last executing test programs:

29m25.502175101s ago: executing program 3 (id=199):
r0 = socket(0x400000000010, 0x3, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f00000002c0)="f973085a6ea39ea1b25a1c6b351e11245900557d1c8e9f86bae5e5c64e50ef25afb0295d0c303850b4bff4d088bf9df67e013836e2882dad3f7698b52997f7efa9eb96f09be1c3019445927c6b2fe32d38ae2bcad2ac0d85ebd42914fb18b7d0670f8b3be16755ead6a6fb713fa618ce2cf424ea7cc84b04016b9a2afbfaf68803f1c1", 0x83}, {&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f723388dda974e2a9fb1bcda474c08d6222179b19e902009ea3cb3e42408bab6c1f29cb62", 0x94}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44c", 0x9b}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d21", 0x50}, {&(0x7f0000000900)="a9be9b2ff3a19d5a1226e5243d37d1fd2894c1ae880dc2316aa2d5ad08944c7135eb837eff354282dd5863c051eb7b9b17be0e4fdd6560f3f2c2c04af73a6cb75b5d05d6037f91e8f4f08e90d5313fb91fbdc5acd212f7d8c800a837a0236309d25e82d5767d8df7512b2beb324c2a2fd6f4ed3a3eb7396f02d515396a3be574d721df257dbf0bc39c", 0x89}, {&(0x7f00000000c0)}], 0x6}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000bc0)}, {&(0x7f0000000580)="8f966bd94d169820f6b844307d323b8c13deaeff", 0x14}], 0x3}}, {{&(0x7f0000000d80)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e23, @local}, 0x2, 0x3, 0x1, 0x3}}, 0x80, 0x0}}], 0x3, 0x20000044)
openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xc1842, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r4, @ANYBLOB, @ANYRES32=r5, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

29m24.369606092s ago: executing program 3 (id=201):
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005b40)=[{{&(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000840), 0x0, 0x0, 0x0, 0x50}}, {{&(0x7f0000000880)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000a80)=[{&(0x7f0000000900)="ca6e24a8f9be4b6757385a5ef998f77e5088ac6df579888ca27de106f282356d902c8dcc909a1631c9c31cae642552365069e846c007ec6b6461db544b464b36e6dc54", 0x43}, {0x0}, {0x0}], 0x3, 0x0, 0x0, 0x4004004}}, {{&(0x7f0000000ac0)=@abs={0x1, 0x0, 0x4e21}, 0x6e, 0x0, 0x0, 0x0, 0x100, 0x10}}, {{&(0x7f0000001580)=@abs={0x1, 0x0, 0x4e21}, 0x6e, 0x0, 0x0, &(0x7f0000001c00)=[@rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x88, 0x1198f16f4cbc0a40}}, {{&(0x7f0000001cc0)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002180)=[{&(0x7f0000001d40)="ce505d27b27a300e5d04c5910923177d3ee53ae9c097de03c2b7d28451f860e443965a121be8999e78e00bac", 0x2c}], 0x1}}, {{0x0, 0x0, &(0x7f0000002380)=[{&(0x7f0000002280)}], 0x1, &(0x7f0000002480)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x10}}], 0x90, 0x8010}}, {{0x0, 0x0, &(0x7f0000002600), 0x0, &(0x7f0000002640), 0x0, 0x4}}, {{&(0x7f0000002680)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f0000002840), 0x0, 0x0, 0x0, 0x20000805}}, {{0x0, 0x0, &(0x7f0000002a00), 0x0, &(0x7f0000002a40)=[@cred={{0x1c}}], 0x20, 0x40040}}], 0x9, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000004c0), 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x3, 0x0, 0x8801, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0x6}, 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x35bbc1, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x7, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0xcb76})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
futex(&(0x7f00000002c0)=0x2, 0xb, 0x2, 0x0, &(0x7f00000004c0)=0x1, 0x2)
close(r0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000000680)=ANY=[@ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac14140a000000000000000000000000000004d533000000000000000000bbff05000000000000a20000000000000007000000000000fcffffffffffffff000000000000000004000000fffffff4ff7f000000000000fe4800000000000004000000000000000900000000000000de5f000000000000ffff00000000000005000000f8ffffff0900000026bd7000000000000a00027f010000000000000003000000de0000000800160000000080"], 0x100}, 0x1, 0x0, 0x0, 0x4075}, 0xc800)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x103c02, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000300)={'wlan1\x00'})
sendmsg$NL80211_CMD_SET_KEY(0xffffffffffffffff, 0x0, 0x20004008)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x14)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200))

29m22.423404694s ago: executing program 3 (id=207):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x0, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x29, 0x14, 0x0, 0xffffffffffffffdc)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_wait_time_recursive\x00', 0x26e1, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000080)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x800, 0x0, 0x2, 0x1}, 0x20)
add_key$fscrypt_v1(&(0x7f00000002c0), 0x0, &(0x7f0000000440)={0x0, "8527d2100090af54bfbca283be11c0de7af30e90937920fcba13d90af61beaa44d66a6535daf1bc35fb3af1e9197e31d26589d073c10184095fb00", 0x14}, 0x48, 0xffffffffffffffff)

29m19.689989148s ago: executing program 3 (id=213):
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$inet(r0, 0x0, 0x4000000)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbee3, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x2002, 0x0)
mknodat(0xffffffffffffff9c, 0x0, 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file2\x00', 0xffffffffffffff9c, 0x0, 0x0)
fsetxattr$security_evm(0xffffffffffffffff, &(0x7f0000000680), &(0x7f00000006c0)=ANY=[@ANYBLOB="030110000007ff06000000cb56bb5d4068bc9907f757c2a38f6205d5056d4c30b78adec753db077387c414abeb5a356b68314470bd7920b7ffc5e79b02ff7c04af9fcb73bcb0e33fafa68e43b3950b554f0700000000000000b50dadaa2a0ee13ec54460f0b3331e29a5fb86a7d423dd068ba86a6722c993ada281314279820075433f0703b0cfad5080525b906bf676cc2ccc3ddb0aa9e893df2a698f7f7e2a230e68e4824ef96a5396cbc0c0dea4099ee1d1b190"], 0xc1, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00')
pread64(r5, &(0x7f0000001240)=""/102400, 0x19000, 0x1000000300)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r5, 0x84, 0x14, &(0x7f0000000040)=@assoc_value={<r6=>0x0}, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000000)={r6, 0x3, 0x200, 0x9}, &(0x7f0000000080)=0x14)
write$proc_mixer(r4, &(0x7f0000000180)=ANY=[@ANYBLOB='SYNTH \'Mic\' 00000000000000000000\nIGAIN \'Capture Volume\' 00000000000000000000\nVOLUME\nLINE\nMONITOR\nCD \'CD Capt'], 0x86)
r7 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/asound/card2/oss_mixer\x00', 0x0, 0x0)
dup3(r7, r4, 0x0)

29m18.358456533s ago: executing program 3 (id=217):
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
kexec_load(0x4, 0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
bind$x25(0xffffffffffffffff, 0x0, 0x0)
bind$x25(0xffffffffffffffff, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400c801}, 0x4008094)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)

29m18.13624667s ago: executing program 3 (id=219):
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000"], 0x48)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x8001, 0x0, r0}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000, r1}, 0x38)

29m2.863036801s ago: executing program 32 (id=219):
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000"], 0x48)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1}, 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0x8001, 0x0, r0}, 0x50)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x8000, r1}, 0x38)

17.156865937s ago: executing program 2 (id=3866):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x478, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r2, {0xe}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_basic={{0xa}, {0x448, 0x2, [@TCA_BASIC_POLICE={0x444, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0x3, 0x8, 0x62, 0x2, 0x0, 0xc, 0x2, 0x7fff, 0x0, 0xffffff70, 0x19, 0xffffffa9, 0x2, 0x7, 0x80000001, 0x7, 0x3, 0x36, 0xc, 0x6, 0x6, 0x5d0bef1f, 0x400, 0x1, 0x837, 0xffffffff, 0x9fec, 0x401, 0x68, 0x9, 0xdd64, 0x1, 0x4, 0x8001, 0xfffffffe, 0x2, 0x0, 0x200, 0xfff, 0xfffffff1, 0x7, 0x4, 0xf, 0x7, 0x7469, 0xb, 0x2, 0x200, 0xff32, 0x6, 0xca, 0x4ec1, 0x1, 0x9, 0x80, 0x0, 0x10000, 0x0, 0xb4, 0x7, 0x6, 0x0, 0x0, 0x8156b2a, 0x1, 0xd5c, 0x4, 0xa0, 0x4, 0x7, 0x4, 0x0, 0x81, 0xff, 0x2, 0xe6b, 0x9, 0xa, 0xc8c, 0x1, 0xd2a, 0x6, 0xf4e, 0x9, 0x3a0, 0x3, 0x10000, 0x7ff, 0x44, 0x1, 0x2, 0x800, 0x3, 0x8, 0x0, 0x8e5e00, 0x922e, 0x0, 0x8, 0x3, 0xf, 0x4, 0x2, 0x2c000, 0x80, 0x1, 0x1, 0x2, 0x5, 0x0, 0x9, 0x6, 0x0, 0x3365, 0x2, 0x5, 0xffffffff, 0x1000, 0x0, 0x4, 0x0, 0x1, 0x2, 0x81, 0x111, 0x2, 0x5c20, 0x7f, 0x0, 0xe, 0xfffffffb, 0x6, 0x391, 0x0, 0x0, 0x3, 0x9, 0xc95d90c, 0xff, 0x2, 0x7, 0xd, 0xc7, 0x4, 0x7, 0x0, 0x9, 0xffffffff, 0x9, 0x1, 0x4, 0x3, 0x7, 0xfffffff9, 0x10, 0x2, 0xfff, 0x2, 0x6, 0x8b4, 0x600000, 0x1, 0x6, 0x0, 0x10000, 0x0, 0x3, 0x5, 0x0, 0x1000, 0x6, 0x9, 0x0, 0x1, 0x81, 0x2, 0xffff6c4b, 0x1, 0x7, 0x5, 0x7fff, 0xc, 0xffffffff, 0x9, 0x6, 0x0, 0x40, 0x3ff, 0x80000000, 0x2, 0x603c, 0x4, 0x4, 0x0, 0xfffffff8, 0x7, 0x3, 0x800010, 0x400, 0xfffffe00, 0x1, 0x3, 0x0, 0xffff, 0x4, 0x6, 0x8, 0x0, 0x400, 0x1, 0x8a, 0x10, 0x6, 0x0, 0x7ff, 0x3, 0x7, 0x616, 0x2, 0x2, 0xd1, 0x2, 0xfffffffc, 0x8, 0xe, 0x800, 0x1, 0x4, 0x400d87, 0x80000001, 0x48e0, 0x8, 0x9, 0x40, 0x400, 0x5, 0x2, 0x4e1b, 0x1, 0x1000, 0x8, 0x4, 0x3, 0x0, 0x2, 0x9, 0x5, 0x3, 0x10001, 0xffff, 0x4d, 0xd, 0x8, 0x2, 0x2, 0x8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x7, 0x5, 0xfffffffe, 0xd, 0xfffff0c5, {0xb, 0x2, 0x200, 0x8001, 0xfffa, 0xbe}, {0xd9, 0x2, 0x5, 0xfff8, 0xfff}, 0x3, 0x9, 0x2}}]}]}}]}, 0x478}}, 0x4000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmmsg$inet(r0, 0x0, 0x0, 0x20008000)

16.843920815s ago: executing program 2 (id=3868):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0xc, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106)

16.718087259s ago: executing program 2 (id=3869):
futex(0x0, 0x8c, 0x1, 0x0, 0x0, 0x2)
syz_usb_connect(0x2, 0x0, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9})
mmap(&(0x7f0000819000/0x2000)=nil, 0x2000, 0x4, 0x11, r1, 0x100000000)
syz_clone(0x4000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0xa0402, 0x0)
io_setup(0x1, &(0x7f0000002500)=<r3=>0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="1f00000000000000000000000010"], 0x48)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r5, @ANYBLOB=',wfdno=', @ANYRESHEX=r6, @ANYBLOB='\n\x00'])
openat$cgroup_type(r5, &(0x7f00000000c0), 0x2, 0x0)
r7 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_RINGS_SET(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000fcffffff100000001800018014000200776c616e3000000000000000000000000800070000000000"], 0x34}}, 0x0)
io_submit(r3, 0x2, &(0x7f00000011c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0xe3, 0x0, 0x2}, 0x0])
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x80}, 0x1, 0x0, 0x0, 0x20044081}, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x3000009, 0x46031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9)

14.698184553s ago: executing program 2 (id=3874):
socket$igmp(0x2, 0x3, 0x2)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000101c1b021b00000000000109022400010000400009040000010300400009210000000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000005c0)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[], 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000003c0)={0x84, &(0x7f0000000180)=ANY=[], 0x0, &(0x7f00000004c0)={0x0, 0x8, 0x1, 0x4}, &(0x7f0000000500)={0x20, 0x0, 0x4, {0x1, 0x3}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
openat(r1, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x100c02, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r3 = syz_io_uring_setup(0x45, &(0x7f0000000300)={0x0, 0xf24c, 0x0, 0x41, 0x2b3}, &(0x7f0000000100), 0x0, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x22, &(0x7f0000000380)={&(0x7f0000006000)={[{0x0, 0x0, 0x103}]}, 0x1}, 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r5, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000011)
sendmsg$kcm(r5, &(0x7f00000001c0)={&(0x7f0000000000)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha1\x00'}, 0x80, 0x0}, 0xe07e872420db67cb)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x2004095)
socket$inet_icmp(0x2, 0x2, 0x1)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, 0x0, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000015c0)=ANY=[@ANYBLOB="18000000041401002dbd7000fedbdf250800010000000000ba30b28e994c1a08786eb807e0000000000000000000009fe70ba83a7a66e67a0bae5cfaccbbb81e28d7b568da", @ANYRESHEX, @ANYRESOCT], 0x18}, 0x1, 0x0, 0x0, 0x1000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)

12.642671089s ago: executing program 4 (id=3876):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x478, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r2, {0xe}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_basic={{0xa}, {0x448, 0x2, [@TCA_BASIC_POLICE={0x444, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0x3, 0x8, 0x62, 0x2, 0x0, 0xc, 0x2, 0x7fff, 0x0, 0xffffff70, 0x19, 0xffffffa9, 0x2, 0x7, 0x80000001, 0x7, 0x3, 0x36, 0xc, 0x6, 0x6, 0x5d0bef1f, 0x400, 0x1, 0x837, 0xffffffff, 0x9fec, 0x401, 0x68, 0x9, 0xdd64, 0x1, 0x4, 0x8001, 0xfffffffe, 0x2, 0x0, 0x200, 0xfff, 0xfffffff1, 0x7, 0x4, 0xf, 0x7, 0x7469, 0xb, 0x2, 0x200, 0xff32, 0x6, 0xca, 0x4ec1, 0x1, 0x9, 0x80, 0x0, 0x10000, 0x0, 0xb4, 0x7, 0x6, 0x0, 0x0, 0x8156b2a, 0x1, 0xd5c, 0x4, 0xa0, 0x4, 0x7, 0x4, 0x0, 0x81, 0xff, 0x2, 0xe6b, 0x9, 0xa, 0xc8c, 0x1, 0xd2a, 0x6, 0xf4e, 0x9, 0x3a0, 0x3, 0x10000, 0x7ff, 0x44, 0x1, 0x2, 0x800, 0x3, 0x8, 0x0, 0x8e5e00, 0x922e, 0x0, 0x8, 0x3, 0xf, 0x4, 0x2, 0x2c000, 0x80, 0x1, 0x1, 0x2, 0x5, 0x0, 0x9, 0x6, 0x0, 0x3365, 0x2, 0x5, 0xffffffff, 0x1000, 0x0, 0x4, 0x0, 0x1, 0x2, 0x81, 0x111, 0x2, 0x5c20, 0x7f, 0x0, 0xe, 0xfffffffb, 0x6, 0x391, 0x0, 0x0, 0x3, 0x9, 0xc95d90c, 0xff, 0x2, 0x7, 0xd, 0xc7, 0x4, 0x7, 0x0, 0x9, 0xffffffff, 0x9, 0x1, 0x4, 0x3, 0x7, 0xfffffff9, 0x10, 0x2, 0xfff, 0x2, 0x6, 0x8b4, 0x600000, 0x1, 0x6, 0x0, 0x10000, 0x0, 0x3, 0x5, 0x0, 0x1000, 0x6, 0x9, 0x0, 0x1, 0x81, 0x2, 0xffff6c4b, 0x1, 0x7, 0x5, 0x7fff, 0xc, 0xffffffff, 0x9, 0x6, 0x0, 0x40, 0x3ff, 0x80000000, 0x2, 0x603c, 0x4, 0x4, 0x0, 0xfffffff8, 0x7, 0x3, 0x800010, 0x400, 0xfffffe00, 0x1, 0x3, 0x0, 0xffff, 0x4, 0x6, 0x8, 0x0, 0x400, 0x1, 0x8a, 0x10, 0x6, 0x0, 0x7ff, 0x3, 0x7, 0x616, 0x2, 0x2, 0xd1, 0x2, 0xfffffffc, 0x8, 0xe, 0x800, 0x1, 0x4, 0x400d87, 0x80000001, 0x48e0, 0x8, 0x9, 0x40, 0x400, 0x5, 0x2, 0x4e1b, 0x1, 0x1000, 0x8, 0x4, 0x3, 0x0, 0x2, 0x9, 0x5, 0x3, 0x10001, 0xffff, 0x4d, 0xd, 0x8, 0x2, 0x2, 0x8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x7, 0x5, 0xfffffffe, 0xd, 0xfffff0c5, {0xb, 0x2, 0x200, 0x8001, 0xfffa, 0xbe}, {0xd9, 0x2, 0x5, 0xfff8, 0xfff}, 0x3, 0x9, 0x2}}]}]}}]}, 0x478}}, 0x4000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmmsg$inet(r0, &(0x7f00000010c0), 0x0, 0x20008000)

12.484330393s ago: executing program 4 (id=3877):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0xc, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)}, {0x0}], 0x2, &(0x7f0000001a00)=ANY=[@ANYBLOB="180000000000000010010000010000007d95df16a39b1a6c900000000000000001000005040500002b24ec10064b6f2f000000fb718aef932f3889d1fdda5b00000009860f5878c37ffe36e1165814d435be5b317c6c8189767d2f97879f07a515bb7c169f46933d9338f4ab04834e6f618988c5944741afe403461323110f62055394412158e7a3adb164d641aa40d4ab077fe34232aa8b319d7666d0998a61d7da0c86d70000001010"], 0x10b8}, 0x106)

12.380472406s ago: executing program 4 (id=3878):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
r1 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r1, 0x0, 0x24008004)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000200)={0x0, 0x1}, &(0x7f0000000240)=0x8)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x4)
clock_gettime(0x17, 0x0)
ioctl$KDGKBTYPE(r4, 0x4b33, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800002, 0xe)
keyctl$join(0x1, 0x0)
keyctl$session_to_parent(0x12)
r5 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r6 = dup(r5)
write$UHID_INPUT(r6, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b32323b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdc69c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d9560ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f733b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = socket(0x10, 0x803, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r8, 0x89f2, &(0x7f0000000140)={'ip6gre0\x00', &(0x7f00000002c0)={'ip6gre0\x00', 0x0, 0x29, 0x0, 0x7, 0x6661, 0x6d, @loopback, @mcast1, 0x20, 0x7800, 0x2, 0x81}})
sendmsg$nl_generic(r7, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001480)=ANY=[@ANYBLOB="200000001000010700000000000000"], 0x20}}, 0x0)
recvmmsg(r7, &(0x7f0000001b40)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)=""/189, 0xbd}], 0x1}}], 0x1, 0x0, 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="3c00000012000173"], 0x3c}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x1, 0x4, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000300000000000000fcf142525f0000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)

12.22143702s ago: executing program 1 (id=3879):
r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[], 0x48)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0xfffffffffffffcb5, &(0x7f0000000080)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
lsetxattr$trusted_overlay_origin(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), &(0x7f0000000140), 0x2, 0x1)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x40, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x2, 0x0, 0x0, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x97)

8.959424648s ago: executing program 2 (id=3881):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r0, 0x90004)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1, 0x50, 0xffffffffffffffff, 0x0)
r1 = socket(0x2c, 0x3, 0x1000)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, r1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
pread64(0xffffffffffffffff, &(0x7f0000001240)=""/102400, 0xffffff8c, 0x200000)
accept4(r0, &(0x7f0000000040)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @private1}}, 0x0, 0x800)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="043e130100c900", @ANYRES8], 0x16)

8.768202793s ago: executing program 0 (id=3882):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0))
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff9000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x400c804)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="040e080f0c08"], 0xb)
io_uring_setup(0xb, &(0x7f0000000040)={0x0, 0x6492, 0xc000, 0x8, 0xc1})
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={0xffffffffffffffff, 0x0, 0x0}, 0x20)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
setitimer(0x1, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x48, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x20, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x40020000000002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
close(0x3)
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000180)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
read$FUSE(r2, &(0x7f0000005180)={0x2020}, 0x2020)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x40806685, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c000000090a010400000000000000000a0000040900010073797a3100000000080005400000000209000200737997310000000008000a40fffffffc140000001100"], 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0}, 0x1, 0x0, 0x0, 0x4000850}, 0x4000000)

