last executing test programs:

12.583944552s ago: executing program 4 (id=6943):
add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c000080"], 0xe8}}, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r1=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r1, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'syz_tun\x00', <r3=>0x0})
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x6, 0x3, &(0x7f0000000080)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', r3, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r6=>0x0})
r7 = syz_usb_connect(0x5, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010003ac9bcc20d118af1ebb5a0102030109022400010700800b0904bb06023ae5040009050402b3030f0204"], &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r7, 0x0, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@dellink={0x20, 0x11, 0x101, 0x0, 0x0, {0x0, 0x0, 0x0, r6}}, 0x20}}, 0x0)

11.045223087s ago: executing program 4 (id=6959):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, &(0x7f0000000080)={@loopback={0xfec0ffff00000000}, @private1, @local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x280})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r3 = socket(0x10, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a0000000200", 0x6)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB="04000100"], 0x9)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000c40)=[@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e24, 0x5, @private2, 0x4}, @in={0x2, 0x4e22, @local}], 0x3c)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000080)={0x8}, 0x10)
write(r3, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r3, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
socket(0x2, 0x80805, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
pipe2$watch_queue(0x0, 0x80)
add_key(0x0, &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x52b281, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$SG_IO(r6, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffc, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$kcm(0x11, 0x200000000000002, 0x300)

10.861832326s ago: executing program 0 (id=6961):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4000)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x7ed67c2641f24672)
r0 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x0, 0xffffffffffffffff)
ioctl$USBDEVFS_CONTROL(r2, 0xc0105500, &(0x7f0000000000)={0x0, 0xf, 0x31, 0xf8, 0x0, 0xfffffff7, 0x0})
socket$pppl2tp(0x18, 0x1, 0x1)
recvmsg$unix(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r0, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1, 0x0, 0x0, 0x12}}], 0x400000000000181, 0x9200000000000000)
r3 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
r4 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x1, 0x81, 0x1ff, 0x801, 0x1}, 0x1c)
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic-generic\x00'}, 0x58)
r5 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r5, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r5, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r6 = accept4(r5, 0x0, 0x0, 0x800)
sendmmsg$alg(r6, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="ff", 0x1}], 0x1, &(0x7f0000000440)=[@assoc={0x18, 0x117, 0x4, 0x1}, @op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0xb}], 0x48}], 0x1, 0x40800)
r7 = syz_usb_connect(0x5, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000007794608cd0c39007b90000000010902120001fc0000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r7, 0x0, 0x0)
r8 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r8, 0x707, &(0x7f0000002580)={&(0x7f00000002c0)=[{0x50, 0x1801, 0x0, 0x0}], 0x1})
openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x42, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00')
preadv(r8, &(0x7f00000008c0)=[{&(0x7f0000000300)=""/153, 0x99}, {&(0x7f0000000600)=""/213, 0xd5}, {&(0x7f0000000700)=""/251, 0xfb}, {&(0x7f00000004c0)=""/95, 0x5f}, {&(0x7f0000000940)=""/49, 0x31}, {&(0x7f0000000800)=""/144, 0x90}], 0x6, 0x0, 0xffffffff)
r9 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d972a440b72040153de7f49ecbec5682120001000000000904000000ff000000"], 0x0)
syz_usb_control_io$cdc_ecm(r9, 0x0, 0x0)

9.412938983s ago: executing program 3 (id=6965):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
ioctl$VIDIOC_S_INPUT(0xffffffffffffffff, 0xc0045627, &(0x7f00000000c0)=0x3)
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000940)=<r2=>0xffffffffffffffff)
r3 = syz_io_uring_setup(0x1370, &(0x7f00000000c0)={0x0, 0x49fa, 0x10, 0x0, 0x4e}, &(0x7f0000000180)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
io_uring_register$IORING_REGISTER_FILES(r3, 0x2, &(0x7f0000000300)=[0xffffffffffffffff], 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_FILES_UPDATE={0x14, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)=[r3], 0x1})
io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
setregid(0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_INO_LOOKUP_USER(r2, 0x7c81, 0x0)
unshare(0x2a020400)
r6 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0xa000, 0x1da)
r7 = socket$inet6(0xa, 0x1, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000002080))
setsockopt$inet6_MCAST_MSFILTER(r7, 0x29, 0x30, 0x0, 0x310)
setsockopt$inet6_group_source_req(r7, 0x29, 0x2b, &(0x7f00000005c0)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x4e22, 0x0, @empty}}}, 0x108)
read$FUSE(r6, &(0x7f0000000040)={0x2020}, 0x2020)
close(r6)
r8 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
fsopen(&(0x7f00000000c0)='hfs\x00', 0x1)
close_range(r8, 0xffffffffffffffff, 0x0)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x84, 0x17, 0x0, 0x0)

7.690166572s ago: executing program 4 (id=6967):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32, 0x0, 0x3}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0xd, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000080)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000240)="af", 0x34000}], 0x1}}], 0x1, 0x0)

7.468032852s ago: executing program 2 (id=6970):
syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x0, 0x2, 0x4}, 0x0, &(0x7f0000000280))
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$inet_udp(0x2, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@ipv4_delroute={0x40, 0x19, 0x901, 0x0, 0x0, {0x2, 0x18, 0x0, 0x0, 0x0, 0x0, 0xfd, 0x1}, [@RTA_DST={0x8, 0x1, @dev}, @RTA_GATEWAY={0x8, 0x5, @private=0xa010102}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_SRC={0x8, 0x3, @multicast2}}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x6}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000008c0)=ANY=[@ANYBLOB="6c0000001000010400d201000072f60000020000", @ANYRES32=0x0, @ANYBLOB="0524060000000000300012800b0001006272696467650000200002800c002e00fffff6ffffffffff050007001f00"], 0x6c}}, 0x0)
r4 = socket(0x10, 0x3, 0x0)
sendmmsg$alg(r4, &(0x7f0000000140), 0x4924b68, 0x0)
writev(r3, &(0x7f00000000c0)=[{&(0x7f0000000140)='2', 0x1}], 0x1)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x103843, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, 0x0, 0x0, 0x1a, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x8042, 0x0)
r5 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r5, 0x0)
link(&(0x7f0000000200)='./file1\x00', &(0x7f0000000300)='./bus\x00')
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
dup(r7)
add_key$keyring(&(0x7f00000000c0), &(0x7f00000001c0)={'syz', 0x2}, 0x0, 0x0, 0x0)

7.394951683s ago: executing program 1 (id=6971):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000400), 0x4)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x490})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1a00000000401400e27f00000100000000000000", @ANYRES32, @ANYBLOB="000000000000000000000000009f9a9086083b31d2e2ec0e13a1f6000000000000", @ANYRES32=0x0, @ANYRES32], 0x50)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000000)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r2, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r4, 0x0, <r5=>0x0, 0x0, <r6=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_REPLACE(r2, 0x3ba0, &(0x7f0000000280)={0x48, 0x15, r5, 0x0, r3})
r7 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200), 0x10001, 0x0)
ioctl$PPPIOCSACTIVE(r7, 0x40107446, &(0x7f0000000340)={0x4, &(0x7f0000000300)=[{0x5, 0x80, 0x72, 0x5}, {0x300, 0x2, 0x2, 0x3}, {0x8000, 0xfe, 0x6, 0x3}, {0xd, 0xb, 0x8, 0x9}]})
ioctl$IOMMU_HWPT_ALLOC$NONE(r2, 0x3b89, &(0x7f00000003c0)={0x28, 0x3, r6, r3, 0x0, 0x0, 0x0, 0x3f, &(0x7f0000000380)="419bebc49dd2ab394fc2fcca0c8d56ba782e1aa51d3fd97ad1141d3105225d737c67853b708fb878defbb1262e3855ddfb39aaf765bd87097fc1c97f94ecf4"})
r8 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r8, 0xc0105500, &(0x7f0000000000)={0x20, 0xc, 0x3, 0x0, 0x0, 0xfffffffd, 0x0})

7.384547661s ago: executing program 0 (id=6972):
openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x42, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00')
getdents(r0, &(0x7f0000001f80)=""/4096, 0x1000) (fail_nth: 14)

6.672127293s ago: executing program 0 (id=6973):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7734, 0x80, 0x2, 0x34f}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2c, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_FSYNC={0x3, 0x22, 0x0, @fd_index=0x4})
io_uring_enter(r0, 0x45bc, 0x0, 0x0, 0x0, 0x0)

6.353725618s ago: executing program 4 (id=6974):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
socketpair$unix(0x1, 0xfffffffffffffffd, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x100, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x1, 0x0)
close(r2)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r3 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PTP_EXTTS_REQUEST2(r3, 0xc0403d11, 0x0)
r4 = socket$inet(0xa, 0x801, 0x84)
r5 = accept4(r4, 0x0, 0x0, 0x0)
sendto$inet(r5, &(0x7f00000002c0), 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000000)={0x2, 0x20c, 0x6, 0xffffffff}, 0x10)
sendto$inet6(r5, 0x0, 0x0, 0x4000050, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x3}, 0x8)
r6 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='blkio.bfq.time\x00', 0x275a, 0x0)
write$binfmt_script(r6, &(0x7f00000004c0), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000a, 0x28011, r6, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
cachestat(r6, 0x0, 0x0, 0x0)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c0000004a008d2a00000000000000030a"], 0x1c}}, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r7)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)

5.33105866s ago: executing program 3 (id=6975):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000600000000000000000a20000000000a03000000000000000000070000000900010073797a30000000005c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021200011800e000100636f6e6e6c696d69740000000c00028008000140fffffff73c0000000c0a01010000000000000000070400000900020073797a31000000000900010073797a3000000000100003800c0000800800034000000002"], 0xe0}}, 0x0)

4.949422721s ago: executing program 3 (id=6976):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000080)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r2, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0x6b3a6e7e216920a8}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r4)
getsockname$packet(r4, &(0x7f0000000180)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000003c0)=@delchain={0x3c, 0x2c, 0xf31, 0x0, 0x2000, {0x0, 0x0, 0x0, r5, {}, {0xfff2, 0xffff}, {0xffff, 0x1}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_FLAGS={0x8, 0x16, 0x2}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4008854}, 0x4010)

4.382160954s ago: executing program 3 (id=6977):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, &(0x7f0000000080)={@loopback={0xfec0ffff00000000}, @private1, @local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x280})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r3 = socket(0x10, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a0000000200", 0x6)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB="04000100"], 0x9)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000c40)=[@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e24, 0x5, @private2, 0x4}, @in={0x2, 0x4e22, @local}], 0x3c)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000080)={0x8}, 0x10)
write(r3, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r3, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
socket(0x2, 0x80805, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
pipe2$watch_queue(0x0, 0x80)
add_key(0x0, &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x52b281, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$SG_IO(r6, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffc, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$kcm(0x11, 0x200000000000002, 0x300)

4.260197605s ago: executing program 1 (id=6978):
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r1, {0x0, 0xfff2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000005f80)=@newtfilter={0x88, 0x2c, 0xd27, 0x70bd25, 0x2, {0x0, 0x0, 0x0, r1, {0x0, 0x1}, {}, {0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x58, 0x2, [@TCA_FLOW_ACT={0x54, 0x9, 0x0, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x1, 0x0, 0x10000000, 0x404, 0xfffffffe}, 0x1, r1}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}]}}]}, 0x88}}, 0x0)

4.018485404s ago: executing program 1 (id=6979):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000540), 0x42a00)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f0000000580)={{0x3, 0x0, 0x1, 0x1, 0x1}, 0x5, 0xc, 0x400001})
r1 = socket$alg(0x26, 0x5, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
socket$can_j1939(0x1d, 0x2, 0x7)
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f0000000180), 0xfea7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000b, 0x11, r2, 0x0)
r4 = socket$rxrpc(0x21, 0x2, 0xa)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0xb00000000065808, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$batadv(&(0x7f0000007580), 0xffffffffffffffff)
sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c010000", @ANYRES16, @ANYBLOB="2d01620000000900509072fb60cb08000300", @ANYRES16], 0x2c}}, 0x0)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000007680)={0x0, 0x0, &(0x7f0000007640)={&(0x7f0000000000)=ANY=[@ANYBLOB="46040000", @ANYRES16=r7, @ANYBLOB="ff830500000700ffffff", @ANYRES32=r4], 0x4}}, 0x0)
sendfile(r6, r5, 0x0, 0x100000002)
bind$alg(r1, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c\x00'}, 0x58)
r8 = accept4(r1, 0x0, 0x0, 0x0)
read$FUSE(r8, &(0x7f0000002700)={0x2020}, 0x2020)
r9 = syz_open_dev$vcsu(&(0x7f00000000c0), 0x1, 0x80)
sendmsg$NFT_BATCH(r9, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000140)={&(0x7f0000000200)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWOBJ={0x34, 0x12, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x8}, @NFT_OBJECT_QUOTA=@NFTA_OBJ_DATA={0x20, 0x4, 0x0, 0x1, [@NFTA_QUOTA_FLAGS={0x8}, @NFTA_QUOTA_CONSUMED={0xc}, @NFTA_QUOTA_FLAGS={0x8}]}}], {0x14}}, 0x5c}, 0x1, 0x0, 0x0, 0x20000000}, 0x800)

3.780342029s ago: executing program 0 (id=6980):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, &(0x7f0000000080)={@loopback={0xfec0ffff00000000}, @private1, @local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x280})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r1 = socket(0x10, 0x2, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB="04000100"], 0x9)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000c40)=[@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e24, 0x5, @private2, 0x4}, @in={0x2, 0x4e22, @local}], 0x3c)
write(r1, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r1, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
socket(0x2, 0x80805, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
pipe2$watch_queue(0x0, 0x80)
add_key(0x0, &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x52b281, 0x0)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$SG_IO(r4, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffc, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$kcm(0x11, 0x200000000000002, 0x300)

3.644055307s ago: executing program 1 (id=6981):
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000140)=ANY=[@ANYRES16=0x0], 0x0, 0x5, 0x0, 0x0, 0x0, 0x49, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6, @void, @value}, 0x94)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x46, 0x101000)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
r3 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19})
readv(r3, &(0x7f0000000580)=[{&(0x7f0000000500)=""/79, 0x4f}, {&(0x7f0000000280)=""/31, 0x1f}], 0x2)
gettid()
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r4, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0x20000008, &(0x7f00000001c0)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
setsockopt$sock_int(r4, 0x1, 0x29, &(0x7f0000000040)=0x1200, 0x4)
setsockopt$SO_TIMESTAMPING(r4, 0x1, 0x41, &(0x7f0000000400)=0x2420, 0x4)
sendto$inet6(r4, &(0x7f0000000080)="8d", 0x1, 0x50, 0x0, 0x0)
recvmmsg(r4, &(0x7f000000d980)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000002c0)=""/144, 0x90}, 0xc}], 0x1, 0x2131, 0x0)
r5 = getpgrp(0x0)
setpriority(0x1, r5, 0x100)
r6 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f000010"], 0x0)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
syz_usb_disconnect(r6)
r7 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x4000000, 0x0, 0x1, 0x10d}, &(0x7f00000006c0)=<r8=>0x0, &(0x7f00000001c0)=<r9=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r8, r9, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000240)=[{&(0x7f0000001800)=""/224, 0xe0}], 0x1})
io_uring_enter(r7, 0x47ba, 0x0, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x200, 0xffffffffffffffff, 0x0, 0xa00369a4}, 0x38)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0x2000000000001]}})

3.619366957s ago: executing program 2 (id=6982):
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x90, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x6dccf5eb5fc6115})
ioctl$BINDER_SET_CONTEXT_MGR(r4, 0x40046207, 0x0)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10408, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
dup3(0xffffffffffffffff, r0, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd65087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb1000008747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155960ff8491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb80035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22383e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485a4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2245eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e4c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afeb6d69ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e77f095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad64c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc590800", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000580)={0x78, 0x0, 0x9, {0xfeffffffffffffff, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x7, 0x1, 0x8000, 0x0, r2, r3, 0x3, 0x4}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
write$tcp_congestion(r5, &(0x7f0000000000)='reno\x00', 0x5)
creat(&(0x7f0000000100)='./file0\x00', 0x2a)
dup2(r5, r0)

3.397879447s ago: executing program 4 (id=6983):
clock_adjtime(0x0, &(0x7f0000000380)={0x3ff, 0x8, 0x4101, 0x4000000000000b, 0x0, 0xf423f, 0x400000400, 0x80000000000a, 0x5, 0x100, 0x7, 0x0, 0x1, 0x81, 0x9f, 0x2, 0xfffffffffffffffc, 0x6, 0x1ff, 0x9, 0x8001, 0x3, 0x0, 0x3, 0x72a3, 0xe})

3.11202662s ago: executing program 2 (id=6984):
syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000019a69d207c2c06031e480102030109022400010004100009046c1002ffffff"], 0x0)

3.01642237s ago: executing program 4 (id=6985):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_inet6_SIOCDELRT(r0, 0x890b, &(0x7f0000000080)={@loopback={0xfec0ffff00000000}, @private1, @local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x280})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r3 = socket(0x10, 0x2, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r4, 0x84, 0x81, &(0x7f00000002c0)="1a000000", 0x4)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r4, 0x84, 0x17, &(0x7f0000000080)=ANY=[@ANYRES32=0x0, @ANYBLOB="04000100"], 0x9)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r4, 0x84, 0x6e, &(0x7f0000000c40)=[@in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in6={0xa, 0x4e24, 0x5, @private2, 0x4}, @in={0x2, 0x4e22, @local}], 0x3c)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000080)={0x8}, 0x10)
write(r3, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r3, &(0x7f0000002ec0), 0x400000000000ec0, 0x2, &(0x7f00000001c0)={0x77359400})
socket(0x2, 0x80805, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
pipe2$watch_queue(0x0, 0x80)
add_key(0x0, &(0x7f0000000100)={'syz', 0x3}, &(0x7f0000000080)="f8", 0x1, 0xfffffffffffffffe)
preadv2(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000001200)=""/4096, 0x1000}], 0x100000000000000d, 0x0, 0x0, 0x0)
r5 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x52b281, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r5)
ioctl$SG_IO(r6, 0x2285, &(0x7f0000000040)={0x53, 0xfffffffc, 0x6, 0x0, @buffer={0x2, 0x41001, &(0x7f00000000c0)=""/81}, &(0x7f0000000380)="259374c96ee3", 0x0, 0x0, 0x0, 0x0, 0x0})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$kcm(0x11, 0x200000000000002, 0x300)

1.027298841s ago: executing program 2 (id=6986):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x8, 0x10, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@snprintf={{}, {}, {0x5, 0x0, 0xb, 0x8, 0x0, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xb6}}]}, &(0x7f0000000100)='syzkaller\x00', 0x8, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100005, @void, @value}, 0x94) (async)
openat$cgroup_ro(r0, &(0x7f0000000000)='memory.numa_stat\x00', 0x0, 0x0)

892.049153ms ago: executing program 2 (id=6987):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)=ANY=[@ANYBLOB="18000000240001030000000000000000010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000002c00)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00}, 0x200001}, {{0x0, 0x0, 0x0}, 0x1}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000001700)=""/213, 0xd5}, {&(0x7f0000000900)=""/242, 0xf2}, {&(0x7f0000003e00)=""/4098, 0x1002}, {&(0x7f00000006c0)=""/229, 0xe5}], 0x4}, 0x101}, {{0x0, 0x0, 0x0}, 0x40}, {{0x0, 0x0, 0x0}, 0x409}, {{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000001900)=""/229, 0xe5}, {&(0x7f0000001a00)=""/4109, 0x100d}, {&(0x7f0000006080)=""/4085, 0xff5}, {&(0x7f0000000240)=""/112, 0x70}, {&(0x7f0000000040)=""/113, 0x71}, {&(0x7f00000004c0)=""/121, 0x79}], 0x6}, 0x8}, {{0x0, 0x0, 0x0}, 0xc}], 0x7, 0x40000020, 0x0)

