last executing test programs:

3m54.809488346s ago: executing program 4 (id=19908):
r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x24, 0x2b, 0x107, 0xfffffffe, 0x0, {0x3, 0x7c}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x6, 0x0, 0x0, @ipv4=@broadcast}]}, @nested={0x4, 0x2}]}, 0x24}, 0x1, 0x0, 0x0, 0x4048011}, 0x8010)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000040)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000180)={0x1, 0x1, &(0x7f00000000c0)=[r1], &(0x7f0000000180), &(0x7f0000000200), &(0x7f00000001c0)})

3m54.715851341s ago: executing program 4 (id=19909):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0x19, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000100)={0x28, 0x7, r1, 0x0, &(0x7f0000ff0000/0x10000)=nil, 0x10000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000180)={0x48, 0x5, r1, 0x0, <r2=>0xffffffffffffffff})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r0, 0x3ba0, &(0x7f0000000400)={0x48, 0x8, r2, 0x0, 0x0, 0xffca, &(0x7f0000000040)='?', 0x5})

3m54.715645349s ago: executing program 4 (id=19910):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000100)=0x401, 0x4)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e23, 0x4, @rand_addr=' \x01\x00', 0x7}, 0x1c)
listen(r0, 0x39c)

3m54.691457796s ago: executing program 4 (id=19911):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000002480)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x4)

3m53.816034762s ago: executing program 4 (id=19920):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000000c0)={0x28, 0x3, r1, 0x0, &(0x7f0000ff8000/0x4000)=nil, 0x4000, 0x1000000025})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000040)={0x28, 0x4, r1, 0x0, &(0x7f0000ff8000/0x1000)=nil, 0x1000})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r0, 0x3ba0, &(0x7f0000000180)={0x48, 0x2, r1})

3m53.363698192s ago: executing program 4 (id=19921):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000240)=ANY=[@ANYBLOB="e0000002ac1414aa0100000002"], 0x18)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
close_range(r1, 0xffffffffffffffff, 0x0)

3m53.198817184s ago: executing program 32 (id=19921):
r0 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @loopback}, 0xc)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000240)=ANY=[@ANYBLOB="e0000002ac1414aa0100000002"], 0x18)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000340)={0x1, &(0x7f0000000000)=[{0x6, 0xf, 0x0, 0x7fff8000}]})
close_range(r1, 0xffffffffffffffff, 0x0)

2m43.371847978s ago: executing program 3 (id=20843):
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='fd\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
fchdir(r0)
capset(&(0x7f0000000380)={0x20080522}, &(0x7f0000000040)={0x200000, 0x40200003, 0x0, 0x6, 0x7})
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)

2m42.506405507s ago: executing program 3 (id=20849):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f00000000c0)={0x3})
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000140)={[{0x5, 0x1009, 0x6, 0x3, 0x41, 0x2, 0x2, 0x5, 0x1, 0x4, 0x2, 0x9, 0x200}, {0xfffffffe, 0x0, 0x9, 0x0, 0x1, 0x7, 0x9, 0xfd, 0x5, 0x80, 0x9, 0xf, 0x3}, {0x200002, 0x1, 0x5, 0xfc, 0x8, 0x7, 0x0, 0xd, 0xb, 0x5, 0x1, 0x3}], 0x6})

2m42.298960668s ago: executing program 3 (id=20851):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298})
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r0, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

2m42.022377941s ago: executing program 3 (id=20854):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)

2m41.054447468s ago: executing program 3 (id=20866):
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$xdp(0x2c, 0x3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x40012020, 0x1, {0x2}})
io_uring_enter(r0, 0x47f6, 0x0, 0x4, 0x0, 0x0)

2m40.238231214s ago: executing program 3 (id=20872):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x7, &(0x7f00000006c0)={0x1, 0x0, 0xac1d})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
preadv(r1, &(0x7f0000000640)=[{&(0x7f0000000140)=""/134, 0x86}], 0x1, 0x0, 0x0)

2m39.924006781s ago: executing program 33 (id=20872):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x7, &(0x7f00000006c0)={0x1, 0x0, 0xac1d})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
preadv(r1, &(0x7f0000000640)=[{&(0x7f0000000140)=""/134, 0x86}], 0x1, 0x0, 0x0)

22.56930748s ago: executing program 1 (id=22527):
r0 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000480)={[{0x9, 0x8, 0x0, 0x7, 0x1, 0x2d, 0xe, 0x1, 0x0, 0x0, 0xb2, 0xc, 0x4}, {0x2b79, 0x5, 0x5, 0xe, 0x6, 0xfb, 0x54, 0x0, 0x3, 0xb, 0x6, 0x9, 0xe4}, {0x101, 0x400, 0x0, 0xbb, 0x3, 0xf, 0x5, 0x3, 0x3, 0x9, 0xe, 0x4, 0x3}], 0xb3})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x8, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, {0xfffffffc, 0x4, 0xff, 0x0, 0x0, 0xff}]})

22.41956862s ago: executing program 1 (id=22531):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x0)
r1 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x179}, &(0x7f0000000100)=<r2=>0x0, &(0x7f00000007c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r1, 0x4d10, 0x2, 0x2, 0x0, 0x0)
ioctl$TCXONC(r0, 0x540a, 0x2)

22.31766134s ago: executing program 1 (id=22533):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$FUSE_NOTIFY_RETRIEVE(r1, &(0x7f0000000280)={0x30, 0x5, 0x0, {0x0, 0x1, 0xcdd5, 0x7}}, 0x30)

22.209041451s ago: executing program 1 (id=22535):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x1)

22.13933099s ago: executing program 1 (id=22536):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f0000000000)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000700000008000300", @ANYRES32=r2, @ANYBLOB="140004006e696376663000ffffffff0000000000080005000800"], 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x240048d0)

21.225864571s ago: executing program 1 (id=22541):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x200, 0xfffffffd}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, &(0x7f00000000c0)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000884}, 0x4)

21.078815255s ago: executing program 34 (id=22541):
r0 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x200, 0xfffffffd}}, 0x10)
r1 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r1, &(0x7f0000000200)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0xfffffffd}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, &(0x7f00000000c0)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000884}, 0x4)

2.183549721s ago: executing program 2 (id=22766):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2003, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000240))
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text64={0x40, 0x0}], 0x1, 0x41, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2.089334597s ago: executing program 6 (id=22768):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x35, &(0x7f0000000000)=0x6, 0x4)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r0, 0x29, 0x3b, &(0x7f0000000080)=ANY=[], 0x8)
recvmmsg(r0, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

1.847922348s ago: executing program 0 (id=22774):
r0 = add_key$keyring(&(0x7f0000000200), &(0x7f0000000240)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
r1 = add_key$keyring(&(0x7f00000000c0), &(0x7f00000002c0)={'syz', 0x0}, 0x0, 0x0, r0)
pipe2$watch_queue(&(0x7f00000003c0)={<r2=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r2, 0x69)
r3 = add_key$fscrypt_v1(&(0x7f0000000080), &(0x7f0000000280)={'fscrypt:', @auto=[0x66, 0x0, 0x0, 0x0, 0x61, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64, 0x35, 0x0, 0xd, 0x65]}, &(0x7f0000000180)={0x0, "de8d0d27ca969fa15f8b3b7bae39c1b3327d4332f8c149d2d65a347d67f6db7eb90dfdad3cdebaaf421412f812305c9da91699b5a02c1295596f0fd9ec78f2fd", 0x2d}, 0x48, r0)
keyctl$KEYCTL_MOVE(0x1e, r3, r0, r1, 0x0)

1.811069227s ago: executing program 0 (id=22775):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x621c2, 0x0)
ftruncate(r0, 0x8800000)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x80042, 0x0)
sendfile(r1, r0, 0x0, 0x558410e8)

1.704497472s ago: executing program 5 (id=22776):
r0 = syz_io_uring_setup(0x1244, &(0x7f0000010180)={0x0, 0xd5a5, 0x800, 0x40000001, 0xb8}, &(0x7f0000000400)=<r1=>0x0, &(0x7f0000010200)=<r2=>0x0)
io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0xdfffffffffffffff, &(0x7f0000000340)=[0xffffffffffffffff], 0x1, 0x0, 0x1})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)

1.571124523s ago: executing program 0 (id=22777):
r0 = syz_open_dev$vcsa(&(0x7f0000000300), 0x1, 0x102)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000002080)={0x200f, {"20e30a30ed0d09f91b5e070987f70e06d038e7ff7fc6e5539b0d3e0e8b089b3f363063030890e0879b0af8c6e70a9b334a959b669a240d0a0af3988f7ef319520100ffe8d178708c526db51b1b5b31070d0773090acd3b78130daa61d8e8040001000000b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19300305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f6709000000a141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a027d5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf050000008000000000f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b3f3f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7af1d0e54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c01008e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2f5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d21488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e1a63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e09d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a603336c00000077cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046ca5b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe6531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e6586df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59555e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0d8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb601203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f900000930dedf800", 0x1000}}, 0x1006)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1000001, 0x32, 0xffffffffffffffff, 0x0)
write$sndseq(r0, &(0x7f00000008c0)=[{0x9, 0xc8, 0xd, 0xd2, @tick=0x8001, {0x9, 0xe}, {0x10, 0x6}, @raw8={"21cf019428b04fa9077b2fe3"}}], 0x1c)

1.44779357s ago: executing program 5 (id=22778):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmsg$TEAM_CMD_OPTIONS_SET(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000a80)={&(0x7f0000001300)=ANY=[], 0x438}, 0x1, 0x0, 0x0, 0x20044811}, 0x20000004)
recvmsg$qrtr(r1, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000ac0)=[{&(0x7f0000000640)=""/1, 0x1}, {&(0x7f0000000700)=""/192, 0xc0}], 0x2, 0x0, 0x0, 0x10000}, 0x38, 0x2)

1.425659658s ago: executing program 5 (id=22779):
rt_sigprocmask(0x2, &(0x7f0000000080)={[0xffffffffffffffff]}, 0x0, 0x8)
r0 = gettid()
r1 = getpid()
rt_tgsigqueueinfo(r1, r0, 0x5, &(0x7f00000003c0)={0x18, 0x3, 0x6})
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0xfffffffffffffff7]}, 0x8, 0x0)
read$watch_queue(r2, &(0x7f0000000300)=""/176, 0xb0)

1.351197053s ago: executing program 5 (id=22780):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00'}, 0x10)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000240)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001000000000000000000000000000000000000000000000000860090780000000000000000000000000000ee3f000000002b036f8c006e75021d683910c3090b3188a7c747eb2278a273c1b80029442911892704"], 0xfdef)

1.249413753s ago: executing program 0 (id=22781):
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xb, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000f7ffffff00000000fdffffff1801000020786c2500000000002020"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x22, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0x40305839, &(0x7f0000000000)=ANY=[@ANYBLOB='\x00\x00\x00\x00\x00\b\x00'/18])
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x11, 0x0, 0x0, 0x0, 0x80000002, 0x0, 0x0, 0x0, 0x3a, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x94)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r0, 0x0)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x4, &(0x7f0000000000)=""/152, &(0x7f00000000c0)=0x98)

1.151944703s ago: executing program 2 (id=22782):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = fanotify_init(0x200, 0x0)
fanotify_mark(r1, 0x1, 0x4800003e, r0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
r2 = dup2(r1, r0)
readv(r2, &(0x7f0000001400)=[{&(0x7f0000000040)=""/81, 0x51}], 0x1)

1.144028491s ago: executing program 7 (id=22783):
socket$inet_tcp(0x2, 0x1, 0x0)
socket(0x22, 0x2, 0x24)
r0 = syz_io_uring_setup(0x498, &(0x7f0000000200)={0x0, 0x7279, 0x0, 0x4, 0x125}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xffffffff, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

1.143295153s ago: executing program 6 (id=22784):
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb7"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)=[{0x0, 0x24}], 0x1}, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4140aecd, &(0x7f00000000c0))

983.829674ms ago: executing program 0 (id=22785):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)

879.52373ms ago: executing program 2 (id=22786):
r0 = syz_open_dev$loop(&(0x7f0000000280), 0xa4f, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_user\x00', 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, r1, 0x0, 0xfffffffffffffff8}, 0x59)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1d, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d00009520a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bc0007008019000000000000000000000000af1e4ccfb7b3cad80004010400", [0x1, 0x2000000000001]}})

813.395319ms ago: executing program 5 (id=22787):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys\x00\x00et/\x80\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000080)=""/47, 0x2f)
getdents64(r1, 0xfffffffffffffffe, 0x43)

788.591334ms ago: executing program 6 (id=22788):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}})
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
ppoll(&(0x7f0000000240)=[{r1, 0x4080}], 0x1, 0x0, 0x0, 0x0)
umount2(&(0x7f00000000c0)='./file0\x00', 0x8)

699.21852ms ago: executing program 7 (id=22789):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6, 0x0, 0x0, 0xfffffffc}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r0, 0x0)
setreuid(0x0, 0xee00)
r1 = io_uring_setup(0x3ead, &(0x7f0000000080)={0x0, 0xc95d, 0x0, 0x3})
io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f00000002c0)=[{&(0x7f0000002700)=""/4095, 0xfff}], 0x1)

575.659356ms ago: executing program 5 (id=22790):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0)
r1 = mmap$binder(&(0x7f0000ffb000/0x3000)=nil, 0x3000, 0x1, 0x11, r0, 0x1)
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000080)={0x1c, 0x0, &(0x7f0000000040)=[@free_buffer={0x40086303, r1}, @exit_looper, @dead_binder_done], 0x5f, 0x0, &(0x7f0000000100)="d73438587cb3a623fd8ee905e684fde28aea60592a03b7ec818dc884a0444fe71fca81497f44d5c5103915620fa908bb58537bcec2fccf1896aa399773300d53147fe686b8f0784f7bef1841c2a46d758265bf8123c4b4a7ef8a43d6276334"})
r2 = epoll_create(0xd751)
epoll_pwait(r2, &(0x7f00000000c0)=[{}], 0x1, 0xef19, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000500)={0x1})

517.66899ms ago: executing program 2 (id=22791):
pipe2$9p(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x121042, 0x115)
r3 = inotify_init()
inotify_add_watch(r3, &(0x7f0000000000)='./file1\x00', 0x16000f57)
write$P9_RVERSION(r1, &(0x7f00000001c0)=ANY=[], 0x15)
splice(r0, 0x0, r2, 0x0, 0x50f5d137, 0xd)

486.840578ms ago: executing program 6 (id=22792):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = epoll_create1(0x80000)
r2 = fcntl$dupfd(r0, 0x406, r1)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000340))
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000001c0)={0x10})
epoll_pwait2(r1, &(0x7f0000000640)=[{}, {}], 0x2, 0x0, 0x0, 0x0)

426.402443ms ago: executing program 7 (id=22793):
r0 = syz_kvm_setup_syzos_vm$x86(0xffffffffffffffff, &(0x7f0000c00000/0x400000)=nil)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
syz_kvm_setup_syzos_vm$x86(r2, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r0, &(0x7f0000000080)={0x0, 0x0})
ioctl$KVM_SET_MSRS(r3, 0x4008ae89, &(0x7f0000000240)={0x1, 0x0, [{0x345}]})

368.172466ms ago: executing program 6 (id=22794):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)={0x50, r1, 0x7, 0x0, 0x40000, {}, [@ETHTOOL_A_LINKMODES_OURS={0x1c, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x8, 0x4, '\x00\x00\x00\x00'}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0x20}, @ETHTOOL_A_BITSET_MASK={0x8, 0x5, "7180bbda"}]}, @ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_SPEED={0x8, 0x5, 0x2}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000800}, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)

350.242345ms ago: executing program 2 (id=22795):
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000002c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16, @ANYBLOB="00012abd7000fddbdf250c00000005002f000100000005003000", @ANYRES32], 0x2c}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001"], 0xfdef)

248.240599ms ago: executing program 6 (id=22796):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x303}, '\x00', "5193bb672965593497c186a80e00", '\x00\x00=*', "1202000000040030"}, 0x38)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x4e22, 0x0, @rand_addr=' \x01\x00', 0x2}}, 0x0, 0x0, 0x43, 0x0, "c43b9320585854378463e5d9ac44984ed4936350a7f170f645640905822998ca06b3a771e3ab05c927d207f7d21d93b1d5e068c6a0652a79973d9cbb62bd8c26deb2eae0b68847b15bbe30539483f6e7"}, 0xd8)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000400)={@in6={{0xa, 0x4e24, 0x8, @loopback}}, 0x0, 0x0, 0x41, 0x0, "b208405cce4456e4fc8f2dabd194ff3763f799f91cf7e5e8260998f956ec57c24451db07550335ebf4a3d0168ccaa268e928f39cd7494c2b19ebef230a3373685fbacfcf3b6e9633bd997a9bfcf08f67"}, 0xd8)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback, 0xffff}, 0x1c)

244.412214ms ago: executing program 7 (id=22797):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f00000005c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000580)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000740)=ANY=[@ANYBLOB="400000001000370400000000fcdbdf2500000000", @ANYRES32=r2, @ANYBLOB="890c040000000000200012800800010067747000140002800500050001000000080004000100000038af393c04b8a155"], 0x40}}, 0x0)
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @loopback}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @empty, @rand_addr=0x3}}}], 0x20}}], 0x1, 0x4040880)

160.41958ms ago: executing program 7 (id=22798):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x1020, 0x0)