7.606997774s ago: executing program 0 (id=3883):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
futex_waitv(&(0x7f0000001600), 0x0, 0x0, 0x0, 0x1)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x100008b}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000340)={0x0, <r1=>0x0})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
syz_io_uring_setup(0xf00, 0x0, 0x0, 0x0, 0x0)
ioctl$SG_SCSI_RESET(0xffffffffffffffff, 0x2284, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002380)=[{{0x0, 0x0, &(0x7f0000001340)=[{0x0}], 0x1}}], 0x1, 0x26022, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000080), 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000840)={0x0, @in6={{0xa, 0x4e23, 0x70000, @private1={0xfc, 0x1, '\x00', 0x2}, 0x803}}, 0x3, 0x2, 0x8, 0x80000001, 0xe6, 0x7, 0x84}, 0x9c)
mkdir(&(0x7f0000000000)='./bus\x00', 0x80)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6})
readv(r0, &(0x7f0000000080), 0x0)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$search(0xa, r2, &(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000000c0)={<r3=>0x0, 0x1, 0x30, 0x3, 0x40}, &(0x7f0000000140)=0x18)
getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000180)=@assoc_id=r3, &(0x7f00000001c0)=0x4)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
r4 = add_key(&(0x7f00000013c0)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000100)='[', 0xfe95, 0xffffffffffffffff)
keyctl$revoke(0x3, r4)

7.394759691s ago: executing program 0 (id=3884):
syz_usb_connect$lan78xx(0x3, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x6, 0x100000b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000380)={'syz1\x00', {0x0, 0x7fff, 0x2, 0x2}, 0x51, [0x3ff, 0x2, 0x10000, 0x0, 0x7ca6, 0x9, 0xc2ad, 0x4, 0x9, 0x9, 0x5, 0x9, 0x8, 0x200, 0x5, 0x3, 0x7, 0x5, 0xfffffff9, 0x6, 0x3, 0xfff, 0x100, 0x4152, 0x8b3, 0x9, 0x861, 0x7, 0x5, 0x0, 0x3c, 0x4, 0x1005, 0x4, 0x8, 0x1ff, 0x8, 0x8, 0xd5bb, 0x3, 0x1, 0x9de9, 0x8, 0x0, 0x3, 0x7f, 0x5, 0x8, 0x0, 0x1, 0x3ff, 0x6, 0x2e, 0x800, 0x846c, 0x3, 0x6, 0x31b, 0x8, 0xa, 0x1, 0x7, 0xffffffff, 0x3], [0x4a, 0x19a78cbf, 0xe936, 0x8, 0xf6, 0xfffffff7, 0x2, 0x7d, 0x10001, 0x8, 0x3ff, 0x1, 0x7, 0x8f, 0x1, 0x2, 0x1ff, 0x200, 0x6f8, 0x7, 0xd, 0x7, 0x100788, 0x6, 0x0, 0x0, 0x8, 0x3, 0x5, 0x2, 0xa, 0x7, 0x80, 0x5aa, 0xfffff000, 0x400, 0x8, 0x7, 0x6, 0x6, 0x5, 0x3, 0x86, 0x22e2, 0x4, 0xffffffff, 0x7, 0x1fd, 0x6, 0x10001, 0x9e, 0x1, 0x9, 0x101, 0xfffffffa, 0x0, 0x2, 0x2, 0x6, 0x1ff, 0x8, 0x3, 0x6, 0x3], [0x2, 0x94da, 0xffffffff, 0x7, 0xc0000, 0x4, 0x4, 0xfffffffa, 0x6, 0x7, 0xea, 0x7, 0x6, 0x400, 0xfffeffff, 0xfc000000, 0x8, 0x8, 0xd1, 0x8000002, 0xb66, 0x3, 0x4, 0x52c, 0x4, 0x10001, 0xfffffff8, 0x2, 0x9, 0x1, 0x7, 0xe86, 0x8, 0x20000100, 0x7, 0x1, 0x746a6ffd, 0x3, 0x4, 0x0, 0x1, 0x45a6c325, 0x8, 0x10000, 0x1000, 0x2, 0x5, 0x0, 0x2, 0x2, 0x1, 0x8, 0x2, 0x2, 0x81, 0x200, 0x3ff, 0xffffffcc, 0x6, 0xa000000, 0x8, 0xfff, 0x4000, 0x2], [0x8, 0x7, 0xffffffff, 0xfffffffc, 0x8000, 0x2, 0x74d6, 0x1ff, 0xfffffffe, 0x0, 0x5e, 0x0, 0x8, 0x8, 0x5, 0x8, 0xfb, 0xf25, 0xd, 0x1ff, 0x2, 0x95, 0x9, 0x9, 0x1, 0xc, 0xffff6f9e, 0x4, 0xfffffff7, 0x10000, 0x7, 0x52a, 0x5, 0xc1a0, 0x4, 0x8, 0x3, 0x9, 0x5, 0xb7af, 0x3, 0x4, 0x0, 0x1ff8, 0x2, 0x7, 0x6, 0x7ffffffd, 0x8, 0x7, 0x7fffffff, 0xd, 0x40, 0x3ff, 0xc, 0x1ff, 0x9, 0x6, 0x0, 0x1000, 0x9, 0x2, 0x9, 0x4]}, 0x45c)
r2 = syz_open_dev$vim2m(&(0x7f0000000140), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r2, 0xc0d05605, &(0x7f00000003c0)={0x1, @pix={0x7ff, 0x3, 0x33565348, 0x3, 0x2, 0x10001, 0x7, 0x100, 0x1, 0x2, 0x2, 0x6}})
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCXONC(r3, 0x540a, 0x0)
ioctl$TCXONC(r3, 0x540a, 0x3)
ioctl$BTRFS_IOC_SUBVOL_SETFLAGS(r0, 0x4008941a, &(0x7f0000000100)=0x2)
r4 = syz_genetlink_get_family_id$nbd(0x0, 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000000000000000100000008000100400000000c000200700f0000000000000c00060003000000000000000a000a00272d5d29212b0000140007"], 0x6c}}, 0x0)
r5 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
ioctl$PPPIOCSFLAGS1(r5, 0x40047459, &(0x7f0000000080)=0x510)
sendmsg$TIPC_NL_KEY_SET(r1, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000004}, 0x0)

7.343807762s ago: executing program 4 (id=3885):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x478, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r2, {0xe}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_basic={{0xa}, {0x448, 0x2, [@TCA_BASIC_POLICE={0x444, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0x3, 0x8, 0x62, 0x2, 0x0, 0xc, 0x2, 0x7fff, 0x0, 0xffffff70, 0x19, 0xffffffa9, 0x2, 0x7, 0x80000001, 0x7, 0x3, 0x36, 0xc, 0x6, 0x6, 0x5d0bef1f, 0x400, 0x1, 0x837, 0xffffffff, 0x9fec, 0x401, 0x68, 0x9, 0xdd64, 0x1, 0x4, 0x8001, 0xfffffffe, 0x2, 0x0, 0x200, 0xfff, 0xfffffff1, 0x7, 0x4, 0xf, 0x7, 0x7469, 0xb, 0x2, 0x200, 0xff32, 0x6, 0xca, 0x4ec1, 0x1, 0x9, 0x80, 0x0, 0x10000, 0x0, 0xb4, 0x7, 0x6, 0x0, 0x0, 0x8156b2a, 0x1, 0xd5c, 0x4, 0xa0, 0x4, 0x7, 0x4, 0x0, 0x81, 0xff, 0x2, 0xe6b, 0x9, 0xa, 0xc8c, 0x1, 0xd2a, 0x6, 0xf4e, 0x9, 0x3a0, 0x3, 0x10000, 0x7ff, 0x44, 0x1, 0x2, 0x800, 0x3, 0x8, 0x0, 0x8e5e00, 0x922e, 0x0, 0x8, 0x3, 0xf, 0x4, 0x2, 0x2c000, 0x80, 0x1, 0x1, 0x2, 0x5, 0x0, 0x9, 0x6, 0x0, 0x3365, 0x2, 0x5, 0xffffffff, 0x1000, 0x0, 0x4, 0x0, 0x1, 0x2, 0x81, 0x111, 0x2, 0x5c20, 0x7f, 0x0, 0xe, 0xfffffffb, 0x6, 0x391, 0x0, 0x0, 0x3, 0x9, 0xc95d90c, 0xff, 0x2, 0x7, 0xd, 0xc7, 0x4, 0x7, 0x0, 0x9, 0xffffffff, 0x9, 0x1, 0x4, 0x3, 0x7, 0xfffffff9, 0x10, 0x2, 0xfff, 0x2, 0x6, 0x8b4, 0x600000, 0x1, 0x6, 0x0, 0x10000, 0x0, 0x3, 0x5, 0x0, 0x1000, 0x6, 0x9, 0x0, 0x1, 0x81, 0x2, 0xffff6c4b, 0x1, 0x7, 0x5, 0x7fff, 0xc, 0xffffffff, 0x9, 0x6, 0x0, 0x40, 0x3ff, 0x80000000, 0x2, 0x603c, 0x4, 0x4, 0x0, 0xfffffff8, 0x7, 0x3, 0x800010, 0x400, 0xfffffe00, 0x1, 0x3, 0x0, 0xffff, 0x4, 0x6, 0x8, 0x0, 0x400, 0x1, 0x8a, 0x10, 0x6, 0x0, 0x7ff, 0x3, 0x7, 0x616, 0x2, 0x2, 0xd1, 0x2, 0xfffffffc, 0x8, 0xe, 0x800, 0x1, 0x4, 0x400d87, 0x80000001, 0x48e0, 0x8, 0x9, 0x40, 0x400, 0x5, 0x2, 0x4e1b, 0x1, 0x1000, 0x8, 0x4, 0x3, 0x0, 0x2, 0x9, 0x5, 0x3, 0x10001, 0xffff, 0x4d, 0xd, 0x8, 0x2, 0x2, 0x8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x7, 0x5, 0xfffffffe, 0xd, 0xfffff0c5, {0xb, 0x2, 0x200, 0x8001, 0xfffa, 0xbe}, {0xd9, 0x2, 0x5, 0xfff8, 0xfff}, 0x3, 0x9, 0x2}}]}]}}]}, 0x478}}, 0x4000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmmsg$inet(r0, &(0x7f00000010c0), 0x0, 0x20008000)

6.532083843s ago: executing program 4 (id=3886):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0xc, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f0000000140)={&(0x7f0000000440)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @loopback}}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000100)="a6", 0x1}, {0x0}], 0x2, 0x0, 0x10b8}, 0x106)

5.265523588s ago: executing program 1 (id=3887):
r0 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000180)='b:::\x00\xef\xdfB\xfa=\xe3\xd1\x9d\xe1\xbfUlJ4]y-,\x8a\x03\x91xu\x9cP\xdc\xe5\x95\xa2@\x9c\x98\xa4\xd2\xd4}\xc8]7N\xf3\x0e\'\xa0x\xfbdt\xb4\x1fW\xe7\xbe\xaf\x01.zT\xab\x92I\x104\x8c\x18\x16\x1c\x8a\x8e\xfd\x8b{ZVHZ2\xd3\xd6-~\x96\x80#\xee)+L\xf1\x00\xd5p\xe7 \x8c\xd2\a\x1e\xae\xb4\xe8\xd1\xe1\xed\xb8\x94\xb2*\x1c\xaeG\x1e\xdb\xc0Q\xb9`K\xffG\xc0\xa2\xb41\xac\x98\x01\xde}:\b\xa0Oq\xec\xa8\xf0\x8f\xe3\xa17\xe3\xd7\x9c^\x90\xfal\xbe\x81\x9a\xa4\x00K', 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
syz_genetlink_get_family_id$mptcp(&(0x7f0000000240), r2)
r3 = dup(r1)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
ioctl$XFS_IOC_FSGROWFSLOG(r3, 0x4008586f, &(0x7f0000000440)={0x1, 0x7})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000001800)={'veth1_virt_wifi\x00', <r6=>0x0})
setsockopt$packet_int(r5, 0x107, 0x14, &(0x7f0000000180)=0x2, 0x4)
setsockopt$packet_int(r5, 0x107, 0xf, &(0x7f0000000000)=0x3da, 0x4)
sendto$packet(r5, &(0x7f00000000c0)="3f03fe7f0302140006001e0089e9aaa911d7c2290f0086dd1327c9167c643c4a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe90c, 0x0, &(0x7f0000000540)={0xc9, 0x0, r6, 0x1, 0x0, 0x6, @multicast}, 0x14)

5.236524808s ago: executing program 4 (id=3888):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000005580)=""/102392, 0x18ff8)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000100)={0xaa, 0x4})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000140)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x0, 0x2})

5.019845014s ago: executing program 2 (id=3889):
socket$igmp(0x2, 0x3, 0x2)
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000101c1b021b00000000000109022400010000400009040000010300400009210000000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000005c0)={0x24, 0x0, 0x0, &(0x7f00000001c0)=ANY=[], 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000003c0)={0x84, &(0x7f0000000180)=ANY=[], 0x0, &(0x7f00000004c0)={0x0, 0x8, 0x1, 0x4}, &(0x7f0000000500)={0x20, 0x0, 0x4, {0x1, 0x3}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
openat(r1, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x100c02, 0x0)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
r3 = syz_io_uring_setup(0x45, &(0x7f0000000300)={0x0, 0xf24c, 0x0, 0x41, 0x2b3}, &(0x7f0000000100), 0x0, &(0x7f0000000000))
io_uring_register$IORING_REGISTER_PBUF_RING(r3, 0x22, &(0x7f0000000380)={&(0x7f0000006000)={[{0x0, 0x0, 0x103}]}, 0x1}, 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$kcm(0xa, 0x1, 0x106)
sendmsg$kcm(r5, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000011)
sendmsg$kcm(r5, &(0x7f00000001c0)={&(0x7f0000000000)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha1\x00'}, 0x80, 0x0}, 0xe07e872420db67cb)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0x2004095)
socket$inet_icmp(0x2, 0x2, 0x1)
r6 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r6, 0x0, 0x810)
sendmsg$RDMA_NLDEV_CMD_DELLINK(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000015c0)=ANY=[@ANYBLOB="18000000041401002dbd7000fedbdf250800010000000000ba30b28e994c1a08786eb807e0000000000000000000009fe70ba83a7a66e67a0bae5cfaccbbb81e28d7b568da", @ANYRESHEX, @ANYRESOCT], 0x18}, 0x1, 0x0, 0x0, 0x1000}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)

4.388366411s ago: executing program 0 (id=3890):
openat$sndseq(0xffffffffffffff9c, 0x0, 0x42002)
r0 = socket$inet(0x2, 0x6, 0x0)
r1 = openat$nullb(0xffffffffffffff9c, 0x0, 0x185042, 0x0)
r2 = syz_open_dev$loop(0x0, 0x47ffffa, 0x1a6c42)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f0000001ac0)={r1, 0x2000, {0x0, 0x0, 0x0, 0x3, 0x14a1fd, 0x0, 0x0, 0x1e, 0x1c, "339f020bbe82b398000000000000000000000d0ec0c1b4e9b1c4369d03740250ceaac594b1b3d741dd17c1c50d38ef2a565ef1e83323691c58d66500", "a9103939c787a16c1ca43f80026d1a8554fe581b59ded130e04d528539f3d3289737f0374c72a964a02447a75df8a69ea917deb7ba193b3e7772fd29f35239d2", "24431a1e77a68e174f000000000000000010e200", [0x4, 0x400]}})
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000001c00)={0x8, {"b0476b76ba5d044f65271519727e4ff1ff0d12c0e6bdf3ea1f52e24f60ca698457b32832b83d7e96694c1feb5809bd67002f71e0b97c0d5270c04ffa64f63b2e18ee4b7b572fe2f4d03cad38bcd106ff12f53b443ac6fc81da518f54b9004a44859529c07a2b1b8feddc0180a0f37b13babba1dd0813b7ea56dac4b7ffe9a2ef54221439ecc55223ef2d40f4ba8108c10387ddffbaed25d41e7692bf26ddfa747a666caff49843e38c86cac7323f784a17df6beaa49c3f4a98fb4013f4e573e2ef77b0965d4bfbdf7d5eada69406ca93f422495e00addfca1518085a40f10284ff59388ecf476a12ef1a540163922098d600519ae8cf3ef544344e9d968f341af618503b455f3976b76975270e94d714302382c63de5b7c1fad1fa373b369916cb3b4d583a9ebbaeb262884d25a0e1d9fb141de60df7e64cb38b6f7167991f8fba06bffe2d49133bbb462cd8a9493177eee5f03875b15c7a92c3cd6a3fdfc64f236e14fa05a0e8d3c45f13eecd22e13528c74186dc50e0e2af44177e26bded1161e5533375508dadb83db5126cc810f4e30d4e24ec12c3b99e5220aacf42c58f2960bd43c337dbd318aeeb5c9a6cd5ffd3bf1497bb48ab7bcb32c9c33c9f5b9bc4645b96f23f9e0d826b780030444ffb925f55df587ef5ca5ea74ccd66afc7981da496d6f037efbb0b08f3f5078c60ffb4db18d1b59996bd9b1513442785bf4ece8587b39d8176dc9c735d5ea25133b2053bba227b81faab7220326f8814a9df4eba4ecc6acdd82f70b653b56a18cc9dfa4deb0a112c797ab89a51a103c3a9085d828523370c4d79d9484f4dc910735a2c9b5b85197cd9c073df7a54b40df8e1bf595bab957900c2a1a7dc40e88ed0c55c362ffbb7f88a0725a6ae73b936a639e951faf9c45ae74a2ece2f6f88e425ee41d2c60cb083a2fd6d07381908a7f629e32f89a553cf0794f54b8bdc7bd541d88464a4f80ac0b8b625a803a55de4b05a95fc7f8fc3d6d79858ccb269b7b8b21657654164a9aa29f4e8462377e9d234a41ea69841a4aaa1e5f89f9b074f6f71cb1ffaa450c3160b0e319ec81ad30101db66218b0c69f97c234465dc45849fcfd62d396f2b50ddcc0ed7dd8651431534232ab6d1186d7760770a1fc6c77553a79d0297194f794997ee47781094a76d9dccf632dcbb527b3e68950d9bb534245c7f08ae1d6ef2750292ae28e5e6dcfe2a69737dd7a1e453f3902ae90789e98c212905422099904d3bfb949bde187682a59c01aa8e6a9972a63d6aaef4d4139b10a24e063707f1aba79bd59e3f9709a873dff401d1f356c4be5e449ae0e2633a1fe50ed367fe56b0499957c3b6cabb42256547995ea998f3937d153897d1c83f1ad922d6835bdfa3b986dc6f4bd927a4ca13fbaa99b7b43758e2329d588f40fac718b16cca855468643f3818496b4915fe9a2bdd3e68889fea24bc1dfa6287a801d49a7bb84654147448550d2919e4df3a943a88cf616befea4e7a4fddb7969311c6837f9529966241be1e57ed2d773debc542986d09866905a3f63b6e1820086d52a70f039154e839da7ea852c33bf3722a048f61bbf068519e050b8788370fb130a42e9f5322dfff65b15d588f9e926b70e4530e8b66697cabb1e8514831431fa0eaecb49f9613ed5fd7bc50f897bda36d24d4296e143e2480e325ec09a77c03a07b4f86eb703085313ebeee94ef5b1cde3f6a7efd785772eb4034039f598c07819b769416a223fab824c4ac50086e78042a1ccf47b6c7ede8540cded4bd4c920ce6c2b7493a5634c5e96bb761373623ab473b121d555bfd5a8bc3f5c5418bed83ffd0d6492840550fccc0c35746370396d0190b7b1d2cadcc150877e0d197f692f97cec790c95e3d3959dc7c68aca37306c1bc13ad33848395dba5e3c9ce8090bc0e7e8312091773641be56411921e3d473321c6d8bd10b7d3f5aedd6620bcaa06474bbb298bc77297b8b5dcb9e6b33dbe676460cca825609857724cee245306d07fda287d5fe57c424c27cf9b6cf0f16d2c6a8071bd57c826d7371841cf43dab1b42421ce416d0d3a9c80bc807d2e6761e53f06b3e63c0af1b4548d820118421205f040f4ab35307871e4c7a21ff28082c29e02e89486064661898c0eb1811c70a6124c1f25d62c38794a3e87c312c870db7b60d0df8b57860c94d1a9c561b327fae3a68ce9ff4551e418eb00766f0341c5e796e3cbbbe6b4864928b966110256d5475eb1fd7b2893b60e19e859baaf23c9233a1b064771671ee2d07c151e2e99c37a116a338788052a726a8519b8335e9ff4f71d00ab634543c20ddea1bf57d4f2b797182ff19618b6974d2b69d9f052934d527a1830bf2785842f35eaf32b65b7c9fdd6f0c41756072a59c0cce0b7305740729f1daa14e0092da9d022321b726d658fcef55affa2bbf36ad788f1f423b7dfd328435b4d5df315143d8b8028ba4bea6134a3dc9720c73d5e66b8b8168752eea6b78c75f04efd9677dbe419f13f5e1c9764276a83821b710307d8f85359b34d038ff17de45e8739d4b647fd1a8d794a3273d922af3374f5d3c75b8345b9dfdabb2c0418a358921e0e73d0fe88caab1741b913673e22ff4b59afa0f653a423d9b2bb20cbf07951a349eea18a891b4f4dc6df8e42a6181284f643de5fd2924ae54f672a1920343476c67333e1e8205bf4877b1251a83f417936714edb1c6975ba7969d2fcc2e69024a4669ac2f998116ade1bd84568b8f3f1fccbe95df9ed21db77315b7469f30bfae418415d9cb5aeea627ba6811e30d56d4f4bfe5f794ea4243e3cdfad3ef55199699b8433083b6f72f95effc5f2f613cfcefaf0b94e801ebcb7095a1474ee93142b82c9bf9886617b6bf69d08c83c76cd21d4cce5872d99de8e54bbff915ab923b2d24bb3aa178dd50b44fd0eb880ef33ca51d4bf5f0fbc8ffe18afe4245397f277e4efad955baa10cf56613481253d69c02e7661714b68be0fd64f29bdafbc8b4a0b30bd6709c67fe8e8915d0479b3902b1d0169fb5486b02e966ad5d8a2bcf42ecba59177cd85e17239667f6b045d1f873ce24733ae17e2d8432709062e786a32ac925121f1b0d46c66d4fb9088f4aa0cfe2149f6c2cb5b75d45349bc88fbd47e01ea07e7cd573335aab8d389846566800dd084bc3caa95f7632719c651f2d33be0fb56347c063b3c6e3e75c5e58caeb4c37574859b78c1ed018fbeed788a4305a9ee1c1ef65a0c83a7cd717a8c08ecd4e86370ffffd6d40a89a0b1e8c15a10ad5406e867e49319ad83bfbb925d5e240b4bd44fd751e7510d5ea03a6cab95f37155d1fd69aaea1db4a1f53714eb90e669209cf634f84a50c85bdc51838ebbb545b4387790df67f0122740c2abc910cf83230394172a56c9ffda6675bb8bb39846730a1bf764aeb92407c90a194da880cb8a4efb5b57a8311d864209c7fd226b93582b6b11eec559abfbba653c0569c219d3a2e60555cb739f9d32d564f23c4e98be78aa553610822af426f961df0df2185c61ccaa22b2a6aa6fb3e917bdfb2be9c3ffb8a50821321119c4cf4917db39548abc17bfba267fa50f6af15c560a21055f967f1ca6f656ddb556f9c7e17a771eeef7e80940d1c14ddf2c27647686fd0526460036aeea395fb10abef2be2ea96c9bb380370c08d1568d30eea0f3e6b7cf8f7edc7b36d4d0affd249330707b54ee620f208d885791171eb67a25a80fcc6922e0258c9673b6576564949dfa5bed9a0299bf952aade654de16e22d54fcd391ded6adab94ff621efcd91ef69acf8dfa1b22692ba3e49cd1d3fbed6db1402065ab37e457056877977ebac33ef566f28a19b9acb67a9cc53feb156814e880b3dd5a9119ffdbc5a45c20ea375f2882575b9a28740eebf63f2895d9ffac1ec33cbdcdede98a201424d000df1efd64dd7268cc1b2366ccfb09754822dafdb1821de5e6ebee09608e82e679fafb7a5100172f26998d31d7f27c2b310f0372c3b5e888f8e6efb56074177bf6a2a5bbd9ed070ad5aaf23ce144d1ac86cad110e5916a8a57e1e7fc3d37353f84f2f6d43d92ab8b35040467f3f8b1d23fac021bbac3710edc8e2e26d794db38e48020f63e94d4b4dca3e015537a8e3008274d55f81af931a0faf1a438444b6a0489b93f7b88f81f761eae0f82e60cb0cf2745ca8c9e30d3cc189c1405b1994ed71b00d90ea7a94102916cdc915620c363d04e51eabaaca6c2814a7c1e7aaeec80bdc13135b813e6d0eea83446a5c57ec29695c302c0d8da65b61fe8ada51a36e1aff34d449f9eb70cb94931226121ab121a971c2fc070ca84272d122c1696f52fbd5ed06783abe188dcf133c4d41e10295f6ffda69fa8c5a7c0fec3425a2d60523a60d280b5ce34eac5911268172e772fefba63a6f5c6dafa9e500a5e1355fb614613f8fc1ef5e5466fa19212bcdc349a865f4cee6ea80b11a410bb6e4ad677393973e38621d25ff6c4876ef8a8d2ba651be4a78d2ba9fafadcea8eff9cca3f4ab71a0b84917794e521220dad099ac8aaf32abd162348879e4299e4d46395f9d55267b635e18ca2e2fc96146b96c8a8055130b8d8cb10cc31382df34057bd8637f86e48adc854af408226752a04df8d0362db263e0959f2bd7e8a4d33a8c4b257e19d308280baf40cced1b3cd3a86ee22df0da49d750539eee1104e99a9f8a065e5499c73125a8a8430eda7aee156821a97c237611b50f682a2cccd0969304f0a50ae98800dfb32ee1bcfeab98182c34a51e67fa5bd738c22c44fc1269ce73f464edd2f31296e92e62df51cf55798ae2e3c33c57b09f4ecd13469122095a3563f95f0a04cf58dcea4aed5e8bdda7617863cbc37a97ebadb46d679f7e30014d96d0ac7ce9484368fa5fd19cbc3d139410a2bd7ffacef1bdf76dd1d5f34d2392fcb91c7585fc1ae7d8ba2aa8ded9645d5a5e76e2279b6e0692101137da946dfbd3836476f5dad7fed70115d716dce87b5ad755e5653a709f5aa42265ec9657ed406cc9256af3628c0116b8e1d23306983e9adbc19dec354870c98e2e76566895df933a80c4c36b617db4bbda1a4ca7d6c80a43734471fc92d0bdeacfc125dddd73febd8f7ef84f221d52ae71372cee802d59013a15958e850f8fdf46d8fd3b874633daf3b1f346470456c05722258480959dd6afcffa1f3f2ca033011339c5cb85b7d1c9b5916fb8dc9c2783df64eb5cca5af83a74fe5bb259f93722842eb4ac851e71f3cfd67a39590e7f8e20f018744b9277e6eb46b5f211df5f767ef29dc9a972e14c40ea2d4624f187f301c1116d3a61adeb5c6f7ccc021ac5e18d8b40d7f1f19daf4445c06e72db8701c267c0144c92cddd49af7a87aca5aa05d0e380dd27cc780d2f7db3bef26cc4fd358543e19d73179b879f7bdc702ab405270c93a3ed64153e20b5b663773a2ad4e8e3e1e8eaf39ec80d75d02f74ff94f0e095240a564eeece4fc9bcf19bf2243c700e1dae14a1b0217013977bfa05f681abc37714fe462d0a632044ce52fdaa1c1a806b1eb4370e23ca0247e536165aa9f1c2af8adfea369ee1f4a2c7823a7baef028a1e77501db48db6aa0d7e30969f7197368db02d443803b53b2899315f7e2ba9c5ae952a3866b4ea60f3d669e0a91f7ef640cd938646bf8822fe455f0302fccf87c7fad6daf38fde038fa596b83a9fd5bf675669a6cb2bab44c6617f07950bf34edb93bbcb4174630f275dbda7a0631c4b456e5f80eb6258c1874e77d426743e478917fe44b73dc203baa2cc442b84b5818409abae99d97a28754969bd393df", 0x1000}}, 0xfffffe38)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x88800, 0x0)
ioctl$IOMMU_IOAS_COPY$syz(r4, 0x3b83, &(0x7f00000000c0)={0x28, 0xc, 0x0, 0x0, 0x21c2f2, 0xffffffffffffff79, 0x6, 0x1d6540})
r5 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
sendmmsg$sock(r5, &(0x7f0000000cc0)=[{{&(0x7f0000000100)=@l2tp={0x2, 0x0, @broadcast, 0x3}, 0x80, 0x0}}, {{&(0x7f0000000700)=@in6={0xa, 0x4e20, 0x8, @dev={0xfe, 0x80, '\x00', 0x18}, 0x60}, 0x80, 0x0}}], 0x2, 0x48094)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(r6, &(0x7f0000000000), 0xffffff6a)
sendfile(r5, r6, 0x0, 0xffffffff000)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xf)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)

