last executing test programs:

11.121817436s ago: executing program 3 (id=1270):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(r3, 0x4068aea3, &(0x7f0000000200)={0x74, 0x0, 0x10})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setfsuid(0xffffffffffffffff)
r4 = syz_clone(0x100011, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x24048055}, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r5, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000000)={0x38, 0x1406, 0x1, 0x70bd2a, 0x25dfdbfb}, 0x38}, 0x1, 0x0, 0x0, 0x80c0}, 0x40080)
wait4(r4, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
mincore(&(0x7f00001b0000/0x3000)=nil, 0x3000, &(0x7f0000000480)=""/153)
syz_usb_connect(0x3, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000b540334086b48a65301d01020301090212"], 0x0)
r6 = socket$inet(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCSARP(r6, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x1, @local}, 0x4a, {0x2, 0x0, @dev}})

8.634905384s ago: executing program 0 (id=1285):
r0 = socket$nl_route(0x10, 0x3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000008, 0x810, 0xffffffffffffffff, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$HIDIOCGCOLLECTIONINFO(r0, 0xc0104811, &(0x7f00000000c0)={0xffff0286, 0x7, 0x8a, 0x8})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2800, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0xc0010141, 0x0, 0x10001}]})
ioctl$KVM_SET_MSRS(r6, 0xc008ae88, &(0x7f0000000040)={0x10000000000000cf, 0x0, [{}]})
madvise(&(0x7f000083b000/0x1000)=nil, 0x1000, 0x0)
r7 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_INIT(r7, 0x29, 0xc8, 0x0, 0x0)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x0, 0x2}, 0xc)
r8 = openat$vnet(0xffffffffffffff9c, &(0x7f00000038c0), 0x2, 0x0)
r9 = socket(0x29, 0x2, 0xff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
setsockopt$MRT6_DEL_MIF(r9, 0x29, 0xcb, 0x0, 0x0)
ioctl$VHOST_SET_OWNER(r8, 0xaf01, 0x0)
eventfd(0x80000001)

7.631239658s ago: executing program 0 (id=1288):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x20000, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x86)
r2 = signalfd4(0xffffffffffffffff, &(0x7f0000000040)={[0x9]}, 0x8, 0x80800)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff1000/0x3000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff6000/0x3000)=nil, &(0x7f0000ff2000/0x1000)=nil, &(0x7f0000ff8000/0x8000)=nil, &(0x7f0000ffc000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r3 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0xc89d, 0xc000, 0xa, 0x20002f7})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000093c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@deltfilter={0x24, 0x2d, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0x0, 0xfff0}, {0xe, 0xffff}}}, 0x24}}, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x3, &(0x7f0000000000)=0x6, 0x4)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000040)=0x8)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
getdents(r5, &(0x7f00000001c0)=""/105, 0x69)
io_uring_register$IORING_REGISTER_RESIZE_RINGS(r2, 0x21, &(0x7f0000000100)={0x0, 0x454d, 0x8, 0x3, 0x1e5, 0x0, r3}, 0x1)
r6 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f0000000040)={0x1, 0x0, [{0x29b}]})

7.548521454s ago: executing program 0 (id=1289):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000795d6c08450c3a616dc4010203010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000400)={0x2c, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000800)={0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="00000100000012"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x8)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$sierra_net(r0, 0x0, &(0x7f00000002c0)={0x1c, &(0x7f0000000200)=ANY=[], 0x0, 0x0})
syz_usb_control_io$sierra_net(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)

6.991860612s ago: executing program 3 (id=1290):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000040)=ANY=[@ANYBLOB="e40000000201010800000000000000000a000000d00001800c000280050001000000000014000180080001000000000008000200000000002c00018014000300ff01000000000000000000000000000114000400090200000000000000000000000000010c00028005000100000000004700028005000100010000000600040000000000060005"], 0xe4}}, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockname$inet(0xffffffffffffffff, 0x0, &(0x7f0000002280))
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x22)
r3 = socket(0x1e, 0x4, 0x0)
r4 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10)
sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000)
r5 = dup3(r4, r3, 0x0)
recvmmsg(r5, &(0x7f0000008840)=[{{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000480)=""/4096, 0x1000}], 0x1}, 0x1}], 0x1, 0x40000001, 0x0)
read$FUSE(r5, &(0x7f0000003100)={0x2020}, 0x2020)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYRES8=r1], 0x50)
unshare(0x62040200)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x15)
syz_usb_connect(0x0, 0x4a, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(r5, 0x89e2, &(0x7f0000000100)={r5})
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000000)

6.802094394s ago: executing program 2 (id=1292):
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000540)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f0000001e40), 0x0, 0x100, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
syz_open_dev$video(0x0, 0x1d24, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$SG_IO(r4, 0x2285, &(0x7f00000005c0)={0x53, 0xfffffffffffffffb, 0x6, 0x4, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000400)="0a5f306aa672", 0x0, 0xffffffff, 0x0, 0x3, 0x0})
r5 = socket$inet(0x2b, 0x801, 0x0)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)={0x14, 0x0, 0x301, 0x70bd28, 0x25dfdbfe, {0x1c}}, 0x14}, 0x1, 0xffff000000000000}, 0x10)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r1, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x4)
setsockopt$IP_VS_SO_SET_ADD(r5, 0x0, 0x48f, &(0x7f0000000000)={0x1, @private, 0x0, 0x0, 'sed\x00', 0xa, 0xfffffffb, 0x14}, 0x2c)
r6 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x4000, 0x0)
r8 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0xa4242, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r8, 0x0)
r9 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x1c3902, 0x0)
r10 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000480), 0xa0000, 0x0)
ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
r11 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x11)
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x2)
ioctl$KVM_SET_MSRS(r12, 0x4008ae89, &(0x7f0000000080)={0x1, 0x0, [{0x4000009c}]})
sendfile(r9, r9, 0x0, 0x2000fb)
preadv2(r7, &(0x7f0000000080)=[{&(0x7f0000001200)=""/4096, 0x1fee00}], 0x2, 0x0, 0x0, 0x0)
readv(r6, &(0x7f0000000340)=[{0x0}], 0x1)
ioctl$IMADDTIMER(r6, 0x80044940, &(0x7f0000000000))

5.528434633s ago: executing program 2 (id=1295):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xf, 0x7fff7ffc}]})
ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, &(0x7f0000000040)={0x2800, 0x1000, 0x7})
r3 = syz_open_dev$dri(&(0x7f0000000240), 0x1ff, 0xa0040)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r3, 0xc01864c6, &(0x7f00000003c0)={0x0, 0x0, 0x80800, 0x0, <r4=>0xffffffffffffffff})
dup3(r4, r3, 0x80000)
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCADDRT(r5, 0x890b, &(0x7f0000000140)={@mcast2, @mcast1, @private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0022})
close_range(r2, 0xffffffffffffffff, 0x200000000000000)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000100)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r6=>0x0)
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r6, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x100000e, 0x2010, 0xffffffffffffffff, 0x1000)
syz_open_dev$sndmidi(&(0x7f0000000040), 0xffffffffffffffff, 0xd673d30dbe9d2b51)
syz_open_dev$midi(&(0x7f00000001c0), 0x2, 0x40c01)
r7 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r7, 0x40045542, &(0x7f0000000180))
syz_open_dev$dmmidi(&(0x7f0000000080), 0x200, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
lseek(0xffffffffffffffff, 0x8, 0x4)
sched_setattr(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000140), 0x200280, 0x0)
syz_mount_image$fuse(0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000280)={0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000880)=ANY=[@ANYBLOB="010000000300000004000000ff07"], 0x48)

5.403064384s ago: executing program 4 (id=1296):
r0 = syz_usb_connect(0x6, 0x2d, &(0x7f0000000040)=ANY=[@ANYRESDEC=0x0], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6(0xa, 0x800000000000002, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x8, 0x3, &(0x7f0000000100)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0, 0x8, 0x0, 0x0, 0x0, 0x42}, 0x94)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0xc0}, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000640)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x8, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r1, 0x47bc, 0x20, 0x0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x4, &(0x7f00000001c0)={[{}]})

5.371486583s ago: executing program 2 (id=1297):
open(&(0x7f0000000140)='./file1\x00', 0x60142, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
open(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
write$FUSE_INIT(r0, &(0x7f0000002300)={0x50, 0x0, r1, {0x7, 0x9, 0x0, 0x1030002}}, 0x50)
read$FUSE(r0, &(0x7f00000065c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INTERRUPT(r0, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r2}, 0x10)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x20080, 0x0)
dup3(r3, r0, 0x0)
close(0x3)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
r4 = syz_io_uring_setup(0x1e1d, &(0x7f0000000200)={0x0, 0x400086fc, 0x10100}, &(0x7f0000002000)=<r5=>0x0, &(0x7f0000000000)=<r6=>0x0)
syz_io_uring_submit(r5, r6, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x4, 0x0, 0x0, 0x22})
io_uring_enter(r4, 0x48ed, 0x0, 0x2, 0x0, 0x0)

5.128763259s ago: executing program 2 (id=1298):
r0 = socket$nl_route(0x10, 0x3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000008, 0x810, 0xffffffffffffffff, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$HIDIOCGCOLLECTIONINFO(r0, 0xc0104811, &(0x7f00000000c0)={0xffff0286, 0x7, 0x8a, 0x8})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
ioctl$IOMMU_HWPT_ALLOC$NONE(0xffffffffffffffff, 0x3b89, &(0x7f0000000140)={0x28, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, &(0x7f00000005c0)="3eaab8b86f1bb34ae4431e9aea48c55124bbd2eb2667873e979f9bd63ee1d0740b080179be0f93e9cf4cf5a2cbdb6423f70c9db02adf21df149e0646d5377622c7e12fcfae6a012fdcd2e8c3a9665084792510c6ecabfb5532691be412feefcf55aaf984446c403ddaa8ef52ae6273e301cd7f804ad1c8d9247085351e0e6cc5627a4de205d290596e2a75b5b4eb35c1494bf8ba3787b124a9a216d61c8f29993a96329f608fbe4d18c120d8da133a2f582fa53cb7ba1b14e7c1493bb27f4e9cd2a5bd944907ad15a33de5b6ae9fc9ece014ea247b271065105b56be2bff4e2bb227fa6259aad94067cbd5db6e48201bcf63427e73e59b4e81b8d984232bb0567dce9da428ea3d124e90801df0890c63bda7918ec60055a0bc4280c39ee35193f5c6ff16d479e9e10c53965225d6c4a30cda6128b64cf553c41dd5f0970fff834b94570eecdb2a598e016ee29d4730865190d1354c57f635a2a4894f6e289c4fc9f12cdcf2538800fb3c012e9e74ec8a0385e5c76f4ceb7f252b32869ca8fa711bdf417c65a2810439678d67bd835d8a7722c8ac699e319d95fb468a53fa00b12e54ebf7dfa86920d9a3bfd356f22c6c73dcd772fa7ec24c62cc8c7d5cca7f65f6eed409fa5c0af408390bf0a50ff04de09c7820d32c3a9442053577337fa5b8f59c291b35afb34903d6123c74c70a3be0845a7ffe565786aa569567e67207403f8fe73575d258057021106fb5e93abb6cf9b80b42e1ef652a9cd563fbc96f3962f93fe848298e9ce617b2fef5961ced80a102c0de585eff01e590620a3846e11fedda65452dacdc7accb1455523ce8225063114b35674bed1fd2f10e3e1d76f3109484050ffa1db78c13e7398337ac10b9bdc53447a9220a0961240106fe8f79305ffa3d70236bacc1bcefe6200cbf27db88f6c5b868296a240ae629e33a5256ba6f176176acd0e6f7dbeeff0a37f79d63f1ad7a3dafe9b89f588d2d146c282176d601bde3bbb9cf4511e3bdfd0ae8033756e1fdbc2362f658d6f29fe12d552c72d7f7ef36385a9beb8baea626840ef03ed5660a3e6d45dec1aad2fcb9e6044d11224ba0fbda46f48ca2f707a21a16070e5cc9eef90e63fc7b95dc2ee03860d60298d0112f0f792a20f538402c5b64f4d4c1dbb0f598f9ef73dd6defe43c2ce157b045b6ab898c6cbd7c1ffaa2b531545626b4d4ae07b2d945451d570067a4c50c2aa5afef068c24f521a2099f0449417c2980f40a5a05e1ef984dd56e9c670870ab2b0cc2e5c9f7336e93817d412f4d1f42db5f0cc55fbd8a20b660e61841686d4c77c4786df109711224baacfbaf7b53cdb3dcd0ea070b2f8cc2c188df3486a021c0d2b2bdbf9d78b232746bed1c507fc34d068cabbe1c827d8bae3da41c95f75f1d4c25cc76f96f2f52cad5c9c4c748fdae91c24011ba505420de4621a6e44eee435080c07ae00abee0421f80ad420a8841e39d109063cd4488c3bf987974e44eec6fbfa84ef79d3a903d2de5066aad94a602d4d843997d8868603a87dabec7668526ac3a392750a794ba5097ea2536ffa02b2c23f431d613ea871b16c93a42c97e11fa3e5eb4fa5c306bfabc1e64509ceed3ced56925f25b516e90829a78d56abe138cf428776d0f8797373d7471189cb91092b2d5e840498f4705db532e2ab5973e29ca8d0c889e76089dce4a91db8e97bd2bb44b10dc721052d813fec01fe7d2b3c6ee91831f16c6460934efee447566088bd4c7b90eacc33962fb664ca06a00bd29e8487fc97263abbafccbe82efe24d5a44f36aaf44559460528208f36605f254ea32719864f533b164dcf0ad5fc6881006a891a3897ebf4ae47a214181c4635af56efe575a10275ce97aba0dbd63c989312aea7de9fda815a73018942a573dc4b3f743f152c2e9ef4398819942d60b393f208fac223a45e9054d50b5772a0ac05632870d4dd1b8c91312dc7870cb877106e3aca5ad68b10a45b92110d30ae1dd3380f9a2b2a9b8dca05877f3ab12bb3ac76e3ac44daef7bd3642ecc215e53649a2f1f93545044320c372fa954ef9a4535dca3d24195f58660328346cc812e76c3a7e940428e7bbf6711657af990dbed1ddcd0712b5cec34e2703d60897f7228ee45cc0b17922e407a9248759f8bb90d8279a5c2907fd349c3fc653934a6b2ad33a548b7cd18fff641b4a3844cea4d200f45ae56965910dc1a4ac47f3c96cf1b3ebff801cc6b0c57e1baa821e76512d2e15d636263015f4019db2d930fe92262650a1c0dd7215aa05b2f3a5a76f137461c6ce9c483460a74c09b2dc707e78df1840ed213b9a265b3ef4d96ef93a9663dbca5d6e5c55d90cb251ab61216736c782f6f55c804fb03a8f5aac63fa5a34382f626c17d12838ad605a4b44ed5cfe7c7ede5ae3453e9854003cd8955cbd1897f889e50f5a73ed76f58c5617272d2f184739491ae2e71f1e0427ea6e3d3ab54fd5c3cdddb9b93ed1c41f19a4ae5a7a468d136443d80a2f4237256e1560d428014dbc42e0c44a6d9341bddb0633b36b9e2d80f862e61167871080e8e30b7cc53de618ec61529dd7bc81a3074b37c2fae141e90d8bd6d6caf1a110a2918e492af5afff678f6ae9fa46f434807588be8223cbb29dd2ce4c6ad0a3ce5c35c9124bed6a1abb5005320676fd88bae60cad61675e943767013d68120b29fa603c370689e5c1d191aab95a7140b9161befbd9ef05849c8b5c96c7d35f62c0cb81e8531c0f8ace172457df7c6e1c072418d5297f9ec26a55e6a941228f1f9dbe487c46837bc9e6d07057f83825a4d8c8d0d87c7d9ee2a10f25c2c2cb7890769cf87f3b5a11e2ae5eec74a982a63bd49fa41481c938255bc6f8f63711a711c970d4fc015b50efb4d28908701ed787a12312b460a72a33fb57826c88e8e57b4b871542c58bffcf8be1c7b4669ce8b38b555ac1e64327864acf08a3959cd2e97fbb7e44580ccbe0ff11f41a4991819a4e7ab28866bb9d90bbf19098dcd01ef19bcda6d444e5a4b660fc6d9cc8006106921ef7f343c1f27bfa5372295326a9247c0feb5b07f625bb979a1cc924b29b6b871ed2aa828b975e542ee585a7fd88dea3b349141eacc062f80efe5de607fd2a9063cb7b0ab5811996dbee45b27fd78d5651ab0a0c6f9bfbbc3ee92cb3b5e31a3d64c62ffa48178a9c0a8a22cdac17733bb85c7a3eba3a34c996c483639de0835688b37beba37981487653d788528851020435576814bf5ef6d8d98c810d275bc6085694e3d949368df936729db0129500f6fee44de02fb884f10eb143f831aaecbe09e83459ff84513a0039b646df575a6f390616d3af5454265aac80b1ded483ba9115f8b0ddf2252c92971e6d13e87ba477f5088b9751cec846477210ebfcb1ff08dd9e27cdb43c8f6d741539187f84d2d6c457222371420f8d5fa52b30e9992f8c0b091c14c694550779684ec395949ff37549ed7b9dc75add752a1730d0d5fc3f21464b67ea3014f3b50af034d2edecf4e039d1572ccea72f0ebd2248532bc71c71208258ef722c42bfadd47872c04128368888943493b6b62fd9e1b7b8d4fab43659344ed6c0262d8c66b2f0b14ee8710687eb3e47986cde3353e66e8f751ae96ec6f6e719b4dd822aaf001cc50a1e849d185f932016fe412eaac354fb6de1df6b61dcc2d0b7bac3c17cbc98a847e53d3532564cade34dbeb9cc5c82b3e70e83cacf5f090b1b5d2c81ce37c3984558b69271599092d4be3512b5e5f4b51b9e58d8ac22bf92b94134df20579c3773c731de598df749960443c410fdeca3d4ef94bd178ea87e304ab322ec8804b0a50773d417c4fd03d8886f411af9d9120047286a30e77e379f57e3ba454908cc9e7cd08416eb01c8e69db1bbc57bf6d6f1e5d038b22c5d418030c072356646b45317221477564df0898ef5777249300f8192ebbab22fe6f853893c5e1d62b05b6c2e1ec2e319a736e5be74139453ed81151a638bcc08f4d51376a290a32b73b4e12024f5de62f293589e0a35e0922a5a29d04e7ed53fda3f3a91211edac24690b3ca6c0e25ac019c678c4e275f6d4fef30fb5118d8bbd785244725370c44ad84b82c55ebef7ebdffe3f4e9bd8ee58399a09bed9a7bba802e8c0b20d2c2d88af5bc0a8296b8cbeb3483b80278c7520278f57dbf762859025883964e0a0ae05547031de5bb90c6d30ca49ae743d4bb5c987b362d7c94e5c722307b2f7dbe2ed254b6884c20e5c8394cffe5af65cb3145bacb975a6eabe49f4e584411d6e4ddfb8ba9c8ba375ad59d9f510d80759d764fefe3ef222b208c1cd24581086db645ded49f851835983dcdae4320fe66655e339657ab4f551e5b03d75bd9638f03d936db7e19fa9d5d2335c37c32856fb2fb7e9f8bfd915578274264cfab5db80a5914ea9b4206d70779647de5e0c0faf0827b1b8b6800b5426472c1b29518a4ea501e9ed7a1f1e90416f37fe1f27a892d7ac422afa18b1cd2c69862dd662f88bdabba9da8253905fa0eeaa72cdd39dba627c3f8e78b75e4638bac92ef47898f25500a4a5e22b2f1dc6506f59632500a668da44c4596d8a50a99c1fe59c11cb58b9853a1e131d89ec63588abd0758dd563a2e3ede31f60e853a56af29e24b4cfbd5778b9820d65b3fca33e35429c0822c4d171c07b4e85d1b60353ddea04307cfda226e4f767b339f02d9ff55ab4c213578f67ef2bc7ff491d16655d0636db43af7e2ac203282f66402013ea750d8538fb0aa028c14e52acb9ba64b5f44ca4cac609bfd1a6ae1218abc627cbf3b512cff14a58968d770cc8f6ee61b807224ede5db0dde739aa3af3dee9ab588036a8ad08d7e133a93b2dcde208ec16e694831da4a12fa552c497598fd569e0f0e79c002ae7f5d46de6a41e35d44e15384dfc04adecb877c343899b907528142f3d6ee8ec754f3b35af4b9bada3fa2b3ccb696c4f14126c789b72b823b899a5f3337eabab1f21f44dcecc4459565404b7015840adeea89ff865a629b44ed9eeba90ad8c21cfd06e3731839e1d0efbb1db809613132a1884de50fa1698991ff868d15805285a3a922b14d4582fc74fd0608a22804239e42e6767f8e51156536532a5ac9674e538e6696d96db4adf6e7c3e86d47a06f69659f18b85bd825759c5c384b2423115e993c0c8d942a4b8986d4cfc12c915d02ef82ba5bc9506c49cb4d8f588b42c8147358288ff594ed2c0f731f3c5bc764fa35f5d93c88ae127cc68497bf446192330bba2f41a1f80c23a398c4e9fa6593fd2812674bdbb97aa5224060938fc87190843efc408dc000336eaa937d259390b0416ed37884fa2a113dc1da74496d71346b20e03b8558ebc1b670c12cc3c4755acda2986c4c65333fd70e1e0dcfe7871d7901b6e5a19b560d1c926342fc2ec2c0a2e80ea23500313f491e42b9afca0b7766e1bb6f604b06a8779c98586d3ad7c0c1bd3f3b3aa8da8732045fe6f96332627c73dd8505c8a7c48f199f77559fdedaebae3cf21937e7904b10846a9a94b88b701a8775d3bb0e63533da03f1bfe4580ad10b8402d97034adf3121f1f7a587dbf4ab01aeec9bb6c21a2ebb449382247535a5da1ef3f7962cd3604b72cc0c7267874ada040824545edc0b4fe36ca4fc904e759c50cc5d5a89e2deeaf1e90f0b1d66008233db4aa0952595644d786ad64f031ee2ab7d7c5ab6bb71151d4eb211a4ead421af57a489eb80a70a0c4f93806c89986956d482af8ad1c4ea812f7243d2a1ac0cda50a9a915935cedde57adb20f99ad3a509fa8edd7500f6951d0c382b674fddcc7"})
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
madvise(&(0x7f000083b000/0x1000)=nil, 0x1000, 0x0)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_INIT(r4, 0x29, 0xc8, 0x0, 0x0)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x0, 0x2}, 0xc)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f00000038c0), 0x2, 0x0)
r6 = socket(0x29, 0x2, 0xff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
setsockopt$MRT6_DEL_MIF(r6, 0x29, 0xcb, 0x0, 0x0)
ioctl$VHOST_SET_OWNER(r5, 0xaf01, 0x0)
r7 = eventfd(0x80000001)
ioctl$VHOST_SET_VRING_KICK(r5, 0x4008af20, &(0x7f0000000040)={0x0, r7})
r8 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x602100, 0x0)
ioctl$FBIOGETCMAP(r8, 0x4604, &(0x7f00000001c0)={0x1, 0x0, 0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0]})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000340)={'wlan0\x00', &(0x7f0000000300)=@ethtool_sset_info={0x37, 0xff, 0xfffffffffffffffa}})