830.95115ms ago: executing program 2 (id=6988):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000200)={'filter\x00', 0x6002, 0x4, 0x418, 0x220, 0x220, 0xf0, 0x330, 0x330, 0x330, 0x4, 0x0, {[{{@uncond, 0xc0, 0xf0}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x100007, 0x1ff, 0x11}}}, {{@arp={@remote, @remote, 0x0, 0x0, 0x3, 0x10, {@empty, {[0x0, 0x0, 0x0, 0x0, 0x0, 0xff]}}, {@empty, {[0x0, 0x0, 0xff]}}, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 'veth1_vlan\x00', 'nicvf0\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0xa, 0x1, 0x2, 0x0, 0x0, "13b911e5284250ec81c17349113a3cfb44cacec1b17c5169103aa911ccde13af46942ffe283747525f02c26cacacf4224636c02166494a749e5e3abbd96793dd"}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@link_local, @local, @local, 0xf, 0x5fa0832aa5fc72f3}}}], {{'\x00', 0xc0, 0xe8}, {0x28, '\x00', 0x0, 0xfffffffb}}}}, 0x468)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0x22e800, 0x0)
ioctl$SNDCTL_DSP_SYNC(r3, 0xc0045007, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4b, 0x9, 0x8, 0x0, 0x400003}, 0x0)
r4 = syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d3750820c80a2103be6f000000010902120001000000000904"], 0x0)
syz_usb_control_io$cdc_ecm(r4, 0x0, &(0x7f0000000540)={0x1c, &(0x7f0000000380)=ANY=[], 0x0, 0x0})
r5 = socket$inet6_udplite(0xa, 0x2, 0x88)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r7, 0x4040ae79, &(0x7f0000000240)={0x4, 0xffff1000, 0x1, 0xffffffffffffffff, 0x1})
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, 0x0, 0x0)
r8 = syz_open_dev$sndctrl(0x0, 0x0, 0x0)
futex(0x0, 0xa, 0x0, 0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r8, 0x80045530, &(0x7f00000002c0))
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f00000001c0)={0x0, <r9=>0x0})
prlimit64(r9, 0xe, 0x0, 0x0)
syz_usb_connect(0x0, 0x3e, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2000002, 0x42032, 0xffffffffffffffff, 0x80000000)
mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil)

756.893843ms ago: executing program 3 (id=6989):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f00000003c0)=ANY=[], 0xff2e)
ioctl$TCFLSH(r0, 0x540b, 0x2)

392.245326ms ago: executing program 0 (id=6990):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="fc010000190001000000000003000000e0000002000000000000000000000000fe8000000000000000000000000000aa00000000000000000a000080000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000fbffffffffffffff0000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000002"], 0x1fc}}, 0x0)

301.044351ms ago: executing program 3 (id=6991):
openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fspick(0xffffffffffffffff, 0x0, 0x0)
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
r2 = socket$netlink(0x10, 0x3, 0xa)
dup(r2)
ftruncate(0xffffffffffffffff, 0x200004)
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1c, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000004c0)={0x3, 0x5, 0xffff1000, 0x1000, &(0x7f0000ffc000/0x1000)=nil})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0)
r4 = epoll_create1(0x0)
r5 = socket(0x1, 0x80802, 0x0)
unshare(0x20000400)
execve(0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f0000000480)={0x50000015})
r6 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$KVM_CAP_X2APIC_API(r6, 0x4068aea3, &(0x7f0000000000)={0x81, 0x0, 0x3})
ioctl$KVM_SIGNAL_MSI(r6, 0x4020aea5, &(0x7f0000000140)={0x8080000, 0x4, 0x44, 0x1, 0x80000003})
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x1, 0x0, 0x0, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x13, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
pselect6(0x40, &(0x7f0000000180)={0x921, 0x8001, 0x0, 0x5, 0x6bc486f0, 0x9, 0x80, 0x4}, &(0x7f00000001c0)={0x8000, 0x0, 0x6, 0xf, 0x7f, 0x21e5, 0x7, 0xfffffffffffffffc}, 0x0, &(0x7f0000000400)={0x0, 0x3938700}, &(0x7f0000000480)={0x0})
sendmsg$nl_generic(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x20, 0x41, 0x107, 0x0, 0x7, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0x8, 0x1, 0x0, 0x1, [@nested={0x4, 0x90}]}]}, 0x20}}, 0x4010)
syz_usb_connect(0x0, 0x24, &(0x7f0000001140)={{0x12, 0x1, 0x0, 0xbd, 0xf7, 0x13, 0x8, 0x2770, 0x930c, 0x8d6a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x2a, 0xc5, 0x98}}]}}]}}, 0x0)

177.052379ms ago: executing program 1 (id=6992):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f00000001c0)={'ip6_vti0\x00', &(0x7f00000000c0)=@ethtool_link_settings={0x4d, 0xfffd, 0x4, 0x5, 0x82, 0x8, 0xfa, 0x40, 0xce, 0x5, [0x6, 0x0, 0x4b, 0x5f15, 0x0, 0x188, 0xffffffff, 0x2], [0xe2]}})
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$UHID_DESTROY(r1, &(0x7f0000000100), 0x4)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='hugetlb.1GB.usage_in_bytes\x00', 0x275a, 0x0)
cachestat(r2, &(0x7f0000000040)={0x800000}, &(0x7f000009de80), 0x0)

45.127661ms ago: executing program 0 (id=6993):
ioctl$AUTOFS_DEV_IOCTL_CLOSEMOUNT(0xffffffffffffffff, 0xc0189375, 0x0)
lseek(0xffffffffffffffff, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
write$dsp(0xffffffffffffffff, 0x0, 0x0)
write$cgroup_pressure(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x11, 0x80a, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'bond0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x401, 0x70bd2c, 0x0, {0x0, 0x0, 0x0, r3}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bond={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8, 0x3, 0x4}, @IFLA_BOND_USE_CARRIER={0x5}]}}}]}, 0x44}}, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0xfffffffe, &(0x7f0000000080)=[{&(0x7f0000000000)="2e00000010008188040f80ec59acbc0413a1f8480d0000005e140604000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0)

0s ago: executing program 1 (id=6994):
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
socket$nl_netfilter(0x10, 0x3, 0xc)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f00000002c0)={0x4000000, 0x0, 0x0, 'queue0\x00', 0x9})
prlimit64(0x0, 0xe, 0x0, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
write$sndseq(r1, &(0x7f0000000000)=[{0x1e, 0x0, 0x0, 0x0, @tick, {}, {}, @raw32}], 0x1001a)
close_range(r0, 0xffffffffffffffff, 0x400000005000000)

kernel console output (not intermixed with test programs):