4.114722749s ago: executing program 1 (id=3891):
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0xa41, 0x23)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x1000000, 0x8000, 0x4, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x6, 0xffffffffffffffff, 0x9, 0x0, 0x3, 0x80000006}, 0x0, 0x0)

3.512185095s ago: executing program 1 (id=3892):
bind$alg(0xffffffffffffffff, 0x0, 0x0)
futex_waitv(&(0x7f0000001600), 0x0, 0x0, 0x0, 0x1)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000300)={0x8, 0x100008b}, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000340)={0x0, <r1=>0x0})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100))
syz_io_uring_setup(0xf00, 0x0, 0x0, 0x0, 0x0)
ioctl$SG_SCSI_RESET(0xffffffffffffffff, 0x2284, 0x0)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002380)=[{{0x0, 0x0, &(0x7f0000001340)=[{0x0}], 0x1}}], 0x1, 0x26022, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000080), 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000840)={0x0, @in6={{0xa, 0x4e23, 0x70000, @private1={0xfc, 0x1, '\x00', 0x2}, 0x803}}, 0x3, 0x2, 0x8, 0x80000001, 0xe6, 0x7, 0x84}, 0x9c)
mkdir(&(0x7f0000000000)='./bus\x00', 0x80)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000001400)={{0x80}, 'port1\x00', 0xe3, 0x1b1c07, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6})
readv(r0, &(0x7f0000000080), 0x0)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$search(0xa, r2, &(0x7f0000000080)='keyring\x00', &(0x7f0000000100)={'syz', 0x2}, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000000c0)={<r3=>0x0, 0x1, 0x30, 0x3, 0x40}, &(0x7f0000000140)=0x18)
getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000180)=@assoc_id=r3, &(0x7f00000001c0)=0x4)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x80383, 0x0)
r4 = add_key(&(0x7f00000013c0)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000100)='[', 0xfe95, 0xffffffffffffffff)
keyctl$revoke(0x3, r4)

1.091590101s ago: executing program 0 (id=3893):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfa, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmmsg$inet(r0, &(0x7f0000001480)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000c00)="91f8a9849519def28691bbc4173c3d6f357d0272b7e95a0100000000000000937b7b22a1319130feaab952ac4703caae4be68907eb47fc5393de25000000000000f2ffffff2e3591ceb1757de97fb25500620d0d30506e742937b74945da657f794d5b5bf89588e07b14a17f069912dc0c3f201bff8b9a687b85baa11244632642a9eff0cbb4b5882b738f05eba73221490e2d5c17cf406be2796eec488a5b5268f507ee8d6f3dd131d64abc785708eb9bd24e352a984b2b1596d35ebe1d3443aa78fb40", 0xc4}], 0x1}}, {{0x0, 0x0, &(0x7f0000000e80)=[{&(0x7f0000000880)="b527ce144a9e865255e6f85f4d18156225c3396c992b47cedd740a6a6c3c82aba6b56bd441a6dd0856d664fb959853821ce9917ed023550816ba4b21413e5e7c41c7e2197da810d26109c4572ec3dfb28073599772cf3e", 0x57}, {&(0x7f0000002300)="27cb1547d73d51c2b9eb909bbb859214eabfa995b909a5faccc33d38140dc15d080af6eaf18b2031f0c88867e93763c3466f13a7e1c71f9b7ed9652a901d80e85e1ba265a9837970a9a20940b0208fa916a034be9eb50defe37271f579ecbb2f7e6157f8bac11e6657ddcd368291be85f6fbe3696d907770e9214e33190c4f9d0a048b24", 0x84}], 0x2}}], 0x2, 0x2090)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff4000/0xa000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x7, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x8, 0xc1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

1.051670412s ago: executing program 1 (id=3894):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
r1 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=@newtfilter={0x478, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r2, {0xe}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_basic={{0xa}, {0x448, 0x2, [@TCA_BASIC_POLICE={0x444, 0x4, [@TCA_POLICE_RATE={0x404, 0x2, [0x3, 0x8, 0x62, 0x2, 0x0, 0xc, 0x2, 0x7fff, 0x0, 0xffffff70, 0x19, 0xffffffa9, 0x2, 0x7, 0x80000001, 0x7, 0x3, 0x36, 0xc, 0x6, 0x6, 0x5d0bef1f, 0x400, 0x1, 0x837, 0xffffffff, 0x9fec, 0x401, 0x68, 0x9, 0xdd64, 0x1, 0x4, 0x8001, 0xfffffffe, 0x2, 0x0, 0x200, 0xfff, 0xfffffff1, 0x7, 0x4, 0xf, 0x7, 0x7469, 0xb, 0x2, 0x200, 0xff32, 0x6, 0xca, 0x4ec1, 0x1, 0x9, 0x80, 0x0, 0x10000, 0x0, 0xb4, 0x7, 0x6, 0x0, 0x0, 0x8156b2a, 0x1, 0xd5c, 0x4, 0xa0, 0x4, 0x7, 0x4, 0x0, 0x81, 0xff, 0x2, 0xe6b, 0x9, 0xa, 0xc8c, 0x1, 0xd2a, 0x6, 0xf4e, 0x9, 0x3a0, 0x3, 0x10000, 0x7ff, 0x44, 0x1, 0x2, 0x800, 0x3, 0x8, 0x0, 0x8e5e00, 0x922e, 0x0, 0x8, 0x3, 0xf, 0x4, 0x2, 0x2c000, 0x80, 0x1, 0x1, 0x2, 0x5, 0x0, 0x9, 0x6, 0x0, 0x3365, 0x2, 0x5, 0xffffffff, 0x1000, 0x0, 0x4, 0x0, 0x1, 0x2, 0x81, 0x111, 0x2, 0x5c20, 0x7f, 0x0, 0xe, 0xfffffffb, 0x6, 0x391, 0x0, 0x0, 0x3, 0x9, 0xc95d90c, 0xff, 0x2, 0x7, 0xd, 0xc7, 0x4, 0x7, 0x0, 0x9, 0xffffffff, 0x9, 0x1, 0x4, 0x3, 0x7, 0xfffffff9, 0x10, 0x2, 0xfff, 0x2, 0x6, 0x8b4, 0x600000, 0x1, 0x6, 0x0, 0x10000, 0x0, 0x3, 0x5, 0x0, 0x1000, 0x6, 0x9, 0x0, 0x1, 0x81, 0x2, 0xffff6c4b, 0x1, 0x7, 0x5, 0x7fff, 0xc, 0xffffffff, 0x9, 0x6, 0x0, 0x40, 0x3ff, 0x80000000, 0x2, 0x603c, 0x4, 0x4, 0x0, 0xfffffff8, 0x7, 0x3, 0x800010, 0x400, 0xfffffe00, 0x1, 0x3, 0x0, 0xffff, 0x4, 0x6, 0x8, 0x0, 0x400, 0x1, 0x8a, 0x10, 0x6, 0x0, 0x7ff, 0x3, 0x7, 0x616, 0x2, 0x2, 0xd1, 0x2, 0xfffffffc, 0x8, 0xe, 0x800, 0x1, 0x4, 0x400d87, 0x80000001, 0x48e0, 0x8, 0x9, 0x40, 0x400, 0x5, 0x2, 0x4e1b, 0x1, 0x1000, 0x8, 0x4, 0x3, 0x0, 0x2, 0x9, 0x5, 0x3, 0x10001, 0xffff, 0x4d, 0xd, 0x8, 0x2, 0x2, 0x8]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x7, 0x5, 0xfffffffe, 0xd, 0xfffff0c5, {0xb, 0x2, 0x200, 0x8001, 0xfffa, 0xbe}, {0xd9, 0x2, 0x5, 0xfff8, 0xfff}, 0x3, 0x9, 0x2}}]}]}}]}, 0x478}}, 0x4000)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0)
sendmmsg$inet(r0, &(0x7f00000010c0), 0x0, 0x20008000)

796.177148ms ago: executing program 1 (id=3895):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
setrlimit(0xd, &(0x7f0000000280)={0xc800, 0x10000})
setpriority(0x1, 0x0, 0x80000000)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}, 0x1, 0x0, 0x0, 0x4c090}, 0xc000)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r3)
ioctl$IOCTL_GET_NCIDEV_IDX(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4000000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(r6, 0x4068aea3, &(0x7f0000000140))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r7 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r7, &(0x7f0000009b80)=""/102392, 0x18ff8)
ioctl$KVM_SET_MSRS(r6, 0x4008ae89, &(0x7f0000000040)={0x2, 0x0, [{0x400000b0, 0x0, 0xfffffffffffffffb}, {0x400000b1, 0x0, 0x8000000000000001}]})
ioctl$KVM_RUN(r6, 0xae80, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000500)={'veth1\x00', &(0x7f0000000200)=@ethtool_per_queue_op={0x4b, 0xf, [0x1, 0x1, 0x107fff, 0x10, 0x4, 0x9, 0xa4, 0xffb, 0x7, 0xb6b, 0x800c1, 0x4, 0x1, 0x3, 0x9, 0xff, 0x1000, 0xc, 0x3, 0x3, 0x80000001, 0xfffffffa, 0x0, 0x1, 0x7, 0x4, 0x7, 0x5, 0x100000, 0x762, 0x3, 0x63c, 0xe, 0x6, 0x100, 0x6, 0x1bfe, 0xb, 0x40, 0x40bed4, 0x8, 0x8000100, 0x3, 0x0, 0x11000, 0x8, 0x5, 0x79b, 0x5, 0x1, 0x7f, 0x4, 0xa, 0x7, 0xf, 0x101, 0xa, 0x1fa0860a, 0x7, 0xa9, 0x81, 0x2, 0x180000, 0x4003, 0x8b, 0x5, 0x2af, 0x3, 0x5, 0x2, 0x0, 0x9, 0x4, 0x7, 0x4009, 0x0, 0x4, 0x100002, 0x8, 0x752, 0x0, 0x3, 0x0, 0x10000, 0x3f6, 0xffffffff, 0x6, 0x6, 0x4, 0x80000000, 0xfdffffff, 0x2, 0xfffffffe, 0x84, 0x100, 0x5, 0x252, 0x81, 0xb, 0x4, 0x20006, 0xc50, 0x2, 0xb, 0x2, 0xd9a, 0xc8, 0x2a2, 0xfffffffd, 0x3, 0x3ff, 0x5, 0x8, 0x0, 0x4, 0x2, 0x40, 0x8, 0x4, 0x4, 0x401, 0x66cd, 0x8, 0x8, 0x5, 0x1f9, 0x1ff, 0xffffffff]}})
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x8c000, 0x0)
sendmsg$IPSET_CMD_HEADER(0xffffffffffffffff, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000008c0)={0x24, 0xc, 0x6, 0x301, 0x0, 0x0, {0xa, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x8000}, 0x40004)
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)

0s ago: executing program 0 (id=3896):
r0 = openat$ppp(0xffffffffffffff9c, 0x0, 0xc0802, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000000c0))
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[], 0x48)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0xfffffffffffffcb5, &(0x7f0000000080)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r1, &(0x7f0000032680)=""/102400, 0x19000)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x1d7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
lsetxattr$trusted_overlay_origin(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), &(0x7f0000000140), 0x2, 0x1)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$TCXONC(r2, 0x540a, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x40, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x2, 0x0, 0x0, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PPPIOCSMAXCID(r0, 0x40047451, &(0x7f0000000200)=0x97)

kernel console output (not intermixed with test programs):