147.190696ms ago: executing program 2 (id=22799):
unshare(0x2a020400)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = memfd_create(&(0x7f0000000240)='+\x8b\x8a\xa9\x16\x11\x91J\xbc+  \x18\x17\xc2:}\xa3\x9bO\xdd\xdf\xdf\x92\xd5\xed\xb4\x17\xe5\xd6\x9a\xb2\xd8\x9ba\xde\xb2.F\xc0\x99}|\xaf\xd3\x1d\x84[*_\x9f\x9d\xb0rYP\x1b\x9f \xe0\x9cgq\x103\x89\x11\x87Rv\x169\xdf\xe3>B\x04\x00\x00\x00W\xd3\xec\xfb\xdf?\xa2\x90+\xa4!\xb2\xf2\xff\x90\a\xc3\x12\xc4;\xffh\xf1x=\xb9c\xce\x03h\xdap\x88U\x1788\x82\xd7\xfd\x83\x00Sx\x91%\x99_\xfe\xd4c\x83\x86\x0f\xa4a-\xaf\x9e\xd9\xef\xe0)]\x00F\xfa\x03\xbc4\xc4\x9a\v\x03\x8b\xa4\xf3\x8f\xf4\"\'\xd3\a9\x14H}j&~\xe9\x16\x83o\xbd\xab\xcd[\xbd\xcb\x04\xfc\xe7\xe3\x9e?\x12\xf0\xf4\x83M3\xd88\x92?@\v\xe6\xd1\xd2\xe4\xde\xdaUeJ\x9fR\xd1`\xfa\xc8\v\xed\xfd\x0e\xc8\x89W\x847\x88\x82\x94\x14\xe33\xb7H\xc8b\xd6@3F#\xb7\x04C\x8dm\t\x16a\x0fI\xf4\xfe\xf8\x06j\x19Pz&\xb8\x0f\x98`W\xdb\xc6\"81A\xa4\x8bT\xf1\xcb\xab\xa3\t\xef\xdf&\x0e\xad\x03\x123.\xc2V\xaa\xd5\xf8\xde\x8aV\xa4p{\xcez\xa2\x92\xdb8*wLO\f\x97X\x05\x9a\xc2\xe8\x85\x9d\xcb\xc8\xf0\xc4\x01\x03\xe3?\x9f1\xf4\xfb\xa5y`KB\xdf\xae#\x94C\a\x04\xea\xccG\xf2\b\x8f\xf7\xb1\xe96\x90\xf5P\xa4\'\xce\xe3\xa24\x196\xc5Q\xa1K\x95\xd6\xfal\xe9\xd1\\\r&\xb2c\xb3\x8d\xa7\xb7\xa8\x03S\xbd\xdd\b{\xae\f\x10\xc2\xbb\xd0\xdd*\xa3\xb4\fJ\x00X\xab`N; LF\xa5D\xee\xdf\x7f\x80p\xf6o\x1c\xbdXR\xf2\xa0\x81a\xa1\xe1B\x93Xn\xaf\xfc\x05?\xab\xac\x91x\xa8#\xe1\xbeQ\xd1^\x9b\xb9)\xd3\n\xf7(3!\x18\b\xc0\xaampRl\xfdQ\x03\x8c\xd5\xe4\\\xed\x9a\xd1?\xd21\xc8\x90\x1dl|\xd1\x14\xbc3\xe0\x1e\x0e\xe6\x88Y\x99K\x93\x1c@_P\x8c\xc7\x9eZ\xb74KT:\x8a\xdbJ#w\x18\x14\x00\x93\x86\xa5wo\xf6M\xe7D\xf4*\xe3X\x1d\x19\x83\xa7w\xc7+7\x89s\xed\x8a\xd7O\xdd\rhh`\xc0\xa8$\x06pu\xa0\xd0L\x0ez@I\xb8\x83\xb2f\x93j\a0I\xc8l\xe5\x9b\x06\xb5\xac`d\xa3\xcf/\x14\x10\xab\xab\t\xec\xc1c\fA\xaf\x14\xef\xbap@*7\x86\xdf\',\x03Y\xb1$\xf0\xb5}\xf0\x82%)9`\x8f\x04\x85m\x80\xd2\xcf@\x06}\xea\xe7w`\xa5\x11\x9f\x9b\x9e\x8f\xb7cb\x1a\xe1\xcf\x87\x1c\\\xf5\xc21\xf7\x82C*\xd5;\x00\x00\x00\x00\x03\xba\xe3\xdc\x92\'\x8e\xd5\x7fG\xfd.\x91\x89T\x99t\xd4d,\xd5\x92O\xf1\xafT!Y\x8e\\\xac\xf7\x11R\x05p\x1a\"\r\xe9\xe5\x8b&\x0f\x8c\xfb\xef\xf8\xd5\x18\xde\xeb\xe5\x19\xdd\xebQ8\xc5iS+\x06D\x16\xfe\xf5.\xe5\v\x89\xb0\"\xa3M\xe9\x81\x11P\xdb\xc4\xc2y\x14\x04\x06\xf6\f\xb0\xecz\x8d`\xb5\x9b\xb43\xcc1\xa7\x9e\xa8\xb5\'\xc6MAe\x0f\xd1\xfcG\xc2/\xe8\xe9t\xcaQ\xf1\fI\x1chM\xc1\x92\xe3\xc3\x01M\xc8/\xefJ\xcb\xd0]\f\xff\xf5\x92\xce\x97Z\xea\xe8\x99\xfa\x96\xce\xa7\x02\xad\xa2\xce\x955\xeaNg\x02\xcd\xfd\x1a}.\xd3\"x\x89/8H\xc2\x93B\na)\x86\xa9U\xa0\xb7\x18\xfb\xe9\xd1\x97', 0x3)
write$binfmt_misc(r1, &(0x7f0000000740), 0xff67)
sendfile(r0, r1, &(0x7f0000000000), 0xfffb)
fcntl$addseals(r1, 0x409, 0x8)

93.752566ms ago: executing program 0 (id=22800):
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x91ea6c1af182532)
r1 = getpgid(0x0)
fcntl$setownex(r0, 0xf, &(0x7f0000000000)={0x2, r1})
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000900)='./file1\x00', 0x3000004)

0s ago: executing program 7 (id=22801):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_X86_SET_MSR_FILTER(r1, 0x4188aec6, &(0x7f0000003900)={0x1, [{0x1, 0x8, 0x0, &(0x7f0000000040)='J'}, {0x3, 0x0, 0xc3, 0x0}, {0x2, 0x0, 0x9, 0x0}, {0x1, 0x0, 0x7fffffff, 0x0}, {0x0, 0x0, 0x5b2, 0x0}, {0x3, 0x0, 0x4, 0x0}, {0x0, 0x0, 0x7, 0x0}, {0x1, 0x0, 0x61b, 0x0}, {0x0, 0x0, 0x4, 0x0}, {0x0, 0x0, 0x1, 0x0}, {0x2, 0x0, 0x7, 0x0}, {0x5, 0x0, 0x4, 0x0}, {0x1, 0x0, 0x4, 0x0}, {0x3, 0x0, 0x100, 0x0}, {0x2, 0x0, 0x80000000, 0x0}, {0x1, 0x0, 0xa9c, 0x0}]})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000134000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x7c, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

