last executing test programs:

12.890495987s ago: executing program 2 (id=2123):
socket$nl_generic(0x10, 0x3, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x22042, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000140), 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000040)={0x0, 0x0}, 0x8)
sendmmsg(r2, &(0x7f0000001c00), 0x400000000000159, 0x40840)

11.565192953s ago: executing program 2 (id=2130):
prctl$PR_MCE_KILL(0x21, 0x0, 0x1)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f00000004c0)=@security={'security\x00', 0xe, 0x4, 0x2ac, 0xffffffff, 0x0, 0xb4, 0x0, 0xffffffff, 0xffffffff, 0x268, 0x268, 0x268, 0xffffffff, 0x4, 0x0, {[{{@ip={@rand_addr=0x64010102, @empty, 0xffffff00, 0xffffffff, 'wlan0\x00', 'pimreg1\x00', {0x13dc988d2fac9939}, {0xff}, 0x13, 0x2, 0x51}, 0x0, 0x90, 0xb4, 0x0, {}, [@common=@socket0={{0x20}}]}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @dev={0xac, 0x14, 0x14, 0xf}, 0xffffff00, 0x0, 'bond_slave_0\x00', 'caif0\x00', {}, {0xff}, 0x2f, 0x1, 0x19}, 0x0, 0x70, 0xcc}, @common=@CLUSTERIP={0x5c, 'CLUSTERIP\x00', 0x0, {0x0, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, 0x800, 0x1, [0xc, 0x31, 0x28, 0x24, 0x2, 0x2f, 0x3a, 0x5, 0x3c, 0x23, 0x3e, 0x15, 0x22, 0x32, 0x1a, 0xf], 0x2, 0xd8, 0x9}}}, {{@ip={@local, @private=0xa010100, 0xffffffff, 0xffffffff, 'ipvlan0\x00', 'vlan0\x00', {}, {}, 0x84, 0x2, 0x20}, 0x0, 0x70, 0x98}, @common=@unspec=@MARK={0x28, 'MARK\x00', 0x2, {0xe, 0x8}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x308)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101000, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_CLOCK(r2, 0x4048aec9, &(0x7f0000000040)={0x6, 0x0, 0x2000000, 0x2000000, 0x40002})
userfaultfd(0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
bind$rds(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000140), 0x1, 0x80)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
r3 = syz_io_uring_setup(0x81d, &(0x7f0000000480)={0x0, 0x0, 0x10, 0x0, 0x34b}, &(0x7f0000000100)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000380)={0x1, &(0x7f0000000200)=[{0x5, 0x0, 0x0, 0x5}]}, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r3, 0x47bc, 0x0, 0x21, 0x0, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION2(r2, 0x40a0ae49, &(0x7f00000003c0)={0x1fd, 0x1, 0x4000, 0x2000, &(0x7f00002bd000/0x2000)=nil, 0x85})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$KDSKBSENT(r8, 0x4b49, &(0x7f0000000ac0)={0x8, "98e3461f7a7ea1d1c418575f9eba60d1169737914731b8577fed534aa215214b00c8b1d868c0d7835f9dda08e828d051f9cbae19d36262d5b4cad589d4c0b4d6ccd0ddf1fc9158575e0fa240887924d9b055927ae6d2be361dafd10c2b3f8c103bd65a950846639466ca28484cb41173fcc2c865f6393224509339cfee4be13faf698bca93ab353636e77a06537f07f1ec55644aa68cd61a3eb46ca1e4a14824a70eecc78990c1901924310e1e81259066a4112c3cc8568ea34ef462861ba971e88367b499b4a481e0e859e9037c8e5e7f6c85560c59aa0ab31421ff6a9bfdccba0b9cbd0c79754b83aaf5042b5d905483f2cb7bc798920d038b46fc0d2268eb7c56523632bbcdc4a7ded22e4967dca9f6dc676446a8995859cbf256babbcdcdf7d96e0cdafc0a06d107eed1d2651cb34f878c500b0b2cb9e96784cdfd09fb93d705380cfe5bf9460919bb473a7a8d14810a409c1628b945a9c6b9b8df6748bd68090c75cce9e252a1a9da5b8517c388e49aeff3d20f6b9f8d34b6d0462d9ad276e22e4c9aa35a4fb008f441f1606288e56272fc8a98509e0415f95fc8b3f14eb84c16c0bab83b33c60c9d74368719c6c43139691a5cc20211ae28f9b9cbde625d434fb72ea211ff2b46474e6846f3d69cb2ce822c9a7e397975821c04ebd522bd7767c0a6f6c2916f4403366b0a423c913407ad5e71b5b3796f2606fc81b073"})
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000009c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xc}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x4}, @NFTA_SET_ELEM_TIMEOUT={0xc, 0x4, 0x1, 0x0, 0x4fe6edda}]}]}]}], {0x14, 0x10}}, 0xc4}}, 0x0)
sendmsg$nl_route(r6, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="280000001e000100000000000000000007fc"], 0x28}}, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[@ANYBLOB="12011003020000182505a1a44000010203010902bf0002010650000900000000020d00000524060001082400a90000000000000000000300ff000606241a05001407240a050905580c240c00000000a90c090003042402020424"], 0x0)
r9 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r9, 0x8983, &(0x7f00000000c0)={0x0, 'ip6gre0\x00', {0xfa}})
syz_usb_connect(0x3, 0xf5, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402", @ANYRESOCT=r2], 0x0)

8.922309777s ago: executing program 0 (id=2143):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x34f2abf5, 0x0)
r1 = io_uring_setup(0x2675, 0x0)
io_uring_register$IORING_REGISTER_FILES2(r1, 0xf, &(0x7f0000000040)={0x46, 0x1, 0x0, 0x0, 0x0}, 0x20)
ioctl$VIDIOC_LOG_STATUS(r0, 0x5646, 0x0)
r2 = socket(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r5)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r6, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x2, {0x0, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7fffffff, 0x1}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000680)=@newtfilter={0xfffffffffffffd65, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0xc}, {0xfffb}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0x34, 0x2, [@TCA_BPF_ACT={0x30, 0x1, [@m_xt={0x2c, 0xd, 0x0, 0x0, {{0x7}, {0x4}, {0x4}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x60}}, 0x0)
sendmmsg$alg(r2, &(0x7f0000000140), 0x4924b68, 0x0)
capset(&(0x7f0000000180)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r7, 0x0, 0x60, 0x0, 0x0)
ioctl$VIDIOC_TRY_DECODER_CMD(r0, 0xc0585605, &(0x7f0000000100)={0x1, 0x1, @raw_data=[0x0, 0x0, 0x1013, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x20000000]})
r8 = memfd_create(&(0x7f0000000500)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf#2\x99\x1e\xa1`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\f<\x8f\xc1\x99\x89r\xe1?\xbdu\x98\xc3\xf8\xd2Q#\xc6g\xa0\x85\xd6G\x85\x11X\x8d,\x02\xd45\xb8\xca\x97\x9d\xcb\x1e\x80\xd6\xd5>N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x8aog\x87BR\x9d\xad\xd4FcB\xda\x95\xc3\xdd\x9d\x8f\x1a\xce\x18\x80\"j\xe1\xba\x1e\x97uX\xccv\xd6\vcz\x92A^\xbc\xceF\xf7\xe5:\xaf\xc5~\xbcJ e\r\x88c\x9d\xb92\xb6i4zq\xb3c\x0f\xb2t\x93\xf2E6b\xfa\xcdJ5\xe3W]`4\xd8D\x05\v\xfc)\xca\xedQ\xd0]Ot\'\xc2tDF\xf9\xa7\xb5(\x83\xa5\x0f\x1d\x1d\x06Dg\x13>\x19\xe85#\aaT\x89=\x104\xd5\x85l\x96\x91\xea\x172P\xb3:\xadZ\xbc\xbe\x00\xf0\x14\x96\xd9M\xd7\x88QZs\xb2\xe1+$jfQodH\x05/y`~7\x16\x02\x00(v\xe6`\"6\xfcgC\xb5\xf0\x13.zj\xc5bj+@\x00\x00\x00\x00\x00\x00\x00.\xd4`=z\xd1n\x8d\x8f\xa5hS\x8e[\xb3\xa3\x87\xb9\xe2_Z\x11\xef\xc2]V\xf3\x03\x94\xb9\xe1\xa68\x8d\\\xe5\xef\xacpM\xf0\xa6\x04\x10\xb7\xc0t\x83\\\xf7\x12k\x9f\x10\xd5Z\x19\xc1\xc1\x80\\o\x97\xce=U\xdd\xaa\x1b\x05\x14\x13\xa6\xbd#\xde\x04\xe6$\xec$3\xf6\x97\xc6\xeaSL\xb7A72M\x88k@\xe5\xa3\n&\x1e\xc84\xa9\xe2\xccM\x906\x95xQ-2p\xd62\'\xec\x0f\x13;I\x95fE_\r\xe7\t!A\x05\xe4\x8f\x9e0\xf8/T\x18\xf7\xa1\x9f\xde1\xd5\x80<\xf5\b\xa9\xec\x85\xaeW\xb3\xd8#)bn \xfb\xf2\x88\xfaR\xff\xdd\x80\x96_\xec5\xf0\x1c\a\x8a\x80\x00@=\r8u+%f:\x1e\x82\xfap\xf6\x89\xea\xba\xe3\xbbM%F\xdb\\\xd1eJJ*\xc67\xca\x03\xa3\xf7(\xbb\xecN\xd4\xe7\xf2:u\x8a\b\xd5\v\xca\xfd\\\xd6\xe3\x05\xb3\x03\xd5\xe0\xd2\xf2{\'\x8b\xdf\xa1\xbe}\xb2\xe4y\xbb\xe6\x1f\x10c\xf5WQ\x82\x04\x01C\x83,\x90\x1a\xfa\x8e\x17\x89\xe2\xedX\x8d\rmq\t\xb5$\xb4\x9b\x92z\xd6/-\x13,\xb5%\x8eM/\x04\xa7\x7f\x1b\x85\xf1\xa4X\x17\xbb\x1cR14\xfb!\b\x10\xe8\xb2\xd41gK\xe4\xea\xe39d\bL\xe5\x1b\xbd[\x9bWD:\r&\xe9\vn^\xcc\x86\xe3\xce1>3{\xaa{\xbd0P\x9f\xa68\xf5\x82\xb8\x9aD\x9c{\xe6\xf8\xcbD\xb5aJ\xb0\x92\x89\xbc\x82\x1ch\x89\xe7\xdd]q,\xec\xc4\xa5\x93\xe5,\x0e,>/\xaf|\xf0\x01V\x7f\xc9?\xba\x16\xe4$+}5dy\xb1\xef\xf1m\xa5\x94d9\xaf\xcfq\x8b=\x026\xef\r\x91\x18\xc5\xb6\xb9fM\x8ayZ\xbcd\xa5\x8a\x88\x98\xc3\xfc`\xa6\xba\x1f\x17\v$\x88g\xb4\xad\b\xc1\xddW\xa6\xc1\xb7\xb0\xa3\x84Q\x13GoU\xe2\xb7\x03\x9c\xd5\x0f\xa8\x0ef\"\x15\x82\xe7\xbd\xf8\xca\x10f\xfe6h\xe9\xc3\xc2\xa0O:\xac~\x1a\xf7\xbeF\xbe\xe5\xf0\x81\xd6&\xc0<Q8\xbeX\xde\xd6 \xef\x0e\xc2.\x9c=1\x15d\xddIv\x0fh\xe6M(D\xad\xeb\xcfX8\xb9\x8d\xbe(\xd3\x16?x\xbd@\x0f\xf5\xdb\xeb\xd7i*\xea\x86JX\xff;\x96\xbb\xa7\xa8u5R\xa2,\xba\xbc\x01\x12\xb3q,\x9d\xf8\xbdb`\xb3\xc6\x0f\xb3\xac\xc7\xa4O@\x81\xfc\x1a4$\x885\x97\xa9|\x99\x86*.\xda\x96RQ\xe5\xb1\xef\xb7\x10\x99\xd4\xa7\b\xcd\xe9\xa5\xf6wR\xc1\xdfH).\a\x9a\xab\x9e&+\xc4#\x90\xc9%\xb9\xd7o\x86\x13\a\xc0\x01w9u6\xdd\x9fJ^o\x1d\xda\x11?\xc1\xf5\xf7\xff\xec\x916\xceQ\xcfU\x035\x96\x8f\xc7\x84\"2\xef\x02\xcf\a+\x8a\xd1\x11\xb5\xa8\x92\f\xb3R\",\xfc!_&pD\xeb5\xc6\xc8\xff2\xee\x14\x83\x14l\x04\x80\xaa7\x80\xf1\x18\xf5\xa5\xd23\xe5\b\x00\xe8\x9c\xd4\xd0\a\x93#\xb9Z\xc0y\x97<\xe5i\xe9\xe4\xb02Cu\xe1d\r\x0e\xc1\xf1\x81^\xa7\xffz)\x19U\xe5\xd4\xf5@O#W\x8a\xbb3c+\n\x97\xa6\xf7\x90$\xd6*\xd0\x1b\x10\xe4HM:XO\x1b\rx\xc7\x12|\x7fN\xc9\xf9i\xe4\xe5-\x9b\xe407\x9d\xe8\xc6\x90\x9f_Jf\x05\r\x1b\x9af\v\xbcv\x83\xf3j\xaf\xd0F', 0x1)
write$binfmt_script(r8, &(0x7f0000000280)={'#! ', './file0/file0'}, 0x11)
r9 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
open_tree(r2, &(0x7f0000000180)='.\x00', 0x1800)
pwritev(r9, &(0x7f0000000600)=[{&(0x7f0000000240)="02000000", 0x1b}, {&(0x7f0000000280)="f697079a161cfb7702311e629acda76933ddd0c24174eb4d4d28f9", 0x4}, {&(0x7f0000000340)="527302587e0a4e47ad", 0x9}], 0x3, 0x0, 0x0)
execveat(r8, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r0, 0xc040564a, &(0x7f0000000040)={0xb, 0x0, 0x2010, 0x7, 0x7f, 0xa, 0x3})

8.65770326s ago: executing program 0 (id=2146):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
unshare(0x22020600)
r3 = openat$procfs(0xffffff9c, &(0x7f0000000000)='/proc/tty/drivers\x00', 0x0, 0x0)
inotify_add_watch(r3, 0x0, 0x20)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r2, 0x0, 0x10)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffff}, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
chdir(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x88000, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r4, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f00000018c0)={'team0\x00', <r7=>0x0})
r8 = syz_open_procfs(0x0, &(0x7f0000000100)='io\x00')
preadv(r8, 0x0, 0x0, 0x401, 0x9)
r9 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x40, 0x10, 0x49920d862a92153b, 0x0, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x41, 0x15001}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gtp={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GTP_FD0={0x8, 0x1, @udp=r9}]}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x40}}, 0x2400c080)

8.065917419s ago: executing program 2 (id=2148):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x8000)

7.969492066s ago: executing program 3 (id=2150):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0x24000880)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x4, 0x2c00000000000000, 0xb, 0x6a})
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x800, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000040)={0x1, 0x6576, 0x9})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002f80)=[{{&(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10, 0x0}}], 0x1, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(r2, 0x3b84, &(0x7f0000000100)={0x20, 0x0, 0x0, 0x0, &(0x7f0000000040)})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x5})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

7.689810315s ago: executing program 3 (id=2152):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0), 0x42280, 0x0)
close(r1)
ioctl$KVM_CHECK_EXTENSION(r2, 0xae01, 0x1)
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r1, 0x4020aed2, &(0x7f0000000040)={0x0, 0x399000, 0x8})
ioctl$KVM_SET_MEMORY_ATTRIBUTES(r1, 0x4020aed2, &(0x7f0000000000)={0x3000, 0x380000, 0x8}) (fail_nth: 3)

7.664649958s ago: executing program 2 (id=2153):
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
writev(r1, &(0x7f0000001700)=[{&(0x7f0000000300)="ae22c21e9327dacbfca03a2ad6ae398ebbf5339e60bce8e483bc051fb864b1100993504e934188058eb19351b6054d23c996a8df8aaa13efdc5cfa7be187061169b10c13eb2e7426806d9c1768583538fe465141fc7a33c439551147438d409eb01c76d78b40c900fbdc7e77d3d481ba428ffde950cd6ec959bc4dc72b573344ff53de219ac20753a0af3cd824aed5d6050dcec0c64107225b75a06d039a9e6c02a836724f00d4425093d4e5d3ecdc21a169cd", 0xb3}, {&(0x7f00000003c0)="1dd0bd7d35aa4be1ef71c3c0b97aa4f2a8b167b591c4ed22bffa0ee8f8854487f9fe3451023fbc0252bf630deaa17588bfa661143949dc66399445a66ab0498562bf1c8223c6bcc381f9c25a4d41fce9bb92d485bdf56c7cf9d1b8244e7c7041b133237938358349784cf5f4fa555f149f272f2888b375cc7047589128244b4a967d0b63665e5e79d25b1d2cf41dce009edd4d6e1c6d70274e2398162ce7", 0x9e}, {&(0x7f0000000100)}, {&(0x7f00000004c0)="b74f7d6ec8c1a01c30692f27050bc3af14059b19c85a", 0x16}, {0x0}, {&(0x7f0000000540)="c021d1dd3f695aaccd70d5af0507980f32ca030742913b8de2640280bd6bfa311b93bf649198a4dbc575b6384d3245e62924173864a8e93f04287873dadeba97d4b80714bfc55296775c41eec85c94dfe11bc6e52a3c979da6c3c9c6b1eebb682bf3b6cafc8c1bccc7b2cbf0c3bd707449e869116179fa46503430cc9c2641bba376e67fd27a400caa93dd19db0d73ed616e5f47a8b89a9c887b3fc3132dd9c1921d5ccd8116a282669d9e46da867549bd12caa337ec852fa5fd3e3ca27d7628705f00b5a3ec49e2f1a48eb50b4fe0bbe085a5ff904b8caf0fe119919b2f23d76f080de52f0af3f54643486cd5df1146ac67ca37df2479", 0xf7}, {&(0x7f0000000640)="a8f79b82f62c3edca03e5f", 0xb}, {&(0x7f0000000680)="100d22f288cc027164b2253d4788ee11e55c7db61fe36a09701f3bf87322d3371f507ae82fdc6775afd554595e556a685fe9b5e7d6aa1747d7327291e2c549af72720e2fbcd791ba5ad423d33d38ede500942971ce29bd81007970e3014df0492b85cd71de2ee7b737c3bfe6680ec39b878397422d69b56563e2199e49c3c0fc55a90af80aafc45522dfd20dd662d30101958e6f306c0f69f8c298553b51240c289a6731e87401fb39f8bb72cfa3434a5bef1712545af556f321d753cf65f7dc51d0be0ccb1321b9eac73777e7a7bbcad99a1d112845565b823d411d39f8a98a5dff7974c294349a113c46dc0d3372033cb28848e8490a54e2ba1130f77c87bd1b9e0d9813e38e590e062180d0ebe311401518e5a19dd19e8b2d0dc7597401ff0ec49902e20c6a65af1aa719fa2035bf4d64b3ed464cad178c9131ed91003f372a8ed4eba11c73d6ba86534e06f82d1f5f15fa06f0dda86efac42ecfa1adb47c7c00037254ae2cc4c391b5fdc566507106977ffe8d72ee4c49d0689aacdec4fce9b9c87d6c5281eec90ccb59a2713b34d63463a2cdc2b7d814e832698432a4c1ca5d2a6e514b33f593355935fbff1aeabd1755cf5cdc2acbf8c513883a816f340d18608c5b3cc406b86d1c1da38a096dc3d0a3394cd7bdb59703a344ebd4092a292042d6acc4cdd29a45516ef6fb8ac6e62a808f1745fbd1395817cd5156f085cee0ea74cd18ee07931e5d8ea720ede6bed042f9e2f5d432e7c41271618bcc69b73fa6637150adb3b71cc83cea30e3090cf3f3a3f6d853adad1cf0872b40cc9c898444d867f9092d047c983a5c9fa936d3ac85002a7ebcb1359b3a0fc8e8113d2c810783d2f34f0d21200176578fbf99d8fab62356bfb89de4fe892920999d6fc1817fafdaf4e79e219d29c6f0174624e59ea09f28839958213c9dae1feb21aea6e56420795e7d12ac38bc70a17218a555f3cef9970fcc336e03185b83ec49466f8a8834fe4493628fb8ac7c96fe1df6b7a55b8ef511a127e9d20b65e064865e17cdc9ade8112ce0956a1179a7bed60ac0b8907242bb2ec694339a8dbf1b07b3614d5c6904184135c9f4cbe77095a04b75e5f23ecfc26ee2286a722cf49ffd3eb77ddd0d0d03afbffa1f3cf9181d56a604d551cea8c8ac2ff1f939023494bb41088668b6382a7365eaf3f8fdba9e44094f11cc2d21714dece815ad90b6e35cc4d5e14598e4b8d8cbb8571b0bfbacfa51534467a920a491da3a2ee75bea588fce5e71fc992fc02467b88c1883495558ebd4756fc6fb880b7330538bbac72f4f71b3ba8a42bb9b5954df758aa4a64d0a80c3a0eb54fe21cd77d7db075d1e55ee94a6596623a7c4d490c52401dec1d35d50ddef8916a7ed90dc32f752595a5bfa07af7f22c8e077ff6b33b52cadd71c985d937a6f9670a0e941c8c7d395ac4c80a167eb27e2be76b1c2fcee68968cda05c5cab61db8452ee43afbdd7d0568e0c9ae64d5714e7b93c92750448815b7fd0cc00f5ab62ae5cab946c39e6428ce214880c746abfd93769a4774426730febf5aa16b89157ffb34fcacbd01c14953aa2312e939869a451078e00b46a454b1a3ca1b9517da288eb8ebbf90cac87c96c716b191faa8d9f9cd5749f7036bd18ccd629bc15115f272836dd283a81343c416f2e270194dd6bf05b610f0c88de75a7066221e38bab5c0774d8fef1a84538db88b3702cb24be484d2eee97d9515fedddefc78e5d7cbce35f62b88f4f4e21775f431fd15d9f640a8e8cb27a5cbe4370a17fe0a5501f4b4b7ad021a7d1634b99f8cb3e42f79be9f5edb3967a84377508c4f1d69436e4bff18aa91fc5144aec82d520754f53eb1cfdd99174f2a759130386d68053c064675f1dbbb3f95baa69793d5b238dd8089e3b12aa4eb0d4170be7a52c093957b9eeb9c13d2f7a0fcf274b0572bcefc7f21a983d6ac6a188e931dff4f699f7dc78565cb4f3a14b7d7398f4aee282987325e82c3d78e6dfcdc4e19aed6e1a87e3c851a1a6fc484230059f65470e6b212a084e1de5e857c57ca5cde1081f41f33d476e470df29e259d5944cbb6353b0363d19e6d984306e60b257fff870ade7b69744462da28691d7f353bb87cab4e398bf6ac7c07c71a44a7d39777cf4a189440249aed1602bc0606178573bf12329a3092dae6a5ceaf9631750a98a3798fdf2d4c990bc2658a7181e255cbf759972ffa598c83c51a6e44c7f20bc0e026fe65d969920a8eb6c46c4500b36ffe8d8600768844de5f88ef6825098186129bef9efd6e783f24537316846ac458674694f4603977646a83391de3a55c0151cb3c720d8038497d7765a41e8d5212a8a35b6f692af4e926db43e6d3922a95006ef1dd4e9d0ab3e5833b8443f59302e26d356032e05cc73ced718aaa61035ec0e97af437aa04831a92a55987c6f978051a097b7ad78d7fc0eefde5c9f20ae896d1cb53de8c5f575858d3d0af88bc4716399cd824426e11ba23206c8850c1091a186d9f4e7e692fead94bc257eb97ad6ab1ba31e117e4a0a326f28493ee71f5dae2306b55e552523335beca1a8503c223da7c5a03ec95e739b1fd63c2e0cf33bbbee8f4acb73cece57daabe93e96a6b03fff75c043e7421964130202a887155efde33d61fc1d4bfae8030c1cb71a37a5151dde639e66366f2bbcdf84df972884a3ddbcad91f2a010e8a494e67cf283222c61b905e2a7d11daf16a0cfd3291d8e828f71bd3d08a11a5d9d59f903d0c68f024fcc9e5edd81c5d33340f9b4fdc392feba68c1a219a1e056b67805ad2ac09d17cd942e7514341ede1332d43b9a5ed6e9e12e5f4d034417362397a5861e6b8ca186a3e78c7b89ccf3e37a1959022a9b530c07fa175e4140e0266507128b60917853998a79d9c4f17429fc76725cda0cdaca5f778505ff192424b90ddd8b9282b15e6943cf453eb95391bc9ef9a858acd0256e5cf484e6f10a3ce7c98fe994bdf09f773eb593344b300c251912a6139b51b9338809f2b8a2352473637affc316721786368f9a8798d5e176236d50a46f4e0300b33d2f126cb7c2c4fdaa3c569e1e26dd62466a3f01c7dcf1041738f0858212cf4f9f0350bc79e5eb00db1a18f666e296da317afea9a9542faa912c31e03e0c2fa385e2cfd70d149b87a5fa74480c3e007c6918504a23e894b25b6d4fdd40defe6c31f9ac0b9528551bb95cb4d91ca0e7b10e9ba5a1db6480d0c82f6e727bbf5b8db827a9d200bc37a9628930417eb91f35ffd3d20017f8d11b2758777f2927a7142ab21b6e1bd9c268d609dd2bad72820ce05cf1fe090271582e8c04ffaf669c5209b4bac43690acb52abe29bc469db7a283e590893300f57cc5a07b3634da946f255881e1efec21a3c29d8cbeb704c754f6540ceb016d7da25a9a5d614988dcd49bb4cdcae4c2831e739982d21703b34f7c8ba2bd7c8e0ef30a9d78027c9d61a8d6152896dc73b62faabde9307507d30336d11cb4cf7be88387f06906e9944482f77d75e6bca560d6b4c8c146fe0c6fce09cc41fb83ec997b2ece8f1825c8eb927f193938eeb8df11a4ee9f7c4ef9e4e11403074b2235f82834d6db37688e5e14c9afb6034f256d84a19eae70b2385dba6b39ed8d1541a5ec97362c2f0be78ab14f91c428c69ffe7e45e7f58f3cbd561c385ed0f9815ebdfe0334e0c71cdbc1cf102474381190a7f7769a08b686434e18cd9381beb7b0ba05b745598cc85e87cef0d52670bf981817f83631f399de550e38ea4a061bec62a3f09c9a6779167c5c5ae56d310fca7b5b3ded1d1ecfa2dc9c29ca6e215ca1518cc6cc4653078560b7c4638cacea64479edc9f5b6891f3dc273c1a605893018cc8d5be594af9b88fecf5ef8351e932ef63835b06eb2e7fdad42d7f164bc822c8de3759380f5a0ecfaced2c28f9ce58da33b7756c9d3ef32b31fcae1af105efcce64aa564118f0e4973e464cf71311d36d3325ddd4229ff689f9fc8595f576ed00ea0e38eec7ce1ebd39d3b10fa91b0d95be71b7e286d0c53e3d9afebe8115b4259eb85c5366e3b298815d46a6621d67a674ab80e0d67f48cd06ab5d64f9ca2717026e50c8465d1d106406775926aef5a1c8ee796c835e78477a2c2e54e7980b33f606fa56b2b40f28fc0545865dfde5538bdcdc847da0b136cb95ce366338112a9d732ecbc755c04d640d48ea4b209568c3ae0888ce0bf27f49d64fcbfadefd11d4f57d580432652f18fce0c5044b4a55f66627d004fc10d863102da84cf66e549fde0bc4073fb447688eb39fb1e5b414c67ca3b5f130d5e4c389fe9a587cd4be4d12f77e93aa0ac01572534f764cc0f779433e5e9195211705501299efd1990cec3ab54b6d66e72500d05af0604b84584c7722a8cf8ecafe59fdf2694d73b2bf81a663393e158aec30d02e8daa0e06cf7387af20430431c3d8b1d2f9cac1a0eaf3e25ef768bb619568010c925750a27230ed565ceccc38c3c403de48ad410cbf152bb1692afb098d41966fbabee680ef92755fee228715d2aeea14dd9b48ddc587dae94e513abda23912d850506db789933eff9630fc374d279d28336556c0f1dc1946d40eb788e28c9c3e5bc57c5f7c943714b7f6e98349bebc9c4183ca76895fbf0c9f616cc1d687bae33da5f3ab213271aff7bf340876e30f70c96ac7fd80818be2d42d473b512bfb54cd409cf6c28742c9819dd16d7d82bc77dd7f8f194e525ed8edfa1a94f175fd86302d1ec8d2419da967326b142afdf23517728cd867cee0f81748bb8998d11c8d8e4eda16ed36d870362971c8aab7127f3eeba7dc6b7ac9c9c711289c700925a9e60a9e2ed40fd0b681965e455a91ed96010844508d8069db1e2a0a89729675128863bbd6cb31cd0d3739f03a46273f55f0d0730b1fa7eec9c6d2d41f9730f49076fa02ef527008babfce9a07c34e9677d21a7885baf7e40646f44d0d9b539ef64fe25bf889df5585ca3286fe020fbaf125f4d0af55838f8ec66b0511804e0343fa3e691e01663c438a3f13a38c6b56f14675b71e4995613d774d80826d842cfabceaff2fc12f8914b0df20c685287ac64eab3daecab7059bcdb40200857962817c29cae50fb4792fdde90af3f701a2a6d2269b7268b04d62b0a6e7b27cb8b091e6fd26a19fe47295e9481da04c22cfb6e50b239864002e5604e13331de1c0b61f68bac9e55afb8285b5d323fa2c11bbe99b8a4aa1b0ec51c24e77e84462becddf64d8d9d9d05a311aaacf409e36f89de5ffb167a587294064c4dc3dd6a1655ccfffed6427ea7570f0dcb0398f84803ee5b389bede334cfff237b2f2f6fc45b28ce22bdebb6a74d40f2122d11d19f32e6a490ee1b0db491bfb0c53c1340997e75af0b75c041cbe37db04d81d7bf6b62e0df431c2fa5db4f8a94c4fcb6dc9f43a742b42d40b18794f76d7484cda90aad605f13aaf00bda755e22686702522166d68bcb0aba4302ccbc91b7384bbe4216a305469f5344cec1189049abe17bb1e4e04bc6d2bda5d9604522e5af5e968c297afcadfaa7222ac646c230846fcb47769df68202e520a6caaff3d54fb1b39a94e8e186a4faf1b487a62276f123b59f474cebb88076ecb8b82d4e90fca881386003508325f56c7efdbb5966368dda00fc182d3a1204b130e2cb30bd166d947c9694b7a6da42bc48711e20356774a21df2e9f9f9676ffdb4eb519581c08ac15c5b5c3113734b6c1f836b6afd9b9fa746b1bb4a5f67ba4ddac2c9f9a1ff833a7fee6f45221794683094a94f856d1807b4fcd9dbe1326ea0ad950f582fcbbf", 0x1000}, {&(0x7f0000001680)="16c2ba39e837968edbecbb8120214701fd42bb0c34d0", 0x16}, {&(0x7f00000016c0)="90a9666a120d128cca5c7a5f3dd290922897c8b899c28510e26f64a0ba80124b57a4ed374cd1a32b5602e41b530617d792a2671de2c386e664fbdcbbd6ab3f", 0x3f}], 0xa)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000180))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x693, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r7, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
r8 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r8, &(0x7f0000000040)={0x18, 0x0, {0x1, @multicast, 'ip6gre0\x00'}}, 0x1e)
close(r7)
sendmsg$nl_generic(r6, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000009040), r6)
dup3(r0, 0xffffffffffffffff, 0x0)