Number: syz
[ 1411.291693][ T9745] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1411.449937][ T9745] usb 2-1: config 1 has no interface number 0
[ 1411.580805][ T9745] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1411.729529][ T9745] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1411.872098][ T9745] usb 2-1: Product: syz
[ 1411.926910][ T9745] usb 2-1: Manufacturer: syz
[ 1411.983310][ T9745] usb 2-1: SerialNumber: syz
[ 1412.043100][ T5810] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[ 1413.864354][ T9745] usb 2-1: palm_os_3_probe - error -110 getting connection information
[ 1413.966092][ T9745] visor: probe of 2-1:1.64 failed with error -110
[ 1414.694955][ T5810] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00000010. ret = -71
[ 1414.794401][ T5810] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1414.832864][T14960] usb 2-1: USB disconnect, device number 83
[ 1415.033842][ T5810] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1415.057280][ T5810] lan78xx: probe of 1-1:1.0 failed with error -71
[ 1415.074866][ T5810] usb 1-1: USB disconnect, device number 75
[ 1416.589568][T17407] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1417.282972][T17417] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1418.143827][ T5811] usb 3-1: new high-speed USB device number 83 using dummy_hcd
[ 1418.598406][ T5811] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1420.421233][ T5810] usb 1-1: new high-speed USB device number 76 using dummy_hcd
[ 1420.683819][ T5810] usb 1-1: Using ep0 maxpacket: 8
[ 1420.727099][ T5810] usb 1-1: config 1 has an invalid interface number: 64 but max is 6
[ 1420.832478][ T5810] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1420.932676][ T5810] usb 1-1: config 1 has no interface number 0
[ 1420.944598][ T5811] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1420.952783][ T5811] usb 3-1: Product: syz
[ 1420.971165][ T5811] usb 3-1: Manufacturer: syz
[ 1420.983071][ T5811] usb 3-1: SerialNumber: syz
[ 1421.037126][ T5810] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1421.182820][ T5810] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1421.190996][ T5811] usb 3-1: can't set config #1, error -71
[ 1421.196638][ T5811] usb 3-1: USB disconnect, device number 83
[ 1421.201579][ T5810] usb 1-1: Product: syz
[ 1421.210527][ T5810] usb 1-1: Manufacturer: syz
[ 1421.278033][ T5810] usb 1-1: SerialNumber: syz
[ 1421.604525][ T5810] usb 1-1: palm_os_3_probe - error -110 getting connection information
[ 1421.614209][ T5810] visor: probe of 1-1:1.64 failed with error -110
[ 1421.762533][ T5811] usb 1-1: USB disconnect, device number 76
[ 1422.455963][T17456] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1423.757877][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1423.764666][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1424.253667][ T5810] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[ 1424.433895][ T5810] usb 3-1: device descriptor read/64, error -71
[ 1424.594252][ T9745] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[ 1424.713844][ T5810] usb 3-1: new high-speed USB device number 85 using dummy_hcd
[ 1424.845790][ T9745] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1424.857169][ T9745] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1424.865754][ T9745] usb 2-1: Product: syz
[ 1424.870853][ T9745] usb 2-1: Manufacturer: syz
[ 1424.878647][ T9745] usb 2-1: SerialNumber: syz
[ 1424.889105][ T5810] usb 3-1: device descriptor read/64, error -71
[ 1425.113220][ T5810] usb usb3-port1: attempt power cycle
[ 1425.534580][ T5810] usb 3-1: new high-speed USB device number 86 using dummy_hcd
[ 1425.663073][ T9745] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[ 1425.703697][ T5810] usb 3-1: device descriptor read/8, error -71
[ 1425.820785][T17492] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1427.242533][ T9745] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): timeout on completion of LiteReset
[ 1427.640956][ T5811] usb 1-1: new high-speed USB device number 77 using dummy_hcd
[ 1427.903673][ T5811] usb 1-1: Using ep0 maxpacket: 8
[ 1427.967660][ T5811] usb 1-1: config 1 has an invalid interface number: 64 but max is 6
[ 1428.049591][ T5811] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1428.148305][ T5811] usb 1-1: config 1 has no interface number 0
[ 1428.216287][ T5811] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1428.308285][ T5811] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1428.379322][ T5811] usb 1-1: Product: syz
[ 1429.187518][ T5811] usb 1-1: Manufacturer: syz
[ 1429.208199][ T5811] usb 1-1: SerialNumber: syz
[ 1429.680026][ T9745] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1429.689983][ T5811] usb 1-1: can't set config #1, error -71
[ 1429.697732][ T9745] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1429.707520][ T5811] usb 1-1: USB disconnect, device number 77
[ 1429.721568][ T9745] lan78xx: probe of 2-1:1.0 failed with error -110
[ 1429.770140][ T9745] usb 2-1: USB disconnect, device number 84
[ 1429.860157][T17505] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1430.513898][ T9745] usb 1-1: new high-speed USB device number 78 using dummy_hcd
[ 1430.684167][ T9745] usb 1-1: device descriptor read/64, error -71
[ 1431.005963][ T9745] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[ 1431.060910][T17530] fuse: Bad value for 'user_id'
[ 1431.194944][ T9745] usb 1-1: device descriptor read/64, error -71
[ 1432.201574][ T9745] usb usb1-port1: attempt power cycle
[ 1432.254183][ T5810] usb 3-1: new high-speed USB device number 88 using dummy_hcd
[ 1432.457857][ T5810] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1432.478531][ T5810] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1432.499419][ T5810] usb 3-1: Product: syz
[ 1432.513785][ T5810] usb 3-1: Manufacturer: syz
[ 1432.518522][ T5810] usb 3-1: SerialNumber: syz
[ 1432.661930][ T9745] usb 1-1: new high-speed USB device number 80 using dummy_hcd
[ 1432.708885][ T9745] usb 1-1: device descriptor read/8, error -71
[ 1432.778813][T17554] bridge1: entered promiscuous mode
[ 1433.275468][ T5810] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[ 1433.353915][ T9745] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[ 1433.604283][ T9745] usb 1-1: device not accepting address 81, error -71
[ 1433.614900][ T9745] usb usb1-port1: unable to enumerate USB device
[ 1435.278710][ T5810] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000118. ret = -32
[ 1435.298046][ T5810] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1435.314202][ T5810] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1435.332456][ T5810] lan78xx: probe of 3-1:1.0 failed with error -32
[ 1436.035298][T14960] usb 3-1: USB disconnect, device number 88
[ 1436.673814][T14960] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[ 1436.812914][T17606] bridge2: entered promiscuous mode
[ 1437.213752][T14960] usb 3-1: device descriptor read/64, error -71
[ 1438.321724][T14960] usb 3-1: new high-speed USB device number 90 using dummy_hcd
[ 1438.507404][T14960] usb 3-1: device descriptor read/64, error -71
[ 1438.814035][ T5810] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[ 1438.839478][T14960] usb usb3-port1: attempt power cycle
[ 1439.053246][ T5810] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1439.062680][ T5810] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1439.071064][ T5810] usb 2-1: Product: syz
[ 1439.102158][ T5810] usb 2-1: Manufacturer: syz
[ 1439.114226][ T5810] usb 2-1: SerialNumber: syz
[ 1439.444115][T14960] usb 3-1: new high-speed USB device number 91 using dummy_hcd
[ 1440.053962][T14960] usb 3-1: device descriptor read/8, error -71
[ 1440.898850][ T5810] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[ 1442.526877][ T5810] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -71
[ 1442.704543][ T5810] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1442.860991][ T5810] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1443.360672][ T5810] lan78xx: probe of 2-1:1.0 failed with error -71
[ 1443.668253][ T5810] usb 2-1: USB disconnect, device number 85
[ 1445.750658][T17674] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2848'.
[ 1445.792090][T17674] overlayfs: overlapping lowerdir path
[ 1446.043776][ T5810] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[ 1446.144066][T16436] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[ 1446.164158][T12699] usb 1-1: new high-speed USB device number 82 using dummy_hcd
[ 1446.223837][ T5810] usb 2-1: device descriptor read/64, error -71
[ 1446.379311][T12699] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1446.393666][T12699] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1446.414405][T12699] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1446.429408][T12699] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1446.447830][T16436] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1446.457437][T16436] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1446.469854][T16436] usb 5-1: Product: syz
[ 1446.497773][T17681] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[ 1446.505094][T16436] usb 5-1: Manufacturer: syz
[ 1446.510163][ T5810] usb 2-1: new high-speed USB device number 87 using dummy_hcd
[ 1446.518072][T16436] usb 5-1: SerialNumber: syz
[ 1446.568938][T12699] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[ 1446.692424][ T5810] usb 2-1: device descriptor read/64, error -71
[ 1446.866967][ T5810] usb usb2-port1: attempt power cycle
[ 1447.030912][T16436] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[ 1447.314125][ T5810] usb 2-1: new high-speed USB device number 88 using dummy_hcd
[ 1447.348670][ T5810] usb 2-1: device descriptor read/8, error -71
[ 1447.643764][ T5810] usb 2-1: new high-speed USB device number 89 using dummy_hcd
[ 1447.689289][ T5810] usb 2-1: device descriptor read/8, error -71
[ 1447.814913][ T5810] usb usb2-port1: unable to enumerate USB device
[ 1449.301310][T17674] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1449.520520][T16436] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000118. ret = -32
[ 1449.537265][T16436] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1449.562459][    T9] usb 1-1: USB disconnect, device number 82
[ 1449.572623][T16436] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1449.627750][T16436] lan78xx: probe of 5-1:1.0 failed with error -32
[ 1449.712839][T16436] usb 5-1: USB disconnect, device number 75
[ 1449.755368][T16813] udevd[16813]: setting owner of /dev/bus/usb/005/075 to uid=0, gid=0 failed: No such file or directory
[ 1450.578887][T17717] netlink: 'syz.0.2858': attribute type 3 has an invalid length.
[ 1450.587149][T17717] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2858'.
[ 1454.033824][ T5810] usb 1-1: new high-speed USB device number 83 using dummy_hcd
[ 1454.260453][ T5810] usb 1-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1454.269683][ T5810] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1454.277893][ T5810] usb 1-1: Product: syz
[ 1454.291089][ T5810] usb 1-1: Manufacturer: syz
[ 1454.297149][ T5810] usb 1-1: SerialNumber: syz
[ 1454.848462][ T5810] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[ 1454.853906][ T5811] usb 3-1: new high-speed USB device number 93 using dummy_hcd
[ 1455.124130][ T5811] usb 3-1: device descriptor read/64, error -71
[ 1455.463822][ T5811] usb 3-1: new high-speed USB device number 94 using dummy_hcd
[ 1455.697086][ T5811] usb 3-1: device descriptor read/64, error -71
[ 1456.223129][ T5810] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000118. ret = -32
[ 1456.235110][ T5810] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1456.249089][ T5810] lan78xx 1-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1456.275133][ T5810] lan78xx: probe of 1-1:1.0 failed with error -32
[ 1456.353890][ T5811] usb usb3-port1: attempt power cycle
[ 1456.784520][ T5811] usb 3-1: new high-speed USB device number 95 using dummy_hcd
[ 1456.858570][ T5811] usb 3-1: device descriptor read/8, error -71
[ 1457.164621][ T5811] usb 3-1: new high-speed USB device number 96 using dummy_hcd
[ 1457.347224][ T5811] usb 3-1: device descriptor read/8, error -71
[ 1457.526787][ T5811] usb usb3-port1: unable to enumerate USB device
[ 1457.658160][ T5811] usb 1-1: USB disconnect, device number 83
[ 1460.546393][T17804] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2885'.
[ 1460.954540][T17804] overlayfs: overlapping lowerdir path
[ 1461.515594][ T5811] usb 3-1: new high-speed USB device number 97 using dummy_hcd
[ 1462.443844][T12699] usb 1-1: new high-speed USB device number 84 using dummy_hcd
[ 1462.492699][ T5811] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1462.534884][ T5811] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1462.570670][ T5811] usb 3-1: Product: syz
[ 1462.591086][ T5811] usb 3-1: Manufacturer: syz
[ 1462.596606][ T5811] usb 3-1: SerialNumber: syz
[ 1462.666789][T12699] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1462.679491][T12699] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1462.689575][T12699] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1462.698709][T12699] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1462.719136][T17807] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1462.740098][T12699] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[ 1463.035077][ T5811] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[ 1464.028345][T17804] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1464.149243][ T5811] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000118. ret = -32
[ 1464.182359][ T5811] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1464.209162][T14960] usb 1-1: USB disconnect, device number 84
[ 1464.222870][ T5811] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1464.258251][ T5811] lan78xx: probe of 3-1:1.0 failed with error -32
[ 1465.232496][ T5810] usb 3-1: USB disconnect, device number 97
[ 1466.227812][T17853] overlayfs: invalid origin (0000)
[ 1471.767435][ T9004] Bluetooth: hci3: command 0x0406 tx timeout
[ 1477.806147][T14960] usb 3-1: new high-speed USB device number 98 using dummy_hcd
[ 1478.267910][T14960] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1478.267958][T14960] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1478.267980][T14960] usb 3-1: Product: syz
[ 1478.267998][T14960] usb 3-1: Manufacturer: syz
[ 1478.268015][T14960] usb 3-1: SerialNumber: syz
[ 1478.738523][T17964] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2930'.
[ 1478.912920][T14960] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[ 1481.040492][T14960] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x0000011c. ret = -71
[ 1481.095141][T14960] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1481.114334][T14960] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1481.149520][T14960] lan78xx: probe of 3-1:1.0 failed with error -71
[ 1481.190509][T14960] usb 3-1: USB disconnect, device number 98
[ 1481.857787][T17984] overlayfs: invalid origin (0000)
[ 1484.631346][T17998] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1484.668140][T17998] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1484.711963][T17998] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1484.721644][T17998] Bluetooth: hci0: Opcode 0x0406 failed: -4
[ 1484.779782][T17998] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1484.806041][T17998] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1484.830968][T17998] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1484.857630][T17998] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1484.873767][T17998] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1484.893705][T17998] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1485.049349][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1485.049469][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1486.627893][T16084] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1486.683890][T12699] usb 2-1: new high-speed USB device number 90 using dummy_hcd
[ 1486.690385][T18015] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2942'.
[ 1486.733694][T16084] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1486.803784][T16084] Bluetooth: hci3: command 0x0406 tx timeout
[ 1486.893908][T16084] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1486.941241][T12699] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1486.941350][T12699] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1486.941446][T12699] usb 2-1: Product: syz
[ 1486.941543][T12699] usb 2-1: Manufacturer: syz
[ 1486.941635][T12699] usb 2-1: SerialNumber: syz
[ 1487.578904][T12699] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -32
[ 1488.653934][T16084] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1488.803807][T16084] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1489.018230][ T9004] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1489.043260][T16084] Bluetooth: hci3: command 0x0406 tx timeout
[ 1489.233707][T12699] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -32
[ 1489.239626][T12699] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000040. ret = -32
[ 1489.242919][T12699] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001000. ret = -71
[ 1489.244700][T12699] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001004. ret = -71
[ 1489.247276][T12699] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001008. ret = -71
[ 1489.250782][T12699] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001020. ret = -71
[ 1489.252599][T12699] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to write register index 0x00001028. ret = -71
[ 1489.253056][T12699] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001030. ret = -71
[ 1489.253468][T12699] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00001018. ret = -71
[ 1489.254144][T12699] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1489.254682][T12699] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1489.256636][T12699] lan78xx: probe of 2-1:1.0 failed with error -71
[ 1489.263958][T12699] usb 2-1: USB disconnect, device number 90
[ 1491.043670][T16084] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1491.053594][T16084] Bluetooth: hci3: command 0x0406 tx timeout
[ 1491.574786][T18043] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1492.262677][T18043] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1492.273685][T16084] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1492.293422][T18043] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1492.383851][T18043] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1493.630580][T16084] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1494.333747][T16084] Bluetooth: hci3: command 0x0406 tx timeout
[ 1494.413871][T16084] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1495.228342][T18067] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2958'.
[ 1495.581919][T18081] binder: 18080:18081 ioctl c0306201 200000000080 returned -14
[ 1495.697527][T18081] binder: 18080:18081 ioctl c0306201 2000000003c0 returned -14
[ 1497.706295][T18096] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1497.726848][T18096] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1497.733102][T18096] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1497.740306][T18096] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1498.992945][T18118] binder: 18117:18118 ioctl c0306201 200000000080 returned -14
[ 1499.004972][T18118] binder: 18117:18118 ioctl c0306201 2000000003c0 returned -14
[ 1499.560309][T16084] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1499.574113][T18122] fuse: Bad value for 'rootmode'
[ 1499.764322][T16084] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1499.764362][ T9004] Bluetooth: hci3: command 0x0406 tx timeout
[ 1499.770490][T16084] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1500.644664][T18137] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2976'.
[ 1500.820475][T18134] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1500.820631][T18134] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1500.820736][T18134] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1500.820847][T18134] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1500.830358][T18140] fuse: Bad value for 'fd'
[ 1502.091889][T18149] binder: 18148:18149 ioctl c0306201 200000000080 returned -14
[ 1502.154816][T18149] binder: 18148:18149 ioctl c0306201 2000000003c0 returned -14
[ 1502.470368][T18156] fuse: Bad value for 'rootmode'
[ 1502.563608][T18125] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1502.646210][T18125] Bluetooth: hci0: Malformed HCI Event: 0x22
[ 1502.758917][T18164] ubi16: attaching mtd0
[ 1502.848188][T18164] ubi16: scanning is finished
[ 1502.883857][T12460] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1502.890249][T16084] Bluetooth: hci3: command 0x0406 tx timeout
[ 1502.897484][T18125] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1503.484606][T18164] ubi16: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 1503.533720][T18164] ubi16: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 1503.554829][T18164] ubi16: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 1503.576357][T18164] ubi16: VID header offset: 64 (aligned 64), data offset: 128
[ 1503.595917][T18164] ubi16: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 1503.627187][T18164] ubi16: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 1503.643637][T18170] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2990'.
[ 1503.653097][T18164] ubi16: max/mean erase counter: 1/1, WL threshold: 4096, image sequence number: 3334013288
[ 1503.681718][T18164] ubi16: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 1503.699879][T18170] ipvlan2: entered allmulticast mode
[ 1503.708227][T18168] ubi16: background thread "ubi_bgt16d" started, PID 18168
[ 1503.722367][T18170] syz_tun: entered allmulticast mode
[ 1504.946699][T18167] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1504.952964][T18167] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1504.959119][T18167] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1504.965196][T18167] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1505.061824][T18184] binder: 18182:18184 ioctl c0306201 200000000080 returned -14
[ 1505.138548][T18190] fuse: Bad value for 'rootmode'
[ 1505.253829][ T5811] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[ 1505.253840][T16436] usb 2-1: new high-speed USB device number 91 using dummy_hcd
[ 1505.503319][ T5811] usb 5-1: Using ep0 maxpacket: 16
[ 1505.555085][ T5811] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1505.565829][ T5811] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1505.578408][ T5811] usb 5-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[ 1506.346226][T16084] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1506.370723][ T5811] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1506.404302][T16436] usb 2-1: Using ep0 maxpacket: 32
[ 1506.427787][ T5811] usb 5-1: Product: syz
[ 1506.495857][ T5811] usb 5-1: Manufacturer: syz
[ 1506.558167][ T5811] usb 5-1: SerialNumber: syz
[ 1506.650878][T16436] usb 2-1: device descriptor read/all, error -71
[ 1506.691221][ T5811] usb 5-1: config 0 descriptor??
[ 1507.043756][T18125] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1507.043803][T16084] Bluetooth: hci3: command 0x0406 tx timeout
[ 1507.049929][T18125] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1507.071358][ T5811] usb 5-1: can't set config #0, error -71
[ 1507.079889][ T5811] usb 5-1: USB disconnect, device number 76
[ 1507.428521][T18216] netlink: 'syz.1.3002': attribute type 3 has an invalid length.
[ 1507.436909][T18216] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3002'.
[ 1509.905209][T18226] fuse: Unknown parameter 'use00000000000000000000'
[ 1509.918018][T18219] binder: 18214:18219 ioctl c0306201 200000000080 returned -14
[ 1513.717025][T18238] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1513.838492][T18238] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1514.124071][T18238] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1514.341203][T18238] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1514.531259][T18238] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1514.546373][T18238] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1514.560143][T18238] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1514.573879][T18238] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1515.223757][    T9] usb 2-1: new high-speed USB device number 93 using dummy_hcd
[ 1515.444135][    T9] usb 2-1: Using ep0 maxpacket: 16
[ 1515.510210][T18267] fuse: Unknown parameter 'use00000000000000000000'
[ 1515.556222][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1515.657258][    T9] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1515.699587][    T9] usb 2-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[ 1515.731032][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1515.769992][    T9] usb 2-1: Product: syz
[ 1515.792053][    T9] usb 2-1: Manufacturer: syz
[ 1515.815923][    T9] usb 2-1: SerialNumber: syz
