last executing test programs:

5.912949366s ago: executing program 3 (id=1999):
get_mempolicy(0x0, &(0x7f0000000080), 0x10, &(0x7f0000b05000/0x1000)=nil, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000001000000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff000000004e040100000000002d400200000000004704000001ed00007b130000000000001d440200000000007a0a00fe00ffffffc303000010010000b5000000000000009500000000000000023bc065b7a379d17cf9333379fc9e94af69912435f1a864a710aad58db6a6c3692e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c5181554a090f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5be14ecf7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e347a8ad880d2cd829b847400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c35b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af8612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5e69048ddff6da409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03fb8a63e089679216da18ec0ae564162a27afea62d84f3a10746443d64364f50000e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc286463a2b1e992894269f478341d02d0f5ad4bcb524a5a17f48a7382f13d000000225d85ae49cee383dc5049076b98fb6853ab39e415140200000020cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d710b651f898ba749e40bc6980fe78683ac5c0c31030699ddd71063be9261b2e1aab1675b34a22048516d6aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe0e669e5e20100005353193f82ade69d0540059fe6c7fe7cd8697502c7596566d6740300da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc02290beaeb883418f562ae00003ea96d10f172c0374d6eed82641687f3b3a70bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24c87afce829ba0f85da6d8a8f18ea40ab959f6074ab2a4009b9e5f07ab5138aa6e3d37fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0cbe02b6e4114f244a9bf93f04beb72f0861f7580e6b0b384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a9b702cc1b6912a1e717d29135753208160fb04c98375b9cdbae2ed9dc7358f0ebadde0b728fe26e37037f27feeb741680f6f2f9a6a8346962a350845ffa0d829e4f79ad7d87906943408e6df3adbfd03aac93df8866fb010aecfed9092ca4d0f3e1116a0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a530600d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91114a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe92c7719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a9037d2283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b1dba94a6ea80c33ead5722c3293986e02c8e0a6dda1eca493f14795bd068826fe8df15efaaeea831555877f958a19e499666a38d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a8784d0899ed888141e2fae6691d1aee1da02ba516467df3e7d1daac19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa57d2c93f49c47944fec01a8aa7749f3187e9efb00000000e0884160b765b07ec9ba020362310223c81e48d6d3b6e5b50d45248efe43a409773e3ed01cd663f3aaab9e1c0000f43b64bb54e5b30be3399e3dd1eb1cfd1935a323023fe5792879833c7eb356b95cfb135045b1d8f7da2fa5bfedef411d0791523a9e64c884e9dfed9cd413afe66bd8ee831cdb34726fe0434fbf44c7b33a853330bcaf37ba4e36705807468b37d32087e599165f1bce015145444ef5967b443222f46173cc876015b2d1874be9846f7c1653c02d2ef9a75fdc45820c69bbe1cb575f9aa21aa9d3d58bd5e5fe026142a72e24049b8400c4a28b2d5db8d5f53cb354fba19975fb0b3739baae51cb4b034993ef1463dcdba2da419b320420efdd091d7f6e83c8ac2ccc6c9392a42a33907421ab847c9590c213eda9a7e1db598a23e75a3c0933fc803ca994a86476b995c37c445f68fd99fb4d335ff00d15bc4630c993fffffe000000000000a236a791bcb6eff8d488041db6b8f2c158c2c3f4baacd0c8cc7eb1fd7fba93237e598771cf6f281aa72139"], &(0x7f00000001c0)='GPL\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

5.616681489s ago: executing program 3 (id=2002):
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/cpuinfo\x00', 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
syz_open_dev$vim2m(&(0x7f0000000080), 0x3fe, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
gettid()
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0xf, 0xfffffffffffffffe}, 0x0)
syz_genetlink_get_family_id$ipvs(0x0, 0xffffffffffffffff)
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000140)='net/ip6_flowlabel\x00')
pread64(r2, &(0x7f0000001600)=""/4089, 0x5, 0x200000000000049a)

4.688954867s ago: executing program 4 (id=2008):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x69, 0x12, 0x18}, [@ldst={0x7, 0x3, 0x5, 0x0, 0x0, 0x15, 0x1}]}, &(0x7f0000003ff6)='GPL\x00', 0xa, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000)={0x0, 0x1a00}, 0xb5, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

4.474447717s ago: executing program 4 (id=2010):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000003980)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000074000000090a010400000000efff00000700000008000a40000000000900020073797a31000000000900010073797a30000000000800054000000021380011800a0001006c696d6974000000280002800c00024000000000000000030c00014000000000000001010c0001400000000000000101b81700000c0a01010000000000000000070000000900020073797a31000000000900010073797a30000000008c1703800c0000800800034000000002"], 0x1874}}, 0x0)

4.364739414s ago: executing program 4 (id=2011):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000480)=ANY=[@ANYBLOB="12010003f6fdd140402090bb75f60102030109022400020100500409f900f700c873b808090504105802030d5809040fbeb37c2406e769c9d6aff1af1ccba2ab3a6f5c6161e200e42e1a08ee336a25308f948fb3382b68cd86b1dd2d3a582ce7793cffff00009d5889cbd14c5e26380cde24d8a0f1ef05055051cf472f11b6fcf1c323a423691d3b2e1da815145b93d077c15f9264dffd62aa13cb034a38112f764595d54eb12f07ca50764f2afcc50bb6ff15ec06974d570afbc1bacf6c20e0fccde4ece1b58d8e036ee56f88cd8b37f661ceee1a83f753a3c8304fb7d3d7ec0a610758641f92b7adfd882664c3719e2056fc3d517b1bc9e9"], &(0x7f0000000e80)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, &(0x7f0000000200)={0x14, &(0x7f0000000000)={0x20, 0x3, 0xab, {0xab, 0xc, "e7c13d39007366246a7ab0061f7beb0419496820837a367b9092a401f82a945ac35f9f9d59b0cc5d837c1520e0e99bd2243e6b0b8d8c27bc30133fe8aa580d2c355481a1d526e36063f9b3aa752b06dd0f451db054b136f0bd2ca07fc14ce0269ca5de6681bbae0d52417878d720f76193fb5ffcde3728e62532488c77d20281ac5db39acf40a64a24689838be99fd69ab57e4b485ceb5b0b29d912dc0409ef339f05594bb3dc2930b"}}, &(0x7f00000000c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x2c09}}}, &(0x7f0000000440)={0x34, &(0x7f0000000580)={0x40, 0x13, 0x8b, "2dea8b00ae0612dde49a4061945d0ba278f053ca6740b3c3c89eb1a524bbe0c6ba6b9d65a916abeaeb0d90985c7a36b27946269219a26b5d3a9ddc879980572e90419eb60092d5858821d8340bc982fd381c1e13ff081ee1a72dd5e4ec93b68ddd511f73ec3543d3b43ee4aba302ef2ee285ae74b40ff98c708aa1f44ec305e5a2dff10214cb3634e58c6b"}, &(0x7f0000000140)={0x0, 0xa, 0x1, 0x4}, &(0x7f0000000180)={0x0, 0x8, 0x1, 0x5}, &(0x7f00000002c0)={0x20, 0x0, 0xe3, {0xe1, "bd819058ff5749ce5655b2c5c544620b00d70dbe6d28cd2fd49cd8772522c8f726cf543392de487f843b474022a782d43caf674576e3d8b25718169742610b1bdebf6abb4d669a2240bdbd3efc9cffb160218d1e31341f3028e4819c7a3e499eaff68ede1b9eaf1121af6b4ae93f04c98349e2ae74be4d006de80eaa8ca669d12559f7b5ca0a8b99ad331fdadcad2f3a30f7901ed66e41b27c53d3966ae104106c5a6523247d643000688213b888becc767ad5d2fe59e6c77552fa9a509aa2140b0760f62d5f69511b1bf0330be33fd20f0d03de74b258e5f676a7492289dcfb67"}}, &(0x7f00000003c0)={0x20, 0x1, 0x1, 0x1c}, &(0x7f00000001c0)={0x20, 0x0, 0x1, 0x7}})

3.920108973s ago: executing program 3 (id=2014):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$netlink(0x10, 0x3, 0x80000000004)
write(r1, &(0x7f0000000000)="29000000140005b7ff000000040860eb01ff00159f02c26ed638eeb738256e06a40e07fff0797ed9fa", 0x29)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/igmp\x00')
lseek(r2, 0x8, 0x1)
getsockopt$SO_COOKIE(r0, 0x1, 0x39, &(0x7f00000000c0), &(0x7f00000001c0)=0x8)
syz_usb_connect(0x0, 0x24, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000c166a0108307001276ff0102030109021200010000000009040000007be4a8e8"], 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000180), 0x1, 0x0)
syz_emit_ethernet(0x52, &(0x7f0000000540)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a010101000000008903ce070200"/62, @ANYRES32=0x41424344, @ANYRESDEC=r1, @ANYBLOB="a8"], 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000d80)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000600)="11", 0x1}], 0x1, 0x0, 0x0, 0xf5}}], 0x1, 0x4c040)
r3 = add_key$user(&(0x7f0000000300), &(0x7f0000000380)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f1068", 0x9, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="48000000100005040000000000000000", @ANYBLOB="ebffffffffffffff280012800b"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r4 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r3, r4, r3}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r6 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r6, 0xc020aa04, &(0x7f0000000000)={{&(0x7f0000056000/0x4000)=nil, 0x4000}, 0x5, 0x2})
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r8 = dup(r7)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000340)={0x1ff, 0x2, 0xeeee8000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000480)="0f78800048b8ca000f00d00f38f18300206766c7442400000001006766c74424029f2375fe6766c744240600000000670f01142466b80a0000000f23c80f21f86635000080000f23f8baa100ec10940080f3673e26f40fb518bad10466b8c799de1666ef", 0x64}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r7, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r9, 0xae80, 0x0)
utime(&(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))

3.620133739s ago: executing program 1 (id=2018):
socket(0x10, 0x803, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x22803)
openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0), 0x80d02, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x1, 0x5, &(0x7f0000000500)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000850000000800000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
syz_io_uring_setup(0x3488, &(0x7f0000000500)={0x0, 0xd2a7, 0x10100, 0x1000, 0x181}, 0x0, 0x0)
syz_open_dev$hiddev(0x0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000040))
socket(0x10, 0x3, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
dup(r4)
r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000006c0)=ANY=[@ANYBLOB="4c000000100003040000000000008a0000000000", @ANYRES32=0x0, @ANYBLOB="1502ffffffa100001c00128009000100766c616e000000000c000280060001000000000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x4c}, 0x1, 0xba01}, 0x0)

3.358826137s ago: executing program 1 (id=2019):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_TEST(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="640000000906010800000000000000000600000505000100070000003c0007801800148014000240fc00000000ffffffffffffffef0000011800018014000240ff01000000000000000000000000000105000300070000000900020073797a31"], 0x64}}, 0x4800)

3.328190391s ago: executing program 1 (id=2020):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x69, 0x12, 0x18}, [@ldst={0x7, 0x3, 0x5, 0x0, 0x0, 0x15, 0x1}]}, &(0x7f0000003ff6)='GPL\x00', 0xa, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000)={0x0, 0xc100}, 0xb5, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

3.271844893s ago: executing program 1 (id=2021):
socket$alg(0x26, 0x5, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x1, './file0\x00'}, 0x6e)
getgroups(0x0, 0x0)
r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f00000000c0), 0x109801, 0x0)
timer_create(0x1, &(0x7f0000000080)={0x0, 0x15, 0x0, @thr={&(0x7f0000000100)="1f8ff78638ba9ecb1c8e5537b4eacd41813a38a77d2be3a371eb2deed48ca346ae0d4527452f79d6c235b39bb352662f94ae7cb962f3529526e235a92d203640312ee04403b4ca5902693fe69ef320fbc28ab400b377adc94fd1694ad0c1794ca4f4f9b4e1ccbe754b47ab114a81aa171f8852408de48b79a6960570828b3ce3208a937c", &(0x7f0000000400)="adb466af69d061933df8309db320f8e232cb3c545b4c825dcdff754b1b4ac0ae5f77d61321cb46e3f24a75c7e94a238b2eb307c38e6dbb24f5be54d0918a8c6fe871db4290d5658996ddf169bc7ce911cdd73360698afb587437c61ab4f8ae2835efaddacb9778c2f495a426e904915621a13a6976ca6275d42aa54c626ae924882157152da54334861672b8ba7846ecc92f8e7d4d70a84b2524473754d70e583c0340fe78628cbb9f2eefd91420bc3ede986693a5da0fed59b0239f9270905934af20f9e4cdb02dad91efb942295fca791587a820eed144280dad6600f4c531f120600d8524c825def05cc1b38f11935e65c64cbe5d2c2627e87764cd42591c19342b1fbcee512e2e50a7919686009cbab9fe87c7a452f7f4fc5b58905eda530c5c113a5adcf7cfbac1cc53603e98a941b3a58a082256b41cfa068a9e6a1e43e85346fb97ac2ada4580bd71d69e0dec52154ecd7879b05fc17b4251aef96dacdc8d825bd238eabbedc3e5e885b42aadb88c47bb470329463515f18a39072127d632d4482db417f0c2fa9af46ccd401a9a0c4d98a475caf3519be62c3494613d869a81d41e5787d87f2f53a94db6e9a36d486902895e1410de93c2886ee8360ed4c54d0846f647948638bdd204a7a475caee997516915b344d3d8975f2fdc82ae7086abf5d0abc13c6624655e32bd869a3dd4d4fe112c70fd3ec368407e309e756931961ff11c35bbad56530c7c095ef43fb69d54ddc2591605c30eb954a505a9f23f9e526bbc44eb97fb15c0c070ba3a2dec65b0b1b564473aebb80352dfc0ef4885eb6d489cd6dd4a54c4618f1f697e97e59b77d23e90dfacf1439bbc0e0baa0b8c4b79ed90dee58f219f672a7dca07819e2dda75495b8ba620f013246638a248ea068878ee71c90aadddbd55d934fdaddf662b6e9d80dae16ca2c7ef93c288b764fde6d0aff60d04205a3a81ea52e15bafaeb5e19affb10464908a1fcdf1e921b223499022009a683b9ac8c003f57b00e2ec3d3a96c1bbf2c841f3deecc2c972203c61a5ac5e24abff643ee39e9915a7685b7300656e1370e9a9a2cf284146ce4dbc6b16ecd673dc2c64aa4c321e780bd27be3c0ffe1d0cdd74f7a0571ac99f64f44ea2fd0ad3234f167314f415ca6f27cc19d4f8ffed5c66e6b150d139fdc403eb4b80d4403434cf706e1046c05a74bad41d1301aff4554b091a89710d0fcc149e15a5ce52175ea160aac0bb5d9b749f3f8c5cf1d102ebb34ba9544cfae9fd89543cba9e234f7986b66f3fcbefa43dc919a88bde4203169734ea46f4a07ba320d98d0fe0c31d8e6b88a0cb8be58f3dd943c8581e69c0dc1394b39c16ca82bc9715cd2349d59cbff62ecebccca998abdad76a38c248551f970ef3b3ae28158a84575c77eb992e155920f1ed7d086739e5bba83be44d177d31eb2bd84f76702cdc4aa40fb7ded5118ab7e7511595f15cd5e66524c67eacfa004a3533dad2f6accdc56eb583a48556c9b0799f45cce4b838d90bdffe325810acc50971dd1ffcd2dae62924900bc650a2bbcadd283bddda1253cd5e48e314216a547751192e17ee8e1cd42ed75d6acabb7cd1da1f61510b36eaebf2cb60b2748e8cf6f51016fcbe6d846647213f8a819c0f57b15ff09dc7c3e55f5710e397fe3407ec9d3cd9e32c9c7fee32594c16a862de4cdc3c8c89fafcd856b1f9edbdeda2a54361ab4686480291e2a1650dc2b3f609065b79b6429b9e75bd21b90190ffcef761142057cd274c435ff81fdfd900fc73e35046fe02f380e70d4550f84845df869eea2aa594dd89c329b23a451d5982d494497e7e8c2a26c7a8bebfb3ee1b5a9359e43134280d7f0a7f6845cf242fb4acd73572328305db909918229e63b1dbe9ee676b726407bbfff366a5e07d1706f0b3425b6e79725792162f7a7242d4ea3de7bc613da7c1b6d8043b2baf21d6e7b5f83b7301aed4154d58e32df56a473eb21d28f5e800b5ff848ce9fc9e83028a02a1ea0ada85238a86595e470e9bf1684e5f29ea5db5a1b20f6634984517666ea317325e974e9e00ba93efe24da262b27c68beea4c589e99127e2503114c5e4d4c65febe46ba25888eeed37268f875fe9f5e535662b3ccefda2f5c45097a16b63e372d03c4959640f4ce3d3a22f57135e7b9d7f0c2a123cc0ef7ed096e86b4cd80512acfb9e36d21511b481cfb2231ee3671aa13003a2340f3eaf2935b72e44a294f268dc9e002e4e94342b19beebc3da860865d88bc075c380885b251b4bdd2ccd66b70d3ab49c2633bd8b3bd5eae0331c803b9cb9a55bcfca1ce0e4f83cc8cd28efd52539a7da71cfccbbad7aa21211ce9d30d6aae7c9a8403dc87b24b34f8b75162f5d9a0398f0b648a1c54ae2fc794737e0a06ac600ab4aae9690d5e3ead322c8864c738c7f47f6dae17ac6682bbe6f531617585dcbad5e86b4d4c175dde845787203b578e8885044985b585daeb44427614bb0527aaeed60f13fde995855650bd44f32977b24f31403fdd07af1ea2db7307e7f031162e26278951cb585081c3f6647abd9efb23bff0dbc65b285a10e2fd705501e5ff03f28155deaf183af492ea61569cd898fd15a4f3235b40dcac3e6f7d5af02c4543e162218a9beb2f21f8a784607c3def697e587efa96944370b6011104b0350dec16761dd116e183977a468145f5c11d65ba6081fd6bde60e5b6c0327a6019882785429bde075fcef9525b06906f890d339c257beb64261de61fbdd459e15c3883710a6b996cb5207ad6ceed837904f221e4255cabe1497b94ee8dc50c89eea0f9bb995d38834e37b321693310499b2913b81660b794560ffcac4c7021f05713156f01e709b810dd8d2e4c519ade90ae034c1d1eafee52e4e57f3b1bf995dc861883ca865643755236d5390a5585f1eca91e08752bb37ed5b840ad42bc1957b07a48c2012725a975bf0fa1442a7b8974edd765e94d54adb79948e84c15228cb2c7595bad6e3a127f13d9423412f0302014801c8517fcd0d2e9f8e96a2683484be75787c605af6415949a86baf472d2862834327140020518f4428e47bb6836b408574dbcf3e2b608af0c4389127c4503cb6a36dd8a9a44072f7fafe4c398cbc215b94e762fa836f3f4528f9080a3a4c0735b24c7c94870e7e87d8f9a88d9360093eff274e0786e1b0a9240e1608a300b9cc57571085aa56a20872ed3e18ce31f2cef40c9aceb8c0e615ea126115a8062789f8b5696397fa4510c3853fdfae94459edb62b7ded9b84106de40353c1895cf3c69b77edd8ff5c486736ae903240c7d4156b558d8892022c3f61e8994ba2dcb5c3cd78870211edb735245c495226784afdea63d3e3d90308568cdb768cd4dbe4089838b41d58b45a86e1292544075f473c0a6e516f4c5295df5d6327c47f6b0bd7324d222d0974f7920bdcbcda71d679a9891020587df9aadea3e5e3930033caac4b701834be63461f8a9d793ec288e42d8cc17875ca66ffd6041060008835406d37490dc3eba7aaf5649341b5b090d6e979f6deabcb07622ffed58f49f69bbaf370f0e0bed853d1cac4bb4279125890de60547867299fbc7c8dbf436b9917bc526a2b2dd309732d1e33fb076d9203d4830b25c34b59fa7a1ffabccc02ec0a287e4a620dc66830739e33f08c426182178d24d4fb3b10b27db19a46f82b5c537feb7523e9e3988eaf79af82d9f05fb74cb6abd73097e09f1c0487be3bda012ac4671b995125c7bf83437286705212ec5fae8eee7c2a708e8a949136ae1630b07d50b13622cf4405934221197d7f75f9b4cdd95a73cba3c98498d63658464e5faddf92d765ce10d642922bb9076f45c88c2559b9ab2ab3d13d88539d8eaa5fd60901b2a3bd4947b35ee9402a93a94c6f8cc7343cf871d8804230b05905143bd8c4095bb9f8e3c3c04af076ba3dc5fefef308b063d297c788601454d738877ddec3c7bceaefbd6e581e6c6050570e2daed00ac99ad364c6fec6bdafb39eac2e065ef84bd56e333241770ab9829602037ff91bf32ada7be172c3b47f937bbd4dfe478dfe2c2fa0a5303aac847cd3db4b8843c0b4210f76f1f9ed50a0c1dc5953d857d80d4110af3b31ab555784b8241e5b187b939886eda9d72c6747c548faae06b3fb257cc77b86b8f6c1422169efde05c6e8a53ebfb4d27144f42bbb651f5c2abc8246605d84b95bffa8f420887ebe995c974265ba3fd1182dcf6ea145dc4b2ad1245e0ed703df0d581eb278e19509a712146f0313099bdc92bc4c68ef12145747bf15566a01e6d0124d0d6d3377eab5824d1a7c1236dd6e9feed65a4d3ef9c8ab3e79c89890fa0da8eab2cd16fa10620b4f88345fb9236e2f237cc051e0446d1c0853d75ebf0c70f42a51f1694f3c05f0d8ef29803a3b957176df49cc8d9ebe73690bd4e9b3cfb33d876fc20d8d16dedda8e17693583f61acc76bc8e76cf207dbaeece2f419ea1f17204ba82e6f5c275b62fdd08d69a9b650a5112487a52e46da62dda05eef1e1c756058d307aa7dc694d7cf20b7d72e046a91083a4dc5425df13b0c8e22574381eaf47604acc5d6a8e1685976f83d23d55f866630fa8aa983017731948b81fe555c9f55def358c9abd96013da39479269a1e955618f124687f7c44a91d3580e2f1fb4d5cae8640bc825211988220eca6a68e88365b382d6979415257f4b230c1f00caa7ddca930785ee05f824f24b623796fc87417876d01a63bef3457ea66c8257704e0f699e50d03550444b48363f4ea0a5845605a528000e4c92e70d44fa8586e8301d0fca8c92c624cddd6bb03c2fc8915fa74a8a6cd9a59992d03402b15ece0d18c3d6151bc312a448bf47bb17b0dcc7d4ea545d76bb20a6376c03c0ab21c10a28a8278a252762cd8db81b4062e1d1f5f4d39155a8c5539203fec15d0868b0ef0ddb16994e851ea55d1b04145031d28bb5535eff9d2d80eea96926346ecf2ab70b1f5418e5c1fe9410b78134592abca3659e99a25f7ca6fedcdb56c000892ae40bbe506d180c6f9c020946a6c953234a703be9448fc84a6b81760ddb69ca135d090ce4721c322fd67adfbe1d3b3aee6e6cecba15bdd8aa4d14cf28d159ba55497469d6821de32ed3c2074f1a83ff3ea4d93d227ef5978f4aa7af4d2f07529cad12b8ceef5aaa4e28c9a41eebb299735c427e5c089337d13fec656e65bee4197a5f75a25aec77282dcef1895770e0814acd6aa31a8337cb657ba67f532b0cdb2eb83d39906266940fd0b8a63e551c98a154f435c64999916da2766ceaf39f6940b70261a733866d3409975601bfb52f1bb7f54808a129330a885234ef3468521d33e4c2bb27f8907ebe36d3d0eabf753cdc92c5825fc024db346fa7a051ce8b15776c485668f354751f94b384c56a1a321f588392cb09487c2b25608a28b4489a4f1c00c0ec7030a4e279b330b1c950798d04978df51daa606a0561bc7298da444d5f4584c09639bd284e16ba3bfba4aaaa047c1d0914a77864965f5e49a3b4146ec1a22d471bb8a9d2c9bd189a6f3b1f13c63ba487eebf74a814c72b0bb3631a3a0c11638e823dc963dfb1d09c54e1a0bbd7eb727550361c734c98f6d9c851cf5a3708f3ebb88810b1c4ddbfa2ccb25f84bde3629171b226f7defca0c4db04c8be64bfc1590fbd5e4b0d27a819bb30c8e8018dcd80d91fff043d9a085f8dc248df8e0a64ccb3ce7ccacf0e4c9f112f260887413877479ec7eac2f77ef2acc99de4031deaaac18db19450af098122c380e808c2f11bbb855773e1f1bbec755a280e35f2d1"}}, &(0x7f00000001c0))
write$dsp(r1, &(0x7f0000002000)='`', 0x88020)
ioctl$SNDCTL_DSP_SUBDIVIDE(r1, 0xc0045009, &(0x7f0000000000)=0x4)
r2 = socket$inet6(0xa, 0x1, 0x8010000000000084)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000000200)={0x0, 0xfff}, &(0x7f0000000280)=0x8)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f0000000340)={0x1d, r5, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
ioctl$F2FS_IOC_SEC_TRIM_FILE(r4, 0x4018f514, 0x0)
setsockopt$sock_int(r4, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000540)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
setsockopt$SO_J1939_FILTER(r4, 0x6b, 0x1, &(0x7f00000006c0)=[{0x2, 0x10000000000000, {0x0, 0xff, 0x4}, {}, 0x0, 0x1}], 0x20)
sendmsg$nl_route_sched(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x0, {0x0, 0x0, 0x74, r5, {0xfffd, 0xffeb}, {0x1, 0x1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x850)
r6 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_pidfd_open(r6, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r6, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
mbind(&(0x7f0000fec000/0x13000)=nil, 0x13000, 0x1, 0x0, 0x7, 0x1)
bpf$OBJ_PIN_MAP(0x6, 0x0, 0x0)
bind$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e21, 0xffffffff, @empty}, 0x1c)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x37}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, 0x5}}, 0x0, 0x1, 0x3bf8580c, 0xfffffffe, 0xb3550aa4ba878396, 0x2}, 0x9c)