4.817302649s ago: executing program 4 (id=1299):
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x8, 0x50, 0xffffffffffffffff, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000a40), 0x40000, 0x0)
ioctl$DVB_DEMUX_DMX_EXPBUF(r1, 0xc00c6f3e, &(0x7f0000000a80)={0x4, 0x80000, <r2=>r1})
r3 = mmap$IORING_OFF_SQES(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x4, 0x10010, r2, 0x10000000) (async)
r4 = syz_mount_image$fuse(&(0x7f0000000740), &(0x7f0000000780)='./file0\x00', 0x40c60, &(0x7f00000007c0)={{}, 0x2c, {'rootmode', 0x3d, 0xc000}, 0x2c, {'user_id', 0x3d, 0xee00}, 0x2c, {'group_id', 0x3d, 0xee01}, 0x2c, {[{@default_permissions}, {@allow_other}, {@blksize={'blksize', 0x3d, 0x1000}}, {@max_read={'max_read', 0x3d, 0x4}}, {@default_permissions}, {@default_permissions}, {@allow_other}, {@allow_other}], [{@euid_lt={'euid<', 0xffffffffffffffff}}, {@uid_eq={'uid', 0x3d, 0xee01}}, {@obj_user={'obj_user', 0x3d, ',\'%&-'}}]}}, 0x0, 0x0, &(0x7f0000000940)="072ac5d9b1dd22fac669f4515d83390b7d3e7efceeac94bccfbf5773f958231a1d88bf901c")
syz_io_uring_setup(0xbdc, &(0x7f00000000c0)={0x0, 0x5edc, 0x1000, 0x3, 0x40000333}, &(0x7f0000000000)=<r5=>0x0, &(0x7f00000001c0)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) (async)
r7 = io_uring_register$IORING_REGISTER_PERSONALITY(0xffffffffffffffff, 0x9, 0x0, 0x0)
syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_FADVISE={0x18, 0x19, 0x0, @fd_index=0x9, 0xffffffffffffffff, 0x0, 0x8001, 0x3, 0x1, {0x0, r7}}) (async)
syz_io_uring_submit(r0, r3, &(0x7f0000000a00)=@IORING_OP_OPENAT2={0x1c, 0x10, 0x0, r4, &(0x7f0000000980)={0xc8177cd82d280886, 0x14c, 0x4}, &(0x7f00000009c0)='./file0\x00', 0x18, 0x0, 0x12345, {0x0, r7}}) (async)
r8 = socket$inet(0x2, 0x80001, 0x84)
setsockopt$sock_int(r8, 0x1, 0x31, &(0x7f0000000280)=0x6, 0x4) (async)
setsockopt$sock_int(r8, 0x1, 0xf, &(0x7f0000000280)=0x3, 0x4) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001280), 0x2, 0x0)
ioctl$FUSE_DEV_IOC_BACKING_CLOSE(r9, 0x4004e502, 0x0) (async)
listen(r8, 0x3) (async)
r10 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r10, 0x0, 0x0)
r11 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
syz_usb_disconnect(r11)
syz_usb_connect(0x6, 0x24, &(0x7f00000003c0)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r11, 0xc0085508, &(0x7f00000000c0)=0x10000000)
syz_usb_connect$midi(0x4, 0xcd, &(0x7f0000000080)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x10, 0x499, 0x100d, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xbb, 0x1, 0x1, 0x3, 0x40, 0xfa, "", {{{0x9, 0x4, 0x0, 0x0, 0x7, 0x1, 0x3, 0x30, 0x7, [@midi_out_jack={0xb, 0x24, 0x3, 0x1, 0xfa, 0x2, [{0x2, 0x4}, {0x4, 0xe2}], 0xfe}, @midi_out_jack={0x9, 0x24, 0x3, 0x3, 0x2, 0x1, [{0x4, 0x7f}], 0x3}, @midi_out_jack={0x11, 0x24, 0x3, 0x1, 0x6, 0x5, [{0x9, 0x6}, {0x0, 0xfb}, {0x3, 0xfa}, {0x1, 0x4}, {0x88, 0x5}], 0x7}], [{{0x9, 0x5, 0xa, 0x0, 0x10, 0x7, 0x0, 0x6, {0x4}}}, {{0x9, 0x5, 0x3, 0x0, 0x40, 0x9, 0x1, 0xe, {0x4}}}, {{0x9, 0x5, 0x2, 0x0, 0x200, 0xe2, 0x10, 0x10, {0x5, 0x25, 0x1, 0x1, "03"}}}, {{0x9, 0x5, 0x2, 0x13, 0x3ff, 0x4, 0x41, 0x6, {0x5, 0x25, 0x1, 0x1, "fc"}}}, {{0x9, 0x5, 0x3, 0x4, 0x8, 0xc7, 0x7, 0x2a, {0x10, 0x25, 0x1, 0xc, "65b02e9dd5691139390df1f5"}}}, {{0x9, 0x5, 0xe, 0x0, 0x0, 0x3, 0x4, 0xfb, {0x13, 0x25, 0x1, 0xf, "dfbbf079f866a2a5dc71ae840a1f13"}}}, {{0x9, 0x5, 0x5, 0xc, 0x200, 0x1, 0x80, 0x8b, {0x10, 0x25, 0x1, 0xc, "013d463f5852e2b04982b548"}}}]}}}}}]}}, &(0x7f00000006c0)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x200, 0x2, 0x4, 0x1, 0x20, 0x5}, 0xc8, &(0x7f00000002c0)=ANY=[@ANYBLOB="050fc80002b910b4bed7e65675b23880fa2eaa06cc8851bd72e1c2ba58f80d45f1b665f57b5653bc16c14e5420a8837d2381350fbbfd4c329934c27be469e8348217c1b4cadba952a7817e1a3396bb0b1c157bf05c8476c97ec0059969dfb25d1c86425fc934e140483647067b76910b1cce88cf0b63452e1e75d71e6d905dad88df3c260675ec69f45ca3d7f0df541cb54f78fcc8e228391ffb79f9688b18f0dec2bfe4243f56ed711009d474aff97f0304268e84a83e4a8d5388441c140a10030200000240322b"], 0x7, [{0x52, &(0x7f00000003c0)=@string={0x52, 0x3, "e034ba35d2dfddac98712d95759054ce1b9fc85d7888ce90e0636ff93b90a5880d71caa08704f76b3ef8154f768445bec4dd8131c85474e178b8ec7f61688df97233db68859cd1d7b0d819a2433eab37"}}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x459}}, {0xfd, &(0x7f0000000440)=@string={0xfd, 0x3, "82de589a5f852083109730f58404e76f68787fde0ced8e70d67aed154afad175d6a5983f59bb7997484f4c9f3ae3a0edb3b4f972896b239d15f4e3836b87e478135d09e289bea0063ca45fbc197f0184cc0dbb83bcbc375e1d848ea4ab7f7f305cbef3039ab8aa669511515c3814fb79bac94b37c3a0c82bd2ecce4bdcc3e9e90adfdd367c010f1c59b97f851c7aad721ee903f50441e379c0673cb55cbd54cb463b966dea5aedd00c232708a1cedb086d370b0b7358fad63377c3877b5606f3d0d53e95e6cce5cba7196902c6f782094b6be914afa820b4a986babb9fe10fe3f4ed8079b57c6a37d7888259a8e9f97205cc7e3e2b7c42f6dca6cc"}}, {0x7c, &(0x7f0000000540)=@string={0x7c, 0x3, "6224f98753072a329247fc4453d4daed8004c705ec49c2c684376a3e17f2cfcc23154baf56a1881f1d662e461909d2b8cc4c57d0c053e9249e14d79e5dacc562a70bad06b77b218892904a373f814932cd33058c5fac40d515f8a1abefb3b3c400b076a4b83ed3f812e86038f65301fd4b8f54ae0fb6ce2557f1"}}, {0x96, &(0x7f00000005c0)=@string={0x96, 0x3, "011224a8fe95df260a8a9b20b08b25f931ef86556e4198d098ec651cc4b33aef85908b7960a28c20209fc7dd281e511af7a2371beb899faa65ccd5055042c1ca5501d6c223fc511ababb58b60975ec6610c845843815ead00b592bc1a74c544b0b4d687ff828037d16bf3950d66704781cdc8c6ec92d4c7b9c6913647af4cf693a34e6fa8e1e5f3777c8bc8378759b5728fdf279"}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x2c0a}}, {0xb, &(0x7f0000000680)=@string={0xb, 0x3, "44d32810aa50135d14"}}]}) (async)
syz_usb_control_io$hid(r10, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00222200000046231306e354070c0000002a7f0807020000b6d14e922b67859c8c75ef92"], 0x0}, 0x0)

4.08668654s ago: executing program 2 (id=1300):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_DISABLE_QUIRKS(r3, 0x4068aea3, &(0x7f0000000200)={0x74, 0x0, 0x10})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
setfsuid(0xffffffffffffffff)
r4 = syz_clone(0x100011, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x24048055}, 0x0)
r5 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_SYS_GET(r5, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000001040)={&(0x7f0000000000)={0x38, 0x1406, 0x1, 0x70bd2a, 0x25dfdbfb}, 0x38}, 0x1, 0x0, 0x0, 0x80c0}, 0x40080)
wait4(r4, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
mincore(&(0x7f00001b0000/0x3000)=nil, 0x3000, &(0x7f0000000480)=""/153)
syz_usb_connect(0x3, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000b540334086b48a65301d01020301090212"], 0x0)
r6 = socket$inet(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCSARP(r6, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x1, @local}, 0x4a, {0x2, 0x0, @dev}})

3.853747658s ago: executing program 0 (id=1302):
open(&(0x7f0000000140)='./file1\x00', 0x60142, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000002400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000040), 0x402800, 0x0)
ioctl$TCXONC(r1, 0x540a, 0x0)
read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, <r2=>0x0}, 0x2020)
open(&(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
write$FUSE_INIT(r0, &(0x7f0000002300)={0x50, 0x0, r2, {0x7, 0x9, 0x0, 0x1030002}}, 0x50)
read$FUSE(r0, &(0x7f00000065c0)={0x2020, 0x0, <r3=>0x0}, 0x2020)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000006c0)=ANY=[@ANYBLOB="1201000000000040c41090ea80000000000109022400010000000009040000010300000009210000000122070009058103"], 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io(r4, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)={0x0, 0x0, 0x8, {0x8, 0x0, "392cdaab4a73"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r4, 0x0, &(0x7f0000000000)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x20, 0x1, 0x3, "c282fe"}, 0x0})
syz_usb_control_io$hid(r4, 0x0, &(0x7f0000000540)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="20010e"], 0x0})
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io$hid(r4, 0x0, &(0x7f0000000680)={0x2c, 0x0, 0x0, 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="21010808d60055f085747eab0000"], 0x0})
write$FUSE_INTERRUPT(r0, &(0x7f0000002240)={0x10, 0xffffffffffffffda, r3}, 0x10)
r5 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x20080, 0x0)
dup3(r5, r0, 0x0)
close(0x3)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x103042, 0x0)
r6 = syz_io_uring_setup(0x1e1d, &(0x7f0000000200)={0x0, 0x400086fc, 0x10100}, &(0x7f0000002000)=<r7=>0x0, &(0x7f0000000000)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x4, 0x0, 0x0, 0x22})
io_uring_enter(r6, 0x48ed, 0x0, 0x2, 0x0, 0x0)

3.225146205s ago: executing program 3 (id=1305):
r0 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x8292, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f00000001c0)=0x200000000001)

3.05385858s ago: executing program 3 (id=1306):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x680000, 0x0) (async)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x121c02, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000100)=0x4) (async)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0xc, &(0x7f0000000480)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
syz_clone(0x10009400, 0x0, 0xfffffffffffffcb3, &(0x7f0000000880), 0x0, 0x0) (async)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket$inet6_tcp(0xa, 0x1, 0x0) (async)
socket$can_bcm(0x1d, 0x2, 0x2) (async)
openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) (async)
r4 = socket(0xa, 0x2, 0x0)
r5 = dup(r4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r5}, 0x0, &(0x7f0000000300)=r5}, 0x20) (async)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="4400000001010102000000000000000002000000240002800c000280040001009cb557cd14000180080001cd4bde2a0192000000000000000c00198008000276d18541b8734ec467fedbd251a26c67a539f3a2c636a8dbd0202d20f0e5f7386ba09ac622b17cd658a30806"], 0x44}, 0x1, 0x0, 0x0, 0x40080}, 0x0) (async)
r7 = socket(0x2, 0x80805, 0x40)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r7, 0x84, 0x10, &(0x7f0000000100)=@sack_info={r3, 0x1, 0x100269}, 0xc)
ioctl$PPPIOCSACTIVE(r1, 0x40107446, &(0x7f00000003c0)={0x2, &(0x7f0000000080)=[{0x50, 0x1, 0xe6, 0x7ffffffd}, {0x6, 0x0, 0x3, 0x363}]}) (async)
write$ppp(r1, &(0x7f0000000180)="0600", 0x2)
r8 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1) (async)
r9 = eventfd(0x5ef)
ioctl$KVM_IOEVENTFD(r8, 0x40a0ae49, &(0x7f0000000080)={0x802, 0x8080000, 0x0, r9}) (async)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r8, 0x4020aed2, &(0x7f00000000c0)={0xffff1000, 0x1000, 0x8})
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r8, 0x4020aed2, &(0x7f0000000100)={0x6000, 0x100000, 0x8})
r10 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r10, 0x0)
timer_create(0x3, 0x0, &(0x7f00000001c0)) (async)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
mlock(&(0x7f0000bff000/0x400000)=nil, 0x400000)

2.920126637s ago: executing program 3 (id=1307):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001080)=ANY=[@ANYRESHEX], 0x50)
syz_kvm_setup_cpu$x86(r2, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000001c0)="b9800000c00f3235000400000f30440f20c03508000000440f22c036646665f36526f20f22a5430f01c566ba4000edc4a39979250b00000008b9800000c00f3235010000000f30f245ab48b800000000000000800f23c00f21f83500000b000f23f8c481e57dcd", 0x67}], 0x1, 0x10, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000040)={0x42}, 0x10)
fsmount(0xffffffffffffffff, 0x1, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r7, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
r8 = socket(0x1, 0x803, 0x0)
getsockname$packet(r8, &(0x7f0000000100)={0x11, 0x0, <r9=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x50, 0x10, 0x403, 0x78bd28, 0x0, {0x0, 0x0, 0x0, 0x0, 0x90646}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x18, 0x2, 0x0, 0x1, [@IFLA_VLAN_FLAGS={0xc, 0x2, {0x1f, 0x1f}}, @IFLA_VLAN_ID={0x6, 0x1, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r9}]}, 0x50}, 0x1, 0x0, 0x0, 0x600}, 0x0)
r10 = socket$nl_route(0x10, 0x3, 0x0)
r11 = socket(0x1, 0x803, 0x0)
getsockname$packet(r11, &(0x7f0000000100)={0x11, 0x0, <r12=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000400)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x2e840}, [@IFLA_ALT_IFNAME={0x14, 0x35, 'bond0\x00'}, @IFLA_MASTER={0x8, 0xa, r12}]}, 0x3c}, 0x1, 0x0, 0x0, 0x70}, 0x40040)
syz_emit_ethernet(0x4a, &(0x7f0000000000)={@local, @local, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x8, 0x2c, 0x0, @remote, @local, {[], {{0x3a00, 0x5, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x23)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2.435158325s ago: executing program 3 (id=1308):
r0 = socket(0x10, 0x3, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22042, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000092ddee10030410600200050003010902120001000000000904"], 0x0)
getsockopt$sock_buf(r0, 0x1, 0x1a, &(0x7f00000002c0)=""/85, &(0x7f0000000000)=0x55)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
openat$kvm(0xffffffffffffff9c, 0x0, 0x1000, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe}, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
r3 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
r4 = socket$inet6_sctp(0xa, 0x801, 0x84)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r4, 0x84, 0x82, 0x0, &(0x7f0000000040))
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000140)=0x2000)
mmap$dsp(&(0x7f0000ff9000/0x2000)=nil, 0x2000, 0x100000f, 0x11, r3, 0x0)
r5 = landlock_create_ruleset(&(0x7f0000000340)={0x7e64, 0x3, 0x2}, 0x18, 0x0)
landlock_restrict_self(r5, 0x0)
r6 = mq_open(&(0x7f0000000180)=' \x01\x9c\x147\xb3\xcf\xfc\xc3\xa2W)\xebs\x93\xa7\xc7!Q\x8f\xf6\xec\xa5fs\xf5l{T\x87r\xd2)r\xa7\xd6\bO\x9a\x98\xf52:\"\xf4\x12\xc0T+\xcd\x9fv|\x8d\xd5\xb2Dvc\x8e\x93\xd8\xd6\xa0\xc56\xd2x\xe3c:\x00\x00\x00\x00\x00\x00\x00\x00\x97\x97\x9c \xdc\xaavt\x18\xcen\xe4\x03\x84;7\xfb\x84r\xf4\xe7\xc9\b\x987\xaa\x85\xfb\x05%\xa8\xe5b\x81\x8e}\xe1r\xf7s2\x82\xe57&b', 0x41, 0x80, 0x0)
mmap(&(0x7f000074f000/0x1000)=nil, 0x1000, 0xb635773f04ebbeee, 0x11, r6, 0x15b77000)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000200)=0x6)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f00000001c0)=0x9)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x25c25000)
syz_clone(0x640c7000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.043122346s ago: executing program 1 (id=1309):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYRESDEC, @ANYBLOB="0000000000000000b702000014000000b70200000000000085"], 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0xfffffffffffffffe, 0x2000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x14, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d960001000000000000000000007efff100004000000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c527d3d458dd4992861ac00", "f4bd000000801900", [0x8, 0xffffffff9673e35d]}})

1.897941135s ago: executing program 1 (id=1310):
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x58)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="a443fcd7770245fc989b50ea09817223dd9fac342f8f7c3d2cdcae3b14f82c974dc1", 0x22}], 0x1}, 0x6)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0xaa02, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
migrate_pages(0x0, 0x41, &(0x7f0000000080)=0xffffffffffffff29, &(0x7f00000000c0)=0x6)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000007c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x8, 0x0, 0x0, 0x0, 0x61, 0x10, 0x2c}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x0, 0x10, &(0x7f0000000080), 0xffffffffffffffb2}, 0x48)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100))
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000340)='./binderfs2/custom1\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r5 = dup3(r4, r3, 0x0)
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd21, 0xfd40, &(0x7f0000000380)={@ptr={0x70742a85, 0x1, &(0x7f0000000240)=""/161, 0xa1, 0x1, 0x2c}, @flat=@handle={0x73682a85, 0xb, 0x2}, @flat=@weak_handle={0x77682a85, 0x100, 0x2}}, &(0x7f0000000200)={0x0, 0x28, 0x40}}}], 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_GET_LEASE(0xffffffffffffffff, 0xc01064c8, &(0x7f0000000240)={0x2, 0x0, &(0x7f00000001c0)=[<r6=>0x0, 0x0]})
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r5, 0xc05064a7, &(0x7f0000000280)={&(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000500)=[{}, {}, {}, {}, {}, {}, {}], &(0x7f0000000100), &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x7, 0x0, 0x7, 0x0, r6})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r8, &(0x7f0000000140)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000080)=0x1, 0xffffffffffffffff, 0x0, 0x2, 0xfffffffffffffe45}}, 0x20)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000940)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a4a00000006060b04000000133a000000020000002400048020000180080001006f73660014000280080001400000000408000340000000010900010073797a30000000000900020073797a32000000001400c1001100010000000000000000000100000a"], 0x78}}, 0x0)