C1] vkms_vblank_simulate: vblank timer overrun
[ 1976.850172][   T30] audit: type=1326 audit(1749985829.718:15520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32224 comm="syz.3.6514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd37d8e929 code=0x7ffc0000
[ 1976.948673][T27928] usb 3-1: USB disconnect, device number 119
[ 1977.362194][T32253] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 1977.436234][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88805989b000: rx timeout, send abort
[ 1977.937510][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88807ed08000: rx timeout, send abort
[ 1977.946382][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88805989b000: abort rx timeout. Force session deactivation
[ 1978.445939][    C0] vxcan1: j1939_tp_rxtimer: 0xffff88807ed08000: abort rx timeout. Force session deactivation
[ 1979.091513][T32270] binder: 32269:32270 ioctl c0306201 2000000007c0 returned -11
[ 1979.192000][T32273] FAULT_INJECTION: forcing a failure.
[ 1979.192000][T32273] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1979.240678][T32273] CPU: 0 UID: 0 PID: 32273 Comm: syz.4.6528 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) 
[ 1979.240713][T32273] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1979.240729][T32273] Call Trace:
[ 1979.240743][T32273]  <TASK>
[ 1979.240755][T32273]  dump_stack_lvl+0x189/0x250
[ 1979.240807][T32273]  ? __pfx____ratelimit+0x10/0x10
[ 1979.240851][T32273]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1979.240896][T32273]  ? __pfx__printk+0x10/0x10
[ 1979.240939][T32273]  ? __might_fault+0xb0/0x130
[ 1979.240987][T32273]  should_fail_ex+0x414/0x560
[ 1979.241033][T32273]  _copy_from_user+0x2d/0xb0
[ 1979.241064][T32273]  ___sys_recvmsg+0x12e/0x510
[ 1979.241108][T32273]  ? __pfx____sys_recvmsg+0x10/0x10
[ 1979.241186][T32273]  ? __might_fault+0xb0/0x130
[ 1979.241217][T32273]  do_recvmmsg+0x307/0x770
[ 1979.241275][T32273]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1979.241333][T32273]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 1979.241383][T32273]  __x64_sys_recvmmsg+0x190/0x240
[ 1979.241426][T32273]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1979.241461][T32273]  ? rcu_is_watching+0x15/0xb0
[ 1979.241509][T32273]  ? do_syscall_64+0xbe/0x3b0
[ 1979.241542][T32273]  do_syscall_64+0xfa/0x3b0
[ 1979.241566][T32273]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1979.241606][T32273]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1979.241636][T32273]  ? clear_bhb_loop+0x60/0xb0
[ 1979.241666][T32273]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1979.241698][T32273] RIP: 0033:0x7f11e918e929
[ 1979.241720][T32273] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1979.241753][T32273] RSP: 002b:00007f11ea053038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1979.241776][T32273] RAX: ffffffffffffffda RBX: 00007f11e93b5fa0 RCX: 00007f11e918e929
[ 1979.241791][T32273] RDX: 0000000000000a0d RSI: 00002000000066c0 RDI: 0000000000000003
[ 1979.241805][T32273] RBP: 00007f11ea053090 R08: 0000000000000000 R09: 0000000000000000
[ 1979.241817][T32273] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 1979.241829][T32273] R13: 0000000000000000 R14: 00007f11e93b5fa0 R15: 00007f11e94dfa28
[ 1979.241865][T32273]  </TASK>
[ 1979.951204][T27928] usb 3-1: new high-speed USB device number 120 using dummy_hcd
[ 1980.017134][T32288] x_tables: duplicate underflow at hook 3
[ 1980.225550][T27928] usb 3-1: Using ep0 maxpacket: 8
[ 1980.395708][T27928] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 1980.406593][T32296] FAULT_INJECTION: forcing a failure.
[ 1980.406593][T32296] name failslab, interval 1, probability 0, space 0, times 0
[ 1980.411146][T27928] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1980.566603][T32296] CPU: 1 UID: 0 PID: 32296 Comm: syz.3.6535 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) 
[ 1980.566628][T32296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1980.566637][T32296] Call Trace:
[ 1980.566644][T32296]  <TASK>
[ 1980.566650][T32296]  dump_stack_lvl+0x189/0x250
[ 1980.566677][T32296]  ? __pfx____ratelimit+0x10/0x10
[ 1980.566699][T32296]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1980.566722][T32296]  ? __pfx__printk+0x10/0x10
[ 1980.566742][T32296]  ? ref_tracker_alloc+0x318/0x460
[ 1980.566765][T32296]  should_fail_ex+0x414/0x560
[ 1980.566786][T32296]  should_failslab+0xa8/0x100
[ 1980.566804][T32296]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 1980.566826][T32296]  ? skb_clone+0x212/0x3a0
[ 1980.566860][T32296]  skb_clone+0x212/0x3a0
[ 1980.566881][T32296]  __netlink_deliver_tap+0x404/0x850
[ 1980.566905][T32296]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1980.566922][T32296]  netlink_deliver_tap+0x19c/0x1b0
[ 1980.566938][T32296]  netlink_unicast+0x72f/0x8d0
[ 1980.566959][T32296]  netlink_sendmsg+0x805/0xb30
[ 1980.566982][T32296]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1980.567001][T32296]  ? aa_sock_msg_perm+0x94/0x160
[ 1980.567020][T32296]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 1980.567037][T32296]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1980.567055][T32296]  __sock_sendmsg+0x21c/0x270
[ 1980.567078][T32296]  ____sys_sendmsg+0x505/0x830
[ 1980.567100][T32296]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1980.567123][T32296]  ? import_iovec+0x74/0xa0
[ 1980.567139][T32296]  ___sys_sendmsg+0x21f/0x2a0
[ 1980.567159][T32296]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1980.567205][T32296]  ? __fget_files+0x2a/0x420
[ 1980.567220][T32296]  ? __fget_files+0x3a0/0x420
[ 1980.567242][T32296]  __x64_sys_sendmsg+0x19b/0x260
[ 1980.567261][T32296]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1980.567285][T32296]  ? __pfx_ksys_write+0x10/0x10
[ 1980.567313][T32296]  ? rcu_is_watching+0x15/0xb0
[ 1980.567340][T32296]  ? do_syscall_64+0xbe/0x3b0
[ 1980.567356][T32296]  do_syscall_64+0xfa/0x3b0
[ 1980.567368][T32296]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1980.567390][T32296]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1980.567404][T32296]  ? clear_bhb_loop+0x60/0xb0
[ 1980.567421][T32296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1980.567435][T32296] RIP: 0033:0x7efd37d8e929
[ 1980.567448][T32296] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1980.567460][T32296] RSP: 002b:00007efd38ce1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1980.567475][T32296] RAX: ffffffffffffffda RBX: 00007efd37fb5fa0 RCX: 00007efd37d8e929
[ 1980.567486][T32296] RDX: 0000000004000080 RSI: 0000200000000300 RDI: 0000000000000003
[ 1980.567496][T32296] RBP: 00007efd38ce1090 R08: 0000000000000000 R09: 0000000000000000
[ 1980.567505][T32296] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1980.567513][T32296] R13: 0000000000000000 R14: 00007efd37fb5fa0 R15: 00007efd380dfa28
[ 1980.567534][T32296]  </TASK>
[ 1980.866088][T27928] usb 3-1: Product: syz
[ 1980.870300][T27928] usb 3-1: Manufacturer: syz
[ 1980.875026][T27928] usb 3-1: SerialNumber: syz
[ 1980.899963][T27928] usb 3-1: config 0 descriptor??
[ 1980.931142][T27928] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 1981.261272][T10845] usb 5-1: new high-speed USB device number 93 using dummy_hcd
[ 1981.441408][T27928] gspca_sq930x: reg_r 001f failed -110
[ 1981.447728][T27928] sq930x 3-1:0.0: probe with driver sq930x failed with error -110
[ 1981.574582][T10845] usb 5-1: config 0 has no interfaces?
[ 1981.660985][T10845] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 1981.682674][T10845] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1981.719994][T10845] usb 5-1: Product: syz
[ 1981.733342][T10845] usb 5-1: Manufacturer: syz
[ 1981.748397][T10845] usb 5-1: SerialNumber: syz
[ 1981.772104][T32303] syzkaller0: entered promiscuous mode
[ 1981.780806][T32303] syzkaller0: entered allmulticast mode
[ 1981.797455][T10845] usb 5-1: config 0 descriptor??
[ 1981.941267][    T9] usb 2-1: new high-speed USB device number 122 using dummy_hcd
[ 1982.143304][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1982.170284][    T9] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1982.181151][    T9] usb 2-1: New USB device found, idVendor=0e41, idProduct=4156, bcdDevice=15.eb
[ 1982.207471][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1982.217758][    T9] usb 2-1: Product: syz
[ 1982.231038][    T9] usb 2-1: Manufacturer: syz
[ 1982.236466][    T9] usb 2-1: SerialNumber: syz
[ 1982.255235][    T9] usb 2-1: config 0 descriptor??
[ 1982.314663][ T5908] usb 3-1: USB disconnect, device number 120
[ 1982.639019][T32310] Cannot find set identified by id 0 to match
[ 1983.649824][ T5908] usb 5-1: USB disconnect, device number 93
[ 1984.615527][T32334] netlink: 'syz.0.6545': attribute type 1 has an invalid length.
[ 1984.666274][    T9] snd_usb_podhd 2-1:0.0: Line 6 POD HDDESKTOP found
[ 1984.683645][    T9] snd_usb_podhd 2-1:0.0: set_interface failed
[ 1984.700291][    T9] snd_usb_podhd 2-1:0.0: Line 6 POD HDDESKTOP now disconnected
[ 1984.722947][    T9] snd_usb_podhd 2-1:0.0: probe with driver snd_usb_podhd failed with error -71
[ 1984.745246][    T9] usb 2-1: USB disconnect, device number 122
[ 1984.880803][T32345] netlink: 32 bytes leftover after parsing attributes in process `syz.2.6549'.
[ 1985.411335][    T9] usb 5-1: new high-speed USB device number 94 using dummy_hcd
[ 1985.571369][    T9] usb 5-1: Using ep0 maxpacket: 8
[ 1985.589828][    T9] usb 5-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 1985.599975][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1985.612682][    T9] usb 5-1: Product: syz
[ 1985.617023][    T9] usb 5-1: Manufacturer: syz
[ 1985.624819][    T9] usb 5-1: SerialNumber: syz
[ 1985.647758][    T9] usb 5-1: config 0 descriptor??
[ 1985.673529][    T9] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 1986.191511][    T9] gspca_sq930x: reg_r 001f failed -110
[ 1986.198357][    T9] sq930x 5-1:0.0: probe with driver sq930x failed with error -110
[ 1986.905037][T32334] workqueue: Failed to create a rescuer kthread for wq "bond2": -EINTR
[ 1987.010217][T32355] netlink: 16 bytes leftover after parsing attributes in process `syz.3.6551'.
[ 1987.126024][T32360] netlink: 'syz.2.6552': attribute type 1 has an invalid length.
[ 1987.137706][T32362] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1987.386595][T32364] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1987.434714][T32364] bond1: (slave bond2): making interface the new active one
[ 1987.457448][T32364] bond1: (slave bond2): Enslaving as an active interface with an up link
[ 1987.624796][T32360] bond1: (slave gretap1): Enslaving as a backup interface with an up link
[ 1987.724063][T32380] x_tables: arp_tables: CLASSIFY target: used from hooks INPUT, but only usable from FORWARD/OUTPUT
[ 1987.742935][T32380] netlink: 16 bytes leftover after parsing attributes in process `syz.2.6558'.
[ 1988.050657][T10845] usb 5-1: USB disconnect, device number 94
[ 1988.129173][T32385] netlink: 'syz.1.6559': attribute type 1 has an invalid length.
[ 1988.247694][T32385] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link
[ 1988.673876][T32398] netlink: 'syz.3.6561': attribute type 1 has an invalid length.
[ 1988.791887][T32398] bond3: entered promiscuous mode
[ 1988.797546][T32398] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1989.222970][T32418] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6566'.
[ 1989.697538][T32427] netlink: zone id is out of range
[ 1989.754116][    T9] hid-generic 00A0:0006:0003.0028: unknown main item tag 0x0
[ 1989.780942][    T9] hid-generic 00A0:0006:0003.0028: unknown main item tag 0x0
[ 1989.810213][    T9] hid-generic 00A0:0006:0003.0028: unknown main item tag 0x0
[ 1989.836366][    T9] hid-generic 00A0:0006:0003.0028: unknown main item tag 0x0
[ 1989.879686][    T9] hid-generic 00A0:0006:0003.0028: unknown main item tag 0x2
[ 1989.897072][    T9] hid-generic 00A0:0006:0003.0028: unknown main item tag 0x0
[ 1989.921324][T32425] input: syz0 as /devices/virtual/input/input85
[ 1989.941519][    T9] hid-generic 00A0:0006:0003.0028: unknown main item tag 0x0
[ 1989.976963][    T9] hid-generic 00A0:0006:0003.0028: unknown main item tag 0x0
[ 1990.004267][    T9] hid-generic 00A0:0006:0003.0028: unknown main item tag 0x0
[ 1990.016520][    T9] hid-generic 00A0:0006:0003.0028: unknown main item tag 0x0
[ 1990.035053][    T9] hid-generic 00A0:0006:0003.0028: unknown main item tag 0x0
[ 1990.168424][ T5908] usb 2-1: new high-speed USB device number 123 using dummy_hcd
[ 1990.441601][    T9] hid-generic 00A0:0006:0003.0028: unknown main item tag 0x0
[ 1990.442746][T32436] fuse: Unknown parameter '�'
[ 1990.454841][    T9] hid-generic 00A0:0006:0003.0028: unknown main item tag 0x0
[ 1990.546856][    T9] hid-generic 00A0:0006:0003.0028: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[ 1990.583590][ T5908] usb 2-1: Using ep0 maxpacket: 8
[ 1990.625062][ T5908] usb 2-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 1990.640861][ T5908] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1990.649292][ T5908] usb 2-1: Product: syz
[ 1990.669357][ T5908] usb 2-1: Manufacturer: syz
[ 1990.696982][ T5908] usb 2-1: SerialNumber: syz
[ 1990.738636][ T5908] usb 2-1: config 0 descriptor??
[ 1990.788318][ T5908] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 1991.431423][ T5838] usb 4-1: new high-speed USB device number 95 using dummy_hcd
[ 1991.521461][ T5908] gspca_sq930x: ucbus_write failed -110
[ 1991.527809][ T5908] sq930x 2-1:0.0: probe with driver sq930x failed with error -110
[ 1991.604391][ T5838] usb 4-1: device descriptor read/64, error -71
[ 1991.751364][T15868] usb 3-1: new high-speed USB device number 121 using dummy_hcd
[ 1991.891540][ T5838] usb 4-1: new high-speed USB device number 96 using dummy_hcd
[ 1991.961352][T15868] usb 3-1: Using ep0 maxpacket: 8
[ 1992.042393][ T5838] usb 4-1: device descriptor read/64, error -71
[ 1992.062307][T15868] usb 3-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 1992.074718][T15868] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1992.151879][ T5838] usb usb4-port1: attempt power cycle
[ 1992.159293][T15868] usb 3-1: Product: syz
[ 1992.167478][T15868] usb 3-1: Manufacturer: syz
[ 1992.185362][T15868] usb 3-1: SerialNumber: syz
[ 1992.208859][T15868] usb 3-1: config 0 descriptor??
[ 1992.263343][T15868] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 1992.511170][ T5838] usb 4-1: new high-speed USB device number 97 using dummy_hcd
[ 1992.732979][ T5838] usb 4-1: device descriptor read/8, error -71
[ 1992.792495][T15868] gspca_sq930x: reg_r 001f failed -110
[ 1992.839635][T15868] sq930x 3-1:0.0: probe with driver sq930x failed with error -110
[ 1993.002817][ T5838] usb 4-1: new high-speed USB device number 98 using dummy_hcd
[ 1993.024201][T32450] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6575'.
[ 1993.057289][ T5838] usb 4-1: device descriptor read/8, error -71
[ 1993.212212][ T5838] usb usb4-port1: unable to enumerate USB device
[ 1993.841589][ T5908] usb 2-1: USB disconnect, device number 123
[ 1993.851453][   T30] kauditd_printk_skb: 9 callbacks suppressed
[ 1993.851472][   T30] audit: type=1326 audit(1749985847.488:15530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=32470 comm="syz.4.6577" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f11e918e929 code=0x0
[ 1994.528168][ T5838] usb 3-1: USB disconnect, device number 121
[ 1994.621438][T15868] usb 4-1: new full-speed USB device number 99 using dummy_hcd
[ 1994.795838][T15868] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1994.804195][T15868] usb 4-1: not running at top speed; connect to a high speed hub
[ 1994.891547][T15868] usb 4-1: config 3 has an invalid interface number: 106 but max is 0
[ 1994.905901][T32495] netlink: 'syz.4.6583': attribute type 10 has an invalid length.
[ 1994.914244][T15868] usb 4-1: config 3 has no interface number 0
[ 1994.914297][T15868] usb 4-1: config 3 interface 106 altsetting 10 endpoint 0xD has invalid maxpacket 512, setting to 64
[ 1994.914329][T15868] usb 4-1: config 3 interface 106 altsetting 10 endpoint 0xF has invalid maxpacket 1024, setting to 64
[ 1994.914359][T15868] usb 4-1: config 3 interface 106 has no altsetting 0
[ 1994.974704][T15868] usb 4-1: New USB device found, idVendor=0d46, idProduct=2011, bcdDevice=e8.8a
[ 1995.011245][T15868] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1995.019666][T15868] usb 4-1: Product: syz
[ 1995.029219][T15868] usb 4-1: Manufacturer: syz
[ 1995.036832][T15868] usb 4-1: SerialNumber: syz
[ 1995.071018][T32477] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1995.079110][T32477] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1995.206905][T32497] netlink: 20 bytes leftover after parsing attributes in process `syz.1.6584'.
[ 1995.248158][T32497] vlan2: entered promiscuous mode
[ 1995.385162][T15868] kobil_sct 4-1:3.106: KOBIL USB smart card terminal converter detected
[ 1995.409705][T15868] usb 4-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[ 1995.483080][T15868] usb 4-1: USB disconnect, device number 99
[ 1995.533062][T15868] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[ 1995.577920][T15868] kobil_sct 4-1:3.106: device disconnected
[ 1995.668441][T32501] tipc: Started in network mode
[ 1995.694255][T32501] tipc: Node identity fe80000000000000000000000000002a, cluster identity 4711
[ 1995.724572][T32501] tipc: Enabled bearer <udp:syz0>, priority 10
[ 1995.817559][T32503] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6587'.
[ 1996.012216][T32507] program syz.1.6588 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1996.038953][T32503] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1996.156111][T32505] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1996.198186][T32505] bond2: (slave vcan0): The slave device specified does not support setting the MAC address
[ 1996.213976][T32513] netlink: 8 bytes leftover after parsing attributes in process `syz.1.6591'.
[ 1996.231696][T32505] bond2: (slave vcan0): Error -95 calling set_mac_address
[ 1996.240693][T32511] binder: BINDER_SET_CONTEXT_MGR already set
[ 1996.247018][T32511] binder: 32510:32511 ioctl 4018620d 200000000040 returned -16
[ 1996.260158][T32511] binder: 32510:32511 ioctl c0306201 2000000003c0 returned -14
[ 1996.831317][ T5838] usb 4-1: new high-speed USB device number 100 using dummy_hcd
[ 1996.841402][T17712] tipc: Node number set to 4269801514
[ 1997.231031][ T5838] usb 4-1: Using ep0 maxpacket: 8
[ 1997.258851][ T5838] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 1997.269422][ T5838] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1997.280684][ T5838] usb 4-1: Product: syz
[ 1997.324228][ T5838] usb 4-1: Manufacturer: syz
[ 1997.343328][ T5838] usb 4-1: SerialNumber: syz
[ 1997.366906][ T5838] usb 4-1: config 0 descriptor??
[ 1997.464648][T32533] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1997.591453][ T5838] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 1998.152015][ T5838] gspca_sq930x: reg_r 001f failed -110
[ 1998.159856][ T5838] sq930x 4-1:0.0: probe with driver sq930x failed with error -110
[ 1998.696181][T32542] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1999.257147][T10845] usb 4-1: USB disconnect, device number 100
[ 1999.714464][T32555] vlan2: entered promiscuous mode
[ 1999.751481][T10845] usb 2-1: new full-speed USB device number 124 using dummy_hcd
[ 1999.788631][T32555] bond0: entered promiscuous mode
[ 1999.794901][T32555] bond_slave_0: entered promiscuous mode
[ 1999.800896][T32555] bond_slave_1: entered promiscuous mode
[ 1999.922174][T10845] usb 2-1: device descriptor read/64, error -71
[ 2000.254204][T10845] usb 2-1: new full-speed USB device number 125 using dummy_hcd
[ 2000.287421][T32569] netlink: 'syz.2.6605': attribute type 12 has an invalid length.
[ 2001.011204][T15868] usb 5-1: new high-speed USB device number 95 using dummy_hcd
[ 2001.018901][T10845] usb 2-1: device descriptor read/64, error -71
[ 2001.138177][T10845] usb usb2-port1: attempt power cycle
[ 2001.205729][T15868] usb 5-1: config 0 has no interfaces?
[ 2001.226858][T15868] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2001.237801][T15868] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2001.251923][T15868] usb 5-1: Product: syz
[ 2001.256135][T15868] usb 5-1: Manufacturer: syz
[ 2001.333854][T15868] usb 5-1: SerialNumber: syz
[ 2001.362324][T15868] usb 5-1: config 0 descriptor??
[ 2001.592017][T10845] usb 2-1: new full-speed USB device number 126 using dummy_hcd
[ 2001.612119][T10845] usb 2-1: device descriptor read/8, error -71
[ 2001.765098][T32579] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6607'.
[ 2001.775308][T32579] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6607'.
[ 2001.788449][T32579] A link change request failed with some changes committed already. Interface ip_vti0 may have been left with an inconsistent configuration, please check.
[ 2001.911698][T10845] usb 2-1: new full-speed USB device number 127 using dummy_hcd
[ 2001.949483][T10845] usb 2-1: device descriptor read/8, error -71
[ 2002.130889][T10845] usb usb2-port1: unable to enumerate USB device
[ 2002.747045][T32587] FAULT_INJECTION: forcing a failure.
[ 2002.747045][T32587] name failslab, interval 1, probability 0, space 0, times 0