58574][ T5878] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1182.171853][ T5878] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1182.181231][ T5878] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1182.193712][ T5878] usb 4-1: config 0 descriptor??
[ 1182.617634][ T5878] plantronics 0003:047F:FFFF.009E: unknown main item tag 0x0
[ 1182.626229][ T5878] plantronics 0003:047F:FFFF.009E: unknown main item tag 0x0
[ 1182.634302][ T5878] plantronics 0003:047F:FFFF.009E: unknown main item tag 0x0
[ 1182.647022][ T5878] plantronics 0003:047F:FFFF.009E: unknown main item tag 0x0
[ 1182.655342][ T5878] plantronics 0003:047F:FFFF.009E: unknown main item tag 0x0
[ 1182.670748][ T5878] plantronics 0003:047F:FFFF.009E: unknown main item tag 0x0
[ 1182.680598][ T5878] plantronics 0003:047F:FFFF.009E: unknown main item tag 0x0
[ 1182.689244][ T5878] plantronics 0003:047F:FFFF.009E: unknown main item tag 0x0
[ 1182.697634][ T5878] plantronics 0003:047F:FFFF.009E: unknown main item tag 0x0
[ 1182.706403][ T5878] plantronics 0003:047F:FFFF.009E: unknown main item tag 0x0
[ 1182.729558][ T5878] plantronics 0003:047F:FFFF.009E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1182.898438][ T5878] usb 4-1: USB disconnect, device number 25
[ 1183.028910][ T3202] netlink: 8 bytes leftover after parsing attributes in process `syz.1.20788'.
[ 1183.033714][ T3251] loop7: detected capacity change from 0 to 7
[ 1183.038626][ T3202] netlink: 'syz.1.20788': attribute type 5 has an invalid length.
[ 1183.055487][ T3202] netlink: 28 bytes leftover after parsing attributes in process `syz.1.20788'.
[ 1183.058159][T27321] Dev loop7: unable to read RDB block 7
[ 1183.072147][T27321]  loop7: unable to read partition table
[ 1183.072959][ T3202] geneve0: entered promiscuous mode
[ 1183.079495][T27321] loop7: partition table beyond EOD, truncated
[ 1183.084957][ T3202] geneve0: entered allmulticast mode
[ 1183.096464][ T3251] Dev loop7: unable to read RDB block 7
[ 1183.113908][ T3251]  loop7: unable to read partition table
[ 1183.122960][ T3251] loop7: partition table beyond EOD, truncated
[ 1183.131393][ T3251] loop_reread_partitions: partition scan of loop7 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1183.586126][ T3270] vlan3: entered allmulticast mode
[ 1183.592629][ T3270] bridge_slave_0: entered allmulticast mode
[ 1183.601808][ T3270] bridge0: port 2(vlan3) entered blocking state
[ 1183.609440][ T3270] bridge0: port 2(vlan3) entered disabled state
[ 1183.630715][ T3270] vlan3: entered promiscuous mode
[ 1183.788985][ T3294] netlink: 244 bytes leftover after parsing attributes in process `syz.0.20800'.
[ 1183.916254][ T5912] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[ 1184.096309][ T5912] usb 4-1: config 0 has an invalid interface number: 204 but max is 0
[ 1184.111404][ T5912] usb 4-1: config 0 has no interface number 0
[ 1184.131863][ T5912] usb 4-1: New USB device found, idVendor=12d6, idProduct=0444, bcdDevice=29.3d
[ 1184.151353][ T5912] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1184.183824][ T5912] usb 4-1: Product: syz
[ 1184.188037][ T5912] usb 4-1: Manufacturer: syz
[ 1184.192640][ T5912] usb 4-1: SerialNumber: syz
[ 1184.215379][ T5912] usb 4-1: config 0 descriptor??
[ 1184.233108][ T5912] ems_usb 4-1:0.204 (unnamed net_device) (uninitialized): couldn't initialize controller: -22
[ 1184.258071][ T5912] ems_usb 4-1:0.204: probe with driver ems_usb failed with error -22
[ 1184.575900][ T5878] usb 4-1: USB disconnect, device number 26
[ 1184.983803][   T43] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[ 1185.137078][   T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1185.181887][   T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1185.224473][   T43] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1185.273736][   T43] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1185.314242][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1185.376535][   T43] usb 6-1: config 0 descriptor??
[ 1185.469895][ T3384] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1185.491367][ T3388] input: syz1 as /devices/virtual/input/input200
[ 1185.832176][   T43] plantronics 0003:047F:FFFF.009F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[ 1186.087462][   T43] usb 6-1: USB disconnect, device number 13
[ 1186.339885][   T30] kauditd_printk_skb: 65 callbacks suppressed
[ 1186.339903][   T30] audit: type=1326 audit(1764581306.546:5593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3478 comm="syz.3.20843" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f786b98f749 code=0x0
[ 1186.434166][ T5878] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[ 1186.490174][ T3482] loop9: detected capacity change from 0 to 7
[ 1186.498348][T27321] Dev loop9: unable to read RDB block 7
[ 1186.506178][T27321]  loop9: unable to read partition table
[ 1186.512102][T27321] loop9: partition table beyond EOD, truncated
[ 1186.521914][ T3482] Dev loop9: unable to read RDB block 7
[ 1186.527804][ T3482]  loop9: unable to read partition table
[ 1186.533576][ T3482] loop9: partition table beyond EOD, truncated
[ 1186.539943][ T3482] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1186.586263][ T5878] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[ 1186.595897][ T5878] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1186.609483][ T5878] usb 2-1: config 0 descriptor??
[ 1186.638604][ T5878] gspca_main: cpia1-2.14.0 probing 0813:0001
[ 1187.050654][ T5878] cpia1 2-1:0.0: unexpected state after lo power cmd: 00
[ 1187.451620][ T5878] gspca_cpia1: usb_control_msg 02, error -32
[ 1187.466630][ T5878] gspca_cpia1: usb_control_msg 02, error -71
[ 1187.472810][ T5878] cpia1 2-1:0.0: only firmware version 1 is supported (got: 0)
[ 1187.508703][ T5878] usb 2-1: USB disconnect, device number 50
[ 1188.017982][   T30] audit: type=1326 audit(1764581308.226:5594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3594 comm="syz.1.20858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1188.051110][ T3591] bridge0: port 1(bridge_slave_0) entered learning state
[ 1188.075475][   T30] audit: type=1326 audit(1764581308.256:5595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3594 comm="syz.1.20858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1188.119379][   T30] audit: type=1326 audit(1764581308.256:5596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3594 comm="syz.1.20858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1188.155905][   T30] audit: type=1326 audit(1764581308.256:5597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3594 comm="syz.1.20858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1188.189049][   T30] audit: type=1326 audit(1764581308.256:5598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3594 comm="syz.1.20858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1188.215183][   T30] audit: type=1326 audit(1764581308.256:5599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3594 comm="syz.1.20858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1188.239702][   T30] audit: type=1326 audit(1764581308.256:5600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3594 comm="syz.1.20858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1188.263163][   T30] audit: type=1326 audit(1764581308.256:5601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3594 comm="syz.1.20858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1188.286904][   T30] audit: type=1326 audit(1764581308.256:5602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3594 comm="syz.1.20858" exe="/root/syz-executor" sig=0 arch=c000003e syscall=299 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1188.423132][ T3607] syzkaller1: entered promiscuous mode
[ 1188.431437][ T3607] syzkaller1: entered allmulticast mode
[ 1188.851073][ T8909] syz_tun (unregistering): left allmulticast mode
[ 1188.857800][ T8909] syz_tun (unregistering): left promiscuous mode
[ 1188.864783][ T8909] bridge0: port 2(syz_tun) entered disabled state
[ 1188.895359][   T43] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[ 1189.068015][   T43] usb 6-1: Using ep0 maxpacket: 8
[ 1189.079135][   T43] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[ 1189.113561][   T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[ 1189.119976][ T3635] input: syz0 as /devices/virtual/input/input202
[ 1189.145254][   T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1189.185653][   T43] usb 6-1: New USB device found, idVendor=187f, idProduct=0200, bcdDevice=6b.ad
[ 1189.196669][   T43] usb 6-1: New USB device strings: Mfr=55, Product=237, SerialNumber=3
[ 1189.212439][   T43] usb 6-1: Product: syz
[ 1189.217296][   T43] usb 6-1: Manufacturer: syz
[ 1189.222624][   T43] usb 6-1: SerialNumber: syz
[ 1189.271507][   T43] usb 6-1: config 0 descriptor??
[ 1189.290388][   T43] smsusb:smsusb_probe: board id=2, interface number 0
[ 1189.303257][   T43] smsusb:smsusb_probe: Device initialized with return code -19
[ 1189.507046][   T43] usb 6-1: USB disconnect, device number 14
[ 1189.724780][ T2866] bond6: left promiscuous mode
[ 1189.733931][ T2866] bridge0: port 1(bond6) entered disabled state
[ 1189.744649][ T2866] macsec0: left allmulticast mode
[ 1189.749796][ T2866] macsec0: left promiscuous mode
[ 1189.773891][ T2866] bridge0: port 3(macsec0) entered disabled state
[ 1189.826758][ T5878] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[ 1190.013910][ T5878] usb 2-1: Using ep0 maxpacket: 16
[ 1190.027383][ T5878] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1190.042938][ T5878] usb 2-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1190.086387][ T5878] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1190.123527][ T5878] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1190.162558][ T5878] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1190.184063][ T5878] usb 2-1: Product: syz
[ 1190.188271][ T5878] usb 2-1: Manufacturer: syz
[ 1190.192869][ T5878] usb 2-1: SerialNumber: syz
[ 1190.435155][ T5465] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1190.463272][ T5465] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1190.476207][ T5465] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1190.491228][ T5465] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1190.506195][ T5465] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1190.574542][ T3703] netlink: 16 bytes leftover after parsing attributes in process `syz.2.20882'.
[ 1190.849190][ T2866] bond1 (unregistering): Released all slaves
[ 1190.902186][ T5878] usb 2-1: 0:2 : does not exist
[ 1190.945125][ T5878] usb 2-1: USB disconnect, device number 51
[ 1191.073551][ T2866] bond2 (unregistering): Released all slaves
[ 1191.092677][ T2866] bond3 (unregistering): Released all slaves
[ 1191.126536][ T2866] bond0 (unregistering): left promiscuous mode
[ 1191.134788][ T2866] bond0 (unregistering): Released all slaves
[ 1191.304355][ T2866] bond4 (unregistering): Released all slaves
[ 1191.318680][ T2866] bond5 (unregistering): Released all slaves
[ 1191.460921][ T2866] bond6 (unregistering): Released all slaves
[ 1191.524240][ T3734] vivid-007: disconnect
[ 1191.530058][ T3732] vivid-007: reconnect
[ 1191.750415][ T2866] tipc: Disabling bearer <eth:batadv0>
[ 1191.821665][ T2866] tipc: Disabling bearer <udp:syz0>
[ 1191.834097][ T2866] tipc: Disabling bearer <udp:syz2>
[ 1191.839652][ T2866] tipc: Left network mode
[ 1192.203840][    C0] ip6_tunnel: ip6gre3 xmit: Local address not yet configured!
[ 1192.524035][ T5842] Bluetooth: hci3: command tx timeout
[ 1192.569852][ T3707] chnl_net:caif_netlink_parms(): no params data found
[ 1192.983259][ T3919] netlink: 104 bytes leftover after parsing attributes in process `syz.2.20905'.
[ 1193.696515][ T3707] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1193.710776][ T3707] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1193.727542][ T3707] bridge_slave_0: entered allmulticast mode
[ 1193.737159][ T3707] bridge_slave_0: entered promiscuous mode
[ 1193.763802][ T3707] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1193.816986][ T3707] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1193.834049][ T3707] bridge_slave_1: entered allmulticast mode
[ 1193.849180][ T3707] bridge_slave_1: entered promiscuous mode
[ 1194.158675][ T3707] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1194.275830][ T3707] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1194.415135][ T2866] dummy0: left promiscuous mode
[ 1194.439824][ T2866] hsr_slave_0: left promiscuous mode
[ 1194.458664][ T2866] batman_adv: batadv0: Removing interface: virt_wifi0
[ 1194.495057][ T2866] batman_adv: batadv0: Removing interface: ipvlan4
[ 1194.516151][ T4082] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1194.604294][ T5842] Bluetooth: hci3: command tx timeout
[ 1194.636116][ T2866] pim6reg (unregistering): left allmulticast mode
[ 1195.014493][   T43] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[ 1195.173828][   T43] usb 6-1: Using ep0 maxpacket: 32
[ 1195.187178][   T43] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[ 1195.196087][   T43] usb 6-1: config 0 has no interface number 0
[ 1195.202221][   T43] usb 6-1: config 0 interface 184 has no altsetting 0
[ 1195.212576][   T43] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1195.224154][   T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1195.232168][   T43] usb 6-1: Product: syz
[ 1195.236469][   T43] usb 6-1: Manufacturer: syz
[ 1195.241071][   T43] usb 6-1: SerialNumber: syz
[ 1195.254833][   T43] usb 6-1: config 0 descriptor??
[ 1195.263079][   T43] smsc75xx v1.0.0
[ 1195.699361][ T4005] IPVS: Error connecting to the multicast addr
[ 1195.728359][ T3707] team0: Port device team_slave_0 added
[ 1195.761378][ T3707] team0: Port device team_slave_1 added
[ 1195.912837][ T3707] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1195.924541][ T3707] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1195.952702][ T3707] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1195.968925][ T3707] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1196.007906][ T3707] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1196.038802][ T3707] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1196.236293][ T3707] hsr_slave_0: entered promiscuous mode
[ 1196.247013][ T3707] hsr_slave_1: entered promiscuous mode
[ 1196.255239][ T3707] debugfs: 'hsr0' already exists in 'hsr'
[ 1196.261026][ T3707] Cannot create hsr debugfs directory
[ 1196.267514][ T4203] bridge0: port 1(bond0) entered blocking state
[ 1196.278390][ T4203] bridge0: port 1(bond0) entered disabled state
[ 1196.285702][ T4203] bond0: entered allmulticast mode
[ 1196.296243][   T43] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[ 1196.312516][   T43] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1196.313709][ T4203] bond_slave_0: entered allmulticast mode
[ 1196.323055][   T43] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1196.336025][ T4203] bridge_slave_1: entered allmulticast mode
[ 1196.344478][ T4203] mac80211_hwsim hwsim9 wlan1: entered allmulticast mode
[ 1196.354935][   T43] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[ 1196.379411][ T2866] IPVS: stop unused estimator thread 0...
[ 1196.397723][   T43] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[ 1196.433149][   T43] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1196.444175][   T43] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -71
[ 1196.481264][   T43] usb 6-1: USB disconnect, device number 15
[ 1196.683994][ T5842] Bluetooth: hci3: command tx timeout
[ 1196.978406][ T3707] netdevsim netdevsim6 netdevsim0: renamed from eth0
[ 1197.045506][ T3707] netdevsim netdevsim6 netdevsim1: renamed from eth1
[ 1197.082523][ T3707] netdevsim netdevsim6 netdevsim2: renamed from eth2
[ 1197.128549][ T3707] netdevsim netdevsim6 netdevsim3: renamed from eth3
[ 1197.439839][ T3707] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1197.490592][ T3707] 8021q: adding VLAN 0 to HW filter on device team0
[ 1197.508376][T19096] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1197.515609][T19096] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1197.552059][ T2993] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1197.559270][ T2993] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1197.775709][ T3707] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1198.088822][ T3707] veth0_vlan: entered promiscuous mode
[ 1198.107320][ T3707] veth1_vlan: entered promiscuous mode
[ 1198.174230][ T3707] veth0_macvtap: entered promiscuous mode
[ 1198.229694][ T3707] veth1_macvtap: entered promiscuous mode
[ 1198.320557][ T4378] random: crng reseeded on system resumption
[ 1198.320895][ T3707] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1198.359502][ T3707] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1198.418545][T15180] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1198.438930][T15180] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1198.493564][T15180] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1198.495613][ T4336] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20939'.
[ 1198.515321][ T4336] netlink: 'syz.0.20939': attribute type 5 has an invalid length.
[ 1198.525038][T21193] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1198.562840][ T4336] netlink: 28 bytes leftover after parsing attributes in process `syz.0.20939'.
[ 1198.619543][ T4336] geneve0: entered promiscuous mode
[ 1198.628810][ T4336] geneve0: entered allmulticast mode
[ 1198.737616][ T2993] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1198.757446][ T2993] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1198.765884][ T5842] Bluetooth: hci3: command tx timeout
[ 1199.030443][T21193] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1199.058337][T21193] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1200.270182][ T4465] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.20959'.
[ 1200.576184][ T4488] binder: 4483:4488 ioctl c0306201 200000000040 returned -14
[ 1200.756902][ T4496] input: syz1 as /devices/virtual/input/input203
[ 1200.774171][   T43] usb 2-1: new full-speed USB device number 52 using dummy_hcd
[ 1200.984807][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[ 1201.005831][   T43] usb 2-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[ 1201.027606][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1201.077139][   T43] usb 2-1: config 0 descriptor??
[ 1201.104436][ T4484] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[ 1201.564438][   T43] elan 0003:04F3:0755.00A0: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.1-1/input0
[ 1201.713805][ T5912] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[ 1201.759092][ T4484] elan 0003:04F3:0755.00A0: pid 4484 passed too short report
[ 1201.789930][T28335] usb 2-1: USB disconnect, device number 52
[ 1201.873780][ T5912] usb 6-1: Using ep0 maxpacket: 16
[ 1201.932682][ T5912] usb 6-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[ 1201.950749][ T5912] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[ 1201.959692][ T5912] usb 6-1: Product: syz
[ 1201.967785][ T5912] usb 6-1: Manufacturer: syz
[ 1201.972478][ T5912] usb 6-1: SerialNumber: syz
[ 1201.981048][ T5912] usb 6-1: config 0 descriptor??
[ 1202.231150][ T5912] usb 6-1: USB disconnect, device number 16
[ 1202.723202][ T4624] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20990'.
[ 1202.931888][ T4642] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1203.074032][ T5930] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[ 1203.234383][ T5930] usb 2-1: Using ep0 maxpacket: 16
[ 1203.244347][ T5930] usb 2-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[ 1203.271895][ T5930] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1203.280801][ T5930] usb 2-1: Product: syz
[ 1203.285618][ T5930] usb 2-1: Manufacturer: syz
[ 1203.291088][ T5930] usb 2-1: SerialNumber: syz
[ 1203.306234][ T5930] usb 2-1: config 0 descriptor??
[ 1203.421714][ T4670] netlink: 9 bytes leftover after parsing attributes in process `syz.5.21001'.
[ 1203.444604][ T4670] netlink: 9 bytes leftover after parsing attributes in process `syz.5.21001'.
[ 1203.749507][ T5930] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[ 1203.773264][ T5930] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1203.790280][ T5930] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[ 1203.820634][ T5930] usb 2-1: media controller created
[ 1203.852573][ T5930] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1203.886143][ T4698] netlink: 20 bytes leftover after parsing attributes in process `syz.2.21007'.
[ 1203.903841][ T5912] usb 6-1: new full-speed USB device number 17 using dummy_hcd
[ 1203.958160][ T5930] zl10353_read_register: readreg error (reg=127, ret==0)
[ 1203.974407][ T5930] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[ 1203.982387][ T5930] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[ 1204.016027][ T5930] usb 2-1: USB disconnect, device number 53
[ 1204.060099][ T5912] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1204.070865][ T5930] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[ 1204.087342][ T5912] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1204.112696][ T5912] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1204.130805][ T5912] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1204.146981][ T5912] usb 6-1: Product: syz
[ 1204.151405][ T5912] usb 6-1: Manufacturer: syz
[ 1204.157674][ T5912] usb 6-1: SerialNumber: syz
[ 1204.397360][ T5912] usb 6-1: 0:2 : does not exist
[ 1204.419823][ T5912] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[ 1204.465281][ T5912] usb 6-1: USB disconnect, device number 17
[ 1204.571001][T27321] udevd[27321]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1204.827689][ T4764] netlink: 4 bytes leftover after parsing attributes in process `syz.1.21017'.
[ 1205.251614][ T4795] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1205.906411][ T4838] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1209.214804][T27328] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[ 1209.412611][T27328] usb 2-1: Using ep0 maxpacket: 8
[ 1209.430182][T27328] usb 2-1: config 0 has an invalid interface number: 31 but max is 0
[ 1209.441155][T27328] usb 2-1: config 0 has no interface number 0