1.760114686s ago: executing program 4 (id=1311):
r0 = socket$nl_route(0x10, 0x3, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000008, 0x810, 0xffffffffffffffff, 0x0)
r1 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$HIDIOCGCOLLECTIONINFO(r0, 0xc0104811, &(0x7f00000000c0)={0xffff0286, 0x7, 0x8a, 0x8})
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x3)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x8, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)
madvise(&(0x7f000083b000/0x1000)=nil, 0x1000, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r4 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$MRT6_INIT(r4, 0x29, 0xc8, 0x0, 0x0)
setsockopt$MRT6_ADD_MIF(r1, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x0, 0x2}, 0xc)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f00000038c0), 0x2, 0x0)
r6 = socket(0x29, 0x2, 0xff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00'})
setsockopt$MRT6_DEL_MIF(r6, 0x29, 0xcb, 0x0, 0x0)
ioctl$VHOST_SET_OWNER(r5, 0xaf01, 0x0)
r7 = eventfd(0x80000001)
ioctl$VHOST_SET_VRING_KICK(r5, 0x4008af20, &(0x7f0000000040)={0x0, r7})
r8 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x602100, 0x0)
ioctl$FBIOGETCMAP(r8, 0x4604, &(0x7f00000001c0)={0x1, 0x0, 0x0, &(0x7f0000000100)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, &(0x7f0000000180)=[0x0, 0x0, 0x0, 0x0]})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000340)={'wlan0\x00', &(0x7f0000000300)=@ethtool_sset_info={0x37, 0xff, 0xfffffffffffffffa}})

1.66257486s ago: executing program 1 (id=1312):
fanotify_init(0x240, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0xffff, 0x0, 0x1, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x3}, 0x50)
r1 = syz_create_resource$binfmt(&(0x7f0000000100)='./file0\x00')
openat$binfmt(0xffffffffffffff9c, r1, 0x41, 0x1ff)
quotactl_fd$Q_GETQUOTA(r0, 0xffffffff80000702, 0x0, &(0x7f0000000080))

1.567189343s ago: executing program 1 (id=1313):
r0 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r0, &(0x7f00000002c0)={0x2, 0x4e20, @empty}, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x50)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
connect$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
r1 = socket$inet6(0xa, 0x1, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
ioctl$KVM_GET_FPU(r2, 0x81a0ae8c, &(0x7f0000000040))
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x2e, 0x0, &(0x7f00000064c0))
set_mempolicy(0x1, 0x0, 0x7582)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
syz_open_dev$tty1(0xc, 0x4, 0x2)

1.368977787s ago: executing program 1 (id=1314):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_pressure(r0, &(0x7f00000000c0)='cpu.pressure\x00', 0x2, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x89901)
open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000440), 0x2, 0x0)
creat(&(0x7f0000000080)='./file0/file0\x00', 0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket$nl_route(0x10, 0x3, 0x0)
landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x18, 0x0)
socket(0x1e, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r1, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="380000001a00010000000000000000000a008000", @ANYRES32=0x0, @ANYBLOB="0000000008000200000000001400", @ANYRES64=r1], 0x38}}, 0x0)

1.280484393s ago: executing program 1 (id=1315):
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="120100008e88052086800095d89301020301090212000100000000090401"], 0x0)
r0 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d0470084761000000010902120001000000000904"], 0x0) (async)
r2 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000062d14406d0470084761000000010902120001000000000904"], 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$printer(r2, 0x0, 0x0) (async)
syz_usb_control_io$printer(r2, 0x0, 0x0)
memfd_create(&(0x7f0000000180)='];\x00\x00\x00\x00\x96\t\xb27\x87Ge@{\xb7\xff]\a\xa3s\x00\x00Ep\x93\xc9\xdd-\xfc\xf6\xdc\xec9H\x85\xa0\xf2p\x19\xa6\xd3z\x9c\xf0\x16Ax\x18<\x05\b\xa5\x19FN{U\x8b\xb0M5^\x7f+\xc9]E\x1a\x02x\xdc8\xa5|@<\x12\xcc@\xd6\x00\xb9\xf0\xa9\xa7\x8f\xaaUi\x02U\xfe\x1cdt<\xac2\xc4\x05\xa1\x97\xe5\xef\xbbi\x12\xb4n\x11\xff\x14\x1c\xba)\xe3b\xc3K1k\xe4\x15\x1a\x94\xd4DL%\xf7g\x89\xf1\x1d\xa1\xea\xe2\xd9\vt|\xd1\\\\\xbfP\xdd\x0fE\x9e\xfd\xf0\xe8#K\xc5\xec\xfc&\xf3\x0e\xf2\x96\xeb\x03\xdf\x86!M`\xa9 \xb5\xcd\x8e\x0e\x81\xa2\x9e}\xc0/1\xf7\xf9r\a}\x9c\b\x00\xe6\r\xb7D\x87\x86z\xb4\x03\x11\x86.\xa7K\xf0\xb1\x00\x13\x00\x00\x00\x00\x00\xa0\x00\x00\x00', 0x5) (async)
memfd_create(&(0x7f0000000180)='];\x00\x00\x00\x00\x96\t\xb27\x87Ge@{\xb7\xff]\a\xa3s\x00\x00Ep\x93\xc9\xdd-\xfc\xf6\xdc\xec9H\x85\xa0\xf2p\x19\xa6\xd3z\x9c\xf0\x16Ax\x18<\x05\b\xa5\x19FN{U\x8b\xb0M5^\x7f+\xc9]E\x1a\x02x\xdc8\xa5|@<\x12\xcc@\xd6\x00\xb9\xf0\xa9\xa7\x8f\xaaUi\x02U\xfe\x1cdt<\xac2\xc4\x05\xa1\x97\xe5\xef\xbbi\x12\xb4n\x11\xff\x14\x1c\xba)\xe3b\xc3K1k\xe4\x15\x1a\x94\xd4DL%\xf7g\x89\xf1\x1d\xa1\xea\xe2\xd9\vt|\xd1\\\\\xbfP\xdd\x0fE\x9e\xfd\xf0\xe8#K\xc5\xec\xfc&\xf3\x0e\xf2\x96\xeb\x03\xdf\x86!M`\xa9 \xb5\xcd\x8e\x0e\x81\xa2\x9e}\xc0/1\xf7\xf9r\a}\x9c\b\x00\xe6\r\xb7D\x87\x86z\xb4\x03\x11\x86.\xa7K\xf0\xb1\x00\x13\x00\x00\x00\x00\x00\xa0\x00\x00\x00', 0x5)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x121002, 0x0)
ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) (async)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x4048084)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000e80)={[0xffff, 0xfffffffffffffffe, 0x2e, 0xa4e, 0xffff, 0xffff, 0x2, 0x7, 0x6, 0x8000, 0x10, 0x5, 0x100, 0x1, 0x8, 0x9], 0x1, 0x140200})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x3a, 0x301, 0x70bd25, 0xfffffffc, {0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x448d3}, 0x0)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), r6) (async)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), r6)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)=@arm64={0xf2, 0x5, 0x0, '\x00', 0x8001}) (async)
ioctl$KVM_SET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000140)=@arm64={0xf2, 0x5, 0x0, '\x00', 0x8001})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000280)={0x1, 0x0, [{0x40000070, 0x0, 0x6}]}) (async)
ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000000280)={0x1, 0x0, [{0x40000070, 0x0, 0x6}]})
syz_kvm_setup_cpu$x86(r4, r5, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000080)=[@text16={0x10, 0x0}], 0x1, 0x8, 0x0, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000800)=ANY=[@ANYBLOB="c000000040000701feffffff00000000017c1200040042800c00018006000600894f0000970002809470c4b9d425894604f2ef9d2877c76e6cff2cc03746b35836c0acd8948b974978ed58bdf5911ccfaed74609301189929cf0be024fe625adfb8a2230958e80bbcd69193952aff71c16a71b319c97f68d31a04ce3e42faf6f9a9080bc71d6fc8e88a759a2622cf548697149accdc2c647d3d025be3f7e971d8dcc3968e0c25aee12f24713c04065f88e291eec1dc708de4772dc00040008"], 0xc0}, 0x1, 0x0, 0x0, 0x20048815}, 0xc800)
ioctl$I2C_FUNCS(r0, 0x705, &(0x7f00000000c0)=0xfffffffffffffff9) (async)
ioctl$I2C_FUNCS(r0, 0x705, &(0x7f00000000c0)=0xfffffffffffffff9)

914.712891ms ago: executing program 0 (id=1316):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000a40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a30000000002c000000030a01040000000000000000010000000900030073797a32000000000900010073797a300000000068000000060a010400000000000000000100000008000b40000000000900010073797a3000000000400004803c0001800b000100736f636b657400002c000280080003000000003208000240000000080800014000000003080002400000000d0800014000000001"], 0x1f4}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_open_dev$evdev(&(0x7f0000000200), 0xd, 0x284a00)
ioctl$EVIOCGPHYS(r2, 0x80404507, &(0x7f0000000240)=""/237)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES16=r3, @ANYBLOB="00012dbd7000fedbdf250e0000001400028005000d000000000008000600000200002800038008000500e0000002060007004e240000140002006e657464657673696d30000000000000"], 0x50}, 0x1, 0x0, 0x0, 0x4840}, 0x1)

828.37868ms ago: executing program 0 (id=1317):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000080)={0x0, &(0x7f0000000f40)=[@wrmsr={0x65, 0x20, {0x400000b3, 0x7}}], 0x20})
ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r3, 0x4068aea3, &(0x7f00000000c0)={0xc7, 0x0, 0x1})
ioctl$KVM_SET_CPUID2(r3, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x40000001, 0x7fff, 0x0, 0x31237648, 0x6, 0x2, 0x80}]})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_usb_connect(0x2, 0x34, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009bbd8b08e80430ffd1a601220301090222000100000000090400000129fddd000905e2ff"], 0x0)

769.595569ms ago: executing program 2 (id=1318):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00'})
socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_open_dev$vcsa(0x0, 0xa40d, 0x2a8102)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x47, 0x20000010)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_INFO(0xffffffffffffffff, 0xc1205531, 0x0)
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000100), 0x92101, 0x0)
write$P9_RSTAT(r3, &(0x7f0000000140)=ANY=[@ANYBLOB="520000007d0100000400000004000000000000000000400205000000e304000000c03e000000000008006272696467653000000009005e405b7d7d2923667d07006d616373656300"/82], 0x52)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0)
ioctl$TIOCPKT(r4, 0x5420, &(0x7f0000000200)=0x1b)
ioctl$TCXONC(r4, 0x540a, 0x2)
ioctl$TCSETS(r4, 0x5402, &(0x7f0000000280)={0x40, 0x0, 0xf5, 0xfffffff7, 0x17, "83b0dd81a633403f7454af765b1dd555ea6b5f"})
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f00000002c0)='net/igmp6\x00')
r6 = socket(0x10, 0x800, 0x1000000)
write(r6, &(0x7f0000000000)="240000001a005f0314f9f407000904000200000001000000000000000800040001000000", 0x24)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000740), 0xffffffffffffffff)
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r7, 0x0, 0x0)
preadv(r5, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0x40000000, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000480), 0xffffffffffffffff)
r8 = getpid()
setpriority(0x1, r8, 0x9)
ioprio_get$pid(0x2, r8)

306.860339ms ago: executing program 4 (id=1319):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_trie\x00')
mmap$xdp(&(0x7f0000002000/0x2000)=nil, 0x2000, 0x0, 0x11, r0, 0x0)
r1 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r1)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000080), r0)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r2, 0x400, 0x70bd25, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x10}]}, 0x1c}}, 0x44)
ioctl$TIOCGPKT(r0, 0x80045438, &(0x7f0000000000))
syz_open_dev$sg(&(0x7f00000060c0), 0xffffffffffffffff, 0x22081)

99.277147ms ago: executing program 4 (id=1320):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000900)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000000000000000000000000000000000000ac1414aa00000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000330000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000feffffffff7f400002000000000000080000000000000000010000000000000044000500"], 0xfc}}, 0x0)

0s ago: executing program 4 (id=1321):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0xc369d000)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f0000000000))
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, 0x0)
open_tree(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', 0x8000)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01064c1, 0x0)
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01864c2, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
syz_emit_ethernet(0x3a, &(0x7f0000000280)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local, {[@rr={0x7, 0x3, 0x7a}]}}, {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2, 0x800}}}}}}, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

kernel console output (not intermixed with test programs):