[ 2002.799571][T32587] CPU: 1 UID: 0 PID: 32587 Comm: syz.1.6610 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) 
[ 2002.799602][T32587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2002.799614][T32587] Call Trace:
[ 2002.799622][T32587]  <TASK>
[ 2002.799631][T32587]  dump_stack_lvl+0x189/0x250
[ 2002.799666][T32587]  ? __pfx____ratelimit+0x10/0x10
[ 2002.799696][T32587]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2002.799726][T32587]  ? __pfx__printk+0x10/0x10
[ 2002.799753][T32587]  ? ref_tracker_alloc+0x318/0x460
[ 2002.799782][T32587]  should_fail_ex+0x414/0x560
[ 2002.799813][T32587]  should_failslab+0xa8/0x100
[ 2002.799836][T32587]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 2002.799876][T32587]  ? skb_clone+0x212/0x3a0
[ 2002.799906][T32587]  skb_clone+0x212/0x3a0
[ 2002.799935][T32587]  __netlink_deliver_tap+0x404/0x850
[ 2002.799971][T32587]  ? netlink_deliver_tap+0x2e/0x1b0
[ 2002.799995][T32587]  netlink_deliver_tap+0x19c/0x1b0
[ 2002.800019][T32587]  netlink_unicast+0x72f/0x8d0
[ 2002.800049][T32587]  netlink_sendmsg+0x805/0xb30
[ 2002.800080][T32587]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2002.800105][T32587]  ? aa_sock_msg_perm+0x94/0x160
[ 2002.800129][T32587]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 2002.800152][T32587]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 2002.800174][T32587]  __sock_sendmsg+0x21c/0x270
[ 2002.800205][T32587]  ____sys_sendmsg+0x505/0x830
[ 2002.800233][T32587]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2002.800265][T32587]  ? import_iovec+0x74/0xa0
[ 2002.800287][T32587]  ___sys_sendmsg+0x21f/0x2a0
[ 2002.800312][T32587]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2002.800367][T32587]  ? __fget_files+0x2a/0x420
[ 2002.800387][T32587]  ? __fget_files+0x3a0/0x420
[ 2002.800416][T32587]  __x64_sys_sendmsg+0x19b/0x260
[ 2002.800444][T32587]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2002.800478][T32587]  ? __pfx_ksys_write+0x10/0x10
[ 2002.800493][T32587]  ? rcu_is_watching+0x15/0xb0
[ 2002.800533][T32587]  ? do_syscall_64+0xbe/0x3b0
[ 2002.800572][T32587]  do_syscall_64+0xfa/0x3b0
[ 2002.800610][T32587]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2002.800641][T32587]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2002.800662][T32587]  ? clear_bhb_loop+0x60/0xb0
[ 2002.800687][T32587]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2002.800708][T32587] RIP: 0033:0x7f714bd8e929
[ 2002.800728][T32587] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2002.800747][T32587] RSP: 002b:00007f7149bf6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2002.800770][T32587] RAX: ffffffffffffffda RBX: 00007f714bfb5fa0 RCX: 00007f714bd8e929
[ 2002.800786][T32587] RDX: 0000000020000814 RSI: 0000200000000300 RDI: 0000000000000003
[ 2002.800801][T32587] RBP: 00007f7149bf6090 R08: 0000000000000000 R09: 0000000000000000
[ 2002.800815][T32587] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2002.800828][T32587] R13: 0000000000000000 R14: 00007f714bfb5fa0 R15: 00007f714c0dfa28
[ 2002.800867][T32587]  </TASK>
[ 2003.087936][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2003.230902][ T5908] usb 3-1: new high-speed USB device number 122 using dummy_hcd
[ 2003.342111][T32583] netlink: 'syz.0.6608': attribute type 21 has an invalid length.
[ 2003.451355][ T5908] usb 3-1: Using ep0 maxpacket: 16
[ 2003.467245][ T5908] usb 3-1: config 32 has an invalid interface number: 242 but max is 2
[ 2003.490160][ T5908] usb 3-1: config 32 has an invalid interface number: 14 but max is 2
[ 2003.491334][T27928] usb 5-1: USB disconnect, device number 95
[ 2003.498566][ T5908] usb 3-1: config 32 has an invalid interface number: 112 but max is 2
[ 2003.512780][ T5908] usb 3-1: config 32 has no interface number 0
[ 2003.518983][ T5908] usb 3-1: config 32 has no interface number 1
[ 2003.530171][ T5908] usb 3-1: config 32 has no interface number 2
[ 2003.533063][T32594] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 2003.549253][ T5908] usb 3-1: config 32 interface 242 altsetting 2 endpoint 0xF has invalid maxpacket 1023, setting to 64
[ 2003.606470][ T5908] usb 3-1: config 32 interface 242 altsetting 2 has an invalid descriptor for endpoint zero, skipping
[ 2003.619544][ T5908] usb 3-1: config 32 interface 14 altsetting 9 bulk endpoint 0x1 has invalid maxpacket 1024
[ 2003.649847][ T5908] usb 3-1: config 32 interface 112 altsetting 9 has a duplicate endpoint with address 0xD, skipping
[ 2003.673834][ T5908] usb 3-1: config 32 interface 112 altsetting 9 endpoint 0x2 has invalid maxpacket 1023, setting to 64
[ 2003.689171][ T5908] usb 3-1: config 32 interface 112 altsetting 9 has an endpoint descriptor with address 0x55, changing to 0x5
[ 2003.701272][ T5908] usb 3-1: config 32 interface 112 altsetting 9 endpoint 0x5 has invalid maxpacket 39229, setting to 64
[ 2003.712901][ T5908] usb 3-1: config 32 interface 112 altsetting 9 has a duplicate endpoint with address 0xC, skipping
[ 2003.726764][ T5908] usb 3-1: config 32 interface 112 altsetting 9 has 7 endpoint descriptors, different from the interface descriptor's value: 6
[ 2003.760726][ T5908] usb 3-1: config 32 interface 242 has no altsetting 0
[ 2003.769719][ T5908] usb 3-1: config 32 interface 14 has no altsetting 0
[ 2003.792860][ T5908] usb 3-1: config 32 interface 112 has no altsetting 0
[ 2003.823005][ T5908] usb 3-1: New USB device found, idVendor=04cb, idProduct=0104, bcdDevice=28.fe
[ 2003.869518][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2003.936966][ T5908] usb 3-1: Product: 剗ԍ濌掐軵ဗᚲ毢઱錏阮畼爛甡Ljዿ欣氳亏닜색婁萳絕邚쇔ẩ栰僧㢭อ䃓坯掵耀졀博䢰鍕វ淵
[ 2003.955757][ T5908] usb 3-1: Manufacturer: 죞仠擊杷姱ገ፾ĸ첎芕㭟磼砩垡㗔翻﫧滲ⷮ襅慽뭐钛늶襘妏鐆㒣ᥪꙹ澋８쬗⳶➵淠浪訊⫄ꧫ裦뫪ई벉室킼쿍ヲ빷弗䧍谇꽗笞ౝ摁薳쉌튃剽肑狽⃀ꗮ쮺㘔ꇭ਄葲翵뇍齶붎⪐ޞﵾܷ嫹ᚨ压檮滜뮸胭΅꽲
[ 2004.040916][ T5908] usb 3-1: SerialNumber: ఇ
[ 2004.191818][T27928] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[ 2004.249586][T17712] usb 5-1: new high-speed USB device number 96 using dummy_hcd
[ 2004.266932][T32590] netlink: 24 bytes leftover after parsing attributes in process `syz.2.6611'.
[ 2004.351319][T27928] usb 2-1: device descriptor read/64, error -71
[ 2004.442058][T17712] usb 5-1: Using ep0 maxpacket: 8
[ 2004.460322][T17712] usb 5-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 2004.469537][T17712] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2004.478349][T17712] usb 5-1: Product: syz
[ 2004.482678][T17712] usb 5-1: Manufacturer: syz
[ 2004.492497][T17712] usb 5-1: SerialNumber: syz
[ 2004.546342][T17712] usb 5-1: config 0 descriptor??
[ 2004.615130][T17712] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 2004.623280][T27928] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[ 2004.624922][ T5908] usb 3-1: USB disconnect, device number 122
[ 2004.783392][T27928] usb 2-1: device descriptor read/64, error -71
[ 2004.903445][T27928] usb usb2-port1: attempt power cycle
[ 2005.039104][T32623] netlink: zone id is out of range
[ 2005.141475][T17712] gspca_sq930x: reg_r 001f failed -110
[ 2005.147097][T17712] sq930x 5-1:0.0: probe with driver sq930x failed with error -110
[ 2005.261171][T27928] usb 2-1: new full-speed USB device number 4 using dummy_hcd
[ 2005.471893][T27928] usb 2-1: device descriptor read/8, error -71
[ 2005.545249][ T5908] usb 4-1: new high-speed USB device number 101 using dummy_hcd
[ 2005.553154][ T5932] usb 3-1: new high-speed USB device number 123 using dummy_hcd
[ 2005.722455][ T5908] usb 4-1: Using ep0 maxpacket: 8
[ 2005.733850][ T5932] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 2005.744573][ T5932] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2005.757493][ T5908] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 2005.781779][T27928] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[ 2005.789743][ T5908] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2005.798110][ T5908] usb 4-1: Product: syz
[ 2005.802525][ T5932] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 2005.812932][ T5908] usb 4-1: Manufacturer: syz
[ 2005.813133][T27928] usb 2-1: device descriptor read/8, error -71
[ 2005.817645][ T5908] usb 4-1: SerialNumber: syz
[ 2005.835590][ T5932] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[ 2005.898248][ T5908] usb 4-1: config 0 descriptor??
[ 2005.930425][ T5932] usb 3-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2005.955056][T27928] usb usb2-port1: unable to enumerate USB device
[ 2005.978979][ T5908] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 2006.092531][ T5932] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[ 2006.101987][ T5932] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2006.110992][ T5932] usb 3-1: Product: syz
[ 2006.141237][ T5932] usb 3-1: Manufacturer: syz
[ 2006.176713][ T5932] usb 3-1: SerialNumber: syz
[ 2006.465602][ T5932] cdc_ncm 3-1:1.0: bind() failure
[ 2006.474461][ T5932] usbtest 3-1:1.0: couldn't get endpoints, -22
[ 2006.481196][ T5932] usbtest 3-1:1.0: probe with driver usbtest failed with error -22
[ 2006.492389][ T5932] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[ 2006.499816][ T5932] cdc_ncm 3-1:1.1: bind() failure
[ 2006.515578][ T5932] usbtest 3-1:1.1: couldn't get endpoints, -22
[ 2006.620668][ T5932] usbtest 3-1:1.1: probe with driver usbtest failed with error -22
[ 2006.637280][ T5932] usb 3-1: USB disconnect, device number 123
[ 2006.694890][ T5908] gspca_sq930x: ucbus_write failed -110
[ 2006.705668][ T5908] sq930x 4-1:0.0: probe with driver sq930x failed with error -110
[ 2006.940056][ T5932] usb 4-1: USB disconnect, device number 101
[ 2007.421195][ T5932] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[ 2007.529345][T10845] usb 5-1: USB disconnect, device number 96
[ 2007.594911][ T5932] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 2007.649553][ T5932] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2007.827764][ T5932] usb 2-1: config 0 descriptor??
[ 2007.839844][ T5932] cp210x 2-1:0.0: cp210x converter detected
[ 2008.371046][ T5932] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32
[ 2008.492209][ T5932] usb 2-1: cp210x converter now attached to ttyUSB0
[ 2008.660218][ T5932] usb 2-1: USB disconnect, device number 6
[ 2008.687395][ T5932] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 2008.791330][T32664] netlink: 12 bytes leftover after parsing attributes in process `syz.4.6629'.
[ 2008.855467][ T5932] cp210x 2-1:0.0: device disconnected
[ 2008.885605][T32664] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2008.892865][T32664] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2008.900395][T32664] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2008.907650][T32664] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2008.915695][T32664] bridge0: left allmulticast mode
[ 2008.939639][T32664] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 2009.391336][T10845] usb 4-1: new high-speed USB device number 102 using dummy_hcd
[ 2009.651332][T10845] usb 4-1: device descriptor read/64, error -71
[ 2010.041606][T10845] usb 4-1: new high-speed USB device number 103 using dummy_hcd
[ 2010.192774][T10845] usb 4-1: device descriptor read/64, error -71
[ 2010.362360][T10845] usb usb4-port1: attempt power cycle
[ 2010.811477][T10845] usb 4-1: new high-speed USB device number 104 using dummy_hcd
[ 2010.851399][T10845] usb 4-1: device descriptor read/8, error -71
[ 2011.091704][T10845] usb 4-1: new high-speed USB device number 105 using dummy_hcd
[ 2011.125947][T10845] usb 4-1: device descriptor read/8, error -71
[ 2011.181174][ T5908] usb 5-1: new high-speed USB device number 97 using dummy_hcd
[ 2011.336901][T10845] usb usb4-port1: unable to enumerate USB device
[ 2011.391211][ T5908] usb 5-1: Using ep0 maxpacket: 8
[ 2011.441317][ T5908] usb 5-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 2011.451546][ T5908] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2011.459546][ T5908] usb 5-1: Product: syz
[ 2011.466319][ T5908] usb 5-1: Manufacturer: syz
[ 2011.471010][ T5908] usb 5-1: SerialNumber: syz
[ 2011.507665][ T5908] usb 5-1: config 0 descriptor??
[ 2011.520884][ T5908] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 2011.853063][T32697] xt_ecn: cannot match TCP bits for non-tcp packets
[ 2012.046307][ T5908] gspca_sq930x: reg_r 001f failed -110
[ 2012.056199][ T5908] sq930x 5-1:0.0: probe with driver sq930x failed with error -110
[ 2012.151599][T32703] FAULT_INJECTION: forcing a failure.
[ 2012.151599][T32703] name failslab, interval 1, probability 0, space 0, times 0
[ 2012.193727][T32703] CPU: 1 UID: 0 PID: 32703 Comm: syz.3.6641 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) 
[ 2012.193760][T32703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2012.193773][T32703] Call Trace:
[ 2012.193781][T32703]  <TASK>
[ 2012.193790][T32703]  dump_stack_lvl+0x189/0x250
[ 2012.193827][T32703]  ? __pfx____ratelimit+0x10/0x10
[ 2012.193858][T32703]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2012.193890][T32703]  ? __pfx__printk+0x10/0x10
[ 2012.193918][T32703]  ? __pfx___might_resched+0x10/0x10
[ 2012.193948][T32703]  ? fs_reclaim_acquire+0x7d/0x100
[ 2012.193977][T32703]  should_fail_ex+0x414/0x560
[ 2012.194017][T32703]  ? __pfx_proc_alloc_inode+0x10/0x10
[ 2012.194041][T32703]  should_failslab+0xa8/0x100
[ 2012.194063][T32703]  ? __pfx_proc_alloc_inode+0x10/0x10
[ 2012.194085][T32703]  kmem_cache_alloc_lru_noprof+0x78/0x3d0
[ 2012.194104][T32703]  ? proc_alloc_inode+0x2a/0xc0
[ 2012.194131][T32703]  ? __pfx_proc_alloc_inode+0x10/0x10
[ 2012.194154][T32703]  proc_alloc_inode+0x2a/0xc0
[ 2012.194178][T32703]  alloc_inode+0x67/0x1b0
[ 2012.194200][T32703]  new_inode+0x22/0x170
[ 2012.194225][T32703]  proc_pid_make_inode+0x21/0x130
[ 2012.194261][T32703]  proc_fd_instantiate+0x54/0x300
[ 2012.194279][T32703]  ? proc_fill_cache+0x2a7/0x3d0
[ 2012.194309][T32703]  proc_fill_cache+0x2d0/0x3d0
[ 2012.194340][T32703]  ? __pfx_proc_fd_instantiate+0x10/0x10
[ 2012.194361][T32703]  ? __pfx_proc_fill_cache+0x10/0x10
[ 2012.194391][T32703]  ? snprintf+0xda/0x120
[ 2012.194424][T32703]  ? fget_task_next+0x572/0x5f0
[ 2012.194454][T32703]  proc_readfd_common+0x3fe/0x5c0
[ 2012.194479][T32703]  ? __pfx_proc_fd_instantiate+0x10/0x10
[ 2012.194498][T32703]  ? __pfx_proc_readfd_common+0x10/0x10
[ 2012.194519][T32703]  ? end_current_label_crit_section+0x152/0x180
[ 2012.194549][T32703]  ? iterate_dir+0x49f/0x770
[ 2012.194576][T32703]  ? down_read_killable+0x1d1/0x350
[ 2012.194602][T32703]  iterate_dir+0x5af/0x770
[ 2012.194636][T32703]  __se_sys_getdents+0xe4/0x250
[ 2012.194668][T32703]  ? __pfx___se_sys_getdents+0x10/0x10
[ 2012.194695][T32703]  ? __pfx_filldir+0x10/0x10
[ 2012.194714][T32703]  ? rcu_is_watching+0x15/0xb0
[ 2012.194748][T32703]  ? do_syscall_64+0xbe/0x3b0
[ 2012.194770][T32703]  do_syscall_64+0xfa/0x3b0
[ 2012.194786][T32703]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2012.194814][T32703]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2012.194833][T32703]  ? clear_bhb_loop+0x60/0xb0
[ 2012.194856][T32703]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2012.194875][T32703] RIP: 0033:0x7efd37d8e929
[ 2012.194892][T32703] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2012.194909][T32703] RSP: 002b:00007efd38ce1038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[ 2012.194929][T32703] RAX: ffffffffffffffda RBX: 00007efd37fb5fa0 RCX: 00007efd37d8e929
[ 2012.194942][T32703] RDX: 0000000000001000 RSI: 0000200000001f80 RDI: 0000000000000005
[ 2012.194955][T32703] RBP: 00007efd38ce1090 R08: 0000000000000000 R09: 0000000000000000
[ 2012.194966][T32703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2012.194977][T32703] R13: 0000000000000000 R14: 00007efd37fb5fa0 R15: 00007efd380dfa28
[ 2012.195006][T32703]  </TASK>
[ 2012.881202][T10845] usb 4-1: new high-speed USB device number 106 using dummy_hcd
[ 2013.031311][T10845] usb 4-1: Using ep0 maxpacket: 8
[ 2013.038233][T10845] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 129, changing to 11
[ 2013.052351][T10845] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 16
[ 2013.067470][T10845] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 32
[ 2013.093671][T32709] netlink: zone id is out of range
[ 2013.124639][T32705] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2013.138335][T32705] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2013.198869][T32705] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2013.209965][T32705] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2013.318081][T10845] usb 4-1: string descriptor 0 read error: -71
[ 2013.342493][T10845] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 2013.371149][T10845] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2013.391325][T27928] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[ 2013.442270][T10845] usb 4-1: rejected 1 configuration due to insufficient available bus power
[ 2013.461375][T10845] usb 4-1: no configuration chosen from 1 choice
[ 2013.515529][ T5908] usb 3-1: new high-speed USB device number 124 using dummy_hcd
[ 2013.534110][T10845] usb 4-1: USB disconnect, device number 106
[ 2013.551216][T27928] usb 2-1: Using ep0 maxpacket: 8
[ 2013.593414][T27928] usb 2-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 2013.611465][T27928] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2013.642182][T27928] usb 2-1: Product: syz
[ 2013.651424][T27928] usb 2-1: Manufacturer: syz
[ 2013.657638][T27928] usb 2-1: SerialNumber: syz
[ 2013.662928][T15868] usb 5-1: USB disconnect, device number 97
[ 2013.706147][T27928] usb 2-1: config 0 descriptor??
[ 2013.718694][T27928] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 2013.721368][ T5908] usb 3-1: Using ep0 maxpacket: 32
[ 2013.742506][ T5908] usb 3-1: config 0 has an invalid interface number: 202 but max is 1
[ 2013.751338][ T5908] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2013.806258][ T5908] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 2013.855443][ T5908] usb 3-1: config 0 has no interface number 0
[ 2013.878320][ T5908] usb 3-1: too many endpoints for config 0 interface 202 altsetting 87: 182, using maximum allowed: 30
[ 2013.917761][ T5908] usb 3-1: config 0 interface 202 altsetting 87 endpoint 0x2 has invalid maxpacket 255, setting to 64
[ 2013.945094][ T5908] usb 3-1: config 0 interface 202 altsetting 87 has 1 endpoint descriptor, different from the interface descriptor's value: 182
[ 2013.964900][ T5908] usb 3-1: config 0 interface 202 has no altsetting 0
[ 2013.985132][ T5908] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.2b
[ 2013.996875][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2014.010159][ T5908] usb 3-1: Product: syz
[ 2014.021258][ T5908] usb 3-1: Manufacturer: syz
[ 2014.095436][T32717] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:20004
[ 2014.170646][ T5908] usb 3-1: SerialNumber: syz
[ 2014.185490][ T5908] usb 3-1: config 0 descriptor??
[ 2014.287822][ T5908] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 2014.466860][T27928] gspca_sq930x: ucbus_write failed -110
[ 2014.477206][T27928] sq930x 2-1:0.0: probe with driver sq930x failed with error -110
[ 2015.321604][ T5838] usb 5-1: new full-speed USB device number 98 using dummy_hcd
[ 2015.410789][T12238] usb 3-1: Failed to submit usb control message: -110
[ 2015.515775][T12238] usb 3-1: unable to send the bmi data to the device: -110
[ 2015.545200][T12238] usb 3-1: unable to get target info from device
[ 2015.557388][T12238] usb 3-1: could not get target info (-110)
[ 2015.574195][ T5838] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 2015.625082][ T5838] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 384, setting to 64
[ 2015.640602][ T5838] usb 5-1: New USB device found, idVendor=0e9c, idProduct=0000, bcdDevice=5b.1e
[ 2015.669109][ T5838] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2015.680305][ T5838] usb 5-1: Product: syz
[ 2015.688521][ T5838] usb 5-1: Manufacturer: syz
[ 2015.693461][ T5838] usb 5-1: SerialNumber: syz
[ 2015.728090][ T5838] usb 5-1: config 0 descriptor??
[ 2015.733607][T12238] usb 3-1: could not probe fw (-110)
[ 2015.764097][T32734] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 2015.947042][ T5908] usb 2-1: USB disconnect, device number 7
[ 2016.112348][T32738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2016.128984][T32738] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2016.305998][ T5908] usb 3-1: USB disconnect, device number 124
[ 2016.398908][ T5838] rc_core: IR keymap rc-streamzap not found
[ 2016.434673][ T5838] Registered IR keymap rc-empty
[ 2016.479745][ T5838] rc rc0: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[ 2016.577282][ T5838] input: Streamzap PC Remote Infrared Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input86
[ 2016.761518][T27928] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[ 2016.807773][T32747] netlink: 'syz.2.6650': attribute type 1 has an invalid length.
[ 2016.823436][ T5838] usb 5-1: USB disconnect, device number 98
[ 2016.981351][T27928] usb 2-1: Using ep0 maxpacket: 8
[ 2017.074673][T27928] usb 2-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[ 2017.116610][T27928] usb 2-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[ 2017.146082][T27928] usb 2-1: Product: syz
[ 2017.154124][T27928] usb 2-1: Manufacturer: syz
[ 2017.177779][T27928] usb 2-1: SerialNumber: syz
[ 2017.212694][T27928] usb 2-1: config 0 descriptor??