2.742170392s ago: executing program 4 (id=2024):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x11, 0x2, 0x0, 0x4, 0x1, 0xff, 0x4, 0x7, 0xe}})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0xfffffffffffffe16, &(0x7f0000000480)={0x0, 0x92}}, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001500)=@newqdisc={0x70, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x40, 0x2, {{0x1ff, 0x4, 0x0, 0x0, 0xfffffffd, 0x8}, [@TCA_NETEM_ECN={0x8, 0x7, 0x1}, @TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x80000001, 0x6, 0x8, 0xfffffffe, 0xd99d}}]}]}}}]}, 0x70}}, 0x0)
sendto$packet(r0, &(0x7f0000000240)="1f772c23ac637ecf0c298e5feb44", 0xe, 0x0, &(0x7f0000000440)={0x11, 0x88a8, r4, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x14)
socket$packet(0x11, 0x3, 0x300) (async)
socket$nl_generic(0x10, 0x3, 0x10) (async)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000140)={'ip6tnl0\x00', &(0x7f0000000100)=@ethtool_ringparam={0x11, 0x2, 0x0, 0x4, 0x1, 0xff, 0x4, 0x7, 0xe}}) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
socket(0x10, 0x803, 0x0) (async)
sendmsg$BATADV_CMD_GET_MESH(r3, &(0x7f00000004c0)={0x0, 0xfffffffffffffe16, &(0x7f0000000480)={0x0, 0x92}}, 0x0) (async)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14) (async)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffffffffff000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}, 0x1, 0x0, 0x0, 0xc000}, 0x0) (async)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001500)=@newqdisc={0x70, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}, {0xfff1}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x40, 0x2, {{0x1ff, 0x4, 0x0, 0x0, 0xfffffffd, 0x8}, [@TCA_NETEM_ECN={0x8, 0x7, 0x1}, @TCA_NETEM_LOSS={0x1c, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x80000001, 0x6, 0x8, 0xfffffffe, 0xd99d}}]}]}}}]}, 0x70}}, 0x0) (async)
sendto$packet(r0, &(0x7f0000000240)="1f772c23ac637ecf0c298e5feb44", 0xe, 0x0, &(0x7f0000000440)={0x11, 0x88a8, r4, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}, 0x14) (async)

2.65314892s ago: executing program 0 (id=2025):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x54, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x18, 0x11, 0x0, 0x1, @connlimit={{0xe}, @val={0x4}}}]}, @NFT_MSG_NEWSETELEM={0x3c, 0xc, 0xa, 0x101, 0x0, 0x0, {0x7}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xd8}}, 0x0)

2.59891916s ago: executing program 0 (id=2026):
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000400)=@filter={'filter\x00', 0x42, 0x4, 0x360, 0xffffffff, 0x1d8, 0x0, 0xb0, 0xffffffff, 0xffffffff, 0x2c8, 0x2c8, 0x2c8, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0x70, 0xb0, 0x0, {0x88000000}}, @common=@unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x9}}}, {{@ip={@private, @rand_addr, 0x0, 0x0, 'bridge_slave_0\x00'}, 0x0, 0x100, 0x128, 0x0, {0x122}, [@common=@inet=@dscp={{0x28}}, @common=@unspec=@rateest={{0x68}, {'wlan1\x00', 'team_slave_1\x00', 0x32, 0x1}}]}, @REJECT={0x28}}, {{@uncond, 0x0, 0x90, 0xf0, 0x0, {}, [@common=@socket0={{0x20}}]}, @common=@CLUSTERIP={0x60, 'CLUSTERIP\x00', 0x0, {0x0, @local}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x3c0)
r0 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r1, @ANYBLOB="0000000003120100500012800b0001006272696467650000400002800800050001000000060027"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={0x0}, 0x9, 0x0, 0xa1ffffff, 0x4000000}, 0x0)

2.490843392s ago: executing program 4 (id=2027):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0100000001000000a00d35326700000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000540)=@newlink={0x50, 0x10, 0x401, 0x0, 0x1, {0x0, 0x0, 0x0, 0x0, 0x11006}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @xfrm={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_XFRM_LINK={0x8, 0x1, 0x4}, @IFLA_XFRM_IF_ID={0x8, 0x2, 0x2}]}}}, @IFLA_ADDRESS={0xa, 0x1, @broadcast}]}, 0x50}}, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f0000000080), &(0x7f0000000240), 0x1800, r1}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x15, &(0x7f0000000640)={r1, &(0x7f0000000080), &(0x7f0000000540)=""/240}, 0x20)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r0, 0x4018f50b, &(0x7f0000000080)={0x1, 0x0, 0x1})
r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x600)
ioctl$DRM_IOCTL_MODE_GETPROPBLOB(r3, 0xc01064ac, &(0x7f0000000580)={0x0, 0x0, 0x0})

2.461229444s ago: executing program 0 (id=2028):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000140), 0x4000, 0x0)
r2 = creat(&(0x7f00000001c0)='./file0\x00', 0x16c)
close(r2)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB, @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f000000c400)={0x2020, 0x0, 0x0, <r4=>0x0}, 0x2020)
newfstatat(0xffffffffffffff9c, &(0x7f00000001c0)='./control\x00', &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}, 0x4000)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000280)={{0x1, 0x1, 0x18, r0, {r4, r5}}, './control\x00'})
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
mmap(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x4000001, 0x13, r6, 0x4807c000)
openat$mixer(0xffffffffffffff9c, &(0x7f0000003fc0), 0x0, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
open(&(0x7f0000022ff6)='./control\x00', 0x25e041, 0x18c)

2.340735235s ago: executing program 3 (id=2029):
r0 = socket$igmp6(0xa, 0x3, 0x2)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/net\x00')
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@newlink={0x3c, 0x10, 0x49920d862a92153b, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_NET_NS_FD={0x8, 0x1c, r2}]}, 0x3c}}, 0x0)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-aesni-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = accept4(r3, 0x0, 0x0, 0x800)
sendmmsg$alg(r4, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9c0300000000000000344841", 0xe}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d", 0x5}], 0x3}], 0x1, 0x40800)
recvmsg(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/71, 0x47}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20, 0x2, @empty, 0x5f5ee220}, 0x1c)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000580)=@raw={'raw\x00', 0x3c1, 0x3, 0x320, 0x0, 0x168, 0x9, 0x150, 0xb, 0x250, 0x250, 0x250, 0x250, 0x250, 0x3, 0x0, {[{{@ipv6={@empty, @remote, [], [], 'veth0_to_bridge\x00', 'sit0\x00', {}, {}, 0x6c, 0x0, 0x1}, 0x6000000, 0x108, 0x150, 0x0, {0x0, 0x28e}, [@common=@inet=@ipcomp={{0x30}}, @common=@inet=@ipcomp={{0x30}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@mcast2, 'dvmrp0\x00'}}}, {{@uncond, 0x0, 0xd0, 0x100, 0x0, {}, [@common=@inet=@set2={{0x28}}]}, @common=@inet=@SET2={0x30, 'SET\x00', 0x2, {{}, {0x2}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x380)

2.27289457s ago: executing program 4 (id=2030):
syz_usb_connect(0x6, 0x7a, &(0x7f00000000c0)=ANY=[], 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001040)={0xfc, {"a2e3ad09edfc09f91b44090987f70e06d038e7ff7fc6e5539b303d0e8b089b07323068090890e0879b0a0ac6e70a9b3361959b4b9a240d5b0af3988f7ef319520100ffe8d178708c523c921b1b5b35070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2d8160f94e35f2d2d12913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc1943cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
syz_open_dev$sndpcmc(0x0, 0x2, 0x200080)
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50)
openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x400102, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$rxrpc(0x21, 0x2, 0xa)
connect$rxrpc(r2, &(0x7f0000000040)=@in6={0x21, 0x1, 0x2, 0x1c, {0xa, 0x4e23, 0x4, @private0={0xfc, 0x0, '\x00', 0x1}, 0x3}}, 0x24)
fcntl$getflags(r2, 0x3)
madvise(&(0x7f0000950000/0x1000)=nil, 0x1000, 0xe)
r3 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141121)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
syz_open_dev$I2C(&(0x7f00000001c0), 0x8, 0x6100)
socket$kcm(0x29, 0x2, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000240)='net/kcm\x00')
preadv(r5, &(0x7f0000000100)=[{&(0x7f0000000000)=""/250, 0xfa}], 0x1, 0x185, 0x0)
syz_io_uring_setup(0x38fe, &(0x7f0000000300)={0x0, 0x1fffff, 0x10100}, &(0x7f0000000180)=<r6=>0x0, 0x0)
r7 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/resume', 0x149282, 0x10)
write$cgroup_int(r7, &(0x7f0000000040)=0x902, 0x12)
socket(0x25, 0x6, 0x7)
syz_io_uring_submit(r6, 0x0, &(0x7f0000000140)=@IORING_OP_LINK_TIMEOUT={0xf, 0x70, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x1, 0x1, 0x1})
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4004800}, 0x4000804)
sendmsg$NFT_BATCH(r8, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000080000000000000000000000000a64000000060a0b0400000000000000000200000038000480340001800c0001007061796c6f61640024000280080002400000000008000440000000ba0800054000000010080003400000005d0900010073797a30000000000900020073797a5bcf000000140000001100010000000000000000000000000a"], 0x8c}}, 0x4048010)

2.249928032s ago: executing program 0 (id=2031):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r0, 0xc4c85512, &(0x7f0000000040)={{0x0, 0x3c, 0x0, 0x0, 'syz0\x00'}, 0x0, [0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x890, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x20005, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0xffffffffffffff7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x0, 0x20, 0x0, 0x80000, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8e]})

2.067528805s ago: executing program 2 (id=2032):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x1, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x0, 0xcf6, 0x34424752}})
getpid()
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x7, &(0x7f0000000200))
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x7, &(0x7f0000000000)={0x1, 0x0, 0x8, 0x1000000000000})
syz_open_procfs(0xffffffffffffffff, &(0x7f0000001100)='fdinfo/4\x00')
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
r3 = socket(0x1, 0x803, 0x0)
getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r4 = socket(0x10, 0x803, 0x0)
r5 = socket(0x1, 0x803, 0x0)
getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295a5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r6}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}, @IFA_ADDRESS={0x14, 0x1, @local}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

1.970689477s ago: executing program 0 (id=2033):
r0 = syz_io_uring_setup(0x88f, &(0x7f00000001c0)={0x0, 0xaef2, 0x0, 0x3, 0xbfdffffc}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r3, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$nl_route(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000001a001fffffffff7f0000000080000000f33612"], 0x24}}, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r4 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x1, {0x0, r4}})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000016c0)='attr/keycreate\x00')
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r5, 0x0, 0x0)
io_uring_enter(r0, 0x75fa, 0xe475, 0x0, 0x0, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = openat$kvm(0x0, &(0x7f0000000080), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000100)={0x0, 0x0, 0x0, r9})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r10, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r12=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r10, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x30, r11, 0x5, 0x70bd25, 0x25dfdc00, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0xc, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_PLCPFAIL={0x4}, @NL80211_MNTR_FLAG_CONTROL={0x4}]}]]}, 0x30}, 0x1, 0x0, 0x0, 0x40048}, 0x0)
r13 = dup(r0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r13, 0x84, 0x1f, &(0x7f0000000240)={0x0, @in6={{0xa, 0x4e21, 0x401, @loopback, 0x1}}, 0x4bd, 0xba}, 0x90)
r14 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="150000001000000002"], 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000c80)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r14, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000006200000005000000b70000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f0000000180)={0x0, 0x0, 0x8, r9, 0x10})
r15 = fsopen(&(0x7f0000000000)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r15, 0x1, &(0x7f0000000040)='source', &(0x7f0000005fc0)='//\xf2/\x06\b/\xdf/o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
fsconfig$FSCONFIG_SET_STRING(r15, 0x1, &(0x7f0000000080)='source', &(0x7f0000000240)='//\xf2/\x06\b///o\xdc\xea\x95\x9a\x82\x10\x97W\x8f7\x98\x9b\\/\\\xf9\rmD\x94)U\xdb\x15X.I\n}\xf3\x9d\xe4_\x05\x9cqf4I^#b?9\xde\xafu\'\x83L\xe0\x97\xe1n_\xa4%\xb1\x97\x93\xafv\xce/\\\xb4L\xf2_\xa7\xfb\xf4\x84\x1fA\xeas^\xef\xa2\x85\xa3!\xfb\x93\xd7R\xab2\x1eW\xe9h\x9b\xf7ul\xf9D\xd4\x82X5\x13\xaa\x87\xf9\xba\xa9m\x14\x14R_\x9a\\>4\xce\x8e_#\xf8D\xb1\xdep\x01\xcc:\xa6\xc5n\xeb\xab\xf70\x99\xef\x8b<M\n\xc0`[\x82\xf6$\xa4\xbe\x1e\xd3\xe4\xd9L\x14\xed\xcfK\xcc\xeb,\x1a1\xa6\xf3e\xc2F\xc3\x00\xaa\xd5\xfc\x1bR\xa9\x8c\xb4&\x9f\xa2$\x06\x1a\xb0W#\xf4\xde6\x04c\xc0\xeec\xa0l\xd5d\xe5\xcd\xb2\xc10\x97w\x87\xe5\x06\x91W\rr\xf5\x97%\xe8pO\xeb]\xc2\x98C\xffK\xa0\xb3\\\x99{\xcdR\x92\x94\xf7\x1d\x01Q\x1a\xbd\x15b\x15h\xe2!\x00\xb9z)\x19\x00\xee\xd2)[p`\xb3\x03\xa7p\'X\xec\xcdoX\x05\xff\xff/o\xb2\xad\xb8\x89i@\f\xffS&\x8a\xc9\xfez\xc2\x90\xe7F\xa6\xdb\r\x03j,N\xe1lw\n\xad\xe8\xf0\xbd\xa1\x98\xce\xf9\x1eR\x9cc\xc5ke_\xa7\x11\"\x04\xd8.\xa0\x15\x83\xf1\x92\xdby\xe9\xdc@.\xc1g\xc6\fc\xa26\xd8\xdf\xef\xf7\x9c\x1a\xcc\x8am\x8b7\xcf\xc5\xa6\xf4\f\xabj%Y\xa9\xdd\x0e9e\xb5\xec\x99@\xd2\t\n\xb1o', 0x0)
ioctl$AUTOFS_IOC_FAIL(r6, 0x4c80, 0xfffff)
sendmsg$AUDIT_USER_TTY(r13, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000340)={0xa8, 0x464, 0x200, 0x70bd28, 0x25dfdbff, "e1d410dfc8c04bf9093b031d4e5b5d20bdddc132d18df9cf56c3f5ddbb8838d5762ac0748d0fa59045a985979f4a688077ba40f198db34b1f38e706c7f4243c89e8bef6071efd7d67d884c675ad2f18e002b1ece3fc50c24965c7935bc3365a486d38483fbf343ac49019cd187c96b4790cb1eda4a094530bd3498b3dd2e7235ef2008e275b3f7d9efa34cc1de2ed2e41bfaf75428d5f1a3", [""]}, 0xa8}, 0x1, 0x0, 0x0, 0x4008881}, 0x40804)