6.791882785s ago: executing program 3 (id=2156):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="12011f00abbe6740e9174e8b089c000000010902120001000000000904000000ff"], 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f0000002880), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_HARDIF(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)={0x1c, r2, 0x711, 0x70bd2e, 0x25dfdbff, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x28008040}, 0x40000)
r3 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.time_recursive\x00', 0x275a, 0x0)
r5 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r5, 0x0, 0x119)
copy_file_range(r4, 0x0, r3, 0x0, 0x8, 0x0)
ioctl$DRM_IOCTL_MODE_GET_LEASE(r4, 0xc01064c8, &(0x7f00000000c0)={0x1, 0x0, &(0x7f0000000040)=[0x0]})
syz_usb_control_io(r0, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0xfd, 0x0, 0x7ffffcb9}]})
epoll_create(0x5)
r6 = syz_open_dev$video(&(0x7f00000004c0), 0x81, 0xa082)
ioctl$VIDIOC_G_FMT(r6, 0xc0d05605, &(0x7f0000000380)={0xd, @sdr={0x0, 0x4000000}})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000080)={0x10, 0x0, &(0x7f0000000100)={0x0, 0xa, 0x1, 0x8}, 0x0})
syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000100)=ANY=[], 0x0, 0x0, 0x0, 0x0}, 0x0)

5.967633501s ago: executing program 1 (id=2161):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000f80), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_STATION(r1, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000010c0)={0x30, r0, 0xb97534d5fe9704cf, 0x0, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_STA_LISTEN_INTERVAL={0x6}]}, 0x30}}, 0xc0c0)

5.966738791s ago: executing program 2 (id=2162):
socket$inet6(0xa, 0x3, 0x8000000003c)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0xf, 0xfffffffffffffffe}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000002000/0x3000)=nil, 0x3000, 0x2000000, 0x12, r2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x8, 0xf, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000b4321f00000000000a00630018000000", @ANYRES32=0x0, @ANYBLOB="0000000000000100b706000014000000b703000000060000850000002f000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f00000000c0)='GPL\x00', 0x9, 0x1000, &(0x7f0000001e40)=""/4096, 0x0, 0x8, '\x00', 0x0, 0x0, r2, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000fc0)={0x0, 0x0, &(0x7f0000000f80)={&(0x7f0000000000)={0x28, 0x2, 0x3, 0x401, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFQA_CFG_PARAMS={0x9, 0x2, {0x3dd, 0x1}}, @NFQA_CFG_CMD={0x8, 0x1, {0x4, 0x0, 0x16}}]}, 0x28}, 0x1, 0x0, 0x0, 0x4000004}, 0x20040070)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8c0}, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000280), 0x10)
ioctl$int_in(r1, 0x5421, &(0x7f00000000c0)=0x4)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r4 = syz_usb_connect(0x1, 0x3f, 0x0, 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r4, 0x0, 0x0)
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x800)
ioctl$FS_IOC_GETVERSION(r5, 0x5b15, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0xffff, 0x9)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
set_mempolicy(0x6005, 0x0, 0x4)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)

5.857898955s ago: executing program 1 (id=2164):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x4c, 0x0, &(0x7f0000000500)=[@transaction_sg={0x40486311, {0x2, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x70, 0x18, &(0x7f00000002c0)={@ptr={0x70742a85, 0x1, &(0x7f0000000100)=""/187, 0xbb, 0x0, 0x37}, @fda={0x66646185, 0x1, 0x0, 0x3e}, @ptr={0x70742a85, 0x1, &(0x7f0000000280)=""/22, 0x16, 0x1, 0x3a}}, &(0x7f00000004c0)={0x0, 0x28, 0x44}}, 0x40}], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x60, &(0x7f0000000440)={@flat=@weak_binder={0x77622a85, 0x1000, 0x2}, @flat=@binder={0x73622a85, 0xa, 0x3}, @flat=@binder={0x73622a85, 0x1000}}, &(0x7f0000000240)={0x0, 0x18, 0x30}}, 0x1000}], 0x0, 0x0, 0x0})

5.76722845s ago: executing program 1 (id=2166):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x4001, 0x3, 0x2dc, 0x1b4, 0x0, 0x148, 0x1b4, 0x148, 0x248, 0x240, 0x240, 0x248, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x190, 0x1b4, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x0, 0x0, 0x2, 0x0, 'syz1\x00'}}, @common=@addrtype={{0x2c}}]}, @common=@inet=@SYNPROXY={0x24}}, {{@uncond, 0x0, 0x70, 0x94}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x338)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
r3 = socket(0x10, 0x80002, 0x0)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000040)={0x4001}, 0xfea3)
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@ipv6_getaddr={0x20, 0x16, 0x3c2be10bca706f15, 0x0, 0x0, {0x3}, [@IFA_TARGET_NETNSID={0x8}]}, 0x20}}, 0x0)
r5 = inotify_init1(0x0)
inotify_add_watch(r5, &(0x7f0000000400)='.\x00', 0xa4000021)
read(r5, 0x0, 0x0)
close(r5)
r6 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r6, 0x29, 0x20, &(0x7f00000000c0)={@rand_addr=' \x01\x00', 0x800, 0x0, 0x103, 0x1}, 0x20)
sendmsg$inet6(r6, &(0x7f0000000100)={&(0x7f0000000040)={0xa, 0x4e24, 0x0, @dev}, 0x1c, 0x0}, 0x0)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r9=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x44, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_TX_RATES={0x28, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x4}, @NL80211_BAND_5GHZ={0x20, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x4, 0x6, 0x1}, @NL80211_TXRATE_LEGACY={0x11, 0x1, [0x18, 0x30, 0xb, 0x4, 0x2, 0x0, 0x48, 0xc, 0x6c, 0xb, 0x18, 0x3, 0x3]}]}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x24040887}, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000bc0)=@bridge_setlink={0x2c, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x3, 0x0, 0x1, {0x4, 0x5}}]}]}, 0x2c}}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000500)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x44, 0x44, 0x7, [@restrict={0x4, 0x0, 0x0, 0xb, 0x5}, @type_tag={0xf, 0x0, 0x0, 0x12, 0x1}, @const={0xc}, @int={0x3, 0x0, 0x0, 0x1, 0x0, 0x6a, 0x0, 0x39, 0x4}, @decl_tag={0x2, 0x0, 0x0, 0x11, 0x5, 0x3}]}, {0x0, [0x2e, 0x4974299ed54ae749, 0x0, 0x30, 0x425c46dedd9eb563]}}, &(0x7f0000000440)=""/178, 0x63, 0xb2, 0x0, 0x1c0000, 0x0, @void, @value}, 0x28)

5.404675291s ago: executing program 1 (id=2168):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x8c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1], 0x0, [0x8, 0x4, 0x2, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0xffff, 0x0, 0xfffd]}}]}}]}, 0x8c}}, 0x0)

5.255885469s ago: executing program 1 (id=2169):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb00000001090224"], 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000000))
lseek(0xffffffffffffffff, 0xffffeffffffffffe, 0x0)
r3 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r3, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/96, 0x128000, 0x800}, 0x20)
socket$inet6_udp(0xa, 0x2, 0x0)
bind$xdp(r3, &(0x7f00000002c0), 0x10)
syz_open_procfs(0x0, &(0x7f0000000440)='projid_map\x00')
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000003800010329bd7000fadbdb2504"], 0x14}}, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000740), 0xffffffffffffffff)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000040), r0)
syz_clone(0x8000000, &(0x7f0000000080)="93b12b570753b7b07eee9bb9796cc71371ab7a2c77a77d122c643803d7f1fec6747723448ddd1a011aaef0", 0x2b, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000200)="6c9da1e580cf456d4ee3b4fa85318e211ee2c3596b3e7d261347b8408db38416ef85e0b526675952215f46565445acae42b79f90674db9e3084e930ed51048fb4902315e38f37493a66c69b509688a609e309ed692e3a8b7c298e7f1bf00c95cfcf6581fb8d95c5896348a4710be47cf1a81373afb5834f9083e8909e5a69c2a8714b691710a85bd94b422c573c413ac0cc37395cef16934925125dc32a9cf0addec8552130dc32bc94c53982573d4316b64e3c9bca5c7ae")

4.727832401s ago: executing program 4 (id=2170):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000040)=0x1b3a, 0x4)
sendto$inet(r0, &(0x7f0000000380)='m', 0x1, 0x14000000, 0x0, 0x0)

4.72752917s ago: executing program 3 (id=2171):
r0 = socket$netlink(0x10, 0x3, 0x0)
socket(0x400000000010, 0x3, 0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x80400, 0x0)
socket(0x10, 0x803, 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
sendmsg$IPVS_CMD_ZERO(r3, &(0x7f0000000700)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000680)={0x20, r4, 0x1, 0x70bd2c, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_DEST={0x4}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x40}]}, 0x20}, 0x1, 0x0, 0x0, 0x400c082}, 0x8000)
sendmsg$IPVS_CMD_GET_SERVICE(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000080)={&(0x7f0000000300)={0xf8, r4, 0x300, 0x70bd2a, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x40, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@private=0xa010102}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x6, 0xb, 0x2}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0x8}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x80000}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x15de}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x2f}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x50}, @IPVS_SVC_ATTR_AF={0x6, 0x1, 0x2}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}, @IPVS_CMD_ATTR_DAEMON={0x3c, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @initdev={0xac, 0x1e, 0x0, 0x0}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x8001}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'batadv_slave_0\x00'}, @IPVS_DAEMON_ATTR_MCAST_IFN={0x14, 0x2, 'team_slave_1\x00'}]}, @IPVS_CMD_ATTR_SERVICE={0x24, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_FLAGS={0xc}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x22, 0x18}}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e23}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x10000}]}, 0xf8}, 0x1, 0x0, 0x0, 0x240040d5}, 0x40000)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io$hid(r2, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x22, 0xf, {[@global=@item_012={0x0, 0x1, 0x5}, @local=@item_4={0x3, 0x2, 0x0, "45501821"}, @global=@item_012={0x1, 0x1, 0x9, "f5"}, @global=@item_012={0x1, 0x1, 0x7, "84"}, @main=@item_4={0x3, 0x0, 0x8, "9e3ce079"}]}}, 0x0}, 0x0)
syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
pselect6(0x40, &(0x7f0000000600)={0x11, 0xfffffffffffffffc, 0x6, 0x0, 0xfffffffffffffffe, 0x8, 0x0, 0x8}, 0x0, &(0x7f0000000680)={0x7fc, 0x2, 0x8, 0xfffffffffffffffe, 0x0, 0xc3ad}, 0x0, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

4.72735526s ago: executing program 4 (id=2172):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
getpid()
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x20000045, &(0x7f00000002c0)={0xa, 0x2, 0x395, @empty}, 0x1c)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_tables_matches\x00')
fcntl$setstatus(r0, 0x4, 0xa000)
shutdown(r0, 0x1)

