last executing test programs:

2m19.324830338s ago: executing program 0 (id=11054):
r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r2, 0x0, 0xfffffffffffffeea)

2m19.070556492s ago: executing program 0 (id=11058):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000240)=@nameseq={0x1e, 0x1, 0x2, {0x42, 0x0, 0x3}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42}}, 0x10)
sendmsg$tipc(r1, &(0x7f00000006c0)={&(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x2, 0x2}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x20044094}, 0x0)

2m18.909323683s ago: executing program 0 (id=11060):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f00000000c0)={0x20, 0x5, 0xe})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009f02"])

2m18.537631178s ago: executing program 0 (id=11063):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002300)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0], 0x0, 0x0, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x84000, 0x0)

2m17.600601289s ago: executing program 0 (id=11079):
syz_open_dev$loop(&(0x7f0000000100), 0xf01c, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x42002)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000180)={0x152, @time={0x95}})

2m17.18958732s ago: executing program 0 (id=11086):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000140)=[{&(0x7f00000001c0)="580000001400192340834b80040d8c560a067f0202ff000000000001000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100040c10000000010000000000", 0x58}], 0x1)

2m16.687344034s ago: executing program 32 (id=11086):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r1, &(0x7f0000000140)=[{&(0x7f00000001c0)="580000001400192340834b80040d8c560a067f0202ff000000000001000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100040c10000000010000000000", 0x58}], 0x1)

1m28.359485068s ago: executing program 3 (id=11452):
r0 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r0, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r0, &(0x7f0000000080)={&(0x7f0000000180)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0}, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000140)={0x2000})
setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, &(0x7f0000000ec0)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

1m28.108839132s ago: executing program 3 (id=11454):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f0000000600)=0xdfa, 0x4)
sendto$inet(r0, &(0x7f0000000580)="17", 0x59a, 0x10008095, 0x0, 0x0)

1m27.996725368s ago: executing program 3 (id=11456):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newsa={0xec, 0x10, 0x200, 0x70bd28, 0x0, {{@in=@initdev={0xac, 0x1e, 0x9, 0x0}, @in=@local, 0x4e23, 0x1, 0x0, 0x2000, 0xa, 0x0, 0x0, 0x33}, {@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x32}, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', {0x0, 0x0, 0x8, 0x100000001, 0x6}, {0x0, 0x0, 0x2, 0xfffffffffffffffc}, {0xc, 0xfffffffc}, 0x70bd27, 0x0, 0x2, 0x0, 0x2}}, 0xec}, 0x1, 0x0, 0x0, 0xc0}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@newtaction={0x48, 0x30, 0x53b, 0x0, 0x0, {0x9}, [{0x34, 0x1, [@m_sample={0x30, 0x1, 0x0, 0x0, {{0xb}, {0x4}, {0x4}, {0xc}, {0xc, 0x4, {0x3}}}}]}]}, 0x48}}, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file3\x00', 0xc1c0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=@RTM_NEWMDB={0x38, 0x54, 0x1, 0x1, 0x0, {}, [@MDBA_SET_ENTRY={0x20, 0x1, {0x0, 0x1, 0x0, 0x3, {@ip4=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x86dd}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)

1m27.863069526s ago: executing program 3 (id=11458):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x81)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000240), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, 0x0, 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x226)
move_mount(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', r1, &(0x7f0000000100)='./file0\x00', 0x46)

1m27.754614981s ago: executing program 3 (id=11459):
mkdir(&(0x7f0000000300)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000240), 0x200000, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006840)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000004200)={0x50, 0x0, r1, {0x7, 0x29, 0x800, 0x44040000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x115, 0xfb}}, 0x50)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xb3a406bdd74362ab, 0x4)

1m27.303917444s ago: executing program 3 (id=11463):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-des3_ede-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000003c0)="e8", 0x1}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/78, 0x4e}], 0x1}, 0x0)

1m26.965789987s ago: executing program 33 (id=11463):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-des3_ede-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f00000003c0)="e8", 0x1}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/78, 0x4e}], 0x1}, 0x0)

57.548402773s ago: executing program 4 (id=11702):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_SET_GUEST_DEBUG(r3, 0xaece, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

57.301470916s ago: executing program 4 (id=11704):
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000300)='.\x00', 0x121)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
io_setup(0x2e, &(0x7f0000000200)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000380)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r1, 0x0, 0x0, 0x4}])

57.182189348s ago: executing program 4 (id=11705):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000340)="02", 0x1, 0x4499, 0x0, 0x0)
sendto$inet(r0, &(0x7f0000000000), 0xffffffffffffff94, 0x12, 0x0, 0x12)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

56.217094352s ago: executing program 4 (id=11713):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$fuseblk(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)

55.300544491s ago: executing program 4 (id=11720):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'dummy0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000400)=ANY=[@ANYBLOB="4c00000010000305000000000400000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006d616373656300001400028005000d0001000000060002404e22000008000500", @ANYRES32=r1], 0x4c}, 0x1, 0x0, 0x0, 0x8054}, 0x4)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x840}, 0x4)

54.521602184s ago: executing program 4 (id=11728):
r0 = socket$packet(0x11, 0x2, 0x300)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bind$packet(r0, &(0x7f00000000c0)={0x11, 0x18, r2, 0x1, 0x81}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xffffffff}, 0x1c)

53.931909503s ago: executing program 34 (id=11728):
r0 = socket$packet(0x11, 0x2, 0x300)
socketpair(0x1, 0x3, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
bind$packet(r0, &(0x7f00000000c0)={0x11, 0x18, r2, 0x1, 0x81}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0xffffffff}, 0x1c)

47.323089538s ago: executing program 5 (id=11770):
r0 = syz_open_dev$loop(&(0x7f0000000480), 0xd76, 0x181e00)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='blkio.bfq.io_service_time\x00', 0x275a, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f00000004c0)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {}, 0x2c, {}, 0x2c, {[{@allow_other}, {@blksize={'blksize', 0x3d, 0x400}}, {@default_permissions}, {@default_permissions}, {@max_read={'max_read', 0x3d, 0x67eb}}], [{@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@dont_measure}, {@fsmagic={'fsmagic', 0x3d, 0xe156}}]}})
write$UHID_CREATE2(r1, &(0x7f0000000400)=ANY=[], 0x1df)
write$binfmt_misc(r1, &(0x7f0000000000)="c04571752e49fb1f75954603e88d565ffb1a051574113daca8796d6ba7c5868c298caf", 0x23)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x2, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x3]}})

46.78841188s ago: executing program 5 (id=11774):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x0, 0x1, 0x1000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_PRE_FAULT_MEMORY(r2, 0xc040aed5, &(0x7f0000000000)={0x0, 0xb000})

46.261682616s ago: executing program 5 (id=11776):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
mlock2(&(0x7f0000549000/0x1000)=nil, 0x1000, 0x0)
syz_clone(0x100000, 0x0, 0x0, 0x0, 0x0, 0x0)
munlockall()
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)

45.722837884s ago: executing program 5 (id=11781):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/../file0/../file0/../file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x41)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)

45.43452807s ago: executing program 5 (id=11784):
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
listxattr(&(0x7f0000000340)='./file0\x00', 0x0, 0xffffffffffffffd3)
umount2(&(0x7f0000000000)='./file0\x00', 0x2)
close(r0)

45.089548368s ago: executing program 5 (id=11787):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x304}, "7817765dc5914c3d", "c0a9b92b592a8e91a6934cb6b7b18f7a7a6eaa9cbd8ef3b0fbc326100136e976", "58a190f0", "2a1e833e7af32011"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x304}, "54164ace389ff5c0", "faad50724acb18aba4e3bc654d684ad9c694f3e96ca4b72643dd3689727968e9", "5cb6d054", "29a78ab9b0a4e8ae"}, 0x38)

44.407175418s ago: executing program 35 (id=11787):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r0, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f00000000c0)=@gcm_256={{0x304}, "7817765dc5914c3d", "c0a9b92b592a8e91a6934cb6b7b18f7a7a6eaa9cbd8ef3b0fbc326100136e976", "58a190f0", "2a1e833e7af32011"}, 0x38)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000280)=@gcm_256={{0x304}, "54164ace389ff5c0", "faad50724acb18aba4e3bc654d684ad9c694f3e96ca4b72643dd3689727968e9", "5cb6d054", "29a78ab9b0a4e8ae"}, 0x38)

3.201530494s ago: executing program 2 (id=12060):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$evdev(&(0x7f0000000080), 0x0, 0x121041)
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480), &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x47be, 0x2, 0xd, 0x0, 0x0)

2.789631826s ago: executing program 1 (id=12066):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x141000)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000002c0)={{0x3, 0x2}})
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2)

2.672969912s ago: executing program 7 (id=12067):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet_sctp(r0, &(0x7f0000001f00)=[{&(0x7f0000000000)=@in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000600)=[{&(0x7f0000000040)="ca", 0x1}], 0x1, 0x0, 0x0, 0x4000414}], 0x1, 0x4008851)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000004340)='/proc/keys\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000000)={0x2020}, 0xff83)
mprotect(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x4)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000001180)={0x0, @in={{0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x8, 0x4, 0x2, 0x800, 0x2}, &(0x7f0000000080)=0x98)

2.639342557s ago: executing program 1 (id=12068):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r1, &(0x7f00000001c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x14}}, 0x10)
connect$inet(r1, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x2, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
sendmmsg(r0, &(0x7f0000004380)=[{{0x0, 0x0, 0x0}}], 0x34000, 0x0)

2.631773345s ago: executing program 2 (id=12069):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='nv\x00', 0x4c)
bind$inet6(r0, &(0x7f0000000500)={0xa, 0x4e22, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}, 0x5}, 0x1c)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e22, 0x7, @ipv4={'\x00', '\xff\xff', @empty}, 0x106}, 0x1c)
r1 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4c0000001200050926bd7000fddbdf251a0d04064e224e22fbffffffff0000000600000007000000ddffffff0500005bfee5881e16081bcde1874f0a78ecde2db9116e5fbf"], 0x4c}, 0x1, 0x0, 0x0, 0x22004014}, 0x800)

2.410884293s ago: executing program 7 (id=12072):
syz_open_dev$radio(&(0x7f0000000100), 0x2, 0x2)
io_setup(0x3, &(0x7f0000000240)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f00000000c0)={0xf0f041})

2.371209341s ago: executing program 2 (id=12073):
r0 = syz_io_uring_setup(0x81f, &(0x7f0000000480)={0x0, 0x0, 0x10, 0xfffffffd, 0x34f}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000540)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x4030, 0x0, 0x0, 0x4}]}, 0x8)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x47bc, 0x0, 0x21, 0x0, 0x0)

2.157048965s ago: executing program 2 (id=12074):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
io_setup(0x8, 0x0)
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0x2d}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
setsockopt$sock_attach_bpf(r0, 0x1, 0xd, &(0x7f0000000080), 0x24)
close(r0)

2.119312254s ago: executing program 8 (id=12076):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x123}, 0x10, 0x0)
landlock_restrict_self(r1, 0x0)
umount2(&(0x7f0000000180)='./file0\x00', 0xa)

1.970356672s ago: executing program 7 (id=12077):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x1000, 0x3, 0x1}, 0x18, 0x0)
landlock_restrict_self(r1, 0x0)
r2 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
landlock_restrict_self(r2, 0x0)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x17)

1.91540167s ago: executing program 2 (id=12078):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r0, 0x0)
ftruncate(r0, 0x8979)
write$binfmt_elf64(r0, &(0x7f0000000080)=ANY=[], 0x799)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
mmap$snddsp_status(&(0x7f00000da000/0x4000)=nil, 0x1000, 0x2000005, 0x12, r0, 0x82000000)

1.833242619s ago: executing program 8 (id=12079):
r0 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @multicast1}, @address_request}}}}, 0x0)
sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)
r1 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @random="a538ae464632", @void, {@ipv4={0x800, @igmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, {0x0, 0x0, 0x0, @multicast1}}}}}, 0x0)
sendmsg(r1, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x36}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

1.809622992s ago: executing program 6 (id=12080):
r0 = syz_clone(0x25000000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = syz_pidfd_open(r0, 0x0)
r2 = landlock_create_ruleset(&(0x7f00000002c0)={0xa201, 0x1}, 0x18, 0x0)
landlock_restrict_self(r2, 0x0)
setns(r1, 0x20000)

1.71891007s ago: executing program 7 (id=12081):
connect$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, 0x1c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f00000000c0)={0x1c, 0x5, 0xd})
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000080)=ANY=[@ANYBLOB="01000000000000009b02"])

1.582006871s ago: executing program 2 (id=12082):
r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000e40), 0x400, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000004c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f00000000c0)={0x1d, r2, 0x0, {}, 0x1}, 0x18)
connect$can_j1939(r1, &(0x7f0000000640)={0x1d, r2, 0x0, {0x0, 0x0, 0x1}, 0x1}, 0x18)
sendfile(r1, r0, 0x0, 0xfff2)

1.565142242s ago: executing program 1 (id=12083):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = inotify_init()
r1 = inotify_init1(0x800)
inotify_add_watch(r0, &(0x7f0000000000)='./file0\x00', 0xc1000c42)
inotify_add_watch(r1, &(0x7f0000000240)='./file0\x00', 0xc0)
inotify_add_watch(r1, &(0x7f0000004100)='./file0\x00', 0x20000c00)

1.504769479s ago: executing program 8 (id=12084):
mkdir(&(0x7f00000022c0)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000100)='./file0\x00', 0x20000, 0x8)
unshare(0x22020600)
open_tree(r1, &(0x7f00000001c0)='./file0\x00', 0x9801)

1.41073339s ago: executing program 7 (id=12085):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x2000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{}, {0x0, 0x989680}}, 0x0)
clock_nanosleep(0x0, 0x0, &(0x7f0000000080)={0x77359400}, &(0x7f0000001b40))

1.326739001s ago: executing program 1 (id=12086):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket(0x840000000002, 0x3, 0xff)
connect$inet(r1, &(0x7f0000000280)={0x2, 0x4e21, @remote}, 0x10)
sendmmsg$inet(r1, &(0x7f0000005240)=[{{0x0, 0xfffffdef, 0x0, 0x0, 0x0, 0x0, 0x10}, 0xfffffdef}], 0x4000095, 0x401eb94)

1.325859526s ago: executing program 8 (id=12087):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue1\x00'})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000180))
ppoll(&(0x7f0000000100)=[{r1, 0xb1}], 0x1, 0x0, 0x0, 0x0)
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600]}}], 0xffc8)

1.302121163s ago: executing program 6 (id=12088):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=@updpolicy={0xb8, 0x19, 0x1, 0xfffffffd, 0x0, {{@in=@multicast1=0xe0000002, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {0xfffffffffffffffd}, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x4}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd27, 0x0, {{@in=@multicast2, @in6=@empty, 0x1fe, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x7, 0x8, 0x0, 0x2, 0x40}, {0x0, 0x0, 0x0, 0xffffffffffffffff}}}, 0xb8}}, 0x4004)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x15, 0x1, 0x0, 0x300, {{@in=@multicast1=0xe0000002, @in=@rand_addr=0xff80, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0)

888.998324ms ago: executing program 6 (id=12089):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$sock(r1, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000000)
recvmsg$unix(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000006c0)=""/131, 0x83}], 0x1}, 0x60)

800.712169ms ago: executing program 1 (id=12090):
r0 = landlock_create_ruleset(&(0x7f0000000000)={0x10, 0x0, 0x3}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
r1 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r1, 0x0)
landlock_restrict_self(r1, 0x6)
pivot_root(&(0x7f0000000140)='./cgroup\x00', &(0x7f00000001c0)='./cgroup\x00')

653.979659ms ago: executing program 1 (id=12091):
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f0000000080)={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000100)=[{&(0x7f00000006c0)="10", 0x1}], 0x1}, 0x24000900)
sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000140)={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000200)=[{&(0x7f0000000640)='W', 0x1}], 0x1}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x4)
recvmsg(r1, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x10000)
sendmsg$inet(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="5c00000014006b03000000d86e6c1d0002847ea622fb564500004e23e3f58e76110165f450e71b0075e3002500028d459e37000f0000000000bf9367b47e51f60a64c9f4d4938037e786a6d0bdd700"/92, 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

521.951728ms ago: executing program 6 (id=12092):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/dev\x00')
read$FUSE(r0, &(0x7f0000000140)={0x2020}, 0x2020)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000340)=ANY=[@ANYBLOB="010000000000000001000000"])

318.80852ms ago: executing program 8 (id=12093):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d032, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)

238.09998ms ago: executing program 6 (id=12094):
r0 = openat$tun(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000002280)={'pim6reg0\x00', 0x2102})
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000080)={'nicvf0\x00', 0x400})
ioctl$TUNSETTXFILTER(r0, 0x401054d5, &(0x7f0000000380)=ANY=[])
r1 = openat$tun(0xffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000002280)={'pim6reg0\x00', 0x2102})

53.50056ms ago: executing program 7 (id=12095):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
pipe2$9p(&(0x7f0000000040), 0x4880)
pselect6(0x40, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x800}, 0x0, &(0x7f0000000240)={0x1f}, 0x0, 0x0)
ioctl$TCSETS(r0, 0x5402, &(0x7f0000000240)={0x8, 0x100001d, 0x4003, 0x83ffffc, 0xb, "69b7841b47f3ce7a26149600"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000100)=0x10000)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000000))

37.392156ms ago: executing program 6 (id=12096):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r1=>0x0})
connect$can_bcm(r0, &(0x7f0000000480)={0x1d, r1}, 0x10)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000001280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)=ANY=[], 0x448}}, 0x0)
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000200)=ANY=[@ANYBLOB="01"], 0x48}, 0x1, 0x0, 0x0, 0x882}, 0x1)
sendmmsg$inet(r0, &(0x7f0000001b00)=[{{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000080)="050000007402b8f4191db62b", 0xc}, {&(0x7f0000000180)="9f336d70bf0008000000000000e388fb2c4f7ede37e7de1f2a1cfb06b88038c6ffbf07e70873b0384d86a1ceb4e570554ebc8154bf39", 0x2c}], 0x2}}, {{0x0, 0x0, &(0x7f0000000100), 0x2}}], 0x4000000000000e7, 0x0)

0s ago: executing program 8 (id=12097):
syz_usb_connect$hid(0x4, 0x36, &(0x7f0000000240)=ANY=[@ANYBLOB="12"], 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000001540), 0x0, 0x80000)
ioctl$EVIOCGLED(r0, 0x5452, &(0x7f0000000240)=""/77)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000180)={0x57, 0x0, 0x0, {0xfffe, 0x1}, {0x74, 0x2}, @const={0x6, {0x7f, 0x0, 0x8000, 0xfffd}}})
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x78, 0x822b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1068)

kernel console output (not intermixed with test programs):