1.970298237s ago: executing program 3 (id=2034):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYRES32=r2, @ANYBLOB="00000000000b0000240012800b0001006272696467650000140002800800080088a8"], 0x44}}, 0x0) (fail_nth: 7)

1.871717412s ago: executing program 2 (id=2035):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = socket(0x2a, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x8, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000006b019e000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)=@newqdisc={0x24, 0x24, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x6, 0x7}, {0x0, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x20040001}, 0x0) (async)
getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x2, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0xffff, 0xffff}, {0x0, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000540)=@newtfilter={0x84, 0x2c, 0xd27, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0x0, 0xa}, {}, {0x1c, 0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_simple={0x48, 0x1, 0x0, 0x0, {{0xb}, {0x1c, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x1, 0x200, 0x7, 0x3}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10000}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0) (async)
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x400000000000003, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f00000000c0)={0xf0f041}) (async)
ioctl$vim2m_VIDIOC_ENUM_FRAMESIZES(r4, 0xc02c564a, 0x0) (async, rerun: 64)
sendmmsg(r3, &(0x7f00000002c0), 0x40000000000009f, 0x0) (async, rerun: 64)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1803000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000140000e0b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r5}, 0x10) (async)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca) (async)
utimes(&(0x7f0000000280)='./file0\x00', 0x0)

1.534049599s ago: executing program 3 (id=2036):
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2e, &(0x7f0000000380)={0x8, {{0x2, 0x4e23, @broadcast}}, {{0x2, 0x4e21, @empty}}}, 0x108)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_open_dev$cec(&(0x7f00000002c0), 0x0, 0x101)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x497, &(0x7f0000000000)={0x0, 0x7079, 0x400, 0x3, 0x288}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000140)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0xfffffffffffffffc, 0x0, 0x0, 0x4, 0x1})
io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r7, 0x4601, &(0x7f0000000040)={0x190, 0x258, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {0x1, 0x0, 0x1}})
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="1400000010000ec000000000000000000000000a20000000000a03000000000000000004010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000003780000000c0a010200fdffffff000000010000000900020073797a32000000004c000380480000800b000340000000003c000b80200007800e000100636f6e6e6c696d69740000000c00028008000140000000001800018004000200636f6e6e6c696d6974000000040002800900010073797a30"], 0xfc}}, 0x0)
r8 = socket(0x10, 0x3, 0x4)
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000007c0)=@newqdisc={0x68, 0x14, 0xf0b, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, {0x3, 0xc}, {0xffff}}, [@TCA_STAB={0x44, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x1}}, {0x4}}, {{0x1c, 0x1, {0xb, 0x9, 0xc, 0x0, 0x0, 0x0, 0xffff9dce}}, {0x4}}]}]}, 0x68}}, 0x0)
ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000100)=0xdbd)
r9 = syz_usb_connect(0x0, 0x2d, 0x0, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
openat$adsp1(0xffffffffffffff9c, 0x0, 0x42342, 0x0)
syz_usb_control_io$printer(r9, 0x0, &(0x7f00000002c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1.466452891s ago: executing program 2 (id=2037):
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000000000000000008000400", @ANYRES32=r1, @ANYBLOB="06001500070000000c00168008000100", @ANYRES64=r0], 0x38}}, 0x10)

1.387255027s ago: executing program 2 (id=2038):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='freezer.parent_freezing\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f00000007c0)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x8, 0xf, &(0x7f0000000340)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x600, 0x0, 0x0, 0x0, 0x20}, {{}, {}, {}, {}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x20}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000200)='syzkaller\x00', 0x2, 0x100b, &(0x7f0000001e40)=""/4107, 0x41100, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xe000000, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)

1.075320107s ago: executing program 0 (id=2039):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r2 = open_tree(0xffffffffffffff9c, &(0x7f00000002c0)='./file0/../file0\x00', 0x89901)
move_mount(r2, &(0x7f0000000100)='.\x00', r2, &(0x7f0000000080)='./file0\x00', 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r4 = memfd_secret(0x0)
r5 = socket$kcm(0x2, 0x5, 0x84)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'vlan0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=@getchain={0x24, 0x11, 0x43d, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x4}, {}, {0x8}}}, 0x24}}, 0x4008000)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000300)={'ip6_vti0\x00', &(0x7f0000000200)={'ip6gre0\x00', <r8=>0x0, 0x29, 0x2, 0x2, 0x6, 0x1, @dev={0xfe, 0x80, '\x00', 0x27}, @remote, 0x40, 0x8000, 0x613e, 0x7}})
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r1, 0xe0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f0000000340)=[0x0], ""/16, <r9=>0x0, 0x0, 0x0, 0x0, 0x9, 0x5, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x40, &(0x7f0000000440)=[{}, {}], 0x10, 0x10, &(0x7f0000000480), &(0x7f00000004c0), 0x8, 0x4b, 0x8, 0x8, &(0x7f0000000500)}}, 0x10)
ioctl$sock_SIOCGIFVLAN_GET_VLAN_REALDEV_NAME_CMD(r6, 0x8982, &(0x7f0000000c40)={0x8, 'batadv_slave_1\x00', {'batadv_slave_1\x00'}, 0x9})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r1, 0x89f3, &(0x7f0000000740)={'ip6gre0\x00', &(0x7f00000006c0)={'syztnl1\x00', <r10=>0x0, 0x2f, 0x8, 0x4, 0x401, 0x22, @private2, @dev={0xfe, 0x80, '\x00', 0x32}, 0x7800, 0x47, 0x1, 0x8}})
r11 = socket(0x400000000010, 0x3, 0x0)
r12 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r12, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r13=>0x0})
sendmsg$nl_route_sched(r11, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfd, {0x0, 0x0, 0x0, r13, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r11, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000480)=@newtfilter={0x40, 0x2c, 0xd27, 0x70bd28, 0x8000, {0x0, 0x0, 0x0, r13, {0x8, 0x7}, {}, {0xa, 0xfff3}}, [@filter_kind_options=@f_fw={{0x7}, {0x14, 0x2, [@TCA_FW_MASK={0x8, 0x5, 0xe}, @TCA_FW_CLASSID={0xfffffffffffffc40, 0x1, {0x9, 0xfff3}}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x22044028}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r1, 0x89f8, &(0x7f0000000840)={'sit0\x00', &(0x7f0000000780)={'syztnl1\x00', <r14=>0x0, 0x1, 0x10, 0x0, 0x3, {{0x27, 0x4, 0x1, 0x3c, 0x9c, 0x66, 0x0, 0x4, 0x29, 0x0, @dev={0xac, 0x14, 0x14, 0x2a}, @local, {[@timestamp_addr={0x44, 0x1c, 0x6, 0x1, 0x3, [{@initdev={0xac, 0x1e, 0x1, 0x0}, 0x400}, {@remote, 0xfffffffe}, {@rand_addr=0x64010101, 0x6}]}, @ra={0x94, 0x4, 0x1}, @end, @timestamp_prespec={0x44, 0x14, 0xd, 0x3, 0x3, [{@multicast1, 0x200}, {@private=0xa010102, 0x6}]}, @timestamp={0x44, 0x1c, 0xc9, 0x0, 0x8, [0x6, 0x5, 0x1c, 0x12000000, 0x4, 0xffffff80]}, @timestamp_addr={0x44, 0x34, 0x50, 0x1, 0x4, [{@loopback, 0x9}, {@loopback, 0x10001}, {@local, 0x8}, {@broadcast, 0xcdf}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3}, {@rand_addr=0x64010102, 0x6}]}]}}}}})
getsockopt$inet6_mreq(r1, 0x29, 0x14, &(0x7f0000000880)={@loopback, <r15=>0x0}, &(0x7f00000008c0)=0x14)
getsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000900)={@loopback, @rand_addr, <r16=>0x0}, &(0x7f0000000940)=0xc)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f2, &(0x7f0000000a40)={'gre0\x00', &(0x7f0000000980)={'tunl0\x00', <r17=>0x0, 0x80, 0x7, 0x8, 0xbd30, {{0x1f, 0x4, 0x2, 0xa, 0x7c, 0x64, 0x0, 0x80, 0x2f, 0x0, @multicast1, @remote, {[@lsrr={0x83, 0xf, 0xa, [@empty, @loopback, @local]}, @timestamp={0x44, 0x2c, 0xa6, 0x0, 0xa, [0x800, 0x8, 0x80, 0x0, 0x4, 0x2, 0x5, 0x5, 0x3, 0x5]}, @cipso={0x86, 0x2d, 0x2, [{0x5, 0x2}, {0x0, 0x4, "dc0b"}, {0x7, 0x11, "3abfe640730ecafecd38866d2e635a"}, {0x1, 0x10, "8fe0a1173e777f4b4d1a3ab9e560"}]}]}}}}})
sendmsg$nl_route(r4, &(0x7f0000000c00)={&(0x7f00000001c0), 0xc, &(0x7f0000000bc0)={&(0x7f0000000a80)=@RTM_DELMDB={0x118, 0x55, 0x2, 0x70bd2b, 0x25dfdbff, {0x7, r7}, [@MDBA_SET_ENTRY={0x20, 0x1, {r8, 0x1, 0x0, 0x2, {@ip4=@multicast2, 0x800}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r9, 0x0, 0x1, 0x2, {@in6_addr=@mcast2, 0x86dd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r10, 0x0, 0x3, 0x2, {@ip4=@initdev={0xac, 0x1e, 0x0, 0x0}}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r13, 0x1, 0x0, 0x3, {@ip4=@remote, 0x800}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r14, 0x1, 0x0, 0x0, {@ip4=@loopback, 0x8edd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r15, 0x1, 0x2, 0x2, {@ip4=@local, 0x86dd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r16, 0x1, 0x3, 0x2, {@ip4=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x86dd}}}, @MDBA_SET_ENTRY={0x20, 0x1, {r17, 0x1, 0x1, 0x1, {@in6_addr=@remote, 0x82dd}}}]}, 0x118}, 0x1, 0x0, 0x0, 0x4001}, 0x82)

226.609459ms ago: executing program 1 (id=2040):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000f0070000000900010073797a300000000080000000090a010400000000000000120700000008000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d3c00128014000180090001006c617374000000000400028010000180090001006c61737400000000140001800c000100636f756e746572000400028008000340000001"], 0xc8}, 0x1, 0x0, 0x0, 0x40000}, 0x20050800)

106.997053ms ago: executing program 2 (id=2041):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000240)={0x3, &(0x7f0000000400)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x28, 0x0, 0x0, 0xfffff024}, {0x6, 0x0, 0x0, 0x6}]}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[], 0x2c}, 0x1, 0x0, 0x0, 0xc000}, 0xc000)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x400, 0x0)
mknodat$null(r2, &(0x7f0000000140)='./file0\x00', 0x2, 0x103)
ioctl$sock_inet6_tcp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000040))

72.827771ms ago: executing program 1 (id=2042):
munlockall()
fsopen(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000002c0), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aa"], 0x0)
r3 = add_key$user(&(0x7f00000002c0), 0x0, &(0x7f0000000280)="d25a9850", 0x4, 0xfffffffffffffffe)
r4 = add_key$user(&(0x7f00000003c0), 0x0, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r3, r4, r3}, 0x0, 0x0, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000380)={&(0x7f0000000000)=""/59, 0x300000, 0x800, 0x800, 0x1}, 0x1c)
ioctl$UFFDIO_COPY(r2, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x0, &(0x7f0000000100)})
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000d40)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=ANY=[@ANYRES8, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0xb8}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000015"], 0xb8}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r7, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=ANY=[@ANYBLOB="300000003e000100fcff07000400000001000000040000000c00018008001080040008900c0002000000000000000000cd8a59657e5ecc6fa01dc85ffb56e0a2d23358bb9a20d9efe46a7d3ef68c5faf0d15039d5abd257e9e796bbb2dc4d03f"], 0x30}}, 0x4008094)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002})
r8 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000540)='/sys/kernel/debug/binder/state\x00', 0x0, 0x0)
read$FUSE(r8, &(0x7f00000006c0)={0x2020}, 0x2020)

0s ago: executing program 2 (id=2043):
syz_usb_connect(0x0, 0x3b, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ec13b2106d04d308280b0102030109022900010000000009046900000e01000008240501020205050764f7"], 0x0)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x800000000000001, 0x0, 0x2, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, 0x0)
socket$alg(0x26, 0x5, 0x0)
r5 = openat$dsp(0xffffffffffffff9c, 0x0, 0x42, 0x0)
setsockopt$TIPC_SRC_DROPPABLE(r2, 0x10f, 0x80, 0x0, 0x0)
sendmmsg$inet(r2, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
syz_usb_disconnect(0xffffffffffffffff)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x2, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r0, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0xa, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r7, 0x4010ae67, &(0x7f0000000180)={0x0, 0xd000})
ioctl$SNDCTL_DSP_GETISPACE(r5, 0x8010500d, &(0x7f00000000c0))
syz_usb_connect(0x2, 0x9a2, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d0241710d8050a81b892000000010902900902000000000904"], 0x0)
ioctl$I2C_RDWR(0xffffffffffffffff, 0x707, &(0x7f0000002580)={&(0x7f00000002c0)=[{0x50, 0x1801, 0x0, 0x0}, {0x7, 0x4200, 0x0, 0x0}, {0x794, 0xd201, 0x0, 0x0}], 0x3})
syz_emit_ethernet(0x3e, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaa0f7f"], 0x0)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
close_range(r1, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

