last executing test programs:

29m32.962152667s ago: executing program 4 (id=262):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/pids.max\x00', 0x2, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000000)=0x3)
r2 = getpid()
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r1, 0xc1105517, &(0x7f0000000340)={{0xfffffffe, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x6, 0x2, 0x4, r2, 0x0, 0x0, 'syz1\x00', 0x0})
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc1105518, &(0x7f0000000c40)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x80000, 0xf, 0x80000000000000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x7, 0x0, 0x7, 0x7ff, 0xfffffffe, 0x0, 0x40, 0x0, 0x0, 0x100000001, 0x0, 0xfffffffffffffffc, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2, 0x0, 0x0, 0xfffffffffffffffd, 0x108000000000000, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x80000000000000, 0x0, 0x4, 0x0, 0x0, 0x40, 0xfffffffffffffffc, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffa, 0x0, 0x401, 0x0, 0x8000000000000000, 0x0, 0x0, 0x0, 0x400000000000, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x3f, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x80000000000000, 0xfffffffc, 0x1, 0x8, 0x4, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x4, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0xde4, 0x7, 0x0, 0x100000000]})
futex(0x0, 0x4, 0xffffffbe, 0x0, 0x0, 0x4000001)
syz_clone3(&(0x7f00000000c0)={0x200000400, 0x0, 0x0, 0x0, {0x6}, 0x0, 0x0, 0x0, 0x0, 0x0, {r0}}, 0x58)
close(r1)

29m32.414561353s ago: executing program 4 (id=263):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="010000"])
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@updpolicy={0xc0, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x2}, {}, 0x7}, [@XFRMA_IF_ID={0x8, 0x1f, 0x2}]}, 0xc0}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="b80000001900674c000000000000000000000000000000000000000000000000e000000200000000000000000000000000000000000000000a"], 0xb8}}, 0x0) (fail_nth: 5)

29m31.735519854s ago: executing program 4 (id=264):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @loopback, 0x3}], 0x1c)
sendmsg$inet6(r0, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f00000000c0)="88", 0x1}], 0x1}, 0x4048043)
r2 = dup(r0)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000000)='ip6gretap0\x00', 0x10)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e22, @empty}}, 0x8003, 0xbffc, 0xe652, 0x2, 0x4, 0x8, 0xff}, 0x9c)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0xcea0, 0x80000000, @empty, 0x9}}, 0x6a4b, 0x1, 0xf06, 0x3, 0xb4, 0xff, 0xd}, 0x9c)
pipe2$9p(&(0x7f0000000080)={<r3=>0xffffffffffffffff}, 0x0)
splice(r3, 0x0, r0, 0x0, 0x20000000000002, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e60, 0xeffffff2, @empty, 0x5}}, 0x10001fc, 0x6, 0xffff1896, 0x3, 0x26, 0x8, 0x1a}, 0x9c)

29m31.648303201s ago: executing program 4 (id=265):
pipe2$watch_queue(&(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x80)
syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan0\x00'})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="b80000001900010027bd700000000000e00000020000000000000000000000000000000000000000000000000000000001fe0000000000000a"], 0xb8}}, 0x4004)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r5, 0x4008af00, &(0x7f0000000140)=0x200000000)
write$vhost_msg_v2(r5, &(0x7f0000000980)={0x2, 0x0, {0x0, 0x4b, 0x0, 0x0, 0x2}}, 0x48)
write$vhost_msg_v2(r5, &(0x7f0000002080)={0x2, 0x0, {&(0x7f0000000480)=""/161, 0x98, 0x0, 0x0, 0x2}}, 0x5a)
write$vhost_msg_v2(r5, &(0x7f0000001f00)={0x2, 0x0, {&(0x7f0000000000)=""/119, 0x77, 0x0, 0x1, 0x2}}, 0x48)
write$vhost_msg_v2(r5, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000540)=""/224, 0xe0, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r5, &(0x7f00000003c0)={0x2, 0x0, {&(0x7f00000002c0)=""/119, 0xfca2, 0x0, 0x0, 0x3}}, 0x48)
write$vhost_msg_v2(r5, &(0x7f0000000640)={0x2, 0x0, {&(0x7f0000000340)=""/115, 0x73, &(0x7f0000000240)=""/31, 0x1, 0x1}}, 0x48)
ioctl$SIOCGSTAMPNS(r4, 0x8907, &(0x7f00000006c0))
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
r6 = socket$inet(0x2, 0x3, 0x9)
getsockname$tipc(r0, &(0x7f0000000040)=@id, &(0x7f0000000100)=0x10)
setsockopt$sock_int(r6, 0x1, 0x2e, &(0x7f0000000000)=0x7b, 0x4)
shutdown(r6, 0x0)
recvmmsg(r6, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
ioctl$IOC_WATCH_QUEUE_SET_FILTER(r0, 0x5761, &(0x7f0000000840)=ANY=[@ANYBLOB])
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)

29m30.415690017s ago: executing program 4 (id=271):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x1)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f00000001c0)=ANY=[@ANYBLOB="030000000000000001000000de07000003000000290500000300000002000000ffffffff0000000000000000"])
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x8000}})
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1, 0x42, 0x6, 0x8, 0x0, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=@base={0xc, 0x4, 0x4, 0xfffffd11, 0x0, r4}, 0x50)
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r5=>0x0}, 0x2020)
write$FUSE_INIT(r3, &(0x7f0000004200)={0x50, 0x0, r5, {0x7, 0x29, 0x2, 0x1094001}}, 0x50)
syz_fuse_handle_req(r3, &(0x7f00000042c0)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000feff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000160000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000eeffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e1ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100", 0x2000, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x20, 0x0, 0x0, {0x0, 0x15}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$inet6_IPV6_RTHDR(r6, 0x29, 0x39, &(0x7f0000000000)={0x3c, 0x6, 0x2, 0x1, 0x0, [@empty, @private1={0xfc, 0x1, '\x00', 0x1}, @remote]}, 0x38)
r7 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0xb)
read$FUSE(r7, 0x0, 0x0)

29m29.232762255s ago: executing program 4 (id=272):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="50000000020605000000000000000000000000000c00078008000640000000000500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x50}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)

29m13.741495419s ago: executing program 32 (id=272):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="50000000020605000000000000000000000000000c00078008000640000000000500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x50}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x44, 0x9, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x10040047}, 0x240008c4)

14.582535515s ago: executing program 3 (id=4781):
r0 = socket$key(0xf, 0x3, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x800020, 0x0, 0xffffffffffffffc0, 0x9, 0x8, 0x0, 0x3}, 0x0)
socket$kcm(0x2d, 0x2, 0x0)
gettid()
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e99900000000000000007f000001000000000000000000000000ac1e0001000000000000000000"], 0xb8}}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000012edfffebfa30000000000000703000028feffff620af0fff8ffffff61a4f0ff000000003e04ffffff1800003f000000000000005504000001ed0a002500000017ffffffcc040000000000007b0a00fe000000006e04000000000000c6000000000000009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be3619184e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef70548aed0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9e104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d8582755a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0800000000000000d5f728d236619074d6ebdf098bc908f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f1300010000949b3aab06b1e042ff2164d80c8ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fc8706869ada11390d4dbcf840fa68e7d7071b53ac29df826f8ae6d6e18c1e0600bf870768d5217e9bb5a05d9e224e67f1231bd236ed200073824d93c4e1a0f50a74bb4850486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e98931485747292c6fe6e188750cf4f87cce2aa7d67c7133a9f05954cde298a35ea6d715ba80aee6330000000000000000000000000000000000004000000000000000038600008fb854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc144344e2d461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5eda5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8265e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87ddbd239e4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cafffe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb66701f4578ba4cb9b706e605a88c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f6a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f80893220800c523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f626483632a2ab547f88dd6efec73a0271a19ca3aa860aa4dcaeeb9bd91a0cb429efae2a5fcc08b3a572969bbe917d1767e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a348638384cd12e61dbde5c47056f0a20b4e2a2328d5db5cf026657a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda466d04774b53208ad8b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2cccb15b5d7d3e37e8b7d28921c4b9280979521173f322df408d9818b6cc400090300000021911480a876fbba698801937e8b4264eb6f5137bdaa075f1488d22230592a79000000000000000000000000000000000000000000110000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7cd4d5cb9076b81b7741ec03877afb5237ea1694addebc14c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399f055f2fa278783f26d0a52aefb0a5ef0b41e14a6fe6ba306206670b84894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014f38fee012365f963b2a85e7d8075c333475b9f0284405e3127dde7e41285fbe0bdd370c06c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe9c3500800000087de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c796369f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a8f01bc4b73cc31df5aa29f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21c24fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696eb3f4b642f36c9006c0067e24a64aa8c53dd824a3c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d68000000000099347593f67da85d1c962bfb320d1553a74ec3bf003ba62b1784dbf0168a7e85f28b77bdebce96bf386a6dd5df162a16f2b7e8a4de0ffc464a87f91f81866d2ef0af71ebb07a739c3cb1b7000000000000"], &(0x7f00000001c0)='GPL\x00'}, 0x48)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000780)=ANY=[@ANYBLOB="02030003100000002cbd7000fcdbdf2502000900080000000a0000000000000005000600000000000a000000000000000000000000001c000000000000000001020000000000000002000100000000000400000c0000000005000500000000000a00000000000000000000000000000000000000000000010700000000000000"], 0x80}, 0x1, 0x7}, 0x14)

11.426478375s ago: executing program 3 (id=4789):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x8, 0x1, 0x40000733}, &(0x7f00000006c0)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
unshare(0x22020600)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x0, 0x0, r0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=@l2={0x1f, 0xfbff, @any, 0x5f3, 0x2}, 0x80, 0x0, 0x0, &(0x7f0000002d80)=ANY=[], 0x1460}, 0x0, 0x40c4, 0x1})
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, &(0x7f0000000040)=0x1, 0x4)
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0)

10.466472457s ago: executing program 1 (id=4792):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000795d6c08450c3a616dc4010203010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000400)={0x2c, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0})
kcmp(0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r3, 0xc0a85320, &(0x7f0000000180)={{0x80}, 'port0\x00', 0x7e, 0xa1c07, 0x6, 0x0, 0x100000})
epoll_create(0x101)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x18557f, 0x0)
socket$inet(0x2, 0x2, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r5, 0xc0d05640, &(0x7f00000001c0)={0x2, @pix={0x0, 0x0, 0x34565559, 0x0, 0x2000000, 0x0, 0x25, 0xfffffffd}})
ioctl$KDDISABIO(0xffffffffffffffff, 0x4b37)
sendmsg$nl_xfrm(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000002280)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001200050100000000fedb0300000000000000000028001a00ffffff"], 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x20040810)
syz_open_dev$usbfs(0x0, 0x75, 0x40082)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(0xffffffffffffffff, 0x7a5, &(0x7f0000000300)={{@host, 0xd}, 0x1})
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000200)='net/ipv6_route\x00')
read$FUSE(r6, &(0x7f0000000240)={0x2020}, 0x2020)
pread64(r6, &(0x7f000001a240)=""/102400, 0x19000, 0x100008)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)

10.252192307s ago: executing program 3 (id=4794):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000140)={0x0, @hci={0x1f, 0x2, 0x3}, @sco, @in={0x2, 0x4e23, @loopback}, 0x2, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='veth0_to_bridge\x00', 0x1, 0x8, 0x4})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_open_dev$dri(0x0, 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, &(0x7f0000000280)={0x3, 0x0, 0x1, 0xffff, 0xa, 0x1ff, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(0xffffffffffffffff, 0xc02464bb, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a00000000000000", @ANYRES32=r5, @ANYBLOB="06001500070000000c001680080001", @ANYRES64=r4], 0x38}, 0x1, 0x0, 0x300}, 0x10)
ioctl$FS_IOC_RESVSP(r3, 0x40305839, 0x0)
arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x1)

6.825163748s ago: executing program 2 (id=4803):
ioctl$NBD_SET_SIZE(0xffffffffffffffff, 0xab02, 0x1)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_FLAG_CMD(0xffffffffffffffff, 0x8982, &(0x7f0000000000)={0x7, 'geneve0\x00', {0x6}, 0x2})
r0 = userfaultfd(0x801)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffb000/0x3000)=nil, 0x3000}, 0x4})
r1 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VIDIOC_G_CTRL(r1, 0xc008561b, &(0x7f00000000c0)={0x6, 0x24368e42})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWFLOWTABLE={0x20, 0x16, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x48}, 0x1, 0x0, 0x0, 0x44040}, 0x40000)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000300)={&(0x7f0000000280)={0x5c, 0x2, 0x3, 0x801, 0x0, 0x0, {0xa, 0x0, 0x8}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x3, 0x2}}, @NFQA_CFG_PARAMS={0x9, 0x2, {0x7fff, 0x1}}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x1}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x2c}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x3c}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x3}, @NFQA_CFG_QUEUE_MAXLEN={0x8, 0x3, 0x1, 0x0, 0x94a}, @NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x10}]}, 0x5c}, 0x1, 0x0, 0x0, 0x400008c}, 0x0)
r2 = syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000480)={0x0, &(0x7f0000000380)=[@cpuid={0x14, 0x18, {0x9, 0x46}}, @wr_crn={0x46, 0x20, {0x4, 0x9}}, @in_dx={0x82, 0x20, {0xb4ae, 0x5}}, @wr_drn={0x6e, 0x20, {0x5}}, @out_dx={0xaa, 0x28, {0x6bac, 0x7, 0xe356}}, @rdmsr={0x32, 0x18, {0x3b3}}, @cpuid={0x14, 0x18, {0x4, 0x200}}, @wrmsr={0x1e, 0x20, {0x82f, 0x4}}], 0xf0})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f00000004c0)={"5ffed5161802f00ef8702f9e01545c08", <r3=>0x0, 0x0, {0x5}, {0x7, 0x1}, 0x6, [0x6, 0x80, 0x8, 0x2, 0x1, 0x6, 0x3ff00000, 0x18f67dcc, 0xffff, 0x4, 0x4, 0x16b0, 0x5, 0x4, 0x52a86807, 0x1]})
ioctl$BTRFS_IOC_SNAP_DESTROY_V2(r1, 0x5000943f, &(0x7f0000000680)={{r2}, r3, 0x0, @inherit={0x88, &(0x7f00000005c0)={0x1, 0x8, 0x8, 0x400, {0x0, 0x4, 0x5, 0x0, 0x9}, [0x6, 0xffffffff, 0x2, 0x0, 0x0, 0x8000, 0x5, 0x6]}}, @subvolid=0x6})
r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x14)
ioctl$KVM_CLEAR_DIRTY_LOG(r4, 0xc018aec0, &(0x7f0000001a80)={0x4, 0x400, 0x2c0, &(0x7f0000001680)=[0x5, 0xffff, 0x3, 0x6, 0x2, 0x2, 0x1, 0x6, 0x5, 0xfd7, 0x0, 0x21a68a6, 0x4, 0x6, 0x43, 0x9, 0x80000000, 0x8000000000000001, 0x7, 0x8, 0x3, 0x7, 0xffff, 0xfffffffffffffffd, 0x2, 0x415074fc, 0x5, 0x100000001, 0x3, 0x6, 0x2, 0x1, 0x5, 0x8, 0x2, 0x800, 0x2, 0x5, 0xffffffffffffffff, 0x0, 0x2, 0xfffffffffffffffd, 0x4, 0x8, 0x1, 0x4, 0x3, 0x4, 0x7, 0xd, 0x7, 0x7fff, 0x7, 0xffffffffffff5fd1, 0x7, 0x100000001, 0xfffffffffffffffc, 0x1, 0x2, 0x6, 0xf, 0x7, 0xd, 0x7, 0x5, 0x0, 0x7, 0x80000001, 0x8, 0x80000001, 0x5, 0xd, 0x4, 0x800, 0x101, 0x101, 0x7, 0x0, 0x9, 0xfff, 0x1, 0x0, 0x6, 0x4, 0x7, 0x8, 0x1, 0x4, 0x3, 0x17d, 0xffffffff7fffffff, 0x5, 0x8, 0x8, 0xff, 0x3, 0xa7, 0xa586, 0x5, 0x1, 0xfffffffffffffff9, 0x6570, 0x8000000000000001, 0x2, 0x5, 0x81, 0x2, 0xb, 0x3, 0x2, 0x8000000000000001, 0x7fffffffffffffff, 0x5, 0x3, 0xc3, 0x7, 0xd, 0xffffffffffffff1e, 0x5, 0x8, 0x4, 0x6, 0x8259, 0x8000000000000000, 0x4fca3de1, 0x0, 0x7, 0x1]})
syz_open_dev$video4linux(&(0x7f0000001ac0), 0x8, 0x10000)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TYPE(r5, &(0x7f0000001bc0)={&(0x7f0000001b00)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000001b80)={&(0x7f0000001b40)={0x38, 0xd, 0x6, 0x101, 0x0, 0x0, {0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}]}, 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x10)
ioctl$F2FS_IOC_SET_COMPRESS_OPTION(r0, 0x4002f516, &(0x7f0000001c00)={0xc2, 0x7e})
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000001c40), 0x2, 0x0)
mlock2(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, &(0x7f0000001f40)={0x0, 0x0, &(0x7f0000001f00)={&(0x7f0000001c80)={0x2, 0xe, 0x9, 0x7, 0x4f, 0x0, 0x70bd28, 0x25dfdbff, [@sadb_key={0xc, 0x0, 0x2a0, 0x0, "05204b4d36ecfad20f7cd51b3f773cb7682e393900a755bf5d793c48bce7ea32982ed0ccd001354020a527c2d15460ba558f7c61556d3276cb672e6476d872361d787997e4e1aced805fdf2ac7b3a6b1afbfab01"}, @sadb_x_kmaddress={0x7, 0x19, 0x0, @in={0x2, 0x4e23, @multicast1}, @in6={0xa, 0x4e21, 0x10001, @dev={0xfe, 0x80, '\x00', 0x44}, 0x9}}, @sadb_x_kmaddress={0x5, 0x19, 0x0, @in={0x2, 0x4e22, @empty}, @in={0x2, 0x4e21, @loopback}}, @sadb_address={0x3, 0x5, 0x3c, 0x0, 0x0, @in={0x2, 0x4e20, @multicast2}}, @sadb_spirange={0x2, 0x10, 0x4d5, 0x4d2}, @sadb_x_nat_t_type={0x1}, @sadb_key={0xd, 0x9, 0x2e8, 0x0, "d0d6f6d8cef24575c86db560062de50f30afd68b069fafa1eb961ca254bcbab60debe24bbb204301bd1d65da8f3243e7bb6c9e0abf713d9437dd7be9ae01651bc8b99585e092d10f641eaa483f5c044b00572a4942230897885371d49b"}, @sadb_ident={0x2, 0xa, 0x7ff, 0x0, 0x7ff}, @sadb_key={0x20, 0x9, 0x7b0, 0x0, "bc86d7a09950f90f972425d72b69120ea8cfb9649eabe6762cb607a9c0e7c7fc4d5604a9e14357e2b6325bbd600a8653266280069dcfb1b50a2c7b8acf1165a553d1d06fb7073abdd8565e3b0a29ddb5e1e3008a9bf338398499adafbaeea3fbdcf8427af62b0ab2206d4f72f5a7f770a59205ebef0cc63909b2e77b1ca4ac2939b34672c742234c1b3673f3eb4ca684b62af8b943d053a27a9a0566b56093ffe9edc7fec21e8716ddf9e44a1a57fec4440353fefefffd82cb907405d764790674a570911257c4490edb34cc4cda850c2ac9a185a703e53b94c4db384efc4d93f33640eb6ec571978a503a0243c4237c23e41f65e1bc"}]}, 0x278}}, 0x40)
r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000001fc0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_LINKS(0xffffffffffffffff, &(0x7f0000002080)={&(0x7f0000001f80)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000002040)={&(0x7f0000002000)={0x24, r7, 0x100, 0x70bd27, 0x25dfdbff, {{}, {}, {0x8, 0x11, 0x6}}, ["", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x24010000}, 0x4850)
ioctl$sock_inet_SIOCSIFDSTADDR(r6, 0x8918, &(0x7f00000020c0)={'virt_wifi0\x00', {0x2, 0x4e23, @remote}})
r8 = syz_open_dev$audion(&(0x7f0000002100), 0x10000, 0x202001)
io_uring_enter(r8, 0x1ed7, 0x9e5c, 0x4, &(0x7f0000002140)={[0x7]}, 0x8)
sendmsg$can_j1939(r8, &(0x7f0000002280)={0x0, 0x0, &(0x7f0000002240)={&(0x7f0000002180)="87108f919d22d15edb1c0f164d15b84541c2a9eb69fed3d99a92e6e2d604e114ec470af1102ea66f3744272123ff21d9a062e05f1c0105498b2a8be55c2d20ff5a09247bda572311f49e8c1e500f9f5f2af4011a7b3476fea2679e6113c78b559dbf9aea8b44b8eb6c6e0e24c2e6d28f91cea335cf6bff68cc6804f2ee01eea7d9d0baa9eb6755494ed3609d96342eccc35988f5fe6b914c4453272e98f070ff1809e100462775e7fbcdd520", 0xac}, 0x1, 0x0, 0x0, 0x48085}, 0x10)
fsopen(&(0x7f00000022c0)='affs\x00', 0x1)
madvise(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x49)
ioctl$sock_inet6_tcp_SIOCOUTQ(r8, 0x5411, &(0x7f0000002300))

6.754625273s ago: executing program 3 (id=4804):
memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4ea6, 0x2, @dev={0xfe, 0x80, '\x00', 0x18}, 0xffff8003}, 0x1c)
syz_usb_connect(0x3, 0x8c6, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201500236e47e2082055c2955d4010203010902b408048006a00309047f0e01ff2dde700a24010100800201020824050503"], &(0x7f0000000080)={0x0, 0x0, 0xffffffffffffff5f, 0x0})

