last executing test programs:

13m9.035751902s ago: executing program 32 (id=692):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="1400000014000103000000008000000001"], 0x14}}, 0x0)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={0x0}, 0x8, 0x3000000000002}, 0x0)

12m26.282034928s ago: executing program 33 (id=1080):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000300)={0x0, 0x4}, 0xe)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000040)={r1, 0x5e6e5432}, &(0x7f0000000080)=0x8)

10m46.156330942s ago: executing program 34 (id=1999):
chdir(&(0x7f0000000540)='./cgroup\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
lseek(r0, 0x7fffdfff, 0x2)
getdents64(r0, 0x0, 0x0)

10m18.102141316s ago: executing program 4 (id=2292):
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000000)=0xffb)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x3000001, 0x32, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000240)=0x2)

10m18.023567236s ago: executing program 4 (id=2293):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, 0x0)

10m17.95408115s ago: executing program 4 (id=2294):
r0 = socket(0x2, 0x80805, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f0000000440)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)="03", 0x1}], 0x1}], 0x1, 0x0)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{&(0x7f00000000c0)=@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000100)='a', 0x34000}], 0x1, &(0x7f0000000000)=ANY=[@ANYBLOB="30000000000000008400000001000000000000000c00"], 0x30}], 0x1, 0x0)

10m17.90203952s ago: executing program 4 (id=2296):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x118)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x400004, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
mount$fuseblk(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x24000, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1a8584c, 0x0)

10m17.901638055s ago: executing program 4 (id=2297):
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000200)='./file0\x00', 0x12, &(0x7f0000000480)=ANY=[], 0x5, 0xa5a, &(0x7f0000000a80)="$eJzs3U1sHFcBAOA3a6/z22ZTHGrS0CYU2vJTu3FM+ImAVM2FqKm4Vaq4RElaIpyASCVI1UOSEzdaVeHK76mX8qNK5IKinrhUopG49FQ4cCAKUiUO0JC48vq99e7zbmbt2J6s9/uk2bdv3tt9b3ZnZmdn5r0XgKFVaz7OzEwUIVy+8saRfz32zy0hXBlfzNFoPo62xeohhCLGR7P3+2BkIbz14asnuoVFmG4+pnh47kbrtdtCCBfC3nA1NMLuy9def3f62WMXj17a996bh66vzdIDAMBw+c7VQzO7/v7Xh3Z+9NbDh8Om1vx0fN6I8e3xuP9wPPBPx/+10Bkv2qZ2Y1m+0TjVsnwjXfK1l1PP8o32KH8se996j3ybSsofaZvXbblhkKX1uBGK2mRHvFabnFz4Tx6a/+vHismzp2dfPFdRRYFV959HQgh7Taahny42N4jq67Gu09yOqvdAAAvy64VLXMjPLNyd1ruN9lf+jadr3V8Pq2C913/lD1b5v71oj8Pq2ahrU1qutB1tj/G26whnQpf7l/Ltby5/42z7T++XX4+o91nPXtcRBuX6Qq96jqxzPVaqV/3z9WKj+kYM0+fwzSy9ffvJv9NB+Y6B7v7r/L/JNLTTkuPbO8jvlQE2tvy+ubkopef39eXpm0rSN5ekbylJ39qRa2n6tpLXwzD748s/C68Vi//z8//0yz0fns6z3RfD+5dZn/x85HLLH7tDbD3Kd4zEIPnT8edPffXkC9cW7v8vWuv/7bi+743xRtyarsYM6Xxhfl69de9/o7OcWo98D2T1ua9L/ubz8c58xfji+4S2/cySekx0vm5Hr3x7OvM1snxb4rQ5q29+fLI1e106/kj71fR5jWbLW8+WYyyrR9qv7IxhXg9YibQ+9rr/P62fE6FevHh69tRTMZ7W07+M1DfNz99fXtTvVrvuwN3pt/3PROhs/7O9Nb9ea98v7FicX7TvFxrZ/Oke8w/EePqd+97Ilub8yRM/mD252gsPQ+7c+Ve+f3x29tSPPPHEE09aT6reMwFrberlMz+cOnf+lSdPnzn+0qmXTp09cPDggenpg187MDPVPK6faj+6BzaSxR/9qmsCAAAAAAAAAAAA9OvHR49c+9s7X3l/of3/Yvu/1P4/3fmb2v//tFho615rmx+6jAOY2gHu7JLezJN1sDqW5avH6RNZfcezcnZlr/tkDFvj+MX2/6m4vF/XVJ8Hs/l5/70pX9adwJL+UsayXkfy8QI/E8NLMfx1gAoVW7rPjmFZ/9ZpXU/9UyyjX4ruBVOJ9L2lLyX1Y5Laf/fq1ynt/3euQx1ZfevRnLDqZQS6+/cQ9//dPHZZw/f/zf3VL+Pm3mmbqq6bqfppbs4oHsC9oerxP9N5zxSe/fO3N89PKduNpzv3l3n/pXA37vXxJ5W/scb/bI1/19f+7+bS0RMaKyv3f7+4/n5bsWF3v/vffPlTP9DjeQl3PhP90Xz5NxcX5fHQX/lzv8rKzy8I9elmXP70+W/ts/wly7+nrKTzb3eb+/9YfvrYnni03/IXalzUOuuRnzdO1//y88bJrWz5T650+Vc4UOPtWD4Ms0EZZ3a5+hj/t6ls/N8lVnn8317y+zC+HONpR5juc8hHOFlm/VuR9DuwK3v/ouT3zfi/g+3rMSzbHtL4v2l9bHSJ19ri9S6f7Ubd18Cg+uDevf63+ENVfV1M/X5f1dfDtIxpbm5ubU9olai0cCr//Kv+n1B1+VV//mXy8X/zY/h8/N88PR//N0/Px//N0/Px9fL0rVl6/nnm4//m6Q9m75uPDzyR/cHO0z9V8vrdJekPlaTvKUn/dEn6vpL0h0vSHylJf6Ak/dGS9M+WpH+uJP2xkvQnStI/X5K+0aX2KMO6/DDM8vZ5tn8YHql9ba/tf7wkHRhcP39r/zMv/OG7jYX2/2Ot8yHpOt7hGK/H/84/ifH8undoi8+nvRPj/8jS7/XzHTBM8v4z8t/3x0vSgcGV7vOyfcMQKrq3k+i336pex/kMli/E8Isx/FIMn4zhZAynYrg/htPrVD/WxjO/f/vQa8Xi//0dWXq/95Pn7YHyfqIO9Fmf/PzAcu/Hz/vxW667LX+FzcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqU2s+zsxMFCFcvvLGkeePnZ6an/OtVo5G83G0LVZvvS6Ep2I4EsNfxie3Pnz1RHt4O4ZFmA5FKFrzw3M3WiVtCyFcCHvD1dAIuy9fe/3d6WePXTx6ad97bx66vnafAAAAAGx8HwcAAP//V88c0Q==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc)

10m17.642762949s ago: executing program 4 (id=2301):
r0 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
read(r0, &(0x7f0000000080)=""/33, 0x21)
close(r0)

10m17.50011374s ago: executing program 35 (id=2301):
r0 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2)
read(r0, &(0x7f0000000080)=""/33, 0x21)
close(r0)

9m26.432596565s ago: executing program 6 (id=2787):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb0100180000000000000038000000380000000300000001000000000000010000ffff0f000000000000000000000105000000100000000000000000000003000000000100000002"], 0x0, 0x53}, 0x20)

9m26.364726246s ago: executing program 6 (id=2788):
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
r0 = syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
io_uring_setup(0xb54, &(0x7f0000000080)={0x0, 0x28ba1, 0x1000, 0x3, 0x1ad})
ptrace(0x10, r0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ptrace$getregset(0x4205, r0, 0x2, &(0x7f0000000080)={0x0})

9m26.364365244s ago: executing program 6 (id=2789):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'\x00', 0x202})
ioctl$TUNSETPERSIST(r0, 0x400454c9, 0x1)
ioctl$TUNSETLINK(r0, 0x400454cd, 0x30a)

9m26.243633627s ago: executing program 6 (id=2790):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x48c5, &(0x7f0000000b80)={[{@uni_xlateno}, {@shortname_winnt}, {@rodir}, {@fat=@gid}, {@fat=@nfs_nostale_ro}, {@uni_xlateno}, {@shortname_mixed}, {@uni_xlateno}, {@fat=@sys_immutable}, {@uni_xlate}, {@utf8no}, {@shortname_winnt}]}, 0x0, 0x274, &(0x7f0000000780)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2100)

9m26.190416182s ago: executing program 6 (id=2791):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000000740)={&(0x7f0000000040)={0x2, 0x0, @dev}, 0x10, 0x0, 0x0, &(0x7f0000004680)=[@rdma_args={0x48, 0x114, 0x1, {{0x0, 0x734}, {0x0}, &(0x7f0000002bc0)=[{&(0x7f0000001900)=""/135, 0x87}, {0xfffffffffffffffe, 0xfffffd95}], 0x2, 0x8}}], 0x48, 0x8800}, 0x0)

9m25.970862802s ago: executing program 6 (id=2792):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[{0x18, 0x110, 0xc, "f98596acaafa429e660400000000000000f342b267242156ef1f30d7a1c62cad95ec97c815521bd0a5b257d2d5"}], 0x4f}, 0x401c4)

9m25.826630568s ago: executing program 36 (id=2792):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[{0x18, 0x110, 0xc, "f98596acaafa429e660400000000000000f342b267242156ef1f30d7a1c62cad95ec97c815521bd0a5b257d2d5"}], 0x4f}, 0x401c4)

8m18.943749319s ago: executing program 7 (id=3407):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x3c, r1, 0x1, 0x0, 0x0, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, @DEVLINK_ATTR_PORT_INDEX={0x8, 0x3, 0x3}]}, 0x3c}}, 0x0)

8m18.943172859s ago: executing program 7 (id=3408):
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x9, 0x12}, 0x50)

8m18.910429611s ago: executing program 7 (id=3409):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xc, 0xc, &(0x7f0000000880)=ANY=[@ANYBLOB="1800000000000000000000000000000018150000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000012000000850000001500000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0xe, 0x0, &(0x7f0000001640)="e0857f9f582f0300000000000000", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

8m18.834031559s ago: executing program 7 (id=3410):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x20, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3813009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
mount(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000200)='proc\x00', 0x16, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f0000000000)='./file0/../file0\x00')

8m18.781044972s ago: executing program 7 (id=3411):
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0xe, 0x4, 0x8, 0xfffffffc, 0x0, 0xffffffffffffffff, 0x800}, 0x50)

8m18.562556682s ago: executing program 7 (id=3413):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x1, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x96, &(0x7f0000000180)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x60, 0x6, 0xff, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x18, 0x1, 0x0, 0x0, 0x5, {[@timestamp={0x8, 0xa, 0x80000001, 0x2}, @generic={0x0, 0x4, "da64"}, @sack={0x5, 0xe, [0xa, 0x10, 0xfffffffd]}, @md5sig={0x13, 0x12, "c23e0ddf11dfe254a9ad8c6494c61c3e"}, @mptcp=@add_addr={0x1e, 0xa, 0x0, 0xa, 0x4, @multicast1, 0x2}, @md5sig={0x13, 0x12, "9de44f4a873494ff03a36b512e4d53ba"}]}}}}}}}}, 0x0)

8m18.373396426s ago: executing program 37 (id=3413):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x14, 0x6, 0x1, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)
syz_emit_ethernet(0x96, &(0x7f0000000180)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "0a8435", 0x60, 0x6, 0xff, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x18, 0x1, 0x0, 0x0, 0x5, {[@timestamp={0x8, 0xa, 0x80000001, 0x2}, @generic={0x0, 0x4, "da64"}, @sack={0x5, 0xe, [0xa, 0x10, 0xfffffffd]}, @md5sig={0x13, 0x12, "c23e0ddf11dfe254a9ad8c6494c61c3e"}, @mptcp=@add_addr={0x1e, 0xa, 0x0, 0xa, 0x4, @multicast1, 0x2}, @md5sig={0x13, 0x12, "9de44f4a873494ff03a36b512e4d53ba"}]}}}}}}}}, 0x0)

7m14.250353985s ago: executing program 8 (id=4084):
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x7fffffff8000, 0x40000)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000140)={{0x4, 0x4, 0x4, 0x4, 'syz0\x00', 0x1000}, 0x3, 0x30, 0x4, 0x0, 0x3, 0x1ff, 'syz0\x00', &(0x7f0000000080)=['iso9660\x00', '\\\x00', 'unhide'], 0x10})

7m14.173036606s ago: executing program 8 (id=4085):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x38, 0x0, 0x0)

7m13.964874927s ago: executing program 8 (id=4086):
r0 = socket$inet(0x2, 0x80000, 0xfffffffd)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000140)={0x0, 0x0}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000400)='dctcp\x00', 0x6)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x10a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0xb, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
setxattr$incfs_metadata(&(0x7f0000000000)='./file0\x00', &(0x7f0000000280), &(0x7f0000000380)="1542abad2bd2a2ded0fdad4fd315037f21b5c8e4d5f4298e", 0x18, 0x2)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000001fc0)=""/184, 0x20002078)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)

7m12.890073835s ago: executing program 8 (id=4101):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0\x00', 0xa0835c, &(0x7f0000000340)={[{@nojournal_checksum}, {@nolazytime}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@dioread_nolock}, {@usrjquota}, {@oldalloc}, {@sysvgroups}]}, 0x2, 0x44a, &(0x7f0000000880)="$eJzs281vFOUfAPDvzLbl9+OtFfEFRK0SY+NLSwsqBy8aTTxgNNEDHuu2EMJCDa2JECLVGLyYGBI9G48m/gXevBj1ZOJV74aEKBfQU83MzsDuslsobHcr+/kkA8+z82yf57vPPDPPzLMbwMAaz/5JIrZGxG8RMVrPNhcYr/939fLZ6t+Xz1aTWFl5688kL3fl8tlqWbR835YiM5FGpJ8kRSXNFk+fOT5bq82fKvJTSyfem1o8febZYydmj84fnT85c/Dggf3TLzw/81xX4sziurL7w4U9u15758Lr1cMX3v3p26y9W4v9jXF0y3gW+F8rudZ9T3S7sj7b1pBOhvrYENakEhFZdw3n4380KnG980bj1Y/72jhgXWXXpk2ddy+vAHexJPrdAqA/ygt9dv9bbj2aemwIl16q3wBlcV8ttvqeoUiLMsMt97fdNB4Rh5f/+SrbYp2eQwAANPqs+uWheKbd/C+N+xvKbS/WUMYi4p6I2BER90bEzoi4LyIv+0BEPLjG+luXhm6c/6QXbyuwW5TN/14s1raa53/l7C/GKkVuWx7/cHLkWG1+X/GZTMTwpiw/vUod37/y6+ed9jXO/7Itq7+cCxbtuDjU8oBubnZpNp+UdsGljyJ2D7WLP7m2EpBExK6I2L22P729TBx76ps9nQrdPP5VdGGdaeXriCfr/b8cLfGXktXXJ6f+F7X5fVPlUXGjn385/2an+u8o/i7I+n9z8/HfWmQsaVyvXVx7Hed//7TjPc3tHv8jydv5+WikeO2D2aWlU9MRI8mhPN/0+sz195b5snwW/8Te9uN/R/GeLP6HIiI7iB+OiEci4tGi7Y9FxOMRsXeV+H98ufO+jdD/c23Pf9eO/5b+X3uicvyH7zrVf2v9fyBPTRSv5Oe/m7jVBt7JZwcAAAD/FWn+HfgknbyWTtPJyfp3+HfG5rS2sLj09JGF90/O1b8rPxbDafmka7Theeh0slz8xXp+pnhWXO7fXzw3/qLy/zw/WV2ozfU5dhh0WzqM/8wflX63Dlh37dbRZkb60BCg51rHf9qcPfdGLxsD9JTfa8Pgusn4T3vVDqD3XP9hcLUb/+da8tYC4O7k+g+Dy/iHwWX8w+Ay/mEg3cnv+iUGORHphmiGxDol+n1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6I5/AwAA///K8u7c")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0)

7m12.713609816s ago: executing program 8 (id=4105):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000300)={<r1=>0xffffffffffffffff}, 0x106, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000340)={0x15, 0x110, 0xfa00, {r1, 0x0, 0x30, 0x30, 0x0, @in6={0x1b, 0x4000, 0x0, @loopback, 0x2}, @ib={0x1b, 0x38e, 0x0, {'\x00\a\x00'}, 0x0, 0x40000000, 0x8}}}, 0x118)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f0000000080)={0x13, 0x10, 0xfa00, {&(0x7f0000000480), r1}}, 0x18)

7m12.253149558s ago: executing program 8 (id=4115):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a00380012001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

7m11.967676707s ago: executing program 38 (id=4115):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x74, &(0x7f0000000100)=[{&(0x7f00000001c0)="5c00000012006bab9a3fe3d86e17aa0a046b876c1d0048007ea60864160af36504001a00380012001931a0e69ee517d34460bc06000000a705251e6182949a3651f60a84c9f4d4938037e70e4509c5bb", 0x33fe0}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

6m45.995037631s ago: executing program 9 (id=4538):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x3, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_io_uring_setup(0x44cd, &(0x7f00000004c0)={0x0, 0x5331, 0x10100, 0x1000006, 0xfffefffe}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_POLL_REMOVE={0x7, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0xec84, 0x0, 0x0, 0x0)

6m45.841697614s ago: executing program 9 (id=4540):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b400000000000000791048000000000071041b000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)

6m45.7722752s ago: executing program 9 (id=4542):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={<r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f00)={'dummy0\x00', &(0x7f0000000180)=@ethtool_perm_addr={0x4b, 0x10, "4372070000001000476fb2940acfbe4c"}})

6m45.772088968s ago: executing program 9 (id=4543):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x22000b0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
pivot_root(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00')

6m45.700042299s ago: executing program 9 (id=4545):
socket$inet(0x2, 0x801, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000100), 0x20802, 0x0)
rt_sigprocmask(0x0, &(0x7f000078b000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r1 = gettid()
r2 = getpid()
rt_tgsigqueueinfo(r2, r1, 0x7, &(0x7f0000000080)={0x0, 0x0, 0x4})
r3 = signalfd(0xffffffffffffffff, &(0x7f00007aeff8)={[0xfffffffffffffffe]}, 0x8)
read(r3, &(0x7f0000000740)=""/384, 0x200008c0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)

6m45.503362566s ago: executing program 9 (id=4550):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@newtaction={0x78, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x64, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_NO_CSUM={0x5}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0xf7e8}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x24000800}, 0x0)

6m45.276074976s ago: executing program 39 (id=4550):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=@newtaction={0x78, 0x30, 0x871a15abc695fb3d, 0x0, 0x0, {}, [{0x64, 0x1, [@m_tunnel_key={0x60, 0x1, 0x0, 0x0, {{0xf}, {0x30, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{}, 0x1}}, @TCA_TUNNEL_KEY_NO_CSUM={0x5}, @TCA_TUNNEL_KEY_ENC_KEY_ID={0x8, 0x7, 0xf7e8}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc}}}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x24000800}, 0x0)

2m40.240495217s ago: executing program 5 (id=8514):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000003300)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002ebd7000000000001400000018000180140002006e657464657673696d3000000000000008000300fd0f000005000b000100000008000e000000000008000900010100000500190000000000080009003500000005000c0000000000080011"], 0x6c}, 0x1, 0x0, 0x0, 0x104}, 0x20000050)

2m40.240084556s ago: executing program 5 (id=8515):
r0 = syz_open_dev$video4linux(&(0x7f0000000ac0), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000002700)={0xe7, 0x0, {0x0, 0x0, 0x3010}})

2m40.2395604s ago: executing program 5 (id=8516):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)={0x114, 0x1f, 0x1, 0x0, 0x80000, "", [@nested={0x102, 0x0, 0x0, 0x1, [@typed={0x14, 0x3, 0x0, 0x0, @ipv6=@loopback}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@dev={0xfe, 0x80, '\x00', 0x2}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b504681000000000000009ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817"]}]}, 0x114}], 0x1, 0x0, 0x0, 0x20000004}, 0x140000c4)

2m40.191130923s ago: executing program 5 (id=8517):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000300)={0x3, 0x4, 0x4, 0x7ffffffe}, 0x48)

2m40.190965832s ago: executing program 5 (id=8518):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01080000000000000000070000000900010073797a300000000054000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a3000000000080005400000000c08"], 0xd8}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000180), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000001500)={&(0x7f0000000580)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01000000040200f2c8dc1b000000180001801400020073797a5f74756e0000000000000000000c000280"], 0x38}, 0x1, 0x0, 0x0, 0x20000844}, 0x0)

2m40.139773351s ago: executing program 5 (id=8519):
sync()

2m24.933738089s ago: executing program 40 (id=8519):
sync()

1m55.790980715s ago: executing program 0 (id=9022):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a40000000140a050000000000000000000200000208000340000000020c00064000000000000000030900010073797a3000"], 0x6f4}}, 0x0)

1m55.790435735s ago: executing program 0 (id=9023):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='signal_generate\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='signal_generate\x00', r1}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

1m55.790346822s ago: executing program 0 (id=9024):
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_pidfd_open(r0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
ioctl$FS_IOC_GETVERSION(r1, 0xc040ff0b, &(0x7f0000000180))

1m55.540681075s ago: executing program 0 (id=9025):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt(r0, 0x84, 0x83, &(0x7f00000002c0)="8a00000000020000", 0x8)

1m55.480163467s ago: executing program 0 (id=9027):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_GET(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000010c0)={0x20, 0x1, 0x7, 0x201, 0x0, 0x0, {0x0, 0x0, 0x9}, [@NFACCT_FILTER={0xc, 0x7, 0x0, 0x1, [@NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xfffffff0}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x8004}, 0x4008000)

