES returned 0
[  661.207659][T25862] usbtmc 5-1:16.0: can't read capabilities
[  661.242481][  T763] rc_core: IR keymap rc-imon-pad not found
[  661.244475][  T763] Registered IR keymap rc-empty
[  661.246111][  T763] imon 13-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  661.249413][  T763] imon 13-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  661.383666][  T763] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:155.0/rc/rc0
[  661.388400][  T763] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:155.0/rc/rc0/input113
[  661.395447][  T763] imon 13-1:155.0: iMON device (15c2:ffdc, intf0) on usb<13:27> initialized
[  661.421097][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  661.424837][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  661.428818][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  661.432769][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  661.436603][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  661.440401][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  661.444794][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  661.447744][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  661.450638][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  661.453734][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  661.456715][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  661.459584][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  661.462496][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  661.465494][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  661.468463][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  661.478976][    C2] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2
[  661.482425][ T3463] netlink: 'syz.7.12896': attribute type 1 has an invalid length.
[  661.484561][   T34] usb 5-1: USB disconnect, device number 31
[  661.524604][ T3463] 8021q: adding VLAN 0 to HW filter on device bond1
[  661.546134][ T3463] bond1: (slave geneve2): making interface the new active one
[  661.549694][ T3463] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  661.568514][  T763] usb 13-1: USB disconnect, device number 27
[  662.150124][ T3502] netlink: 1363 bytes leftover after parsing attributes in process `syz.7.12913'.
[  662.159533][ T3504] netlink: 27 bytes leftover after parsing attributes in process `syz.8.12914'.
[  662.341601][   T34] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[  662.511442][   T34] usb 10-1: Using ep0 maxpacket: 32
[  662.514585][   T34] usb 10-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  662.518937][   T34] usb 10-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  662.528190][   T34] usb 10-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  662.533290][   T34] usb 10-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  662.540173][   T34] usb 10-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  662.544830][   T34] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  662.548107][   T34] usb 10-1: Product: syz
[  662.550063][   T34] usb 10-1: Manufacturer: syz
[  662.552002][   T34] usb 10-1: SerialNumber: syz
[  662.558174][ T3535] netlink: 4 bytes leftover after parsing attributes in process `syz.8.12928'.
[  662.558691][    C3] imon 10-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  662.572056][   T34] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:155.0/input/input114
[  662.791810][   T34] imon 10-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  662.795225][   T34]  (id 0x00)
[  662.841438][   T34] rc_core: IR keymap rc-imon-pad not found
[  662.844023][   T34] Registered IR keymap rc-empty
[  662.846310][   T34] imon 10-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  662.850703][   T34] imon 10-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  662.982001][   T34] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:155.0/rc/rc0
[  662.986868][   T34] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:155.0/rc/rc0/input115
[  662.997637][   T34] imon 10-1:155.0: iMON device (15c2:ffdc, intf0) on usb<10:27> initialized
[  663.171907][    C3] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  663.177052][   T71] usb 10-1: USB disconnect, device number 27
[  663.493243][ T3595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12950'.
[  663.497635][ T3595] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12950'.
[  663.841556][ T3617] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12959'.
[  663.845900][ T3617] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12959'.
[  663.988867][ T3625] netlink: 8 bytes leftover after parsing attributes in process `syz.8.12965'.
[  664.291792][T25862] usb 10-1: new high-speed USB device number 28 using dummy_hcd
[  664.441906][T25862] usb 10-1: Using ep0 maxpacket: 8
[  664.445793][T25862] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  664.450163][T25862] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  664.454342][T25862] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  664.458164][T25862] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  664.463622][T25862] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  664.467309][T25862] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  664.678359][T25862] usb 10-1: GET_CAPABILITIES returned 0
[  664.680383][T25862] usbtmc 10-1:16.0: can't read capabilities
[  664.878080][ T3647] syz_tun: entered allmulticast mode
[  664.887041][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  664.889290][ T3647] syz_tun: left allmulticast mode
[  664.890435][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  664.895938][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  664.899272][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  664.902318][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  664.905463][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  664.908635][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  664.911716][    C2] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  664.916830][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  664.921437][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  664.924808][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  664.930616][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  664.934549][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  664.938521][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  664.942457][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  664.950256][    C3] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2
[  664.963488][T25862] usb 10-1: USB disconnect, device number 28
[  665.070870][ T3659] netlink: 'syz.7.12980': attribute type 2 has an invalid length.
[  665.075573][ T3659] netlink: 48 bytes leftover after parsing attributes in process `syz.7.12980'.
[  665.132306][ T3663] netlink: 28 bytes leftover after parsing attributes in process `syz.7.12982'.
[  665.135219][ T3663] netlink: 'syz.7.12982': attribute type 7 has an invalid length.
[  665.137732][ T3663] netlink: 'syz.7.12982': attribute type 8 has an invalid length.
[  665.641132][ T3683] syz_tun: entered allmulticast mode
[  665.654392][ T3683] syz_tun: left allmulticast mode
[  666.031522][ T6030] usb 12-1: new high-speed USB device number 9 using dummy_hcd
[  666.191499][ T6030] usb 12-1: Using ep0 maxpacket: 8
[  666.194693][ T6030] usb 12-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  666.198039][ T6030] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  666.201217][ T6030] usb 12-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  666.204621][ T6030] usb 12-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  666.209158][ T6030] usb 12-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  666.212223][ T6030] usb 12-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  666.423921][ T6030] usb 12-1: GET_CAPABILITIES returned 0
[  666.425932][ T6030] usbtmc 12-1:16.0: can't read capabilities
[  666.639220][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  666.642286][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  666.645253][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  666.648503][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  666.653639][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  666.656632][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  666.659599][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  666.662668][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  666.665625][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  666.673672][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  666.676609][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  666.679517][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  666.682598][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  666.685539][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  666.691841][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  666.694868][    C0] usbtmc 12-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -2
[  666.699890][ T6030] usb 12-1: USB disconnect, device number 9
[  666.889642][   T40] audit: type=1326 audit(2000000853.558:3538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3748 comm="syz.0.13017" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf707ef6c code=0x0
[  667.078254][ T3760] input: syz1 as /devices/virtual/input/input116
[  667.247868][ T3762] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  667.310618][ T3765] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  667.318048][ T3765] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  667.978123][ T3789] syz_tun: entered allmulticast mode
[  667.983350][ T3789] syz_tun: left allmulticast mode
[  668.211655][  T830] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  668.383368][  T830] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  668.388399][  T830] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  668.392769][  T830] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  668.398180][  T830] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  668.403880][  T830] usb 5-1: config 0 descriptor??