[ 2017.294440][T27928] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[ 2017.432816][T32751] FAULT_INJECTION: forcing a failure.
[ 2017.432816][T32751] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2017.565060][T32751] CPU: 0 UID: 0 PID: 32751 Comm: syz.4.6652 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) 
[ 2017.565096][T32751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2017.565109][T32751] Call Trace:
[ 2017.565117][T32751]  <TASK>
[ 2017.565127][T32751]  dump_stack_lvl+0x189/0x250
[ 2017.565164][T32751]  ? __pfx____ratelimit+0x10/0x10
[ 2017.565196][T32751]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2017.565227][T32751]  ? __pfx__printk+0x10/0x10
[ 2017.565260][T32751]  should_fail_ex+0x414/0x560
[ 2017.565292][T32751]  _copy_to_user+0x31/0xb0
[ 2017.565316][T32751]  simple_read_from_buffer+0xe1/0x170
[ 2017.565343][T32751]  proc_fail_nth_read+0x1df/0x250
[ 2017.565373][T32751]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2017.565401][T32751]  ? rw_verify_area+0x258/0x650
[ 2017.565433][T32751]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2017.565470][T32751]  vfs_read+0x200/0x980
[ 2017.565505][T32751]  ? __pfx___mutex_lock+0x10/0x10
[ 2017.565524][T32751]  ? __pfx_vfs_read+0x10/0x10
[ 2017.565555][T32751]  ? __fget_files+0x2a/0x420
[ 2017.565582][T32751]  ? __fget_files+0x3a0/0x420
[ 2017.565602][T32751]  ? __fget_files+0x2a/0x420
[ 2017.565632][T32751]  ksys_read+0x145/0x250
[ 2017.565652][T32751]  ? __pfx_ksys_read+0x10/0x10
[ 2017.565666][T32751]  ? rcu_is_watching+0x15/0xb0
[ 2017.565701][T32751]  ? do_syscall_64+0xbe/0x3b0
[ 2017.565725][T32751]  do_syscall_64+0xfa/0x3b0
[ 2017.565743][T32751]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2017.565778][T32751]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2017.565799][T32751]  ? clear_bhb_loop+0x60/0xb0
[ 2017.565823][T32751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2017.565842][T32751] RIP: 0033:0x7f11e918d33c
[ 2017.565860][T32751] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2017.565876][T32751] RSP: 002b:00007f11ea053030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2017.565896][T32751] RAX: ffffffffffffffda RBX: 00007f11e93b5fa0 RCX: 00007f11e918d33c
[ 2017.565911][T32751] RDX: 000000000000000f RSI: 00007f11ea0530a0 RDI: 0000000000000007
[ 2017.565923][T32751] RBP: 00007f11ea053090 R08: 0000000000000000 R09: 0000000000000000
[ 2017.565931][T32751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2017.565939][T32751] R13: 0000000000000000 R14: 00007f11e93b5fa0 R15: 00007f11e94dfa28
[ 2017.565959][T32751]  </TASK>
[ 2017.806108][T27928] gspca_zc3xx: reg_r err -71
[ 2017.815499][T27928] gspca_zc3xx 2-1:0.0: probe with driver gspca_zc3xx failed with error -71
[ 2017.880055][T27928] usb 2-1: USB disconnect, device number 8
[ 2018.185396][T32761] binder: 32759:32761 ioctl c0306201 200000000480 returned -14
[ 2018.350206][T10845] usb 4-1: new high-speed USB device number 107 using dummy_hcd
[ 2018.611195][T10845] usb 4-1: Using ep0 maxpacket: 32
[ 2018.627797][T10845] usb 4-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 2018.862785][ T5908] usb 5-1: new high-speed USB device number 99 using dummy_hcd
[ 2018.871188][T10845] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2018.879660][T10845] usb 4-1: Product: syz
[ 2018.918450][T10845] usb 4-1: Manufacturer: syz
[ 2018.924842][T10845] usb 4-1: SerialNumber: syz
[ 2018.935806][T10845] usb 4-1: config 0 descriptor??
[ 2018.973785][  T307] blktrace: Concurrent blktraces are not allowed on sg0
[ 2019.028031][T10845] gspca_main: stk1135-2.14.0 probing 174f:6a31
[ 2019.131416][T15868] usb 3-1: new high-speed USB device number 125 using dummy_hcd
[ 2019.352214][T15868] usb 3-1: Using ep0 maxpacket: 8
[ 2019.364034][ T5908] usb 5-1: Using ep0 maxpacket: 8
[ 2019.367683][T15868] usb 3-1: config 5 has an invalid interface number: 52 but max is 1
[ 2019.378125][T15868] usb 3-1: config 5 has an invalid interface number: 4 but max is 1
[ 2019.391204][T15868] usb 3-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[ 2019.534212][ T5908] usb 5-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 2019.551124][ T5908] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2019.551427][T10845] gspca_stk1135: reg_w 0x2 err -110
[ 2019.596903][  T312] input: syz0 as /devices/virtual/input/input87
[ 2019.619985][T15868] usb 3-1: config 5 has no interface number 0
[ 2019.623627][ T5908] usb 5-1: Product: syz
[ 2019.631255][T15868] usb 3-1: config 5 has no interface number 1
[ 2019.638416][ T5908] usb 5-1: Manufacturer: syz
[ 2019.639449][T10845] gspca_stk1135: serial bus timeout: status=0x00
[ 2019.654785][ T5908] usb 5-1: SerialNumber: syz
[ 2019.669614][T15868] usb 3-1: config 5 interface 52 altsetting 10 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 2019.700001][T10845] gspca_stk1135: Sensor write failed
[ 2019.741912][ T5908] usb 5-1: config 0 descriptor??
[ 2019.749129][T10845] gspca_stk1135: serial bus timeout: status=0x00
[ 2019.767089][T15868] usb 3-1: config 5 interface 4 altsetting 9 endpoint 0x5 has invalid wMaxPacketSize 0
[ 2019.785055][ T5908] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 2019.791341][T10845] gspca_stk1135: Sensor write failed
[ 2019.839541][T15868] usb 3-1: config 5 interface 4 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 7
[ 2019.897203][T10845] gspca_stk1135: serial bus timeout: status=0x00
[ 2019.978153][T10845] gspca_stk1135: Sensor read failed
[ 2020.012429][T10845] gspca_stk1135: serial bus timeout: status=0x00
[ 2020.019513][T15868] usb 3-1: config 5 interface 52 has no altsetting 0
[ 2020.046892][T10845] gspca_stk1135: Sensor read failed
[ 2020.052454][T15868] usb 3-1: config 5 interface 4 has no altsetting 0
[ 2020.069411][T10845] gspca_stk1135: Detected sensor type unknown (0x0)
[ 2020.169705][T15868] usb 3-1: New USB device found, idVendor=04b4, idProduct=0002, bcdDevice=e2.5c
[ 2020.190807][T10845] gspca_stk1135: serial bus timeout: status=0x00
[ 2020.205020][T15868] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2020.243072][T10845] gspca_stk1135: Sensor read failed
[ 2020.260837][T15868] usb 3-1: Product: syz
[ 2020.269874][T10845] gspca_stk1135: serial bus timeout: status=0x00
[ 2020.311678][ T5908] gspca_sq930x: reg_r 001f failed -110
[ 2020.317332][ T5908] sq930x 5-1:0.0: probe with driver sq930x failed with error -110
[ 2020.336059][T15868] usb 3-1: Manufacturer: syz
[ 2020.340765][T10845] gspca_stk1135: Sensor read failed
[ 2020.347664][T15868] usb 3-1: SerialNumber: syz
[ 2020.355905][T10845] gspca_stk1135: serial bus timeout: status=0x00
[ 2020.420603][T10845] gspca_stk1135: Sensor write failed
[ 2020.443176][T10845] gspca_stk1135: serial bus timeout: status=0x00
[ 2020.458017][T10845] gspca_stk1135: Sensor write failed
[ 2020.477372][T10845] stk1135 4-1:0.0: probe with driver stk1135 failed with error -110
[ 2020.531802][T10845] usb 4-1: USB disconnect, device number 107
[ 2020.654857][T15868] cytherm 3-1:5.52: Cypress thermometer device now attached
[ 2020.669257][T15868] cytherm 3-1:5.4: Cypress thermometer device now attached
[ 2020.825609][T15868] usb 3-1: USB disconnect, device number 125
[ 2020.858295][T15868] cytherm 3-1:5.52: Cypress thermometer now disconnected
[ 2020.899858][T15868] cytherm 3-1:5.4: Cypress thermometer now disconnected
[ 2021.209523][ T5908] usb 5-1: USB disconnect, device number 99
[ 2021.574690][  T327] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 2021.886425][  T344] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6671'.
[ 2021.895749][  T344] netlink: 28 bytes leftover after parsing attributes in process `syz.1.6671'.
[ 2022.099301][  T344] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[ 2022.118812][  T344] ip6gretap0: entered promiscuous mode
[ 2022.799356][  T368] netlink: 48 bytes leftover after parsing attributes in process `syz.1.6675'.
[ 2022.847489][  T368] netlink: 44 bytes leftover after parsing attributes in process `syz.1.6675'.
[ 2023.108802][  T377] netlink: zone id is out of range
[ 2023.127031][  T377] netlink: zone id is out of range
[ 2023.144317][  T380] openvswitch: netlink: Key type 10512 is out of range max 32
[ 2023.177167][  T377] netlink: zone id is out of range
[ 2023.182746][  T377] netlink: zone id is out of range
[ 2023.190948][  T377] netlink: zone id is out of range
[ 2023.200885][  T377] netlink: zone id is out of range
[ 2023.209694][  T377] netlink: zone id is out of range
[ 2023.217625][  T377] netlink: zone id is out of range
[ 2023.791587][T17712] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[ 2023.964623][T17712] usb 2-1: Using ep0 maxpacket: 32
[ 2024.012767][  T391] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2024.023451][  T391] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2024.036188][  T391] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2024.046358][  T391] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2025.141189][ T5908] usb 5-1: new high-speed USB device number 100 using dummy_hcd
[ 2025.404192][ T5908] usb 5-1: config 0 has no interfaces?
[ 2025.421625][ T5908] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2025.441282][ T5908] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2025.449371][ T5908] usb 5-1: Product: syz
[ 2025.455633][ T5908] usb 5-1: Manufacturer: syz
[ 2025.474151][ T5908] usb 5-1: SerialNumber: syz
[ 2025.506788][ T5908] usb 5-1: config 0 descriptor??
[ 2026.618918][T17712] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 2026.640395][T17712] usb 2-1: unable to read config index 0 descriptor/start: -71
[ 2026.657578][T17712] usb 2-1: can't read configurations, error -71
[ 2027.027853][  T431] netlink: 32 bytes leftover after parsing attributes in process `syz.2.6691'.
[ 2027.131961][  T433] netlink: 32 bytes leftover after parsing attributes in process `syz.1.6692'.
[ 2027.257892][  T435] program syz.2.6693 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2027.760614][T17712] usb 5-1: USB disconnect, device number 100
[ 2028.310017][T17712] usb 5-1: new high-speed USB device number 101 using dummy_hcd
[ 2028.501514][T17712] usb 5-1: Using ep0 maxpacket: 8
[ 2028.508875][T17712] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2028.602065][T17712] usb 5-1: config 0 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2028.634719][T17712] usb 5-1: config 0 interface 0 has no altsetting 0
[ 2028.658723][T17712] usb 5-1: New USB device found, idVendor=0458, idProduct=4018, bcdDevice= 0.00
[ 2028.754506][T17712] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2028.786999][T17712] usb 5-1: config 0 descriptor??
[ 2028.893601][  T456] xt_CT: You must specify a L4 protocol and not use inversions on it
[ 2029.132536][  T446] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2029.155220][  T446] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2029.685320][T17712] usbhid 5-1:0.0: can't add hid device: -71
[ 2029.701926][T17712] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 2029.801008][T17712] usb 5-1: USB disconnect, device number 101
[ 2030.251151][T10845] usb 4-1: new high-speed USB device number 108 using dummy_hcd
[ 2030.283065][   T30] audit: type=1326 audit(1749985883.948:15531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=473 comm="syz.2.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0d7b8e929 code=0x7ffc0000
[ 2030.305429][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2030.321166][   T30] audit: type=1326 audit(1749985883.948:15532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=473 comm="syz.2.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0d7b8e929 code=0x7ffc0000
[ 2030.464192][T10845] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2030.486032][   T30] audit: type=1326 audit(1749985884.008:15533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=473 comm="syz.2.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=136 compat=0 ip=0x7fa0d7b8e929 code=0x7ffc0000
[ 2030.512043][T10845] usb 4-1: config 0 interface 0 altsetting 251 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 2030.589480][   T30] audit: type=1326 audit(1749985884.008:15534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=473 comm="syz.2.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0d7b8e929 code=0x7ffc0000
[ 2030.612488][T10845] usb 4-1: config 0 interface 0 has no altsetting 0
[ 2030.629219][   T30] audit: type=1326 audit(1749985884.008:15535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=473 comm="syz.2.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa0d7b8e929 code=0x7ffc0000
[ 2030.651720][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2030.668147][T10845] usb 4-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 2030.677771][T10845] usb 4-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 2030.686824][T10845] usb 4-1: Product: syz
[ 2030.704227][T10845] usb 4-1: Manufacturer: syz
[ 2030.749883][   T30] audit: type=1326 audit(1749985884.008:15536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=473 comm="syz.2.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0d7b8e929 code=0x7ffc0000
[ 2030.772240][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2030.807552][T10845] usb 4-1: SerialNumber: syz
[ 2030.808710][   T30] audit: type=1326 audit(1749985884.008:15537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=473 comm="syz.2.6704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa0d7b8e929 code=0x7ffc0000
[ 2030.835731][    C0] vkms_vblank_simulate: vblank timer overrun
[ 2031.115332][T10845] usb 4-1: config 0 descriptor??
[ 2031.208640][  T486] team0: Port device bond0 removed
[ 2031.249625][  T486] bridge_slave_0: left allmulticast mode
[ 2031.266935][  T486] bridge_slave_0: left promiscuous mode
[ 2031.290124][  T486] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2031.300723][T10845] snd-usb-audio 4-1:0.0: probe with driver snd-usb-audio failed with error -22
[ 2031.364168][  T486] bridge_slave_1: left allmulticast mode
[ 2031.410452][  T486] bridge_slave_1: left promiscuous mode
[ 2031.421378][T31615] udevd[31615]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2031.451104][  T486] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2031.569598][T10843] usb 4-1: USB disconnect, device number 108
[ 2031.660897][  T486] bond0: (slave bond_slave_0): Releasing backup interface
[ 2031.747535][  T486] bond0: (slave bond_slave_1): Releasing backup interface
[ 2031.851540][  T486] team0: Port device team_slave_0 removed
[ 2031.872569][  T486] team0: Port device team_slave_1 removed
[ 2031.888221][  T486] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 2031.896211][  T486] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 2031.912765][  T486] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 2031.928495][  T497] delete_channel: no stack
[ 2031.950153][  T486] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 2032.000523][  T486] bond2: (slave ip6gretap1): Releasing backup interface
[ 2032.041585][T10845] usb 5-1: new full-speed USB device number 102 using dummy_hcd
[ 2032.191209][T10845] usb 5-1: device descriptor read/64, error -71
[ 2032.341354][T17712] usb 3-1: new high-speed USB device number 126 using dummy_hcd
[ 2032.471272][T10845] usb 5-1: new full-speed USB device number 103 using dummy_hcd
[ 2032.605130][T17712] usb 3-1: device descriptor read/64, error -71
[ 2032.741150][ T5908] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[ 2032.851558][T17712] usb 3-1: new high-speed USB device number 127 using dummy_hcd
[ 2032.981400][ T5908] usb 2-1: Using ep0 maxpacket: 16
[ 2033.003049][ T5908] usb 2-1: config 0 has no interfaces?
[ 2033.011952][ T5908] usb 2-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[ 2033.028735][ T5908] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2033.058683][ T5908] usb 2-1: config 0 descriptor??
[ 2033.101225][T17712] usb 3-1: device descriptor read/64, error -71
[ 2033.114366][T10845] usb 5-1: device descriptor read/64, error -71
[ 2033.212213][T17712] usb usb3-port1: attempt power cycle
[ 2033.231416][T10845] usb usb5-port1: attempt power cycle
[ 2033.631383][T17712] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[ 2033.651182][T10845] usb 5-1: new full-speed USB device number 104 using dummy_hcd
[ 2033.671317][T17712] usb 3-1: device descriptor read/8, error -71
[ 2033.776451][T10845] usb 5-1: device descriptor read/8, error -71
[ 2033.911263][T17712] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[ 2033.931895][T17712] usb 3-1: device descriptor read/8, error -71
[ 2034.041511][T17712] usb usb3-port1: unable to enumerate USB device
[ 2034.141169][T10845] usb 5-1: new full-speed USB device number 105 using dummy_hcd
[ 2034.282102][T10845] usb 5-1: device descriptor read/8, error -71
[ 2034.401486][T10845] usb usb5-port1: unable to enumerate USB device
[ 2035.187773][  T537] use of bytesused == 0 is deprecated and will be removed in the future,
[ 2035.199429][  T537] use the actual size instead.
[ 2035.335355][  T530] netlink: 452 bytes leftover after parsing attributes in process `syz.3.6721'.
[ 2035.397420][T17712] usb 2-1: USB disconnect, device number 11
[ 2035.543893][  T541] netlink: 'syz.2.6724': attribute type 3 has an invalid length.
[ 2035.604093][  T543] Cannot find set identified by id 0 to match
[ 2036.061210][T17712] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[ 2036.228341][T17712] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2036.251965][T17712] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 2036.261793][T17712] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2036.280974][T17712] usb 3-1: config 0 descriptor??
[ 2036.293779][T17712] pwc: Askey VC010 type 2 USB webcam detected.
[ 2036.690650][T17712] pwc: recv_control_msg error -32 req 02 val 2b00
[ 2036.721936][T17712] pwc: recv_control_msg error -32 req 02 val 2700
[ 2036.742725][T17712] pwc: recv_control_msg error -32 req 02 val 2c00
[ 2036.795239][T17712] pwc: recv_control_msg error -32 req 04 val 1000
[ 2036.821673][T17712] pwc: recv_control_msg error -32 req 04 val 1300
[ 2036.839488][T17712] pwc: recv_control_msg error -32 req 04 val 1400
[ 2036.849041][T17712] pwc: recv_control_msg error -32 req 02 val 2000
[ 2036.858419][T17712] pwc: recv_control_msg error -32 req 02 val 2100
[ 2036.868243][T17712] pwc: recv_control_msg error -32 req 04 val 1500
[ 2036.876992][T17712] pwc: recv_control_msg error -32 req 02 val 2500
[ 2036.886984][T17712] pwc: recv_control_msg error -32 req 02 val 2400
[ 2036.894508][T17712] pwc: recv_control_msg error -32 req 02 val 2600
[ 2036.904642][T17712] pwc: recv_control_msg error -32 req 02 val 2900
[ 2036.912498][T17712] pwc: recv_control_msg error -32 req 02 val 2800
[ 2036.919858][T17712] pwc: recv_control_msg error -32 req 04 val 1100
[ 2036.943055][T17712] pwc: recv_control_msg error -71 req 04 val 1200
[ 2037.026226][  T585] input: syz1 as /devices/virtual/input/input88
[ 2037.036272][T17712] pwc: Registered as video103.
[ 2037.139747][T17712] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input89
[ 2037.229045][T17712] usb 3-1: USB disconnect, device number 4
[ 2037.407159][ T1305] ieee802154 phy0 wpan0: encryption failed: -22
[ 2037.413701][ T1305] ieee802154 phy1 wpan1: encryption failed: -22
[ 2037.533544][T27928] usb 2-1: new low-speed USB device number 12 using dummy_hcd
[ 2037.731149][T27928] usb 2-1: Invalid ep0 maxpacket: 9
[ 2037.891163][ T5908] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[ 2037.961342][T27928] usb 2-1: new low-speed USB device number 13 using dummy_hcd
[ 2038.042194][ T5908] usb 3-1: Using ep0 maxpacket: 16
[ 2038.068029][ T5908] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[ 2038.078662][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2038.089395][ T5908] usb 3-1: Product: syz
[ 2038.100342][ T5908] usb 3-1: Manufacturer: syz
[ 2038.113924][ T5908] usb 3-1: SerialNumber: syz
[ 2038.138410][ T5908] r8152-cfgselector 3-1: Unknown version 0x0000
[ 2038.151182][ T5908] r8152-cfgselector 3-1: config 0 descriptor??
[ 2038.151679][T27928] usb 2-1: Invalid ep0 maxpacket: 9
[ 2038.191608][T27928] usb usb2-port1: attempt power cycle
[ 2038.572704][T27928] usb 2-1: new low-speed USB device number 14 using dummy_hcd
[ 2038.584394][ T5908] r8152-cfgselector 3-1: USB disconnect, device number 5
[ 2038.650974][T27928] usb 2-1: Invalid ep0 maxpacket: 9
[ 2038.657975][T10845] usb 5-1: new high-speed USB device number 106 using dummy_hcd
[ 2038.832547][T27928] usb 2-1: new low-speed USB device number 15 using dummy_hcd
[ 2038.861262][T10845] usb 5-1: Using ep0 maxpacket: 8
[ 2038.867102][T27928] usb 2-1: Invalid ep0 maxpacket: 9
[ 2038.875864][T27928] usb usb2-port1: unable to enumerate USB device
[ 2038.885110][T10845] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 7
[ 2038.901977][T10845] usb 5-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[ 2038.917711][T10845] usb 5-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[ 2038.926551][T10845] usb 5-1: Product: syz
[ 2038.932911][T10845] usb 5-1: Manufacturer: syz
[ 2038.937570][T10845] usb 5-1: SerialNumber: syz
[ 2039.160372][  T615] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2039.169086][  T626] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2039.182501][  T615] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2039.195411][  T626] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2039.208702][  T615] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2039.221152][  T615] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2039.223185][  T626] netlink: 'syz.4.6751': attribute type 18 has an invalid length.