[ 1515.834506][    T9] usb 2-1: config 0 descriptor??
[ 1515.944183][T18274] netlink: 'syz.2.3016': attribute type 3 has an invalid length.
[ 1515.953626][T18274] netlink: 16 bytes leftover after parsing attributes in process `syz.2.3016'.
[ 1516.728983][    T9] usb 2-1: USB disconnect, device number 93
[ 1520.211283][T18305] netlink: 4352 bytes leftover after parsing attributes in process `syz.4.3025'.
[ 1520.869415][T18309] netlink: 'syz.4.3027': attribute type 3 has an invalid length.
[ 1520.877673][T18309] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3027'.
[ 1521.215229][T18306] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1521.224268][T18306] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1521.232466][T18306] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1521.239495][T18306] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1521.839990][T18327] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3031'.
[ 1522.698662][T18335] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3035'.
[ 1522.736301][T18335] overlayfs: overlapping lowerdir path
[ 1522.813285][T16084] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1523.180520][T10990] usb 2-1: new high-speed USB device number 94 using dummy_hcd
[ 1523.363839][T16084] Bluetooth: hci3: command 0x0406 tx timeout
[ 1523.369986][T16084] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1525.067617][T12460] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1525.175902][T10990] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1525.187056][T10990] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1525.198557][T10990] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1525.218291][T18342] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1525.224670][T18342] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1525.230725][T18342] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1525.236904][T18342] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1525.259499][T10990] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1525.311649][T18335] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1525.336392][T10990] usb 2-1: Quirk or no altest; falling back to MIDI 1.0
[ 1525.485559][T18349] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1525.666494][T18350] netlink: 'syz.4.3038': attribute type 10 has an invalid length.
[ 1525.680266][ T5810] usb 2-1: USB disconnect, device number 94
[ 1525.762010][T18350] 8021q: adding VLAN 0 to HW filter on device team0
[ 1525.804915][T18350] bond0: (slave team0): Enslaving as an active interface with an up link
[ 1526.076502][T18359] netlink: 'syz.0.3040': attribute type 3 has an invalid length.
[ 1526.085666][T18359] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3040'.
[ 1527.123674][T18125] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1527.157772][T18369] overlayfs: failed to resolve './file1/file0': -2
[ 1527.193824][T14960] usb 3-1: new high-speed USB device number 99 using dummy_hcd
[ 1527.283918][ T9004] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1527.290380][ T9004] Bluetooth: hci3: command 0x0406 tx timeout
[ 1527.297448][T18125] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1527.407001][T14960] usb 3-1: config 0 has an invalid interface number: 187 but max is 0
[ 1527.429661][T14960] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1527.451779][T14960] usb 3-1: config 0 has no interface number 0
[ 1527.588095][T14960] usb 3-1: too many endpoints for config 0 interface 187 altsetting 109: 198, using maximum allowed: 30
[ 1527.643608][T14960] usb 3-1: config 0 interface 187 altsetting 109 has 0 endpoint descriptors, different from the interface descriptor's value: 198
[ 1527.662487][T14960] usb 3-1: config 0 interface 187 has no altsetting 0
[ 1527.669548][T14960] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1528.430583][T14960] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1528.451134][T14960] usb 3-1: config 0 descriptor??
[ 1528.663787][T14960] usb 3-1: string descriptor 0 read error: -32
[ 1528.846121][T18382] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3047'.
[ 1529.713156][T18388] bridge1: entered promiscuous mode
[ 1530.661522][T14960] usb 3-1: USB disconnect, device number 99
[ 1533.100413][T18398] binder: 18397:18398 ioctl c0306201 200000000080 returned -14
[ 1533.113212][T18398] binder: 18397:18398 ioctl c0306201 2000000003c0 returned -14
[ 1533.395052][T18404] netlink: 'syz.1.3052': attribute type 3 has an invalid length.
[ 1533.403274][T18404] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3052'.
[ 1543.333862][T14960] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[ 1543.583797][T14960] usb 5-1: Using ep0 maxpacket: 8
[ 1543.640604][T14960] usb 5-1: config 1 has an invalid interface number: 64 but max is 6
[ 1543.653709][T14960] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1543.662740][T14960] usb 5-1: config 1 has no interface number 0
[ 1543.673588][ T5811] usb 1-1: new full-speed USB device number 85 using dummy_hcd
[ 1543.706525][T14960] usb 5-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1543.717241][T14960] usb 5-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1543.775824][T14960] usb 5-1: Product: syz
[ 1543.787001][T14960] usb 5-1: Manufacturer: syz
[ 1543.798879][T14960] usb 5-1: SerialNumber: syz
[ 1544.229157][ T5811] usb 1-1: config 4 has an invalid interface number: 44 but max is 0
[ 1544.363642][ T5811] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1544.407580][ T5811] usb 1-1: config 4 has no interface number 0
[ 1544.429467][T14960] usb 5-1: palm_os_3_probe - error -71 getting connection information
[ 1544.469034][ T5811] usb 1-1: config 4 interface 44 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 4
[ 1544.491928][T14960] visor: probe of 5-1:1.64 failed with error -71
[ 1544.502649][ T5811] usb 1-1: config 4 interface 44 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1544.521242][T14960] usb 5-1: USB disconnect, device number 77
[ 1544.534304][ T5811] usb 1-1: string descriptor 0 read error: -71
[ 1544.540674][ T5811] usb 1-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20
[ 1544.595569][ T5811] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1544.652600][ T5811] usb 1-1: can't set config #4, error -71
[ 1544.679805][ T5811] usb 1-1: USB disconnect, device number 85
[ 1546.240036][T18469] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3065'.
[ 1546.254375][T18454] netlink: 'syz.0.3064': attribute type 3 has an invalid length.
[ 1546.254393][T18454] netlink: 16 bytes leftover after parsing attributes in process `syz.0.3064'.
[ 1546.498742][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1546.507978][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1547.146471][T18474] overlayfs: invalid origin (0000)
[ 1548.393871][T14960] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[ 1548.676295][T14960] usb 1-1: Using ep0 maxpacket: 8
[ 1548.749394][T14960] usb 1-1: config 1 has an invalid interface number: 64 but max is 6
[ 1548.880695][T14960] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1549.016384][T14960] usb 1-1: config 1 has no interface number 0
[ 1549.096481][T14960] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1549.225855][T14960] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1549.326956][T14960] usb 1-1: Product: syz
[ 1549.375830][T14960] usb 1-1: Manufacturer: syz
[ 1549.431228][T14960] usb 1-1: SerialNumber: syz
[ 1550.810276][T14960] usb 1-1: palm_os_3_probe - error -71 getting connection information
[ 1550.825026][T14960] visor: probe of 1-1:1.64 failed with error -71
[ 1550.837687][T14960] usb 1-1: USB disconnect, device number 86
[ 1553.840770][T18515] overlayfs: invalid origin (0000)
[ 1554.880919][T18523] Bluetooth: MGMT ver 1.22
[ 1557.876003][T18539] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3086'.
[ 1560.304073][T18558] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1560.353917][T18558] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1560.382510][T18558] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1560.403791][T18558] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1561.335364][T18577] bridge1: entered promiscuous mode
[ 1561.612609][T18125] Bluetooth: hci3: Malformed LE Event: 0x1b
[ 1562.253677][T18125] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1562.403921][T18125] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1562.410267][T18125] Bluetooth: hci3: command 0x0406 tx timeout
[ 1562.416896][T18125] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1566.547564][T18611] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1566.745997][T18611] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1566.805496][T18611] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1566.879194][T18611] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1567.450678][T18628] tmpfs: Bad value for 'nr_inodes'
[ 1567.465662][T18628] syz.0.3107: attempt to access beyond end of device
[ 1567.465662][T18628] loop0: rw=0, sector=6, nr_sectors = 2 limit=0
[ 1567.478977][T18628] ADFS-fs (loop0): error: unable to read block 3, try 0
[ 1568.945609][T18125] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1568.951801][T18125] Bluetooth: hci3: command 0x0406 tx timeout
[ 1568.958776][ T9004] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1568.965084][T12460] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1572.314280][T18648] netlink: 'syz.1.3111': attribute type 4 has an invalid length.
[ 1572.350533][T18648] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3111'.
[ 1572.439601][T18638] netlink: 180 bytes leftover after parsing attributes in process `syz.1.3111'.
[ 1572.457241][T18648] .`: renamed from bond0 (while UP)
[ 1572.509835][T18652] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3109'.
[ 1576.279394][T16189] usb 2-1: new high-speed USB device number 95 using dummy_hcd
[ 1577.844588][   T23] kworker/dying (23) used greatest stack depth: 19160 bytes left
[ 1577.951123][T16189] usb 2-1: Using ep0 maxpacket: 8
[ 1578.547184][T16189] usb 2-1: config 1 has an invalid interface number: 64 but max is 6
[ 1578.563545][T16189] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1578.579475][T16189] usb 2-1: config 1 has no interface number 0
[ 1579.307918][T16189] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1579.319913][T18678] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1579.343413][T18678] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1579.351727][T18678] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1579.359560][T16189] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1579.362199][T18678] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1579.386545][T16189] usb 2-1: can't set config #1, error -71
[ 1579.424131][T16189] usb 2-1: USB disconnect, device number 95
[ 1581.365049][ T9004] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1581.371364][T18125] Bluetooth: hci3: command 0x0406 tx timeout
[ 1581.377600][T12460] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1581.385083][T18125] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1584.590115][T18718] bridge2: entered promiscuous mode
[ 1585.424311][T18728] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3127'.
[ 1585.533604][T10990] usb 3-1: new high-speed USB device number 100 using dummy_hcd
[ 1585.723812][T10990] usb 3-1: Using ep0 maxpacket: 8
[ 1585.727526][T10990] usb 3-1: config 1 has an invalid interface number: 64 but max is 6
[ 1585.727613][T10990] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1585.727637][T10990] usb 3-1: config 1 has no interface number 0
[ 1585.737483][T10990] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1585.737572][T10990] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1585.737595][T10990] usb 3-1: Product: syz
[ 1585.737666][T10990] usb 3-1: Manufacturer: syz
[ 1585.737683][T10990] usb 3-1: SerialNumber: syz
[ 1586.064855][T10990] usb 3-1: palm_os_3_probe - error -110 getting connection information
[ 1586.065593][T10990] visor: probe of 3-1:1.64 failed with error -110
[ 1588.345634][ T5836] usb 3-1: USB disconnect, device number 100
[ 1588.370075][T18733] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1588.370814][T18733] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1588.371935][T18733] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1588.376266][T18733] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1590.403659][ T9004] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1590.409843][ T9004] Bluetooth: hci3: command 0x0406 tx timeout
[ 1590.416200][ T9004] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1590.422265][ T9004] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1594.718580][T18774] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1594.724907][T18774] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1594.731085][T18774] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1594.737211][T18774] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1596.003995][ T9004] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1596.024528][ T9745] usb 3-1: new high-speed USB device number 101 using dummy_hcd
[ 1596.234313][ T9745] usb 3-1: Using ep0 maxpacket: 8
[ 1596.263630][ T9745] usb 3-1: config 1 has an invalid interface number: 64 but max is 6
[ 1596.276470][ T9745] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1596.289461][ T9745] usb 3-1: config 1 has no interface number 0
[ 1596.323776][ T5810] usb 1-1: new full-speed USB device number 87 using dummy_hcd
[ 1596.437593][ T9745] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1596.543856][T12699] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[ 1596.659881][ T9745] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1596.670026][ T9745] usb 3-1: Product: syz
[ 1596.772764][ T9745] usb 3-1: Manufacturer: syz
[ 1596.779807][ T9745] usb 3-1: SerialNumber: syz
[ 1596.786211][ T5810] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1596.794668][ T5810] usb 1-1: not running at top speed; connect to a high speed hub
[ 1596.803739][T18125] Bluetooth: hci3: command 0x0406 tx timeout
[ 1596.809791][T18125] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1596.815911][ T9004] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1596.824537][ T5810] usb 1-1: config 1 interface 0 altsetting 1 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[ 1596.854734][ T5810] usb 1-1: config 1 interface 0 has no altsetting 0
[ 1596.871652][ T5810] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1596.882067][ T5810] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1596.890452][ T5810] usb 1-1: Product: 《
[ 1596.895627][ T5810] usb 1-1: SerialNumber: Ъ
[ 1596.905947][T18788] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[ 1597.331242][ T9745] usb 3-1: palm_os_3_probe - error -110 getting connection information
[ 1599.603724][ T9745] visor: probe of 3-1:1.64 failed with error -110
[ 1599.680297][T10990] usb 3-1: USB disconnect, device number 101
[ 1599.726281][T12699] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1599.754959][ T5810] usblp 1-1:1.0: usblp0: USB Bidirectional printer dev 87 if 0 alt 1 proto 3 vid 0x0525 pid 0xA4A8
[ 1599.783672][T12699] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1599.791744][T12699] usb 5-1: Product: syz
[ 1599.807923][ T5810] usb 1-1: USB disconnect, device number 87
[ 1599.819285][T12699] usb 5-1: Manufacturer: syz
[ 1599.836403][T12699] usb 5-1: config 0 descriptor??
[ 1599.845359][ T5810] usblp0: removed
[ 1599.851775][T12699] usb 5-1: can't set config #0, error -71
[ 1599.868876][T12699] usb 5-1: USB disconnect, device number 78
[ 1600.049550][T18810] bridge2: entered promiscuous mode
[ 1600.669775][T18811] netlink: 44 bytes leftover after parsing attributes in process `syz.2.3148'.
[ 1601.794004][T18819] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1602.088569][T18819] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1602.094736][T18819] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1602.100744][T18819] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1603.523592][ T9004] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1604.163649][ T9004] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1604.163701][T18125] Bluetooth: hci3: command 0x0406 tx timeout
[ 1604.169916][ T9004] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1608.115135][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1608.115397][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1608.138288][T18860] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3161'.
[ 1609.483787][T18865] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1609.513986][T18865] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1609.575238][T18865] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1609.665018][T18865] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1610.047349][T18882] bridge3: entered promiscuous mode
[ 1611.363765][ T9004] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1611.523849][ T9004] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1611.603775][ T9004] Bluetooth: hci3: command 0x0406 tx timeout
[ 1611.683879][ T9004] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1613.946771][T18904] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3175'.
[ 1614.769564][T18911] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1614.795144][T18911] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1614.805068][T18911] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1614.816622][T18911] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1615.364631][T18927] bridge3: entered promiscuous mode
[ 1616.603570][T16189] usb 2-1: new high-speed USB device number 96 using dummy_hcd
[ 1616.643759][ T9004] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1616.803692][ T9004] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1616.884286][T18125] Bluetooth: hci3: command 0x0406 tx timeout
[ 1616.884287][ T9004] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1618.973554][T16189] usb 2-1: Using ep0 maxpacket: 8
[ 1619.624484][T16189] usb 2-1: device descriptor read/all, error -71
[ 1620.278789][T18951] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3189'.
[ 1620.631259][T18964] bridge2: entered promiscuous mode
[ 1621.503297][T18979] tmpfs: Bad value for 'nr_inodes'
[ 1621.511977][T18979] syz.1.3196: attempt to access beyond end of device
[ 1621.511977][T18979] loop1: rw=0, sector=6, nr_sectors = 2 limit=0
[ 1621.524994][T18979] ADFS-fs (loop1): error: unable to read block 3, try 0
[ 1626.141038][T19002] netlink: 44 bytes leftover after parsing attributes in process `syz.0.3203'.
[ 1626.490635][T18993] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1626.515697][T18993] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1626.526862][T18993] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1626.536755][T18993] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1626.914154][T19012] bridge3: entered promiscuous mode
[ 1627.703627][T10990] usb 5-1: new full-speed USB device number 79 using dummy_hcd
[ 1627.764045][T18125] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1628.051376][T10990] usb 5-1: config 4 has an invalid interface number: 44 but max is 0
[ 1628.053573][ T5810] usb 3-1: new high-speed USB device number 102 using dummy_hcd
[ 1628.080544][T10990] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1628.210011][T10990] usb 5-1: config 4 has no interface number 0
[ 1628.253585][ T5810] usb 3-1: Using ep0 maxpacket: 8
[ 1628.255626][T10990] usb 5-1: config 4 interface 44 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 4
[ 1628.279665][ T5810] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1628.293756][ T5810] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1628.423717][ T5810] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1628.433852][ T5810] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1628.443542][T10990] usb 5-1: config 4 interface 44 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1628.447268][ T5810] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1628.471456][ T5810] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1628.560822][T10990] usb 5-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20
[ 1628.563872][T18125] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1628.571065][ T9004] Bluetooth: hci3: command 0x0406 tx timeout
[ 1628.576097][T18125] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1628.603824][T10990] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1628.633710][T10990] usb 5-1: Product: syz
[ 1628.637987][T10990] usb 5-1: Manufacturer: syz
[ 1628.642619][T10990] usb 5-1: SerialNumber: syz
[ 1628.724188][ T5810] usb 3-1: GET_CAPABILITIES returned 0
[ 1628.735444][ T5810] usbtmc 3-1:16.0: can't read capabilities
[ 1629.037892][ T5811] usb 3-1: USB disconnect, device number 102
[ 1631.773648][T10990] dvb-usb: found a 'Gigabyte U7000' in cold state, will try to load a firmware
[ 1632.188556][T10990] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1632.223622][T10990] dib0700: firmware download failed at 7 with -22
[ 1632.296810][T19044] ptrace attach of "./syz-executor exec"[15228] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             
[ 1632.320717][T10990] usb 5-1: USB disconnect, device number 79
[ 1632.828162][T19052] bridge3: entered promiscuous mode
[ 1635.511584][T19053] netlink: 44 bytes leftover after parsing attributes in process `syz.1.3218'.
[ 1635.723760][T10990] usb 5-1: new full-speed USB device number 80 using dummy_hcd
[ 1635.996579][T10990] usb 5-1: config 4 has an invalid interface number: 44 but max is 0
[ 1636.034023][T10990] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1636.053598][T10990] usb 5-1: config 4 has no interface number 0
[ 1636.062575][T10990] usb 5-1: config 4 interface 44 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 4
[ 1636.078398][T10990] usb 5-1: config 4 interface 44 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1636.243991][T10990] usb 5-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20
[ 1636.257744][T10990] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1636.266112][T10990] usb 5-1: Product: syz
[ 1636.270417][T10990] usb 5-1: Manufacturer: syz
[ 1636.276259][T10990] usb 5-1: SerialNumber: syz
[ 1639.157362][T10990] dvb-usb: found a 'Gigabyte U7000' in cold state, will try to load a firmware
[ 1639.174378][T10990] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1639.185302][T10990] dib0700: firmware download failed at 7 with -22
[ 1639.204075][T10990] usb 5-1: USB disconnect, device number 80
[ 1639.797698][T19098] bridge4: entered promiscuous mode
[ 1641.044734][ T5836] usb 3-1: new low-speed USB device number 103 using dummy_hcd
[ 1641.271034][ T5836] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1641.384516][ T5836] usb 3-1: config 0 has no interface number 0
[ 1641.468122][ T5836] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1641.487375][ T5836] usb 3-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1641.501976][ T5836] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1641.527922][ T5836] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1641.639924][ T5836] usb 3-1: config 0 descriptor??
[ 1641.655972][T19104] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1641.666341][ T5836] iowarrior 3-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1642.042474][    C1] iowarrior 3-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[ 1642.053515][T10990] usb 3-1: USB disconnect, device number 103
[ 1642.595218][ T5836] usb 5-1: new full-speed USB device number 81 using dummy_hcd
[ 1642.943211][ T5836] usb 5-1: config 4 has an invalid interface number: 44 but max is 0
[ 1643.022819][ T5836] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1643.208120][ T5836] usb 5-1: config 4 has no interface number 0
[ 1643.244100][ T5836] usb 5-1: config 4 interface 44 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 4
[ 1643.255575][ T5836] usb 5-1: config 4 interface 44 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1643.311361][ T5836] usb 5-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20
[ 1643.355752][ T5836] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1643.375043][ T5836] usb 5-1: Product: syz
[ 1643.383933][ T5836] usb 5-1: Manufacturer: syz
[ 1643.388880][ T5836] usb 5-1: SerialNumber: syz
[ 1643.663763][T19134] bridge4: entered promiscuous mode
[ 1644.492489][T19136] overlayfs: overlapping lowerdir path
[ 1644.643708][T18702] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1645.276565][    T9] usb 1-1: new high-speed USB device number 88 using dummy_hcd
[ 1646.577926][    T9] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1647.031841][    T9] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1647.062379][    T9] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1647.084283][ T5836] dvb-usb: found a 'Gigabyte U7000' in cold state, will try to load a firmware
[ 1647.102061][ T5836] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1647.133784][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1647.154227][ T5836] dib0700: firmware download failed at 7 with -22