[ 1209.466214][T27328] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[ 1209.493888][T27328] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1209.525145][T27328] usb 2-1: Product: syz
[ 1209.535059][T27328] usb 2-1: Manufacturer: syz
[ 1209.550261][T27328] usb 2-1: SerialNumber: syz
[ 1209.575782][T27328] usb 2-1: config 0 descriptor??
[ 1209.804370][T27328] uvcvideo 2-1:0.31: probe with driver uvcvideo failed with error -22
[ 1209.826245][T27328] usb 2-1: USB disconnect, device number 54
[ 1210.309998][ T4987] vlan2: entered allmulticast mode
[ 1210.327417][ T4987] bond_slave_1: entered allmulticast mode
[ 1210.333473][ T4987] bridge0: port 3(vlan2) entered blocking state
[ 1210.352714][ T4987] bridge0: port 3(vlan2) entered disabled state
[ 1210.365369][ T4987] vlan2: entered promiscuous mode
[ 1210.383598][ T4987] bond_slave_1: entered promiscuous mode
[ 1211.552304][ T5049] netlink: 452 bytes leftover after parsing attributes in process `syz.1.21086'.
[ 1213.173852][T27328] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[ 1213.326501][ T5930] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[ 1213.344053][T27328] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1213.355282][T27328] usb 6-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1213.367669][T27328] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1213.384443][T27328] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1213.394318][T27328] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1213.402568][T27328] usb 6-1: Product: syz
[ 1213.407387][T27328] usb 6-1: Manufacturer: syz
[ 1213.411998][T27328] usb 6-1: SerialNumber: syz
[ 1213.426274][T27328] hub 6-1:1.0: bad descriptor, ignoring hub
[ 1213.432257][T27328] hub 6-1:1.0: probe with driver hub failed with error -5
[ 1213.515533][ T5930] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1213.526721][ T5930] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1213.536581][ T5930] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[ 1213.545884][ T5930] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1213.556872][ T5930] usb 2-1: config 0 descriptor??
[ 1213.629004][T27328] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 18 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 1213.945782][ T5912] hid_parser_main: 5 callbacks suppressed
[ 1213.945802][ T5912] hid-generic 0000:0000:0000.00A1: unknown main item tag 0x0
[ 1213.962968][ T5912] hid-generic 0000:0000:0000.00A1: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1213.981282][ T5930] cm6533_jd 0003:0D8C:0022.00A2: unknown main item tag 0x0
[ 1213.997570][ T5930] cm6533_jd 0003:0D8C:0022.00A2: unknown main item tag 0x0
[ 1214.010010][ T5930] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0D8C:0022.00A2/input/input204
[ 1214.257129][ T5098] usb 6-1: reset high-speed USB device number 18 using dummy_hcd
[ 1214.440187][ T5930] cm6533_jd 0003:0D8C:0022.00A2: input,hiddev1,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0
[ 1214.463159][ T5930] usb 2-1: USB disconnect, device number 55
[ 1214.520832][ T5173] fido_id[5173]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[ 1214.654200][   T43] usb 6-1: USB disconnect, device number 18
[ 1214.662117][   T43] usblp0: removed
[ 1214.744880][ T5203] netlink: 'syz.1.21105': attribute type 6 has an invalid length.
[ 1215.364871][ T5904] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[ 1215.524108][ T5904] usb 2-1: Using ep0 maxpacket: 16
[ 1215.534521][ T5904] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[ 1215.543487][ T5904] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1215.555069][ T5904] usb 2-1: config 0 has no interface number 0
[ 1215.584223][ T5904] usb 2-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[ 1215.603540][ T5904] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1215.626081][ T5904] usb 2-1: Product: syz
[ 1215.630734][ T5904] usb 2-1: Manufacturer: syz
[ 1215.637728][ T5904] usb 2-1: SerialNumber: syz
[ 1215.655053][ T5904] usb 2-1: config 0 descriptor??
[ 1215.879820][ T5904] uvcvideo 2-1:0.105: Found UVC 0.00 device syz (046d:08f3)
[ 1215.904712][ T5904] uvcvideo 2-1:0.105: No valid video chain found.
[ 1215.922427][ T5904] usb 2-1: USB disconnect, device number 56
[ 1216.212086][ T5302] netlink: 4 bytes leftover after parsing attributes in process `syz.5.21127'.
[ 1216.224904][ T5302] chnl_net:caif_netlink_parms(): no params data found
[ 1216.650579][   T30] kauditd_printk_skb: 5 callbacks suppressed
[ 1216.650597][   T30] audit: type=1326 audit(1764581336.856:5608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5329 comm="syz.6.21135" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc6dff8f749 code=0x0
[ 1217.034186][   T43] usb 2-1: new full-speed USB device number 57 using dummy_hcd
[ 1217.205766][   T43] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1217.219125][   T43] usb 2-1: config 0 has no interfaces?
[ 1217.228205][   T43] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1217.237751][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1217.251009][   T43] usb 2-1: config 0 descriptor??
[ 1217.548575][ T5392] netlink: 4 bytes leftover after parsing attributes in process `syz.5.21150'.
[ 1217.685126][ T5343] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1217.707304][ T5343] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1217.725335][ T5904] usb 2-1: USB disconnect, device number 57
[ 1218.072227][ T5426] netlink: 16 bytes leftover after parsing attributes in process `syz.6.21159'.
[ 1218.545280][   T43] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[ 1218.703827][   T43] usb 2-1: Using ep0 maxpacket: 16
[ 1218.719529][   T43] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1218.744811][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1218.773289][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1218.801217][   T43] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1218.811281][   T43] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1218.826722][   T43] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1218.844409][   T43] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1218.852445][   T43] usb 2-1: Manufacturer: syz
[ 1218.886709][   T43] usb 2-1: config 0 descriptor??
[ 1218.977987][ T5513] netlink: 8 bytes leftover after parsing attributes in process `syz.5.21178'.
[ 1219.254038][   T43] rc_core: IR keymap rc-hauppauge not found
[ 1219.260156][   T43] Registered IR keymap rc-empty
[ 1219.281460][   T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1219.304559][ T5535] sctp: [Deprecated]: syz.6.21185 (pid 5535) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1219.304559][ T5535] Use struct sctp_sack_info instead
[ 1219.324245][   T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1219.356548][   T43] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[ 1219.390832][   T43] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input205
[ 1219.425793][   T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1219.480286][   T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1219.483501][ T5545] input: syz1 as /devices/virtual/input/input206
[ 1219.514178][   T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1219.535007][   T30] audit: type=1326 audit(1764581339.736:5609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5547 comm="syz.6.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc6dff2b829 code=0x7ffc0000
[ 1219.567847][   T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1219.604995][   T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1219.613937][   T30] audit: type=1326 audit(1764581339.736:5610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5547 comm="syz.6.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dff8f749 code=0x7ffc0000
[ 1219.663836][   T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1219.708296][   T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1219.719640][   T30] audit: type=1326 audit(1764581339.746:5611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5547 comm="syz.6.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc6dff2b829 code=0x7ffc0000
[ 1219.771462][   T30] audit: type=1326 audit(1764581339.746:5612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5547 comm="syz.6.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dff8f749 code=0x7ffc0000
[ 1219.795135][   T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1219.804871][   T30] audit: type=1326 audit(1764581339.766:5613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5547 comm="syz.6.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc6dff2b829 code=0x7ffc0000
[ 1219.828892][   T30] audit: type=1326 audit(1764581339.766:5614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5547 comm="syz.6.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dff8f749 code=0x7ffc0000
[ 1219.851337][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1219.860757][   T30] audit: type=1326 audit(1764581339.766:5615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5547 comm="syz.6.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc6dff2b829 code=0x7ffc0000
[ 1219.874267][   T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1219.883108][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1219.905064][   T30] audit: type=1326 audit(1764581339.766:5616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5547 comm="syz.6.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dff8f749 code=0x7ffc0000
[ 1219.935350][   T30] audit: type=1326 audit(1764581339.766:5617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5547 comm="syz.6.21189" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dff8f749 code=0x7ffc0000
[ 1219.966788][   T43] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1219.998609][   T43] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1220.008269][   T43] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1220.029340][   T43] usb 2-1: USB disconnect, device number 58
[ 1221.897190][ T5684] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1226.117614][ T5949] input: syz0 as /devices/virtual/input/input207
[ 1226.536493][ T5968] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1226.605121][ T5964] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1227.126333][ T5996] kvm: user requested TSC rate below hardware speed
[ 1227.131545][ T5987] syzkaller1: entered promiscuous mode
[ 1227.168043][ T5987] syzkaller1: entered allmulticast mode
[ 1227.690109][ T6025] veth0_to_batadv: entered promiscuous mode
[ 1227.703431][ T6025] macvtap1: entered allmulticast mode
[ 1227.713882][ T6025] veth0_to_batadv: entered allmulticast mode
[ 1227.736648][ T6025] veth0_to_batadv: left allmulticast mode
[ 1227.743928][ T6025] veth0_to_batadv: left promiscuous mode
[ 1228.679526][ T6080] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1228.828048][ T6085] input: syz1 as /devices/virtual/input/input208
[ 1230.245097][ T6149] netlink: 64 bytes leftover after parsing attributes in process `syz.1.21345'.
[ 1230.482415][ T6160] tipc: Enabled bearer <udp:s>, priority 0
[ 1231.046383][ T6182] lo: Caught tx_queue_len zero misconfig
[ 1231.663771][ T5912] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[ 1231.813757][ T5912] usb 2-1: Using ep0 maxpacket: 32
[ 1231.820806][ T5912] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[ 1231.831377][ T5912] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1231.843378][ T5912] usb 2-1: config 0 descriptor??
[ 1232.069309][ T5912] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[ 1232.086629][ T5912] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1232.110581][ T5912] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[ 1232.128373][ T5912] usb 2-1: media controller created
[ 1232.187751][ T5912] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1232.271042][ T5912] az6027: usb out operation failed. (-71)
[ 1232.285021][ T5912] az6027: usb out operation failed. (-71)
[ 1232.290909][ T5912] stb0899_attach: Driver disabled by Kconfig
[ 1232.298926][ T5912] az6027: no front-end attached
[ 1232.298926][ T5912] 
[ 1232.310559][ T5912] az6027: usb out operation failed. (-71)
[ 1232.316686][ T5912] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[ 1232.328371][ T5912] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input210
[ 1232.346942][ T5912] dvb-usb: schedule remote query interval to 400 msecs.
[ 1232.364228][ T5912] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[ 1232.390074][ T5912] usb 2-1: USB disconnect, device number 59
[ 1232.486079][ T5912] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[ 1232.548058][ T6266] netlink: 48 bytes leftover after parsing attributes in process `syz.5.21375'.
[ 1232.982698][ T6279] xt_hashlimit: size too large, truncated to 1048576
[ 1233.425327][ T6305] netlink: 420 bytes leftover after parsing attributes in process `syz.1.21389'.
[ 1233.652546][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1233.652564][   T30] audit: type=1326 audit(1764581353.856:5634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6309 comm="syz.1.21391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1233.681263][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1233.691136][   T30] audit: type=1326 audit(1764581353.856:5635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6309 comm="syz.1.21391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1233.716517][   T30] audit: type=1326 audit(1764581353.866:5636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6309 comm="syz.1.21391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1233.743160][   T30] audit: type=1326 audit(1764581353.866:5637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6309 comm="syz.1.21391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1233.767813][   T30] audit: type=1326 audit(1764581353.866:5638): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6309 comm="syz.1.21391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1233.790542][   T30] audit: type=1326 audit(1764581353.866:5639): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6309 comm="syz.1.21391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1233.814423][   T30] audit: type=1326 audit(1764581353.866:5640): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6309 comm="syz.1.21391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1233.837631][   T30] audit: type=1326 audit(1764581353.866:5641): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6309 comm="syz.1.21391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe959d8f749 code=0x7ffc0000
[ 1234.126873][ T6329] binder: 6328:6329 ioctl c0306201 2000000003c0 returned -14
[ 1234.374468][   T43] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[ 1234.534471][   T43] usb 2-1: Using ep0 maxpacket: 32
[ 1234.544459][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1234.570608][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1234.594517][   T43] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1234.604093][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1234.627206][   T43] usb 2-1: config 0 descriptor??
[ 1235.075441][   T43] savu 0003:1E7D:2D5A.00A3: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.1-1/input0
[ 1235.327007][   T43] usb 2-1: USB disconnect, device number 60
[ 1235.674221][ T5912] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[ 1235.823794][ T5912] usb 6-1: Using ep0 maxpacket: 16
[ 1235.830598][ T5912] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1235.853791][ T5912] usb 6-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[ 1235.862868][ T5912] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1235.893205][ T5912] usb 6-1: config 0 descriptor??
[ 1236.329345][ T5912] mcp2221 0003:04D8:00DD.00A4: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.5-1/input0
[ 1236.727570][ T5930] usb 6-1: USB disconnect, device number 19
[ 1237.584506][ T6580] kvm: user requested TSC rate below hardware speed
[ 1237.637250][ T6584] netlink: 'syz.1.21444': attribute type 11 has an invalid length.
[ 1237.939316][ T6552] netlink: 'syz.6.21440': attribute type 6 has an invalid length.
[ 1238.217762][ T6600] bridge0: port 3(gretap0) entered blocking state
[ 1238.236932][ T6600] bridge0: port 3(gretap0) entered disabled state
[ 1238.243564][ T6600] gretap0: entered allmulticast mode
[ 1238.348108][ T6602] gretap0: left allmulticast mode
[ 1238.393998][ T6602] bridge0: port 3(gretap0) entered disabled state
[ 1238.946546][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.953017][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.449485][ T6663] netlink: 'syz.5.21466': attribute type 1 has an invalid length.
[ 1239.458442][ T6663] netlink: 76 bytes leftover after parsing attributes in process `syz.5.21466'.
[ 1239.658995][ T6681] sctp: [Deprecated]: syz.5.21470 (pid 6681) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1239.658995][ T6681] Use struct sctp_sack_info instead
[ 1240.055878][ T6701] netlink: 'syz.0.21478': attribute type 1 has an invalid length.
[ 1240.096027][ T6701] bond7: entered promiscuous mode
[ 1240.102114][ T6701] 8021q: adding VLAN 0 to HW filter on device bond7
[ 1240.139726][ T6701] bond7: (slave bridge4): making interface the new active one
[ 1240.149213][ T6701] bridge4: entered promiscuous mode
[ 1240.156023][ T6701] bond7: (slave bridge4): Enslaving as an active interface with an up link
[ 1241.013460][ T5465] Bluetooth: hci4: command 0x0406 tx timeout
[ 1241.274106][T28335] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[ 1241.444779][T28335] usb 2-1: Using ep0 maxpacket: 32
[ 1241.455212][T28335] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1241.474130][T28335] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1241.492145][T28335] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1241.502956][T28335] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1241.524835][T28335] usb 2-1: config 0 descriptor??
[ 1241.533912][ T5930] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[ 1241.543369][T28335] hub 2-1:0.0: USB hub found
[ 1241.619702][ T6829] netlink: 20 bytes leftover after parsing attributes in process `syz.2.21508'.
[ 1241.687696][ T5930] usb 6-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[ 1241.698846][ T5930] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1241.712755][ T5930] usb 6-1: config 0 descriptor??
[ 1241.726843][ T5930] gspca_main: cpia1-2.14.0 probing 0813:0001
[ 1241.740692][T28335] hub 2-1:0.0: config failed, can't read hub descriptor (err -90)
[ 1242.191270][T28335] hid-generic 0003:046D:C31C.00A5: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.1-1/input0
[ 1242.332259][ T5930] gspca_cpia1: usb_control_msg 01, error -32
[ 1242.342791][ T5930] gspca_cpia1: usb_control_msg 01, error -71
[ 1242.372575][ T5930] cpia1 6-1:0.0: only firmware version 1 is supported (got: 0)
[ 1242.397504][ T5930] usb 6-1: USB disconnect, device number 20
[ 1242.529530][ T6892] netlink: 104 bytes leftover after parsing attributes in process `syz.2.21523'.
[ 1242.539724][ T6892] netlink: 104 bytes leftover after parsing attributes in process `syz.2.21523'.
[ 1242.565542][ T5912] usb 2-1: USB disconnect, device number 61
[ 1242.877691][ T6925] netlink: 4 bytes leftover after parsing attributes in process `syz.6.21534'.
[ 1243.012659][ T6935] ip6_tunnel: ip6gre3 xmit: Local address not yet configured!
[ 1243.593845][T28335] usb 2-1: new full-speed USB device number 62 using dummy_hcd
[ 1243.745662][T28335] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1243.755490][T28335] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1243.768768][T28335] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 1243.778107][T28335] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1243.996691][T28335] usb 2-1: GET_CAPABILITIES returned 0
[ 1244.002450][T28335] usbtmc 2-1:16.0: can't read capabilities
[ 1244.202214][T28335] usb 2-1: USB disconnect, device number 62
[ 1245.043723][   T30] audit: type=1326 audit(1764581365.246:5642): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.5.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1245.071604][   T30] audit: type=1326 audit(1764581365.246:5643): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.5.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1245.114521][   T30] audit: type=1326 audit(1764581365.246:5644): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.5.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1245.139634][   T30] audit: type=1326 audit(1764581365.246:5645): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.5.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1245.162468][ T7021] binder: 7020:7021 ioctl 4018620d 0 returned -22
[ 1245.172567][   T30] audit: type=1326 audit(1764581365.246:5646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.5.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1245.195807][   T30] audit: type=1326 audit(1764581365.246:5647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.5.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1245.219452][   T30] audit: type=1326 audit(1764581365.246:5648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.5.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1245.245012][ T7027] binder: 7020:7027 ioctl c0306201 0 returned -14
[ 1245.253913][   T30] audit: type=1326 audit(1764581365.256:5649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.5.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1245.278917][   T30] audit: type=1326 audit(1764581365.256:5650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.5.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=163 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1245.301905][   T30] audit: type=1326 audit(1764581365.256:5651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7014 comm="syz.5.21562" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1245.394585][T27328] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[ 1245.556686][T27328] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1245.568221][T27328] usb 6-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1245.577624][T27328] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1245.587741][T27328] usb 6-1: config 0 descriptor??