1m55.387601603s ago: executing program 0 (id=9028):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000003680)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000140), 0x0)
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000180)='efs\x00', 0x200000, 0x0)
r5 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
r7 = syz_open_dev$amidi(&(0x7f0000000480), 0x2, 0x80042)
r8 = dup(r7)
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r6}})
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
r10 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r10, 0x107, 0xf, &(0x7f00000001c0)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000300)={'vlan1\x00', <r11=>0x0})
sendto$packet(r10, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080088484803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r11}, 0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x56}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
sendmmsg$inet6(r8, &(0x7f0000002b00)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x4f5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xfffffe01}, 0x1c, 0x0}}, {{&(0x7f0000000240)={0xa, 0x4e24, 0x8, @private1, 0x10000000}, 0x1c, &(0x7f00000017c0)=[{&(0x7f0000002d40)="e0adfa809b49947f8b28e28dae430232b20333097a607dd3557c122d92a61fdec5b7389ca5c11677e32d84e8c9323970abcea401f71bddded1cb1c25ada3509e60dc83af9b9d910d7c577739452d28ef3d79e55371949aa3a8a1d89b8c387beb426033624779e7224fe822139d1c988560e98245a3eda10540b238babfdc31685b207436edaaa5f39c8dbf875821e7bc75ec98dfc928e13e79a8e9ff9907bc8612be82cf1bb744f261766cc3c47ed85fbca5061de65a0595be3e3e174c101caea9f01a3e7b8bf53157cc81c057ebb906208f834b449f317e5ca8", 0xda}, {&(0x7f0000000380)="b94ae8c9b813d29e5a3bedcbd04df0863e1c503848cd4f5ab86732dbe921179f09467f4113d023aa1a6c97f1a688bfef0d3cb0bad512aa3b4d70b6795d2b40947bbaeafdf5e1b497646ad7994232cd1404c1d6cec4677ff9cd5ea664fecf5252664e63f0ac15cdead5840a41f99f1a51e3a33ae2a733f56e0e1bf9067527e8932897d58064689db7", 0x88}, {&(0x7f0000000440)="7412bbf6b903b21d5c205f6e30e479c04228a4ed0ae3832e29d95504c65a745b4604cb022453337c0557710cd29f0f1856ae44e1dc4f11dd76c46dad693a38f42e97b9d4af9ad6c88410988315bf9aac7d72bc100aec0044deb1ba0b7c14f96a074b06d9c1010159ae026159c3a426900b72216072634dd2eb43d456daf76ea1219c9e5f9aeee77ff19b07b6225e3c0d68030e53281c28d30220f518c6", 0x9d}, {&(0x7f0000000500)="0842945bdb136f6c8c4b152062a7a6a741cb1906296e48fb7f0c4c1c90f520ec761a24461f9b6f1bd42742dcd296fa302d7364cd6a532add291caa02b05662204ebf", 0x42}, {&(0x7f0000002b80)="3a0daaac2b8bd23e1acf41f94a1b7cfbfede0b2a124b09eced24d52b3bb38097f1a9a74977599a975ba14fe1e23bf22452f0301a329abb713b4ec31d36d65a5e69618a74621498d987842645b633d592769a08e9546a6201d7e318a3e97e892916485d84d6331e5634644e0b0d801bc013d4806712a51610ce390ffdf8bad3fee1ae4a990b4170746b2dd9d6ccf36f45e7cc53c04b2e4cb42a", 0x99}, {&(0x7f0000000640)}, {&(0x7f0000001640)}, {&(0x7f00000016c0)="a4d0ecd1c743fb267d57709dc7354b2d0c0635decc0c508fdaaabc8c49e70563eebc80ff66c8d838cb0be7ace2124f31d144fd376959d479f03c8629c1c6503bd400cd4e42d79bcecaad1bed4cf4cad905148e1292644e9ab340971cad2a8a351b896f94e388f328d20aca4132879625e55d6fdeb2ea6a31c95192672e6db6f214d96be2a55ae8c1acc32be704c7fec695bccc0f08e832d83c1f248c0694f0a5f7696d2a870d1c7d623adf772109bafa8c3e64541e9a", 0xb6}], 0x8, &(0x7f0000001840)=[@rthdrdstopts={{0x18, 0x29, 0x37, {0x2f}}}, @hopopts={{0x990, 0x29, 0x36, {0x0, 0x12e, '\x00', [@padn, @hao={0xc9, 0x10, @loopback}, @generic={0x3, 0x95b, "2be2cbaf96b76103d9ec55ad5866d6fd29beb0e6f15caf5033e60ef9c6a05ae689f1ea0701e0829a3316b20e4bfd93fa7579209f3970b31ac689b48432a13527574b1a71c85c8237ba141818863d812cede7bba0115b963b1b5c5972932155938b873b3de6ebf2a7fdf055233c8c0f4c16ff71e46e75b92dbc149d1d0de6a1e9a9cce2c6ae2a2228ea0df1d8d3b265d28ff4587d025cc17d205460d9f939f844f466620b8ad0da6225c026df848177c7ba0b85ac9c35dc1159a9eddf20ed049122d33a3051d90170b915b2a76f238ca602e03b328509e6081279abca3bca5052445c5d835287673fb2b91db0ef3763e61a10dd379a5cfe58630b7af7536b86e5c8638ec70a23cd98df396e85b032aea38282aa329d4a4b5811321f50d527b020c6873b5cba86f3337f39b12511fda5f9d2458d9b89908c4a381126ab89959c86a0d62166eb9e5c4bd192d456133b6be67306f8c8951f6d1e53255973a9cdf89207459a8beed81786508b96545b3e839d0322062788b58e2838c0f008668a8fdab72e0535f6ed6f512909741fd20d81087efd8ee8d5887e1b1c152fe7a7a72f9feab466c16f6c8b4d0f4fec5cb13554e2b9fc0020f22a98edeb3bac231426dbe9efb77496770d71f048aede9bb5fdae2492d632338136c6d7f83814eb1d052c583dba925c1e025cec2615d715f8d3a3c8675b1c5358a01d14d32def0474755a52be9b21def722461361ba383e29dac318ee711e42e31e6c05989d3d614906a228b04751c103cbf1e25e818529f46441257982dbfc2d3d6b9d4847f6104cd8f328d175f044a278866d3d224715cf357d88f35e274aa8451a419bbc61d7c5925496c93eb68e7ff722460ba9d3b2da80ca2250b72b8be89e294b6d5e855df5b5250c8fee2a07080a50c23eeace3c06f9840553d7cd3fa6a90835dbdd8da7c10735d853986e564557c0392f352eb62428d41c87a655771d05a7a6a968c17f7e06c9e06af439e70be5d196de415fe9b02473f1e8619ce20b303b2e04e5cbeb8157e657f1759ce15da45fb1e5ea11e89d82d7bc4d953895b8e0807c4087eed14ef017982ec967a624330342d5f90c7486eb3d155d4348bd14d434a0bd4f9a582b2d6ce5ec28a26f1ce58f251b4b45ac85d5ada509eb79d6cbe9d4045b094cc0f444b68582d6052d83947c1d5766f7e647afbe0d38afad8aa1a0d1ea78b71a9b81561b45eb8126316d75ddfa7a0a4112097435d619737053d8cb4f33792af9a9da8ba091a98c14e612dbd1a8851e84965a9aaff8521d89b498945588d4659558d1a27f24db753eb9de02f4d9c8af33a0e22ceea8df4b610475b376135e89a9d7831dbadc6122324450348cf83240bd1dbe01a4cd02701cc19c9a0d0a56cf4ac5733ffe2a20ee9792d07a82643779059df8025f65557f5e7269dcbf7bc715d1b890cc22c271b356a701432d90cb2de39f07a3d3d0942fe959d1bc20ef7e811d219b61d42cccd1dabfcb86c47c4e9bea4f55da52ffbc1e5c24a6e3bd885e303762b1b12eea5f9b4898d827d5fa19331e4593980d1ee19e2a5dcea0a94f4b476a6b5ba1017da95a8da5ade8b432a4b1f64376446e09b609c40a50da7b7597b76b8a18ac9ce61e6a34731fcaaeaeb5fe53ed0d1bb01913848841237d781aef7c2fd06f4dc2806d42622b2d1e0292aa1c7a658d4e2a738302bfe6fef84390952986f93337c3b7e696dae1fb98fa81bd323b83574e3f0b938dae1ae37980f956b79db2d2e30d33bb2d7824ccec5c4cf4240b50bef7445102ed2d3d3bd8b05d42c420c6a52ddbb3fdc3d5a3c92a15efb1f5cbf6e164e9aa68c62a73ada9ead7f88dac61a6d0833ec5ce16f53ea353fe31dd6acd450e53bd8e69b3e5f006b4c96219866ba73c31437459ffbac90594a3736f18d5e4896e7b7f9730007859a4168108046d36ab303be749444e90d2e37e4957bbf15799b75ec1f118a179e28871823f092271e22a5a325979e0efdf0096c1dc63f060c551a5d29741005df3ce0ab702bf4732c3a132f018b20bd69f9bcf80e76276802d5afa2f1bcd03ccfe087b4ac5b7fbbba89316f4aa342d5bdbf3bd9ad73b906e690edc2a57e9b2ac4bcc73abb6db160ff8dfe897a873c0f5b4220518db4ef74c82dc5f5045e110b9217530b18a7cdcf33e1c20c640a70b3f30b1780d756503f294d6bbff5fc84b573f3e74785acd4e139c404bcc9a0b7aa839a21c17b6aa6b624a9e86afe190b38f4cada9cd7ba2dd0c433973ac25fb8460736bec4267b77f6e06a186c2d2cb699689815bb84528a8a2074be02ed63f3244a5e9704365a80b10097cc56bd1a2160bb1c26100667856532cc583309bb1e3283d5fd60d6c8f5ffcc3e1e6798e7d1fc3ac685ec6f83f15a28eb0b1411a301a2733eee73dd64752e03fe283d11a7681ac7fefe617eb53be1881ab0455bdc07bec8130ad2c40082d402ab14a1fb9b48407d7518a740662543c0b4f2c475fcb097c5bf98272ffa4e832bf12f26d1fe9973e6ecf128147abbd450f0349a1b3710e2fbcb41f4c2cef092a1eb1a0238626a50482c047a2946f983ab54bbd51d940c4e451c0fba6b4de259c52a7d4d87bb5eef42833f8d3b4687d4f707e5ab327065c9feb98a2ced8cc61d551953b61da62365c10d0adb1632d5dad49ba9f4a98769494ab783251833b090c8bb1b4a6594aecdc2e7ce2fdf0c64edc9447419382c6e1b95eaff33f6b33be65a6e954ece381a1eadc07c1f094d8369b2e07563f78484624584fdbcedecd239f110a3048721aa873cc4970f041447dfe107bc9cc1568065390fe383ed2dcaa57cfe06cf56d5f395d74f2b3ed35627a106a85e4a3989aa464086d1267d8f6c31a8db121c4885f28fc4b65b1843147d6acd4f2020b202bc037d93e4ff9e3be2beba00a33656fb63d0c3837fee40328abb2be34a64b57b38281f7405b1ede24de01499276143a8bec0fb0c56cb281cbed1d7c3b3e7c4c3caaa2162e4bd422acb5002bd0cf9f9438c07d141c4a2c4ab4c09ff2725c7c08e5a2670e88de23166720f18304b9fe13e3cdd4d21ff08d1ed14fa64dd77e4fb1d4f3267e4b9498a85c29997b1af6232335562d66077c6fe14840019f1a9679e868e11556c94928a714463d3db5ca280ae2decfa6b40820f7876f2bebf1380788a55f4e5c3c8dd5984d54877ad6e79b6f2c74b715f2fe9eb72930d61d531007a7508777bd4a001f7c945f3ef150fe7221b85e51cc67340ba6ee9951ca3ef23bf4a2875beb32a288cc8427168e57c31d81a1d83f26c0553a4da1d7ad96a45ff025eaa3be3de6633fed3168d66409545fffdcbb59d282b461813260e95075d9d5df4408480932386c5769fdad2f6ea95e66e37a197229af937fdf"}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@private0={0xfc, 0x0, '\x00', 0x1}, r11}}}, @dstopts={{0x78, 0x29, 0x37, {0x0, 0xb, '\x00', [@generic={0x3, 0x37, "3b58abbc98fca97c8e49be74bcec20af6c2819f3f908a97d8208a2688e3c8f95754723254129463fb70bd6e427d614ecf626dd4a6b42ab"}, @pad1, @ra={0x5, 0x2, 0x4}, @calipso={0x7, 0x18, {0x2, 0x4, 0x9, 0x8, [0x6, 0x5]}}]}}}, @rthdr_2292={{0x18, 0x29, 0x39, {0x5e, 0x0, 0x2, 0xfa}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0xf58f}}, @dontfrag={{0x14, 0x29, 0x3e, 0x4}}], 0xa90}}], 0x2, 0x80)
read$char_usb(r8, &(0x7f0000002c40)=""/227, 0xe3)
ioctl$SOUND_MIXER_READ_DEVMASK(r5, 0x80044dfe, &(0x7f0000000140))
getpid()

1m40.06568611s ago: executing program 41 (id=9028):
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000580)={&(0x7f0000003680)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r4, &(0x7f0000000140), 0x0)
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000000)='./cgroup\x00', &(0x7f0000000180)='efs\x00', 0x200000, 0x0)
r5 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000100), 0x80000, 0x0)
r6 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
r7 = syz_open_dev$amidi(&(0x7f0000000480), 0x2, 0x80042)
r8 = dup(r7)
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r8}, 0x2c, {'wfdno', 0x3d, r6}})
r9 = socket$inet_mptcp(0x2, 0x1, 0x106)
r10 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r10, 0x107, 0xf, &(0x7f00000001c0)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000300)={'vlan1\x00', <r11=>0x0})
sendto$packet(r10, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080088484803", 0x10000, 0x0, &(0x7f0000000140)={0x11, 0x0, r11}, 0x14)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@call={0x85, 0x0, 0x0, 0x56}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
sendmmsg$inet6(r8, &(0x7f0000002b00)=[{{&(0x7f0000000000)={0xa, 0x4e24, 0x4f5, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xfffffe01}, 0x1c, 0x0}}, {{&(0x7f0000000240)={0xa, 0x4e24, 0x8, @private1, 0x10000000}, 0x1c, &(0x7f00000017c0)=[{&(0x7f0000002d40)="e0adfa809b49947f8b28e28dae430232b20333097a607dd3557c122d92a61fdec5b7389ca5c11677e32d84e8c9323970abcea401f71bddded1cb1c25ada3509e60dc83af9b9d910d7c577739452d28ef3d79e55371949aa3a8a1d89b8c387beb426033624779e7224fe822139d1c988560e98245a3eda10540b238babfdc31685b207436edaaa5f39c8dbf875821e7bc75ec98dfc928e13e79a8e9ff9907bc8612be82cf1bb744f261766cc3c47ed85fbca5061de65a0595be3e3e174c101caea9f01a3e7b8bf53157cc81c057ebb906208f834b449f317e5ca8", 0xda}, {&(0x7f0000000380)="b94ae8c9b813d29e5a3bedcbd04df0863e1c503848cd4f5ab86732dbe921179f09467f4113d023aa1a6c97f1a688bfef0d3cb0bad512aa3b4d70b6795d2b40947bbaeafdf5e1b497646ad7994232cd1404c1d6cec4677ff9cd5ea664fecf5252664e63f0ac15cdead5840a41f99f1a51e3a33ae2a733f56e0e1bf9067527e8932897d58064689db7", 0x88}, {&(0x7f0000000440)="7412bbf6b903b21d5c205f6e30e479c04228a4ed0ae3832e29d95504c65a745b4604cb022453337c0557710cd29f0f1856ae44e1dc4f11dd76c46dad693a38f42e97b9d4af9ad6c88410988315bf9aac7d72bc100aec0044deb1ba0b7c14f96a074b06d9c1010159ae026159c3a426900b72216072634dd2eb43d456daf76ea1219c9e5f9aeee77ff19b07b6225e3c0d68030e53281c28d30220f518c6", 0x9d}, {&(0x7f0000000500)="0842945bdb136f6c8c4b152062a7a6a741cb1906296e48fb7f0c4c1c90f520ec761a24461f9b6f1bd42742dcd296fa302d7364cd6a532add291caa02b05662204ebf", 0x42}, {&(0x7f0000002b80)="3a0daaac2b8bd23e1acf41f94a1b7cfbfede0b2a124b09eced24d52b3bb38097f1a9a74977599a975ba14fe1e23bf22452f0301a329abb713b4ec31d36d65a5e69618a74621498d987842645b633d592769a08e9546a6201d7e318a3e97e892916485d84d6331e5634644e0b0d801bc013d4806712a51610ce390ffdf8bad3fee1ae4a990b4170746b2dd9d6ccf36f45e7cc53c04b2e4cb42a", 0x99}, {&(0x7f0000000640)}, {&(0x7f0000001640)}, {&(0x7f00000016c0)="a4d0ecd1c743fb267d57709dc7354b2d0c0635decc0c508fdaaabc8c49e70563eebc80ff66c8d838cb0be7ace2124f31d144fd376959d479f03c8629c1c6503bd400cd4e42d79bcecaad1bed4cf4cad905148e1292644e9ab340971cad2a8a351b896f94e388f328d20aca4132879625e55d6fdeb2ea6a31c95192672e6db6f214d96be2a55ae8c1acc32be704c7fec695bccc0f08e832d83c1f248c0694f0a5f7696d2a870d1c7d623adf772109bafa8c3e64541e9a", 0xb6}], 0x8, &(0x7f0000001840)=[@rthdrdstopts={{0x18, 0x29, 0x37, {0x2f}}}, @hopopts={{0x990, 0x29, 0x36, {0x0, 0x12e, '\x00', [@padn, @hao={0xc9, 0x10, @loopback}, @generic={0x3, 0x95b, "2be2cbaf96b76103d9ec55ad5866d6fd29beb0e6f15caf5033e60ef9c6a05ae689f1ea0701e0829a3316b20e4bfd93fa7579209f3970b31ac689b48432a13527574b1a71c85c8237ba141818863d812cede7bba0115b963b1b5c5972932155938b873b3de6ebf2a7fdf055233c8c0f4c16ff71e46e75b92dbc149d1d0de6a1e9a9cce2c6ae2a2228ea0df1d8d3b265d28ff4587d025cc17d205460d9f939f844f466620b8ad0da6225c026df848177c7ba0b85ac9c35dc1159a9eddf20ed049122d33a3051d90170b915b2a76f238ca602e03b328509e6081279abca3bca5052445c5d835287673fb2b91db0ef3763e61a10dd379a5cfe58630b7af7536b86e5c8638ec70a23cd98df396e85b032aea38282aa329d4a4b5811321f50d527b020c6873b5cba86f3337f39b12511fda5f9d2458d9b89908c4a381126ab89959c86a0d62166eb9e5c4bd192d456133b6be67306f8c8951f6d1e53255973a9cdf89207459a8beed81786508b96545b3e839d0322062788b58e2838c0f008668a8fdab72e0535f6ed6f512909741fd20d81087efd8ee8d5887e1b1c152fe7a7a72f9feab466c16f6c8b4d0f4fec5cb13554e2b9fc0020f22a98edeb3bac231426dbe9efb77496770d71f048aede9bb5fdae2492d632338136c6d7f83814eb1d052c583dba925c1e025cec2615d715f8d3a3c8675b1c5358a01d14d32def0474755a52be9b21def722461361ba383e29dac318ee711e42e31e6c05989d3d614906a228b04751c103cbf1e25e818529f46441257982dbfc2d3d6b9d4847f6104cd8f328d175f044a278866d3d224715cf357d88f35e274aa8451a419bbc61d7c5925496c93eb68e7ff722460ba9d3b2da80ca2250b72b8be89e294b6d5e855df5b5250c8fee2a07080a50c23eeace3c06f9840553d7cd3fa6a90835dbdd8da7c10735d853986e564557c0392f352eb62428d41c87a655771d05a7a6a968c17f7e06c9e06af439e70be5d196de415fe9b02473f1e8619ce20b303b2e04e5cbeb8157e657f1759ce15da45fb1e5ea11e89d82d7bc4d953895b8e0807c4087eed14ef017982ec967a624330342d5f90c7486eb3d155d4348bd14d434a0bd4f9a582b2d6ce5ec28a26f1ce58f251b4b45ac85d5ada509eb79d6cbe9d4045b094cc0f444b68582d6052d83947c1d5766f7e647afbe0d38afad8aa1a0d1ea78b71a9b81561b45eb8126316d75ddfa7a0a4112097435d619737053d8cb4f33792af9a9da8ba091a98c14e612dbd1a8851e84965a9aaff8521d89b498945588d4659558d1a27f24db753eb9de02f4d9c8af33a0e22ceea8df4b610475b376135e89a9d7831dbadc6122324450348cf83240bd1dbe01a4cd02701cc19c9a0d0a56cf4ac5733ffe2a20ee9792d07a82643779059df8025f65557f5e7269dcbf7bc715d1b890cc22c271b356a701432d90cb2de39f07a3d3d0942fe959d1bc20ef7e811d219b61d42cccd1dabfcb86c47c4e9bea4f55da52ffbc1e5c24a6e3bd885e303762b1b12eea5f9b4898d827d5fa19331e4593980d1ee19e2a5dcea0a94f4b476a6b5ba1017da95a8da5ade8b432a4b1f64376446e09b609c40a50da7b7597b76b8a18ac9ce61e6a34731fcaaeaeb5fe53ed0d1bb01913848841237d781aef7c2fd06f4dc2806d42622b2d1e0292aa1c7a658d4e2a738302bfe6fef84390952986f93337c3b7e696dae1fb98fa81bd323b83574e3f0b938dae1ae37980f956b79db2d2e30d33bb2d7824ccec5c4cf4240b50bef7445102ed2d3d3bd8b05d42c420c6a52ddbb3fdc3d5a3c92a15efb1f5cbf6e164e9aa68c62a73ada9ead7f88dac61a6d0833ec5ce16f53ea353fe31dd6acd450e53bd8e69b3e5f006b4c96219866ba73c31437459ffbac90594a3736f18d5e4896e7b7f9730007859a4168108046d36ab303be749444e90d2e37e4957bbf15799b75ec1f118a179e28871823f092271e22a5a325979e0efdf0096c1dc63f060c551a5d29741005df3ce0ab702bf4732c3a132f018b20bd69f9bcf80e76276802d5afa2f1bcd03ccfe087b4ac5b7fbbba89316f4aa342d5bdbf3bd9ad73b906e690edc2a57e9b2ac4bcc73abb6db160ff8dfe897a873c0f5b4220518db4ef74c82dc5f5045e110b9217530b18a7cdcf33e1c20c640a70b3f30b1780d756503f294d6bbff5fc84b573f3e74785acd4e139c404bcc9a0b7aa839a21c17b6aa6b624a9e86afe190b38f4cada9cd7ba2dd0c433973ac25fb8460736bec4267b77f6e06a186c2d2cb699689815bb84528a8a2074be02ed63f3244a5e9704365a80b10097cc56bd1a2160bb1c26100667856532cc583309bb1e3283d5fd60d6c8f5ffcc3e1e6798e7d1fc3ac685ec6f83f15a28eb0b1411a301a2733eee73dd64752e03fe283d11a7681ac7fefe617eb53be1881ab0455bdc07bec8130ad2c40082d402ab14a1fb9b48407d7518a740662543c0b4f2c475fcb097c5bf98272ffa4e832bf12f26d1fe9973e6ecf128147abbd450f0349a1b3710e2fbcb41f4c2cef092a1eb1a0238626a50482c047a2946f983ab54bbd51d940c4e451c0fba6b4de259c52a7d4d87bb5eef42833f8d3b4687d4f707e5ab327065c9feb98a2ced8cc61d551953b61da62365c10d0adb1632d5dad49ba9f4a98769494ab783251833b090c8bb1b4a6594aecdc2e7ce2fdf0c64edc9447419382c6e1b95eaff33f6b33be65a6e954ece381a1eadc07c1f094d8369b2e07563f78484624584fdbcedecd239f110a3048721aa873cc4970f041447dfe107bc9cc1568065390fe383ed2dcaa57cfe06cf56d5f395d74f2b3ed35627a106a85e4a3989aa464086d1267d8f6c31a8db121c4885f28fc4b65b1843147d6acd4f2020b202bc037d93e4ff9e3be2beba00a33656fb63d0c3837fee40328abb2be34a64b57b38281f7405b1ede24de01499276143a8bec0fb0c56cb281cbed1d7c3b3e7c4c3caaa2162e4bd422acb5002bd0cf9f9438c07d141c4a2c4ab4c09ff2725c7c08e5a2670e88de23166720f18304b9fe13e3cdd4d21ff08d1ed14fa64dd77e4fb1d4f3267e4b9498a85c29997b1af6232335562d66077c6fe14840019f1a9679e868e11556c94928a714463d3db5ca280ae2decfa6b40820f7876f2bebf1380788a55f4e5c3c8dd5984d54877ad6e79b6f2c74b715f2fe9eb72930d61d531007a7508777bd4a001f7c945f3ef150fe7221b85e51cc67340ba6ee9951ca3ef23bf4a2875beb32a288cc8427168e57c31d81a1d83f26c0553a4da1d7ad96a45ff025eaa3be3de6633fed3168d66409545fffdcbb59d282b461813260e95075d9d5df4408480932386c5769fdad2f6ea95e66e37a197229af937fdf"}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}]}}}, @pktinfo={{0x24, 0x29, 0x32, {@private0={0xfc, 0x0, '\x00', 0x1}, r11}}}, @dstopts={{0x78, 0x29, 0x37, {0x0, 0xb, '\x00', [@generic={0x3, 0x37, "3b58abbc98fca97c8e49be74bcec20af6c2819f3f908a97d8208a2688e3c8f95754723254129463fb70bd6e427d614ecf626dd4a6b42ab"}, @pad1, @ra={0x5, 0x2, 0x4}, @calipso={0x7, 0x18, {0x2, 0x4, 0x9, 0x8, [0x6, 0x5]}}]}}}, @rthdr_2292={{0x18, 0x29, 0x39, {0x5e, 0x0, 0x2, 0xfa}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0xf58f}}, @dontfrag={{0x14, 0x29, 0x3e, 0x4}}], 0xa90}}], 0x2, 0x80)
read$char_usb(r8, &(0x7f0000002c40)=""/227, 0xe3)
ioctl$SOUND_MIXER_READ_DEVMASK(r5, 0x80044dfe, &(0x7f0000000140))
getpid()