0x8F
[ 1042.631198][ T5938] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1042.679804][ T5938] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1042.715707][ T5938] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1042.757222][ T5938] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1042.776648][ T5938] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1042.811427][ T5938] usb 5-1: config 0 descriptor??
[ 1043.197589][T32651] syzkaller1: entered promiscuous mode
[ 1043.210197][T32651] syzkaller1: entered allmulticast mode
[ 1043.216428][ T5846] usb 2-1: new high-speed USB device number 113 using dummy_hcd
[ 1043.276221][ T5938] plantronics 0003:047F:FFFF.008C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[ 1043.386621][ T5846] usb 2-1: Using ep0 maxpacket: 32
[ 1043.405811][ T5846] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1043.429184][ T5846] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1043.444731][ T5846] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1043.453259][ T5846] usb 2-1: Product: syz
[ 1043.489157][ T5846] usb 2-1: Manufacturer: syz
[ 1043.493794][ T5846] usb 2-1: SerialNumber: syz
[ 1043.514178][ T5846] usb 2-1: config 0 descriptor??
[ 1043.523057][T32645] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1043.532709][ T5846] hub 2-1:0.0: bad descriptor, ignoring hub
[ 1043.538787][ T5846] hub 2-1:0.0: probe with driver hub failed with error -5
[ 1043.566635][ T5938] usb 3-1: new high-speed USB device number 117 using dummy_hcd
[ 1043.743377][ T5938] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1043.766789][ T5938] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1043.780465][ T5938] usb 3-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[ 1043.789626][ T5938] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1043.801559][ T5938] usb 3-1: config 0 descriptor??
[ 1043.949199][T23400] usb 2-1: USB disconnect, device number 113
[ 1044.241294][ T5938] hid-thrustmaster 0003:044F:B65D.008D: unknown main item tag 0x0
[ 1044.261918][ T5938] hid-thrustmaster 0003:044F:B65D.008D: hidraw1: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.2-1/input0
[ 1044.293787][ T5938] hid-thrustmaster 0003:044F:B65D.008D: Wrong number of endpoints?
[ 1044.472953][    C1] hid-thrustmaster 0003:044F:B65D.008D: URB to get model id failed with error -71
[ 1044.489214][ T5938] usb 3-1: USB disconnect, device number 117
[ 1044.630823][T32678] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11277'.
[ 1044.821411][T32681] all: renamed from bridge_slave_0 (while UP)
[ 1044.958041][T23400] usb 2-1: new high-speed USB device number 114 using dummy_hcd
[ 1045.064099][T32690] input: syz0 as /devices/virtual/input/input169
[ 1045.086644][ T5937] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 1045.126341][T23400] usb 2-1: Using ep0 maxpacket: 32
[ 1045.152880][T23400] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1045.181099][T23400] usb 2-1: language id specifier not provided by device, defaulting to English
[ 1045.209548][T23400] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1045.236639][T23400] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1045.246158][T23400] usb 2-1: Product: syz
[ 1045.254732][T23400] usb 2-1: config 0 descriptor??
[ 1045.260202][ T5937] usb 6-1: Using ep0 maxpacket: 8
[ 1045.269447][T32668] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1045.280122][T23400] hub 2-1:0.0: bad descriptor, ignoring hub
[ 1045.287318][T23400] hub 2-1:0.0: probe with driver hub failed with error -5
[ 1045.296843][ T5937] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1045.320251][ T5937] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1045.336700][ T5937] usb 6-1: Product: syz
[ 1045.347158][ T5937] usb 6-1: Manufacturer: syz
[ 1045.351781][ T5937] usb 6-1: SerialNumber: syz
[ 1045.422326][T32568] usb 5-1: USB disconnect, device number 124
[ 1045.587328][ T5937] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 1045.680564][ T5846] usb 2-1: USB disconnect, device number 114
[ 1045.956398][T32568] usb 3-1: new high-speed USB device number 118 using dummy_hcd
[ 1046.116465][   T30] kauditd_printk_skb: 1 callbacks suppressed
[ 1046.116482][   T30] audit: type=1326 audit(1753570596.094:4927): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32724 comm="syz.4.11292" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x0
[ 1046.146073][T32568] usb 3-1: too many configurations: 9, using maximum allowed: 8
[ 1046.163070][T32568] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1046.172346][T32568] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1046.192012][T32568] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1046.216901][T32568] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1046.235101][T32568] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1046.246614][T32568] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1046.254918][T32568] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1046.266104][T32568] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1046.279640][T32568] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1046.291699][T32568] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1046.301934][T32568] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1046.319770][T32568] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1046.332551][T32568] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1046.352384][T32568] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1046.366061][ T5937] usb 6-1: USB disconnect, device number 4
[ 1046.377684][ T5937] usblp0: removed
[ 1046.400007][T32568] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1046.421999][T32568] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1046.440745][T32568] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1046.442367][T32735] netlink: 212376 bytes leftover after parsing attributes in process `syz.1.11296'.
[ 1046.463972][T32568] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1046.478266][T32568] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1046.506363][T32568] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1046.523528][T32568] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1046.532353][T32568] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1046.549298][T32568] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1046.564215][T32568] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1046.579242][T32568] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1046.589238][T32568] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1046.597867][T32568] usb 3-1: Product: syz
[ 1046.602406][T32568] usb 3-1: Manufacturer: syz
[ 1046.607680][T32568] usb 3-1: SerialNumber: syz
[ 1046.617040][T32568] usb 3-1: config 0 descriptor??
[ 1046.628424][T32568] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0
[ 1047.316630][ T5938] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1047.366939][T25618] usb 4-1: new high-speed USB device number 127 using dummy_hcd
[ 1047.472224][    C0] usb 3-1: yurex_control_callback - control failed: -71
[ 1047.478335][ T5938] usb 6-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[ 1047.490469][T23400] usb 3-1: USB disconnect, device number 118
[ 1047.501782][ T5938] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1047.514998][T23400] yurex 3-1:0.0: USB YUREX #0 now disconnected
[ 1047.544255][ T5938] usb 6-1: config 0 descriptor??
[ 1047.550029][T25618] usb 4-1: Using ep0 maxpacket: 8
[ 1047.567796][T25618] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[ 1047.595520][ T5938] gspca_main: spca508-2.14.0 probing 8086:0110
[ 1047.604435][T25618] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1047.631420][T25618] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1047.656466][T25618] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1047.684886][T25618] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1047.707256][  T304] syzkaller1: entered promiscuous mode
[ 1047.716347][T25618] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1047.725880][  T304] syzkaller1: entered allmulticast mode
[ 1047.735788][T25618] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1047.815009][ T5938] gspca_spca508: reg_read err -32
[ 1047.827204][ T5938] gspca_spca508: reg_read err -32
[ 1047.833200][ T5938] gspca_spca508: reg_read err -32
[ 1047.847696][ T5938] gspca_spca508: reg_read err -32
[ 1047.990673][T25618] usb 4-1: usb_control_msg returned -32
[ 1048.022806][T25618] usbtmc 4-1:16.0: can't read capabilities
[ 1048.054984][ T5938] gspca_spca508: reg write: error -71
[ 1048.064735][ T5938] spca508 6-1:0.0: probe with driver spca508 failed with error -71
[ 1048.097249][ T5938] usb 6-1: USB disconnect, device number 5
[ 1048.506429][T23400] usb 3-1: new high-speed USB device number 119 using dummy_hcd
[ 1048.678623][T23400] usb 3-1: Using ep0 maxpacket: 16
[ 1048.693409][T23400] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1048.733358][T23400] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1048.743509][T32568] usb 5-1: new high-speed USB device number 125 using dummy_hcd
[ 1048.759416][T23400] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1048.773464][T23400] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1048.782861][T23400] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1048.812226][T23400] usb 3-1: config 0 descriptor??
[ 1048.929054][T32568] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1048.949042][T32568] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1048.980466][T32568] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1049.000558][T32568] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1049.030996][  T333] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1049.059065][T32568] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 1049.243448][T23400] HID 045e:07da: Invalid code 65791 type 1
[ 1049.305849][T23400] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.008E/input/input170
[ 1049.526335][T23400] microsoft 0003:045E:07DA.008E: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[ 1049.528978][T25618] usb 5-1: USB disconnect, device number 125
[ 1049.654229][T23400] usb 3-1: USB disconnect, device number 119
[ 1049.827439][  T363] fido_id[363]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[ 1050.186122][T32568] usb 4-1: USB disconnect, device number 127
[ 1050.403957][  T372] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11319'.
[ 1050.452685][T32568] hid-generic 0000:0000:0000.008F: unknown main item tag 0x0
[ 1050.485398][  T375] netlink: 24 bytes leftover after parsing attributes in process `syz.1.11319'.
[ 1050.491655][T32568] hid-generic 0000:0000:0000.008F: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1050.507349][T23400] usb 3-1: new high-speed USB device number 120 using dummy_hcd
[ 1050.674629][T23400] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has an invalid bInterval 0, changing to 7
[ 1050.723224][T23400] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1050.738115][T23400] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1050.763216][T23400] usb 3-1: Product: syz
[ 1050.775796][T23400] usb 3-1: Manufacturer: syz
[ 1050.786385][T23400] usb 3-1: SerialNumber: syz
[ 1051.421327][  T387] input: syz1 as /devices/virtual/input/input171
[ 1051.832889][T23400] cdc_ncm 3-1:1.0: bind() failure
[ 1051.843122][T23400] cdc_ncm 3-1:1.1: probe with driver cdc_ncm failed with error -71
[ 1051.865831][T23400] cdc_mbim 3-1:1.1: probe with driver cdc_mbim failed with error -71
[ 1051.891843][T23400] usbtest 3-1:1.1: probe with driver usbtest failed with error -71
[ 1051.921244][T23400] usb 3-1: USB disconnect, device number 120
[ 1052.746594][ T5938] usb 3-1: new high-speed USB device number 121 using dummy_hcd
[ 1052.906956][ T5938] usb 3-1: Using ep0 maxpacket: 8
[ 1052.915355][ T5938] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[ 1052.934392][ T5938] usb 3-1: config 179 has no interface number 0
[ 1052.944184][ T5938] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 63, changing to 9
[ 1052.961584][ T5938] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has invalid maxpacket 57605, setting to 1024
[ 1052.973656][ T5938] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1052.985783][ T5938] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0x83 has invalid wMaxPacketSize 0
[ 1052.997782][ T5938] usb 3-1: config 179 interface 65 altsetting 12 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 1053.011535][ T5938] usb 3-1: config 179 interface 65 has no altsetting 0
[ 1053.019181][ T5938] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[ 1053.029237][ T5938] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1053.075765][ T5938] input: Honey Bee Xbox360 dancepad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input172
[ 1053.304205][ T5937] usb 3-1: USB disconnect, device number 121
[ 1054.287771][  T422] Set syz1 is full, maxelem 65536 reached
[ 1054.531875][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.539135][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.676874][ T5938] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1054.707029][T25618] usb 2-1: new high-speed USB device number 115 using dummy_hcd
[ 1054.806414][ T5937] usb 3-1: new high-speed USB device number 122 using dummy_hcd
[ 1054.826852][ T5938] usb 6-1: Using ep0 maxpacket: 16
[ 1054.841777][ T5938] usb 6-1: config 1 has an invalid interface number: 105 but max is 0
[ 1054.856852][ T5938] usb 6-1: config 1 has no interface number 0
[ 1054.868286][T25618] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1054.880526][ T5938] usb 6-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[ 1054.896408][T25618] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[ 1054.927353][ T5938] usb 6-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[ 1054.947492][ T5938] usb 6-1: config 1 interface 105 has no altsetting 0
[ 1054.955798][T25618] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1054.974868][T25618] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1054.986676][ T5937] usb 3-1: Using ep0 maxpacket: 32
[ 1054.991852][T25618] usb 2-1: Product: syz
[ 1054.996863][T25618] usb 2-1: Manufacturer: syz
[ 1055.001869][T25618] usb 2-1: SerialNumber: syz
[ 1055.010554][ T5937] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[ 1055.010628][ T5938] usb 6-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[ 1055.042884][ T5937] usb 3-1: config 0 has no interface number 0
[ 1055.050319][ T5938] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1055.060842][T25618] cdc_mbim 2-1:1.0: skipping garbage
[ 1055.071444][ T5937] usb 3-1: config 0 interface 184 has no altsetting 0
[ 1055.076470][ T5938] usb 6-1: Product: syz
[ 1055.083918][ T5938] usb 6-1: Manufacturer: syz
[ 1055.098006][ T5938] usb 6-1: SerialNumber: syz
[ 1055.101279][ T5937] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1055.124506][  T428] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1055.130993][ T5937] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1055.132869][  T428] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1055.165912][ T5937] usb 3-1: Product: syz
[ 1055.191189][ T5937] usb 3-1: Manufacturer: syz
[ 1055.212952][ T5937] usb 3-1: SerialNumber: syz
[ 1055.243169][ T5937] usb 3-1: config 0 descriptor??
[ 1055.267945][  T432] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1055.278422][ T5937] smsc75xx v1.0.0
[ 1055.627603][  T428] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1055.645131][  T428] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1055.884262][  T432] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1055.908824][T25618] cdc_mbim 2-1:1.0: setting tx_max = 184
[ 1055.937286][T25618] cdc_mbim 2-1:1.0: cdc-wdm0: USB WDM device
[ 1055.964824][T25618] wwan wwan0: port wwan0mbim0 attached
[ 1056.013562][T25618] cdc_mbim 2-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.1-1, CDC MBIM, 7e:af:fa:3e:bf:87
[ 1056.087302][ T5938] aqc111 6-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32
[ 1056.180211][    C0] wdm_int_callback: 6 callbacks suppressed
[ 1056.180232][    C0] cdc_mbim 2-1:1.0: nonzero urb status received: -71
[ 1056.192761][    C0] wdm_int_callback: 6 callbacks suppressed
[ 1056.192777][    C0] cdc_mbim 2-1:1.0: wdm_int_callback - 0 bytes
[ 1056.205355][    C0] cdc_mbim 2-1:1.0: nonzero urb status received: -71
[ 1056.212071][    C0] cdc_mbim 2-1:1.0: wdm_int_callback - 0 bytes
[ 1056.229227][T23400] usb 2-1: USB disconnect, device number 115
[ 1056.251712][T23400] cdc_mbim 2-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.1-1, CDC MBIM
[ 1056.305884][ T5937] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[ 1056.326960][T23400] wwan wwan0: port wwan0mbim0 disconnected
[ 1056.340464][ T5938] aqc111 6-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[ 1056.403160][ T5938] aqc111 6-1:1.105 eth5: register 'aqc111' at usb-dummy_hcd.5-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 20:fc:94:45:3a:41
[ 1056.454600][ T5938] usb 6-1: USB disconnect, device number 6
[ 1056.480106][ T5938] aqc111 6-1:1.105 eth5: unregister 'aqc111' usb-dummy_hcd.5-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[ 1056.507846][ T5937] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1056.546585][ T5937] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[ 1056.558229][ T5938] aqc111 6-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 1056.574827][ T5938] aqc111 6-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 1056.587054][ T5937] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[ 1056.594575][ T5938] aqc111 6-1:1.105 eth5 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[ 1056.606614][ T5937] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1056.620505][T19424] Bluetooth: hci2: command 0x0406 tx timeout
[ 1056.630296][ T5937] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -71
[ 1056.683643][ T5937] usb 3-1: USB disconnect, device number 122
[ 1057.064632][  T496] netlink: 8 bytes leftover after parsing attributes in process `syz.5.11357'.
[ 1057.940642][  T526] netlink: 80 bytes leftover after parsing attributes in process `syz.3.11367'.
[ 1057.983993][  T526] netlink: 80 bytes leftover after parsing attributes in process `syz.3.11367'.
[ 1058.447173][ T5937] usb 4-1: new low-speed USB device number 2 using dummy_hcd
[ 1058.638789][ T5937] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1058.666703][ T5937] usb 4-1: config 0 has no interface number 0
[ 1058.686831][ T5937] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1058.713682][ T5937] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1058.736907][  T554] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.11376'.
[ 1058.746645][ T5937] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1058.781208][ T5937] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1058.810734][ T5937] usb 4-1: config 0 descriptor??
[ 1058.820109][  T534] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1058.871952][ T5937] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1059.164968][ T5937] usb 4-1: USB disconnect, device number 2
[ 1059.170922][    C0] iowarrior 4-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[ 1059.540629][ T5938] hid-generic 0000:0000:0000.0090: unknown main item tag 0x0
[ 1059.577564][ T5938] hid-generic 0000:0000:0000.0090: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1060.896911][ T5846] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1061.067122][ T5846] usb 6-1: Using ep0 maxpacket: 16
[ 1061.087422][ T5846] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1061.124831][ T5846] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1061.157602][ T5846] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1061.178513][ T5846] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1061.196362][ T5846] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1061.221513][ T5846] usb 6-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1061.234834][ T5846] usb 6-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1061.255215][ T5846] usb 6-1: Manufacturer: syz