[  668.819790][  T830] cm6533_jd 0003:0D8C:0022.0028: unknown main item tag 0x0
[  668.829129][  T830] cm6533_jd 0003:0D8C:0022.0028: unknown main item tag 0x0
[  668.833403][  T830] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.0/usb5/5-1/5-1:0.0/0003:0D8C:0022.0028/input/input117
[  668.841295][  T830] cm6533_jd 0003:0D8C:0022.0028: input,hiddev0,hidraw1: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.0-1/input0
[  669.020649][  T830] usb 5-1: USB disconnect, device number 32
[  669.641622][ T5946] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  670.261420][   T34] libceph: connect (1)[c::]:6789 error -101
[  670.264874][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  670.314513][T31511] libceph: connect (1)[c::]:6789 error -101
[  670.317637][T31511] libceph: mon0 (1)[c::]:6789 connect error
[  670.531952][   T34] libceph: connect (1)[c::]:6789 error -101
[  670.534644][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  670.572308][T31511] libceph: connect (1)[c::]:6789 error -101
[  670.574452][T31511] libceph: mon0 (1)[c::]:6789 connect error
[  671.053906][   T34] libceph: connect (1)[c::]:6789 error -101
[  671.056648][   T34] libceph: mon0 (1)[c::]:6789 connect error
[  671.082339][T31511] libceph: connect (1)[c::]:6789 error -101
[  671.085247][T31511] libceph: mon0 (1)[c::]:6789 connect error
[  671.094640][ T3868] ceph: No mds server is up or the cluster is laggy
[  671.094660][ T3861] ceph: No mds server is up or the cluster is laggy
[  671.435462][ T3907] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  671.501221][ T3914] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  671.564400][ T3918] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  672.466764][ T3934] __nla_validate_parse: 3 callbacks suppressed
[  672.466781][ T3934] netlink: 4 bytes leftover after parsing attributes in process `syz.7.13093'.
[  672.476827][ T3934] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  673.014933][   T40] audit: type=1326 audit(2000000859.688:3539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3958 comm="syz.7.13104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  673.022974][   T40] audit: type=1326 audit(2000000859.688:3540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3958 comm="syz.7.13104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  673.030693][   T40] audit: type=1326 audit(2000000859.688:3541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3958 comm="syz.7.13104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  673.038467][   T40] audit: type=1326 audit(2000000859.688:3542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3958 comm="syz.7.13104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  673.049916][   T40] audit: type=1326 audit(2000000859.698:3543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3958 comm="syz.7.13104" exe="/syz-executor" sig=0 arch=40000003 syscall=432 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  673.058027][   T40] audit: type=1326 audit(2000000859.698:3544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3958 comm="syz.7.13104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  673.065498][   T40] audit: type=1326 audit(2000000859.698:3545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3958 comm="syz.7.13104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  673.073057][   T40] audit: type=1326 audit(2000000859.698:3546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3958 comm="syz.7.13104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  673.080396][   T40] audit: type=1326 audit(2000000859.698:3547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3958 comm="syz.7.13104" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  673.084233][  T830] usb 10-1: new high-speed USB device number 29 using dummy_hcd
[  673.088231][   T40] audit: type=1326 audit(2000000859.698:3548): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3958 comm="syz.7.13104" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf701ef6c code=0x7ffc0000
[  673.252062][  T830] usb 10-1: Using ep0 maxpacket: 32
[  673.255152][  T830] usb 10-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  673.261042][  T830] usb 10-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  673.265199][  T830] usb 10-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  673.268795][  T830] usb 10-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  673.275292][  T830] usb 10-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  673.278349][  T830] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  673.281026][  T830] usb 10-1: Product: syz
[  673.282830][  T830] usb 10-1: Manufacturer: syz
[  673.284434][  T830] usb 10-1: SerialNumber: syz
[  673.294015][    C2] imon 10-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  673.298881][  T830] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:155.0/input/input118
[  673.479998][T31511] hid-generic 0000:0003:0001.0029: unknown main item tag 0x0
[  673.482603][T31511] hid-generic 0000:0003:0001.0029: unknown main item tag 0x0
[  673.486066][T31511] hid-generic 0000:0003:0001.0029: hidraw1: <UNKNOWN> HID v0.03 Device [syz0] on syz1
[  673.533871][ T3982] fido_id[3982]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  673.541540][  T830] imon 10-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  673.547958][  T830]  (id 0x00)
[  673.602464][  T830] rc_core: IR keymap rc-imon-pad not found
[  673.604403][  T830] Registered IR keymap rc-empty
[  673.606024][  T830] imon 10-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  673.609332][  T830] imon 10-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  673.612650][ T3995] ip6_vti0 speed is unknown, defaulting to 1000
[  673.708445][ T3995] lo speed is unknown, defaulting to 1000
[  673.732538][  T830] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:155.0/rc/rc0