lvl+0xe8/0x150
[  257.981971][ T9376]  should_fail_ex+0x412/0x560
[  257.981988][ T9376]  _copy_from_iter+0x1d3/0x1670
[  257.982005][ T9376]  ? rcu_is_watching+0x15/0xb0
[  257.982023][ T9376]  ? __pfx__copy_from_iter+0x10/0x10
[  257.982041][ T9376]  ? netlink_sendmsg+0x650/0xb40
[  257.982056][ T9376]  ? skb_put+0x11b/0x210
[  257.982068][ T9376]  netlink_sendmsg+0x6c0/0xb40
[  257.982087][ T9376]  ? __pfx_netlink_sendmsg+0x10/0x10
[  257.982104][ T9376]  ? aa_sock_msg_perm+0xf1/0x1b0
[  257.982120][ T9376]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  257.982133][ T9376]  ____sys_sendmsg+0x972/0x9f0
[  257.982155][ T9376]  ? __pfx_____sys_sendmsg+0x10/0x10
[  257.982170][ T9376]  ? import_iovec+0x73/0xa0
[  257.982183][ T9376]  ___sys_sendmsg+0x2a5/0x360
[  257.982197][ T9376]  ? __pfx____sys_sendmsg+0x10/0x10
[  257.982223][ T9376]  ? __fget_files+0x2a/0x420
[  257.982237][ T9376]  ? __fget_files+0x3a0/0x420
[  257.982256][ T9376]  __x64_sys_sendmsg+0x1bd/0x2a0
[  257.982269][ T9376]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  257.982284][ T9376]  ? __pfx_ksys_write+0x10/0x10
[  257.982300][ T9376]  do_syscall_64+0x14d/0xf80
[  257.982311][ T9376]  ? trace_irq_disable+0x3b/0x150
[  257.982325][ T9376]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.982335][ T9376]  ? clear_bhb_loop+0x40/0x90
[  257.982347][ T9376]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  257.982356][ T9376] RIP: 0033:0x7f4a4ff9c799
[  257.982367][ T9376] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  257.982375][ T9376] RSP: 002b:00007f4a50e73028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  257.982387][ T9376] RAX: ffffffffffffffda RBX: 00007f4a50215fa0 RCX: 00007f4a4ff9c799
[  257.982394][ T9376] RDX: 0000000004000000 RSI: 0000200000000000 RDI: 0000000000000003
[  257.982401][ T9376] RBP: 00007f4a50e73090 R08: 0000000000000000 R09: 0000000000000000
[  257.982407][ T9376] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  257.982413][ T9376] R13: 00007f4a50216038 R14: 00007f4a50215fa0 R15: 00007f4a5033fa48
[  257.982427][ T9376]  </TASK>
[  258.241734][ T9378] netlink: 8 bytes leftover after parsing attributes in process `syz.3.948'.
[  258.250676][ T9378] netlink: 4 bytes leftover after parsing attributes in process `syz.3.948'.
[  258.259606][ T9378] netlink: 'syz.3.948': attribute type 14 has an invalid length.
[  258.797226][ T5884] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[  258.929028][ T9394] sg_write: data in/out 431068/146 bytes for SCSI command 0x0-- guessing data in;
[  258.929028][ T9394]    program syz.3.955 not setting count and/or reply_len properly
[  258.975281][ T5884] usb 1-1: unable to get BOS descriptor or descriptor too short
[  258.986177][ T5884] usb 1-1: config 9 has an invalid interface number: 242 but max is 0
[  258.995427][ T5884] usb 1-1: config 9 has no interface number 0
[  259.002091][ T5884] usb 1-1: config 9 interface 242 has no altsetting 0
[  259.012067][ T5884] usb 1-1: New USB device found, idVendor=0af0, idProduct=7041, bcdDevice=d0.f9
[  259.025065][ T5884] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.033558][ T5884] usb 1-1: Product: syz
[  259.047251][ T5884] usb 1-1: Manufacturer: syz
[  259.052088][ T5884] usb 1-1: SerialNumber: syz
[  259.164091][ T9403] fuse: Unknown parameter 'fd0x0000000000000007'
[  259.304555][ T5884] usb 1-1: USB disconnect, device number 51
[  259.547204][   T30] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  259.646170][ T9410] FAULT_INJECTION: forcing a failure.
[  259.646170][ T9410] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  259.665712][ T9410] CPU: 0 UID: 0 PID: 9410 Comm: syz.2.960 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  259.665742][ T9410] Tainted: [L]=SOFTLOCKUP
[  259.665749][ T9410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  259.665759][ T9410] Call Trace:
[  259.665765][ T9410]  <TASK>
[  259.665771][ T9410]  dump_stack_lvl+0xe8/0x150
[  259.665800][ T9410]  should_fail_ex+0x412/0x560
[  259.665829][ T9410]  _copy_from_iter+0x1d3/0x1670
[  259.665859][ T9410]  ? rcu_is_watching+0x15/0xb0
[  259.665880][ T9410]  ? __pfx__copy_from_iter+0x10/0x10
[  259.665898][ T9410]  ? netlink_sendmsg+0x650/0xb40
[  259.665913][ T9410]  ? skb_put+0x11b/0x210
[  259.665925][ T9410]  netlink_sendmsg+0x6c0/0xb40
[  259.665944][ T9410]  ? __pfx_netlink_sendmsg+0x10/0x10
[  259.665960][ T9410]  ? aa_sock_msg_perm+0xf1/0x1b0
[  259.665982][ T9410]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  259.665995][ T9410]  ____sys_sendmsg+0x972/0x9f0
[  259.666011][ T9410]  ? __pfx_____sys_sendmsg+0x10/0x10
[  259.666026][ T9410]  ? import_iovec+0x73/0xa0
[  259.666038][ T9410]  ___sys_sendmsg+0x2a5/0x360
[  259.666052][ T9410]  ? __pfx____sys_sendmsg+0x10/0x10
[  259.666078][ T9410]  ? __fget_files+0x2a/0x420
[  259.666092][ T9410]  ? __fget_files+0x3a0/0x420
[  259.666122][ T9410]  __x64_sys_sendmsg+0x1bd/0x2a0
[  259.666144][ T9410]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  259.666170][ T9410]  ? __pfx_ksys_write+0x10/0x10
[  259.666187][ T9410]  do_syscall_64+0x14d/0xf80
[  259.666198][ T9410]  ? trace_irq_disable+0x3b/0x150
[  259.666212][ T9410]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.666223][ T9410]  ? clear_bhb_loop+0x40/0x90
[  259.666234][ T9410]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.666244][ T9410] RIP: 0033:0x7fad1179c799
[  259.666255][ T9410] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  259.666263][ T9410] RSP: 002b:00007fad12633028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  259.666275][ T9410] RAX: ffffffffffffffda RBX: 00007fad11a15fa0 RCX: 00007fad1179c799
[  259.666282][ T9410] RDX: 0000000004000000 RSI: 0000200000000000 RDI: 0000000000000003
[  259.666289][ T9410] RBP: 00007fad12633090 R08: 0000000000000000 R09: 0000000000000000
[  259.666295][ T9410] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  259.666301][ T9410] R13: 00007fad11a16038 R14: 00007fad11a15fa0 R15: 00007fad11b3fa48
[  259.666315][ T9410]  </TASK>
[  259.769149][   T30] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  259.947236][   T30] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  259.957626][   T30] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  259.966700][   T30] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  260.089805][ T5884] usb 3-1: new full-speed USB device number 38 using dummy_hcd
[  260.097509][   T30] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  260.110609][   T30] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  260.121407][   T30] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  260.129723][   T30] usb 4-1: Product: syz
[  260.134081][   T30] usb 4-1: Manufacturer: syz
[  260.148340][   T30] cdc_wdm 4-1:1.0: skipping garbage
[  260.153601][   T30] cdc_wdm 4-1:1.0: skipping garbage
[  260.188110][   T30] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  260.195792][ T9421] netlink: 4 bytes leftover after parsing attributes in process `syz.1.964'.
[  260.213610][   T30] cdc_wdm 4-1:1.0: Unknown control protocol
[  260.263930][ T5884] usb 3-1: unable to get BOS descriptor or descriptor too short
[  260.276133][ T5884] usb 3-1: not running at top speed; connect to a high speed hub
[  260.304665][ T5884] usb 3-1: config 178 has an invalid interface number: 212 but max is 0
[  260.322316][ T5884] usb 3-1: config 178 has no interface number 0
[  260.354528][ T5884] usb 3-1: config 178 interface 212 has no altsetting 0
[  260.373585][ T5884] usb 3-1: New USB device found, idVendor=0b95, idProduct=2790, bcdDevice=de.90
[  260.377789][ T9429] xt_CT: You must specify a L4 protocol and not use inversions on it
[  260.383111][ T5884] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.402912][ T5884] usb 3-1: Product: syz
[  260.407353][ T5884] usb 3-1: Manufacturer: syz
[  260.417627][ T5884] usb 3-1: SerialNumber: syz
[  260.655129][ T5884] usb 3-1: USB disconnect, device number 38
[  260.709802][    C1] cdc_wdm 4-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[  260.719682][    C1] cdc_wdm 4-1:1.0: nonzero urb status received: -EPIPE
[  260.829240][ T9445] netlink: 4 bytes leftover after parsing attributes in process `syz.1.970'.
[  260.921413][   T10] usb 4-1: USB disconnect, device number 44
[  260.987811][ T9447] openvswitch: netlink: IP tunnel dst address not specified
[  261.108207][ T9450] FAULT_INJECTION: forcing a failure.
[  261.108207][ T9450] name failslab, interval 1, probability 0, space 0, times 0
[  261.132367][ T9450] CPU: 1 UID: 0 PID: 9450 Comm: syz.4.972 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  261.132397][ T9450] Tainted: [L]=SOFTLOCKUP
[  261.132403][ T9450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  261.132414][ T9450] Call Trace:
[  261.132420][ T9450]  <TASK>
[  261.132428][ T9450]  dump_stack_lvl+0xe8/0x150
[  261.132458][ T9450]  should_fail_ex+0x412/0x560
[  261.132488][ T9450]  should_failslab+0xa8/0x100
[  261.132513][ T9450]  __kmalloc_cache_noprof+0x88/0x660
[  261.132532][ T9450]  ? __pfx_stack_trace_save+0x10/0x10
[  261.132552][ T9450]  ? rtnl_newlink+0x136/0x1be0
[  261.132583][ T9450]  rtnl_newlink+0x136/0x1be0
[  261.132610][ T9450]  ? kasan_save_track+0x4f/0x80
[  261.132628][ T9450]  ? kasan_save_track+0x3e/0x80
[  261.132645][ T9450]  ? kasan_save_free_info+0x46/0x50
[  261.132669][ T9450]  ? __kasan_slab_free+0x5c/0x80
[  261.132688][ T9450]  ? kmem_cache_free+0x187/0x630
[  261.132708][ T9450]  ? __dev_queue_xmit+0x16d1/0x3890
[  261.132729][ T9450]  ? __netlink_deliver_tap+0x5ad/0x850
[  261.132754][ T9450]  ? netlink_deliver_tap+0x19c/0x1b0
[  261.132778][ T9450]  ? netlink_unicast+0x7e3/0x9b0
[  261.132799][ T9450]  ? netlink_sendmsg+0x813/0xb40
[  261.132827][ T9450]  ? __pfx_rtnl_newlink+0x10/0x10
[  261.132850][ T9450]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.132904][ T9450]  ? kasan_quarantine_put+0xbb/0x1f0
[  261.132923][ T9450]  ? lockdep_hardirqs_on+0x7a/0x110
[  261.132947][ T9450]  ? kmem_cache_free+0x187/0x630
[  261.132966][ T9450]  ? nlmon_xmit+0xb0/0x100
[  261.132996][ T9450]  ? __lock_acquire+0x6b5/0x2cf0
[  261.133023][ T9450]  ? __local_bh_enable_ip+0xd0/0x130
[  261.133047][ T9450]  ? lockdep_hardirqs_on+0x7a/0x110
[  261.133065][ T9450]  ? __dev_queue_xmit+0x277/0x3890
[  261.133086][ T9450]  ? __local_bh_enable_ip+0xd0/0x130
[  261.133107][ T9450]  ? __dev_queue_xmit+0x277/0x3890
[  261.133149][ T9450]  ? __pfx_rtnl_newlink+0x10/0x10
[  261.133175][ T9450]  rtnetlink_rcv_msg+0x7d5/0xbe0
[  261.133205][ T9450]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[  261.133231][ T9450]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  261.133256][ T9450]  ? ref_tracker_free+0x693/0x840
[  261.133281][ T9450]  ? __copy_skb_header+0xa3/0x4a0
[  261.133303][ T9450]  ? __pfx_ref_tracker_free+0x10/0x10
[  261.133328][ T9450]  ? __skb_clone+0x63/0x7a0
[  261.133355][ T9450]  netlink_rcv_skb+0x232/0x4b0
[  261.133382][ T9450]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  261.133410][ T9450]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  261.133446][ T9450]  ? netlink_deliver_tap+0x2e/0x1b0
[  261.133479][ T9450]  netlink_unicast+0x80f/0x9b0
[  261.133510][ T9450]  ? __pfx_netlink_unicast+0x10/0x10
[  261.133536][ T9450]  ? netlink_sendmsg+0x650/0xb40
[  261.133560][ T9450]  ? skb_put+0x11b/0x210
[  261.133581][ T9450]  netlink_sendmsg+0x813/0xb40
[  261.133615][ T9450]  ? __pfx_netlink_sendmsg+0x10/0x10
[  261.133645][ T9450]  ? aa_sock_msg_perm+0xf1/0x1b0
[  261.133672][ T9450]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  261.133698][ T9450]  ____sys_sendmsg+0x972/0x9f0
[  261.133726][ T9450]  ? __pfx_____sys_sendmsg+0x10/0x10
[  261.133754][ T9450]  ? import_iovec+0x73/0xa0
[  261.133777][ T9450]  ___sys_sendmsg+0x2a5/0x360
[  261.133800][ T9450]  ? __pfx____sys_sendmsg+0x10/0x10
[  261.133848][ T9450]  ? __fget_files+0x2a/0x420
[  261.133878][ T9450]  ? __fget_files+0x3a0/0x420
[  261.133912][ T9450]  __x64_sys_sendmsg+0x1bd/0x2a0
[  261.133936][ T9450]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  261.133965][ T9450]  ? __pfx_ksys_write+0x10/0x10
[  261.133995][ T9450]  do_syscall_64+0x14d/0xf80
[  261.134014][ T9450]  ? trace_irq_disable+0x3b/0x150
[  261.134040][ T9450]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.134057][ T9450]  ? clear_bhb_loop+0x40/0x90
[  261.134079][ T9450]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  261.134097][ T9450] RIP: 0033:0x7f33c199c799
[  261.134114][ T9450] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  261.134129][ T9450] RSP: 002b:00007f33c2797028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  261.134149][ T9450] RAX: ffffffffffffffda RBX: 00007f33c1c15fa0 RCX: 00007f33c199c799
[  261.134162][ T9450] RDX: 0000000004000000 RSI: 0000200000000000 RDI: 0000000000000003
[  261.134174][ T9450] RBP: 00007f33c2797090 R08: 0000000000000000 R09: 0000000000000000
[  261.134184][ T9450] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  261.134195][ T9450] R13: 00007f33c1c16038 R14: 00007f33c1c15fa0 R15: 00007f33c1d3fa48
[  261.134222][ T9450]  </TASK>
[  262.010834][ T9469] C: renamed from lo (while UP)
[  262.101834][ T9469] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  263.366573][ T9494] x_tables: ip6_tables: SNAT target: used from hooks OUTPUT, but only usable from INPUT/POSTROUTING
[  263.977889][ T5898] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  264.117250][ T5898] usb 3-1: device descriptor read/64, error -71
[  264.257222][ T5884] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  264.357226][ T5898] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  264.408602][ T5884] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  264.419706][ T5884] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  264.429584][ T5884] usb 4-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  264.438724][ T5884] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.450454][ T5884] usb 4-1: config 0 descriptor??
[  264.487603][ T5898] usb 3-1: device descriptor read/64, error -71
[  264.607435][ T5898] usb usb3-port1: attempt power cycle
[  264.860739][ T5884] cm6533_jd 0003:0D8C:0022.0011: unknown main item tag 0x0
[  264.871937][ T5884] cm6533_jd 0003:0D8C:0022.0011: unknown main item tag 0x0
[  264.887516][ T5884] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0D8C:0022.0011/input/input26
[  264.922208][ T5884] cm6533_jd 0003:0D8C:0022.0011: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.3-1/input0
[  264.957218][ T5898] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  264.978887][ T5898] usb 3-1: device descriptor read/8, error -71
[  265.068452][   T24] usb 4-1: USB disconnect, device number 45
[  265.228332][ T5898] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  265.258219][ T5898] usb 3-1: device descriptor read/8, error -71
[  265.378351][ T5898] usb usb3-port1: unable to enumerate USB device
[  265.603845][ T9513] loop4: detected capacity change from 0 to 7
[  265.617477][ T9513] Dev loop4: unable to read RDB block 7
[  265.627732][ T9513]  loop4: unable to read partition table
[  265.633640][ T9513] loop4: partition table beyond EOD, truncated
[  265.665392][ T9513] loop_reread_partitions: partition scan of loop4 (þ被xü—ŸÑà– ) failed (rc=-5)
[  265.801742][ T9521] fuse: Bad value for 'fd'
[  265.975364][ T9526] netlink: 12 bytes leftover after parsing attributes in process `syz.0.992'.
[  265.984812][ T9526] IPv6: NLM_F_CREATE should be specified when creating new route
[  266.187161][ T5898] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  266.348664][ T5898] usb 4-1: config 1 has an invalid interface number: 7 but max is 0
[  266.356698][ T5898] usb 4-1: config 1 has no interface number 0
[  266.364452][ T5898] usb 4-1: config 1 interface 7 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  266.384642][ T5898] usb 4-1: config 1 interface 7 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  266.394836][ T5898] usb 4-1: config 1 interface 7 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  266.411423][ T5898] usb 4-1: New USB device found, idVendor=1199, idProduct=68a3, bcdDevice= 0.00
[  266.420804][ T5898] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.428982][ T5898] usb 4-1: Product: syz
[  266.433503][ T5898] usb 4-1: Manufacturer: syz
[  266.438608][ T5898] usb 4-1: SerialNumber: syz
[  266.446245][ T9523] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  266.841368][ T9532] sctp: [Deprecated]: syz.2.995 (pid 9532) Use of struct sctp_assoc_value in delayed_ack socket option.
[  266.841368][ T9532] Use struct sctp_sack_info instead
[  267.289399][ T9541] netlink: 4 bytes leftover after parsing attributes in process `syz.1.999'.
[  267.587259][   T30] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  267.738577][   T30] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  267.749966][   T30] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  267.760534][   T30] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  267.773596][   T30] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  267.782824][   T30] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  267.793925][   T30] usb 2-1: config 0 descriptor??
[  267.886547][ T9553] x_tables: ip6_tables: SNAT target: used from hooks OUTPUT, but only usable from INPUT/POSTROUTING
[  267.887626][ T5917] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  267.959012][ T9555] fuse: Bad value for 'fd'
[  268.059291][ T5917] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  268.070813][ T5917] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  268.081015][ T5917] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  268.095308][ T5917] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  268.105049][ T5917] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  268.122777][ T5917] usb 3-1: config 0 descriptor??
[  268.215132][   T30] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  268.367356][ T5884] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[  268.408003][ T9543] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  268.416921][ T9543] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  268.480230][   T30] usb 2-1: USB disconnect, device number 55
[  268.497261][ T5884] usb 1-1: device descriptor read/64, error -71
[  268.552359][ T5917] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  268.747184][ T5884] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[  268.767206][ T5898] usb 4-1: Error in usbnet_get_endpoints (-71)
[  268.806755][ T5898] usb 4-1: USB disconnect, device number 46
[  268.887261][ T5884] usb 1-1: device descriptor read/64, error -71
[  268.997876][ T5884] usb usb1-port1: attempt power cycle
[  269.467272][ T5884] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[  269.487921][ T5884] usb 1-1: device descriptor read/8, error -71
[  269.667186][ T5898] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  269.737315][ T5884] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[  269.767939][ T5884] usb 1-1: device descriptor read/8, error -71
[  269.817466][ T5898] usb 2-1: Using ep0 maxpacket: 32
[  269.824079][ T5898] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  269.846864][ T5898] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.869112][ T5898] usb 2-1: config 0 descriptor??
[  269.878909][ T5884] usb usb1-port1: unable to enumerate USB device
[  269.881367][ T5898] gspca_main: sq930x-2.14.0 probing 041e:403c
[  269.939445][ T9574] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1010'.
[  270.362714][ T9590] x_tables: ip6_tables: SNAT target: used from hooks OUTPUT, but only usable from INPUT/POSTROUTING
[  270.461070][ T9593] fuse: Bad value for 'fd'
[  270.549073][   T10] usb 3-1: USB disconnect, device number 43
[  270.895259][ T9596] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1016'.
[  270.936017][ T9571] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1009'.
[  271.076679][ T5898] gspca_sq930x: ucbus_write failed -71
[  271.087335][ T5898] sq930x 2-1:0.0: probe with driver sq930x failed with error -71
[  271.108460][ T5898] usb 2-1: USB disconnect, device number 56
[  271.215614][ T9600] netlink: 'syz.0.1018': attribute type 1 has an invalid length.
[  271.267215][ T5917] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  271.323176][ T9607] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1021'.
[  271.397750][ T5917] usb 3-1: device descriptor read/64, error -71
[  271.527212][ T5953] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  271.691228][ T5917] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  271.707636][ T5953] usb 4-1: Using ep0 maxpacket: 16
[  271.714657][ T5953] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  271.727348][ T5953] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  271.737531][ T5953] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  271.750961][ T5953] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  271.763872][ T5953] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.806911][ T5953] usb 4-1: config 0 descriptor??
[  271.827285][ T5917] usb 3-1: device descriptor read/64, error -71
[  271.896543][ T9619] x_tables: ip6_tables: SNAT target: used from hooks OUTPUT, but only usable from INPUT/POSTROUTING
[  271.947446][ T5917] usb usb3-port1: attempt power cycle
[  272.092319][ T9626] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1027'.
[  272.408129][ T5917] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  272.409278][ T5953] microsoft 0003:045E:07DA.0014: invalid report_size 11077
[  272.448078][ T5917] usb 3-1: device descriptor read/8, error -71
[  272.466549][ T5953] microsoft 0003:045E:07DA.0014: item 0 2 1 7 parsing failed
[  272.518013][ T5953] microsoft 0003:045E:07DA.0014: parse failed
[  272.544654][ T5953] microsoft 0003:045E:07DA.0014: probe with driver microsoft failed with error -22
[  272.688713][ T5917] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  272.727783][ T5917] usb 3-1: device descriptor read/8, error -71
[  272.763563][ T9640] FAULT_INJECTION: forcing a failure.
[  272.763563][ T9640] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  272.779819][ T9640] CPU: 1 UID: 0 PID: 9640 Comm: syz.1.1032 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  272.779838][ T9640] Tainted: [L]=SOFTLOCKUP
[  272.779842][ T9640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  272.779848][ T9640] Call Trace:
[  272.779852][ T9640]  <TASK>
[  272.779857][ T9640]  dump_stack_lvl+0xe8/0x150
[  272.779877][ T9640]  should_fail_ex+0x412/0x560
[  272.779895][ T9640]  _copy_to_user+0x31/0xb0
[  272.779909][ T9640]  simple_read_from_buffer+0xe1/0x170
[  272.779926][ T9640]  proc_fail_nth_read+0x1bb/0x230
[  272.779943][ T9640]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  272.779959][ T9640]  ? rw_verify_area+0x2a6/0x4d0
[  272.779970][ T9640]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  272.779984][ T9640]  vfs_read+0x20c/0xa70
[  272.779994][ T9640]  ? fdget_pos+0x246/0x320
[  272.780009][ T9640]  ? __pfx___mutex_lock+0x10/0x10
[  272.780023][ T9640]  ? __pfx___mutex_lock+0x10/0x10
[  272.780034][ T9640]  ? __pfx_vfs_read+0x10/0x10
[  272.780045][ T9640]  ? __fget_files+0x2a/0x420
[  272.780061][ T9640]  ? __fget_files+0x3a0/0x420
[  272.780075][ T9640]  ? __fget_files+0x2a/0x420
[  272.780093][ T9640]  ksys_read+0x150/0x270
[  272.780105][ T9640]  ? __pfx_ksys_read+0x10/0x10
[  272.780120][ T9640]  do_syscall_64+0x14d/0xf80
[  272.780131][ T9640]  ? trace_irq_disable+0x3b/0x150
[  272.780146][ T9640]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.780156][ T9640]  ? clear_bhb_loop+0x40/0x90
[  272.780171][ T9640]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  272.780181][ T9640] RIP: 0033:0x7fabfd75cfce
[  272.780191][ T9640] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  272.780200][ T9640] RSP: 002b:00007fabfe639fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  272.780212][ T9640] RAX: ffffffffffffffda RBX: 00007fabfe63a6c0 RCX: 00007fabfd75cfce
[  272.780219][ T9640] RDX: 000000000000000f RSI: 00007fabfe63a0a0 RDI: 0000000000000005
[  272.780225][ T9640] RBP: 00007fabfe63a090 R08: 0000000000000000 R09: 0000000000000000
[  272.780231][ T9640] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  272.780237][ T9640] R13: 00007fabfda16038 R14: 00007fabfda15fa0 R15: 00007fabfdb3fa48
[  272.780253][ T9640]  </TASK>
[  273.021674][ T5917] usb usb3-port1: unable to enumerate USB device
[  273.317198][ T5953] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  273.481668][ T5953] usb 2-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[  273.492078][ T5953] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.500433][ T5953] usb 2-1: Product: syz
[  273.504892][ T5953] usb 2-1: Manufacturer: syz
[  273.509811][ T5953] usb 2-1: SerialNumber: syz
[  273.518370][ T5953] usb 2-1: config 0 descriptor??