[ 2039.223215][  T626] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6751'.
[ 2039.223475][  T615] netlink: 'syz.4.6751': attribute type 18 has an invalid length.
[ 2039.223498][  T615] netlink: 16 bytes leftover after parsing attributes in process `syz.4.6751'.
[ 2039.224349][T10845] usb 5-1: Handspring Visor / Palm OS: No valid connect info available
[ 2039.224373][T10845] usb 5-1: Handspring Visor / Palm OS: port 109, is for unknown use
[ 2039.224393][T10845] usb 5-1: Handspring Visor / Palm OS: port 211, is for unknown use
[ 2039.224412][T10845] usb 5-1: Handspring Visor / Palm OS: Number of ports: 2
[ 2039.434701][T10845] usb 5-1: palm_os_3_probe - error -71 getting bytes available request
[ 2039.434768][T10845] visor 5-1:1.0: Handspring Visor / Palm OS converter detected
[ 2039.446643][T10845] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[ 2039.457242][T10845] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[ 2039.459315][T10845] usb 5-1: USB disconnect, device number 106
[ 2039.470187][T10845] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[ 2039.488009][T10845] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[ 2039.499527][T10845] visor 5-1:1.0: device disconnected
[ 2040.411200][T10845] usb 4-1: new high-speed USB device number 109 using dummy_hcd
[ 2040.424931][  T649] netlink: 44 bytes leftover after parsing attributes in process `syz.1.6765'.
[ 2040.588403][T10845] usb 4-1: config 0 has no interfaces?
[ 2040.605473][T10845] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2040.617119][T10845] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2040.629706][T10845] usb 4-1: Product: syz
[ 2040.634113][T10845] usb 4-1: Manufacturer: syz
[ 2040.642762][T10845] usb 4-1: SerialNumber: syz
[ 2040.662596][T10845] usb 4-1: config 0 descriptor??
[ 2041.181380][T10845] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 2041.357479][T10845] usb 2-1: config 0 has no interfaces?
[ 2041.370233][T10845] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2041.411255][T10845] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2041.419435][T10845] usb 2-1: Product: syz
[ 2041.423966][T10845] usb 2-1: Manufacturer: syz
[ 2041.428603][T10845] usb 2-1: SerialNumber: syz
[ 2041.436504][T10845] usb 2-1: config 0 descriptor??
[ 2041.652387][  T671] netlink: 'syz.4.6772': attribute type 1 has an invalid length.
[ 2042.832411][  T684] netlink: 16 bytes leftover after parsing attributes in process `syz.0.6776'.
[ 2043.135193][T27928] usb 4-1: USB disconnect, device number 109
[ 2043.170355][  T689] netlink: 64 bytes leftover after parsing attributes in process `syz.0.6777'.
[ 2043.231185][T10845] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[ 2043.383187][T10845] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2043.405035][T10845] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2043.421196][T10845] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 2043.449116][T10845] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 2043.460971][T10845] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2043.485419][T10845] usb 3-1: config 0 descriptor??
[ 2043.912110][T10845] plantronics 0003:047F:FFFF.0029: No inputs registered, leaving
[ 2043.969835][T10845] plantronics 0003:047F:FFFF.0029: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 2044.119265][T10845] usb 2-1: USB disconnect, device number 16
[ 2044.243836][   T30] audit: type=1326 audit(1749985897.888:15538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=685 comm="syz.2.6775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0d7b8e929 code=0x7ffc0000
[ 2044.334630][T10843] usb 3-1: USB disconnect, device number 6
[ 2044.400156][   T30] audit: type=1326 audit(1749985897.888:15539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=685 comm="syz.2.6775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0d7b8e929 code=0x7ffc0000
[ 2044.400211][   T30] audit: type=1326 audit(1749985897.888:15540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=685 comm="syz.2.6775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa0d7b2ab19 code=0x7ffc0000
[ 2044.400256][   T30] audit: type=1326 audit(1749985897.888:15541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=685 comm="syz.2.6775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa0d7b2ab19 code=0x7ffc0000
[ 2044.400303][   T30] audit: type=1326 audit(1749985897.888:15542): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=685 comm="syz.2.6775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0d7b8e929 code=0x7ffc0000
[ 2044.400350][   T30] audit: type=1326 audit(1749985897.898:15543): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=685 comm="syz.2.6775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa0d7b2ab19 code=0x7ffc0000
[ 2044.400402][   T30] audit: type=1326 audit(1749985897.898:15544): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=685 comm="syz.2.6775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fa0d7b2ab19 code=0x7ffc0000
[ 2044.400445][   T30] audit: type=1326 audit(1749985897.898:15545): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=685 comm="syz.2.6775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fa0d7b8e929 code=0x7ffc0000
[ 2044.400491][   T30] audit: type=1326 audit(1749985897.898:15546): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=685 comm="syz.2.6775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0d7b8e929 code=0x7ffc0000
[ 2044.400540][   T30] audit: type=1326 audit(1749985897.898:15547): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=685 comm="syz.2.6775" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa0d7b8e929 code=0x7ffc0000
[ 2044.616130][  T714] IPVS: set_ctl: invalid protocol: 0 172.20.20.187:20004
[ 2044.774957][  T717] FAULT_INJECTION: forcing a failure.
[ 2044.774957][  T717] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2044.774988][  T717] CPU: 0 UID: 0 PID: 717 Comm: syz.0.6787 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) 
[ 2044.775005][  T717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2044.775013][  T717] Call Trace:
[ 2044.775019][  T717]  <TASK>
[ 2044.775025][  T717]  dump_stack_lvl+0x189/0x250
[ 2044.775051][  T717]  ? __pfx____ratelimit+0x10/0x10
[ 2044.775072][  T717]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2044.775094][  T717]  ? __pfx__printk+0x10/0x10
[ 2044.775111][  T717]  ? get_sigframe+0x596/0x7d0
[ 2044.775133][  T717]  should_fail_ex+0x414/0x560
[ 2044.775154][  T717]  _copy_to_user+0x31/0xb0
[ 2044.775169][  T717]  copy_siginfo_to_user+0x22/0xc0
[ 2044.775183][  T717]  x64_setup_rt_frame+0x776/0xd40
[ 2044.775214][  T717]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[ 2044.775238][  T717]  arch_do_signal_or_restart+0x3d7/0x750
[ 2044.775261][  T717]  ? __pfx_do_fcntl+0x10/0x10
[ 2044.775283][  T717]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[ 2044.775310][  T717]  ? exit_to_user_mode_loop+0x40/0x110
[ 2044.775332][  T717]  exit_to_user_mode_loop+0x75/0x110
[ 2044.775351][  T717]  do_syscall_64+0x2bd/0x3b0
[ 2044.775363][  T717]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2044.775383][  T717]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2044.775397][  T717]  ? clear_bhb_loop+0x60/0xb0
[ 2044.775413][  T717]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2044.775426][  T717] RIP: 0033:0x7f306098e927
[ 2044.775438][  T717] Code: ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 <0f> 05 48 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89
[ 2044.775450][  T717] RSP: 002b:00007f3061802038 EFLAGS: 00000246 ORIG_RAX: 0000000000000048
[ 2044.775464][  T717] RAX: 0000000000000048 RBX: 00007f3060bb5fa0 RCX: 00007f306098e929
[ 2044.775474][  T717] RDX: 0000200000000040 RSI: 0000000000000007 RDI: 0000000000000004
[ 2044.775482][  T717] RBP: 00007f3061802090 R08: 0000000000000000 R09: 0000000000000000
[ 2044.775490][  T717] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2044.775498][  T717] R13: 0000000000000000 R14: 00007f3060bb5fa0 R15: 00007f3060cdfa28
[ 2044.775517][  T717]  </TASK>
[ 2045.102997][T10843] usb 5-1: new high-speed USB device number 107 using dummy_hcd
[ 2045.289097][T10843] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2045.289123][T10843] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2045.289138][T10843] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 2045.289167][T10843] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 2045.289182][T10843] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2045.290954][T10843] usb 5-1: config 0 descriptor??
[ 2045.314455][  T727] net_ratelimit: 123 callbacks suppressed
[ 2045.314472][  T727] netlink: zone id is out of range
[ 2045.752372][T10843] plantronics 0003:047F:FFFF.002A: No inputs registered, leaving
[ 2045.760935][T10843] plantronics 0003:047F:FFFF.002A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[ 2045.897934][  T710] tty tty26: ldisc open failed (-12), clearing slot 25
[ 2046.064713][  T732] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6788'.
[ 2046.082595][  T732] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2046.091713][T17712] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[ 2046.106538][  T732] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2046.264419][T17712] usb 3-1: config 7 has an invalid interface number: 109 but max is 0
[ 2046.279929][T17712] usb 3-1: config 7 has no interface number 0
[ 2046.290627][T17712] usb 3-1: config 7 interface 109 altsetting 4 endpoint 0x3 has an invalid bInterval 0, changing to 10
[ 2046.312995][  T736] netlink: 'syz.3.6792': attribute type 2 has an invalid length.
[ 2046.336504][  T736] ave_0: entered promiscuous mode
[ 2046.379398][T17712] usb 3-1: config 7 interface 109 altsetting 4 endpoint 0x3 has invalid maxpacket 512, setting to 64
[ 2046.399886][T17712] usb 3-1: config 7 interface 109 altsetting 4 endpoint 0x2 has invalid maxpacket 512, setting to 64
[ 2046.425389][T17712] usb 3-1: config 7 interface 109 altsetting 4 endpoint 0x8 has invalid wMaxPacketSize 0
[ 2046.472907][T17712] usb 3-1: config 7 interface 109 altsetting 4 has 4 endpoint descriptors, different from the interface descriptor's value: 5
[ 2046.489654][T17712] usb 3-1: config 7 interface 109 has no altsetting 0
[ 2046.522017][T17712] usb 3-1: New USB device found, idVendor=1965, idProduct=0018, bcdDevice=d9.4d
[ 2046.534380][T17712] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2046.548486][T17712] usb 3-1: Product: syz
[ 2046.554687][T17712] usb 3-1: Manufacturer: syz
[ 2046.566939][T17712] usb 3-1: SerialNumber: syz
[ 2046.586512][  T726] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[ 2046.826107][T17712] usbhid 3-1:7.109: couldn't find an input interrupt endpoint
[ 2046.840380][T17712] usb 3-1: USB disconnect, device number 7
[ 2047.745655][ T5932] usb 5-1: USB disconnect, device number 107
[ 2047.797848][  T752] FAULT_INJECTION: forcing a failure.
[ 2047.797848][  T752] name failslab, interval 1, probability 0, space 0, times 0
[ 2047.851206][  T752] CPU: 1 UID: 0 PID: 752 Comm: syz.4.6797 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) 
[ 2047.851236][  T752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2047.851249][  T752] Call Trace:
[ 2047.851257][  T752]  <TASK>
[ 2047.851266][  T752]  dump_stack_lvl+0x189/0x250
[ 2047.851304][  T752]  ? __pfx____ratelimit+0x10/0x10
[ 2047.851335][  T752]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2047.851365][  T752]  ? __pfx__printk+0x10/0x10
[ 2047.851393][  T752]  ? __pfx___might_resched+0x10/0x10
[ 2047.851425][  T752]  ? fs_reclaim_acquire+0x7d/0x100
[ 2047.851455][  T752]  should_fail_ex+0x414/0x560
[ 2047.851484][  T752]  should_failslab+0xa8/0x100
[ 2047.851510][  T752]  __kmalloc_noprof+0xcb/0x4f0
[ 2047.851530][  T752]  ? security_sk_alloc+0x52/0x390
[ 2047.851555][  T752]  security_sk_alloc+0x52/0x390
[ 2047.851578][  T752]  sk_prot_alloc+0x101/0x220
[ 2047.851608][  T752]  sk_alloc+0x3a/0x370
[ 2047.851636][  T752]  inet_create+0x76b/0x1000
[ 2047.851661][  T752]  ? inet_create+0x97/0x1000
[ 2047.851685][  T752]  __sock_create+0x4b3/0x9f0
[ 2047.851717][  T752]  udp_sock_create4+0xbe/0x4b0
[ 2047.851750][  T752]  ? __pfx_udp_sock_create4+0x10/0x10
[ 2047.851792][  T752]  rxrpc_lookup_local+0xcae/0x1410
[ 2047.851824][  T752]  ? __pfx_rxrpc_lookup_local+0x10/0x10
[ 2047.851855][  T752]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 2047.851886][  T752]  ? __local_bh_enable_ip+0x12d/0x1c0
[ 2047.851917][  T752]  ? do_raw_spin_unlock+0x122/0x240
[ 2047.851942][  T752]  rxrpc_sendmsg+0x399/0x710
[ 2047.851968][  T752]  ? __pfx_rxrpc_sendmsg+0x10/0x10
[ 2047.851989][  T752]  __sock_sendmsg+0x21c/0x270
[ 2047.852027][  T752]  ____sys_sendmsg+0x505/0x830
[ 2047.852055][  T752]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 2047.852088][  T752]  ? import_iovec+0x74/0xa0
[ 2047.852111][  T752]  ___sys_sendmsg+0x21f/0x2a0
[ 2047.852138][  T752]  ? __pfx____sys_sendmsg+0x10/0x10
[ 2047.852197][  T752]  ? __fget_files+0x2a/0x420
[ 2047.852218][  T752]  ? __fget_files+0x3a0/0x420
[ 2047.852250][  T752]  __x64_sys_sendmsg+0x19b/0x260
[ 2047.852278][  T752]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 2047.852313][  T752]  ? __pfx_ksys_write+0x10/0x10
[ 2047.852329][  T752]  ? rcu_is_watching+0x15/0xb0
[ 2047.852363][  T752]  ? do_syscall_64+0xbe/0x3b0
[ 2047.852385][  T752]  do_syscall_64+0xfa/0x3b0
[ 2047.852402][  T752]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2047.852430][  T752]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2047.852449][  T752]  ? clear_bhb_loop+0x60/0xb0
[ 2047.852473][  T752]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2047.852492][  T752] RIP: 0033:0x7f11e918e929
[ 2047.852510][  T752] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2047.852527][  T752] RSP: 002b:00007f11ea053038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 2047.852548][  T752] RAX: ffffffffffffffda RBX: 00007f11e93b5fa0 RCX: 00007f11e918e929
[ 2047.852563][  T752] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000003
[ 2047.852575][  T752] RBP: 00007f11ea053090 R08: 0000000000000000 R09: 0000000000000000
[ 2047.852588][  T752] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2047.852599][  T752] R13: 0000000000000000 R14: 00007f11e93b5fa0 R15: 00007f11e94dfa28
[ 2047.852629][  T752]  </TASK>
[ 2047.971248][T17712] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[ 2047.975624][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2048.133024][T17712] usb 3-1: config 0 has no interfaces?
[ 2048.134029][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2048.145059][T17712] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2048.149983][    C1] hrtimer: interrupt took 288939064 ns
[ 2048.160377][T17712] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2048.226387][T17712] usb 3-1: Product: syz
[ 2048.230571][T17712] usb 3-1: Manufacturer: syz
[ 2048.235334][T17712] usb 3-1: SerialNumber: syz
[ 2048.250000][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2048.302646][T17712] usb 3-1: config 0 descriptor??
[ 2048.427354][  T754] netlink: 124 bytes leftover after parsing attributes in process `syz.3.6798'.
[ 2048.874305][  T764] netlink: 108 bytes leftover after parsing attributes in process `syz.4.6799'.
[ 2049.341326][T10845] usb 4-1: new high-speed USB device number 110 using dummy_hcd
[ 2049.371475][T10843] usb 5-1: new high-speed USB device number 108 using dummy_hcd
[ 2049.513592][T10845] usb 4-1: config 0 has no interfaces?
[ 2049.522303][T10845] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2049.531891][T10843] usb 5-1: Using ep0 maxpacket: 8
[ 2049.561766][T10845] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2049.590186][T10843] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 3
[ 2049.609170][T10843] usb 5-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[ 2049.621335][T10843] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2049.639172][T10845] usb 4-1: Product: syz
[ 2049.647332][T10843] usb 5-1: Product: syz
[ 2049.654894][T10845] usb 4-1: Manufacturer: syz
[ 2049.678022][T10843] usb 5-1: Manufacturer: syz
[ 2049.684825][T10845] usb 4-1: SerialNumber: syz
[ 2049.693996][T10843] usb 5-1: SerialNumber: syz
[ 2049.752108][T10845] usb 4-1: config 0 descriptor??
[ 2049.770955][T10843] usb 5-1: config 0 descriptor??
[ 2049.820657][T10843] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[ 2049.846051][T10843] usb 5-1: setting power ON
[ 2049.857811][T10843] dvb-usb: bulk message failed: -22 (2/0)
[ 2049.880088][T10843] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 2049.912042][T10843] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[ 2049.982228][T10843] usb 5-1: media controller created
[ 2050.059582][T10843] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 2050.108291][T10843] usb 5-1: selecting invalid altsetting 6
[ 2050.115708][T10843] usb 5-1: digital interface selection failed (-22)
[ 2050.127644][T10843] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[ 2050.139391][T10843] usb 5-1: setting power OFF
[ 2050.146185][T10843] dvb-usb: bulk message failed: -22 (2/0)
[ 2050.154780][T10843] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[ 2050.189356][T10843] (NULL device *): no alternate interface
[ 2050.300298][T10843] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[ 2050.355203][T10843] usb 5-1: USB disconnect, device number 108
[ 2050.730450][ T5932] usb 3-1: USB disconnect, device number 8
[ 2051.411177][T10845] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[ 2051.577892][T10845] usb 3-1: config 0 has no interfaces?
[ 2051.602305][T10845] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2051.611770][T10845] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2051.623451][T10845] usb 3-1: Product: syz
[ 2051.627630][T10845] usb 3-1: Manufacturer: syz
[ 2051.633826][T10845] usb 3-1: SerialNumber: syz
[ 2051.649507][T10845] usb 3-1: config 0 descriptor??
[ 2051.877625][T17712] usb 4-1: USB disconnect, device number 110
[ 2052.371375][T17712] usb 4-1: new high-speed USB device number 111 using dummy_hcd
[ 2052.495406][  T803] program syz.4.6812 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 2052.523720][T17712] usb 4-1: Using ep0 maxpacket: 32
[ 2052.535298][T17712] usb 4-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[ 2052.545037][T17712] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2052.569849][T17712] usb 4-1: config 0 descriptor??
[ 2052.592733][T17712] gspca_main: nw80x-2.14.0 probing 055f:d001
[ 2052.785556][  T796] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2052.795740][  T796] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2052.844494][T10845] usb 5-1: new high-speed USB device number 109 using dummy_hcd
[ 2052.894354][  T796] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2052.910477][  T796] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2053.102621][T17712] gspca_nw80x: reg_w err -110
[ 2053.110852][T17712] nw80x 4-1:0.0: probe with driver nw80x failed with error -110
[ 2053.141154][T10845] usb 5-1: device descriptor read/64, error -71
[ 2053.156607][T17712] usb 4-1: USB disconnect, device number 111
[ 2053.221718][   T30] kauditd_printk_skb: 190 callbacks suppressed
[ 2053.221737][   T30] audit: type=1326 audit(1749985906.888:15738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=809 comm="syz.1.6814" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f714bd8e929 code=0x0
[ 2053.401931][T10845] usb 5-1: new high-speed USB device number 110 using dummy_hcd
[ 2053.541235][T10845] usb 5-1: device descriptor read/64, error -71
[ 2053.651815][T10845] usb usb5-port1: attempt power cycle
[ 2054.001812][T10845] usb 5-1: new high-speed USB device number 111 using dummy_hcd
[ 2054.024212][T10845] usb 5-1: device descriptor read/8, error -71
[ 2054.089588][T10843] usb 3-1: USB disconnect, device number 9
[ 2054.341193][T10845] usb 5-1: new high-speed USB device number 112 using dummy_hcd
[ 2054.363751][T10845] usb 5-1: device descriptor read/8, error -71
[ 2054.505745][T10845] usb usb5-port1: unable to enumerate USB device
[ 2054.535525][ T5932] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[ 2054.801222][  T829] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6817'.
[ 2054.821431][  T829] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6817'.
[ 2054.859438][ T5932] usb 2-1: config 0 has no interfaces?
[ 2054.881139][T10845] usb 4-1: new high-speed USB device number 112 using dummy_hcd
[ 2054.897208][ T5932] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2054.989711][ T5932] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2055.011125][ T5932] usb 2-1: Product: syz
[ 2055.028910][ T5932] usb 2-1: Manufacturer: syz
[ 2055.034179][ T5932] usb 2-1: SerialNumber: syz
[ 2055.053203][T10845] usb 4-1: config 0 has no interfaces?
[ 2055.053980][ T5932] usb 2-1: config 0 descriptor??
[ 2055.065002][T10845] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2055.074484][T10845] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2055.084772][T10845] usb 4-1: Product: syz
[ 2055.088959][T10845] usb 4-1: Manufacturer: syz