[  673.760414][  T830] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:155.0/rc/rc0/input119
[  673.771432][  T830] imon 10-1:155.0: iMON device (15c2:ffdc, intf0) on usb<10:29> initialized
[  673.972576][T26266] usb 10-1: USB disconnect, device number 29
[  673.973305][ T3957] imon:send_packet: packet tx failed (-71)
[  673.991646][ T3957] imon:vfd_write: send packet #0 failed
[  674.099869][ T4027] Bluetooth: hci0: invalid len left 7, exp >= 131
[  674.256106][ T6030] libceph: connect (1)[c::]:6789 error -101
[  674.258897][ T6030] libceph: mon0 (1)[c::]:6789 connect error
[  674.305940][  T830] libceph: connect (1)[c::]:6789 error -101
[  674.308330][  T830] libceph: mon0 (1)[c::]:6789 connect error
[  674.374609][ T4053] ip6_vti0 speed is unknown, defaulting to 1000
[  674.457221][ T4053] lo speed is unknown, defaulting to 1000
[  674.521853][ T6030] libceph: connect (1)[c::]:6789 error -101
[  674.523894][ T6030] libceph: mon0 (1)[c::]:6789 connect error
[  674.571947][  T830] libceph: connect (1)[c::]:6789 error -101
[  674.575209][  T830] libceph: mon0 (1)[c::]:6789 connect error
[  674.790616][   T34] hid-generic 0000:0003:0001.002A: unknown main item tag 0x0
[  674.793445][   T34] hid-generic 0000:0003:0001.002A: unknown main item tag 0x0
[  674.799286][   T34] hid-generic 0000:0003:0001.002A: hidraw1: <UNKNOWN> HID v0.03 Device [syz0] on syz1
[  674.824339][ T4082] Bluetooth: hci0: invalid len left 7, exp >= 131
[  674.891328][ T4083] fido_id[4083]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  674.971964][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  675.001642][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  675.031842][ T6030] libceph: connect (1)[c::]:6789 error -101
[  675.036072][ T6030] libceph: mon0 (1)[c::]:6789 connect error
[  675.076807][ T4041] ceph: No mds server is up or the cluster is laggy
[  675.076908][ T4047] ceph: No mds server is up or the cluster is laggy
[  675.081823][T25862] libceph: connect (1)[c::]:6789 error -101
[  675.083848][T25862] libceph: mon0 (1)[c::]:6789 connect error
[  675.121190][ T4099] geneve3: entered promiscuous mode
[  675.125537][ T4099] geneve3: entered allmulticast mode
[  675.246610][   T34] hid-generic 0000:0003:0001.002B: unknown main item tag 0x0
[  675.249696][   T34] hid-generic 0000:0003:0001.002B: unknown main item tag 0x0
[  675.254515][   T34] hid-generic 0000:0003:0001.002B: hidraw1: <UNKNOWN> HID v0.03 Device [syz0] on syz1
[  675.295517][ T4116] fido_id[4116]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  675.573494][ T4146] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  675.577513][ T4146] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  675.587541][ T4146] overlayfs: d_ino too big (., ino=4611686018427387905, xinobits=3)
[  675.593345][ T4146] overlayfs: d_ino too big (.., ino=4611686018427387905, xinobits=3)
[  675.596581][ T4146] overlayfs: d_ino too big (845, ino=9223372036854780209, xinobits=3)
[  675.602093][ T4146] overlayfs: d_ino too big (syzcgroup, ino=9223372036854775816, xinobits=3)
[  675.606870][ T4146] overlayfs: d_ino too big (syz-inputs, ino=9223372036854775815, xinobits=3)
[  675.609869][ T4146] overlayfs: d_ino too big (sys, ino=9223372036854775814, xinobits=3)
[  675.613423][ T4146] overlayfs: d_ino too big (selinux, ino=9223372036854775813, xinobits=3)
[  675.616967][ T4146] overlayfs: d_ino too big (proc, ino=9223372036854775812, xinobits=3)
[  675.620429][ T4146] overlayfs: d_ino too big (dev, ino=9223372036854775811, xinobits=3)
[  675.625513][ T4146] overlayfs: d_ino too big (instances, ino=4611686018427388127, xinobits=3)
[  675.909986][ T4176] loop1: detected capacity change from 0 to 4
[  675.913479][T27206] Dev loop1: unable to read RDB block 4
[  675.915254][T27206]  loop1: unable to read partition table
[  675.917153][T27206] loop1: partition table beyond EOD, truncated
[  675.926483][ T4176] Dev loop1: unable to read RDB block 4
[  675.928338][ T4176]  loop1: unable to read partition table
[  675.930453][ T4176] loop1: partition table beyond EOD, truncated
[  675.933222][ T4176] loop_reread_partitions: partition scan of loop1 (þ被xü—ŸÑà– ) failed (rc=-5)
[  676.000190][ T4182] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13205'.
[  676.005187][ T4182] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  676.281578][   T34] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  676.452616][   T34] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  676.455421][   T34] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  676.458644][   T34] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  676.462994][   T34] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  676.465914][   T34] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  676.468459][   T34] usb 5-1: Product: syz
[  676.469872][   T34] usb 5-1: Manufacturer: syz
[  676.686656][T25862] usb 5-1: USB disconnect, device number 33
[  676.771020][ T4225] loop2: detected capacity change from 0 to 7
[  676.775192][ T4225]  loop2: [CUMANA/ADFS] p1 [ADFS] p1
[  676.777216][ T4225] loop2: partition table partially beyond EOD, truncated
[  676.779598][ T4225] loop2: p1 size 1898597519 extends beyond EOD, truncated
[  676.792233][ T4229] gretap1: entered promiscuous mode
[  676.795402][ T4229] batman_adv: batadv0: Adding interface: gretap1
[  676.798111][ T4229] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  676.808632][ T4229] batman_adv: batadv0: Not using interface gretap1 (retrying later): interface not active
[  676.829806][T27206] udevd[27206]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  676.841791][T27206] udevd[27206]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  677.054186][ T4245] netlink: 212328 bytes leftover after parsing attributes in process `syz.8.13225'.