[ 1061.274777][ T5846] usb 6-1: config 0 descriptor??
[ 1061.350581][  T635] binder: 634:635 ioctl c0306201 80001a80 returned -14
[ 1061.627238][ T5846] rc_core: IR keymap rc-hauppauge not found
[ 1061.652034][   T30] audit: type=1800 audit(1753570611.614:4928): pid=654 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.11412" name="nullb0" dev="devtmpfs" ino=5120 res=0 errno=0
[ 1061.686321][ T5846] Registered IR keymap rc-empty
[ 1061.691349][ T5846] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1061.768439][ T5846] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1061.797968][ T5846] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[ 1061.853831][ T5846] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input173
[ 1061.902043][ T5846] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1061.918263][  T663] input: syz0 as /devices/virtual/input/input174
[ 1061.962914][ T5846] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1062.006546][ T5846] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1062.046756][ T5846] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1062.080782][ T5846] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1062.136783][ T5846] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1062.187805][ T5846] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1062.216539][ T5846] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1062.259741][ T5846] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1062.296495][ T5846] mceusb 6-1:0.0: Error: mce write submit urb error = -90
[ 1062.334713][ T5846] mceusb 6-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1062.352065][ T5846] mceusb 6-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1062.366918][ T5846] usb 6-1: USB disconnect, device number 7
[ 1062.448580][ T5937] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[ 1062.658998][ T5937] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1062.672814][ T5937] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1062.689225][ T5937] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1062.702909][ T5937] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1062.757943][ T5937] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1062.802587][ T5937] usb 4-1: config 0 descriptor??
[ 1062.867572][  T681] loop2: detected capacity change from 0 to 7
[ 1062.892293][  T681] Dev loop2: unable to read RDB block 7
[ 1062.904624][  T681]  loop2: unable to read partition table
[ 1062.918067][  T681] loop2: partition table beyond EOD, truncated
[ 1062.927935][  T681] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1063.237734][ T5937] plantronics 0003:047F:FFFF.0091: unknown main item tag 0x0
[ 1063.265307][ T5937] plantronics 0003:047F:FFFF.0091: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1063.277748][T23400] usb 3-1: new high-speed USB device number 123 using dummy_hcd
[ 1063.326574][ T5938] usb 2-1: new high-speed USB device number 116 using dummy_hcd
[ 1063.502326][T23400] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1063.510693][ T5938] usb 2-1: too many configurations: 9, using maximum allowed: 8
[ 1063.523994][T23400] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1063.546035][T23400] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1063.552048][ T5938] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1063.587057][ T5938] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1063.596682][T23400] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1063.612398][T23400] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1063.622651][T23400] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1063.655010][T23400] usb 3-1: config 0 descriptor??
[ 1063.666714][ T5938] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1063.685552][  T686] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1063.709727][ T5938] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1063.746331][ T5938] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1063.797206][ T5938] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1063.836837][ T5938] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1063.845773][ T5938] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1063.941472][ T5938] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1063.962355][ T5938] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1063.996340][ T5938] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1064.021863][ T5938] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1064.061170][ T5938] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1064.084099][ T5938] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1064.116420][ T5938] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1064.128415][ T5938] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1064.146419][ T5938] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1064.180617][ T5938] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1064.221472][ T5938] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1064.240588][ T5938] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1064.243644][T23400] plantronics 0003:047F:FFFF.0092: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1064.356405][ T5938] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1064.368475][ T5938] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1064.383675][ T5938] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1064.416620][ T5938] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1064.450481][ T5938] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1064.492679][ T5938] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1064.518378][ T5938] usb 2-1: Product: syz
[ 1064.535018][ T5938] usb 2-1: Manufacturer: syz
[ 1064.563552][ T5938] usb 2-1: SerialNumber: syz
[ 1064.581118][T23400] usb 3-1: USB disconnect, device number 123
[ 1064.616962][ T5938] usb 2-1: config 0 descriptor??
[ 1064.651635][ T5938] yurex 2-1:0.0: USB YUREX device now attached to Yurex #1
[ 1064.761685][  T709] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[ 1065.286410][T23400] usb 5-1: new high-speed USB device number 126 using dummy_hcd
[ 1065.353633][ T5940] usb 4-1: USB disconnect, device number 3
[ 1065.451223][T23400] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1065.472335][T23400] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1065.502403][T23400] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1065.532910][T23400] usb 5-1: config 0 descriptor??
[ 1065.770395][T23400] usbhid 5-1:0.0: can't add hid device: -71
[ 1065.782721][T23400] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1065.812099][T23400] usb 5-1: USB disconnect, device number 126
[ 1066.256450][T23400] usb 5-1: new high-speed USB device number 127 using dummy_hcd
[ 1066.327152][T32568] usb 3-1: new high-speed USB device number 124 using dummy_hcd
[ 1066.416485][T23400] usb 5-1: Using ep0 maxpacket: 16
[ 1066.423671][T23400] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1066.451856][T23400] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1066.493242][T23400] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1066.520921][T23400] usb 5-1: config 0 descriptor??
[ 1066.526463][T32568] usb 3-1: Using ep0 maxpacket: 8
[ 1066.539025][T32568] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[ 1066.574746][T32568] usb 3-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[ 1066.605577][T32568] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1066.641650][T32568] usb 3-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1066.668626][T32568] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1066.707043][ T5937] usb 2-1: USB disconnect, device number 116
[ 1066.728416][ T5937] yurex 2-1:0.0: USB YUREX #1 now disconnected
[ 1066.753993][T32568] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1066.806550][T32568] usb 3-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[ 1066.856316][T32568] usb 3-1: config 168 interface 0 has no altsetting 0
[ 1066.879249][T32568] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[ 1066.927137][T32568] usb 3-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[ 1066.966352][T32568] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1067.015722][T23400] mcp2221 0003:04D8:00DD.0093: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[ 1067.046531][T32568] usb 3-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1067.072769][T32568] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1067.098320][T32568] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1067.133916][T32568] usb 3-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[ 1067.179388][T32568] usb 3-1: config 168 interface 0 has no altsetting 0
[ 1067.195162][T32568] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[ 1067.246776][T32568] usb 3-1: too many endpoints for config 168 interface 0 altsetting 188: 100, using maximum allowed: 30
[ 1067.296601][T32568] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1067.316395][ T5937] usb 2-1: new high-speed USB device number 117 using dummy_hcd
[ 1067.335851][T32568] usb 3-1: config 168 interface 0 altsetting 188 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1067.369330][T32568] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1067.387643][T32568] usb 3-1: config 168 interface 0 altsetting 188 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1067.404871][T32568] usb 3-1: config 168 interface 0 altsetting 188 has 2 endpoint descriptors, different from the interface descriptor's value: 100
[ 1067.430627][T32568] usb 3-1: config 168 interface 0 has no altsetting 0
[ 1067.462113][T32568] usb 3-1: string descriptor 0 read error: -22
[ 1067.468902][T32568] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1067.507074][T32568] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1067.516697][ T5846] usb 5-1: USB disconnect, device number 127
[ 1067.529654][ T5937] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 1067.544708][ T5937] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 1067.573875][ T5937] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 1067.600255][T32568] adutux 3-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 1067.611435][ T5937] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[ 1067.636073][ T5937] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[ 1067.678070][ T5937] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 1067.693431][ T5937] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 1067.705370][ T5937] usb 2-1: Product: syz
[ 1067.716099][ T5937] usb 2-1: Manufacturer: syz
[ 1067.735841][ T5937] cdc_wdm 2-1:1.0: skipping garbage
[ 1067.757303][ T5937] cdc_wdm 2-1:1.0: skipping garbage
[ 1067.774959][ T5937] cdc_wdm 2-1:1.0: cdc-wdm1: USB WDM device
[ 1067.786611][ T5937] cdc_wdm 2-1:1.0: Unknown control protocol
[ 1067.889905][  T761] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.11456'.
[ 1067.962200][ T5937] usb 2-1: USB disconnect, device number 117
[ 1068.250628][  T773] input: syz1 as /devices/virtual/input/input176
[ 1068.365987][T25500] bond0: (slave syz_tun): Releasing backup interface
[ 1068.381076][T25500] syz_tun (unregistering): left allmulticast mode
[ 1068.643736][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1068.658015][   T12] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1068.815949][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1068.828125][   T12] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1068.980344][   T30] audit: type=1326 audit(1753570618.964:4929): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=778 comm="syz.4.11466" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1069.031691][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1069.052571][   T30] audit: type=1326 audit(1753570618.964:4930): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=778 comm="syz.4.11466" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1069.076126][   T12] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1069.108575][ T5846] usb 3-1: USB disconnect, device number 124
[ 1069.175023][   T30] audit: type=1326 audit(1753570618.984:4931): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=778 comm="syz.4.11466" exe="/root/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1069.186371][  T923] usb 2-1: new high-speed USB device number 118 using dummy_hcd
[ 1069.241597][   T30] audit: type=1326 audit(1753570618.984:4932): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=778 comm="syz.4.11466" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1069.270933][   T30] audit: type=1326 audit(1753570618.984:4933): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=778 comm="syz.4.11466" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf711e539 code=0x7ffc0000
[ 1069.356516][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): left promiscuous mode
[ 1069.372105][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1069.383511][   T12] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[ 1069.404112][  T923] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1069.436712][  T923] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1069.465194][  T923] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1069.485975][  T923] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1069.510137][  T923] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1069.568161][  T923] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1069.577050][ T5846] usb 3-1: new high-speed USB device number 125 using dummy_hcd
[ 1069.590563][  T923] usb 2-1: config 0 descriptor??
[ 1069.670446][  T796] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11471'.
[ 1069.699550][  T796] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11471'.
[ 1069.741269][  T796] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11471'.
[ 1069.744243][T19424] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1069.753882][  T796] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11471'.
[ 1069.758133][ T5846] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1069.785453][ T5846] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1069.809835][T19424] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1069.822028][T19424] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1069.836619][T19424] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1069.844319][T19424] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1069.857373][ T5846] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1069.867635][ T5846] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1069.881468][ T5846] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1069.897214][ T5846] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1069.925314][   T12] bridge_slave_1: left allmulticast mode
[ 1069.933404][ T5846] usb 3-1: config 0 descriptor??
[ 1069.957692][   T12] bridge_slave_1: left promiscuous mode
[ 1070.002981][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1070.063780][   T12] bridge_slave_0: left promiscuous mode
[ 1070.079370][  T923] plantronics 0003:047F:FFFF.0094: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[ 1070.104787][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1070.388276][ T5846] plantronics 0003:047F:FFFF.0095: ignoring exceeding usage max
[ 1070.453045][ T5846] plantronics 0003:047F:FFFF.0095: hiddev1,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1071.064610][ T5937] usb 2-1: USB disconnect, device number 118
[ 1071.072477][ T5846] usb 3-1: USB disconnect, device number 125
[ 1071.422309][   T12] bond0 (unregistering): left promiscuous mode
[ 1071.429297][   T12] bond_slave_0: left promiscuous mode
[ 1071.434921][   T12] bond_slave_1: left promiscuous mode
[ 1071.440743][   T12] bond1 (unregistering): left promiscuous mode
[ 1071.480660][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1071.504768][   T12] bond_slave_0: left allmulticast mode
[ 1071.515966][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1071.526417][   T12] bond_slave_1: left allmulticast mode
[ 1071.535752][   T12] bond0 (unregistering): (slave bond1): Releasing backup interface
[ 1071.545052][   T12] bond1 (unregistering): left allmulticast mode
[ 1071.551659][   T12] bond0 (unregistering): Released all slaves
[ 1071.849792][   T12] bond1 (unregistering): Released all slaves
[ 1071.879064][   T12] bond2 (unregistering): Released all slaves
[ 1071.886919][T19424] Bluetooth: hci3: command tx timeout
[ 1071.969908][  T832] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11478'.
[ 1072.897293][ T5846] usb 2-1: new high-speed USB device number 119 using dummy_hcd
[ 1073.078347][ T5846] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1073.119914][   T30] audit: type=1326 audit(1753570623.084:4934): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=868 comm="syz.2.11489" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f13539 code=0x0
[ 1073.157938][   T12] hsr_slave_0: left promiscuous mode
[ 1073.163445][ T5846] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1073.184637][   T12] hsr_slave_1: left promiscuous mode
[ 1073.185410][ T5846] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1073.201807][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1073.217993][ T5846] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1073.234811][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1073.245619][ T5846] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1073.247268][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1073.264233][ T5846] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1073.284623][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1073.303363][ T5846] usb 2-1: config 0 descriptor??
[ 1073.373481][   T12] team_slave_0: left promiscuous mode
[ 1073.379362][   T12] team_slave_1: left promiscuous mode
[ 1073.388485][   T12] veth1_macvtap: left promiscuous mode
[ 1073.394072][   T12] veth0_macvtap: left promiscuous mode
[ 1073.404657][   T12] veth1_vlan: left promiscuous mode
[ 1073.412532][   T12] veth0_vlan: left promiscuous mode
[ 1073.589119][   T12] team0 (unregistering): Port device batadv1 removed
[ 1073.740727][ T5846] plantronics 0003:047F:FFFF.0096: ignoring exceeding usage max
[ 1073.780552][ T5846] plantronics 0003:047F:FFFF.0096: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[ 1073.976216][T19424] Bluetooth: hci3: command tx timeout
[ 1074.274411][   T12] team0 (unregistering): Port device team_slave_1 removed
[ 1074.329257][   T12] team0 (unregistering): Port device team_slave_0 removed
[ 1074.340152][  T891] fanotify: failed to encode fid (type=0, len=0, err=-2)
[ 1075.170348][  T800] chnl_net:caif_netlink_parms(): no params data found
[ 1075.336880][  T901] loop2: detected capacity change from 0 to 7
[ 1075.376652][  T901] Dev loop2: unable to read RDB block 7
[ 1075.423030][  T901]  loop2: unable to read partition table
[ 1075.437322][  T901] loop2: partition table beyond EOD, truncated
[ 1075.482918][  T901] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1075.664099][  T800] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1075.699081][  T800] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1075.737105][  T800] bridge_slave_0: entered allmulticast mode
[ 1075.765362][  T800] bridge_slave_0: entered promiscuous mode
[ 1075.799833][  T800] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1075.816496][  T800] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1075.846717][  T800] bridge_slave_1: entered allmulticast mode
[ 1075.894165][  T800] bridge_slave_1: entered promiscuous mode
[ 1075.970686][ T5846] usb 2-1: USB disconnect, device number 119
[ 1075.999913][  T946] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11502'.
[ 1076.047228][T19424] Bluetooth: hci3: command tx timeout
[ 1076.052540][   T12] IPVS: stop unused estimator thread 0...
[ 1076.135028][  T800] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1076.244132][  T800] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1076.267405][ T5940] usb 3-1: new high-speed USB device number 126 using dummy_hcd