[  273.526534][ T5953] hub 2-1:0.0: bad descriptor, ignoring hub
[  273.533498][ T5953] hub 2-1:0.0: probe with driver hub failed with error -5
[  273.725740][ T5953] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state.
[  273.744908][ T5953] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  273.763599][ T5953] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo)
[  273.779323][ T5953] usb 2-1: media controller created
[  273.803402][ T5953] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  273.857884][ T5953] DVB: Unable to find symbol dib7000p_attach()
[  273.868914][ T5953] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo'
[  273.967627][ T5953] rc_core: IR keymap rc-dib0700-rc5 not found
[  274.077213][ T5953] Registered IR keymap rc-empty
[  274.082473][ T5953] dvb-usb: could not initialize remote control.
[  274.089678][ T5953] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected.
[  274.282073][ T9658] netlink: 'syz.1.1033': attribute type 1 has an invalid length.
[  274.320878][   T30] usb 4-1: USB disconnect, device number 47
[  274.341525][ T5953] usb 2-1: USB disconnect, device number 57
[  274.491689][ T5917] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  274.568445][ T5953] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected.
[  274.699029][ T5917] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[  274.717355][ T5917] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  274.738965][ T5917] usb 3-1: New USB device found, idVendor=1b5c, idProduct=0105, bcdDevice= 1.f1
[  274.748566][ T5917] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  274.759050][ T5917] usb 3-1: Product: syz
[  274.763300][ T5917] usb 3-1: Manufacturer: syz
[  274.778021][ T5917] usb 3-1: SerialNumber: syz
[  274.787270][   T30] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  274.800646][ T5917] usb 3-1: config 0 descriptor??
[  274.820358][ T5917] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  274.832486][ T5917] usb 3-1: Detected SIO
[  274.836670][ T5917] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 4
[  274.844325][ T5917] ftdi_sio ttyUSB0: Overriding wMaxPacketSize on endpoint 7
[  274.853905][ T5917] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  274.949052][   T30] usb 4-1: config 0 has an invalid interface number: 237 but max is 0
[  274.957527][   T30] usb 4-1: config 0 has no interface number 0
[  275.062010][ T9657] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  275.076967][ T9657] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  275.100717][ T5913] usb 3-1: USB disconnect, device number 48
[  275.120307][ T5913] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  275.127295][   T30] usb 4-1: config 0 interface 237 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  275.135056][ T5913] ftdi_sio 3-1:0.0: device disconnected
[  275.156445][   T30] usb 4-1: config 0 interface 237 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  275.174601][   T30] usb 4-1: config 0 interface 237 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  275.201535][   T30] usb 4-1: config 0 interface 237 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  275.224830][ T9671] FAULT_INJECTION: forcing a failure.
[  275.224830][ T9671] name failslab, interval 1, probability 0, space 0, times 0
[  275.247726][   T30] usb 4-1: New USB device found, idVendor=045e, idProduct=84bd, bcdDevice=89.be
[  275.261232][   T30] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=3
[  275.278406][   T30] usb 4-1: Product: syz
[  275.285370][ T9671] CPU: 1 UID: 0 PID: 9671 Comm: syz.1.1041 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  275.285397][ T9671] Tainted: [L]=SOFTLOCKUP
[  275.285403][ T9671] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  275.285413][ T9671] Call Trace:
[  275.285421][ T9671]  <TASK>
[  275.285430][ T9671]  dump_stack_lvl+0xe8/0x150
[  275.285458][ T9671]  should_fail_ex+0x412/0x560
[  275.285488][ T9671]  should_failslab+0xa8/0x100
[  275.285512][ T9671]  __kmalloc_noprof+0xe8/0x760
[  275.285532][ T9671]  ? io_cache_alloc_new+0x40/0x100
[  275.285549][ T9671]  io_cache_alloc_new+0x40/0x100
[  275.285565][ T9671]  io_msg_alloc_async+0x212/0x380
[  275.285581][ T9671]  io_connect_prep+0x1b1/0x300
[  275.285597][ T9671]  io_submit_sqes+0xb6d/0x2400
[  275.285623][ T9671]  __se_sys_io_uring_enter+0x2cc/0x18c0
[  275.285635][ T9671]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  275.285649][ T9671]  ? __fget_files+0x3a0/0x420
[  275.285666][ T9671]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  275.285676][ T9671]  ? fput+0xa0/0xd0
[  275.285693][ T9671]  ? __pfx_ksys_write+0x10/0x10
[  275.285706][ T9671]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  275.285718][ T9671]  do_syscall_64+0x14d/0xf80
[  275.285729][ T9671]  ? trace_irq_disable+0x3b/0x150
[  275.285744][ T9671]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.285754][ T9671]  ? clear_bhb_loop+0x40/0x90
[  275.285766][ T9671]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  275.285776][ T9671] RIP: 0033:0x7fabfd79c799
[  275.285785][ T9671] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  275.285794][ T9671] RSP: 002b:00007fabfe63a028 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  275.285805][ T9671] RAX: ffffffffffffffda RBX: 00007fabfda15fa0 RCX: 00007fabfd79c799
[  275.285813][ T9671] RDX: 0000000000006933 RSI: 00000000000008ae RDI: 0000000000000000
[  275.285819][ T9671] RBP: 00007fabfe63a090 R08: 0000000000000000 R09: 000000000000effd
[  275.285826][ T9671] R10: 0000000000000017 R11: 0000000000000246 R12: 0000000000000001
[  275.285832][ T9671] R13: 00007fabfda16038 R14: 00007fabfda15fa0 R15: 00007fabfdb3fa48
[  275.285847][ T9671]  </TASK>
[  275.501417][   T30] usb 4-1: Manufacturer: syz
[  275.506038][   T30] usb 4-1: SerialNumber: syz
[  275.544259][   T30] usb 4-1: config 0 descriptor??
[  275.580155][   T30] xpad 4-1:0.237: probe with driver xpad failed with error -5
[  275.895220][   T30] usb 4-1: USB disconnect, device number 48
[  276.342294][ T9691] ptrace attach of ""[9692] was attempted by "./syz-executor exec"[9691]
[  277.029909][   T29] audit: type=1400 audit(1774077573.735:388): apparmor="DENIED" operation="setprocattr" info="exec" error=-22 profile="unconfined" pid=9698 comm="syz.1.1048"
[  277.150450][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880581f3000: rx timeout, send abort
[  277.358158][ T5913] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  277.527961][ T5913] usb 2-1: Using ep0 maxpacket: 16
[  277.546388][ T5913] usb 2-1: config index 0 descriptor too short (expected 16456, got 72)
[  277.555262][ T5913] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  277.565192][ T5913] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  277.591250][ T5913] usb 2-1: config 0 has an invalid interface number: 125 but max is 1
[  277.610859][ T5913] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  277.631629][ T5913] usb 2-1: config 0 has no interface number 0
[  277.646489][ T5913] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  277.651457][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880581f2800: rx timeout, send abort
[  277.665921][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880581f3000: abort rx timeout. Force session deactivation
[  277.776164][ T5913] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  277.812476][ T5913] usb 2-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  277.841027][ T5913] usb 2-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  278.010248][   T29] audit: type=1326 audit(1774077574.735:389): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  278.098065][   T29] audit: type=1326 audit(1774077574.735:390): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  278.118266][ T5913] usb 2-1: config 0 interface 125 has no altsetting 0
[  278.127644][ T5913] usb 2-1: config 0 interface 125 has no altsetting 2
[  278.165841][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880581f2800: abort rx timeout. Force session deactivation
[  278.242347][   T29] audit: type=1326 audit(1774077574.735:391): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  278.277907][ T5913] usb 2-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  278.286983][ T5913] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  278.325630][ T5913] usb 2-1: Product: syz
[  278.325636][   T29] audit: type=1326 audit(1774077574.735:392): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  278.325677][   T29] audit: type=1326 audit(1774077574.795:393): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9712 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fad1175cfce code=0x7ffc0000
[  278.382431][   T29] audit: type=1326 audit(1774077574.795:394): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  278.438529][   T29] audit: type=1326 audit(1774077574.795:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  278.461108][ T5913] usb 2-1: Manufacturer: syz
[  278.461131][ T5913] usb 2-1: SerialNumber: syz
[  278.472169][ T5913] usb 2-1: config 0 descriptor??
[  278.476624][   T29] audit: type=1326 audit(1774077574.915:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  278.503149][   T29] audit: type=1326 audit(1774077574.915:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9707 comm="syz.2.1050" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  278.598648][ T5913] usb 2-1: selecting invalid altsetting 2
[  278.710580][   T30] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  278.832899][ T9724] : entered promiscuous mode
[  279.087346][ T5953] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  279.160261][   T30] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  279.171804][   T30] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  279.232146][ T9728] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1054'.
[  279.303568][ T5953] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  279.324245][ T5953] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  279.420273][   T30] usb 3-1: New USB device found, idVendor=b486, idProduct=658a, bcdDevice=1d.30
[  279.423808][ T5953] usb 4-1: New USB device found, idVendor=b486, idProduct=658a, bcdDevice=1d.30
[  279.462216][ T5953] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.486924][ T5953] usb 4-1: Product: syz
[  279.523519][   T30] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.544057][ T5953] usb 4-1: Manufacturer: syz
[  279.564951][ T5953] usb 4-1: SerialNumber: syz
[  279.585515][ T5953] usb 4-1: config 0 descriptor??
[  279.608073][   T30] usb 3-1: Product: syz
[  279.633390][   T30] usb 3-1: Manufacturer: syz
[  279.647195][ T5913] get_1284_register timeout
[  279.651929][    C0] usb 2-1: async_complete: urb error -104
[  279.657728][    C0] usb 2-1: async_complete: urb error -104
[  279.660280][   T30] usb 3-1: SerialNumber: syz
[  279.663565][    C0] usb 2-1: async_complete: urb error -104
[  279.674063][    C0] usb 2-1: async_complete: urb error -104
[  279.808876][   T30] usb 3-1: config 0 descriptor??
[  279.966739][ T9738] bond3: entered allmulticast mode
[  280.054749][ T5913] usb 2-1: USB disconnect, device number 58
[  280.190784][ T9742] x_tables: ip6_tables: SNAT target: used from hooks OUTPUT, but only usable from INPUT/POSTROUTING
[  280.530751][ T9747] syzkaller1: entered promiscuous mode
[  280.536243][ T9747] syzkaller1: entered allmulticast mode
[  280.869757][   T30] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[  281.037216][   T30] usb 1-1: Using ep0 maxpacket: 8
[  281.044022][   T30] usb 1-1: config 4 has an invalid interface number: 244 but max is 0
[  281.053006][   T30] usb 1-1: config 4 has no interface number 0
[  281.059587][   T30] usb 1-1: config 4 interface 244 altsetting 1 endpoint 0x1 has an invalid bInterval 41, changing to 7
[  281.070771][   T30] usb 1-1: config 4 interface 244 altsetting 1 endpoint 0x2 has invalid wMaxPacketSize 0
[  281.080656][   T30] usb 1-1: config 4 interface 244 has no altsetting 0
[  281.091882][   T30] usb 1-1: New USB device found, idVendor=05ac, idProduct=fa33, bcdDevice=cb.aa
[  281.102096][   T30] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.110196][   T30] usb 1-1: Product: syz
[  281.114470][   T30] usb 1-1: Manufacturer: syz
[  281.119093][   T30] usb 1-1: SerialNumber: syz
[  281.340211][   T30] ipheth 1-1:4.244: Unable to find endpoints
[  281.353844][   T30] usb 1-1: USB disconnect, device number 56
[  282.033377][   T30] usb 4-1: USB disconnect, device number 49
[  282.093832][ T5913] usb 3-1: USB disconnect, device number 49
[  282.147642][  T796] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[  282.191341][ T9755] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.1063'.
[  282.234153][ T9757] x_tables: duplicate underflow at hook 3
[  282.337354][  T796] usb 1-1: Using ep0 maxpacket: 16
[  282.354412][  T796] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  282.369271][  T796] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  282.380553][  T796] usb 1-1: config 0 interface 0 has no altsetting 0
[  282.420804][  T796] usb 1-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00
[  282.430342][  T796] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.452975][  T796] usb 1-1: config 0 descriptor??
[  282.477518][ T9760] cgroup: fork rejected by pids controller in /syz1
[  283.227051][T10418] workqueue: name exceeds WQ_NAME_LEN. Truncating to: 1ùà^!‚lü1Ü*ø$pOcÚÉ”ÎÜr$åG—•µ�
[  283.259238][   T29] kauditd_printk_skb: 74 callbacks suppressed
[  283.259256][   T29] audit: type=1400 audit(1774077579.995:472): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A21D01C0B978D2F2F262D2A83D1 pid=10413 comm="syz.2.1074"
[  283.352469][ T9753] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  283.377014][ T9753] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  283.977629][  T796] usbhid 1-1:0.0: can't add hid device: -71
[  283.989648][  T796] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  284.020876][  T796] usb 1-1: USB disconnect, device number 57
[  284.157180][ T5898] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  284.233092][T10467] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1084'.
[  284.347168][ T5898] usb 4-1: Using ep0 maxpacket: 8
[  284.375671][ T5898] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  284.389614][T10474] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1087'.
[  284.401595][ T5898] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  284.452952][ T5898] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  284.517262][ T5898] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  284.517802][T10484] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1089'.
[  284.527033][ T5898] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 0
[  284.561026][ T5898] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  284.587455][T10484] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1089'.
[  284.599492][ T5898] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.626701][T10484] netlink: 'syz.0.1089': attribute type 14 has an invalid length.
[  284.637963][ T5898] usb 4-1: config 0 descriptor??
[  284.655350][ T5898] hub 4-1:0.0: bad descriptor, ignoring hub
[  284.670183][ T5898] hub 4-1:0.0: probe with driver hub failed with error -5
[  284.723330][ T5828] Bluetooth: hci5: urb ffff88807d8c7600 submission failed (90)
[  284.838176][T10493] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1093'.
[  284.866658][   T24] usb 4-1: USB disconnect, device number 50
[  284.887579][ T5898] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  285.059153][ T5898] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  285.070763][ T5898] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  285.082247][ T5898] usb 2-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[  285.092377][ T5898] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.121105][ T5898] usb 2-1: config 0 descriptor??
[  285.204001][   T24] IPVS: starting estimator thread 0...
[  285.227279][   T29] audit: type=1326 audit(1774077581.945:473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10494 comm="syz.2.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  285.270696][   T29] audit: type=1326 audit(1774077581.945:474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10494 comm="syz.2.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fad1175cfce code=0x7ffc0000
[  285.293447][   T29] audit: type=1326 audit(1774077581.945:475): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10494 comm="syz.2.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  285.317191][   T29] audit: type=1326 audit(1774077581.955:476): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10494 comm="syz.2.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=17 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  285.341355][   T29] audit: type=1326 audit(1774077581.955:477): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10494 comm="syz.2.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  285.367320][T10501] IPVS: using max 35 ests per chain, 84000 per kthread
[  285.368659][   T29] audit: type=1326 audit(1774077581.955:478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10494 comm="syz.2.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  285.396700][   T29] audit: type=1326 audit(1774077581.955:479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10494 comm="syz.2.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  285.397207][   T24] usb 1-1: new low-speed USB device number 58 using dummy_hcd
[  285.419789][   T29] audit: type=1326 audit(1774077581.955:480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10494 comm="syz.2.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fad1175cfce code=0x7ffc0000
[  285.449426][   T29] audit: type=1326 audit(1774077581.955:481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10494 comm="syz.2.1094" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  285.533339][ T5898] hkems 0003:2006:0118.0015: item fetching failed at offset 5/7
[  285.568580][ T5898] hkems 0003:2006:0118.0015: parse failed
[  285.575963][ T5898] hkems 0003:2006:0118.0015: probe with driver hkems failed with error -22
[  285.629161][   T24] usb 1-1: New USB device found, idVendor=10d2, idProduct=2865, bcdDevice=a4.c9
[  285.638342][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  285.663447][   T24] usb 1-1: config 0 descriptor??
[  285.683196][   T24] usblcd 1-1:0.0: USBLCD model not supported.
[  285.747419][   T24] usb 2-1: USB disconnect, device number 59
[  286.394574][   T24] usb 1-1: USB disconnect, device number 58
[  317.090967][    C1] ip6_tunnel: ip6gretap0 xmit: Local address not yet configured!
[  317.091239][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  317.105418][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  365.581078][ T5953] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  365.807402][ T5953] usb 2-1: Using ep0 maxpacket: 8
[  365.815914][ T5953] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  365.827560][ T5953] usb 2-1: config 0 has no interfaces?
[  365.834931][ T5953] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  365.845597][ T5953] usb 2-1: config 0 has no interfaces?
[  365.853872][ T5953] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  365.864365][ T5953] usb 2-1: config 0 has no interfaces?
[  365.873584][ T5953] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  365.884799][ T5953] usb 2-1: config 0 has no interfaces?
[  365.890849][ T5953] usb 2-1: New USB device found, idVendor=046d, idProduct=08b3, bcdDevice=6d.2a
[  366.189724][T10549] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1106'.
[  366.223458][T10549] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1106'.
[  366.233870][T10549] netlink: 'syz.0.1106': attribute type 14 has an invalid length.
[  366.255403][ T5953] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.325569][ T5953] usb 2-1: config 0 descriptor??
[  366.768280][T10537] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1101'.
[  367.067153][ T5876] usb 1-1: new high-speed USB device number 59 using dummy_hcd
[  367.177850][   T24] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  367.224570][ T5876] usb 1-1: unable to get BOS descriptor or descriptor too short
[  367.234104][ T5876] usb 1-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 254, changing to 7
[  367.257625][ T5876] usb 1-1: New USB device found, idVendor=1235, idProduct=8210, bcdDevice= 0.40
[  367.267240][ T5876] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  367.281412][ T5876] usb 1-1: Product: syz
[  367.288474][ T5876] usb 1-1: Manufacturer: syz
[  367.294969][ T5876] usb 1-1: SerialNumber: syz
[  367.337738][   T24] usb 3-1: Using ep0 maxpacket: 32
[  367.356753][   T24] usb 3-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40
[  367.375821][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  367.397233][ T5898] usb 4-1: new full-speed USB device number 51 using dummy_hcd
[  367.405028][   T24] usb 3-1: Product: syz
[  367.415399][   T24] usb 3-1: Manufacturer: syz
[  367.426057][   T24] usb 3-1: SerialNumber: syz
[  367.525813][ T5876] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  367.536165][ T5876] usb 1-1: 2:1 : format type 0 is detected, processed as PCM
[  367.543947][ T5876] usb 1-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  367.582524][ T5898] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  367.593989][ T5898] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  367.614974][ T5876] usb 1-1: USB disconnect, device number 59
[  367.615451][ T5898] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  367.636615][ T5898] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64
[  367.692184][ T5898] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  367.703888][ T5898] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  367.713570][ T5898] usb 4-1: Product: syz
[  367.718336][ T5898] usb 4-1: Manufacturer: syz
[  367.726580][ T5898] usb 4-1: SerialNumber: syz
[  367.746375][T10562] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  367.756920][ T5898] cdc_mbim 4-1:1.0: skipping garbage
[  367.956467][T10562] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  367.984077][T10562] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  368.308198][   T24] usb 3-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  368.324574][   T24] usb 3-1: 2:1 : bogus bTerminalLink 23
[  368.341685][   T24] usb 3-1: unit 6 not found!
[  368.357260][   T24] usb 3-1: unit 246 not found!
[  368.394268][T10578] FAULT_INJECTION: forcing a failure.
[  368.394268][T10578] name failslab, interval 1, probability 0, space 0, times 0
[  368.457545][T10578] CPU: 0 UID: 0 PID: 10578 Comm: syz.2.1117 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  368.457585][T10578] Tainted: [L]=SOFTLOCKUP
[  368.457592][T10578] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  368.457607][T10578] Call Trace:
[  368.457614][T10578]  <TASK>
[  368.457622][T10578]  dump_stack_lvl+0xe8/0x150
[  368.457652][T10578]  should_fail_ex+0x412/0x560
[  368.457682][T10578]  should_failslab+0xa8/0x100
[  368.457706][T10578]  __kmalloc_cache_noprof+0x88/0x660
[  368.457728][T10578]  ? nft_pernet+0x23/0x240
[  368.457750][T10578]  ? nf_tables_commit+0x936/0xa400
[  368.457773][T10578]  nf_tables_commit+0x936/0xa400
[  368.457794][T10578]  ? do_raw_spin_lock+0x12b/0x2f0
[  368.457835][T10578]  ? __pfx_nf_tables_commit+0x10/0x10
[  368.457856][T10578]  ? __free_frozen_pages+0x706/0xdb0
[  368.457882][T10578]  ? nf_tables_newrule+0x2590/0x28b0
[  368.457914][T10578]  ? __pfx_nf_tables_newrule+0x10/0x10
[  368.457955][T10578]  nfnetlink_rcv+0x1c1b/0x27b0
[  368.457978][T10578]  ? is_bpf_text_address+0x26/0x2b0
[  368.458028][T10578]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  368.458062][T10578]  ? __lock_acquire+0x6b5/0x2cf0
[  368.458125][T10578]  ? netlink_deliver_tap+0x2e/0x1b0
[  368.458168][T10578]  netlink_unicast+0x80f/0x9b0
[  368.458200][T10578]  ? __pfx_netlink_unicast+0x10/0x10
[  368.458228][T10578]  ? netlink_sendmsg+0x650/0xb40
[  368.458252][T10578]  ? skb_put+0x11b/0x210
[  368.458275][T10578]  netlink_sendmsg+0x813/0xb40
[  368.458311][T10578]  ? __pfx_netlink_sendmsg+0x10/0x10
[  368.458341][T10578]  ? aa_sock_msg_perm+0xf1/0x1b0
[  368.458370][T10578]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  368.458395][T10578]  ____sys_sendmsg+0x972/0x9f0
[  368.458424][T10578]  ? __pfx_____sys_sendmsg+0x10/0x10
[  368.458453][T10578]  ? import_iovec+0x73/0xa0
[  368.458477][T10578]  ___sys_sendmsg+0x2a5/0x360
[  368.458504][T10578]  ? __pfx____sys_sendmsg+0x10/0x10
[  368.458559][T10578]  ? __fget_files+0x2a/0x420
[  368.458585][T10578]  ? __fget_files+0x3a0/0x420
[  368.458618][T10578]  __x64_sys_sendmsg+0x1bd/0x2a0