[  677.057368][ T4245] netlink: Unknown conntrack attr (type=2304, max=9)
[  677.780284][ T4259] input: syz1 as /devices/virtual/input/input120
[  677.788433][ T4259] input: failed to attach handler leds to device input120, error: -6
[  677.895941][ T4263] netlink: 'syz.5.13232': attribute type 4 has an invalid length.
[  677.898497][ T4263] netlink: 'syz.5.13232': attribute type 8 has an invalid length.
[  677.901313][ T4263] netlink: 'syz.5.13232': attribute type 1 has an invalid length.
[  677.904014][ T4263] netlink: 172 bytes leftover after parsing attributes in process `syz.5.13232'.
[  677.907004][ T4263] NCSI netlink: No device for ifindex 0
[  677.978233][ T4269] netlink: 'syz.8.13235': attribute type 1 has an invalid length.
[  677.993442][ T4269] bond4: entered promiscuous mode
[  677.995338][ T4269] 8021q: adding VLAN 0 to HW filter on device bond4
[  678.017780][ T4269] bond4: (slave bridge2): making interface the new active one
[  678.020439][ T4269] bridge2: entered promiscuous mode
[  678.022954][ T4269] bond4: (slave bridge2): Enslaving as an active interface with an up link
[  678.120599][ T4277] netlink: 20 bytes leftover after parsing attributes in process `syz.5.13238'.
[  678.208714][ T4288] netlink: 212328 bytes leftover after parsing attributes in process `syz.7.13244'.
[  678.212970][ T4288] netlink: Unknown conntrack attr (type=2304, max=9)
[  678.556159][ T4312] netlink: 20 bytes leftover after parsing attributes in process `syz.0.13254'.
[  678.657317][ T4322] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  678.663154][ T4322] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  679.154915][ T4367] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  679.167198][ T4369] ip6_vti0 speed is unknown, defaulting to 1000
[  679.208669][   T40] kauditd_printk_skb: 30 callbacks suppressed
[  679.208681][   T40] audit: type=1326 audit(2000000865.878:3579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4368 comm="syz.0.13279" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf707ef6c code=0x0
[  679.307519][ T4369] lo speed is unknown, defaulting to 1000
[  679.521566][ T4383] netlink: 'syz.7.13284': attribute type 1 has an invalid length.
[  679.542332][ T4383] bond2: entered promiscuous mode
[  679.544302][ T4383] 8021q: adding VLAN 0 to HW filter on device bond2
[  679.588249][ T4383] bond2: (slave bridge1): making interface the new active one
[  679.590631][ T4383] bridge1: entered promiscuous mode
[  679.594883][ T4383] bond2: (slave bridge1): Enslaving as an active interface with an up link
[  679.799577][ T4397] KVM: debugfs: duplicate directory 4397-5
[  680.001464][ T6030] usb 13-1: new high-speed USB device number 28 using dummy_hcd
[  680.027459][ T4404] netlink: 28 bytes leftover after parsing attributes in process `syz.0.13294'.
[  680.151403][ T6030] usb 13-1: Using ep0 maxpacket: 32
[  680.154479][ T6030] usb 13-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  680.157904][ T6030] usb 13-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  680.162855][ T6030] usb 13-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  680.166716][ T6030] usb 13-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  680.177294][ T6030] usb 13-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  680.180416][ T6030] usb 13-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  680.183570][ T6030] usb 13-1: Product: syz
[  680.185084][ T6030] usb 13-1: Manufacturer: syz
[  680.186684][ T6030] usb 13-1: SerialNumber: syz
[  680.214171][    C0] imon 13-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  680.219952][ T6030] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:155.0/input/input121
[  680.331424][  T830] usb 10-1: new high-speed USB device number 30 using dummy_hcd
[  680.424914][ T6030] imon 13-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  680.427722][ T6030]  (id 0x00)
[  680.473147][ T6030] rc_core: IR keymap rc-imon-pad not found
[  680.475371][ T6030] Registered IR keymap rc-empty
[  680.477006][ T6030] imon 13-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  680.481945][  T830] usb 10-1: Using ep0 maxpacket: 16
[  680.487213][  T830] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  680.490447][ T6030] imon 13-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  680.490664][  T830] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  680.497214][  T830] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  680.501247][  T830] usb 10-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  680.504742][  T830] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  680.509043][  T830] usb 10-1: config 0 descriptor??
[  680.546108][ T4438] netlink: 'syz.7.13309': attribute type 1 has an invalid length.
[  680.549237][ T4438] netlink: 224 bytes leftover after parsing attributes in process `syz.7.13309'.
[  680.622491][ T6030] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:155.0/rc/rc0
[  680.632208][ T6030] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.8/usb13/13-1/13-1:155.0/rc/rc0/input122
[  680.638055][ T6030] imon 13-1:155.0: iMON device (15c2:ffdc, intf0) on usb<13:28> initialized
[  680.864867][ T4394] imon:send_packet: packet tx failed (-71)
[  680.864966][   T29] usb 13-1: USB disconnect, device number 28
[  680.881447][ T4394] imon:vfd_write: send packet #0 failed
[  680.928975][  T830] HID 045e:07da: Invalid code 65791 type 1
[  680.933368][  T830] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb10/10-1/10-1:0.0/0003:045E:07DA.002C/input/input123
[  680.939240][  T830] microsoft 0003:045E:07DA.002C: input,hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  681.133809][ T6030] usb 10-1: USB disconnect, device number 30
[  681.618620][  T763] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  681.695422][ T4467] ip6_vti0 speed is unknown, defaulting to 1000
[  681.782663][  T763] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  681.786569][  T763] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  681.787321][ T4467] lo speed is unknown, defaulting to 1000
[  681.789861][  T763] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  681.793671][ T4469] ip6_vti0 speed is unknown, defaulting to 1000
[  681.796715][  T763] usb 5-1: config 0 descriptor??