[ 1076.442724][  T800] team0: Port device team_slave_0 added
[ 1076.449086][ T5940] usb 3-1: Using ep0 maxpacket: 8
[ 1076.456131][ T5940] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1076.471235][ T5940] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1076.481500][  T800] team0: Port device team_slave_1 added
[ 1076.489679][ T5940] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1076.513777][ T5940] usb 3-1: config 0 descriptor??
[ 1076.569801][  T800] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1076.583825][  T800] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1076.616235][  T800] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1076.636086][  T800] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1076.657535][  T800] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1076.693251][  T800] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1076.733594][  T967] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11508'.
[ 1076.738474][ T5940] iowarrior 3-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1076.791846][  T969] usb usb8: usbfs: process 969 (syz.1.11509) did not claim interface 0 before use
[ 1076.920901][  T800] hsr_slave_0: entered promiscuous mode
[ 1076.935800][  T800] hsr_slave_1: entered promiscuous mode
[ 1076.957272][  T800] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1076.989268][  T800] Cannot create hsr debugfs directory
[ 1077.156438][T32568] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1077.282163][T25618] usb 3-1: USB disconnect, device number 126
[ 1077.320936][T32568] usb 6-1: Using ep0 maxpacket: 8
[ 1077.359934][T32568] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[ 1077.389275][T32568] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1077.459072][T32568] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1077.469248][T32568] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1077.481431][T32568] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1077.518211][T32568] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1077.543583][T32568] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1077.788544][  T800] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1077.809325][   T30] audit: type=1326 audit(1753570627.794:4935): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=995 comm="syz.1.11515" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[ 1077.876978][  T800] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1077.883845][T32568] usb 6-1: GET_CAPABILITIES returned 0
[ 1077.900558][T32568] usbtmc 6-1:16.0: can't read capabilities
[ 1077.911774][   T30] audit: type=1326 audit(1753570627.794:4936): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=995 comm="syz.1.11515" exe="/root/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[ 1077.975114][  T800] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1078.041860][   T30] audit: type=1326 audit(1753570627.794:4937): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=995 comm="syz.1.11515" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[ 1078.084812][  T800] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1078.107816][   T30] audit: type=1326 audit(1753570627.794:4938): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=995 comm="syz.1.11515" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[ 1078.133538][T19424] Bluetooth: hci3: command tx timeout
[ 1078.205697][  T973] usbtmc 6-1:16.0: usb_control_msg returned -71
[ 1078.210700][T32568] usb 6-1: USB disconnect, device number 8
[ 1078.235045][ T1002] usb 6-1: usbtmc_ioctl_clear_out_halt returned -19
[ 1079.027043][  T800] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1079.094211][  T800] 8021q: adding VLAN 0 to HW filter on device team0
[ 1079.148275][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1079.155452][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1079.203675][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1079.210913][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1079.398968][  T800] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1079.415785][ T1048] loop2: detected capacity change from 0 to 7
[ 1079.431623][ T1048] Dev loop2: unable to read RDB block 7
[ 1079.443798][ T1048]  loop2: AHDI p1 p2 p3
[ 1079.453133][ T1048] loop2: partition table partially beyond EOD, truncated
[ 1079.475421][ T1048] loop2: p1 start 1601398130 is beyond EOD, truncated
[ 1079.515064][ T1048] loop2: p2 start 1702059890 is beyond EOD, truncated
[ 1079.620193][  T800] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1079.644732][ T1053] kvm: vcpu 512: requested lapic timer restore with starting count register 0x390=1814518830 (232258410240 ns) > initial count (2458284544 ns). Using initial count to start timer.
[ 1079.881380][  T800] veth0_vlan: entered promiscuous mode
[ 1079.936671][  T800] veth1_vlan: entered promiscuous mode
[ 1080.055819][  T800] veth0_macvtap: entered promiscuous mode
[ 1080.086145][  T800] veth1_macvtap: entered promiscuous mode
[ 1080.159083][  T800] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1080.207699][ T1073] input: syz0 as /devices/virtual/input/input178
[ 1080.220553][  T800] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1080.249596][  T800] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.289938][ T1077] netlink: 4 bytes leftover after parsing attributes in process `syz.5.11532'.
[ 1080.300218][  T800] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.330379][  T800] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.371341][  T800] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1080.567935][ T1086] netlink: 'syz.1.11535': attribute type 6 has an invalid length.
[ 1080.712960][ T1089] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11536'.
[ 1080.750331][T30287] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1080.784115][T30287] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1080.855065][T30287] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1080.889777][T30287] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1081.509828][ T1118] kernel read not supported for file /eth0 (pid: 1118 comm: syz.6.11542)
[ 1081.545909][   T30] audit: type=1800 audit(1753570631.524:4939): pid=1118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.11542" name="eth0" dev="mqueue" ino=166297 res=0 errno=0
[ 1082.857959][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880580b5c00: rx timeout, send abort
[ 1083.219307][T32568] usb 2-1: new high-speed USB device number 120 using dummy_hcd
[ 1083.366200][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880580b5c00: abort rx timeout. Force session deactivation
[ 1083.517610][T32568] usb 2-1: Using ep0 maxpacket: 8
[ 1083.541779][T32568] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1083.605323][T32568] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1083.625076][T32568] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1083.664964][T32568] usb 2-1: config 0 descriptor??
[ 1083.806733][   T30] audit: type=1326 audit(1753570633.774:4940): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.6.11557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1083.868882][   T30] audit: type=1326 audit(1753570633.774:4941): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.6.11557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704e558 code=0x7ffc0000
[ 1083.929346][   T30] audit: type=1326 audit(1753570633.774:4942): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.6.11557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1083.934258][T32568] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[ 1084.033093][   T30] audit: type=1326 audit(1753570633.784:4943): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.6.11557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1084.059292][   T30] audit: type=1326 audit(1753570633.784:4944): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.6.11557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704e558 code=0x7ffc0000
[ 1084.132384][   T30] audit: type=1326 audit(1753570633.784:4945): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.6.11557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1084.290131][   T30] audit: type=1326 audit(1753570633.814:4946): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.6.11557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1084.416429][   T30] audit: type=1326 audit(1753570633.814:4947): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.6.11557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf704e558 code=0x7ffc0000
[ 1084.532769][   T30] audit: type=1326 audit(1753570633.814:4948): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.6.11557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1084.644415][   T30] audit: type=1326 audit(1753570633.814:4949): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1171 comm="syz.6.11557" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf704e539 code=0x7ffc0000
[ 1084.713914][ T5846] usb 2-1: USB disconnect, device number 120
[ 1084.840866][ T1217] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11570'.
[ 1085.421506][ T1241] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11577'.
[ 1085.472020][ T1241] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11577'.
[ 1086.482479][ T1277] kvm: Disabled LAPIC found during irq injection
[ 1086.881925][ T1298] netlink: 28 bytes leftover after parsing attributes in process `syz.6.11596'.
[ 1086.906633][ T1298] netlink: 'syz.6.11596': attribute type 7 has an invalid length.
[ 1086.926845][ T1298] netlink: 'syz.6.11596': attribute type 8 has an invalid length.
[ 1086.946065][ T1298] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11596'.
[ 1087.264914][ T1311] loop3: detected capacity change from 0 to 1
[ 1087.295037][ T1311] Dev loop3: unable to read RDB block 1
[ 1087.316709][ T1311]  loop3: unable to read partition table
[ 1087.341023][ T1311] loop3: partition table beyond EOD, truncated
[ 1087.362832][ T1311] loop_reread_partitions: partition scan of loop3 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1088.512044][ T1354] dummy0: entered allmulticast mode
[ 1088.520567][ T1354] dummy0: left allmulticast mode
[ 1088.736817][ T5940] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[ 1088.816487][ T5937] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 1088.897018][ T5940] usb 7-1: Using ep0 maxpacket: 8
[ 1088.916198][ T5940] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1088.945078][ T5940] usb 7-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[ 1088.959747][ T5940] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1088.974010][ T5940] usb 7-1: config 0 descriptor??
[ 1088.990418][ T5940] gspca_main: vc032x-2.14.0 probing 046d:0892
[ 1088.996846][ T5937] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1089.046966][ T5937] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1089.073090][ T5937] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1089.100042][ T5937] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1089.117794][ T5937] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1089.127965][ T5937] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1089.167094][ T5937] usb 5-1: config 0 descriptor??
[ 1089.183089][ T1360] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1089.666006][ T5937] plantronics 0003:047F:FFFF.0097: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[ 1090.197041][ T5940] gspca_vc032x: reg_w err -71
[ 1090.201846][ T5940] vc032x 7-1:0.0: probe with driver vc032x failed with error -71
[ 1090.241923][ T5940] usb 7-1: USB disconnect, device number 2
[ 1090.874179][ T1426] can-isotp: isotp_sendmsg: can_send_ret -ENETDOWN
[ 1091.251520][ T1439] netlink: 12 bytes leftover after parsing attributes in process `syz.6.11644'.
[ 1091.261931][ T1439] netlink: 'syz.6.11644': attribute type 12 has an invalid length.
[ 1091.770448][T32568] usb 5-1: USB disconnect, device number 2
[ 1091.844858][ T1449] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11648'.
[ 1091.896612][ T5846] usb 2-1: new high-speed USB device number 121 using dummy_hcd
[ 1091.925739][ T1450] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11648'.
[ 1092.066820][ T5846] usb 2-1: Using ep0 maxpacket: 16
[ 1092.076220][ T5846] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1092.088623][ T5846] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1092.102679][ T5846] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1092.116167][ T5846] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1092.124395][ T5846] usb 2-1: Product: syz
[ 1092.128660][ T5846] usb 2-1: Manufacturer: syz
[ 1092.133379][ T5846] usb 2-1: SerialNumber: syz
[ 1092.154174][ T5846] usb 2-1: config 0 descriptor??
[ 1092.165018][ T5846] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1092.174573][ T5846] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[ 1092.794964][ T5846] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[ 1092.824254][ T5846] em28xx 2-1:0.0: Config register raw data: 0x30
[ 1092.832265][ T5846] em28xx 2-1:0.0: I2S Audio (3 sample rate(s))
[ 1092.839456][ T5846] em28xx 2-1:0.0: No AC97 audio processor
[ 1093.251738][ T5846] usb 2-1: USB disconnect, device number 121
[ 1093.824510][ T1439] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1093.833956][ T1439] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1093.842740][ T1439] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1093.851711][ T1439] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1093.879275][ T1439] vxlan0: entered promiscuous mode
[ 1094.116590][ T5846] usb 2-1: new high-speed USB device number 122 using dummy_hcd
[ 1094.224202][ T1473] pim6reg1: entered promiscuous mode
[ 1094.255198][ T1473] pim6reg1: entered allmulticast mode
[ 1094.288632][ T5846] usb 2-1: Using ep0 maxpacket: 8
[ 1094.309696][ T5846] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 1094.351996][ T5846] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 1094.369604][ T5846] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1094.383598][ T5846] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1094.399186][T23400] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[ 1094.429215][ T5846] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1094.442070][ T5846] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1094.570262][T23400] usb 7-1: Using ep0 maxpacket: 32
[ 1094.585054][T23400] usb 7-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 1094.597513][T23400] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1094.624329][T23400] usb 7-1: Product: syz
[ 1094.633775][T23400] usb 7-1: Manufacturer: syz
[ 1094.645157][T23400] usb 7-1: SerialNumber: syz
[ 1094.665809][ T5846] usb 2-1: GET_CAPABILITIES returned 0
[ 1094.681296][T23400] usb 7-1: config 0 descriptor??
[ 1094.694219][ T5846] usbtmc 2-1:16.0: can't read capabilities
[ 1094.714014][T23400] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 1094.946778][T32568] usb 2-1: USB disconnect, device number 122
[ 1095.599483][ T1514] netlink: 12 bytes leftover after parsing attributes in process `syz.5.11663'.
[ 1095.675778][ T1514] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1095.685340][ T1514] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1095.694384][ T1514] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1095.703202][ T1514] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1095.728280][ T1514] vxlan0: entered promiscuous mode
[ 1095.936125][T23400] gspca_stk1135: reg_w 0xd err -71
[ 1095.944567][T23400] gspca_stk1135: serial bus timeout: status=0x00
[ 1095.981640][T23400] gspca_stk1135: Sensor write failed
[ 1095.995577][T23400] gspca_stk1135: serial bus timeout: status=0x00
[ 1096.002478][T23400] gspca_stk1135: Sensor write failed
[ 1096.013698][T23400] gspca_stk1135: serial bus timeout: status=0x00
[ 1096.020411][T23400] gspca_stk1135: Sensor read failed
[ 1096.028039][T23400] gspca_stk1135: serial bus timeout: status=0x00
[ 1096.035811][T23400] gspca_stk1135: Sensor read failed
[ 1096.042037][T23400] gspca_stk1135: Detected sensor type unknown (0x0)
[ 1096.049346][T23400] gspca_stk1135: serial bus timeout: status=0x00
[ 1096.055694][T23400] gspca_stk1135: Sensor read failed
[ 1096.061452][T23400] gspca_stk1135: serial bus timeout: status=0x00
[ 1096.068528][T23400] gspca_stk1135: Sensor read failed
[ 1096.073831][T23400] gspca_stk1135: serial bus timeout: status=0x00
[ 1096.094057][T23400] gspca_stk1135: Sensor write failed
[ 1096.099518][T23400] gspca_stk1135: serial bus timeout: status=0x00
[ 1096.113792][T23400] gspca_stk1135: Sensor write failed
[ 1096.128041][T23400] stk1135 7-1:0.0: probe with driver stk1135 failed with error -71
[ 1096.163553][T23400] usb 7-1: USB disconnect, device number 3
[ 1096.653063][ T1547] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1097.176548][ T5940] usb 2-1: new high-speed USB device number 123 using dummy_hcd
[ 1097.349067][ T5940] usb 2-1: Using ep0 maxpacket: 32
[ 1097.362548][ T5940] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1097.390544][ T5940] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[ 1097.415698][ T5940] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1097.464505][ T5940] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1097.494068][ T5940] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1097.513117][ T5940] usb 2-1: config 0 descriptor??
[ 1097.519904][ T1560] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1097.544273][ T5940] hub 2-1:0.0: USB hub found
[ 1097.749269][ T5940] hub 2-1:0.0: 2 ports detected
[ 1097.932976][ T1594] binder: 1593:1594 ioctl c0306201 80000640 returned -22
[ 1098.174425][ T5940] hub 2-1:0.0: set hub depth failed
[ 1098.188744][ T5940] usb 2-1: USB disconnect, device number 123
[ 1098.236883][T25618] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[ 1098.391178][T25618] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1098.414882][T25618] usb 7-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1098.437071][T25618] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1098.458039][T25618] usb 7-1: config 0 descriptor??
[ 1098.694277][T25618] usbhid 7-1:0.0: can't add hid device: -71
[ 1098.712403][T25618] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[ 1098.747187][T25618] usb 7-1: USB disconnect, device number 4
[ 1099.196965][T25618] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[ 1099.363185][T25618] usb 7-1: Using ep0 maxpacket: 32
[ 1099.372791][T25618] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1099.389286][T25618] usb 7-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[ 1099.400246][T25618] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1099.419094][T25618] usb 7-1: config 0 descriptor??
[ 1099.428282][T25618] ldusb 7-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1099.451087][T25618] ldusb 7-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1099.664012][    C0] ldusb 7-1:0.0: Ring buffer overflow, 8 bytes dropped
[ 1099.995075][    C1] ldusb 7-1:0.0: Ring buffer overflow, 8 bytes dropped
[ 1100.297738][ T1693] binder: 1691:1693 ioctl 40046205 0 returned -22
[ 1101.020577][T25695] syz_tun (unregistering): left promiscuous mode
[ 1101.050994][ T5940] usb 7-1: USB disconnect, device number 5
[ 1101.129900][ T5940] ldusb 7-1:0.0: LD USB Device #0 now disconnected
[ 1101.418401][ T5846] hid-generic 0003:0004:0000.0098: unknown main item tag 0x0
[ 1101.436388][ T5846] hid-generic 0003:0004:0000.0098: unknown main item tag 0x0
[ 1101.443838][ T5846] hid-generic 0003:0004:0000.0098: unknown main item tag 0x0
[ 1101.490896][ T5846] hid-generic 0003:0004:0000.0098: hidraw0: USB HID v0.00 Device [syz0] on syz1
[ 1101.676857][ T1733] fido_id[1733]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1102.676054][ T1765] netlink: 24 bytes leftover after parsing attributes in process `syz.2.11741'.
[ 1102.810847][ T1770] netlink: 24 bytes leftover after parsing attributes in process `syz.2.11741'.
[ 1102.856088][  T992] ip6gretap0 (unregistering): left allmulticast mode
[ 1102.889416][  T992] ip6gretap0 (unregistering): left promiscuous mode