14108][ T5883] usb 4-1: config 0 has an invalid interface number: 130 but max is 0
[  408.124886][ T5883] usb 4-1: config 0 has no interface number 0
[  408.132805][ T5883] usb 4-1: New USB device found, idVendor=145f, idProduct=013a, bcdDevice= 5.86
[  408.141974][ T5883] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.150168][ T5883] usb 4-1: Product: syz
[  408.152675][ T5882] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  408.155644][ T5883] usb 4-1: Manufacturer: syz
[  408.168744][ T5883] usb 4-1: SerialNumber: syz
[  408.176446][ T5883] usb 4-1: config 0 descriptor??
[  408.185255][ T5883] gspca_main: pac207-2.14.0 probing 145f:013a
[  408.292806][ T5883] gspca_pac207: Failed to read a register (index 0x0000, error -110)
[  408.312689][ T5882] usb 5-1: Using ep0 maxpacket: 16
[  408.319596][ T5882] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  408.329945][ T5882] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA1, changing to 0x81
[  408.342048][ T5882] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  408.353088][ T5882] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  408.367429][ T5882] usb 5-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  408.376539][ T5882] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.389651][ T5882] usb 5-1: Product: syz
[  408.393991][ T5882] usb 5-1: Manufacturer: syz
[  408.398619][ T5882] usb 5-1: SerialNumber: syz
[  408.407709][ T5882] usb 5-1: config 0 descriptor??
[  408.407961][ T5883] usb 4-1: USB disconnect, device number 42
[  408.424266][ T5882] appledisplay 5-1:0.0: Submitting URB failed
[  408.430524][ T5882] appledisplay 5-1:0.0: probe with driver appledisplay failed with error -5
[  408.631154][T10256] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  408.642406][T10256] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  408.674092][ T5882] usb 5-1: USB disconnect, device number 54
[  409.120767][T10272] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1249'.
[  410.135428][ T5886] usb 3-1: USB disconnect, device number 65
[  410.283040][ T5883] usb 2-1: new high-speed USB device number 50 using dummy_hcd
[  410.342560][ T5880] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  410.385849][T10289] vlan2: entered promiscuous mode
[  410.442572][ T5883] usb 2-1: Using ep0 maxpacket: 32
[  410.456489][ T5883] usb 2-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  410.472621][ T5880] usb 5-1: device descriptor read/64, error -71
[  410.479695][ T5883] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  410.488216][ T5883] usb 2-1: Product: syz
[  410.492957][ T5883] usb 2-1: Manufacturer: syz
[  410.497658][ T5883] usb 2-1: SerialNumber: syz
[  410.506741][ T5883] usb 2-1: config 0 descriptor??
[  410.713950][ T5880] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  410.860439][ T5880] usb 5-1: device descriptor read/64, error -71
[  410.968290][T10299] netlink: 'syz.1.1252': attribute type 10 has an invalid length.
[  410.976253][T10299] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1252'.
[  410.993660][ T5880] usb usb5-port1: attempt power cycle
[  411.010031][T10297] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  411.245093][ T5883] RobotFuzz Open Source InterFace, OSIF 2-1:0.0: version d4.15 found at bus 002 address 050
[  411.342846][ T5880] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  411.363338][ T5880] usb 5-1: device descriptor read/8, error -71
[  411.632713][ T5880] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[  411.655095][ T5880] usb 5-1: device descriptor read/8, error -71
[  411.783051][ T5880] usb usb5-port1: unable to enumerate USB device
[  412.002816][ T5883] usb 3-1: new high-speed USB device number 66 using dummy_hcd
[  412.114040][T10309] netlink: 'syz.3.1261': attribute type 8 has an invalid length.
[  412.121879][T10309] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1261'.
[  412.172726][ T5883] usb 3-1: Using ep0 maxpacket: 32
[  412.185777][ T5883] usb 3-1: config 1 has an invalid interface number: 242 but max is 0
[  412.195252][ T5883] usb 3-1: config 1 has no interface number 0
[  412.201469][ T5883] usb 3-1: config 1 interface 242 has no altsetting 0
[  412.210460][ T5883] usb 3-1: New USB device found, idVendor=2eca, idProduct=c101, bcdDevice= 7.df
[  412.219619][ T5883] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  412.227886][ T5883] usb 3-1: Product: syz
[  412.232128][ T5883] usb 3-1: Manufacturer: syz
[  412.238791][ T5883] usb 3-1: SerialNumber: syz
[  412.477331][ T5883] aqc111 3-1:1.242: probe with driver aqc111 failed with error -71
[  412.542151][ T5883] usb 3-1: USB disconnect, device number 66
[  412.978630][ T5833] usb 2-1: USB disconnect, device number 50
[  413.460998][T10325] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  413.772495][ T9981] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[  413.993183][ T9981] usb 2-1: Using ep0 maxpacket: 16
[  414.047657][ T9981] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[  414.092856][ T9981] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  414.104903][ T9981] usb 2-1: config 0 has no interface number 0
[  414.117683][ T9981] usb 2-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  414.147976][ T9981] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  414.157538][ T9981] usb 2-1: Product: syz
[  414.161932][ T9981] usb 2-1: Manufacturer: syz
[  414.183454][ T9981] usb 2-1: SerialNumber: syz
[  414.211879][ T9981] usb 2-1: config 0 descriptor??
[  414.251650][ T9981] usb 2-1: Found UVC 0.00 device syz (046d:08d3)
[  414.273709][T10338] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1270'.
[  414.278978][ T9981] usb 2-1: No valid video chain found.
[  414.469699][T10344] netlink: 'syz.0.1272': attribute type 8 has an invalid length.
[  414.479033][T10344] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1272'.
[  414.595157][T10348] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  414.609563][T10348] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  414.955300][T10350] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  414.969684][T10350] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  415.238784][T10358] FAULT_INJECTION: forcing a failure.
[  415.238784][T10358] name failslab, interval 1, probability 0, space 0, times 0
[  415.261233][T10358] CPU: 1 UID: 0 PID: 10358 Comm: syz.0.1274 Not tainted 6.15.0-rc6-syzkaller #0 PREEMPT(full) 
[  415.261261][T10358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  415.261273][T10358] Call Trace:
[  415.261305][T10358]  <TASK>
[  415.261314][T10358]  dump_stack_lvl+0x189/0x250
[  415.261351][T10358]  ? __pfx_dump_stack_lvl+0x10/0x10
[  415.261380][T10358]  ? __pfx__printk+0x10/0x10
[  415.261403][T10358]  ? __pfx___might_resched+0x10/0x10
[  415.261422][T10358]  ? fs_reclaim_acquire+0x7d/0x100
[  415.261456][T10358]  should_fail_ex+0x414/0x560
[  415.261481][T10358]  should_failslab+0xa8/0x100
[  415.261508][T10358]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  415.261532][T10358]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  415.261553][T10358]  ? __alloc_skb+0x112/0x2d0
[  415.261580][T10358]  __alloc_skb+0x112/0x2d0
[  415.261607][T10358]  alloc_skb_with_frags+0xca/0x890
[  415.261632][T10358]  ? __lock_acquire+0xaac/0xd20
[  415.261665][T10358]  ? __lock_acquire+0xaac/0xd20
[  415.261696][T10358]  sock_alloc_send_pskb+0x857/0x990
[  415.261731][T10358]  ? __lock_acquire+0xaac/0xd20
[  415.261768][T10358]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  415.261802][T10358]  ? is_bpf_text_address+0x26/0x2b0
[  415.261843][T10358]  tun_get_user+0x9c9/0x3c20
[  415.261908][T10358]  ? aa_file_perm+0x11f/0xed0
[  415.261946][T10358]  ? __pfx_tun_get_user+0x10/0x10
[  415.261972][T10358]  ? aa_file_perm+0x11f/0xed0
[  415.261994][T10358]  ? aa_file_perm+0x3e7/0xed0
[  415.262048][T10358]  ? ref_tracker_alloc+0x318/0x460
[  415.262073][T10358]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  415.262101][T10358]  ? tun_get+0x1c/0x2f0
[  415.262152][T10358]  ? tun_get+0x1c/0x2f0
[  415.262178][T10358]  ? tun_get+0x1c/0x2f0
[  415.262210][T10358]  tun_chr_write_iter+0x113/0x200
[  415.262258][T10358]  vfs_write+0x548/0xa90
[  415.262287][T10358]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  415.262316][T10358]  ? __pfx_vfs_write+0x10/0x10
[  415.262348][T10358]  ? __fget_files+0x2a/0x420
[  415.262384][T10358]  ksys_write+0x145/0x250
[  415.262405][T10358]  ? rcu_is_watching+0x15/0xb0
[  415.262436][T10358]  ? __pfx_ksys_write+0x10/0x10
[  415.262462][T10358]  ? do_syscall_64+0xba/0x210
[  415.262491][T10358]  do_syscall_64+0xf6/0x210
[  415.262517][T10358]  ? clear_bhb_loop+0x45/0xa0
[  415.262542][T10358]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  415.262561][T10358] RIP: 0033:0x7fce6d18d41f
[  415.262580][T10358] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  415.262597][T10358] RSP: 002b:00007fce6dfb2000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  415.262619][T10358] RAX: ffffffffffffffda RBX: 00007fce6d3b5fa0 RCX: 00007fce6d18d41f
[  415.262634][T10358] RDX: 0000000000000fc0 RSI: 0000200000007940 RDI: 00000000000000c8
[  415.262647][T10358] RBP: 00007fce6dfb2090 R08: 0000000000000000 R09: 0000000000000000
[  415.262659][T10358] R10: 0000000000000fc0 R11: 0000000000000293 R12: 0000000000000001
[  415.262671][T10358] R13: 0000000000000000 R14: 00007fce6d3b5fa0 R15: 00007fce6d4dfa28
[  415.262714][T10358]  </TASK>
[  416.356811][T10366] netlink: 'syz.2.1277': attribute type 16 has an invalid length.
[  416.364823][T10366] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.1277'.
[  417.198202][ T9981] usb 2-1: USB disconnect, device number 51
[  417.520611][T10385] netlink: 'syz.0.1284': attribute type 8 has an invalid length.
[  417.554912][T10385] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1284'.
[  417.888615][T10391] netlink: 'syz.0.1286': attribute type 1 has an invalid length.
[  418.219885][T10397] 8021q: adding VLAN 0 to HW filter on device bond9
[  418.234219][T10397] bond8: (slave bond9): Enslaving as an active interface with an up link
[  418.468376][   T30] audit: type=1326 audit(1747065786.431:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10410 comm="syz.2.1293" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1e3618e969 code=0x0
[  418.684639][T10421] netlink: 'syz.3.1296': attribute type 8 has an invalid length.
[  418.729040][T10421] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1296'.
[  418.846713][T10423] xt_recent: Unsupported userspace flags (000000de)
[  420.062933][T10452] capability: warning: `syz.0.1303' uses 32-bit capabilities (legacy support in use)
[  420.143557][ T9981] usb 5-1: new high-speed USB device number 59 using dummy_hcd
[  420.358237][ T9981] usb 5-1: Using ep0 maxpacket: 8
[  420.382348][ T9981] usb 5-1: New USB device found, idVendor=16d8, idProduct=7002, bcdDevice=25.49
[  420.475071][ T9981] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.544237][ T9981] usb 5-1: config 0 descriptor??
[  420.562304][ T9981] qmi_wwan 5-1:0.0: probe with driver qmi_wwan failed with error -22
[  420.755260][T10457] FAULT_INJECTION: forcing a failure.
[  420.755260][T10457] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  420.784245][T10449] fuse: Unknown parameter '000000000000000007690x0000000000000005'
[  420.811750][T10459] vlan3: entered promiscuous mode
[  420.833017][T10457] CPU: 1 UID: 0 PID: 10457 Comm: syz.0.1307 Not tainted 6.15.0-rc6-syzkaller #0 PREEMPT(full) 
[  420.833042][T10457] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  420.833053][T10457] Call Trace:
[  420.833060][T10457]  <TASK>
[  420.833068][T10457]  dump_stack_lvl+0x189/0x250
[  420.833101][T10457]  ? __pfx_dump_stack_lvl+0x10/0x10
[  420.833124][T10457]  ? __pfx__printk+0x10/0x10
[  420.833143][T10457]  ? fs_reclaim_acquire+0x7d/0x100
[  420.833175][T10457]  should_fail_ex+0x414/0x560
[  420.833196][T10457]  prepare_alloc_pages+0x213/0x610
[  420.833228][T10457]  __alloc_frozen_pages_noprof+0x123/0x370
[  420.833258][T10457]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  420.833288][T10457]  ? rcu_is_watching+0x15/0xb0
[  420.833315][T10457]  ? policy_nodemask+0x27c/0x720
[  420.833342][T10457]  alloc_pages_mpol+0x232/0x4a0
[  420.833368][T10457]  alloc_pages_noprof+0xa9/0x190
[  420.833391][T10457]  alloc_skb_with_frags+0x233/0x890
[  420.833428][T10457]  sock_alloc_send_pskb+0x857/0x990
[  420.833472][T10457]  ? __lock_acquire+0xaac/0xd20
[  420.833503][T10457]  ? __pfx_sock_alloc_send_pskb+0x10/0x10
[  420.833529][T10457]  ? is_bpf_text_address+0x26/0x2b0
[  420.833559][T10457]  tun_get_user+0x9c9/0x3c20
[  420.833597][T10457]  ? aa_file_perm+0x11f/0xed0
[  420.833616][T10457]  ? __pfx_tun_get_user+0x10/0x10
[  420.833636][T10457]  ? aa_file_perm+0x11f/0xed0
[  420.833652][T10457]  ? aa_file_perm+0x3e7/0xed0
[  420.833691][T10457]  ? ref_tracker_alloc+0x318/0x460
[  420.833710][T10457]  ? __pfx_ref_tracker_alloc+0x10/0x10
[  420.833731][T10457]  ? tun_get+0x1c/0x2f0
[  420.833757][T10457]  ? tun_get+0x1c/0x2f0
[  420.833777][T10457]  ? tun_get+0x1c/0x2f0
[  420.833802][T10457]  tun_chr_write_iter+0x113/0x200
[  420.833844][T10457]  vfs_write+0x548/0xa90
[  420.833868][T10457]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  420.833892][T10457]  ? __pfx_vfs_write+0x10/0x10
[  420.833919][T10457]  ? __fget_files+0x2a/0x420
[  420.833949][T10457]  ksys_write+0x145/0x250
[  420.833966][T10457]  ? rcu_is_watching+0x15/0xb0
[  420.833992][T10457]  ? __pfx_ksys_write+0x10/0x10
[  420.834014][T10457]  ? do_syscall_64+0xba/0x210
[  420.834039][T10457]  do_syscall_64+0xf6/0x210
[  420.834061][T10457]  ? clear_bhb_loop+0x45/0xa0
[  420.834081][T10457]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  420.834097][T10457] RIP: 0033:0x7fce6d18d41f
[  420.834114][T10457] Code: 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 f9 92 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 31 44 89 c7 48 89 44 24 08 e8 4c 93 02 00 48
[  420.834128][T10457] RSP: 002b:00007fce6dfb2000 EFLAGS: 00000293 ORIG_RAX: 0000000000000001
[  420.834147][T10457] RAX: ffffffffffffffda RBX: 00007fce6d3b5fa0 RCX: 00007fce6d18d41f
[  420.834159][T10457] RDX: 0000000000000fc0 RSI: 0000200000007940 RDI: 00000000000000c8
[  420.834169][T10457] RBP: 00007fce6dfb2090 R08: 0000000000000000 R09: 0000000000000000
[  420.834180][T10457] R10: 0000000000000fc0 R11: 0000000000000293 R12: 0000000000000001
[  420.834189][T10457] R13: 0000000000000000 R14: 00007fce6d3b5fa0 R15: 00007fce6d4dfa28
[  420.834214][T10457]  </TASK>
[  421.543601][T10475] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1313'.
[  421.591581][T10475] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1313'.
[  421.662735][ T5921] usb 4-1: new full-speed USB device number 43 using dummy_hcd
[  421.802497][ T5921] usb 4-1: device descriptor read/64, error -71
[  422.072653][ T5921] usb 4-1: new full-speed USB device number 44 using dummy_hcd
[  422.212519][ T5921] usb 4-1: device descriptor read/64, error -71
[  422.306002][T10483] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1318'.
[  422.323080][ T5921] usb usb4-port1: attempt power cycle
[  422.682682][ T5921] usb 4-1: new full-speed USB device number 45 using dummy_hcd
[  422.717071][ T5921] usb 4-1: device descriptor read/8, error -71
[  422.765780][ T5880] usb 5-1: USB disconnect, device number 59
[  423.019302][ T5921] usb 4-1: new full-speed USB device number 46 using dummy_hcd
[  423.233762][ T5921] usb 4-1: device descriptor read/8, error -71
[  423.352717][ T5921] usb usb4-port1: unable to enumerate USB device
[  423.852610][ T5921] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[  424.022511][ T5921] usb 2-1: Using ep0 maxpacket: 16
[  424.041498][ T5921] usb 2-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  424.058297][ T5921] usb 2-1: config 0 interface 0 has no altsetting 0
[  424.070609][ T5921] usb 2-1: New USB device found, idVendor=05a4, idProduct=8003, bcdDevice= 0.00
[  424.101047][ T5921] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.151528][ T5921] usb 2-1: config 0 descriptor??
[  424.263858][T10502] IPVS: set_ctl: invalid protocol: 19 224.0.0.2:20001
[  424.388209][T10500] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  424.410759][T10500] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  424.444582][T10500] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  424.464417][T10500] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  424.672588][ T5886] usb 5-1: new high-speed USB device number 60 using dummy_hcd
[  424.759563][T10516] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  425.142653][ T5886] usb 5-1: Using ep0 maxpacket: 8
[  425.232809][ T5886] usb 5-1: config 0 has an invalid interface number: 55 but max is 0
[  425.276654][ T5886] usb 5-1: config 0 has no interface number 0
[  425.293207][ T5886] usb 5-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  425.304654][ T5886] usb 5-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  425.324946][ T5886] usb 5-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  425.383720][ T5886] usb 5-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  425.412557][ T5886] usb 5-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  425.428872][ T5886] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.468909][ T5886] usb 5-1: config 0 descriptor??
[  425.492553][ T5886] ldusb 5-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  425.680051][ T5886] usb 5-1: USB disconnect, device number 60
[  425.700313][ T5886] ldusb 5-1:0.55: LD USB Device #0 now disconnected
[  426.101665][T10529] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  427.032076][ T5921] usbhid 2-1:0.0: can't add hid device: -71
[  427.046656][ T5921] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  427.080673][ T5921] usb 2-1: USB disconnect, device number 52
[  427.504128][T10548] netlink: 'syz.3.1336': attribute type 10 has an invalid length.
[  427.599271][T10548] 8021q: adding VLAN 0 to HW filter on device team0
[  427.624895][T10548] bond0: (slave team0): Enslaving as an active interface with an up link
[  428.216683][T10548] syz.3.1336 (10548) used greatest stack depth: 20248 bytes left
[  428.434808][   T30] audit: type=1326 audit(1747065796.361:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10555 comm="syz.2.1341" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1e3618e969 code=0x0
[  429.551982][T10579] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  429.685136][T10586] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1349'.
[  429.842572][ T5883] usb 5-1: new high-speed USB device number 61 using dummy_hcd
[  430.062524][ T5883] usb 5-1: Using ep0 maxpacket: 32
[  430.083352][ T5883] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  430.107870][ T5883] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  430.131953][ T5883] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  430.142526][ T5886] usb 2-1: new low-speed USB device number 53 using dummy_hcd
[  430.167347][ T5883] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.210876][ T5883] usb 5-1: config 0 descriptor??
[  430.303476][ T5886] usb 2-1: Invalid ep0 maxpacket: 64
[  430.433094][ T5886] usb 2-1: new low-speed USB device number 54 using dummy_hcd
[  430.593864][ T5886] usb 2-1: Invalid ep0 maxpacket: 64
[  430.612583][ T5886] usb usb2-port1: attempt power cycle
[  430.795407][ T5883] savu 0003:1E7D:2D5A.0007: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[  431.282756][ T5886] usb 2-1: new low-speed USB device number 55 using dummy_hcd
[  431.318237][ T5880] usb 5-1: USB disconnect, device number 61
[  431.362782][ T5886] usb 2-1: Invalid ep0 maxpacket: 64
[  431.430274][T10610] fido_id[10610]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory
[  431.503432][ T5886] usb 2-1: new low-speed USB device number 56 using dummy_hcd
[  431.566103][ T5886] usb 2-1: Invalid ep0 maxpacket: 64
[  431.571814][ T5886] usb usb2-port1: unable to enumerate USB device
[  431.613050][T10614] xt_recent: Unsupported userspace flags (000000de)
[  431.792665][T10617] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1359'.
[  431.958298][T10617] veth9: entered promiscuous mode
[  431.978524][T10617] bridge1: port 1(veth9) entered blocking state
[  432.046819][T10617] bridge1: port 1(veth9) entered disabled state
[  432.077002][T10617] veth9: entered allmulticast mode
[  432.522666][   T30] audit: type=1326 audit(1747065800.461:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10625 comm="syz.4.1363" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa468d8e969 code=0x0
[  432.802868][T10630] vlan2: entered promiscuous mode
[  433.256453][T10634] 8021q: adding VLAN 0 to HW filter on device bond5
[  434.187366][T10666] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1374'.
[  434.202685][ T5880] usb 3-1: new high-speed USB device number 67 using dummy_hcd
[  434.284492][T10666] bridge_slave_0: left allmulticast mode
[  434.293402][T10666] bridge_slave_0: left promiscuous mode
[  434.424375][ T5880] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  434.434476][ T5880] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  434.448107][ T5880] usb 3-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  434.457613][ T5880] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  434.513882][T10666] bridge0: port 1(bridge_slave_0) entered disabled state