6.588507895s ago: executing program 1 (id=10634):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000050000000000000000000024000a20000000000a1f000000000000000000010000000900010073797a300000000058000000030a0104000000000000000001000000090003803d2175fbe782c2002c00048008000240172af2e40800014000000003080002401c791e7108000240423930ce08000140000000030900010073797a300000000088000000060a010400000000000000000100000008000b400000000014000480100001800b0001006e756d67656e00000900010073797a30000000004c0004804800018008000100666962003c000280080003400000000c08000140000000020800014000000030080002400000000308000140000000120800034000000000080003400000000a"], 0x122}}, 0x10)

6.588324575s ago: executing program 1 (id=10635):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{0x45, 0x2, 0x2, 0xffffffff}, {0x60}, {0x2}, {0x6}]})

6.459646836s ago: executing program 1 (id=10640):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, 0x0, &(0x7f0000000200))

6.45913161s ago: executing program 1 (id=10641):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x200056, &(0x7f0000000440)={[{@nogrpid}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1ff}}, {@nodiscard}, {@noblock_validity}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}]}, 0x3, 0x451, &(0x7f0000000f80)="$eJzs3M2PU1UbAPDn3k6HlxdwRsQPPtRRNE78mGEAlYULNZq4wMREF7qczAwEKYxhxkQIUTAGV8aYuDcu/Rdc6cYYVyZudW9IiGEDuKq57b1MW9rCdFqq098vuXDOvedyztNzT3vuPS0BjKyp7I8kYntE/B4RE/Vsc4Gp+l/Xr55fuHH1/EIS1erbfyW1cteunl8oihbnbcsz02lE+lkSe9vUu3L23Mn5SmXpTJ6fXT31wezK2XPPnTg1f3zp+NLpg0eOHD409+ILB5/vS5xZm67t+Xh53+433vvqzaNfNMXfEkefTHU7+GS12ufqhmtHQzoZG2JDWJdSRGTdVa6N/4koxVrnTcTrnw61ccBAVavV6rbOhy9UgU0siea8IQ+jovigz+5/i611EvDy4KYfQ3fllfoNUBb39XyrHxmLNC9Tbrm/7aepiHj3wt/fZFsM5jkEAECTH7L5z7Pt5n9pPNBQ7p58bWgyIu6NiJ0RcV9E7IqI+yNqZR+MiIfWWX/rIsmt85/0ck+B3aFs/vdSvrbVPP8rZn8xWcpzO2rxl5NjJypLB/LXZDrKW7L8XJc6fnztty87HWuc/2VbVn8xF8zbcXlsS/M5i/Or8xuJudGVixF7xtrFn9xcCUgiYndE7OmxjhNPf7ev07Hbx99FH9aZqt9GPFXv/wvREn8h6b4+Ofu/qCwdmC2uilv98uultzrVv6H4+yDr//+3vf5vxj+ZNK7Xrqy/jkt/fN7xnqbX6388eaeWHs/3fTS/unpmLmI8OVpvdOP+g2vnFvmifBb/9P72439nrL0SeyMiu4gfjohHIuLRvO2PRcTjEbG/S/w/v/rE+73HP1hZ/Ivr6v+1xHi07mmfKJ386fumSidvif9G9/4/XEtN53vu5P3vTtrV29UMAAAA/z1pRGyPJJ25mU7TmZn69+V3RaSV5ZXVZ44tf3h6sf4bgckop8WTromG56Fz+W19PX8xIupfLSiOH8qfG39d2lrLzywsVxaHHTyMuG0dxn/mz9KwWwcMnN9rwegy/mF0Gf8wuox/GF1txv/WYbQDuPvaff5/MoR2AHdfy/i37AcjxP0/jK6O438z/88/QI3PfxhJK1vj9j+S75oo/qUeT9+0iSj/K5qx8UQ1adu5kQ67YRKDTAz3fQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBf/gkAAP//qmHgTw==")
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x206e)

6.37884189s ago: executing program 1 (id=10642):
r0 = socket(0x40000000015, 0x5, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f0000000100))

6.130080956s ago: executing program 1 (id=10645):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r2 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000400)={'dummy0\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x20, r1, 0x1, 0x1000, 0x0, {0x2a}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40040}, 0x0)

5.68434975s ago: executing program 42 (id=10645):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
r2 = socket$tipc(0x1e, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000400)={'dummy0\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x20, r1, 0x1, 0x1000, 0x0, {0x2a}, [@ETHTOOL_A_LINKMODES_HEADER={0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x40040}, 0x0)

834.132009ms ago: executing program 3 (id=10672):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=@newsa={0x138, 0x1a, 0x1, 0xfffffffe, 0x100, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x1, 0x71c, 0x4e23, 0x5, 0x0, 0x0, 0x80, 0x29}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@dev={0xac, 0x14, 0x14, 0x25}, {0x0, 0x502a, 0x9ba3, 0xffff, 0x8251c, 0x5, 0x40}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0xfffffffa, 0xfffffffc}, 0x80, 0x3500, 0x2, 0x1, 0x2, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}, 0x6}}]}, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)

833.801033ms ago: executing program 3 (id=10673):
syz_usb_control_io(0xffffffffffffffff, &(0x7f0000000280)={0x2c, 0x0, 0x0, &(0x7f0000000080)={0x0, 0xf, 0x109, {0x5, 0xf, 0x109, 0x2, [@ss_container_id={0x14, 0x10, 0x4, 0xa4, "d020cc1951735fde2153409d5720016b"}, @generic={0xf0, 0x10, 0xa, "fb92429bd9d77380b32ea7d5b16cbbeec6ac54af459a4e1eef33e215a141b83a7a0449822aa3142c918f09e99fdfdbb28a0dff3bf7cb5ec8710c06832da8e0dfc5a52ab4e1878be12a736bda99924eb351ae9a8eeccd7fc88bd7250b48b0d8613de36307a01cc6f26b705b30ed6228ebe7aa8c01c13be5e977d119101bd9a320acc0b6ab45f0147016ca3484448b5e5370dc101f7cb83e5b7133ee7e44078b52ad4344be26b48259ef5c26df2a9fc43d5fea434563c677a9807caa7d93efa0f6e1d0ea0c4166fa48978edf4820fb92b64fb23cbcd18e0442264ff1cd3e8be830465275597051a029da75bd12e5"}]}}, 0x0, 0x0}, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000050030000090a030000000000000000000700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d04001280080003400000011008000c400000edd8f802098060000280"], 0x398}}, 0x0)

239.73738ms ago: executing program 3 (id=10676):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0xffffff, 0x0, 0x0, 0x7ff}, 0x10)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904001f000000fe000000000000000800040001000000", 0x24)

239.449021ms ago: executing program 2 (id=10677):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xc4, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0xfffffffffffffffc}, {0x0, 0xacb0, 0x400000000}, 0x400}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x4c050)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x13c, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x40000000000000}}, [@tmpl={0x84, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in=@broadcast, 0x0, 0x1, 0x3}, {{@in6=@mcast2, 0x0, 0x33}, 0x0, @in6=@dev, 0x0, 0x4}]}]}, 0x13c}}, 0x0)
syz_emit_ethernet(0x46, &(0x7f00000009c0)={@link_local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x10, 0x3a, 0xff, @dev, @mcast2, {[], @ndisc_ra}}}}}, 0x0)

239.361151ms ago: executing program 3 (id=10678):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x1, &(0x7f0000000100), 0x4)

176.16233ms ago: executing program 2 (id=10679):
r0 = openat$sequencer(0xffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$SNDCTL_TMR_SELECT(r0, 0x40045408)

175.979214ms ago: executing program 3 (id=10680):
r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000040)={0x0, 0xfff, 0x4, {0x9, @pix_mp={0x12, 0x5be7, 0xb5315258, 0x6, 0xb, [{0x80000004, 0x3}, {0x0, 0x5}, {0x10000005, 0xc3}, {0x6bd, 0x7fd}, {0x1, 0xb}, {0x7, 0x489aa92e}, {0x5, 0x1000005}, {0xff, 0x7}], 0x2, 0x20, 0x2, 0x0, 0x3}}, 0xfffffffd})

129.443242ms ago: executing program 3 (id=10681):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000140)=ANY=[@ANYBLOB="1201000000000040bd28050900000000000109022400010000000009040200010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f0000000180)=ANY=[@ANYBLOB="00017c"], 0x0, 0x0, 0x0, 0x0}, 0x0)

129.138473ms ago: executing program 2 (id=10682):
r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000080)={0x5, 0x1, 0x0, "9adf66552fcfb32bf84390dab923644869b200", 0x5634162d})

68.700082ms ago: executing program 2 (id=10683):
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000000)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x1, 0x2, 0x0, @loopback, @private1={0xfc, 0x1, '\x00', 0x1}}})

68.428648ms ago: executing program 2 (id=10684):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x4c, r1, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x83, 0x1}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8801}, 0x4000000)

0s ago: executing program 2 (id=10685):
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x800000000000001, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200), 0xa2442, 0x0)
r3 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0x1a3c65)
write$dsp(r2, &(0x7f00000004c0)='\x00', 0x1)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r3, 0xc0884113, &(0x7f0000000240)={0x1, 0x1fffffe, 0x2, 0x80008000006, 0x8000000000000000, 0x10000000005, 0xfffdfffffffffefb, 0xffffffffffffffff, 0xfffffffffffffffd, 0x100000004, 0xa, 0x2})

kernel console output (not intermixed with test programs):