4.727014569s ago: executing program 4 (id=2173):
r0 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000002c0)='./cgroup.cpu/syz0\x00', 0x200002, 0x0)
writev(r1, &(0x7f0000001700)=[{&(0x7f0000000300)="ae22c21e9327dacbfca03a2ad6ae398ebbf5339e60bce8e483bc051fb864b1100993504e934188058eb19351b6054d23c996a8df8aaa13efdc5cfa7be187061169b10c13eb2e7426806d9c1768583538fe465141fc7a33c439551147438d409eb01c76d78b40c900fbdc7e77d3d481ba428ffde950cd6ec959bc4dc72b573344ff53de219ac20753a0af3cd824aed5d6050dcec0c64107225b75a06d039a9e6c02a836724f00d4425093d4e5d3ecdc21a169cd", 0xb3}, {&(0x7f00000003c0)="1dd0bd7d35aa4be1ef71c3c0b97aa4f2a8b167b591c4ed22bffa0ee8f8854487f9fe3451023fbc0252bf630deaa17588bfa661143949dc66399445a66ab0498562bf1c8223c6bcc381f9c25a4d41fce9bb92d485bdf56c7cf9d1b8244e7c7041b133237938358349784cf5f4fa555f149f272f2888b375cc7047589128244b4a967d0b63665e5e79d25b1d2cf41dce009edd4d6e1c6d70274e2398162ce7", 0x9e}, {&(0x7f0000000100)}, {&(0x7f00000004c0)="b74f7d6ec8c1a01c30692f27050bc3af14059b19c85a", 0x16}, {0x0}, {&(0x7f0000000540)="c021d1dd3f695aaccd70d5af0507980f32ca030742913b8de2640280bd6bfa311b93bf649198a4dbc575b6384d3245e62924173864a8e93f04287873dadeba97d4b80714bfc55296775c41eec85c94dfe11bc6e52a3c979da6c3c9c6b1eebb682bf3b6cafc8c1bccc7b2cbf0c3bd707449e869116179fa46503430cc9c2641bba376e67fd27a400caa93dd19db0d73ed616e5f47a8b89a9c887b3fc3132dd9c1921d5ccd8116a282669d9e46da867549bd12caa337ec852fa5fd3e3ca27d7628705f00b5a3ec49e2f1a48eb50b4fe0bbe085a5ff904b8caf0fe119919b2f23d76f080de52f0af3f54643486cd5df1146ac67ca37df2479", 0xf7}, {&(0x7f0000000640)="a8f79b82f62c3edca03e5f", 0xb}, {&(0x7f0000000680)="100d22f288cc027164b2253d4788ee11e55c7db61fe36a09701f3bf87322d3371f507ae82fdc6775afd554595e556a685fe9b5e7d6aa1747d7327291e2c549af72720e2fbcd791ba5ad423d33d38ede500942971ce29bd81007970e3014df0492b85cd71de2ee7b737c3bfe6680ec39b878397422d69b56563e2199e49c3c0fc55a90af80aafc45522dfd20dd662d30101958e6f306c0f69f8c298553b51240c289a6731e87401fb39f8bb72cfa3434a5bef1712545af556f321d753cf65f7dc51d0be0ccb1321b9eac73777e7a7bbcad99a1d112845565b823d411d39f8a98a5dff7974c294349a113c46dc0d3372033cb28848e8490a54e2ba1130f77c87bd1b9e0d9813e38e590e062180d0ebe311401518e5a19dd19e8b2d0dc7597401ff0ec49902e20c6a65af1aa719fa2035bf4d64b3ed464cad178c9131ed91003f372a8ed4eba11c73d6ba86534e06f82d1f5f15fa06f0dda86efac42ecfa1adb47c7c00037254ae2cc4c391b5fdc566507106977ffe8d72ee4c49d0689aacdec4fce9b9c87d6c5281eec90ccb59a2713b34d63463a2cdc2b7d814e832698432a4c1ca5d2a6e514b33f593355935fbff1aeabd1755cf5cdc2acbf8c513883a816f340d18608c5b3cc406b86d1c1da38a096dc3d0a3394cd7bdb59703a344ebd4092a292042d6acc4cdd29a45516ef6fb8ac6e62a808f1745fbd1395817cd5156f085cee0ea74cd18ee07931e5d8ea720ede6bed042f9e2f5d432e7c41271618bcc69b73fa6637150adb3b71cc83cea30e3090cf3f3a3f6d853adad1cf0872b40cc9c898444d867f9092d047c983a5c9fa936d3ac85002a7ebcb1359b3a0fc8e8113d2c810783d2f34f0d21200176578fbf99d8fab62356bfb89de4fe892920999d6fc1817fafdaf4e79e219d29c6f0174624e59ea09f28839958213c9dae1feb21aea6e56420795e7d12ac38bc70a17218a555f3cef9970fcc336e03185b83ec49466f8a8834fe4493628fb8ac7c96fe1df6b7a55b8ef511a127e9d20b65e064865e17cdc9ade8112ce0956a1179a7bed60ac0b8907242bb2ec694339a8dbf1b07b3614d5c6904184135c9f4cbe77095a04b75e5f23ecfc26ee2286a722cf49ffd3eb77ddd0d0d03afbffa1f3cf9181d56a604d551cea8c8ac2ff1f939023494bb41088668b6382a7365eaf3f8fdba9e44094f11cc2d21714dece815ad90b6e35cc4d5e14598e4b8d8cbb8571b0bfbacfa51534467a920a491da3a2ee75bea588fce5e71fc992fc02467b88c1883495558ebd4756fc6fb880b7330538bbac72f4f71b3ba8a42bb9b5954df758aa4a64d0a80c3a0eb54fe21cd77d7db075d1e55ee94a6596623a7c4d490c52401dec1d35d50ddef8916a7ed90dc32f752595a5bfa07af7f22c8e077ff6b33b52cadd71c985d937a6f9670a0e941c8c7d395ac4c80a167eb27e2be76b1c2fcee68968cda05c5cab61db8452ee43afbdd7d0568e0c9ae64d5714e7b93c92750448815b7fd0cc00f5ab62ae5cab946c39e6428ce214880c746abfd93769a4774426730febf5aa16b89157ffb34fcacbd01c14953aa2312e939869a451078e00b46a454b1a3ca1b9517da288eb8ebbf90cac87c96c716b191faa8d9f9cd5749f7036bd18ccd629bc15115f272836dd283a81343c416f2e270194dd6bf05b610f0c88de75a7066221e38bab5c0774d8fef1a84538db88b3702cb24be484d2eee97d9515fedddefc78e5d7cbce35f62b88f4f4e21775f431fd15d9f640a8e8cb27a5cbe4370a17fe0a5501f4b4b7ad021a7d1634b99f8cb3e42f79be9f5edb3967a84377508c4f1d69436e4bff18aa91fc5144aec82d520754f53eb1cfdd99174f2a759130386d68053c064675f1dbbb3f95baa69793d5b238dd8089e3b12aa4eb0d4170be7a52c093957b9eeb9c13d2f7a0fcf274b0572bcefc7f21a983d6ac6a188e931dff4f699f7dc78565cb4f3a14b7d7398f4aee282987325e82c3d78e6dfcdc4e19aed6e1a87e3c851a1a6fc484230059f65470e6b212a084e1de5e857c57ca5cde1081f41f33d476e470df29e259d5944cbb6353b0363d19e6d984306e60b257fff870ade7b69744462da28691d7f353bb87cab4e398bf6ac7c07c71a44a7d39777cf4a189440249aed1602bc0606178573bf12329a3092dae6a5ceaf9631750a98a3798fdf2d4c990bc2658a7181e255cbf759972ffa598c83c51a6e44c7f20bc0e026fe65d969920a8eb6c46c4500b36ffe8d8600768844de5f88ef6825098186129bef9efd6e783f24537316846ac458674694f4603977646a83391de3a55c0151cb3c720d8038497d7765a41e8d5212a8a35b6f692af4e926db43e6d3922a95006ef1dd4e9d0ab3e5833b8443f59302e26d356032e05cc73ced718aaa61035ec0e97af437aa04831a92a55987c6f978051a097b7ad78d7fc0eefde5c9f20ae896d1cb53de8c5f575858d3d0af88bc4716399cd824426e11ba23206c8850c1091a186d9f4e7e692fead94bc257eb97ad6ab1ba31e117e4a0a326f28493ee71f5dae2306b55e552523335beca1a8503c223da7c5a03ec95e739b1fd63c2e0cf33bbbee8f4acb73cece57daabe93e96a6b03fff75c043e7421964130202a887155efde33d61fc1d4bfae8030c1cb71a37a5151dde639e66366f2bbcdf84df972884a3ddbcad91f2a010e8a494e67cf283222c61b905e2a7d11daf16a0cfd3291d8e828f71bd3d08a11a5d9d59f903d0c68f024fcc9e5edd81c5d33340f9b4fdc392feba68c1a219a1e056b67805ad2ac09d17cd942e7514341ede1332d43b9a5ed6e9e12e5f4d034417362397a5861e6b8ca186a3e78c7b89ccf3e37a1959022a9b530c07fa175e4140e0266507128b60917853998a79d9c4f17429fc76725cda0cdaca5f778505ff192424b90ddd8b9282b15e6943cf453eb95391bc9ef9a858acd0256e5cf484e6f10a3ce7c98fe994bdf09f773eb593344b300c251912a6139b51b9338809f2b8a2352473637affc316721786368f9a8798d5e176236d50a46f4e0300b33d2f126cb7c2c4fdaa3c569e1e26dd62466a3f01c7dcf1041738f0858212cf4f9f0350bc79e5eb00db1a18f666e296da317afea9a9542faa912c31e03e0c2fa385e2cfd70d149b87a5fa74480c3e007c6918504a23e894b25b6d4fdd40defe6c31f9ac0b9528551bb95cb4d91ca0e7b10e9ba5a1db6480d0c82f6e727bbf5b8db827a9d200bc37a9628930417eb91f35ffd3d20017f8d11b2758777f2927a7142ab21b6e1bd9c268d609dd2bad72820ce05cf1fe090271582e8c04ffaf669c5209b4bac43690acb52abe29bc469db7a283e590893300f57cc5a07b3634da946f255881e1efec21a3c29d8cbeb704c754f6540ceb016d7da25a9a5d614988dcd49bb4cdcae4c2831e739982d21703b34f7c8ba2bd7c8e0ef30a9d78027c9d61a8d6152896dc73b62faabde9307507d30336d11cb4cf7be88387f06906e9944482f77d75e6bca560d6b4c8c146fe0c6fce09cc41fb83ec997b2ece8f1825c8eb927f193938eeb8df11a4ee9f7c4ef9e4e11403074b2235f82834d6db37688e5e14c9afb6034f256d84a19eae70b2385dba6b39ed8d1541a5ec97362c2f0be78ab14f91c428c69ffe7e45e7f58f3cbd561c385ed0f9815ebdfe0334e0c71cdbc1cf102474381190a7f7769a08b686434e18cd9381beb7b0ba05b745598cc85e87cef0d52670bf981817f83631f399de550e38ea4a061bec62a3f09c9a6779167c5c5ae56d310fca7b5b3ded1d1ecfa2dc9c29ca6e215ca1518cc6cc4653078560b7c4638cacea64479edc9f5b6891f3dc273c1a605893018cc8d5be594af9b88fecf5ef8351e932ef63835b06eb2e7fdad42d7f164bc822c8de3759380f5a0ecfaced2c28f9ce58da33b7756c9d3ef32b31fcae1af105efcce64aa564118f0e4973e464cf71311d36d3325ddd4229ff689f9fc8595f576ed00ea0e38eec7ce1ebd39d3b10fa91b0d95be71b7e286d0c53e3d9afebe8115b4259eb85c5366e3b298815d46a6621d67a674ab80e0d67f48cd06ab5d64f9ca2717026e50c8465d1d106406775926aef5a1c8ee796c835e78477a2c2e54e7980b33f606fa56b2b40f28fc0545865dfde5538bdcdc847da0b136cb95ce366338112a9d732ecbc755c04d640d48ea4b209568c3ae0888ce0bf27f49d64fcbfadefd11d4f57d580432652f18fce0c5044b4a55f66627d004fc10d863102da84cf66e549fde0bc4073fb447688eb39fb1e5b414c67ca3b5f130d5e4c389fe9a587cd4be4d12f77e93aa0ac01572534f764cc0f779433e5e9195211705501299efd1990cec3ab54b6d66e72500d05af0604b84584c7722a8cf8ecafe59fdf2694d73b2bf81a663393e158aec30d02e8daa0e06cf7387af20430431c3d8b1d2f9cac1a0eaf3e25ef768bb619568010c925750a27230ed565ceccc38c3c403de48ad410cbf152bb1692afb098d41966fbabee680ef92755fee228715d2aeea14dd9b48ddc587dae94e513abda23912d850506db789933eff9630fc374d279d28336556c0f1dc1946d40eb788e28c9c3e5bc57c5f7c943714b7f6e98349bebc9c4183ca76895fbf0c9f616cc1d687bae33da5f3ab213271aff7bf340876e30f70c96ac7fd80818be2d42d473b512bfb54cd409cf6c28742c9819dd16d7d82bc77dd7f8f194e525ed8edfa1a94f175fd86302d1ec8d2419da967326b142afdf23517728cd867cee0f81748bb8998d11c8d8e4eda16ed36d870362971c8aab7127f3eeba7dc6b7ac9c9c711289c700925a9e60a9e2ed40fd0b681965e455a91ed96010844508d8069db1e2a0a89729675128863bbd6cb31cd0d3739f03a46273f55f0d0730b1fa7eec9c6d2d41f9730f49076fa02ef527008babfce9a07c34e9677d21a7885baf7e40646f44d0d9b539ef64fe25bf889df5585ca3286fe020fbaf125f4d0af55838f8ec66b0511804e0343fa3e691e01663c438a3f13a38c6b56f14675b71e4995613d774d80826d842cfabceaff2fc12f8914b0df20c685287ac64eab3daecab7059bcdb40200857962817c29cae50fb4792fdde90af3f701a2a6d2269b7268b04d62b0a6e7b27cb8b091e6fd26a19fe47295e9481da04c22cfb6e50b239864002e5604e13331de1c0b61f68bac9e55afb8285b5d323fa2c11bbe99b8a4aa1b0ec51c24e77e84462becddf64d8d9d9d05a311aaacf409e36f89de5ffb167a587294064c4dc3dd6a1655ccfffed6427ea7570f0dcb0398f84803ee5b389bede334cfff237b2f2f6fc45b28ce22bdebb6a74d40f2122d11d19f32e6a490ee1b0db491bfb0c53c1340997e75af0b75c041cbe37db04d81d7bf6b62e0df431c2fa5db4f8a94c4fcb6dc9f43a742b42d40b18794f76d7484cda90aad605f13aaf00bda755e22686702522166d68bcb0aba4302ccbc91b7384bbe4216a305469f5344cec1189049abe17bb1e4e04bc6d2bda5d9604522e5af5e968c297afcadfaa7222ac646c230846fcb47769df68202e520a6caaff3d54fb1b39a94e8e186a4faf1b487a62276f123b59f474cebb88076ecb8b82d4e90fca881386003508325f56c7efdbb5966368dda00fc182d3a1204b130e2cb30bd166d947c9694b7a6da42bc48711e20356774a21df2e9f9f9676ffdb4eb519581c08ac15c5b5c3113734b6c1f836b6afd9b9fa746b1bb4a5f67ba4ddac2c9f9a1ff833a7fee6f45221794683094a94f856d1807b4fcd9dbe1326ea0ad950f582fcbbf", 0x1000}, {&(0x7f0000001680)="16c2ba39e837968edbecbb8120214701fd42bb0c34d0", 0x16}, {&(0x7f00000016c0)="90a9666a120d128cca5c7a5f3dd290922897c8b899c28510e26f64a0ba80124b57a4ed374cd1a32b5602e41b530617d792a2671de2c386e664fbdcbbd6ab3f", 0x3f}], 0xa)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000180))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x693, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000005700)={{}, &(0x7f0000005680), &(0x7f00000056c0)}, 0x20)
r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r7, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
r8 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r8, &(0x7f0000000040)={0x18, 0x0, {0x1, @multicast, 'ip6gre0\x00'}}, 0x1e)
close(r7)
sendmsg$nl_generic(r6, &(0x7f00000015c0)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000009040), r6)
dup3(r0, 0xffffffffffffffff, 0x0)

4.725653958s ago: executing program 0 (id=2174):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
syz_open_procfs(0x0, &(0x7f0000000000)='net\x00')
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x10, 0x803, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001100a7cc4a372eaf541d002007000000", @ANYRES32=r1, @ANYBLOB="00000000100000001c001a80080002802d00ff0008000200", @ANYRES16=r2, @ANYRES32=r2], 0x44}}, 0x0)

4.273063631s ago: executing program 0 (id=2175):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={0x0}, 0x1, 0x0, 0x0, 0x80}, 0x24000880)
ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000140)={0x0, 0xffffffffffffffff, 0x4, 0x2c00000000000000, 0xb, 0x6a})
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x800, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000040)={0x1, 0x6576, 0x9})
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000002f80)=[{{&(0x7f0000000080)={0x2, 0x4e23, @remote}, 0x10, 0x0}}], 0x1, 0x0)
ioctl$IOMMU_IOAS_IOVA_RANGES(r2, 0x3b84, &(0x7f0000000100)={0x20, 0x0, 0x0, 0x0, &(0x7f0000000040)})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x5})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000180)="66ba4300b006ee0f01c40f009b27000000b9800000c00f3235008000000f30b80e0000000f23d80f21f835800000a00f23f8c9b9490300000f60b932c00a000000328fe858b660002fb90d090000b800680000ba000000000f30", 0x5a}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.093756882s ago: executing program 0 (id=2176):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201050037057b082d0800014b702c02030109021200070100a0000904"], 0x0)
sigaltstack(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x2, 0x8, 0x0, 0x3}, 0x0)
r3 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff)
r4 = add_key$keyring(&(0x7f0000000540), &(0x7f0000000180)={'syz', 0x2}, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000200)='asymmetric\x00', &(0x7f0000000080)=@chain={'key_or_keyring:', r3})
writev(r2, &(0x7f00000001c0)=[{&(0x7f0000000300)="09c1ec90381865cf2760db78a9207c9f2947c85ab1093b0d563b1e6a38058eac41774849725dc59debe228507c1cb037ca69aea682c49dd1c098ae59c1fe7fc04e12402dfedb614bcf49f312ab273af41c7e664465a67f36ca2d1f047f91ec34be63d6a14f19", 0x66}, {&(0x7f0000000380)="b0116e70cb79921b712f5830aeab34112d498f5d76a0660722612c1f65168a7e3a330aac17c91bc052f28bddf56e5e4da53a531b2c11a4bdec15d542b9804d5ce71ab38f92f99ae07b65a57c065ef56f9c0e6149d80df282084a0f276e7ce186403269b66af992070cbce607", 0x6c}], 0x2)
keyctl$KEYCTL_MOVE(0x1e, r3, 0xffffffffffffffff, r4, 0x0)
r5 = add_key$user(&(0x7f0000000240), &(0x7f00000002c0)={'syz', 0x1}, 0x0, 0x0, 0x0)
r6 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, 0x0, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r6, 0x6, 0xd, &(0x7f0000000100)='bbr\x00', 0x4)
sendto$inet(r6, &(0x7f00000012c0)="09268a927f1f6588b967481241ba7860fcfaf65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95425a3a07e758044ab4ea6f7ae55d88fecf90b1a7511bf746bec66ba", 0x20c8, 0x11, 0x0, 0x27)
r7 = gettid()
ptrace$setregs(0xf, r7, 0x3ff, 0x0)
timer_create(0x4, &(0x7f0000533fa0)={0x0, 0x17, 0x0, @thr={&(0x7f00000000c0)="2467db5f1af1d85cef75757eb0730b346156b4a65a60778eee5218e550bd8a6c6607d59a3e449f19104cbf0df7b7bc3c831e4114d272a545e4e510fb8c7729c0cad745bf328a2a84c2f7a4d10d0cac988e0aab6a4884ab7c82b979533168120dd6a25692c51f157290a7f76bca11171c7183533e5b4c10aa3a459e5349fc5ea7a009f61a30dac6320fbf26907c4c11d1cfcf789aee79a61d2686a2f65cb393b94efd5c401369d3e925431c60022adff609a85cd55049aad1", &(0x7f0000000180)}}, &(0x7f0000bbdffc))
keyctl$invalidate(0x15, r5)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_clone(0x640c7400, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)

3.102703352s ago: executing program 4 (id=2177):
socketpair$unix(0x1, 0x2, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0x10, 0x80000, 0x3)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000a00)={0x26, 'hash\x00', 0x0, 0x0, 'md5\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
recvmmsg$unix(r3, &(0x7f0000003700)=[{{0x0, 0x700, 0x0, 0x0, 0x0, 0x500}}], 0x600, 0x0, 0x0)

2.584297675s ago: executing program 3 (id=2178):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r1, &(0x7f0000000040)="a6", 0xffffff4c, 0x0, 0x0, 0x0)

1.166459916s ago: executing program 2 (id=2179):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[], 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000000c0)={0x24, &(0x7f0000000380)=ANY=[@ANYBLOB="4013910700000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x1000004, 0xa031, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000000), 0x3, 0x80000)
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f0000000040)={<r3=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f0000000080)={<r4=>0x0, 0x1})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f00000000c0)={<r5=>0x0})
r6 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0xc04c0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r6, 0xc02064a4, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f0000000380)={<r7=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(r6, 0xc02064cc, &(0x7f00000000c0)={r7, r7, 0x5, 0x4, 0x6})
r8 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETGAMMA(r8, 0xc02064a4, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_SYNCOBJ_CREATE(0xffffffffffffffff, 0xc00864bf, &(0x7f0000000200)={<r9=>0x0})
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, &(0x7f0000000280)={{0x1, 0x1, 0x18, <r10=>r6}, './file0\x00'})
ioctl$DRM_IOCTL_SYNCOBJ_DESTROY(r10, 0xc00864c0, &(0x7f0000000240)={r9})
ioctl$DRM_IOCTL_SYNCOBJ_TRANSFER(r8, 0xc02064cc, &(0x7f00000000c0)={r7, r9, 0x5, 0x9, 0x3})
ioctl$DRM_IOCTL_SYNCOBJ_FD_TO_HANDLE_FD(0xffffffffffffffff, 0xc01064c2, &(0x7f0000000100)={<r11=>0x0})
ioctl$DRM_IOCTL_SYNCOBJ_TIMELINE_SIGNAL(r2, 0xc01864cd, &(0x7f0000000200)={&(0x7f0000000140)=[r3, r4, r5, r7, r11, 0x0], &(0x7f0000000180)=[0x7, 0x2, 0xff, 0x6, 0xfff, 0x6, 0xa434, 0x2, 0x100, 0x8000000000], 0x6})

1.0329259s ago: executing program 1 (id=2180):
syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000"], 0x0)
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r0, 0x707, &(0x7f0000002580)={&(0x7f00000002c0)=[{0x7, 0x4200, 0x0, 0x0}, {0x794, 0xd201, 0x0, 0x0}], 0x2})

1.022293995s ago: executing program 3 (id=2181):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000034276d20402002c68e010000000109021200010000000009040001"], 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r0, 0x9)
r1 = openat$vnet(0xffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f00000000c0)={{0x1, 0x1, 0x18, <r3=>r1, {0x4d2f}}, './file0\x00'})
sendto$inet(r3, &(0x7f0000000180)="aad9add611edef8122ac3861861e46dc3943fb3f7b1aba724ec6f05de0730db0a9afe849af3e4a0800000005bec9728da16f9d769c86c532480e88a66e90ed32ae16ddf34b28161adfad99935093ddb8ff40cd82adf4448d2e3d5ca2dfde66118289cc4dc23dad02f477933e6db33d741e0e0b864042e84633b226458b29bfaaa5f797a141f4ac7f73201cace7514849dfebe203b49ed8e26a1b56eeafd6c3dd9ec57060f55ea63ae5754cced3c2f330bfae2daf5c65e97724f871938894", 0xbe, 0x0, 0x0, 0x0)

638.052155ms ago: executing program 4 (id=2182):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x20081, 0x0)
write$vga_arbiter(r0, &(0x7f0000000280)=ANY=[@ANYBLOB='trylock me'], 0xc) (async, rerun: 64)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x7f, 0x7ffc0002}]}) (async, rerun: 64)
execveat(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)