6.60962752s ago: executing program 2 (id=4805):
capset(&(0x7f0000000380)={0x20071026}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x0, 0x9})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0x0, r0}, 0x68)
r1 = syz_usb_connect(0x2, 0x239, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e388d640697a01006ba8010203010902270201020010"], 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010003296fb6082290d488ff01f46032b9ce841aab8c8dda88917502030109021200012295008109041e800056a7f602"], 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
ioctl$I2C_SMBUS(r2, 0x720, &(0x7f0000000700)={0x1, 0x40, 0x3, &(0x7f00000006c0)={0x6, "0fd62f5244b23de763cfb137449ccf18ea4ee9f23bc4e6acba8d11e8daa6c4ee99"}})

5.966522772s ago: executing program 5 (id=4807):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000000c0)={@mcast1, 0x800, 0x0, 0x103, 0x1}, 0x20)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r1, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
r2 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r2, &(0x7f0000000040)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r2, &(0x7f0000000180)={&(0x7f0000000340)={0x2, 0x0, @remote}, 0x10, 0x0, 0x0, &(0x7f0000000280)=[@rdma_args={0x48, 0x114, 0x1, {{0x9, 0xb2}, {0x0}, &(0x7f0000000940)=[{&(0x7f0000000600)=""/194, 0xc2}], 0x1, 0x6, 0xe}}], 0x48}, 0x0)
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x8, &(0x7f00000000c0)=ANY=[])

5.757219477s ago: executing program 1 (id=4808):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=ANY=[@ANYBLOB="4c00000002060108000034e40000000000000000050001000600000005000400000000000900020073797a3100000080050005000200000011000300686173"], 0x4c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="50000000090601020000000000000000020000840900020073797a31000000000500010007000000280007800c00018008000140fffffff70500070084000000060004404e22000006000540"], 0x50}, 0x1, 0x0, 0x0, 0x10000082}, 0x90)

5.71639971s ago: executing program 2 (id=4809):
r0 = creat(&(0x7f0000000580)='./bus\x00', 0x0)
close(r0)
rename(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file1\x00')
mknod$loop(&(0x7f0000000140)='./bus\x00', 0xc000, 0x1)
syz_open_dev$sg(&(0x7f00000001c0), 0x9, 0x20)
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0x1000)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x90)
renameat2(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file7\x00', 0x0)
cachestat(r0, &(0x7f0000000200)={0x0, 0xfffffffffffff000}, &(0x7f0000000240), 0x0)

5.482525191s ago: executing program 2 (id=4810):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000140)={'syztnl1\x00', &(0x7f0000000400)={'gretap0\x00', <r3=>0x0, 0x8, 0x20, 0x4, 0xcffc, {{0x26, 0x4, 0x3, 0x3d, 0x98, 0x68, 0x0, 0x7, 0x4, 0x0, @empty, @loopback, {[@lsrr={0x83, 0x1f, 0x6a, [@remote, @dev={0xac, 0x14, 0x14, 0x33}, @broadcast, @private=0xa010100, @multicast1, @dev={0xac, 0x14, 0x14, 0x1d}, @multicast1]}, @noop, @end, @lsrr={0x83, 0x17, 0xa9, [@private=0xa010101, @empty, @empty, @dev={0xac, 0x14, 0x14, 0xb}, @local]}, @cipso={0x86, 0x49, 0x2, [{0x6, 0x9, "0eb49e11d45e7d"}, {0x1, 0x6, "83c26460"}, {0x5, 0x10, "bd2118f6fa68c3a7c64c9c1a9ade"}, {0x6, 0xa, "33a3f3025f4d58d3"}, {0x0, 0x9, "59a5278af8240a"}, {0x2, 0x7, "ac2f1ec5e2"}, {0x2, 0xa, "ef662db292df595e"}]}]}}}}})
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)=@deltfilter={0x3c, 0x2d, 0x4, 0x70bd2c, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xffe0, 0xb}, {0x4, 0x7}, {0x9, 0x2}}, [@TCA_CHAIN={0x8, 0xb, 0x2}, @TCA_RATE={0x6, 0x5, {0x5, 0x6}}, @TCA_RATE={0x6, 0x5, {0x0, 0xff}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000801}, 0x1) (async)
sendto$inet(r1, 0x0, 0x0, 0x200007f9, &(0x7f0000e68000)={0x2, 0x4e26, @loopback}, 0x0) (async)
r4 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x1000, 0x2000, &(0x7f0000ffb000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0) (async)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000380)="48b842680000000000000f23c00f21f835010005000f23f866ac430f3066baf80cb851b3c68eef66bafc0cec48b800000000000000000f23c80f21f8350800c0000f23f8b95f0800000f32c4217d118e9800000044e700b9800000c00f3235010000000f30b9bd090000b80c000000ba000000000f30", 0x76}], 0x1, 0x11, 0x0, 0x0) (async)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (async)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="1400000010000188918eaee72cf2d7000000000a20000000000a01010000000000000000010000e40800010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a31000000002c0000001c0a01040000000000000000010000070c00024000000000000000010900010073797a30"], 0xa0}, 0x1, 0x0, 0x0, 0x8040}, 0x0)

5.376902586s ago: executing program 1 (id=4811):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="010000"])
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0xc, 0xb, &(0x7f00000000c0)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
sendmsg$nl_xfrm(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@updpolicy={0xc0, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x0, 0x0, 0x2}, {}, 0x7}, [@XFRMA_IF_ID={0x8, 0x1f, 0x2}]}, 0xc0}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="b80000001900674c000000000000000000000000000000000000000000000000e000000200000080ff0000000000000000000000000000000a"], 0xb8}}, 0x0)

5.181818901s ago: executing program 2 (id=4812):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000240)={0x1, &(0x7f0000000200)=[{0x6, 0xff, 0x7, 0x7fc00002}]})
socket$inet(0x10, 0x3, 0x0)
select(0x40, &(0x7f0000000240)={0x3, 0x5, 0xb96, 0x1, 0x1, 0x9, 0x6, 0x400}, 0x0, &(0x7f0000000340)={0xa, 0x2536, 0xffffffffffff0001, 0x9, 0x1, 0x29e, 0x10000, 0x8}, &(0x7f0000000380)={0x0, 0x2710})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x26, 0x101020)
r4 = dup2(0xffffffffffffffff, r0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(r3, 0xc01064c2, &(0x7f0000000280)={0x0, 0x0, r4})
ioctl$TUNSETIFF(r2, 0x400454ca, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, 0x0, 0x20008040)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = syz_io_uring_setup(0x1104, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x2, 0x8000021e}, &(0x7f00000001c0)=<r8=>0x0, &(0x7f0000000040)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000380)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x0, 0x0, 0x7, 0x0, 0x0, 0x200, 0x0, 0x1})
io_uring_enter(r7, 0x47fa, 0x0, 0x0, 0x0, 0x0)
r10 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r10, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000010900010073797a310000000048000000030a0101000000000000000001000000090003001e007a3200000000080007006e6174000900010073797a310000000014000480080002407c40280f080001400000000028000000000a05000000000000000000010000080900010073797a3100000000080002"], 0xb8}, 0x1, 0x0, 0x0, 0x20004000}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b000000070000000100010009"], 0x48)
r11 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_MSFILTER(r11, 0x29, 0x30, &(0x7f0000000240)=ANY=[], 0x310)
syz_io_uring_submit(r8, r9, &(0x7f00000001c0)=@IORING_OP_RECVMSG={0xa, 0x20, 0x2, r5, 0x0, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x0, 0x0, 0x1})
syz_usb_connect$uac1(0x0, 0xb1, &(0x7f00000003c0)=ANY=[], 0x0)
sendmsg$inet(r6, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x90)

5.054708936s ago: executing program 1 (id=4813):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000000c0)=@file={0x0, './bus\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, 0x0)
syz_open_dev$sndpcmp(0x0, 0x0, 0xa2c65)
fsopen(&(0x7f0000000080)='gfs2\x00', 0x0)

4.63415298s ago: executing program 3 (id=4815):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCDELRT(r0, 0x890c, &(0x7f0000000140)={0x0, @hci={0x1f, 0x2, 0x3}, @sco, @in={0x2, 0x4e23, @loopback}, 0x2, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)='veth0_to_bridge\x00', 0x1, 0x8, 0x4})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_open_dev$dri(0x0, 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CURSOR(r2, 0xc01c64a3, &(0x7f0000000280)={0x3, 0x0, 0x1, 0xffff, 0xa, 0x1ff, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(0xffffffffffffffff, 0xc02464bb, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
munlock(&(0x7f0000ffc000/0x4000)=nil, 0x4000)
arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a00000000000000", @ANYRES32=r5, @ANYBLOB="06001500070000000c001680080001", @ANYRES64=r4], 0x38}, 0x1, 0x0, 0xb00}, 0x10)
ioctl$FS_IOC_RESVSP(r3, 0x40305839, 0x0)
arch_prctl$ARCH_SHSTK_DISABLE(0x5002, 0x1)

4.226702452s ago: executing program 5 (id=4816):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4c030000160001000000000000000000fc010000000000000000000000000000fe88000000000000000000000000000100"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141400000000000000000000000000000000006c000000ac14140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000254000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000025bd7000000000000000000000000000000000000300000006"], 0x34c}}, 0x0)

3.844570717s ago: executing program 5 (id=4817):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001600), 0x20000, 0x0)
ioctl$TCSBRKP(r0, 0x5425, 0xffffffffffffffff)
ioctl$TCXONC(r0, 0x540a, 0x3)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x20, r2, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0xc, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x20}}, 0x0)
ioctl$TCSETSW2(r0, 0x5425, 0x0)

3.262566172s ago: executing program 0 (id=4819):
capset(&(0x7f0000000380)={0x20071026}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x0, 0x9})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000000c0)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0x0, r0}, 0x68)
r1 = syz_usb_connect(0x2, 0x239, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e388d640697a01006ba8010203010902270201020010"], 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010003296fb6082290d488ff01f46032b9ce841aab8c8dda88917502030109021200012295008109041e800056a7f602"], 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
ioctl$I2C_SMBUS(r2, 0x720, &(0x7f0000000700)={0x1, 0x40, 0x3, &(0x7f00000006c0)={0x6, "0fd62f5244b23de763cfb137449ccf18ea4ee9f23bc4e6acba8d11e8daa6c4ee99"}})

3.066965302s ago: executing program 1 (id=4820):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x20500, 0x0)
ioctl$SOUND_MIXER_READ_CAPS(r2, 0x80044dfc, &(0x7f0000004f00))
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000000040)=@assoc_value={0x0, 0x6}, &(0x7f0000000180)=0x8)
r4 = fsopen(&(0x7f0000000040)='proc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)

2.688291197s ago: executing program 5 (id=4821):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0xa0703, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xfffffffffffffffe)
sendto$inet(0xffffffffffffffff, &(0x7f00000000c0)="8689d46205a34100ff2bbe11a5ce7879edaf02afe39ead95913e9c4f8cf31440006769ebdf12cfacae8e8c03f5db079da7d9", 0x32, 0x20000000, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=ANY=[@ANYBLOB="9fa000001a0007000200000000000000000000010001e0800089000000000000010058"], 0xec}}, 0x0)
r2 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r2, 0x0)
landlock_restrict_self(r2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1ca)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0xa3a38461eca12bcd, &(0x7f0000000180)=ANY=[])
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000200)={0x0, 0x0, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r3 = socket$kcm(0x11, 0x3, 0x300)
setsockopt$sock_attach_bpf(r3, 0x1, 0x28, &(0x7f0000000040), 0x4)
socket$netlink(0x10, 0x3, 0x12)
writev(r1, &(0x7f0000000140)=[{&(0x7f0000000440)='X\x00\x00', 0x3}], 0x1000000000000056)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = epoll_create1(0x0)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x20040, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r5, 0x1, r6, &(0x7f0000000140)={0x20000000})
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000100)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r4, 0x3ba0, &(0x7f0000000540)={0x48, 0x1, r7, 0x0, 0x2, 0x100006dd})
ioctl$IOMMU_IOAS_MAP$PAGES(r4, 0x3b85, &(0x7f00000000c0)={0x28, 0x3, r7, 0x0, &(0x7f00005c6000/0x2000)=nil, 0x2000, 0x9})
socket$kcm(0x1e, 0x1, 0x0)
r8 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r8, 0x10e, 0xc, &(0x7f0000000040)={0x802}, 0x10)
sendmsg$nl_generic(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=ANY=[@ANYBLOB="20000000520001000000000000000000020000000c00", @ANYRES16=r8], 0x20}}, 0x0)

2.482843833s ago: executing program 0 (id=4822):
syz_emit_ethernet(0xfdef, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffffbbbbbbbbbbbb86dd603cf72f4496880020010000000000000000000000000002fe8000000000000000000000000000aa000000", @ANYRES32=0x41424344], 0x0)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040), 0x1000, 0x0)
ioctl$AUTOFS_DEV_IOCTL_READY(r1, 0xc0189376, &(0x7f0000000080)={{0x1, 0x1, 0x18, r0, {0x3}}, './file0\x00'})
syz_open_dev$sndmidi(&(0x7f00000000c0), 0x1, 0x400) (async)
syz_open_dev$sndmidi(&(0x7f00000000c0), 0x1, 0x400)

2.284493501s ago: executing program 5 (id=4823):
creat(&(0x7f0000000580)='./bus\x00', 0x0)
rename(&(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='./file1\x00')
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0x1000)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file7\x00', 0xffffff8c)

2.273951289s ago: executing program 0 (id=4824):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000a80))
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0xc, 0x0, &(0x7f0000001440)=[@register_looper, @acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000480)={0x20, 0x0, &(0x7f00000004c0)=[@request_death, @clear_death], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x400}], 0x50, 0x0, &(0x7f0000000280)="5bd18a5875134dbd726f88d146a21ad5908b4f17120f991b57df2a6713d4b9d0b8a160f022ddc0d7f8a370f256933bb0905b15515f9cc26fe04818077bced251e2649142b091e2d1514972fcf12cf169"})
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x1})
ioctl$TUNSETLINK(r0, 0x400454cd, 0x324)

2.030568589s ago: executing program 5 (id=4825):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = syz_open_dev$ndb(&(0x7f0000003b80), 0x0, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x8, 0x8001, 0x0, 0x800, 0xfffffffffffff800, 0xfffffe0000000001, 0x10, 0xffffffff}, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x4, 0x0, 0x13f, 0x1}}, 0x20)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r5, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000280)={0x4c, r4, 0x1, 0x0, 0x0, {0x3d}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xffffffffffffffc8, 0x82}, {0x5, 0x87}}]}, 0x4c}}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
r6 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000001080)={0x3, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="1808000000000005000000000000000018120000", @ANYRES32=r6, @ANYBLOB="0000000000000000b703000000000000850000000c000000b70000002000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000003bc0)={'\x00', 0xbe4f, 0x0, 0x7, 0x9, 0x75})
sendmsg$nl_route(r0, 0x0, 0x24040040)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000000), 0x200000, 0x0)
openat$vimc1(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
syncfs(r7)
syz_usb_connect(0x0, 0x51, &(0x7f0000000380)=ANY=[@ANYBLOB="12010000cc2e3f2063072110c08e0000000109023f0001000000000904880005ffb717000905adda0000020154090501000004007f070905020c200009027e09050f042000410f04090505"], 0x0)
r8 = fsopen(&(0x7f0000000400)='romfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcf\xcb\x92\xf1\x83\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
fsconfig$FSCONFIG_SET_STRING(r8, 0x1, &(0x7f0000000080)='source', &(0x7f0000000240)='//\xf2/\x06\b\xa30\\o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas\x9d\x14\xe3\v\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7Gl\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
syz_usb_connect(0x0, 0x56, &(0x7f00000000c0)=ANY=[@ANYRES64, @ANYRESOCT], 0x0)
r9 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r9, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4)

2.020480327s ago: executing program 0 (id=4826):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x101100, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = memfd_secret(0x0)
ioctl$IOC_WATCH_QUEUE_SET_SIZE(r2, 0x5760, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x40}, 0x4000884)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r3, &(0x7f0000000140)='^', 0x34000, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10)
listen(r3, 0xda90)
r4 = accept4(r3, 0x0, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f00000000c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
setsockopt$inet_sctp_SCTP_RTOINFO(r4, 0x84, 0x0, &(0x7f00000000c0)={0x0, 0x5, 0x2, 0x6}, 0x10)
setsockopt$inet6_tcp_int(r1, 0x6, 0x1, &(0x7f0000000000)=0x6, 0x3d)
r6 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x8800, 0x0)
fcntl$setstatus(r6, 0x4, 0x46800)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "07f8ffffff00e7ff", "26ef0f0d7f4fcf00fd4ef2dece6c7c58", "ee00", "23025600"}, 0x28)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
preadv2(r7, &(0x7f0000000340)=[{&(0x7f0000000380)=""/258, 0x102}], 0x1, 0x8, 0x0, 0x31)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000280)=@gcm_128={{0x303}, "200f9e97c6d90567", "7a8f64048fa52efbc6aca8fd4efb5c5e", "70c2d9d6", "19e30f22dc387512"}, 0x28)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0x100})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000000)='kfree\x00'}, 0x18)
r8 = epoll_create1(0x0)
write$rfkill(r2, &(0x7f0000000180)={0xd, 0x1, 0x2, 0x1, 0x1}, 0x8)
ioctl$FS_IOC_SETFLAGS(r8, 0x40088a01, &(0x7f0000000000)=0x200)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r9, 0x0, 0x482, &(0x7f0000000040)={0x100000000, @multicast2, 0x0, 0x0, 'wrr\x00', 0x13, 0x84, 0x47}, 0x2c)

1.414391185s ago: executing program 3 (id=4827):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'wg2\x00'})
syz_usb_connect(0x0, 0x51, &(0x7f0000000000)=ANY=[@ANYBLOB="120101024cf1c50863070210845f0102030109023f0001000000000904000005ff87e7000905ee63dd0000000009050300000000000009050cf2010002060209050f000000400000090507c6"], &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x181c82, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x218, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f"], 0x0)
r3 = socket(0xa, 0x3, 0x87)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'bond0\x00', <r4=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000000)={@dev={0xfe, 0x80, '\x00', 0x2f}, 0x40, r4})
ioctl$sock_inet6_tcp_SIOCINQ(r3, 0x8936, &(0x7f0000000000))
r5 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r3, &(0x7f0000000300)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x1c, r5, 0x100, 0x70bd25, 0x25dfdbfc, {}, ["", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004084}, 0x20000000)
r6 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x600)
ioctl$CEC_ADAP_S_LOG_ADDRS(r6, 0xc05c6104, &(0x7f0000000200)={"bff600fe", 0x7, 0x1, 0x0, 0xff, 0x6, "aaa476daabe861b29c8071125e2e42", "5c5febfe", "08b400ab", "00000010", ["06f79b50c9f7327483e71098", "1d9a08e29107afa6e6cb4622", "9058deefd47aaf9ddfc38bfe", "3629c5294708a2cc459f4966"]})
r7 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x1c0002, 0x0)
timer_create(0x3, 0x0, &(0x7f0000044000))
timer_settime(0x0, 0x236bd4336e4642df, &(0x7f0000000300)={{0x0, 0x1}, {0x0, 0xe4c}}, 0x0)
timer_settime(0x0, 0xffffffffffffffff, &(0x7f0000000080)={{}, {0x0, 0x9}}, 0x0)
write$vga_arbiter(r7, &(0x7f0000000200)=ANY=[], 0x14)
syz_usb_disconnect(0xffffffffffffffff)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x22, &(0x7f0000000080)=0x1, 0x4)
bind$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x4e20, 0xf, @empty, 0x5}, 0x1c)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000140)=[{{&(0x7f0000000440)={0xa, 0x4e20, 0x2, @empty, 0x6}, 0x1c, 0x0}}], 0x1, 0x20080058)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r8, 0xffffffffffffffff, 0x0)

1.094950555s ago: executing program 2 (id=4828):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_open_dev$video4linux(&(0x7f0000000000), 0xff, 0x2001)
ioctl$VIDIOC_TRY_DECODER_CMD(r2, 0xc038563b, &(0x7f0000000080)={0x0, 0x2, @start={0x80000001}})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r3, 0x107, 0x18, &(0x7f0000000100)=0xc, 0x4)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'gretap0\x00', <r4=>0x0})
sendto$packet(r3, &(0x7f0000000180)="0b0368002e0064000200475400f6a13bb1000000086086dd6558", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r4}, 0x14)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$int_in(r5, 0x5452, &(0x7f0000000080)=0x7fff)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000c80)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, r8, {0x0, 0xffe0}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x3, 0x1, 0x1}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x51}, 0x20040000)
r9 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r9, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix_mp={0x70a, 0x183e, 0x30314142, 0x6, 0x1, [{0x8c, 0xf}, {0x4, 0x5}, {0x5, 0x5}, {0x400, 0x7fff}, {0x7fffffff, 0xffffff78}, {0x5, 0xfdfd}, {0xfffffffb, 0x10}, {0xffff, 0x1f}], 0x9, 0x2, 0x2, 0x2, 0x6}})
r10 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r11, 0x8933, &(0x7f0000000000)={'geneve1\x00', <r12=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x3c, 0x24, 0xd0f, 0x70bd2b, 0x0, {0x60, 0x0, 0x0, r12, {0x2}, {0xffff, 0xffff}, {0xc}}, [@qdisc_kind_options=@q_gred={{0x9}, {0xc, 0x2, [@TCA_GRED_MAX_P={0x8, 0x4, 0x7}]}}]}, 0x3c}}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001ac0)={&(0x7f0000000040)={0x2, 0x4e24, @private=0xa010101}, 0x10, &(0x7f00000004c0)=[{&(0x7f00000003c0)="c5", 0x1}, {0x0}, {&(0x7f00000002c0)="8276983d5f858f43281f469f2b22dbc530d199fb7d1c4b9ac3925e2c369a66a442cbffd51991265a613e6ba9ff70ee6189b6f4879554b662faa1181f2d53bccf774e90564306c7066ad3ca9fa9c03730dced3c06405e7872904a68a67a34a6a04a30786a817fd519d949724a57153471020e6ad6daa762f6a4700f187fba01ae3e1c7d2de30b9970c068f29768178708a61f6ab86a6ee6ac16e1c8ef3a6c3cd4b1a8ffc441e0d54f503ddd687dadc53219e2fb7d6671560435f62c00cf613636414ad5a3e6fe98", 0xc7}, {&(0x7f0000000200)="2e59dc06bcbefb7c0c8d1480d525cb661c7b4d110a0c5084f315d093b98ea93283bf4231d405e50830f9d9c3e4cc7d778e75fee433640b8e67ab53aa2d5c875cc4f737908ceb51aa8baa01b2f4f8bc3d1c", 0x51}, {&(0x7f0000000400)="04bea1192cadc782f8728272692caddd4014f97f64be169e1e76340de7ac1565e4b4ea706dbc165cd9a5197df6e1e00e29bfdc5b993e0adf9f9c5ae4d8f1aeaaba0f0308336bb076b93e74a07eea731d1a4c7403083c28ef66dce34f288a0672245cc49594a2023000f324c8ceec1a5a62a0c03755515b27acaeb7c9ad1122c0fc63660f83659889fe27c45b7f9b5e011c2345fcf7b55f7a9416d7be9c143a95bae054030c603166a41f4c92e4ea9951f9d99b50869a48bbca77", 0xba}], 0x5}, 0x4004480)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