[  368.458643][T10578]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  368.458672][T10578]  ? __pfx_ksys_write+0x10/0x10
[  368.458703][T10578]  do_syscall_64+0x14d/0xf80
[  368.458722][T10578]  ? trace_irq_disable+0x3b/0x150
[  368.458748][T10578]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.458767][T10578]  ? clear_bhb_loop+0x40/0x90
[  368.458788][T10578]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  368.458811][T10578] RIP: 0033:0x7fad1179c799
[  368.458829][T10578] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  368.458846][T10578] RSP: 002b:00007fad12633028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  368.458866][T10578] RAX: ffffffffffffffda RBX: 00007fad11a15fa0 RCX: 00007fad1179c799
[  368.458881][T10578] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  368.458892][T10578] RBP: 00007fad12633090 R08: 0000000000000000 R09: 0000000000000000
[  368.458904][T10578] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  368.458916][T10578] R13: 00007fad11a16038 R14: 00007fad11a15fa0 R15: 00007fad11b3fa48
[  368.458945][T10578]  </TASK>
[  368.484220][   T24] usb 3-1: USB disconnect, device number 50
[  368.808369][T10580] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  368.898137][T10580] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  368.918822][  T796] usb 2-1: USB disconnect, device number 60
[  368.928533][ T5898] cdc_mbim 4-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  368.936055][ T5898] cdc_mbim 4-1:1.0: setting rx_max = 2048
[  369.201737][ T5898] cdc_mbim 4-1:1.0: setting tx_max = 184
[  369.216632][ T5898] cdc_mbim 4-1:1.0: cdc-wdm0: USB WDM device
[  369.289831][ T5898] wwan wwan0: port wwan0mbim0 attached
[  369.306628][T10583] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1118'.
[  369.356519][T10583] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1118'.
[  369.374771][T10583] netlink: 'syz.2.1118': attribute type 14 has an invalid length.
[  369.546643][ T5898] cdc_mbim 4-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.3-1, CDC MBIM, 6a:9e:98:7c:a5:6b
[  369.793060][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  369.793074][   T29] audit: type=1326 audit(1774077666.525:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  369.837203][   T24] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  369.947273][   T29] audit: type=1326 audit(1774077666.565:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  370.007372][T10594] dlm: non-version read from control device 8224
[  370.031799][T10594] dlm: non-version read from control device 8224
[  370.047526][   T29] audit: type=1326 audit(1774077666.565:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  370.050054][   T24] usb 2-1: device descriptor read/64, error -71
[  370.070284][T10594] dlm: non-version read from control device 8224
[  370.082785][   T29] audit: type=1326 audit(1774077666.565:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  370.296726][   T29] audit: type=1326 audit(1774077666.565:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  370.370480][   T29] audit: type=1326 audit(1774077666.565:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  370.397938][   T24] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  370.562615][   T29] audit: type=1326 audit(1774077666.565:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  370.564068][   T24] usb 2-1: device descriptor read/64, error -71
[  370.668182][   T29] audit: type=1326 audit(1774077666.565:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  370.763544][   T29] audit: type=1326 audit(1774077666.565:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  370.817546][   T24] usb usb2-port1: attempt power cycle
[  370.885930][   T29] audit: type=1326 audit(1774077666.565:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10590 comm="syz.2.1120" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  371.062989][T10620] loop4: detected capacity change from 0 to 7
[  371.089061][ T5953] usb 4-1: USB disconnect, device number 51
[  371.140893][ T5953] cdc_mbim 4-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.3-1, CDC MBIM
[  371.209709][T10620] Dev loop4: unable to read RDB block 7
[  371.216427][T10620]  loop4: unable to read partition table
[  371.223020][T10620] loop4: partition table beyond EOD, truncated
[  371.257345][   T24] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  371.279064][T10620] loop_reread_partitions: partition scan of loop4 (þ被xü—ŸÑà– ) failed (rc=-5)
[  371.293065][   T24] usb 2-1: device descriptor read/8, error -71
[  371.322874][T10625] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1126'.
[  371.362904][T10625] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1126'.
[  371.383547][T10625] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1126'.
[  371.384492][ T5953] wwan wwan0: port wwan0mbim0 disconnected
[  371.394655][T10625] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1126'.
[  371.566552][T10633] netlink: 'syz.4.1127': attribute type 6 has an invalid length.
[  371.574480][T10633] netlink: 'syz.4.1127': attribute type 7 has an invalid length.
[  371.582429][T10633] netlink: 'syz.4.1127': attribute type 8 has an invalid length.
[  371.630030][T10630] FAULT_INJECTION: forcing a failure.
[  371.630030][T10630] name failslab, interval 1, probability 0, space 0, times 0
[  371.652918][   T24] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  371.680416][   T24] usb 2-1: device descriptor read/8, error -71
[  371.693653][T10630] CPU: 0 UID: 0 PID: 10630 Comm: syz.2.1128 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  371.693680][T10630] Tainted: [L]=SOFTLOCKUP
[  371.693686][T10630] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  371.693697][T10630] Call Trace:
[  371.693703][T10630]  <TASK>
[  371.693711][T10630]  dump_stack_lvl+0xe8/0x150
[  371.693740][T10630]  should_fail_ex+0x412/0x560
[  371.693768][T10630]  should_failslab+0xa8/0x100
[  371.693794][T10630]  __kmalloc_cache_noprof+0x88/0x660
[  371.693814][T10630]  ? nft_pernet+0x23/0x240
[  371.693836][T10630]  ? nf_tables_commit+0x936/0xa400
[  371.693861][T10630]  nf_tables_commit+0x936/0xa400
[  371.693882][T10630]  ? do_raw_spin_lock+0x12b/0x2f0
[  371.693927][T10630]  ? __pfx_nf_tables_commit+0x10/0x10
[  371.693948][T10630]  ? __free_frozen_pages+0x706/0xdb0
[  371.693977][T10630]  ? nf_tables_newrule+0x2590/0x28b0
[  371.694008][T10630]  ? __pfx_nf_tables_newrule+0x10/0x10
[  371.694050][T10630]  nfnetlink_rcv+0x1c1b/0x27b0
[  371.694073][T10630]  ? is_bpf_text_address+0x26/0x2b0
[  371.694123][T10630]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  371.694156][T10630]  ? __lock_acquire+0x6b5/0x2cf0
[  371.694211][T10630]  ? netlink_deliver_tap+0x2e/0x1b0
[  371.694254][T10630]  netlink_unicast+0x80f/0x9b0
[  371.694286][T10630]  ? __pfx_netlink_unicast+0x10/0x10
[  371.694310][T10630]  ? netlink_sendmsg+0x650/0xb40
[  371.694333][T10630]  ? skb_put+0x11b/0x210
[  371.694356][T10630]  netlink_sendmsg+0x813/0xb40
[  371.694391][T10630]  ? __pfx_netlink_sendmsg+0x10/0x10
[  371.694420][T10630]  ? aa_sock_msg_perm+0xf1/0x1b0
[  371.694455][T10630]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  371.694479][T10630]  ____sys_sendmsg+0x972/0x9f0
[  371.694507][T10630]  ? __pfx_____sys_sendmsg+0x10/0x10
[  371.694536][T10630]  ? import_iovec+0x73/0xa0
[  371.694558][T10630]  ___sys_sendmsg+0x2a5/0x360
[  371.694584][T10630]  ? __pfx____sys_sendmsg+0x10/0x10
[  371.694637][T10630]  ? __fget_files+0x2a/0x420
[  371.694663][T10630]  ? __fget_files+0x3a0/0x420
[  371.694700][T10630]  __x64_sys_sendmsg+0x1bd/0x2a0
[  371.694724][T10630]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  371.694753][T10630]  ? __pfx_ksys_write+0x10/0x10
[  371.694784][T10630]  do_syscall_64+0x14d/0xf80
[  371.694803][T10630]  ? trace_irq_disable+0x3b/0x150
[  371.694828][T10630]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.694846][T10630]  ? clear_bhb_loop+0x40/0x90
[  371.694868][T10630]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  371.694886][T10630] RIP: 0033:0x7fad1179c799
[  371.694903][T10630] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  371.694919][T10630] RSP: 002b:00007fad12633028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  371.694939][T10630] RAX: ffffffffffffffda RBX: 00007fad11a15fa0 RCX: 00007fad1179c799
[  371.694952][T10630] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  371.694963][T10630] RBP: 00007fad12633090 R08: 0000000000000000 R09: 0000000000000000
[  371.694975][T10630] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  371.694986][T10630] R13: 00007fad11a16038 R14: 00007fad11a15fa0 R15: 00007fad11b3fa48
[  371.695015][T10630]  </TASK>
[  372.004638][   T24] usb usb2-port1: unable to enumerate USB device
[  372.427597][T10645] syz.3.1130: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  372.503539][T10649] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1133'.
[  372.538565][T10645] CPU: 1 UID: 0 PID: 10645 Comm: syz.3.1130 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  372.538595][T10645] Tainted: [L]=SOFTLOCKUP
[  372.538603][T10645] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  372.538615][T10645] Call Trace:
[  372.538623][T10645]  <TASK>
[  372.538631][T10645]  dump_stack_lvl+0xe8/0x150
[  372.538663][T10645]  warn_alloc+0x249/0x340
[  372.538688][T10645]  ? stack_trace_save+0xa9/0x100
[  372.538711][T10645]  ? __pfx_warn_alloc+0x10/0x10
[  372.538740][T10645]  ? kasan_save_track+0x4f/0x80
[  372.538758][T10645]  ? kasan_save_track+0x3e/0x80
[  372.538776][T10645]  ? __kasan_kmalloc+0x93/0xb0
[  372.538809][T10645]  ? __kmalloc_cache_noprof+0x31c/0x660
[  372.538829][T10645]  ? xskq_create+0x56/0x170
[  372.538846][T10645]  ? xsk_setsockopt+0x54c/0x990
[  372.538871][T10645]  ? do_sock_setsockopt+0x17c/0x1b0
[  372.538890][T10645]  ? __x64_sys_setsockopt+0x13d/0x1b0
[  372.538908][T10645]  ? do_syscall_64+0x14d/0xf80
[  372.538931][T10645]  __vmalloc_node_range_noprof+0x132/0x1730
[  372.538977][T10645]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  372.539004][T10645]  ? __kasan_kmalloc+0x93/0xb0
[  372.539030][T10645]  vmalloc_user_noprof+0xad/0xe0
[  372.539051][T10645]  ? xskq_create+0xbf/0x170
[  372.539069][T10645]  xskq_create+0xbf/0x170
[  372.539090][T10645]  xsk_init_queue+0x8a/0xe0
[  372.539120][T10645]  xsk_setsockopt+0x54c/0x990
[  372.539149][T10645]  ? __pfx_xsk_setsockopt+0x10/0x10
[  372.539176][T10645]  ? __pfx_aa_sk_perm+0x10/0x10
[  372.539205][T10645]  ? aa_sock_opt_perm+0xff/0x1a0
[  372.539234][T10645]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  372.539256][T10645]  ? __pfx_xsk_setsockopt+0x10/0x10
[  372.539283][T10645]  do_sock_setsockopt+0x17c/0x1b0
[  372.539306][T10645]  __x64_sys_setsockopt+0x13d/0x1b0
[  372.539331][T10645]  do_syscall_64+0x14d/0xf80
[  372.539350][T10645]  ? trace_irq_disable+0x3b/0x150
[  372.539375][T10645]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.539394][T10645]  ? clear_bhb_loop+0x40/0x90
[  372.539417][T10645]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  372.539435][T10645] RIP: 0033:0x7f7cd459c799
[  372.539453][T10645] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  372.539469][T10645] RSP: 002b:00007f7cd5491028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  372.539489][T10645] RAX: ffffffffffffffda RBX: 00007f7cd4816090 RCX: 00007f7cd459c799
[  372.539503][T10645] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000005
[  372.539514][T10645] RBP: 00007f7cd4632c99 R08: 0000000000000004 R09: 0000000000000000
[  372.539526][T10645] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  372.539538][T10645] R13: 00007f7cd4816128 R14: 00007f7cd4816090 R15: 00007f7cd493fa48
[  372.539567][T10645]  </TASK>
[  372.539589][T10645] Mem-Info:
[  372.910525][T10645] active_anon:11038 inactive_anon:0 isolated_anon:0
[  372.910525][T10645]  active_file:18637 inactive_file:40094 isolated_file:0
[  372.910525][T10645]  unevictable:768 dirty:188 writeback:0
[  372.910525][T10645]  slab_reclaimable:10850 slab_unreclaimable:100161
[  372.910525][T10645]  mapped:32036 shmem:5119 pagetables:1422
[  372.910525][T10645]  sec_pagetables:0 bounce:0
[  372.910525][T10645]  kernel_misc_reclaimable:0
[  372.910525][T10645]  free:1300489 free_pcp:11203 free_cma:0
[  373.041612][T10645] Node 0 active_anon:47352kB inactive_anon:0kB active_file:74480kB inactive_file:160168kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:131304kB dirty:712kB writeback:0kB shmem:22140kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:12620kB pagetables:5436kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  373.170754][T10645] Node 1 active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:40kB dirty:40kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:152kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  373.207130][  T796] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  373.257134][T10645] Node 0 DMA free:15360kB boost:0kB min:208kB low:260kB high:312kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  373.342829][T10645] lowmem_reserve[]: 0 2492 2493 2493 2493
[  373.371437][T10645] Node 0 DMA32 free:1241580kB boost:0kB min:34200kB low:42748kB high:51296kB reserved_highatomic:0KB free_highatomic:0KB active_anon:44952kB inactive_anon:0kB active_file:74480kB inactive_file:160168kB unevictable:1536kB writepending:712kB zspages:0kB present:3129332kB managed:2552720kB mlocked:0kB bounce:0kB free_pcp:41416kB local_pcp:26180kB free_cma:0kB
[  373.419585][T10645] lowmem_reserve[]: 0 0 0 0 0
[  373.439372][  T796] usb 4-1: Using ep0 maxpacket: 16
[  373.445863][T10645] Node 0 Normal free:0kB boost:0kB min:8kB low:8kB high:8kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:880kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  373.479507][T10645] lowmem_reserve[]: 0 0 0 0 0
[  373.485042][T10645] Node 1 Normal free:3940188kB boost:0kB min:55688kB low:69608kB high:83528kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:68kB inactive_file:208kB unevictable:1536kB writepending:40kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  373.519183][  T796] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  373.529569][T10645] lowmem_reserve[]: 0 0 0 0 0
[  373.534330][T10645] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  373.553868][  T796] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  373.569616][T10645] Node 0 DMA32: 1661*4kB (UME) 2095*8kB (UME) 934*16kB (UME) 1340*32kB (UME) 376*64kB (UME) 94*128kB (UME) 39*256kB (UME) 16*512kB (UM) 9*1024kB (UME) 7*2048kB (UM) 265*4096kB (UM) = 1244492kB
[  373.590441][T10645] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 
[  373.592022][  T796] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  373.607742][T10645] 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  373.615644][T10645] Node 1 Normal: 3*4kB (UM) 8*8kB (UM) 11*16kB (UM) 7*32kB (UM) 14*64kB (UM) 8*128kB (UM) 6*256kB (UM) 6*512kB (UM) 1*1024kB (M) 2*2048kB (UM) 959*4096kB (UM) = 3940188kB
[  373.633604][  T796] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.642061][  T796] usb 4-1: Product: syz
[  373.646334][  T796] usb 4-1: Manufacturer: syz
[  373.651476][  T796] usb 4-1: SerialNumber: syz
[  373.658640][T10645] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  373.679250][T10645] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  373.688928][T10645] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  373.702723][T10645] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  373.720879][T10645] 64321 total pagecache pages
[  373.735881][T10645] 0 pages in swap cache
[  373.745356][T10645] Free swap  = 124996kB
[  373.757128][T10645] Total swap = 124996kB
[  373.767661][T10645] 2097051 pages RAM
[  373.771548][T10645] 0 pages HighMem/MovableOnly
[  373.779399][T10645] 427036 pages reserved
[  373.786451][T10645] 0 pages cma reserved
[  374.189359][T10678] kAFS: unable to lookup cell 'ÿ'
[  374.542820][T10683] loop4: detected capacity change from 0 to 7
[  374.580736][T10683] Dev loop4: unable to read RDB block 7
[  374.602871][T10683]  loop4: unable to read partition table
[  374.613729][T10683] loop4: partition table beyond EOD, truncated
[  374.634110][T10683] loop_reread_partitions: partition scan of loop4 (þ被xü—ŸÑà– ) failed (rc=-5)
[  374.965798][T10692] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1140'.
[  375.173535][T10696] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1141'.
[  375.273388][T10699] FAULT_INJECTION: forcing a failure.
[  375.273388][T10699] name failslab, interval 1, probability 0, space 0, times 0
[  375.311662][  T796] usb 4-1: 0:2 : does not exist
[  375.452239][T10699] CPU: 0 UID: 0 PID: 10699 Comm: syz.2.1142 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  375.452268][T10699] Tainted: [L]=SOFTLOCKUP
[  375.452274][T10699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  375.452284][T10699] Call Trace:
[  375.452299][T10699]  <TASK>
[  375.452307][T10699]  dump_stack_lvl+0xe8/0x150
[  375.452340][T10699]  should_fail_ex+0x412/0x560
[  375.452369][T10699]  should_failslab+0xa8/0x100
[  375.452393][T10699]  __kvmalloc_node_noprof+0x178/0x8a0
[  375.452416][T10699]  ? nf_tables_commit+0xc2c/0xa400
[  375.452437][T10699]  ? nf_tables_commit+0x936/0xa400
[  375.452461][T10699]  nf_tables_commit+0xc2c/0xa400
[  375.452481][T10699]  ? do_raw_spin_lock+0x12b/0x2f0
[  375.452522][T10699]  ? __pfx_nf_tables_commit+0x10/0x10
[  375.452544][T10699]  ? __free_frozen_pages+0x706/0xdb0
[  375.452571][T10699]  ? nf_tables_newrule+0x2590/0x28b0
[  375.452606][T10699]  ? __pfx_nf_tables_newrule+0x10/0x10
[  375.452646][T10699]  nfnetlink_rcv+0x1c1b/0x27b0
[  375.452668][T10699]  ? is_bpf_text_address+0x26/0x2b0
[  375.452714][T10699]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  375.452746][T10699]  ? __lock_acquire+0x6b5/0x2cf0
[  375.452799][T10699]  ? netlink_deliver_tap+0x2e/0x1b0
[  375.452841][T10699]  netlink_unicast+0x80f/0x9b0
[  375.452873][T10699]  ? __pfx_netlink_unicast+0x10/0x10
[  375.452898][T10699]  ? netlink_sendmsg+0x650/0xb40
[  375.452921][T10699]  ? skb_put+0x11b/0x210
[  375.452943][T10699]  netlink_sendmsg+0x813/0xb40
[  375.452977][T10699]  ? __pfx_netlink_sendmsg+0x10/0x10
[  375.453006][T10699]  ? aa_sock_msg_perm+0xf1/0x1b0
[  375.453033][T10699]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  375.453052][T10699]  ____sys_sendmsg+0x972/0x9f0
[  375.453077][T10699]  ? __pfx_____sys_sendmsg+0x10/0x10
[  375.453104][T10699]  ? import_iovec+0x73/0xa0
[  375.453126][T10699]  ___sys_sendmsg+0x2a5/0x360
[  375.453152][T10699]  ? __pfx____sys_sendmsg+0x10/0x10
[  375.453204][T10699]  ? __fget_files+0x2a/0x420
[  375.453229][T10699]  ? __fget_files+0x3a0/0x420
[  375.453263][T10699]  __x64_sys_sendmsg+0x1bd/0x2a0
[  375.453286][T10699]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  375.453322][T10699]  ? __pfx_ksys_write+0x10/0x10
[  375.453353][T10699]  do_syscall_64+0x14d/0xf80
[  375.453373][T10699]  ? trace_irq_disable+0x3b/0x150
[  375.453396][T10699]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.453414][T10699]  ? clear_bhb_loop+0x40/0x90
[  375.453434][T10699]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  375.453449][T10699] RIP: 0033:0x7fad1179c799
[  375.453465][T10699] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  375.453479][T10699] RSP: 002b:00007fad12633028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  375.453497][T10699] RAX: ffffffffffffffda RBX: 00007fad11a15fa0 RCX: 00007fad1179c799
[  375.453510][T10699] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  375.453518][T10699] RBP: 00007fad12633090 R08: 0000000000000000 R09: 0000000000000000
[  375.453529][T10699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  375.453538][T10699] R13: 00007fad11a16038 R14: 00007fad11a15fa0 R15: 00007fad11b3fa48
[  375.453565][T10699]  </TASK>
[  375.927255][  T796] usb 4-1: USB disconnect, device number 52
[  375.967457][T10701] loop5: detected capacity change from 0 to 7
[  376.015922][T10701] Dev loop5: unable to read RDB block 7
[  376.104667][T10701]  loop5: unable to read partition table
[  376.122046][T10584] udevd[10584]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  376.157500][T10701] loop5: partition table beyond EOD, truncated
[  376.197323][T10701] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[  376.483905][T10711] macvtap1: entered promiscuous mode
[  376.495629][T10711] macvtap1: entered allmulticast mode
[  376.501477][T10711] veth1_vlan: entered allmulticast mode
[  376.520655][T10711] macvtap2: entered promiscuous mode
[  376.526098][T10711] macvtap2: entered allmulticast mode
[  376.907149][   T10] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[  376.918013][T10722] loop4: detected capacity change from 0 to 7
[  376.927763][T10722] Dev loop4: unable to read RDB block 7
[  376.933381][T10722]  loop4: unable to read partition table
[  376.957328][T10722] loop4: partition table beyond EOD, truncated
[  376.987859][T10722] loop_reread_partitions: partition scan of loop4 (þ被xü—ŸÑà– ) failed (rc=-5)
[  376.997224][ T5953] usb 3-1: new full-speed USB device number 51 using dummy_hcd
[  377.067522][   T10] usb 2-1: Using ep0 maxpacket: 32
[  377.094749][   T10] usb 2-1: config 0 has an invalid interface number: 196 but max is 0
[  377.117973][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  377.139465][   T10] usb 2-1: config 0 has no interface number 0
[  377.145635][   T10] usb 2-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 16
[  377.156152][   T10] usb 2-1: config 0 interface 196 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  377.189801][ T5953] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  377.208161][ T5953] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  377.217685][   T10] usb 2-1: config 0 interface 196 has no altsetting 0
[  377.227699][   T10] usb 2-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a
[  377.237348][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  377.245984][   T10] usb 2-1: Product: syz
[  377.255578][ T5953] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  377.265231][ T5953] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  377.273486][   T10] usb 2-1: Manufacturer: syz
[  377.280157][   T10] usb 2-1: SerialNumber: syz
[  377.286588][ T5953] usb 3-1: Product: syz
[  377.291290][ T5953] usb 3-1: Manufacturer: syz
[  377.296114][ T5953] usb 3-1: SerialNumber: syz
[  377.302021][   T10] usb 2-1: config 0 descriptor??
[  377.317882][T10716] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  377.508499][T10729] FAULT_INJECTION: forcing a failure.
[  377.508499][T10729] name failslab, interval 1, probability 0, space 0, times 0
[  377.627128][   T10] ipheth 2-1:0.196: Unable to find endpoints
[  377.654311][   T10] usb 2-1: USB disconnect, device number 65
[  377.656640][T10729] CPU: 1 UID: 0 PID: 10729 Comm: syz.0.1154 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  377.656668][T10729] Tainted: [L]=SOFTLOCKUP
[  377.656674][T10729] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  377.656685][T10729] Call Trace:
[  377.656691][T10729]  <TASK>
[  377.656699][T10729]  dump_stack_lvl+0xe8/0x150
[  377.656727][T10729]  should_fail_ex+0x412/0x560
[  377.656756][T10729]  should_failslab+0xa8/0x100
[  377.656779][T10729]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  377.656800][T10729]  ? __alloc_skb+0x1d0/0x7d0
[  377.656816][T10729]  ? __local_bh_enable_ip+0xd0/0x130
[  377.656842][T10729]  __alloc_skb+0x1d0/0x7d0
[  377.656863][T10729]  nf_tables_rule_notify+0xc0/0x570
[  377.656881][T10729]  ? nft_pernet+0x23/0x240
[  377.656924][T10729]  nf_tables_commit+0x1c93/0xa400
[  377.656970][T10729]  ? __pfx_nf_tables_commit+0x10/0x10
[  377.656996][T10729]  ? __free_frozen_pages+0x706/0xdb0
[  377.657024][T10729]  ? nf_tables_newrule+0x2590/0x28b0
[  377.657059][T10729]  ? __pfx_nf_tables_newrule+0x10/0x10
[  377.657098][T10729]  nfnetlink_rcv+0x1c1b/0x27b0
[  377.657119][T10729]  ? is_bpf_text_address+0x26/0x2b0
[  377.657167][T10729]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  377.657198][T10729]  ? __lock_acquire+0x6b5/0x2cf0
[  377.657250][T10729]  ? netlink_deliver_tap+0x2e/0x1b0
[  377.657290][T10729]  netlink_unicast+0x80f/0x9b0
[  377.657320][T10729]  ? __pfx_netlink_unicast+0x10/0x10
[  377.657345][T10729]  ? netlink_sendmsg+0x650/0xb40
[  377.657368][T10729]  ? skb_put+0x11b/0x210
[  377.657388][T10729]  netlink_sendmsg+0x813/0xb40
[  377.657421][T10729]  ? __pfx_netlink_sendmsg+0x10/0x10
[  377.657449][T10729]  ? aa_sock_msg_perm+0xf1/0x1b0
[  377.657474][T10729]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  377.657494][T10729]  ____sys_sendmsg+0x972/0x9f0
[  377.657523][T10729]  ? __pfx_____sys_sendmsg+0x10/0x10
[  377.657550][T10729]  ? import_iovec+0x73/0xa0
[  377.657572][T10729]  ___sys_sendmsg+0x2a5/0x360
[  377.657596][T10729]  ? __pfx____sys_sendmsg+0x10/0x10