erialNumber=3
[  779.824727][ T1274] usb 1-1: Product: syz
[  779.826194][ T1274] usb 1-1: Manufacturer: syz
[  779.827794][ T1274] usb 1-1: SerialNumber: syz
[  779.835579][ T1274] usb 1-1: config 0 descriptor??
[  779.878815][ T5911] uclogic 0003:28BD:0055.002D: interface is invalid, ignoring
[  779.944479][ T6877] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8871'.
[  779.951136][ T6877] netlink: 'syz.3.8871': attribute type 7 has an invalid length.
[  779.954626][ T6877] netlink: 'syz.3.8871': attribute type 8 has an invalid length.
[  779.957730][ T6877] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8871'.
[  780.042864][ T1274] airspy 1-1:0.0: usb_control_msg() failed -71 request 09
[  780.045555][ T1274] airspy 1-1:0.0: Could not detect board
[  780.047630][ T1274] airspy 1-1:0.0: probe with driver airspy failed with error -71
[  780.062003][ T1274] usb 1-1: USB disconnect, device number 60
[  780.074848][T23776] usb 2-1: USB disconnect, device number 34
[  780.089413][ T6898] tmpfs: Bad value for 'mpol'
[  780.626867][ T6915] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8880'.
[  780.631620][ T6915] chnl_net:caif_netlink_parms(): no params data found
[  780.751449][ T6928] netlink: 4 bytes leftover after parsing attributes in process `syz.1.8883'.
[  780.754852][ T6928] (unnamed net_device) (uninitialized): Invalid ad_actor_system MAC address.
[  780.758696][ T6928] (unnamed net_device) (uninitialized): option ad_actor_system: invalid value (7)
[  780.859821][ T6942] ip6gretap1: entered allmulticast mode
[  781.247363][ T6974] loop0: detected capacity change from 0 to 1024
[  781.274404][ T6974] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  781.279168][ T6974] ext4 filesystem being mounted at /1035/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  781.286396][ T6974] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #15: block 3: comm syz.0.8900: lblock 3 mapped to illegal pblock 3 (length 3)
[  781.309984][ T6974] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  781.314534][ T6974] EXT4-fs (loop0): This should not happen!! Data will be lost
[  781.314534][ T6974] 
[  781.321206][ T6974] EXT4-fs error (device loop0): ext4_ext_remove_space:2955: inode #15: comm syz.0.8900: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  781.328594][ T6974] EXT4-fs error (device loop0) in ext4_setattr:6071: Corrupt filesystem
[  781.340887][   T85] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  781.354496][   T85] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 32 with max blocks 16 with error 28
[  781.359847][   T85] EXT4-fs (loop0): This should not happen!! Data will be lost
[  781.359847][   T85] 
[  781.363069][   T85] EXT4-fs (loop0): Total free blocks count 0
[  781.365105][   T85] EXT4-fs (loop0): Free/Dirty block details
[  781.367062][   T85] EXT4-fs (loop0): free_blocks=4293918720
[  781.372194][   T85] EXT4-fs (loop0): dirty_blocks=16
[  781.373949][   T85] EXT4-fs (loop0): Block reservation details
[  781.788348][ T5895] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  781.963318][ T5895] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  781.975096][ T5895] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  781.984314][ T5895] usb 1-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00
[  781.990552][ T5895] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  781.997190][ T5895] usb 1-1: config 0 descriptor??
[  782.055688][ T7034] netlink: 40 bytes leftover after parsing attributes in process `syz.3.8917'.
[  782.421158][ T5895] steelseries 0003:1038:12B6.002E: item fetching failed at offset 5/7
[  782.424487][ T5895] steelseries 0003:1038:12B6.002E: probe with driver steelseries failed with error -22
[  782.428110][ T1274] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  782.581319][ T1274] usb 2-1: Using ep0 maxpacket: 16
[  782.590397][ T1274] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  782.596179][ T1274] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  782.601884][ T1274] usb 2-1: config 0 interface 0 has no altsetting 0
[  782.604202][ T1274] usb 2-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.00
[  782.607239][ T1274] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  782.618292][ T1274] usb 2-1: config 0 descriptor??
[  782.634829][T19469] usb 1-1: USB disconnect, device number 61
[  783.027895][ T1274] apple 0003:05AC:0247.002F: unexpected long global item
[  783.034726][ T1274] apple 0003:05AC:0247.002F: parse failed
[  783.036958][ T1274] apple 0003:05AC:0247.002F: probe with driver apple failed with error -22
[  783.045970][ T7095] openvswitch: netlink: Missing key (keys=40, expected=2000)
[  783.240350][ T1274] usb 2-1: USB disconnect, device number 35
[  783.598154][T19469] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  783.748040][T19469] usb 1-1: Using ep0 maxpacket: 32
[  783.751506][T19469] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  783.754362][T19469] usb 1-1: config 0 has no interface number 0
[  783.763453][T19469] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  783.772474][T19469] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  783.775503][T19469] usb 1-1: Product: syz
[  783.777052][T19469] usb 1-1: Manufacturer: syz
[  783.780673][T19469] usb 1-1: SerialNumber: syz
[  783.784417][T19469] usb 1-1: config 0 descriptor??
[  783.789048][T19469] smsc95xx v2.0.0
[  784.109624][ T7140] netlink: 'syz.1.8947': attribute type 1 has an invalid length.
[  784.202988][T19469] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  784.207485][T19469] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  784.456514][ T7152] netlink: 16 bytes leftover after parsing attributes in process `syz.3.8952'.
[  785.777586][T19469] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000038: -71
[  785.783970][T19469] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[  785.796162][T19469] usb 1-1: USB disconnect, device number 62
[  785.992088][ T7196] overlayfs: failed to clone upperpath
[  786.916510][ T7223] loop0: detected capacity change from 0 to 32768
[  786.935842][ T7223] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  786.995013][ T7223] XFS (loop0): Ending clean mount
[  787.148154][T25389] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  787.828695][ T5911] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  787.998132][ T5911] usb 1-1: Using ep0 maxpacket: 8
[  788.002052][ T5911] usb 1-1: config 0 has an invalid interface number: 150 but max is 0
[  788.005638][ T5911] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  788.019304][ T5911] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  788.022745][ T5911] usb 1-1: config 0 has 2 interfaces, different from the descriptor's value: 1
[  788.025608][ T5911] usb 1-1: config 0 has no interface number 0
[  788.028102][ T5911] usb 1-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  788.032263][ T5911] usb 1-1: config 0 interface 150 has no altsetting 0
[  788.034445][ T5911] usb 1-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75
[  788.037457][ T5911] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  788.042756][ T5911] usb 1-1: config 0 descriptor??
[  788.477379][ T5911] usb 1-1: USB disconnect, device number 63
[  789.052625][ T7273] loop0: detected capacity change from 0 to 1764
[  789.408288][ T5911] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[  789.578143][ T5911] usb 1-1: Using ep0 maxpacket: 8
[  789.583811][ T5911] usb 1-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  789.590167][ T5911] usb 1-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  789.594439][ T5911] usb 1-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  789.602162][ T5911] usb 1-1: config 0 interface 0 has no altsetting 0
[  789.605280][ T5911] usb 1-1: New USB device found, idVendor=056e, idProduct=011c, bcdDevice= 0.00
[  789.609172][ T5911] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  789.646736][ T5911] usb 1-1: config 0 descriptor??
[  790.068677][ T5911] elecom 0003:056E:011C.0030: item fetching failed at offset 3/5
[  790.072503][ T5911] elecom 0003:056E:011C.0030: probe with driver elecom failed with error -22
[  790.159015][ T5895] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  790.269908][ T5911] usb 1-1: USB disconnect, device number 64
[  790.308552][ T5895] usb 2-1: Using ep0 maxpacket: 32
[  790.312004][ T5895] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[  790.315152][ T5895] usb 2-1: config 0 has no interface number 0
[  790.317710][ T5895] usb 2-1: config 0 interface 12 has no altsetting 0
[  790.325629][ T5895] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  790.330023][ T5895] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  790.333414][ T5895] usb 2-1: Product: syz
[  790.335167][ T5895] usb 2-1: Manufacturer: syz
[  790.337498][ T5895] usb 2-1: SerialNumber: syz
[  790.343769][ T5895] usb 2-1: config 0 descriptor??
[  790.825640][ T7340] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9000'.
[  790.831897][ T7340] netlink: 8 bytes leftover after parsing attributes in process `syz.0.9000'.
[  791.248063][ T1274] usb 1-1: new full-speed USB device number 65 using dummy_hcd
[  791.399942][ T1274] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  791.403543][ T1274] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  791.409373][ T1274] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  791.412477][ T1274] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  791.415236][ T1274] usb 1-1: Product: syz
[  791.416639][ T1274] usb 1-1: Manufacturer: syz
[  791.419474][ T1274] usb 1-1: SerialNumber: syz
[  791.632943][ T1274] usb 1-1: 0:2 : does not exist
[  791.642667][ T1274] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  791.673693][ T1274] usb 1-1: USB disconnect, device number 65
[  791.715551][ T5471] udevd[5471]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  791.989817][ T5895] f81534 2-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  791.992279][ T5895] f81534 2-1:0.12: f81534_find_config_idx: read failed: -71
[  791.994593][ T5895] f81534 2-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  791.997178][ T5895] f81534 2-1:0.12: probe with driver f81534 failed with error -71
[  792.004738][ T5895] usb 2-1: USB disconnect, device number 36
[  792.517158][ T7405] netlink: 512 bytes leftover after parsing attributes in process `syz.1.9016'.
[  793.136746][ T7422] netlink: 12 bytes leftover after parsing attributes in process `syz.0.9022'.
[  793.453551][ T7433] loop1: detected capacity change from 0 to 4096
[  794.542746][ T7486] loop1: detected capacity change from 0 to 8192
[  794.595766][ T7486]  loop1: p1 p2 p3
[  794.597144][ T7486] loop1: partition table partially beyond EOD, truncated
[  794.600020][ T7486] loop1: p1 start 51379968 is beyond EOD, truncated
[  794.604347][ T7486] loop1: p3 size 100663552 extends beyond EOD, truncated
[  794.617375][ T5297]  loop1: p1 p2 p3
[  794.618885][ T5297] loop1: partition table partially beyond EOD, truncated
[  794.621453][ T5297] loop1: p1 start 51379968 is beyond EOD, truncated
[  794.627719][ T5297] loop1: p3 size 100663552 extends beyond EOD, truncated
[  794.685106][ T7502] batadv0: left promiscuous mode
[  794.703487][T25974] udevd[25974]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  794.710181][ T5471] udevd[5471]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  794.826087][ T7508] loop1: detected capacity change from 0 to 32768
[  794.876133][ T7502] netdevsim netdevsim3 netdevsim0: left promiscuous mode
[  794.919892][ T7502] gretap1: left promiscuous mode
[  794.923950][ T7502] bond3: left promiscuous mode
[  794.937733][ T7502] macvlan3: left promiscuous mode
[  794.945281][ T5875] netdevsim netdevsim3 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  794.949813][ T5875] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  794.952830][ T5875] netdevsim netdevsim3 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  794.955787][ T5875] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  794.981459][ T5875] netdevsim netdevsim3 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  794.984571][ T5875] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  794.987809][ T5875] netdevsim netdevsim3 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  794.991281][ T5875] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  795.043787][ T7527] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9053'.
[  796.739241][ T1118] block nbd0: Possible stuck request ffff888022ac0000: control (read@0,1024B). Runtime 90 seconds
[  796.742770][ T1118] block nbd0: Possible stuck request ffff888022ac0200: control (read@1024,1024B). Runtime 90 seconds
[  796.746459][ T1118] block nbd0: Possible stuck request ffff888022ac0400: control (read@2048,1024B). Runtime 90 seconds
[  796.750704][ T1118] block nbd0: Possible stuck request ffff888022ac0600: control (read@3072,1024B). Runtime 90 seconds
[  797.422173][   T33] kauditd_printk_skb: 47 callbacks suppressed
[  797.422207][   T33] audit: type=1326 audit(2000001062.309:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7669 comm="syz.3.9091" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd32258ebe9 code=0x0
[  797.428135][ T5911] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  797.601863][ T5911] usb 2-1: config 102 has an invalid interface number: 120 but max is 0
[  797.605236][ T5911] usb 2-1: config 102 has no interface number 0
[  797.607922][ T5911] usb 2-1: config 102 interface 120 has no altsetting 0
[  797.612798][ T5911] usb 2-1: New USB device found, idVendor=10fd, idProduct=de00, bcdDevice= 0.01
[  797.616590][ T5911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.620599][ T5911] usb 2-1: Product: syz
[  797.621998][ T5911] usb 2-1: Manufacturer: syz
[  797.623598][ T5911] usb 2-1: SerialNumber: syz
[  797.839281][ T5911] go7007 2-1:102.120: The Lifeview TV Walker Ultra is not supported. Sorry!
[  797.846250][ T5911] usb 2-1: USB disconnect, device number 37
[  799.591655][ T7741] loop1: detected capacity change from 0 to 256
[  800.646706][ T7765] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9118'.
[  800.652189][ T7765] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9118'.
[  800.706883][ T7769] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9120'.
[  800.832279][ T7779] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9124'.
[  800.836620][ T7777] netlink: 60 bytes leftover after parsing attributes in process `syz.1.9124'.
[  800.960074][ T7787] loop1: detected capacity change from 0 to 2048
[  800.971689][ T7787] UDF-fs: warning (device loop1): udf_fill_super: No fileset found
[  801.025404][ T7792] loop1: detected capacity change from 0 to 1024
[  801.032209][ T7792] EXT4-fs: Ignoring removed bh option
[  801.034614][ T7792] EXT4-fs: Ignoring removed orlov option
[  801.337472][ T7802] loop1: detected capacity change from 0 to 32768
[  801.603986][ T7809] loop1: detected capacity change from 0 to 32768
[  801.725678][ T7823] loop1: detected capacity change from 0 to 8
[  802.676925][ T7848] sp0: Synchronizing with TNC
[  802.944702][ T7886] netlink: 24 bytes leftover after parsing attributes in process `syz.3.9155'.
[  802.974024][ T7897] kAFS: unable to lookup cell '.,'
[  802.990109][ T7886] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9155'.
[  803.112295][ T7918] netlink: 'syz.1.9160': attribute type 83 has an invalid length.
[  804.199306][ T7941] loop1: detected capacity change from 0 to 40427
[  805.599710][ T8010] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9190'.
[  805.640564][ T8014] loop1: detected capacity change from 0 to 1764
[  806.158188][ T5895] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  806.319728][ T5895] usb 2-1: descriptor type invalid, skip
[  806.323998][ T5895] usb 2-1: config 0 has no interfaces?
[  806.327299][ T5895] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=df.40
[  806.330378][ T5895] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  806.333196][ T5895] usb 2-1: Product: syz
[  806.334698][ T5895] usb 2-1: SerialNumber: syz
[  806.339803][ T5895] usb 2-1: config 0 descriptor??
[  806.549229][ T5895] usb 2-1: USB disconnect, device number 38
[  807.021910][ T8061] sctp: [Deprecated]: syz.3.9206 (pid 8061) Use of struct sctp_assoc_value in delayed_ack socket option.
[  807.021910][ T8061] Use struct sctp_sack_info instead
[  808.128868][ T8089] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  808.128868][ T8089] The task syz.1.9215 (8089) triggered the difference, watch for misbehavior.
[  808.262681][ T1366] ieee802154 phy0 wpan0: encryption failed: -22
[  808.265513][ T1366] ieee802154 phy1 wpan1: encryption failed: -22
[  809.011857][ T8098] loop1: detected capacity change from 0 to 512
[  809.083287][ T8104] loop1: detected capacity change from 0 to 256
[  809.090565][ T8104] FAT-fs (loop1): bogus logical sector size 0
[  809.095094][ T8104] FAT-fs (loop1): Can't find a valid FAT filesystem
[  809.149676][ T8113] loop1: detected capacity change from 0 to 1024
[  809.152814][ T8113] hfsplus: Unknown parameter 'creatS'
[  809.157323][ T5238] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  809.159904][ T8113] CIFS mount error: No usable UNC path provided in device string!
[  809.159904][ T8113] 
[  809.159923][ T8113] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  809.175042][ T5238] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  809.179298][ T5238] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  809.182216][ T5238] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  809.184956][ T5238] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  809.246778][ T8110] lo speed is unknown, defaulting to 1000
[  809.406962][ T8110] chnl_net:caif_netlink_parms(): no params data found
[  809.551839][ T8110] bridge0: port 1(bridge_slave_0) entered blocking state
[  809.554600][ T8110] bridge0: port 1(bridge_slave_0) entered disabled state
[  809.557024][ T8110] bridge_slave_0: entered allmulticast mode
[  809.573169][ T8110] bridge_slave_0: entered promiscuous mode
[  809.581732][ T8110] bridge0: port 2(bridge_slave_1) entered blocking state
[  809.586439][ T8110] bridge0: port 2(bridge_slave_1) entered disabled state
[  809.590349][ T8110] bridge_slave_1: entered allmulticast mode
[  809.594653][ T8110] bridge_slave_1: entered promiscuous mode
[  809.594752][ T8306] x_tables: ip_tables: udp match: only valid for protocol 17
[  809.673932][ T8110] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  809.681722][ T8110] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  809.782939][ T8110] team0: Port device team_slave_0 added
[  809.786204][ T8110] team0: Port device team_slave_1 added
[  809.812764][ T8368] netlink: 'syz.1.9238': attribute type 8 has an invalid length.
[  809.854073][ T8110] batman_adv: batadv0: Adding interface: batadv_slave_0
[  810.043516][ T8395] ptrace attach of "/syz-executor exec"[7597] was attempted by "/syz-executor exec"[8395]
[  810.049803][ T8110] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  810.059597][ T8110] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  810.066204][ T8110] batman_adv: batadv0: Adding interface: batadv_slave_1
[  810.069458][ T8110] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  810.078385][ T8110] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  810.131176][ T8110] hsr_slave_0: entered promiscuous mode
[  810.133695][ T8110] hsr_slave_1: entered promiscuous mode
[  810.136219][ T8110] debugfs: 'hsr0' already exists in 'hsr'
[  810.138651][ T8110] Cannot create hsr debugfs directory
[  810.296919][ T5238] Bluetooth: hci3: Malformed LE Event: 0x1d
[  810.340603][ T8498] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  810.342848][ T8498] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  810.350697][ T8498] vhci_hcd vhci_hcd.0: Device attached
[  810.598631][ T9855] vhci_hcd: vhci_device speed not set
[  810.618276][ T8520] netlink: 'syz.3.9245': attribute type 1 has an invalid length.
[  810.621850][ T8520] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9245'.
[  810.658317][ T5895] usb 2-1: new low-speed USB device number 39 using dummy_hcd
[  810.665703][ T9855] usb 35-1: new full-speed USB device number 2 using vhci_hcd
[  810.823459][ T5895] usb 2-1: config 0 has no interfaces?
[  810.826327][ T5895] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  810.829368][ T5895] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  810.834614][ T5895] usb 2-1: config 0 descriptor??
[  811.044955][ T5895] usb 2-1: USB disconnect, device number 39
[  811.047704][ T8499] vhci_hcd: unknown pdu 2
[  811.063442][ T5875] vhci_hcd: stop threads
[  811.065246][ T5875] vhci_hcd: release socket
[  811.078630][ T5875] vhci_hcd: disconnect device
[  811.108326][ T9855] vhci_hcd: vhci_device speed not set
[  811.142737][ T8110] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  811.147314][ T8110] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  811.152013][ T8110] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  811.156277][ T8110] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  811.220298][ T5238] Bluetooth: hci4: command tx timeout
[  811.220702][ T8110] 8021q: adding VLAN 0 to HW filter on device bond0
[  811.230298][ T8571] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9247'.
[  811.242066][ T8110] 8021q: adding VLAN 0 to HW filter on device team0
[  811.251163][T11620] bridge0: port 1(bridge_slave_0) entered blocking state
[  811.253514][T11620] bridge0: port 1(bridge_slave_0) entered forwarding state
[  811.261431][T11620] bridge0: port 2(bridge_slave_1) entered blocking state
[  811.263836][T11620] bridge0: port 2(bridge_slave_1) entered forwarding state
[  811.381713][ T8110] 8021q: adding VLAN 0 to HW filter on device batadv0
[  811.410662][ T8110] veth0_vlan: entered promiscuous mode
[  811.417254][ T8110] veth1_vlan: entered promiscuous mode
[  811.436881][ T8110] veth0_macvtap: entered promiscuous mode
[  811.442527][ T8110] veth1_macvtap: entered promiscuous mode
[  811.451355][ T8110] batman_adv: batadv0: Interface activated: batadv_slave_0
[  811.457775][ T8110] batman_adv: batadv0: Interface activated: batadv_slave_1
[  811.465528][ T5875] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  811.468641][ T5875] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  811.472056][ T5875] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  811.475955][ T5875] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  811.546870][   T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  811.551070][   T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  811.590000][T21221] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  811.592674][T21221] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  812.068377][ T8607] loop2: detected capacity change from 0 to 512
[  812.083708][ T8607] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  812.087862][ T8607] ext4 filesystem being mounted at /2/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  812.119092][ T8607] EXT4-fs error (device loop2): ext4_ext_check_inode:523: inode #2: comm syz.2.9252: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  812.139663][ T8607] EXT4-fs (loop2): Remounting filesystem read-only
[  812.154713][ T8110] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  812.386311][ T8636] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  812.415059][ T8644] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9264'.
[  812.491184][ T8654] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9269'.
[  812.494302][ T8654] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9269'.
[  812.497221][ T8654] netlink: 'syz.3.9269': attribute type 12 has an invalid length.
[  812.506688][ T8654] netlink: 'syz.3.9269': attribute type 11 has an invalid length.
[  812.902557][ T8702] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9283'.
[  812.918850][ T9855] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  813.081277][ T9855] usb 3-1: Using ep0 maxpacket: 32
[  813.085268][ T9855] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[  813.087923][ T9855] usb 3-1: config 0 has no interface number 0
[  813.090213][ T9855] usb 3-1: config 0 interface 184 has no altsetting 0
[  813.094367][ T9855] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  813.097362][ T9855] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  813.100356][ T9855] usb 3-1: Product: syz
[  813.101698][ T9855] usb 3-1: Manufacturer: syz
[  813.103321][ T9855] usb 3-1: SerialNumber: syz
[  813.106229][ T9855] usb 3-1: config 0 descriptor??
[  813.110362][ T9855] smsc75xx v1.0.0
[  813.298276][ T5238] Bluetooth: hci4: command tx timeout
[  813.715190][ T9855] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  813.719686][ T9855] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  813.918327][ T8739] comedi comedi2: comedi_parport: I/O port conflict (0xe,3)
[  814.038919][   T33] audit: type=1326 audit(2000001078.919:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8744 comm="syz.1.9299" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6c6698ebe9 code=0x0
[  814.239930][ T8762] syz.3.9306: attempt to access beyond end of device
[  814.239930][ T8762] loop7: rw=0, sector=0, nr_sectors = 1 limit=0
[  814.244403][ T8762] FAT-fs (loop7): unable to read boot sector
[  814.526428][ T9855] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  814.535915][ T9855] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  814.539847][ T9855] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  814.543462][ T9855] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71
[  814.548951][ T9855] usb 3-1: USB disconnect, device number 36
[  815.268544][ T8812] loop1: detected capacity change from 0 to 4096
[  815.379189][ T5895] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  815.381048][ T5238] Bluetooth: hci4: command tx timeout
[  815.538669][ T5895] usb 3-1: Using ep0 maxpacket: 8
[  815.545579][ T5895] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  815.548655][ T5895] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  815.551341][ T5895] usb 3-1: Product: syz
[  815.552893][ T5895] usb 3-1: Manufacturer: syz
[  815.554657][ T5895] usb 3-1: SerialNumber: syz
[  815.557896][ T5895] usb 3-1: config 0 descriptor??
[  815.563121][ T5895] gspca_main: sq930x-2.14.0 probing 2770:930c
[  815.578467][T19469] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  815.728229][T19469] usb 2-1: Using ep0 maxpacket: 8
[  815.731900][T19469] usb 2-1: config 253 has an invalid interface number: 176 but max is 0
[  815.735357][T19469] usb 2-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  815.738972][T19469] usb 2-1: config 253 has no interface number 0
[  815.741072][T19469] usb 2-1: config 253 interface 176 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  815.745509][T19469] usb 2-1: config 253 interface 176 has no altsetting 0
[  815.750485][T19469] usb 2-1: New USB device found, idVendor=046d, idProduct=0990, bcdDevice=25.28
[  815.753497][T19469] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  815.756217][T19469] usb 2-1: Product: syz
[  815.757627][T19469] usb 2-1: Manufacturer: syz
[  815.759382][T19469] usb 2-1: SerialNumber: syz
[  815.767471][T19469] usb 2-1: cannot find UAC_HEADER
[  815.790295][T19469] snd-usb-audio 2-1:253.176: probe with driver snd-usb-audio failed with error -22
[  815.815080][ T5471] udevd[5471]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:253.176/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  815.966603][ T5895] gspca_sq930x: ucbus_write failed -71
[  815.969333][ T5895] sq930x 3-1:0.0: probe with driver sq930x failed with error -71
[  815.973263][ T5895] usb 3-1: USB disconnect, device number 37
[  815.977790][T25974] udevd[25974]: setting mode of /dev/bus/usb/003/037 to 020664 failed: No such file or directory
[  815.983033][ T5910] usb 2-1: USB disconnect, device number 40
[  815.984432][T25974] udevd[25974]: setting owner of /dev/bus/usb/003/037 to uid=0, gid=0 failed: No such file or directory
[  816.828736][ T5910] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  816.982486][ T5910] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  816.987079][ T5910] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  816.991253][ T5910] usb 3-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  816.994337][ T5910] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  817.001361][ T5910] usb 3-1: config 0 descriptor??
[  817.423543][ T5910] arvo 0003:1E7D:30D4.0031: unknown main item tag 0x0
[  817.432625][ T5910] arvo 0003:1E7D:30D4.0031: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.2-1/input0
[  817.458183][ T5238] Bluetooth: hci4: command tx timeout
[  817.582278][ T8885] netlink: 44 bytes leftover after parsing attributes in process `syz.1.9332'.
[  817.693606][ T8896] syzkaller0: entered promiscuous mode
[  817.695619][ T8896] syzkaller0: entered allmulticast mode
[  817.841944][ T5910] usb 3-1: USB disconnect, device number 38
[  818.710670][ T5875] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  822.720023][ T5297] udevd[5297]: worker [27701] /devices/virtual/block/nbd0 is taking a long time
[  824.105655][ T9015] loop2: detected capacity change from 0 to 128
[  824.328214][ T8602] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  824.717834][ T9029] loop2: detected capacity change from 0 to 32768
[  824.722503][ T9029] jfs: Unknown parameter ''
[  824.734400][ T9035] netlink: 'syz.3.9375': attribute type 12 has an invalid length.
[  824.736938][ T9035] netlink: 9472 bytes leftover after parsing attributes in process `syz.3.9375'.
[  824.838508][ T8602] usb 2-1: Using ep0 maxpacket: 8
[  824.843407][ T8602] usb 2-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  824.846976][ T8602] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  824.851609][ T8602] usb 2-1: Product: syz
[  824.853100][ T8602] usb 2-1: Manufacturer: syz
[  824.854955][ T8602] usb 2-1: SerialNumber: syz
[  824.859116][ T8602] usb 2-1: config 0 descriptor??
[  824.864199][ T8602] gspca_main: sq905-2.14.0 probing 2770:9120
[  825.125412][ T9066] loop2: detected capacity change from 0 to 512
[  825.141378][ T9066] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.9384: iget: bad i_size value: 38620345925642
[  825.145842][ T9066] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.9384: couldn't read orphan inode 15 (err -117)
[  825.150827][ T9066] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  825.183725][ T8110] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  825.246875][ T9077] loop2: detected capacity change from 0 to 8
[  825.270513][ T9077] SQUASHFS error: xz decompression failed, data probably corrupt
[  825.273133][ T9077] SQUASHFS error: Failed to read block 0x108: -5
[  825.275275][ T9077] SQUASHFS error: Unable to read metadata cache entry [106]
[  825.278477][ T9077] SQUASHFS error: Unable to read inode 0x11f
[  825.380805][ T9087] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9388'.
[  825.509510][ T9096] skbuff: bad partial csum: csum=65506/2 headroom=178 headlen=65526
[  825.607302][ T9102] CIFS mount error: No usable UNC path provided in device string!
[  825.607302][ T9102] 
[  825.613136][ T9102] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  825.788509][ T8602] gspca_sq905: sq905_command: usb_control_msg failed (-110)
[  825.791210][ T8602] sq905 2-1:0.0: probe with driver sq905 failed with error -110
[  826.000005][ T5895] usb 2-1: USB disconnect, device number 41
[  826.181079][ T5238] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  826.185221][ T5238] CPU: 0 UID: 0 PID: 5238 Comm: kworker/u11:1 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  826.185238][ T5238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  826.185247][ T5238] Workqueue: hci4 hci_rx_work
[  826.185263][ T5238] Call Trace:
[  826.185270][ T5238]  <TASK>
[  826.185275][ T5238]  dump_stack_lvl+0x189/0x250
[  826.185292][ T5238]  ? __pfx_dump_stack_lvl+0x10/0x10
[  826.185302][ T5238]  ? __pfx__printk+0x10/0x10
[  826.185319][ T5238]  ? kernfs_path_from_node+0x250/0x290
[  826.185332][ T5238]  ? kernfs_path_from_node+0x2f/0x290
[  826.185344][ T5238]  sysfs_create_dir_ns+0x259/0x280
[  826.185357][ T5238]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  826.185367][ T5238]  ? do_raw_spin_unlock+0x4d/0x240