[  434.923372][ T5880] usb 3-1: Product: syz
[  434.931219][ T5880] usb 3-1: Manufacturer: syz
[  434.946504][ T5880] usb 3-1: SerialNumber: syz
[  434.993190][T10666] bridge_slave_1: left allmulticast mode
[  434.999041][T10666] bridge_slave_1: left promiscuous mode
[  435.022208][ T5880] usb 3-1: config 0 descriptor??
[  435.039572][T10660] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  435.047686][T10666] bridge0: port 2(bridge_slave_1) entered disabled state
[  435.056855][T10660] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  435.276373][T10660] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  435.292027][T10660] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  435.313087][T10666] bond0: (slave bond_slave_0): Releasing backup interface
[  435.446229][T10666] bond0: (slave bond_slave_1): Releasing backup interface
[  435.570731][T10666] team0: Port device team_slave_0 removed
[  435.625283][T10666] team0: Port device team_slave_1 removed
[  435.644215][T10666] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  435.658469][T10666] batman_adv: batadv0: Removing interface: batadv_slave_0
[  435.706553][T10666] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  435.758887][ T5880] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00
[  435.780143][T10666] batman_adv: batadv0: Removing interface: batadv_slave_1
[  435.828929][T10676] xt_recent: Unsupported userspace flags (000000de)
[  435.864428][T10666] bond1: (slave bond2): Releasing backup interface
[  435.895258][T10666] veth9: left allmulticast mode
[  435.918734][T10666] bridge1: port 1(veth9) entered disabled state
[  436.365759][ T5880] dm9601 3-1:0.0 (unnamed net_device) (uninitialized): Error reading MODE_CTRL
[  436.441322][ T5880] usb 3-1: USB disconnect, device number 67
[  437.238057][T10694] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  437.284017][T10696] xt_TCPMSS: Only works on TCP SYN packets
[  437.434492][ T5882] usb 3-1: new high-speed USB device number 68 using dummy_hcd
[  437.493702][ T5880] usb 5-1: new high-speed USB device number 62 using dummy_hcd
[  437.642542][ T5882] usb 3-1: Using ep0 maxpacket: 32
[  437.652849][ T5880] usb 5-1: Using ep0 maxpacket: 8
[  437.656171][ T5882] usb 3-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  437.672572][ T5880] usb 5-1: config 1 has an invalid descriptor of length 255, skipping remainder of the config
[  437.678662][ T5882] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.691124][ T5882] usb 3-1: Product: syz
[  437.691496][ T5880] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  437.698918][ T5882] usb 3-1: Manufacturer: syz
[  437.704972][ T5880] usb 5-1: config 1 has no interface number 1
[  437.709302][ T5882] usb 3-1: SerialNumber: syz
[  437.715925][ T5880] usb 5-1: Duplicate descriptor for config 1 interface 0 altsetting 0, skipping
[  437.730117][ T5880] usb 5-1: too many endpoints for config 1 interface 2 altsetting 255: 255, using maximum allowed: 30
[  437.741774][ T5880] usb 5-1: config 1 interface 2 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  437.758733][ T5880] usb 5-1: config 1 interface 2 has no altsetting 0
[  437.759538][ T5882] usb 3-1: config 0 descriptor??
[  437.777036][ T5880] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  437.788004][ T5880] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.797738][ T5880] usb 5-1: Product: syz
[  437.802158][ T5880] usb 5-1: Manufacturer: syz
[  437.808799][ T5880] usb 5-1: SerialNumber: syz
[  438.036742][ T5880] usb 5-1: 0:8 : does not exist
[  438.213801][ T5880] usb 5-1: USB disconnect, device number 62
[  438.309622][T10709] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1387'.
[  438.334016][ T7707] udevd[7707]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  438.367984][T10710] netlink: 'syz.2.1381': attribute type 10 has an invalid length.
[  438.375975][T10710] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1381'.
[  438.519656][ T5882] RobotFuzz Open Source InterFace, OSIF 3-1:0.0: version d4.15 found at bus 003 address 068
[  438.524453][T10709] bond10 (unregistering): Released all slaves
[  438.899862][ T5880] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  439.034339][ T5882] usb 5-1: new high-speed USB device number 63 using dummy_hcd
[  439.062654][ T5880] usb 4-1: device descriptor read/64, error -71
[  439.192546][ T5882] usb 5-1: Using ep0 maxpacket: 16
[  439.203455][ T5882] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[  439.226471][ T5882] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  439.282091][ T5882] usb 5-1: config 0 has no interface number 0
[  439.307539][ T5882] usb 5-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  439.312747][ T5880] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  439.322485][ T5882] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.341626][ T5882] usb 5-1: Product: syz
[  439.362839][ T5882] usb 5-1: Manufacturer: syz
[  439.367511][ T5882] usb 5-1: SerialNumber: syz
[  439.412082][ T5882] usb 5-1: config 0 descriptor??
[  439.452944][ T5880] usb 4-1: device descriptor read/64, error -71
[  439.563699][ T5880] usb usb4-port1: attempt power cycle
[  439.769746][T10737] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  439.779133][T10737] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  439.844385][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  439.850709][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  439.865615][T10735] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  439.902569][ T5880] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  439.930748][ T5880] usb 4-1: device descriptor read/8, error -71
[  440.179828][T10738] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  440.188310][ T5880] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  440.221007][ T5886] usb 3-1: USB disconnect, device number 68
[  440.240165][ T5880] usb 4-1: device descriptor read/8, error -71
[  440.305446][T10738] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  440.358887][ T5880] usb usb4-port1: unable to enumerate USB device
[  441.213495][T10751] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  441.252595][ T5882] usb 3-1: new full-speed USB device number 69 using dummy_hcd
[  441.494442][ T5882] usb 3-1: config 0 has an invalid interface number: 130 but max is 0
[  441.535989][ T5882] usb 3-1: config 0 has no interface number 0
[  441.549402][ T5882] usb 3-1: New USB device found, idVendor=145f, idProduct=013a, bcdDevice= 5.86
[  441.558827][ T5882] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  441.567506][ T5882] usb 3-1: Product: syz
[  441.574645][ T5882] usb 3-1: Manufacturer: syz
[  441.581083][ T5882] usb 3-1: SerialNumber: syz
[  441.723990][ T5882] usb 3-1: config 0 descriptor??
[  441.809713][ T5882] gspca_main: pac207-2.14.0 probing 145f:013a
[  441.954506][ T5882] gspca_pac207: Failed to read a register (index 0x0000, error -110)
[  442.021186][ T5880] usb 3-1: USB disconnect, device number 69
[  442.291815][ T5833] usb 5-1: USB disconnect, device number 63
[  442.413482][T10763] vlan2: entered promiscuous mode
[  442.548064][T10772] kAFS: unable to lookup cell ''
[  442.872872][ T5833] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  443.022651][ T5833] usb 4-1: device descriptor read/64, error -71
[  443.062559][ T5882] usb 2-1: new full-speed USB device number 57 using dummy_hcd
[  443.245451][ T5882] usb 2-1: config index 0 descriptor too short (expected 539, got 27)
[  443.260150][ T5882] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[  443.273109][ T5882] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  443.284308][ T5833] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  443.289577][ T5882] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  443.300127][ T5882] usb 2-1: Product: syz
[  443.305338][ T5882] usb 2-1: Manufacturer: syz
[  443.310226][ T5882] usb 2-1: SerialNumber: syz
[  443.330128][ T5882] usb 2-1: config 0 descriptor??
[  443.916363][ T5833] usb 4-1: device descriptor read/64, error -71
[  443.919950][ T5882] hub 2-1:0.0: bad descriptor, ignoring hub
[  443.938598][ T5882] hub 2-1:0.0: probe with driver hub failed with error -5
[  443.977138][ T5882] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input41
[  444.032859][ T5833] usb usb4-port1: attempt power cycle
[  444.053153][ T5882] usbtouchscreen 2-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -8
[  444.123353][ T5882] usbtouchscreen 2-1:0.0: probe with driver usbtouchscreen failed with error -8
[  444.367667][T10818] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1421'.
[  444.387345][T10818] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1421'.
[  444.412570][ T5833] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  444.443822][ T5833] usb 4-1: device descriptor read/8, error -71
[  444.447271][T10820] vlan2: entered promiscuous mode
[  444.682574][ T5833] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  444.703341][ T5833] usb 4-1: device descriptor read/8, error -71
[  444.783080][ T5882] usb 2-1: USB disconnect, device number 57
[  444.813062][ T5833] usb usb4-port1: unable to enumerate USB device
[  445.032163][T10829] FAULT_INJECTION: forcing a failure.
[  445.032163][T10829] name failslab, interval 1, probability 0, space 0, times 0
[  445.068030][T10829] CPU: 1 UID: 0 PID: 10829 Comm: syz.0.1427 Not tainted 6.15.0-rc6-syzkaller #0 PREEMPT(full) 
[  445.068057][T10829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  445.068067][T10829] Call Trace:
[  445.068075][T10829]  <TASK>
[  445.068083][T10829]  dump_stack_lvl+0x189/0x250
[  445.068117][T10829]  ? __pfx_dump_stack_lvl+0x10/0x10
[  445.068135][T10829]  ? __pfx__printk+0x10/0x10
[  445.068152][T10829]  ? __pfx___might_resched+0x10/0x10
[  445.068168][T10829]  should_fail_ex+0x414/0x560
[  445.068184][T10829]  should_failslab+0xa8/0x100
[  445.068202][T10829]  __kmalloc_cache_noprof+0x70/0x3d0
[  445.068218][T10829]  ? show_partition_start+0x71/0x1a0
[  445.068239][T10829]  show_partition_start+0x71/0x1a0
[  445.068259][T10829]  seq_read_iter+0x3ef/0xe10
[  445.068284][T10829]  proc_reg_read_iter+0x1b4/0x280
[  445.068305][T10829]  vfs_read+0x4cd/0x980
[  445.068330][T10829]  ? __pfx_vfs_read+0x10/0x10
[  445.068350][T10829]  ? __fget_files+0x2a/0x420
[  445.068371][T10829]  ksys_read+0x145/0x250
[  445.068383][T10829]  ? rcu_is_watching+0x15/0xb0
[  445.068403][T10829]  ? __pfx_ksys_read+0x10/0x10
[  445.068418][T10829]  ? do_syscall_64+0xba/0x210
[  445.068437][T10829]  do_syscall_64+0xf6/0x210
[  445.068453][T10829]  ? clear_bhb_loop+0x45/0xa0
[  445.068467][T10829]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  445.068479][T10829] RIP: 0033:0x7fce6d18e969
[  445.068491][T10829] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  445.068501][T10829] RSP: 002b:00007fce6dfb2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  445.068514][T10829] RAX: ffffffffffffffda RBX: 00007fce6d3b5fa0 RCX: 00007fce6d18e969
[  445.068523][T10829] RDX: 0000000000002020 RSI: 00002000000014c0 RDI: 0000000000000003
[  445.068531][T10829] RBP: 00007fce6dfb2090 R08: 0000000000000000 R09: 0000000000000000
[  445.068538][T10829] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  445.068546][T10829] R13: 0000000000000000 R14: 00007fce6d3b5fa0 R15: 00007fce6d4dfa28
[  445.068564][T10829]  </TASK>
[  445.988306][ T5880] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[  446.007711][T10853] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1433'.
[  446.022374][ T5833] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[  446.194500][ T5880] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  446.206003][ T5880] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  446.257119][ T5833] usb 3-1: config 0 has no interfaces?
[  446.269665][ T5880] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  446.280664][ T5880] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  446.290790][ T5833] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  446.347702][ T5833] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  446.357315][ T5880] usb 5-1: SerialNumber: syz
[  446.401487][ T5833] usb 3-1: Product: syz
[  446.411685][ T5833] usb 3-1: Manufacturer: syz
[  446.420918][T10863] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1438'.
[  446.491873][ T5833] usb 3-1: SerialNumber: syz
[  446.524786][ T5833] usb 3-1: config 0 descriptor??
[  446.590878][T10822] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  446.611727][T10863] bond10 (unregistering): Released all slaves
[  446.637618][T10822] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  446.723675][T10822] autofs4:pid:10822:check_dev_ioctl_version: ioctl control interface version mismatch: kernel(1.1), user(4294967071.1), cmd(0xc018937e)
[  446.752339][T10822] autofs4:pid:10822:validate_dev_ioctl: invalid device control module version supplied for cmd(0xc018937e)
[  446.959932][T10842] Invalid logical block size (-1)
[  447.178370][T10870] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1439'.
[  447.189820][T10870] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1439'.
[  448.131529][T10874] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1441'.
[  448.221986][ T5880] usb 5-1: 0:2 : does not exist
[  448.379855][ T5880] usb 5-1: USB disconnect, device number 64
[  448.595108][ T7706] udevd[7706]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  448.799092][T10881] xt_recent: Unsupported userspace flags (000000de)
[  448.944573][T10882] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  448.968567][ T9981] usb 3-1: USB disconnect, device number 70
[  449.175611][T10895] SET target dimension over the limit!
[  449.247383][T10899] pim6reg: entered allmulticast mode
[  449.366312][T10899] pim6reg: left allmulticast mode
[  449.405504][T10909] [U] 
[  449.912502][ T9981] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[  450.139763][ T9981] usb 3-1: config 0 has no interfaces?
[  450.157994][ T9981] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  450.167434][ T9981] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.177521][ T9981] usb 3-1: Product: syz
[  450.181692][ T9981] usb 3-1: Manufacturer: syz
[  450.229485][ T9981] usb 3-1: SerialNumber: syz
[  450.566996][T10934] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1459'.
[  450.721740][T10934] 8021q: adding VLAN 0 to HW filter on device bond3
[  450.801777][ T9981] usb 3-1: config 0 descriptor??
[  451.299066][T10942] vlan0: entered promiscuous mode
[  452.180720][T10956] input: syz0 as /devices/virtual/input/input42
[  452.959891][T10964] bond3 (unregistering): Released all slaves
[  453.198174][T10968] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1472'.
[  453.634676][ T5880] usb 3-1: USB disconnect, device number 71
[  453.702571][ T5901] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[  453.808920][T10980] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  453.943619][ T5901] usb 5-1: Using ep0 maxpacket: 32
[  453.973652][ T5901] usb 5-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  454.050355][ T5901] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.088510][ T5901] usb 5-1: Product: syz
[  454.093410][ T5901] usb 5-1: Manufacturer: syz
[  454.098320][ T5901] usb 5-1: SerialNumber: syz
[  454.113931][ T5901] usb 5-1: config 0 descriptor??
[  454.146551][T10984] xt_recent: Unsupported userspace flags (000000de)
[  454.202629][ T5880] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[  454.407758][ T5880] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  454.455791][ T5880] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  454.641261][T10991] netlink: 'syz.4.1474': attribute type 10 has an invalid length.
[  454.650692][ T5880] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  454.651245][T10991] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1474'.
[  454.662088][ T5880] usb 3-1: New USB device found, idVendor=2040, idProduct=2000, bcdDevice=65.72
[  454.679684][ T5880] usb 3-1: New USB device strings: Mfr=151, Product=0, SerialNumber=0
[  454.689916][ T5880] usb 3-1: Manufacturer: syz
[  454.713436][ T5880] usb 3-1: config 0 descriptor??
[  454.727043][ T5880] smsusb:smsusb_probe: board id=9, interface number 0
[  454.735144][ T5880] smsusb:smsusb_probe: Device initialized with return code -19
[  454.820712][T10991] batman_adv: batadv0: Adding interface: virt_wifi0
[  454.829099][T10991] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  455.046629][T10991] batman_adv: batadv0: Interface activated: virt_wifi0
[  455.062788][ T9981] usb 2-1: new full-speed USB device number 58 using dummy_hcd
[  455.316079][ T9981] usb 2-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  455.352581][ T9981] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  455.387602][ T5901] RobotFuzz Open Source InterFace, OSIF 5-1:0.0: version d4.15 found at bus 005 address 065
[  455.423742][ T9981] usb 2-1: config 0 descriptor??
[  455.479039][ T5901] usb 3-1: USB disconnect, device number 72
[  455.842868][T10999] vlan2: entered promiscuous mode
[  456.535817][ T5901] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  456.567759][T10987] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1478'.
[  456.753592][ T5886] usb 5-1: USB disconnect, device number 65
[  456.843745][T11022] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1487'.
[  457.323317][ T5901] usb 4-1: config 0 has no interfaces?
[  457.355810][ T5901] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  457.410983][ T9981] pegasus 2-1:0.0: probe with driver pegasus failed with error -71
[  457.424064][ T9981] usb 2-1: USB disconnect, device number 58
[  457.434466][ T5901] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  457.483594][ T5901] usb 4-1: Product: syz
[  457.487844][ T5901] usb 4-1: Manufacturer: syz
[  457.544683][ T5901] usb 4-1: SerialNumber: syz
[  457.568589][T11029] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1489'.
[  457.584209][ T5901] usb 4-1: config 0 descriptor??
[  457.752687][ T5886] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[  457.821874][T11012] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1483'.
[  457.904719][ T5886] usb 5-1: Using ep0 maxpacket: 16
[  457.912281][ T5886] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  457.925096][ T9981] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  457.936846][ T5886] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  457.947614][ T5886] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  457.964449][ T5886] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  457.976474][ T5886] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  458.017670][ T5886] usb 5-1: config 0 descriptor??
[  458.082541][ T9981] usb 2-1: Using ep0 maxpacket: 32
[  458.089969][ T9981] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[  458.098591][ T9981] usb 2-1: config 0 has no interface number 0
[  458.105065][ T9981] usb 2-1: too many endpoints for config 0 interface 12 altsetting 2: 235, using maximum allowed: 30
[  458.121282][ T9981] usb 2-1: config 0 interface 12 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  458.243584][ T9981] usb 2-1: config 0 interface 12 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[  458.267450][ T9981] usb 2-1: config 0 interface 12 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 235
[  458.285637][ T9981] usb 2-1: config 0 interface 12 has no altsetting 0
[  458.363746][ T9981] usb 2-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  458.373948][ T9981] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  458.382294][ T9981] usb 2-1: Product: syz
[  458.387439][ T9981] usb 2-1: Manufacturer: syz
[  458.397523][ T9981] usb 2-1: SerialNumber: syz
[  458.431801][ T9981] usb 2-1: config 0 descriptor??
[  458.464247][ T9981] f81534 2-1:0.12: unsupported endpoint max packet size
[  458.476558][ T5886] shield 0003:0955:7214.0008: unknown main item tag 0x0
[  458.486057][ T5886] shield 0003:0955:7214.0008: unknown main item tag 0x0
[  458.516511][ T5886] shield 0003:0955:7214.0008: item fetching failed at offset 2/5
[  458.530238][ T5886] shield 0003:0955:7214.0008: Parse failed
[  458.541431][ T5886] shield 0003:0955:7214.0008: probe with driver shield failed with error -22
[  458.680263][ T5886] usb 2-1: USB disconnect, device number 59
[  458.698333][T11027] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  458.708877][T11027] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  458.754825][ T9981] usb 5-1: USB disconnect, device number 66
[  458.852595][ T5883] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[  459.008867][ T5883] usb 3-1: config 0 has no interfaces?
[  459.017543][ T5883] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  459.027146][ T5883] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  459.075828][ T5883] usb 3-1: Product: syz
[  459.080806][ T5883] usb 3-1: Manufacturer: syz
[  459.085808][ T5883] usb 3-1: SerialNumber: syz
[  459.103559][ T5883] usb 3-1: config 0 descriptor??
[  459.383339][T11032] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  459.398890][T11032] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  459.449225][ T9981] usb 4-1: USB disconnect, device number 55