[ 1246.005961][T27328] keytouch 0003:0926:3333.00A6: fixing up Keytouch IEC report descriptor
[ 1246.034505][T27328] input: HID 0926:3333 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:0926:3333.00A6/input/input211
[ 1246.186692][T27328] keytouch 0003:0926:3333.00A6: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.5-1/input0
[ 1246.560746][ T7076] netlink: 4 bytes leftover after parsing attributes in process `syz.0.21577'.
[ 1246.616394][ T7076] bridge_slave_1: left promiscuous mode
[ 1246.622505][ T7076] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1246.647066][ T7076] bridge_slave_0: left allmulticast mode
[ 1246.654801][ T7079] usb usb9: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[ 1246.658528][ T7076] bridge_slave_0: left promiscuous mode
[ 1246.662466][ T7079] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1246.690620][ T7076] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1246.732659][ T7076] bridge0 (unregistering): left allmulticast mode
[ 1248.160217][T28335] usb 6-1: USB disconnect, device number 21
[ 1248.384005][ T5904] usb 2-1: new low-speed USB device number 63 using dummy_hcd
[ 1248.547394][ T5904] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[ 1248.559427][ T5904] usb 2-1: config 0 has no interface number 0
[ 1248.566796][ T5904] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1248.579016][ T5904] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[ 1248.590144][ T5904] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[ 1248.605115][ T5904] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[ 1248.617621][ T5904] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[ 1248.630397][ T5904] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1248.644825][ T5904] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[ 1248.663919][ T5904] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1248.676818][ T5904] usb 2-1: config 0 descriptor??
[ 1248.683101][ T7120] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[ 1248.704426][ T7120] raw-gadget.3 gadget.1: fail, usb_ep_enable returned -22
[ 1248.726273][ T5904] ldusb 2-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[ 1248.967253][ T5904] usb 2-1: USB disconnect, device number 63
[ 1248.997003][ T5904] ldusb 2-1:0.55: LD USB Device #0 now disconnected
[ 1249.008151][ T7166] netlink: 4 bytes leftover after parsing attributes in process `syz.5.21601'.
[ 1249.702638][ T7192] input: syz0 as /devices/virtual/input/input212
[ 1250.402179][ T7217] ip6_tunnel: ip6gre3 xmit: Local address not yet configured!
[ 1250.638716][ T7226] netlink: 4 bytes leftover after parsing attributes in process `syz.6.21617'.
[ 1251.324315][   T43] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[ 1251.493741][   T43] usb 2-1: Using ep0 maxpacket: 8
[ 1251.562435][   T43] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1251.588386][   T43] usb 2-1: no configurations
[ 1251.597950][   T43] usb 2-1: can't read configurations, error -22
[ 1253.305725][   T30] kauditd_printk_skb: 1 callbacks suppressed
[ 1253.305742][   T30] audit: type=1326 audit(1764581373.516:5653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7310 comm="syz.5.21643" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f51b758f749 code=0x0
[ 1254.408334][ T7381] input: syz0 as /devices/virtual/input/input213
[ 1254.465152][ T5912] usb 6-1: new high-speed USB device number 22 using dummy_hcd
[ 1254.623952][ T5912] usb 6-1: Using ep0 maxpacket: 8
[ 1254.632209][ T5912] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 13
[ 1254.645484][ T5912] usb 6-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[ 1254.656410][ T5912] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1254.678042][ T5912] usb 6-1: Product: syz
[ 1254.682339][ T5912] usb 6-1: Manufacturer: syz
[ 1254.688975][ T5912] usb 6-1: SerialNumber: syz
[ 1254.698006][ T5912] usb 6-1: config 0 descriptor??
[ 1254.709209][ T5912] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[ 1254.712101][ T7397] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1255.714134][ T5912] gspca_zc3xx: reg_w_i err -71
[ 1255.724262][ T7421] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1255.770761][ T7430] netlink: 16 bytes leftover after parsing attributes in process `syz.0.21676'.
[ 1255.789075][ T7430] netlink: 48 bytes leftover after parsing attributes in process `syz.0.21676'.
[ 1256.322028][ T7465] ipip1: entered promiscuous mode
[ 1256.327891][ T7465] ipip1: entered allmulticast mode
[ 1256.333872][ T5912] gspca_zc3xx: Unknown sensor - set to TAS5130C
[ 1256.342122][ T5912] gspca_zc3xx 6-1:0.0: probe with driver gspca_zc3xx failed with error -71
[ 1256.365912][ T5912] usb 6-1: USB disconnect, device number 22
[ 1256.525595][ T7480] netlink: 8 bytes leftover after parsing attributes in process `syz.1.21693'.
[ 1256.878836][ T7505] netlink: 14 bytes leftover after parsing attributes in process `syz.0.21699'.
[ 1256.889343][ T7505] 
: left promiscuous mode
[ 1256.898676][ T7505] bond_slave_1: left promiscuous mode
[ 1257.058192][ T7505] team0: Port device bond0 removed
[ 1257.067653][ T7505] bond0 (unregistering): (slave 
7
0
): Releasing backup interface
[ 1257.087032][ T7505] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1257.100501][ T7505] bond0 (unregistering): (slave bond5): Releasing backup interface
[ 1257.111266][ T7505] bond0 (unregistering): Released all slaves
[ 1258.587298][ T7610] kvm: MWAIT instruction emulated as NOP!
[ 1259.492766][ T7653] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21731'.
[ 1259.525674][ T7653] netlink: 'syz.2.21731': attribute type 13 has an invalid length.
[ 1262.667644][ T7757] netlink: 68 bytes leftover after parsing attributes in process `syz.0.21767'.
[ 1262.707917][ T7759] netlink: 'syz.1.21768': attribute type 1 has an invalid length.
[ 1262.731894][ T7759] netlink: 'syz.1.21768': attribute type 2 has an invalid length.
[ 1262.889683][ T7766] input: syz1 as /devices/virtual/input/input214
[ 1263.519009][ T7793] netlink: 14 bytes leftover after parsing attributes in process `syz.5.21781'.
[ 1263.641085][ T7798] vcan0: tx drop: invalid sa for name 0x0000000000000005
[ 1263.755361][ T7793] batman_adv: batadv0: Removing interface: macvlan2
[ 1263.801956][ T7793] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1263.835376][ T7793] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1263.867742][ T7793] bond0 (unregistering): Released all slaves
[ 1263.961914][ T7846] netlink: 8 bytes leftover after parsing attributes in process `syz.6.21786'.
[ 1264.104227][   T30] audit: type=1326 audit(1764581384.306:5654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7852 comm="syz.1.21789" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe959d8f749 code=0x0
[ 1264.373963][ T5904] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[ 1264.523992][    C0] ip6_tunnel: ip6gre3 xmit: Local address not yet configured!
[ 1264.536390][ T5904] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1264.549813][ T5904] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1264.571256][ T5904] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1264.605537][ T5904] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1264.634831][ T5904] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1264.659394][ T5904] usb 6-1: config 0 descriptor??
[ 1265.097591][ T5904] plantronics 0003:047F:FFFF.00A7: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[ 1265.873789][ T5904] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[ 1266.059593][ T5904] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1266.077657][ T5904] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[ 1266.094917][ T5904] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1266.113458][ T5904] usb 2-1: config 0 descriptor??
[ 1266.337796][ T5904] usbhid 2-1:0.0: can't add hid device: -71
[ 1266.344494][ T5904] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1266.357860][ T5904] usb 2-1: USB disconnect, device number 66
[ 1266.395615][    C0] plantronics 0003:047F:FFFF.00A7: usb_submit_urb(ctrl) failed: -1
[ 1266.784180][ T5904] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[ 1266.936665][ T5904] usb 2-1: Using ep0 maxpacket: 32
[ 1266.945836][ T5904] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1266.969519][ T5904] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice= 0.40
[ 1266.979419][ T5904] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1266.992130][ T5904] usb 2-1: config 0 descriptor??
[ 1267.001530][ T5904] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1267.016140][ T5904] ldusb 2-1:0.0: LD USB Device #1 now attached to major 180 minor 1
[ 1267.178203][T28335] usb 6-1: USB disconnect, device number 23
[ 1267.436425][ T5912] usb 2-1: USB disconnect, device number 67
[ 1267.449190][ T5912] ldusb 2-1:0.0: LD USB Device #1 now disconnected
[ 1268.224050][ T5912] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[ 1268.375117][ T5912] usb 2-1: Using ep0 maxpacket: 32
[ 1268.382960][ T5912] usb 2-1: config 0 has an invalid interface number: 182 but max is 0
[ 1268.391533][ T5912] usb 2-1: config 0 has no interface number 0
[ 1268.398904][ T5912] usb 2-1: config 0 interface 182 has no altsetting 0
[ 1268.407765][ T5912] usb 2-1: New USB device found, idVendor=05e9, idProduct=0009, bcdDevice=73.db
[ 1268.417172][ T5912] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1268.425366][ T5912] usb 2-1: Product: syz
[ 1268.429515][ T5912] usb 2-1: Manufacturer: syz
[ 1268.434468][ T5912] usb 2-1: SerialNumber: syz
[ 1268.441051][ T5912] usb 2-1: config 0 descriptor??
[ 1268.450146][ T5912] hub 2-1:0.182: bad descriptor, ignoring hub
[ 1268.456455][ T5912] hub 2-1:0.182: probe with driver hub failed with error -5
[ 1268.663011][ T5912] kaweth 2-1:0.182: Firmware present in device.
[ 1268.855009][ T5912] kaweth 2-1:0.182: Statistics collection: 0
[ 1268.861130][ T5912] kaweth 2-1:0.182: Multicast filter limit: 0
[ 1268.867746][ T5912] kaweth 2-1:0.182: MTU: 0
[ 1268.872181][ T5912] kaweth 2-1:0.182: Read MAC address 00:00:00:00:00:00
[ 1269.121117][ T8023] A link change request failed with some changes committed already. Interface ªªªªªªc¾’a²áª± may have been left with an inconsistent configuration, please check.
[ 1269.295416][ T8034] input: syz0 as /devices/virtual/input/input215
[ 1269.312524][ T8034] input: failed to attach handler leds to device input215, error: -6
[ 1269.473112][ T5912] kaweth 2-1:0.182: kaweth interface created at eth5
[ 1269.664390][ T5904] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[ 1269.794192][ T5912] usb 2-1: USB disconnect, device number 68
[ 1269.823777][ T5904] usb 6-1: Using ep0 maxpacket: 32
[ 1269.831258][ T5904] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[ 1269.847852][ T5904] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[ 1269.865788][ T5904] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[ 1269.878702][ T5904] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1269.889729][ T5904] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1269.900052][ T5904] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 1269.913532][ T5904] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[ 1269.923294][ T5904] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1269.935772][ T5904] usb 6-1: config 0 descriptor??
[ 1270.166758][ T5904] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 24 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[ 1270.345315][ T8084] kvm: requested 1676 ns i8254 timer period limited to 200000 ns
[ 1270.398645][    C1] usblp0: nonzero read bulk status received: -71
[ 1270.407336][ T5920] usb 6-1: USB disconnect, device number 24
[ 1270.640400][ T8042] usblp0: removed
[ 1271.189696][ T8118] netlink: 'syz.0.21839': attribute type 8 has an invalid length.
[ 1271.218401][ T8118] netlink: 4 bytes leftover after parsing attributes in process `syz.0.21839'.
[ 1274.934049][ T8241] netlink: 12 bytes leftover after parsing attributes in process `syz.0.21881'.
[ 1275.976991][ T5878] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[ 1276.134096][ T5878] usb 6-1: Using ep0 maxpacket: 8
[ 1276.146522][ T5878] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[ 1276.167195][ T5878] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1276.196473][ T5878] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1276.221378][ T5878] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1276.246693][ T5878] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1276.288609][ T5878] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1276.320518][ T5878] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1276.414209][ T8305] pim6reg1: entered promiscuous mode
[ 1276.419732][ T8305] pim6reg1: entered allmulticast mode
[ 1276.563304][ T5878] usb 6-1: GET_CAPABILITIES returned 0
[ 1276.579031][ T5878] usbtmc 6-1:16.0: can't read capabilities
[ 1276.639662][ T8318] netlink: 4 bytes leftover after parsing attributes in process `syz.0.21906'.
[ 1276.879465][ T8276] usbtmc 6-1:16.0: usb_control_msg returned -71
[ 1276.889087][ T5912] usb 6-1: USB disconnect, device number 25
[ 1276.897856][ T8323] usb 6-1: usbtmc_ioctl_clear_in_halt returned -19
[ 1276.941649][ T8335] netlink: 'syz.1.21909': attribute type 13 has an invalid length.
[ 1276.951130][ T8335] netlink: 'syz.1.21909': attribute type 17 has an invalid length.
[ 1276.971021][ T8335] gretap0: left allmulticast mode
[ 1277.077083][ T8335] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1277.113411][ T8335] 8021q: adding VLAN 0 to HW filter on device team0
[ 1277.144566][ T8335] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1277.225027][ T5878] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1277.932275][ T8377] netlink: 'syz.0.21927': attribute type 1 has an invalid length.
[ 1277.999933][ T8377] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1278.009120][ T2993] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1278.060684][ T8401] bond0: (slave geneve3): making interface the new active one
[ 1278.071392][ T8401] bond0: (slave geneve3): Enslaving as an active interface with an up link
[ 1278.124052][ T5878] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1278.393085][ T8442] netlink: 8 bytes leftover after parsing attributes in process `syz.2.21940'.
[ 1278.402622][ T8442] netlink: 8 bytes leftover after parsing attributes in process `syz.2.21940'.
[ 1278.423742][ T5878] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[ 1278.585597][ T5878] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1278.599610][ T5878] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1278.623554][ T5878] usb 2-1: config 0 descriptor??
[ 1279.084414][ T2866] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1279.092774][ T2866] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1279.274232][ T5912] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[ 1279.497242][ T5912] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[ 1279.530613][ T5912] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[ 1279.579315][ T5912] usb 6-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[ 1279.601658][ T5912] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1279.616851][T27328] ip6_tunnel: ip6gre3 xmit: Local address not yet configured!
[ 1279.621926][ T5912] usb 6-1: Product: syz
[ 1279.629551][ T5912] usb 6-1: Manufacturer: syz
[ 1279.644072][ T5912] usb 6-1: SerialNumber: syz
[ 1279.666806][ T5912] usb 6-1: config 0 descriptor??
[ 1279.673109][ T8476] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1279.684059][ T8476] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1279.732615][ T8504] netlink: 24 bytes leftover after parsing attributes in process `syz.2.21960'.
[ 1279.847605][ T5878] usb 2-1: Cannot set autoneg
[ 1279.856771][ T5878] MOSCHIP usb-ethernet driver 2-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[ 1279.889136][ T5878] usb 2-1: USB disconnect, device number 69
[ 1279.932730][ T8476] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1279.942471][ T8476] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[ 1279.965277][T27328] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1280.373578][ T5912] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00
[ 1280.374877][   T30] audit: type=1800 audit(1764581400.576:5655): pid=8535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.21966" name="bus" dev="tmpfs" ino=20417 res=0 errno=0
[ 1280.524011][T27328] ip6_tunnel: ip6gre3 xmit: Local address not yet configured!
[ 1280.983235][ T5912] dm9601 6-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL
[ 1281.012253][ T5912] usb 6-1: USB disconnect, device number 26
[ 1282.266924][ T8616] netlink: 4 bytes leftover after parsing attributes in process `syz.2.21991'.
[ 1282.603848][T28335] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[ 1282.784993][T28335] usb 6-1: Using ep0 maxpacket: 8
[ 1282.797348][T28335] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[ 1282.823867][T28335] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1282.857269][T28335] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1282.870740][ T8640] binder: 8638:8640 ioctl c0306201 200000000480 returned -14
[ 1282.895017][T28335] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1282.911755][T28335] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1282.943885][T28335] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1282.952987][T28335] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1283.103249][ T8651] batadv_slave_1: entered promiscuous mode
[ 1283.111163][ T8650] batadv_slave_1: left promiscuous mode
[ 1283.403954][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1283.448585][ T8668] netlink: 'syz.1.22005': attribute type 22 has an invalid length.
[ 1283.459809][ T8668] netlink: 4 bytes leftover after parsing attributes in process `syz.1.22005'.
[ 1283.470800][ T8668] netlink: 'syz.1.22005': attribute type 22 has an invalid length.
[ 1283.480175][ T8668] netlink: 4 bytes leftover after parsing attributes in process `syz.1.22005'.
[ 1283.775069][ T8678] usbtmc 6-1:16.0: simple control status returned d
[ 1283.977957][ T5920] usb 6-1: USB disconnect, device number 27
[ 1284.206466][ T8702] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.22014'.
[ 1285.482893][ T8745] input: syz0 as /devices/virtual/input/input216
[ 1285.592028][ T8752] bond5: option lacp_rate: mode dependency failed, not supported in mode active-backup(1)
[ 1285.611514][ T8752] bond5 (unregistering): Released all slaves
[ 1287.006657][ T8888] netlink: 4 bytes leftover after parsing attributes in process `syz.1.22052'.
[ 1287.032273][    C0] vcan0: j1939_session_tx_dat: 0xffff88803adb1000: queue data error: -100
[ 1287.042301][    C0] vcan0: j1939_xtp_rx_dat: no tx connection found
[ 1287.049296][    C0] vcan0: j1939_xtp_rx_dat: no rx connection found
[ 1287.055844][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.063730][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.071646][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.079525][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.087522][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.095416][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.103332][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.111225][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.119177][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.127057][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.135095][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.142957][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.150896][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.158777][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.166723][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.174573][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.182521][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.190370][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.198337][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.206209][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.214275][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.222107][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.230095][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.237953][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.245952][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.253812][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.261787][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.269672][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.277645][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.285514][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.293518][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.301393][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.309356][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.317230][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.325167][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.333033][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.340995][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.348898][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.356891][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.364766][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.372687][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.380575][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.388530][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.396452][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.404394][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.412261][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.420212][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.428097][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.436089][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.443966][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.451919][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.459829][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.467769][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.475649][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.483558][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.491441][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.499428][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.507295][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.515243][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.523063][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.531033][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.538886][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.546846][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.554687][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.562617][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.570485][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.578451][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.586312][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.594264][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.602085][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.610063][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.617911][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.625914][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.633768][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.641670][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.650004][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.657950][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.665847][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.673812][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.681672][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.689651][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.697536][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.705495][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.713354][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.721305][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.729179][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.737131][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no tx connection found