268.682433ms ago: executing program 4 (id=2183):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r1, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
r2 = syz_clone(0xc0100, &(0x7f0000000340)="77770fc3be6b920afa44f58bce3ea79476683b84e61413987cf4a953a9ca32d66ffb9dfc28fc", 0x26, &(0x7f0000000380), &(0x7f00000003c0), &(0x7f0000000400)="5b8fba532184606e0ebef3cdeaac2e986d72e66d5859f1d3fe4e51d1986ba91596d51a4635da07bf536f076fb490e74d74d2016909469357d000e65f7c53df8ca6a6c8ff946e926228348ab4aed707e531b977dd4e08f8ab35a2f006e77d380937339f1f5fc2169d8c9f2f0fc10da4107dfa750f1a77c35f3a0121acfe9a83593cf7a2a4a87c46dc4477bf52724125e06561ed8147baf7e9bcdec45c8142449a5da3590a0a3b04284b4e7963bd6264ea9c5630945d973b4a69767679dc4c042ba9fd10f352fe3a68a2f528c8ad7494ea944419e566e580391126b325f20c4b76e391d0aca38c0821cbd8162528e010372af5c7c13bdc831a4a8af3032fba92034ecc52c17dcf999daa3de731c359f0d23fd39b8d60e369a29defc50ea18e4682fedc69c99acce1009979194db55f98c7d31e67a4f0a66a362aa1224ad761995928a477a5d258a07877d2a0c293a63eef11a2451e3cf7d6ea99c54764a2f48b40323765b6874a37973e98c72dc1ef0eef061d885bd803349be846437fb71ad84767273023bf404c427d97a05b8ebe9b2aaf80144c3c4b64bbf183590cfcf643bf97fc56f4cf33309a9af95cdfa1b9049e76642b9d9885e7d3d2576f087b2c7542eb74c3acb5e5515f6c5d15fa7083c0eade0ac269234b0e29e3217386477343810efee5ade673fc29abff0e890244a962e78ec63b4533305415b4cd0f4fe8984d9fa6836268268225d8144c253861ecbf31fd960c17475b92f126b30be2372322d8f21fee8343011717a4c7305fa4c8a29b9d3ff2303ff35878a83cd8b8486a930bc8a935e3983ae09e6525095feaf9164ed2f8216f052f107415cfc8beb84e9a7fccf667a39d65e4a88c923210d18cf8b319a5bd0f781e36e590695f986a05a4c52064be36e0c2870aefb5f70f9f674d1a6990396a53971c4263f61caf6d4b41d0787fa9bacfad8df07c3807e303dc75780fd9a5fcc7df653c8a00435ddac33bd116848a60ae23737201673116203cf33d6083dd2378458c608e0a1394f4dcfde281ae6ae5692852a0a374e5c86c53a8e3fc7f2c68de5db908705b8fcc47df06064198d0764a5c7ba28f178a71b4d334a4d03be1faa471ec9c4e8d29713d8c96bc41f1e90a51b0fe881aee617f7622b767f2d786d4037d123ecac9ba3dab1bab336b4ae37f3861be318fcd64b8c97f9588d28ae41266b2856b926955c3f2ee47e2a09375f008a3da4d5c469222ae8a8d6e1b59574a0c3f03d36e9a33c056538bd51de23f8af179b7afffdd1fbf3131d8c22cc55564a016ec282d3a8c58a9f990f1910e63920bcc0fefe32589c3ed5d5de31697bca090b9465237e0dbfc6f440eaddec560f0345f1efd03b7c1326bcac9585a715d8d944a0bbab6801e4cef68a41a6d84431d6fbbc22301e998d22f1f8c7df6ceeab54a251ad6faaf70dc0c2beaa439f04e609879f7b2644ffd49d0e5566b31df30555e1d2ed3129893b7e7f7bea9677cf0c74c03dd4ab148feac32286ba07fab1434197a941ffca135d4c3f831b54ca0bef9d02d28114c53cbffe60d0339f9a78f17af8d7672fe9e1d4d50171e3b0c35f20b948c8a99b8b7a1b7b0b1204578adabbc4b9a9400016728ca45d1627f8d0adc9a4b2456a79b9ffad888f9ef291410137f7e49f15febd8966729c43da06b62a8ed9f81b5524e369a7752bf4863e9b27d68c21b4024beace3411188dd29d97d3a59067562d2e569f1ac8968f727529cd4d90e6a45ae6763502c380f8feabd19a83d501c54fb70ad90beb43d820daba7ef97b58bfd261a1d99061e71ef04fd9f88ba63d716960f029373b881a4f97edfec1640feb581b3a7acd70c0bb66cefbc3fdf78d2902f3a43afb3f4da341f2c45a0690dd8646b54c5ddf2882f0aec4fe9907e5d6c1b3793e269a1286cdb2d3579089c578935986ddb2012deed1444d2c91dda732b30058a8910d22085bbee76ee30967d8028d826e129df43476d613662b8fd6c4923afef63e79fecfd38545714dee0185e62207055dca5f3342d5b73f7904ce13c7b812c50905fe6be4d102b50740f9f25ed47bba4f98c669aa1e9f65fa2850b9d689c6a50ce92cc9ef6f88330c746990948d06d192a4800143d150a9227c553c519448c8622815e10d1bcaf127e49533d458135fc0639b8442e141b0e39fa63c47be14ba3e086637b54059bba401973a9294d77eafe02b7c72f83bedfcf21755efcb93975da17a1d66411de4c4ad429848c47b059909e1c99f5a1a470620f24cffb6555ed980d1114ad01ba3a9fdba4774315e703be75cd1310151e84daa1154e3c99e86b24f0f835584523031f7cf7a1fe429d1d41f8c9de2e236b66b57c9a5bcada21258d5c08afe8ed0c4a96d27800681f502438aa971eb384f4150eaf0d4070ae743c54c2b3f66e2602020f3fda57af791f4a9de17705fa59461d5c099c2abea5ff5d5baa3d86df1a96a21bee20a09d6a04931a14632f1d84025fcb136aefb1e46f68f1b241f03d51261e12a50f4424051d22ee4c459bb13d1e58ff1dca099093b8cf7458f900a818c79976fb15a3e9398d2fe5f10e40a52e83d514468ed57c0fb66997876bafee811f93b9de8bbb0c631d89a2122731c0212a878a9af07e7ffcf5411744dc9fa6a1489307189b22f51583eef3b67e0119aba143f403b2ba0e52177b7776f6720c8ff40b9a1a9fcbd0f041954330fcafa1480263e3984e88d139864cd135d3fdfe5a680bd0c354fec71f9ffe18168b139b37d69dc9f43e9338fb01b9c66016724be8fefdb2653942d9dd8a944f33b0c73b41f020dd826b0a5d3903301cbd6632f4704876b4da8ac403e587293d9ff1abe7157c4f9f8837434f8ccdeb3307119b837498e140e372cd10213a4b0ee5e76e4bb049b66bf3e18ac55155ad82d40b92acdc8e93679f42b8504b37b25cdaf29ae99e776a1e82997e40548a5cc1b2900539285f4a1bad50d7a6e928e0b1979ba8c5f91446590ca3a5ff99ea3f0a0023f8ed6f34a8d0ded83500b5f9fb7bcf890ab3c2af828e6adc160341b964755632d207b465e25d68acdc07863c167d2e3e26f5cb6fc42c10789b8509661cade50760c080954c380d1cdbcf819217ebeecec89fa2cbcb1bf49250641c0c370c2a2b3914567276786d6c81a91fffbf2e947327876a6cd89ec8b375dcc249ae844768080d5e44109cd5236a4dfb574428e59c94565fd7fef34e35549f240a1585454ed998f46013211789a062a0b10596ca25c420788aa6904e24e27b845e8f0ec2dc55954eb358f5454b9104e59bf28ff9d905ecf2faeb9c03ca015d50a9935c9961d2b5804193583e2236e944e7a57025e1ae893c882a5e869c01bb16521a93f387d9faeb1726eb6851c8aa1cbbd88c509cd4360bc733c69be768c9b8856e5474d031237b5c267ea40dc65091719f568497d7018a897928ec3e29ebbeefd49ee8de2ca7145f28a2b8cb85fea293082ed416c782ea071fe7298b9cd8c4c3aa5bc78d756ae836d2e3b7178866e70bffee8a2b44e4b69a66792b277ad4c19b7636250680b77c7507f23d9483661d578cdf81f60a510fc228a8eb5df4a3d4472979fbe39aefbe6ba8c1484cfc743e23222c1158ea116f92290760abc19c635a7866ad3d71ad1e753d0bc991fdc00519aec2bf8a1796866e90da6150a8cb0716b7b0f62cce763469aec526c8cde6e579e6324d4549e831cfe01b908172c3b62f1aac82c16523211dc90dd053ad23f66260007a61d38943a18219cdf3171900ca3dac97e248b1c59f2fd3095338b4016ae149470fb9d09ae57aa917234d1adbed3251e689d00060d5a52678c4e412149fa16b3991a426bc5bb835455dcb1ee9e29d0952cd0337b793d7febf5f8b52d2c03e7ae4d240381a6ac43cc0ce1bca204b8156205c33f94a98f8ce26072f0110d819a5744cfc4c2740a1186bd9198ccc3a0471e6e2b78ae65cfa35c5c62d7636eb331748c4823dbb89879d5398b01980762f4c574a6c4183e60a9773e255e19b23890cdad5c5db1af61405bf3f6dc009b49ef62bc79776db960b65fecb9ea3224c3e9d4c8b822d4e325cfcfb7b67f2f1fafe2b8127de3d4844f1f8a430e41375bcc6e5d246e1ddadc8ad1732b2cf3181857022ddd0f7223d9c97c8645ef7fcb4f25a37869dce3babb03b329d0ab1885d94c67baa19c439112e3db9cc4e0c9201805e573295130c898a332bc37a80fa652f3394f3138b8f3ee24721860d08e8dac16eeea527030ffeeb5973e5282843d84014b24a15f6bb9441e9694a861fac3bbfa205edf85ebe82c3c1e40c4ff3eef1e4760284a1f411ab4fe25ae4f1d8bc1fd469d987ae65a292064323c0629ff23ae047fba4bd2e6a748d6d3fb4dcff98248065ba789c2f23dbea5f35beeeb6167c125aae135b8c415022e9529942a58b1795931fec3519a739033ff6c3f36e73eb4bc63a80e77b4199f6f3a448f7efa61614260f836b394dd0724c52a466cc486ded22732343f40053ebd477a83072d54a30472fadf5677e91cd77f8190d29ff136ca25063541303a4597662fb6bf1960143c714c1f301f509f249cd3b3f11c2c21c2de01997b834295298037f709d765dc62faef6c79ccf31c1fc14149d2708b3186d06d0eed8c8ae2ebe63c61ddc2aadba895cc103e591a10eea008c98a0fa9a6e11888fbef9be9328ea39a8f162088d9250b09328c7b06c648528b7b00fc19ebdddbba68be51c356a0403824bb571b3785b2bcee5f548d538ca2e0dcfa71fe4a5d68617ac9679bbd4b8853deef0c7ee95b7cefa0fa7b382f23a542bb3cf71c51c067a01a4c00004343905bdf16aa55f1f620efe022436cb2193473df911701d46617e5af0acbc33db09c034f948686bf6fafd49e81e0ef767f093b616f07c89e82673f7456b43159c3376c4b7b14c4c510aefdbe6826235015572dd635de291006e483c9f314a3afaeaeefe1f52877e8802ff27fa7566fdd76acab54fa21ffbcde90c7eede9d96bc98961720c9adcfa0d4ff4a49f298479ea615c6d78a53abf74353375863df7bfdfc7b64e982aa27af8c6431da2ca8248c654adb328ecc737c02644c31eb80593b3850b36c099ea820dac83e3aa9be4078fddea2cab8f8db1c72aa541c4a0898abea114b42c7ce2de86abc47e756a183d7cb8c5d530dce1ac65973c70ef205303644c1f45036fef462ef68d28664653064857f9675ce4a485a61b07cb2d6d98c3386047243c9235f18200d91b8a1388a79311c8afeb10c47ac5a40d58d52a6f30e1ba8ad55ba208111d0813a911eca5465493f769332a9c98128b8ad656271c5828a69e69cd0a73f7b70ff2b475ed01bd874d8e54ca67bf74a1fc25421bfbc951d14e13fb2824ed4f43fd9601e66b7ba7e2c2a26f9c0cad499d5eb349b7a3cedef04c5cc75f0fa77d8689f727777c46e908ac02f5605aecbfa8d9dfdbd6d7f4d5e1c9d41e519e498d676e1c0b5fede9c690c89aa95dc84c02f0147c71bc734912c6f2a40708d53d473a24eca92655429874bf2eac55271651ef0f3a827833fd4127b661b737386a74fc152b64379f8db7888c04cf55c50ead24ea9c190e827bbd0b4bda451ccd971ce0d1e9ecc17642d18d666e17cb5c77dbc8081786b103cf5d60194eb79fb2ff5a32949f1dff89ac626b35e53ea5cd6825179709b76a11f1d9805a50e8d4d88abcfb208a8dfb8cf33deb70e3987b3e28b958356ae3613221ddc74781889c32d2b56f9e450e612af23141640429eba4aed575b6f5db6d298018db59865a20e958ff538c399acb19d8")
sched_setaffinity(r2, 0x8, &(0x7f0000001400)=0xffffffffffffffff)
setsockopt$MRT_ADD_MFC(r1, 0x0, 0xcc, &(0x7f0000001440)={@local, @empty, 0x0, "513cd4cc40ac7f23c0709a177674ed0af53959b350f13ba74439c35a52e4b81c", 0x4, 0x3, 0x100, 0x5}, 0x3c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETLINK(r4, 0x400454cd, 0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=@newqdisc={0x24, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x20000080)
sendmsg$nl_generic(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="4801000041000701fcfffffffddbdf25017c0000040036802e0101"], 0x148}, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
setsockopt$MRT_ADD_VIF(r1, 0x0, 0xca, &(0x7f0000003d80)={0x1, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0x27}}, 0x10)
setsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @address_request}}}}, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000002380)='net/ip_mr_cache\x00')
pread64(r5, &(0x7f0000000100)=""/253, 0xfd, 0xadc)
openat$kvm(0xffffff9c, &(0x7f0000001480), 0x0, 0x0)
syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010}, &(0x7f0000000040)=<r6=>0x0, &(0x7f0000000080)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0xc0, &(0x7f0000001500)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
r8 = mmap$IORING_OFF_SQES(&(0x7f0000ff9000/0x6000)=nil, 0x6000, 0x1000004, 0x2010, r5, 0x10000000)
io_uring_register$IORING_REGISTER_PERSONALITY(r5, 0x9, 0x0, 0x0)
r9 = eventfd(0x9)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r5, 0x7, &(0x7f0000000300)=r9, 0x1)
syz_io_uring_submit(r6, r8, 0x0)

0s ago: executing program 0 (id=2184):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x1, &(0x7f0000006680))
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@bridge_delneigh={0x28, 0x1c, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r1, 0x80, 0x4a, 0x7}, [@NDA_LLADDR={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1c}}]}, 0x28}, 0x1, 0x0, 0x0, 0x40095}, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000440)='oom_score_adj\x00')
syz_80211_inject_frame(0x0, &(0x7f00000001c0)=ANY=[@ANYRES32=r2], 0xb5)
mmap$binder(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1, 0x11, r2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x820000, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r4, 0xc048aec8, &(0x7f0000000000)={0x5, 0xffffffffffffffff, 0xfffffffe})
preadv(0xffffffffffffffff, 0x0, 0x0, 0x20001, 0xc)

kernel console output (not intermixed with test programs):