[  459.723414][ T5886] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  459.894748][ T5886] usb 2-1: Using ep0 maxpacket: 32
[  459.902690][ T5886] usb 2-1: unable to get BOS descriptor or descriptor too short
[  459.911986][ T5886] usb 2-1: config 8 has an invalid interface number: 143 but max is 3
[  459.930112][ T5886] usb 2-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  459.959933][ T5886] usb 2-1: config 8 has 1 interface, different from the descriptor's value: 4
[  459.989391][ T5886] usb 2-1: config 8 has no interface number 0
[  460.037846][ T5886] usb 2-1: config 8 interface 143 altsetting 193 endpoint 0x4 has invalid maxpacket 1023, setting to 64
[  460.093235][ T5886] usb 2-1: config 8 interface 143 altsetting 193 endpoint 0x9 has invalid wMaxPacketSize 0
[  460.120338][T11048] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1495'.
[  460.137667][ T5921] usb 3-1: USB disconnect, device number 73
[  460.155824][ T5886] usb 2-1: config 8 interface 143 altsetting 193 bulk endpoint 0x9 has invalid maxpacket 0
[  460.218576][ T5886] usb 2-1: config 8 interface 143 altsetting 193 has 2 endpoint descriptors, different from the interface descriptor's value: 4
[  460.240360][T11048] bond10 (unregistering): Released all slaves
[  460.269389][ T5886] usb 2-1: config 8 interface 143 has no altsetting 0
[  460.310245][ T5886] usb 2-1: New USB device found, idVendor=1608, idProduct=021d, bcdDevice= 8.a4
[  460.320037][ T5886] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  460.328365][ T5886] usb 2-1: Product: syz
[  460.333106][ T5886] usb 2-1: Manufacturer: ј
[  460.337681][ T5886] usb 2-1: SerialNumber: syz
[  460.561355][ T5886] io_ti 2-1:8.143: required endpoints missing
[  461.326776][ T5880] usb 2-1: USB disconnect, device number 60
[  461.415843][T11076] nft_compat: unsupported protocol 1
[  461.533025][T11083] dvmrp5: entered allmulticast mode
[  462.412621][ T5880] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[  462.524326][ T5886] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  462.542652][ T5880] usb 3-1: device descriptor read/64, error -71
[  462.692940][ T5886] usb 4-1: Using ep0 maxpacket: 16
[  462.711956][ T5886] usb 4-1: config 0 has an invalid interface number: 105 but max is 0
[  462.722246][ T5886] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  462.739279][ T5886] usb 4-1: config 0 has no interface number 0
[  462.749579][ T5886] usb 4-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  462.761855][ T5886] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  462.792656][ T5880] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[  462.808105][ T5886] usb 4-1: Product: syz
[  462.817045][ T5886] usb 4-1: Manufacturer: syz
[  462.832500][ T5886] usb 4-1: SerialNumber: syz
[  462.845281][ T5886] usb 4-1: config 0 descriptor??
[  462.870155][ T5886] usb 4-1: Found UVC 0.00 device syz (046d:08d3)
[  462.892564][ T5886] usb 4-1: No valid video chain found.
[  462.932499][ T5880] usb 3-1: device descriptor read/64, error -71
[  463.054065][ T5880] usb usb3-port1: attempt power cycle
[  463.214173][T11112] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  463.227058][T11112] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  463.392680][ T5880] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[  463.423949][ T5880] usb 3-1: device descriptor read/8, error -71
[  463.695638][T11115] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  463.721166][ T5880] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[  463.733670][T11115] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  463.822954][ T5880] usb 3-1: device descriptor read/8, error -71
[  463.942842][ T5880] usb usb3-port1: unable to enumerate USB device
[  464.582780][ T5880] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[  464.702096][T11125] netlink: 'syz.1.1520': attribute type 4 has an invalid length.
[  464.712641][T11125] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  464.719909][T11125] IPv6: NLM_F_CREATE should be set when creating new route
[  464.742503][ T5880] usb 5-1: Using ep0 maxpacket: 32
[  464.753329][ T5880] usb 5-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  464.771488][ T5880] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  464.803503][ T5880] usb 5-1: Product: syz
[  464.814307][ T5880] usb 5-1: Manufacturer: syz
[  464.830709][ T5880] usb 5-1: SerialNumber: syz
[  464.848563][ T5880] usb 5-1: config 0 descriptor??
[  465.652391][ T5921] usb 4-1: USB disconnect, device number 56
[  465.698370][ T5880] RobotFuzz Open Source InterFace, OSIF 5-1:0.0: version d4.15 found at bus 005 address 067
[  466.226394][ T5880] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[  466.430275][T11156] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  466.478925][T11158] Cannot find del_set index 2 as target
[  467.388164][ T5901] usb 5-1: USB disconnect, device number 67
[  468.074803][T11185] openvswitch: netlink: VXLAN extension 149 out of range max 1
[  468.627578][T11191] netlink: 44 bytes leftover after parsing attributes in process `syz.0.1536'.
[  468.959713][T11197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1538'.
[  469.046110][T11197] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1538'.
[  469.742544][ T5886] usb 4-1: new full-speed USB device number 57 using dummy_hcd
[  469.917080][T11210] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1543'.
[  470.213638][ T5886] usb 4-1: config 0 has an invalid interface number: 130 but max is 0
[  470.353431][T11218] fuse: Bad value for 'user_id'
[  470.362616][T11218] fuse: Bad value for 'user_id'
[  470.550120][ T5886] usb 4-1: config 0 has no interface number 0
[  470.571977][ T5886] usb 4-1: New USB device found, idVendor=145f, idProduct=013a, bcdDevice= 5.86
[  470.636687][ T5886] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  470.681318][ T5886] usb 4-1: Product: syz
[  470.690897][ T5886] usb 4-1: Manufacturer: syz
[  470.697882][ T5886] usb 4-1: SerialNumber: syz
[  470.716166][ T5886] usb 4-1: config 0 descriptor??
[  470.747199][ T5886] gspca_main: pac207-2.14.0 probing 145f:013a
[  470.902730][ T5886] gspca_pac207: Failed to read a register (index 0x0000, error -110)
[  470.998334][ T5886] usb 4-1: USB disconnect, device number 57
[  471.270030][   T30] audit: type=1326 audit(1747065839.231:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11231 comm="syz.1.1550" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc70878e969 code=0x0
[  471.577667][T11242] netlink: 'syz.4.1552': attribute type 16 has an invalid length.
[  471.586131][T11242] netlink: 64138 bytes leftover after parsing attributes in process `syz.4.1552'.
[  472.152197][T11255] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1556'.
[  472.175238][T11255] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1556'.
[  472.460231][T11260] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  473.007419][T11264] netlink: 'syz.1.1560': attribute type 1 has an invalid length.
[  473.114019][T11264] 8021q: adding VLAN 0 to HW filter on device bond6
[  473.144401][T11269] vlan0: entered allmulticast mode
[  473.149621][T11269] bond6: entered allmulticast mode
[  473.287064][T11268] bond6: (slave veth7): Enslaving as an active interface with a down link
[  474.102562][ T5883] usb 4-1: new high-speed USB device number 58 using dummy_hcd
[  474.368546][ T5883] usb 4-1: config 0 has no interfaces?
[  474.379185][ T5883] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  474.400608][ T5883] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  474.454751][T11294] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1569'.
[  474.461351][ T5883] usb 4-1: Product: syz
[  474.470958][ T5883] usb 4-1: Manufacturer: syz
[  474.480110][ T5883] usb 4-1: SerialNumber: syz
[  474.613763][ T5883] usb 4-1: config 0 descriptor??
[  474.624791][T11294] bond4 (unregistering): Released all slaves
[  474.662610][ T5886] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[  474.857868][ T5886] usb 3-1: Using ep0 maxpacket: 8
[  475.077853][ T5886] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  475.115908][ T5886] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  475.195299][ T5886] usb 3-1: New USB device found, idVendor=046d, idProduct=c20e, bcdDevice= 0.00
[  475.232523][ T5886] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.256309][T11301] netlink: 'syz.3.1565': attribute type 6 has an invalid length.
[  475.264331][T11301] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1565'.
[  475.305350][ T5886] usb 3-1: config 0 descriptor??
[  475.398110][T11301] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  475.407351][T11301] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  475.669941][ T5921] usb 4-1: USB disconnect, device number 58
[  475.753024][T11285] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1564'.
[  475.793010][T11285] netlink: 'syz.2.1564': attribute type 5 has an invalid length.
[  475.820460][T11285] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1564'.
[  475.839953][T11285] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  475.850775][T11285] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  475.862546][T11285] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  475.871238][T11285] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  475.883028][T11285] geneve2: entered promiscuous mode
[  475.889566][T11285] geneve2: entered allmulticast mode
[  476.372631][ T5921] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  476.549050][ T5921] usb 2-1: config 0 has no interfaces?
[  476.557295][ T5921] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  476.573543][ T5921] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  476.581947][ T5921] usb 2-1: Product: syz
[  476.628226][ T5921] usb 2-1: Manufacturer: syz
[  476.674435][ T5921] usb 2-1: SerialNumber: syz
[  476.687493][ T5921] usb 2-1: config 0 descriptor??
[  476.757496][T11321] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  476.987760][T11323] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1576'.
[  476.998756][T11323] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1576'.
[  477.643403][ T5886] usbhid 3-1:0.0: can't add hid device: -71
[  477.725368][ T5886] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  477.811119][ T5886] usb 3-1: USB disconnect, device number 79
[  478.220108][T11336] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  478.808213][T11355] netlink: 'syz.2.1586': attribute type 16 has an invalid length.
[  478.817078][T11355] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.1586'.
[  478.875231][ T5886] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[  479.104067][ T5886] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  479.130987][ T5886] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  479.154970][ T5886] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  479.170880][ T5886] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  479.189503][T11348] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  479.207683][ T5886] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  479.305632][T11364] input: syz0 as /devices/virtual/input/input45
[  479.761057][ T5886] usb 2-1: USB disconnect, device number 61
[  480.639393][T11385] bridge: RTM_NEWNEIGH with unconfigured vlan 4 on bridge0
[  480.725679][T11388] input: syz0 as /devices/virtual/input/input46
[  480.868424][T11387] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  481.132489][ T9981] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  481.132721][    C1] raw-gadget.0 gadget.1: ignoring, device is not running
[  481.274952][ T9981] usb 2-1: device descriptor read/64, error -32
[  481.276343][ T5921] usb 5-1: USB disconnect, device number 68
[  481.514940][ T9981] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  481.515719][    C1] raw-gadget.0 gadget.1: ignoring, device is not running
[  481.673069][ T9981] usb 2-1: device descriptor read/64, error -32
[  481.784700][ T9981] usb usb2-port1: attempt power cycle
[  482.136955][ T9981] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  482.195537][ T9981] usb 2-1: Using ep0 maxpacket: 8
[  482.256025][ T9981] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  482.262626][ T5883] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[  482.281596][ T9981] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  482.310416][ T9981] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 10784, setting to 1024
[  482.371484][ T9981] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  482.510886][ T5883] usb 5-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  482.555621][ T5883] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  482.584407][ T9981] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  482.587097][ T5883] usb 5-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  482.665793][ T5883] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  482.678408][ T5883] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.710799][ T5883] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  482.737463][ T9981] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  482.737845][ T5883] usb 5-1: invalid MIDI out EP 0
[  482.828476][ T9981] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  482.942115][ T7707] udevd[7707]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  483.019916][ T5883] snd-usb-audio 5-1:27.0: probe with driver snd-usb-audio failed with error -22
[  483.069610][ T5883] usb 5-1: USB disconnect, device number 69
[  483.179113][T11416] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1603'.
[  483.272367][T11422] input: syz0 as /devices/virtual/input/input47
[  483.414010][ T9981] usb 2-1: GET_CAPABILITIES returned 0
[  483.421103][ T9981] usbtmc 2-1:16.0: can't read capabilities
[  483.509903][   T30] audit: type=1326 audit(1747065851.461:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11423 comm="syz.0.1605" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce6d18e969 code=0x0
[  483.654457][    C0] usbtmc 2-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  483.732274][T11388] usbtmc 2-1:16.0: Unable to send data, error -71
[  484.167036][T11430] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  484.392547][ T5901] usb 4-1: new full-speed USB device number 59 using dummy_hcd
[  484.554127][ T5901] usb 4-1: config 0 has an invalid interface number: 130 but max is 0
[  484.562638][ T5901] usb 4-1: config 0 has no interface number 0
[  484.627425][ T5901] usb 4-1: New USB device found, idVendor=145f, idProduct=013a, bcdDevice= 5.86
[  484.653903][ T5901] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  484.662668][ T5901] usb 4-1: Product: syz
[  484.666935][ T5901] usb 4-1: Manufacturer: syz
[  484.671717][ T5901] usb 4-1: SerialNumber: syz
[  484.686414][ T5901] usb 4-1: config 0 descriptor??
[  484.704883][ T5901] gspca_main: pac207-2.14.0 probing 145f:013a
[  484.853093][ T5901] gspca_pac207: Failed to read a register (index 0x0000, error -110)
[  484.932630][ T9981] usb 4-1: USB disconnect, device number 59
[  485.020669][ T5882] usb 2-1: USB disconnect, device number 64
[  485.113752][T11437] fuse: Bad value for 'user_id'
[  485.136830][T11437] fuse: Bad value for 'user_id'
[  485.967142][T11461] FAULT_INJECTION: forcing a failure.
[  485.967142][T11461] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  485.999126][T11460] input: syz0 as /devices/virtual/input/input48
[  486.014097][T11461] CPU: 0 UID: 0 PID: 11461 Comm: syz.1.1619 Not tainted 6.15.0-rc6-syzkaller #0 PREEMPT(full) 
[  486.014145][T11461] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  486.014171][T11461] Call Trace:
[  486.014180][T11461]  <TASK>
[  486.014188][T11461]  dump_stack_lvl+0x189/0x250
[  486.014236][T11461]  ? __pfx_dump_stack_lvl+0x10/0x10
[  486.014264][T11461]  ? __pfx__printk+0x10/0x10
[  486.014297][T11461]  should_fail_ex+0x414/0x560
[  486.014323][T11461]  _copy_to_user+0x31/0xb0
[  486.014355][T11461]  simple_read_from_buffer+0xe1/0x170
[  486.014390][T11461]  proc_fail_nth_read+0x1df/0x250
[  486.014427][T11461]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  486.014460][T11461]  ? rw_verify_area+0x258/0x650
[  486.014480][T11461]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  486.014509][T11461]  vfs_read+0x1fd/0x980
[  486.014536][T11461]  ? __pfx___mutex_lock+0x10/0x10
[  486.014562][T11461]  ? __pfx_vfs_read+0x10/0x10
[  486.014584][T11461]  ? __fget_files+0x2a/0x420
[  486.014612][T11461]  ? __fget_files+0x3a0/0x420
[  486.014634][T11461]  ? __fget_files+0x2a/0x420
[  486.014677][T11461]  ksys_read+0x145/0x250
[  486.014706][T11461]  ? __pfx_ksys_read+0x10/0x10
[  486.014736][T11461]  ? do_syscall_64+0xba/0x210
[  486.014764][T11461]  do_syscall_64+0xf6/0x210
[  486.014790][T11461]  ? clear_bhb_loop+0x45/0xa0
[  486.014814][T11461]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  486.014832][T11461] RIP: 0033:0x7fc70878d37c
[  486.014850][T11461] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  486.014867][T11461] RSP: 002b:00007fc709621030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  486.014887][T11461] RAX: ffffffffffffffda RBX: 00007fc7089b5fa0 RCX: 00007fc70878d37c
[  486.014901][T11461] RDX: 000000000000000f RSI: 00007fc7096210a0 RDI: 0000000000000004
[  486.014913][T11461] RBP: 00007fc709621090 R08: 0000000000000000 R09: 0000000000000000
[  486.014931][T11461] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  486.014943][T11461] R13: 0000000000000000 R14: 00007fc7089b5fa0 R15: 00007fc708adfa28
[  486.014979][T11461]  </TASK>
[  486.653201][T11471] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  486.669857][T11471] batadv_slave_0: entered promiscuous mode
[  486.932494][ T5882] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[  487.093368][ T5882] usb 5-1: Using ep0 maxpacket: 16
[  487.101539][ T5882] usb 5-1: config 0 has an invalid interface number: 105 but max is 0
[  487.111349][ T5882] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  487.121665][ T5882] usb 5-1: config 0 has no interface number 0
[  487.146470][ T9981] usb 4-1: new full-speed USB device number 60 using dummy_hcd
[  487.159540][ T5882] usb 5-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  487.183227][ T5882] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  487.202565][ T5882] usb 5-1: Product: syz
[  487.236401][ T5882] usb 5-1: Manufacturer: syz
[  487.264360][ T5882] usb 5-1: SerialNumber: syz
[  487.288788][ T5882] usb 5-1: config 0 descriptor??
[  487.306715][ T5882] usb 5-1: Found UVC 0.00 device syz (046d:08d3)
[  487.325653][ T9981] usb 4-1: config 0 has an invalid interface number: 130 but max is 0
[  487.334282][ T9981] usb 4-1: config 0 has no interface number 0
[  487.346014][ T5882] usb 5-1: No valid video chain found.
[  487.361523][ T9981] usb 4-1: New USB device found, idVendor=145f, idProduct=013a, bcdDevice= 5.86
[  487.386566][ T9981] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  487.400344][ T9981] usb 4-1: Product: syz
[  487.413199][ T9981] usb 4-1: Manufacturer: syz
[  487.422555][ T9981] usb 4-1: SerialNumber: syz
[  487.457690][ T9981] usb 4-1: config 0 descriptor??
[  487.474545][ T9981] gspca_main: pac207-2.14.0 probing 145f:013a
[  487.592670][ T9981] gspca_pac207: Failed to read a register (index 0x0000, error -110)
[  487.677058][T11503] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  487.686604][T11503] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  487.852723][ T5882] usb 4-1: USB disconnect, device number 60
[  488.185933][T11506] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  488.203475][T11506] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  488.337647][T11511] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1635'.
[  488.381531][T11513] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1635'.
[  488.455843][T11515] input: syz0 as /devices/virtual/input/input49
[  488.690878][T11522] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1637'.
[  488.705819][T11522] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1637'.
[  489.336363][T11524] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1639'.
[  489.940776][ T5901] usb 5-1: USB disconnect, device number 70
[  490.175633][T11533] input: syz0 as /devices/virtual/input/input50
[  490.452629][ T5901] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[  490.604545][T11546] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  490.646321][ T5901] usb 3-1: Using ep0 maxpacket: 16
[  490.667782][ T5901] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[  490.687424][ T5901] usb 3-1: config 0 has no interface number 0
[  490.968973][ T5901] usb 3-1: config 0 interface 8 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  490.980090][ T5901] usb 3-1: config 0 interface 8 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  490.989979][ T5901] usb 3-1: config 0 interface 8 has no altsetting 0
[  490.997846][ T5901] usb 3-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  491.007305][ T5901] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  491.050142][ T5901] usb 3-1: config 0 descriptor??
[  491.630974][T11555] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1644'.
[  492.098454][T11559] netlink: 'syz.4.1650': attribute type 1 has an invalid length.
[  492.116641][ T5901] usbhid 3-1:0.8: can't add hid device: -71