[ 1103.038525][ T5167] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 1103.048689][ T5167] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 1103.056925][ T5167] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 1103.065604][ T5167] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 1103.073985][ T5167] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 1103.272383][ T1786] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.11746'.
[ 1103.764671][  T992] bridge0 (unregistering): left allmulticast mode
[ 1103.775199][  T992] bridge0 (unregistering): left promiscuous mode
[ 1103.918567][  T992] bond0 (unregistering): (slave macvlan0): Releasing backup interface
[ 1103.927918][  T992] macvlan0: left promiscuous mode
[ 1103.933063][  T992] macvlan0: left allmulticast mode
[ 1103.940989][  T992] bond0 (unregistering): Released all slaves
[ 1103.987433][ T5940] usb 2-1: new high-speed USB device number 124 using dummy_hcd
[ 1104.015900][ T1791] veth1_to_bridge: entered promiscuous mode
[ 1104.038354][ T1793] veth1_to_bridge: left promiscuous mode
[ 1104.118617][  T992] tipc: Disabling bearer <udp:syz2>
[ 1104.133865][  T992] tipc: Left network mode
[ 1104.166705][ T5940] usb 2-1: Using ep0 maxpacket: 8
[ 1104.201606][ T5940] usb 2-1: config 150 has an invalid interface number: 204 but max is 1
[ 1104.228799][ T5940] usb 2-1: config 150 has no interface number 0
[ 1104.265677][ T5940] usb 2-1: config 150 interface 204 has no altsetting 0
[ 1104.288604][ T5940] usb 2-1: config 150 interface 1 has no altsetting 0
[ 1104.331652][ T5940] usb 2-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[ 1104.352241][ T5940] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1104.382061][ T5940] usb 2-1: Product: syz
[ 1104.392719][ T5940] usb 2-1: Manufacturer: syz
[ 1104.401642][ T5940] usb 2-1: SerialNumber: syz
[ 1104.499243][ T1812] input: syz1 as /devices/virtual/input/input180
[ 1104.645560][ T5940] xr_serial 2-1:150.204: xr_serial converter detected
[ 1104.656521][T32568] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[ 1104.703572][ T1817] input: syz0 as /devices/virtual/input/input181
[ 1104.806674][T32568] usb 7-1: Using ep0 maxpacket: 8
[ 1104.829215][T32568] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1104.855444][  T992] hsr_slave_0: left promiscuous mode
[ 1104.865299][T32568] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[ 1104.889532][T32568] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1104.899076][  T992] hsr_slave_1: left promiscuous mode
[ 1104.946476][T32568] usb 7-1: config 250 has no interface number 0
[ 1104.956739][T32568] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1104.983157][T32568] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1105.022403][T32568] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1105.034167][T32568] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[ 1105.046376][T32568] usb 7-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[ 1105.097323][T32568] usb 7-1: config 250 interface 228 has no altsetting 0
[ 1105.114715][T32568] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1105.125959][T32568] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1105.154803][T32568] usb 7-1: Product: syz
[ 1105.159348][T32568] usb 7-1: SerialNumber: syz
[ 1105.169484][ T5167] Bluetooth: hci0: command tx timeout
[ 1105.208579][T32568] hub 7-1:250.228: bad descriptor, ignoring hub
[ 1105.217272][T32568] hub 7-1:250.228: probe with driver hub failed with error -5
[ 1105.469187][T32568] usblp 7-1:250.228: usblp0: USB Bidirectional printer dev 6 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[ 1105.476385][ T5940] usb 2-1: xr_serial converter now attached to ttyUSB0
[ 1105.947095][T25618] usb 2-1: USB disconnect, device number 124
[ 1105.953440][T32568] usb 7-1: USB disconnect, device number 6
[ 1105.971599][T32568] usblp0: removed
[ 1106.000118][T25618] xr_serial ttyUSB0: xr_serial converter now disconnected from ttyUSB0
[ 1106.077410][T25618] xr_serial 2-1:150.204: device disconnected
[ 1106.240570][ T1840] netlink: 'syz.5.11759': attribute type 4 has an invalid length.
[ 1106.302408][ T1841] netlink: 'syz.5.11759': attribute type 4 has an invalid length.
[ 1106.346623][T32568] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[ 1106.536853][T32568] usb 7-1: Using ep0 maxpacket: 8
[ 1106.565949][T32568] usb 7-1: config index 0 descriptor too short (expected 5924, got 36)
[ 1106.588125][T32568] usb 7-1: config 250 has an invalid interface number: 228 but max is -1
[ 1106.661399][T32568] usb 7-1: config 250 has 1 interface, different from the descriptor's value: 0
[ 1106.752382][T32568] usb 7-1: config 250 has no interface number 0
[ 1106.758804][T32568] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[ 1106.771437][T32568] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[ 1106.797667][T32568] usb 7-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1106.809252][T32568] usb 7-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[ 1106.820988][T32568] usb 7-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[ 1106.834865][T32568] usb 7-1: config 250 interface 228 has no altsetting 0
[ 1106.870790][T32568] usb 7-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[ 1106.898700][T32568] usb 7-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[ 1106.909092][T32568] usb 7-1: Product: syz
[ 1106.932884][T32568] usb 7-1: SerialNumber: syz
[ 1106.945439][T32568] hub 7-1:250.228: bad descriptor, ignoring hub
[ 1106.958172][T32568] hub 7-1:250.228: probe with driver hub failed with error -5
[ 1107.177955][T32568] usblp 7-1:250.228: usblp0: USB Bidirectional printer dev 7 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[ 1107.246923][ T5167] Bluetooth: hci0: command tx timeout
[ 1107.247748][T32568] usb 7-1: USB disconnect, device number 7
[ 1107.283810][T32568] usblp0: removed
[ 1107.814708][ T1781] chnl_net:caif_netlink_parms(): no params data found
[ 1108.303594][ T1781] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1108.327126][ T1781] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1108.345264][ T1781] bridge_slave_0: entered allmulticast mode
[ 1108.378630][ T1781] bridge_slave_0: entered promiscuous mode
[ 1108.398987][ T1781] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1108.445226][ T1781] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1108.466750][ T1781] bridge_slave_1: entered allmulticast mode
[ 1108.504240][ T1781] bridge_slave_1: entered promiscuous mode
[ 1108.698412][ T1880] loop6: detected capacity change from 0 to 1
[ 1108.710583][ T1880] Dev loop6: unable to read RDB block 1
[ 1108.716214][ T1880]  loop6: unable to read partition table
[ 1108.750631][   T30] kauditd_printk_skb: 159 callbacks suppressed
[ 1108.750647][   T30] audit: type=1800 audit(1753570658.734:5109): pid=1882 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.11772" name="file1" dev="tmpfs" ino=206 res=0 errno=0
[ 1108.752843][ T1880] loop6: partition table beyond EOD, 
[ 1108.812485][ T1781] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1108.839817][ T1880] truncated
[ 1108.843086][ T1880] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1108.901998][ T1781] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1109.037882][ T1888] netlink: 'syz.6.11773': attribute type 12 has an invalid length.
[ 1109.055477][ T1888] netlink: 'syz.6.11773': attribute type 29 has an invalid length.
[ 1109.089858][  T992] IPVS: stop unused estimator thread 0...
[ 1109.109723][ T1888] netlink: 148 bytes leftover after parsing attributes in process `syz.6.11773'.
[ 1109.135615][ T1888] netlink: 16 bytes leftover after parsing attributes in process `syz.6.11773'.
[ 1109.326526][ T5167] Bluetooth: hci0: command tx timeout
[ 1109.348495][ T1781] team0: Port device team_slave_0 added
[ 1109.397371][ T1781] team0: Port device team_slave_1 added
[ 1109.661341][ T1781] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1109.677808][ T1781] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1109.755276][ T1781] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1109.828535][ T1781] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1109.854401][ T1781] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1109.973883][ T1781] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1110.255729][ T1781] hsr_slave_0: entered promiscuous mode
[ 1110.265207][ T1781] hsr_slave_1: entered promiscuous mode
[ 1110.677277][ T5938] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[ 1110.852868][ T5938] usb 7-1: config index 0 descriptor too short (expected 32786, got 18)
[ 1110.890344][ T5938] usb 7-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice=c6.98
[ 1110.935092][ T5938] usb 7-1: New USB device strings: Mfr=244, Product=0, SerialNumber=0
[ 1110.962898][ T5938] usb 7-1: Manufacturer: syz
[ 1110.992009][ T5938] usb 7-1: config 0 descriptor??
[ 1111.017268][ T5938] ftdi_sio 7-1:0.0: FTDI USB Serial Device converter detected
[ 1111.027547][  T992] netdevsim netdevsim5 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1111.052995][ T5938] ftdi_sio ttyUSB0: unknown device type: 0xc698
[ 1111.061131][  T992] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1111.208172][ T1930] pimreg: entered allmulticast mode
[ 1111.271430][ T5940] usb 7-1: USB disconnect, device number 8
[ 1111.315725][ T5940] ftdi_sio 7-1:0.0: device disconnected
[ 1111.408220][ T5167] Bluetooth: hci0: command tx timeout
[ 1111.578532][  T992] netdevsim netdevsim5 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1111.613614][  T992] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1111.868915][  T992] netdevsim netdevsim5 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1111.896820][  T992] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1112.140862][  T992] netdevsim netdevsim5 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 1112.161867][  T992] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1112.261809][T19424] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1112.269601][ T5846] usb 7-1: new low-speed USB device number 9 using dummy_hcd
[ 1112.279433][T19424] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1112.292297][T19424] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1112.304412][T19424] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1112.314389][T19424] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1112.358219][ T1781] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1112.380007][ T1781] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1112.418783][ T1781] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1112.431023][ T1781] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1112.508292][ T5846] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[ 1112.527325][   T30] audit: type=1326 audit(1753570662.514:5110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1967 comm="syz.1.11798" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[ 1112.529412][ T5846] usb 7-1: config 0 has no interface number 0
[ 1112.603854][ T5846] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[ 1112.619830][   T30] audit: type=1326 audit(1753570662.534:5111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1967 comm="syz.1.11798" exe="/root/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[ 1112.648446][ T5846] usb 7-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[ 1112.699262][   T30] audit: type=1326 audit(1753570662.534:5112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1967 comm="syz.1.11798" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[ 1112.708790][ T5846] usb 7-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1112.773009][   T30] audit: type=1326 audit(1753570662.554:5113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1967 comm="syz.1.11798" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[ 1112.808957][ T5846] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1112.858035][ T5846] usb 7-1: config 0 descriptor??
[ 1112.864176][ T1953] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1112.866330][   T30] audit: type=1326 audit(1753570662.554:5114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1967 comm="syz.1.11798" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[ 1112.930380][   T30] audit: type=1326 audit(1753570662.564:5115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1967 comm="syz.1.11798" exe="/root/syz-executor" sig=0 arch=40000003 syscall=296 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[ 1112.962123][ T5846] iowarrior 7-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[ 1113.092639][   T30] audit: type=1326 audit(1753570662.564:5116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1967 comm="syz.1.11798" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[ 1113.190216][   T30] audit: type=1326 audit(1753570662.564:5117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1967 comm="syz.1.11798" exe="/root/syz-executor" sig=0 arch=40000003 syscall=353 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[ 1113.213521][  T992] bridge_slave_1: left allmulticast mode
[ 1113.219981][  T992] bridge_slave_1: left promiscuous mode
[ 1113.225760][  T992] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1113.287857][   T30] audit: type=1326 audit(1753570662.564:5118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1967 comm="syz.1.11798" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x7ffc0000
[ 1113.316571][  T992] bridge_slave_0: left allmulticast mode
[ 1113.322383][  T992] bridge_slave_0: left promiscuous mode
[ 1113.348493][  T992] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1113.404062][T23400] usb 7-1: USB disconnect, device number 9
[ 1113.410421][    C0] iowarrior 7-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[ 1114.118299][ T5938] usb 2-1: new full-speed USB device number 125 using dummy_hcd
[ 1114.243059][  T923] usb 3-1: new high-speed USB device number 127 using dummy_hcd
[ 1114.279490][ T5938] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1114.284930][ T2007] KVM: debugfs: duplicate directory 2007-5
[ 1114.292208][ T5938] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1114.305704][  T992] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1114.318496][  T992] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1114.330211][ T5938] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1114.340381][ T5938] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1114.350862][  T992] bond0 (unregistering): Released all slaves
[ 1114.358116][ T5938] usb 2-1: Product: syz
[ 1114.362317][ T5938] usb 2-1: Manufacturer: syz
[ 1114.367649][ T5167] Bluetooth: hci1: command tx timeout
[ 1114.375842][ T5938] usb 2-1: SerialNumber: syz
[ 1114.407811][  T923] usb 3-1: Using ep0 maxpacket: 16
[ 1114.416594][  T923] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1114.427551][  T923] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1114.436880][  T923] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1114.467483][  T923] usb 3-1: config 0 descriptor??
[ 1114.597484][ T5938] usb 2-1: 0:2 : does not exist
[ 1114.607628][ T5938] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[ 1114.632298][ T5938] usb 2-1: USB disconnect, device number 125
[ 1114.682061][ T5987] udevd[5987]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1114.719727][ T2005] netlink: 24 bytes leftover after parsing attributes in process `syz.2.11805'.
[ 1114.771990][  T923] usb 3-1: USB disconnect, device number 127
[ 1114.811746][ T1781] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1114.913458][ T1961] chnl_net:caif_netlink_parms(): no params data found
[ 1114.979862][ T1781] 8021q: adding VLAN 0 to HW filter on device team0
[ 1115.053398][  T992] hsr_slave_0: left promiscuous mode
[ 1115.061244][  T992] hsr_slave_1: left promiscuous mode
[ 1115.069927][  T992] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1115.078102][  T992] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1115.086169][  T992] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1115.094034][  T992] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1115.123087][  T992] veth1_macvtap: left promiscuous mode
[ 1115.128813][  T992] veth0_macvtap: left promiscuous mode
[ 1115.134594][  T992] veth1_vlan: left promiscuous mode
[ 1115.140967][  T992] veth0_vlan: left promiscuous mode
[ 1115.974143][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1115.981111][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.070504][  T992] team0 (unregistering): Port device team_slave_1 removed
[ 1116.141179][  T992] team0 (unregistering): Port device team_slave_0 removed
[ 1116.448023][ T5167] Bluetooth: hci1: command tx timeout
[ 1116.796835][T30285] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1116.804068][T30285] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1116.934294][T30285] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1116.941523][T30285] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1116.995804][ T2047] loop2: detected capacity change from 0 to 7
[ 1117.029598][T29590] Dev loop2: unable to read RDB block 7
[ 1117.035651][T29590]  loop2: AHDI p2 p3 p4
[ 1117.082203][T29590] loop2: partition table partially beyond EOD, truncated
[ 1117.118180][T29590] loop2: p2 size 150995456 extends beyond EOD, truncated
[ 1117.164955][T29590] loop2: p3 size 4211081215 extends beyond EOD, truncated
[ 1117.279618][ T1961] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1117.294020][ T2047] Dev loop2: unable to read RDB block 7
[ 1117.298876][ T1961] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1117.310695][ T2047]  loop2: AHDI p2 p3 p4
[ 1117.314901][ T2047] loop2: partition table partially beyond EOD, truncated
[ 1117.317016][ T1961] bridge_slave_0: entered allmulticast mode
[ 1117.346683][ T2047] loop2: p2 size 150995456 extends beyond EOD, truncated
[ 1117.378621][ T1961] bridge_slave_0: entered promiscuous mode
[ 1117.385030][ T2047] loop2: p3 size 4211081215 extends beyond EOD, truncated
[ 1117.414344][ T1961] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1117.421576][T32568] usb 2-1: new high-speed USB device number 126 using dummy_hcd
[ 1117.436745][ T1961] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1117.444055][ T1961] bridge_slave_1: entered allmulticast mode
[ 1117.478146][ T1961] bridge_slave_1: entered promiscuous mode
[ 1117.611973][T32568] usb 2-1: Using ep0 maxpacket: 16
[ 1117.622182][ T5987] udevd[5987]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[ 1117.637226][ T5904] udevd[5904]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[ 1117.656298][T32568] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 1117.714144][T32568] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1117.747183][T32568] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1117.786646][ T5987] udevd[5987]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[ 1117.796907][T32568] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1117.796943][T32568] usb 2-1: Product: syz
[ 1117.796957][T32568] usb 2-1: Manufacturer: syz
[ 1117.796971][T32568] usb 2-1: SerialNumber: syz
[ 1117.819097][ T5904] udevd[5904]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[ 1117.836153][ T1961] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1117.849419][ T2058] input: syz1 as /devices/virtual/input/input182
[ 1117.873410][T32568] usb 2-1: config 0 descriptor??
[ 1117.936671][T32568] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1117.988293][ T1961] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1118.011297][T32568] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[ 1118.180584][ T2065] netlink: 'syz.2.11820': attribute type 1 has an invalid length.
[ 1118.201374][ T1961] team0: Port device team_slave_0 added
[ 1118.215221][ T1961] team0: Port device team_slave_1 added
[ 1118.373331][ T2072] bond1: (slave wireguard0): The slave device specified does not support setting the MAC address
[ 1118.445774][ T2072] bond1: (slave wireguard0): Setting fail_over_mac to active for active-backup mode