g 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  540.543541][ T5910] usb 1-1: New USB device found, idVendor=ddec, idProduct=102f, bcdDevice= 0.00
[  540.625027][ T5910] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  540.688013][ T5910] usb 1-1: config 0 descriptor??
[  540.715568][    T9] aiptek 3-1:17.0: Aiptek using 400 ms programming speed
[  540.746047][    T9] input: Aiptek as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.0/input/input50
[  540.968839][    T9] input: failed to attach handler kbd to device input50, error: -5
[  541.059452][    T9] usb 3-1: USB disconnect, device number 70
[  541.068714][ T5903] hid-generic 0001:70BD29:0006.0042: unknown main item tag 0x0
[  541.097887][   T47] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[  541.143375][ T5903] hid-generic 0001:70BD29:0006.0042: hidraw0: <UNKNOWN> HID v0.0a Device [syz0] on syz0
[  541.235707][T12264] FAULT_INJECTION: forcing a failure.
[  541.235707][T12264] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  541.293717][T12264] CPU: 0 UID: 0 PID: 12264 Comm: syz.2.1838 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) 
[  541.293749][T12264] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  541.293762][T12264] Call Trace:
[  541.293770][T12264]  <TASK>
[  541.293786][T12264]  dump_stack_lvl+0x189/0x250
[  541.293823][T12264]  ? __pfx_dump_stack_lvl+0x10/0x10
[  541.293853][T12264]  ? __pfx__printk+0x10/0x10
[  541.293886][T12264]  should_fail_ex+0x414/0x560
[  541.293922][T12264]  _copy_to_user+0x31/0xb0
[  541.293951][T12264]  simple_read_from_buffer+0xe1/0x170
[  541.293981][T12264]  proc_fail_nth_read+0x1df/0x250
[  541.294012][T12264]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  541.294042][T12264]  ? rw_verify_area+0x258/0x650
[  541.294062][T12264]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  541.294090][T12264]  vfs_read+0x1fd/0x980
[  541.294116][T12264]  ? __pfx___mutex_lock+0x10/0x10
[  541.294140][T12264]  ? __pfx_vfs_read+0x10/0x10
[  541.294162][T12264]  ? __fget_files+0x2a/0x420
[  541.294192][T12264]  ? __fget_files+0x3a0/0x420
[  541.294215][T12264]  ? __fget_files+0x2a/0x420
[  541.294249][T12264]  ksys_read+0x145/0x250
[  541.294273][T12264]  ? __pfx_ksys_read+0x10/0x10
[  541.294298][T12264]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  541.294322][T12264]  ? lockdep_hardirqs_on+0x9c/0x150
[  541.294346][T12264]  __do_fast_syscall_32+0xb4/0x110
[  541.294371][T12264]  ? lockdep_hardirqs_on+0x9c/0x150
[  541.294396][T12264]  do_fast_syscall_32+0x34/0x80
[  541.294419][T12264]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  541.294443][T12264] RIP: 0023:0xf70de539
[  541.294461][T12264] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  541.294479][T12264] RSP: 002b:00000000f50ad590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  541.294500][T12264] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f50ad620
[  541.294515][T12264] RDX: 000000000000000f RSI: 00000000f7442ff4 RDI: 0000000000000000
[  541.294526][T12264] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  541.294538][T12264] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  541.294550][T12264] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  541.294580][T12264]  </TASK>
[  541.583669][   T47] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  541.623106][   T47] usb 5-1: config 0 has no interfaces?
[  541.798002][   T47] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  541.835547][   T47] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  541.862099][ T2150] usb 4-1: 1:0: cannot get min/max values for control 2 (id 1)
[  541.932078][   T47] usb 5-1: config 0 descriptor??
[  541.969202][ T2150] usb 4-1: USB disconnect, device number 59
[  542.071028][ T5886] udevd[5886]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  542.191028][   T30] kauditd_printk_skb: 529 callbacks suppressed
[  542.191044][   T30] audit: type=1326 audit(1746172957.873:11824): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12273 comm="syz.2.1843" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  542.300932][   T30] audit: type=1326 audit(1746172957.913:11825): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12273 comm="syz.2.1843" exe="/root/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70de539 code=0x7ffc0000
[  542.325096][   T30] audit: type=1326 audit(1746172957.913:11826): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12273 comm="syz.2.1843" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  542.384940][   T47] usb 2-1: new full-speed USB device number 75 using dummy_hcd
[  542.473022][   T30] audit: type=1326 audit(1746172957.913:11827): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12273 comm="syz.2.1843" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  542.473038][T12276] netlink: 'syz.2.1844': attribute type 10 has an invalid length.
[  542.789058][ T5910] usb 1-1: string descriptor 0 read error: -71
[  542.796562][   T47] usb 2-1: config 0 has no interfaces?
[  542.798052][ T5910] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  542.813803][ T5910] usb 1-1: USB disconnect, device number 74
[  542.816494][   T47] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  542.861449][T12282] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  542.900116][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  542.923010][   T47] usb 2-1: Product: syz
[  542.928302][   T47] usb 2-1: Manufacturer: syz
[  542.933303][   T47] usb 2-1: SerialNumber: syz
[  542.940763][   T47] usb 2-1: config 0 descriptor??
[  544.003327][ T5910] usb 1-1: new high-speed USB device number 75 using dummy_hcd
[  544.088225][ T5837] usb 5-1: USB disconnect, device number 80
[  544.094560][    T9] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[  544.142074][T12291] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  544.165388][ T5910] usb 1-1: config 0 has no interfaces?
[  544.173715][ T5910] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  544.183332][ T5910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  544.196277][ T5910] usb 1-1: Product: syz
[  544.215412][T12293] usb usb8: usbfs: process 12293 (syz.4.1848) did not claim interface 0 before use
[  544.225163][ T5910] usb 1-1: Manufacturer: syz
[  544.229811][ T5910] usb 1-1: SerialNumber: syz
[  544.254895][ T5910] usb 1-1: config 0 descriptor??
[  544.266899][    T9] usb 3-1: Using ep0 maxpacket: 16
[  544.276960][    T9] usb 3-1: config 0 has an invalid interface number: 251 but max is 0
[  544.290592][   T30] audit: type=1326 audit(1746172959.973:11828): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12292 comm="syz.4.1848" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf707e539 code=0x0
[  544.313033][    T9] usb 3-1: config 0 has no interface number 0
[  544.327561][    T9] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  544.345149][    T9] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  544.355573][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  544.370952][    T9] usb 3-1: Product: syz
[  544.377522][    T9] usb 3-1: Manufacturer: syz
[  544.382199][    T9] usb 3-1: SerialNumber: syz
[  544.397657][    T9] usb 3-1: config 0 descriptor??
[  544.403928][T12289] raw-gadget.3 gadget.2: fail, usb_ep_enable returned -22
[  544.415243][    T9] asix 3-1:0.251: probe with driver asix failed with error -22
[  544.584732][T12287] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  544.594890][T12287] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  544.993000][    T9] usb 4-1: new high-speed USB device number 60 using dummy_hcd
[  545.089339][   T10] usb 2-1: USB disconnect, device number 75
[  545.120438][T12305] net_ratelimit: 8 callbacks suppressed
[  545.120456][T12305] netlink: zone id is out of range
[  545.208579][T12305] netlink: zone id is out of range
[  545.219829][T12305] netlink: zone id is out of range
[  545.229761][T12307] FAULT_INJECTION: forcing a failure.
[  545.229761][T12307] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  545.246411][T12305] netlink: zone id is out of range
[  545.263086][    T9] usb 4-1: config 0 has no interfaces?
[  545.286185][    T9] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  545.297675][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  545.314841][T12305] netlink: zone id is out of range
[  545.325573][    T9] usb 4-1: Product: syz
[  545.329902][    T9] usb 4-1: Manufacturer: syz
[  545.335825][T12307] CPU: 0 UID: 0 PID: 12307 Comm: syz.1.1852 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) 
[  545.335849][T12307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  545.335861][T12307] Call Trace:
[  545.335869][T12307]  <TASK>
[  545.335877][T12307]  dump_stack_lvl+0x189/0x250
[  545.335909][T12307]  ? __pfx_dump_stack_lvl+0x10/0x10
[  545.335937][T12307]  ? __pfx__printk+0x10/0x10
[  545.335956][T12307]  should_fail_ex+0x414/0x560
[  545.335980][T12307]  _copy_to_user+0x31/0xb0
[  545.335998][T12307]  simple_read_from_buffer+0xe1/0x170
[  545.336016][T12307]  proc_fail_nth_read+0x1df/0x250
[  545.336036][T12307]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  545.336054][T12307]  ? rw_verify_area+0x258/0x650
[  545.336067][T12307]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  545.336085][T12307]  vfs_read+0x1fd/0x980
[  545.336101][T12307]  ? __pfx___mutex_lock+0x10/0x10
[  545.336116][T12307]  ? __pfx_vfs_read+0x10/0x10
[  545.336130][T12307]  ? __fget_files+0x2a/0x420
[  545.336148][T12307]  ? __fget_files+0x3a0/0x420
[  545.336163][T12307]  ? __fget_files+0x2a/0x420
[  545.336184][T12307]  ksys_read+0x145/0x250
[  545.336196][T12307]  ? rcu_is_watching+0x15/0xb0
[  545.336216][T12307]  ? __pfx_ksys_read+0x10/0x10
[  545.336230][T12307]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  545.336245][T12307]  ? lockdep_hardirqs_on+0x9c/0x150
[  545.336260][T12307]  __do_fast_syscall_32+0xb4/0x110
[  545.336275][T12307]  ? lockdep_hardirqs_on+0x9c/0x150
[  545.336291][T12307]  do_fast_syscall_32+0x34/0x80
[  545.336305][T12307]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  545.336338][T12307] RIP: 0023:0xf7fd5539
[  545.336349][T12307] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  545.336362][T12307] RSP: 002b:00000000f50f6590 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  545.336380][T12307] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f50f6620
[  545.336389][T12307] RDX: 000000000000000f RSI: 00000000f7462ff4 RDI: 0000000000000000
[  545.336397][T12307] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  545.336405][T12307] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  545.336413][T12307] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  545.336432][T12307]  </TASK>
[  545.339402][T12305] netlink: zone id is out of range
[  545.588769][    T9] usb 4-1: SerialNumber: syz
[  545.608499][    T9] usb 4-1: config 0 descriptor??
[  545.633009][T12305] netlink: zone id is out of range
[  545.640005][T12305] netlink: zone id is out of range
[  545.651046][T12305] netlink: zone id is out of range
[  545.788140][T12311] netlink: 'syz.1.1853': attribute type 6 has an invalid length.
[  546.528979][    T9] usb 1-1: USB disconnect, device number 75
[  546.847709][ T2150] usb 3-1: USB disconnect, device number 71
[  547.339307][T12344] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  547.343125][    T9] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[  547.377364][T12342] netlink: zone id is out of range
[  547.386139][T12342] syz_tun: entered allmulticast mode
[  547.505720][T12340] syz_tun: left allmulticast mode
[  547.675697][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  547.698578][    T9] usb 2-1: config 0 has no interfaces?
[  547.729771][    T9] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  547.782974][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  547.796951][    T9] usb 2-1: config 0 descriptor??
[  547.866443][ T5837] usb 4-1: USB disconnect, device number 60
[  547.886924][   T10] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[  547.950987][T12357] netlink: 'syz.2.1869': attribute type 1 has an invalid length.
[  547.963721][T12357] netlink: 'syz.2.1869': attribute type 2 has an invalid length.
[  548.043729][   T47] usb 1-1: new high-speed USB device number 76 using dummy_hcd
[  548.119219][T12363] Scaler: =================  START STATUS  =================
[  548.131190][T12363] Scaler: ==================  END STATUS  ==================
[  548.143908][T12363] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1871'.
[  548.177085][   T10] usb 5-1: config 0 has no interfaces?
[  548.178600][T12365] Scaler: =================  START STATUS  =================
[  548.209035][   T47] usb 1-1: Using ep0 maxpacket: 8
[  548.224713][   T47] usb 1-1: config 162 has an invalid interface number: 166 but max is 0
[  548.235935][   T47] usb 1-1: config 162 has no interface number 0
[  548.303134][   T47] usb 1-1: config 162 interface 166 has no altsetting 0
[  548.320462][T12365] Scaler: ==================  END STATUS  ==================
[  548.359334][   T10] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  548.373837][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  548.378169][T12367] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1872'.
[  548.394258][   T47] usb 1-1: New USB device found, idVendor=05ac, idProduct=921d, bcdDevice=d3.ea
[  548.412335][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  548.433139][   T10] usb 5-1: Product: syz
[  548.437366][   T10] usb 5-1: Manufacturer: syz
[  548.441006][   T47] usb 1-1: Product: syz
[  548.441949][   T10] usb 5-1: SerialNumber: syz
[  548.478692][   T47] usb 1-1: Manufacturer: syz
[  548.487834][   T10] usb 5-1: config 0 descriptor??
[  548.531129][   T47] usb 1-1: SerialNumber: syz
[  548.782001][ T5890] usb 4-1: new low-speed USB device number 61 using dummy_hcd
[  548.824382][   T47] appledisplay 1-1:162.166: Error while getting initial brightness: -71
[  548.834039][   T47] appledisplay 1-1:162.166: probe with driver appledisplay failed with error -71
[  548.884006][   T47] usb 1-1: USB disconnect, device number 76
[  548.906922][T12376] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  548.917148][T12376] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  548.968347][ T5890] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  548.993790][ T5890] usb 4-1: config 0 has no interface number 0
[  549.089907][ T5890] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  549.114678][ T5890] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  549.153194][ T5890] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  549.154265][T12379] FAULT_INJECTION: forcing a failure.
[  549.154265][T12379] name failslab, interval 1, probability 0, space 0, times 0
[  549.173181][ T5890] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  549.191652][T12379] CPU: 0 UID: 0 PID: 12379 Comm: syz.2.1877 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) 
[  549.191676][T12379] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  549.191687][T12379] Call Trace:
[  549.191694][T12379]  <TASK>
[  549.191702][T12379]  dump_stack_lvl+0x189/0x250
[  549.191734][T12379]  ? __pfx_dump_stack_lvl+0x10/0x10
[  549.191759][T12379]  ? __pfx__printk+0x10/0x10
[  549.191780][T12379]  ? __pfx___might_resched+0x10/0x10
[  549.191794][T12379]  ? fs_reclaim_acquire+0x7d/0x100
[  549.191823][T12379]  should_fail_ex+0x414/0x560
[  549.191853][T12379]  should_failslab+0xa8/0x100
[  549.191877][T12379]  kmem_cache_alloc_noprof+0x73/0x3c0
[  549.191897][T12379]  ? alloc_empty_file+0x55/0x1d0
[  549.191924][T12379]  alloc_empty_file+0x55/0x1d0
[  549.191948][T12379]  path_openat+0x107/0x3830
[  549.191963][T12379]  ? arch_stack_walk+0xfc/0x150
[  549.192001][T12379]  ? stack_trace_save+0x9c/0xe0
[  549.192021][T12379]  ? stack_depot_save_flags+0x40/0x910
[  549.192039][T12379]  ? __lock_acquire+0xaac/0xd20
[  549.192065][T12379]  ? kasan_save_track+0x4f/0x80
[  549.192084][T12379]  ? __kasan_slab_alloc+0x6c/0x80
[  549.192102][T12379]  ? kmem_cache_alloc_noprof+0x1c1/0x3c0
[  549.192121][T12379]  ? getname_flags+0xb8/0x540
[  549.192144][T12379]  ? __pfx_path_openat+0x10/0x10
[  549.192159][T12379]  ? do_fast_syscall_32+0x34/0x80
[  549.192179][T12379]  ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  549.192216][T12379]  do_filp_open+0x1fa/0x410
[  549.192236][T12379]  ? __pfx_do_filp_open+0x10/0x10
[  549.192272][T12379]  ? _raw_spin_unlock+0x28/0x50
[  549.192288][T12379]  ? alloc_fd+0x64c/0x6c0
[  549.192336][T12379]  do_sys_openat2+0x121/0x1c0
[  549.192366][T12379]  ? __pfx_do_sys_openat2+0x10/0x10
[  549.192398][T12379]  ? ksys_write+0x1f0/0x250
[  549.192426][T12379]  __ia32_compat_sys_openat+0x131/0x160
[  549.192460][T12379]  __do_fast_syscall_32+0xb4/0x110
[  549.192483][T12379]  ? lockdep_hardirqs_on+0x9c/0x150
[  549.192507][T12379]  do_fast_syscall_32+0x34/0x80
[  549.192528][T12379]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  549.192550][T12379] RIP: 0023:0xf70de539
[  549.192567][T12379] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  549.192584][T12379] RSP: 002b:00000000f50ce55c EFLAGS: 00000206 ORIG_RAX: 0000000000000127
[  549.192603][T12379] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 0000000080000140
[  549.192617][T12379] RDX: 0000000000109180 RSI: 0000000000000000 RDI: 0000000000000000
[  549.192628][T12379] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  549.192644][T12379] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  549.192655][T12379] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  549.192681][T12379]  </TASK>
[  549.468614][ T5890] usb 4-1: config 0 descriptor??
[  549.503341][T12369] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  549.807821][ T5890] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  550.012645][T12369] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  550.043121][T12369] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  550.071628][T12369] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  550.080686][ T5837] usb 1-1: new high-speed USB device number 77 using dummy_hcd
[  550.093979][T12369] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  550.169791][T12369] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1873'.
[  550.192255][T12385] net_ratelimit: 8 callbacks suppressed
[  550.192271][T12385] netlink: zone id is out of range
[  550.227661][    C0] iowarrior 4-1:0.1: iowarrior_callback - usb_submit_urb failed with result -1
[  550.237856][ T5890] usb 4-1: USB disconnect, device number 61
[  550.244155][T12386] syz_tun: entered allmulticast mode
[  550.253202][ T5837] usb 1-1: Using ep0 maxpacket: 16
[  550.268748][ T5837] usb 1-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  550.289805][ T5837] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  550.303027][T12385] netlink: zone id is out of range
[  550.311091][T12385] netlink: zone id is out of range
[  550.318486][T12385] netlink: zone id is out of range
[  550.331178][ T5837] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  550.337410][T12385] netlink: zone id is out of range
[  550.357000][ T5837] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  550.358595][T12385] netlink: zone id is out of range
[  550.372045][ T5837] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  550.382626][ T5837] usb 1-1: Product: syz
[  550.387268][T12385] netlink: zone id is out of range
[  550.399563][T12385] netlink: zone id is out of range
[  550.410670][ T5837] usb 1-1: Manufacturer: syz
[  550.412963][T12385] netlink: zone id is out of range
[  550.422390][ T5837] usb 1-1: SerialNumber: syz
[  550.530378][ T5910] usb 5-1: USB disconnect, device number 81
[  550.624795][T12384] syz_tun: left allmulticast mode
[  550.728318][ T5890] usb 2-1: USB disconnect, device number 76
[  550.830747][T12393] Scaler: =================  START STATUS  =================
[  550.858060][T12393] Scaler: ==================  END STATUS  ==================
[  550.872135][ T5837] usb 1-1: 0:2 : does not exist
[  550.887137][T12394] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1883'.
[  551.027274][T12399] netlink: 'syz.3.1885': attribute type 4 has an invalid length.
[  551.043045][ T5910] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[  551.084063][T12399] netlink: 'syz.3.1885': attribute type 4 has an invalid length.
[  551.110657][T12399] binder: BINDER_SET_CONTEXT_MGR already set
[  551.117625][T12399] binder: 12398:12399 ioctl 4018620d 80000040 returned -16
[  551.248025][ T5910] usb 3-1: Using ep0 maxpacket: 16
[  551.259704][ T5910] usb 3-1: config 0 has an invalid interface number: 251 but max is 0
[  551.269782][ T5910] usb 3-1: config 0 has no interface number 0
[  551.277298][ T5910] usb 3-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  551.303754][ T5910] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  551.320204][ T5910] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  551.356359][ T5910] usb 3-1: Product: syz
[  551.381066][ T5910] usb 3-1: Manufacturer: syz
[  551.405876][ T5910] usb 3-1: SerialNumber: syz
[  551.410771][   T30] audit: type=1326 audit(1746172967.083:11829): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12400 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000
[  551.449342][ T5910] usb 3-1: config 0 descriptor??
[  551.474175][T12392] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  551.519659][ T5910] asix 3-1:0.251: probe with driver asix failed with error -22
[  551.547661][   T30] audit: type=1326 audit(1746172967.083:11830): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12400 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=19 compat=1 ip=0xf710e539 code=0x7ffc0000
[  551.593783][T12383] netlink: 'syz.0.1879': attribute type 39 has an invalid length.
[  551.604633][ T5910] hid-generic 0001:70BD29:0006.0043: unknown main item tag 0x0
[  551.625201][ T5910] hid-generic 0001:70BD29:0006.0043: hidraw0: <UNKNOWN> HID v0.0a Device [syz0] on syz0
[  551.641452][T12406] netlink: 'syz.4.1887': attribute type 4 has an invalid length.
[  551.649490][   T30] audit: type=1326 audit(1746172967.083:11831): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12400 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000
[  551.703149][   T30] audit: type=1326 audit(1746172967.083:11832): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12400 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000
[  551.716799][T12407] netlink: 'syz.4.1887': attribute type 4 has an invalid length.
[  551.827078][T12406] binder: 12405:12406 ioctl c0306201 800003c0 returned -14
[  551.849820][ T5837] usb 1-1: 1:0: cannot get min/max values for control 2 (id 1)
[  551.883857][   T30] audit: type=1326 audit(1746172967.083:11833): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12400 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=426 compat=1 ip=0xf710e539 code=0x7ffc0000
[  551.947508][ T5837] usb 1-1: USB disconnect, device number 77
[  551.982206][   T30] audit: type=1326 audit(1746172967.083:11834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12400 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000
[  552.023137][ T5886] udevd[5886]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  552.059695][   T30] audit: type=1326 audit(1746172967.083:11835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12400 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000
[  552.223722][   T30] audit: type=1326 audit(1746172967.153:11836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12400 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf710e539 code=0x7ffc0000
[  552.323109][   T30] audit: type=1326 audit(1746172967.163:11837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12400 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf710e539 code=0x7ffc0000
[  552.347522][   T30] audit: type=1326 audit(1746172967.163:11838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12400 comm="syz.3.1886" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf710e539 code=0x7ffc0000
[  553.141024][T12428] netlink: zone id is out of range
[  553.294422][T12430] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  553.401592][T12434] netlink: 'syz.4.1896': attribute type 4 has an invalid length.
[  553.423173][ T5890] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  553.445216][T12434] netlink: 'syz.4.1896': attribute type 4 has an invalid length.
[  553.463421][T12434] binder: BINDER_SET_CONTEXT_MGR already set
[  553.469721][T12434] binder: 12433:12434 ioctl 4018620d 80000040 returned -16
[  553.526469][T12436] FAULT_INJECTION: forcing a failure.
[  553.526469][T12436] name failslab, interval 1, probability 0, space 0, times 0
[  553.557145][T12436] CPU: 1 UID: 0 PID: 12436 Comm: syz.1.1897 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) 
[  553.557170][T12436] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  553.557183][T12436] Call Trace:
[  553.557192][T12436]  <TASK>
[  553.557200][T12436]  dump_stack_lvl+0x189/0x250
[  553.557235][T12436]  ? __pfx_dump_stack_lvl+0x10/0x10
[  553.557262][T12436]  ? __pfx__printk+0x10/0x10
[  553.557286][T12436]  ? __pfx___might_resched+0x10/0x10
[  553.557303][T12436]  ? fs_reclaim_acquire+0x7d/0x100
[  553.557335][T12436]  should_fail_ex+0x414/0x560
[  553.557368][T12436]  should_failslab+0xa8/0x100
[  553.557395][T12436]  kmem_cache_alloc_noprof+0x73/0x3c0
[  553.557417][T12436]  ? getname_flags+0xb8/0x540
[  553.557444][T12436]  getname_flags+0xb8/0x540
[  553.557471][T12436]  __ia32_sys_renameat2+0xba/0xe0
[  553.557498][T12436]  __do_fast_syscall_32+0xb4/0x110
[  553.557521][T12436]  ? lockdep_hardirqs_on+0x9c/0x150
[  553.557546][T12436]  do_fast_syscall_32+0x34/0x80
[  553.557568][T12436]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  553.557590][T12436] RIP: 0023:0xf7fd5539
[  553.557605][T12436] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  553.557622][T12436] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 0000000000000161
[  553.557642][T12436] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000340
[  553.557655][T12436] RDX: 0000000000000004 RSI: 0000000080002200 RDI: 0000000000000000
[  553.557667][T12436] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  553.557678][T12436] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  553.557689][T12436] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  553.557715][T12436]  </TASK>
[  553.741388][    C1] vkms_vblank_simulate: vblank timer overrun
[  553.796248][ T5890] usb 4-1: Using ep0 maxpacket: 8
[  553.807225][ T5890] usb 4-1: New USB device found, idVendor=0c45, idProduct=613e, bcdDevice=c4.6d
[  553.816467][ T5890] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  553.824576][ T5890] usb 4-1: Product: syz
[  553.828772][ T5890] usb 4-1: Manufacturer: syz
[  553.834121][ T5890] usb 4-1: SerialNumber: syz
[  553.861083][ T5891] usb 3-1: USB disconnect, device number 72
[  553.871980][ T5837] hid (null): unknown global tag 0xef
[  553.878556][ T5837] hid (null): report_id 33492 is invalid
[  553.884261][ T5890] usb 4-1: config 0 descriptor??
[  553.893457][ T5890] gspca_main: sonixj-2.14.0 probing 0c45:613e
[  553.944454][ T5837] hid-generic 00FF:0007:0009.0044: ignoring exceeding usage max
[  553.995554][ T5837] hid-generic 00FF:0007:0009.0044: unknown main item tag 0x6
[  554.070702][ T5837] hid-generic 00FF:0007:0009.0044: unknown main item tag 0x0
[  554.079850][ T5837] hid-generic 00FF:0007:0009.0044: unexpected long global item
[  554.095756][ T5837] hid-generic 00FF:0007:0009.0044: probe with driver hid-generic failed with error -22
[  554.125433][    T9] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[  554.333848][    T9] usb 5-1: Using ep0 maxpacket: 32
[  554.410713][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  554.422055][ T5837] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[  554.552196][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  554.653017][ T5837] usb 3-1: Using ep0 maxpacket: 16
[  554.660318][    T9] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  554.682140][ T5837] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  554.691290][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  554.699557][ T5837] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  554.738339][    T9] usb 5-1: config 0 descriptor??
[  554.747809][ T5837] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  554.774957][    T9] hub 5-1:0.0: USB hub found
[  554.784344][ T5837] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  554.809248][ T5837] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  554.828002][ T5837] usb 3-1: Product: syz
[  554.832195][ T5837] usb 3-1: Manufacturer: syz
[  554.838047][ T5837] usb 3-1: SerialNumber: syz
[  554.971745][    T9] hub 5-1:0.0: 1 port detected
[  555.123169][ T5890] usb 4-1: USB disconnect, device number 62
[  555.234575][T12439] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  555.248163][T12439] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  555.282245][ T5837] usb 3-1: 0:2 : does not exist
[  555.394108][   T10] usb 2-1: new high-speed USB device number 77 using dummy_hcd
[  555.555628][   T10] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  555.564917][   T10] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  555.576041][   T10] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  555.586497][   T10] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  555.600104][   T10] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  555.620804][   T10] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  555.631489][   T10] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  555.644591][   T10] usb 2-1: Product: syz
[  555.655290][   T10] usb 2-1: Manufacturer: syz
[  555.698227][   T10] cdc_wdm 2-1:1.0: skipping garbage
[  555.713723][   T10] cdc_wdm 2-1:1.0: skipping garbage
[  555.734118][   T10] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  555.740105][   T10] cdc_wdm 2-1:1.0: Unknown control protocol
[  555.920278][T12445] netlink: 'syz.2.1900': attribute type 39 has an invalid length.
[  555.934488][   T10] hid-generic 0001:70BD29:0006.0045: unknown main item tag 0x0
[  555.965123][   T10] hid-generic 0001:70BD29:0006.0045: hidraw0: <UNKNOWN> HID v0.0a Device [syz0] on syz0
[  555.977299][    C0] cdc_wdm 2-1:1.0: nonzero urb status received: -71
[  555.977549][ T5890] usb 2-1: USB disconnect, device number 77
[  555.984035][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - 0 bytes
[  555.984053][    C0] cdc_wdm 2-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  556.017543][    T9] hub 5-1:0.0: hub_hub_status failed (err = -32)
[  556.043195][    T9] hub 5-1:0.0: config failed, can't get hub status (err -32)
[  556.105933][    T9] usbhid 5-1:0.0: can't add hid device: -32