[ 1287.745001][    C0] vcan0 (unregistering): j1939_xtp_rx_dat: no rx connection found
[ 1287.749116][ T8897] netlink: 40 bytes leftover after parsing attributes in process `syz.6.22055'.
[ 1289.139686][ T8942] netlink: 'syz.5.22069': attribute type 29 has an invalid length.
[ 1289.176716][ T8942] netlink: 'syz.5.22069': attribute type 29 has an invalid length.
[ 1289.209499][ T8942] netlink: 500 bytes leftover after parsing attributes in process `syz.5.22069'.
[ 1290.538684][ T8990] binder: 8989:8990 ioctl c0306201 2000000001c0 returned -22
[ 1291.431445][ T5920] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[ 1291.603830][ T5920] usb 2-1: Using ep0 maxpacket: 16
[ 1291.610716][ T5920] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1291.620037][ T5920] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1291.654015][ T5920] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1291.686275][ T5920] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1291.695917][ T5920] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1291.716689][ T5920] usb 2-1: Product: syz
[ 1291.720893][ T5920] usb 2-1: Manufacturer: syz
[ 1291.726641][ T5904] IPVS: starting estimator thread 0...
[ 1291.727052][ T5920] usb 2-1: SerialNumber: syz
[ 1291.824071][ T9032] IPVS: using max 31 ests per chain, 74400 per kthread
[ 1292.179303][ T5920] usb 2-1: 0:2 : does not exist
[ 1292.214253][ T9068] input: syz0 as /devices/virtual/input/input217
[ 1292.665643][ T9082] netlink: 'syz.5.22117': attribute type 4 has an invalid length.
[ 1292.683844][    C0] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[ 1292.696501][ T9082] netlink: 'syz.5.22117': attribute type 4 has an invalid length.
[ 1293.067277][ T5920] usb 2-1: USB disconnect, device number 70
[ 1293.102670][T27321] udevd[27321]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1293.605583][ T9121] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1294.110706][   T30] audit: type=1326 audit(1764581414.316:5656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9146 comm="syz.5.22132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1294.167121][   T30] audit: type=1326 audit(1764581414.346:5657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9146 comm="syz.5.22132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1294.244944][   T30] audit: type=1326 audit(1764581414.346:5658): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9146 comm="syz.5.22132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1294.269466][   T30] audit: type=1326 audit(1764581414.346:5659): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9146 comm="syz.5.22132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1294.356933][   T30] audit: type=1326 audit(1764581414.346:5660): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9146 comm="syz.5.22132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1294.433159][   T30] audit: type=1326 audit(1764581414.346:5661): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9146 comm="syz.5.22132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1294.516888][   T30] audit: type=1326 audit(1764581414.346:5662): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9146 comm="syz.5.22132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1294.583881][   T30] audit: type=1326 audit(1764581414.346:5663): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9146 comm="syz.5.22132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51b758f749 code=0x7ffc0000
[ 1294.649933][   T30] audit: type=1326 audit(1764581414.356:5664): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9146 comm="syz.5.22132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f51b758df90 code=0x7ffc0000
[ 1294.713038][   T30] audit: type=1326 audit(1764581414.356:5665): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9146 comm="syz.5.22132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f51b758df90 code=0x7ffc0000
[ 1294.937647][ T9164] netlink: 'syz.5.22139': attribute type 7 has an invalid length.
[ 1294.984434][ T9164] netlink: 'syz.5.22139': attribute type 7 has an invalid length.
[ 1295.025778][T19096] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[ 1295.075109][T19096] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[ 1295.123718][T19096] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[ 1295.153681][T19096] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[ 1295.474112][ T5920] psmouse serio6: Failed to reset mouse on : -5
[ 1295.848230][ T9199] netlink: 28 bytes leftover after parsing attributes in process `syz.5.22151'.
[ 1296.807190][ T9232] netlink: 'syz.1.22163': attribute type 64 has an invalid length.
[ 1296.849851][ T9237] netlink: 'syz.1.22163': attribute type 64 has an invalid length.
[ 1296.863128][ T9232] netlink: 20 bytes leftover after parsing attributes in process `syz.1.22163'.
[ 1296.900738][ T9237] netlink: 20 bytes leftover after parsing attributes in process `syz.1.22163'.
[ 1297.476505][   T43] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[ 1297.527539][ T9264] netlink: 8 bytes leftover after parsing attributes in process `syz.1.22174'.
[ 1297.638101][   T43] usb 6-1: Using ep0 maxpacket: 32
[ 1297.653145][   T43] usb 6-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[ 1297.673741][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1297.701729][   T43] usb 6-1: config 0 descriptor??
[ 1297.721491][   T43] gspca_main: sq930x-2.14.0 probing 041e:403c
[ 1297.938676][ T9283] netlink: 8 bytes leftover after parsing attributes in process `syz.0.22176'.
[ 1298.974029][   T43] gspca_sq930x: reg_w 0105 bf00 failed -71
[ 1298.979968][   T43] sq930x 6-1:0.0: probe with driver sq930x failed with error -71
[ 1299.029149][   T43] usb 6-1: USB disconnect, device number 28
[ 1299.444148][ T5920] misc userio: Buffer overflowed, userio client isn't keeping up
[ 1299.604537][ T9369] netlink: 'syz.6.22195': attribute type 13 has an invalid length.
[ 1299.613053][ T9369] netlink: 'syz.6.22195': attribute type 17 has an invalid length.
[ 1299.686224][ T9369] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1299.776038][ T9281] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[ 1299.848956][ T9381] kvm: Disabled LAPIC found during irq injection
[ 1299.947136][ T9281] usb 2-1: config 0 has an invalid interface number: 255 but max is 0
[ 1299.956180][ T9281] usb 2-1: config 0 has no interface number 0
[ 1299.962409][ T9281] usb 2-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[ 1299.974631][ T9281] usb 2-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[ 1300.005285][ T9281] usb 2-1: config 0 interface 255 has no altsetting 0
[ 1300.024257][ T9281] usb 2-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[ 1300.034239][ T9281] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1300.046511][ T9281] usb 2-1: config 0 descriptor??
[ 1300.075524][ T9281] ums-realtek 2-1:0.255: USB Mass Storage device detected
[ 1300.116787][ T9401] input: syz1 as /devices/virtual/input/input219
[ 1300.296908][ T9271] usb 2-1: USB disconnect, device number 72
[ 1300.370507][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.377021][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.529365][ T5920] input: PS/2 Generic Mouse as /devices/serio6/input/input218
[ 1300.764527][ T5920] psmouse serio6: Failed to enable mouse on 
[ 1301.100533][ T9449] netlink: 'syz.2.22210': attribute type 13 has an invalid length.
[ 1301.120360][ T9449] netlink: 'syz.2.22210': attribute type 17 has an invalid length.
[ 1301.132953][ T9449] gretap0: left promiscuous mode
[ 1301.188901][ T9449] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1301.284026][ T5920] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[ 1301.444938][ T5920] usb 2-1: Using ep0 maxpacket: 32
[ 1301.456731][ T5920] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[ 1301.479911][ T5920] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[ 1301.501934][ T5920] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[ 1301.517971][ T5920] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[ 1301.532197][ T5920] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1301.544010][ T5920] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[ 1301.553480][ T5920] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[ 1301.574193][ T5920] usb 2-1: Product: syz
[ 1301.578554][ T5920] usb 2-1: Manufacturer: syz
[ 1301.583157][ T5920] usb 2-1: SerialNumber: syz
[ 1301.605141][ T5920] usb 2-1: config 0 descriptor??
[ 1301.632875][ T5920] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[ 1301.661442][ T5920] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[ 1301.891730][ T9281] usb 2-1: USB disconnect, device number 73
[ 1301.897854][    C0] ldusb 2-1:0.0: usb_submit_urb failed (-19)
[ 1301.925062][ T9281] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[ 1302.685095][ T9504] syz_tun: entered allmulticast mode
[ 1302.692265][ T9503] syz_tun: left allmulticast mode
[ 1302.799509][ T9510] kvm: user requested TSC rate below hardware speed
[ 1302.895002][ T9524] netlink: 'syz.5.22230': attribute type 1 has an invalid length.
[ 1302.951016][ T9524] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1302.982391][ T9559] bond0: (slave geneve2): making interface the new active one
[ 1302.994089][ T9559] bond0: (slave geneve2): Enslaving as an active interface with an up link
[ 1303.121020][ T9571] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1303.186176][ T9577] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1303.443737][ T9281] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[ 1303.595851][ T9281] usb 6-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1303.605274][ T9281] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1303.615862][ T9281] usb 6-1: config 0 descriptor??
[ 1303.757365][ T9593] gre0: entered allmulticast mode
[ 1303.764521][ T9592] gre0: left allmulticast mode
[ 1304.387543][ T9610] netlink: 'syz.6.22244': attribute type 1 has an invalid length.
[ 1304.429444][ T9610] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1304.505581][ T9610] bond1: (slave geneve2): making interface the new active one
[ 1304.546264][ T9610] bond1: (slave geneve2): Enslaving as an active interface with an up link
[ 1304.843558][ T9281] usb 6-1: Cannot set autoneg
[ 1304.854218][ T9281] MOSCHIP usb-ethernet driver 6-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[ 1304.883032][ T9281] usb 6-1: USB disconnect, device number 29
[ 1304.973687][ T9681] netlink: 12 bytes leftover after parsing attributes in process `syz.2.22248'.
[ 1305.050845][   T30] kauditd_printk_skb: 3 callbacks suppressed
[ 1305.050863][   T30] audit: type=1326 audit(1764581425.256:5669): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9702 comm="syz.0.22252" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb68b78f749 code=0x0
[ 1305.798250][ T9271] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[ 1305.984822][ T9271] usb 6-1: Using ep0 maxpacket: 32
[ 1306.015120][ T9271] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1306.039577][ T9751] netlink: 'syz.2.22268': attribute type 9 has an invalid length.
[ 1306.059782][ T9751] netlink: 8 bytes leftover after parsing attributes in process `syz.2.22268'.
[ 1306.070226][ T9271] usb 6-1: New USB device found, idVendor=9022, idProduct=d662, bcdDevice=b3.0e
[ 1306.094831][ T9754] netlink: 8 bytes leftover after parsing attributes in process `syz.1.22270'.
[ 1306.103785][ T9271] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1306.122473][ T9751] macvlan3: entered promiscuous mode
[ 1306.130839][ T9756] netlink: 'syz.2.22268': attribute type 9 has an invalid length.
[ 1306.139857][ T9271] usb 6-1: config 0 descriptor??
[ 1306.140271][ T9751] hsr0: entered promiscuous mode
[ 1306.153092][ T9751] macvlan3: entered allmulticast mode
[ 1306.167000][ T9271] dvb-usb: found a 'TeVii S662' in warm state.
[ 1306.188375][ T9271] dw2102: su3000_power_ctrl: 1, initialized 0
[ 1306.197163][ T9756] netlink: 8 bytes leftover after parsing attributes in process `syz.2.22268'.
[ 1306.206367][ T9271] dvb-usb: bulk message failed: -22 (2/0)
[ 1306.235115][ T9271] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1306.308242][ T9271] dvbdev: DVB: registering new adapter (TeVii S662)
[ 1306.315079][ T9271] usb 6-1: media controller created
[ 1306.320308][ T9271] dvb-usb: bulk message failed: -22 (6/0)
[ 1306.325958][ T9756] macvlan4: entered promiscuous mode
[ 1306.343685][ T9271] dw2102: i2c transfer failed.
[ 1306.348509][ T9271] dvb-usb: bulk message failed: -22 (6/0)
[ 1306.354707][ T9756] macvlan4: entered allmulticast mode
[ 1306.401747][ T9271] dw2102: i2c transfer failed.
[ 1306.408164][ T9271] dvb-usb: bulk message failed: -22 (6/0)
[ 1306.419281][ T9271] dw2102: i2c transfer failed.
[ 1306.431996][ T9271] dvb-usb: bulk message failed: -22 (6/0)
[ 1306.438492][ T9271] dw2102: i2c transfer failed.
[ 1306.443369][ T9271] dvb-usb: bulk message failed: -22 (6/0)
[ 1306.453495][ T9271] dw2102: i2c transfer failed.
[ 1306.462550][ T9271] dvb-usb: bulk message failed: -22 (6/0)
[ 1306.484098][ T9271] dw2102: i2c transfer failed.
[ 1306.488942][ T9271] dvb-usb: MAC address: 02:02:02:02:02:02
[ 1306.547625][ T9271] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1306.626631][ T9271] dvb-usb: bulk message failed: -22 (3/0)
[ 1306.643248][ T9271] dw2102: command 0x0e transfer failed.
[ 1306.656575][ T9271] dvb-usb: bulk message failed: -22 (3/0)
[ 1306.662353][ T9271] dw2102: command 0x0e transfer failed.
[ 1306.739145][ T9794] syzkaller1: entered promiscuous mode
[ 1306.744951][ T9794] syzkaller1: entered allmulticast mode
[ 1306.988107][ T9271] dvb-usb: bulk message failed: -22 (3/0)
[ 1306.994490][ T9271] dw2102: command 0x0e transfer failed.
[ 1307.000063][ T9271] dvb-usb: bulk message failed: -22 (3/0)
[ 1307.018869][ T9271] dw2102: command 0x0e transfer failed.
[ 1307.039545][ T9271] dvb-usb: bulk message failed: -22 (1/0)
[ 1307.052719][ T9271] dw2102: command 0x51 transfer failed.
[ 1307.068952][ T9271] dvb-usb: bulk message failed: -22 (5/0)
[ 1307.088172][ T9271] dw2102: i2c probe for address 0x68 failed.
[ 1307.102788][ T9271] dvb-usb: bulk message failed: -22 (5/0)
[ 1307.121844][ T9271] dw2102: i2c probe for address 0x69 failed.
[ 1307.133834][ T9271] dvb-usb: bulk message failed: -22 (5/0)
[ 1307.139602][ T9271] dw2102: i2c probe for address 0x6a failed.
[ 1307.154073][ T9271] dw2102: probing for demodulator failed. Is the external power switched on?
[ 1307.162887][ T9271] dvb-usb: no frontend was attached by 'TeVii S662'
[ 1307.193771][ T9279] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[ 1307.261436][ T9833] input: syz0 as /devices/virtual/input/input221
[ 1307.336230][ T9271] rc_core: IR keymap rc-tt-1500 not found
[ 1307.360002][ T9271] Registered IR keymap rc-empty
[ 1307.368132][ T9271] rc rc0: TeVii S662 as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0
[ 1307.389331][ T9279] usb 2-1: Using ep0 maxpacket: 32
[ 1307.395183][ T9271] input: TeVii S662 as /devices/platform/dummy_hcd.5/usb6/6-1/rc/rc0/input220
[ 1307.407607][ T9271] dvb-usb: schedule remote query interval to 250 msecs.
[ 1307.419239][ T9271] dw2102: su3000_power_ctrl: 0, initialized 1
[ 1307.425919][ T9271] dvb-usb: TeVii S662 successfully initialized and connected.
[ 1307.434060][ T9279] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[ 1307.449683][ T9279] usb 2-1: config 0 has no interface number 0
[ 1307.467550][ T9271] usb 6-1: USB disconnect, device number 30
[ 1307.471917][ T9279] usb 2-1: config 0 interface 184 has no altsetting 0
[ 1307.527067][ T9279] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1307.557207][ T9279] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1307.611440][ T9279] usb 2-1: Product: syz
[ 1307.611991][ T9271] dvb-usb: TeVii S662 successfully deinitialized and disconnected.
[ 1307.639869][ T9279] usb 2-1: Manufacturer: syz
[ 1307.679533][ T9279] usb 2-1: SerialNumber: syz
[ 1307.723139][ T9279] usb 2-1: config 0 descriptor??
[ 1307.749510][ T9279] smsc75xx v1.0.0
[ 1307.752740][ T9875] input: syz0 as /devices/virtual/input/input222
[ 1308.345258][ T9279] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[ 1308.364344][ T9279] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[ 1308.431143][ T9934] netlink: 4 bytes leftover after parsing attributes in process `syz.5.22306'.
[ 1308.810313][ T9279] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000010: -71
[ 1308.833258][ T9279] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to write HW_CFG: -71
[ 1308.853455][ T9279] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1308.868958][ T9279] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[ 1308.907806][ T9279] usb 2-1: USB disconnect, device number 74
[ 1309.884847][ T5465] Bluetooth: hci4: command 0x0406 tx timeout
[ 1309.887395][   T43] Bluetooth: hci4: Opcode 0x0c1a failed: -110
[ 1309.914885][   T43] Bluetooth: hci4: Error when powering off device on rfkill (-110)
[ 1310.099624][   T30] audit: type=1326 audit(1764581430.306:5670): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.6.22330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc6dff8f749 code=0x7ffc0000
[ 1310.131532][   T30] audit: type=1326 audit(1764581430.306:5671): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.6.22330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc6dff2b829 code=0x7ffc0000
[ 1310.194233][   T30] audit: type=1326 audit(1764581430.306:5672): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.6.22330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc6dff2b829 code=0x7ffc0000
[ 1310.259180][   T30] audit: type=1326 audit(1764581430.306:5673): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.6.22330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc6dff2b829 code=0x7ffc0000
[ 1310.286175][   T30] audit: type=1326 audit(1764581430.306:5674): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.6.22330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc6dff2b829 code=0x7ffc0000
[ 1310.308614][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1310.316517][   T30] audit: type=1326 audit(1764581430.306:5675): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.6.22330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc6dff2b829 code=0x7ffc0000
[ 1310.341132][   T30] audit: type=1326 audit(1764581430.306:5676): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.6.22330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc6dff2b829 code=0x7ffc0000
[ 1310.366660][   T30] audit: type=1326 audit(1764581430.336:5677): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.6.22330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc6dff2b829 code=0x7ffc0000
[ 1310.390952][   T30] audit: type=1326 audit(1764581430.336:5678): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.6.22330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc6dff2b829 code=0x7ffc0000
[ 1310.415374][   T30] audit: type=1326 audit(1764581430.336:5679): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10007 comm="syz.6.22330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fc6dff2b829 code=0x7ffc0000
[ 1310.634875][T10022] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1310.699984][T10028] input: syz1 as /devices/virtual/input/input223
[ 1311.727146][ T9281] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[ 1311.917531][ T9281] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[ 1311.933795][ T9281] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1311.951494][ T9281] usb 6-1: Product: syz
[ 1311.958453][ T9281] usb 6-1: Manufacturer: syz
[ 1311.963093][ T9281] usb 6-1: SerialNumber: syz
[ 1311.981901][ T9281] usb 6-1: config 0 descriptor??
[ 1312.124535][ T5465] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1312.124895][   T43] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[ 1312.150700][   T43] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[ 1312.216107][T28335] usb 6-1: USB disconnect, device number 31
[ 1312.234619][ T9271] usb 2-1: new high-speed USB device number 75 using dummy_hcd
[ 1312.406351][ T9271] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1312.432358][ T9271] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1312.432962][T10117] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1312.475126][ T9271] usb 2-1: config 0 descriptor??