[  681.951899][ T4469] lo speed is unknown, defaulting to 1000
[  682.014977][  T763] usbhid 5-1:0.0: can't add hid device: -71
[  682.017659][  T763] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  682.033601][  T763] usb 5-1: USB disconnect, device number 34
[  682.340112][ T4485] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13328'.
[  682.437287][ T4490] netlink: 24 bytes leftover after parsing attributes in process `syz.8.13330'.
[  682.441086][ T4490] netlink: 24 bytes leftover after parsing attributes in process `syz.8.13330'.
[  682.451472][  T763] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  682.604332][  T763] usb 5-1: Using ep0 maxpacket: 32
[  682.626676][  T763] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  682.630960][  T763] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[  682.643678][  T763] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  682.649677][  T763] usb 5-1: config 0 descriptor??
[  682.657295][  T763] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  682.672114][  T763] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  682.725569][ T4500] netlink: 'syz.7.13335': attribute type 2 has an invalid length.
[  682.784749][ T4502] netlink: 8 bytes leftover after parsing attributes in process `syz.7.13336'.
[  682.945372][ T5946] block nbd6: Receive control failed (result -111)
[  683.111544][   T29] usb 5-1: USB disconnect, device number 35
[  683.125228][   T29] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  683.130486][ T4523] __nla_validate_parse: 2 callbacks suppressed
[  683.130504][ T4523] netlink: 12 bytes leftover after parsing attributes in process `syz.8.13343'.
[  683.140116][ T4523] netlink: 20 bytes leftover after parsing attributes in process `syz.8.13343'.
[  683.699052][ T4536] kvm: user requested TSC rate below hardware speed
[  684.279926][ T2248] 
[  684.280821][ T2248] ======================================================
[  684.281696][T28359] block nbd1: Possible stuck request ffff8880278c8000: control (read@0,4096B). Runtime 390 seconds
[  684.283153][ T2248] WARNING: possible circular locking dependency detected
[  684.289362][ T2248] syzkaller #0 Tainted: G             L     
[  684.291381][ T2248] ------------------------------------------------------
[  684.294290][ T2248] syz-executor/2248 is trying to acquire lock:
[  684.296351][ T2248] ffffffff8e9aa080 (fs_reclaim){+.+.}-{0:0}, at: prepare_alloc_pages+0x166/0x5f0
[  684.299275][ T2248] 
[  684.299275][ T2248] but task is already holding lock:
[  684.301660][ T2248] ffff888053c4a248 (mapping.invalidate_lock#2){++++}-{4:4}, at: filemap_fault+0x859/0x2eb0
[  684.304984][ T2248] 
[  684.304984][ T2248] which lock already depends on the new lock.
[  684.304984][ T2248] 
[  684.308209][ T2248] 
[  684.308209][ T2248] the existing dependency chain (in reverse order) is:
[  684.311097][ T2248] 
[  684.311097][ T2248] -> #7 (mapping.invalidate_lock#2){++++}-{4:4}:
[  684.313869][ T2248]        down_read+0x99/0x460
[  684.315566][ T2248]        do_page_cache_ra+0xfe/0x160
[  684.317477][ T2248]        page_cache_ra_order+0xc4e/0xf30
[  684.319259][ T2248]        filemap_fault+0x191a/0x2eb0
[  684.321013][ T2248]        __do_fault+0x10d/0x550
[  684.322612][ T2248]        do_fault+0xabb/0x1990
[  684.324185][ T2248]        __handle_mm_fault+0x180f/0x2b60
[  684.325995][ T2248]        handle_mm_fault+0x36d/0xa20
[  684.327752][ T2248]        do_user_addr_fault+0x74c/0x12f0
[  684.329585][ T2248]        exc_page_fault+0x6f/0xd0
[  684.331272][ T2248]        asm_exc_page_fault+0x26/0x30
[  684.333016][ T2248]        _copy_from_iter+0x350/0x1690
[  684.334746][ T2248]        tcp_sendmsg_locked+0xc8f/0x45e0
[  684.336594][ T2248]        tcp_sendmsg+0x2e/0x50
[  684.338137][ T2248]        inet_sendmsg+0xb9/0x140
[  684.339760][ T2248]        sock_write_iter+0x4ea/0x5a0
[  684.341496][ T2248]        vfs_write+0x6ac/0x1070
[  684.343089][ T2248]        ksys_write+0x1f8/0x250
[  684.344693][ T2248]        __do_fast_syscall_32+0xe3/0x8c0
[  684.346541][ T2248]        do_fast_syscall_32+0x32/0x70
[  684.348467][ T2248]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  684.350791][ T2248] 
[  684.350791][ T2248] -> #6 (sk_lock-AF_INET){+.+.}-{0:0}:
[  684.353299][ T2248]        lock_sock_nested+0x41/0xf0
[  684.354978][ T2248]        inet_shutdown+0x67/0x410
[  684.356517][ T2248]        nbd_mark_nsock_dead+0xae/0x5c0
[  684.358204][ T2248]        recv_work+0x5fb/0x8c0
[  684.359709][ T2248]        process_one_work+0xa23/0x19a0
[  684.361641][ T2248]        worker_thread+0x5ef/0xe50
[  684.363319][ T2248]        kthread+0x370/0x450