[ 2055.098528][T10845] usb 4-1: SerialNumber: syz
[ 2055.138025][T10845] usb 4-1: config 0 descriptor??
[ 2056.050105][  T838] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6821'.
[ 2057.399215][ T5932] usb 4-1: USB disconnect, device number 112
[ 2057.622550][  T853] netlink: 8 bytes leftover after parsing attributes in process `syz.3.6825'.
[ 2057.955402][T15868] usb 2-1: USB disconnect, device number 17
[ 2058.262360][  T872] netlink: 548 bytes leftover after parsing attributes in process `syz.1.6829'.
[ 2058.581587][ T5932] usb 4-1: new high-speed USB device number 113 using dummy_hcd
[ 2058.760080][ T5932] usb 4-1: config 0 has no interfaces?
[ 2058.937206][ T5932] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2058.969398][ T5932] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2059.021197][ T5932] usb 4-1: Product: syz
[ 2059.025432][ T5932] usb 4-1: Manufacturer: syz
[ 2059.030050][ T5932] usb 4-1: SerialNumber: syz
[ 2059.108582][ T5932] usb 4-1: config 0 descriptor??
[ 2059.741164][ T5908] usb 5-1: new high-speed USB device number 113 using dummy_hcd
[ 2059.870679][  T889] FAULT_INJECTION: forcing a failure.
[ 2059.870679][  T889] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 2059.938364][  T889] CPU: 1 UID: 0 PID: 889 Comm: syz.0.6837 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) 
[ 2059.938394][  T889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2059.938407][  T889] Call Trace:
[ 2059.938415][  T889]  <TASK>
[ 2059.938425][  T889]  dump_stack_lvl+0x189/0x250
[ 2059.938460][  T889]  ? __pfx____ratelimit+0x10/0x10
[ 2059.938490][  T889]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2059.938521][  T889]  ? __pfx__printk+0x10/0x10
[ 2059.938553][  T889]  should_fail_ex+0x414/0x560
[ 2059.938582][  T889]  _copy_to_user+0x31/0xb0
[ 2059.938604][  T889]  simple_read_from_buffer+0xe1/0x170
[ 2059.938642][  T889]  proc_fail_nth_read+0x1df/0x250
[ 2059.938679][  T889]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2059.938704][  T889]  ? rw_verify_area+0x258/0x650
[ 2059.938730][  T889]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 2059.938755][  T889]  vfs_read+0x200/0x980
[ 2059.938788][  T889]  ? __pfx___mutex_lock+0x10/0x10
[ 2059.938806][  T889]  ? __pfx_vfs_read+0x10/0x10
[ 2059.938828][  T889]  ? __fget_files+0x2a/0x420
[ 2059.938846][  T889]  ? __fget_files+0x3a0/0x420
[ 2059.938860][  T889]  ? __fget_files+0x2a/0x420
[ 2059.938881][  T889]  ksys_read+0x145/0x250
[ 2059.938895][  T889]  ? __pfx_ksys_read+0x10/0x10
[ 2059.938905][  T889]  ? rcu_is_watching+0x15/0xb0
[ 2059.938929][  T889]  ? do_syscall_64+0xbe/0x3b0
[ 2059.938944][  T889]  do_syscall_64+0xfa/0x3b0
[ 2059.938955][  T889]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2059.938975][  T889]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2059.938989][  T889]  ? clear_bhb_loop+0x60/0xb0
[ 2059.939005][  T889]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2059.939018][  T889] RIP: 0033:0x7f306098d33c
[ 2059.939030][  T889] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 2059.939043][  T889] RSP: 002b:00007f3061802030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 2059.939058][  T889] RAX: ffffffffffffffda RBX: 00007f3060bb5fa0 RCX: 00007f306098d33c
[ 2059.939068][  T889] RDX: 000000000000000f RSI: 00007f30618020a0 RDI: 0000000000000017
[ 2059.939077][  T889] RBP: 00007f3061802090 R08: 0000000000000000 R09: 0000000000000000
[ 2059.939085][  T889] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 2059.939093][  T889] R13: 0000000000000000 R14: 00007f3060bb5fa0 R15: 00007f3060cdfa28
[ 2059.939113][  T889]  </TASK>
[ 2060.171376][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2060.202071][ T5908] usb 5-1: Using ep0 maxpacket: 8
[ 2060.230942][ T5908] usb 5-1: config 220 has an invalid interface number: 126 but max is 1
[ 2060.270049][ T5908] usb 5-1: config 220 has an invalid descriptor of length 1, skipping remainder of the config
[ 2060.528193][ T5908] usb 5-1: config 220 has 1 interface, different from the descriptor's value: 2
[ 2060.634809][ T5908] usb 5-1: config 220 has no interface number 0
[ 2060.941740][T10845] usb 4-1: USB disconnect, device number 113
[ 2061.015685][ T5908] usb 5-1: config 220 interface 126 altsetting 139 endpoint 0xF has invalid maxpacket 1024, setting to 64
[ 2061.137842][ T5908] usb 5-1: config 220 interface 126 altsetting 139 endpoint 0x9 has invalid maxpacket 1552, setting to 64
[ 2061.159716][ T5908] usb 5-1: config 220 interface 126 altsetting 139 has an invalid descriptor for endpoint zero, skipping
[ 2061.183404][ T5908] usb 5-1: config 220 interface 126 altsetting 139 endpoint 0xB has invalid maxpacket 1544, setting to 64
[ 2061.214980][ T5908] usb 5-1: config 220 interface 126 altsetting 139 has an endpoint descriptor with address 0x9E, changing to 0x8E
[ 2061.247284][ T5908] usb 5-1: config 220 interface 126 altsetting 139 has 5 endpoint descriptors, different from the interface descriptor's value: 14
[ 2061.291303][ T5908] usb 5-1: config 220 interface 126 has no altsetting 0
[ 2061.304128][ T5908] usb 5-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=ae.30
[ 2061.313530][ T5908] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2061.321860][ T5908] usb 5-1: Product: syz
[ 2061.331361][ T5908] usb 5-1: Manufacturer: Ⰺ
[ 2061.336003][ T5908] usb 5-1: SerialNumber: syz
[ 2061.570217][ T5908] gspca_main: nw80x-2.14.0 probing 055f:d001
[ 2061.581346][ T5908] gspca_nw80x: reg_w err -71
[ 2061.586073][ T5908] nw80x 5-1:220.126: probe with driver nw80x failed with error -71
[ 2061.619849][ T5908] usb 5-1: USB disconnect, device number 113
[ 2061.762196][T10845] usb 4-1: new high-speed USB device number 114 using dummy_hcd
[ 2061.932875][  T921] veth1_to_bond: entered allmulticast mode
[ 2061.944269][  T921] veth1_to_bond: entered promiscuous mode
[ 2061.981238][T10845] usb 4-1: Using ep0 maxpacket: 32
[ 2061.988410][T10845] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 2061.997522][T10845] usb 4-1: can't read configurations, error -61
[ 2062.132603][T10845] usb 4-1: new high-speed USB device number 115 using dummy_hcd
[ 2062.191187][T10843] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[ 2062.331158][T10845] usb 4-1: Using ep0 maxpacket: 32
[ 2062.339291][T10845] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 2062.351293][T10845] usb 4-1: can't read configurations, error -61
[ 2062.381490][T10843] usb 3-1: Using ep0 maxpacket: 8
[ 2062.394589][T10843] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[ 2062.408709][T10845] usb usb4-port1: attempt power cycle
[ 2062.415507][T10843] usb 3-1: config 179 has no interface number 0
[ 2062.425557][T10843] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[ 2062.445776][T10843] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[ 2062.457523][T10843] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 2062.469240][T10843] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[ 2062.481195][T10843] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[ 2062.499260][T10843] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[ 2062.517522][T10843] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2062.538442][  T921] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 2062.772307][T10845] usb 4-1: new high-speed USB device number 116 using dummy_hcd
[ 2062.782827][T27928] input: Generic X-Box pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:179.65/input/input91
[ 2062.794141][T10845] usb 4-1: Using ep0 maxpacket: 32
[ 2062.803313][T10845] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 2062.811476][T10845] usb 4-1: can't read configurations, error -61
[ 2062.961688][T10845] usb 4-1: new high-speed USB device number 117 using dummy_hcd
[ 2063.006838][T10845] usb 4-1: Using ep0 maxpacket: 32
[ 2063.026902][T10845] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 2063.036242][T10845] usb 4-1: can't read configurations, error -61
[ 2063.045012][T10845] usb usb4-port1: unable to enumerate USB device
[ 2063.226230][ T5932] usb 3-1: USB disconnect, device number 10
[ 2063.226248][    C1] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[ 2063.234630][  T919] veth1_to_bond: left promiscuous mode
[ 2063.246735][ T5932] xpad 3-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[ 2063.278065][  T919] veth1_to_bond: left allmulticast mode
[ 2063.484519][  T943] usb usb8: usbfs: process 943 (syz.1.6850) did not claim interface 0 before use
[ 2063.790856][  T952] netlink: 4 bytes leftover after parsing attributes in process `syz.0.6853'.
[ 2063.883071][  T958] netlink: 56 bytes leftover after parsing attributes in process `syz.2.6856'.
[ 2064.351150][ T5932] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[ 2064.511555][ T5932] usb 3-1: Using ep0 maxpacket: 8
[ 2064.531796][ T5932] usb 3-1: too many configurations: 109, using maximum allowed: 8
[ 2064.554811][ T5932] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 2064.562738][ T5932] usb 3-1: can't read configurations, error -61
[ 2064.701400][ T5932] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[ 2064.800542][  T980] netlink: 8 bytes leftover after parsing attributes in process `syz.0.6866'.
[ 2064.873647][ T5932] usb 3-1: Using ep0 maxpacket: 8
[ 2064.886593][ T5932] usb 3-1: too many configurations: 109, using maximum allowed: 8
[ 2064.891780][T10845] usb 4-1: new high-speed USB device number 118 using dummy_hcd
[ 2064.912847][ T5932] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 2064.940881][ T5932] usb 3-1: can't read configurations, error -61
[ 2064.969514][ T5932] usb usb3-port1: attempt power cycle
[ 2065.053499][T10845] usb 4-1: Using ep0 maxpacket: 16
[ 2065.069801][T10845] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[ 2065.114393][T10845] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 2065.157977][T10845] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 2065.179310][T10845] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2065.188010][T10845] usb 4-1: Product: syz
[ 2065.201135][T10845] usb 4-1: Manufacturer: syz
[ 2065.205783][T10845] usb 4-1: SerialNumber: syz
[ 2065.230163][T10845] usb 4-1: config 0 descriptor??
[ 2065.245948][T10845] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 2065.261520][T10845] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[ 2065.321621][ T5932] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[ 2065.362155][ T5932] usb 3-1: Using ep0 maxpacket: 8
[ 2065.373486][ T5932] usb 3-1: too many configurations: 109, using maximum allowed: 8
[ 2065.385827][ T5932] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 2065.405348][ T5932] usb 3-1: can't read configurations, error -61
[ 2065.456569][   T30] audit: type=1326 audit(1749985919.118:15739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=997 comm="syz.4.6874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e918e929 code=0x7ffc0000
[ 2065.479300][   T30] audit: type=1326 audit(1749985919.118:15740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=997 comm="syz.4.6874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e918e929 code=0x7ffc0000
[ 2065.504405][   T30] audit: type=1326 audit(1749985919.118:15741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=997 comm="syz.4.6874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f11e918e929 code=0x7ffc0000
[ 2065.528160][   T30] audit: type=1326 audit(1749985919.118:15742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=997 comm="syz.4.6874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e918e929 code=0x7ffc0000
[ 2065.564833][ T5932] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[ 2065.566603][   T30] audit: type=1326 audit(1749985919.118:15743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=997 comm="syz.4.6874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e918e929 code=0x7ffc0000
[ 2065.595684][   T30] audit: type=1326 audit(1749985919.118:15744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=997 comm="syz.4.6874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f11e918e929 code=0x7ffc0000
[ 2065.606100][ T5932] usb 3-1: Using ep0 maxpacket: 8
[ 2065.620023][   T30] audit: type=1326 audit(1749985919.118:15745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=997 comm="syz.4.6874" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f11e918e929 code=0x7ffc0000
[ 2065.637045][ T5932] usb 3-1: too many configurations: 109, using maximum allowed: 8
[ 2065.663808][ T5932] usb 3-1: unable to read config index 0 descriptor/start: -61
[ 2065.678179][ T5932] usb 3-1: can't read configurations, error -61
[ 2065.699057][ T5932] usb usb3-port1: unable to enumerate USB device
[ 2065.849714][T10845] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[ 2065.856797][T10845] em28xx 4-1:0.0: Config register raw data: 0xfffffffb
[ 2066.431283][T27928] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[ 2066.466730][T10845] em28xx 4-1:0.0: Unknown AC97 audio processor detected!
[ 2066.591194][T27928] usb 2-1: Using ep0 maxpacket: 16
[ 2066.598423][T27928] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2066.609679][T27928] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2066.620753][T27928] usb 2-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[ 2066.630116][T27928] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2066.640921][T27928] usb 2-1: config 0 descriptor??
[ 2066.675096][T10845] em28xx 4-1:0.0: couldn't setup AC97 register 2
[ 2066.689951][T10845] em28xx 4-1:0.0: couldn't setup AC97 register 4
[ 2066.698519][T10845] em28xx 4-1:0.0: couldn't setup AC97 register 6
[ 2066.708308][T10845] em28xx 4-1:0.0: couldn't setup AC97 register 54
[ 2066.715465][T10845] em28xx 4-1:0.0: couldn't setup AC97 register 56
[ 2066.727117][T10845] usb 4-1: USB disconnect, device number 118
[ 2067.054698][T27928] gt683r_led 0003:1770:FF00.002B: ignoring exceeding usage max
[ 2067.076612][T27928] gt683r_led 0003:1770:FF00.002B: hidraw0: USB HID v0.00 Device [HID 1770:ff00] on usb-dummy_hcd.1-1/input0
[ 2067.259262][T27928] usb 2-1: USB disconnect, device number 18
[ 2067.285573][T10845] gt683r_led 0003:1770:FF00.002B: failed to send set report request: -19
[ 2067.374668][ T1016] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 2067.675758][ T1035] netlink: 160 bytes leftover after parsing attributes in process `syz.3.6887'.
[ 2067.782856][T27928] usb 5-1: new full-speed USB device number 114 using dummy_hcd
[ 2067.942944][T27928] usb 5-1: config 54 has an invalid interface number: 154 but max is 0
[ 2067.955924][T27928] usb 5-1: config 54 has an invalid descriptor of length 0, skipping remainder of the config
[ 2067.969300][T27928] usb 5-1: config 54 has no interface number 0
[ 2067.991376][T27928] usb 5-1: config 54 interface 154 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 4
[ 2068.008046][T27928] usb 5-1: config 54 interface 154 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2068.029641][T27928] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice= 0.ec
[ 2068.049024][T27928] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2068.057184][T27928] usb 5-1: Product: syz
[ 2068.071155][T27928] usb 5-1: Manufacturer: syz
[ 2068.075795][T27928] usb 5-1: SerialNumber: syz
[ 2068.123104][ T5908] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[ 2068.289018][ T1028] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 2068.298256][ T1028] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 2068.301988][ T5908] usb 3-1: Using ep0 maxpacket: 16
[ 2068.321424][ T5908] usb 3-1: config 1 has an invalid interface number: 105 but max is 0
[ 2068.336951][ T5908] usb 3-1: config 1 has no interface number 0
[ 2068.338774][T27928] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 2068.346660][T12238] usb 5-1: Failed to submit usb control message: -71
[ 2068.357779][T27928] usb 5-1: USB disconnect, device number 114
[ 2068.366699][ T5908] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[ 2068.387492][T12238] usb 5-1: unable to send the bmi data to the device: -71
[ 2068.394780][ T5908] usb 3-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[ 2068.409595][T12238] usb 5-1: unable to get target info from device
[ 2068.418007][ T5908] usb 3-1: config 1 interface 105 has no altsetting 0
[ 2068.430264][T12238] usb 5-1: could not get target info (-71)
[ 2068.438749][T12238] usb 5-1: could not probe fw (-71)
[ 2068.457651][ T5908] usb 3-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[ 2068.468361][ T5908] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2068.501346][ T5908] usb 3-1: Product: syz
[ 2068.505577][ T5908] usb 3-1: Manufacturer: syz
[ 2068.510188][ T5908] usb 3-1: SerialNumber: syz
[ 2068.545944][ T1047] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 2068.568669][ T1047] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 2068.998003][ T1047] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 2069.041408][ T1047] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 2069.409395][ T5848] Bluetooth: hci0: unexpected event for opcode 0x0c1a
[ 2069.482369][ T5908] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[ 2069.503703][ T5908] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[ 2069.520475][ T5908] aqc111 3-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -71
[ 2069.550308][ T5908] aqc111 3-1:1.105 eth1: register 'aqc111' at usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, f6:a7:cd:3e:1e:6f
[ 2069.566606][ T5908] usb 3-1: USB disconnect, device number 15
[ 2069.588270][ T5908] aqc111 3-1:1.105 eth1: unregister 'aqc111' usb-dummy_hcd.2-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[ 2069.704149][ T5908] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 2069.734036][ T5908] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[ 2069.764327][ T5908] aqc111 3-1:1.105 eth1 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[ 2069.802979][ T1112] netlink: 8 bytes leftover after parsing attributes in process `syz.4.6915'.
[ 2070.133082][ T5848] Bluetooth: hci5: command 0x0406 tx timeout
[ 2070.689356][ T1151] netlink: 1744 bytes leftover after parsing attributes in process `syz.2.6927'.
[ 2071.743065][ T1191] netlink: 4 bytes leftover after parsing attributes in process `syz.4.6937'.
[ 2071.936008][T26340] Bluetooth: Wrong link type (-57)
[ 2072.023044][T27928] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 2072.130913][T26340] Bluetooth: hci2: Unable to find connection with handle 0x00c8
[ 2072.161431][T10843] usb 5-1: new high-speed USB device number 115 using dummy_hcd
[ 2072.183091][T27928] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 2072.199217][T27928] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 2072.221197][T27928] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 2072.239641][T27928] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 2072.249841][T27928] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2072.266917][T27928] usb 3-1: config 0 descriptor??
[ 2072.321720][T10843] usb 5-1: Using ep0 maxpacket: 32
[ 2072.336699][T10843] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 2072.348823][T10843] usb 5-1: config 7 has an invalid interface number: 187 but max is 0
[ 2072.360364][T10843] usb 5-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[ 2072.372504][T10843] usb 5-1: config 7 has no interface number 0
[ 2072.378711][T10843] usb 5-1: config 7 interface 187 altsetting 6 bulk endpoint 0x4 has invalid maxpacket 947
[ 2072.389396][T10843] usb 5-1: config 7 interface 187 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2072.406222][T10843] usb 5-1: config 7 interface 187 has no altsetting 0
[ 2072.416123][T10843] usb 5-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[ 2072.424286][ T1219] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6950'.
[ 2072.425864][T10843] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2072.442612][T10843] usb 5-1: Product: syz
[ 2072.446814][T10843] usb 5-1: Manufacturer: syz
[ 2072.451913][T10843] usb 5-1: SerialNumber: syz
[ 2072.466063][ T1203] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[ 2072.675418][T10843] usb 5-1: Cannot retrieve CPort count: -32
[ 2072.691192][T10843] usb 5-1: Cannot retrieve CPort count: -32
[ 2072.697222][T10843] es2_ap_driver 5-1:7.187: probe with driver es2_ap_driver failed with error -32
[ 2072.717025][T27928] plantronics 0003:047F:FFFF.002C: No inputs registered, leaving
[ 2072.746188][T27928] plantronics 0003:047F:FFFF.002C: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 2072.844351][ T5908] usb 5-1: USB disconnect, device number 115
[ 2072.973453][T10843] usb 3-1: USB disconnect, device number 16
[ 2073.053116][   T30] audit: type=1326 audit(1749985926.708:15746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1228 comm="syz.3.6954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd37d8e929 code=0x7ffc0000
[ 2073.086641][   T30] audit: type=1326 audit(1749985926.718:15747): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1228 comm="syz.3.6954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd37d8e929 code=0x7ffc0000
[ 2073.117206][   T30] audit: type=1326 audit(1749985926.718:15748): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1228 comm="syz.3.6954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7efd37d8e929 code=0x7ffc0000