[  826.185380][ T5238]  kobject_add_internal+0x59f/0xb40
[  826.185395][ T5238]  kobject_add+0x155/0x220
[  826.185407][ T5238]  ? __pfx_kobject_add+0x10/0x10
[  826.185418][ T5238]  ? _raw_spin_unlock+0x28/0x50
[  826.185429][ T5238]  ? get_device_parent+0x366/0x3a0
[  826.185442][ T5238]  device_add+0x408/0xb50
[  826.185455][ T5238]  hci_conn_add_sysfs+0xd5/0x1e0
[  826.185468][ T5238]  le_conn_complete_evt+0xc3a/0x1220
[  826.185483][ T5238]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  826.185493][ T5238]  ? __mutex_unlock_slowpath+0x1a1/0x760
[  826.185502][ T5238]  ? __asan_memcpy+0x40/0x70
[  826.185513][ T5238]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  826.185522][ T5238]  ? skb_pull_data+0xfb/0x200
[  826.185532][ T5238]  hci_le_conn_complete_evt+0x187/0x450
[  826.185545][ T5238]  hci_event_packet+0x78f/0x1200
[  826.185558][ T5238]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  826.185568][ T5238]  ? __pfx_hci_event_packet+0x10/0x10
[  826.185580][ T5238]  ? kcov_remote_start+0x4d3/0x7f0
[  826.185590][ T5238]  ? lockdep_hardirqs_on+0x90/0x150
[  826.185601][ T5238]  ? hci_send_to_monitor+0xe2/0x570
[  826.185611][ T5238]  hci_rx_work+0x46a/0xe80
[  826.185622][ T5238]  ? process_scheduled_works+0x9ef/0x17b0
[  826.185631][ T5238]  process_scheduled_works+0xae1/0x17b0
[  826.185652][ T5238]  ? __pfx_process_scheduled_works+0x10/0x10
[  826.185675][ T5238]  worker_thread+0x8a0/0xda0
[  826.185695][ T5238]  kthread+0x711/0x8a0
[  826.185706][ T5238]  ? __pfx_worker_thread+0x10/0x10
[  826.185714][ T5238]  ? __pfx_kthread+0x10/0x10
[  826.185724][ T5238]  ? _raw_spin_unlock_irq+0x23/0x50
[  826.185731][ T5238]  ? lockdep_hardirqs_on+0x9c/0x150
[  826.185739][ T5238]  ? __pfx_kthread+0x10/0x10
[  826.185749][ T5238]  ret_from_fork+0x3fc/0x770
[  826.185759][ T5238]  ? __pfx_ret_from_fork+0x10/0x10
[  826.185769][ T5238]  ? __switch_to_asm+0x39/0x70
[  826.185779][ T5238]  ? __switch_to_asm+0x33/0x70
[  826.185787][ T5238]  ? __pfx_kthread+0x10/0x10
[  826.185797][ T5238]  ret_from_fork_asm+0x1a/0x30
[  826.185813][ T5238]  </TASK>
[  826.185832][ T5238] kobject: kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  826.291043][ T5238] Bluetooth: hci4: failed to register connection device
[  826.302266][ T9151] CIFS: VFS: Malformed UNC in devname
[  826.819292][ T1118] block nbd0: Possible stuck request ffff888022ac0000: control (read@0,1024B). Runtime 120 seconds
[  826.823104][ T1118] block nbd0: Possible stuck request ffff888022ac0200: control (read@1024,1024B). Runtime 120 seconds
[  826.826786][ T1118] block nbd0: Possible stuck request ffff888022ac0400: control (read@2048,1024B). Runtime 120 seconds
[  826.830541][ T1118] block nbd0: Possible stuck request ffff888022ac0600: control (read@3072,1024B). Runtime 120 seconds
[  827.269116][ T9188] loop2: detected capacity change from 0 to 32768
[  827.273638][ T9188] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.9423 (9188)
[  827.281289][ T9188] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  827.284799][ T9188] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  827.370568][ T9188] BTRFS info (device loop2): rebuilding free space tree
[  827.388495][ T9188] BTRFS info (device loop2): disabling free space tree
[  827.394930][ T9188] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  827.405037][ T9188] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  827.700450][ T9231] loop1: detected capacity change from 0 to 32768
[  827.704147][ T9231] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.9429 (9231)
[  827.710215][ T9231] BTRFS error: failed to open device for path /dev/loop1 with flags 0x23: -13
[  827.782535][ T9237] sp0: Synchronizing with TNC
[  827.904204][ T8110] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  828.338677][ T5238] Bluetooth: hci4: command tx timeout
[  828.619625][ T9255] loop1: detected capacity change from 0 to 2048
[  829.340916][ T9303] loop1: detected capacity change from 0 to 512
[  829.344133][ T9303] EXT4-fs: Ignoring removed orlov option
[  829.368372][ T9303] journal_path: Lookup failure for './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
[  829.374772][ T9303] EXT4-fs: error: could not find journal device path
[  829.550356][ T9317] netlink: 'syz.2.9452': attribute type 1 has an invalid length.
[  829.664092][ T9329] loop1: detected capacity change from 0 to 136
[  829.676761][ T9329] Attempt to read inode for relocated directory
[  829.937937][ T9340] netlink: 4280 bytes leftover after parsing attributes in process `syz.2.9457'.
[  829.941522][ T9340] netlink: 4280 bytes leftover after parsing attributes in process `syz.2.9457'.
[  830.678452][T19469] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  830.828174][T19469] usb 2-1: Using ep0 maxpacket: 16
[  830.842623][T19469] usb 2-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  830.850812][T19469] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  830.853572][T19469] usb 2-1: Product: syz
[  830.854985][T19469] usb 2-1: Manufacturer: syz
[  830.856650][T19469] usb 2-1: SerialNumber: syz
[  830.870387][T19469] usb 2-1: config 0 descriptor??
[  830.883077][T19469] appledisplay 2-1:0.0: Could not find int-in endpoint
[  830.893797][T19469] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  831.090388][T19469] usb 2-1: USB disconnect, device number 42
[  832.542612][ T9417] netlink: 16 bytes leftover after parsing attributes in process `syz.2.9481'.
[  832.676804][ T9425] loop2: detected capacity change from 0 to 2048
[  832.698528][ T9425] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  832.892477][   T33] audit: type=1326 audit(2000001097.769:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9447 comm="syz.1.9492" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c6698ebe9 code=0x7ffc0000
[  832.902532][   T33] audit: type=1326 audit(2000001097.779:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9447 comm="syz.1.9492" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c6698ebe9 code=0x7ffc0000
[  832.932705][   T33] audit: type=1326 audit(2000001097.819:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9447 comm="syz.1.9492" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6c6698d550 code=0x7ffc0000
[  832.954055][   T33] audit: type=1326 audit(2000001097.819:504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9447 comm="syz.1.9492" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f6c6698d550 code=0x7ffc0000
[  832.984006][   T33] audit: type=1326 audit(2000001097.819:505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9447 comm="syz.1.9492" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c6698ebe9 code=0x7ffc0000
[  833.000575][   T33] audit: type=1326 audit(2000001097.819:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9447 comm="syz.1.9492" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c6698ebe9 code=0x7ffc0000
[  833.017113][   T33] audit: type=1326 audit(2000001097.829:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9447 comm="syz.1.9492" exe="/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7f6c6698ebe9 code=0x7ffc0000
[  833.224815][   T33] audit: type=1326 audit(2000001097.829:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9447 comm="syz.1.9492" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c6698ebe9 code=0x7ffc0000
[  833.231960][   T33] audit: type=1326 audit(2000001097.829:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9447 comm="syz.1.9492" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c6698ebe9 code=0x7ffc0000
[  833.291796][ T9464] /dev/nullb0: Can't lookup blockdev
[  833.314382][ T9462] loop1: detected capacity change from 0 to 8192
[  833.349544][T25974]  loop1: p3 < >
[  833.365682][ T9462]  loop1: p3 < >
[  833.427814][T25974] udevd[25974]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  833.683451][ T9486] loop1: detected capacity change from 0 to 32768
[  833.973646][ T9499] loop1: detected capacity change from 0 to 32768
[  834.066708][ T9505] loop2: detected capacity change from 0 to 32768
[  834.176623][ T9505] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  834.176637][ T9505]   allowing incompatible features above 0.0: (unknown version)
[  834.176642][ T9505]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  834.204488][ T9505] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  834.207311][ T9505] bcachefs (loop2): initializing new filesystem
[  834.234632][ T9505] bcachefs (loop2): going read-write
[  834.288315][ T9505] bcachefs (loop2): marking superblocks
[  834.315053][ T9505] bcachefs (loop2): initializing freespace
[  834.336755][ T9505] bcachefs (loop2): done initializing freespace
[  834.347194][ T9505] bcachefs (loop2): reading snapshots table
[  834.361405][ T9505] bcachefs (loop2): reading snapshots done
[  834.391107][ T9557] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9518'.
[  834.395262][ T9505] bcachefs (loop2):  loop2: Superblock write was silently dropped! (seq 0 expected 42)
[  834.400708][ T9505] bcachefs (loop2): done starting filesystem
[  834.455445][ T9565] loop1: detected capacity change from 0 to 1024
[  834.551348][ T8110] bcachefs (loop2): shutting down
[  834.553087][ T8110] bcachefs (loop2): going read-only
[  834.554796][ T8110] bcachefs (loop2): finished waiting for writes to stop
[  834.561970][ T8110] bcachefs (loop2): flushing journal and stopping allocators, journal seq 2
[  834.636574][ T8110] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[  834.641429][ T8110] bcachefs (loop2): clean shutdown complete, journal seq 4
[  834.644201][ T8110] bcachefs (loop2): marking filesystem clean
[  834.672131][ T8110] bcachefs (loop2): shutdown complete
[  835.068217][ T8602] usb 2-1: new low-speed USB device number 43 using dummy_hcd
[  835.228187][ T3364] Bluetooth: hci4: command 0x0405 tx timeout
[  835.232802][ T8602] usb 2-1: config 65 has an invalid interface number: 95 but max is 0
[  835.235624][ T8602] usb 2-1: config 65 has no interface number 0
[  835.241924][ T8602] usb 2-1: string descriptor 0 read error: -22
[  835.244076][ T8602] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=6f.b6
[  835.247160][ T8602] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  835.256090][ T8602] usbtest 2-1:65.95: Linux gadget zero
[  835.258128][ T8602] usbtest 2-1:65.95: low-speed {control in/out} tests (+alt)
[  835.459501][ T5895] usb 2-1: USB disconnect, device number 43
[  835.871760][ T9624] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9525'.
[  835.874679][ T9624] netlink: 24 bytes leftover after parsing attributes in process `syz.2.9525'.
[  836.178239][ T8602] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  836.331503][ T9687] netlink: 596 bytes leftover after parsing attributes in process `syz.3.9557'.
[  836.344237][ T8602] usb 3-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[  836.347177][ T8602] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  836.351001][ T8602] usb 3-1: Product: syz
[  836.356954][ T8602] usb 3-1: Manufacturer: syz
[  836.359546][ T8602] usb 3-1: SerialNumber: syz
[  836.363151][ T8602] usb 3-1: config 0 descriptor??
[  836.445730][ T9698] ptrace attach of "/syz-executor exec"[7597] was attempted by ""[9698]
[  837.012701][ T9702] netlink: 28 bytes leftover after parsing attributes in process `syz.3.9563'.
[  837.064721][ T9708] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9565'.
[  837.067822][ T9708] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9565'.
[  837.073806][ T9708] netlink: 'syz.3.9565': attribute type 18 has an invalid length.
[  837.076443][ T9708] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9565'.
[  837.161135][   T33] audit: type=1326 audit(2000001102.049:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9684 comm="syz.1.9556" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6c6698ebe9 code=0x7fc00000
[  837.381543][ T8602] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  837.386395][ T8602] asix 3-1:0.0: probe with driver asix failed with error -71
[  837.391350][ T8602] usb 3-1: USB disconnect, device number 39
[  837.478350][ T5911] usb 2-1: new high-speed USB device number 44 using dummy_hcd
[  837.628323][ T5911] usb 2-1: Using ep0 maxpacket: 32
[  837.633265][ T5911] usb 2-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  837.640439][ T5911] usb 2-1: New USB device found, idVendor=04e2, idProduct=1410, bcdDevice=81.85
[  837.644505][ T5911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  837.649110][ T5911] usb 2-1: Product: syz
[  837.650987][ T5911] usb 2-1: Manufacturer: syz
[  837.652882][ T5911] usb 2-1: SerialNumber: syz
[  837.664396][ T5911] xr_serial 2-1:253.0: failed to claim sibling interface: -16
[  837.666994][ T5911] xr_serial 2-1:253.0: probe with driver xr_serial failed with error -16
[  837.870573][ T5910] usb 2-1: USB disconnect, device number 44
[  837.977550][ T9752] loop2: detected capacity change from 0 to 256
[  838.006080][ T9752] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  838.169093][ T9759] loop2: detected capacity change from 0 to 32768
[  838.172654][ T9759] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.9577 (9759)
[  838.184848][ T9759] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  838.190051][ T9759] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  838.192778][ T9759] BTRFS info (device loop2): using free-space-tree
[  838.239266][   T33] kauditd_printk_skb: 39 callbacks suppressed
[  838.239278][   T33] audit: type=1800 audit(2000001103.129:550): pid=9759 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.9577" name="file1" dev="loop2" ino=260 res=0 errno=0
[  838.289649][ T8110] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  838.476637][ T9784] loop1: detected capacity change from 0 to 256
[  838.600141][ T9799] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.9582'.
[  838.677586][   T33] audit: type=1326 audit(2000001103.559:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9805 comm="syz.1.9583" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6c6698ebe9 code=0x0
[  839.118328][ T5895] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  839.274953][ T5895] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  839.278795][ T5895] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  839.281988][ T5895] usb 3-1: Product: syz
[  839.283672][ T5895] usb 3-1: Manufacturer: syz
[  839.285874][ T5895] usb 3-1: SerialNumber: syz
[  839.293162][ T5895] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  839.305142][ T5910] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  839.724601][ T5911] usb 3-1: USB disconnect, device number 40
[  839.909195][ T5895] usb 2-1: new low-speed USB device number 45 using dummy_hcd
[  840.060499][ T5895] usb 2-1: unable to get BOS descriptor or descriptor too short
[  840.067443][ T5895] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[  840.072235][ T5895] usb 2-1: config 0 has no interface number 0
[  840.074156][ T5895] usb 2-1: config 0 interface 105 altsetting 10 endpoint 0xE is Bulk; changing to Interrupt
[  840.086714][ T5895] usb 2-1: config 0 interface 105 has no altsetting 0
[  840.093750][ T5895] usb 2-1: string descriptor 0 read error: -22
[  840.095824][ T5895] usb 2-1: New USB device found, idVendor=1943, idProduct=2250, bcdDevice= 0.01
[  840.099945][ T5895] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  840.106231][ T5895] usb 2-1: config 0 descriptor??
[  840.110636][ T9848] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  840.115024][ T5895] usb 2-1: Found UVC 0.00 device <unnamed> (1943:2250)
[  840.117327][ T5895] usb 2-1: No valid video chain found.
[  840.124888][ T5895] go7007 2-1:0.105: Sensoray 2250 found
[  840.126776][ T5895] go7007 2-1:0.105: probe with driver go7007 failed with error -12
[  840.338946][ T5910] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  840.340138][T19469] usb 2-1: USB disconnect, device number 45
[  840.341355][ T5910] ath9k_htc: Failed to initialize the device
[  840.345736][ T5911] usb 3-1: ath9k_htc: USB layer deinitialized
[  841.138376][ T5911] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  841.216103][ T9907] netlink: 12 bytes leftover after parsing attributes in process `syz.2.9612'.
[  841.229234][ T9907] netlink: 'syz.2.9612': attribute type 2 has an invalid length.
[  841.272900][ T9909] netlink: 'syz.2.9613': attribute type 11 has an invalid length.
[  841.288237][ T5911] usb 2-1: Using ep0 maxpacket: 8
[  841.301288][ T5911] usb 2-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  841.304660][ T5911] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  841.307265][ T5911] usb 2-1: Product: syz
[  841.318089][ T5911] usb 2-1: Manufacturer: syz
[  841.319770][ T5911] usb 2-1: SerialNumber: syz
[  841.331024][ T5911] usb 2-1: config 0 descriptor??
[  841.337111][ T5911] gspca_main: sq930x-2.14.0 probing 2770:930c
[  842.408314][ T5911] gspca_sq930x: reg_w 0105 0f00 failed -71
[  842.631312][ T5911] gspca_sq930x: Sensor ov9630 not yet treated
[  842.633313][ T5911] sq930x 2-1:0.0: probe with driver sq930x failed with error -22
[  842.644637][ T5911] usb 2-1: USB disconnect, device number 46
[  842.979158][ T9983] loop1: detected capacity change from 0 to 1024
[  842.982465][ T9983] EXT4-fs: Ignoring removed bh option
[  842.984663][ T9983] EXT4-fs (loop1): invalid inodes per group: 204800
[  842.984663][ T9983] 
[  843.088212][T19469] usb 3-1: new low-speed USB device number 41 using dummy_hcd
[  843.141553][ T9998] netlink: 8 bytes leftover after parsing attributes in process `syz.1.9646'.
[  843.165249][    C0] vkms_vblank_simulate: vblank timer overrun
[  843.276598][T19469] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  843.282014][T19469] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  843.288588][T19469] usb 3-1: config 0 descriptor??
[  843.550155][T10014] loop1: detected capacity change from 0 to 256
[  844.304078][T10024] loop1: detected capacity change from 0 to 64
[  844.324394][T10024] loop1: detected capacity change from 0 to 512
[  844.640415][T10051] loop1: detected capacity change from 0 to 32768
[  844.714118][T10051] syz.1.9658: attempt to access beyond end of device
[  844.714118][T10051] loop1: rw=0, sector=0, nr_sectors = 1 limit=0
[  844.729242][T10051] exFAT-fs (loop1): unable to read boot sector
[  844.731387][T10051] exFAT-fs (loop1): failed to read boot sector
[  844.733489][T10051] exFAT-fs (loop1): failed to recognize exfat type
[  844.930557][T10077] loop1: detected capacity change from 0 to 512
[  845.066760][T10090] netlink: 28 bytes leftover after parsing attributes in process `syz.1.9669'.
[  845.384737][T10105] loop1: detected capacity change from 0 to 32768
[  845.578593][T19469] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  845.583163][T19469] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[  845.587027][T19469] asix 3-1:0.0: probe with driver asix failed with error -71
[  845.609061][T19469] usb 3-1: USB disconnect, device number 41
[  846.902961][T10158] tmpfs: User quota inode hardlimit too large.
[  847.250714][T10176] input: syz0 as /devices/virtual/input/input52
[  847.773658][T10196] loop2: detected capacity change from 0 to 8
[  848.021943][T10206] loop2: detected capacity change from 0 to 164
[  848.212529][   T33] audit: type=1326 audit(2000001113.099:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10202 comm="syz.3.9705" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd32258ebe9 code=0x0
[  848.428620][ T5910] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  848.588171][ T5910] usb 3-1: Using ep0 maxpacket: 32
[  848.592751][ T5910] usb 3-1: config 0 has an invalid interface number: 23 but max is 0
[  848.595578][ T5910] usb 3-1: config 0 has no interface number 0
[  848.597680][ T5910] usb 3-1: config 0 interface 23 has no altsetting 0
[  848.604504][ T5910] usb 3-1: New USB device found, idVendor=0557, idProduct=2002, bcdDevice=b6.ad
[  848.607543][ T5910] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  848.610462][ T5910] usb 3-1: Product: syz
[  848.611908][ T5910] usb 3-1: Manufacturer: syz
[  848.613487][ T5910] usb 3-1: SerialNumber: syz
[  848.617706][ T5910] usb 3-1: config 0 descriptor??
[  848.642537][T10237] loop1: detected capacity change from 0 to 32768
[  848.646392][T10237] bcachefs (/dev/loop1): error reading superblock: error opening /dev/loop1: EACCES
[  848.649580][T10237] bcachefs: bch2_fs_get_tree() error: EACCES
[  848.837871][ T5910] kaweth 3-1:0.23: Firmware present in device.
[  848.967579][T10256] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9716'.
[  849.185840][ T5910] kaweth 3-1:0.23: Statistics collection: 0
[  849.187871][ T5910] kaweth 3-1:0.23: Multicast filter limit: 0
[  849.189891][ T5910] kaweth 3-1:0.23: MTU: 0
[  849.191276][ T5910] kaweth 3-1:0.23: Read MAC address 00:00:00:00:00:00
[  849.707535][ T5910] kaweth 3-1:0.23: Error setting receive filter
[  849.711225][ T5910] kaweth 3-1:0.23: probe with driver kaweth failed with error -5
[  849.722095][ T5910] usb 3-1: USB disconnect, device number 42
[  849.747522][T10280] loop1: detected capacity change from 0 to 512
[  850.272829][T10294] loop1: detected capacity change from 0 to 32768
[  850.276321][T10294] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.9728 (10294)
[  850.283679][T10294] BTRFS error: failed to open device for path /dev/loop1 with flags 0x23: -13
[  850.447499][T10316] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  850.521114][T10325] netdevsim netdevsim3: Firmware load for '../file0/../file0/../file0' refused, path contains '..' component
[  850.561769][T10329] loop1: detected capacity change from 0 to 256
[  850.570604][T10329] exfat: Deprecated parameter 'utf8'
[  850.572685][T10329] exfat: Deprecated parameter 'namecase'
[  850.574514][T10329] exfat: Deprecated parameter 'utf8'
[  850.623206][T10330] loop2: detected capacity change from 0 to 4096
[  850.630465][T10330] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  850.681752][T10330] ntfs3(loop2): $AttrDef is corrupted.
[  850.908403][T23776] usb 2-1: new high-speed USB device number 47 using dummy_hcd
[  851.058350][T23776] usb 2-1: device descriptor read/64, error -71
[  851.598350][T23776] usb 2-1: new high-speed USB device number 48 using dummy_hcd
[  851.679941][T10364] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  851.688907][T10364] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  851.696435][T10364] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  851.705983][T10364] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  851.710832][T10364] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  851.714965][T10364] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  851.719030][T10364] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  851.721909][T10364] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  851.728186][T10364] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  852.027613][T10368] loop2: detected capacity change from 0 to 512
[  852.034453][T10368] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  852.045364][T10368] EXT4-fs (loop2): 1 truncate cleaned up
[  852.047895][T10368] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  852.059211][T23776] usb 2-1: device descriptor read/64, error -71
[  852.092242][ T8110] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  852.173089][T23776] usb usb2-port1: attempt power cycle
[  852.510988][T10400] wireguard: wg1: Could not create IPv4 socket
[  852.578481][T23776] usb 2-1: new high-speed USB device number 49 using dummy_hcd
[  852.599432][T23776] usb 2-1: device descriptor read/8, error -71
[  852.838181][T23776] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  852.858700][T23776] usb 2-1: device descriptor read/8, error -71
[  852.968843][T23776] usb usb2-port1: unable to enumerate USB device
[  853.404416][T10420] loop2: detected capacity change from 0 to 512
[  853.409662][T10420] EXT4-fs (loop2): Test dummy encryption mode enabled
[  853.412464][T10420] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  853.422129][T10420] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.9764: bad orphan inode 131083
[  853.426845][T10420] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  853.455511][ T8110] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  853.530692][T10431] loop2: detected capacity change from 0 to 512
[  853.544394][T10431] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  853.552993][T10431] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[  853.556628][T10431] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.9766: Corrupt directory, running e2fsck is recommended
[  853.564739][T10431] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  853.567617][T10431] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.9766: corrupted in-inode xattr: e_name out of bounds
[  853.578847][T10431] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.9766: couldn't read orphan inode 15 (err -117)
[  853.591360][T10431] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  853.619315][ T8110] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  854.238236][ T5911] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  854.390286][ T5911] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  854.393465][ T5911] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  854.396765][ T5911] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  854.400640][ T5911] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  854.404787][ T5911] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  854.410769][ T5911] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  854.413951][ T5911] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  854.417319][ T5911] usb 2-1: Product: syz
[  854.419865][ T5911] usb 2-1: Manufacturer: syz
[  854.428989][ T5911] cdc_wdm 2-1:1.0: skipping garbage
[  854.430776][ T5911] cdc_wdm 2-1:1.0: skipping garbage
[  854.440887][ T5911] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  854.443002][ T5911] cdc_wdm 2-1:1.0: Unknown control protocol
[  854.821301][   T33] audit: type=1800 audit(2000001119.709:553): pid=10482 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.9776" name="nullb0" dev="tmpfs" ino=11705 res=0 errno=0
[  854.991018][    C1] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  856.767134][ T5911] usb 2-1: USB disconnect, device number 51
[  856.800235][T10503] netlink: 6 bytes leftover after parsing attributes in process `syz.1.9783'.
[  856.807245][T10503] net_ratelimit: 45 callbacks suppressed
[  856.807257][T10503] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  856.950732][ T1118] block nbd0: Possible stuck request ffff888022ac0000: control (read@0,1024B). Runtime 150 seconds
[  856.954358][ T1118] block nbd0: Possible stuck request ffff888022ac0200: control (read@1024,1024B). Runtime 150 seconds
[  856.958020][ T1118] block nbd0: Possible stuck request ffff888022ac0400: control (read@2048,1024B). Runtime 150 seconds
[  856.961780][ T1118] block nbd0: Possible stuck request ffff888022ac0600: control (read@3072,1024B). Runtime 150 seconds
[  856.997226][T10521] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9787'.
[  857.045292][T10521] netlink: 8 bytes leftover after parsing attributes in process `syz.3.9787'.
[  857.176060][   T33] audit: type=1326 audit(2000001122.059:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10579 comm="syz.1.9796" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6c6698ebe9 code=0x0
[  857.373721][T10591] loop2: detected capacity change from 0 to 164
[  857.387814][T10591] Unable to read rock-ridge attributes
[  857.411012][T10591] ISOFS: unable to read i-node block
[  857.485191][T10605] netlink: 'syz.2.9803': attribute type 2 has an invalid length.
[  857.752780][T10633] overlayfs: conflicting options: metacopy=on,redirect_dir=nofollow
[  857.828309][ T1274] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  857.886974][T10643] netlink: 64 bytes leftover after parsing attributes in process `syz.3.9819'.
[  857.978217][ T1274] usb 3-1: Using ep0 maxpacket: 16
[  857.982109][ T1274] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xD has an invalid bInterval 0, changing to 7
[  857.989470][ T1274] usb 3-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  857.993236][ T1274] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  857.996495][ T1274] usb 3-1: Product: syz
[  857.998969][ T1274] usb 3-1: Manufacturer: syz
[  858.001723][ T1274] usb 3-1: SerialNumber: syz
[  858.006999][ T1274] usb 3-1: config 0 descriptor??
[  858.022275][ T1274] hub 3-1:0.0: bad descriptor, ignoring hub
[  858.025302][ T1274] hub 3-1:0.0: probe with driver hub failed with error -5
[  858.039321][ T1274] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  858.282590][   T33] audit: type=1326 audit(2000001123.169:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10617 comm="syz.2.9808" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8f4318ebe9 code=0x0
[  858.328219][T23776] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  858.388854][ T1274] usb 3-1: USB disconnect, device number 43
[  858.478474][T23776] usb 2-1: Using ep0 maxpacket: 32
[  858.483081][T23776] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  858.486417][T23776] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  858.491501][T23776] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  858.494435][T23776] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  858.497114][T23776] usb 2-1: Product: syz
[  858.498864][T23776] usb 2-1: Manufacturer: syz
[  858.500503][T23776] usb 2-1: SerialNumber: syz
[  858.503561][T23776] usb 2-1: config 0 descriptor??
[  858.917841][ T1274] usb 2-1: USB disconnect, device number 52
[  860.793204][T10784] loop2: detected capacity change from 0 to 1024
[  860.803988][T10784] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  860.827417][T10784] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  860.845744][   T33] audit: type=1804 audit(2000001125.729:556): pid=10784 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.9860" name="/newroot/150/file1/file1" dev="loop2" ino=15 res=1 errno=0
[  860.860406][T10784] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: inode #11: comm syz.2.9860: missing EA_INODE flag
[  860.873476][T10784] EXT4-fs (loop2): Remounting filesystem read-only
[  860.895340][ T8110] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  860.979944][ T1274] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[  861.117573][T10810] loop2: detected capacity change from 0 to 128
[  861.127172][T10810] ufs: You didn't specify the type of your ufs filesystem
[  861.127172][T10810] 
[  861.127172][T10810] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  861.127172][T10810] 
[  861.127172][T10810] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  861.145832][ T1274] usb 2-1: Using ep0 maxpacket: 16
[  861.153992][T10810] ufs: ufstype=old is supported read-only
[  861.160211][ T1274] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  861.163476][ T1274] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  861.166265][T10810] ufs: ufs_fill_super(): bad magic number
[  861.167063][ T1274] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  861.172823][ T1274] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  861.176998][ T1274] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  861.185747][ T1274] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  861.188761][ T1274] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  861.198267][ T1274] usb 2-1: Manufacturer: syz
[  861.205491][ T1274] usb 2-1: config 0 descriptor??
[  861.538225][ T1274] rc_core: IR keymap rc-hauppauge not found
[  861.540233][ T1274] Registered IR keymap rc-empty
[  861.542024][ T1274] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  861.558260][ T1274] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  861.588754][ T1274] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  861.593747][ T1274] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input53