[  377.657646][T10729]  ? __fget_files+0x2a/0x420
[  377.657670][T10729]  ? __fget_files+0x3a0/0x420
[  377.657703][T10729]  __x64_sys_sendmsg+0x1bd/0x2a0
[  377.657725][T10729]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  377.657753][T10729]  ? __pfx_ksys_write+0x10/0x10
[  377.657781][T10729]  do_syscall_64+0x14d/0xf80
[  377.657801][T10729]  ? trace_irq_disable+0x3b/0x150
[  377.657825][T10729]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.657842][T10729]  ? clear_bhb_loop+0x40/0x90
[  377.657863][T10729]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  377.657879][T10729] RIP: 0033:0x7f4a4ff9c799
[  377.657896][T10729] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  377.657911][T10729] RSP: 002b:00007f4a50e73028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  377.657929][T10729] RAX: ffffffffffffffda RBX: 00007f4a50215fa0 RCX: 00007f4a4ff9c799
[  377.657941][T10729] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  377.657952][T10729] RBP: 00007f4a50e73090 R08: 0000000000000000 R09: 0000000000000000
[  377.657963][T10729] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  377.657978][T10729] R13: 00007f4a50216038 R14: 00007f4a50215fa0 R15: 00007f4a5033fa48
[  377.658005][T10729]  </TASK>
[  378.141734][T10733] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  378.157002][T10733] syzkaller0: entered promiscuous mode
[  378.200002][T10733] syzkaller0: entered allmulticast mode
[  378.271922][T10733] tipc: Resetting bearer <eth:syzkaller0>
[  378.284023][T10732] tipc: Resetting bearer <eth:syzkaller0>
[  378.302027][T10732] tipc: Disabling bearer <eth:syzkaller0>
[  378.587270][T10745] loop5: detected capacity change from 0 to 7
[  378.596440][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  378.604987][T10745] Dev loop5: unable to read RDB block 7
[  378.612768][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  378.625450][T10745]  loop5: unable to read partition table
[  378.632121][T10745] loop5: partition table beyond EOD, truncated
[  378.661245][T10745] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[  379.452689][ T5953] usb 3-1: 0:2 : does not exist
[  379.470902][ T5953] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  379.490831][ T5953] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  379.733083][ T5953] usb 3-1: USB disconnect, device number 51
[  379.820119][T10584] udevd[10584]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  379.848689][T10759] loop4: detected capacity change from 0 to 7
[  379.855912][T10759] Dev loop4: unable to read RDB block 7
[  379.873272][T10759]  loop4: unable to read partition table
[  379.886215][T10759] loop4: partition table beyond EOD, truncated
[  379.913738][T10759] loop_reread_partitions: partition scan of loop4 (þ被xü—ŸÑà– ) failed (rc=-5)
[  380.398421][T10766] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1165'.
[  380.690991][T10771] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1166'.
[  380.706215][   T29] kauditd_printk_skb: 56 callbacks suppressed
[  380.706234][   T29] audit: type=1326 audit(1774077677.395:549): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.3.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  380.775549][   T29] audit: type=1326 audit(1774077677.405:550): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.3.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  380.838162][   T29] audit: type=1326 audit(1774077677.405:551): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.3.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  380.878216][   T29] audit: type=1326 audit(1774077677.405:552): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.3.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  380.915296][   T29] audit: type=1326 audit(1774077677.415:553): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.3.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  381.036902][ T5953] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  381.088569][   T10] usb 3-1: new high-speed USB device number 52 using dummy_hcd
[  381.097257][   T29] audit: type=1326 audit(1774077677.415:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.3.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7cd459e007 code=0x7ffc0000
[  381.166440][   T29] audit: type=1326 audit(1774077677.415:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.3.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  381.208334][   T29] audit: type=1326 audit(1774077677.415:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.3.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  381.241068][ T5953] usb 4-1: no configurations
[  381.245785][   T29] audit: type=1326 audit(1774077677.425:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.3.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  381.245938][ T5953] usb 4-1: can't read configurations, error -22
[  381.275067][   T10] usb 3-1: Using ep0 maxpacket: 32
[  381.292374][   T10] usb 3-1: config 0 has an invalid interface number: 196 but max is 0
[  381.302171][   T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  381.307161][   T29] audit: type=1326 audit(1774077677.425:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10768 comm="syz.3.1166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  381.424324][   T10] usb 3-1: config 0 has no interface number 0
[  381.434233][   T10] usb 3-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 16
[  381.451920][   T10] usb 3-1: config 0 interface 196 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  381.468922][ T5953] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  381.486623][   T10] usb 3-1: config 0 interface 196 has no altsetting 0
[  381.501805][   T10] usb 3-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a
[  381.519409][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  381.533497][   T10] usb 3-1: Product: syz
[  381.540792][   T10] usb 3-1: Manufacturer: syz
[  381.549992][   T10] usb 3-1: SerialNumber: syz
[  381.564110][   T10] usb 3-1: config 0 descriptor??
[  381.573989][T10775] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  381.629031][ T5953] usb 4-1: no configurations
[  381.636474][ T5953] usb 4-1: can't read configurations, error -22
[  381.650240][ T5953] usb usb4-port1: attempt power cycle
[  381.792529][   T10] ipheth 3-1:0.196: Unable to find endpoints
[  381.812491][   T10] usb 3-1: USB disconnect, device number 52
[  381.997143][ T5953] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  382.018227][ T5953] usb 4-1: no configurations
[  382.022906][ T5953] usb 4-1: can't read configurations, error -22
[  382.157194][ T5953] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  382.178314][ T5953] usb 4-1: no configurations
[  382.183172][ T5953] usb 4-1: can't read configurations, error -22
[  382.190132][ T5953] usb usb4-port1: unable to enumerate USB device
[  383.257663][T10795] loop4: detected capacity change from 0 to 7
[  383.274457][T10795] Dev loop4: unable to read RDB block 7
[  383.283656][T10795]  loop4: unable to read partition table
[  383.290705][T10795] loop4: partition table beyond EOD, truncated
[  383.305608][T10795] loop_reread_partitions: partition scan of loop4 (þ被xü—ŸÑà– ) failed (rc=-5)
[  383.394060][T10797] program syz.1.1175 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  383.517168][ T5898] usb 3-1: new high-speed USB device number 53 using dummy_hcd
[  383.564438][T10799] batadv_slave_1: entered promiscuous mode
[  383.590431][T10799] batadv_slave_1: left promiscuous mode
[  383.687169][ T5898] usb 3-1: Using ep0 maxpacket: 8
[  383.694172][ T5898] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  383.715726][ T5898] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  383.735773][ T5898] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  383.756058][ T5898] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[  383.777129][ T5898] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  383.810703][ T5898] usb 3-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  383.837761][ T5898] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.844253][ T5898] usb 3-1: config 0 descriptor??
[  383.878190][T10794] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  384.342049][ T5953] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  384.508990][ T5953] usb 2-1: Using ep0 maxpacket: 32
[  384.519877][ T5953] usb 2-1: config 0 has an invalid interface number: 196 but max is 0
[  384.546360][ T5953] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  384.649297][ T5953] usb 2-1: config 0 has no interface number 0
[  384.655540][ T5953] usb 2-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 16
[  384.666052][ T5953] usb 2-1: config 0 interface 196 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  384.688428][ T5953] usb 2-1: config 0 interface 196 has no altsetting 0
[  384.704097][ T5953] usb 2-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a
[  384.719391][ T5953] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.734840][ T5953] usb 2-1: Product: syz
[  384.742570][ T5953] usb 2-1: Manufacturer: syz
[  384.751151][ T5953] usb 2-1: SerialNumber: syz
[  384.774667][ T5953] usb 2-1: config 0 descriptor??
[  384.794576][T10813] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  385.016733][ T5953] ipheth 2-1:0.196: Unable to find endpoints
[  385.033556][ T5953] usb 2-1: USB disconnect, device number 66
[  385.815133][T10836] loop4: detected capacity change from 0 to 7
[  385.832910][T10836] Dev loop4: unable to read RDB block 7
[  385.848790][T10836]  loop4: unable to read partition table
[  385.883995][T10836] loop4: partition table beyond EOD, truncated
[  385.962523][T10836] loop_reread_partitions: partition scan of loop4 (þ被xü—ŸÑà– ) failed (rc=-5)
[  385.972490][ T5828] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  387.066174][   T29] kauditd_printk_skb: 9 callbacks suppressed
[  387.066192][   T29] audit: type=1326 audit(1774077683.775:568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10853 comm="syz.0.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4ff9c799 code=0x7ffc0000
[  387.127148][   T29] audit: type=1326 audit(1774077683.775:569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10853 comm="syz.0.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7f4a4ff9c799 code=0x7ffc0000
[  387.130746][T10857] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1191'.
[  387.249841][   T29] audit: type=1326 audit(1774077683.775:570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10853 comm="syz.0.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4ff9c799 code=0x7ffc0000
[  387.322389][   T29] audit: type=1326 audit(1774077683.775:571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10853 comm="syz.0.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f4a4ff9c799 code=0x7ffc0000
[  387.348010][   T29] audit: type=1326 audit(1774077683.785:572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10853 comm="syz.0.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4ff9c799 code=0x7ffc0000
[  387.640258][   T29] audit: type=1326 audit(1774077683.805:573): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10858 comm="syz.0.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f4a4ff5cfce code=0x7ffc0000
[  387.945813][ T5876] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[  388.017289][   T29] audit: type=1326 audit(1774077683.805:574): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10853 comm="syz.0.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4ff9c799 code=0x7ffc0000
[  388.132240][ T5876] usb 1-1: no configurations
[  388.136946][ T5876] usb 1-1: can't read configurations, error -22
[  388.143579][   T29] audit: type=1326 audit(1774077683.805:575): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10853 comm="syz.0.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4a4ff9e007 code=0x7ffc0000
[  388.254698][   T29] audit: type=1326 audit(1774077683.805:576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10853 comm="syz.0.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a4ff9c799 code=0x7ffc0000
[  388.291662][ T5876] usb 1-1: new high-speed USB device number 61 using dummy_hcd
[  388.310754][   T29] audit: type=1326 audit(1774077683.865:577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10853 comm="syz.0.1191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4a4ff9c799 code=0x7ffc0000
[  388.372278][   T10] usb 4-1: new high-speed USB device number 57 using dummy_hcd
[  388.457869][ T5876] usb 1-1: no configurations
[  388.463200][ T5876] usb 1-1: can't read configurations, error -22
[  388.494821][ T5876] usb usb1-port1: attempt power cycle
[  388.554398][T10882] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  388.608159][   T10] usb 4-1: Using ep0 maxpacket: 32
[  388.689227][   T10] usb 4-1: config 0 has an invalid interface number: 196 but max is 0
[  388.697690][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  388.708429][   T10] usb 4-1: config 0 has no interface number 0
[  388.717810][   T10] usb 4-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 16
[  388.750462][   T10] usb 4-1: config 0 interface 196 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  388.805836][   T10] usb 4-1: config 0 interface 196 has no altsetting 0
[  388.880214][ T5876] usb 1-1: new high-speed USB device number 62 using dummy_hcd
[  388.920803][   T10] usb 4-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a
[  389.152026][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  389.161455][ T5876] usb 1-1: no configurations
[  389.170321][ T5876] usb 1-1: can't read configurations, error -22
[  389.183219][   T10] usb 4-1: Product: syz
[  389.189429][   T10] usb 4-1: Manufacturer: syz
[  389.195496][   T10] usb 4-1: SerialNumber: syz
[  389.215737][   T10] usb 4-1: config 0 descriptor??
[  389.241060][T10871] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  389.419600][ T5876] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[  389.465224][   T10] ipheth 4-1:0.196: Unable to find endpoints
[  389.492816][ T5876] usb 1-1: no configurations
[  389.498839][   T10] usb 4-1: USB disconnect, device number 57
[  389.506293][ T5876] usb 1-1: can't read configurations, error -22
[  389.526295][ T5876] usb usb1-port1: unable to enumerate USB device
[  390.046265][T10893] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1202'.
[  390.247123][T10899] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  391.163881][T10913] sctp: [Deprecated]: syz.2.1209 (pid 10913) Use of int in max_burst socket option.
[  391.163881][T10913] Use struct sctp_assoc_value instead
[  391.284681][T10913] team0 (unregistering): Port device team_slave_0 removed
[  391.303034][T10913] team0 (unregistering): Port device team_slave_1 removed
[  391.394147][T10917] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1210'.
[  391.419295][T10916] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1210'.
[  391.455933][T10920] loop6: detected capacity change from 0 to 2640
[  391.471866][T10584] Buffer I/O error on dev loop6, logical block 0, async page read
[  391.497167][T10584] Buffer I/O error on dev loop6, logical block 0, async page read
[  391.515403][T10584] Buffer I/O error on dev loop6, logical block 0, async page read
[  391.545726][T10584] Buffer I/O error on dev loop6, logical block 0, async page read
[  391.578876][T10584] Buffer I/O error on dev loop6, logical block 0, async page read
[  391.595247][T10924] fuse: Bad value for 'group_id'
[  391.612601][T10584] Buffer I/O error on dev loop6, logical block 0, async page read
[  391.633669][T10584] Buffer I/O error on dev loop6, logical block 0, async page read
[  391.633823][T10924] fuse: Bad value for 'group_id'
[  391.652951][T10584] Buffer I/O error on dev loop6, logical block 0, async page read
[  391.662900][T10925] ksmbd: Unknown IPC event: 4, ignore.
[  391.677864][T10584] ldm_validate_partition_table(): Disk read failed.
[  391.726984][T10584] Buffer I/O error on dev loop6, logical block 0, async page read
[  391.746254][T10584] Buffer I/O error on dev loop6, logical block 0, async page read
[  391.772344][T10584] Dev loop6: unable to read RDB block 0
[  391.782897][T10584]  loop6: unable to read partition table
[  391.797833][T10920] ldm_validate_partition_table(): Disk read failed.
[  391.812377][T10920] Dev loop6: unable to read RDB block 0
[  391.841317][T10920]  loop6: unable to read partition table
[  391.866082][T10920] loop_reread_partitions: partition scan of loop6 (3Ÿ¾‚³˜) failed (rc=-5)
[  393.168432][ T5898] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  393.181584][T10957] tap0: tun_chr_ioctl cmd 1074025678
[  393.193860][T10957] tap0: group set to 0
[  393.342048][ T5898] usb 2-1: unable to get BOS descriptor or descriptor too short
[  393.356668][ T5898] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  393.367905][ T5898] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  393.488168][ T5898] usb 2-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice=e1.40
[  393.500521][ T5898] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.547317][ T5898] usb 2-1: Product: syz
[  393.551589][ T5898] usb 2-1: Manufacturer: syz
[  393.556195][ T5898] usb 2-1: SerialNumber: syz
[  393.592904][ T5898] usb 2-1: selecting invalid altsetting 1
[  393.610748][ T5898] usb 2-1: unit 6 not found!
[  393.970240][T10953] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  393.979100][T10953] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  394.063437][T10972] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1224'.
[  394.149895][T10974] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  394.184364][T10974] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1)
[  394.208729][   T29] kauditd_printk_skb: 12 callbacks suppressed
[  394.208746][   T29] audit: type=1326 audit(1774077690.945:590): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10970 comm="syz.4.1224" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f33c199c799 code=0x0
[  394.831382][T10989] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  394.866588][T10989] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  394.903872][T10989] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  394.914276][T10989] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  396.840647][ T5898] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -22
[  396.845344][T11015] kAFS: unable to lookup cell ''
[  396.850167][   T29] audit: type=1326 audit(1774077693.575:591): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11009 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabfd79c799 code=0x7ffc0000
[  396.868710][T11015] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  396.983017][T11017] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  397.016269][ T5898] usb 2-1: USB disconnect, device number 67
[  397.020397][T11017] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  397.030184][   T29] audit: type=1326 audit(1774077693.575:592): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11009 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fabfd79c799 code=0x7ffc0000
[  397.051133][T10584] udevd[10584]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  397.094081][T11018] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  397.120725][   T29] audit: type=1326 audit(1774077693.575:593): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11009 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabfd79c799 code=0x7ffc0000
[  397.479998][   T29] audit: type=1326 audit(1774077693.575:594): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11009 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fabfd79c799 code=0x7ffc0000
[  397.534464][   T29] audit: type=1326 audit(1774077693.585:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11009 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabfd79c799 code=0x7ffc0000
[  397.591873][   T29] audit: type=1326 audit(1774077693.585:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11009 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fabfd79c799 code=0x7ffc0000
[  397.650984][   T29] audit: type=1326 audit(1774077693.585:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11009 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabfd79c799 code=0x7ffc0000
[  397.747231][   T29] audit: type=1326 audit(1774077693.585:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11009 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fabfd79c799 code=0x7ffc0000
[  397.807288][   T29] audit: type=1326 audit(1774077693.585:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11009 comm="syz.1.1234" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fabfd79c799 code=0x7ffc0000
[  397.866083][T11033] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1240'.
[  398.541702][T11053] netlink: 'syz.1.1243': attribute type 4 has an invalid length.
[  399.287402][ T5876] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  399.447313][ T5876] usb 4-1: Using ep0 maxpacket: 32
[  399.513634][ T5876] usb 4-1: unable to get BOS descriptor or descriptor too short
[  399.523783][ T5876] usb 4-1: config 0 has an invalid interface number: 203 but max is 0
[  399.538846][ T5876] usb 4-1: config 0 has no interface number 0
[  399.552420][ T5876] usb 4-1: config 0 interface 203 altsetting 2 endpoint 0xC has an invalid bInterval 248, changing to 7
[  399.579115][ T5876] usb 4-1: config 0 interface 203 has no altsetting 0
[  399.597694][ T5876] usb 4-1: New USB device found, idVendor=15a9, idProduct=0006, bcdDevice=82.21
[  399.618040][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.633710][ T5876] usb 4-1: Product: syz
[  399.643404][ T5876] usb 4-1: Manufacturer: syz
[  399.653716][ T5876] usb 4-1: SerialNumber: syz
[  399.666363][ T5876] usb 4-1: config 0 descriptor??
[  399.887530][ T5876] usb 4-1: USB disconnect, device number 58
[  400.082663][T11079] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  400.092665][T11079] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  400.202546][ T5898] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  400.369379][ T5898] usb 2-1: Using ep0 maxpacket: 16
[  400.376550][ T5898] usb 2-1: unable to get BOS descriptor or descriptor too short
[  400.391554][ T5898] usb 2-1: config 16 has an invalid interface number: 82 but max is 0
[  400.402308][ T5898] usb 2-1: config 16 has no interface number 0
[  400.412462][ T5898] usb 2-1: New USB device found, idVendor=03f0, idProduct=0207, bcdDevice= 0.01
[  400.422326][ T5898] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  400.430471][ T5898] usb 2-1: Product: syz
[  400.434800][ T5898] usb 2-1: Manufacturer: syz
[  400.441541][ T5898] usb 2-1: SerialNumber: syz
[  400.512187][T11089] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1253'.
[  400.622764][T11093] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1255'.
[  400.663054][ T5898] ums-usbat 2-1:16.82: USB Mass Storage device detected
[  400.752971][ T5898] usb 2-1: USB disconnect, device number 68
[  400.815276][T11099] input: syz1 as /devices/virtual/input/input30
[  400.831913][T11099] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1257'.
[  401.422526][T11119] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1264'.
[  401.877137][   T10] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  401.929729][T11132] veth1_to_team: mtu less than device minimum
[  402.159505][   T10] usb 2-1: device descriptor read/64, error -71
[  402.394329][T11147] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1270'.
[  402.407905][   T29] kauditd_printk_skb: 22 callbacks suppressed
[  402.407922][   T29] audit: type=1326 audit(1774077699.105:622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11142 comm="syz.3.1270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  402.477144][   T10] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[  402.534285][   T29] audit: type=1326 audit(1774077699.105:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11142 comm="syz.3.1270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  402.625919][   T29] audit: type=1326 audit(1774077699.105:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11142 comm="syz.3.1270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  402.658625][   T10] usb 2-1: device descriptor read/64, error -71
[  402.727000][   T29] audit: type=1326 audit(1774077699.105:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11142 comm="syz.3.1270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  402.750616][   T29] audit: type=1326 audit(1774077699.115:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11142 comm="syz.3.1270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  402.783945][   T10] usb usb2-port1: attempt power cycle