[ 2073.145200][   T30] audit: type=1326 audit(1749985926.718:15749): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1228 comm="syz.3.6954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd37d8e929 code=0x7ffc0000
[ 2073.175626][   T30] audit: type=1326 audit(1749985926.718:15750): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1228 comm="syz.3.6954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd37d8e929 code=0x7ffc0000
[ 2073.208124][   T30] audit: type=1326 audit(1749985926.718:15751): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1228 comm="syz.3.6954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7efd37d8e929 code=0x7ffc0000
[ 2073.235521][   T30] audit: type=1326 audit(1749985926.718:15752): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1228 comm="syz.3.6954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd37d8e929 code=0x7ffc0000
[ 2073.264190][   T30] audit: type=1326 audit(1749985926.718:15753): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1228 comm="syz.3.6954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7efd37d8e929 code=0x7ffc0000
[ 2073.288029][   T30] audit: type=1326 audit(1749985926.718:15754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1228 comm="syz.3.6954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efd37d8e929 code=0x7ffc0000
[ 2073.317908][   T30] audit: type=1326 audit(1749985926.718:15755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1228 comm="syz.3.6954" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7efd37d8d290 code=0x7ffc0000
[ 2074.031165][T10843] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 2074.056112][ T1254] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6960'.
[ 2074.153658][T17712] usb 5-1: new high-speed USB device number 116 using dummy_hcd
[ 2074.236640][T10843] usb 2-1: config 0 has no interfaces?
[ 2074.247736][T10843] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2074.258892][T10843] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2074.269203][T10843] usb 2-1: Product: syz
[ 2074.275318][T10843] usb 2-1: Manufacturer: syz
[ 2074.299792][T10843] usb 2-1: SerialNumber: syz
[ 2074.308277][T10843] usb 2-1: config 0 descriptor??
[ 2074.366709][T17712] usb 5-1: config 0 has no interfaces?
[ 2074.380849][T17712] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2074.390691][T17712] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2074.402083][T17712] usb 5-1: Product: syz
[ 2074.406317][T17712] usb 5-1: Manufacturer: syz
[ 2074.413162][T17712] usb 5-1: SerialNumber: syz
[ 2074.419962][T17712] usb 5-1: config 0 descriptor??
[ 2076.760721][ T5908] usb 5-1: USB disconnect, device number 116
[ 2076.895865][T27928] usb 2-1: USB disconnect, device number 19
[ 2077.194352][ T1298] FAULT_INJECTION: forcing a failure.
[ 2077.194352][ T1298] name failslab, interval 1, probability 0, space 0, times 0
[ 2077.353032][ T1298] CPU: 0 UID: 0 PID: 1298 Comm: syz.0.6972 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) 
[ 2077.353073][ T1298] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2077.353087][ T1298] Call Trace:
[ 2077.353096][ T1298]  <TASK>
[ 2077.353105][ T1298]  dump_stack_lvl+0x189/0x250
[ 2077.353138][ T1298]  ? __pfx____ratelimit+0x10/0x10
[ 2077.353168][ T1298]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2077.353197][ T1298]  ? __pfx__printk+0x10/0x10
[ 2077.353224][ T1298]  ? __pfx___might_resched+0x10/0x10
[ 2077.353252][ T1298]  ? fs_reclaim_acquire+0x7d/0x100
[ 2077.353280][ T1298]  should_fail_ex+0x414/0x560
[ 2077.353310][ T1298]  should_failslab+0xa8/0x100
[ 2077.353332][ T1298]  kmem_cache_alloc_noprof+0x73/0x3c0
[ 2077.353362][ T1298]  ? security_inode_alloc+0x39/0x330
[ 2077.353393][ T1298]  security_inode_alloc+0x39/0x330
[ 2077.353423][ T1298]  inode_init_always_gfp+0x9ed/0xdc0
[ 2077.353450][ T1298]  ? __pfx_proc_alloc_inode+0x10/0x10
[ 2077.353474][ T1298]  alloc_inode+0x82/0x1b0
[ 2077.353496][ T1298]  new_inode+0x22/0x170
[ 2077.353521][ T1298]  proc_pid_make_inode+0x21/0x130
[ 2077.353551][ T1298]  proc_fd_instantiate+0x54/0x300
[ 2077.353570][ T1298]  ? proc_fill_cache+0x2a7/0x3d0
[ 2077.353600][ T1298]  proc_fill_cache+0x2d0/0x3d0
[ 2077.353631][ T1298]  ? __pfx_proc_fd_instantiate+0x10/0x10
[ 2077.353651][ T1298]  ? __pfx_proc_fill_cache+0x10/0x10
[ 2077.353677][ T1298]  ? snprintf+0xda/0x120
[ 2077.353710][ T1298]  ? fget_task_next+0x572/0x5f0
[ 2077.353740][ T1298]  proc_readfd_common+0x3fe/0x5c0
[ 2077.353764][ T1298]  ? __pfx_proc_fd_instantiate+0x10/0x10
[ 2077.353783][ T1298]  ? __pfx_proc_readfd_common+0x10/0x10
[ 2077.353804][ T1298]  ? end_current_label_crit_section+0x152/0x180
[ 2077.353834][ T1298]  ? iterate_dir+0x49f/0x770
[ 2077.353861][ T1298]  ? down_read_killable+0x1d1/0x350
[ 2077.353886][ T1298]  iterate_dir+0x5af/0x770
[ 2077.353921][ T1298]  __se_sys_getdents+0xe4/0x250
[ 2077.353952][ T1298]  ? __pfx___se_sys_getdents+0x10/0x10
[ 2077.353978][ T1298]  ? ksys_write+0x22a/0x250
[ 2077.353993][ T1298]  ? __pfx_filldir+0x10/0x10
[ 2077.354012][ T1298]  ? __pfx_ksys_write+0x10/0x10
[ 2077.354026][ T1298]  ? rcu_is_watching+0x15/0xb0
[ 2077.354066][ T1298]  ? do_syscall_64+0xbe/0x3b0
[ 2077.354088][ T1298]  do_syscall_64+0xfa/0x3b0
[ 2077.354105][ T1298]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2077.354134][ T1298]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2077.354153][ T1298]  ? clear_bhb_loop+0x60/0xb0
[ 2077.354176][ T1298]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 2077.354194][ T1298] RIP: 0033:0x7f306098e929
[ 2077.354210][ T1298] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 2077.354227][ T1298] RSP: 002b:00007f3061802038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[ 2077.354247][ T1298] RAX: ffffffffffffffda RBX: 00007f3060bb5fa0 RCX: 00007f306098e929
[ 2077.354261][ T1298] RDX: 0000000000001000 RSI: 0000200000001f80 RDI: 0000000000000005
[ 2077.354274][ T1298] RBP: 00007f3061802090 R08: 0000000000000000 R09: 0000000000000000
[ 2077.354287][ T1298] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[ 2077.354298][ T1298] R13: 0000000000000000 R14: 00007f3060bb5fa0 R15: 00007f3060cdfa28
[ 2077.354327][ T1298]  </TASK>
[ 2077.795641][ T1297] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 2077.961867][ T1300] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6970'.
[ 2077.970835][ T1300] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6970'.
[ 2077.980279][ T1300] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6970'.
[ 2077.989314][ T1300] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6970'.
[ 2077.998369][ T1300] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6970'.
[ 2078.007449][ T1300] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6970'.
[ 2078.023346][ T1300] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6970'.
[ 2078.033024][ T1303] netlink: 28 bytes leftover after parsing attributes in process `syz.2.6970'.
[ 2078.069218][   T30] kauditd_printk_skb: 244 callbacks suppressed
[ 2078.069241][   T30] audit: type=1326 audit(1749985931.728:16000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1294 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f714bd2ab19 code=0x7ffc0000
[ 2078.101308][ T1303] netlink: 8 bytes leftover after parsing attributes in process `syz.2.6970'.
[ 2078.101350][ T1300] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6970'.
[ 2078.164850][   T30] audit: type=1326 audit(1749985931.728:16001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1294 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f714bd2ab19 code=0x7ffc0000
[ 2078.694632][   T30] audit: type=1326 audit(1749985931.728:16002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1294 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f714bd2ab19 code=0x7ffc0000
[ 2079.027197][   T30] audit: type=1326 audit(1749985931.728:16003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1294 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f714bd2ab19 code=0x7ffc0000
[ 2079.171642][   T30] audit: type=1326 audit(1749985931.728:16004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1294 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f714bd2ab19 code=0x7ffc0000
[ 2079.194106][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2079.306879][   T30] audit: type=1326 audit(1749985931.728:16005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1294 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f714bd2ab19 code=0x7ffc0000
[ 2079.329245][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2079.571115][   T30] audit: type=1326 audit(1749985931.728:16006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1294 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f714bd2ab19 code=0x7ffc0000
[ 2079.593523][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2079.703837][   T30] audit: type=1326 audit(1749985931.728:16007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1294 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f714bd2ab19 code=0x7ffc0000
[ 2079.726229][    C1] vkms_vblank_simulate: vblank timer overrun
[ 2079.751195][   T30] audit: type=1326 audit(1749985931.728:16008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1294 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f714bd2ab19 code=0x7ffc0000
[ 2079.781285][   T30] audit: type=1326 audit(1749985931.728:16009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1294 comm="syz.1.6971" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f714bd2ab19 code=0x7ffc0000
[ 2080.911678][T27928] usb 4-1: new high-speed USB device number 119 using dummy_hcd
[ 2081.000945][ T1333] binder: BINDER_SET_CONTEXT_MGR already set
[ 2081.038466][ T1333] binder: 1330:1333 ioctl 40046207 0 returned -16
[ 2081.116012][T27928] usb 4-1: config 0 has no interfaces?
[ 2081.130232][T27928] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2081.139570][T27928] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2081.151864][T27928] usb 4-1: Product: syz
[ 2081.156036][T27928] usb 4-1: Manufacturer: syz
[ 2081.175475][T27928] usb 4-1: SerialNumber: syz
[ 2081.196977][T27928] usb 4-1: config 0 descriptor??
[ 2081.677397][T27928] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[ 2081.921441][T27928] usb 3-1: Using ep0 maxpacket: 32
[ 2081.930290][T27928] usb 3-1: config 0 has an invalid interface number: 108 but max is 0
[ 2081.942981][T27928] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 2081.956879][T27928] usb 3-1: config 0 has no interface number 0
[ 2082.006224][T27928] usb 3-1: config 0 interface 108 altsetting 16 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 2082.101154][T15868] usb 5-1: new high-speed USB device number 117 using dummy_hcd
[ 2082.132777][T17712] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 2082.260809][T27928] usb 3-1: config 0 interface 108 has no altsetting 0
[ 2082.293159][T17712] usb 2-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[ 2082.304861][T17712] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 2082.319941][T17712] usb 2-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 2082.406839][T17712] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 2082.428948][T17712] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2082.439572][T27928] usb 3-1: New USB device found, idVendor=2c7c, idProduct=0306, bcdDevice=48.1e
[ 2082.449210][T27928] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2082.457502][T27928] usb 3-1: Product: syz
[ 2082.468605][T27928] usb 3-1: Manufacturer: syz
[ 2082.484783][T17712] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[ 2082.495238][T27928] usb 3-1: SerialNumber: syz
[ 2082.496284][T17712] usb 2-1: invalid MIDI out EP 0
[ 2082.547021][T27928] usb 3-1: config 0 descriptor??
[ 2082.778953][T15868] usb 5-1: config 0 has no interfaces?
[ 2082.810466][T15868] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[ 2082.820315][T15868] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 2082.828551][T15868] usb 5-1: Product: syz
[ 2082.833333][T15868] usb 5-1: Manufacturer: syz
[ 2082.839664][T15868] usb 5-1: SerialNumber: syz
[ 2082.847063][T17712] snd-usb-audio 2-1:27.0: probe with driver snd-usb-audio failed with error -22
[ 2082.879362][T17712] usb 2-1: USB disconnect, device number 20
[ 2082.882261][ T1347] udevd[1347]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 2082.903174][T27928] qmi_wwan 3-1:0.108: probe with driver qmi_wwan failed with error -22
[ 2082.919662][T15868] usb 5-1: config 0 descriptor??
[ 2082.946551][T27928] usb 3-1: USB disconnect, device number 17
[ 2083.043689][ T1344] loop0: detected capacity change from 0 to 7
[ 2083.053156][ T1344] Dev loop0: unable to read RDB block 7
[ 2083.059214][ T1344]  loop0: unable to read partition table
[ 2083.092358][ T1344] loop0: partition table beyond EOD, truncated
[ 2083.135960][ T1344] loop_reread_partitions: partition scan of loop0 (�被x������ ) failed (rc=-5)
[ 2083.680144][ T5908] usb 4-1: USB disconnect, device number 119
[ 2084.048809][ T5204] Dev loop0: unable to read RDB block 7
[ 2084.054819][ T5204]  loop0: unable to read partition table
[ 2084.066697][ T5204] loop0: partition table beyond EOD, truncated
[ 2084.133621][ T1367] __nla_validate_parse: 47 callbacks suppressed
[ 2084.133639][ T1367] netlink: 324 bytes leftover after parsing attributes in process `syz.0.6990'.
[ 2084.149364][T10845] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[ 2084.373571][T10845] usb 3-1: Using ep0 maxpacket: 32
[ 2084.401664][T10845] usb 3-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[ 2084.416254][T10845] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 2084.510763][T10845] usb 3-1: config 0 descriptor??
[ 2084.543339][T10845] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[ 2084.647917][ T1376] netlink: set zone limit has 4 unknown bytes
[ 2084.668892][ T1375] netlink: 'syz.0.6993': attribute type 10 has an invalid length.
[ 2084.680273][   T36] ------------[ cut here ]------------
[ 2084.686891][   T36] RTNL: assertion failed at ./include/net/netdev_lock.h (72)
[ 2084.696118][ T1375] bridge0: port 2(bridge_slave_1) entered disabled state
[ 2084.703585][ T1375] bridge0: port 1(bridge_slave_0) entered disabled state
[ 2084.756803][ T1375] bridge0: port 2(bridge_slave_1) entered blocking state
[ 2084.764062][ T1375] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 2084.770965][   T36] WARNING: CPU: 0 PID: 36 at ./include/net/netdev_lock.h:72 __linkwatch_sync_dev+0x303/0x350
[ 2084.781820][   T36] Modules linked in:
[ 2084.781842][ T1375] bridge0: port 1(bridge_slave_0) entered blocking state
[ 2084.785852][ T1375] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 2084.793743][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) 
[ 2084.813215][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2084.823791][   T36] Workqueue: bond0 bond_mii_monitor
[ 2084.829097][   T36] RIP: 0010:__linkwatch_sync_dev+0x303/0x350
[ 2084.835254][   T36] Code: 7c fe ff ff e8 4e bc 69 f8 c6 05 f5 6d 34 06 01 90 48 c7 c7 80 b8 92 8c 48 c7 c6 7a 97 9c 8d ba 48 00 00 00 e8 ee 66 2d f8 90 <0f> 0b 90 90 e9 4d fe ff ff 44 89 f1 80 e1 07 38 c1 0f 8c 22 fd ff
[ 2084.855217][   T36] RSP: 0018:ffffc90000ac7670 EFLAGS: 00010246
[ 2084.861728][   T36] RAX: e69fc1ea81475500 RBX: ffff888079d4c000 RCX: ffff888143ae9e00
[ 2084.869918][   T36] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 2084.878153][   T36] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[ 2084.886255][   T36] R10: dffffc0000000000 R11: fffffbfff1bfa9e4 R12: 1ffff1100f3a985d
[ 2084.894372][   T36] R13: dffffc0000000000 R14: ffffffff8c1c4608 R15: 0000000000000000
[ 2084.902529][   T36] FS:  0000000000000000(0000) GS:ffff888125c51000(0000) knlGS:0000000000000000
[ 2084.911621][   T36] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 2084.918317][   T36] CR2: 0000200000111030 CR3: 000000007fd2c000 CR4: 00000000003526f0
[ 2084.926657][   T36] Call Trace:
[ 2084.929999][   T36]  <TASK>
[ 2084.933062][   T36]  ? ethtool_op_get_link+0xd/0x70
[ 2084.938173][   T36]  ethtool_op_get_link+0x15/0x70
[ 2084.943279][   T36]  bond_check_dev_link+0x444/0x6c0
[ 2084.948474][   T36]  ? __pfx_bond_check_dev_link+0x10/0x10
[ 2084.954417][   T36]  ? netdev_lower_get_next_private_rcu+0x9f/0x100
[ 2084.960904][   T36]  bond_mii_monitor+0x428/0x2e00
[ 2084.965940][   T36]  ? bond_mii_monitor+0x153/0x2e00
[ 2084.971264][   T36]  ? __pfx_bond_mii_monitor+0x10/0x10
[ 2084.976710][   T36]  ? __lock_acquire+0xab9/0xd20
[ 2084.981676][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[ 2084.987484][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2084.992833][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[ 2084.998623][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[ 2085.004580][   T36]  process_scheduled_works+0xae1/0x17b0
[ 2085.010352][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2085.016482][   T36]  worker_thread+0x8a0/0xda0
[ 2085.021447][   T36]  kthread+0x70e/0x8a0
[ 2085.025621][   T36]  ? __pfx_worker_thread+0x10/0x10
[ 2085.030852][   T36]  ? __pfx_kthread+0x10/0x10
[ 2085.035596][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2085.040912][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2085.046278][   T36]  ? __pfx_kthread+0x10/0x10
[ 2085.050980][   T36]  ret_from_fork+0x3fc/0x770
[ 2085.055737][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[ 2085.060973][   T36]  ? __switch_to_asm+0x39/0x70
[ 2085.065905][   T36]  ? __switch_to_asm+0x33/0x70
[ 2085.070780][   T36]  ? __pfx_kthread+0x10/0x10
[ 2085.075512][   T36]  ret_from_fork_asm+0x1a/0x30
[ 2085.080394][   T36]  </TASK>
[ 2085.083923][   T36] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 2085.091245][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Not tainted 6.16.0-rc1-syzkaller-00236-g8c6bc74c7f89 #0 PREEMPT(full) 
[ 2085.103253][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 2085.113361][   T36] Workqueue: bond0 bond_mii_monitor
[ 2085.118598][   T36] Call Trace:
[ 2085.121898][   T36]  <TASK>
[ 2085.124848][   T36]  dump_stack_lvl+0x99/0x250
[ 2085.129475][   T36]  ? __asan_memcpy+0x40/0x70
[ 2085.134093][   T36]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 2085.139328][   T36]  ? __pfx__printk+0x10/0x10
[ 2085.143958][   T36]  panic+0x2db/0x790
[ 2085.147900][   T36]  ? __pfx_panic+0x10/0x10
[ 2085.152368][   T36]  ? ret_from_fork_asm+0x1a/0x30
[ 2085.157343][   T36]  __warn+0x31b/0x4b0
[ 2085.161361][   T36]  ? __linkwatch_sync_dev+0x303/0x350
[ 2085.166783][   T36]  ? __linkwatch_sync_dev+0x303/0x350
[ 2085.172195][   T36]  report_bug+0x2be/0x4f0
[ 2085.176561][   T36]  ? __linkwatch_sync_dev+0x303/0x350
[ 2085.181965][   T36]  ? __linkwatch_sync_dev+0x303/0x350
[ 2085.187389][   T36]  ? __linkwatch_sync_dev+0x305/0x350
[ 2085.192820][   T36]  handle_bug+0x84/0x160
[ 2085.197083][   T36]  exc_invalid_op+0x1a/0x50
[ 2085.201615][   T36]  asm_exc_invalid_op+0x1a/0x20
[ 2085.206576][   T36] RIP: 0010:__linkwatch_sync_dev+0x303/0x350
[ 2085.212581][   T36] Code: 7c fe ff ff e8 4e bc 69 f8 c6 05 f5 6d 34 06 01 90 48 c7 c7 80 b8 92 8c 48 c7 c6 7a 97 9c 8d ba 48 00 00 00 e8 ee 66 2d f8 90 <0f> 0b 90 90 e9 4d fe ff ff 44 89 f1 80 e1 07 38 c1 0f 8c 22 fd ff
[ 2085.232213][   T36] RSP: 0018:ffffc90000ac7670 EFLAGS: 00010246
[ 2085.238389][   T36] RAX: e69fc1ea81475500 RBX: ffff888079d4c000 RCX: ffff888143ae9e00
[ 2085.246382][   T36] RDX: 0000000000000000 RSI: 0000000000000001 RDI: 0000000000000002
[ 2085.254458][   T36] RBP: 0000000000000000 R08: 0000000000000003 R09: 0000000000000004
[ 2085.262447][   T36] R10: dffffc0000000000 R11: fffffbfff1bfa9e4 R12: 1ffff1100f3a985d
[ 2085.270442][   T36] R13: dffffc0000000000 R14: ffffffff8c1c4608 R15: 0000000000000000
[ 2085.278451][   T36]  ? ethtool_op_get_link+0xd/0x70
[ 2085.283506][   T36]  ethtool_op_get_link+0x15/0x70
[ 2085.288559][   T36]  bond_check_dev_link+0x444/0x6c0
[ 2085.293706][   T36]  ? __pfx_bond_check_dev_link+0x10/0x10
[ 2085.299373][   T36]  ? netdev_lower_get_next_private_rcu+0x9f/0x100
[ 2085.305898][   T36]  bond_mii_monitor+0x428/0x2e00
[ 2085.310870][   T36]  ? bond_mii_monitor+0x153/0x2e00
[ 2085.316028][   T36]  ? __pfx_bond_mii_monitor+0x10/0x10
[ 2085.321448][   T36]  ? __lock_acquire+0xab9/0xd20
[ 2085.326363][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[ 2085.332119][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2085.337342][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[ 2085.343085][   T36]  ? process_scheduled_works+0x9ef/0x17b0
[ 2085.348830][   T36]  process_scheduled_works+0xae1/0x17b0
[ 2085.354432][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[ 2085.360461][   T36]  worker_thread+0x8a0/0xda0
[ 2085.365091][   T36]  kthread+0x70e/0x8a0
[ 2085.369171][   T36]  ? __pfx_worker_thread+0x10/0x10
[ 2085.374291][   T36]  ? __pfx_kthread+0x10/0x10
[ 2085.378893][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[ 2085.384099][   T36]  ? lockdep_hardirqs_on+0x9c/0x150
[ 2085.389311][   T36]  ? __pfx_kthread+0x10/0x10
[ 2085.393909][   T36]  ret_from_fork+0x3fc/0x770
[ 2085.398612][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[ 2085.403738][   T36]  ? __switch_to_asm+0x39/0x70
[ 2085.408508][   T36]  ? __switch_to_asm+0x33/0x70
[ 2085.413283][   T36]  ? __pfx_kthread+0x10/0x10
[ 2085.417881][   T36]  ret_from_fork_asm+0x1a/0x30
[ 2085.422662][   T36]  </TASK>
[ 2085.426034][   T36] Kernel Offset: disabled
[ 2085.430371][   T36] Rebooting in 86400 seconds..