[  861.611061][ T1274] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  861.628253][ T1274] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  861.648257][ T1274] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  861.673774][ T1274] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  861.688355][ T1274] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  861.718481][ T1274] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  861.738270][ T1274] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  861.758299][ T1274] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  861.778699][ T1274] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  861.798229][ T1274] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  861.831311][ T1274] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  861.834410][ T1274] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  861.882871][T23776] usb 2-1: USB disconnect, device number 53
[  862.709319][ T8602] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  862.798222][ T1274] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  862.858293][ T8602] usb 3-1: Using ep0 maxpacket: 8
[  862.860577][ T8602] usb 3-1: too many configurations: 245, using maximum allowed: 8
[  862.864044][ T8602] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  862.868534][ T8602] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  862.873371][ T8602] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  862.877606][ T8602] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  862.883475][ T8602] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  862.887743][ T8602] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  862.892006][ T8602] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  862.896202][ T8602] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  862.901438][ T8602] usb 3-1: New USB device found, idVendor=20a6, idProduct=1105, bcdDevice=c2.eb
[  862.904442][ T8602] usb 3-1: New USB device strings: Mfr=144, Product=230, SerialNumber=250
[  862.907118][ T8602] usb 3-1: Product: syz
[  862.908524][ T8602] usb 3-1: Manufacturer: syz
[  862.910176][ T8602] usb 3-1: SerialNumber: syz
[  862.913838][ T8602] usb 3-1: config 0 descriptor??
[  862.917820][ T8602] rndis_host 3-1:0.0: invalid descriptor buffer length
[  862.920340][ T8602] usb 3-1: bad CDC descriptors
[  862.922577][ T8602] option 3-1:0.0: GSM modem (1-port) converter detected
[  862.981523][ T1274] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice=f6.00
[  862.984506][ T1274] usb 2-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  862.987185][ T1274] usb 2-1: Product: syz
[  862.989030][ T1274] usb 2-1: SerialNumber: syz
[  862.991981][ T1274] usb 2-1: config 0 descriptor??
[  863.121407][T23776] usb 3-1: USB disconnect, device number 44
[  863.124284][T23776] option 3-1:0.0: device disconnected
[  863.200243][ T1274] hso 2-1:0.0: Failed to find BULK IN ep
[  863.403661][T23776] usb 2-1: USB disconnect, device number 54
[  863.668688][T10950] loop2: detected capacity change from 0 to 1024
[  863.675448][T10950] hfsplus: request for non-existent node 3 in B*Tree
[  863.690431][T10950] hfsplus: request for non-existent node 3 in B*Tree
[  863.832483][T10963] loop2: detected capacity change from 0 to 4096
[  863.845349][T10963] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  863.855495][T10963] ntfs3(loop2): ino=1a, mi_enum_attr
[  863.857274][T10963] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  863.861012][T10963] ntfs3(loop2): ino=1a, mi_enum_attr
[  863.862722][T10963] ntfs3(loop2): Failed to initialize $Extend/$Reparse.
[  863.877373][   T33] audit: type=1800 audit(2000001128.759:557): pid=10963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.9901" name="file1" dev="loop2" ino=24 res=0 errno=0
[  864.080484][T10988] loop2: detected capacity change from 0 to 16
[  864.087940][T10988] erofs (device loop2): rootino(nid 36) is not a directory(i_mode 66300)
[  864.548174][ T8602] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  864.698756][ T8602] usb 3-1: Using ep0 maxpacket: 8
[  864.702244][ T8602] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  864.711795][ T8602] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  864.731855][ T8602] pvrusb2: Hardware description: Terratec Grabster AV400
[  864.734302][ T8602] pvrusb2: **********
[  864.735673][ T8602] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  864.741831][ T8602] pvrusb2: Important functionality might not be entirely working.
[  864.748598][ T8602] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  864.771201][ T8602] pvrusb2: **********
[  864.863960][T11058] netlink: 'syz.1.9932': attribute type 1 has an invalid length.
[  864.866656][T11058] netlink: 16 bytes leftover after parsing attributes in process `syz.1.9932'.
[  864.933313][ T2399] pvrusb2: Invalid write control endpoint
[  865.060426][ T2399] pvrusb2: Invalid write control endpoint
[  865.062720][ T2399] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  865.070471][ T2399] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  865.072878][ T2399] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  865.076077][ T2399] pvrusb2: Device being rendered inoperable
[  865.090885][ T2399] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  865.093645][ T2399] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  865.107122][ T2399] pvrusb2: Attached sub-driver cx25840
[  865.110159][ T2399] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  865.114861][ T2399] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  865.134629][ T9855] usb 3-1: USB disconnect, device number 45
[  865.548186][   T33] audit: type=1326 audit(2000001130.259:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11079 comm="syz.3.9936" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  865.555519][   T33] audit: type=1326 audit(2000001130.259:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11079 comm="syz.3.9936" exe="/syz-executor" sig=0 arch=c000003e syscall=99 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  865.562677][   T33] audit: type=1326 audit(2000001130.259:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11079 comm="syz.3.9936" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  865.570010][   T33] audit: type=1326 audit(2000001130.259:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11079 comm="syz.3.9936" exe="/syz-executor" sig=0 arch=c000003e syscall=223 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  865.577235][   T33] audit: type=1326 audit(2000001130.259:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11079 comm="syz.3.9936" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  865.585050][   T33] audit: type=1326 audit(2000001130.259:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11079 comm="syz.3.9936" exe="/syz-executor" sig=0 arch=c000003e syscall=190 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  865.592274][   T33] audit: type=1326 audit(2000001130.259:564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11079 comm="syz.3.9936" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  865.599393][   T33] audit: type=1326 audit(2000001130.259:565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11079 comm="syz.3.9936" exe="/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  865.805481][T11093] netlink: 384 bytes leftover after parsing attributes in process `syz.1.9937'.
[  866.002107][T11109] xt_socket: unknown flags 0x50
[  866.076152][T11100] loop1: detected capacity change from 0 to 40427
[  866.210677][T11122] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  867.041172][ T8602] usb 2-1: new full-speed USB device number 55 using dummy_hcd
[  867.092806][T11167] loop2: detected capacity change from 0 to 4096
[  867.107416][T11167] ntfs3(loop2): Primary boot: invalid bytes per sector 1792.
[  867.115329][T11167] ntfs3(loop2): try to read out of volume at offset 0x1ffe00
[  867.206949][ T8602] usb 2-1: config 0 has an invalid interface number: 251 but max is 0
[  867.214459][ T8602] usb 2-1: config 0 has no interface number 0
[  867.226149][ T8602] usb 2-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  867.248325][ T8602] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  867.251000][ T8602] usb 2-1: Product: syz
[  867.252374][ T8602] usb 2-1: Manufacturer: syz
[  867.254577][ T8602] usb 2-1: SerialNumber: syz
[  867.278732][ T8602] usb 2-1: config 0 descriptor??
[  867.510106][T11203] loop2: detected capacity change from 0 to 1024
[  867.551842][T11203] hfsplus: b-tree write err: -5, ino 3
[  867.583957][ T4000] hfsplus: b-tree write err: -5, ino 3
[  867.613247][T11215] netlink: 8 bytes leftover after parsing attributes in process `syz.2.9977'.
[  867.710755][T11224] loop2: detected capacity change from 0 to 512
[  867.738031][T11224] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  867.743846][T11224] ext4 filesystem being mounted at /193/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  867.768702][ T8110] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  867.893410][ T8602] asix 2-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  867.903575][ T8602] asix 2-1:0.251 (unnamed net_device) (uninitialized): Failed to read software interface selection register: -71
[  867.911482][ T8602] asix 2-1:0.251: probe with driver asix failed with error -71
[  867.933938][ T8602] usb 2-1: USB disconnect, device number 55
[  868.363716][T11287] loop2: detected capacity change from 0 to 512
[  868.392606][T11287] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.10000: casefold flag without casefold feature
[  868.397398][T11287] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.10000: couldn't read orphan inode 15 (err -117)
[  868.408971][T11287] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  868.441028][T11293] program syz.1.10001 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  868.467223][ T8110] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  868.575928][T11304] loop2: detected capacity change from 0 to 1024
[  868.589689][T11304] EXT4-fs: Ignoring removed orlov option
[  868.632003][T11304] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  868.660864][ T8110] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  868.839573][T11319] loop2: detected capacity change from 0 to 32768
[  868.849151][T11319] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.10009 (11319)
[  868.863779][T11319] BTRFS info (device loop2): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  868.869610][T11319] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  868.872847][T11319] BTRFS info (device loop2): using free-space-tree
[  868.927343][ T8110] BTRFS info (device loop2): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  868.957740][    C1] vkms_vblank_simulate: vblank timer overrun
[  869.061107][T11343] loop1: detected capacity change from 0 to 4096
[  869.068721][T11343] ntfs3: Invalid value for umask.
[  869.701288][ T1366] ieee802154 phy0 wpan0: encryption failed: -22
[  869.703999][ T1366] ieee802154 phy1 wpan1: encryption failed: -22
[  870.086288][T11408] netlink: 'syz.2.10031': attribute type 28 has an invalid length.
[  870.403390][T11433] ceph: No source
[  870.467352][T11435] IPVS: Scheduler module ip_vs_sip not found
[  870.640168][T11452] bridge0: port 1(wlan0) entered blocking state
[  870.642636][T11452] bridge0: port 1(wlan0) entered disabled state
[  870.644825][T11452] mac80211_hwsim hwsim9 wlan0: entered allmulticast mode
[  870.650240][T11452] mac80211_hwsim hwsim9 wlan0: entered promiscuous mode
[  870.666724][T11446] loop1: detected capacity change from 0 to 32768
[  870.672755][T11446] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.10044 (11446)
[  870.682457][T11446] BTRFS error: failed to open device for path /dev/loop1 with flags 0x23: -13
[  870.721726][T11458] openvswitch: netlink: EtherType 0 is less than min 600
[  871.089069][T11483] loop1: detected capacity change from 0 to 32768
[  871.097302][T11483] bcachefs (/dev/loop1): error reading superblock: error opening /dev/loop1: EACCES
[  871.109052][T11483] bcachefs: bch2_fs_get_tree() error: EACCES
[  871.169928][T11501] loop1: detected capacity change from 0 to 256
[  871.424011][T11529] loop2: detected capacity change from 0 to 512
[  871.476216][T11529] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  871.490238][T11529] ext4 filesystem being mounted at /227/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  871.514760][   T33] kauditd_printk_skb: 25 callbacks suppressed
[  871.514777][   T33] audit: type=1800 audit(2000001136.399:591): pid=11529 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.10073" name="file2" dev="loop2" ino=16 res=0 errno=0
[  871.601728][ T8110] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  871.725625][ T1274] usb 2-1: new full-speed USB device number 56 using dummy_hcd
[  871.881687][ T1274] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  871.885429][ T1274] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  871.889135][ T1274] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  871.892618][ T1274] usb 2-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[  871.905559][ T1274] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  871.908959][ T1274] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  871.911897][ T1274] usb 2-1: Product: syz
[  871.913485][ T1274] usb 2-1: Manufacturer: syz
[  871.915218][ T1274] usb 2-1: SerialNumber: syz
[  871.938003][T11541] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  871.948753][ T1274] usb 2-1: selecting invalid altsetting 1
[  872.171633][ T1274] cdc_ncm 2-1:1.0: bind() failure
[  872.191027][ T1274] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  872.193329][ T1274] cdc_ncm 2-1:1.1: bind() failure
[  872.223961][ T1274] usb 2-1: USB disconnect, device number 56
[  872.701151][   T33] audit: type=1326 audit(2000001137.589:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11568 comm="syz.3.10080" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  872.712086][   T33] audit: type=1326 audit(2000001137.589:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11568 comm="syz.3.10080" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  872.728700][   T33] audit: type=1326 audit(2000001137.599:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11568 comm="syz.3.10080" exe="/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  872.761958][   T33] audit: type=1326 audit(2000001137.599:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11568 comm="syz.3.10080" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  872.784387][   T33] audit: type=1326 audit(2000001137.599:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11568 comm="syz.3.10080" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  872.916592][T11577] netlink: 16 bytes leftover after parsing attributes in process `syz.1.10083'.
[  872.939708][T11577] bond0: entered promiscuous mode
[  872.941390][T11577] bond_slave_0: entered promiscuous mode
[  872.955038][T11577] bond_slave_1: entered promiscuous mode
[  872.958891][T11577] bond0: left promiscuous mode
[  872.960448][T11577] bond_slave_0: left promiscuous mode
[  872.965421][T11577] bond_slave_1: left promiscuous mode
[  872.972095][T11582] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10084'.
[  872.979522][T11582] netlink: 16 bytes leftover after parsing attributes in process `syz.2.10084'.
[  873.589212][T11617] loop2: detected capacity change from 0 to 1024
[  873.610558][   T33] audit: type=1800 audit(2000001138.499:597): pid=11617 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.10094" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop2" ino=25 res=0 errno=0
[  873.677209][   T33] audit: type=1326 audit(2000001138.559:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11625 comm="syz.3.10096" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x0
[  873.750967][T11632] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  874.050270][ T8602] usb 3-1: new full-speed USB device number 46 using dummy_hcd
[  874.156335][T11652] loop1: detected capacity change from 0 to 512
[  874.224921][ T8602] usb 3-1: unable to get BOS descriptor or descriptor too short
[  874.225420][ T8602] usb 3-1: not running at top speed; connect to a high speed hub
[  874.226437][ T8602] usb 3-1: config 1 interface 0 altsetting 90 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  874.226460][ T8602] usb 3-1: config 1 interface 0 has no altsetting 0
[  874.240371][ T8602] usb 3-1: New USB device found, idVendor=05ac, idProduct=0253, bcdDevice= 0.40
[  874.240391][ T8602] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  874.240400][ T8602] usb 3-1: Product: syz
[  874.240407][ T8602] usb 3-1: Manufacturer: syz
[  874.240414][ T8602] usb 3-1: SerialNumber: syz
[  874.244938][T11639] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  874.485048][ T8602] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input54
[  874.494948][ T5282] bcm5974 3-1:1.0: could not read from device
[  874.497480][ T5282] bcm5974 3-1:1.0: could not read from device
[  874.506013][ T5282] bcm5974 3-1:1.0: could not read from device
[  874.511473][ T8602] usb 3-1: USB disconnect, device number 46
[  874.514393][ T5282] bcm5974 3-1:1.0: could not read from device
[  876.546547][T11719] netlink: 20 bytes leftover after parsing attributes in process `syz.1.10118'.
[  876.550294][T11719] netlink: 36 bytes leftover after parsing attributes in process `syz.1.10118'.
[  876.702242][T11735] overlayfs: upper fs does not support tmpfile.
[  876.812394][   T33] audit: type=1326 audit(2000001141.699:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11749 comm="syz.2.10129" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f4318ebe9 code=0x7ffc0000
[  876.831456][   T33] audit: type=1326 audit(2000001141.709:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11749 comm="syz.2.10129" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8f4318d550 code=0x7ffc0000
[  876.847579][   T33] audit: type=1326 audit(2000001141.709:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11749 comm="syz.2.10129" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f8f4318d550 code=0x7ffc0000
[  876.855759][   T33] audit: type=1326 audit(2000001141.709:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11749 comm="syz.2.10129" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f4318ebe9 code=0x7ffc0000
[  876.867592][   T33] audit: type=1326 audit(2000001141.709:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11749 comm="syz.2.10129" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f4318ebe9 code=0x7ffc0000
[  876.875585][ T9855] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  876.877600][T11756] netlink: 'syz.2.10131': attribute type 298 has an invalid length.
[  876.879826][   T33] audit: type=1326 audit(2000001141.709:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11749 comm="syz.2.10129" exe="/syz-executor" sig=0 arch=c000003e syscall=8 compat=0 ip=0x7f8f4318ebe9 code=0x7ffc0000
[  876.891547][   T33] audit: type=1326 audit(2000001141.709:605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11749 comm="syz.2.10129" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f4318ebe9 code=0x7ffc0000
[  876.903270][   T33] audit: type=1326 audit(2000001141.709:606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11749 comm="syz.2.10129" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f4318ebe9 code=0x7ffc0000
[  876.912267][   T33] audit: type=1326 audit(2000001141.709:607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11749 comm="syz.2.10129" exe="/syz-executor" sig=0 arch=c000003e syscall=78 compat=0 ip=0x7f8f4318ebe9 code=0x7ffc0000
[  876.923128][   T33] audit: type=1326 audit(2000001141.709:608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11749 comm="syz.2.10129" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8f4318ebe9 code=0x7ffc0000
[  877.044213][ T9855] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  877.047281][ T9855] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  877.056603][ T9855] usb 2-1: Product: syz
[  877.060389][ T9855] usb 2-1: Manufacturer: syz
[  877.062305][ T9855] usb 2-1: SerialNumber: syz
[  877.076925][ T9855] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  877.106903][ T9855] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  877.249542][T11787] loop2: detected capacity change from 0 to 32768
[  877.255158][T11787] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.10141 (11787)
[  877.262401][T11787] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  877.265772][T11787] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  877.330623][T11787] BTRFS info (device loop2): using free-space-tree
[  877.423164][ T8110] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  877.808883][T23776] usb 2-1: USB disconnect, device number 57
[  878.341530][ T9855] usb 2-1: Service connection timeout for: 256
[  878.343603][ T9855] ath9k_htc 2-1:1.0: ath9k_htc: Unable to initialize HTC services
[  878.364918][ T9855] ath9k_htc: Failed to initialize the device
[  878.367108][T23776] usb 2-1: ath9k_htc: USB layer deinitialized
[  878.374555][T11837] netlink: 209840 bytes leftover after parsing attributes in process `syz.1.10150'.
[  878.557983][T11834] loop2: detected capacity change from 0 to 40427
[  878.566174][T11834] F2FS-fs: heap/no_heap options were deprecated
[  878.578340][T11834] F2FS-fs (loop2): Invalid segment count (1)
[  878.580358][T11834] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  878.591670][T11834] F2FS-fs (loop2): invalid crc value
[  878.620518][T11834] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  878.624158][T11834] F2FS-fs (loop2): Try to recover 1th superblock, ret: -30
[  878.626553][T11834] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  879.114606][T11864] overlayfs: failed to clone upperpath
[  879.142272][T11862] loop2: detected capacity change from 0 to 32768
[  879.153897][T11862] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.10155 (11862)
[  879.170076][T11862] BTRFS error: invalid seeding and uuid-changed device detected
[  879.304474][T11879] netlink: 60 bytes leftover after parsing attributes in process `syz.2.10161'.
[  879.307510][T11879] netlink: 35 bytes leftover after parsing attributes in process `syz.2.10161'.
[  879.489372][T11885] loop2: detected capacity change from 0 to 32768
[  879.952455][T11919] loop1: detected capacity change from 0 to 32768
[  879.960685][T11919] bcachefs (/dev/loop1): error reading superblock: error opening /dev/loop1: EACCES
[  879.963850][T11919] bcachefs: bch2_fs_get_tree() error: EACCES
[  880.015616][T11932] 9pnet: p9_errstr2errno: server reported unknown error @c0xffffffffffffffff
[  880.250764][T11939] loop1: detected capacity change from 0 to 32768
[  880.346458][T11960] netlink: 146840 bytes leftover after parsing attributes in process `syz.2.10184'.
[  880.910022][T12006] hfsplus: unable to find HFS+ superblock
[  881.287310][T12009] loop2: detected capacity change from 0 to 32768
[  881.928305][T12029] netlink: 'syz.2.10204': attribute type 1 has an invalid length.
[  882.191196][T12056] vxcan1: entered allmulticast mode
[  882.307270][T12019] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  882.309407][T12066] netlink: 'syz.2.10215': attribute type 4 has an invalid length.
[  882.492899][T12094] netlink: 24 bytes leftover after parsing attributes in process `syz.1.10225'.
[  882.595417][T12108] loop2: detected capacity change from 0 to 512
[  882.620441][T12108] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.10232: casefold flag without casefold feature
[  882.627842][T12108] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.10232: couldn't read orphan inode 15 (err -117)
[  882.636884][T12108] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  882.662357][ T8110] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  882.927351][T12131] loop2: detected capacity change from 0 to 32768
[  883.132344][T12142] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10241'.
[  883.197096][T12153] loop2: detected capacity change from 0 to 256
[  883.205866][T12153] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[  883.210486][T12153] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  883.342259][T12168] loop2: detected capacity change from 0 to 16
[  883.347193][T12168] erofs (device loop2): mounted with root inode @ nid 36.
[  883.449613][T12182] netlink: 'syz.2.10253': attribute type 12 has an invalid length.
[  883.453063][T12182] netlink: 120 bytes leftover after parsing attributes in process `syz.2.10253'.
[  883.528446][T12189] ALSA: mixer_oss: invalid OSS volume ''
[  883.533894][T12189] ALSA: mixer_oss: invalid OSS volume 'udFdsj@Jug0cd'
[  883.537443][T12189] ALSA: mixer_oss: invalid OSS volume 'NW֓YZS%fV'
[  883.547359][T12189] ALSA: mixer_oss: invalid OSS volume ''lȿDTBxN'
[  883.551116][T12189] ALSA: mixer_oss: invalid OSS volume 'y'
[  883.553091][T12189] ALSA: mixer_oss: invalid OSS volume '5y}9r~M+3'
[  883.562937][T12189] ALSA: mixer_oss: invalid OSS volume '϶*kC9d7띦2;"'
[  883.565392][T12189] ALSA: mixer_oss: invalid OSS volume '*ndV8mE5:4'
[  883.568015][T12189] ALSA: mixer_oss: invalid OSS volume 'PKڵ1}{N&Ia8*ʇ'
[  883.572588][T12189] ALSA: mixer_oss: invalid OSS volume 'OC"['m/AO^G&-'
[  883.575492][T12189] ALSA: mixer_oss: invalid OSS volume ''
[  883.577456][T12189] ALSA: mixer_oss: invalid OSS volume '@HV-=f#o)U.N'
[  883.586195][T12189] ALSA: mixer_oss: invalid OSS volume '^&8HLV^\LP&҉\'
[  883.590389][T12189] ALSA: mixer_oss: invalid OSS volume '82p<2Iq܁¹UAԺ%A'
[  883.593106][T12189] ALSA: mixer_oss: invalid OSS volume 'Q'
[  883.632478][T12201] loop2: detected capacity change from 0 to 512
[  883.659969][T12201] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  883.664917][T12201] ext4 filesystem being mounted at /309/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  883.717831][ T8110] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  884.368422][T23776] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  884.498265][ T1274] usb 2-1: new full-speed USB device number 58 using dummy_hcd
[  884.518380][T23776] usb 3-1: Using ep0 maxpacket: 8
[  884.521743][T23776] usb 3-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  884.525495][T23776] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  884.531650][T23776] usb 3-1: config 0 descriptor??
[  884.661963][ T1274] usb 2-1: unable to get BOS descriptor or descriptor too short
[  884.666347][ T1274] usb 2-1: not running at top speed; connect to a high speed hub
[  884.672115][ T1274] usb 2-1: config 1 has an invalid descriptor of length 157, skipping remainder of the config
[  884.676923][ T1274] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  884.682909][ T1274] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  884.703112][ T1274] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  884.706898][ T1274] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  884.711419][ T1274] usb 2-1: SerialNumber: syz
[  884.927460][ T1274] cdc_ncm 2-1:1.0: invalid descriptor buffer length
[  884.937452][ T1274] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found
[  884.940529][ T1274] cdc_ncm 2-1:1.0: bind() failure
[  884.946533][ T1274] usb 2-1: USB disconnect, device number 58
[  885.494940][T12315] loop1: detected capacity change from 0 to 1024
[  885.495669][T12316] bond0: Unable to set up delay as MII monitoring is disabled
[  885.744560][T23776] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  885.753354][T23776] asix 3-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  885.756746][T23776] asix 3-1:0.0: probe with driver asix failed with error -71
[  885.767725][T23776] usb 3-1: USB disconnect, device number 47
[  886.524553][T12360] netlink: 'syz.2.10313': attribute type 1 has an invalid length.
[  886.527322][T12360] netlink: 224 bytes leftover after parsing attributes in process `syz.2.10313'.
[  886.694548][T12380] loop1: detected capacity change from 0 to 4096
[  886.951847][T12401] loop1: detected capacity change from 0 to 8192
[  886.978905][ T1118] block nbd0: Possible stuck request ffff888022ac0000: control (read@0,1024B). Runtime 180 seconds
[  886.983828][ T1118] block nbd0: Possible stuck request ffff888022ac0200: control (read@1024,1024B). Runtime 180 seconds
[  886.990236][ T1118] block nbd0: Possible stuck request ffff888022ac0400: control (read@2048,1024B). Runtime 180 seconds
[  886.994680][ T1118] block nbd0: Possible stuck request ffff888022ac0600: control (read@3072,1024B). Runtime 180 seconds
[  887.264219][T12428] loop1: detected capacity change from 0 to 512
[  887.691934][T12456] tmpfs: Bad value for 'nr_inodes'
[  888.117228][T12499] netlink: zone id is out of range
[  888.146613][T12499] netlink: set zone limit has 4 unknown bytes
[  888.186540][T12499] netlink: del zone limit has 4 unknown bytes
[  888.257238][T12515] program syz.2.10362 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  888.629186][T12532] loop1: detected capacity change from 0 to 32768
[  888.695114][T12547] 9pnet: p9_errstr2errno: server reported unknown error 6G)Do')=0O]|[
[  888.714180][T12550] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes
[  888.812332][T12559] loop2: detected capacity change from 0 to 256
[  888.820273][T12559] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x23633d53, utbl_chksum : 0xe619d30d)
[  889.033965][T12581] loop2: detected capacity change from 0 to 32768
[  889.056227][T12581] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  889.114257][ T8110] ocfs2: Unmounting device (7,2) on (node local)
[  889.118199][ T1274] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  889.174285][T12590] loop2: detected capacity change from 0 to 128
[  889.182453][T12590] qnx6: superblock #1 checksum error
[  889.272258][ T1274] usb 2-1: New USB device found, idVendor=0421, idProduct=0007, bcdDevice=b8.51
[  889.275495][ T1274] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  889.279722][ T1274] usb 2-1: Product: syz
[  889.281531][ T1274] usb 2-1: Manufacturer: syz
[  889.283427][ T1274] usb 2-1: SerialNumber: syz
[  889.291086][ T1274] usb 2-1: config 0 descriptor??
[  889.297400][ T1274] rndis_host 2-1:0.0: skipping garbage
[  889.303492][ T1274] rndis_host 2-1:0.0: More than one union descriptor, skipping ...
[  889.306968][ T1274] usb 2-1: bad CDC descriptors
[  889.311445][ T1274] cdc_acm 2-1:0.0: skipping garbage
[  889.313514][ T1274] cdc_acm 2-1:0.0: More than one union descriptor, skipping ...
[  889.516410][ T1274] usb 2-1: USB disconnect, device number 59
[  890.137334][T12628] mac80211_hwsim hwsim31 wlan0: entered promiscuous mode
[  890.141287][T12628] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check.
[  890.189249][T12631] loop1: detected capacity change from 0 to 8
[  890.376742][T12647] netlink: 4 bytes leftover after parsing attributes in process `syz.1.10400'.
[  890.724973][T12670] tmpfs: Bad value for 'mpol'
[  890.792370][T12675] netlink: 24 bytes leftover after parsing attributes in process `syz.2.10412'.
[  890.874125][T12695] loop2: detected capacity change from 0 to 64
[  890.877481][T12695] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing
[  890.881282][T12695] BFS-fs: bfs_fill_super(): Impossible last inode number 262303 > 513 on loop2
[  891.040936][T12701] loop2: detected capacity change from 0 to 32768
[  891.056159][T12701] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  891.081105][T12701] (syz.2.10415,12701,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0
[  891.107349][ T8110] ocfs2: Unmounting device (7,2) on (node local)
[  891.251876][   T33] kauditd_printk_skb: 2 callbacks suppressed
[  891.251887][   T33] audit: type=1326 audit(2000001156.139:611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12712 comm="syz.2.10417" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f8f4318ebe9 code=0x0
[  892.598444][T23776] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  892.703060][T12797] loop1: detected capacity change from 0 to 256
[  892.761596][T23776] usb 3-1: New USB device found, idVendor=046d, idProduct=08b4, bcdDevice= e.32
[  892.768872][T23776] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  892.771550][T23776] usb 3-1: Product: syz
[  892.774360][T23776] usb 3-1: Manufacturer: syz
[  892.776088][T23776] usb 3-1: SerialNumber: syz
[  892.789109][T23776] usb 3-1: config 0 descriptor??
[  892.800498][T23776] pwc: Logitech QuickCam Zoom (new model) USB webcam detected.
[  892.903036][T12814] loop1: detected capacity change from 0 to 128
[  893.017234][T23776] pwc: Failed to set LED on/off time (-71)
[  893.032940][T23776] pwc: send_video_command error -71