[ 1118.514323][ T2072] bond1: (slave wireguard0): making interface the new active one
[ 1118.527091][ T5167] Bluetooth: hci1: command tx timeout
[ 1118.585428][T32568] em28xx 2-1:0.0: unknown em28xx chip ID (0)
[ 1118.594208][ T2072] bond1: (slave wireguard0): Enslaving as an active interface with an up link
[ 1118.627120][T32568] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[ 1118.691838][ T1961] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1118.709054][ T1961] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1118.806196][ T1961] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1118.848446][T32568] em28xx 2-1:0.0: AC97 chip type couldn't be determined
[ 1118.855444][T32568] em28xx 2-1:0.0: No AC97 audio processor
[ 1118.906650][T32568] usb 2-1: USB disconnect, device number 126
[ 1118.914026][T32568] em28xx 2-1:0.0: Disconnecting em28xx
[ 1118.935535][ T1961] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1118.954044][T32568] em28xx 2-1:0.0: Freeing device
[ 1118.971942][ T1961] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1119.048491][ T1961] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1119.243523][ T1781] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1119.277025][ T1961] hsr_slave_0: entered promiscuous mode
[ 1119.356669][ T1961] hsr_slave_1: entered promiscuous mode
[ 1119.381537][ T1961] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1119.406682][ T1961] Cannot create hsr debugfs directory
[ 1119.535040][   T30] kauditd_printk_skb: 2 callbacks suppressed
[ 1119.535056][   T30] audit: type=1326 audit(1753570669.514:5121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2084 comm="syz.2.11825" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f13558 code=0x7ffc0000
[ 1119.624493][   T30] audit: type=1326 audit(1753570669.514:5122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2084 comm="syz.2.11825" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13539 code=0x7ffc0000
[ 1119.647993][   T30] audit: type=1326 audit(1753570669.514:5123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2084 comm="syz.2.11825" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f13558 code=0x7ffc0000
[ 1119.670545][   T30] audit: type=1326 audit(1753570669.514:5124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2084 comm="syz.2.11825" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13539 code=0x7ffc0000
[ 1119.695129][   T30] audit: type=1326 audit(1753570669.514:5125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2084 comm="syz.2.11825" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f13558 code=0x7ffc0000
[ 1119.751799][   T30] audit: type=1326 audit(1753570669.514:5126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2084 comm="syz.2.11825" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13539 code=0x7ffc0000
[ 1119.833831][   T30] audit: type=1326 audit(1753570669.544:5127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2084 comm="syz.2.11825" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f13558 code=0x7ffc0000
[ 1119.903278][   T30] audit: type=1326 audit(1753570669.544:5128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2084 comm="syz.2.11825" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13539 code=0x7ffc0000
[ 1119.997040][   T30] audit: type=1326 audit(1753570669.544:5129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2084 comm="syz.2.11825" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f13558 code=0x7ffc0000
[ 1120.085534][ T2092] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11827'.
[ 1120.115895][   T30] audit: type=1326 audit(1753570669.544:5130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2084 comm="syz.2.11825" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f13539 code=0x7ffc0000
[ 1120.161486][ T2092] netlink: 104 bytes leftover after parsing attributes in process `syz.1.11827'.
[ 1120.199111][ T2092] netlink: 104 bytes leftover after parsing attributes in process `syz.1.11827'.
[ 1120.304051][ T1781] veth0_vlan: entered promiscuous mode
[ 1120.381301][ T1781] veth1_vlan: entered promiscuous mode
[ 1120.607399][ T5167] Bluetooth: hci1: command tx timeout
[ 1120.703237][ T1781] veth0_macvtap: entered promiscuous mode
[ 1120.740357][ T1961] netdevsim netdevsim8 netdevsim0: renamed from eth0
[ 1120.802198][ T1961] netdevsim netdevsim8 netdevsim1: renamed from eth1
[ 1120.840069][ T1961] netdevsim netdevsim8 netdevsim2: renamed from eth2
[ 1120.874773][ T1781] veth1_macvtap: entered promiscuous mode
[ 1120.896779][ T1961] netdevsim netdevsim8 netdevsim3: renamed from eth3
[ 1121.068076][ T1781] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1121.188682][ T1781] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1121.240247][ T1781] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1121.280973][ T1781] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1121.329047][ T1781] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1121.374015][ T1781] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1121.588601][ T1961] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1121.672831][ T1961] 8021q: adding VLAN 0 to HW filter on device team0
[ 1121.791726][   T78] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1121.795915][  T992] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1121.806763][  T992] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1121.834745][   T78] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1121.958694][  T992] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1121.965899][  T992] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1122.109913][  T992] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1122.129408][  T992] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1122.365897][ T1961] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1122.757206][ T1961] veth0_vlan: entered promiscuous mode
[ 1122.838065][ T1961] veth1_vlan: entered promiscuous mode
[ 1122.990690][ T1961] veth0_macvtap: entered promiscuous mode
[ 1123.238162][ T1961] veth1_macvtap: entered promiscuous mode
[ 1123.342091][ T1961] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1123.380856][ T1961] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1123.421531][ T1961] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1123.456306][ T1961] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1123.481522][ T1961] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1123.511353][ T1961] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1123.557355][T32568] usb 2-1: new full-speed USB device number 127 using dummy_hcd
[ 1123.748706][T32568] usb 2-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1123.780884][T32568] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1123.795370][T30285] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1123.826114][T30285] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1123.849737][T32568] usb 2-1: config 0 descriptor??
[ 1123.949269][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1123.973497][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1124.037795][ T2169] input: syz0 as /devices/virtual/input/input183
[ 1124.088140][T32568] udl 2-1:0.0: [drm] Unrecognized vendor firmware descriptor
[ 1124.159493][T32568] [drm] Initialized udl 0.0.1 for 2-1:0.0 on minor 2
[ 1124.211895][T32568] [drm] Initialized udl on minor 2
[ 1124.304693][T32568] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed
[ 1124.358818][T32568] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[ 1124.544281][ T5937] udl 2-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[ 1124.574795][ T5937] udl 2-1:0.0: [drm] Cannot find any crtc or sizes
[ 1124.582811][T32568] usb 2-1: USB disconnect, device number 127
[ 1125.208928][ T5938] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 1125.421362][ T5938] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1125.471822][ T5938] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1125.506308][ T5938] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1125.542578][ T5938] usb 3-1: config 0 descriptor??
[ 1125.582865][ T5938] pwc: Askey VC010 type 2 USB webcam detected.
[ 1125.996437][ T5938] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1126.018423][ T5938] pwc: recv_control_msg error -32 req 02 val 2700
[ 1126.044251][ T5938] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1126.273552][ T5938] pwc: recv_control_msg error -71 req 04 val 1300
[ 1126.300845][ T5938] pwc: recv_control_msg error -71 req 04 val 1400
[ 1126.335810][ T5938] pwc: recv_control_msg error -71 req 02 val 2000
[ 1126.382010][ T5938] pwc: recv_control_msg error -71 req 02 val 2100
[ 1126.410639][ T5938] pwc: recv_control_msg error -71 req 04 val 1500
[ 1126.435004][ T5938] pwc: recv_control_msg error -71 req 02 val 2500
[ 1126.467165][ T5938] pwc: recv_control_msg error -71 req 02 val 2400
[ 1126.484002][ T2238] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1126.492841][ T5938] pwc: recv_control_msg error -71 req 02 val 2600
[ 1126.493401][ T5938] pwc: recv_control_msg error -71 req 02 val 2900
[ 1126.539815][ T5938] pwc: recv_control_msg error -71 req 02 val 2800
[ 1126.566379][ T5938] pwc: recv_control_msg error -71 req 04 val 1100
[ 1126.588105][ T5938] pwc: recv_control_msg error -71 req 04 val 1200
[ 1126.646828][ T5938] pwc: Registered as video103.
[ 1126.653792][ T5938] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input184
[ 1126.747774][ T5938] usb 3-1: USB disconnect, device number 2
[ 1126.766442][ T5937] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[ 1126.980353][ T5937] usb 9-1: Using ep0 maxpacket: 32
[ 1127.002566][ T5937] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[ 1127.043312][ T5937] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[ 1127.056454][ T2251] input: syz0 as /devices/virtual/input/input185
[ 1127.125866][ T5937] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[ 1127.157171][ T5937] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[ 1127.241090][ T5937] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[ 1127.271518][ T5937] usb 9-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[ 1127.290997][ T5937] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1127.325405][ T5937] usb 9-1: Product: syz
[ 1127.354673][ T5937] usb 9-1: Manufacturer: syz
[ 1127.383505][ T5937] usb 9-1: SerialNumber: syz
[ 1127.424798][ T5937] usb 9-1: config 0 descriptor??
[ 1127.867887][ T5937] iforce 9-1:0.0: usb_submit_urb failed: -32
[ 1127.875912][ T5937] input input186: Device does not respond to id packet M
[ 1127.886234][ T5937] iforce 9-1:0.0: usb_submit_urb failed: -32
[ 1127.903409][ T5937] input input186: Device does not respond to id packet P
[ 1127.916953][ T5937] iforce 9-1:0.0: usb_submit_urb failed: -32
[ 1127.923318][ T5937] input input186: Device does not respond to id packet B
[ 1128.133717][ T5937] iforce 9-1:0.0: usb_submit_urb failed: -71
[ 1128.152330][ T5937] iforce 9-1:0.0: usb_submit_urb failed: -71
[ 1128.172012][ T5937] iforce 9-1:0.0: usb_submit_urb failed: -71
[ 1128.192267][ T5937] iforce 9-1:0.0: usb_submit_urb failed: -71
[ 1128.211780][ T5937] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/input/input186
[ 1128.225040][ T2283] usb usb8: usbfs: process 2283 (syz.2.11878) did not claim interface 0 before use
[ 1128.261067][ T5937] usb 9-1: USB disconnect, device number 2
[ 1130.171558][ T2350] loop6: detected capacity change from 0 to 7
[ 1130.199486][ T5987] Dev loop6: unable to read RDB block 7
[ 1130.215797][ T5987]  loop6: unable to read partition table
[ 1130.235338][ T5987] loop6: partition table beyond EOD, truncated
[ 1130.260875][ T2350] Dev loop6: unable to read RDB block 7
[ 1130.271923][ T2350]  loop6: unable to read partition table
[ 1130.286766][ T2350] loop6: partition table beyond EOD, truncated
[ 1130.297983][ T2350] loop_reread_partitions: partition scan of loop6 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1130.756686][ T5858] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1130.872521][ T2376] netlink: 4 bytes leftover after parsing attributes in process `syz.2.11902'.
[ 1130.903052][ T2376] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1130.913568][ T2376] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1130.916381][ T5858] usb 9-1: Using ep0 maxpacket: 16
[ 1130.922913][ T2376] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1130.937222][ T2376] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1130.940809][ T5858] usb 9-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[ 1130.973895][ T2376] vxlan0: entered promiscuous mode
[ 1130.983213][ T5858] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1131.033200][ T5858] usb 9-1: config 0 descriptor??
[ 1131.080851][ T5858] gspca_main: sonixj-2.14.0 probing 0471:0327
[ 1132.050435][ T2416] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11909'.
[ 1132.285364][ T5858] gspca_sonixj: reg_w1 err -71
[ 1132.320932][ T5858] sonixj 9-1:0.0: probe with driver sonixj failed with error -71
[ 1132.334190][ T5858] usb 9-1: USB disconnect, device number 3
[ 1132.346601][ T5938] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[ 1132.427900][  T923] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[ 1132.506672][ T5938] usb 7-1: Using ep0 maxpacket: 8
[ 1132.525472][ T5938] usb 7-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=c4.6d
[ 1132.545182][ T5938] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1132.556335][ T5938] usb 7-1: Product: syz
[ 1132.564890][ T5938] usb 7-1: Manufacturer: syz
[ 1132.576861][ T5938] usb 7-1: SerialNumber: syz
[ 1132.596861][ T5938] usb 7-1: config 0 descriptor??
[ 1132.612391][  T923] usb 2-1: Using ep0 maxpacket: 16
[ 1132.622999][  T923] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[ 1132.634729][ T5938] gspca_main: sonixj-2.14.0 probing 0c45:614a
[ 1132.642137][  T923] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1132.652979][  T923] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1132.675283][  T923] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1132.695936][  T923] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1132.706099][  T923] usb 2-1: Product: syz
[ 1132.711130][  T923] usb 2-1: Manufacturer: syz
[ 1132.716011][  T923] usb 2-1: SerialNumber: syz
[ 1133.134853][  T923] usb 2-1: 2:1 : format type 0 is detected, processed as PCM
[ 1133.296754][ T2455] kvm: kvm [2454]: vcpu0, guest rIP: 0xeeee8000 Unhandled WRMSR(0x4000002a) = 0x0
[ 1133.346498][T23400] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[ 1133.509488][T23400] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1133.538861][T23400] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1133.564801][T23400] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1133.602172][T23400] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1133.633970][T23400] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1133.659181][T23400] usb 3-1: config 0 descriptor??
[ 1133.848103][ T5938] gspca_sonixj: reg_w1 err -71
[ 1133.862876][ T5938] sonixj 7-1:0.0: probe with driver sonixj failed with error -71
[ 1133.893868][ T5938] usb 7-1: USB disconnect, device number 10
[ 1134.046845][  T923] usb 2-1: USB disconnect, device number 2
[ 1134.122865][ T5903] udevd[5903]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1134.140041][T23400] plantronics 0003:047F:FFFF.0099: unknown main item tag 0x0
[ 1134.163806][T23400] plantronics 0003:047F:FFFF.0099: unknown main item tag 0x0
[ 1134.196433][T23400] plantronics 0003:047F:FFFF.0099: unknown main item tag 0x0
[ 1134.229764][T23400] plantronics 0003:047F:FFFF.0099: unknown main item tag 0x0
[ 1134.255196][T23400] plantronics 0003:047F:FFFF.0099: unknown main item tag 0x0
[ 1134.276176][T23400] plantronics 0003:047F:FFFF.0099: unknown main item tag 0x0
[ 1134.299303][T23400] plantronics 0003:047F:FFFF.0099: unknown main item tag 0x0
[ 1134.316791][T23400] plantronics 0003:047F:FFFF.0099: unknown main item tag 0x0
[ 1134.335218][T23400] plantronics 0003:047F:FFFF.0099: unknown main item tag 0x0
[ 1134.364286][T23400] plantronics 0003:047F:FFFF.0099: unknown main item tag 0x0
[ 1134.383256][T23400] plantronics 0003:047F:FFFF.0099: unknown main item tag 0x0
[ 1134.424755][T23400] plantronics 0003:047F:FFFF.0099: unknown main item tag 0x0
[ 1134.446835][T23400] plantronics 0003:047F:FFFF.0099: unknown main item tag 0x0
[ 1134.457949][T23400] plantronics 0003:047F:FFFF.0099: unknown main item tag 0x0
[ 1134.505564][T23400] plantronics 0003:047F:FFFF.0099: unknown main item tag 0x0
[ 1134.573734][T23400] plantronics 0003:047F:FFFF.0099: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 1134.576473][ T2495] input: syz0 as /devices/virtual/input/input187
[ 1136.444950][   T30] kauditd_printk_skb: 148 callbacks suppressed
[ 1136.445798][   T30] audit: type=1326 audit(1753570686.404:5279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2542 comm="syz.7.11937" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51558 code=0x7ffc0000
[ 1136.576633][ T5858] usb 3-1: USB disconnect, device number 3
[ 1136.632974][   T30] audit: type=1326 audit(1753570686.404:5280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2542 comm="syz.7.11937" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51558 code=0x7ffc0000
[ 1136.688174][ T5167] Bluetooth: hci2: command 0x0406 tx timeout
[ 1136.726552][ T5940] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[ 1136.777174][ T5940] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[ 1136.836723][   T30] audit: type=1326 audit(1753570686.414:5281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2542 comm="syz.7.11937" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51558 code=0x7ffc0000
[ 1136.938454][ T5937] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1136.971467][   T30] audit: type=1326 audit(1753570686.414:5282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2542 comm="syz.7.11937" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000
[ 1137.022312][   T30] audit: type=1326 audit(1753570686.414:5283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2542 comm="syz.7.11937" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51558 code=0x7ffc0000
[ 1137.052999][   T30] audit: type=1326 audit(1753570686.414:5284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2542 comm="syz.7.11937" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000
[ 1137.161187][ T5937] usb 9-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[ 1137.202743][ T5937] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1137.210985][   T30] audit: type=1326 audit(1753570686.414:5285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2542 comm="syz.7.11937" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51558 code=0x7ffc0000
[ 1137.211031][   T30] audit: type=1326 audit(1753570686.414:5286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2542 comm="syz.7.11937" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000
[ 1137.378136][ T5937] usb 9-1: Product: syz
[ 1137.441760][ T5937] usb 9-1: Manufacturer: syz
[ 1137.474757][ T5937] usb 9-1: SerialNumber: syz
[ 1137.482744][   T30] audit: type=1326 audit(1753570686.414:5287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2542 comm="syz.7.11937" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf7f51558 code=0x7ffc0000
[ 1137.552674][ T5937] usb 9-1: config 0 descriptor??
[ 1137.596410][   T30] audit: type=1326 audit(1753570686.414:5288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2542 comm="syz.7.11937" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f51539 code=0x7ffc0000
[ 1137.625869][ T5937] ch341 9-1:0.0: ch341-uart converter detected
[ 1138.131172][ T2583] netlink: 'syz.1.11946': attribute type 12 has an invalid length.
[ 1138.306962][ T5851] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[ 1138.513280][ T5851] usb 3-1: config 0 has an invalid interface number: 128 but max is 0
[ 1138.531124][ T5851] usb 3-1: config 0 has no interface number 0
[ 1138.561487][ T5851] usb 3-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1138.598292][ T5937] ch341-uart ttyUSB0: break control not supported, using simulated break