946.767172ms ago: executing program 0 (id=4829):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f00000002c0)=@ethtool_sfeatures={0x33, 0x2, [{0xfe, 0x80000000}, {0xfffffff9}]}})

291.684517ms ago: executing program 1 (id=4830):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r2, &(0x7f0000000100)={0xa, 0x0, 0x4, @mcast2={0xff, 0x3}}, 0x1c)
setsockopt$inet6_IPV6_HOPOPTS(r2, 0x29, 0x36, &(0x7f0000000340)=ANY=[], 0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x237, &(0x7f0000000280)={0x0, 0x9e37, 0x400, 0x0, 0x2cf}, &(0x7f00000011c0)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
sendmsg$rds(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440), 0x0, 0x0, 0x0, 0x20000800}, 0x4000008)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000001c0)={0x0, @in={{0x2, 0x0, @empty}}, 0x5, 0x12, 0x0, 0x3}, 0x9c)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r6, &(0x7f00000001c0)=ANY=[@ANYBLOB='3'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r6, 0x0)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_READV=@pass_iovec={0x1, 0x38, 0x0, @fd=r3, 0x100000001, 0x0, 0x0, 0x2, 0x1})
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
io_uring_enter(r3, 0x47ba, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000002180)=ANY=[@ANYBLOB], 0x0)
io_uring_enter(r3, 0x7126, 0x2a10, 0x0, 0x0, 0x0)
unshare(0x2a060480)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
socket$inet6(0xa, 0x3, 0x8000000003c)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f00000001c0)="3c75c2015e8724b5a4c586f2ae924b277f0443ec773eab27570e28988217c9b0", 0x20)
r8 = syz_io_uring_setup(0x275c, &(0x7f0000001280)={0x0, 0xae78, 0x80, 0x0, 0x40001c8}, &(0x7f0000001300), &(0x7f0000001180))
io_uring_register$IORING_REGISTER_BUFFERS(r8, 0x0, &(0x7f0000002300)=[{&(0x7f0000000140)=""/4096, 0x1000}], 0x3100)
io_uring_register$IORING_UNREGISTER_BUFFERS(r8, 0x1, 0x0, 0x0)

0s ago: executing program 0 (id=4831):
r0 = socket(0x10, 0x803, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
r4 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000180), 0x40, 0x0)
ioctl$DRM_IOCTL_GET_STATS(r4, 0x80f86406, &(0x7f0000001d00)=""/17)
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
r5 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r5, 0x0, 0x0)
syz_usb_control_io$hid(r5, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000340)={0x0, 0x22, 0x15, {[@global=@item_4={0x3, 0x1, 0xa, "9af6ba3f"}, @local=@item_4={0x3, 0x2, 0x0, "45501821"}, @main=@item_012={0x0, 0x0, 0xa}, @main=@item_4={0x3, 0x0, 0xb, "4f6f055b"}, @main=@item_4={0x3, 0x0, 0xc, "9e3ce079"}]}}, 0x0}, 0x0)
r6 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$BTRFS_IOC_BALANCE_V2(r6, 0x4004480f, &(0x7f0000000580)={0x18, 0x3, {0xb1f, @struct={0x7ff, 0x100}, 0x0, 0x3, 0x8, 0x8, 0x8, 0x84, 0x452, @usage, 0x6, 0x3, [0x400, 0xfffffffffffffff6, 0x7, 0x2, 0x8, 0x9]}, {0x5, @usage=0xad0a, 0x0, 0x2, 0x1, 0x81, 0x2, 0x8f, 0x43, @struct={0x3, 0x2}, 0x5, 0xba33, [0x5, 0xf000000000000000, 0x9, 0x401, 0x8, 0xb34]}, {0x8, @struct={0xd9d2, 0x7ff}, 0x0, 0x9, 0x1, 0xe1f, 0x8000, 0x9, 0x404, @usage=0x9, 0x3, 0x33, [0x100000000, 0x114, 0x9, 0x174e, 0x6f9add4, 0x50f800000000000]}, {0x2ee, 0x5, 0x9}})
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r9=>0x0})
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r8, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB='|\x00\x00\x00', @ANYRES16=r10, @ANYBLOB="010000000000000000003f00000008000300", @ANYRES32=r9, @ANYBLOB="60005e80080006000002000008000700f605000008000900000000000c0001000500000002000000080005"], 0x7c}, 0x1, 0x0, 0x0, 0x20000800}, 0x8d0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f00000007c0)=[{0x0, 0x0, &(0x7f00000006c0)=[{&(0x7f0000000040)="a9284495d100df44ae86424875", 0xd}], 0x1, 0x0, 0x68, 0x4000}], 0x1, 0x44014)
r11 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r11, 0x0, 0x3, &(0x7f0000000000)=0x6, 0x4)
sendto$inet(r11, &(0x7f0000000040)='\f\x00', 0xffeb, 0x0, &(0x7f0000000340), 0x10)
sendmsg$NL80211_CMD_UPDATE_FT_IES(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r7, 0x820a5942bf73f648, 0x70bd27, 0x25dfdbfb, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_MDID={0x6, 0xb1, 0xb200}, @NL80211_ATTR_MDID={0x6, 0xb1, 0x2}, @NL80211_ATTR_MDID={0x6, 0xb1, 0x72b}, @NL80211_ATTR_MDID={0x6, 0xb1, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x4028)
r12 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r12, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000ec0)=@newtfilter={0x8c, 0x2c, 0xd27, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0xd, 0xfff2}, {}, {0x7}}, [@filter_kind_options=@f_basic={{0xa}, {0x5c, 0x2, [@TCA_BASIC_ACT={0x58, 0x3, [@m_mpls={0x54, 0x1, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_MPLS_TC={0x5, 0x6, 0x4}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x9, 0x5c, 0x3, 0xfffffffc}, 0x4}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x2}}}}]}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x10}, 0x4)

kernel console output (not intermixed with test programs):