[ 1647.163770][T19147] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1647.175551][    T9] usb 1-1: Quirk or no altest; falling back to MIDI 1.0
[ 1647.194030][ T5836] usb 5-1: USB disconnect, device number 81
[ 1647.281990][T19161] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3244'.
[ 1648.804607][T19136] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1649.527843][ T5836] usb 1-1: USB disconnect, device number 88
[ 1650.046045][T19193] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3251'.
[ 1650.143779][T16189] usb 2-1: new high-speed USB device number 98 using dummy_hcd
[ 1650.243580][T18702] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1650.583588][T16189] usb 2-1: Using ep0 maxpacket: 16
[ 1650.718606][T16189] usb 2-1: config 0 has an invalid interface number: 132 but max is 0
[ 1650.727835][T16189] usb 2-1: config 0 has no interface number 0
[ 1650.747270][T16189] usb 2-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[ 1650.767774][T16189] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1650.776359][T16189] usb 2-1: Product: syz
[ 1650.800936][T16189] usb 2-1: Manufacturer: syz
[ 1650.811302][T16189] usb 2-1: SerialNumber: syz
[ 1650.851204][T16189] usb 2-1: config 0 descriptor??
[ 1650.923639][T16189] hub 2-1:0.132: bad descriptor, ignoring hub
[ 1650.930013][T16189] hub: probe of 2-1:0.132 failed with error -5
[ 1651.000268][    T9] usb 1-1: new full-speed USB device number 89 using dummy_hcd
[ 1651.002815][T16189] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.132/input/input29
[ 1651.483405][    T9] usb 1-1: config 4 has an invalid interface number: 44 but max is 0
[ 1651.606702][    T9] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1651.674611][    T9] usb 1-1: config 4 has no interface number 0
[ 1651.733739][    T9] usb 1-1: config 4 interface 44 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 4
[ 1651.766449][T19201] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3254'.
[ 1651.779066][    T9] usb 1-1: config 4 interface 44 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1651.827624][    T9] usb 1-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20
[ 1651.847672][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1651.871074][    T9] usb 1-1: Product: syz
[ 1651.875560][    T9] usb 1-1: Manufacturer: syz
[ 1651.880216][    T9] usb 1-1: SerialNumber: syz
[ 1652.773873][T16189] usb 3-1: new high-speed USB device number 104 using dummy_hcd
[ 1653.065527][T16189] usb 3-1: config 0 has an invalid interface number: 64 but max is 0
[ 1653.081268][T16189] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1653.102410][T16189] usb 3-1: config 0 has no interface number 0
[ 1653.144652][T16189] usb 3-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[ 1653.168376][    T9] dvb-usb: found a 'Gigabyte U7000' in cold state, will try to load a firmware
[ 1653.182411][T16189] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1653.193870][T16189] usb 3-1: Product: syz
[ 1653.198602][T16189] usb 3-1: Manufacturer: syz
[ 1653.205247][T16189] usb 3-1: SerialNumber: syz
[ 1653.212841][T16189] usb 3-1: config 0 descriptor??
[ 1653.231708][    T9] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1653.266355][    T9] dib0700: firmware download failed at 7 with -22
[ 1653.392401][    T9] usb 1-1: USB disconnect, device number 89
[ 1653.513081][T19214] netlink: 84 bytes leftover after parsing attributes in process `syz.2.3257'.
[ 1653.773390][T16189] usb 3-1: Found UVC 0.00 device syz (046d:0823)
[ 1653.783663][T16189] usb 3-1: No valid video chain found.
[ 1653.807070][T16189] usb 3-1: USB disconnect, device number 104
[ 1654.323916][ T9004] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1655.020259][T19239] bridge4: entered promiscuous mode
[ 1655.910044][T19246] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3264'.
[ 1656.443688][ T9745] usb 1-1: new high-speed USB device number 90 using dummy_hcd
[ 1656.983890][ T9745] usb 1-1: Using ep0 maxpacket: 16
[ 1657.004902][ T9745] usb 1-1: config 0 has an invalid interface number: 132 but max is 0
[ 1657.025402][ T9745] usb 1-1: config 0 has no interface number 0
[ 1657.036273][ T9745] usb 1-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[ 1657.048160][ T9745] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1657.074024][ T9745] usb 1-1: Product: syz
[ 1657.083109][ T9745] usb 1-1: Manufacturer: syz
[ 1657.088318][ T9745] usb 1-1: SerialNumber: syz
[ 1657.096329][ T9745] usb 1-1: config 0 descriptor??
[ 1657.105992][ T9745] hub 1-1:0.132: bad descriptor, ignoring hub
[ 1657.112137][ T9745] hub: probe of 1-1:0.132 failed with error -5
[ 1657.125855][ T9745] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.132/input/input30
[ 1658.194834][T19280] bridge5: entered promiscuous mode
[ 1658.253562][T18702] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1658.678371][T10990] usb 2-1: USB disconnect, device number 98
[ 1658.812090][T19282] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3275'.
[ 1662.906395][T19320] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3286'.
[ 1663.123644][T18702] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1665.170022][ T5126] usb 1-1: reset high-speed USB device number 90 using dummy_hcd
[ 1665.732104][ T5126] usb 1-1: device firmware changed
[ 1665.810564][    T8] usb 1-1: USB disconnect, device number 90
[ 1666.453725][    T8] usb 1-1: new high-speed USB device number 91 using dummy_hcd
[ 1666.989954][    T8] usb 1-1: Using ep0 maxpacket: 16
[ 1667.095043][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1667.260179][    T8] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1667.279586][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1667.293582][ T9004] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1667.378052][    T8] usb 1-1: Product: syz
[ 1667.388207][    T8] usb 1-1: Manufacturer: syz
[ 1667.394038][T19366] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3297'.
[ 1667.398362][    T8] usb 1-1: SerialNumber: syz
[ 1667.435054][    T8] usb 1-1: config 0 descriptor??
[ 1667.455114][    T8] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1667.525769][    T8] em28xx 1-1:0.0: DVB interface 0 found: bulk
[ 1667.624129][    T8] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[ 1668.153723][    T8] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[ 1668.163003][    T8] em28xx 1-1:0.0: board has no eeprom
[ 1668.244343][    T8] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[ 1668.255607][    T8] em28xx 1-1:0.0: dvb set to bulk mode.
[ 1668.266192][T19278] em28xx 1-1:0.0: Binding DVB extension
[ 1668.315487][    T8] usb 1-1: USB disconnect, device number 91
[ 1668.345740][    T8] em28xx 1-1:0.0: Disconnecting em28xx
[ 1669.063167][T19381] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3299'.
[ 1669.367956][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1669.374568][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1671.111515][T19278] em28xx 1-1:0.0: Registering input extension
[ 1671.238002][    T8] em28xx 1-1:0.0: Closing input extension
[ 1671.487481][    T8] em28xx 1-1:0.0: Freeing device
[ 1673.123700][T18702] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1674.305194][T19416] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3309'.
[ 1676.671175][T19439] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1676.803962][T19439] kvm: pic: level sensitive irq not supported
[ 1676.815485][T19439] kvm: pic: non byte read
[ 1676.874391][T19439] kvm: pic: level sensitive irq not supported
[ 1676.877546][T19439] kvm: pic: non byte read
[ 1676.922475][T19439] kvm: pic: level sensitive irq not supported
[ 1677.176638][T19439] kvm: pic: non byte read
[ 1678.034773][ T9004] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1680.012317][T19459] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1680.072631][T19459] bond0: (slave veth0_to_bond): Enslaving as an active interface with an up link
[ 1681.503709][T16189] usb 3-1: new high-speed USB device number 105 using dummy_hcd
[ 1681.824306][T16189] usb 3-1: Using ep0 maxpacket: 8
[ 1682.037689][T16189] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1682.079295][T16189] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1682.123868][T16189] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1682.156795][T16189] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1682.193952][T16189] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1682.203066][T16189] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1682.596702][T16189] usb 3-1: GET_CAPABILITIES returned 0
[ 1682.812885][T16189] usbtmc 3-1:16.0: can't read capabilities
[ 1682.970460][    C0] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1683.029841][T16189] usb 3-1: USB disconnect, device number 105
[ 1683.132492][T19499] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3331'.
[ 1683.283553][T18702] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1683.893950][T19509] binder: 19508:19509 ioctl c0306201 200000000080 returned -14
[ 1683.914217][T19509] binder: 19508:19509 ioctl c0306201 2000000003c0 returned -14
[ 1683.996048][T19511] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1684.017359][T19511] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[ 1686.003695][T18702] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1688.173803][T16189] usb 1-1: new high-speed USB device number 92 using dummy_hcd
[ 1688.443757][T16189] usb 1-1: Using ep0 maxpacket: 8
[ 1688.580792][T16189] usb 1-1: config 1 has an invalid interface number: 64 but max is 6
[ 1688.681107][T16189] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1688.795552][T16189] usb 1-1: config 1 has no interface number 0
[ 1690.124916][T16189] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1690.134256][T16189] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1690.142511][T16189] usb 1-1: Product: syz
[ 1690.147356][T16189] usb 1-1: Manufacturer: syz
[ 1690.151985][T16189] usb 1-1: SerialNumber: syz
[ 1690.387512][T16189] usb 1-1: palm_os_3_probe - error -71 getting connection information
[ 1690.412164][T16189] visor: probe of 1-1:1.64 failed with error -71
[ 1690.433625][T16189] usb 1-1: USB disconnect, device number 92
[ 1690.733797][    T8] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[ 1691.183806][    T8] usb 5-1: Using ep0 maxpacket: 8
[ 1691.219083][    T8] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1691.237022][    T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1691.250314][    T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1691.270844][    T8] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1691.305492][    T8] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1691.324829][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1691.393562][T19278] usb 2-1: new full-speed USB device number 99 using dummy_hcd
[ 1691.563000][    T8] usb 5-1: GET_CAPABILITIES returned 0
[ 1691.569597][    T8] usbtmc 5-1:16.0: can't read capabilities
[ 1691.745878][T19278] usb 2-1: config 4 has an invalid interface number: 44 but max is 0
[ 1691.754166][T19278] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1691.768032][T19278] usb 2-1: config 4 has no interface number 0
[ 1691.778156][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1691.788020][T19278] usb 2-1: config 4 interface 44 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 4
[ 1691.789138][T16189] usb 5-1: USB disconnect, device number 82
[ 1691.799055][T19278] usb 2-1: config 4 interface 44 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1691.820962][T19278] usb 2-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20
[ 1691.831255][T19278] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1691.840301][T19278] usb 2-1: Product: syz
[ 1691.844657][T19278] usb 2-1: Manufacturer: syz
[ 1691.849374][T19278] usb 2-1: SerialNumber: syz
[ 1692.114808][T19278] dvb-usb: found a 'Gigabyte U7000' in cold state, will try to load a firmware
[ 1692.129603][T19278] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1692.138092][T19278] dib0700: firmware download failed at 7 with -22
[ 1692.158230][T19278] usb 2-1: USB disconnect, device number 99
[ 1694.192684][T19573] net_ratelimit: 1 callbacks suppressed
[ 1694.192703][T19573] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[ 1698.315175][T19582] binder: 19581:19582 ioctl c0306201 200000000080 returned -14
[ 1698.354702][T19582] binder: 19581:19582 ioctl c0306201 2000000003c0 returned -14
[ 1698.552629][ T5810] usb 2-1: new high-speed USB device number 100 using dummy_hcd
[ 1698.763868][ T5810] usb 2-1: Using ep0 maxpacket: 8
[ 1698.781595][ T5810] usb 2-1: config 1 has an invalid interface number: 64 but max is 6
[ 1698.793572][ T5810] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1698.803050][ T5810] usb 2-1: config 1 has no interface number 0
[ 1698.814281][ T5810] usb 2-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1698.823676][ T5810] usb 2-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1698.832630][ T5810] usb 2-1: Product: syz
[ 1698.839680][ T5810] usb 2-1: Manufacturer: syz
[ 1698.844577][ T5810] usb 2-1: SerialNumber: syz
[ 1698.973740][T19278] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[ 1699.066766][ T5810] usb 2-1: palm_os_3_probe - error -71 getting connection information
[ 1699.089977][ T5810] visor: probe of 2-1:1.64 failed with error -71
[ 1699.101113][ T5810] usb 2-1: USB disconnect, device number 100
[ 1699.153932][T19278] usb 5-1: Using ep0 maxpacket: 8
[ 1699.162537][T19278] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1699.172520][T19278] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1699.182471][T19278] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1699.194229][T19278] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1699.207770][T19278] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1699.220011][T19278] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1699.494212][T19278] usb 5-1: GET_CAPABILITIES returned 0
[ 1699.518365][T19278] usbtmc 5-1:16.0: can't read capabilities
[ 1699.929991][    C0] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[ 1700.069204][T19278] usb 5-1: USB disconnect, device number 83
[ 1700.720078][   T27] audit: type=1326 audit(1777445306.055:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19612 comm="syz.0.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1700.893724][   T27] audit: type=1326 audit(1777445306.185:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19612 comm="syz.0.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1700.941535][   T27] audit: type=1326 audit(1777445306.275:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19612 comm="syz.0.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1701.040287][   T27] audit: type=1326 audit(1777445306.275:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19612 comm="syz.0.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1701.092125][T19622] binder: 19621:19622 ioctl 4018620d 0 returned -22
[ 1701.118093][   T27] audit: type=1326 audit(1777445306.275:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19612 comm="syz.0.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1701.118960][T19622] binder: 19621:19622 ioctl c0306201 200000000080 returned -14
[ 1701.329743][T19622] binder: 19621:19622 ioctl c0306201 2000000003c0 returned -14
[ 1701.334735][   T27] audit: type=1326 audit(1777445306.275:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19612 comm="syz.0.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1701.392023][   T27] audit: type=1326 audit(1777445306.275:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19612 comm="syz.0.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1702.113206][   T27] audit: type=1326 audit(1777445306.275:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19612 comm="syz.0.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1702.183513][   T27] audit: type=1326 audit(1777445306.275:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19612 comm="syz.0.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1702.207145][   T27] audit: type=1326 audit(1777445306.625:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19612 comm="syz.0.3365" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1703.355126][T19626] syz.2.3366 (19626): drop_caches: 2
[ 1705.893695][T19278] usb 3-1: new high-speed USB device number 106 using dummy_hcd
[ 1706.116356][T19278] usb 3-1: Using ep0 maxpacket: 8
[ 1706.278402][T19278] usb 3-1: config 1 has an invalid interface number: 64 but max is 6
[ 1706.445898][T19278] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 1706.596078][T19278] usb 3-1: config 1 has no interface number 0
[ 1706.783064][T19278] usb 3-1: string descriptor 0 read error: -71
[ 1706.815971][T19278] usb 3-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 1706.839156][T19278] usb 3-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 1706.907241][T19278] usb 3-1: can't set config #1, error -71
[ 1706.922901][T19278] usb 3-1: USB disconnect, device number 106
[ 1708.403764][T18702] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1708.714746][T19687] tmpfs: Bad value for 'nr_inodes'
[ 1713.045098][T19712] overlayfs: invalid origin (0000)
[ 1713.639485][T19726] tmpfs: Bad value for 'nr_inodes'
[ 1718.009285][T19747] overlayfs: invalid origin (0000)
[ 1720.675128][T19765] tmpfs: Bad value for 'nr_inodes'
[ 1723.467252][T19780] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1723.516319][T19780] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1723.571613][T19780] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1723.618671][T19780] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1723.738481][T19780] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1724.783686][ T9004] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1725.533698][ T9004] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1725.613945][T19812] tmpfs: Bad value for 'nr_inodes'
[ 1725.627542][ T9004] Bluetooth: hci3: command 0x0406 tx timeout
[ 1726.210081][ T9004] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1726.588107][    T8] usb 1-1: new high-speed USB device number 93 using dummy_hcd
[ 1727.377766][    T8] usb 1-1: Using ep0 maxpacket: 16
[ 1727.385951][T19816] comedi comedi0: Minor 2 could not be opened
[ 1727.684083][T18702] Bluetooth: hci3: command 0x0406 tx timeout
[ 1727.686128][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1727.703808][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1727.714064][    T8] usb 1-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[ 1727.724446][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1727.745645][    T8] usb 1-1: config 0 descriptor??
[ 1728.465844][T19809] siw: device registration error -23
[ 1728.476624][    T8] usbhid 1-1:0.0: can't add hid device: -71
[ 1728.482757][    T8] usbhid: probe of 1-1:0.0 failed with error -71
[ 1728.496522][    T8] usb 1-1: USB disconnect, device number 93
[ 1729.343638][T10990] usb 3-1: new full-speed USB device number 107 using dummy_hcd
[ 1729.944965][T10990] usb 3-1: config 4 has an invalid interface number: 44 but max is 0
[ 1729.953309][T10990] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1729.973726][T10990] usb 3-1: config 4 has no interface number 0
[ 1730.494937][T10990] usb 3-1: config 4 interface 44 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 4
[ 1730.513614][T10990] usb 3-1: config 4 interface 44 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1730.552117][T10990] usb 3-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20
[ 1730.562811][T10990] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1730.572724][T10990] usb 3-1: Product: syz
[ 1730.577424][T10990] usb 3-1: Manufacturer: syz
[ 1730.614102][T10990] usb 3-1: SerialNumber: syz
[ 1730.815339][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1730.823603][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1732.004884][T19849] tmpfs: Bad value for 'nr_inodes'
[ 1732.014485][T19849] syz.4.3428: attempt to access beyond end of device
[ 1732.014485][T19849] loop4: rw=0, sector=6, nr_sectors = 2 limit=0
[ 1732.027429][T19849] ADFS-fs (loop4): error: unable to read block 3, try 0
[ 1733.654862][T10990] dvb-usb: found a 'Gigabyte U7000' in cold state, will try to load a firmware
[ 1733.826824][T10990] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1733.879429][T10990] dib0700: firmware download failed at 7 with -22
[ 1733.893850][T12699] usb 1-1: new high-speed USB device number 94 using dummy_hcd
[ 1734.059158][T10990] usb 3-1: USB disconnect, device number 107
[ 1734.113725][T12699] usb 1-1: Using ep0 maxpacket: 8
[ 1734.130909][T12699] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1734.141866][T12699] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1734.151946][T12699] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1734.162122][T12699] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1734.175625][T12699] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1734.184884][T12699] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1734.803857][T10990] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[ 1734.827666][T12699] usb 1-1: usb_control_msg returned -71
[ 1734.833986][T12699] usbtmc 1-1:16.0: can't read capabilities
[ 1734.885945][T12699] usb 1-1: USB disconnect, device number 94
[ 1735.103956][T10990] usb 3-1: Using ep0 maxpacket: 16
[ 1735.121310][T10990] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1735.197211][T10990] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1735.244108][T10990] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[ 1735.327543][T10990] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1735.451686][T10990] usb 3-1: config 0 descriptor??
[ 1736.546320][T10990] usbhid 3-1:0.0: can't add hid device: -71
[ 1736.599685][T10990] usbhid: probe of 3-1:0.0 failed with error -71
[ 1736.739944][T10990] usb 3-1: USB disconnect, device number 108
[ 1739.477810][T19886] tmpfs: Bad value for 'nr_inodes'
[ 1739.486213][T19886] syz.0.3439: attempt to access beyond end of device
[ 1739.486213][T19886] loop0: rw=0, sector=6, nr_sectors = 2 limit=0
[ 1739.499366][T19886] ADFS-fs (loop0): error: unable to read block 3, try 0
[ 1743.673593][T12699] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[ 1744.003576][T12699] usb 5-1: Using ep0 maxpacket: 8
[ 1744.019876][T12699] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1744.021066][T19897] overlayfs: invalid origin (0000)
[ 1744.030165][T12699] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1744.030236][T12699] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1744.030293][T12699] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1744.106044][T12699] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1744.115626][T12699] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1744.588854][T12699] usb 5-1: usb_control_msg returned -71
[ 1744.595105][T12699] usbtmc 5-1:16.0: can't read capabilities
[ 1744.636413][T12699] usb 5-1: USB disconnect, device number 84
[ 1747.752415][T19922] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3450'.
[ 1747.863602][    T9] usb 1-1: new full-speed USB device number 95 using dummy_hcd
[ 1748.081788][    T9] usb 1-1: config 4 has an invalid interface number: 44 but max is 0
[ 1748.613483][    T9] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1748.833270][    T9] usb 1-1: config 4 has no interface number 0
[ 1748.973828][    T9] usb 1-1: config 4 interface 44 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 4
[ 1749.251342][T19937] overlayfs: invalid origin (0000)
[ 1749.272005][    T9] usb 1-1: config 4 interface 44 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1749.452792][    T9] usb 1-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20
[ 1749.462372][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1749.482443][    T9] usb 1-1: Product: syz
[ 1750.296124][    T9] usb 1-1: Manufacturer: syz
[ 1750.300998][    T9] usb 1-1: SerialNumber: syz
[ 1750.379855][    T9] usb 1-1: can't set config #4, error -71
[ 1750.420475][    T9] usb 1-1: USB disconnect, device number 95
[ 1751.785741][   T27] kauditd_printk_skb: 14 callbacks suppressed
[ 1751.785789][   T27] audit: type=1326 audit(1777445357.115:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19950 comm="syz.0.3460" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x0
[ 1753.752205][T19982] overlayfs: invalid origin (0000)
[ 1761.385508][T20019] netlink: 'syz.0.3478': attribute type 3 has an invalid length.
[ 1761.528558][T20021] overlayfs: invalid origin (0000)
[ 1767.374910][T10990] usb 2-1: new full-speed USB device number 101 using dummy_hcd
[ 1767.726653][T10990] usb 2-1: config 4 has an invalid interface number: 44 but max is 0
[ 1767.749806][T10990] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1767.773446][T10990] usb 2-1: config 4 has no interface number 0
[ 1767.790032][T10990] usb 2-1: config 4 interface 44 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 4
[ 1767.807649][T10990] usb 2-1: config 4 interface 44 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1768.824310][T10990] usb 2-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20