[  556.120096][    T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -32
[  556.262616][ T5837] usb 3-1: 1:0: cannot get min/max values for control 2 (id 1)
[  556.292174][T12454] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1904'.
[  556.342451][ T5837] usb 3-1: USB disconnect, device number 73
[  556.371426][T12454] netlink: 'syz.0.1904': attribute type 3 has an invalid length.
[  556.380255][T12454] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1904'.
[  556.612080][T12472] net_ratelimit: 8 callbacks suppressed
[  556.612100][T12472] netlink: zone id is out of range
[  556.638983][T12472] netlink: zone id is out of range
[  556.645359][T12472] netlink: zone id is out of range
[  556.670528][T12472] netlink: zone id is out of range
[  556.690474][T12472] netlink: zone id is out of range
[  556.705290][ T5837] usb 5-1: USB disconnect, device number 82
[  556.715818][T12472] netlink: zone id is out of range
[  557.023188][T12472] netlink: zone id is out of range
[  557.030904][T12480] Scaler: =================  START STATUS  =================
[  557.038547][T12472] netlink: zone id is out of range
[  557.048680][T12472] netlink: zone id is out of range
[  557.054295][T12480] Scaler: ==================  END STATUS  ==================
[  557.068616][T12480] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1909'.
[  557.256407][T12484] netlink: 'syz.0.1910': attribute type 4 has an invalid length.
[  557.277142][T12484] netlink: 'syz.0.1910': attribute type 4 has an invalid length.
[  557.285168][ T5837] usb 2-1: new high-speed USB device number 78 using dummy_hcd
[  557.301482][T12484] binder: BINDER_SET_CONTEXT_MGR already set
[  557.313189][   T30] kauditd_printk_skb: 1192 callbacks suppressed
[  557.313206][   T30] audit: type=1326 audit(1746172972.993:13031): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.2.1911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  557.353536][T12484] binder: 12483:12484 ioctl 4018620d 80000040 returned -16
[  557.383238][   T30] audit: type=1326 audit(1746172972.993:13032): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.2.1911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  557.406106][   T30] audit: type=1326 audit(1746172972.993:13033): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.2.1911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=19 compat=1 ip=0xf70de539 code=0x7ffc0000
[  557.429182][   T30] audit: type=1326 audit(1746172972.993:13034): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.2.1911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  557.452155][   T30] audit: type=1326 audit(1746172972.993:13035): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.2.1911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=426 compat=1 ip=0xf70de539 code=0x7ffc0000
[  557.478375][ T5837] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  557.520143][ T5837] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  557.543139][   T30] audit: type=1326 audit(1746172972.993:13036): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.2.1911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70de539 code=0x7ffc0000
[  557.572971][ T5837] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  557.586242][ T5837] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  557.595538][ T5837] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  557.635094][   T30] audit: type=1326 audit(1746172972.993:13037): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.2.1911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf70de539 code=0x7ffc0000
[  557.658669][ T5837] usb 2-1: config 0 descriptor??
[  557.668521][   T30] audit: type=1326 audit(1746172973.033:13038): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.2.1911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf70de539 code=0x7ffc0000
[  557.720854][T12495] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1914'.
[  557.757381][   T30] audit: type=1326 audit(1746172973.033:13039): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.2.1911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf70de539 code=0x7ffc0000
[  557.779378][    C1] vkms_vblank_simulate: vblank timer overrun
[  557.787272][ T5891] usb 4-1: new low-speed USB device number 63 using dummy_hcd
[  557.846500][   T30] audit: type=1326 audit(1746172973.033:13040): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12481 comm="syz.2.1911" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf70de539 code=0x7ffc0000
[  557.923211][   T47] usb 1-1: new high-speed USB device number 78 using dummy_hcd
[  557.975997][ T5891] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  557.987129][ T5891] usb 4-1: config 0 has no interface number 0
[  557.996185][ T5891] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  558.009771][ T5891] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  558.024783][ T5891] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  558.037069][ T5891] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.122605][   T47] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  558.137796][ T5891] usb 4-1: config 0 descriptor??
[  558.158092][ T5837] plantronics 0003:047F:FFFF.0046: No inputs registered, leaving
[  558.167280][   T47] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  558.189779][ T5837] plantronics 0003:047F:FFFF.0046: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  558.202487][T12491] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  558.222843][   T47] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[  558.237048][ T5891] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior1
[  558.251674][   T47] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  558.271534][   T47] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  558.294087][   T47] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  558.305460][   T47] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  558.315787][   T47] usb 1-1: Product: syz
[  558.320028][   T47] usb 1-1: Manufacturer: syz
[  558.343179][   T47] cdc_wdm 1-1:1.0: skipping garbage
[  558.348516][   T47] cdc_wdm 1-1:1.0: skipping garbage
[  558.413154][ T2150] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[  558.426808][T12478] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  558.444946][T12491] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  558.446154][T12478] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  558.455285][T12491] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  558.462038][   T47] cdc_wdm 1-1:1.0: cdc-wdm2: USB WDM device
[  558.482748][   T47] cdc_wdm 1-1:1.0: Unknown control protocol
[  558.543648][T12491] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  558.544278][   T47] usb 1-1: USB disconnect, device number 78
[  558.562689][ T5837] usb 2-1: USB disconnect, device number 78
[  558.584518][ T2150] usb 5-1: device descriptor read/64, error -71
[  558.615803][T12491] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  558.704244][T12491] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1912'.
[  558.718419][ T5891] usb 4-1: USB disconnect, device number 63
[  558.852946][ T2150] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[  559.005417][ T2150] usb 5-1: device descriptor read/64, error -71
[  559.113370][ T2150] usb usb5-port1: attempt power cycle
[  559.209356][T12512] input: syz0 as /devices/virtual/input/input52
[  559.297081][T12513] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  559.471827][ T2150] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[  559.507847][T12516] netlink: zone id is out of range
[  559.527093][ T2150] usb 5-1: device descriptor read/8, error -71
[  559.529951][T12516] syz_tun: entered allmulticast mode
[  559.617159][T12515] syz_tun: left allmulticast mode
[  559.852978][    T9] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[  559.856005][ T2150] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[  559.903814][ T2150] usb 5-1: device descriptor read/8, error -71
[  559.963010][ T5837] usb 2-1: new high-speed USB device number 79 using dummy_hcd
[  560.013180][ T2150] usb usb5-port1: unable to enumerate USB device
[  560.051129][    T9] usb 3-1: Using ep0 maxpacket: 32
[  560.295375][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  560.381499][ T5837] usb 2-1: config 0 has no interfaces?
[  560.501485][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  560.539478][    T9] usb 3-1: New USB device found, idVendor=ae6f, idProduct=79f4, bcdDevice=8f.99
[  560.548953][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  560.562369][    T9] usb 3-1: Product: syz
[  560.572500][    T9] usb 3-1: Manufacturer: syz
[  560.650228][    T9] usb 3-1: SerialNumber: syz
[  560.668168][    T9] usb 3-1: config 0 descriptor??
[  560.696948][ T5837] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  560.709236][ T5837] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  560.732375][ T5837] usb 2-1: Product: syz
[  560.739138][ T5837] usb 2-1: Manufacturer: syz
[  560.749116][ T5837] usb 2-1: SerialNumber: syz
[  560.771380][ T5837] usb 2-1: config 0 descriptor??
[  560.968796][T12546] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1929'.
[  561.024934][T12545] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.1929'.
[  561.894066][    T9] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[  561.953108][ T5837] usb 4-1: new low-speed USB device number 64 using dummy_hcd
[  562.044874][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  562.056074][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  562.066041][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  562.079840][    T9] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  562.089732][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  562.100970][    T9] usb 1-1: config 0 descriptor??
[  562.115058][ T5837] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  562.123450][ T5837] usb 4-1: config 0 has no interface number 0
[  562.129637][ T5837] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  562.140818][ T5837] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  562.151899][ T5837] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  562.161055][ T5837] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  562.171996][ T5837] usb 4-1: config 0 descriptor??
[  562.179712][T12557] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  562.193104][ T5837] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  562.396683][T12557] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  562.405851][T12557] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  562.426852][T12557] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  562.436298][T12557] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  562.448545][T12557] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1932'.
[  562.461517][ T5837] usb 4-1: USB disconnect, device number 64
[  562.520300][    T9] plantronics 0003:047F:FFFF.0047: No inputs registered, leaving
[  562.543705][ T5910] usb 3-1: USB disconnect, device number 74
[  562.553249][    T9] plantronics 0003:047F:FFFF.0047: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  562.641997][ T5890] usb 2-1: USB disconnect, device number 79
[  562.727545][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[  562.734478][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[  562.770913][T12562] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1934'.
[  562.774270][T12554] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  562.808331][T12554] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  562.886185][ T5890] usb 1-1: USB disconnect, device number 79
[  563.002977][ T5910] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[  563.157324][T12571] net_ratelimit: 17 callbacks suppressed
[  563.157343][T12571] netlink: zone id is out of range
[  563.170759][T12571] netlink: zone id is out of range
[  563.175554][ T5910] usb 3-1: config 0 has an invalid interface number: 238 but max is 0
[  563.179136][T12571] netlink: zone id is out of range
[  563.190493][T12571] netlink: zone id is out of range
[  563.201081][ T5910] usb 3-1: config 0 has no interface number 0
[  563.205000][T12571] netlink: zone id is out of range
[  563.212453][T12571] netlink: zone id is out of range
[  563.214529][ T5910] usb 3-1: config 0 interface 238 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  563.228518][T12571] netlink: zone id is out of range
[  563.234478][ T5910] usb 3-1: config 0 interface 238 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  563.242137][T12571] netlink: zone id is out of range
[  563.244768][ T5910] usb 3-1: config 0 interface 238 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  563.250046][T12571] netlink: zone id is out of range
[  563.259650][ T5910] usb 3-1: config 0 interface 238 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  563.262216][ T5910] usb 3-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=76.6a
[  563.286214][ T5910] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  563.312352][ T5910] usb 3-1: Product: syz
[  563.316677][ T5910] usb 3-1: Manufacturer: syz
[  563.321453][ T5910] usb 3-1: SerialNumber: syz
[  563.329526][ T5910] usb 3-1: config 0 descriptor??
[  563.343196][   T30] kauditd_printk_skb: 807 callbacks suppressed
[  563.343212][   T30] audit: type=1326 audit(1746172979.023:13848): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12575 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000
[  563.431283][   T30] audit: type=1326 audit(1746172979.023:13849): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12575 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000
[  563.457892][ T5910] ni6501 3-1:0.238: driver 'ni6501' failed to auto-configure device.
[  563.549147][   T30] audit: type=1326 audit(1746172979.023:13850): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12575 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=40000003 syscall=19 compat=1 ip=0xf710e539 code=0x7ffc0000
[  563.571818][   T30] audit: type=1326 audit(1746172979.023:13851): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12575 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000
[  563.636310][   T30] audit: type=1326 audit(1746172979.023:13852): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12575 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=40000003 syscall=426 compat=1 ip=0xf710e539 code=0x7ffc0000
[  563.797604][   T30] audit: type=1326 audit(1746172979.023:13853): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12575 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000
[  563.822065][ T5891] usb 3-1: USB disconnect, device number 75
[  563.961246][   T30] audit: type=1326 audit(1746172979.033:13854): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12575 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf710e539 code=0x7ffc0000
[  563.990949][   T30] audit: type=1326 audit(1746172979.053:13855): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12575 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf710e539 code=0x7ffc0000
[  564.014129][   T30] audit: type=1326 audit(1746172979.053:13856): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12575 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf710e539 code=0x7ffc0000
[  564.037489][   T30] audit: type=1326 audit(1746172979.063:13857): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12575 comm="syz.3.1939" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf710e539 code=0x7ffc0000
[  564.043769][T12587] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  564.517003][T12603] netlink: 'syz.2.1951': attribute type 5 has an invalid length.
[  564.543136][ T5910] usb 5-1: new low-speed USB device number 87 using dummy_hcd
[  564.580518][T12601] netlink: zone id is out of range
[  564.593372][T12601] syz_tun: entered allmulticast mode
[  564.669395][T12600] syz_tun: left allmulticast mode
[  564.712034][ T5910] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  564.745653][ T5910] usb 5-1: config 0 has no interface number 0
[  564.776817][ T5910] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  564.834180][ T5910] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  564.886104][ T5910] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  564.910673][T12614] trusted_key: encrypted_key: master key parameter 'user:' is invalid
[  564.954814][ T5910] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  565.006760][ T5910] usb 5-1: config 0 descriptor??
[  565.020679][T12597] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  565.066391][ T5910] iowarrior 5-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  565.217805][ T5890] hid-generic 0000:0000:0000.0048: unknown main item tag 0x0
[  565.232142][ T5890] hid-generic 0000:0000:0000.0048: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  565.256919][T12597] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  565.276560][T12597] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  565.291580][T12624] FAULT_INJECTION: forcing a failure.
[  565.291580][T12624] name failslab, interval 1, probability 0, space 0, times 0
[  565.299636][ T5890] hid-generic 0000:0000:0000.0049: unknown main item tag 0x0
[  565.320525][T12597] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  565.334415][T12597] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  565.344230][T12624] CPU: 1 UID: 0 PID: 12624 Comm: syz.2.1958 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) 
[  565.344256][T12624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  565.344268][T12624] Call Trace:
[  565.344276][T12624]  <TASK>
[  565.344285][T12624]  dump_stack_lvl+0x189/0x250
[  565.344326][T12624]  ? __pfx_dump_stack_lvl+0x10/0x10
[  565.344354][T12624]  ? __pfx__printk+0x10/0x10
[  565.344377][T12624]  ? __pfx___might_resched+0x10/0x10
[  565.344395][T12624]  ? fs_reclaim_acquire+0x7d/0x100
[  565.344426][T12624]  should_fail_ex+0x414/0x560
[  565.344461][T12624]  should_failslab+0xa8/0x100
[  565.344487][T12624]  __kmalloc_cache_noprof+0x70/0x3d0
[  565.344510][T12624]  ? __request_module+0x2b5/0x5e0
[  565.344540][T12624]  __request_module+0x2b5/0x5e0
[  565.344565][T12624]  ? __pfx___mutex_lock+0x10/0x10
[  565.344591][T12624]  ? __pfx___request_module+0x10/0x10
[  565.344619][T12624]  ? net_generic+0x1e/0x240
[  565.344647][T12624]  ? find_inlist_lock_noload+0x1f5/0x270
[  565.344674][T12624]  do_ebt_get_ctl+0x3a8/0x1c50
[  565.344708][T12624]  ? __pfx_do_ebt_get_ctl+0x10/0x10
[  565.344727][T12624]  ? __local_bh_enable_ip+0x12d/0x1c0
[  565.344755][T12624]  ? lockdep_hardirqs_on+0x9c/0x150
[  565.344785][T12624]  ? __lock_acquire+0xaac/0xd20
[  565.344816][T12624]  ? __mutex_trylock_common+0x153/0x260
[  565.344838][T12624]  ? __pfx___mutex_trylock_common+0x10/0x10
[  565.344861][T12624]  ? rcu_is_watching+0x15/0xb0
[  565.344897][T12624]  ? nf_getsockopt+0x224/0x290
[  565.344931][T12624]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  565.344957][T12624]  ? __might_fault+0xb0/0x130
[  565.344988][T12624]  nf_getsockopt+0x26b/0x290
[  565.345013][T12624]  ip_getsockopt+0x1c4/0x220
[  565.345046][T12624]  ? __pfx_ip_getsockopt+0x10/0x10
[  565.345074][T12624]  ? aa_sock_opt_perm+0x74/0x110
[  565.345101][T12624]  do_sock_getsockopt+0x35d/0x650
[  565.345127][T12624]  ? __pfx_do_sock_getsockopt+0x10/0x10
[  565.345150][T12624]  ? __fget_files+0x2a/0x420
[  565.345172][T12624]  ? __fget_files+0x3a0/0x420
[  565.345193][T12624]  ? __fget_files+0x2a/0x420
[  565.345223][T12624]  __ia32_sys_getsockopt+0x1a5/0x250
[  565.345259][T12624]  __do_fast_syscall_32+0xb4/0x110
[  565.345283][T12624]  ? lockdep_hardirqs_on+0x9c/0x150
[  565.345312][T12624]  do_fast_syscall_32+0x34/0x80
[  565.345334][T12624]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  565.345357][T12624] RIP: 0023:0xf70de539
[  565.345373][T12624] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  565.345390][T12624] RSP: 002b:00000000f50ce55c EFLAGS: 00000206 ORIG_RAX: 000000000000016d
[  565.345410][T12624] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000000
[  565.345422][T12624] RDX: 0000000000000080 RSI: 00000000800004c0 RDI: 0000000080000280
[  565.345435][T12624] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  565.345446][T12624] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  565.345458][T12624] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  565.345483][T12624]  </TASK>
[  565.376553][T12597] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1948'.
[  565.513283][ T5890] hid-generic 0000:0000:0000.0049: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  565.709212][T12597] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1948'.
[  565.799430][ T2150] usb 5-1: USB disconnect, device number 87
[  566.023160][ T5910] usb 1-1: new high-speed USB device number 80 using dummy_hcd
[  566.083028][ T5891] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[  566.215370][ T5910] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  566.235693][ T5910] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 0, changing to 7
[  566.237120][ T5891] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  566.280696][ T5891] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 0, changing to 7
[  566.283257][ T5910] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  566.319357][ T5891] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  566.321093][ T5910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  566.343043][ T5891] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  566.364407][ T5910] usb 1-1: Product: syz
[  566.373662][ T5891] usb 4-1: Product: syz
[  566.387408][ T5910] usb 1-1: Manufacturer: syz
[  566.391200][ T5891] usb 4-1: Manufacturer: syz
[  566.397275][ T5910] usb 1-1: SerialNumber: syz
[  566.411501][ T5910] usb 1-1: config 0 descriptor??
[  566.416762][ T5891] usb 4-1: SerialNumber: syz
[  566.460685][ T5891] usb 4-1: config 0 descriptor??
[  566.476074][T12641] netlink: 'syz.4.1962': attribute type 6 has an invalid length.
[  566.805231][T12649] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1963'.
[  566.831091][T12651] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.1963'.
[  567.082979][ T2150] usb 3-1: new full-speed USB device number 76 using dummy_hcd
[  567.222968][ T2150] usb 3-1: device descriptor read/64, error -71
[  567.473136][ T2150] usb 3-1: new full-speed USB device number 77 using dummy_hcd
[  567.532938][ T5837] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[  567.585612][T12658] fuse: Bad value for 'fd'
[  567.623898][ T2150] usb 3-1: device descriptor read/64, error -71
[  567.694289][ T5837] usb 5-1: Using ep0 maxpacket: 16
[  567.727702][ T5837] usb 5-1: config index 0 descriptor too short (expected 16456, got 72)
[  567.744845][ T2150] usb usb3-port1: attempt power cycle
[  567.765908][ T5837] usb 5-1: config 0 has an invalid interface number: 125 but max is 1
[  567.799763][ T5837] usb 5-1: config 0 has an invalid interface number: 125 but max is 1
[  567.831376][ T5837] usb 5-1: config 0 has an invalid interface number: 125 but max is 1
[  567.852708][ T5837] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 2
[  567.861719][ T5837] usb 5-1: config 0 has no interface number 0
[  567.882501][ T5837] usb 5-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  567.902238][ T5837] usb 5-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  567.918660][ T5837] usb 5-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  567.930386][ T5837] usb 5-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  567.947105][ T5837] usb 5-1: config 0 interface 125 has no altsetting 0
[  567.957351][ T5837] usb 5-1: config 0 interface 125 has no altsetting 2
[  567.972180][ T5837] usb 5-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  567.981818][ T5837] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  567.996457][ T5837] usb 5-1: Product: syz
[  568.000725][ T5837] usb 5-1: Manufacturer: syz
[  568.006281][ T5837] usb 5-1: SerialNumber: syz
[  568.021171][ T5837] usb 5-1: config 0 descriptor??
[  568.035917][ T5837] usb 5-1: selecting invalid altsetting 2
[  568.050932][   T47] usb 2-1: new high-speed USB device number 80 using dummy_hcd
[  568.123079][ T2150] usb 3-1: new full-speed USB device number 78 using dummy_hcd
[  568.143617][ T2150] usb 3-1: device descriptor read/8, error -71
[  568.213205][   T47] usb 2-1: Using ep0 maxpacket: 32
[  568.229783][   T47] usb 2-1: config 5 has an invalid interface number: 86 but max is 1
[  568.243787][   T47] usb 2-1: config 5 contains an unexpected descriptor of type 0x2, skipping
[  568.255065][   T47] usb 2-1: config 5 contains an unexpected descriptor of type 0x1, skipping
[  568.265094][   T47] usb 2-1: config 5 has an invalid interface number: 184 but max is 1
[  568.283091][   T47] usb 2-1: config 5 has an invalid descriptor of length 104, skipping remainder of the config
[  568.312149][   T47] usb 2-1: config 5 has no interface number 0
[  568.334621][   T47] usb 2-1: config 5 has no interface number 1
[  568.347537][   T47] usb 2-1: config 5 interface 86 altsetting 255 endpoint 0x7 has an invalid bInterval 255, changing to 7
[  568.378247][   T47] usb 2-1: config 5 interface 86 altsetting 255 has an invalid descriptor for endpoint zero, skipping
[  568.389681][ T2150] usb 3-1: new full-speed USB device number 79 using dummy_hcd
[  568.390735][ T5910] usb 1-1: USB disconnect, device number 80
[  568.438541][   T47] usb 2-1: config 5 interface 86 altsetting 255 has an invalid descriptor for endpoint zero, skipping
[  568.457280][ T2150] usb 3-1: device descriptor read/8, error -71
[  568.493168][   T47] usb 2-1: config 5 interface 86 altsetting 255 endpoint 0x3 has invalid maxpacket 1023, setting to 64
[  568.514308][ T5891] usb 4-1: USB disconnect, device number 65
[  568.537228][   T47] usb 2-1: config 5 interface 86 altsetting 255 endpoint 0xF has invalid maxpacket 512, setting to 64
[  568.569750][   T47] usb 2-1: config 5 interface 86 altsetting 255 has a duplicate endpoint with address 0x7, skipping
[  568.593521][ T2150] usb usb3-port1: unable to enumerate USB device
[  568.634841][   T47] usb 2-1: config 5 interface 86 altsetting 255 has a duplicate endpoint with address 0x4, skipping
[  568.670266][   T47] usb 2-1: config 5 interface 86 altsetting 255 has a duplicate endpoint with address 0x5, skipping
[  568.698246][   T47] usb 2-1: config 5 interface 86 altsetting 255 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[  568.750824][   T47] usb 2-1: config 5 interface 86 altsetting 255 has an invalid descriptor for endpoint zero, skipping
[  568.776735][   T47] usb 2-1: config 5 interface 86 altsetting 255 has a duplicate endpoint with address 0x3, skipping
[  568.803913][   T47] usb 2-1: config 5 interface 86 altsetting 255 has 16 endpoint descriptors, different from the interface descriptor's value: 15
[  568.842937][   T47] usb 2-1: config 5 interface 184 altsetting 36 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  568.871690][   T47] usb 2-1: config 5 interface 86 has no altsetting 0
[  568.894804][   T47] usb 2-1: config 5 interface 184 has no altsetting 0
[  568.907405][   T47] usb 2-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=ce.da
[  568.922895][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  568.930931][   T47] usb 2-1: Product: syz
[  568.952903][   T47] usb 2-1: Manufacturer: syz
[  568.957516][   T47] usb 2-1: SerialNumber: syz
[  568.979012][T12660] raw-gadget.4 gadget.1: fail, usb_ep_enable returned -22
[  569.086261][ T5837] usb 5-1: USB disconnect, device number 88
[  569.133419][ T5891] usb 1-1: new low-speed USB device number 81 using dummy_hcd
[  569.200638][T12660] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  569.211627][T12660] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  569.236338][   T47] ath6kl: Failed to submit usb control message: -71
[  569.251689][   T47] ath6kl: unable to send the bmi data to the device: -71
[  569.260393][   T47] ath6kl: Unable to send get target info: -71
[  569.267533][   T47] ath6kl: Failed to init ath6kl core: -71
[  569.281347][   T47] ath6kl_usb 2-1:5.86: probe with driver ath6kl_usb failed with error -71
[  569.307775][ T5891] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  569.316404][ T5891] usb 1-1: config 0 has no interface number 0
[  569.322658][   T47] ath6kl: Failed to submit usb control message: -71
[  569.329420][ T5891] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  569.342139][   T47] ath6kl: unable to send the bmi data to the device: -71
[  569.354831][   T47] ath6kl: Unable to send get target info: -71
[  569.361445][ T5891] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  569.375618][   T47] ath6kl: Failed to init ath6kl core: -71
[  569.381822][   T47] ath6kl_usb 2-1:5.184: probe with driver ath6kl_usb failed with error -71
[  569.393014][ T5891] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  569.404635][ T5891] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  569.423552][ T5891] usb 1-1: config 0 descriptor??
[  569.429000][   T47] usb 2-1: USB disconnect, device number 80
[  569.429379][T12669] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  569.460549][ T5891] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  569.672629][T12669] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  569.687339][T12669] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  569.712322][T12669] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  569.735673][T12669] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  569.752454][T12669] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1972'.
[  569.780696][T12669] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1972'.
[  569.805205][ T5837] usb 1-1: USB disconnect, device number 81
[  569.965608][T12680] netlink: 'syz.2.1975': attribute type 6 has an invalid length.
[  569.983480][   T47] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[  570.021597][T12682] QAT: failed to copy from user cfg_data.
[  570.135452][ T2150] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[  570.145763][   T47] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  570.156971][   T47] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  570.168764][   T47] usb 4-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  570.178292][   T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  570.189163][   T47] usb 4-1: config 0 descriptor??
[  570.306757][ T2150] usb 5-1: unable to get BOS descriptor or descriptor too short
[  570.332969][ T5837] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[  570.345206][ T2150] usb 5-1: config 81 has an invalid interface number: 13 but max is 0
[  570.354689][ T2150] usb 5-1: config 81 has an invalid descriptor of length 0, skipping remainder of the config
[  570.369276][ T2150] usb 5-1: config 81 has no interface number 0