7c/0x1b0
[ 1837.217427][T23944]  __x64_sys_setsockopt+0x13f/0x1b0
[ 1837.217461][T23944]  do_syscall_64+0xfa/0x3b0
[ 1837.217496][T23944]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1837.217520][T23944]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1837.217543][T23944]  ? clear_bhb_loop+0x60/0xb0
[ 1837.217571][T23944]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1837.217593][T23944] RIP: 0033:0x7f99de38eec9
[ 1837.217614][T23944] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1837.217633][T23944] RSP: 002b:00007f99df2be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1837.217657][T23944] RAX: ffffffffffffffda RBX: 00007f99de5e5fa0 RCX: 00007f99de38eec9
[ 1837.217674][T23944] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000003
[ 1837.217688][T23944] RBP: 00007f99df2be090 R08: 0000000000000020 R09: 0000000000000000
[ 1837.217702][T23944] R10: 0000200000000340 R11: 0000000000000246 R12: 0000000000000001
[ 1837.217721][T23944] R13: 00007f99de5e6038 R14: 00007f99de5e5fa0 R15: 00007f99de70fa28
[ 1837.217757][T23944]  </TASK>
[ 1837.513884][T23945] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1837.522777][T23945] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1837.595139][T11567] usb 6-1: USB disconnect, device number 77
[ 1837.941474][T23955] netlink: 'syz.1.4368': attribute type 4 has an invalid length.
[ 1838.114259][T23960] netlink: 'syz.1.4368': attribute type 4 has an invalid length.
[ 1838.460381][T23424] usb 3-1: new high-speed USB device number 105 using dummy_hcd
[ 1838.640706][T23424] usb 3-1: Using ep0 maxpacket: 16
[ 1838.656515][T23424] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1838.682072][T23963] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1838.694869][T23424] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1838.711614][T23963] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1838.740397][T23424] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1838.756831][T23424] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1838.932933][T23424] usb 3-1: Product: syz
[ 1838.938653][T23424] usb 3-1: Manufacturer: syz
[ 1838.948867][T23424] usb 3-1: SerialNumber: syz
[ 1838.969276][T23968] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4371'.
[ 1839.272888][T23970] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4372'.
[ 1839.521098][T23970] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4372'.
[ 1840.456923][T23976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1840.467919][T23976] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1840.710405][   T55] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[ 1840.982381][T12195] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[ 1841.181723][T12195] usb 2-1: Using ep0 maxpacket: 8
[ 1841.216657][T23424] usb 3-1: 0:2 : does not exist
[ 1841.227843][T12195] usb 2-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[ 1841.254803][T23424] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[ 1841.265480][T12195] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1841.300537][T12195] usb 2-1: Product: syz
[ 1841.324826][T12195] usb 2-1: Manufacturer: syz
[ 1841.354486][T23424] usb 3-1: USB disconnect, device number 105
[ 1841.360818][   T55] usb 4-1: device descriptor read/64, error -71
[ 1841.372069][T12195] usb 2-1: SerialNumber: syz
[ 1841.399628][T12195] usb 2-1: config 0 descriptor??
[ 1841.472401][T12195] gspca_main: sonixj-2.14.0 probing 0c45:613a
[ 1841.634905][   T55] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[ 1841.701039][T23672] udevd[23672]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1841.810515][   T55] usb 4-1: Using ep0 maxpacket: 16
[ 1841.818172][   T55] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1841.869196][   T55] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1841.965763][   T55] usb 4-1: New USB device found, idVendor=1189, idProduct=0893, bcdDevice=f4.95
[ 1842.006473][   T55] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1842.026902][   T55] usb 4-1: Product: syz
[ 1842.037070][   T55] usb 4-1: Manufacturer: syz
[ 1842.051841][   T55] usb 4-1: SerialNumber: syz
[ 1842.081722][   T55] usb 4-1: config 0 descriptor??
[ 1842.300719][T23982] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1842.323330][T23982] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1842.382350][   T55] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1842.413814][T12195] gspca_sonixj: reg_w1 err -71
[ 1842.428981][T12195] sonixj 2-1:0.0: probe with driver sonixj failed with error -71
[ 1842.475420][   T55] asix 4-1:0.0: probe with driver asix failed with error -71
[ 1842.493878][T12195] usb 2-1: USB disconnect, device number 8
[ 1842.593857][   T55] usb 4-1: USB disconnect, device number 16
[ 1843.289570][T24017] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4383'.
[ 1843.302831][   T30] kauditd_printk_skb: 9 callbacks suppressed
[ 1843.302850][   T30] audit: type=1326 audit(1759168397.505:1562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24010 comm="syz.0.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99de38eec9 code=0x7ffc0000
[ 1843.341091][ T5931] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[ 1843.409074][   T30] audit: type=1326 audit(1759168397.505:1563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24010 comm="syz.0.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f99de38eec9 code=0x7ffc0000
[ 1843.462697][   T30] audit: type=1326 audit(1759168397.505:1564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24010 comm="syz.0.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99de38eec9 code=0x7ffc0000
[ 1843.506325][   T30] audit: type=1326 audit(1759168397.505:1565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24010 comm="syz.0.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7f99de38eec9 code=0x7ffc0000
[ 1843.532502][ T5931] usb 2-1: Using ep0 maxpacket: 32
[ 1843.557164][ T5931] usb 2-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[ 1843.573355][ T5931] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1843.585462][   T30] audit: type=1326 audit(1759168397.505:1566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24010 comm="syz.0.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99de38eec9 code=0x7ffc0000
[ 1843.611108][ T5931] usb 2-1: Product: syz
[ 1843.627647][ T5931] usb 2-1: Manufacturer: syz
[ 1843.635126][ T5931] usb 2-1: SerialNumber: syz
[ 1843.655755][ T5931] usb 2-1: config 0 descriptor??
[ 1843.661646][   T55] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[ 1843.677882][   T30] audit: type=1326 audit(1759168397.505:1567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24010 comm="syz.0.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f99de38eec9 code=0x7ffc0000
[ 1843.910375][   T55] usb 4-1: Using ep0 maxpacket: 8
[ 1843.917414][   T55] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[ 1843.930373][   T55] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1843.965518][   T30] audit: type=1326 audit(1759168397.515:1568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24010 comm="syz.0.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99de38eec9 code=0x7ffc0000
[ 1844.029745][   T55] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1844.077379][   T55] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1844.088038][   T30] audit: type=1326 audit(1759168397.515:1569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24010 comm="syz.0.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f99de38eec9 code=0x7ffc0000
[ 1844.123921][   T55] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1844.168142][   T30] audit: type=1326 audit(1759168397.515:1570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24010 comm="syz.0.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f99de38eec9 code=0x7ffc0000
[ 1844.180259][   T55] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1844.249378][   T55] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1844.257861][   T30] audit: type=1326 audit(1759168397.515:1571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24010 comm="syz.0.4383" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f99de38eec9 code=0x7ffc0000
[ 1844.330423][ T5931] airspy 2-1:0.0: Board ID: 00
[ 1844.341075][ T5931] airspy 2-1:0.0: Firmware version: 
[ 1844.539618][   T55] usb 4-1: usb_control_msg returned -32
[ 1844.546669][   T55] usbtmc 4-1:16.0: can't read capabilities
[ 1844.700329][T11567] usb 3-1: new high-speed USB device number 106 using dummy_hcd
[ 1845.000799][T11567] usb 3-1: Using ep0 maxpacket: 32
[ 1845.045937][T11567] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1845.064741][T11567] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1845.083064][T11567] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1845.103790][T11567] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1845.123344][T11567] usb 3-1: config 0 descriptor??
[ 1845.330115][T24036] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1845.342873][T24008] netlink: 'syz.1.4384': attribute type 4 has an invalid length.
[ 1845.350825][ T5952] usb 6-1: new full-speed USB device number 78 using dummy_hcd
[ 1845.358776][T24036] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1845.379553][T24008] netlink: 'syz.1.4384': attribute type 4 has an invalid length.
[ 1845.404539][ T5931] airspy 2-1:0.0: usb_control_msg() failed -71 request 10
[ 1845.416271][ T5931] airspy 2-1:0.0: Registered as swradio24
[ 1845.423266][ T5931] airspy 2-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[ 1845.456549][ T5931] usb 2-1: USB disconnect, device number 9
[ 1845.503300][T24038] netlink: 48 bytes leftover after parsing attributes in process `syz.0.4390'.
[ 1845.594321][ T5952] usb 6-1: unable to read config index 0 descriptor/start: -61
[ 1845.605257][T11567] usbhid 3-1:0.0: can't add hid device: -71
[ 1845.611366][ T5952] usb 6-1: can't read configurations, error -61
[ 1845.630968][T11567] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1845.655175][T11567] usb 3-1: USB disconnect, device number 106
[ 1845.692714][T24040] usbtmc 4-1:16.0: usb_control_msg returned -32
[ 1845.770607][ T5952] usb 6-1: new full-speed USB device number 79 using dummy_hcd
[ 1845.833295][   T55] usb 4-1: USB disconnect, device number 17
[ 1845.945374][ T5952] usb 6-1: unable to read config index 0 descriptor/start: -61
[ 1845.965855][ T5952] usb 6-1: can't read configurations, error -61
[ 1845.976982][ T5952] usb usb6-port1: attempt power cycle
[ 1846.340556][ T5952] usb 6-1: new full-speed USB device number 80 using dummy_hcd
[ 1846.363792][ T5952] usb 6-1: unable to read config index 0 descriptor/start: -61
[ 1846.372505][ T5952] usb 6-1: can't read configurations, error -61
[ 1846.526789][ T5952] usb 6-1: new full-speed USB device number 81 using dummy_hcd
[ 1846.594617][ T5952] usb 6-1: unable to read config index 0 descriptor/start: -61
[ 1846.605469][ T5952] usb 6-1: can't read configurations, error -61
[ 1846.615595][ T5952] usb usb6-port1: unable to enumerate USB device
[ 1847.705203][   T24] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[ 1847.760263][   T55] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[ 1847.809800][T24059] ptrace attach of "./syz-executor exec"[18388] was attempted by "./syz-executor exec"[24059]
[ 1847.865987][   T24] usb 4-1: Using ep0 maxpacket: 32
[ 1847.895054][   T24] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1848.040455][   T55] usb 2-1: config 8 has an invalid interface number: 177 but max is 0
[ 1848.048924][   T55] usb 2-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[ 1848.081276][   T24] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1848.108421][   T55] usb 2-1: config 8 has no interface number 0
[ 1848.124974][   T24] usb 4-1: Duplicate descriptor for config 1 interface 2 altsetting 0, skipping
[ 1848.149857][   T55] usb 2-1: config 8 interface 177 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1848.202399][   T24] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1848.213583][   T55] usb 2-1: config 8 interface 177 has no altsetting 0
[ 1848.221310][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1848.230251][   T55] usb 2-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1
[ 1848.241446][   T24] usb 4-1: Product: syz
[ 1848.246278][   T24] usb 4-1: Manufacturer: syz
[ 1848.260643][   T55] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1848.270119][   T24] usb 4-1: SerialNumber: syz
[ 1848.373668][   T55] ir_toy 2-1:8.177: required endpoints not found
[ 1848.570504][T24053] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1848.573273][   T24] usb 4-1: 2:0 : UAC_AS_GENERAL descriptor not found
[ 1848.579681][T24053] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1848.686317][T24064] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4399'.
[ 1848.710000][   T24] usb 4-1: USB disconnect, device number 18
[ 1848.807616][T24064] binder: 24063:24064 ioctl c0046209 200000000000000 returned -22
[ 1848.835946][ T5931] usb 2-1: USB disconnect, device number 10
[ 1848.846671][T24069] mac80211_hwsim hwsim20 syzkaller0: Caught tx_queue_len zero misconfig
[ 1848.900088][T24067] FAULT_INJECTION: forcing a failure.
[ 1848.900088][T24067] name failslab, interval 1, probability 0, space 0, times 0
[ 1848.950632][T24067] CPU: 0 UID: 0 PID: 24067 Comm: syz.0.4400 Not tainted syzkaller #0 PREEMPT(full) 
[ 1848.950664][T24067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1848.950678][T24067] Call Trace:
[ 1848.950686][T24067]  <TASK>
[ 1848.950697][T24067]  dump_stack_lvl+0x189/0x250
[ 1848.950746][T24067]  ? __pfx____ratelimit+0x10/0x10
[ 1848.950771][T24067]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1848.950799][T24067]  ? __pfx__printk+0x10/0x10
[ 1848.950837][T24067]  ? __pfx___might_resched+0x10/0x10
[ 1848.950863][T24067]  should_fail_ex+0x414/0x560
[ 1848.950903][T24067]  should_failslab+0xa8/0x100
[ 1848.950938][T24067]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[ 1848.950970][T24067]  ? __alloc_skb+0x112/0x2d0
[ 1848.951000][T24067]  __alloc_skb+0x112/0x2d0
[ 1848.951029][T24067]  netlink_sendmsg+0x5c6/0xb30
[ 1848.951065][T24067]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1848.951094][T24067]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1848.951118][T24067]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1848.951144][T24067]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1848.951168][T24067]  __sock_sendmsg+0x219/0x270
[ 1848.951213][T24067]  ____sys_sendmsg+0x505/0x830
[ 1848.951249][T24067]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1848.951287][T24067]  ? import_iovec+0x74/0xa0
[ 1848.951321][T24067]  ___sys_sendmsg+0x21f/0x2a0
[ 1848.951352][T24067]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1848.951420][T24067]  ? __fget_files+0x2a/0x420
[ 1848.951439][T24067]  ? __fget_files+0x3a0/0x420
[ 1848.951468][T24067]  __x64_sys_sendmsg+0x19b/0x260
[ 1848.951498][T24067]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1848.951537][T24067]  ? __pfx_ksys_write+0x10/0x10
[ 1848.951564][T24067]  ? rcu_is_watching+0x15/0xb0
[ 1848.951592][T24067]  ? do_syscall_64+0xbe/0x3b0
[ 1848.951622][T24067]  do_syscall_64+0xfa/0x3b0
[ 1848.951647][T24067]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1848.951670][T24067]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1848.951692][T24067]  ? clear_bhb_loop+0x60/0xb0
[ 1848.951727][T24067]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1848.951748][T24067] RIP: 0033:0x7f99de38eec9
[ 1848.951768][T24067] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1848.951789][T24067] RSP: 002b:00007f99df2be038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1848.951812][T24067] RAX: ffffffffffffffda RBX: 00007f99de5e5fa0 RCX: 00007f99de38eec9
[ 1848.951829][T24067] RDX: 0000000000000004 RSI: 0000200000000580 RDI: 0000000000000006
[ 1848.951843][T24067] RBP: 00007f99df2be090 R08: 0000000000000000 R09: 0000000000000000
[ 1848.951858][T24067] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1848.951871][T24067] R13: 00007f99de5e6038 R14: 00007f99de5e5fa0 R15: 00007f99de70fa28
[ 1848.951906][T24067]  </TASK>
[ 1849.327583][T24073] FAULT_INJECTION: forcing a failure.
[ 1849.327583][T24073] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1849.348122][T24073] CPU: 0 UID: 0 PID: 24073 Comm: syz.0.4402 Not tainted syzkaller #0 PREEMPT(full) 
[ 1849.348154][T24073] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1849.348169][T24073] Call Trace:
[ 1849.348178][T24073]  <TASK>
[ 1849.348188][T24073]  dump_stack_lvl+0x189/0x250
[ 1849.348220][T24073]  ? __pfx____ratelimit+0x10/0x10
[ 1849.348244][T24073]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1849.348271][T24073]  ? __pfx__printk+0x10/0x10
[ 1849.348305][T24073]  ? fs_reclaim_acquire+0x7d/0x100
[ 1849.348337][T24073]  should_fail_ex+0x414/0x560
[ 1849.348376][T24073]  prepare_alloc_pages+0x213/0x610
[ 1849.348415][T24073]  __alloc_frozen_pages_noprof+0x123/0x370
[ 1849.348444][T24073]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1849.348478][T24073]  ? policy_nodemask+0x27c/0x720
[ 1849.348507][T24073]  ? __lock_acquire+0xab9/0xd20
[ 1849.348546][T24073]  alloc_pages_mpol+0x232/0x4a0
[ 1849.348584][T24073]  vma_alloc_folio_noprof+0xe4/0x200
[ 1849.348617][T24073]  ? page_table_check_set+0x18d/0x730
[ 1849.348649][T24073]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1849.348702][T24073]  folio_prealloc+0x30/0x180
[ 1849.348738][T24073]  __handle_mm_fault+0x2ab9/0x5440
[ 1849.348788][T24073]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1849.348838][T24073]  ? follow_page_pte+0x7ef/0x13e0
[ 1849.348878][T24073]  handle_mm_fault+0x40a/0x8e0
[ 1849.348920][T24073]  __get_user_pages+0x1699/0x2ce0
[ 1849.348945][T24073]  ? kasan_save_track+0x4f/0x80
[ 1849.349014][T24073]  __gup_longterm_locked+0x3dc/0x1660
[ 1849.349062][T24073]  ? rcu_is_watching+0x15/0xb0
[ 1849.349084][T24073]  ? xdp_umem_pin_pages+0x52/0x340
[ 1849.349112][T24073]  pin_user_pages+0x9e/0xd0
[ 1849.349144][T24073]  xdp_umem_pin_pages+0x117/0x340
[ 1849.349174][T24073]  xdp_umem_create+0x677/0x8e0
[ 1849.349209][T24073]  xsk_setsockopt+0x7b0/0x8d0
[ 1849.349247][T24073]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1849.349289][T24073]  ? __fget_files+0x2a/0x420
[ 1849.349306][T24073]  ? aa_sock_opt_perm+0xff/0x1b0
[ 1849.349333][T24073]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 1849.349357][T24073]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1849.349398][T24073]  do_sock_setsockopt+0x17c/0x1b0
[ 1849.349440][T24073]  __x64_sys_setsockopt+0x13f/0x1b0
[ 1849.349474][T24073]  do_syscall_64+0xfa/0x3b0
[ 1849.349498][T24073]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1849.349521][T24073]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1849.349542][T24073]  ? clear_bhb_loop+0x60/0xb0
[ 1849.349570][T24073]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1849.349591][T24073] RIP: 0033:0x7f99de38eec9
[ 1849.349610][T24073] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1849.349630][T24073] RSP: 002b:00007f99df2be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1849.349654][T24073] RAX: ffffffffffffffda RBX: 00007f99de5e5fa0 RCX: 00007f99de38eec9
[ 1849.349670][T24073] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000003
[ 1849.349683][T24073] RBP: 00007f99df2be090 R08: 0000000000000020 R09: 0000000000000000
[ 1849.349698][T24073] R10: 0000200000000340 R11: 0000000000000246 R12: 0000000000000001
[ 1849.349711][T24073] R13: 00007f99de5e6038 R14: 00007f99de5e5fa0 R15: 00007f99de70fa28
[ 1849.349747][T24073]  </TASK>
[ 1849.920897][ T5931] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[ 1850.070495][ T5931] usb 2-1: Using ep0 maxpacket: 16
[ 1850.082841][ T5931] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1850.093760][ T5931] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1850.127082][ T5931] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1850.190440][ T5931] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1850.229063][ T5931] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1850.320726][ T5931] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1850.336588][ T5931] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1850.377482][ T5931] usb 2-1: Manufacturer: syz
[ 1850.405553][ T5931] usb 2-1: config 0 descriptor??
[ 1850.518978][T24089] netlink: 'syz.5.4406': attribute type 1 has an invalid length.
[ 1850.610620][T11567] usb 4-1: new full-speed USB device number 19 using dummy_hcd
[ 1850.926669][T11567] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1850.952444][T11567] usb 4-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config
[ 1851.005262][T11567] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1851.176767][T11567] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 12336, setting to 64
[ 1851.407944][T11567] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1851.433512][T11567] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1851.483027][ T5931] rc_core: IR keymap rc-hauppauge not found
[ 1851.553113][ T5931] Registered IR keymap rc-empty
[ 1851.559380][T11567] usb 4-1: Product: syz
[ 1851.569439][ T5931] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1851.579173][T11567] usb 4-1: Manufacturer: syz
[ 1851.591225][   T55] usb 6-1: new high-speed USB device number 82 using dummy_hcd
[ 1851.620394][ T5931] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1851.637151][T11567] cdc_wdm 4-1:1.0: skipping garbage
[ 1851.679822][T11567] cdc_wdm 4-1:1.0: skipping garbage
[ 1851.687029][ T5931] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[ 1851.752281][   T55] usb 6-1: Using ep0 maxpacket: 16
[ 1851.760062][   T55] usb 6-1: config 0 has an invalid interface number: 251 but max is 0
[ 1851.769082][   T55] usb 6-1: config 0 has no interface number 0
[ 1851.782168][T11567] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[ 1851.785958][   T55] usb 6-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[ 1851.882515][T11567] cdc_wdm 4-1:1.0: Unknown control protocol
[ 1851.900881][   T55] usb 6-1: config 0 interface 251 altsetting 0 endpoint 0x89 has invalid maxpacket 15810, setting to 1024
[ 1851.920813][ T5931] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input74
[ 1851.937402][   T55] usb 6-1: config 0 interface 251 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 1024
[ 1852.005596][   T55] usb 6-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 1852.022944][ T5931] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1852.041398][   T55] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1852.066713][   T55] usb 6-1: Product: syz
[ 1852.080348][   T55] usb 6-1: Manufacturer: syz
[ 1852.097123][   T55] usb 6-1: SerialNumber: syz
[ 1852.119394][   T55] usb 6-1: config 0 descriptor??
[ 1852.138348][T24107] raw-gadget.3 gadget.5: fail, usb_ep_enable returned -22
[ 1852.156674][T24107] raw-gadget.3 gadget.5: fail, usb_ep_enable returned -22
[ 1852.173051][ T5931] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1852.188299][   T55] asix 6-1:0.251: probe with driver asix failed with error -22
[ 1852.279840][ T5931] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1852.320687][   T24] usb 3-1: new high-speed USB device number 107 using dummy_hcd
[ 1852.379772][ T5931] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1852.423390][ T5931] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1852.460376][ T5931] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1852.461131][T24112] binder: BINDER_SET_CONTEXT_MGR already set
[ 1852.499914][ T5931] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1852.510582][T24112] binder: 24111:24112 ioctl 4018620d 200000000140 returned -16
[ 1852.535710][T24113] binder_alloc: 24111: binder_alloc_buf, no vma
[ 1852.544385][ T5931] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1852.560485][   T24] usb 3-1: Using ep0 maxpacket: 8
[ 1852.570382][ T5931] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1852.589200][   T24] usb 3-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[ 1852.603074][ T5931] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1852.609092][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1852.618850][   T24] usb 3-1: Product: syz
[ 1852.629202][   T24] usb 3-1: Manufacturer: syz
[ 1852.644360][   T24] usb 3-1: SerialNumber: syz
[ 1852.659475][ T5931] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1852.668743][   T24] usb 3-1: config 0 descriptor??
[ 1852.699474][ T5931] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1852.712078][   T24] gspca_main: sonixj-2.14.0 probing 0c45:613a
[ 1852.828473][ T5931] usb 2-1: USB disconnect, device number 11
[ 1853.164843][   T24] gspca_sonixj: reg_r err -32
[ 1853.180679][   T24] sonixj 3-1:0.0: probe with driver sonixj failed with error -32
[ 1853.299911][T24120] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4410'.
[ 1853.741516][T24125] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4413'.
[ 1853.760390][   T30] kauditd_printk_skb: 13 callbacks suppressed
[ 1853.760413][   T30] audit: type=1326 audit(1759168407.965:1585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24121 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1853.789532][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1853.812021][T24127] FAULT_INJECTION: forcing a failure.
[ 1853.812021][T24127] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1853.869374][T24127] CPU: 0 UID: 0 PID: 24127 Comm: syz.0.4414 Not tainted syzkaller #0 PREEMPT(full) 
[ 1853.869406][T24127] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1853.869421][T24127] Call Trace:
[ 1853.869435][T24127]  <TASK>
[ 1853.869446][T24127]  dump_stack_lvl+0x189/0x250
[ 1853.869479][T24127]  ? __pfx____ratelimit+0x10/0x10
[ 1853.869503][T24127]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1853.869530][T24127]  ? __pfx__printk+0x10/0x10
[ 1853.869563][T24127]  ? fs_reclaim_acquire+0x7d/0x100
[ 1853.869596][T24127]  should_fail_ex+0x414/0x560
[ 1853.869636][T24127]  prepare_alloc_pages+0x213/0x610
[ 1853.869667][T24127]  __alloc_frozen_pages_noprof+0x123/0x370
[ 1853.869695][T24127]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[ 1853.869729][T24127]  ? policy_nodemask+0x27c/0x720
[ 1853.869757][T24127]  ? __lock_acquire+0xab9/0xd20
[ 1853.869797][T24127]  alloc_pages_mpol+0x232/0x4a0
[ 1853.869835][T24127]  vma_alloc_folio_noprof+0xe4/0x200
[ 1853.869868][T24127]  ? page_table_check_set+0x18d/0x730
[ 1853.869900][T24127]  ? __pfx_vma_alloc_folio_noprof+0x10/0x10
[ 1853.869948][T24127]  folio_prealloc+0x30/0x180
[ 1853.869982][T24127]  __handle_mm_fault+0x2ab9/0x5440
[ 1853.870033][T24127]  ? __pfx___handle_mm_fault+0x10/0x10
[ 1853.870083][T24127]  ? follow_page_pte+0x7ef/0x13e0
[ 1853.870120][T24127]  handle_mm_fault+0x40a/0x8e0
[ 1853.870160][T24127]  __get_user_pages+0x1699/0x2ce0
[ 1853.870183][T24127]  ? kasan_save_track+0x4f/0x80
[ 1853.870255][T24127]  __gup_longterm_locked+0x3dc/0x1660
[ 1853.870304][T24127]  ? rcu_is_watching+0x15/0xb0
[ 1853.870326][T24127]  ? xdp_umem_pin_pages+0x52/0x340
[ 1853.870353][T24127]  pin_user_pages+0x9e/0xd0
[ 1853.870386][T24127]  xdp_umem_pin_pages+0x117/0x340
[ 1853.870416][T24127]  xdp_umem_create+0x677/0x8e0
[ 1853.870451][T24127]  xsk_setsockopt+0x7b0/0x8d0
[ 1853.870489][T24127]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1853.870530][T24127]  ? __fget_files+0x2a/0x420
[ 1853.870549][T24127]  ? aa_sock_opt_perm+0xff/0x1b0
[ 1853.870576][T24127]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[ 1853.870601][T24127]  ? __pfx_xsk_setsockopt+0x10/0x10
[ 1853.870637][T24127]  do_sock_setsockopt+0x17c/0x1b0
[ 1853.870671][T24127]  __x64_sys_setsockopt+0x13f/0x1b0
[ 1853.870705][T24127]  do_syscall_64+0xfa/0x3b0
[ 1853.870729][T24127]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1853.870751][T24127]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1853.870773][T24127]  ? clear_bhb_loop+0x60/0xb0
[ 1853.870800][T24127]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1853.870821][T24127] RIP: 0033:0x7f99de38eec9
[ 1853.870842][T24127] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1853.870861][T24127] RSP: 002b:00007f99df2be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[ 1853.870884][T24127] RAX: ffffffffffffffda RBX: 00007f99de5e5fa0 RCX: 00007f99de38eec9
[ 1853.870900][T24127] RDX: 0000000000000004 RSI: 000000000000011b RDI: 0000000000000003
[ 1853.870914][T24127] RBP: 00007f99df2be090 R08: 0000000000000020 R09: 0000000000000000
[ 1853.870928][T24127] R10: 0000200000000340 R11: 0000000000000246 R12: 0000000000000001
[ 1853.870942][T24127] R13: 00007f99de5e6038 R14: 00007f99de5e5fa0 R15: 00007f99de70fa28
[ 1853.870978][T24127]  </TASK>
[ 1854.218897][   T55] usb 4-1: USB disconnect, device number 19
[ 1854.546465][   T30] audit: type=1326 audit(1759168407.965:1586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24121 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1854.599332][   T30] audit: type=1326 audit(1759168407.965:1587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24121 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1854.700002][T11567] usb 6-1: USB disconnect, device number 82
[ 1854.730344][   T30] audit: type=1326 audit(1759168407.965:1588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24121 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1854.757470][   T30] audit: type=1326 audit(1759168407.965:1589): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24121 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1854.781722][   T30] audit: type=1326 audit(1759168407.965:1590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24121 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1854.804620][   T30] audit: type=1326 audit(1759168407.965:1591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24121 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1854.827307][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1854.838402][   T30] audit: type=1326 audit(1759168407.965:1592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24121 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1854.861559][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1854.897877][T24132] netlink: 596 bytes leftover after parsing attributes in process `syz.5.4415'.
[ 1855.140327][   T30] audit: type=1326 audit(1759168407.965:1593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24121 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1855.264976][T24137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1855.328100][   T30] audit: type=1326 audit(1759168407.965:1594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24121 comm="syz.1.4413" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1855.360889][T24137] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1855.398805][T24141] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4420'.
[ 1855.432538][T24137] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1855.473023][T24137] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1855.600593][T24141] ip6gretap1: entered allmulticast mode
[ 1855.601605][T12195] usb 3-1: USB disconnect, device number 107
[ 1856.201922][   T24] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[ 1856.229214][T24138] delete_channel: no stack
[ 1856.430362][   T24] usb 3-1: Using ep0 maxpacket: 8
[ 1856.462441][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1856.484436][T24156] FAULT_INJECTION: forcing a failure.
[ 1856.484436][T24156] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1856.485881][   T24] usb 3-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 1856.546012][T24156] CPU: 0 UID: 0 PID: 24156 Comm: syz.5.4423 Not tainted syzkaller #0 PREEMPT(full) 
[ 1856.546043][T24156] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1856.546065][T24156] Call Trace:
[ 1856.546074][T24156]  <TASK>
[ 1856.546085][T24156]  dump_stack_lvl+0x189/0x250
[ 1856.546116][T24156]  ? __pfx____ratelimit+0x10/0x10
[ 1856.546141][T24156]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1856.546167][T24156]  ? __pfx__printk+0x10/0x10
[ 1856.546198][T24156]  ? __might_fault+0xb0/0x130
[ 1856.546242][T24156]  should_fail_ex+0x414/0x560
[ 1856.546281][T24156]  _copy_from_iter+0x1de/0x1790
[ 1856.546315][T24156]  ? rcu_is_watching+0x15/0xb0
[ 1856.546339][T24156]  ? kmem_cache_alloc_node_noprof+0x217/0x3c0
[ 1856.546372][T24156]  ? __pfx__copy_from_iter+0x10/0x10
[ 1856.546400][T24156]  ? __build_skb_around+0x257/0x3e0
[ 1856.546429][T24156]  ? netlink_sendmsg+0x642/0xb30
[ 1856.546451][T24156]  ? skb_put+0x11b/0x210
[ 1856.546480][T24156]  netlink_sendmsg+0x6b2/0xb30
[ 1856.546515][T24156]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1856.546544][T24156]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1856.546568][T24156]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1856.546592][T24156]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1856.546618][T24156]  __sock_sendmsg+0x219/0x270
[ 1856.546660][T24156]  ____sys_sendmsg+0x505/0x830
[ 1856.546694][T24156]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1856.546732][T24156]  ? import_iovec+0x74/0xa0
[ 1856.546765][T24156]  ___sys_sendmsg+0x21f/0x2a0
[ 1856.546795][T24156]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1856.546865][T24156]  ? __fget_files+0x2a/0x420
[ 1856.546883][T24156]  ? __fget_files+0x3a0/0x420
[ 1856.546915][T24156]  __x64_sys_sendmsg+0x19b/0x260
[ 1856.546946][T24156]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1856.546990][T24156]  ? __pfx_ksys_write+0x10/0x10
[ 1856.547017][T24156]  ? rcu_is_watching+0x15/0xb0
[ 1856.547044][T24156]  ? do_syscall_64+0xbe/0x3b0
[ 1856.547079][T24156]  do_syscall_64+0xfa/0x3b0
[ 1856.547102][T24156]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1856.547124][T24156]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1856.547146][T24156]  ? clear_bhb_loop+0x60/0xb0
[ 1856.547173][T24156]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1856.547193][T24156] RIP: 0033:0x7fe7d658eec9
[ 1856.547212][T24156] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1856.547231][T24156] RSP: 002b:00007fe7d7376038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1856.547254][T24156] RAX: ffffffffffffffda RBX: 00007fe7d67e5fa0 RCX: 00007fe7d658eec9
[ 1856.547271][T24156] RDX: 0000000000000004 RSI: 0000200000000580 RDI: 0000000000000006
[ 1856.547285][T24156] RBP: 00007fe7d7376090 R08: 0000000000000000 R09: 0000000000000000
[ 1856.547299][T24156] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1856.547312][T24156] R13: 00007fe7d67e6038 R14: 00007fe7d67e5fa0 R15: 00007fe7d690fa28
[ 1856.547345][T24156]  </TASK>
[ 1856.558155][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1857.252087][   T24] usb 3-1: Product: syz
[ 1857.265005][   T24] usb 3-1: Manufacturer: syz
[ 1857.269681][   T24] usb 3-1: SerialNumber: syz
[ 1857.339936][   T24] usb 3-1: config 0 descriptor??
[ 1857.390631][   T24] streamzap 3-1:0.0: streamzap_probe: endpoint doesn't match input device 0203
[ 1857.460442][T11567] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[ 1857.489954][T24170] netlink: 'syz.5.4426': attribute type 9 has an invalid length.
[ 1857.575022][   T24] usb 3-1: USB disconnect, device number 108
[ 1857.669437][T11567] usb 2-1: config 0 has no interfaces?
[ 1857.825072][T11567] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1857.958497][T11567] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1858.014004][T11567] usb 2-1: Product: syz
[ 1858.022921][T11567] usb 2-1: Manufacturer: syz
[ 1858.028846][T11567] usb 2-1: SerialNumber: syz
[ 1858.048485][T11567] usb 2-1: config 0 descriptor??
[ 1858.529272][T24178] netlink: 'syz.2.4427': attribute type 1 has an invalid length.
[ 1858.536358][T24180] netlink: 596 bytes leftover after parsing attributes in process `syz.3.4429'.
[ 1858.547016][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 1858.554048][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1858.573037][T24178] netlink: 36 bytes leftover after parsing attributes in process `syz.2.4427'.
[ 1859.141934][T24186] netlink: 'syz.3.4433': attribute type 1 has an invalid length.
[ 1859.150560][T24186] netlink: 'syz.3.4433': attribute type 2 has an invalid length.
[ 1859.160774][T24186] netlink: 1172 bytes leftover after parsing attributes in process `syz.3.4433'.
[ 1859.324930][T24189] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4432'.
[ 1859.730535][T24194] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[ 1860.150336][ T5931] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[ 1860.234687][T24203] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1860.268675][T24204] 
��: renamed from wg2 (while UP)
[ 1860.303252][T24203] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1860.350305][ T5931] usb 4-1: Using ep0 maxpacket: 16
[ 1860.377676][ T5931] usb 4-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[ 1860.394652][T24204] pim6reg1: entered promiscuous mode
[ 1860.400027][T24204] pim6reg1: entered allmulticast mode
[ 1860.407222][ T5931] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1860.447126][ T5931] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1860.482470][ T5931] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1860.525354][ T5931] usb 4-1: Product: syz
[ 1860.546851][ T5931] usb 4-1: Manufacturer: syz
[ 1860.567701][ T5931] usb 4-1: SerialNumber: syz
[ 1860.803077][ T5931] usb 4-1: 0:2 : does not exist
[ 1860.821797][ T5931] usb 4-1: unit 97 not found!
[ 1860.886554][ T5931] usb 4-1: USB disconnect, device number 20
[ 1860.892942][T11567] usb 6-1: new high-speed USB device number 83 using dummy_hcd
[ 1860.987083][T23672] udevd[23672]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1861.040318][T11567] usb 6-1: device descriptor read/64, error -71
[ 1861.140619][ T5931] usb 2-1: USB disconnect, device number 12
[ 1861.214968][T24220] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4443'.
[ 1861.310363][T11567] usb 6-1: new high-speed USB device number 84 using dummy_hcd
[ 1861.500458][ T5952] usb 3-1: new high-speed USB device number 109 using dummy_hcd
[ 1861.510295][T11567] usb 6-1: device descriptor read/64, error -71
[ 1861.620564][   T24] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[ 1861.636456][T11567] usb usb6-port1: attempt power cycle
[ 1861.690682][ T5952] usb 3-1: Using ep0 maxpacket: 32
[ 1861.723744][ T5952] usb 3-1: config 0 has an invalid interface number: 136 but max is 0
[ 1861.852059][ T5952] usb 3-1: config 0 has no interface number 0
[ 1861.860409][   T24] usb 2-1: Using ep0 maxpacket: 32
[ 1861.888870][   T24] usb 2-1: config 0 has an invalid interface number: 83 but max is 0
[ 1861.916669][   T24] usb 2-1: config 0 has no interface number 0
[ 1861.923399][ T5952] usb 3-1: config 0 interface 136 altsetting 0 has an endpoint descriptor with address 0xAD, changing to 0x8D
[ 1861.938417][   T24] usb 2-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=92.f7
[ 1861.964378][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1861.974245][T24231] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4449'.
[ 1861.976437][ T5952] usb 3-1: config 0 interface 136 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[ 1861.990338][   T24] usb 2-1: Product: syz
[ 1862.004231][   T24] usb 2-1: Manufacturer: syz
[ 1862.009031][   T24] usb 2-1: SerialNumber: syz
[ 1862.034194][   T24] usb 2-1: config 0 descriptor??
[ 1862.052462][ T5952] usb 3-1: config 0 interface 136 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 0
[ 1862.099614][ T5952] usb 3-1: config 0 interface 136 altsetting 0 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[ 1862.111785][T11567] usb 6-1: new high-speed USB device number 85 using dummy_hcd
[ 1862.191104][T11567] usb 6-1: device descriptor read/8, error -71
[ 1862.199224][ T5952] usb 3-1: config 0 interface 136 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1862.267700][T24222] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1862.291087][T24222] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1862.314158][T24233] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1862.364382][T24233] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1862.445031][ T5952] usb 3-1: New USB device found, idVendor=0763, idProduct=1021, bcdDevice=8e.c0
[ 1862.530301][T11567] usb 6-1: new high-speed USB device number 86 using dummy_hcd
[ 1862.579394][ T5952] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1862.665648][T11567] usb 6-1: device descriptor read/8, error -71
[ 1862.677167][T24222] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1862.707238][T24222] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1862.762369][ T5952] usb 3-1: config 0 descriptor??
[ 1862.870596][T11567] usb usb6-port1: unable to enumerate USB device
[ 1862.931686][ T5952] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[ 1862.968377][   T24] peak_usb 2-1:0.83 can0: unable to request usb[type=2 value=5] err=-71
[ 1863.105929][T23948] udevd[23948]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.136/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1863.153981][T24244] netlink: 64 bytes leftover after parsing attributes in process `syz.3.4452'.
[ 1863.186235][T24220] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1863.195439][T24220] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1863.310977][   T24] peak_usb 2-1:0.83: probe with driver peak_usb failed with error -71
[ 1863.377989][   T24] usb 2-1: USB disconnect, device number 13
[ 1863.583390][T24248] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1863.714468][T24248] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1863.925032][T24258] use of bytesused == 0 is deprecated and will be removed in the future,
[ 1863.950019][T24259] loop2: detected capacity change from 0 to 7
[ 1863.960266][T24258] use the actual size instead.
[ 1863.970979][T24259]  loop2: p1
[ 1863.985168][T24259] loop2: partition table partially beyond EOD, truncated
[ 1864.160107][T24259] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1864.224873][T11567] usb 3-1: USB disconnect, device number 109
[ 1864.382100][T23672] udevd[23672]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1864.706972][T24267] sg_write: data in/out 531869774/30 bytes for SCSI command 0xb3-- guessing data in;
[ 1864.706972][T24267]    program syz.1.4460 not setting count and/or reply_len properly
[ 1865.319362][T24277] netlink: 596 bytes leftover after parsing attributes in process `syz.3.4461'.
[ 1865.560463][   T24] usb 3-1: new high-speed USB device number 110 using dummy_hcd
[ 1865.750501][   T24] usb 3-1: Using ep0 maxpacket: 16
[ 1865.784710][   T24] usb 3-1: config 1 interface 0 altsetting 4 bulk endpoint 0x82 has invalid maxpacket 16
[ 1865.805280][   T24] usb 3-1: config 1 interface 0 altsetting 4 bulk endpoint 0x3 has invalid maxpacket 16
[ 1865.831224][T17571] Bluetooth: hci4: unexpected event for opcode 0x041b
[ 1865.865773][   T24] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1865.903644][   T24] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1865.984742][T24299] netlink: 256 bytes leftover after parsing attributes in process `syz.1.4469'.
[ 1866.003617][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1866.027700][   T24] usb 3-1: Product: syz
[ 1866.040662][   T24] usb 3-1: Manufacturer: syz
[ 1866.045494][   T24] usb 3-1: SerialNumber: syz
[ 1866.089478][T24278] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1866.140665][T24278] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1866.237937][T24305] loop2: detected capacity change from 0 to 7
[ 1866.246594][T24305]  loop2: p1
[ 1866.249909][T24305] loop2: partition table partially beyond EOD, truncated
[ 1866.257895][T24305] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1866.356352][T23948] udevd[23948]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1866.428716][   T24] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -71
[ 1866.458621][T24308] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4470'.
[ 1866.539629][T24309] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4472'.
[ 1866.755574][   T24] usb 3-1: USB disconnect, device number 110
[ 1866.880834][T11567] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[ 1867.035786][T11567] usb 2-1: New USB device found, idVendor=0c45, idProduct=8001, bcdDevice=90.0a
[ 1867.056109][T11567] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1867.102746][T11567] usb 2-1: config 0 descriptor??
[ 1867.195929][T11567] gspca_main: sn9c2028-2.14.0 probing 0c45:8001
[ 1867.317297][T11567] gspca_sn9c2028: read1 error -71
[ 1867.350435][T11567] gspca_sn9c2028: read1 error -71
[ 1867.389153][T11567] gspca_sn9c2028: read1 error -71
[ 1867.422083][T11567] sn9c2028 2-1:0.0: probe with driver sn9c2028 failed with error -71
[ 1867.446589][T11567] usb 2-1: USB disconnect, device number 14
[ 1868.118980][T24337] netlink: 12 bytes leftover after parsing attributes in process `syz.1.4478'.
[ 1868.644087][T24343] syz.5.4479 (24343): drop_caches: 2
[ 1868.716155][T24343] syz.5.4479 (24343): drop_caches: 2
[ 1869.081927][T24349] netlink: 14 bytes leftover after parsing attributes in process `syz.0.4480'.
[ 1870.140574][   T24] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[ 1870.177693][T24349] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1870.194673][T24349] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1870.224890][T24349] bond0 (unregistering): Released all slaves
[ 1870.288248][T24359] bridge0: port 1(batadv5) entered blocking state
[ 1870.295403][T24359] bridge0: port 1(batadv5) entered disabled state
[ 1870.350565][T24359] batadv5: entered allmulticast mode
[ 1870.357403][T24359] batadv5: entered promiscuous mode
[ 1870.409458][   T24] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1870.438260][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1870.478242][   T24] usb 2-1: config 0 descriptor??
[ 1870.882165][   T55] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[ 1870.951699][T11567] usb 3-1: new full-speed USB device number 111 using dummy_hcd
[ 1870.991905][   T37] batman_adv: batadv5: No IGMP Querier present - multicast optimizations disabled
[ 1871.001332][   T37] batman_adv: batadv5: No MLD Querier present - multicast optimizations disabled
[ 1871.044319][   T55] usb 4-1: device descriptor read/64, error -71
[ 1871.114631][T11567] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 1871.135666][T11567] usb 3-1: config 0 has no interface number 0
[ 1871.156589][T11567] usb 3-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[ 1871.220992][T11567] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1871.266258][T11567] usb 3-1: config 0 descriptor??
[ 1871.341851][   T55] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[ 1871.349998][   T24] usb 2-1: Cannot set autoneg
[ 1871.356369][   T24] MOSCHIP usb-ethernet driver 2-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -32
[ 1871.373309][T11567] usb 3-1: selecting invalid altsetting 1
[ 1871.394357][T11567] dvb_ttusb_budget: ttusb_init_controller: error
[ 1871.460256][T11567] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[ 1871.512533][   T55] usb 4-1: device descriptor read/64, error -71
[ 1871.631759][   T55] usb usb4-port1: attempt power cycle
[ 1871.803766][T11567] DVB: Unable to find symbol cx22700_attach()
[ 1872.050415][   T55] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[ 1872.109251][T11567] DVB: Unable to find symbol tda10046_attach()
[ 1872.121077][   T55] usb 4-1: device descriptor read/8, error -71
[ 1872.167346][T11567] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[ 1872.232361][T11567] usb 3-1: USB disconnect, device number 111
[ 1872.356097][ T5952] usb 2-1: USB disconnect, device number 15
[ 1872.391396][   T55] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[ 1872.477190][   T55] usb 4-1: device descriptor read/8, error -71
[ 1872.575581][T24401] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1872.599958][T24401] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1872.628928][   T55] usb usb4-port1: unable to enumerate USB device
[ 1872.660283][T11567] usb 3-1: new high-speed USB device number 112 using dummy_hcd
[ 1872.780362][ T5952] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 1872.820407][T11567] usb 3-1: Using ep0 maxpacket: 16
[ 1872.832407][T11567] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1872.842712][T11567] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1872.858678][T11567] usb 3-1: config 1 has no interface number 1
[ 1872.865141][T11567] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1872.889678][T11567] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1872.929668][T11567] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1872.945710][T11567] usb 3-1: Product: syz
[ 1872.950372][ T5952] usb 2-1: Using ep0 maxpacket: 32
[ 1872.976145][ T5952] usb 2-1: config 0 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1872.990558][T11567] usb 3-1: Manufacturer: ㋓䪭넞࿁帹噂﫞㖙聨氥׊쾨೜珁쟶᡻顲냺ຍ鷎䮩론낎Ⴁ푛꺄쐣韁伜ﳊ錠䑙젤耹鯈軺䲔䠚愿䅺짶뷍袴ή쳆듪圃⪠驳톒㘤춝뵐휙쉘翓쎼㈡김惞ല⩾꛼㾐
[ 1873.020347][ T5952] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1873.027044][ T5952] usb 2-1: New USB device found, idVendor=0c70, idProduct=f00e, bcdDevice= 0.00
[ 1873.036507][T11567] usb 3-1: SerialNumber: syz
[ 1873.041581][ T5952] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1873.065360][ T5952] usb 2-1: config 0 descriptor??
[ 1873.129906][T24411] netlink: 4400 bytes leftover after parsing attributes in process `syz.5.4495'.
[ 1873.278286][T11567] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found
[ 1873.509221][T11567] usb 3-1: USB disconnect, device number 112
[ 1873.693257][T23948] udevd[23948]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1873.921466][ T5952] usbhid 2-1:0.0: can't add hid device: -71
[ 1873.950955][ T5952] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1874.040715][ T5952] usb 2-1: USB disconnect, device number 16
[ 1874.434427][T24428] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4498'.
[ 1874.447265][T24428] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4498'.
[ 1875.010696][   T55] usb 2-1: new full-speed USB device number 17 using dummy_hcd
[ 1875.174065][   T55] usb 2-1: New USB device found, idVendor=13d8, idProduct=0020, bcdDevice=f7.31
[ 1875.310297][   T55] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1875.358864][   T55] usb 2-1: config 0 descriptor??
[ 1875.473224][   T55] usb 2-1: selecting invalid altsetting 3
[ 1875.516229][   T55] comedi comedi5: could not set alternate setting 3 in high speed
[ 1875.601554][   T55] usbduxsigma 2-1:0.0: driver 'usbduxsigma' failed to auto-configure device.
[ 1875.681679][   T55] usbduxsigma 2-1:0.0: probe with driver usbduxsigma failed with error -22
[ 1875.730979][   T55] usb 2-1: USB disconnect, device number 17
[ 1876.841897][T24462] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1876.938023][T24453] vim2m vim2m.0: vidioc_s_fmt queue busy
[ 1878.274727][T24482] bridge0: port 2(batadv6) entered blocking state
[ 1878.330595][T24482] bridge0: port 2(batadv6) entered disabled state
[ 1878.352056][   T24] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[ 1878.377691][T24482] batadv6: entered allmulticast mode