[ 1768.833878][T10990] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1768.859861][T10990] usb 2-1: can't set config #4, error -71
[ 1768.872421][T10990] usb 2-1: USB disconnect, device number 101
[ 1771.358689][T20101] overlayfs: invalid origin (0000)
[ 1773.171495][T20126] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3506'.
[ 1773.518957][T20115] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1773.541887][T20115] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1773.567224][T20115] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1773.601451][T20115] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1775.015795][T18702] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1775.872778][ T9004] Bluetooth: hci3: command 0x0406 tx timeout
[ 1775.879028][T18125] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1775.885629][T18702] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1776.553920][T20147] overlayfs: invalid origin (0000)
[ 1777.228636][T20158] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3516'.
[ 1777.500697][T20155] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1777.622758][T20155] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1777.678793][T20155] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1777.762458][T20155] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1780.132682][T18702] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1780.138898][T18702] Bluetooth: hci3: command 0x0406 tx timeout
[ 1780.145554][T18702] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1780.151618][T18702] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1781.839225][    T8] usb 3-1: new full-speed USB device number 109 using dummy_hcd
[ 1782.272710][    T8] usb 3-1: config 4 has an invalid interface number: 44 but max is 0
[ 1782.407242][    T8] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1782.436741][    T8] usb 3-1: config 4 has no interface number 0
[ 1782.443920][    T8] usb 3-1: config 4 interface 44 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 4
[ 1782.473517][    T8] usb 3-1: config 4 interface 44 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1782.510501][    T8] usb 3-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20
[ 1782.528081][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1782.537845][    T8] usb 3-1: Product: syz
[ 1782.542492][    T8] usb 3-1: Manufacturer: syz
[ 1782.551445][    T8] usb 3-1: SerialNumber: syz
[ 1783.289633][    T8] dvb-usb: found a 'Gigabyte U7000' in cold state, will try to load a firmware
[ 1783.328740][    T8] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1783.358746][    T8] dib0700: firmware download failed at 7 with -22
[ 1783.377512][T20198] overlayfs: invalid origin (0000)
[ 1783.394235][    T8] usb 3-1: USB disconnect, device number 109
[ 1783.447114][T20199] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1783.474216][T20199] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[ 1783.480611][T20199] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1783.495056][T20199] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1783.930127][T12699] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[ 1784.681567][T12699] usb 1-1: device descriptor read/64, error -71
[ 1784.778973][T20210] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3531'.
[ 1784.795232][T20210] ip6gre1: entered promiscuous mode
[ 1784.800665][T20210] ip6gre1: entered allmulticast mode
[ 1785.084042][T12699] usb 1-1: new high-speed USB device number 97 using dummy_hcd
[ 1785.093836][    T8] usb 3-1: new high-speed USB device number 110 using dummy_hcd
[ 1785.263726][T12699] usb 1-1: device descriptor read/64, error -71
[ 1785.284080][T18125] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1785.297923][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1785.309835][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1785.320508][    T8] usb 3-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 1785.330391][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1785.350245][    T8] usb 3-1: config 0 descriptor??
[ 1785.386130][T12699] usb usb1-port1: attempt power cycle
[ 1785.523634][T18702] Bluetooth: hci3: command 0x0406 tx timeout
[ 1785.523645][ T9004] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1785.528918][T20219] binder: 20218:20219 ioctl c0306201 200000000080 returned -14
[ 1785.530051][T18125] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1785.537394][T20219] binder: 20218:20219 ioctl c0306201 2000000003c0 returned -14
[ 1785.803563][T12699] usb 1-1: new high-speed USB device number 98 using dummy_hcd
[ 1785.854632][T12699] usb 1-1: device descriptor read/8, error -71
[ 1786.013632][    T8] hid-led: probe of 0003:27B8:01ED.0001 failed with error -71
[ 1786.032932][    T8] usb 3-1: USB disconnect, device number 110
[ 1786.133601][T12699] usb 1-1: new high-speed USB device number 99 using dummy_hcd
[ 1786.174577][T12699] usb 1-1: device descriptor read/8, error -71
[ 1786.296018][T12699] usb usb1-port1: unable to enumerate USB device
[ 1787.643631][T10990] usb 1-1: new full-speed USB device number 100 using dummy_hcd
[ 1789.183976][T10990] usb 1-1: config 4 has an invalid interface number: 44 but max is 0
[ 1789.208878][T10990] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1789.239848][T10990] usb 1-1: config 4 has no interface number 0
[ 1789.265269][T10990] usb 1-1: config 4 interface 44 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 4
[ 1789.307588][T10990] usb 1-1: config 4 interface 44 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1789.347004][T20252] bond0: (slave veth0_to_bond): Releasing backup interface
[ 1789.361696][T10990] usb 1-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20
[ 1789.392385][T10990] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1789.416321][T10990] usb 1-1: Product: syz
[ 1789.428777][T10990] usb 1-1: Manufacturer: syz
[ 1789.441058][T10990] usb 1-1: SerialNumber: syz
[ 1790.164783][T10990] dvb-usb: found a 'Gigabyte U7000' in cold state, will try to load a firmware
[ 1790.175917][T10990] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1790.190253][T10990] dib0700: firmware download failed at 7 with -22
[ 1790.211281][T10990] usb 1-1: USB disconnect, device number 100
[ 1790.703468][T12699] usb 2-1: new high-speed USB device number 102 using dummy_hcd
[ 1791.008278][T12699] usb 2-1: device descriptor read/64, error -71
[ 1792.047245][T12699] usb 2-1: new high-speed USB device number 103 using dummy_hcd
[ 1792.244145][T12699] usb 2-1: device descriptor read/64, error -71
[ 1792.250882][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1792.257482][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1792.396287][T12699] usb usb2-port1: attempt power cycle
[ 1792.839371][T12699] usb 2-1: new high-speed USB device number 104 using dummy_hcd
[ 1792.916953][T12699] usb 2-1: device descriptor read/8, error -71
[ 1793.203673][T12699] usb 2-1: new high-speed USB device number 105 using dummy_hcd
[ 1793.247161][T12699] usb 2-1: device descriptor read/8, error -71
[ 1793.383799][T12699] usb usb2-port1: unable to enumerate USB device
[ 1794.488746][T10990] usb 1-1: new full-speed USB device number 101 using dummy_hcd
[ 1795.930890][T10990] usb 1-1: config 4 has an invalid interface number: 44 but max is 0
[ 1796.017790][T10990] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1796.181109][T10990] usb 1-1: config 4 has no interface number 0
[ 1796.310478][T10990] usb 1-1: config 4 interface 44 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 4
[ 1796.463092][T10990] usb 1-1: config 4 interface 44 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1796.500418][T10990] usb 1-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20
[ 1796.509861][T10990] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1796.522633][T10990] usb 1-1: Product: syz
[ 1796.528485][T10990] usb 1-1: Manufacturer: syz
[ 1796.533319][T10990] usb 1-1: SerialNumber: syz
[ 1799.700726][T10990] dvb-usb: found a 'Gigabyte U7000' in cold state, will try to load a firmware
[ 1799.715432][T10990] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1799.724147][T10990] dib0700: firmware download failed at 7 with -22
[ 1799.741662][T10990] usb 1-1: USB disconnect, device number 101
[ 1800.143515][    T8] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[ 1800.313604][    T8] usb 5-1: device descriptor read/64, error -71
[ 1800.583537][    T8] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[ 1800.734466][    T8] usb 5-1: device descriptor read/64, error -71
[ 1800.865806][    T8] usb usb5-port1: attempt power cycle
[ 1800.931718][T20338] overlayfs: invalid origin (0000)
[ 1801.373806][    T8] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[ 1801.404199][    T8] usb 5-1: device descriptor read/8, error -71
[ 1801.953811][    T8] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[ 1802.270851][    T8] usb 5-1: device descriptor read/8, error -71
[ 1802.455898][    T8] usb usb5-port1: unable to enumerate USB device
[ 1803.613722][T10990] usb 1-1: new full-speed USB device number 102 using dummy_hcd
[ 1803.817099][T10990] usb 1-1: config 4 has an invalid interface number: 44 but max is 0
[ 1805.594007][T10990] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1805.636900][T10990] usb 1-1: config 4 has no interface number 0
[ 1805.670780][T10990] usb 1-1: config 4 interface 44 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 4
[ 1805.697468][T10990] usb 1-1: config 4 interface 44 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1805.731111][T10990] usb 1-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice= 5.20
[ 1805.751123][T10990] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1805.781960][T10990] usb 1-1: Product: syz
[ 1805.792108][T10990] usb 1-1: Manufacturer: syz
[ 1805.800020][T10990] usb 1-1: SerialNumber: syz
[ 1806.020729][T10990] dvb-usb: found a 'Gigabyte U7000' in cold state, will try to load a firmware
[ 1806.080054][T10990] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[ 1806.142021][T10990] dib0700: firmware download failed at 7 with -22
[ 1806.167573][T10990] usb 1-1: USB disconnect, device number 102
[ 1806.633496][T10990] usb 1-1: new high-speed USB device number 103 using dummy_hcd
[ 1806.813832][T10990] usb 1-1: Using ep0 maxpacket: 16
[ 1806.943286][T10990] usb 1-1: config 0 has an invalid interface number: 132 but max is 0
[ 1806.961352][T10990] usb 1-1: config 0 has no interface number 0
[ 1807.339137][T10990] usb 1-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[ 1807.649361][T10990] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1807.793473][T10990] usb 1-1: Product: syz
[ 1807.815841][T10990] usb 1-1: Manufacturer: syz
[ 1807.833506][T10990] usb 1-1: SerialNumber: syz
[ 1807.858710][T10990] usb 1-1: config 0 descriptor??
[ 1807.875650][T10990] hub 1-1:0.132: bad descriptor, ignoring hub
[ 1807.882358][T10990] hub: probe of 1-1:0.132 failed with error -5
[ 1807.908222][T10990] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.132/input/input32
[ 1808.397764][T20386] overlayfs: invalid origin (0000)
[ 1811.684003][T20412] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1813.600532][T20426] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3593'.
[ 1814.876129][T20434] block device autoloading is deprecated and will be removed.
[ 1814.946285][T10990] usb 2-1: new high-speed USB device number 106 using dummy_hcd
[ 1815.183874][T10990] usb 2-1: Using ep0 maxpacket: 16
[ 1815.235547][ T9745] usb 1-1: USB disconnect, device number 103
[ 1817.038517][T10990] usb 2-1: config 0 has an invalid interface number: 132 but max is 0
[ 1817.051210][T10990] usb 2-1: config 0 has no interface number 0
[ 1817.073874][T10990] usb 2-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[ 1817.117671][T10990] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1817.151125][T10990] usb 2-1: Product: syz
[ 1817.164996][T10990] usb 2-1: Manufacturer: syz
[ 1817.178239][T10990] usb 2-1: SerialNumber: syz
[ 1817.211512][T10990] usb 2-1: config 0 descriptor??
[ 1817.236399][T10990] hub 2-1:0.132: bad descriptor, ignoring hub
[ 1817.255776][T10990] hub: probe of 2-1:0.132 failed with error -5
[ 1817.285120][T10990] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.132/input/input34
[ 1818.003679][ T9745] usb 2-1: USB disconnect, device number 106
[ 1820.357547][T20469] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3606'.
[ 1821.022869][T20476] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1821.767383][T20481] overlayfs: invalid origin (0000)
[ 1822.920651][    T8] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[ 1823.103487][    T8] usb 5-1: Using ep0 maxpacket: 16
[ 1823.185648][    T8] usb 5-1: config 0 has an invalid interface number: 132 but max is 0
[ 1823.199131][    T8] usb 5-1: config 0 has no interface number 0
[ 1823.216902][    T8] usb 5-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[ 1823.230941][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1824.033457][    T8] usb 5-1: Product: syz
[ 1824.037701][    T8] usb 5-1: Manufacturer: syz
[ 1824.042339][    T8] usb 5-1: SerialNumber: syz
[ 1824.050975][    T8] usb 5-1: config 0 descriptor??
[ 1824.060680][    T8] hub 5-1:0.132: bad descriptor, ignoring hub
[ 1824.080167][    T8] hub: probe of 5-1:0.132 failed with error -5
[ 1824.103806][    T8] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.132/input/input36
[ 1824.524211][ T5810] usb 5-1: USB disconnect, device number 89
[ 1824.858768][T20502] netlink: 40 bytes leftover after parsing attributes in process `syz.0.3616'.
[ 1828.454506][T20516] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1828.462123][T20516] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1828.475541][T20534] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1828.962293][T20516] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1829.003016][T20516] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1830.049633][T20516] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1830.059279][T20516] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1830.068777][T20516] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1830.078180][T20516] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1830.244058][    T8] lo speed is unknown, defaulting to 1000
[ 1830.251938][T20539] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3626'.
[ 1830.863501][ T5810] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[ 1831.616802][T20548] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3628'.
[ 1832.785741][ T5810] usb 5-1: Using ep0 maxpacket: 16
[ 1832.962698][ T5810] usb 5-1: config 0 has an invalid interface number: 132 but max is 0
[ 1832.971444][ T5810] usb 5-1: config 0 has no interface number 0
[ 1832.982296][ T5810] usb 5-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[ 1832.991677][ T5810] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1833.005820][ T5810] usb 5-1: Product: syz
[ 1833.010183][ T5810] usb 5-1: Manufacturer: syz
[ 1833.014977][ T5810] usb 5-1: SerialNumber: syz
[ 1833.022264][ T5810] usb 5-1: config 0 descriptor??
[ 1833.033580][ T5810] hub 5-1:0.132: bad descriptor, ignoring hub
[ 1833.040187][ T5810] hub: probe of 5-1:0.132 failed with error -5
[ 1833.051689][ T5810] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.132/input/input39
[ 1833.121152][ T5810] usb 5-1: USB disconnect, device number 90
[ 1833.418501][T20545] udevd[20545]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1834.794635][T20577] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3635'.
[ 1837.819897][T20589] overlayfs: invalid origin (0000)
[ 1838.207666][T20597] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1838.413505][    T8] usb 2-1: new high-speed USB device number 107 using dummy_hcd
[ 1838.923810][    T8] usb 2-1: Using ep0 maxpacket: 16
[ 1838.947837][    T8] usb 2-1: config 0 has an invalid interface number: 132 but max is 0
[ 1838.957083][    T8] usb 2-1: config 0 has no interface number 0
[ 1838.977694][    T8] usb 2-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[ 1839.046506][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1839.083440][    T8] usb 2-1: Product: syz
[ 1839.089393][    T8] usb 2-1: Manufacturer: syz
[ 1839.094643][    T8] usb 2-1: SerialNumber: syz
[ 1839.106726][    T8] usb 2-1: config 0 descriptor??
[ 1839.126413][    T8] hub 2-1:0.132: bad descriptor, ignoring hub
[ 1839.138410][    T8] hub: probe of 2-1:0.132 failed with error -5
[ 1839.227191][    T8] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.132/input/input41
[ 1839.601977][   T27] audit: type=1326 audit(1777445444.935:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20605 comm="syz.0.3646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1839.624384][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1839.638513][   T27] audit: type=1326 audit(1777445444.975:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20605 comm="syz.0.3646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1840.475051][   T27] audit: type=1326 audit(1777445444.975:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20605 comm="syz.0.3646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1840.501577][   T27] audit: type=1326 audit(1777445444.975:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20605 comm="syz.0.3646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1840.580712][   T27] audit: type=1326 audit(1777445444.975:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20605 comm="syz.0.3646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1840.804614][   T27] audit: type=1326 audit(1777445445.815:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20605 comm="syz.0.3646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1841.660209][   T27] audit: type=1326 audit(1777445445.865:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20605 comm="syz.0.3646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1841.700126][   T27] audit: type=1326 audit(1777445445.865:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20605 comm="syz.0.3646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1841.812708][   T27] audit: type=1326 audit(1777445445.875:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20605 comm="syz.0.3646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1841.836703][    T8] usb 2-1: USB disconnect, device number 107
[ 1842.083988][   T27] audit: type=1326 audit(1777445447.065:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20605 comm="syz.0.3646" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1842.956960][T20639] overlayfs: invalid origin (0000)
[ 1843.445084][T20642] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1846.115146][T18125] Bluetooth: hci1: unexpected event for opcode 0x1804
[ 1846.899691][T20676] overlayfs: failed to resolve './file1/file0': -2
[ 1848.017662][T18702] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1848.217793][T20683] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1849.992558][T20714] overlayfs: invalid origin (0000)
[ 1853.694302][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1853.700696][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1854.258758][T20750] overlayfs: invalid origin (0000)
[ 1856.051377][T20769] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3691'.
[ 1856.067405][T20769] ip6gre1: entered promiscuous mode
[ 1856.072783][T20769] ip6gre1: entered allmulticast mode
[ 1856.673855][    T8] usb 5-1: new high-speed USB device number 92 using dummy_hcd
[ 1856.986541][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1857.255966][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1857.389153][    T8] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 1857.627353][T20789] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3697'.
[ 1857.673674][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1857.897326][    T8] usb 5-1: config 0 descriptor??
[ 1859.205918][    T8] hid-led: probe of 0003:27B8:01ED.0002 failed with error -71
[ 1859.215523][    T8] usb 5-1: USB disconnect, device number 92
[ 1862.233663][    T9] usb 2-1: new high-speed USB device number 108 using dummy_hcd
[ 1862.413722][    T9] usb 2-1: Using ep0 maxpacket: 32
[ 1862.436714][    T9] usb 2-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[ 1862.463849][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1862.473996][    T9] usb 2-1: Product: syz
[ 1862.478344][    T9] usb 2-1: Manufacturer: syz
[ 1862.483182][    T9] usb 2-1: SerialNumber: syz
[ 1862.497483][    T9] usb 2-1: config 0 descriptor??
[ 1862.525849][    T9] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[ 1865.339057][    T9] gspca_ov534_9: reg_r err -71
[ 1866.553608][    T9] gspca_ov534_9: Unknown sensor 0000
[ 1866.554371][    T9] ov534_9: probe of 2-1:0.0 failed with error -22
[ 1867.053819][    T9] usb 2-1: USB disconnect, device number 108
[ 1877.299461][T20928] comedi comedi0: Minor 2 could not be opened
[ 1879.896651][T20917] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1880.516215][T20948] binder: 20944:20948 ioctl c0306201 200000000080 returned -14
[ 1880.710035][T20948] binder: 20944:20948 ioctl c0306201 2000000003c0 returned -14
[ 1882.588271][T20971] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3753'.
[ 1885.274285][T20986] binder: 20985:20986 ioctl c0306201 200000000080 returned -14
[ 1885.296483][T20986] binder: 20985:20986 ioctl c0306201 2000000003c0 returned -14
[ 1885.857333][T20991] netlink: 'syz.2.3761': attribute type 1 has an invalid length.
[ 1886.079026][T20991] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1886.276587][T21008] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3766'.
[ 1887.183650][T16189] usb 3-1: new high-speed USB device number 111 using dummy_hcd
[ 1887.340237][T21024] binder: 21023:21024 ioctl c0306201 200000000080 returned -14
[ 1887.371163][T21024] binder: 21023:21024 ioctl c0306201 2000000003c0 returned -14
[ 1887.450988][T16189] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1887.469230][T16189] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1887.508200][T16189] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1887.655953][T16189] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1887.695887][T16189] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1887.727661][T16189] usb 3-1: SerialNumber: syz
[ 1888.022566][T21031] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1888.628549][T21036] netlink: 'syz.1.3775': attribute type 1 has an invalid length.
[ 1888.946581][T21036] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1889.045601][T16189] usb 3-1: 0:2 : does not exist
[ 1889.085947][T16189] usb 3-1: USB disconnect, device number 111
[ 1889.110438][T21040] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3776'.
[ 1889.175039][T21042] udevd[21042]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1889.415134][T21052] binder: 21051:21052 ioctl c0306201 200000000080 returned -14
[ 1889.430193][T21052] binder: 21051:21052 ioctl c0306201 2000000003c0 returned -14
[ 1889.456477][   T27] kauditd_printk_skb: 1 callbacks suppressed
[ 1889.456494][   T27] audit: type=1326 audit(1777445494.795:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21043 comm="syz.0.3777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1889.493806][   T27] audit: type=1326 audit(1777445494.795:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21043 comm="syz.0.3777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1889.518564][   T27] audit: type=1326 audit(1777445494.795:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21043 comm="syz.0.3777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1889.544695][   T27] audit: type=1326 audit(1777445494.795:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21043 comm="syz.0.3777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1889.578609][   T27] audit: type=1326 audit(1777445494.795:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21043 comm="syz.0.3777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1889.714393][   T27] audit: type=1326 audit(1777445494.795:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21043 comm="syz.0.3777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1889.746465][   T27] audit: type=1326 audit(1777445494.825:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21043 comm="syz.0.3777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1889.785011][   T27] audit: type=1326 audit(1777445494.825:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21043 comm="syz.0.3777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1889.826042][   T27] audit: type=1326 audit(1777445494.825:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21043 comm="syz.0.3777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1889.852622][   T27] audit: type=1326 audit(1777445494.825:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21043 comm="syz.0.3777" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd1fa79cdd9 code=0x7ffc0000
[ 1889.966962][T21061] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3783'.
[ 1890.228276][T21066] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3785'.
[ 1890.254366][T16189] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[ 1890.357710][T21070] netlink: 'syz.1.3787': attribute type 1 has an invalid length.