[  402.799815][   T29] audit: type=1326 audit(1774077699.125:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.3.1270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f7cd455cfce code=0x7ffc0000
[  402.824253][   T29] audit: type=1326 audit(1774077699.125:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11142 comm="syz.3.1270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7cd459e007 code=0x7ffc0000
[  402.866084][   T29] audit: type=1326 audit(1774077699.125:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11142 comm="syz.3.1270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  402.894395][   T29] audit: type=1326 audit(1774077699.125:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11142 comm="syz.3.1270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  402.930713][T11161] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  402.943848][T11161] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  402.952224][ T5876] usb 4-1: new high-speed USB device number 59 using dummy_hcd
[  402.968541][   T29] audit: type=1326 audit(1774077699.125:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11142 comm="syz.3.1270" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7cd459c799 code=0x7ffc0000
[  403.157343][   T10] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[  403.218790][   T10] usb 2-1: device descriptor read/8, error -71
[  403.229745][ T5876] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  403.240868][ T5876] usb 4-1: config 0 has no interfaces?
[  403.252169][ T5876] usb 4-1: New USB device found, idVendor=b486, idProduct=658a, bcdDevice=1d.30
[  403.267261][ T5876] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  403.293081][T11174] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  403.295843][ T5876] usb 4-1: Product: syz
[  403.313471][ T5876] usb 4-1: Manufacturer: syz
[  403.333819][ T5876] usb 4-1: SerialNumber: syz
[  403.355941][T11174] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  403.396244][ T5876] usb 4-1: config 0 descriptor??
[  403.459361][   T10] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[  403.917775][   T10] usb 2-1: device descriptor read/8, error -71
[  403.932852][T11184] loop5: detected capacity change from 0 to 7
[  403.970725][T11184] Dev loop5: unable to read RDB block 7
[  403.976465][T11184]  loop5: unable to read partition table
[  404.007546][T11184] loop5: partition table beyond EOD, truncated
[  404.016262][T11184] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[  404.043482][   T10] usb usb2-port1: unable to enumerate USB device
[  404.101463][T11174] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  404.129439][T11187] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1280'.
[  404.138561][T11187] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1280'.
[  404.340605][T11185] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  404.734723][T11174] iommufd_mock iommufd_mock1: Adding to iommu group 1
[  405.712486][T11210] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  405.722256][T11210] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  405.807915][ T5953] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[  405.959517][ T5953] usb 2-1: unable to get BOS descriptor or descriptor too short
[  405.972774][ T5953] usb 2-1: config 129 has an invalid interface number: 135 but max is 0
[  405.981283][ T5953] usb 2-1: config 129 has an invalid interface number: 5 but max is 0
[  405.989688][ T5953] usb 2-1: config 129 has 2 interfaces, different from the descriptor's value: 1
[  405.999006][ T5953] usb 2-1: config 129 has no interface number 0
[  406.005304][ T5953] usb 2-1: config 129 has no interface number 1
[  406.011729][ T5953] usb 2-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 5
[  406.025238][ T5953] usb 2-1: too many endpoints for config 129 interface 5 altsetting 7: 37, using maximum allowed: 30
[  406.027163][ T5898] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[  406.036312][ T5953] usb 2-1: config 129 interface 5 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 37
[  406.057565][ T5953] usb 2-1: config 129 interface 135 has no altsetting 0
[  406.064527][ T5953] usb 2-1: config 129 interface 5 has no altsetting 0
[  406.075992][ T5953] usb 2-1: string descriptor 0 read error: -22
[  406.082407][ T5953] usb 2-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.00
[  406.091612][ T5953] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.130881][ T5953] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[  406.144650][ T5953] usb 2-1: MIDIStreaming interface descriptor not found
[  406.164776][   T30] usb 4-1: USB disconnect, device number 59
[  406.202008][ T5898] usb 1-1: Using ep0 maxpacket: 8
[  406.213143][ T5898] usb 1-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  406.261523][ T5898] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.274396][ T5898] usb 1-1: Product: syz
[  406.279987][ T5898] usb 1-1: Manufacturer: syz
[  406.284858][ T5898] usb 1-1: SerialNumber: syz
[  406.292721][ T5898] usb 1-1: config 0 descriptor??
[  406.335341][ T5898] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  406.361947][T11217] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1290'.
[  406.371246][T11217] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1290'.
[  406.381987][T11217] netlink: 'syz.3.1290': attribute type 5 has an invalid length.
[  406.390041][T11217] netlink: 43 bytes leftover after parsing attributes in process `syz.3.1290'.
[  406.404052][T11206] binder: 11204:11206 ioctl c0306201 200000000680 returned -14
[  406.414445][   T24] usb 2-1: USB disconnect, device number 73
[  407.694940][T11237] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1294'.
[  407.724594][T11237] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1294'.
[  407.753951][T11237] netlink: 'syz.4.1294': attribute type 14 has an invalid length.
[  407.807272][ T5953] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[  407.977254][ T5953] usb 2-1: Using ep0 maxpacket: 32
[  407.986185][ T5953] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  408.000458][ T5953] usb 2-1: config 0 has no interface number 0
[  408.013933][ T5953] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  408.030307][ T5953] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.045996][ T5953] usb 2-1: Product: syz
[  408.054613][ T5953] usb 2-1: Manufacturer: syz
[  408.060630][   T29] kauditd_printk_skb: 16 callbacks suppressed
[  408.060645][   T29] audit: type=1804 audit(1774077704.795:648): pid=11243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1297" name="/newroot/311/file1" dev="fuse" ino=1 res=1 errno=0
[  408.090595][ T5953] usb 2-1: SerialNumber: syz
[  408.105318][ T5953] usb 2-1: config 0 descriptor??
[  408.125217][ T5953] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  408.341612][ T5953] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  408.466463][ T5953] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  408.527890][T11253] =======================================================
[  408.527890][T11253] WARNING: The mand mount option has been deprecated and
[  408.527890][T11253]          and is ignored by this kernel. Remove the mand
[  408.527890][T11253]          option from the mount to silence this warning.
[  408.527890][T11253] =======================================================
[  408.743767][T11231] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  408.752668][T11231] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  408.761486][    C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[  408.770460][ T5953] usb 2-1: USB disconnect, device number 74
[  408.780807][ T5953] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  408.795511][ T5953] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  408.836290][ T5953] quatech2 2-1:0.51: device disconnected
[  408.894943][ T5898] gspca_sonixj: reg_w1 err -71
[  408.969874][ T5898] sonixj 1-1:0.0: probe with driver sonixj failed with error -71
[  408.991619][ T5898] usb 1-1: USB disconnect, device number 65
[  409.332002][   T29] audit: type=1326 audit(1774077706.065:649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11256 comm="syz.2.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  409.366527][   T29] audit: type=1326 audit(1774077706.085:650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11256 comm="syz.2.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  409.391359][   T29] audit: type=1326 audit(1774077706.085:651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11256 comm="syz.2.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  409.417201][   T29] audit: type=1326 audit(1774077706.085:652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11256 comm="syz.2.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  409.437863][T11261] loop5: detected capacity change from 0 to 7
[  409.440911][   T29] audit: type=1326 audit(1774077706.085:653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11256 comm="syz.2.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  409.468038][T11261] Dev loop5: unable to read RDB block 7
[  409.473969][T11261]  loop5: unable to read partition table
[  409.490982][T11263] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1300'.
[  409.506549][T11261] loop5: partition table beyond EOD, truncated
[  409.517191][T11261] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[  409.538193][   T29] audit: type=1326 audit(1774077706.085:654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11256 comm="syz.2.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  409.570890][   T29] audit: type=1326 audit(1774077706.265:655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11262 comm="syz.2.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fad1175cfce code=0x7ffc0000
[  409.598097][   T29] audit: type=1326 audit(1774077706.325:656): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11256 comm="syz.2.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  409.654251][T11269] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  409.668554][   T29] audit: type=1326 audit(1774077706.325:657): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11256 comm="syz.2.1300" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fad1179c799 code=0x7ffc0000
[  409.731535][T11269] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  409.907200][ T5953] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[  410.349414][ T5953] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  410.365222][ T5953] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  410.457188][ T5953] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.80
[  410.485450][ T5953] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  410.538310][ T5953] usb 1-1: config 0 descriptor??
[  410.606771][T11285] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1307'.
[  410.648617][T11285] vlan2: entered allmulticast mode
[  410.653773][T11285] bridge2: entered allmulticast mode
[  410.954518][ T5953] cp2112 0003:10C4:EA90.0016: unknown main item tag 0x0
[  410.978051][ T5953] cp2112 0003:10C4:EA90.0016: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0
[  411.134047][ T5876] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  411.176626][ T5953] cp2112 0003:10C4:EA90.0016: Part Number: 0x82 Device Version: 0xFE
[  411.299666][T11291] loop4: detected capacity change from 0 to 7
[  411.307173][T11291] Dev loop4: unable to read RDB block 7
[  411.312961][T11291]  loop4: unable to read partition table
[  411.321081][T11291] loop4: partition table beyond EOD, truncated
[  411.334129][T11291] loop_reread_partitions: partition scan of loop4 (þ被xü—ŸÑà– ) failed (rc=-5)
[  411.343585][ T5876] usb 4-1: Using ep0 maxpacket: 16
[  411.361438][ T5876] usb 4-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice= 0.02
[  411.390476][ T5876] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=3
[  411.406468][ T5876] usb 4-1: Manufacturer: syz
[  411.411870][ T5876] usb 4-1: SerialNumber: syz
[  411.430297][ T5876] usb 4-1: config 0 descriptor??
[  411.442646][ T5876] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  411.453342][ T5876] usb 4-1: Detected SIO
[  411.462782][ T5876] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  411.816554][ T5953] cp2112 0003:10C4:EA90.0016: error reading lock byte: -32
[  411.897801][ T5953] usb 1-1: USB disconnect, device number 66
[  412.327161][ T5898] usb 2-1: new high-speed USB device number 75 using dummy_hcd
[  412.502621][ T5898] usb 2-1: Using ep0 maxpacket: 32
[  412.510262][ T5898] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  412.518682][ T5898] usb 2-1: config 0 has no interface number 0
[  412.542397][ T5898] usb 2-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=93.d8
[  412.568040][ T5898] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  412.587267][ T5898] usb 2-1: Product: syz
[  412.591449][ T5898] usb 2-1: Manufacturer: syz
[  412.607365][ T5898] usb 2-1: SerialNumber: syz
[  412.780226][ T5898] usb 2-1: config 0 descriptor??
[  412.917140][   T30] usb 1-1: new full-speed USB device number 67 using dummy_hcd
[  412.950649][ T5898] usb 2-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  412.977488][ T5898] usb 2-1: selecting invalid altsetting 1
[  413.000416][ T5898] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  413.043843][ T5898] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  413.059354][T11310] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  413.069374][T11310] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  413.071716][T11324] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  413.108739][   T30] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  413.121640][ T5898] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  413.132875][   T30] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  413.133004][T11324] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  413.152116][ T5898] usb 2-1: media controller created
[  413.176264][   T30] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  413.216514][ T5898] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  413.225623][   T30] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  413.247183][   T30] usb 1-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  413.258387][   T30] usb 1-1: New USB device strings: Mfr=1, Product=34, SerialNumber=3
[  413.267016][   T30] usb 1-1: Product: syz
[  413.274003][   T30] usb 1-1: Manufacturer: syz
[  413.310804][   T30] usb 1-1: SerialNumber: syz
[  413.346350][   T30] usb 1-1: config 0 descriptor??
[  413.601130][   T30] rc_core: IR keymap rc-imon-rsc not found
[  413.608948][   T30] Registered IR keymap rc-empty
[  413.615484][   T30] rc rc0: iMON Station as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  413.632063][   T30] input: iMON Station as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input31
[  413.646444][ T5898] usb 2-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  413.662142][ T5898] zl10353_read_register: readreg error (reg=127, ret==-71)
[  413.671730][   T30] imon_raw 1-1:0.0: probe with driver imon_raw failed with error -90
[  413.681462][ T5898] usb 2-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  413.717264][   T30] usb 1-1: USB disconnect, device number 67
[  413.727368][   T31] INFO: task kworker/1:4:5903 blocked for more than 143 seconds.
[  413.743126][   T31]       Tainted: G             L      syzkaller #0
[  413.768340][   T31] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  413.782369][   T31] task:kworker/1:4     state:D stack:21568 pid:5903  tgid:5903  ppid:2      task_flags:0x4288060 flags:0x00080000
[  413.798736][ T5898] usb 2-1: USB disconnect, device number 75
[  413.810818][   T31] Workqueue: usb_hub_wq hub_event
[  413.815912][   T31] Call Trace:
[  413.835591][   T31]  <TASK>
[  413.843774][   T31]  __schedule+0x15dd/0x52d0
[  413.851225][   T31]  ? __pfx___schedule+0x10/0x10
[  413.858646][   T31]  ? schedule+0x90/0x360
[  413.866973][   T31]  schedule+0x164/0x360
[  413.871942][   T31]  schedule_timeout+0xc3/0x2c0
[  413.876863][   T31]  ? __pfx_schedule_timeout+0x10/0x10
[  413.883181][   T31]  ? do_raw_spin_lock+0x12b/0x2f0
[  413.889766][   T31]  ? _raw_spin_unlock_irq+0x23/0x50
[  413.895449][   T31]  ? wait_for_completion+0x274/0x5e0
[  413.901843][T11334] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  413.913661][   T31]  wait_for_completion+0x2cc/0x5e0
[  413.920455][   T31]  ? __pfx_wait_for_completion+0x10/0x10
[  413.926188][T11334] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  413.934512][   T31]  i2c_del_adapter+0x5c0/0x790
[  413.939677][   T31]  ? lockdep_hardirqs_on+0x7a/0x110
[  413.946048][   T31]  ? __pfx_i2c_del_adapter+0x10/0x10
[  413.958496][   T31]  ? kfree+0x1c1/0x630
[  413.962845][   T31]  dvb_usb_i2c_exit+0x64/0xb0
[  413.968381][   T31]  dvb_usb_device_exit+0x1cb/0x360
[  413.974059][   T31]  ? _raw_spin_unlock_irq+0x2e/0x50
[  413.980669][   T31]  ? usb_hcd_flush_endpoint+0x41f/0x440
[  413.987382][   T31]  ? __pfx_dvb_usb_device_exit+0x10/0x10
[  413.993045][   T31]  ? usb_disable_interface+0x316/0x350
[  413.999027][   T31]  usb_unbind_interface+0x26e/0x910
[  414.004337][   T31]  ? __pfx_usb_unbind_interface+0x10/0x10
[  414.010597][   T31]  device_release_driver_internal+0x4d9/0x860
[  414.016774][   T31]  bus_remove_device+0x34d/0x440
[  414.022269][   T31]  device_del+0x527/0x8f0
[  414.026700][   T31]  ? __pfx_device_del+0x10/0x10
[  414.031896][   T31]  ? kobject_put+0x51d/0x560
[  414.037203][   T31]  usb_disable_device+0x3d4/0x8d0
[  414.042371][   T31]  usb_disconnect+0x32f/0x990
[  414.046286][ T5876] usb 4-1: USB disconnect, device number 60
[  414.047669][   T31]  hub_event+0x1cc9/0x4f30
[  414.058339][ T5876] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  414.069237][ T5876] ftdi_sio 4-1:0.0: device disconnected
[  414.086423][   T31]  ? __kasan_slab_free+0x5c/0x80
[  414.094853][   T31]  ? kfree+0x1c1/0x630
[  414.101575][   T31]  ? __lock_acquire+0x6b5/0x2cf0
[  414.108039][   T31]  ? __pfx_hub_event+0x10/0x10
[  414.113526][   T31]  ? process_scheduled_works+0xa8d/0x18c0
[  414.122079][   T31]  ? process_scheduled_works+0xa8d/0x18c0
[  414.132066][   T31]  process_scheduled_works+0xb6e/0x18c0
[  414.139622][   T31]  ? __pfx_process_scheduled_works+0x10/0x10
[  414.145644][   T31]  ? assign_work+0x3d5/0x5e0
[  414.150393][   T31]  worker_thread+0xa53/0xfc0
[  414.155148][   T31]  kthread+0x388/0x470
[  414.159273][   T31]  ? __pfx_worker_thread+0x10/0x10
[  414.164611][   T31]  ? __pfx_kthread+0x10/0x10
[  414.169304][   T31]  ret_from_fork+0x51e/0xb90
[  414.174067][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  414.179336][   T31]  ? __switch_to+0xc7d/0x1450
[  414.184199][   T31]  ? __pfx_kthread+0x10/0x10
[  414.188900][   T31]  ret_from_fork_asm+0x1a/0x30
[  414.193860][   T31]  </TASK>
[  414.196965][   T31] 
[  414.196965][   T31] Showing all locks held in the system:
[  414.210350][   T31] 1 lock held by khungtaskd/31:
[  414.222981][   T31]  #0: ffffffff8e75e520 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  414.233238][   T31] 2 locks held by kworker/u8:9/1118:
[  414.264905][   T31]  #0: ffff88801d796948 ((wq_completion)iou_exit){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  414.281785][   T31]  #1: ffffc90004d4fc40 ((work_completion)(&ctx->exit_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  414.306153][   T31] 2 locks held by getty/5584:
[  414.311384][   T31]  #0: ffff888036b820a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  414.321517][   T31]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x45c/0x13c0
[  414.332130][   T31] 5 locks held by kworker/1:4/5903:
[  414.337650][   T31]  #0: ffff8880216d6148 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0xa52/0x18c0
[  414.349474][   T31]  #1: ffffc900043d7c40 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0xa8d/0x18c0
[  414.362024][   T31]  #2: ffff888029739198 (&dev->mutex){....}-{4:4}, at: hub_event+0x17f/0x4f30
[  414.371526][   T31]  #3: ffff88807a8ef198 (&dev->mutex){....}-{4:4}, at: usb_disconnect+0xf8/0x990
[  414.381364][   T31]  #4: ffff88807997b160 (&dev->mutex){....}-{4:4}, at: device_release_driver_internal+0xb6/0x860
[  414.392354][   T31] 1 lock held by syz.4.1321/11335:
[  414.397777][   T31] 
[  414.400112][   T31] =============================================
[  414.400112][   T31] 
[  414.425800][   T31] NMI backtrace for cpu 1
[  414.425818][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  414.425841][   T31] Tainted: [L]=SOFTLOCKUP
[  414.425847][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  414.425857][   T31] Call Trace:
[  414.425864][   T31]  <TASK>
[  414.425871][   T31]  dump_stack_lvl+0xe8/0x150
[  414.425901][   T31]  nmi_cpu_backtrace+0x274/0x2d0
[  414.425926][   T31]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  414.425951][   T31]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  414.425978][   T31]  sys_info+0x135/0x170
[  414.426000][   T31]  watchdog+0xfd9/0x1030
[  414.426029][   T31]  ? watchdog+0x21a/0x1030
[  414.426061][   T31]  kthread+0x388/0x470
[  414.426079][   T31]  ? __pfx_watchdog+0x10/0x10
[  414.426102][   T31]  ? __pfx_kthread+0x10/0x10
[  414.426120][   T31]  ret_from_fork+0x51e/0xb90
[  414.426146][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  414.426167][   T31]  ? __switch_to+0xc7d/0x1450
[  414.426190][   T31]  ? __pfx_kthread+0x10/0x10
[  414.426209][   T31]  ret_from_fork_asm+0x1a/0x30
[  414.426255][   T31]  </TASK>
[  414.426262][   T31] Sending NMI from CPU 1 to CPUs 0:
[  414.543784][    C0] NMI backtrace for cpu 0
[  414.543810][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  414.543832][    C0] Tainted: [L]=SOFTLOCKUP
[  414.543838][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  414.543848][    C0] RIP: 0010:pv_native_safe_halt+0xf/0x20
[  414.543871][    C0] Code: 8e 6c 02 c3 cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d e3 f2 1a 00 fb f4 <e9> fc e9 02 00 cc cc cc cc cc cc cc cc cc cc cc cc 90 90 90 90 90
[  414.543886][    C0] RSP: 0018:ffffffff8e407dc0 EFLAGS: 00000242
[  414.543901][    C0] RAX: 0000000000726375 RBX: ffffffff819a900a RCX: 0000000080000001
[  414.543918][    C0] RDX: 0000000000000001 RSI: ffffffff8def7890 RDI: ffffffff8c27c200
[  414.543929][    C0] RBP: ffffffff8e407eb0 R08: ffff8880b863395b R09: 1ffff110170c672b
[  414.543941][    C0] R10: dffffc0000000000 R11: ffffed10170c672c R12: 0000000000000000
[  414.543952][    C0] R13: 1ffffffff1c929d8 R14: 0000000000000000 R15: 1ffffffff1c929d8
[  414.543964][    C0] FS:  0000000000000000(0000) GS:ffff88812545d000(0000) knlGS:0000000000000000
[  414.543976][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  414.543987][    C0] CR2: 00007f33c1be92f8 CR3: 00000000796f2000 CR4: 00000000003526f0
[  414.544002][    C0] Call Trace:
[  414.544009][    C0]  <TASK>
[  414.544016][    C0]  default_idle+0x9/0x20
[  414.544036][    C0]  default_idle_call+0x72/0xb0
[  414.544057][    C0]  do_idle+0x36a/0x5f0
[  414.544078][    C0]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  414.544098][    C0]  ? __pfx_do_idle+0x10/0x10
[  414.544123][    C0]  cpu_startup_entry+0x43/0x60
[  414.544144][    C0]  rest_init+0x2de/0x300
[  414.544166][    C0]  start_kernel+0x385/0x3d0
[  414.544184][    C0]  x86_64_start_reservations+0x24/0x30
[  414.544206][    C0]  x86_64_start_kernel+0x143/0x1c0
[  414.544227][    C0]  common_startup_64+0x13e/0x147
[  414.544250][    C0]  </TASK>
[  414.733904][   T31] Kernel panic - not syncing: hung_task: blocked tasks
[  414.741602][   T31] CPU: 1 UID: 0 PID: 31 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  414.752316][   T31] Tainted: [L]=SOFTLOCKUP
[  414.756658][   T31] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  414.766831][   T31] Call Trace:
[  414.770114][   T31]  <TASK>
[  414.773251][   T31]  vpanic+0x56c/0xa60
[  414.777239][   T31]  ? __pfx___schedule+0x10/0x10
[  414.782170][   T31]  ? __pfx_vpanic+0x10/0x10
[  414.786682][   T31]  ? __pfx_console_unlock+0x10/0x10
[  414.791883][   T31]  panic+0xc5/0xd0
[  414.795646][   T31]  ? __pfx_panic+0x10/0x10
[  414.800057][   T31]  ? preempt_schedule_thunk+0x16/0x30
[  414.805428][   T31]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  414.811610][   T31]  watchdog+0x1023/0x1030
[  414.815971][   T31]  ? watchdog+0x21a/0x1030
[  414.820426][   T31]  kthread+0x388/0x470
[  414.824490][   T31]  ? __pfx_watchdog+0x10/0x10
[  414.829159][   T31]  ? __pfx_kthread+0x10/0x10
[  414.833738][   T31]  ret_from_fork+0x51e/0xb90
[  414.838424][   T31]  ? __pfx_ret_from_fork+0x10/0x10
[  414.843633][   T31]  ? __switch_to+0xc7d/0x1450
[  414.848309][   T31]  ? __pfx_kthread+0x10/0x10
[  414.852897][   T31]  ret_from_fork_asm+0x1a/0x30
[  414.857688][   T31]  </TASK>
[  414.860991][   T31] Kernel Offset: disabled
[  414.865307][   T31] Rebooting in 86400 seconds..