[ 1312.483068][ T9271] cp210x 2-1:0.0: cp210x converter detected
[ 1312.897412][ T9271] cp210x 2-1:0.0: failed to get vendor val 0x0010 size 3: -32
[ 1312.918867][ T9271] usb 2-1: cp210x converter now attached to ttyUSB0
[ 1313.121472][ T9271] usb 2-1: USB disconnect, device number 75
[ 1313.140345][ T9271] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1313.172143][ T9271] cp210x 2-1:0.0: device disconnected
[ 1313.901761][T10189] input: syz0 as /devices/virtual/input/input224
[ 1314.204318][ T5465] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1314.367098][T10214] input: syz0 as /devices/virtual/input/input225
[ 1314.554207][ T9279] usb 6-1: new high-speed USB device number 32 using dummy_hcd
[ 1314.705555][ T9279] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1314.712317][ T9279] usb 6-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[ 1314.722646][ T9279] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1314.734335][ T9279] usb 6-1: config 0 descriptor??
[ 1315.774485][ T9279] radio-keene 6-1:0.0: V4L2 device registered as radio48
[ 1315.986352][   T43] usb 6-1: USB disconnect, device number 32
[ 1316.307618][T10273] netlink: 20 bytes leftover after parsing attributes in process `syz.1.22392'.
[ 1316.565652][ T9279] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[ 1316.655350][T10293] ip6gre2: entered promiscuous mode
[ 1316.670007][T10293] ip6gre2: entered allmulticast mode
[ 1316.747863][ T9279] usb 2-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1316.763782][ T9279] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1316.782103][ T9279] usb 2-1: Product: syz
[ 1316.792234][ T9279] usb 2-1: Manufacturer: syz
[ 1316.802393][ T9279] usb 2-1: SerialNumber: syz
[ 1317.251045][ T9279] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[ 1317.284479][ T9279] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to sync IRQ enable register: -EPROTO
[ 1317.311728][ T9279] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[ 1317.326254][T10321] netlink: 'syz.6.22405': attribute type 9 has an invalid length.
[ 1317.337640][T10321] netlink: 8 bytes leftover after parsing attributes in process `syz.6.22405'.
[ 1317.347576][ T9279] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1317.362556][ T9279] lan78xx 2-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1317.375615][T10321] hsr0: entered promiscuous mode
[ 1317.381453][T10321] macvlan2: entered promiscuous mode
[ 1317.389839][ T9279] lan78xx 2-1:1.0: probe with driver lan78xx failed with error -71
[ 1317.399329][T10321] macvlan2: entered allmulticast mode
[ 1317.415716][T10321] hsr0: entered allmulticast mode
[ 1317.415809][T10330] netlink: 'syz.6.22405': attribute type 9 has an invalid length.
[ 1317.420937][ T9279] usb 2-1: USB disconnect, device number 76
[ 1317.444574][T10321] hsr_slave_0: entered allmulticast mode
[ 1317.454695][T10321] hsr_slave_1: entered allmulticast mode
[ 1317.482432][T10330] netlink: 8 bytes leftover after parsing attributes in process `syz.6.22405'.
[ 1317.504533][T10330] macvlan3: entered promiscuous mode
[ 1317.510132][T10330] macvlan3: entered allmulticast mode
[ 1318.044889][T10378] netlink: 136 bytes leftover after parsing attributes in process `syz.6.22416'.
[ 1318.502222][T10392] input: syz1 as /devices/virtual/input/input226
[ 1318.745411][T10406] kvm: user requested TSC rate below hardware speed
[ 1319.073967][   T43] usb 6-1: new high-speed USB device number 33 using dummy_hcd
[ 1319.414057][   T43] usb 6-1: Using ep0 maxpacket: 8
[ 1319.422711][   T43] usb 6-1: config 0 has an invalid interface number: 122 but max is 0
[ 1319.435680][   T43] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1319.464377][   T43] usb 6-1: config 0 has no interface number 0
[ 1319.479737][   T43] usb 6-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[ 1319.508188][   T43] usb 6-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[ 1319.532649][   T43] usb 6-1: config 0 interface 122 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 8
[ 1319.575130][   T43] usb 6-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[ 1319.591065][   T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1319.605134][   T43] usb 6-1: Product: syz
[ 1319.612678][   T43] usb 6-1: Manufacturer: syz
[ 1319.620498][   T43] usb 6-1: SerialNumber: syz
[ 1319.635109][   T43] usb 6-1: config 0 descriptor??
[ 1319.647016][T10414] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1319.861707][T10414] loop3: detected capacity change from 0 to 7
[ 1319.869356][T10414] Dev loop3: unable to read RDB block 7
[ 1319.875130][T10414]  loop3: AHDI p1 p2
[ 1319.879687][T10414] loop3: partition table partially beyond EOD, truncated
[ 1319.890695][T10414] loop3: p1 start 2589959654 is beyond EOD, truncated
[ 1319.925191][   T43] usb 6-1: NFC: intf ffff88807e917000 id ffffffff8e909220
[ 1319.963109][   T43] usb 6-1: USB disconnect, device number 33
[ 1320.113434][T10456] netlink: 8 bytes leftover after parsing attributes in process `syz.6.22438'.
[ 1320.668356][   T43] usb 2-1: new full-speed USB device number 77 using dummy_hcd
[ 1320.695366][T10489] netlink: 'syz.5.22448': attribute type 1 has an invalid length.
[ 1320.761968][T10489] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1320.841831][   T43] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1320.903225][   T43] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1320.916955][T10531] bond1: (slave geneve3): making interface the new active one
[ 1320.954448][   T43] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[ 1320.965582][T10531] bond1: (slave geneve3): Enslaving as an active interface with an up link
[ 1320.984973][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1320.998983][T21193] netdevsim netdevsim5 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[ 1321.015312][T21193] netdevsim netdevsim5 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[ 1321.025971][   T43] usb 2-1: config 0 descriptor??
[ 1321.048917][   T43] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[ 1321.059878][T10544] netlink: 8 bytes leftover after parsing attributes in process `syz.0.22453'.
[ 1321.062281][T21193] netdevsim netdevsim5 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[ 1321.074193][   T43] dvb-usb: bulk message failed: -22 (3/0)
[ 1321.086901][T10544] netlink: 'syz.0.22453': attribute type 15 has an invalid length.
[ 1321.100340][T21193] netdevsim netdevsim5 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[ 1321.113437][T10544] netlink: 4 bytes leftover after parsing attributes in process `syz.0.22453'.
[ 1321.145068][   T43] dvb-usb: will use the device's hardware PID filter (table count: 16).
[ 1321.168134][   T43] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[ 1321.196054][   T43] usb 2-1: media controller created
[ 1321.214221][T10549] vivid-001: disconnect
[ 1321.215215][   T43] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1321.245710][T10549] vivid-001: reconnect
[ 1321.277815][   T43] dvb-usb: bulk message failed: -22 (6/0)
[ 1321.296232][   T43] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[ 1321.344946][   T43] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input227
[ 1321.392171][T10556] netlink: 28 bytes leftover after parsing attributes in process `syz.0.22457'.
[ 1321.394660][   T43] dvb-usb: schedule remote query interval to 150 msecs.
[ 1321.444253][   T43] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[ 1321.606701][   T43] dvb-usb: bulk message failed: -22 (1/0)
[ 1321.612485][   T43] dvb-usb: error while querying for an remote control event.
[ 1321.729620][   T43] usb 2-1: USB disconnect, device number 77
[ 1321.809874][   T43] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[ 1321.988770][T10607] netlink: 'syz.2.22465': attribute type 1 has an invalid length.
[ 1322.167231][T10607] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1322.267645][T10614] bond1: (slave geneve0): making interface the new active one
[ 1322.316117][T10614] bond1: (slave geneve0): Enslaving as an active interface with an up link
[ 1322.327656][   T69] netdevsim netdevsim2 : set [1, 0] type 2 family 0 port 6081 - 0
[ 1322.349558][   T69] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1322.372532][   T69] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1322.395835][   T69] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1322.714615][ T9271] usb 6-1: new high-speed USB device number 34 using dummy_hcd
[ 1322.876273][ T9271] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1322.893948][ T9271] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1322.910137][ T9271] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1322.930999][ T9271] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1322.946762][ T9271] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1322.974726][ T9271] usb 6-1: config 0 descriptor??
[ 1323.419641][ T9271] plantronics 0003:047F:FFFF.00A8: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[ 1323.580936][T10767] netlink: 'syz.6.22485': attribute type 1 has an invalid length.
[ 1323.643149][T10767] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1323.706232][T10801] bond2: (slave geneve3): making interface the new active one
[ 1323.716959][T10801] bond2: (slave geneve3): Enslaving as an active interface with an up link
[ 1325.321711][T10827] netlink: 4 bytes leftover after parsing attributes in process `syz.5.22495'.
[ 1325.525663][ T5920] usb 6-1: USB disconnect, device number 34
[ 1325.816425][T10859] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1326.148259][T10899] netlink: 32 bytes leftover after parsing attributes in process `syz.0.22507'.
[ 1326.169739][T10899] netlink: 32 bytes leftover after parsing attributes in process `syz.0.22507'.
[ 1326.276550][T10907] "syz.0.22510" (10907) uses obsolete ecb(arc4) skcipher
[ 1326.423436][T10921] netlink: 'syz.1.22515': attribute type 18 has an invalid length.
[ 1326.431690][T10921] netlink: 4 bytes leftover after parsing attributes in process `syz.1.22515'.
[ 1326.442240][T10921] netlink: 'syz.1.22515': attribute type 18 has an invalid length.
[ 1326.451174][T10921] netlink: 4 bytes leftover after parsing attributes in process `syz.1.22515'.
[ 1326.912639][T10944] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1327.018892][T10949] pim6reg1: entered promiscuous mode
[ 1327.024719][T10949] pim6reg1: entered allmulticast mode
[ 1328.865937][ T5465] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1328.879128][ T5465] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1328.889514][ T5465] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1328.899297][ T5465] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1328.908242][ T5465] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1328.947439][ T5842] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1328.959319][ T5842] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1328.967771][ T5842] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1328.978391][ T5842] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1328.990626][ T5842] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1329.222406][T11056] chnl_net:caif_netlink_parms(): no params data found
[ 1329.323180][T11056] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1329.331391][T11056] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1329.340063][T11056] bridge_slave_0: entered allmulticast mode
[ 1329.348030][T11056] bridge_slave_0: entered promiscuous mode
[ 1329.357680][T11056] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1329.365357][T11056] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1329.372790][T11056] bridge_slave_1: entered allmulticast mode
[ 1329.380615][T11056] bridge_slave_1: entered promiscuous mode
[ 1329.424233][T11056] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1329.437637][T11056] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1329.480520][T11056] team0: Port device team_slave_0 added
[ 1329.489863][T11056] team0: Port device team_slave_1 added
[ 1329.528242][T11056] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1329.535786][T11056] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1329.563326][T11056] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1329.576139][T11056] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1329.583075][T11056] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1329.609919][T11056] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1329.662948][T11056] hsr_slave_0: entered promiscuous mode
[ 1329.670730][T11056] hsr_slave_1: entered promiscuous mode
[ 1329.677939][T11056] debugfs: 'hsr0' already exists in 'hsr'
[ 1329.684770][T11056] Cannot create hsr debugfs directory
[ 1329.946089][T11056] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1329.959191][T11056] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1329.971495][T11056] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1329.984811][T11056] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1330.078056][T11056] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1330.105769][T11056] 8021q: adding VLAN 0 to HW filter on device team0
[ 1330.119364][ T2866] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1330.126626][ T2866] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1330.145467][   T69] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1330.152687][   T69] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1330.257997][T11056] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1330.315892][T11056] veth0_vlan: entered promiscuous mode
[ 1330.329940][T11056] veth1_vlan: entered promiscuous mode
[ 1330.367031][T11056] veth0_macvtap: entered promiscuous mode
[ 1330.376912][T11056] veth1_macvtap: entered promiscuous mode
[ 1330.396910][T11056] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1330.413319][T11056] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1330.427955][ T2866] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1330.437936][ T2866] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1330.452588][ T2866] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1330.461971][ T2866] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1330.551498][ T2866] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1330.562477][ T2866] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1330.592838][ T2993] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1330.602168][ T2993] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1330.715674][T11419] netlink: 212368 bytes leftover after parsing attributes in process `syz.7.22542'.
[ 1330.782665][T11424] input: syz0 as /devices/virtual/input/input228
[ 1331.086924][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[ 1331.100253][ T5842] Bluetooth: hci2: command tx timeout
[ 1331.450356][T11486] pim6reg1: entered promiscuous mode
[ 1331.456060][T11486] pim6reg1: entered allmulticast mode
[ 1331.741883][T11502] netlink: 'syz.2.22564': attribute type 11 has an invalid length.
[ 1333.164955][ T5842] Bluetooth: hci2: command tx timeout
[ 1334.405369][ T9281] usb 6-1: new high-speed USB device number 35 using dummy_hcd
[ 1334.593868][ T9281] usb 6-1: Using ep0 maxpacket: 32
[ 1334.606460][ T9281] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1334.625947][ T9281] usb 6-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[ 1334.680269][ T9281] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1334.697434][   T30] kauditd_printk_skb: 105 callbacks suppressed
[ 1334.697449][   T30] audit: type=1326 audit(1764581454.886:5785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11627 comm="syz.7.22599" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9612b8f749 code=0x0
[ 1334.726355][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1334.747759][ T9281] usb 6-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1334.759063][ T9281] usb 6-1: New USB device strings: Mfr=229, Product=1, SerialNumber=3
[ 1334.771540][ T9281] usb 6-1: Product: syz
[ 1334.776361][ T9281] usb 6-1: Manufacturer: syz
[ 1334.782028][ T9281] usb 6-1: SerialNumber: syz
[ 1334.795181][ T9281] usb 6-1: config 0 descriptor??
[ 1335.207443][ T9281] gs_usb 6-1:0.0: Configuring for 1 interfaces
[ 1335.247827][ T5842] Bluetooth: hci2: command tx timeout
[ 1335.608733][ T9281] gs_usb 6-1:0.0: Disabling termination support for channel 0 (-EPIPE)
[ 1335.743503][   T30] audit: type=1326 audit(1764581455.946:5786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11668 comm="syz.7.22610" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9612b8f749 code=0x0
[ 1335.840309][ T5920] usb 6-1: USB disconnect, device number 35
[ 1336.615209][ T9281] IPVS: starting estimator thread 0...
[ 1336.621389][T11721] IPVS: wrr: FWM 3 0x00000003 - no destination available
[ 1336.645842][    C0] IPVS: wrr: FWM 3 0x00000003 - no destination available
[ 1336.725841][T11723] IPVS: using max 28 ests per chain, 67200 per kthread
[ 1337.326039][ T5842] Bluetooth: hci2: command tx timeout
[ 1338.655718][T28335] usb 6-1: new high-speed USB device number 36 using dummy_hcd
[ 1338.835678][T28335] usb 6-1: Using ep0 maxpacket: 32
[ 1338.854490][T28335] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[ 1338.890040][T28335] usb 6-1: config 0 has no interface number 0
[ 1338.906794][T28335] usb 6-1: config 0 interface 184 has no altsetting 0
[ 1338.940730][T28335] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[ 1338.961669][T28335] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1338.970995][T28335] usb 6-1: Product: syz
[ 1338.976182][T28335] usb 6-1: Manufacturer: syz
[ 1338.980945][T28335] usb 6-1: SerialNumber: syz
[ 1339.000324][T28335] usb 6-1: config 0 descriptor??
[ 1339.012258][T28335] smsc75xx v1.0.0
[ 1339.110230][T11837] netlink: 35 bytes leftover after parsing attributes in process `syz.6.22646'.
[ 1339.120977][T11837] netlink: 16 bytes leftover after parsing attributes in process `syz.6.22646'.
[ 1339.219794][T11839] netlink: 8 bytes leftover after parsing attributes in process `syz.6.22647'.
[ 1340.019874][T28335] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[ 1340.106583][T11878] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1340.234251][T28335] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[ 1340.262383][T28335] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[ 1340.274194][T28335] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[ 1340.302009][T28335] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[ 1340.316891][T28335] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -71
[ 1340.343454][T28335] usb 6-1: USB disconnect, device number 36
[ 1341.733992][ T9281] usb 6-1: new high-speed USB device number 37 using dummy_hcd
[ 1341.883959][ T9281] usb 6-1: Using ep0 maxpacket: 16
[ 1341.901017][ T9281] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 1341.934012][ T9281] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1341.946503][ T9281] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1341.976890][ T9281] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1341.994352][   T30] audit: type=1326 audit(1764581462.196:5787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11973 comm="syz.7.22689" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9612b8f749 code=0x0
[ 1342.003156][ T9281] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1342.054368][ T9281] usb 6-1: Product: syz
[ 1342.058622][ T9281] usb 6-1: Manufacturer: syz
[ 1342.063232][ T9281] usb 6-1: SerialNumber: syz
[ 1342.563289][ T9281] usb 6-1: 0:2 : does not exist
[ 1342.617120][T11988] input: syz1 as /devices/virtual/input/input229
[ 1342.700257][T11995] netlink: 8 bytes leftover after parsing attributes in process `syz.6.22694'.
[ 1342.816908][T11999] syzkaller1: entered promiscuous mode
[ 1342.822619][T11999] syzkaller1: entered allmulticast mode
[ 1342.974506][T12009] netlink: 67 bytes leftover after parsing attributes in process `syz.6.22697'.
[ 1343.389029][T28335] usb 6-1: USB disconnect, device number 37
[ 1344.012804][T12083] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1344.242639][   T30] audit: type=1326 audit(1764581464.446:5788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12096 comm="syz.7.22717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9612b8f749 code=0x7ffc0000
[ 1344.330998][   T30] audit: type=1326 audit(1764581464.446:5789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12096 comm="syz.7.22717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9612b2b829 code=0x7ffc0000
[ 1344.451061][   T30] audit: type=1326 audit(1764581464.446:5790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12096 comm="syz.7.22717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9612b8f749 code=0x7ffc0000
[ 1344.558568][   T30] audit: type=1326 audit(1764581464.446:5791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12096 comm="syz.7.22717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9612b2b829 code=0x7ffc0000
[ 1344.674914][ T9279] ip6_tunnel: ip6gre3 xmit: Local address not yet configured!
[ 1344.682559][ T9281] usb 6-1: new high-speed USB device number 38 using dummy_hcd
[ 1344.694061][   T30] audit: type=1326 audit(1764581464.446:5792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12096 comm="syz.7.22717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9612b8f749 code=0x7ffc0000
[ 1344.724635][ T6842] ip6_tunnel: ip6gre3 xmit: Local address not yet configured!
[ 1344.775938][   T30] audit: type=1326 audit(1764581464.446:5793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12096 comm="syz.7.22717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9612b2b829 code=0x7ffc0000
[ 1344.815676][T12122] loop9: detected capacity change from 0 to 7
[ 1344.848519][T12122] Dev loop9: unable to read RDB block 7
[ 1344.850278][   T30] audit: type=1326 audit(1764581464.446:5794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12096 comm="syz.7.22717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9612b2b829 code=0x7ffc0000
[ 1344.881657][   T30] audit: type=1326 audit(1764581464.446:5795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12096 comm="syz.7.22717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9612b2b829 code=0x7ffc0000