[ 1890.497726][T18125] Bluetooth: hci2: unexpected event for opcode 0x1804
[ 1890.530513][T21070] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1890.651860][T16189] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1890.663145][T16189] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1890.673387][T16189] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 1890.682616][T16189] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1891.376125][T16189] usb 5-1: config 0 descriptor??
[ 1891.564468][T21080] binder: 21079:21080 ioctl c0306201 200000000080 returned -14
[ 1891.575303][T21080] binder: 21079:21080 ioctl c0306201 2000000003c0 returned -14
[ 1891.688084][T21084] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1892.057017][T16189] hid-led: probe of 0003:27B8:01ED.0003 failed with error -71
[ 1892.214421][T16189] usb 5-1: USB disconnect, device number 93
[ 1893.299586][T21100] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3795'.
[ 1893.317287][T21102] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3796'.
[ 1893.482360][T21102] overlayfs: overlapping lowerdir path
[ 1893.564504][T21107] netlink: 'syz.2.3797': attribute type 1 has an invalid length.
[ 1893.631664][T21107] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1893.785654][T21112] binder: 21111:21112 ioctl c0306201 200000000080 returned -14
[ 1893.796941][T21112] binder: 21111:21112 ioctl c0306201 2000000003c0 returned -14
[ 1893.863662][ T5810] usb 5-1: new high-speed USB device number 94 using dummy_hcd
[ 1894.096596][ T5810] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1894.398508][ T5810] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1894.419302][ T5810] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1894.438279][ T5810] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1894.474528][T21109] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1894.489145][ T5810] usb 5-1: Quirk or no altest; falling back to MIDI 1.0
[ 1894.527180][   T27] kauditd_printk_skb: 8 callbacks suppressed
[ 1894.527199][   T27] audit: type=1326 audit(1777445499.855:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21115 comm="syz.1.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ccc19cdd9 code=0x7ffc0000
[ 1894.639235][   T27] audit: type=1326 audit(1777445499.855:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21115 comm="syz.1.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ccc19cdd9 code=0x7ffc0000
[ 1894.673148][   T27] audit: type=1326 audit(1777445499.855:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21115 comm="syz.1.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f5ccc19cdd9 code=0x7ffc0000
[ 1894.879635][   T27] audit: type=1326 audit(1777445499.865:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21115 comm="syz.1.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ccc19cdd9 code=0x7ffc0000
[ 1894.933650][   T27] audit: type=1326 audit(1777445499.865:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21115 comm="syz.1.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f5ccc19cdd9 code=0x7ffc0000
[ 1895.072279][T21132] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1895.081986][   T27] audit: type=1326 audit(1777445499.915:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21115 comm="syz.1.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ccc19cdd9 code=0x7ffc0000
[ 1895.082094][   T27] audit: type=1326 audit(1777445499.915:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21115 comm="syz.1.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ccc19cdd9 code=0x7ffc0000
[ 1895.150267][   T27] audit: type=1326 audit(1777445500.005:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21115 comm="syz.1.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7f5ccc19cdd9 code=0x7ffc0000
[ 1895.191115][   T27] audit: type=1326 audit(1777445500.005:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21115 comm="syz.1.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5ccc19cdd9 code=0x7ffc0000
[ 1895.255049][   T27] audit: type=1326 audit(1777445500.105:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21115 comm="syz.1.3800" exe="/root/syz-executor" sig=0 arch=c000003e syscall=288 compat=0 ip=0x7f5ccc19cdd9 code=0x7ffc0000
[ 1895.763534][T21125] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1895.915968][T21139] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3805'.
[ 1896.321686][T21102] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1896.789563][    T9] usb 5-1: USB disconnect, device number 94
[ 1896.844050][T21147] netlink: 'syz.0.3807': attribute type 1 has an invalid length.
[ 1897.027458][T21147] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1897.995916][T21167] overlayfs: invalid origin (0000)
[ 1898.411638][T21172] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1899.224102][T21180] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3817'.
[ 1900.619174][T21186] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3819'.
[ 1901.043428][T21125] Bluetooth: hci3: command 0x0406 tx timeout
[ 1901.087742][T21186] overlayfs: overlapping lowerdir path
[ 1901.353973][T21194] netlink: 'syz.4.3821': attribute type 1 has an invalid length.
[ 1901.439995][T21194] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1901.446979][    T8] usb 3-1: new high-speed USB device number 112 using dummy_hcd
[ 1901.657279][    T8] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1901.693794][    T8] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1901.724604][    T8] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1901.759220][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1901.795116][T21192] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1901.811802][    T8] usb 3-1: Quirk or no altest; falling back to MIDI 1.0
[ 1902.223538][    T8] usb 2-1: new high-speed USB device number 109 using dummy_hcd
[ 1902.406011][    T8] usb 2-1: config 139 has an invalid interface number: 60 but max is 0
[ 1902.414488][    T8] usb 2-1: config 139 has no interface number 0
[ 1902.420798][    T8] usb 2-1: config 139 interface 60 has no altsetting 0
[ 1902.430152][    T8] usb 2-1: New USB device found, idVendor=15c2, idProduct=003e, bcdDevice=54.3a
[ 1902.439479][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1902.447538][    T8] usb 2-1: Product: syz
[ 1902.451751][    T8] usb 2-1: Manufacturer: syz
[ 1902.456457][    T8] usb 2-1: SerialNumber: syz
[ 1902.672049][    T8] imon 2-1:139.60: unable to register, err -19
[ 1902.691845][    T8] usb 2-1: USB disconnect, device number 109
[ 1903.087200][T21186] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1903.161755][    T8] usb 3-1: USB disconnect, device number 112
[ 1903.344168][T21215] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3827'.
[ 1904.257420][T21227] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3831'.
[ 1904.340837][T21233] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1904.470974][T21125] Bluetooth: hci3: unexpected event for opcode 0x1804
[ 1904.533495][ T5810] usb 5-1: new high-speed USB device number 95 using dummy_hcd
[ 1905.465013][ T5810] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1905.523556][ T5810] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1905.544413][ T5810] usb 5-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 1905.556582][ T5810] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1905.583518][ T5810] usb 5-1: config 0 descriptor??
[ 1905.911671][T21244] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3838'.
[ 1906.004706][T21244] overlayfs: overlapping lowerdir path
[ 1906.296715][ T5810] hid-led: probe of 0003:27B8:01ED.0004 failed with error -71
[ 1906.350795][ T5810] usb 5-1: USB disconnect, device number 95
[ 1906.453569][    T8] usb 3-1: new high-speed USB device number 113 using dummy_hcd
[ 1906.794294][T21252] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3839'.
[ 1907.135753][    T8] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1907.151334][    T8] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1907.161942][    T8] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1907.174044][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1907.190593][T21248] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1907.201502][    T8] usb 3-1: Quirk or no altest; falling back to MIDI 1.0
[ 1908.893494][T21244] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[ 1910.491503][ T5810] usb 3-1: USB disconnect, device number 113
[ 1910.830904][T21282] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1911.408778][T21288] netlink: 20 bytes leftover after parsing attributes in process `syz.1.3851'.
[ 1911.454507][T21288] ip6gre1: entered promiscuous mode
[ 1911.462167][T21288] ip6gre1: entered allmulticast mode
[ 1911.803484][    T9] usb 2-1: new high-speed USB device number 110 using dummy_hcd
[ 1911.985299][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1912.028578][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1912.066344][    T9] usb 2-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[ 1912.122110][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1912.142333][    T9] usb 2-1: config 0 descriptor??
[ 1913.133755][    T9] hid-led: probe of 0003:27B8:01ED.0005 failed with error -71
[ 1913.157468][    T9] usb 2-1: USB disconnect, device number 110
[ 1913.543721][ T5810] usb 3-1: new high-speed USB device number 114 using dummy_hcd
[ 1913.743667][ T5810] usb 3-1: Using ep0 maxpacket: 16
[ 1913.783501][ T5810] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1913.795416][ T5810] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1913.805673][ T5810] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[ 1913.815073][ T5810] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1913.825835][ T5810] usb 3-1: config 0 descriptor??
[ 1914.071138][T21307] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1914.106926][T21307] kvm: pic: level sensitive irq not supported
[ 1914.107050][T21307] kvm: pic: non byte read
[ 1915.128908][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1916.028850][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 1916.504955][ T5810] usbhid 3-1:0.0: can't add hid device: -71
[ 1916.510978][ T5810] usbhid: probe of 3-1:0.0 failed with error -71
[ 1916.521267][T21317] nvme_fabrics: unknown parameter or missing value 'syz0' in ctrl creation request
[ 1916.573488][ T5810] usb 3-1: USB disconnect, device number 114
[ 1918.176211][T21343] 9pnet_fd: Insufficient options for proto=fd
[ 1921.909654][    T9] usb 3-1: new high-speed USB device number 115 using dummy_hcd
[ 1922.123406][    T9] usb 3-1: Using ep0 maxpacket: 16
[ 1922.134463][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1922.151706][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1922.183668][    T9] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[ 1922.192814][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1922.224639][    T9] usb 3-1: config 0 descriptor??
[ 1922.656264][T21373] netlink: 44 bytes leftover after parsing attributes in process `syz.4.3878'.
[ 1922.674845][T21379] overlayfs: invalid origin (0000)
[ 1925.604605][    T9] usbhid 3-1:0.0: can't add hid device: -71
[ 1925.610998][    T9] usbhid: probe of 3-1:0.0 failed with error -71
[ 1925.636540][    T9] usb 3-1: USB disconnect, device number 115
[ 1925.855597][T21125] Bluetooth: hci0: unexpected event for opcode 0x080c
[ 1926.368422][T21125] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:201'
[ 1926.380831][T21125] CPU: 0 PID: 21125 Comm: kworker/u5:1 Not tainted syzkaller #0
[ 1926.388496][T21125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1926.398555][T21125] Workqueue: hci2 hci_rx_work
[ 1926.403268][T21125] Call Trace:
[ 1926.406556][T21125]  <TASK>
[ 1926.409498][T21125]  dump_stack_lvl+0x18c/0x250
[ 1926.414208][T21125]  ? show_regs_print_info+0x20/0x20
[ 1926.419433][T21125]  ? load_image+0x420/0x420
[ 1926.424075][T21125]  sysfs_create_dir_ns+0x26e/0x2a0
[ 1926.429258][T21125]  ? sysfs_warn_dup+0xa0/0xa0
[ 1926.433995][T21125]  ? do_raw_spin_unlock+0x121/0x230
[ 1926.439432][T21125]  kobject_add_internal+0x61c/0xcc0
[ 1926.444759][T21125]  kobject_add+0x164/0x240
[ 1926.449199][T21125]  ? __rwlock_init+0x150/0x150
[ 1926.453979][T21125]  ? kobject_init+0x1e0/0x1e0
[ 1926.458693][T21125]  ? _raw_spin_unlock+0x28/0x40
[ 1926.463552][T21125]  ? get_device_parent+0x366/0x390
[ 1926.468676][T21125]  device_add+0x408/0xc20
[ 1926.473021][T21125]  hci_conn_add_sysfs+0xd5/0x1e0
[ 1926.477968][T21125]  le_conn_complete_evt+0xf5d/0x1540
[ 1926.483257][T21125]  ? hci_event_packet+0x4cb/0x1270
[ 1926.488384][T21125]  ? hci_le_big_info_adv_report_evt+0x910/0x910
[ 1926.494653][T21125]  ? __mutex_unlock_slowpath+0x1b4/0x6c0
[ 1926.500296][T21125]  ? skb_pull_data+0xfb/0x200
[ 1926.504986][T21125]  hci_le_conn_complete_evt+0x187/0x440
[ 1926.510537][T21125]  ? hci_remote_host_features_evt+0x150/0x150
[ 1926.516626][T21125]  hci_event_packet+0x7ba/0x1270
[ 1926.521604][T21125]  ? bis_list+0x290/0x290
[ 1926.525948][T21125]  ? kcov_remote_start+0x2b/0x7e0
[ 1926.531071][T21125]  ? hci_send_to_monitor+0xd7/0x4f0
[ 1926.536277][T21125]  hci_rx_work+0x43a/0xd60
[ 1926.540731][T21125]  ? process_scheduled_works+0x96f/0x15d0
[ 1926.546473][T21125]  process_scheduled_works+0xa5d/0x15d0
[ 1926.552047][T21125]  ? worker_attach_to_pool+0x380/0x380
[ 1926.557546][T21125]  ? assign_work+0x3d2/0x5d0
[ 1926.562259][T21125]  worker_thread+0xa55/0xfc0
[ 1926.566854][T21125]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[ 1926.572855][T21125]  ? _raw_spin_unlock+0x40/0x40
[ 1926.577724][T21125]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[ 1926.583680][T21125]  kthread+0x2fa/0x390
[ 1926.587791][T21125]  ? pr_cont_work+0x560/0x560
[ 1926.592515][T21125]  ? kthread_blkcg+0xd0/0xd0
[ 1926.597419][T21125]  ret_from_fork+0x48/0x80
[ 1926.601938][T21125]  ? kthread_blkcg+0xd0/0xd0
[ 1926.606600][T21125]  ret_from_fork_asm+0x11/0x20
[ 1926.611579][T21125]  </TASK>
[ 1926.622582][T21125] kobject: kobject_add_internal failed for hci2:201 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1926.637083][T21125] Bluetooth: hci2: failed to register connection device
[ 1929.552435][    T8] libceph: connect (1)[c::]:6789 error -101
[ 1929.579808][    T8] libceph: mon0 (1)[c::]:6789 connect error
[ 1930.370420][T21408] ceph: No mds server is up or the cluster is laggy
[ 1930.383721][    T9] libceph: connect (1)[c::]:6789 error -101
[ 1930.389897][    T9] libceph: mon0 (1)[c::]:6789 connect error
[ 1930.433509][    T8] usb 3-1: new high-speed USB device number 116 using dummy_hcd
[ 1930.623461][    T8] usb 3-1: Using ep0 maxpacket: 16
[ 1930.630719][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1930.642482][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1930.691922][    T8] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[ 1930.737921][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1930.763883][    T8] usb 3-1: config 0 descriptor??
[ 1932.803749][T18125] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1933.460429][    T8] usbhid 3-1:0.0: can't add hid device: -71
[ 1933.492422][    T8] usbhid: probe of 3-1:0.0 failed with error -71
[ 1933.566419][    T8] usb 3-1: USB disconnect, device number 116
[ 1976.569378][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1976.575847][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 2038.009016][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 2038.015481][ T1290] ieee802154 phy1 wpan1: encryption failed: -22
[ 2039.633286][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[ 2039.640309][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P16129/1:b..l P15559/1:b..l
[ 2039.650270][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=148725, q=37 ncpus=2)
[ 2039.658048][    C0] task:syz-executor    state:R  running task     stack:20584 pid:15559 ppid:15539  flags:0x00004000
[ 2039.670028][    C0] Call Trace:
[ 2039.673354][    C0]  <TASK>
[ 2039.676345][    C0]  __schedule+0x1553/0x45a0
[ 2039.680933][    C0]  ? asan.module_dtor+0x20/0x20
[ 2039.685845][    C0]  ? preempt_schedule+0xc0/0xd0
[ 2039.690747][    C0]  preempt_schedule_common+0x82/0xc0
[ 2039.696241][    C0]  preempt_schedule+0xc0/0xd0
[ 2039.700947][    C0]  ? schedule_preempt_disabled+0x20/0x20
[ 2039.706615][    C0]  ? __lock_acquire+0x7d40/0x7d40
[ 2039.711685][    C0]  preempt_schedule_thunk+0x1a/0x30
[ 2039.716927][    C0]  _raw_spin_unlock+0x3a/0x40
[ 2039.721645][    C0]  ? copy_page_range+0x2b6f/0x3670
[ 2039.726794][    C0]  copy_page_range+0x2ba0/0x3670
[ 2039.731809][    C0]  ? pfn_valid+0x450/0x450
[ 2039.736270][    C0]  ? copy_mm+0x1232/0x1d80
[ 2039.740717][    C0]  ? __lock_acquire+0x7d40/0x7d40
[ 2039.745777][    C0]  ? mas_empty_area_rev+0x1960/0x1960
[ 2039.751215][    C0]  ? down_write+0x16e/0x200
[ 2039.755933][    C0]  ? up_write+0x1c3/0x410
[ 2039.760373][    C0]  ? anon_vma_interval_tree_verify+0x150/0x150
[ 2039.766656][    C0]  copy_mm+0x1281/0x1d80
[ 2039.770952][    C0]  ? copy_signal+0x680/0x680
[ 2039.775590][    C0]  ? lockdep_init_map_type+0x9c/0x8e0
[ 2039.781013][    C0]  ? __init_rwsem+0x122/0x160
[ 2039.785718][    C0]  ? copy_signal+0x556/0x680
[ 2039.790337][    C0]  copy_process+0x16f7/0x3d80
[ 2039.795063][    C0]  ? copy_process+0x96e/0x3d80
[ 2039.799958][    C0]  ? __pidfd_prepare+0x140/0x140
[ 2039.804939][    C0]  kernel_clone+0x24b/0x8a0
[ 2039.809487][    C0]  ? create_io_thread+0x190/0x190
[ 2039.814561][    C0]  ? __might_fault+0xaa/0x120
[ 2039.819369][    C0]  __x64_sys_clone+0x1b7/0x230
[ 2039.824175][    C0]  ? __ia32_sys_vfork+0x140/0x140
[ 2039.829244][    C0]  ? lock_chain_count+0x20/0x20
[ 2039.834142][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[ 2039.839388][    C0]  do_syscall_64+0x55/0xa0
[ 2039.843835][    C0]  ? clear_bhb_loop+0x40/0x90
[ 2039.848543][    C0]  ? clear_bhb_loop+0x40/0x90
[ 2039.853352][    C0]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 2039.859279][    C0] RIP: 0033:0x7fd1fa7c5852
[ 2039.863807][    C0] RSP: 002b:00007ffe7e0679d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 2039.872519][    C0] RAX: ffffffffffffffda RBX: 00007ffe7e0679d0 RCX: 00007fd1fa7c5852
[ 2039.880541][    C0] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 2039.888573][    C0] RBP: 00007ffe7e067b5c R08: 0000000000000000 R09: 0000000000000001
[ 2039.896576][    C0] R10: 000055555fe677d0 R11: 0000000000000246 R12: 0000000000000001
[ 2039.904576][    C0] R13: 00000000000927c0 R14: 00000000001d8493 R15: 00007ffe7e067bb0
[ 2039.913134][    C0]  </TASK>
[ 2039.916270][    C0] task:kworker/u4:2    state:R  running task     stack:22376 pid:16129 ppid:2      flags:0x00004000
[ 2039.927095][    C0] Workqueue: bat_events batadv_nc_worker
[ 2039.932778][    C0] Call Trace:
[ 2039.936118][    C0]  <TASK>
[ 2039.939145][    C0]  __schedule+0x1553/0x45a0
[ 2039.943810][    C0]  ? asan.module_dtor+0x20/0x20
[ 2039.948690][    C0]  ? mark_lock+0x94/0x320
[ 2039.953058][    C0]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[ 2039.959178][    C0]  ? preempt_schedule_irq+0xb4/0x150
[ 2039.964511][    C0]  preempt_schedule_irq+0xbf/0x150
[ 2039.969654][    C0]  ? preempt_schedule_notrace+0x110/0x110
[ 2039.975414][    C0]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[ 2039.981258][    C0]  irqentry_exit+0x67/0x70
[ 2039.985705][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 2039.991713][    C0] RIP: 0010:__rcu_read_unlock+0xa/0xd0
[ 2039.997213][    C0] Code: 80 e1 07 80 c1 03 38 c1 7c e3 48 89 df e8 0e a7 6d 00 eb d9 66 2e 0f 1f 84 00 00 00 00 00 66 90 f3 0f 1e fa 41 57 41 56 41 55 <41> 54 53 49 bf 00 00 00 00 00 fc ff df 65 48 8b 3d 91 03 92 7e 48
[ 2040.016853][    C0] RSP: 0018:ffffc90003477b40 EFLAGS: 00000293
[ 2040.022952][    C0] RAX: ffffffff8a4dd5c1 RBX: ffff888023cb9fc0 RCX: ffff888029fbda00
[ 2040.030952][    C0] RDX: 0000000000000000 RSI: ffffffff8b1c8fc0 RDI: ffffffff8b1c8f80
[ 2040.038948][    C0] RBP: fffffffffffffe38 R08: dffffc0000000000 R09: 1ffffffff2238ca0
[ 2040.046949][    C0] R10: dffffc0000000000 R11: fffffbfff2238ca1 R12: dffffc0000000000
[ 2040.054944][    C0] R13: ffffffff8a4dd482 R14: ffff88805e3c0c80 R15: 000000000000020f
[ 2040.062950][    C0]  ? batadv_nc_worker+0xd2/0x610
[ 2040.067923][    C0]  ? batadv_nc_worker+0x211/0x610
[ 2040.072983][    C0]  ? batadv_nc_worker+0xd2/0x610
[ 2040.078061][    C0]  batadv_nc_worker+0x282/0x610
[ 2040.082952][    C0]  ? process_scheduled_works+0x96f/0x15d0
[ 2040.088793][    C0]  process_scheduled_works+0xa5d/0x15d0
[ 2040.094494][    C0]  ? worker_attach_to_pool+0x380/0x380
[ 2040.099992][    C0]  ? assign_work+0x3d2/0x5d0
[ 2040.104621][    C0]  worker_thread+0xa55/0xfc0
[ 2040.109424][    C0]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[ 2040.115365][    C0]  ? _raw_spin_unlock+0x40/0x40
[ 2040.120259][    C0]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[ 2040.126226][    C0]  kthread+0x2fa/0x390
[ 2040.130325][    C0]  ? pr_cont_work+0x560/0x560
[ 2040.135039][    C0]  ? kthread_blkcg+0xd0/0xd0
[ 2040.139663][    C0]  ret_from_fork+0x48/0x80
[ 2040.144113][    C0]  ? kthread_blkcg+0xd0/0xd0
[ 2040.148917][    C0]  ret_from_fork_asm+0x11/0x20
[ 2040.153761][    C0]  </TASK>
[ 2040.156808][    C0] rcu: rcu_preempt kthread starved for 10407 jiffies! g148725 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[ 2040.168115][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[ 2040.178215][    C0] rcu: RCU grace-period kthread stack dump:
[ 2040.184130][    C0] task:rcu_preempt     state:R  running task     stack:27528 pid:17    ppid:2      flags:0x00004000
[ 2040.195053][    C0] Call Trace:
[ 2040.198390][    C0]  <TASK>
[ 2040.201361][    C0]  __schedule+0x1553/0x45a0
[ 2040.205946][    C0]  ? asan.module_dtor+0x20/0x20
[ 2040.210931][    C0]  ? enqueue_timer+0x23d/0x550
[ 2040.215731][    C0]  ? __mod_timer+0x984/0xdb0
[ 2040.220378][    C0]  schedule+0xbd/0x170
[ 2040.224591][    C0]  schedule_timeout+0x188/0x2d0
[ 2040.229479][    C0]  ? console_conditional_schedule+0x40/0x40
[ 2040.235404][    C0]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[ 2040.241335][    C0]  ? update_process_times+0x1b0/0x1b0
[ 2040.246752][    C0]  ? prepare_to_swait_event+0x339/0x360
[ 2040.252338][    C0]  rcu_gp_fqs_loop+0x313/0x1590
[ 2040.257241][    C0]  ? dyntick_save_progress_counter+0x2b0/0x2b0
[ 2040.263429][    C0]  ? rcu_gp_init+0x1560/0x1560
[ 2040.268234][    C0]  ? rcu_gp_cleanup+0xb41/0xc90
[ 2040.273130][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2040.278363][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[ 2040.283604][    C0]  rcu_gp_kthread+0x9d/0x3b0
[ 2040.288227][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[ 2040.293375][    C0]  ? __kthread_parkme+0x7a/0x1c0
[ 2040.298344][    C0]  ? __kthread_parkme+0x162/0x1c0
[ 2040.303492][    C0]  kthread+0x2fa/0x390
[ 2040.307778][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[ 2040.312926][    C0]  ? kthread_blkcg+0xd0/0xd0
[ 2040.317551][    C0]  ret_from_fork+0x48/0x80
[ 2040.321999][    C0]  ? kthread_blkcg+0xd0/0xd0
[ 2040.326626][    C0]  ret_from_fork_asm+0x11/0x20
[ 2040.331437][    C0]  </TASK>
[ 2040.334508][    C0] rcu: Stack dump where RCU GP kthread last ran:
[ 2040.340851][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0
[ 2040.347906][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 2040.358082][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x10
[ 2040.363755][    C0] Code: 09 21 02 c3 cc cc cc cc cc cc cc f3 0f 1e fa 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 66 90 0f 00 2d e3 c3 41 00 fb f4 <c3> 66 0f 1f 00 55 41 57 41 56 41 54 53 50 8b 2f eb 2e 41 89 de 80
[ 2040.383389][    C0] RSP: 0018:ffffffff8ce07d80 EFLAGS: 000002c6
[ 2040.389489][    C0] RAX: 0745f7ff5a500c00 RBX: ffffffff8162a8f1 RCX: 0745f7ff5a500c00
[ 2040.397575][    C0] RDX: 0000000000000001 RSI: ffffffff8acac9e0 RDI: ffffffff8b1c8fe0
[ 2040.405573][    C0] RBP: ffffffff8ce07eb8 R08: ffff8880b8e36b2b R09: 1ffff110171c6d65
[ 2040.413743][    C0] R10: dffffc0000000000 R11: ffffed10171c6d66 R12: 1ffffffff19c0fbc
[ 2040.421829][    C0] R13: dffffc0000000000 R14: 1ffffffff19d2688 R15: 0000000000000000
[ 2040.429867][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 2040.439018][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2040.445803][    C0] CR2: 00007f503463509d CR3: 0000000030025000 CR4: 00000000003526f0
[ 2040.453824][    C0] Call Trace:
[ 2040.457136][    C0]  <TASK>
[ 2040.460102][    C0]  default_idle+0x13/0x20
[ 2040.464464][    C0]  default_idle_call+0x6c/0xa0
[ 2040.469265][    C0]  do_idle+0x221/0x590
[ 2040.473463][    C0]  ? idle_inject_timer_fn+0x60/0x60
[ 2040.478877][    C0]  ? do_idle+0x56f/0x590
[ 2040.483345][    C0]  cpu_startup_entry+0x43/0x60
[ 2040.488158][    C0]  rest_init+0x2e2/0x300
[ 2040.492440][    C0]  ? time_init+0x40/0x40
[ 2040.496804][    C0]  arch_call_rest_init+0xe/0x10
[ 2040.501692][    C0]  start_kernel+0x459/0x4e0
[ 2040.506230][    C0]  x86_64_start_reservations+0x2a/0x30
[ 2040.511721][    C0]  x86_64_start_kernel+0x60/0x60
[ 2040.516686][    C0]  secondary_startup_64_no_verify+0x179/0x17b
[ 2040.522801][    C0]  </TASK>