[  893.034789][T23776] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  893.037360][T23776] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71
[  893.059583][T23776] usb 3-1: USB disconnect, device number 48
[  893.288243][T12838] bond0: (slave rose0): Enslaving as an active interface with an up link
[  893.458712][ T5238] Bluetooth: hci4: command 0x0405 tx timeout
[  893.479281][T12861] loop1: detected capacity change from 0 to 512
[  893.508395][T12861] loop1: detected capacity change from 512 to 64
[  893.554798][T12867] loop2: detected capacity change from 0 to 512
[  893.584581][T12867] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.10460: iget: bad extended attribute block 1
[  893.591298][T12867] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.10460: couldn't read orphan inode 15 (err -117)
[  893.598797][T12867] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  893.681874][ T8110] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  893.885383][ T5238] Bluetooth: to_multiplier 0 < 10
[  893.996819][T12916] loop1: detected capacity change from 0 to 764
[  894.334732][T12954] netlink: 116 bytes leftover after parsing attributes in process `syz.3.10483'.
[  894.361877][T12956] binder: 12955:12956 ioctl c0306201 200000000080 returned -14
[  894.448805][T23776] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  894.628218][T23776] usb 3-1: Using ep0 maxpacket: 16
[  894.631384][T23776] usb 3-1: config 0 has an invalid interface number: 145 but max is 0
[  894.634129][T23776] usb 3-1: config 0 has no interface number 0
[  894.638936][T23776] usb 3-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  894.641838][T23776] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  894.644568][T23776] usb 3-1: Product: syz
[  894.645979][T23776] usb 3-1: Manufacturer: syz
[  894.654163][T23776] usb 3-1: SerialNumber: syz
[  894.657585][T23776] usb 3-1: config 0 descriptor??
[  894.664256][T23776] hub 3-1:0.145: bad descriptor, ignoring hub
[  894.666836][T23776] hub 3-1:0.145: probe with driver hub failed with error -5
[  894.670497][ T9855] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  894.676135][T23776] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.145/input/input55
[  894.820734][ T9855] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[  894.823914][ T9855] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  894.828417][ T9855] usb 2-1: config 0 descriptor??
[  895.092903][ T5895] usb 3-1: USB disconnect, device number 49
[  895.234184][ T9855] ath6kl: Failed to read usb control message: -71
[  895.237873][ T9855] ath6kl: Unable to read the bmi data from the device: -71
[  895.241981][ T9855] ath6kl: Unable to recv target info: -71
[  895.244865][ T9855] ath6kl: Failed to init ath6kl core: -71
[  895.246949][ T9855] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -71
[  895.251980][ T9855] usb 2-1: USB disconnect, device number 60
[  895.676349][T13037] sock: sock_set_timeout: `syz.3.10503' (pid 13037) tries to set negative timeout
[  895.789102][T13046] loop1: detected capacity change from 0 to 4096
[  895.795580][T13046] overlayfs: overlapping lowerdir path
[  895.952088][ T5895] usb 3-1: new full-speed USB device number 50 using dummy_hcd
[  896.030154][ T5238] Bluetooth: hci4: command 0x0405 tx timeout
[  896.210139][ T5895] usb 3-1: too many configurations: 227, using maximum allowed: 8
[  896.222006][ T5895] usb 3-1: New USB device found, idVendor=055d, idProduct=9000, bcdDevice=31.44
[  896.225254][ T5895] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  896.231281][ T5895] usb 3-1: config 0 descriptor??
[  896.236001][ T5895] pwc: Samsung MPC-C10 USB webcam detected.
[  896.238055][ T5895] pwc: Warning: more than 1 configuration available.
[  896.408523][T23776] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  896.441252][ T5895] pwc: send_video_command error -71
[  896.443251][ T5895] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  896.446215][ T5895] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71
[  896.452191][ T5895] usb 3-1: USB disconnect, device number 50
[  896.563082][T23776] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.02
[  896.566273][T23776] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  896.569370][T23776] usb 2-1: Product: syz
[  896.570958][T23776] usb 2-1: Manufacturer: syz
[  896.572720][T23776] usb 2-1: SerialNumber: syz
[  896.576153][T23776] usb 2-1: config 0 descriptor??
[  896.787823][T23776] hso 2-1:0.0: Failed to find BULK IN ep
[  896.982340][T13083] loop2: detected capacity change from 0 to 256
[  896.992928][T13083] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  897.000405][T13083] exFAT-fs (loop2): start_clu is invalid cluster(0x0)
[  897.256509][T13092] loop2: detected capacity change from 0 to 32768
[  897.288326][T13092] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  897.309059][T13092] XFS (loop2): Ending clean mount
[  897.312730][T13092] XFS (loop2): Quotacheck needed: Please wait.
[  897.386194][T13092] XFS (loop2): Quotacheck: Done.
[  897.427702][ T8110] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  897.766567][T13137] loop2: detected capacity change from 0 to 2048
[  897.772243][T13137] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  897.816249][T13143] netlink: 48 bytes leftover after parsing attributes in process `syz.2.10529'.
[  897.821073][T13143] netlink: 48 bytes leftover after parsing attributes in process `syz.2.10529'.
[  898.425919][T13164] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.10538'.
[  898.802124][T13183] loop2: detected capacity change from 0 to 2048
[  898.857050][T13183] loop2: detected capacity change from 0 to 4096
[  899.036811][T13207] netlink: 277 bytes leftover after parsing attributes in process `syz.2.10551'.
[  899.085620][T12840] usb 2-1: USB disconnect, device number 61
[  899.182286][T13228] Malformed UNC in devname
[  899.182286][T13228] 
[  899.185346][T13228] CIFS: VFS: Malformed UNC in devname
[  899.448539][ T5895] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  899.648613][ T5895] usb 3-1: Using ep0 maxpacket: 32
[  899.660415][ T5895] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  899.664069][ T5895] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  899.678303][ T5895] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  899.681991][ T5895] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  899.688014][ T5895] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  899.698603][ T5895] usb 3-1: config 0 descriptor??
[  899.701349][T13231] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  899.709011][ T5895] hub 3-1:0.0: USB hub found
[  899.767043][   T33] audit: type=1326 audit(2000001164.649:612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13274 comm="syz.3.10571" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  899.774785][   T33] audit: type=1326 audit(2000001164.649:613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13274 comm="syz.3.10571" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  899.784084][   T33] audit: type=1326 audit(2000001164.659:614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13274 comm="syz.3.10571" exe="/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  899.791434][   T33] audit: type=1326 audit(2000001164.659:615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13274 comm="syz.3.10571" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  899.800254][   T33] audit: type=1326 audit(2000001164.659:616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13274 comm="syz.3.10571" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  899.807930][   T33] audit: type=1326 audit(2000001164.669:617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13274 comm="syz.3.10571" exe="/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  899.815911][   T33] audit: type=1326 audit(2000001164.669:618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13274 comm="syz.3.10571" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  899.824067][   T33] audit: type=1326 audit(2000001164.669:619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13274 comm="syz.3.10571" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  899.831522][   T33] audit: type=1326 audit(2000001164.669:620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13274 comm="syz.3.10571" exe="/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  899.840642][   T33] audit: type=1326 audit(2000001164.729:621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13274 comm="syz.3.10571" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd32258ebe9 code=0x7ffc0000
[  899.911484][ T5895] hub 3-1:0.0: config failed, can't read hub descriptor (err -22)
[  899.922586][ T5895] usbhid 3-1:0.0: can't add hid device: -71
[  899.924623][ T5895] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  899.950488][ T5895] usb 3-1: USB disconnect, device number 51
[  900.302015][T13315] loop1: detected capacity change from 0 to 2048
[  900.454108][T13321] loop2: detected capacity change from 0 to 512
[  900.482338][T13321] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  900.486575][T13321] ext4 filesystem being mounted at /388/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  900.513764][ T8110] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  900.777917][T13359] overlayfs: missing 'lowerdir'
[  900.812080][T13364] loop1: detected capacity change from 0 to 128
[  901.737126][T13420] netlink: 'syz.3.10616': attribute type 11 has an invalid length.
[  901.878230][ T5897] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  902.028453][ T5897] usb 3-1: Using ep0 maxpacket: 16
[  902.034212][ T5897] usb 3-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  902.037198][ T5897] usb 3-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  902.041638][ T5897] usb 3-1: Product: syz
[  902.043081][ T5897] usb 3-1: Manufacturer: syz
[  902.044582][ T5897] usb 3-1: SerialNumber: syz
[  902.050983][ T5897] usb 3-1: config 0 descriptor??
[  902.265992][ T5895] usb 3-1: USB disconnect, device number 52
[  902.497603][T13505] loop1: detected capacity change from 0 to 512
[  902.649651][    C1] vkms_vblank_simulate: vblank timer overrun
[  902.700706][    C1] vkms_vblank_simulate: vblank timer overrun
[  903.022370][ T5875] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  903.359688][ T5875] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  903.485477][ T3364] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  903.501537][ T3364] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  903.507042][ T3364] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  903.513368][ T3364] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  903.517521][ T3364] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  903.519412][ T5875] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  903.573327][T13531] lo speed is unknown, defaulting to 1000
[  903.632277][ T5875] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  903.856468][T13531] chnl_net:caif_netlink_parms(): no params data found
[  903.996770][ T5875] bridge_slave_1: left allmulticast mode
[  904.002374][ T5875] bridge_slave_1: left promiscuous mode
[  904.004829][ T5875] bridge0: port 2(bridge_slave_1) entered disabled state
[  904.009081][ T5875] bridge_slave_0: left allmulticast mode
[  904.011304][ T5875] bridge_slave_0: left promiscuous mode
[  904.013346][ T5875] bridge0: port 1(bridge_slave_0) entered disabled state
[  904.649964][    C1] vkms_vblank_simulate: vblank timer overrun
[  904.713421][ T5875] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  904.720789][ T5875] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  904.729074][ T5875] bond0 (unregistering): Released all slaves
[  904.816435][T13531] bridge0: port 1(bridge_slave_0) entered blocking state
[  904.825523][T13531] bridge0: port 1(bridge_slave_0) entered disabled state
[  904.828197][T13531] bridge_slave_0: entered allmulticast mode
[  904.832166][T13531] bridge_slave_0: entered promiscuous mode
[  904.844473][T13531] bridge0: port 2(bridge_slave_1) entered blocking state
[  904.847162][T13531] bridge0: port 2(bridge_slave_1) entered disabled state
[  904.852513][T13531] bridge_slave_1: entered allmulticast mode
[  904.855488][T13531] bridge_slave_1: entered promiscuous mode
[  904.950279][T13531] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  904.957407][T13531] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  905.018442][ T5911] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  905.047608][T13531] team0: Port device team_slave_0 added
[  905.054926][T13531] team0: Port device team_slave_1 added
[  905.086405][T13531] batman_adv: batadv0: Adding interface: batadv_slave_0
[  905.092658][T13531] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  905.103646][T13531] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  905.116440][ T5875] hsr_slave_0: left promiscuous mode
[  905.119167][ T5875] hsr_slave_1: left promiscuous mode
[  905.121354][ T5875] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  905.123816][ T5875] batman_adv: batadv0: Removing interface: batadv_slave_0
[  905.126622][ T5875] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  905.130522][ T5875] batman_adv: batadv0: Removing interface: batadv_slave_1
[  905.143403][ T5875] veth1_macvtap: left promiscuous mode
[  905.145340][ T5875] veth0_macvtap: left promiscuous mode
[  905.147248][ T5875] veth1_vlan: left promiscuous mode
[  905.149328][ T5875] veth0_vlan: left promiscuous mode
[  905.189767][ T5911] usb 3-1: Using ep0 maxpacket: 16
[  905.195060][ T5911] usb 3-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  905.200044][ T5911] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  905.202685][ T5911] usb 3-1: Product: syz
[  905.204163][ T5911] usb 3-1: Manufacturer: syz
[  905.205736][ T5911] usb 3-1: SerialNumber: syz
[  905.213491][ T5911] usb 3-1: config 0 descriptor??
[  905.217636][ T5911] ssu100 3-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  905.640263][ T3364] Bluetooth: hci3: command tx timeout
[  906.075793][ T5911] ssu100 3-1:0.0: probe with driver ssu100 failed with error -71
[  906.080006][ T5911] usb 3-1: USB disconnect, device number 53
[  906.171683][ T5875] team0 (unregistering): Port device team_slave_1 removed
[  906.263587][ T5875] team0 (unregistering): Port device team_slave_0 removed
[  906.898785][T23776] usb 3-1: new high-speed USB device number 54 using dummy_hcd
[  907.086422][T13531] batman_adv: batadv0: Adding interface: batadv_slave_1
[  907.091487][T13531] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  907.100158][T13531] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  907.104948][T23776] usb 3-1: config 8 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  907.110604][T23776] usb 3-1: config 8 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  907.117897][T23776] usb 3-1: config 8 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  907.123577][T23776] usb 3-1: New USB device found, idVendor=07b5, idProduct=0312, bcdDevice= 0.00
[  907.130844][T23776] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  907.192048][T13531] hsr_slave_0: entered promiscuous mode
[  907.194397][T13531] hsr_slave_1: entered promiscuous mode
[  907.564855][T23776] megaworld 0003:07B5:0312.0032: hidraw0: USB HID v0.00 Device [HID 07b5:0312] on usb-dummy_hcd.2-1/input0
[  907.575144][T23776] megaworld 0003:07B5:0312.0032: no inputs found
[  907.698348][ T3364] Bluetooth: hci3: command tx timeout
[  907.760254][T23776] usb 3-1: USB disconnect, device number 54
[  907.821327][T13960] netlink: 4 bytes leftover after parsing attributes in process `syz.3.10670'.
[  908.148367][T13986] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10673'.
[  908.151379][T13986] netlink: 660 bytes leftover after parsing attributes in process `syz.3.10673'.
[  908.408297][T13531] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  908.413585][T13531] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  908.419531][T13531] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  908.430268][T13531] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  908.485015][T13531] 8021q: adding VLAN 0 to HW filter on device bond0
[  908.497502][T13531] 8021q: adding VLAN 0 to HW filter on device team0
[  908.505317][T14005] loop2: detected capacity change from 0 to 32768
[  908.510661][T30944] bridge0: port 1(bridge_slave_0) entered blocking state
[  908.513353][T30944] bridge0: port 1(bridge_slave_0) entered forwarding state
[  908.522214][T30944] bridge0: port 2(bridge_slave_1) entered blocking state
[  908.524781][T30944] bridge0: port 2(bridge_slave_1) entered forwarding state
[  908.555939][T14005] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  908.586294][ T8110] ocfs2: Unmounting device (7,2) on (node local)
[  908.699510][T13531] 8021q: adding VLAN 0 to HW filter on device batadv0
[  908.896698][T13531] veth0_vlan: entered promiscuous mode
[  908.908528][T13531] veth1_vlan: entered promiscuous mode
[  908.930287][T13531] veth0_macvtap: entered promiscuous mode
[  908.935280][T13531] veth1_macvtap: entered promiscuous mode
[  908.957360][T13531] batman_adv: batadv0: Interface activated: batadv_slave_0
[  908.974208][T13531] batman_adv: batadv0: Interface activated: batadv_slave_1
[  908.995098][ T5854] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  908.998060][ T5854] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  909.012854][ T5854] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  909.023258][ T5854] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  909.176543][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  909.200573][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  909.287857][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  909.292493][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  909.379169][   T34] INFO: task syz.5.8519:4723 blocked for more than 143 seconds.
[  909.390277][   T34]       Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0
[  909.393472][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  909.424345][   T34] task:syz.5.8519      state:D stack:27944 pid:4723  tgid:4722  ppid:11994  task_flags:0x400040 flags:0x00004004
[  909.448248][   T34] Call Trace:
[  909.449691][   T34]  <TASK>
[  909.450956][   T34]  __schedule+0x1798/0x4cc0
[  909.455790][   T34]  ? __lock_acquire+0xab9/0xd20
[  909.457863][   T34]  ? __lock_acquire+0xab9/0xd20
[  909.461295][T14074] tc_dump_action: action bad kind
[  909.466872][   T34]  ? __pfx___schedule+0x10/0x10
[  909.498233][   T34]  ? schedule+0x91/0x360
[  909.500099][   T34]  schedule+0x165/0x360
[  909.501892][   T34]  schedule_preempt_disabled+0x13/0x30
[  909.504179][   T34]  __mutex_lock+0x7e6/0x1360
[  909.564097][   T34]  ? __mutex_lock+0x5b6/0x1360
[  909.566056][   T34]  ? sync_bdevs+0x1ac/0x340
[  909.567895][   T34]  ? __pfx___mutex_lock+0x10/0x10
[  909.586596][   T34]  ? iput+0x398/0x9d0
[  909.595144][   T34]  ? do_raw_spin_unlock+0x4d/0x240
[  909.597236][   T34]  sync_bdevs+0x1ac/0x340
[  909.599129][   T34]  ksys_sync+0xb9/0x150
[  909.600870][   T34]  ? __pfx_ksys_sync+0x10/0x10
[  909.602787][   T34]  ? do_syscall_64+0xbe/0x3b0
[  909.604628][   T34]  __ia32_sys_sync+0xe/0x20
[  909.606440][   T34]  do_syscall_64+0xfa/0x3b0
[  909.628778][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  909.630949][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  909.638059][   T34]  ? exc_page_fault+0x9f/0xf0
[  909.643589][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  909.646069][   T34] RIP: 0033:0x7f9b2438ebe9
[  909.647964][   T34] RSP: 002b:00007f9b251e7038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[  909.652066][   T34] RAX: ffffffffffffffda RBX: 00007f9b245b5fa0 RCX: 00007f9b2438ebe9
[  909.655154][   T34] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  909.658966][   T34] RBP: 00007f9b245b5fa0 R08: 0000000000000000 R09: 0000000000000000
[  909.662559][   T34] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  909.671049][   T34] R13: 00007f9b245b6038 R14: 00007f9b245b5fa0 R15: 00007ffee26ad868
[  909.674415][   T34]  </TASK>
[  909.675905][   T34] 
[  909.675905][   T34] Showing all locks held in the system:
[  909.680993][   T34] 1 lock held by khungtaskd/34:
[  909.683092][   T34]  #0: ffffffff8e139ee0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  909.686800][   T34] 3 locks held by kworker/1:2/1274:
[  909.689174][   T34] 2 locks held by getty/5676:
[  909.730466][   T34]  #0: ffff8881069110a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  909.733769][   T34]  #1: ffffc900029062f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  909.758492][   T34] 3 locks held by kworker/u8:2/5854:
[  909.760440][   T34]  #0: ffff888136639f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  909.798624][ T3364] Bluetooth: hci3: command tx timeout
[  909.828198][   T34]  #1: ffff888136624008 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x53/0x880
[  909.831210][   T34]  #2: ffffffff8e139ee0 (rcu_read_lock){....}-{1:3}, at: unwind_next_frame+0xa5/0x2390
[  909.834290][   T34] 3 locks held by kworker/0:4/5895:
[  909.836055][   T34]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  909.868223][   T34]  #1: ffffc9000340fbc0 (key_gc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  909.898197][   T34]  #2: ffffffff8e13f978 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x3b9/0x730
[  909.901986][   T34] 2 locks held by syz.3.1683/10399:
[  909.903825][   T34] 2 locks held by syz.3.3270/19816:
[  909.938219][   T34] 3 locks held by kworker/0:7/23776:
[  909.944495][   T34]  #0: ffff88801a480d48 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x17b0
[  909.958187][   T34]  #1: ffffc90007e07bc0 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x17b0
[  909.961673][   T34]  #2: ffffffff8e13f978 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x2f6/0x730
[  909.965332][   T34] 1 lock held by udevd/27701:
[  909.966925][   T34]  #0: ffff88810722a358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  909.972784][   T34] 1 lock held by syz.5.8519/4723:
[  909.974470][   T34]  #0: ffff88810722a358 (&disk->open_mutex){+.+.}-{4:4}, at: sync_bdevs+0x1ac/0x340
[  909.977586][   T34] 2 locks held by syz.0.9028/7450:
[  909.979531][   T34]  #0: ffff88811e8020e0 (&type->s_umount_key#137/1){+.+.}-{4:4}, at: alloc_super+0x204/0x970
[  909.983022][   T34]  #1: ffff88810722a358 (&disk->open_mutex){+.+.}-{4:4}, at: bdev_open+0xe0/0xd30
[  909.986042][   T34] 1 lock held by syz-executor/13531:
[  909.988931][   T34] 
[  909.989907][   T34] =============================================
[  909.989907][   T34] 
[  909.992718][   T34] NMI backtrace for cpu 0
[  909.992727][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  909.992737][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  909.992742][   T34] Call Trace:
[  909.992747][   T34]  <TASK>
[  909.992751][   T34]  dump_stack_lvl+0x189/0x250
[  909.992766][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  909.992775][   T34]  ? __pfx__printk+0x10/0x10
[  909.992790][   T34]  nmi_cpu_backtrace+0x39e/0x3d0
[  909.992800][   T34]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  909.992813][   T34]  ? __pfx__printk+0x10/0x10
[  909.992824][   T34]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  909.992838][   T34]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  909.992851][   T34]  watchdog+0xf93/0xfe0
[  909.992864][   T34]  ? watchdog+0x1de/0xfe0
[  909.992875][   T34]  kthread+0x711/0x8a0
[  909.992886][   T34]  ? __pfx_watchdog+0x10/0x10
[  909.992895][   T34]  ? __pfx_kthread+0x10/0x10
[  909.992905][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  909.992914][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  909.992922][   T34]  ? __pfx_kthread+0x10/0x10
[  909.992931][   T34]  ret_from_fork+0x3fc/0x770
[  909.992941][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  909.992950][   T34]  ? __switch_to_asm+0x39/0x70
[  909.992959][   T34]  ? __switch_to_asm+0x33/0x70
[  909.992967][   T34]  ? __pfx_kthread+0x10/0x10
[  909.992976][   T34]  ret_from_fork_asm+0x1a/0x30
[  909.992990][   T34]  </TASK>
[  909.992994][   T34] Sending NMI from CPU 0 to CPUs 1:
[  910.055095][    C1] NMI backtrace for cpu 1
[  910.055110][    C1] CPU: 1 UID: 0 PID: 13531 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  910.055120][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  910.055125][    C1] RIP: 0010:cpuacct_charge+0x1f1/0x320
[  910.055138][    C1] Code: 74 08 4c 89 ff e8 6f 4f 89 00 4d 03 2f 4c 89 e8 48 c1 e8 03 80 3c 28 00 74 08 4c 89 ef e8 57 4f 89 00 48 8b 04 24 49 01 45 00 <49> 81 c4 08 01 00 00 4c 89 e0 48 c1 e8 03 80 3c 28 00 74 8a 4c 89
[  910.055145][    C1] RSP: 0018:ffffc9000424efa8 EFLAGS: 00000012
[  910.055153][    C1] RAX: 00000000001990b7 RBX: 1ffffffff1b7b7a3 RCX: cc1e4bf083a2ce00
[  910.055159][    C1] RDX: 0000000000000000 RSI: ffffffff8dba33cb RDI: ffffffff8be32600
[  910.055163][    C1] RBP: dffffc0000000000 R08: ffffffff8fa34237 R09: 1ffffffff1f46846
[  910.055168][    C1] R10: dffffc0000000000 R11: fffffbfff1f46847 R12: ffff888123346000
[  910.055173][    C1] R13: ffffe8ffffc4aaa8 R14: 0000000000000001 R15: ffffffff8dbdbd18
[  910.055178][    C1] FS:  0000555591a97500(0000) GS:ffff8881a3c24000(0000) knlGS:0000000000000000
[  910.055183][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  910.055188][    C1] CR2: 0000200000026000 CR3: 000000002c208000 CR4: 00000000000006f0
[  910.055214][    C1] Call Trace:
[  910.055219][    C1]  <TASK>
[  910.055224][    C1]  update_se+0x2ba/0x5f0
[  910.055237][    C1]  update_curr+0x75/0x730
[  910.055249][    C1]  put_prev_entity+0x41/0x230
[  910.055256][    C1]  put_prev_task_fair+0x4b/0x80
[  910.055265][    C1]  put_prev_set_next_task+0x10a/0x180
[  910.055274][    C1]  __pick_next_task+0x3eb/0x450
[  910.055283][    C1]  __schedule+0x7a4/0x4cc0
[  910.055296][    C1]  ? __pfx___schedule+0x10/0x10
[  910.055303][    C1]  ? finish_task_switch+0x18b/0x950
[  910.055314][    C1]  ? preempt_schedule_irq+0xaa/0x150
[  910.055322][    C1]  preempt_schedule_irq+0xb5/0x150
[  910.055329][    C1]  ? __pfx_preempt_schedule_irq+0x10/0x10
[  910.055337][    C1]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  910.055346][    C1]  irqentry_exit+0x6f/0x90
[  910.055355][    C1]  asm_sysvec_call_function_single+0x1a/0x20
[  910.055364][    C1] RIP: 0010:unwind_next_frame+0xcc6/0x2390
[  910.055373][    C1] Code: e9 c5 04 00 00 4c 89 7c 24 28 48 89 5c 24 78 4d 8d 66 08 4d 89 e5 49 c1 ed 03 41 80 7c 2d 00 00 74 08 4c 89 e7 e8 fa 47 b0 00 <49> 8b 5e 08 49 8d 56 10 49 89 d7 49 c1 ef 03 41 80 3c 2f 00 74 0e
[  910.055379][    C1] RSP: 0018:ffffc9000424f538 EFLAGS: 00000246
[  910.055385][    C1] RAX: 0000000000000000 RBX: ffffffff902a38ab RCX: ffffffff8fb1395c
[  910.055389][    C1] RDX: ffffffff902a38a6 RSI: 0000000000000003 RDI: ffffffff8be325a0
[  910.055394][    C1] RBP: dffffc0000000000 R08: 0000000000000022 R09: ffffffff8172c195
[  910.055398][    C1] R10: ffffc9000424f658 R11: ffffffff81ac3890 R12: ffffc9000424f610
[  910.055403][    C1] R13: 1ffff92000849ec2 R14: ffffc9000424f608 R15: 1ffffffff2054715
[  910.055409][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  910.055417][    C1]  ? unwind_next_frame+0xa5/0x2390
[  910.055425][    C1]  ? unwind_next_frame+0xd4/0x2390
[  910.055433][    C1]  ? unwind_next_frame+0xa5/0x2390
[  910.055440][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.055447][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  910.055455][    C1]  arch_stack_walk+0x11c/0x150
[  910.055465][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.055472][    C1]  stack_trace_save+0x9c/0xe0
[  910.055479][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[  910.055487][    C1]  save_stack+0xf5/0x1f0
[  910.055498][    C1]  ? __pfx_save_stack+0x10/0x10
[  910.055506][    C1]  ? __free_frozen_pages+0xbc4/0xd30
[  910.055515][    C1]  ? vfree+0x25a/0x400
[  910.055524][    C1]  ? kcov_close+0x28/0x50
[  910.055533][    C1]  ? __fput+0x44c/0xa70
[  910.055540][    C1]  ? task_work_run+0x1d4/0x260
[  910.055549][    C1]  ? do_exit+0x6b5/0x2300
[  910.055559][    C1]  ? do_group_exit+0x21c/0x2d0
[  910.055567][    C1]  ? get_signal+0x1286/0x1340
[  910.055573][    C1]  ? arch_do_signal_or_restart+0x9a/0x750
[  910.055583][    C1]  ? exit_to_user_mode_loop+0x75/0x110
[  910.055593][    C1]  ? do_syscall_64+0x2bd/0x3b0
[  910.055601][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.055609][    C1]  __reset_page_owner+0x71/0x1f0
[  910.055618][    C1]  __free_frozen_pages+0xbc4/0xd30
[  910.055629][    C1]  vfree+0x25a/0x400
[  910.055637][    C1]  ? __pfx_kcov_close+0x10/0x10
[  910.055646][    C1]  kcov_close+0x28/0x50
[  910.055654][    C1]  __fput+0x44c/0xa70
[  910.055662][    C1]  task_work_run+0x1d4/0x260
[  910.055671][    C1]  ? __pfx_task_work_run+0x10/0x10
[  910.055685][    C1]  ? kmem_cache_free+0x18f/0x400
[  910.055731][    C1]  do_exit+0x6b5/0x2300
[  910.055746][    C1]  ? do_raw_spin_lock+0x121/0x290
[  910.055759][    C1]  ? __pfx_do_exit+0x10/0x10
[  910.055773][    C1]  do_group_exit+0x21c/0x2d0
[  910.055785][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  910.055793][    C1]  get_signal+0x1286/0x1340
[  910.055802][    C1]  arch_do_signal_or_restart+0x9a/0x750
[  910.055812][    C1]  ? __pfx_get_timespec64+0x10/0x10
[  910.055822][    C1]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  910.055834][    C1]  ? exit_to_user_mode_loop+0x40/0x110
[  910.055844][    C1]  exit_to_user_mode_loop+0x75/0x110
[  910.055853][    C1]  do_syscall_64+0x2bd/0x3b0
[  910.055861][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  910.055867][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.055874][    C1]  ? exc_page_fault+0x9f/0xf0
[  910.055881][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  910.055887][    C1] RIP: 0033:0x7f4b453c14a5
[  910.055894][    C1] Code: Unable to access opcode bytes at 0x7f4b453c147b.
[  910.055897][    C1] RSP: 002b:00007fff98c776c0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  910.055904][    C1] RAX: 0000000000000000 RBX: 0000000000000003 RCX: 00007f4b453c14a5
[  910.055908][    C1] RDX: 00007fff98c77700 RSI: 0000000000000000 RDI: 0000000000000000
[  910.055913][    C1] RBP: 00007fff98c7776c R08: 0000000000000000 R09: 0000000000000000
[  910.055917][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000001388
[  910.055921][    C1] R13: 00000000000927c0 R14: 00000000000de033 R15: 00007fff98c777c0
[  910.055930][    C1]  </TASK>
[  910.274262][   T34] Kernel panic - not syncing: hung_task: blocked tasks
[  910.276538][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  910.280410][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  910.283759][   T34] Call Trace:
[  910.284862][   T34]  <TASK>
[  910.285837][   T34]  dump_stack_lvl+0x99/0x250
[  910.287420][   T34]  ? __asan_memcpy+0x40/0x70
[  910.289033][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  910.290725][   T34]  ? __pfx__printk+0x10/0x10
[  910.292232][   T34]  vpanic+0x281/0x750
[  910.293539][   T34]  ? __pfx_vpanic+0x10/0x10
[  910.295091][   T34]  ? preempt_schedule+0xae/0xc0
[  910.296642][   T34]  ? preempt_schedule_common+0x83/0xd0
[  910.298377][   T34]  panic+0xb9/0xc0
[  910.299583][   T34]  ? __pfx_panic+0x10/0x10
[  910.301030][   T34]  ? preempt_schedule_thunk+0x16/0x30
[  910.302747][   T34]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  910.304689][   T34]  watchdog+0xfd2/0xfe0
[  910.306099][   T34]  ? watchdog+0x1de/0xfe0
[  910.307485][   T34]  kthread+0x711/0x8a0
[  910.308795][   T34]  ? __pfx_watchdog+0x10/0x10
[  910.310317][   T34]  ? __pfx_kthread+0x10/0x10
[  910.311846][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  910.313522][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  910.315211][   T34]  ? __pfx_kthread+0x10/0x10
[  910.316691][   T34]  ret_from_fork+0x3fc/0x770
[  910.318231][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  910.319911][   T34]  ? __switch_to_asm+0x39/0x70
[  910.321427][   T34]  ? __switch_to_asm+0x33/0x70
[  910.322975][   T34]  ? __pfx_kthread+0x10/0x10
[  910.324475][   T34]  ret_from_fork_asm+0x1a/0x30
[  910.326075][   T34]  </TASK>
[  910.327789][   T34] Kernel Offset: disabled
[  910.329218][   T34] Rebooting in 86400 seconds..