[  492.126380][ T5901] usbhid 3-1:0.8: probe with driver usbhid failed with error -71
[  492.322558][ T5901] usb 3-1: USB disconnect, device number 80
[  492.480655][T11560] bond4 (unregistering): Released all slaves
[  492.747117][T11562] macsec1: entered promiscuous mode
[  492.772578][T11562] bond4: entered promiscuous mode
[  492.782297][T11562] macsec1: entered allmulticast mode
[  492.798875][T11562] bond4: entered allmulticast mode
[  492.850291][T11569] vlan2: entered promiscuous mode
[  493.355195][T11580] input: syz0 as /devices/virtual/input/input51
[  493.592666][ T5882] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[  493.722556][ T5882] usb 5-1: device descriptor read/64, error -71
[  494.052490][ T5882] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[  494.193831][ T5880] usb 4-1: new high-speed USB device number 61 using dummy_hcd
[  494.202492][ T5882] usb 5-1: device descriptor read/64, error -71
[  494.312885][ T5882] usb usb5-port1: attempt power cycle
[  494.409128][T11585] fuse: Bad value for 'fd'
[  494.462566][ T5880] usb 4-1: Using ep0 maxpacket: 16
[  494.469665][ T5880] usb 4-1: config 0 has an invalid interface number: 105 but max is 0
[  494.479849][ T5880] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  494.490519][ T5880] usb 4-1: config 0 has no interface number 0
[  494.502923][ T5880] usb 4-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  494.512274][ T5880] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  494.529077][ T5880] usb 4-1: Product: syz
[  494.546626][ T5880] usb 4-1: Manufacturer: syz
[  494.555899][ T5880] usb 4-1: SerialNumber: syz
[  494.570013][ T5880] usb 4-1: config 0 descriptor??
[  494.586042][ T5880] usb 4-1: Found UVC 0.00 device syz (046d:08d3)
[  494.592510][ T5880] usb 4-1: No valid video chain found.
[  494.692656][ T5882] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[  494.708893][T11589] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1661'.
[  494.725924][ T5882] usb 5-1: device descriptor read/8, error -71
[  494.946041][T11596] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  494.955982][T11596] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  494.972476][ T5882] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[  495.004188][ T5882] usb 5-1: device descriptor read/8, error -71
[  495.112741][ T5882] usb usb5-port1: unable to enumerate USB device
[  495.303537][T11598] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  495.314447][T11598] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  495.702543][ T5880] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[  495.952566][ T5880] usb 3-1: Using ep0 maxpacket: 16
[  496.473566][ T5880] usb 3-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  496.482794][ T5880] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  496.500100][ T5880] usb 3-1: config 0 descriptor??
[  496.791929][ T5886] usb 4-1: USB disconnect, device number 61
[  497.483690][T11602] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  497.652954][T11602] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  497.713896][ T5880] usbhid 3-1:0.0: can't add hid device: -71
[  497.720444][ T5880] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  497.740908][ T5880] usb 3-1: USB disconnect, device number 81
[  497.866328][T11619] input: syz0 as /devices/virtual/input/input52
[  498.049243][T11623] fuse: Bad value for 'fd'
[  498.353865][T11632] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1673'.
[  498.379906][T11632] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1673'.
[  499.116665][ T5880] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[  499.168947][T11647] fuse: Bad value for 'fd'
[  499.288469][T11652] input: syz0 as /devices/virtual/input/input53
[  499.401750][ T5880] usb 5-1: config 0 has no interfaces?
[  499.414277][ T5880] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  499.425642][ T5880] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  499.434062][ T5880] usb 5-1: Product: syz
[  499.439016][ T5880] usb 5-1: Manufacturer: syz
[  499.459201][ T5880] usb 5-1: SerialNumber: syz
[  499.490649][ T5880] usb 5-1: config 0 descriptor??
[  499.719463][T11641] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1675'.
[  499.779481][ T5886] usb 2-1: new high-speed USB device number 65 using dummy_hcd
[  499.986221][ T5886] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  499.999340][ T5886] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  500.027504][ T5886] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  500.041296][ T5886] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  500.080376][ T5886] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.229543][ T5886] usb 2-1: config 0 descriptor??
[  500.485781][T11671] input: syz0 as /devices/virtual/input/input54
[  500.664577][ T5886] usbhid 2-1:0.0: can't add hid device: -71
[  500.670583][ T5886] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  500.686654][ T5886] usb 2-1: USB disconnect, device number 65
[  501.052531][ T5882] usb 4-1: new high-speed USB device number 62 using dummy_hcd
[  501.207694][ T5882] usb 4-1: Using ep0 maxpacket: 16
[  501.216206][ T5882] usb 4-1: config index 0 descriptor too short (expected 16456, got 72)
[  501.227982][ T5882] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  501.248339][ T5882] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  501.260800][ T5882] usb 4-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  501.274212][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  501.274290][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  501.286478][T11683] fuse: Bad value for 'fd'
[  501.287218][ T5882] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  501.300419][ T5882] usb 4-1: Product: syz
[  501.304914][ T5882] usb 4-1: Manufacturer: syz
[  501.320467][ T5882] usb 4-1: SerialNumber: syz
[  501.331422][ T5882] usb 4-1: config 0 descriptor??
[  501.394630][T11685] xt_recent: Unsupported userspace flags (000000de)
[  501.564908][T11679] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1690'.
[  501.583817][ T5886] usb 4-1: USB disconnect, device number 62
[  501.752504][ T5882] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  501.779908][T11691] netlink: 'syz.2.1696': attribute type 1 has an invalid length.
[  501.827426][T11691] 8021q: adding VLAN 0 to HW filter on device bond3
[  501.835640][T11691] bond2: (slave bond3): making interface the new active one
[  501.843943][T11691] bond2: (slave bond3): Enslaving as an active interface with an up link
[  501.861010][T11691] macsec2: entered promiscuous mode
[  501.866346][T11691] bond2: entered promiscuous mode
[  501.871499][T11691] bond3: entered promiscuous mode
[  501.878991][T11691] macsec2: entered allmulticast mode
[  501.884412][T11691] bond2: entered allmulticast mode
[  501.889642][T11691] bond3: entered allmulticast mode
[  501.937272][ T5882] usb 2-1: unable to read config index 0 descriptor/start: -61
[  501.943527][ T5901] usb 5-1: USB disconnect, device number 75
[  501.945122][ T5882] usb 2-1: can't read configurations, error -61
[  502.083541][ T5882] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  502.244568][ T5882] usb 2-1: unable to read config index 0 descriptor/start: -61
[  502.304814][ T5882] usb 2-1: can't read configurations, error -61
[  502.320136][T11709] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  502.337352][ T5882] usb usb2-port1: attempt power cycle
[  502.368733][T11711] input: syz0 as /devices/virtual/input/input55
[  502.692715][ T5882] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  502.735606][ T5882] usb 2-1: unable to read config index 0 descriptor/start: -61
[  502.740344][T11713] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1704'.
[  502.756997][T11713] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1704'.
[  502.764565][ T5882] usb 2-1: can't read configurations, error -61
[  502.922504][ T5882] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  502.967566][ T5882] usb 2-1: unable to read config index 0 descriptor/start: -61
[  502.982537][ T5882] usb 2-1: can't read configurations, error -61
[  502.989370][ T5882] usb usb2-port1: unable to enumerate USB device
[  503.216669][T11729] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1707'.
[  505.337651][T11758] netlink: 44 bytes leftover after parsing attributes in process `syz.3.1718'.
[  505.356840][T11759] input: syz0 as /devices/virtual/input/input57
[  505.823289][ T5882] usb 4-1: new full-speed USB device number 63 using dummy_hcd
[  505.989440][ T5882] usb 4-1: not running at top speed; connect to a high speed hub
[  506.013183][ T5882] usb 4-1: config 1 has an invalid descriptor of length 90, skipping remainder of the config
[  506.029359][ T5882] usb 4-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  506.075666][ T5882] usb 4-1: New USB device found, idVendor=0535, idProduct=a4a8, bcdDevice= 0.40
[  506.137095][ T5882] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  506.200093][ T5882] usb 4-1: Product: syz
[  506.283375][ T5882] usb 4-1: Manufacturer: syz
[  506.288023][ T5882] usb 4-1: SerialNumber: syz
[  507.730418][T11793] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  508.347824][T11803] input: syz0 as /devices/virtual/input/input58
[  508.392709][ T5880] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[  508.459714][T11801] input: syz0 as /devices/virtual/input/input59
[  508.555734][ T5880] usb 5-1: Using ep0 maxpacket: 32
[  508.573720][ T5882] usb 4-1: USB disconnect, device number 63
[  508.588370][ T5880] usb 5-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  508.615684][ T5880] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.632933][ T5880] usb 5-1: Product: syz
[  508.637134][ T5880] usb 5-1: Manufacturer: syz
[  508.641745][ T5880] usb 5-1: SerialNumber: syz
[  508.665520][ T5880] usb 5-1: config 0 descriptor??
[  509.352564][ T5901] usb 4-1: new high-speed USB device number 64 using dummy_hcd
[  509.373930][ T5880] RobotFuzz Open Source InterFace, OSIF 5-1:0.0: version d4.15 found at bus 005 address 076
[  509.533268][ T5901] usb 4-1: Using ep0 maxpacket: 16
[  509.561240][ T5901] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  509.620768][ T5901] usb 4-1: config 0 has no interfaces?
[  509.630075][ T5901] usb 4-1: New USB device found, idVendor=046d, idProduct=c29c, bcdDevice= 0.00
[  509.641504][ T5901] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  509.666654][ T5901] usb 4-1: config 0 descriptor??
[  509.894870][T11824] input: syz0 as /devices/virtual/input/input60
[  510.008664][T11816] netlink: 'syz.3.1739': attribute type 2 has an invalid length.
[  510.016760][T11816] netlink: 'syz.3.1739': attribute type 11 has an invalid length.
[  510.024723][T11816] netlink: 132 bytes leftover after parsing attributes in process `syz.3.1739'.
[  511.097609][T11828] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  511.171277][ T5901] usb 5-1: USB disconnect, device number 76
[  511.233001][T11831] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1743'.
[  512.579609][T11848] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  512.856675][ T5882] usb 4-1: USB disconnect, device number 64
[  512.904731][ T5921] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[  513.034224][T11855] input: syz0 as /devices/virtual/input/input61
[  513.152510][ T5921] usb 2-1: Using ep0 maxpacket: 32
[  513.161986][ T5921] usb 2-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  513.172642][ T5921] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  513.180679][ T5921] usb 2-1: Product: syz
[  513.185161][ T5921] usb 2-1: Manufacturer: syz
[  513.189877][ T5921] usb 2-1: SerialNumber: syz
[  513.198262][ T5921] usb 2-1: config 0 descriptor??
[  513.295679][T11859] input: syz0 as /devices/virtual/input/input62
[  513.964339][T11868] netlink: 'syz.4.1754': attribute type 1 has an invalid length.
[  514.111047][T11870] 8021q: adding VLAN 0 to HW filter on device bond6
[  514.163390][T11870] bond5: (slave bond6): making interface the new active one
[  514.172223][ T5921] RobotFuzz Open Source InterFace, OSIF 2-1:0.0: version d4.15 found at bus 002 address 070
[  514.183030][T11870] bond5: (slave bond6): Enslaving as an active interface with an up link
[  514.270215][T11868] macsec2: entered promiscuous mode
[  514.277117][T11868] bond5: entered promiscuous mode
[  514.282242][T11868] bond6: entered promiscuous mode
[  514.287670][T11868] macsec2: entered allmulticast mode
[  514.293696][T11868] bond5: entered allmulticast mode
[  514.298878][T11868] bond6: entered allmulticast mode
[  515.012678][ T9981] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[  515.192644][ T9981] usb 5-1: Using ep0 maxpacket: 16
[  515.200982][ T9981] usb 5-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  515.210271][ T9981] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  515.218633][ T9981] usb 5-1: Product: syz
[  515.223107][ T9981] usb 5-1: Manufacturer: syz
[  515.227843][ T9981] usb 5-1: SerialNumber: syz
[  515.246239][ T9981] usb 5-1: config 0 descriptor??
[  515.257358][ T9981] ssu100 5-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  515.395035][T11894] input: syz0 as /devices/virtual/input/input63
[  515.454527][T11896] input: syz0 as /devices/virtual/input/input64
[  515.623294][ T5921] usb 2-1: USB disconnect, device number 70
[  515.763172][T11907] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1769'.
[  515.773366][T11907] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1769'.
[  515.973760][T11914] netlink: 'syz.1.1772': attribute type 35 has an invalid length.
[  516.106694][T11919] netlink: 'syz.1.1774': attribute type 5 has an invalid length.
[  516.118246][T11919] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1774'.
[  516.315035][T11923] input: syz0 as /devices/virtual/input/input65
[  516.442484][ T5921] usb 2-1: new full-speed USB device number 71 using dummy_hcd
[  516.487681][ T9981] usb 5-1: Quatech SSU-100 USB to Serial Driver converter now attached to ttyUSB0
[  516.590657][T11930] Cannot find del_set index 2 as target
[  516.614640][ T5921] usb 2-1: not running at top speed; connect to a high speed hub
[  516.654005][ T5921] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 624, setting to 64
[  516.681210][ T5921] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  516.696154][T11882] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  516.710879][T11882] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  516.724693][ T5921] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  516.738072][ T5921] usb 2-1: Product: syz
[  516.752466][ T9981] usb 5-1: USB disconnect, device number 77
[  516.771607][ T9981] ssu100 ttyUSB0: Quatech SSU-100 USB to Serial Driver converter now disconnected from ttyUSB0
[  516.792768][ T5921] usb 2-1: Manufacturer: syz
[  516.797412][ T5921] usb 2-1: SerialNumber: syz
[  516.814362][ T9981] ssu100 5-1:0.0: device disconnected
[  516.898277][T11947] input: syz0 as /devices/virtual/input/input66
[  517.012922][   T30] audit: type=1326 audit(1747065884.971:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11943 comm="syz.3.1785" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f53d4b8e969 code=0x0
[  517.734579][T11962] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1787'.
[  517.749950][T11962] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1787'.
[  517.892693][T11963] netlink: 'syz.0.1788': attribute type 16 has an invalid length.
[  517.900670][T11963] netlink: 64138 bytes leftover after parsing attributes in process `syz.0.1788'.
[  518.941162][T11970] FAULT_INJECTION: forcing a failure.
[  518.941162][T11970] name failslab, interval 1, probability 0, space 0, times 0
[  518.982665][T11970] CPU: 1 UID: 0 PID: 11970 Comm: syz.2.1789 Not tainted 6.15.0-rc6-syzkaller #0 PREEMPT(full) 
[  518.982696][T11970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  518.982705][T11970] Call Trace:
[  518.982711][T11970]  <TASK>
[  518.982718][T11970]  dump_stack_lvl+0x189/0x250
[  518.982745][T11970]  ? __pfx_dump_stack_lvl+0x10/0x10
[  518.982766][T11970]  ? __pfx__printk+0x10/0x10
[  518.982783][T11970]  ? __pfx___might_resched+0x10/0x10
[  518.982800][T11970]  should_fail_ex+0x414/0x560
[  518.982817][T11970]  ? translate_table+0x19b/0x2040
[  518.982832][T11970]  should_failslab+0xa8/0x100
[  518.982852][T11970]  __kvmalloc_node_noprof+0x168/0x5e0
[  518.982871][T11970]  ? translate_table+0x19b/0x2040
[  518.982891][T11970]  translate_table+0x19b/0x2040
[  518.982921][T11970]  ? __pfx_translate_table+0x10/0x10
[  518.982939][T11970]  ? __might_fault+0xb0/0x130
[  518.982970][T11970]  ? _copy_from_user+0x94/0xb0
[  518.982992][T11970]  do_ip6t_set_ctl+0x970/0xce0
[  518.983013][T11970]  ? rcu_is_watching+0x15/0xb0
[  518.983033][T11970]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  518.983062][T11970]  ? __pfx___mutex_lock+0x10/0x10
[  518.983080][T11970]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  518.983096][T11970]  ? aa_sk_perm+0x81e/0x950
[  518.983113][T11970]  ? __pfx_aa_sk_perm+0x10/0x10
[  518.983130][T11970]  nf_setsockopt+0x26c/0x290
[  518.983148][T11970]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  518.983184][T11970]  do_sock_setsockopt+0x257/0x3e0
[  518.983204][T11970]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  518.983221][T11970]  ? __fget_files+0x2a/0x420
[  518.983243][T11970]  ? __fget_files+0x3a0/0x420
[  518.983260][T11970]  ? __fget_files+0x2a/0x420
[  518.983284][T11970]  __x64_sys_setsockopt+0x18b/0x220
[  518.983306][T11970]  do_syscall_64+0xf6/0x210
[  518.983326][T11970]  ? clear_bhb_loop+0x45/0xa0
[  518.983344][T11970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  518.983358][T11970] RIP: 0033:0x7f1e3618e969
[  518.983371][T11970] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  518.983405][T11970] RSP: 002b:00007f1e36fac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  518.983420][T11970] RAX: ffffffffffffffda RBX: 00007f1e363b5fa0 RCX: 00007f1e3618e969
[  518.983430][T11970] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000003
[  518.983438][T11970] RBP: 00007f1e36fac090 R08: 0000000000000380 R09: 0000000000000000
[  518.983465][T11970] R10: 0000200000000580 R11: 0000000000000246 R12: 0000000000000001
[  518.983473][T11970] R13: 0000000000000000 R14: 00007f1e363b5fa0 R15: 00007f1e364dfa28
[  518.983492][T11970]  </TASK>
[  519.836439][T11979] netlink: 'syz.4.1793': attribute type 1 has an invalid length.
[  519.934469][T11979] 8021q: adding VLAN 0 to HW filter on device bond8
[  519.945304][T11979] bond7: (slave bond8): making interface the new active one
[  519.953336][T11979] bond7: (slave bond8): Enslaving as an active interface with an up link
[  519.968341][T11987] macsec3: entered promiscuous mode
[  519.979672][T11987] bond7: entered promiscuous mode
[  519.987684][T11987] bond8: entered promiscuous mode
[  520.006616][T11987] macsec3: entered allmulticast mode
[  520.012097][T11987] bond7: entered allmulticast mode
[  520.030662][T11987] bond8: entered allmulticast mode
[  520.239277][T11996] input: syz0 as /devices/virtual/input/input67
[  520.439690][ T5921] cdc_ncm 2-1:1.0: bind() failure
[  520.545874][ T5921] cdc_ncm 2-1:1.1: CDC Union missing and no IAD found
[  520.564874][ T5921] cdc_ncm 2-1:1.1: bind() failure
[  520.588070][ T5921] usb 2-1: USB disconnect, device number 71
[  520.857812][T12004] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1802'.
[  521.339578][T12018] io-wq is not configured for unbound workers
[  521.452900][ T5880] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[  521.625374][ T5880] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  521.637201][ T5880] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  521.739896][ T5880] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  521.843377][ T5833] usb 4-1: new high-speed USB device number 65 using dummy_hcd
[  521.864040][ T5880] usb 3-1: config 0 descriptor??
[  521.865448][T12038] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  522.012557][ T5833] usb 4-1: Using ep0 maxpacket: 32
[  522.020002][ T5833] usb 4-1: unable to get BOS descriptor or descriptor too short
[  522.031327][ T5833] usb 4-1: config 5 has an invalid interface number: 4 but max is 0
[  522.040399][ T5833] usb 4-1: config 5 has no interface number 0
[  522.057810][ T5833] usb 4-1: config 5 interface 4 has no altsetting 0
[  522.215891][ T5833] usb 4-1: New USB device found, idVendor=1199, idProduct=6809, bcdDevice=61.47
[  522.225958][ T5833] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  522.271467][ T5833] usb 4-1: Product: syz
[  522.320053][ T5833] usb 4-1: Manufacturer: syz
[  522.457555][ T5833] usb 4-1: SerialNumber: syz
[  522.558408][ T5880] usbhid 3-1:0.0: can't add hid device: -71
[  522.743134][ T5833] sierra 4-1:5.4: Sierra USB modem converter detected
[  522.822838][ T5880] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  522.875289][ T5833] usb 4-1: Sierra USB modem converter now attached to ttyUSB0
[  522.890120][T12043] vlan2: entered promiscuous mode
[  522.916392][ T5880] usb 3-1: USB disconnect, device number 82
[  522.938640][ T5833] usb 4-1: USB disconnect, device number 65
[  522.983668][T12047] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1815'.