[ 1878.404700][T24482] batadv6: entered promiscuous mode
[ 1878.511392][   T24] usb 4-1: Using ep0 maxpacket: 8
[ 1878.519211][   T24] usb 4-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[ 1878.569739][   T24] usb 4-1: config 6 interface 0 altsetting 0 has an endpoint descriptor with address 0xEC, changing to 0x8C
[ 1878.627897][   T24] usb 4-1: config 6 interface 0 altsetting 0 endpoint 0x8C has invalid wMaxPacketSize 0
[ 1878.659681][   T24] usb 4-1: config 6 interface 0 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 0
[ 1878.709267][   T24] usb 4-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[ 1878.719034][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1878.741941][   T24] usb 4-1: Product: syz
[ 1878.763196][   T24] usb 4-1: Manufacturer: syz
[ 1878.807203][   T24] usb 4-1: SerialNumber: syz
[ 1878.837627][T23396] batman_adv: batadv6: No IGMP Querier present - multicast optimizations disabled
[ 1878.847146][T23396] batman_adv: batadv6: No MLD Querier present - multicast optimizations disabled
[ 1878.861725][   T24] hso 4-1:6.0: Can't find BULK OUT endpoint
[ 1879.040324][   T55] usb 4-1: USB disconnect, device number 25
[ 1879.120262][ T5931] usb 3-1: new high-speed USB device number 113 using dummy_hcd
[ 1879.472814][ T5931] usb 3-1: Using ep0 maxpacket: 8
[ 1879.480036][ T5931] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1879.490834][ T5931] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1879.539511][ T5931] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[ 1879.549342][ T5931] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1879.564386][ T5931] usb 3-1: Product: syz
[ 1879.569001][ T5931] usb 3-1: Manufacturer: syz
[ 1879.595140][ T5931] usb 3-1: SerialNumber: syz
[ 1879.654593][ T5931] usb 3-1: bad CDC descriptors
[ 1879.681347][ T5931] usbtest 3-1:1.0: couldn't get endpoints, -22
[ 1879.687640][ T5931] usbtest 3-1:1.0: probe with driver usbtest failed with error -22
[ 1879.786896][T24492] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1879.817729][T24495] FAULT_INJECTION: forcing a failure.
[ 1879.817729][T24495] name failslab, interval 1, probability 0, space 0, times 0
[ 1879.844819][T24494] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4515'.
[ 1879.870639][ T5931] usb 3-1: USB disconnect, device number 113
[ 1879.910822][T24495] CPU: 0 UID: 0 PID: 24495 Comm: syz.1.4516 Not tainted syzkaller #0 PREEMPT(full) 
[ 1879.910852][T24495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1879.910867][T24495] Call Trace:
[ 1879.910877][T24495]  <TASK>
[ 1879.910887][T24495]  dump_stack_lvl+0x189/0x250
[ 1879.910921][T24495]  ? __pfx____ratelimit+0x10/0x10
[ 1879.910956][T24495]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1879.910982][T24495]  ? __pfx__printk+0x10/0x10
[ 1879.911016][T24495]  ? __lock_acquire+0xab9/0xd20
[ 1879.911060][T24495]  should_fail_ex+0x414/0x560
[ 1879.911100][T24495]  should_failslab+0xa8/0x100
[ 1879.911135][T24495]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1879.911165][T24495]  ? skb_clone+0x212/0x3a0
[ 1879.911174][T24492] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1879.911199][T24495]  skb_clone+0x212/0x3a0
[ 1879.911240][T24495]  __netlink_deliver_tap+0x404/0x850
[ 1879.911297][T24495]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1879.911329][T24495]  netlink_deliver_tap+0x19c/0x1b0
[ 1879.911361][T24495]  netlink_unicast+0x7fa/0x9e0
[ 1879.911411][T24495]  ? __pfx_netlink_unicast+0x10/0x10
[ 1879.911454][T24495]  ? netlink_sendmsg+0x642/0xb30
[ 1879.911480][T24495]  ? skb_put+0x11b/0x210
[ 1879.911515][T24495]  netlink_sendmsg+0x805/0xb30
[ 1879.911554][T24495]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1879.911586][T24495]  ? aa_sock_msg_perm+0xf1/0x1d0
[ 1879.911614][T24495]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1879.911642][T24495]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1879.911673][T24495]  __sock_sendmsg+0x219/0x270
[ 1879.911712][T24495]  ____sys_sendmsg+0x505/0x830
[ 1879.911753][T24495]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1879.911797][T24495]  ? import_iovec+0x74/0xa0
[ 1879.911841][T24495]  ___sys_sendmsg+0x21f/0x2a0
[ 1879.911877][T24495]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1879.911962][T24495]  ? __fget_files+0x2a/0x420
[ 1879.911986][T24495]  ? __fget_files+0x3a0/0x420
[ 1879.912022][T24495]  __x64_sys_sendmsg+0x19b/0x260
[ 1879.912059][T24495]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1879.912104][T24495]  ? __pfx_ksys_write+0x10/0x10
[ 1879.912134][T24495]  ? rcu_is_watching+0x15/0xb0
[ 1879.912168][T24495]  ? do_syscall_64+0xbe/0x3b0
[ 1879.912202][T24495]  do_syscall_64+0xfa/0x3b0
[ 1879.912229][T24495]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1879.912255][T24495]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1879.912279][T24495]  ? clear_bhb_loop+0x60/0xb0
[ 1879.912311][T24495]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1879.912334][T24495] RIP: 0033:0x7fe1abd8eec9
[ 1879.912358][T24495] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1879.912381][T24495] RSP: 002b:00007fe1a9ff6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1879.912408][T24495] RAX: ffffffffffffffda RBX: 00007fe1abfe5fa0 RCX: 00007fe1abd8eec9
[ 1879.912429][T24495] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[ 1879.912444][T24495] RBP: 00007fe1a9ff6090 R08: 0000000000000000 R09: 0000000000000000
[ 1879.912460][T24495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1879.912476][T24495] R13: 00007fe1abfe6038 R14: 00007fe1abfe5fa0 R15: 00007fe1ac10fa28
[ 1879.912514][T24495]  </TASK>
[ 1880.220458][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1880.569039][T24501] netlink: 'syz.3.4518': attribute type 1 has an invalid length.
[ 1880.790845][ T5931] usb 6-1: new high-speed USB device number 87 using dummy_hcd
[ 1880.954554][ T5931] usb 6-1: Using ep0 maxpacket: 8
[ 1880.973826][ T5931] usb 6-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[ 1880.988221][ T5931] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1881.008800][ T5931] usb 6-1: Product: syz
[ 1881.017621][ T5931] usb 6-1: Manufacturer: syz
[ 1881.027455][ T5931] usb 6-1: SerialNumber: syz
[ 1881.041410][ T5931] usb 6-1: config 0 descriptor??
[ 1881.064571][ T5931] gspca_main: se401-2.14.0 probing 047d:5003
[ 1881.380383][   T55] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[ 1881.452415][ T5931] gspca_se401: Too many frame sizes
[ 1881.472674][T24531] kvm: pic: non byte read
[ 1881.477655][T24531] kvm: pic: level sensitive irq not supported
[ 1881.477779][T24531] kvm: pic: non byte read
[ 1881.489990][T24531] kvm: pic: level sensitive irq not supported
[ 1881.490064][T24531] kvm: pic: non byte read
[ 1881.502411][T24531] kvm: pic: level sensitive irq not supported
[ 1881.502484][T24531] kvm: pic: non byte read
[ 1881.514067][T24531] kvm: pic: level sensitive irq not supported
[ 1881.514141][T24531] kvm: pic: non byte read
[ 1881.525856][T24531] kvm: pic: level sensitive irq not supported
[ 1881.526017][T24531] kvm: pic: non byte read
[ 1881.538475][T24531] kvm: pic: level sensitive irq not supported
[ 1881.538551][T24531] kvm: pic: non byte read
[ 1881.550072][T24531] kvm: pic: level sensitive irq not supported
[ 1881.550291][   T55] usb 4-1: Using ep0 maxpacket: 8
[ 1881.550462][T24531] kvm: pic: non byte read
[ 1881.566950][T24531] kvm: pic: level sensitive irq not supported
[ 1881.567025][T24531] kvm: pic: non byte read
[ 1881.572427][   T55] usb 4-1: New USB device found, idVendor=0c98, idProduct=1140, bcdDevice=f0.21
[ 1881.605654][   T55] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1881.614643][   T55] usb 4-1: Product: syz
[ 1881.618868][   T55] usb 4-1: Manufacturer: syz
[ 1881.641749][   T55] usb 4-1: SerialNumber: syz
[ 1881.655794][ T5952] usb 6-1: USB disconnect, device number 87
[ 1881.661438][   T55] usb 4-1: config 0 descriptor??
[ 1881.702869][   T55] pcwd_usb: The device isn't a Human Interface Device
[ 1881.819356][T24537] input: syz1 as /devices/virtual/input/input75
[ 1881.896458][   T55] usb 4-1: USB disconnect, device number 26
[ 1881.987310][T24541] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1881.998803][T24541] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1882.009951][T24542] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1882.021308][T24542] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1882.111685][ T5931] usb 3-1: new high-speed USB device number 114 using dummy_hcd
[ 1882.237132][T24544] fuse: Unknown parameter 'o]l#Gݟ��.�cΨ����G�o���>�W�'
[ 1882.280278][ T5931] usb 3-1: Using ep0 maxpacket: 16
[ 1882.287530][ T5931] usb 3-1: config index 0 descriptor too short (expected 31780, got 36)
[ 1882.297374][ T5931] usb 3-1: config 27 has too many interfaces: 185, using maximum allowed: 32
[ 1882.348082][ T5931] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 1882.358550][ T5931] usb 3-1: config 27 has 1 interface, different from the descriptor's value: 185
[ 1882.374152][ T5931] usb 3-1: New USB device found, idVendor=0c45, idProduct=6240, bcdDevice=86.ae
[ 1882.395085][ T5931] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1882.403515][ T5931] usb 3-1: Product: syz
[ 1882.407737][ T5931] usb 3-1: Manufacturer: syz
[ 1882.413628][ T5931] usb 3-1: SerialNumber: syz
[ 1882.647789][ T5931] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:6240
[ 1882.675203][ T5931] gspca_sn9c20x: Write register 1000 failed -71
[ 1882.689854][ T5931] gspca_sn9c20x: Device initialization failed
[ 1882.698745][ T5931] gspca_sn9c20x 3-1:27.0: probe with driver gspca_sn9c20x failed with error -71
[ 1882.701779][T24554] input: syz1 as /devices/virtual/input/input76
[ 1882.716284][ T5931] usb 3-1: USB disconnect, device number 114
[ 1883.042175][T24562] netlink: 'syz.3.4536': attribute type 17 has an invalid length.
[ 1883.692380][T24582] netlink: 161024 bytes leftover after parsing attributes in process `syz.2.4540'.
[ 1883.702271][T24582] netlink: zone id is out of range
[ 1883.707537][T24582] netlink: zone id is out of range
[ 1883.730278][T24582] netlink: zone id is out of range
[ 1883.759134][T24582] netlink: zone id is out of range
[ 1883.789596][T24582] netlink: zone id is out of range
[ 1883.795951][T24582] netlink: zone id is out of range
[ 1883.826731][T24582] netlink: zone id is out of range
[ 1883.840313][ T5952] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[ 1883.844349][T24582] netlink: zone id is out of range
[ 1883.860358][T24582] netlink: zone id is out of range
[ 1883.931993][T24582] netlink: zone id is out of range
[ 1884.046750][T24580] tipc: Failed to remove unknown binding: 66,1,1/1334534014:1134128149/1134128151
[ 1884.058208][T24580] tipc: Failed to remove unknown binding: 66,1,1/1334534014:1134128149/1134128151
[ 1884.068910][T24580] tipc: Failed to remove unknown binding: 66,1,1/1334534014:1134128149/1134128151
[ 1884.385884][ T5952] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1884.470623][ T5952] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1884.540432][ T5952] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1884.696885][ T5952] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1884.934843][ T5952] usb 2-1: usb_control_msg returned -32
[ 1884.961820][ T5952] usbtmc 2-1:16.0: can't read capabilities
[ 1885.501683][T24606] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4546'.
[ 1885.556119][ T5952] IPVS: starting estimator thread 0...
[ 1885.670334][T24607] IPVS: using max 36 ests per chain, 86400 per kthread
[ 1886.130787][ T5952] usb 3-1: new high-speed USB device number 115 using dummy_hcd
[ 1886.312646][ T5952] usb 3-1: Using ep0 maxpacket: 16
[ 1886.345170][ T5952] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1886.388451][ T5952] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1886.427001][ T5952] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1886.458942][ T5952] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1886.489966][ T5952] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1886.524109][   T55] usb 2-1: USB disconnect, device number 18
[ 1886.539985][ T5952] usb 3-1: Product: syz
[ 1886.551036][ T5952] usb 3-1: Manufacturer: syz
[ 1886.586466][ T5952] usb 3-1: SerialNumber: syz
[ 1886.926973][ T5952] usb 3-1: 0:2 : does not exist
[ 1886.959012][ T5952] usb 3-1: 1:0: cannot get min/max values for control 4 (id 1)
[ 1887.108669][ T5952] usb 3-1: USB disconnect, device number 115
[ 1887.353798][T23672] udevd[23672]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1889.000547][   T55] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 1889.171900][   T55] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1889.191656][   T55] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1889.260602][   T55] usb 2-1: config 0 descriptor??
[ 1889.571319][T24661] ALSA: mixer_oss: invalid index -1404626105
[ 1889.698577][T24664] netlink: 84 bytes leftover after parsing attributes in process `syz.5.4558'.
[ 1889.719603][T24664] No buffer was provided with the request
[ 1889.728580][T24664] trusted_key: encrypted_key: insufficient parameters specified
[ 1890.011822][T24667] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1890.154949][T24670] vivid-004: disconnect
[ 1891.017431][T24668] vivid-004: reconnect
[ 1891.737048][   T55] usb 2-1: string descriptor 0 read error: -71
[ 1891.771734][   T55] usb 2-1: USB disconnect, device number 19
[ 1894.021094][T24705] netlink: 20 bytes leftover after parsing attributes in process `syz.3.4568'.
[ 1894.771528][T24722] sg_write: data in/out 832763164/24 bytes for SCSI command 0x4-- guessing data in;
[ 1894.771528][T24722]    program syz.2.4572 not setting count and/or reply_len properly
[ 1895.120367][   T55] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1895.172579][T24726] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1895.187581][T24726] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1895.217723][T24728] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4575'.
[ 1895.240619][T24728] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4575'.
[ 1895.240664][T24729] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4575'.
[ 1895.261647][   T55] usb 2-1: device descriptor read/64, error -71
[ 1895.280468][T24729] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4575'.
[ 1895.341144][T23424] usb 3-1: new high-speed USB device number 116 using dummy_hcd
[ 1895.500549][   T55] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[ 1895.511195][T23424] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1895.532492][T23424] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1895.557724][T23424] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1895.573494][T23424] usb 3-1: config 0 descriptor??
[ 1895.650426][   T55] usb 2-1: device descriptor read/64, error -71
[ 1895.767123][   T55] usb usb2-port1: attempt power cycle
[ 1895.802625][T23424] usbhid 3-1:0.0: can't add hid device: -71
[ 1895.808743][T23424] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1895.856889][T24743] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4578'.
[ 1895.866690][T24743] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4578'.
[ 1895.917589][T23424] usb 3-1: USB disconnect, device number 116
[ 1896.386145][   T55] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[ 1896.458487][   T55] usb 2-1: device descriptor read/8, error -71
[ 1896.572329][T23424] usb 3-1: new high-speed USB device number 117 using dummy_hcd
[ 1896.720274][   T55] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[ 1896.762326][T23424] usb 3-1: Using ep0 maxpacket: 32
[ 1896.782746][   T55] usb 2-1: device descriptor read/8, error -71
[ 1896.790109][T23424] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1896.816504][T23424] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[ 1896.839711][T23424] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1896.879905][T23424] usb 3-1: config 0 descriptor??
[ 1896.919057][T23424] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1896.920827][   T55] usb usb2-port1: unable to enumerate USB device
[ 1896.959475][T23424] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1897.110686][ T5952] usb 3-1: USB disconnect, device number 117
[ 1897.120815][ T5952] ldusb 3-1:0.0: LD USB Device #0 now disconnected
[ 1898.960254][   T55] usb 6-1: new high-speed USB device number 88 using dummy_hcd
[ 1899.062520][T24769] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1899.077531][T24769] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1899.161640][   T55] usb 6-1: Using ep0 maxpacket: 16
[ 1899.223318][   T55] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 7
[ 1899.325217][   T55] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1899.339262][   T55] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1899.348722][   T55] usb 6-1: Product: syz
[ 1899.354264][   T55] usb 6-1: Manufacturer: syz
[ 1899.358978][   T55] usb 6-1: SerialNumber: syz
[ 1899.421405][   T55] usb 6-1: config 0 descriptor??
[ 1899.502695][   T30] kauditd_printk_skb: 11 callbacks suppressed
[ 1899.502715][   T30] audit: type=1326 audit(1759168453.735:1606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24772 comm="syz.1.4587" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe1abd8eec9 code=0x0
[ 1900.350584][T23424] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[ 1900.425336][T24800] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1900.437746][T24800] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1900.507791][T24802] netlink: 32 bytes leftover after parsing attributes in process `syz.1.4595'.
[ 1900.519732][T23424] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1900.552486][T23424] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 1900.636827][T23424] usb 4-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.00
[ 1900.732151][T23424] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1900.956916][T23424] usb 4-1: config 0 descriptor??
[ 1901.450959][   T55] usb 6-1: USB disconnect, device number 88
[ 1901.470202][T23424] usbhid 4-1:0.0: can't add hid device: -32
[ 1901.476610][T23424] usbhid 4-1:0.0: probe with driver usbhid failed with error -32
[ 1903.145835][ T5952] usb 4-1: USB disconnect, device number 28
[ 1903.620816][ T5952] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[ 1903.992425][ T5952] usb 4-1: Using ep0 maxpacket: 8
[ 1904.010689][ T5952] usb 4-1: config 1 interface 0 altsetting 3 bulk endpoint 0x82 has invalid maxpacket 64
[ 1904.022503][ T5952] usb 4-1: config 1 interface 0 altsetting 3 bulk endpoint 0x3 has invalid maxpacket 1023
[ 1904.044938][ T5952] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1904.142532][ T5952] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1904.176553][ T5952] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1904.230440][ T5952] usb 4-1: Product: syz
[ 1904.303201][ T5952] usb 4-1: Manufacturer: syz
[ 1904.337921][ T5952] usb 4-1: SerialNumber: syz
[ 1904.399043][T24832] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1904.409832][T24832] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1904.573294][T24860] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1904.582617][T24860] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1905.081854][T24832] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4603'.
[ 1905.493336][T24866] wireguard0: entered promiscuous mode
[ 1905.509805][T24866] wireguard0: entered allmulticast mode
[ 1905.831889][ T5952] usb 4-1: bad CDC descriptors
[ 1905.846849][ T5952] usb 4-1: USB disconnect, device number 29
[ 1906.979830][T24888] netlink: 27 bytes leftover after parsing attributes in process `syz.0.4616'.
[ 1907.021133][T24888] netlink: 27 bytes leftover after parsing attributes in process `syz.0.4616'.
[ 1907.516831][T24897] fuse: Unknown parameter 'EV�0x0000000000000005'
[ 1907.603916][T24897] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1907.693090][T24895] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4620'.
[ 1907.702278][   T24] usb 3-1: new high-speed USB device number 118 using dummy_hcd
[ 1907.715030][T24897] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1907.750409][T24895] netlink: 'syz.3.4620': attribute type 1 has an invalid length.
[ 1907.766306][T24903] tipc: Started in network mode
[ 1907.785994][T24903] tipc: Node identity cafecbd54ffd, cluster identity 4711
[ 1907.799070][T24903] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1907.825279][T24903] tipc: Resetting bearer <eth:syzkaller0>
[ 1907.851339][T24902] tipc: Disabling bearer <eth:syzkaller0>
[ 1907.886421][   T24] usb 3-1: config 0 has an invalid interface number: 3 but max is 0
[ 1907.915067][   T24] usb 3-1: config 0 has no interface number 0
[ 1907.988075][   T24] usb 3-1: config 0 interface 3 altsetting 0 endpoint 0xD has an invalid bInterval 104, changing to 10
[ 1908.116017][   T24] usb 3-1: config 0 interface 3 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[ 1908.149073][   T24] usb 3-1: New USB device found, idVendor=1660, idProduct=1921, bcdDevice=1f.84
[ 1908.166574][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1908.185148][   T24] usb 3-1: Product: syz
[ 1908.189929][   T24] usb 3-1: Manufacturer: syz
[ 1908.208173][   T24] usb 3-1: SerialNumber: syz
[ 1908.274753][   T24] usb 3-1: config 0 descriptor??
[ 1908.558898][T24912] program syz.5.4623 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1908.775878][   T24] dvb-usb: found a 'Medion CTX1921 DVB-T USB' in warm state.
[ 1908.919633][   T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1908.945612][   T24] dvbdev: DVB: registering new adapter (Medion CTX1921 DVB-T USB)
[ 1908.954898][   T24] usb 3-1: media controller created
[ 1909.025232][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1909.186285][   T24] DVB: Unable to find symbol dib7000p_attach()
[ 1909.194367][   T24] dvb-usb: no frontend was attached by 'Medion CTX1921 DVB-T USB'
[ 1909.342429][   T24] rc_core: IR keymap rc-dib0700-rc5 not found
[ 1909.356352][   T24] Registered IR keymap rc-empty
[ 1909.362132][   T24] dvb-usb: could not initialize remote control.
[ 1909.368612][   T24] dvb-usb: Medion CTX1921 DVB-T USB successfully initialized and connected.
[ 1909.399607][   T24] usb 3-1: USB disconnect, device number 118
[ 1909.472213][   T24] dvb-usb: Medion CTX1921 DVB-T USB successfully deinitialized and disconnected.
[ 1909.534404][ T5952] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[ 1909.690237][ T5952] usb 2-1: Using ep0 maxpacket: 16
[ 1909.698558][ T5952] usb 2-1: config index 0 descriptor too short (expected 4495, got 71)
[ 1909.708180][ T5952] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[ 1909.717629][ T5952] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1909.734391][ T5952] usb 2-1: config 0 has no interface number 0
[ 1909.743790][ T5952] usb 2-1: New USB device found, idVendor=046c, idProduct=14e0, bcdDevice= 0.01
[ 1909.758028][ T5952] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1909.767231][ T5952] usb 2-1: Product: syz
[ 1909.774061][ T5952] usb 2-1: Manufacturer: syz
[ 1909.779429][ T5952] usb 2-1: SerialNumber: syz
[ 1909.792962][ T5952] usb 2-1: config 0 descriptor??
[ 1910.632201][T24929] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1910.730741][T24929] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1910.830450][   T24] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[ 1911.030259][   T24] usb 4-1: Using ep0 maxpacket: 16
[ 1911.090348][   T24] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 7
[ 1911.356757][   T24] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1911.475349][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1911.567313][   T24] usb 4-1: Product: syz
[ 1911.609166][   T24] usb 4-1: Manufacturer: syz
[ 1911.698431][   T24] usb 4-1: SerialNumber: syz
[ 1911.746199][ T5952] usb 2-1: Found UVC 0.00 device syz (046c:14e0)
[ 1911.758324][   T24] usb 4-1: config 0 descriptor??
[ 1911.775948][ T5952] usb 2-1: No valid video chain found.
[ 1911.813976][ T5952] usb 2-1: USB disconnect, device number 24
[ 1911.986507][   T30] audit: type=1326 audit(1759168466.215:1607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24943 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1912.179450][   T30] audit: type=1326 audit(1759168466.245:1608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24943 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1912.435743][   T30] audit: type=1326 audit(1759168466.245:1609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24943 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe1abd8d710 code=0x7ffc0000
[ 1912.952184][   T30] audit: type=1326 audit(1759168466.245:1610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24943 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1913.012646][   T30] audit: type=1326 audit(1759168466.245:1611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24943 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1913.036428][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1913.305963][   T24] usb 4-1: USB disconnect, device number 30
[ 1913.372583][   T30] audit: type=1326 audit(1759168466.255:1612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24943 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1913.512872][   T30] audit: type=1326 audit(1759168466.255:1613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24943 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1913.606575][   T30] audit: type=1326 audit(1759168466.255:1614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24943 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1913.635065][   T30] audit: type=1326 audit(1759168466.255:1615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24943 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1913.656747][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1913.828226][   T30] audit: type=1326 audit(1759168466.285:1616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24943 comm="" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe1abd8eec9 code=0x7ffc0000