VM DIAGNOSIS:
01:35:51  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000000 RBX=1ffff110046643a5 RCX=8abdfbcbde347a00 RDX=0000000000000000
RSI=ffffffff8dba33cb RDI=ffffffff8be32600 RBP=ffff888023321cc0 RSP=ffffc90000007ca8
R8 =ffffffff8fa34237 R9 =1ffffffff1f46846 R10=dffffc0000000000 R11=fffffbfff1f46847
R12=dffffc0000000000 R13=1ffff1100466439b R14=ffff8880233220d8 R15=0000000000000000
RIP=ffffffff8190d0f4 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8624000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000555587864808 CR3=000000002a12e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=ffffffffffffff00 ffffffffffffffff XMM03=0000000000000000 ffff000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000400 0000320030361f00
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=ffffffffffff00ff ffff00ff000000ff XMM09=0000000000000441 0000320030366c6c
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffffffff820c017c RBX=0000000000000001 RCX=0000000000000000 RDX=ffff888025918000
RSI=0000000000000001 RDI=0000000000000000 RBP=ffffc9000424f630 RSP=ffffc9000424f390
R8 =ffff88804191b543 R9 =1ffff110083236a8 R10=dffffc0000000000 R11=ffffed10083236a9
R12=00007f4b44394000 R13=ffff8881132b5810 R14=0000000000000001 R15=0000000000000020
RIP=ffffffff81a65d86 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000555591a97500 ffffffff 00c00000
GS =0000 ffff8881a3c24000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fd3227b7dac CR3=0000000029136000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff8167983b ffffffff8167983b
XMM02=ffffffff8167983b ffffffff8167983b XMM03=ffffffff8167983b ffffffff8167983b
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