[  570.377228][ T2150] usb 5-1: config 81 interface 13 has no altsetting 0
[  570.389793][ T2150] usb 5-1: New USB device found, idVendor=12d1, idProduct=0ec1, bcdDevice=29.23
[  570.399752][ T2150] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  570.411363][ T2150] usb 5-1: Product: syz
[  570.420889][ T2150] usb 5-1: Manufacturer: syz
[  570.427376][ T2150] usb 5-1: SerialNumber: syz
[  570.522973][ T5891] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[  570.523093][ T5837] usb 3-1: Using ep0 maxpacket: 16
[  570.562830][ T5837] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  570.589150][ T5837] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  570.628735][   T47] sony 0003:054C:024B.004A: unexpected long global item
[  570.644913][   T47] sony 0003:054C:024B.004A: parse failed
[  570.650760][   T47] sony 0003:054C:024B.004A: probe with driver sony failed with error -22
[  570.679898][ T5837] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  570.700250][ T5891] usb 2-1: config 0 has no interfaces?
[  570.715627][ T5891] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  570.719556][ T5837] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  570.724938][ T5891] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  570.734601][ T5837] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  570.745377][ T5891] usb 2-1: Product: syz
[  570.769374][ T5837] usb 3-1: Product: syz
[  570.773891][ T5837] usb 3-1: Manufacturer: syz
[  570.779933][ T5837] usb 3-1: SerialNumber: syz
[  570.792454][ T5891] usb 2-1: Manufacturer: syz
[  570.810260][ T5891] usb 2-1: SerialNumber: syz
[  570.842990][T12677] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  570.853363][ T5891] usb 2-1: config 0 descriptor??
[  570.861215][T12677] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  570.892599][ T5910] usb 4-1: USB disconnect, device number 66
[  571.142336][T12692] team0: Device gtp0 is of different type
[  571.235064][ T5837] usb 3-1: 0:2 : does not exist
[  571.770893][T12700] net_ratelimit: 8 callbacks suppressed
[  571.770907][T12700] netlink: zone id is out of range
[  571.816109][T12700] netlink: zone id is out of range
[  571.821474][T12700] netlink: zone id is out of range
[  571.827962][T12700] netlink: zone id is out of range
[  571.829701][T12703] syz_tun: entered allmulticast mode
[  571.844285][T12688] netlink: 'syz.2.1978': attribute type 39 has an invalid length.
[  571.844569][T12700] netlink: zone id is out of range
[  571.878415][T12700] netlink: zone id is out of range
[  571.885158][T12700] netlink: zone id is out of range
[  571.890695][T12700] netlink: zone id is out of range
[  571.900453][T12700] netlink: zone id is out of range
[  571.966002][ T5837] usb 3-1: 1:0: cannot get min/max values for control 2 (id 1)
[  571.998465][T12699] syz_tun: left allmulticast mode
[  572.021955][ T5837] usb 3-1: USB disconnect, device number 80
[  572.092764][ T5993] udevd[5993]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  572.603082][ T5910] usb 4-1: new full-speed USB device number 67 using dummy_hcd
[  572.717434][T12714] QAT: failed to copy from user cfg_data.
[  572.754030][ T5910] usb 4-1: device descriptor read/64, error -71
[  572.827871][T12714] netlink: 92 bytes leftover after parsing attributes in process `syz.2.1987'.
[  573.210210][ T2150] qmi_wwan 5-1:81.13: bogus CDC Union: master=0, slave=1
[  573.237773][ T2150] qmi_wwan 5-1:81.13: probe with driver qmi_wwan failed with error -22
[  573.246692][T12714] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1987'.
[  573.277368][ T2150] usb 5-1: USB disconnect, device number 89
[  573.373039][ T5910] usb 4-1: new full-speed USB device number 68 using dummy_hcd
[  573.398360][T12720] netlink: 'syz.4.1988': attribute type 6 has an invalid length.
[  573.516956][ T5910] usb 4-1: device descriptor read/64, error -71
[  573.573136][T11016] usb 2-1: USB disconnect, device number 81
[  573.635749][T12722] QAT: failed to copy from user cfg_data.
[  573.652357][ T5910] usb usb4-port1: attempt power cycle
[  573.833066][ T5837] usb 1-1: new low-speed USB device number 82 using dummy_hcd
[  574.010493][ T5837] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  574.019801][ T5910] usb 4-1: new full-speed USB device number 69 using dummy_hcd
[  574.027747][ T5837] usb 1-1: config 0 has no interface number 0
[  574.035640][ T5837] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  574.047227][ T5837] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  574.059173][ T5910] usb 4-1: device descriptor read/8, error -71
[  574.065823][ T5837] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  574.075137][ T5837] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  574.086340][ T5837] usb 1-1: config 0 descriptor??
[  574.093672][T12724] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  574.110796][ T5837] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  574.240699][T12734] netlink: zone id is out of range
[  574.303103][ T5910] usb 4-1: new full-speed USB device number 70 using dummy_hcd
[  574.311662][T12724] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  574.332003][T12724] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  574.333815][ T5910] usb 4-1: device descriptor read/8, error -71
[  574.378951][T12724] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  574.394195][T12724] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  574.406236][T12724] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1990'.
[  574.418070][T12724] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1990'.
[  574.438411][ T2150] usb 1-1: USB disconnect, device number 82
[  574.463385][ T5910] usb usb4-port1: unable to enumerate USB device
[  575.832978][   T47] usb 1-1: new high-speed USB device number 83 using dummy_hcd
[  575.832978][    T9] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[  576.151405][    T9] usb 3-1: config 0 has no interfaces?
[  576.171050][   T47] usb 1-1: config 0 has no interfaces?
[  576.183305][ T5910] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[  576.402022][    T9] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  576.423730][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  576.431758][    T9] usb 3-1: Product: syz
[  576.445775][   T47] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  576.455242][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  576.463673][    T9] usb 3-1: Manufacturer: syz
[  576.474012][    T9] usb 3-1: SerialNumber: syz
[  576.474755][   T47] usb 1-1: Product: syz
[  576.480272][ T5910] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  576.502719][   T47] usb 1-1: Manufacturer: syz
[  576.502762][ T5910] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  576.532908][   T47] usb 1-1: SerialNumber: syz
[  576.550394][    T9] usb 3-1: config 0 descriptor??
[  576.551112][   T47] usb 1-1: config 0 descriptor??
[  576.694408][ T5910] usb 5-1: config 0 descriptor??
[  576.722527][ T5910] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  577.042465][   T47] hid (null): unknown global tag 0xef
[  577.053029][   T47] hid (null): report_id 33492 is invalid
[  577.074888][T12770] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  577.103743][T12770] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  577.133490][   T47] hid-generic 00FF:0007:0009.004B: ignoring exceeding usage max
[  577.205141][   T47] hid-generic 00FF:0007:0009.004B: unknown main item tag 0x6
[  577.213842][   T47] hid-generic 00FF:0007:0009.004B: unknown main item tag 0x0
[  577.275634][   T47] hid-generic 00FF:0007:0009.004B: unexpected long global item
[  577.307363][   T47] hid-generic 00FF:0007:0009.004B: probe with driver hid-generic failed with error -22
[  577.501793][ T5910] usb 5-1: USB disconnect, device number 90
[  577.832996][   T47] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[  577.985233][   T47] usb 4-1: config 0 has an invalid interface number: 238 but max is 0
[  577.993642][   T47] usb 4-1: config 0 has no interface number 0
[  577.999854][   T47] usb 4-1: config 0 interface 238 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  578.010035][   T47] usb 4-1: config 0 interface 238 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[  578.021794][   T47] usb 4-1: config 0 interface 238 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  578.031878][   T47] usb 4-1: config 0 interface 238 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[  578.042983][ T5910] usb 2-1: new low-speed USB device number 82 using dummy_hcd
[  578.044611][   T47] usb 4-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=76.6a
[  578.070768][   T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  578.079128][   T47] usb 4-1: Product: syz
[  578.086926][   T47] usb 4-1: Manufacturer: syz
[  578.091624][   T47] usb 4-1: SerialNumber: syz
[  578.110822][   T47] usb 4-1: config 0 descriptor??
[  578.131204][   T47] ni6501 4-1:0.238: driver 'ni6501' failed to auto-configure device.
[  578.217228][ T5910] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  578.242263][   T30] kauditd_printk_skb: 97 callbacks suppressed
[  578.242280][   T30] audit: type=1326 audit(1746172993.923:13955): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12779 comm="syz.4.2011" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e539 code=0x7ffc0000
[  578.273725][ T5910] usb 2-1: config 0 has no interface number 0
[  578.297495][   T47] usb 3-1: USB disconnect, device number 81
[  578.307714][ T5910] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  578.338298][ T5910] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  578.360568][   T30] audit: type=1326 audit(1746172993.973:13956): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12779 comm="syz.4.2011" exe="/root/syz-executor" sig=0 arch=40000003 syscall=19 compat=1 ip=0xf707e539 code=0x7ffc0000
[  578.383161][ T5910] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  578.392222][ T5910] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  578.401911][   T30] audit: type=1326 audit(1746172993.973:13957): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12779 comm="syz.4.2011" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e539 code=0x7ffc0000
[  578.425201][ T5910] usb 2-1: config 0 descriptor??
[  578.431529][T12778] raw-gadget.4 gadget.1: fail, usb_ep_enable returned -22
[  578.439105][   T30] audit: type=1326 audit(1746172993.973:13958): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12779 comm="syz.4.2011" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e539 code=0x7ffc0000
[  578.464820][ T5910] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  578.478496][   T30] audit: type=1326 audit(1746172993.973:13959): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12779 comm="syz.4.2011" exe="/root/syz-executor" sig=0 arch=40000003 syscall=426 compat=1 ip=0xf707e539 code=0x7ffc0000
[  578.502522][   T30] audit: type=1326 audit(1746172993.983:13960): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12779 comm="syz.4.2011" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e539 code=0x7ffc0000
[  578.575775][ T5891] usb 1-1: USB disconnect, device number 83
[  578.577252][   T30] audit: type=1326 audit(1746172993.993:13961): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12779 comm="syz.4.2011" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf707e539 code=0x7ffc0000
[  578.678595][ T5910] usb 4-1: USB disconnect, device number 71
[  578.703489][T12778] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  578.714547][T12778] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  578.730074][T12778] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  578.760293][   T30] audit: type=1326 audit(1746172993.993:13962): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12779 comm="syz.4.2011" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf707e539 code=0x7ffc0000
[  578.808864][T12778] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  578.891829][T12778] netlink: 60 bytes leftover after parsing attributes in process `syz.1.2010'.
[  578.940724][   T30] audit: type=1326 audit(1746172994.013:13963): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12779 comm="syz.4.2011" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf707e539 code=0x7ffc0000
[  579.003015][ T5910] usb 2-1: USB disconnect, device number 82
[  579.009211][   T30] audit: type=1326 audit(1746172994.013:13964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12779 comm="syz.4.2011" exe="/root/syz-executor" sig=0 arch=40000003 syscall=3 compat=1 ip=0xf707e539 code=0x7ffc0000
[  579.204147][T12794] net_ratelimit: 17 callbacks suppressed
[  579.204168][T12794] netlink: zone id is out of range
[  579.232364][T12794] netlink: zone id is out of range
[  579.243939][T12794] netlink: zone id is out of range
[  579.249572][T12794] netlink: zone id is out of range
[  579.286661][T12794] netlink: zone id is out of range
[  579.291832][T12794] netlink: zone id is out of range
[  579.305340][T12801] QAT: failed to copy from user cfg_data.
[  579.346651][ T5891] hid (null): unknown global tag 0xef
[  579.352961][T12794] netlink: zone id is out of range
[  579.362230][ T5891] hid (null): report_id 33492 is invalid
[  579.368036][T12794] netlink: zone id is out of range
[  579.368050][T12794] netlink: zone id is out of range
[  579.420283][ T5891] hid-generic 00FF:0007:0009.004C: ignoring exceeding usage max
[  579.432798][ T5891] hid-generic 00FF:0007:0009.004C: unknown main item tag 0x6
[  579.447791][ T5891] hid-generic 00FF:0007:0009.004C: unknown main item tag 0x0
[  579.472918][ T5891] hid-generic 00FF:0007:0009.004C: unexpected long global item
[  579.481119][ T5891] hid-generic 00FF:0007:0009.004C: probe with driver hid-generic failed with error -22
[  579.631460][T12803] QAT: failed to copy from user cfg_data.
[  579.661174][T12810] netlink: 'syz.2.2021': attribute type 4 has an invalid length.
[  579.694082][T12803] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2019'.
[  579.728349][T12803] netlink: 56 bytes leftover after parsing attributes in process `syz.4.2019'.
[  579.758451][T12810] netlink: 'syz.2.2021': attribute type 4 has an invalid length.
[  579.823676][T12810] binder: BINDER_SET_CONTEXT_MGR already set
[  579.829696][T12810] binder: 12809:12810 ioctl 4018620d 80000040 returned -16
[  579.869883][T12813] binder: 12809:12813 ioctl c0306201 800003c0 returned -14
[  580.050835][T12818] netlink: 76 bytes leftover after parsing attributes in process `syz.2.2023'.
[  580.347906][   T10] usb 3-1: new full-speed USB device number 82 using dummy_hcd
[  580.361054][T12820] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.2024'.
[  580.595776][   T10] usb 3-1: config 0 has an invalid interface number: 20 but max is 0
[  580.610952][   T10] usb 3-1: config 0 has no interface number 0
[  580.627992][   T10] usb 3-1: config 0 interface 20 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[  580.650066][   T10] usb 3-1: New USB device found, idVendor=04e6, idProduct=000b, bcdDevice= 1.00
[  580.659551][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  580.667620][   T10] usb 3-1: Product: syz
[  580.672196][   T10] usb 3-1: Manufacturer: syz
[  580.677007][   T10] usb 3-1: SerialNumber: syz
[  580.683757][   T10] usb 3-1: config 0 descriptor??
[  580.689715][T12818] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  580.702585][   T10] usb-storage 3-1:0.20: USB Mass Storage device detected
[  580.761889][   T10] usb-storage 3-1:0.20: Quirks match for vid 04e6 pid 000b: 4
[  581.402141][   T10] scsi host1: usb-storage 3-1:0.20
[  581.445005][T12833] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2026'.
[  581.519542][   T10] usb 3-1: USB disconnect, device number 82
[  582.499870][T12843] QAT: failed to copy from user cfg_data.
[  582.560327][T12850] netlink: zone id is out of range
[  582.596843][ T2150] usb 2-1: new high-speed USB device number 83 using dummy_hcd
[  582.602399][T12852] netlink: 'syz.2.2033': attribute type 4 has an invalid length.
[  582.622450][T12852] netlink: 'syz.2.2033': attribute type 4 has an invalid length.
[  582.645032][T12852] binder: 12851:12852 ioctl c0306201 800003c0 returned -14
[  582.723498][ T5891] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[  582.723612][   T10] usb 1-1: new low-speed USB device number 84 using dummy_hcd
[  582.766261][ T2150] usb 2-1: Using ep0 maxpacket: 16
[  582.768548][T12854] QAT: failed to copy from user cfg_data.
[  582.780984][ T2150] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  582.804078][ T2150] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  582.834138][ T2150] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  582.846619][ T2150] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  582.861522][ T2150] usb 2-1: SerialNumber: syz
[  582.877896][ T2150] cdc_acm 2-1:1.0: invalid descriptor buffer length
[  582.888964][ T5891] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  582.895268][   T10] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  582.914495][ T5891] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  582.927594][   T10] usb 1-1: config 0 has no interface number 0
[  582.928335][ T5891] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  582.949311][   T10] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  582.981542][   T10] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  582.991340][ T5891] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  582.998690][   T10] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  583.010420][ T5891] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  583.011200][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  583.035526][ T5891] usb 4-1: config 0 descriptor??
[  583.042655][   T10] usb 1-1: config 0 descriptor??
[  583.057754][T12848] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  583.072046][   T10] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  583.225930][T12862] QAT: failed to copy from user cfg_data.
[  583.258331][T12862] netlink: 92 bytes leftover after parsing attributes in process `syz.2.2037'.
[  583.268957][T12862] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2037'.
[  583.290751][T12848] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  583.305494][T12848] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  583.339656][T12848] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  583.348538][    T9] usb 5-1: new full-speed USB device number 91 using dummy_hcd
[  583.379547][T12848] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  583.416059][T12848] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2030'.
[  583.440628][   T10] usb 1-1: USB disconnect, device number 84
[  583.458221][ T5891] plantronics 0003:047F:FFFF.004D: No inputs registered, leaving
[  583.503857][ T5891] plantronics 0003:047F:FFFF.004D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  583.514995][    T9] usb 5-1: config 0 has no interfaces?
[  583.535037][    T9] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  583.547787][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  583.558699][    T9] usb 5-1: Product: syz
[  583.565328][    T9] usb 5-1: Manufacturer: syz
[  583.570192][    T9] usb 5-1: SerialNumber: syz
[  583.581075][    T9] usb 5-1: config 0 descriptor??
[  583.726284][T12845] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  583.736935][T12845] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  583.799890][   T10] usb 4-1: USB disconnect, device number 72
[  584.472730][   T30] kauditd_printk_skb: 1156 callbacks suppressed
[  584.472749][   T30] audit: type=1326 audit(1746173000.153:15121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12870 comm="syz.3.2040" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e558 code=0x7ffc0000
[  584.532980][   T30] audit: type=1326 audit(1746173000.193:15122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12870 comm="syz.3.2040" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e558 code=0x7ffc0000
[  584.555813][   T30] audit: type=1326 audit(1746173000.203:15123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12870 comm="syz.3.2040" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e558 code=0x7ffc0000
[  584.578400][   T30] audit: type=1326 audit(1746173000.203:15124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12870 comm="syz.3.2040" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e558 code=0x7ffc0000
[  584.601036][   T30] audit: type=1326 audit(1746173000.203:15125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12870 comm="syz.3.2040" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000
[  584.668288][   T30] audit: type=1326 audit(1746173000.203:15126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12870 comm="syz.3.2040" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e558 code=0x7ffc0000
[  584.701581][   T30] audit: type=1326 audit(1746173000.203:15127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12870 comm="syz.3.2040" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000
[  584.754171][   T30] audit: type=1326 audit(1746173000.203:15128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12870 comm="syz.3.2040" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e558 code=0x7ffc0000
[  584.776974][   T30] audit: type=1326 audit(1746173000.203:15129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12870 comm="syz.3.2040" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf710e539 code=0x7ffc0000
[  584.799963][   T30] audit: type=1326 audit(1746173000.203:15130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12870 comm="syz.3.2040" exe="/root/syz-executor" sig=0 arch=40000003 syscall=119 compat=1 ip=0xf710e558 code=0x7ffc0000
[  584.993160][ T5891] usb 3-1: new high-speed USB device number 83 using dummy_hcd
[  585.086368][T12881] net_ratelimit: 17 callbacks suppressed
[  585.086399][T12881] netlink: zone id is out of range
[  585.101982][T12881] netlink: zone id is out of range
[  585.109620][T12881] netlink: zone id is out of range
[  585.121108][T12881] netlink: zone id is out of range
[  585.155113][T12881] netlink: zone id is out of range
[  585.160502][T12881] netlink: zone id is out of range
[  585.173626][ T5891] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  585.182199][ T5891] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  585.194821][ T5891] usb 3-1: config 220 contains an unexpected descriptor of type 0x1, skipping
[  585.205038][T12881] netlink: zone id is out of range
[  585.210388][ T5891] usb 3-1: config 220 has an invalid descriptor of length 1, skipping remainder of the config
[  585.222974][T12881] netlink: zone id is out of range
[  585.226450][ T5891] usb 3-1: config 220 has no interface number 2
[  585.228160][T12881] netlink: zone id is out of range
[  585.236853][ T5891] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  585.253054][ T5891] usb 3-1: config 220 interface 0 has no altsetting 0
[  585.260170][ T5891] usb 3-1: config 220 interface 76 has no altsetting 0
[  585.298666][ T5891] usb 3-1: config 220 interface 1 has no altsetting 0
[  585.322287][   T10] usb 2-1: USB disconnect, device number 83
[  585.334957][ T5891] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  585.344363][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  585.352429][ T5891] usb 3-1: Product: syz
[  585.360048][ T5891] usb 3-1: Manufacturer: syz
[  585.367787][ T5891] usb 3-1: SerialNumber: syz
[  585.525926][T12887] netlink: 'syz.0.2045': attribute type 4 has an invalid length.
[  585.553064][T12887] netlink: 'syz.0.2045': attribute type 4 has an invalid length.
[  585.575681][T12887] binder: 12886:12887 ioctl c0306201 800003c0 returned -14
[  585.620098][ T5891] usb 3-1: selecting invalid altsetting 0
[  585.638237][ T5891] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  585.645266][ T5891] usb 3-1: No valid video chain found.
[  585.725485][ T5891] usb 3-1: selecting invalid altsetting 0
[  585.733286][ T5891] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  585.754540][ T5891] usb 3-1: USB disconnect, device number 83
[  586.293308][ T5890] usb 1-1: new high-speed USB device number 85 using dummy_hcd
[  586.315439][   T10] usb 5-1: USB disconnect, device number 91
[  586.517245][T12897] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  586.651512][ T5890] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  586.662099][ T5890] usb 1-1: config 0 has no interfaces?
[  586.667718][ T5890] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  586.677090][ T5890] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  586.690140][ T5890] usb 1-1: config 0 descriptor??
[  586.839656][T12909] binder: 12908:12909 ioctl c0306201 800003c0 returned -14
[  587.081557][T12912] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2051'.
[  588.270456][T12925] ebtables: wrong size: *len 168, entries_size 48, replsz 48
[  588.317145][T12925] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2055'.
[  589.186858][ T5890] usb 1-1: USB disconnect, device number 85
[  589.191903][T12932] netlink: zone id is out of range
[  590.133018][ T5910] usb 5-1: new full-speed USB device number 92 using dummy_hcd
[  590.276969][T12947] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2061'.
[  590.471532][ T5910] usb 5-1: config 0 has no interfaces?
[  590.479286][ T5910] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  590.509131][ T5910] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  590.534314][ T5910] usb 5-1: Product: syz
[  590.553699][ T5910] usb 5-1: Manufacturer: syz
[  590.558328][ T5910] usb 5-1: SerialNumber: syz
[  590.720528][ T5910] usb 5-1: config 0 descriptor??
[  590.963921][T12952] net_ratelimit: 8 callbacks suppressed
[  590.963941][T12952] netlink: zone id is out of range
[  591.005359][T12952] netlink: zone id is out of range
[  591.020783][T12952] netlink: zone id is out of range
[  591.038733][T12952] netlink: zone id is out of range
[  591.061797][T12952] netlink: zone id is out of range
[  591.099327][T12952] netlink: zone id is out of range
[  591.144943][T12952] netlink: zone id is out of range
[  591.160395][T12952] netlink: zone id is out of range
[  591.176896][T12952] netlink: zone id is out of range
[  591.513117][    T9] usb 1-1: new full-speed USB device number 86 using dummy_hcd
[  591.811138][T12972] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2067'.
[  591.823064][T12971] netlink: 16402 bytes leftover after parsing attributes in process `syz.2.2067'.
[  591.835779][    T9] usb 1-1: no configurations
[  591.840524][    T9] usb 1-1: can't read configurations, error -22
[  591.983069][    T9] usb 1-1: new full-speed USB device number 87 using dummy_hcd
[  592.038768][ T5891] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[  592.184525][    T9] usb 1-1: no configurations
[  592.189154][    T9] usb 1-1: can't read configurations, error -22
[  592.197893][    T9] usb usb1-port1: attempt power cycle
[  592.279540][ T5891] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  592.305677][ T5891] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 0, changing to 7
[  592.332381][ T5891] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  592.341826][ T5891] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  592.361167][ T5891] usb 4-1: Product: syz
[  592.372985][ T5891] usb 4-1: Manufacturer: syz
[  592.377610][ T5891] usb 4-1: SerialNumber: syz
[  592.402464][   T10] usb 5-1: USB disconnect, device number 92
[  592.404001][ T5891] usb 4-1: config 0 descriptor??
[  592.543047][    T9] usb 1-1: new full-speed USB device number 88 using dummy_hcd
[  592.589762][    T9] usb 1-1: no configurations
[  592.640454][    T9] usb 1-1: can't read configurations, error -22
[  592.678059][T12983] netlink: zone id is out of range
[  592.746824][T12984] netlink: 'syz.1.2072': attribute type 6 has an invalid length.
[  592.786400][    T9] usb 1-1: new full-speed USB device number 89 using dummy_hcd
[  592.852471][    T9] usb 1-1: no configurations
[  592.860641][    T9] usb 1-1: can't read configurations, error -22
[  592.870834][    T9] usb usb1-port1: unable to enumerate USB device
[  593.363279][    T9] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[  593.603536][    T9] usb 3-1: Using ep0 maxpacket: 8
[  593.618180][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  593.635714][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  593.683223][    T9] usb 3-1: New USB device found, idVendor=2179, idProduct=0053, bcdDevice= 0.00
[  593.726251][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  593.824370][    T9] usb 3-1: config 0 descriptor??
[  594.463745][T13002] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2078'.
[  594.473219][ T5891] usb 4-1: USB disconnect, device number 73
[  594.591789][T12665] udevd[12665]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  594.646428][    T9] uclogic 0003:2179:0053.004E: interface is invalid, ignoring
[  594.792450][T13009] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2080'.
[  594.871514][T13011] netlink: 16402 bytes leftover after parsing attributes in process `syz.1.2080'.
[  594.901755][    T9] usb 3-1: USB disconnect, device number 84
[  595.240573][T13022] team0: Device gtp0 is of different type
[  595.284096][ T5891] usb 1-1: new full-speed USB device number 90 using dummy_hcd
[  595.434828][ T5891] usb 1-1: config 0 has no interfaces?
[  595.444581][ T5891] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  595.463116][ T5891] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  595.471308][ T5891] usb 1-1: Product: syz
[  595.475579][ T5891] usb 1-1: Manufacturer: syz
[  595.480210][ T5891] usb 1-1: SerialNumber: syz
[  595.488564][ T5891] usb 1-1: config 0 descriptor??
[  595.702341][T13033] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2087'.
[  595.724889][T13033] netlink: 52 bytes leftover after parsing attributes in process `syz.2.2087'.
[  595.950142][    T9] usb 4-1: new full-speed USB device number 74 using dummy_hcd
[  596.116235][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  596.288969][    T9] usb 4-1: config 0 has no interfaces?
[  596.313454][    T9] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  596.365214][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  596.387763][    T9] usb 4-1: config 0 descriptor??
[  596.624829][    T9] usb 4-1: USB disconnect, device number 74
[  596.647129][T13047] FAULT_INJECTION: forcing a failure.
[  596.647129][T13047] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  596.661887][T13047] CPU: 1 UID: 0 PID: 13047 Comm: syz.4.2089 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) 
[  596.661914][T13047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  596.661927][T13047] Call Trace:
[  596.661935][T13047]  <TASK>