[ 1913.955694][T24967] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1914.033575][T24967] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1914.113969][T24967] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1914.250388][T24967] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1914.329119][    T9] usb 6-1: new high-speed USB device number 89 using dummy_hcd
[ 1914.558440][    T9] usb 6-1: device descriptor read/64, error -71
[ 1914.906214][    T9] usb 6-1: new high-speed USB device number 90 using dummy_hcd
[ 1915.173417][    T9] usb 6-1: device descriptor read/64, error -71
[ 1915.284227][    T9] usb usb6-port1: attempt power cycle
[ 1915.721660][    T9] usb 6-1: new high-speed USB device number 91 using dummy_hcd
[ 1915.791079][    T9] usb 6-1: device descriptor read/8, error -71
[ 1916.060495][    T9] usb 6-1: new high-speed USB device number 92 using dummy_hcd
[ 1916.161944][    T9] usb 6-1: device descriptor read/8, error -71
[ 1916.472611][    T9] usb usb6-port1: unable to enumerate USB device
[ 1917.300797][T24991] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1917.782197][ T5952] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[ 1918.002221][ T5952] usb 2-1: config 0 has an invalid interface number: 114 but max is 0
[ 1918.011065][ T5952] usb 2-1: config 0 has no interface number 0
[ 1918.019527][ T5952] usb 2-1: New USB device found, idVendor=0547, idProduct=2720, bcdDevice=13.67
[ 1918.030379][ T5952] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1918.264153][ T5952] usb 2-1: Product: syz
[ 1918.268403][ T5952] usb 2-1: Manufacturer: syz
[ 1918.314727][ T5952] usb 2-1: SerialNumber: syz
[ 1918.366567][ T5952] usb 2-1: config 0 descriptor??
[ 1918.786317][    T9] usb 3-1: new high-speed USB device number 119 using dummy_hcd
[ 1918.805734][T24998] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1919.206151][T24998] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1919.490430][    T9] usb 3-1: Using ep0 maxpacket: 16
[ 1919.525336][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1919.630380][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1919.697975][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1919.743557][ T5952] cdc_subset 2-1:0.114: probe with driver cdc_subset failed with error -71
[ 1919.773454][    T9] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1919.831771][ T5952] usb 2-1: USB disconnect, device number 25
[ 1919.840273][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1919.927495][    T9] usb 3-1: config 0 descriptor??
[ 1919.984138][T25024] netlink: 92 bytes leftover after parsing attributes in process `syz.0.4653'.
[ 1919.996807][T25024] netlink: 64 bytes leftover after parsing attributes in process `syz.0.4653'.
[ 1920.032122][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[ 1920.038561][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[ 1920.735315][    T9] microsoft 0003:045E:07DA.0045: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[ 1920.813230][    T9] microsoft 0003:045E:07DA.0045: no inputs found
[ 1920.859439][    T9] microsoft 0003:045E:07DA.0045: could not initialize ff, continuing anyway
[ 1921.791632][T25047] input: syz1 as /devices/virtual/input/input79
[ 1923.814044][    T9] usb 3-1: USB disconnect, device number 119
[ 1924.123953][T25072] netlink: 596 bytes leftover after parsing attributes in process `syz.0.4664'.
[ 1924.459334][T25088] loop2: detected capacity change from 0 to 7
[ 1924.459999][T25081] can: request_module (can-proto-0) failed.
[ 1924.485549][T23672]  loop2:
[ 1924.488713][T23672] loop2: partition table partially beyond EOD, truncated
[ 1924.508619][T25088]  loop2:
[ 1924.518042][T25088] loop2: partition table partially beyond EOD, truncated
[ 1924.789407][T25102] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.4673'.
[ 1925.089958][T25114] netlink: 596 bytes leftover after parsing attributes in process `syz.3.4679'.
[ 1925.269401][T25119] input: syz1 as /devices/virtual/input/input80
[ 1926.070639][    T9] usb 6-1: new high-speed USB device number 93 using dummy_hcd
[ 1926.231787][    T9] usb 6-1: Using ep0 maxpacket: 8
[ 1926.240010][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[ 1926.253929][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1926.279529][    T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1926.300678][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[ 1926.328654][    T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1926.354031][    T9] usb 6-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[ 1926.365660][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1926.390839][    T9] usb 6-1: config 0 descriptor??
[ 1926.397517][T25130] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1927.634780][T25157] netlink: 16 bytes leftover after parsing attributes in process `syz.3.4691'.
[ 1927.656891][T15018] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1927.677790][T15018] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1927.688135][    T9] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1927.795666][   T30] kauditd_printk_skb: 18 callbacks suppressed
[ 1927.795686][   T30] audit: type=1326 audit(1759168482.025:1635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25163 comm="syz.3.4693" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feffcd8eec9 code=0x7f7f0000
[ 1927.889010][T25168] x_tables: ip_tables: recent.0 match: invalid size 216 (kernel) != (user) 4096
[ 1927.919156][T25168] binder: 25161:25168 ioctl 4018620d 0 returned -22
[ 1928.031344][    T9] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1928.468168][T17571] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[ 1928.690590][    T9] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1928.783136][    T9] usb 6-1: USB disconnect, device number 93
[ 1930.200457][T25186] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1930.243069][T25186] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1930.821067][T25193] fuse: Unknown parameter 'rootmnde'
[ 1931.900490][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1932.080488][ T5952] usb 6-1: new high-speed USB device number 94 using dummy_hcd
[ 1932.310270][ T5952] usb 6-1: device descriptor read/64, error -71
[ 1932.550244][ T5952] usb 6-1: new high-speed USB device number 95 using dummy_hcd
[ 1932.710473][ T5952] usb 6-1: device descriptor read/64, error -71
[ 1932.840893][ T5952] usb usb6-port1: attempt power cycle
[ 1933.126159][T25235] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4711'.
[ 1933.202654][ T5952] usb 6-1: new high-speed USB device number 96 using dummy_hcd
[ 1933.264869][ T5952] usb 6-1: device descriptor read/8, error -71
[ 1933.520281][ T5952] usb 6-1: new high-speed USB device number 97 using dummy_hcd
[ 1933.552984][ T5952] usb 6-1: device descriptor read/8, error -71
[ 1933.661558][ T5952] usb usb6-port1: unable to enumerate USB device
[ 1933.761521][T25237] GUP no longer grows the stack in syz.2.4712 (25237): 200000005000-200000008000 (200000004000)
[ 1933.823208][T25237] CPU: 0 UID: 0 PID: 25237 Comm: syz.2.4712 Not tainted syzkaller #0 PREEMPT(full) 
[ 1933.823239][T25237] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1933.823253][T25237] Call Trace:
[ 1933.823261][T25237]  <TASK>
[ 1933.823270][T25237]  dump_stack_lvl+0x189/0x250
[ 1933.823304][T25237]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1933.823329][T25237]  ? __pfx__printk+0x10/0x10
[ 1933.823354][T25237]  ? find_vma+0xe7/0x160
[ 1933.823394][T25237]  fixup_user_fault+0x661/0x720
[ 1933.823426][T25237]  fault_in_user_writeable+0x72/0xe0
[ 1933.823451][T25237]  futex_lock_pi+0x773/0xa90
[ 1933.823489][T25237]  ? __pfx_futex_lock_pi+0x10/0x10
[ 1933.823548][T25237]  ? __pfx_futex_wake_mark+0x10/0x10
[ 1933.823592][T25237]  ? get_signal+0x1151/0x1340
[ 1933.823624][T25237]  do_futex+0x292/0x420
[ 1933.823655][T25237]  ? __pfx_do_futex+0x10/0x10
[ 1933.823681][T25237]  ? arch_do_signal_or_restart+0x2d2/0x750
[ 1933.823720][T25237]  __se_sys_futex+0x36f/0x400
[ 1933.823753][T25237]  ? __pfx___se_sys_futex+0x10/0x10
[ 1933.823788][T25237]  ? __x64_sys_futex+0x21/0xf0
[ 1933.823817][T25237]  do_syscall_64+0xfa/0x3b0
[ 1933.823842][T25237]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1933.823861][T25237]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1933.823882][T25237]  ? clear_bhb_loop+0x60/0xb0
[ 1933.823906][T25237]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1933.823928][T25237] RIP: 0033:0x7f2c7518eec9
[ 1933.823948][T25237] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1933.823967][T25237] RSP: 002b:00007f2c7609a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[ 1933.823991][T25237] RAX: ffffffffffffffda RBX: 00007f2c753e5fa0 RCX: 00007f2c7518eec9
[ 1933.824007][T25237] RDX: 00000000fffffffd RSI: 000000000000008d RDI: 0000200000004000
[ 1933.824022][T25237] RBP: 00007f2c75211f91 R08: 0000000000000000 R09: 0000000000000000
[ 1933.824035][T25237] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1933.824049][T25237] R13: 00007f2c753e6038 R14: 00007f2c753e5fa0 R15: 00007f2c7550fa28
[ 1933.824085][T25237]  </TASK>
[ 1934.401077][    T9] usb 3-1: new high-speed USB device number 121 using dummy_hcd
[ 1934.630433][ T5952] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[ 1934.760476][ T5952] usb 4-1: device descriptor read/64, error -71
[ 1935.636739][ T5952] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[ 1935.780331][ T5952] usb 4-1: device descriptor read/64, error -71
[ 1935.900803][ T5952] usb usb4-port1: attempt power cycle
[ 1936.024394][T25264] netlink: 'syz.0.4718': attribute type 1 has an invalid length.
[ 1936.240303][ T5952] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[ 1936.325524][T25268] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1936.355141][ T5952] usb 4-1: device descriptor read/8, error -71
[ 1936.357505][T25268] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1936.519078][T25266] bond0: (slave bridge0): making interface the new active one
[ 1936.581761][T25266] bond0: (slave bridge0): Enslaving as an active interface with an up link
[ 1939.457353][T25271] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1939.490699][T25271] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1939.545173][T25279] netlink: 40 bytes leftover after parsing attributes in process `syz.3.4723'.
[ 1939.556085][T25280] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1939.573541][T25280] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1939.583025][T25275] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1939.620281][    T9] usb 3-1: device descriptor read/64, error -110
[ 1939.860536][    T9] usb 3-1: new high-speed USB device number 122 using dummy_hcd
[ 1939.990269][    T9] usb 3-1: device descriptor read/64, error -32
[ 1940.040202][T25291] program syz.3.4725 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1940.268034][T25294] netlink: 596 bytes leftover after parsing attributes in process `syz.2.4727'.
[ 1940.269170][    T9] usb usb3-port1: attempt power cycle
[ 1940.451806][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1940.490814][T11567] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[ 1940.740466][    T9] usb 3-1: new high-speed USB device number 123 using dummy_hcd
[ 1940.776672][    T9] usb 3-1: device descriptor read/8, error -32
[ 1940.784288][T11567] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1940.803160][T11567] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1940.813183][T11567] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1940.830220][T11567] usb 4-1: Product: syz
[ 1940.840980][T11567] usb 4-1: Manufacturer: syz
[ 1940.856152][T11567] usb 4-1: SerialNumber: syz
[ 1940.889123][T11567] usb 4-1: config 0 descriptor??
[ 1941.015129][    T9] raw-gadget.2 gadget.2: failed to queue suspend event
[ 1941.323965][    T9] raw-gadget.2 gadget.2: failed to queue reset event
[ 1941.524925][    T9] raw-gadget.2 gadget.2: failed to queue resume event
[ 1941.608852][    T9] usb 3-1: new high-speed USB device number 124 using dummy_hcd
[ 1941.756462][T25318] netlink: 'syz.2.4733': attribute type 1 has an invalid length.
[ 1941.811226][    C0] raw-gadget.2 gadget.2: ignoring, device is not running
[ 1941.818634][    T9] usb 3-1: device descriptor read/8, error -32
[ 1941.930384][    T9] raw-gadget.2 gadget.2: failed to queue suspend event
[ 1941.937795][    T9] usb usb3-port1: unable to enumerate USB device
[ 1942.084881][T25315] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1942.094158][T25315] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1942.296400][T25319] gretap2: entered promiscuous mode
[ 1942.314177][T25319] bond0: (slave gretap2): making interface the new active one
[ 1942.324383][T25319] bond0: (slave gretap2): Enslaving as an active interface with an up link
[ 1942.351394][T25321] macvlan0: entered promiscuous mode
[ 1942.356930][T25321] macvlan0: entered allmulticast mode
[ 1942.366586][T25321] bond0: entered promiscuous mode
[ 1942.376447][T25321] 8021q: adding VLAN 0 to HW filter on device macvlan0
[ 1942.407717][T25321] bond0: (slave macvlan0): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[ 1942.437281][T25321] bond0: left promiscuous mode
[ 1942.992653][    T9] usb 4-1: USB disconnect, device number 35
[ 1943.144270][T25324] syzkaller0: entered promiscuous mode
[ 1943.150597][T25324] syzkaller0: entered allmulticast mode
[ 1943.482819][T25325] kvm: pic: non byte write
[ 1943.747739][T25330] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4736'.
[ 1943.930997][   T24] usb 2-1: new full-speed USB device number 26 using dummy_hcd
[ 1944.112063][T25337] program syz.5.4737 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1944.497251][   T24] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xDF, changing to 0x8F
[ 1944.514638][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[ 1944.998992][   T24] usb 2-1: New USB device found, idVendor=077d, idProduct=0410, bcdDevice=ec.c1
[ 1945.019096][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1945.090671][   T24] usb 2-1: Product: syz
[ 1945.106898][   T24] usb 2-1: Manufacturer: syz
[ 1945.113059][   T24] usb 2-1: SerialNumber: syz
[ 1945.123702][   T24] usb 2-1: config 0 descriptor??
[ 1945.335166][T25328] fuse: Bad value for 'fd'
[ 1945.690015][   T24] input: Griffin PowerMate as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input81
[ 1946.819083][    C1] powermate: config urb returned -71
[ 1946.824932][    C1] powermate: config urb returned -71
[ 1946.831665][    C1] powermate: config urb returned -71
[ 1946.840248][    C1] powermate: config urb returned -71
[ 1947.097578][   T24] usb 2-1: USB disconnect, device number 26
[ 1947.103627][    C1] powermate 2-1:0.0: powermate_irq - usb_submit_urb failed with result: -19
[ 1947.600256][T25362] netlink: 596 bytes leftover after parsing attributes in process `syz.1.4743'.
[ 1948.630621][   T55] usb 6-1: new high-speed USB device number 98 using dummy_hcd
[ 1948.772230][T25379] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4747'.
[ 1948.783719][T25379] fanotify: failed to encode fid (type=0, len=0, err=-2)
[ 1948.860283][   T55] usb 6-1: Using ep0 maxpacket: 8
[ 1948.877169][   T55] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[ 1948.972822][   T55] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 64919, setting to 1024
[ 1949.084053][   T55] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 1024
[ 1949.139275][   T55] usb 6-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1949.213779][   T55] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[ 1949.230223][   T55] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1949.500686][   T55] usb 6-1: Product: syz
[ 1949.505189][   T55] usb 6-1: Manufacturer: syz
[ 1949.511383][   T55] usb 6-1: SerialNumber: syz
[ 1949.519924][T25383] program syz.3.4749 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1949.581758][T25370] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1949.589162][T25370] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1949.957645][   T55] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71
[ 1949.974949][   T55] usbtest 6-1:1.0: Linux user mode ISO test driver
[ 1949.982299][   T55] usbtest 6-1:1.0: high-speed {control bulk-in bulk-out} tests (+alt)
[ 1950.007597][   T55] usb 6-1: USB disconnect, device number 98
[ 1950.310838][T25402] netlink: 596 bytes leftover after parsing attributes in process `syz.2.4754'.
[ 1950.580387][T25399] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4753'.
[ 1950.593026][T25399] input: syz0 as /devices/virtual/input/input82
[ 1950.757993][T25410] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4755'.
[ 1951.141058][   T55] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[ 1951.303005][   T55] usb 4-1: Using ep0 maxpacket: 32
[ 1951.358519][   T55] usb 4-1: config 0 has an invalid interface number: 136 but max is 0
[ 1951.367240][   T55] usb 4-1: config 0 has no interface number 0
[ 1951.373528][   T55] usb 4-1: config 0 interface 136 altsetting 0 has an endpoint descriptor with address 0xAD, changing to 0x8D
[ 1951.385395][   T55] usb 4-1: config 0 interface 136 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[ 1951.395392][   T55] usb 4-1: config 0 interface 136 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 0
[ 1951.405637][   T55] usb 4-1: config 0 interface 136 altsetting 0 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[ 1951.420243][   T55] usb 4-1: config 0 interface 136 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1951.430586][   T55] usb 4-1: New USB device found, idVendor=0763, idProduct=1021, bcdDevice=8e.c0
[ 1951.439866][   T55] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1951.481165][   T55] usb 4-1: config 0 descriptor??
[ 1951.539182][   T55] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 1951.727549][T25410] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1951.742455][T25410] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1952.101324][   T30] audit: type=1800 audit(1759168506.335:1636): pid=25419 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.4757" name="bus" dev="ramfs" ino=116648 res=0 errno=0
[ 1952.439890][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1952.672017][   T55] usb 6-1: new high-speed USB device number 99 using dummy_hcd
[ 1952.780034][T25433] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1952.810629][   T55] usb 6-1: device descriptor read/64, error -71
[ 1952.833111][T25433] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1953.061535][   T55] usb 6-1: new high-speed USB device number 100 using dummy_hcd
[ 1953.171766][T25436] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4761'.
[ 1953.200719][   T55] usb 6-1: device descriptor read/64, error -71
[ 1953.327517][T25436] fanotify: failed to encode fid (type=0, len=0, err=-2)
[ 1953.355866][   T55] usb usb6-port1: attempt power cycle
[ 1953.578655][    T9] usb 4-1: USB disconnect, device number 36
[ 1953.910268][   T55] usb 6-1: new high-speed USB device number 101 using dummy_hcd
[ 1954.070994][T25443] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1954.129883][   T55] usb 6-1: device descriptor read/8, error -71
[ 1954.150729][T25443] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1954.410447][   T55] usb 6-1: new high-speed USB device number 102 using dummy_hcd
[ 1954.431077][   T55] usb 6-1: device descriptor read/8, error -71
[ 1954.581267][   T55] usb usb6-port1: unable to enumerate USB device
[ 1955.520397][T25459] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1955.570377][T25459] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1955.865307][T25464] netlink: 48 bytes leftover after parsing attributes in process `syz.2.4767'.
[ 1956.020234][ T5952] usb 6-1: new high-speed USB device number 103 using dummy_hcd
[ 1956.266916][T25469] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1956.276563][T25469] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1956.322479][ T5952] usb 6-1: Using ep0 maxpacket: 16
[ 1956.338017][ T5952] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1956.354908][ T5952] usb 6-1: config 127 has an invalid interface number: 121 but max is 0
[ 1956.371921][   T30] audit: type=1800 audit(1759168510.405:1637): pid=25468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4769" name="bus" dev="ramfs" ino=117761 res=0 errno=0
[ 1956.397345][ T5952] usb 6-1: config 127 has no interface number 0
[ 1956.409003][ T5952] usb 6-1: config 127 interface 121 has no altsetting 0
[ 1956.433958][ T5952] usb 6-1: New USB device found, idVendor=1a0a, idProduct=0102, bcdDevice=ba.4a
[ 1956.443864][ T5952] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1956.452832][ T5952] usb 6-1: Product: syz
[ 1956.459803][ T5952] usb 6-1: Manufacturer: syz
[ 1956.468358][ T5952] usb 6-1: SerialNumber: syz
[ 1956.787429][T25471] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1956.877229][T25471] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1957.038425][ T5952] usb_ehset_test 6-1:127.121: probe with driver usb_ehset_test failed with error -32
[ 1957.122368][ T5952] usb 6-1: USB disconnect, device number 103
[ 1957.730382][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[ 1958.836269][T11567] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[ 1959.061875][T11567] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1959.100299][T11567] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1959.100350][T11567] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1959.100369][T11567] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1959.130847][T11567] usb 2-1: config 0 descriptor??
[ 1959.559824][T11567] cp2112 0003:10C4:EA90.0046: unknown main item tag 0x0
[ 1959.778997][T11567] cp2112 0003:10C4:EA90.0046: unknown main item tag 0x0
[ 1959.811619][T11567] cp2112 0003:10C4:EA90.0046: unknown main item tag 0x0
[ 1959.982804][T25503] netlink: 20 bytes leftover after parsing attributes in process `syz.2.4776'.
[ 1960.093848][T11567] cp2112 0003:10C4:EA90.0046: unknown main item tag 0x0
[ 1960.155594][T11567] cp2112 0003:10C4:EA90.0046: unknown main item tag 0x0
[ 1960.230213][T11567] cp2112 0003:10C4:EA90.0046: unknown main item tag 0x0
[ 1960.237296][T11567] cp2112 0003:10C4:EA90.0046: unknown main item tag 0x0
[ 1960.317086][T25507] netlink: 596 bytes leftover after parsing attributes in process `syz.0.4777'.
[ 1960.394046][T11567] cp2112 0003:10C4:EA90.0046: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.1-1/input0
[ 1961.541092][T11567] cp2112 0003:10C4:EA90.0046: error requesting version
[ 1961.639684][T11567] cp2112 0003:10C4:EA90.0046: probe with driver cp2112 failed with error -71
[ 1961.731729][T11567] usb 2-1: USB disconnect, device number 27
[ 1962.689745][T25531] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4782'.
[ 1963.830317][ T5952] usb 6-1: new high-speed USB device number 104 using dummy_hcd
[ 1963.974566][T25538] FAULT_INJECTION: forcing a failure.
[ 1963.974566][T25538] name failslab, interval 1, probability 0, space 0, times 0
[ 1964.010341][ T5952] usb 6-1: Using ep0 maxpacket: 16
[ 1964.019283][ T5952] usb 6-1: New USB device found, idVendor=2137, idProduct=0001, bcdDevice=2a.35
[ 1964.050209][ T5952] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1964.058458][ T5952] usb 6-1: Product: syz
[ 1964.068631][T25538] CPU: 1 UID: 0 PID: 25538 Comm: syz.0.4784 Not tainted syzkaller #0 PREEMPT(full) 
[ 1964.068660][T25538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1964.068673][T25538] Call Trace:
[ 1964.068682][T25538]  <TASK>
[ 1964.068692][T25538]  dump_stack_lvl+0x189/0x250
[ 1964.068723][T25538]  ? __pfx____ratelimit+0x10/0x10
[ 1964.068747][T25538]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1964.068773][T25538]  ? __pfx__printk+0x10/0x10
[ 1964.068810][T25538]  ? __pfx___might_resched+0x10/0x10
[ 1964.068829][T25538]  ? fs_reclaim_acquire+0x7d/0x100
[ 1964.068856][T25538]  should_fail_ex+0x414/0x560
[ 1964.068896][T25538]  should_failslab+0xa8/0x100
[ 1964.068931][T25538]  __kmalloc_noprof+0xcb/0x4f0
[ 1964.068960][T25538]  ? kfree+0x4d/0x440
[ 1964.068986][T25538]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1964.069017][T25538]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1964.069059][T25538]  ? tomoyo_domain+0xd9/0x130
[ 1964.069092][T25538]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[ 1964.069126][T25538]  tomoyo_path_number_perm+0x1e8/0x5a0
[ 1964.069164][T25538]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1964.069216][T25538]  ? __lock_acquire+0xab9/0xd20
[ 1964.069272][T25538]  ? __fget_files+0x2a/0x420
[ 1964.069297][T25538]  ? __fget_files+0x2a/0x420
[ 1964.069315][T25538]  ? __fget_files+0x3a0/0x420
[ 1964.069335][T25538]  ? __fget_files+0x2a/0x420
[ 1964.069359][T25538]  security_file_ioctl+0xcb/0x2d0
[ 1964.069388][T25538]  __se_sys_ioctl+0x47/0x170
[ 1964.069418][T25538]  do_syscall_64+0xfa/0x3b0
[ 1964.069455][T25538]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1964.069500][T25538]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1964.069524][T25538]  ? clear_bhb_loop+0x60/0xb0
[ 1964.069551][T25538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1964.069573][T25538] RIP: 0033:0x7f99de38eec9