[  684.364971][ T2248]        ret_from_fork+0x754/0xd80
[  684.366688][ T2248]        ret_from_fork_asm+0x1a/0x30
[  684.368437][ T2248] 
[  684.368437][ T2248] -> #5 (&nsock->tx_lock){+.+.}-{4:4}:
[  684.371015][ T2248]        __mutex_lock+0x1a2/0x1b90
[  684.372723][ T2248]        nbd_queue_rq+0x428/0x1080
[  684.374500][ T2248]        blk_mq_dispatch_rq_list+0x422/0x1e70
[  684.376534][ T2248]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[  684.378719][ T2248]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[  684.380830][ T2248]        blk_mq_run_hw_queue+0x23c/0x670
[  684.382654][ T2248]        blk_mq_dispatch_list+0x51d/0x1360
[  684.384564][ T2248]        blk_mq_flush_plug_list+0x130/0x600
[  684.386483][ T2248]        __blk_flush_plug+0x2c4/0x4b0
[  684.388237][ T2248]        __submit_bio+0x584/0x6c0
[  684.389860][ T2248]        submit_bio_noacct_nocheck+0x562/0xc10
[  684.391947][ T2248]        submit_bio_noacct+0xd17/0x2010
[  684.393786][ T2248]        submit_bh_wbc+0x59c/0x770
[  684.395454][ T2248]        block_read_full_folio+0x264/0x8e0
[  684.397363][ T2248]        filemap_read_folio+0xfc/0x3b0
[  684.399131][ T2248]        do_read_cache_folio+0x2d7/0x6b0
[  684.400986][ T2248]        read_part_sector+0xd1/0x370
[  684.402746][ T2248]        adfspart_check_ICS+0x93/0x910
[  684.404681][ T2248]        bdev_disk_changed+0x7f8/0xc80
[  684.406474][ T2248]        blkdev_get_whole+0x187/0x290
[  684.408238][ T2248]        bdev_open+0x2c7/0xe40
[  684.409925][ T2248]        blkdev_open+0x34e/0x4f0
[  684.411548][ T2248]        do_dentry_open+0x6d8/0x1660
[  684.413191][ T2248]        vfs_open+0x82/0x3f0
[  684.414687][ T2248]        path_openat+0x208c/0x31a0
[  684.416273][ T2248]        do_file_open+0x20e/0x430
[  684.417898][ T2248]        do_sys_openat2+0x10d/0x1e0
[  684.419570][ T2248]        __x64_sys_openat+0x12d/0x210
[  684.421238][ T2248]        do_syscall_64+0x106/0xf80
[  684.422811][ T2248]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  684.424838][ T2248] 
[  684.424838][ T2248] -> #4 (&cmd->lock){+.+.}-{4:4}:
[  684.427108][ T2248]        __mutex_lock+0x1a2/0x1b90
[  684.428758][ T2248]        nbd_queue_rq+0xba/0x1080
[  684.430370][ T2248]        blk_mq_dispatch_rq_list+0x422/0x1e70
[  684.432249][ T2248]        __blk_mq_sched_dispatch_requests+0xcea/0x1620
[  684.434364][ T2248]        blk_mq_sched_dispatch_requests+0xd7/0x1c0
[  684.436353][ T2248]        blk_mq_run_hw_queue+0x23c/0x670
[  684.438091][ T2248]        blk_mq_dispatch_list+0x51d/0x1360
[  684.439920][ T2248]        blk_mq_flush_plug_list+0x130/0x600
[  684.441780][ T2248]        __blk_flush_plug+0x2c4/0x4b0
[  684.443483][ T2248]        __submit_bio+0x584/0x6c0
[  684.445060][ T2248]        submit_bio_noacct_nocheck+0x562/0xc10
[  684.446986][ T2248]        submit_bio_noacct+0xd17/0x2010
[  684.448717][ T2248]        submit_bh_wbc+0x59c/0x770
[  684.450308][ T2248]        block_read_full_folio+0x264/0x8e0
[  684.452194][ T2248]        filemap_read_folio+0xfc/0x3b0
[  684.453917][ T2248]        do_read_cache_folio+0x2d7/0x6b0
[  684.455709][ T2248]        read_part_sector+0xd1/0x370
[  684.457343][ T2248]        adfspart_check_ICS+0x93/0x910
[  684.459019][ T2248]        bdev_disk_changed+0x7f8/0xc80
[  684.460736][ T2248]        blkdev_get_whole+0x187/0x290
[  684.462393][ T2248]        bdev_open+0x2c7/0xe40
[  684.463930][ T2248]        blkdev_open+0x34e/0x4f0
[  684.465475][ T2248]        do_dentry_open+0x6d8/0x1660
[  684.467111][ T2248]        vfs_open+0x82/0x3f0
[  684.468609][ T2248]        path_openat+0x208c/0x31a0
[  684.470240][ T2248]        do_file_open+0x20e/0x430
[  684.471815][ T2248]        do_sys_openat2+0x10d/0x1e0
[  684.473502][ T2248]        __x64_sys_openat+0x12d/0x210
[  684.475305][ T2248]        do_syscall_64+0x106/0xf80
[  684.476964][ T2248]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  684.478989][ T2248] 
[  684.478989][ T2248] -> #3 (set->srcu){.+.+}-{0:0}:
[  684.481224][ T2248]        __synchronize_srcu+0xa1/0x2a0
[  684.482986][ T2248]        blk_mq_quiesce_queue+0x149/0x1c0
[  684.484829][ T2248]        elevator_switch+0x17b/0x7e0
[  684.486556][ T2248]        elevator_change+0x352/0x530
[  684.488305][ T2248]        elevator_set_default+0x29e/0x360
[  684.490106][ T2248]        blk_register_queue+0x412/0x590
[  684.491888][ T2248]        __add_disk+0x73f/0xe40
[  684.493413][ T2248]        add_disk_fwnode+0x118/0x5c0
[  684.495075][ T2248]        nbd_dev_add+0x77a/0xb10
[  684.496623][ T2248]        nbd_init+0x291/0x2b0
[  684.498224][ T2248]        do_one_initcall+0x11d/0x760
[  684.500014][ T2248]        kernel_init_freeable+0x6e5/0x7a0