[ 1344.917104][   T30] audit: type=1326 audit(1764581464.446:5796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12096 comm="syz.7.22717" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f9612b2b829 code=0x7ffc0000
[ 1344.933855][T12122]  loop9: AHDI p3 p4
[ 1344.954232][T12122] loop9: partition table partially beyond EOD, truncated
[ 1344.974723][ T9281] usb 6-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1344.984659][T12122] loop9: p3 size 4227858431 extends beyond EOD, truncated
[ 1345.002063][ T9281] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1345.010796][ T6842] ip6_tunnel: ip6gre3 xmit: Local address not yet configured!
[ 1345.039166][ T9281] usb 6-1: config 0 descriptor??
[ 1345.122621][T27321] udevd[27321]: inotify_add_watch(7, /dev/loop9p3, 10) failed: No such file or directory
[ 1346.071499][ T9281] usb 6-1: Cannot set autoneg
[ 1346.077151][ T9281] MOSCHIP usb-ethernet driver 6-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -32
[ 1346.098863][ T9281] usb 6-1: USB disconnect, device number 38
[ 1346.673441][T12206] syzkaller1: entered promiscuous mode
[ 1346.680101][T12206] syzkaller1: entered allmulticast mode
[ 1347.271277][ T9281] hid-generic 0000:0003:0001.00A9: unknown main item tag 0x0
[ 1347.289446][ T9281] hid-generic 0000:0003:0001.00A9: unknown main item tag 0x0
[ 1347.308251][ T9281] hid-generic 0000:0003:0001.00A9: hidraw0: <UNKNOWN> HID v0.03 Device [syz0] on syz1
[ 1347.420136][T12237] fido_id[12237]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1348.787175][   T30] kauditd_printk_skb: 73 callbacks suppressed
[ 1348.787193][   T30] audit: type=1326 audit(1764581468.986:5870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12302 comm="syz.0.22785" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fb68b78f749 code=0x0
[ 1348.915904][T12293] delete_channel: no stack
[ 1348.918316][T12306] loop9: detected capacity change from 0 to 7
[ 1348.948799][T12306] Dev loop9: unable to read RDB block 7
[ 1348.973528][T12306]  loop9: unable to read partition table
[ 1348.992946][T12306] loop9: partition table beyond EOD, truncated
[ 1349.014663][T12306] loop_reread_partitions: partition scan of loop9 (þ被xü—ŸÑà– ) failed (rc=-5)
[ 1349.670001][T12353] 
[ 1349.672347][T12353] =====================================================
[ 1349.679275][T12353] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
[ 1349.686752][T12353] syzkaller #0 Not tainted
[ 1349.691174][T12353] -----------------------------------------------------
[ 1349.698110][T12353] syz.0.22800/12353 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[ 1349.705919][T12353] ffffffff8dc0c058 (tasklist_lock){.+.+}-{3:3}, at: send_sigio+0x101/0x370
[ 1349.714557][T12353] 
[ 1349.714557][T12353] and this task is already holding:
[ 1349.721925][T12353] ffff888032619f20 (&f_owner->lock){....}-{3:3}, at: send_sigio+0x38/0x370
[ 1349.730547][T12353] which would create a new lock dependency:
[ 1349.736427][T12353]  (&f_owner->lock){....}-{3:3} -> (tasklist_lock){.+.+}-{3:3}
[ 1349.743998][T12353] 
[ 1349.743998][T12353] but this new dependency connects a SOFTIRQ-irq-safe lock:
[ 1349.753433][T12353]  (&client->buffer_lock){..-.}-{3:3}
[ 1349.753458][T12353] 
[ 1349.753458][T12353] ... which became SOFTIRQ-irq-safe at:
[ 1349.766502][T12353]   lock_acquire+0x120/0x360
[ 1349.771085][T12353]   _raw_spin_lock+0x2e/0x40
[ 1349.775672][T12353]   evdev_pass_values+0xb9/0xbd0
[ 1349.780611][T12353]   evdev_events+0x1e6/0x340
[ 1349.785200][T12353]   input_pass_values+0x288/0x890
[ 1349.790214][T12353]   input_event_dispose+0x3e5/0x6b0
[ 1349.795399][T12353]   input_event+0x89/0xe0
[ 1349.799806][T12353]   hidinput_hid_event+0x145e/0x1dd0
[ 1349.805087][T12353]   hid_process_event+0x4be/0x620
[ 1349.810105][T12353]   hid_report_raw_event+0xe91/0x16d0
[ 1349.815468][T12353]   hid_input_report+0x43e/0x520
[ 1349.820394][T12353]   hid_irq_in+0x47e/0x6d0
[ 1349.824800][T12353]   __usb_hcd_giveback_urb+0x376/0x540
[ 1349.830250][T12353]   dummy_timer+0x85f/0x44c0
[ 1349.834826][T12353]   __hrtimer_run_queues+0x52c/0xc60
[ 1349.840102][T12353]   hrtimer_run_softirq+0x187/0x2b0
[ 1349.845289][T12353]   handle_softirqs+0x286/0x870
[ 1349.850130][T12353]   __irq_exit_rcu+0xca/0x1f0
[ 1349.854824][T12353]   irq_exit_rcu+0x9/0x30
[ 1349.859369][T12353]   sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1349.865090][T12353]   asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1349.871157][T12353]   page_ext_lookup+0xe2/0x180
[ 1349.875918][T12353]   page_table_check_set+0x27e/0x730
[ 1349.881199][T12353]   copy_pmd_range+0x4b9b/0x7f00
[ 1349.886133][T12353]   copy_page_range+0xc14/0x1270
[ 1349.891070][T12353]   dup_mmap+0xf4c/0x1b10
[ 1349.895394][T12353]   copy_mm+0x13c/0x4b0
[ 1349.899539][T12353]   copy_process+0x1706/0x3c00
[ 1349.904293][T12353]   kernel_clone+0x21e/0x840
[ 1349.908883][T12353]   __x64_sys_clone+0x18b/0x1e0
[ 1349.913723][T12353]   do_syscall_64+0xfa/0xfa0
[ 1349.918324][T12353]   entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1349.924317][T12353] 
[ 1349.924317][T12353] to a SOFTIRQ-irq-unsafe lock:
[ 1349.931323][T12353]  (tasklist_lock){.+.+}-{3:3}
[ 1349.931352][T12353] 
[ 1349.931352][T12353] ... which became SOFTIRQ-irq-unsafe at:
[ 1349.943967][T12353] ...
[ 1349.943977][T12353]   lock_acquire+0x120/0x360
[ 1349.951127][T12353]   _raw_read_lock+0x36/0x50
[ 1349.955721][T12353]   __do_wait+0xde/0x740
[ 1349.959975][T12353]   do_wait+0x1f8/0x510
[ 1349.964132][T12353]   kernel_wait+0xab/0x170
[ 1349.968641][T12353]   call_usermodehelper_exec_work+0xbe/0x230
[ 1349.974611][T12353]   process_scheduled_works+0xae1/0x17b0
[ 1349.980261][T12353]   worker_thread+0x8a0/0xda0
[ 1349.984950][T12353]   kthread+0x711/0x8a0
[ 1349.989099][T12353]   ret_from_fork+0x4bc/0x870
[ 1349.993765][T12353]   ret_from_fork_asm+0x1a/0x30
[ 1349.998606][T12353] 
[ 1349.998606][T12353] other info that might help us debug this:
[ 1349.998606][T12353] 
[ 1350.008825][T12353] Chain exists of:
[ 1350.008825][T12353]   &client->buffer_lock --> &f_owner->lock --> tasklist_lock
[ 1350.008825][T12353] 
[ 1350.022029][T12353]  Possible interrupt unsafe locking scenario:
[ 1350.022029][T12353] 
[ 1350.030340][T12353]        CPU0                    CPU1
[ 1350.035691][T12353]        ----                    ----
[ 1350.041047][T12353]   lock(tasklist_lock);
[ 1350.045281][T12353]                                local_irq_disable();
[ 1350.052027][T12353]                                lock(&client->buffer_lock);
[ 1350.059386][T12353]                                lock(&f_owner->lock);
[ 1350.066228][T12353]   <Interrupt>
[ 1350.069668][T12353]     lock(&client->buffer_lock);
[ 1350.074678][T12353] 
[ 1350.074678][T12353]  *** DEADLOCK ***
[ 1350.074678][T12353] 
[ 1350.082808][T12353] 5 locks held by syz.0.22800/12353:
[ 1350.088074][T12353]  #0: ffff888027704420 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[ 1350.097215][T12353]  #1: ffff8880572ebd00 (&sb->s_type->i_mutex_key#13){++++}-{4:4}, at: do_truncate+0x171/0x220
[ 1350.107575][T12353]  #2: ffffffff99812710 (&fsnotify_mark_srcu){.+.?}-{0:0}, at: fsnotify+0x735/0x1a80
[ 1350.117056][T12353]  #3: ffff8880765bd420 (&mark->lock){+.+.}-{3:3}, at: dnotify_handle_event+0x62/0x440
[ 1350.126716][T12353]  #4: ffff888032619f20 (&f_owner->lock){....}-{3:3}, at: send_sigio+0x38/0x370
[ 1350.135763][T12353] 
[ 1350.135763][T12353] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[ 1350.146154][T12353]   -> (&client->buffer_lock){..-.}-{3:3} {
[ 1350.152057][T12353]      IN-SOFTIRQ-W at:
[ 1350.156205][T12353]                         lock_acquire+0x120/0x360
[ 1350.162696][T12353]                         _raw_spin_lock+0x2e/0x40
[ 1350.169191][T12353]                         evdev_pass_values+0xb9/0xbd0
[ 1350.176035][T12353]                         evdev_events+0x1e6/0x340
[ 1350.182527][T12353]                         input_pass_values+0x288/0x890
[ 1350.189452][T12353]                         input_event_dispose+0x3e5/0x6b0
[ 1350.196553][T12353]                         input_event+0x89/0xe0
[ 1350.202870][T12353]                         hidinput_hid_event+0x145e/0x1dd0
[ 1350.210078][T12353]                         hid_process_event+0x4be/0x620
[ 1350.217017][T12353]                         hid_report_raw_event+0xe91/0x16d0
[ 1350.224293][T12353]                         hid_input_report+0x43e/0x520
[ 1350.231133][T12353]                         hid_irq_in+0x47e/0x6d0
[ 1350.237449][T12353]                         __usb_hcd_giveback_urb+0x376/0x540
[ 1350.244820][T12353]                         dummy_timer+0x85f/0x44c0
[ 1350.251401][T12353]                         __hrtimer_run_queues+0x52c/0xc60
[ 1350.258588][T12353]                         hrtimer_run_softirq+0x187/0x2b0
[ 1350.265692][T12353]                         handle_softirqs+0x286/0x870
[ 1350.272451][T12353]                         __irq_exit_rcu+0xca/0x1f0
[ 1350.279026][T12353]                         irq_exit_rcu+0x9/0x30
[ 1350.285254][T12353]                         sysvec_apic_timer_interrupt+0xa6/0xc0
[ 1350.292878][T12353]                         asm_sysvec_apic_timer_interrupt+0x1a/0x20
[ 1350.300853][T12353]                         page_ext_lookup+0xe2/0x180
[ 1350.307524][T12353]                         page_table_check_set+0x27e/0x730
[ 1350.314717][T12353]                         copy_pmd_range+0x4b9b/0x7f00
[ 1350.321562][T12353]                         copy_page_range+0xc14/0x1270
[ 1350.328404][T12353]                         dup_mmap+0xf4c/0x1b10
[ 1350.334644][T12353]                         copy_mm+0x13c/0x4b0
[ 1350.340702][T12353]                         copy_process+0x1706/0x3c00
[ 1350.347371][T12353]                         kernel_clone+0x21e/0x840
[ 1350.353867][T12353]                         __x64_sys_clone+0x18b/0x1e0
[ 1350.360633][T12353]                         do_syscall_64+0xfa/0xfa0
[ 1350.367145][T12353]                         entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1350.375037][T12353]      INITIAL USE at:
[ 1350.379099][T12353]                        lock_acquire+0x120/0x360
[ 1350.385504][T12353]                        _raw_spin_lock_irqsave+0xa7/0xf0
[ 1350.392607][T12353]                        evdev_ioctl_handler+0x1095/0x1f10
[ 1350.399799][T12353]                        __se_sys_ioctl+0xfc/0x170
[ 1350.406301][T12353]                        do_syscall_64+0xfa/0xfa0
[ 1350.412736][T12353]                        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1350.420532][T12353]    }
[ 1350.423189][T12353]    ... key      at: [<ffffffff99b2c380>] evdev_open.__key.25+0x0/0x20
[ 1350.431505][T12353]  -> (&new->fa_lock){....}-{3:3} {
[ 1350.436715][T12353]     INITIAL USE at:
[ 1350.440681][T12353]                      lock_acquire+0x120/0x360
[ 1350.446910][T12353]                      _raw_write_lock_irq+0xa2/0xf0
[ 1350.453575][T12353]                      fasync_remove_entry+0xf1/0x1c0
[ 1350.460417][T12353]                      pipe_fasync+0xa9/0x1e0
[ 1350.466474][T12353]                      __fput+0x8a2/0xa70
[ 1350.472182][T12353]                      task_work_run+0x1d4/0x260
[ 1350.478501][T12353]                      exit_to_user_mode_loop+0xe9/0x130
[ 1350.485517][T12353]                      do_syscall_64+0x2bd/0xfa0
[ 1350.491922][T12353]                      entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1350.499536][T12353]     INITIAL READ USE at:
[ 1350.503958][T12353]                           lock_acquire+0x120/0x360
[ 1350.510630][T12353]                           _raw_read_lock_irqsave+0xaf/0x100
[ 1350.518081][T12353]                           kill_fasync+0x199/0x4d0
[ 1350.524656][T12353]                           pipe_release+0x19c/0x330
[ 1350.531320][T12353]                           __fput+0x44c/0xa70
[ 1350.537462][T12353]                           task_work_run+0x1d4/0x260
[ 1350.544304][T12353]                           exit_to_user_mode_loop+0xe9/0x130
[ 1350.551752][T12353]                           do_syscall_64+0x2bd/0xfa0
[ 1350.558510][T12353]                           entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1350.566576][T12353]   }
[ 1350.569159][T12353]   ... key      at: [<ffffffff9980f8a0>] fasync_insert_entry.__key+0x0/0x20
[ 1350.578087][T12353]   ... acquired at:
[ 1350.581965][T12353]    lock_acquire+0x120/0x360
[ 1350.586632][T12353]    _raw_read_lock_irqsave+0xaf/0x100
[ 1350.592089][T12353]    kill_fasync+0x199/0x4d0
[ 1350.596675][T12353]    evdev_pass_values+0x627/0xbd0
[ 1350.601790][T12353]    evdev_events+0x1e6/0x340
[ 1350.606458][T12353]    input_pass_values+0x288/0x890
[ 1350.611564][T12353]    input_event_dispose+0x330/0x6b0
[ 1350.616838][T12353]    input_inject_event+0x1dd/0x340
[ 1350.622123][T12353]    evdev_write+0x2fc/0x480
[ 1350.626721][T12353]    vfs_write+0x27e/0xb30
[ 1350.631141][T12353]    ksys_write+0x145/0x250
[ 1350.635634][T12353]    do_syscall_64+0xfa/0xfa0
[ 1350.640307][T12353]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1350.646366][T12353] 
[ 1350.648680][T12353] -> (&f_owner->lock){....}-{3:3} {
[ 1350.653887][T12353]    INITIAL USE at:
[ 1350.657779][T12353]                    lock_acquire+0x120/0x360
[ 1350.663840][T12353]                    _raw_write_lock_irq+0xa2/0xf0
[ 1350.670331][T12353]                    __f_setown+0x67/0x370
[ 1350.676126][T12353]                    tun_chr_fasync+0x128/0x1a0
[ 1350.682365][T12353]                    do_fcntl+0x1099/0x1910
[ 1350.688255][T12353]                    __se_sys_fcntl+0xc8/0x150
[ 1350.694416][T12353]                    do_syscall_64+0xfa/0xfa0
[ 1350.700485][T12353]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1350.707934][T12353]    INITIAL READ USE at:
[ 1350.712252][T12353]                         lock_acquire+0x120/0x360
[ 1350.718744][T12353]                         _raw_read_lock_irq+0xaa/0xf0
[ 1350.725588][T12353]                         do_fcntl+0x812/0x1910
[ 1350.731820][T12353]                         __se_sys_fcntl+0xc8/0x150
[ 1350.738398][T12353]                         do_syscall_64+0xfa/0xfa0
[ 1350.744892][T12353]                         entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1350.752772][T12353]  }
[ 1350.755257][T12353]  ... key      at: [<ffffffff9980f880>] file_f_owner_allocate.__key+0x0/0x20
[ 1350.764092][T12353]  ... acquired at:
[ 1350.767882][T12353]    lock_acquire+0x120/0x360
[ 1350.772554][T12353]    _raw_read_lock_irqsave+0xaf/0x100
[ 1350.778100][T12353]    send_sigio+0x38/0x370
[ 1350.782524][T12353]    kill_fasync+0x24d/0x4d0
[ 1350.787105][T12353]    lease_break_callback+0x26/0x30
[ 1350.792298][T12353]    __break_lease+0x6a5/0x1620
[ 1350.797142][T12353]    do_dentry_open+0x8b7/0x13f0
[ 1350.802068][T12353]    vfs_open+0x3b/0x340
[ 1350.806302][T12353]    path_openat+0x2ee5/0x3830
[ 1350.811061][T12353]    do_filp_open+0x1fa/0x410
[ 1350.815762][T12353]    do_sys_openat2+0x121/0x1c0
[ 1350.820603][T12353]    __x64_sys_open+0x11e/0x150
[ 1350.825456][T12353]    do_syscall_64+0xfa/0xfa0
[ 1350.830130][T12353]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1350.836186][T12353] 
[ 1350.838496][T12353] 
[ 1350.838496][T12353] the dependencies between the lock to be acquired
[ 1350.838505][T12353]  and SOFTIRQ-irq-unsafe lock:
[ 1350.852002][T12353] -> (tasklist_lock){.+.+}-{3:3} {
[ 1350.857120][T12353]    HARDIRQ-ON-R at:
[ 1350.861089][T12353]                     lock_acquire+0x120/0x360
[ 1350.867241][T12353]                     _raw_read_lock+0x36/0x50
[ 1350.873487][T12353]                     __do_wait+0xde/0x740
[ 1350.879296][T12353]                     do_wait+0x1f8/0x510
[ 1350.885013][T12353]                     kernel_wait+0xab/0x170
[ 1350.890988][T12353]                     call_usermodehelper_exec_work+0xbe/0x230
[ 1350.898520][T12353]                     process_scheduled_works+0xae1/0x17b0
[ 1350.905710][T12353]                     worker_thread+0x8a0/0xda0
[ 1350.911945][T12353]                     kthread+0x711/0x8a0
[ 1350.917658][T12353]                     ret_from_fork+0x4bc/0x870
[ 1350.923893][T12353]                     ret_from_fork_asm+0x1a/0x30
[ 1350.930304][T12353]    SOFTIRQ-ON-R at:
[ 1350.934274][T12353]                     lock_acquire+0x120/0x360
[ 1350.940413][T12353]                     _raw_read_lock+0x36/0x50
[ 1350.946556][T12353]                     __do_wait+0xde/0x740
[ 1350.952360][T12353]                     do_wait+0x1f8/0x510
[ 1350.958069][T12353]                     kernel_wait+0xab/0x170
[ 1350.964050][T12353]                     call_usermodehelper_exec_work+0xbe/0x230
[ 1350.971588][T12353]                     process_scheduled_works+0xae1/0x17b0
[ 1350.978772][T12353]                     worker_thread+0x8a0/0xda0
[ 1350.985004][T12353]                     kthread+0x711/0x8a0
[ 1350.990714][T12353]                     ret_from_fork+0x4bc/0x870
[ 1350.996944][T12353]                     ret_from_fork_asm+0x1a/0x30
[ 1351.003346][T12353]    INITIAL USE at:
[ 1351.007230][T12353]                    lock_acquire+0x120/0x360
[ 1351.013284][T12353]                    _raw_write_lock_irq+0xa2/0xf0
[ 1351.019783][T12353]                    copy_process+0x224f/0x3c00
[ 1351.026023][T12353]                    kernel_clone+0x21e/0x840
[ 1351.032082][T12353]                    user_mode_thread+0xdd/0x140
[ 1351.038398][T12353]                    rest_init+0x23/0x300
[ 1351.044108][T12353]                    start_kernel+0x3ae/0x410
[ 1351.050167][T12353]                    x86_64_start_reservations+0x24/0x30
[ 1351.057184][T12353]                    x86_64_start_kernel+0x143/0x1c0
[ 1351.063855][T12353]                    common_startup_64+0x13e/0x147
[ 1351.070352][T12353]    INITIAL READ USE at:
[ 1351.074668][T12353]                         lock_acquire+0x120/0x360
[ 1351.081155][T12353]                         _raw_read_lock+0x36/0x50
[ 1351.087656][T12353]                         __do_wait+0xde/0x740
[ 1351.093802][T12353]                         do_wait+0x1f8/0x510
[ 1351.099861][T12353]                         kernel_wait+0xab/0x170
[ 1351.106182][T12353]                         call_usermodehelper_exec_work+0xbe/0x230
[ 1351.114064][T12353]                         process_scheduled_works+0xae1/0x17b0
[ 1351.121772][T12353]                         worker_thread+0x8a0/0xda0
[ 1351.128352][T12353]                         kthread+0x711/0x8a0
[ 1351.134411][T12353]                         ret_from_fork+0x4bc/0x870
[ 1351.140987][T12353]                         ret_from_fork_asm+0x1a/0x30
[ 1351.147733][T12353]  }
[ 1351.150216][T12353]  ... key      at: [<ffffffff8dc0c058>] tasklist_lock+0x18/0x40
[ 1351.157937][T12353]  ... acquired at:
[ 1351.161737][T12353]    lock_acquire+0x120/0x360
[ 1351.166401][T12353]    _raw_read_lock+0x36/0x50
[ 1351.171172][T12353]    send_sigio+0x101/0x370
[ 1351.175666][T12353]    dnotify_handle_event+0x169/0x440
[ 1351.181229][T12353]    fsnotify+0x1671/0x1a80
[ 1351.185729][T12353]    __fsnotify_parent+0x3fe/0x540
[ 1351.190829][T12353]    notify_change+0xc55/0xf40
[ 1351.195586][T12353]    do_truncate+0x1a4/0x220
[ 1351.200255][T12353]    vfs_truncate+0x493/0x520
[ 1351.204925][T12353]    do_sys_truncate+0xdb/0x190
[ 1351.209772][T12353]    __x64_sys_truncate+0x5b/0x70
[ 1351.214800][T12353]    do_syscall_64+0xfa/0xfa0
[ 1351.219478][T12353]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1351.225562][T12353] 
[ 1351.227875][T12353] 
[ 1351.227875][T12353] stack backtrace:
[ 1351.233754][T12353] CPU: 1 UID: 0 PID: 12353 Comm: syz.0.22800 Not tainted syzkaller #0 PREEMPT(full) 
[ 1351.233773][T12353] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1351.233784][T12353] Call Trace:
[ 1351.233791][T12353]  <TASK>
[ 1351.233799][T12353]  dump_stack_lvl+0x189/0x250
[ 1351.233822][T12353]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1351.233841][T12353]  ? __pfx__printk+0x10/0x10
[ 1351.233859][T12353]  validate_chain+0x1f05/0x2140
[ 1351.233885][T12353]  __lock_acquire+0xab9/0xd20
[ 1351.233901][T12353]  ? send_sigio+0x101/0x370
[ 1351.233917][T12353]  lock_acquire+0x120/0x360
[ 1351.233930][T12353]  ? send_sigio+0x101/0x370
[ 1351.233947][T12353]  ? __pfx__raw_read_lock_irqsave+0x10/0x10
[ 1351.233968][T12353]  ? dnotify_handle_event+0x62/0x440
[ 1351.233987][T12353]  _raw_read_lock+0x36/0x50
[ 1351.234005][T12353]  ? send_sigio+0x101/0x370
[ 1351.234020][T12353]  send_sigio+0x101/0x370
[ 1351.234037][T12353]  dnotify_handle_event+0x169/0x440
[ 1351.234058][T12353]  fsnotify+0x1671/0x1a80
[ 1351.234072][T12353]  ? take_dentry_name_snapshot+0x157/0x500
[ 1351.234091][T12353]  ? fsnotify+0x735/0x1a80
[ 1351.234104][T12353]  ? __pfx_fsnotify+0x10/0x10
[ 1351.234119][T12353]  ? take_dentry_name_snapshot+0x29/0x500
[ 1351.234135][T12353]  __fsnotify_parent+0x3fe/0x540
[ 1351.234151][T12353]  ? __pfx___fsnotify_parent+0x10/0x10
[ 1351.234168][T12353]  ? fsnotify_change+0x228/0x2c0
[ 1351.234187][T12353]  notify_change+0xc55/0xf40
[ 1351.234208][T12353]  do_truncate+0x1a4/0x220
[ 1351.234228][T12353]  ? __pfx_do_truncate+0x10/0x10
[ 1351.234246][T12353]  ? apparmor_path_truncate+0x238/0x2d0
[ 1351.234270][T12353]  vfs_truncate+0x493/0x520
[ 1351.234291][T12353]  ? __pfx_vfs_truncate+0x10/0x10
[ 1351.234312][T12353]  do_sys_truncate+0xdb/0x190
[ 1351.234332][T12353]  ? __pfx_do_sys_truncate+0x10/0x10
[ 1351.234354][T12353]  __x64_sys_truncate+0x5b/0x70
[ 1351.234373][T12353]  do_syscall_64+0xfa/0xfa0
[ 1351.234393][T12353]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1351.234412][T12353]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1351.234427][T12353]  ? clear_bhb_loop+0x60/0xb0
[ 1351.234443][T12353]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1351.234457][T12353] RIP: 0033:0x7fb68b78f749
[ 1351.234472][T12353] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1351.234486][T12353] RSP: 002b:00007fb68c5ea038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[ 1351.234503][T12353] RAX: ffffffffffffffda RBX: 00007fb68b9e5fa0 RCX: 00007fb68b78f749
[ 1351.234515][T12353] RDX: 0000000000000000 RSI: 0000000003000004 RDI: 0000200000000900
[ 1351.234525][T12353] RBP: 00007fb68b813f91 R08: 0000000000000000 R09: 0000000000000000
[ 1351.234535][T12353] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1351.234545][T12353] R13: 00007fb68b9e6038 R14: 00007fb68b9e5fa0 R15: 00007fb68bb0fa28
[ 1351.234567][T12353]  </TASK>