[ 1964.069593][T25538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1964.069613][T25538] RSP: 002b:00007f99df2be038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1964.069637][T25538] RAX: ffffffffffffffda RBX: 00007f99de5e5fa0 RCX: 00007f99de38eec9
[ 1964.069658][T25538] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000004
[ 1964.069673][T25538] RBP: 00007f99df2be090 R08: 0000000000000000 R09: 0000000000000000
[ 1964.069687][T25538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1964.069700][T25538] R13: 00007f99de5e6038 R14: 00007f99de5e5fa0 R15: 00007f99de70fa28
[ 1964.069735][T25538]  </TASK>
[ 1964.069819][T25538] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1964.078936][ T5952] usb 6-1: Manufacturer: syz
[ 1964.388048][T13782] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[ 1964.397128][T13782] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1964.410693][ T5952] usb 6-1: SerialNumber: syz
[ 1964.418995][ T5952] usb 6-1: config 0 descriptor??
[ 1964.451933][ T5952] as10x_usb: device has been detected
[ 1964.458429][ T5952] dvbdev: DVB: registering new adapter (Sky IT Digital Key (green led))
[ 1964.558906][ T5952] usb 6-1: DVB: registering adapter 1 frontend 0 (Sky IT Digital Key (green led))...
[ 1964.624436][ T5952] as10x_usb: error during firmware upload part1
[ 1964.641220][T25535] random: crng reseeded on system resumption
[ 1964.688435][ T5952] Registered device Sky IT Digital Key (green led)
[ 1964.688596][T25535] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1964.813775][T25535] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1964.860267][T25546] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4787'.
[ 1964.876915][T25546] fanotify: failed to encode fid (type=0, len=0, err=-2)
[ 1964.888189][T12195] usb 6-1: USB disconnect, device number 104
[ 1964.942945][T12195] Unregistered device Sky IT Digital Key (green led)
[ 1964.948323][T12195] as10x_usb: device has been disconnected
[ 1965.123538][T25552] netlink: 596 bytes leftover after parsing attributes in process `syz.2.4788'.
[ 1965.986869][T25558] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1966.000957][T25558] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1966.125021][T25558] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1966.172222][T25558] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1966.308773][T25564] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1966.320300][T25564] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1966.430874][T12195] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[ 1966.591940][T12195] usb 2-1: Using ep0 maxpacket: 8
[ 1966.649439][T12195] usb 2-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[ 1966.659482][T12195] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1966.673573][T12195] usb 2-1: Product: syz
[ 1966.717415][   T30] audit: type=1326 audit(1759168520.915:1638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25567 comm="syz.3.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1966.730217][T12195] usb 2-1: Manufacturer: syz
[ 1966.779865][   T30] audit: type=1326 audit(1759168520.925:1639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25567 comm="syz.3.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1966.813826][   T30] audit: type=1326 audit(1759168520.925:1640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25567 comm="syz.3.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1966.896000][T12195] usb 2-1: SerialNumber: syz
[ 1966.949763][   T30] audit: type=1326 audit(1759168520.925:1641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25567 comm="syz.3.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1966.996979][T12195] usb 2-1: config 0 descriptor??
[ 1967.026332][   T30] audit: type=1326 audit(1759168520.925:1642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25567 comm="syz.3.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1967.068461][T12195] gspca_main: sonixj-2.14.0 probing 0c45:613a
[ 1967.075145][   T30] audit: type=1326 audit(1759168520.925:1643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25567 comm="syz.3.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1967.099365][   T30] audit: type=1326 audit(1759168520.925:1644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25567 comm="syz.3.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1967.235897][   T30] audit: type=1326 audit(1759168520.935:1645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25567 comm="syz.3.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1967.359054][   T30] audit: type=1326 audit(1759168520.935:1646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25567 comm="syz.3.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1967.439900][   T30] audit: type=1326 audit(1759168520.935:1647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25567 comm="syz.3.4794" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1968.050836][T25589] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4792'.
[ 1968.337601][T12195] gspca_sonixj: reg_r err -32
[ 1968.403900][T12195] sonixj 2-1:0.0: probe with driver sonixj failed with error -32
[ 1968.662803][T25593] loop2: detected capacity change from 0 to 7
[ 1968.684596][T25593]  loop2: p1
[ 1968.703078][T25593] loop2: partition table partially beyond EOD, truncated
[ 1968.744877][T25593] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1969.029722][T23672] udevd[23672]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1969.523175][T25599] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4802'.
[ 1969.538852][T25599] fanotify: failed to encode fid (type=0, len=0, err=-2)
[ 1970.048333][T25607] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1970.061538][T12195] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[ 1970.084498][T25607] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1970.116829][T25607] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1970.135715][T25607] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1970.250478][T12195] usb 4-1: Using ep0 maxpacket: 32
[ 1970.283868][T12195] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1970.321293][T12195] usb 4-1: config 128 has an invalid interface number: 127 but max is 3
[ 1970.360535][T12195] usb 4-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[ 1970.386287][T12195] usb 4-1: config 128 has 1 interface, different from the descriptor's value: 4
[ 1970.431638][T12195] usb 4-1: config 128 has no interface number 0
[ 1970.461171][T12195] usb 4-1: config 128 interface 127 altsetting 14 endpoint 0x5 has an invalid bInterval 170, changing to 11
[ 1970.518233][T12195] usb 4-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid maxpacket 42744, setting to 1024
[ 1970.570974][T12195] usb 4-1: config 128 interface 127 has no altsetting 0
[ 1970.601265][T12195] usb 4-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55
[ 1970.634360][T12195] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1970.685137][T12195] usb 4-1: Product: syz
[ 1970.689331][T12195] usb 4-1: Manufacturer: syz
[ 1970.709483][T11567] usb 2-1: USB disconnect, device number 28
[ 1970.760463][T12195] usb 4-1: SerialNumber: syz
[ 1970.796753][T25604] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 1970.870475][   T55] usb 6-1: new high-speed USB device number 105 using dummy_hcd
[ 1971.020568][   T55] usb 6-1: Using ep0 maxpacket: 8
[ 1971.057384][   T55] usb 6-1: config 179 has an invalid interface number: 65 but max is 0
[ 1971.093341][   T55] usb 6-1: config 179 has no interface number 0
[ 1971.110696][   T55] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 1971.137547][T12195] usb 4-1: USB disconnect, device number 37
[ 1971.154265][   T55] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 1971.180682][   T55] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1971.194669][   T55] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 1971.207352][   T55] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1971.228645][T23672] udevd[23672]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:128.127/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1971.281960][   T55] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 1971.307916][   T55] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1971.334609][T25612] raw-gadget.3 gadget.5: fail, usb_ep_enable returned -22
[ 1971.579038][   T55] usb 6-1: USB disconnect, device number 105
[ 1971.585321][    C1] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 1971.585361][    C1] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[ 1971.936660][T25639] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1971.958940][T25639] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1972.127986][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1972.128011][   T30] audit: type=1326 audit(1759168526.335:1664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25642 comm="syz.3.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1972.289437][   T30] audit: type=1326 audit(1759168526.345:1665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25642 comm="syz.3.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1972.333245][T25647] netlink: 596 bytes leftover after parsing attributes in process `syz.5.4816'.
[ 1972.360423][   T30] audit: type=1326 audit(1759168526.345:1666): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25642 comm="syz.3.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1972.382992][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1972.400269][   T30] audit: type=1326 audit(1759168526.345:1667): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25642 comm="syz.3.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1972.440225][   T30] audit: type=1326 audit(1759168526.345:1668): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25642 comm="syz.3.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=158 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1972.617316][   T30] audit: type=1326 audit(1759168526.345:1669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25642 comm="syz.3.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1972.721288][   T30] audit: type=1326 audit(1759168526.345:1670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25642 comm="syz.3.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1972.813050][   T30] audit: type=1326 audit(1759168526.345:1671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25642 comm="syz.3.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1972.902445][   T30] audit: type=1326 audit(1759168526.345:1672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25642 comm="syz.3.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1972.976114][   T30] audit: type=1326 audit(1759168526.345:1673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25642 comm="syz.3.4815" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feffcd8eec9 code=0x7ffc0000
[ 1973.355766][T25657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1973.368259][T25657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1973.389861][T25657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1973.421611][T25657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1973.641318][T25662] sctp: [Deprecated]: syz.1.4820 (pid 25662) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1973.641318][T25662] Use struct sctp_sack_info instead
[ 1974.594555][T25677] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[ 1974.616337][T25678] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4825'.
[ 1974.901207][ T5952] usb 6-1: new high-speed USB device number 106 using dummy_hcd
[ 1975.060256][ T5952] usb 6-1: Using ep0 maxpacket: 32
[ 1975.120326][ T5952] usb 6-1: config 0 has an invalid interface number: 136 but max is 0
[ 1975.205070][ T5952] usb 6-1: config 0 has no interface number 0
[ 1975.228034][ T5952] usb 6-1: config 0 interface 136 altsetting 0 has an endpoint descriptor with address 0xAD, changing to 0x8D
[ 1975.431291][ T5952] usb 6-1: config 0 interface 136 altsetting 0 endpoint 0x8D has invalid wMaxPacketSize 0
[ 1975.481047][ T5952] usb 6-1: config 0 interface 136 altsetting 0 bulk endpoint 0x8D has invalid maxpacket 0
[ 1975.513711][ T5952] usb 6-1: config 0 interface 136 altsetting 0 endpoint 0x1 has invalid maxpacket 1024, setting to 64
[ 1975.555845][ T5952] usb 6-1: config 0 interface 136 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1975.580928][   T55] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[ 1975.608721][T25684] netdevsim netdevsim0: Direct firmware load for � failed with error -2
[ 1975.670321][T25684] netdevsim netdevsim0: Falling back to sysfs fallback for: �
[ 1975.699737][ T5952] usb 6-1: New USB device found, idVendor=0763, idProduct=1021, bcdDevice=8e.c0
[ 1975.752221][   T55] usb 4-1: Using ep0 maxpacket: 8
[ 1975.774303][   T55] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1975.789154][   T55] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[ 1975.826799][   T55] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[ 1975.851106][   T55] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1975.872299][   T55] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 1
[ 1975.926600][   T55] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[ 1975.956264][ T5952] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1975.982890][ T5952] usb 6-1: config 0 descriptor??
[ 1976.008126][ T5952] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 1976.085364][   T55] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[ 1976.222936][T25678] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1976.234168][T25678] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1976.252996][   T55] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[ 1976.284031][   T55] usb 4-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84
[ 1976.298419][   T55] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1976.460425][   T55] usb 4-1: Product: syz
[ 1976.538882][   T55] usb 4-1: Manufacturer: syz
[ 1976.546158][   T55] usb 4-1: SerialNumber: syz
[ 1976.556694][T25693] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1976.569117][T25693] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1976.796055][   T55] usb 4-1: config 0 descriptor??
[ 1976.814052][T25680] raw-gadget.4 gadget.3: fail, usb_ep_enable returned -22
[ 1976.879135][   T55] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[ 1977.227632][T25697] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1977.238616][T25697] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1977.320859][    C1] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000011: 0000 [#1] SMP KASAN PTI
[ 1977.332815][    C1] KASAN: null-ptr-deref in range [0x0000000000000088-0x000000000000008f]
[ 1977.341283][    C1] CPU: 1 UID: 0 PID: 55 Comm: kworker/1:2 Not tainted syzkaller #0 PREEMPT(full) 
[ 1977.350521][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1977.360612][    C1] Workqueue: usb_hub_wq hub_event
[ 1977.365708][    C1] RIP: 0010:snd_usbmidi_do_output+0x199/0x560
[ 1977.371822][    C1] Code: 5c 24 48 48 89 d8 48 c1 e8 03 42 80 3c 30 00 74 08 48 89 df e8 18 7c ec f8 48 8b 1b 4c 8d ab 88 00 00 00 4d 89 ef 49 c1 ef 03 <43> 0f b6 04 37 84 c0 0f 85 44 02 00 00 41 c7 45 00 00 00 00 00 48
[ 1977.391474][    C1] RSP: 0018:ffffc90000a08ab8 EFLAGS: 00010006
[ 1977.397584][    C1] RAX: 1ffff1100be82601 RBX: 0000000000000000 RCX: ffff88801a5b0000
[ 1977.405572][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000007
[ 1977.413549][    C1] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[ 1977.421612][    C1] R10: dffffc0000000000 R11: fffff52000141134 R12: 0000000000000001
[ 1977.429935][    C1] R13: 0000000000000088 R14: dffffc0000000000 R15: 0000000000000011
[ 1977.438023][    C1] FS:  0000000000000000(0000) GS:ffff888125d12000(0000) knlGS:0000000000000000
[ 1977.446972][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1977.453563][    C1] CR2: 0000200000212000 CR3: 0000000023df6000 CR4: 00000000003526f0
[ 1977.461547][    C1] DR0: 0000000000000008 DR1: 0000000000000002 DR2: 0000000000000081
[ 1977.469546][    C1] DR3: ffffffffefffff14 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1977.477528][    C1] Call Trace:
[ 1977.480815][    C1]  <IRQ>
[ 1977.483803][    C1]  snd_usbmidi_error_timer+0x316/0x660
[ 1977.489334][    C1]  call_timer_fn+0x17e/0x5f0
[ 1977.494043][    C1]  ? __pfx_snd_usbmidi_error_timer+0x10/0x10
[ 1977.500042][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1977.505284][    C1]  ? call_timer_fn+0xbe/0x5f0
[ 1977.509993][    C1]  ? __pfx_call_timer_fn+0x10/0x10
[ 1977.515162][    C1]  ? __pfx_snd_usbmidi_error_timer+0x10/0x10
[ 1977.521166][    C1]  __run_timer_base+0x61a/0x860
[ 1977.526049][    C1]  ? ktime_get+0x3e/0x1f0
[ 1977.530398][    C1]  ? __pfx___run_timer_base+0x10/0x10
[ 1977.535785][    C1]  ? seqcount_lockdep_reader_access+0x15f/0x1c0
[ 1977.542046][    C1]  run_timer_softirq+0xb7/0x180
[ 1977.547177][    C1]  handle_softirqs+0x286/0x870
[ 1977.551946][    C1]  ? __irq_exit_rcu+0xca/0x1f0
[ 1977.556716][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[ 1977.562012][    C1]  __irq_exit_rcu+0xca/0x1f0
[ 1977.566622][    C1]  ? __pfx___irq_exit_rcu+0x10/0x10
[ 1977.571918][    C1]  irq_exit_rcu+0x9/0x30
[ 1977.576187][    C1]  sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1977.582035][    C1]  </IRQ>
[ 1977.584972][    C1]  <TASK>
[ 1977.587907][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1977.593982][    C1] RIP: 0010:deref_stack_reg+0xc3/0x230
[ 1977.599474][    C1] Code: 85 3c 01 00 00 41 83 3f 00 0f 95 c0 4c 39 c3 0f 96 c1 20 c1 4d 39 c6 0f 97 c0 20 c8 3c 01 75 18 49 8d 40 08 48 39 d8 0f 97 c1 <4c> 39 f0 0f 96 c0 84 c1 0f 85 c3 00 00 00 49 8d 7f 28 48 89 f8 48
[ 1977.619138][    C1] RSP: 0018:ffffc90000bf64c0 EFLAGS: 00000206
[ 1977.625220][    C1] RAX: ffffc90000bf6cb8 RBX: ffffc90000bf0000 RCX: 0000000000000001
[ 1977.633200][    C1] RDX: ffffc90000bf6628 RSI: dffffc0000000000 RDI: ffffc90000bf65e8
[ 1977.641264][    C1] RBP: 1ffff9200017ecbd R08: ffffc90000bf6cb0 R09: 0000000000000000
[ 1977.649244][    C1] R10: ffffc90000bf6638 R11: fffff5200017ecc9 R12: 1ffff9200017ecbe
[ 1977.657244][    C1] R13: 1ffff9200017ecbf R14: ffffc90000bf8000 R15: ffffc90000bf65e8
[ 1977.665351][    C1]  unwind_next_frame+0x17c4/0x2390
[ 1977.670479][    C1]  ? unwind_next_frame+0xa5/0x2390
[ 1977.675601][    C1]  ? snd_card_free+0x110/0x190
[ 1977.680437][    C1]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1977.686619][    C1]  arch_stack_walk+0x11c/0x150
[ 1977.691402][    C1]  ? usb_audio_probe+0x193f/0x1e10
[ 1977.696533][    C1]  stack_trace_save+0x9c/0xe0
[ 1977.701222][    C1]  ? __pfx_stack_trace_save+0x10/0x10
[ 1977.706610][    C1]  ? __lock_acquire+0xab9/0xd20
[ 1977.711563][    C1]  kasan_save_track+0x3e/0x80
[ 1977.716253][    C1]  ? kasan_save_track+0x3e/0x80
[ 1977.721113][    C1]  ? kasan_save_free_info+0x46/0x50
[ 1977.726410][    C1]  ? __kasan_slab_free+0x5b/0x80
[ 1977.731363][    C1]  ? kfree+0x18e/0x440
[ 1977.735443][    C1]  ? snd_usbmidi_out_endpoint_clear+0x5f1/0x820
[ 1977.741692][    C1]  ? snd_usbmidi_rawmidi_free+0x6d/0x160
[ 1977.747331][    C1]  ? snd_rawmidi_free+0x3bf/0x410
[ 1977.752366][    C1]  ? snd_rawmidi_dev_free+0x38/0x50
[ 1977.757572][    C1]  ? __snd_device_free+0x1d5/0x2e0
[ 1977.762705][    C1]  ? snd_device_free_all+0xcf/0x180
[ 1977.767923][    C1]  ? release_card_device+0x75/0x1b0
[ 1977.773136][    C1]  ? device_release+0x99/0x1c0
[ 1977.777915][    C1]  ? kobject_put+0x22b/0x480
[ 1977.782528][    C1]  ? snd_card_free+0x110/0x190
[ 1977.787344][    C1]  kasan_save_free_info+0x46/0x50
[ 1977.792377][    C1]  __kasan_slab_free+0x5b/0x80
[ 1977.797154][    C1]  ? snd_usbmidi_out_endpoint_clear+0x5f1/0x820
[ 1977.803401][    C1]  kfree+0x18e/0x440
[ 1977.807318][    C1]  snd_usbmidi_out_endpoint_clear+0x5f1/0x820
[ 1977.813396][    C1]  snd_usbmidi_rawmidi_free+0x6d/0x160
[ 1977.818866][    C1]  ? __pfx_snd_usbmidi_rawmidi_free+0x10/0x10
[ 1977.824944][    C1]  snd_rawmidi_free+0x3bf/0x410
[ 1977.829813][    C1]  snd_rawmidi_dev_free+0x38/0x50
[ 1977.834843][    C1]  __snd_device_free+0x1d5/0x2e0
[ 1977.839893][    C1]  snd_device_free_all+0xcf/0x180
[ 1977.844932][    C1]  ? __pfx_snd_mixer_oss_notify_handler+0x10/0x10
[ 1977.851361][    C1]  release_card_device+0x75/0x1b0
[ 1977.856406][    C1]  ? __pfx_release_card_device+0x10/0x10
[ 1977.862051][    C1]  device_release+0x99/0x1c0
[ 1977.866674][    C1]  kobject_put+0x22b/0x480
[ 1977.871206][    C1]  snd_card_free+0x110/0x190
[ 1977.875810][    C1]  ? __pfx_snd_card_free+0x10/0x10
[ 1977.880942][    C1]  ? usb_match_one_id+0x654/0x980
[ 1977.885987][    C1]  ? snd_usb_create_quirk+0x5d/0x110
[ 1977.891293][    C1]  usb_audio_probe+0x193f/0x1e10
[ 1977.896335][    C1]  ? __pfx_usb_audio_probe+0x10/0x10
[ 1977.901630][    C1]  ? ktime_get_mono_fast_ns+0x2af/0x2d0
[ 1977.907195][    C1]  ? pm_runtime_enable+0x1f3/0x340
[ 1977.912342][    C1]  usb_probe_interface+0x668/0xc30
[ 1977.917553][    C1]  ? __pfx_usb_probe_interface+0x10/0x10
[ 1977.923188][    C1]  really_probe+0x26d/0x9e0
[ 1977.927715][    C1]  __driver_probe_device+0x18c/0x2f0
[ 1977.933020][    C1]  driver_probe_device+0x4f/0x430
[ 1977.938057][    C1]  __device_attach_driver+0x2ce/0x530
[ 1977.943441][    C1]  bus_for_each_drv+0x24e/0x2e0
[ 1977.948304][    C1]  ? __pfx___device_attach_driver+0x10/0x10
[ 1977.954209][    C1]  ? __pfx_bus_for_each_drv+0x10/0x10
[ 1977.959589][    C1]  __device_attach+0x2b8/0x400
[ 1977.964364][    C1]  ? __pfx___device_attach+0x10/0x10
[ 1977.969773][    C1]  ? do_raw_spin_unlock+0x122/0x240
[ 1977.975009][    C1]  bus_probe_device+0x185/0x260
[ 1977.979883][    C1]  device_add+0x7b6/0xb50
[ 1977.984297][    C1]  usb_set_configuration+0x1a87/0x20e0
[ 1977.989816][    C1]  usb_generic_driver_probe+0x8d/0x150
[ 1977.995302][    C1]  usb_probe_device+0x1c4/0x390
[ 1978.000169][    C1]  ? __pfx_usb_probe_device+0x10/0x10
[ 1978.005558][    C1]  really_probe+0x26d/0x9e0
[ 1978.010313][    C1]  __driver_probe_device+0x18c/0x2f0
[ 1978.015628][    C1]  driver_probe_device+0x4f/0x430
[ 1978.020687][    C1]  __device_attach_driver+0x2ce/0x530
[ 1978.026118][    C1]  bus_for_each_drv+0x24e/0x2e0
[ 1978.031013][    C1]  ? __pfx___device_attach_driver+0x10/0x10
[ 1978.036934][    C1]  ? __pfx_bus_for_each_drv+0x10/0x10
[ 1978.042327][    C1]  __device_attach+0x2b8/0x400
[ 1978.047102][    C1]  ? __pfx___device_attach+0x10/0x10
[ 1978.052407][    C1]  ? do_raw_spin_unlock+0x122/0x240
[ 1978.057624][    C1]  bus_probe_device+0x185/0x260
[ 1978.062503][    C1]  device_add+0x7b6/0xb50
[ 1978.066844][    C1]  usb_new_device+0xa39/0x16f0
[ 1978.071624][    C1]  ? __pfx_usb_new_device+0x10/0x10
[ 1978.076837][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1978.082044][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1978.087254][    C1]  hub_event+0x2958/0x4a20
[ 1978.091723][    C1]  ? __pfx_hub_event+0x10/0x10
[ 1978.096502][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[ 1978.102233][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1978.107524][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[ 1978.113248][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[ 1978.118983][    C1]  process_scheduled_works+0xade/0x17b0
[ 1978.124634][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1978.130800][    C1]  worker_thread+0x8a0/0xda0
[ 1978.135426][    C1]  kthread+0x711/0x8a0
[ 1978.139509][    C1]  ? __pfx_worker_thread+0x10/0x10
[ 1978.144631][    C1]  ? __pfx_kthread+0x10/0x10
[ 1978.149322][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1978.154531][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1978.159750][    C1]  ? __pfx_kthread+0x10/0x10
[ 1978.164398][    C1]  ret_from_fork+0x439/0x7d0
[ 1978.169016][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[ 1978.174243][    C1]  ? __switch_to_asm+0x39/0x70
[ 1978.179117][    C1]  ? __switch_to_asm+0x33/0x70
[ 1978.183902][    C1]  ? __pfx_kthread+0x10/0x10
[ 1978.188507][    C1]  ret_from_fork_asm+0x1a/0x30
[ 1978.193470][    C1]  </TASK>
[ 1978.196503][    C1] Modules linked in:
[ 1978.200422][    C1] ---[ end trace 0000000000000000 ]---
[ 1978.205878][    C1] RIP: 0010:snd_usbmidi_do_output+0x199/0x560
[ 1978.212052][    C1] Code: 5c 24 48 48 89 d8 48 c1 e8 03 42 80 3c 30 00 74 08 48 89 df e8 18 7c ec f8 48 8b 1b 4c 8d ab 88 00 00 00 4d 89 ef 49 c1 ef 03 <43> 0f b6 04 37 84 c0 0f 85 44 02 00 00 41 c7 45 00 00 00 00 00 48
[ 1978.231769][    C1] RSP: 0018:ffffc90000a08ab8 EFLAGS: 00010006
[ 1978.237859][    C1] RAX: 1ffff1100be82601 RBX: 0000000000000000 RCX: ffff88801a5b0000
[ 1978.245845][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000007
[ 1978.253825][    C1] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[ 1978.261813][    C1] R10: dffffc0000000000 R11: fffff52000141134 R12: 0000000000000001
[ 1978.269789][    C1] R13: 0000000000000088 R14: dffffc0000000000 R15: 0000000000000011
[ 1978.277767][    C1] FS:  0000000000000000(0000) GS:ffff888125d12000(0000) knlGS:0000000000000000
[ 1978.286701][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1978.293307][    C1] CR2: 0000200000212000 CR3: 0000000023df6000 CR4: 00000000003526f0
[ 1978.301373][    C1] DR0: 0000000000000008 DR1: 0000000000000002 DR2: 0000000000000081
[ 1978.309350][    C1] DR3: ffffffffefffff14 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 1978.317332][    C1] Kernel panic - not syncing: Fatal exception in interrupt
[ 1978.324814][    C1] Kernel Offset: disabled
[ 1978.329146][    C1] Rebooting in 86400 seconds..