[  684.501893][ T2248]        kernel_init+0x1f/0x1e0
[  684.503515][ T2248]        ret_from_fork+0x754/0xd80
[  684.505232][ T2248]        ret_from_fork_asm+0x1a/0x30
[  684.506972][ T2248] 
[  684.506972][ T2248] -> #2 (&q->elevator_lock){+.+.}-{4:4}:
[  684.509407][ T2248]        __mutex_lock+0x1a2/0x1b90
[  684.511119][ T2248]        elevator_change+0x1bc/0x530
[  684.512853][ T2248]        elevator_set_none+0x92/0xf0
[  684.514456][ T2248]        blk_mq_update_nr_hw_queues+0x4c1/0x15f0
[  684.516427][ T2248]        nbd_start_device+0x1a6/0xbd0
[  684.518073][ T2248]        nbd_genl_connect+0xff2/0x1a40
[  684.519772][ T2248]        genl_family_rcv_msg_doit+0x214/0x300
[  684.521760][ T2248]        genl_rcv_msg+0x560/0x800
[  684.523349][ T2248]        netlink_rcv_skb+0x159/0x420
[  684.525050][ T2248]        genl_rcv+0x28/0x40
[  684.526496][ T2248]        netlink_unicast+0x5aa/0x870
[  684.528143][ T2248]        netlink_sendmsg+0x8b0/0xda0
[  684.529816][ T2248]        ____sys_sendmsg+0x9e1/0xb70
[  684.531501][ T2248]        ___sys_sendmsg+0x190/0x1e0
[  684.533146][ T2248]        __sys_sendmsg+0x170/0x220
[  684.534769][ T2248]        __do_fast_syscall_32+0xe3/0x8c0
[  684.536557][ T2248]        do_fast_syscall_32+0x32/0x70
[  684.538324][ T2248]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  684.540547][ T2248] 
[  684.540547][ T2248] -> #1 (&q->q_usage_counter(io)#52){++++}-{0:0}:
[  684.543206][ T2248]        blk_alloc_queue+0x610/0x790
[  684.544932][ T2248]        blk_mq_alloc_queue+0x174/0x290
[  684.546696][ T2248]        __blk_mq_alloc_disk+0x29/0x120
[  684.548480][ T2248]        nbd_dev_add+0x492/0xb10
[  684.550060][ T2248]        nbd_init+0x291/0x2b0
[  684.551579][ T2248]        do_one_initcall+0x11d/0x760
[  684.553284][ T2248]        kernel_init_freeable+0x6e5/0x7a0
[  684.555119][ T2248]        kernel_init+0x1f/0x1e0
[  684.556708][ T2248]        ret_from_fork+0x754/0xd80
[  684.558373][ T2248]        ret_from_fork_asm+0x1a/0x30
[  684.560102][ T2248] 
[  684.560102][ T2248] -> #0 (fs_reclaim){+.+.}-{0:0}:
[  684.562378][ T2248]        __lock_acquire+0x14b8/0x2630
[  684.564075][ T2248]        lock_acquire+0x1cf/0x380
[  684.565694][ T2248]        fs_reclaim_acquire+0xc4/0x100
[  684.567398][ T2248]        prepare_alloc_pages+0x166/0x5f0
[  684.569101][ T2248]        __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  684.571119][ T2248]        alloc_pages_mpol+0x1fb/0x550
[  684.572780][ T2248]        folio_alloc_noprof+0x22/0x330
[  684.574485][ T2248]        filemap_alloc_folio_noprof.part.0+0x377/0x450
[  684.576666][ T2248]        __filemap_get_folio_mpol+0x6a4/0xe70
[  684.578576][ T2248]        filemap_fault+0x8a2/0x2eb0
[  684.580241][ T2248]        __do_fault+0x10d/0x550
[  684.581762][ T2248]        do_fault+0xabb/0x1990
[  684.583390][ T2248]        __handle_mm_fault+0x180f/0x2b60
[  684.585257][ T2248]        handle_mm_fault+0x36d/0xa20
[  684.587050][ T2248]        do_user_addr_fault+0x74c/0x12f0
[  684.589005][ T2248]        exc_page_fault+0x6f/0xd0
[  684.590757][ T2248]        asm_exc_page_fault+0x26/0x30
[  684.592680][ T2248]        __get_user_1+0x14/0x30
[  684.594411][ T2248]        __getname_maybe_null+0x29/0x140
[  684.596325][ T2248]        __ia32_sys_statx+0x119/0x1f0
[  684.598228][ T2248]        __do_fast_syscall_32+0xe3/0x8c0
[  684.600200][ T2248]        do_fast_syscall_32+0x32/0x70
[  684.601972][ T2248]        entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  684.604285][ T2248] 
[  684.604285][ T2248] other info that might help us debug this:
[  684.604285][ T2248] 
[  684.607488][ T2248] Chain exists of:
[  684.607488][ T2248]   fs_reclaim --> sk_lock-AF_INET --> mapping.invalidate_lock#2
[  684.607488][ T2248] 
[  684.611620][ T2248]  Possible unsafe locking scenario:
[  684.611620][ T2248] 
[  684.613940][ T2248]        CPU0                    CPU1
[  684.615607][ T2248]        ----                    ----
[  684.617309][ T2248]   rlock(mapping.invalidate_lock#2);
[  684.619064][ T2248]                                lock(sk_lock-AF_INET);
[  684.621351][ T2248]                                lock(mapping.invalidate_lock#2);
[  684.623874][ T2248]   lock(fs_reclaim);
[  684.625186][ T2248] 
[  684.625186][ T2248]  *** DEADLOCK ***
[  684.625186][ T2248] 
[  684.627835][ T2248] 1 lock held by syz-executor/2248:
[  684.629518][ T2248]  #0: ffff888053c4a248 (mapping.invalidate_lock#2){++++}-{4:4}, at: filemap_fault+0x859/0x2eb0
[  684.632817][ T2248] 
[  684.632817][ T2248] stack backtrace:
[  684.634657][ T2248] CPU: 2 UID: 0 PID: 2248 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  684.634673][ T2248] Tainted: [L]=SOFTLOCKUP