[ 1138.599347][ T5851] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1138.629898][ T5937] usb 9-1: ch341-uart converter now attached to ttyUSB0
[ 1138.641938][ T5851] usb 3-1: Product: syz
[ 1138.646129][ T5851] usb 3-1: Manufacturer: syz
[ 1138.663975][ T5937] usb 9-1: USB disconnect, device number 4
[ 1138.677728][ T5851] usb 3-1: SerialNumber: syz
[ 1138.693725][ T5851] usb 3-1: config 0 descriptor??
[ 1138.729693][ T5937] ch341-uart ttyUSB0: ch341-uart converter now disconnected from ttyUSB0
[ 1138.758717][ T5937] ch341 9-1:0.0: device disconnected
[ 1139.139827][ T5851] usb 3-1: Firmware: major: 22, minor: 220, hardware type: UNKNOWN (68)
[ 1139.247200][ T5167] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1139.249000][ T5940] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[ 1139.293640][ T5940] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[ 1139.360259][ T5851] usb 3-1: no permanent extended address found, random address set
[ 1139.376376][ T5851] usb 3-1: atusb_probe: initialization failed, error = -524
[ 1139.387194][ T5851] atusb 3-1:0.128: probe with driver atusb failed with error -524
[ 1139.557211][ T5937] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[ 1139.653433][ T5938] usb 3-1: USB disconnect, device number 4
[ 1139.740290][ T5937] usb 2-1: Using ep0 maxpacket: 32
[ 1139.771680][ T5937] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[ 1139.803864][ T5937] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[ 1139.844691][ T5937] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[ 1139.862622][ T5937] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[ 1139.893957][ T5937] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[ 1139.941372][ T5937] usb 2-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[ 1139.959743][ T5937] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1139.968399][ T5937] usb 2-1: Product: syz
[ 1139.972622][ T5937] usb 2-1: Manufacturer: syz
[ 1139.977624][ T5937] usb 2-1: SerialNumber: syz
[ 1139.993892][ T5937] usb 2-1: config 0 descriptor??
[ 1140.431584][ T5937] iforce 2-1:0.0: usb_submit_urb failed: -32
[ 1140.446581][ T5937] input input188: Device does not respond to id packet M
[ 1140.469495][ T5937] iforce 2-1:0.0: usb_submit_urb failed: -32
[ 1140.476038][ T5937] input input188: Device does not respond to id packet P
[ 1140.484731][ T5937] iforce 2-1:0.0: usb_submit_urb failed: -32
[ 1140.491442][ T5937] input input188: Device does not respond to id packet B
[ 1140.716706][ T5937] iforce 2-1:0.0: usb_submit_urb failed: -71
[ 1140.743845][ T5937] iforce 2-1:0.0: usb_submit_urb failed: -71
[ 1140.764828][ T5937] iforce 2-1:0.0: usb_submit_urb failed: -71
[ 1140.782592][ T5937] iforce 2-1:0.0: usb_submit_urb failed: -71
[ 1140.822361][ T5937] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input188
[ 1140.927831][ T5937] usb 2-1: USB disconnect, device number 3
[ 1141.486680][ T5167] Bluetooth: hci0: command 0x0c1a tx timeout
[ 1141.495324][ T5940] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[ 1141.514708][ T5940] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[ 1141.602612][ T2700] netlink: 4 bytes leftover after parsing attributes in process `syz.1.11974'.
[ 1141.966682][T27620] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[ 1142.178400][T27620] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1142.208445][T27620] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1142.256746][T27620] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1142.287024][T27620] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1142.318526][T27620] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1142.343521][T27620] usb 7-1: config 0 descriptor??
[ 1142.788925][T27620] plantronics 0003:047F:FFFF.009A: reserved main item tag 0xe
[ 1142.816565][T27620] plantronics 0003:047F:FFFF.009A: unknown main item tag 0x0
[ 1142.869832][T27620] plantronics 0003:047F:FFFF.009A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[ 1143.059657][ T5858] usb 7-1: USB disconnect, device number 11
[ 1143.726384][ T5167] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1143.736951][ T5940] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[ 1143.813490][ T5940] Bluetooth: hci1: Error when powering off device on rfkill (-110)
[ 1144.766003][ T2787] netlink: 212376 bytes leftover after parsing attributes in process `syz.6.11997'.
[ 1144.792203][ T2791] IPVS: sync thread started: state = BACKUP, mcast_ifn = wlan0, syncid = 4, id = 0
[ 1145.449206][T23400] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[ 1145.630258][T23400] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1145.685496][T23400] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1145.730765][T23400] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1145.776197][T23400] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1145.799781][T23400] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1145.827455][T23400] usb 2-1: Product: syz
[ 1145.836722][T23400] usb 2-1: Manufacturer: syz
[ 1145.841346][T23400] usb 2-1: SerialNumber: syz
[ 1146.147353][T23400] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 4 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 1146.388520][T23400] usb 2-1: USB disconnect, device number 4
[ 1146.404940][T23400] usblp0: removed
[ 1146.696402][ T5858] usb 7-1: new high-speed USB device number 12 using dummy_hcd
[ 1146.849244][ T5858] usb 7-1: config 0 has an invalid interface number: 204 but max is 0
[ 1146.859865][ T5858] usb 7-1: config 0 has no interface number 0
[ 1146.878637][ T5858] usb 7-1: New USB device found, idVendor=12d6, idProduct=0444, bcdDevice=29.3d
[ 1146.906342][ T5858] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1146.924555][ T5858] usb 7-1: Product: syz
[ 1146.936456][ T5858] usb 7-1: Manufacturer: syz
[ 1146.941087][ T5858] usb 7-1: SerialNumber: syz
[ 1146.977349][ T5858] usb 7-1: config 0 descriptor??
[ 1146.995678][ T5858] ems_usb 7-1:0.204 (unnamed net_device) (uninitialized): couldn't initialize controller: -22
[ 1147.012856][ T5858] ems_usb 7-1:0.204: probe with driver ems_usb failed with error -22
[ 1147.430202][ T5937] usb 7-1: USB disconnect, device number 12
[ 1147.640263][   T30] kauditd_printk_skb: 76 callbacks suppressed
[ 1147.640279][   T30] audit: type=1326 audit(1753570697.624:5365): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=2886 comm="syz.1.12023" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fc5539 code=0x0
[ 1147.668805][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1148.179031][  T923] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[ 1148.346671][  T923] usb 3-1: Using ep0 maxpacket: 32
[ 1148.358158][  T923] usb 3-1: config 0 has an invalid interface number: 132 but max is 0
[ 1148.369601][  T923] usb 3-1: config 0 has no interface number 0
[ 1148.375734][  T923] usb 3-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1148.413803][  T923] usb 3-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[ 1148.433641][  T923] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1148.466345][  T923] usb 3-1: Product: syz
[ 1148.470662][  T923] usb 3-1: Manufacturer: syz
[ 1148.480789][  T923] usb 3-1: SerialNumber: syz
[ 1148.512470][  T923] usb 3-1: config 0 descriptor??
[ 1148.542061][  T923] em28xx 3-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[ 1148.574477][  T923] em28xx 3-1:0.132: Video interface 132 found:
[ 1148.836890][ T2933] IPVS: sync thread started: state = BACKUP, mcast_ifn = wlan0, syncid = 4, id = 0
[ 1148.937079][  T923] em28xx 3-1:0.132: unknown em28xx chip ID (0)
[ 1149.553047][  T923] em28xx 3-1:0.132: failed to trigger write to i2c address 0xa0 (error=-5)
[ 1149.562655][  T923] em28xx 3-1:0.132: failed to read eeprom (err=-5)
[ 1149.578345][  T923] em28xx 3-1:0.132: em28xx_i2c_register: em28xx_i2_eeprom failed! retval [-5]
[ 1149.671457][  T923] em28xx 3-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[ 1149.689634][  T923] em28xx 3-1:0.132: analog set to bulk mode.
[ 1149.695732][T27620] em28xx 3-1:0.132: Registering V4L2 extension
[ 1149.736407][  T923] usb 3-1: USB disconnect, device number 5
[ 1149.787495][  T923] em28xx 3-1:0.132: Disconnecting em28xx
[ 1150.349263][T27620] em28xx 3-1:0.132: Config register raw data: 0xffffffed
[ 1150.377649][T27620] em28xx 3-1:0.132: AC97 chip type couldn't be determined
[ 1150.384810][T27620] em28xx 3-1:0.132: No AC97 audio processor
[ 1150.457090][T27620] usb 3-1: Decoder not found
[ 1150.461751][T27620] em28xx 3-1:0.132: failed to create media graph
[ 1150.490988][T27620] em28xx 3-1:0.132: V4L2 device video103 deregistered
[ 1150.522995][T27620] em28xx 3-1:0.132: Remote control support is not available for this card.
[ 1150.656334][  T923] em28xx 3-1:0.132: Closing input extension
[ 1150.725276][  T923] em28xx 3-1:0.132: Freeing device
[ 1150.777097][ T5939] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[ 1151.006981][ T5939] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1151.016091][ T5939] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1151.047746][ T5939] usb 2-1: Product: syz
[ 1151.051957][ T5939] usb 2-1: Manufacturer: syz
[ 1151.077212][ T5939] usb 2-1: SerialNumber: syz
[ 1151.436597][ T5937] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1151.606458][ T5937] usb 9-1: Using ep0 maxpacket: 32
[ 1151.621452][ T5937] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1151.660623][ T5937] usb 9-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1151.692643][ T5937] usb 9-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1151.719237][ T5937] usb 9-1: Product: syz
[ 1151.734796][ T5937] usb 9-1: Manufacturer: syz
[ 1151.744189][ T5937] usb 9-1: SerialNumber: syz
[ 1151.768246][ T5937] usb 9-1: config 0 descriptor??
[ 1151.792413][ T2994] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1152.131141][ T5939] cdc_ncm 2-1:1.0: MAC-Address: 42:42:42:42:42:42
[ 1152.144443][ T5939] cdc_ncm 2-1:1.0: setting rx_max = 16384
[ 1152.210844][ T5937] usb 9-1: USB disconnect, device number 5
[ 1152.340050][ T5939] cdc_ncm 2-1:1.0: setting tx_max = 16384
[ 1152.380046][ T5939] cdc_ncm 2-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.1-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[ 1152.411700][ T5939] usb 2-1: USB disconnect, device number 5
[ 1152.438794][ T5939] cdc_ncm 2-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.1-1, CDC NCM (NO ZLP)
[ 1152.880489][ T3039] input: syz0 as /devices/virtual/input/input189
[ 1153.574861][ T3069] vivid-000: disconnect
[ 1153.591302][ T3066] vivid-000: reconnect
[ 1154.676002][ T3114] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12088'.
[ 1154.744810][ T3114] netlink: 4 bytes leftover after parsing attributes in process `syz.6.12088'.
[ 1154.796474][ T3116] netlink: 104 bytes leftover after parsing attributes in process `syz.6.12088'.
[ 1154.806135][ T3116] netlink: 104 bytes leftover after parsing attributes in process `syz.6.12088'.
[ 1155.631407][    C0] vcan0: j1939_tp_rxtimer: 0xffff888058377000: rx timeout, send abort
[ 1155.641540][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888058377000: 0x10000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1155.657750][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888058375c00: 0x10000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1155.920803][ T3154] 
[ 1155.923187][ T3154] =====================================================
[ 1155.930127][ T3154] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
[ 1155.937652][ T3154] 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 Not tainted
[ 1155.944754][ T3154] -----------------------------------------------------
[ 1155.951672][ T3154] syz.8.12097/3154 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[ 1155.959380][ T3154] ffff88807f93c9f0 (&new->fa_lock){...-}-{3:3}, at: kill_fasync+0x199/0x4d0
[ 1155.968081][ T3154] 
[ 1155.968081][ T3154] and this task is already holding:
[ 1155.975439][ T3154] ffff88806da38028 (&client->buffer_lock){..-.}-{3:3}, at: evdev_pass_values+0xb9/0xbd0
[ 1155.985184][ T3154] which would create a new lock dependency:
[ 1155.991057][ T3154]  (&client->buffer_lock){..-.}-{3:3} -> (&new->fa_lock){...-}-{3:3}
[ 1155.999148][ T3154] 
[ 1155.999148][ T3154] but this new dependency connects a SOFTIRQ-irq-safe lock:
[ 1156.008583][ T3154]  (&client->buffer_lock){..-.}-{3:3}
[ 1156.008606][ T3154] 
[ 1156.008606][ T3154] ... which became SOFTIRQ-irq-safe at:
[ 1156.021688][ T3154]   lock_acquire+0x120/0x360
[ 1156.026272][ T3154]   _raw_spin_lock+0x2e/0x40
[ 1156.030852][ T3154]   evdev_pass_values+0xb9/0xbd0
[ 1156.035779][ T3154]   evdev_events+0x1e6/0x340
[ 1156.040355][ T3154]   input_pass_values+0x285/0x890
[ 1156.045372][ T3154]   input_event_dispose+0x330/0x6b0
[ 1156.050557][ T3154]   input_event+0x8c/0xc0
[ 1156.054874][ T3154]   hidinput_report_event+0xa1/0x100
[ 1156.060143][ T3154]   hid_report_raw_event+0x148b/0x16d0
[ 1156.065591][ T3154]   hid_input_report+0x43e/0x520
[ 1156.070516][ T3154]   hid_irq_in+0x47e/0x6d0
[ 1156.074919][ T3154]   __usb_hcd_giveback_urb+0x417/0x690
[ 1156.080375][ T3154]   dummy_timer+0x862/0x4550
[ 1156.084981][ T3154]   __hrtimer_run_queues+0x52c/0xc60
[ 1156.090269][ T3154]   hrtimer_run_softirq+0x187/0x2b0
[ 1156.095464][ T3154]   handle_softirqs+0x286/0x870
[ 1156.100312][ T3154]   __irq_exit_rcu+0xca/0x1f0
[ 1156.104985][ T3154]   irq_exit_rcu+0x9/0x30
[ 1156.109306][ T3154]   sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1156.115019][ T3154]   asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1156.121078][ T3154]   kasan_byte_accessible+0x16/0x30
[ 1156.126274][ T3154]   __kasan_check_byte+0x12/0x40
[ 1156.131216][ T3154]   lock_acquire+0x8d/0x360
[ 1156.135709][ T3154]   _raw_spin_lock+0x2e/0x40
[ 1156.140289][ T3154]   bus_notify+0x68/0x180
[ 1156.144613][ T3154]   driver_bound+0x210/0x2c0
[ 1156.149185][ T3154]   really_probe+0x718/0x9a0
[ 1156.153759][ T3154]   __driver_probe_device+0x18c/0x2f0
[ 1156.159113][ T3154]   driver_probe_device+0x4f/0x430
[ 1156.164209][ T3154]   __device_attach_driver+0x2ce/0x530
[ 1156.169652][ T3154]   bus_for_each_drv+0x251/0x2e0
[ 1156.174582][ T3154]   __device_attach+0x2b8/0x400
[ 1156.179420][ T3154]   bus_probe_device+0x185/0x260
[ 1156.184347][ T3154]   device_add+0x7b6/0xb50
[ 1156.188756][ T3154]   hid_add_device+0x398/0x540
[ 1156.193515][ T3154]   usbhid_probe+0xe13/0x12a0
[ 1156.198176][ T3154]   usb_probe_interface+0x641/0xbc0
[ 1156.203366][ T3154]   really_probe+0x26a/0x9a0
[ 1156.207945][ T3154]   __driver_probe_device+0x18c/0x2f0
[ 1156.213302][ T3154]   driver_probe_device+0x4f/0x430
[ 1156.218404][ T3154]   __device_attach_driver+0x2ce/0x530
[ 1156.223848][ T3154]   bus_for_each_drv+0x251/0x2e0
[ 1156.228777][ T3154]   __device_attach+0x2b8/0x400
[ 1156.233615][ T3154]   bus_probe_device+0x185/0x260
[ 1156.238546][ T3154]   device_add+0x7b6/0xb50
[ 1156.242956][ T3154]   usb_set_configuration+0x1a87/0x20e0
[ 1156.248494][ T3154]   usb_generic_driver_probe+0x8d/0x150
[ 1156.254028][ T3154]   usb_probe_device+0x1c4/0x390
[ 1156.258956][ T3154]   really_probe+0x26a/0x9a0
[ 1156.263530][ T3154]   __driver_probe_device+0x18c/0x2f0
[ 1156.268886][ T3154]   driver_probe_device+0x4f/0x430
[ 1156.273980][ T3154]   __device_attach_driver+0x2ce/0x530
[ 1156.279424][ T3154]   bus_for_each_drv+0x251/0x2e0
[ 1156.284350][ T3154]   __device_attach+0x2b8/0x400
[ 1156.289185][ T3154]   bus_probe_device+0x185/0x260
[ 1156.294107][ T3154]   device_add+0x7b6/0xb50
[ 1156.298516][ T3154]   usb_new_device+0xa39/0x16c0
[ 1156.303356][ T3154]   hub_event+0x2958/0x4a20
[ 1156.307858][ T3154]   process_scheduled_works+0xae1/0x17b0
[ 1156.313477][ T3154]   worker_thread+0x8a0/0xda0
[ 1156.318138][ T3154]   kthread+0x711/0x8a0
[ 1156.322282][ T3154]   ret_from_fork+0x3fc/0x770
[ 1156.326944][ T3154]   ret_from_fork_asm+0x1a/0x30
[ 1156.331782][ T3154] 
[ 1156.331782][ T3154] to a SOFTIRQ-irq-unsafe lock:
[ 1156.338783][ T3154]  (tasklist_lock){.+.+}-{3:3}
[ 1156.338808][ T3154] 
[ 1156.338808][ T3154] ... which became SOFTIRQ-irq-unsafe at:
[ 1156.351413][ T3154] ...
[ 1156.351421][ T3154]   lock_acquire+0x120/0x360
[ 1156.358557][ T3154]   _raw_read_lock+0x36/0x50
[ 1156.363132][ T3154]   __do_wait+0xde/0x740
[ 1156.367366][ T3154]   do_wait+0x1f8/0x520
[ 1156.371515][ T3154]   kernel_wait+0xab/0x170
[ 1156.375921][ T3154]   call_usermodehelper_exec_work+0xbe/0x230
[ 1156.381890][ T3154]   process_scheduled_works+0xae1/0x17b0
[ 1156.387511][ T3154]   worker_thread+0x8a0/0xda0
[ 1156.392176][ T3154]   kthread+0x711/0x8a0
[ 1156.396322][ T3154]   ret_from_fork+0x3fc/0x770
[ 1156.400983][ T3154]   ret_from_fork_asm+0x1a/0x30
[ 1156.405822][ T3154] 
[ 1156.405822][ T3154] other info that might help us debug this:
[ 1156.405822][ T3154] 
[ 1156.416034][ T3154] Chain exists of:
[ 1156.416034][ T3154]   &client->buffer_lock --> &new->fa_lock --> tasklist_lock
[ 1156.416034][ T3154] 
[ 1156.429150][ T3154]  Possible interrupt unsafe locking scenario:
[ 1156.429150][ T3154] 
[ 1156.437453][ T3154]        CPU0                    CPU1
[ 1156.442802][ T3154]        ----                    ----
[ 1156.448150][ T3154]   lock(tasklist_lock);
[ 1156.452386][ T3154]                                local_irq_disable();
[ 1156.459124][ T3154]                                lock(&client->buffer_lock);
[ 1156.466482][ T3154]                                lock(&new->fa_lock);
[ 1156.473248][ T3154]   <Interrupt>
[ 1156.476700][ T3154]     lock(&client->buffer_lock);
[ 1156.481729][ T3154] 
[ 1156.481729][ T3154]  *** DEADLOCK ***
[ 1156.481729][ T3154] 
[ 1156.489858][ T3154] 7 locks held by syz.8.12097/3154:
[ 1156.495043][ T3154]  #0: ffff88823be92918 (&evdev->mutex){+.+.}-{4:4}, at: evdev_write+0x1a1/0x480
[ 1156.504189][ T3154]  #1: ffff888020fd0230 (&dev->event_lock#2){..-.}-{3:3}, at: input_inject_event+0xab/0x320
[ 1156.514302][ T3154]  #2: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: input_inject_event+0xbc/0x320
[ 1156.523963][ T3154]  #3: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: input_pass_values+0x8d/0x890
[ 1156.533542][ T3154]  #4: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: evdev_events+0x79/0x340
[ 1156.542681][ T3154]  #5: ffff88806da38028 (&client->buffer_lock){..-.}-{3:3}, at: evdev_pass_values+0xb9/0xbd0
[ 1156.552851][ T3154]  #6: ffffffff8e13f0e0 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x53/0x4d0
[ 1156.561892][ T3154] 
[ 1156.561892][ T3154] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[ 1156.572293][ T3154] -> (&client->buffer_lock){..-.}-{3:3} {
[ 1156.578019][ T3154]    IN-SOFTIRQ-W at:
[ 1156.581988][ T3154]                     lock_acquire+0x120/0x360
[ 1156.588128][ T3154]                     _raw_spin_lock+0x2e/0x40
[ 1156.594266][ T3154]                     evdev_pass_values+0xb9/0xbd0
[ 1156.600753][ T3154]                     evdev_events+0x1e6/0x340
[ 1156.606890][ T3154]                     input_pass_values+0x285/0x890
[ 1156.613467][ T3154]                     input_event_dispose+0x330/0x6b0
[ 1156.620215][ T3154]                     input_event+0x8c/0xc0
[ 1156.626097][ T3154]                     hidinput_report_event+0xa1/0x100
[ 1156.632934][ T3154]                     hid_report_raw_event+0x148b/0x16d0
[ 1156.639947][ T3154]                     hid_input_report+0x43e/0x520
[ 1156.646436][ T3154]                     hid_irq_in+0x47e/0x6d0
[ 1156.652401][ T3154]                     __usb_hcd_giveback_urb+0x417/0x690
[ 1156.659415][ T3154]                     dummy_timer+0x862/0x4550
[ 1156.665558][ T3154]                     __hrtimer_run_queues+0x52c/0xc60
[ 1156.672398][ T3154]                     hrtimer_run_softirq+0x187/0x2b0
[ 1156.679147][ T3154]                     handle_softirqs+0x286/0x870
[ 1156.685566][ T3154]                     __irq_exit_rcu+0xca/0x1f0
[ 1156.691792][ T3154]                     irq_exit_rcu+0x9/0x30