[  596.661943][T13047]  dump_stack_lvl+0x189/0x250
[  596.661974][T13047]  ? __lock_acquire+0xaac/0xd20
[  596.662003][T13047]  ? __pfx_dump_stack_lvl+0x10/0x10
[  596.662030][T13047]  ? __pfx__printk+0x10/0x10
[  596.662056][T13047]  ? __might_fault+0xb0/0x130
[  596.662091][T13047]  should_fail_ex+0x414/0x560
[  596.662125][T13047]  _copy_from_user+0x2d/0xb0
[  596.662151][T13047]  __sys_connect+0x123/0x440
[  596.662172][T13047]  ? __fget_files+0x3a0/0x420
[  596.662197][T13047]  ? __pfx___sys_connect+0x10/0x10
[  596.662238][T13047]  __ia32_sys_connect+0x7a/0x90
[  596.662259][T13047]  __do_fast_syscall_32+0xb4/0x110
[  596.662282][T13047]  ? lockdep_hardirqs_on+0x9c/0x150
[  596.662307][T13047]  do_fast_syscall_32+0x34/0x80
[  596.662329][T13047]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  596.662352][T13047] RIP: 0023:0xf707e539
[  596.662368][T13047] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  596.662384][T13047] RSP: 002b:00000000f502c55c EFLAGS: 00000206 ORIG_RAX: 000000000000016a
[  596.662404][T13047] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000040
[  596.662417][T13047] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000000000000
[  596.662429][T13047] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  596.662440][T13047] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  596.662451][T13047] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  596.662478][T13047]  </TASK>
[  596.896428][T13047] IPv6: Can't replace route, no match found
[  597.437041][T13049] QAT: failed to copy from user cfg_data.
[  597.787198][T13058] netlink: 'syz.2.2094': attribute type 4 has an invalid length.
[  597.877021][T13058] netlink: 'syz.2.2094': attribute type 4 has an invalid length.
[  597.929142][T13058] binder: BINDER_SET_CONTEXT_MGR already set
[  597.993813][T13058] binder: 13057:13058 ioctl 4018620d 80000040 returned -16
[  598.022064][ T5910] usb 1-1: USB disconnect, device number 90
[  598.393268][T13068] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2096'.
[  598.423392][T13070] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2096'.
[  598.768389][T13076] net_ratelimit: 18 callbacks suppressed
[  598.768407][T13076] netlink: zone id is out of range
[  598.783963][T13076] netlink: zone id is out of range
[  598.789242][T13076] netlink: zone id is out of range
[  598.795342][T13076] netlink: zone id is out of range
[  598.800552][T13076] netlink: zone id is out of range
[  598.806122][T13076] netlink: zone id is out of range
[  598.811340][T13076] netlink: zone id is out of range
[  598.843345][T13076] netlink: zone id is out of range
[  598.877837][T13076] netlink: zone id is out of range
[  599.105829][T13084] sctp: [Deprecated]: syz.3.2101 (pid 13084) Use of int in maxseg socket option.
[  599.105829][T13084] Use struct sctp_assoc_value instead
[  599.342615][T13090] netlink: 'syz.0.2104': attribute type 6 has an invalid length.
[  599.482094][T13086] netlink: zone id is out of range
[  599.744294][T13096] QAT: failed to copy from user cfg_data.
[  599.910102][T13102] team0: Device gtp0 is of different type
[  600.550343][T13110] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2111'.
[  600.609431][T13111] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2111'.
[  601.393208][T13127] netlink: 'syz.4.2116': attribute type 4 has an invalid length.
[  601.441529][T13127] netlink: 'syz.4.2116': attribute type 4 has an invalid length.
[  601.482266][T13127] binder: BINDER_SET_CONTEXT_MGR already set
[  601.492162][T13127] binder: 13126:13127 ioctl 4018620d 80000040 returned -16
[  601.589332][T13131] netlink: 'syz.1.2118': attribute type 4 has an invalid length.
[  601.616029][T13131] netlink: 'syz.1.2118': attribute type 4 has an invalid length.
[  601.669549][T13131] binder: 13130:13131 ioctl c0306201 800003c0 returned -14
[  601.942974][    T9] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[  602.092923][ T5910] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[  602.107895][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  602.129623][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  602.149633][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  602.192953][    T9] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  602.212564][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  602.254180][    T9] usb 5-1: config 0 descriptor??
[  602.265345][ T5910] usb 2-1: config 0 has an invalid descriptor of length 1, skipping remainder of the config
[  602.290862][ T5910] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  602.358123][ T5910] usb 2-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 9.00
[  602.388692][ T5910] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  602.434633][ T5910] usb 2-1: config 0 descriptor??
[  602.470758][ T5910] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  602.716188][    T9] plantronics 0003:047F:FFFF.004F: No inputs registered, leaving
[  602.751686][    T9] plantronics 0003:047F:FFFF.004F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  602.964319][T13133] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  602.973291][T13133] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  603.044729][   T47] usb 5-1: USB disconnect, device number 93
[  603.372768][T13158] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2125'.
[  603.389955][T13157] netlink: 16402 bytes leftover after parsing attributes in process `syz.3.2125'.
[  604.004074][T13166] net_ratelimit: 17 callbacks suppressed
[  604.004088][T13166] netlink: zone id is out of range
[  604.023002][T13166] netlink: zone id is out of range
[  604.093773][T13162] use of bytesused == 0 is deprecated and will be removed in the future,
[  604.106957][T13166] netlink: zone id is out of range
[  604.113870][T13162] use the actual size instead.
[  604.119072][T13166] netlink: zone id is out of range
[  604.128155][T13166] netlink: zone id is out of range
[  604.142112][T13166] netlink: zone id is out of range
[  604.165822][T13166] netlink: zone id is out of range
[  604.177133][T13166] netlink: zone id is out of range
[  604.189292][T13166] netlink: zone id is out of range
[  604.782984][   T47] usb 3-1: new high-speed USB device number 85 using dummy_hcd
[  604.946089][ T5910] usb 2-1: USB disconnect, device number 84
[  604.953054][   T47] usb 3-1: device descriptor read/64, error -71
[  605.240320][   T47] usb 3-1: new high-speed USB device number 86 using dummy_hcd
[  605.392997][   T47] usb 3-1: device descriptor read/64, error -71
[  605.484638][T13186] FAULT_INJECTION: forcing a failure.
[  605.484638][T13186] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  605.512652][   T47] usb usb3-port1: attempt power cycle
[  605.537330][T13186] CPU: 1 UID: 0 PID: 13186 Comm: syz.1.2135 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) 
[  605.537367][T13186] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  605.537379][T13186] Call Trace:
[  605.537388][T13186]  <TASK>
[  605.537402][T13186]  dump_stack_lvl+0x189/0x250
[  605.537434][T13186]  ? __lock_acquire+0xaac/0xd20
[  605.537463][T13186]  ? __pfx_dump_stack_lvl+0x10/0x10
[  605.537490][T13186]  ? __pfx__printk+0x10/0x10
[  605.537510][T13186]  ? __might_fault+0xb0/0x130
[  605.537545][T13186]  should_fail_ex+0x414/0x560
[  605.537581][T13186]  _copy_from_user+0x2d/0xb0
[  605.537607][T13186]  vhost_vring_ioctl+0x7fc/0x1810
[  605.537632][T13186]  ? __mutex_lock+0x330/0xe80
[  605.537654][T13186]  ? __pfx_vhost_vring_ioctl+0x10/0x10
[  605.537673][T13186]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  605.537710][T13186]  ? vhost_dev_ioctl+0x290/0xbc0
[  605.537752][T13186]  vhost_vsock_dev_ioctl+0x256/0xdc0
[  605.537780][T13186]  ? __pfx_vhost_vsock_dev_ioctl+0x10/0x10
[  605.537815][T13186]  ? __fget_files+0x3a0/0x420
[  605.537843][T13186]  ? bpf_lsm_file_ioctl_compat+0x9/0x20
[  605.537870][T13186]  __ia32_compat_sys_ioctl+0x551/0x840
[  605.537893][T13186]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  605.537913][T13186]  ? __fget_files+0x3a0/0x420
[  605.537942][T13186]  ? fput+0xa0/0xd0
[  605.537967][T13186]  ? ksys_write+0x1f0/0x250
[  605.537994][T13186]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  605.538017][T13186]  ? lockdep_hardirqs_on+0x9c/0x150
[  605.538038][T13186]  __do_fast_syscall_32+0xb4/0x110
[  605.538060][T13186]  ? lockdep_hardirqs_on+0x9c/0x150
[  605.538083][T13186]  do_fast_syscall_32+0x34/0x80
[  605.538104][T13186]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  605.538126][T13186] RIP: 0023:0xf7fd5539
[  605.538142][T13186] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  605.538157][T13186] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  605.538193][T13186] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000004008af20
[  605.538207][T13186] RDX: 0000000080000640 RSI: 0000000000000000 RDI: 0000000000000000
[  605.538218][T13186] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  605.538229][T13186] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  605.538240][T13186] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  605.538268][T13186]  </TASK>
[  606.023256][T13192] netlink: 'syz.1.2137': attribute type 4 has an invalid length.
[  606.051221][T13192] netlink: 'syz.1.2137': attribute type 4 has an invalid length.
[  606.071729][T13192] binder: 13191:13192 ioctl c0306201 800003c0 returned -14
[  606.192941][   T47] usb 3-1: new high-speed USB device number 87 using dummy_hcd
[  606.237643][   T47] usb 3-1: device descriptor read/8, error -71
[  606.344910][T13195] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  606.502929][   T47] usb 3-1: new high-speed USB device number 88 using dummy_hcd
[  606.523667][   T47] usb 3-1: device descriptor read/8, error -71
[  606.635685][   T47] usb usb3-port1: unable to enumerate USB device
[  606.961824][T13207] Scaler: =================  START STATUS  =================
[  606.976548][T13207] Scaler: ==================  END STATUS  ==================
[  606.988642][T13207] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2143'.
[  607.044000][T13212] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2144'.
[  607.063282][T13213] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  607.069836][T13213] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[  607.091709][T13213] vhci_hcd vhci_hcd.0: Device attached
[  607.104744][T13214] vhci_hcd: connection closed
[  607.112238][ T3572] vhci_hcd: stop threads
[  607.123592][ T3572] vhci_hcd: release socket
[  607.128066][ T3572] vhci_hcd: disconnect device
[  607.300312][T13217] netlink: zone id is out of range
[  607.813134][    T9] usb 1-1: new high-speed USB device number 91 using dummy_hcd
[  607.938119][T13227] netlink: 'syz.4.2149': attribute type 4 has an invalid length.
[  607.993230][T13229] netlink: 'syz.4.2149': attribute type 4 has an invalid length.
[  608.029415][    T9] usb 1-1: config 0 has no interfaces?
[  608.047745][    T9] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  608.081551][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  608.098378][T13227] binder: BINDER_SET_CONTEXT_MGR already set
[  608.120589][    T9] usb 1-1: Product: syz
[  608.128447][T13227] binder: 13226:13227 ioctl 4018620d 80000040 returned -16
[  608.140440][    T9] usb 1-1: Manufacturer: syz
[  608.151348][    T9] usb 1-1: SerialNumber: syz
[  608.191530][    T9] usb 1-1: config 0 descriptor??
[  608.204293][T13227] binder: 13226:13227 ioctl c0306201 800003c0 returned -14
[  608.322482][T13234] FAULT_INJECTION: forcing a failure.
[  608.322482][T13234] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  608.365128][T13234] CPU: 1 UID: 0 PID: 13234 Comm: syz.3.2152 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) 
[  608.365148][T13234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  608.365157][T13234] Call Trace:
[  608.365163][T13234]  <TASK>
[  608.365169][T13234]  dump_stack_lvl+0x189/0x250
[  608.365193][T13234]  ? __lock_acquire+0xaac/0xd20
[  608.365213][T13234]  ? __pfx_dump_stack_lvl+0x10/0x10
[  608.365232][T13234]  ? __pfx__printk+0x10/0x10
[  608.365245][T13234]  ? __might_fault+0xb0/0x130
[  608.365269][T13234]  should_fail_ex+0x414/0x560
[  608.365294][T13234]  _copy_from_user+0x2d/0xb0
[  608.365312][T13234]  kvm_vm_ioctl+0x4dc/0xc60
[  608.365330][T13234]  ? __pfx_kvm_vm_ioctl+0x10/0x10
[  608.365344][T13234]  ? kasan_save_track+0x4f/0x80
[  608.365358][T13234]  ? kasan_save_track+0x3e/0x80
[  608.365370][T13234]  ? kasan_save_free_info+0x46/0x50
[  608.365389][T13234]  ? __kasan_slab_free+0x62/0x70
[  608.365403][T13234]  ? kfree+0x193/0x440
[  608.365416][T13234]  ? tomoyo_path_number_perm+0x47a/0x5a0
[  608.365438][T13234]  ? do_vfs_ioctl+0xf36/0x1eb0
[  608.365453][T13234]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  608.365468][T13234]  ? kvm_arch_vm_compat_ioctl+0x119/0x220
[  608.365483][T13234]  ? __pfx_kvm_arch_vm_compat_ioctl+0x10/0x10
[  608.365511][T13234]  ? kasan_quarantine_put+0xdd/0x220
[  608.365531][T13234]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  608.365551][T13234]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  608.365572][T13234]  ? tomoyo_path_number_perm+0x4e2/0x5a0
[  608.365591][T13234]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  608.365611][T13234]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  608.365651][T13234]  kvm_vm_compat_ioctl+0x265/0x330
[  608.365671][T13234]  ? __pfx_kvm_vm_compat_ioctl+0x10/0x10
[  608.365688][T13234]  ? __fget_files+0x3a0/0x420
[  608.365704][T13234]  ? __fget_files+0x2a/0x420
[  608.365723][T13234]  ? bpf_lsm_file_ioctl_compat+0x9/0x20
[  608.365742][T13234]  __ia32_compat_sys_ioctl+0x551/0x840
[  608.365757][T13234]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  608.365771][T13234]  ? __fget_files+0x3a0/0x420
[  608.365792][T13234]  ? fput+0xa0/0xd0
[  608.365810][T13234]  ? ksys_write+0x1f0/0x250
[  608.365830][T13234]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  608.365853][T13234]  ? lockdep_hardirqs_on+0x9c/0x150
[  608.365868][T13234]  __do_fast_syscall_32+0xb4/0x110
[  608.365884][T13234]  ? lockdep_hardirqs_on+0x9c/0x150
[  608.365900][T13234]  do_fast_syscall_32+0x34/0x80
[  608.365916][T13234]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  608.365931][T13234] RIP: 0023:0xf710e539
[  608.365943][T13234] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  608.365953][T13234] RSP: 002b:00000000f50fe55c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  608.365968][T13234] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 000000004020aed2
[  608.365978][T13234] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[  608.365985][T13234] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  608.365993][T13234] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  608.366000][T13234] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  608.366029][T13234]  </TASK>
[  608.796335][T13221] team0: Device gtp0 is up. Set it down before adding it as a team port
[  609.383720][   T10] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[  609.396861][T13253] netlink: 'syz.4.2157': attribute type 4 has an invalid length.
[  609.432066][T13250] netlink: 'syz.4.2157': attribute type 4 has an invalid length.
[  609.519335][T13250] binder: 13249:13250 ioctl c0306201 800003c0 returned -14
[  609.566855][   T10] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  609.583747][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  609.619424][   T10] usb 4-1: config 0 descriptor??
[  610.122020][   T10] [drm:udl_init] *ERROR* Selecting channel failed
[  610.220346][   T10] [drm] Initialized udl 0.0.1 for 4-1:0.0 on minor 2
[  610.243887][   T10] [drm] Initialized udl on minor 2
[  610.261323][   T10] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  610.294864][T13275] netlink: 'syz.1.2166': attribute type 6 has an invalid length.
[  610.308805][   T10] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  610.328409][ T5903] udl 4-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  610.352319][   T10] usb 4-1: USB disconnect, device number 75
[  610.361751][T13276] net_ratelimit: 8 callbacks suppressed
[  610.361763][T13276] netlink: zone id is out of range
[  610.375690][ T5903] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  610.382946][ T5890] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[  610.411571][T13276] netlink: zone id is out of range
[  610.421907][T13276] netlink: zone id is out of range
[  610.427949][T13276] netlink: zone id is out of range
[  610.433480][T13276] netlink: zone id is out of range
[  610.445422][T13276] netlink: zone id is out of range
[  610.450653][T13276] netlink: zone id is out of range
[  610.468383][T13276] netlink: zone id is out of range
[  610.502503][T13276] netlink: zone id is out of range
[  610.548391][ T5890] usb 3-1: config 0 has no interfaces?
[  610.559261][ T5890] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  610.571420][ T5890] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  610.580018][ T5890] usb 3-1: Product: syz
[  610.634702][ T5890] usb 3-1: Manufacturer: syz
[  610.646044][ T5890] usb 3-1: SerialNumber: syz
[  610.660735][ T5890] usb 3-1: config 0 descriptor??
[  611.092396][   T10] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[  611.108258][    T9] usb 1-1: USB disconnect, device number 91
[  611.123804][ T5903] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[  611.264703][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  611.285915][   T10] usb 2-1: config 0 has no interfaces?
[  611.300322][   T10] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  611.313965][ T5903] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  611.339247][ T5903] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  611.349560][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  611.377834][ T5903] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  611.392199][   T10] usb 2-1: config 0 descriptor??
[  611.448457][ T5903] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  611.460500][ T5903] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  611.491823][ T5903] usb 4-1: config 0 descriptor??
[  611.917752][ T5903] plantronics 0003:047F:FFFF.0050: No inputs registered, leaving
[  611.948909][ T5903] plantronics 0003:047F:FFFF.0050: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  612.143111][   T47] usb 1-1: new high-speed USB device number 92 using dummy_hcd
[  612.198599][T13285] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  612.215576][T13285] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  612.553437][   T47] usb 1-1: Using ep0 maxpacket: 8
[  612.564193][   T47] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 7
[  612.586465][   T47] usb 1-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  612.601405][ T5903] usb 4-1: USB disconnect, device number 76
[  612.626265][   T47] usb 1-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  612.659379][   T47] usb 1-1: Product: syz
[  612.674492][   T47] usb 1-1: Manufacturer: syz
[  612.685483][   T47] usb 1-1: SerialNumber: syz
[  613.059020][   T47] usb 1-1: palm_os_3_probe - error -110 getting connection information
[  613.071386][   T47] visor 1-1:1.0: probe with driver visor failed with error -110
[  613.688641][   T10] usb 3-1: USB disconnect, device number 89
[  614.959504][ T5903] usb 2-1: USB disconnect, device number 85
[  615.013023][    T9] usb 3-1: new high-speed USB device number 90 using dummy_hcd
[  615.142926][   T47] usb 4-1: new high-speed USB device number 77 using dummy_hcd
[  615.174728][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  615.206480][    T9] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  615.229206][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  615.236897][   T30] kauditd_printk_skb: 149 callbacks suppressed
[  615.236911][   T30] audit: type=1326 audit(1746173030.913:15280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13321 comm="syz.4.2182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e539 code=0x7ffc0000
[  615.292653][    T9] usb 3-1: config 0 descriptor??
[  615.297845][ T5903] usb 2-1: new full-speed USB device number 86 using dummy_hcd
[  615.312999][   T47] usb 4-1: Using ep0 maxpacket: 32
[  615.323812][   T47] usb 4-1: config 0 interface 0 has no altsetting 0
[  615.324609][    T9] pwc: Askey VC010 type 2 USB webcam detected.
[  615.347407][   T30] audit: type=1326 audit(1746173030.953:15281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13321 comm="syz.4.2182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e539 code=0x7ffc0000
[  615.370587][   T47] usb 4-1: New USB device found, idVendor=2040, idProduct=c602, bcdDevice= 1.8e
[  615.396901][   T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  615.410770][   T30] audit: type=1326 audit(1746173030.953:15282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13321 comm="syz.4.2182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e539 code=0x7ffc0000
[  615.435276][   T30] audit: type=1326 audit(1746173030.953:15283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13321 comm="syz.4.2182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e539 code=0x7ffc0000
[  615.438903][   T47] usb 4-1: config 0 descriptor??
[  615.458736][   T30] audit: type=1326 audit(1746173030.953:15284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13321 comm="syz.4.2182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e539 code=0x7ffc0000
[  615.486297][   T30] audit: type=1326 audit(1746173030.953:15285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13321 comm="syz.4.2182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e539 code=0x7ffc0000
[  615.523040][   T47] usb 4-1: dvb_usb_v2: found a 'HCW 126xxx' in warm state
[  615.524286][ T5903] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  615.551924][   T30] audit: type=1326 audit(1746173030.953:15286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13321 comm="syz.4.2182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e539 code=0x7ffc0000
[  615.565537][    T9] pwc: send_video_command error -71
[  615.577398][   T47] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  615.583161][ T5903] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  615.606664][   T47] dvbdev: DVB: registering new adapter (HCW 126xxx)
[  615.610204][    T9] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  615.613422][   T47] usb 4-1: media controller created
[  615.629444][ T5903] usb 2-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  615.632927][   T30] audit: type=1326 audit(1746173030.953:15287): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13321 comm="syz.4.2182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e539 code=0x7ffc0000
[  615.640372][    T9] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71
[  615.671166][ T5903] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  615.682678][ T5903] usb 2-1: config 0 descriptor??
[  615.708446][    T9] usb 3-1: USB disconnect, device number 90
[  615.744486][T13326] netlink: zone id is out of range
[  615.747858][   T30] audit: type=1326 audit(1746173030.953:15288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13321 comm="syz.4.2182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e539 code=0x7ffc0000
[  615.753010][T13326] netlink: zone id is out of range
[  615.773755][   T47] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  615.852361][T13326] netlink: zone id is out of range
[  615.853147][ T5890] usb 1-1: USB disconnect, device number 92
[  615.858169][T13326] netlink: zone id is out of range
[  615.868697][T13326] netlink: zone id is out of range
[  615.875601][T13326] netlink: zone id is out of range
[  615.882466][T13326] netlink: zone id is out of range
[  615.889618][T13326] netlink: zone id is out of range
[  615.901524][   T30] audit: type=1326 audit(1746173030.953:15289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13321 comm="syz.4.2182" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf707e539 code=0x7ffc0000
[  615.919337][T13320] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000019: 0000 [#1] SMP KASAN PTI
[  615.935729][T13320] KASAN: null-ptr-deref in range [0x00000000000000c8-0x00000000000000cf]
[  615.944145][T13320] CPU: 0 UID: 0 PID: 13320 Comm: syz.1.2180 Not tainted 6.15.0-rc4-syzkaller-00147-gebd297a2affa #0 PREEMPT(full) 
[  615.956292][T13320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/19/2025
[  615.966345][T13320] RIP: 0010:__mutex_lock+0x138/0xe80
[  615.971630][T13320] Code: a0 66 80 99 48 c1 e8 03 42 0f b6 04 28 84 c0 0f 85 0d 0c 00 00 83 3d 06 1d 29 0e 00 75 23 49 8d 7c 24 60 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 74 05 e8 9c 6b ca f6 4d 39 64 24 60 0f 85 7b 0b 00
[  615.991233][T13320] RSP: 0018:ffffc9000406f1a0 EFLAGS: 00010202
[  615.997297][T13320] RAX: 0000000000000019 RBX: 0000000000000000 RCX: ffffffff99806603
[  616.005260][T13320] RDX: ffff888026560000 RSI: ffffffff8d93503a RDI: 00000000000000c8
[  616.013232][T13320] RBP: ffffc9000406f338 R08: ffffc9000406f2a7 R09: 0000000000000000
[  616.021201][T13320] R10: ffffc9000406f280 R11: fffff5200080de55 R12: 0000000000000068
[  616.029168][T13320] R13: dffffc0000000000 R14: ffff888030d46158 R15: 0000000000000000
[  616.037138][T13320] FS:  0000000000000000(0000) GS:ffff8881260cc000(0063) knlGS:00000000f50f6b40
[  616.046087][T13320] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  616.052668][T13320] CR2: 0000000080002580 CR3: 00000000492ac000 CR4: 00000000003526f0
[  616.060643][T13320] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  616.068608][T13320] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  616.076571][T13320] Call Trace:
[  616.079852][T13320]  <TASK>
[  616.082784][T13320]  ? __mutex_lock+0x330/0xe80
[  616.087465][T13320]  ? dvb_usbv2_generic_write+0x26/0x60
[  616.092925][T13320]  ? __pfx___mutex_lock+0x10/0x10
[  616.097943][T13320]  ? __pfx___mutex_lock+0x10/0x10
[  616.102965][T13320]  ? __mutex_lock+0x330/0xe80
[  616.107639][T13320]  dvb_usbv2_generic_write+0x26/0x60
[  616.112933][T13320]  mxl111sf_ctrl_msg+0x16a/0x2e0
[  616.117884][T13320]  mxl111sf_write_reg+0xa0/0x180
[  616.122843][T13320]  ? __pfx_mxl111sf_write_reg+0x10/0x10
[  616.128414][T13320]  ? __lock_acquire+0xaac/0xd20
[  616.133274][T13320]  mxl111sf_i2c_xfer+0x461/0x4f00
[  616.138309][T13320]  ? __lock_acquire+0xaac/0xd20
[  616.143185][T13320]  ? __pfx_mxl111sf_i2c_xfer+0x10/0x10
[  616.148652][T13320]  ? __lock_acquire+0xaac/0xd20
[  616.153512][T13320]  ? is_bpf_text_address+0x26/0x2b0
[  616.158716][T13320]  ? is_bpf_text_address+0x292/0x2b0
[  616.164001][T13320]  ? is_bpf_text_address+0x26/0x2b0
[  616.169208][T13320]  ? kernel_text_address+0xa5/0xe0
[  616.174326][T13320]  ? __kernel_text_address+0xd/0x40
[  616.179528][T13320]  ? unwind_get_return_address+0x4d/0x90
[  616.185171][T13320]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  616.191322][T13320]  ? arch_stack_walk+0xfc/0x150
[  616.196173][T13320]  ? stack_trace_save+0x9c/0xe0
[  616.201017][T13320]  ? look_up_lock_class+0x74/0x170
[  616.206127][T13320]  ? register_lock_class+0x51/0x320
[  616.211330][T13320]  ? __lock_acquire+0xaac/0xd20
[  616.216182][T13320]  ? do_raw_spin_lock+0x121/0x290
[  616.221202][T13320]  __i2c_transfer+0x871/0x2170
[  616.225972][T13320]  ? lockdep_hardirqs_on+0x9c/0x150
[  616.231170][T13320]  ? __pfx___i2c_transfer+0x10/0x10
[  616.236376][T13320]  ? rt_mutex_lock_nested+0x15e/0x1e0
[  616.241761][T13320]  ? i2c_transfer+0x11d/0x3a0
[  616.246445][T13320]  i2c_transfer+0x25b/0x3a0
[  616.250948][T13320]  ? __pfx_i2c_transfer+0x10/0x10
[  616.255973][T13320]  ? _copy_from_user+0x94/0xb0
[  616.260757][T13320]  i2cdev_ioctl_rdwr+0x460/0x740
[  616.265716][T13320]  compat_i2cdev_ioctl+0x5a8/0x5c0
[  616.270830][T13320]  ? __pfx_compat_i2cdev_ioctl+0x10/0x10
[  616.276463][T13320]  ? __fget_files+0x3a0/0x420
[  616.281145][T13320]  ? __fget_files+0x2a/0x420
[  616.285731][T13320]  ? bpf_lsm_file_ioctl_compat+0x9/0x20
[  616.291276][T13320]  __ia32_compat_sys_ioctl+0x551/0x840
[  616.296730][T13320]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[  616.302716][T13320]  ? rcu_is_watching+0x15/0xb0
[  616.307484][T13320]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  616.314070][T13320]  ? lockdep_hardirqs_on+0x9c/0x150
[  616.319279][T13320]  __do_fast_syscall_32+0xb4/0x110
[  616.324395][T13320]  ? lockdep_hardirqs_on+0x9c/0x150
[  616.329592][T13320]  do_fast_syscall_32+0x34/0x80
[  616.334444][T13320]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  616.340765][T13320] RIP: 0023:0xf7fd5539
[  616.344826][T13320] Code: 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  616.364456][T13320] RSP: 002b:00000000f50f655c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  616.372879][T13320] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000000707
[  616.380858][T13320] RDX: 0000000080002580 RSI: 0000000000000000 RDI: 0000000000000000
[  616.388843][T13320] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  616.396836][T13320] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  616.404797][T13320] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  616.412787][T13320]  </TASK>
[  616.415810][T13320] Modules linked in:
[  616.420878][T13320] ---[ end trace 0000000000000000 ]---
[  616.427378][T13326] netlink: zone id is out of range
[  616.445479][   T47] set interface failed
[  616.450315][T13320] RIP: 0010:__mutex_lock+0x138/0xe80
[  616.461643][T13320] Code: a0 66 80 99 48 c1 e8 03 42 0f b6 04 28 84 c0 0f 85 0d 0c 00 00 83 3d 06 1d 29 0e 00 75 23 49 8d 7c 24 60 48 89 f8 48 c1 e8 03 <42> 80 3c 28 00 74 05 e8 9c 6b ca f6 4d 39 64 24 60 0f 85 7b 0b 00
[  616.484461][T13320] RSP: 0018:ffffc9000406f1a0 EFLAGS: 00010202
[  616.490574][T13320] RAX: 0000000000000019 RBX: 0000000000000000 RCX: ffffffff99806603
[  616.499789][T13320] RDX: ffff888026560000 RSI: ffffffff8d93503a RDI: 00000000000000c8
[  616.508712][T13320] RBP: ffffc9000406f338 R08: ffffc9000406f2a7 R09: 0000000000000000
[  616.517466][T13320] R10: ffffc9000406f280 R11: fffff5200080de55 R12: 0000000000000068
[  616.525800][T13320] R13: dffffc0000000000 R14: ffff888030d46158 R15: 0000000000000000
[  616.534428][T13328] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  616.534479][T13320] FS:  0000000000000000(0000) GS:ffff8881261cc000(0063) knlGS:00000000f50f6b40
[  616.554429][T13320] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[  616.561035][T13320] CR2: 000000003091cff8 CR3: 00000000492ac000 CR4: 00000000003526f0
[  616.570140][T13320] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  616.578702][T13320] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  616.586822][T13320] Kernel panic - not syncing: Fatal exception
[  616.593222][T13320] Kernel Offset: disabled
[  616.597548][T13320] Rebooting in 86400 seconds..