[  684.634677][ T2248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014
[  684.634684][ T2248] Call Trace:
[  684.634690][ T2248]  <TASK>
[  684.634695][ T2248]  dump_stack_lvl+0x100/0x190
[  684.634711][ T2248]  print_circular_bug.cold+0x178/0x1c7
[  684.634729][ T2248]  check_noncircular+0x146/0x160
[  684.634743][ T2248]  __lock_acquire+0x14b8/0x2630
[  684.634759][ T2248]  lock_acquire+0x1cf/0x380
[  684.634771][ T2248]  ? prepare_alloc_pages+0x166/0x5f0
[  684.634785][ T2248]  fs_reclaim_acquire+0xc4/0x100
[  684.634796][ T2248]  ? prepare_alloc_pages+0x166/0x5f0
[  684.634807][ T2248]  prepare_alloc_pages+0x166/0x5f0
[  684.634818][ T2248]  ? kasan_save_stack+0x30/0x50
[  684.634839][ T2248]  __alloc_frozen_pages_noprof+0x19a/0x2ba0
[  684.634855][ T2248]  ? path_openat+0x208c/0x31a0
[  684.634866][ T2248]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  684.634881][ T2248]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  684.634899][ T2248]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  684.634916][ T2248]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  684.634929][ T2248]  ? __lock_acquire+0x4a5/0x2630
[  684.634942][ T2248]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  684.634959][ T2248]  ? policy_nodemask+0xed/0x4f0
[  684.634970][ T2248]  alloc_pages_mpol+0x1fb/0x550
[  684.634981][ T2248]  ? __pfx_alloc_pages_mpol+0x10/0x10
[  684.634991][ T2248]  ? find_held_lock+0x2b/0x80
[  684.635000][ T2248]  ? filemap_get_entry+0x1a7/0x3b0
[  684.635016][ T2248]  ? filemap_get_entry+0x1a7/0x3b0
[  684.635032][ T2248]  folio_alloc_noprof+0x22/0x330
[  684.635045][ T2248]  filemap_alloc_folio_noprof.part.0+0x377/0x450
[  684.635058][ T2248]  ? __pfx_filemap_get_entry+0x10/0x10
[  684.635074][ T2248]  ? __pfx_filemap_alloc_folio_noprof.part.0+0x10/0x10
[  684.635089][ T2248]  __filemap_get_folio_mpol+0x6a4/0xe70
[  684.635107][ T2248]  filemap_fault+0x8a2/0x2eb0
[  684.635125][ T2248]  ? __pfx_filemap_fault+0x10/0x10
[  684.635142][ T2248]  ? __pfx_filemap_map_pages+0x10/0x10
[  684.635159][ T2248]  __do_fault+0x10d/0x550
[  684.635169][ T2248]  do_fault+0xabb/0x1990
[  684.635181][ T2248]  __handle_mm_fault+0x180f/0x2b60
[  684.635196][ T2248]  ? mt_find+0x45e/0x8e0
[  684.635211][ T2248]  ? __pfx___handle_mm_fault+0x10/0x10
[  684.635225][ T2248]  ? __pfx_mt_find+0x10/0x10
[  684.635242][ T2248]  ? find_vma+0xbf/0x140
[  684.635252][ T2248]  ? __pfx_find_vma+0x10/0x10
[  684.635262][ T2248]  handle_mm_fault+0x36d/0xa20
[  684.635276][ T2248]  do_user_addr_fault+0x74c/0x12f0
[  684.635296][ T2248]  exc_page_fault+0x6f/0xd0
[  684.635310][ T2248]  asm_exc_page_fault+0x26/0x30
[  684.635320][ T2248] RIP: 0010:__get_user_1+0x14/0x30
[  684.635332][ T2248] Code: cc cc cc cc 66 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 48 ba 00 f0 ff ff ff 7f 00 00 48 39 d0 48 0f 47 c2 0f 01 cb <0f> b6 10 31 c0 0f 01 ca c3 cc cc cc cc 66 66 2e 0f 1f 84 00 00 00
[  684.635343][ T2248] RSP: 0018:ffffc9000c85fe90 EFLAGS: 00050287
[  684.635351][ T2248] RAX: 00000000f723cd05 RBX: 00000000f723cd05 RCX: ffffc9000c85fe34
[  684.635358][ T2248] RDX: 00007ffffffff000 RSI: ffffffff825601b1 RDI: ffffffff8c1b06a0
[  684.635365][ T2248] RBP: 0000000000001800 R08: 0000000000000001 R09: 00000000000001d3
[  684.635371][ T2248] R10: 0000000000000200 R11: 0000000000000000 R12: 0000000000000003
[  684.635377][ T2248] R13: 0000000000001000 R14: 00000000000007ff R15: 00000000ffc7c3cc
[  684.635386][ T2248]  ? __might_fault+0x111/0x140
[  684.635401][ T2248]  __getname_maybe_null+0x29/0x140
[  684.635417][ T2248]  __ia32_sys_statx+0x119/0x1f0
[  684.635432][ T2248]  __do_fast_syscall_32+0xe3/0x8c0
[  684.635448][ T2248]  do_fast_syscall_32+0x32/0x70
[  684.635464][ T2248]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  684.635493][ T2248] RIP: 0023:0xf701ef6c
[  684.635502][ T2248] Code: d2 74 05 c1 e8 0c 89 02 8b 5d fc 31 c0 c9 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 2e 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 58 b8
[  684.635512][ T2248] RSP: 002b:00000000ffc7c330 EFLAGS: 00000206 ORIG_RAX: 000000000000017f
[  684.635521][ T2248] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f723cd05
[  684.635527][ T2248] RDX: 0000000000001800 RSI: 00000000000007ff RDI: 00000000ffc7c3cc
[  684.635534][ T2248] RBP: 00000000ffc7c520 R08: 0000000000000000 R09: 0000000000000000
[  684.635540][ T2248] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  684.635549][ T2248] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  684.635563][ T2248]  </TASK>
[  690.691757][ T1416] ieee802154 phy0 wpan0: encryption failed: -22