[ 1156.697671][ T3154]                     sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1156.704938][ T3154]                     asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1156.712552][ T3154]                     kasan_byte_accessible+0x16/0x30
[ 1156.719311][ T3154]                     __kasan_check_byte+0x12/0x40
[ 1156.725812][ T3154]                     lock_acquire+0x8d/0x360
[ 1156.731875][ T3154]                     _raw_spin_lock+0x2e/0x40
[ 1156.738016][ T3154]                     bus_notify+0x68/0x180
[ 1156.743902][ T3154]                     driver_bound+0x210/0x2c0
[ 1156.750043][ T3154]                     really_probe+0x718/0x9a0
[ 1156.756188][ T3154]                     __driver_probe_device+0x18c/0x2f0
[ 1156.763114][ T3154]                     driver_probe_device+0x4f/0x430
[ 1156.769778][ T3154]                     __device_attach_driver+0x2ce/0x530
[ 1156.776789][ T3154]                     bus_for_each_drv+0x251/0x2e0
[ 1156.783279][ T3154]                     __device_attach+0x2b8/0x400
[ 1156.789679][ T3154]                     bus_probe_device+0x185/0x260
[ 1156.796168][ T3154]                     device_add+0x7b6/0xb50
[ 1156.802148][ T3154]                     hid_add_device+0x398/0x540
[ 1156.808466][ T3154]                     usbhid_probe+0xe13/0x12a0
[ 1156.814691][ T3154]                     usb_probe_interface+0x641/0xbc0
[ 1156.821445][ T3154]                     really_probe+0x26a/0x9a0
[ 1156.827582][ T3154]                     __driver_probe_device+0x18c/0x2f0
[ 1156.834540][ T3154]                     driver_probe_device+0x4f/0x430
[ 1156.841199][ T3154]                     __device_attach_driver+0x2ce/0x530
[ 1156.848205][ T3154]                     bus_for_each_drv+0x251/0x2e0
[ 1156.854695][ T3154]                     __device_attach+0x2b8/0x400
[ 1156.861092][ T3154]                     bus_probe_device+0x185/0x260
[ 1156.867583][ T3154]                     device_add+0x7b6/0xb50
[ 1156.873555][ T3154]                     usb_set_configuration+0x1a87/0x20e0
[ 1156.880662][ T3154]                     usb_generic_driver_probe+0x8d/0x150
[ 1156.887762][ T3154]                     usb_probe_device+0x1c4/0x390
[ 1156.894251][ T3154]                     really_probe+0x26a/0x9a0
[ 1156.900392][ T3154]                     __driver_probe_device+0x18c/0x2f0
[ 1156.907315][ T3154]                     driver_probe_device+0x4f/0x430
[ 1156.913976][ T3154]                     __device_attach_driver+0x2ce/0x530
[ 1156.920986][ T3154]                     bus_for_each_drv+0x251/0x2e0
[ 1156.927482][ T3154]                     __device_attach+0x2b8/0x400
[ 1156.933880][ T3154]                     bus_probe_device+0x185/0x260
[ 1156.940367][ T3154]                     device_add+0x7b6/0xb50
[ 1156.946337][ T3154]                     usb_new_device+0xa39/0x16c0
[ 1156.952736][ T3154]                     hub_event+0x2958/0x4a20
[ 1156.958788][ T3154]                     process_scheduled_works+0xae1/0x17b0
[ 1156.965968][ T3154]                     worker_thread+0x8a0/0xda0
[ 1156.972196][ T3154]                     kthread+0x711/0x8a0
[ 1156.977908][ T3154]                     ret_from_fork+0x3fc/0x770
[ 1156.984135][ T3154]                     ret_from_fork_asm+0x1a/0x30
[ 1156.990543][ T3154]    INITIAL USE at:
[ 1156.994430][ T3154]                    lock_acquire+0x120/0x360
[ 1157.000481][ T3154]                    _raw_spin_lock+0x2e/0x40
[ 1157.006532][ T3154]                    evdev_pass_values+0xb9/0xbd0
[ 1157.012931][ T3154]                    evdev_events+0x1e6/0x340
[ 1157.018979][ T3154]                    input_pass_values+0x285/0x890
[ 1157.025470][ T3154]                    input_event_dispose+0x330/0x6b0
[ 1157.032157][ T3154]                    input_inject_event+0x1fe/0x320
[ 1157.038735][ T3154]                    evdev_write+0x2fc/0x480
[ 1157.044701][ T3154]                    vfs_write+0x27b/0xa90
[ 1157.050497][ T3154]                    ksys_write+0x145/0x250
[ 1157.056377][ T3154]                    __do_fast_syscall_32+0xb6/0x2b0
[ 1157.063039][ T3154]                    do_fast_syscall_32+0x34/0x80
[ 1157.069528][ T3154]                    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1157.077413][ T3154]  }
[ 1157.079899][ T3154]  ... key      at: [<ffffffff99e32040>] evdev_open.__key.25+0x0/0x20
[ 1157.088040][ T3154] 
[ 1157.088040][ T3154] the dependencies between the lock to be acquired
[ 1157.088049][ T3154]  and SOFTIRQ-irq-unsafe lock:
[ 1157.101536][ T3154]   -> (tasklist_lock){.+.+}-{3:3} {
[ 1157.106831][ T3154]      HARDIRQ-ON-R at:
[ 1157.110969][ T3154]                         lock_acquire+0x120/0x360
[ 1157.117456][ T3154]                         _raw_read_lock+0x36/0x50
[ 1157.123939][ T3154]                         __do_wait+0xde/0x740
[ 1157.130085][ T3154]                         do_wait+0x1f8/0x520
[ 1157.136142][ T3154]                         kernel_wait+0xab/0x170
[ 1157.142456][ T3154]                         call_usermodehelper_exec_work+0xbe/0x230
[ 1157.150331][ T3154]                         process_scheduled_works+0xae1/0x17b0
[ 1157.157858][ T3154]                         worker_thread+0x8a0/0xda0
[ 1157.164429][ T3154]                         kthread+0x711/0x8a0
[ 1157.170487][ T3154]                         ret_from_fork+0x3fc/0x770
[ 1157.177061][ T3154]                         ret_from_fork_asm+0x1a/0x30
[ 1157.183811][ T3154]      SOFTIRQ-ON-R at:
[ 1157.187953][ T3154]                         lock_acquire+0x120/0x360
[ 1157.194440][ T3154]                         _raw_read_lock+0x36/0x50
[ 1157.200924][ T3154]                         __do_wait+0xde/0x740
[ 1157.207074][ T3154]                         do_wait+0x1f8/0x520
[ 1157.213130][ T3154]                         kernel_wait+0xab/0x170
[ 1157.219445][ T3154]                         call_usermodehelper_exec_work+0xbe/0x230
[ 1157.227322][ T3154]                         process_scheduled_works+0xae1/0x17b0
[ 1157.234852][ T3154]                         worker_thread+0x8a0/0xda0
[ 1157.241424][ T3154]                         kthread+0x711/0x8a0
[ 1157.247479][ T3154]                         ret_from_fork+0x3fc/0x770
[ 1157.254139][ T3154]                         ret_from_fork_asm+0x1a/0x30
[ 1157.260890][ T3154]      INITIAL USE at:
[ 1157.264944][ T3154]                        lock_acquire+0x120/0x360
[ 1157.271341][ T3154]                        _raw_write_lock_irq+0xa2/0xf0
[ 1157.278177][ T3154]                        copy_process+0x21d5/0x3b80
[ 1157.284753][ T3154]                        kernel_clone+0x21e/0x870
[ 1157.291159][ T3154]                        user_mode_thread+0xdd/0x140
[ 1157.297823][ T3154]                        rest_init+0x23/0x300
[ 1157.303877][ T3154]                        start_kernel+0x47d/0x500
[ 1157.310280][ T3154]                        x86_64_start_reservations+0x24/0x30
[ 1157.317634][ T3154]                        x86_64_start_kernel+0x143/0x1c0
[ 1157.324641][ T3154]                        common_startup_64+0x13e/0x147
[ 1157.331481][ T3154]      INITIAL READ USE at:
[ 1157.335968][ T3154]                             lock_acquire+0x120/0x360
[ 1157.342802][ T3154]                             _raw_read_lock+0x36/0x50
[ 1157.349634][ T3154]                             __do_wait+0xde/0x740
[ 1157.356126][ T3154]                             do_wait+0x1f8/0x520
[ 1157.362530][ T3154]                             kernel_wait+0xab/0x170
[ 1157.369198][ T3154]                             call_usermodehelper_exec_work+0xbe/0x230
[ 1157.377421][ T3154]                             process_scheduled_works+0xae1/0x17b0
[ 1157.385297][ T3154]                             worker_thread+0x8a0/0xda0
[ 1157.392219][ T3154]                             kthread+0x711/0x8a0
[ 1157.398621][ T3154]                             ret_from_fork+0x3fc/0x770
[ 1157.405544][ T3154]                             ret_from_fork_asm+0x1a/0x30
[ 1157.412646][ T3154]    }
[ 1157.415303][ T3154]    ... key      at: [<ffffffff8de0c058>] tasklist_lock+0x18/0x40
[ 1157.423180][ T3154]    ... acquired at:
[ 1157.427140][ T3154]    lock_acquire+0x120/0x360
[ 1157.431802][ T3154]    _raw_read_lock+0x36/0x50
[ 1157.436463][ T3154]    send_sigio+0x101/0x370
[ 1157.440950][ T3154]    dnotify_handle_event+0x169/0x440
[ 1157.446306][ T3154]    fsnotify+0x1814/0x1a80
[ 1157.450796][ T3154]    path_openat+0x171e/0x3830
[ 1157.455547][ T3154]    do_filp_open+0x1fa/0x410
[ 1157.460207][ T3154]    do_sys_openat2+0x121/0x1c0
[ 1157.465041][ T3154]    __ia32_compat_sys_openat+0x131/0x160
[ 1157.470747][ T3154]    __do_fast_syscall_32+0xb6/0x2b0
[ 1157.476018][ T3154]    do_fast_syscall_32+0x34/0x80
[ 1157.481028][ T3154]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1157.487517][ T3154] 
[ 1157.489828][ T3154]  -> (&f_owner->lock){....}-{3:3} {
[ 1157.495118][ T3154]     INITIAL USE at:
[ 1157.499087][ T3154]                      lock_acquire+0x120/0x360
[ 1157.505321][ T3154]                      _raw_write_lock_irq+0xa2/0xf0
[ 1157.511980][ T3154]                      __f_setown+0x67/0x370
[ 1157.517943][ T3154]                      fcntl_dirnotify+0x3fa/0x6a0
[ 1157.524427][ T3154]                      do_fcntl+0x6d0/0x1910
[ 1157.530394][ T3154]                      do_compat_fcntl64+0x477/0x720
[ 1157.537056][ T3154]                      __do_fast_syscall_32+0xb6/0x2b0
[ 1157.543892][ T3154]                      do_fast_syscall_32+0x34/0x80
[ 1157.550466][ T3154]                      entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1157.558516][ T3154]     INITIAL READ USE at:
[ 1157.562925][ T3154]                           lock_acquire+0x120/0x360
[ 1157.569585][ T3154]                           _raw_read_lock_irqsave+0xaf/0x100
[ 1157.577027][ T3154]                           send_sigio+0x38/0x370
[ 1157.583427][ T3154]                           dnotify_handle_event+0x169/0x440
[ 1157.590781][ T3154]                           fsnotify+0x1671/0x1a80
[ 1157.597271][ T3154]                           __fsnotify_parent+0x3fe/0x540
[ 1157.604370][ T3154]                           vfs_read+0x778/0x980
[ 1157.610685][ T3154]                           ksys_read+0x145/0x250
[ 1157.617086][ T3154]                           __do_fast_syscall_32+0xb6/0x2b0
[ 1157.624374][ T3154]                           do_fast_syscall_32+0x34/0x80
[ 1157.631406][ T3154]                           entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1157.639994][ T3154]   }
[ 1157.642575][ T3154]   ... key      at: [<ffffffff99b22fa0>] file_f_owner_allocate.__key+0x0/0x20
[ 1157.651507][ T3154]   ... acquired at:
[ 1157.655387][ T3154]    lock_acquire+0x120/0x360
[ 1157.660051][ T3154]    _raw_read_lock_irqsave+0xaf/0x100
[ 1157.665497][ T3154]    send_sigio+0x38/0x370
[ 1157.669902][ T3154]    kill_fasync+0x24d/0x4d0
[ 1157.674481][ T3154]    sock_wake_async+0x137/0x160
[ 1157.679410][ T3154]    sock_def_readable+0x3bb/0x550
[ 1157.684578][ T3154]    queue_oob+0x4c1/0x5a0
[ 1157.689000][ T3154]    unix_stream_sendmsg+0xaf9/0xc90
[ 1157.694292][ T3154]    __sock_sendmsg+0x21c/0x270
[ 1157.699141][ T3154]    ____sys_sendmsg+0x52d/0x830
[ 1157.704068][ T3154]    ___sys_sendmsg+0x21f/0x2a0
[ 1157.708907][ T3154]    __sys_sendmmsg+0x28e/0x430
[ 1157.713740][ T3154]    __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 1157.719445][ T3154]    __do_fast_syscall_32+0xb6/0x2b0
[ 1157.724718][ T3154]    do_fast_syscall_32+0x34/0x80
[ 1157.729734][ T3154]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1157.736226][ T3154] 
[ 1157.738539][ T3154] -> (&new->fa_lock){...-}-{3:3} {
[ 1157.743659][ T3154]    IN-SOFTIRQ-R at:
[ 1157.747625][ T3154]                     lock_acquire+0x120/0x360
[ 1157.753765][ T3154]                     _raw_read_lock_irqsave+0xaf/0x100
[ 1157.760687][ T3154]                     kill_fasync+0x199/0x4d0
[ 1157.766740][ T3154]                     sock_wake_async+0x137/0x160
[ 1157.773138][ T3154]                     sock_def_readable+0x3bb/0x550
[ 1157.779713][ T3154]                     __sock_queue_rcv_skb+0x6a5/0x9c0
[ 1157.786552][ T3154]                     sock_queue_rcv_skb_reason+0x75/0xe0
[ 1157.793650][ T3154]                     raw_rcv+0x74b/0x9d0
[ 1157.799351][ T3154]                     raw_local_deliver+0x9ee/0xe90
[ 1157.805922][ T3154]                     ip_protocol_deliver_rcu+0x46/0x440
[ 1157.812932][ T3154]                     ip_local_deliver_finish+0x2fb/0x580
[ 1157.820033][ T3154]                     NF_HOOK+0x30c/0x3a0
[ 1157.825741][ T3154]                     NF_HOOK+0x30c/0x3a0
[ 1157.831445][ T3154]                     __netif_receive_skb+0x143/0x380
[ 1157.838197][ T3154]                     process_backlog+0x60e/0x14f0
[ 1157.844688][ T3154]                     __napi_poll+0xc4/0x480
[ 1157.850656][ T3154]                     net_rx_action+0x707/0xe30
[ 1157.856883][ T3154]                     handle_softirqs+0x286/0x870
[ 1157.863285][ T3154]                     do_softirq+0xec/0x180
[ 1157.869165][ T3154]                     __local_bh_enable_ip+0x17d/0x1c0
[ 1157.875996][ T3154]                     __dev_queue_xmit+0x1cd7/0x3a70
[ 1157.882657][ T3154]                     ip_finish_output2+0xd03/0x1160
[ 1157.889322][ T3154]                     ip_push_pending_frames+0xbe/0x150
[ 1157.896250][ T3154]                     raw_sendmsg+0x143f/0x18b0
[ 1157.902476][ T3154]                     __sock_sendmsg+0x19c/0x270
[ 1157.908790][ T3154]                     __sys_sendto+0x3bd/0x520
[ 1157.914930][ T3154]                     __ia32_sys_sendto+0xdd/0x100
[ 1157.921419][ T3154]                     __do_fast_syscall_32+0xb6/0x2b0
[ 1157.928167][ T3154]                     do_fast_syscall_32+0x34/0x80
[ 1157.934655][ T3154]                     entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1157.942624][ T3154]    INITIAL USE at:
[ 1157.946508][ T3154]                    lock_acquire+0x120/0x360
[ 1157.952556][ T3154]                    _raw_write_lock_irq+0xa2/0xf0
[ 1157.959043][ T3154]                    fasync_remove_entry+0xf1/0x1c0
[ 1157.965629][ T3154]                    pipe_fasync+0xa9/0x1e0
[ 1157.971512][ T3154]                    __fput+0x89f/0xa70
[ 1157.977044][ T3154]                    task_work_run+0x1d4/0x260
[ 1157.983187][ T3154]                    exit_to_user_mode_loop+0xec/0x110
[ 1157.990018][ T3154]                    __do_fast_syscall_32+0x1f4/0x2b0
[ 1157.996766][ T3154]                    do_fast_syscall_32+0x34/0x80
[ 1158.003172][ T3154]                    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1158.011050][ T3154]    INITIAL READ USE at:
[ 1158.015368][ T3154]                         lock_acquire+0x120/0x360
[ 1158.021853][ T3154]                         _raw_read_lock_irqsave+0xaf/0x100
[ 1158.029123][ T3154]                         kill_fasync+0x199/0x4d0
[ 1158.035523][ T3154]                         anon_pipe_read+0xf06/0x1040
[ 1158.042266][ T3154]                         fifo_pipe_read+0x22/0xd0
[ 1158.048756][ T3154]                         vfs_read+0x4d0/0x980
[ 1158.054896][ T3154]                         ksys_read+0x145/0x250
[ 1158.061125][ T3154]                         __do_fast_syscall_32+0xb6/0x2b0
[ 1158.068220][ T3154]                         do_fast_syscall_32+0x34/0x80
[ 1158.075060][ T3154]                         entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1158.083372][ T3154]  }
[ 1158.085859][ T3154]  ... key      at: [<ffffffff99b22fc0>] fasync_insert_entry.__key+0x0/0x20
[ 1158.094521][ T3154]  ... acquired at:
[ 1158.098304][ T3154]    lock_acquire+0x120/0x360
[ 1158.102964][ T3154]    _raw_read_lock_irqsave+0xaf/0x100
[ 1158.108408][ T3154]    kill_fasync+0x199/0x4d0
[ 1158.112985][ T3154]    evdev_pass_values+0x627/0xbd0
[ 1158.118079][ T3154]    evdev_events+0x1e6/0x340
[ 1158.122737][ T3154]    input_pass_values+0x285/0x890
[ 1158.127843][ T3154]    input_event_dispose+0x330/0x6b0
[ 1158.133115][ T3154]    input_inject_event+0x1fe/0x320
[ 1158.138300][ T3154]    evdev_write+0x2fc/0x480
[ 1158.142872][ T3154]    vfs_write+0x27b/0xa90
[ 1158.147279][ T3154]    ksys_write+0x145/0x250
[ 1158.151767][ T3154]    __do_fast_syscall_32+0xb6/0x2b0
[ 1158.157036][ T3154]    do_fast_syscall_32+0x34/0x80
[ 1158.162045][ T3154]    entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1158.168531][ T3154] 
[ 1158.170840][ T3154] 
[ 1158.170840][ T3154] stack backtrace:
[ 1158.176736][ T3154] CPU: 0 UID: 0 PID: 3154 Comm: syz.8.12097 Not tainted 6.16.0-rc7-syzkaller-00127-g302f88ff3584 #0 PREEMPT(full) 
[ 1158.176754][ T3154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1158.176767][ T3154] Call Trace:
[ 1158.176775][ T3154]  <TASK>
[ 1158.176783][ T3154]  dump_stack_lvl+0x189/0x250
[ 1158.176801][ T3154]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1158.176816][ T3154]  ? __pfx__printk+0x10/0x10
[ 1158.176837][ T3154]  validate_chain+0x1f05/0x2140
[ 1158.176861][ T3154]  __lock_acquire+0xab9/0xd20
[ 1158.176877][ T3154]  ? kill_fasync+0x199/0x4d0
[ 1158.176891][ T3154]  lock_acquire+0x120/0x360
[ 1158.176904][ T3154]  ? kill_fasync+0x199/0x4d0
[ 1158.176922][ T3154]  _raw_read_lock_irqsave+0xaf/0x100
[ 1158.176936][ T3154]  ? kill_fasync+0x199/0x4d0
[ 1158.176950][ T3154]  ? __pfx__raw_read_lock_irqsave+0x10/0x10
[ 1158.176962][ T3154]  ? do_raw_spin_lock+0x121/0x290
[ 1158.176983][ T3154]  kill_fasync+0x199/0x4d0
[ 1158.176997][ T3154]  ? kill_fasync+0x53/0x4d0
[ 1158.177012][ T3154]  evdev_pass_values+0x627/0xbd0
[ 1158.177027][ T3154]  ? evdev_pass_values+0x671/0xbd0
[ 1158.177041][ T3154]  evdev_events+0x1e6/0x340
[ 1158.177053][ T3154]  ? evdev_events+0x79/0x340
[ 1158.177064][ T3154]  ? input_pass_values+0x8d/0x890
[ 1158.177083][ T3154]  input_pass_values+0x285/0x890
[ 1158.177104][ T3154]  ? input_handle_event+0x70c/0xf30
[ 1158.177121][ T3154]  input_event_dispose+0x330/0x6b0
[ 1158.177138][ T3154]  input_inject_event+0x1fe/0x320
[ 1158.177154][ T3154]  ? input_inject_event+0xbc/0x320
[ 1158.177172][ T3154]  evdev_write+0x2fc/0x480
[ 1158.177185][ T3154]  ? __pfx_evdev_write+0x10/0x10
[ 1158.177198][ T3154]  ? bpf_lsm_file_permission+0x9/0x20
[ 1158.177214][ T3154]  ? security_file_permission+0x75/0x290
[ 1158.177239][ T3154]  ? rw_verify_area+0x258/0x650
[ 1158.177255][ T3154]  ? __pfx_evdev_write+0x10/0x10
[ 1158.177268][ T3154]  vfs_write+0x27b/0xa90
[ 1158.177286][ T3154]  ? __pfx_vfs_write+0x10/0x10
[ 1158.177303][ T3154]  ? __fget_files+0x2a/0x420
[ 1158.177316][ T3154]  ? __fget_files+0x2a/0x420
[ 1158.177326][ T3154]  ? __fget_files+0x3a0/0x420
[ 1158.177337][ T3154]  ? __fget_files+0x2a/0x420
[ 1158.177351][ T3154]  ksys_write+0x145/0x250
[ 1158.177368][ T3154]  ? __pfx_ksys_write+0x10/0x10
[ 1158.177385][ T3154]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[ 1158.177401][ T3154]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1158.177416][ T3154]  __do_fast_syscall_32+0xb6/0x2b0
[ 1158.177431][ T3154]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1158.177446][ T3154]  do_fast_syscall_32+0x34/0x80
[ 1158.177461][ T3154]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 1158.177483][ T3154] RIP: 0023:0xf7f17539
[ 1158.177498][ T3154] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[ 1158.177511][ T3154] RSP: 002b:00000000f503655c EFLAGS: 00000206 ORIG_RAX: 0000000000000004
[ 1158.177526][ T3154] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000040
[ 1158.177536][ T3154] RDX: 0000000000001068 RSI: 0000000000000000 RDI: 0000000000000000
[ 1158.177544][ T3154] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 1158.177552][ T3154] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 1158.177561][ T3154] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 1158.177574][ T3154]  </TASK>
[ 1158.498474][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805e68d400: rx timeout, send abort
[ 1158.506888][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805e68d400: 0x10000: (3) A timeout occurred and this is the connection abort to close the session.
[ 1158.521273][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88805e68cc00: 0x10000: (3) A timeout occurred and this is the connection abort to close the session.