[  523.004842][ T5833] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[  523.041720][ T5833] sierra 4-1:5.4: device disconnected
[  523.077856][T12050] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1817'.
[  523.295641][T12053] input: syz0 as /devices/virtual/input/input68
[  523.752730][ T5921] usb 5-1: new full-speed USB device number 78 using dummy_hcd
[  523.925083][ T5921] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  523.934245][ T5921] usb 5-1: config 0 has no interface number 0
[  523.940643][ T5921] usb 5-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  523.949890][ T5921] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  523.972632][ T5921] usb 5-1: config 0 descriptor??
[  523.981420][ T5921] usb 5-1: selecting invalid altsetting 1
[  523.989848][ T5921] dvb_ttusb_budget: ttusb_init_controller: error
[  523.996439][ T5921] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  524.093475][ T5921] DVB: Unable to find symbol cx22700_attach()
[  524.124820][ T5880] usb 4-1: new high-speed USB device number 66 using dummy_hcd
[  524.145241][ T5921] DVB: Unable to find symbol tda10046_attach()
[  524.151452][ T5921] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  524.183461][T12059] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  524.194861][T12059] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  524.226198][ T5901] usb 5-1: USB disconnect, device number 78
[  524.282480][ T5880] usb 4-1: Using ep0 maxpacket: 32
[  524.297390][ T5880] usb 4-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  524.307052][ T5880] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  524.315174][ T5880] usb 4-1: Product: syz
[  524.319433][ T5880] usb 4-1: Manufacturer: syz
[  524.324122][ T5880] usb 4-1: SerialNumber: syz
[  524.331144][ T5880] usb 4-1: config 0 descriptor??
[  524.448765][T12083] netlink: 44 bytes leftover after parsing attributes in process `syz.1.1829'.
[  525.106609][T12094] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1832'.
[  525.194311][ T5880] RobotFuzz Open Source InterFace, OSIF 4-1:0.0: version d4.15 found at bus 004 address 066
[  526.757839][T12113] input: syz0 as /devices/virtual/input/input69
[  526.924410][ T5883] usb 4-1: USB disconnect, device number 66
[  527.392518][ T5883] usb 4-1: new high-speed USB device number 67 using dummy_hcd
[  527.529611][T12127] netlink: 'syz.2.1841': attribute type 1 has an invalid length.
[  527.621498][ T5883] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  527.718083][ T5883] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  527.760286][ T5883] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  527.798804][T12127] 8021q: adding VLAN 0 to HW filter on device bond5
[  527.820934][ T5883] usb 4-1: Product: syz
[  527.855824][ T5883] usb 4-1: Manufacturer: syz
[  527.886688][T12127] bond4: (slave bond5): making interface the new active one
[  527.896615][ T5883] usb 4-1: SerialNumber: syz
[  527.903959][T12127] bond4: (slave bond5): Enslaving as an active interface with an up link
[  527.958404][T12134] Cannot find set identified by id 0 to match
[  528.001565][T12129] macsec3: entered promiscuous mode
[  528.021607][T12129] bond4: entered promiscuous mode
[  528.039779][T12129] bond5: entered promiscuous mode
[  528.048127][T12129] macsec3: entered allmulticast mode
[  528.086719][T12129] bond4: entered allmulticast mode
[  528.100586][T12129] bond5: entered allmulticast mode
[  528.140661][ T5883] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 67 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  528.175526][T12139] vlan2: entered promiscuous mode
[  528.346190][ T5886] usb 4-1: USB disconnect, device number 67
[  528.370307][ T5886] usblp0: removed
[  528.402913][ T5901] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[  528.522552][ T5921] usb 3-1: new high-speed USB device number 83 using dummy_hcd
[  528.572666][ T5901] usb 2-1: Using ep0 maxpacket: 16
[  528.588378][ T5901] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  528.590261][T12158] loop2: detected capacity change from 0 to 7
[  528.611767][T12158] Dev loop2: unable to read RDB block 7
[  528.617840][T12158]  loop2: unable to read partition table
[  528.619728][ T5901] usb 2-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  528.625239][T12158] loop2: partition table beyond EOD, truncated
[  528.640214][T12158] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  528.653369][ T5901] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  528.670235][ T5901] usb 2-1: config 0 descriptor??
[  528.682745][ T5921] usb 3-1: Using ep0 maxpacket: 8
[  528.690050][ T5921] usb 3-1: New USB device found, idVendor=16d8, idProduct=7002, bcdDevice=25.49
[  528.709481][ T5921] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  528.733095][ T5921] usb 3-1: config 0 descriptor??
[  528.761841][ T5921] qmi_wwan 3-1:0.0: probe with driver qmi_wwan failed with error -22
[  528.936583][T12170] netlink: 'syz.3.1854': attribute type 5 has an invalid length.
[  528.944648][T12170] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1854'.
[  529.097032][ T5901] mcp2221 0003:04D8:00DD.0009: unbalanced collection at end of report description
[  529.109249][ T5901] mcp2221 0003:04D8:00DD.0009: can't parse reports
[  529.117092][ T5901] mcp2221 0003:04D8:00DD.0009: probe with driver mcp2221 failed with error -22
[  529.260042][T12178] netlink: 'syz.4.1857': attribute type 1 has an invalid length.
[  529.410624][T12180] 8021q: adding VLAN 0 to HW filter on device bond10
[  529.430177][T12180] bond9: (slave bond10): making interface the new active one
[  529.449260][T12180] bond9: (slave bond10): Enslaving as an active interface with an up link
[  529.536887][T12178] macsec4: entered promiscuous mode
[  529.546612][T12178] bond9: entered promiscuous mode
[  529.553257][T12178] bond10: entered promiscuous mode
[  529.560023][T12178] macsec4: entered allmulticast mode
[  529.568188][T12178] bond9: entered allmulticast mode
[  529.574854][T12178] bond10: entered allmulticast mode
[  530.045626][T12198] trusted_key: encrypted_key: insufficient parameters specified
[  530.517783][T12210] loop2: detected capacity change from 0 to 7
[  530.540197][ T7706] Dev loop2: unable to read RDB block 7
[  530.556247][ T7706]  loop2: unable to read partition table
[  530.608022][ T7706] loop2: partition table beyond EOD, truncated
[  530.963360][T12210] Dev loop2: unable to read RDB block 7
[  531.001727][T12210]  loop2: unable to read partition table
[  531.041377][T12210] loop2: partition table beyond EOD, truncated
[  531.077283][T12210] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  531.316216][ T5901] usb 3-1: USB disconnect, device number 83
[  531.426850][T12196] netlink: 'syz.3.1856': attribute type 13 has an invalid length.
[  531.532156][T12235] input: syz0 as /devices/virtual/input/input71
[  531.972557][ T9981] usb 3-1: new full-speed USB device number 84 using dummy_hcd
[  532.190635][ T9981] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  532.290680][ T9981] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  532.331609][ T9981] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  532.396574][ T9981] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  532.837763][ T9981] usb 3-1: usb_control_msg returned -32
[  532.851894][ T9981] usbtmc 3-1:16.0: can't read capabilities
[  532.900949][ T9981] usb 2-1: USB disconnect, device number 72
[  532.902842][T12251] fuse: blksize only supported for fuseblk
[  533.078625][T12254] netlink: 'syz.4.1869': attribute type 1 has an invalid length.
[  533.217010][T12254] 8021q: adding VLAN 0 to HW filter on device bond12
[  533.226338][T12254] bond11: (slave bond12): making interface the new active one
[  533.239846][T12254] bond11: (slave bond12): Enslaving as an active interface with an up link
[  533.254725][T12265] macsec5: entered promiscuous mode
[  533.283252][T12265] bond11: entered promiscuous mode
[  533.306190][T12265] bond12: entered promiscuous mode
[  533.327468][T12265] macsec5: entered allmulticast mode
[  533.343781][T12265] bond11: entered allmulticast mode
[  533.360033][T12265] bond12: entered allmulticast mode
[  533.408889][T12270] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  533.422025][T12270] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  533.472592][ T9981] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[  533.633141][ T9981] usb 2-1: Using ep0 maxpacket: 32
[  533.640103][ T9981] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  533.642553][ T5883] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[  533.653220][ T9981] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  533.667612][ T9981] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  533.677168][ T9981] usb 2-1: Product: syz
[  533.688792][ T9981] usb 2-1: Manufacturer: syz
[  533.749750][   T30] audit: type=1326 audit(1747065901.701:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12276 comm="syz.4.1877" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa468d8e969 code=0x0
[  533.775446][ T9981] usb 2-1: SerialNumber: syz
[  533.824549][ T9981] usb 2-1: config 0 descriptor??
[  533.833335][T12266] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  533.844210][ T9981] hub 2-1:0.0: bad descriptor, ignoring hub
[  533.852921][ T9981] hub 2-1:0.0: probe with driver hub failed with error -5
[  533.875929][ T5883] usb 4-1: config 128 has no interfaces?
[  533.896009][ T5883] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  533.921982][ T5883] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  533.944498][ T5883] usb 4-1: Product: syz
[  533.954885][ T5883] usb 4-1: Manufacturer: syz
[  533.967470][ T5883] usb 4-1: SerialNumber: syz
[  534.047319][T12260] usbtmc 3-1:16.0: send_request_dev_dep_msg_in returned -90
[  534.162673][ T9981] usb 2-1: USB disconnect, device number 73
[  534.201136][ T9981] usb 4-1: USB disconnect, device number 68
[  534.681052][ T5833] usb 3-1: USB disconnect, device number 84
[  534.977349][T12299] netlink: 'syz.4.1885': attribute type 1 has an invalid length.
[  535.045757][T12303] sctp: [Deprecated]: syz.2.1880 (pid 12303) Use of int in max_burst socket option deprecated.
[  535.045757][T12303] Use struct sctp_assoc_value instead
[  535.054681][T12299] 8021q: adding VLAN 0 to HW filter on device bond14
[  535.070412][T12299] bond13: (slave bond14): making interface the new active one
[  535.081250][T12299] bond13: (slave bond14): Enslaving as an active interface with an up link
[  535.096437][T12304] macsec6: entered promiscuous mode
[  535.101712][T12304] bond13: entered promiscuous mode
[  535.111597][T12304] bond14: entered promiscuous mode
[  535.117050][ T5921] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[  535.128355][T12304] macsec6: entered allmulticast mode
[  535.134895][T12304] bond13: entered allmulticast mode
[  535.140501][T12304] bond14: entered allmulticast mode
[  535.197127][T12308] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1887'.
[  535.273255][ T5921] usb 2-1: Using ep0 maxpacket: 32
[  535.286062][ T5921] usb 2-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  535.295864][ T5921] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  535.313840][ T5921] usb 2-1: Product: syz
[  535.323512][ T5921] usb 2-1: Manufacturer: syz
[  535.340206][ T5921] usb 2-1: SerialNumber: syz
[  535.359929][ T5921] usb 2-1: config 0 descriptor??
[  535.411818][T12315] vlan3: entered promiscuous mode
[  535.882502][ T5883] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[  536.022702][ T5883] usb 4-1: device descriptor read/64, error -71
[  536.030936][ T5921] RobotFuzz Open Source InterFace, OSIF 2-1:0.0: version d4.15 found at bus 002 address 074
[  536.272517][ T5883] usb 4-1: new high-speed USB device number 70 using dummy_hcd
[  536.422655][ T5833] usb 3-1: new full-speed USB device number 85 using dummy_hcd
[  536.432427][ T5883] usb 4-1: device descriptor read/64, error -71
[  536.543490][ T5883] usb usb4-port1: attempt power cycle
[  536.587209][ T5833] usb 3-1: config 0 has an invalid interface number: 130 but max is 0
[  536.598991][ T5833] usb 3-1: config 0 has no interface number 0
[  537.025708][ T5833] usb 3-1: New USB device found, idVendor=145f, idProduct=013a, bcdDevice= 5.86
[  537.037396][ T5833] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  537.045822][ T5833] usb 3-1: Product: syz
[  537.051117][ T5833] usb 3-1: Manufacturer: syz
[  537.056070][ T5833] usb 3-1: SerialNumber: syz
[  537.067112][ T5833] usb 3-1: config 0 descriptor??
[  537.079963][ T5833] gspca_main: pac207-2.14.0 probing 145f:013a
[  537.192810][ T5833] gspca_pac207: Failed to read a register (index 0x0000, error -110)
[  537.283268][ T5833] usb 3-1: USB disconnect, device number 85
[  537.292576][ T5883] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[  537.313752][ T5883] usb 4-1: device descriptor read/8, error -71
[  537.343810][T12356] xt_HMARK: spi-set and port-set can't be combined
[  537.562630][ T5883] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[  537.593081][ T5883] usb 4-1: device descriptor read/8, error -71
[  537.672596][ T5921] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[  537.713966][ T5883] usb usb4-port1: unable to enumerate USB device
[  537.822575][ T5921] usb 5-1: Using ep0 maxpacket: 32
[  537.836425][ T5921] usb 5-1: unable to read config index 0 descriptor/start: -61
[  537.847381][ T5921] usb 5-1: can't read configurations, error -61
[  537.909545][ T9981] usb 2-1: USB disconnect, device number 74
[  537.994826][ T5921] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[  538.154375][ T5921] usb 5-1: Using ep0 maxpacket: 32
[  538.199248][ T5921] usb 5-1: unable to read config index 0 descriptor/start: -61
[  538.225475][ T5921] usb 5-1: can't read configurations, error -61
[  538.232674][ T5921] usb usb5-port1: attempt power cycle
[  538.572541][ T5921] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[  538.609308][ T5921] usb 5-1: Using ep0 maxpacket: 32
[  538.634396][ T5921] usb 5-1: unable to read config index 0 descriptor/start: -61
[  538.643720][ T5921] usb 5-1: can't read configurations, error -61
[  538.772942][ T5921] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[  538.803486][ T5921] usb 5-1: Using ep0 maxpacket: 32
[  538.811172][ T5921] usb 5-1: unable to read config index 0 descriptor/start: -61
[  538.819900][ T5921] usb 5-1: can't read configurations, error -61
[  538.829518][ T5921] usb usb5-port1: unable to enumerate USB device
[  538.981656][T12393] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1915'.
[  539.624406][ T5833] usb 2-1: new high-speed USB device number 75 using dummy_hcd
[  539.850759][ T5833] usb 2-1: config 0 has no interfaces?
[  539.869265][ T5833] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  539.880402][ T5833] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  539.926185][ T5833] usb 2-1: Product: syz
[  539.930451][ T5833] usb 2-1: Manufacturer: syz
[  539.967691][ T5833] usb 2-1: SerialNumber: syz
[  540.043679][ T5833] usb 2-1: config 0 descriptor??
[  540.299669][   T30] audit: type=1326 audit(1747065908.251:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12413 comm="syz.2.1921" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1e3618e969 code=0x0
[  540.440102][T12407] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1919'.
[  540.633526][T12424] IPv6: NLM_F_CREATE should be specified when creating new route
[  540.683516][T12424] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  540.708733][T12424] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  540.935941][ T5833] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[  541.202498][ T5833] usb 4-1: device descriptor read/64, error -71
[  541.208836][ T5883] usb 5-1: new high-speed USB device number 83 using dummy_hcd
[  541.362624][ T5883] usb 5-1: Using ep0 maxpacket: 8
[  541.363970][T12439] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  541.370176][ T5883] usb 5-1: New USB device found, idVendor=16d8, idProduct=7002, bcdDevice=25.49
[  541.454293][ T5833] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[  541.465210][ T5883] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  541.499226][ T5883] usb 5-1: config 0 descriptor??
[  541.616749][ T5833] usb 4-1: device descriptor read/64, error -71
[  541.625601][ T5883] qmi_wwan 5-1:0.0: probe with driver qmi_wwan failed with error -22
[  541.753429][ T5833] usb usb4-port1: attempt power cycle
[  542.112536][ T5833] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[  542.133373][ T5833] usb 4-1: device descriptor read/8, error -71
[  542.306577][ T5901] usb 2-1: USB disconnect, device number 75
[  542.368027][T12457] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1936'.
[  542.385951][ T5833] usb 4-1: new high-speed USB device number 76 using dummy_hcd
[  542.413377][ T5833] usb 4-1: device descriptor read/8, error -71
[  542.523307][ T5833] usb usb4-port1: unable to enumerate USB device
[  542.726785][T12468] netlink: 56 bytes leftover after parsing attributes in process `syz.2.1940'.
[  542.744345][ T5901] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[  542.972486][ T5901] usb 2-1: Using ep0 maxpacket: 16
[  542.988436][ T5901] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[  542.997448][ T5901] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  543.017811][ T5901] usb 2-1: config 0 has no interface number 0
[  543.035898][ T5901] usb 2-1: New USB device found, idVendor=046d, idProduct=08d3, bcdDevice= b.28
[  543.052041][ T5901] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  543.116014][ T5901] usb 2-1: Product: syz
[  543.122208][ T5901] usb 2-1: Manufacturer: syz
[  543.127532][ T5901] usb 2-1: SerialNumber: syz
[  543.148048][ T5901] usb 2-1: config 0 descriptor??
[  543.265217][ T5901] usb 2-1: Found UVC 0.00 device syz (046d:08d3)
[  543.282477][ T5901] usb 2-1: No valid video chain found.
[  543.490312][T12473] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  543.528985][T12473] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  543.872260][T12474] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  543.883400][T12474] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  543.952579][ T5886] usb 5-1: USB disconnect, device number 83
[  544.059633][ T5901] usb 4-1: new full-speed USB device number 77 using dummy_hcd
[  544.257192][ T5901] usb 4-1: config 0 has an invalid interface number: 130 but max is 0
[  544.268617][ T5901] usb 4-1: config 0 has no interface number 0
[  544.283951][ T5901] usb 4-1: New USB device found, idVendor=145f, idProduct=013a, bcdDevice= 5.86
[  544.295601][ T5901] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  544.304152][ T5901] usb 4-1: Product: syz
[  544.309732][ T5901] usb 4-1: Manufacturer: syz
[  544.315080][ T5901] usb 4-1: SerialNumber: syz
[  544.330851][ T5901] usb 4-1: config 0 descriptor??
[  544.348549][ T5901] gspca_main: pac207-2.14.0 probing 145f:013a
[  544.422603][ T5886] usb 5-1: new high-speed USB device number 84 using dummy_hcd
[  544.462973][ T5901] gspca_pac207: Failed to read a register (index 0x0000, error -110)
[  544.545361][ T9981] usb 4-1: USB disconnect, device number 77
[  544.572501][ T5886] usb 5-1: device descriptor read/64, error -71
[  544.822727][ T5886] usb 5-1: new high-speed USB device number 85 using dummy_hcd
[  544.962497][ T5886] usb 5-1: device descriptor read/64, error -71
[  545.076214][ T5886] usb usb5-port1: attempt power cycle
[  545.134496][T12491] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1947'.
[  545.189509][T12493] Cannot find del_set index 2 as target
[  545.348751][T12495] netlink: 'syz.3.1949': attribute type 8 has an invalid length.
[  545.356886][T12495] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1949'.
[  545.432476][ T5886] usb 5-1: new high-speed USB device number 86 using dummy_hcd
[  545.465878][ T5901] usb 2-1: USB disconnect, device number 76
[  545.476252][ T5886] usb 5-1: device descriptor read/8, error -71
[  545.763121][ T5886] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[  545.812158][ T5886] usb 5-1: device descriptor read/8, error -71
[  545.927395][T12514] xt_recent: Unsupported userspace flags (000000de)
[  545.962877][ T5886] usb usb5-port1: unable to enumerate USB device
[  545.984426][ T5921] usb 2-1: new high-speed USB device number 77 using dummy_hcd
[  546.048375][T12518] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1958'.
[  546.117341][T12520] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  546.214122][ T5921] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  546.244493][ T5921] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  546.310924][ T5921] usb 2-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf
[  546.347034][T12522] netlink: 'syz.2.1957': attribute type 16 has an invalid length.
[  546.369038][ T5921] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  546.444009][ T5921] usb 2-1: Product: syz
[  546.448318][ T5921] usb 2-1: Manufacturer: syz
[  546.526242][ T5921] usb 2-1: SerialNumber: syz
[  547.420252][T12522] netlink: 64138 bytes leftover after parsing attributes in process `syz.2.1957'.
[  547.433422][ T5921] usb 2-1: config 0 descriptor??
[  547.483927][ T5921] usb 2-1: Found UVC 0.00 device syz (18ec:3288)
[  547.490324][ T5921] usb 2-1: No valid video chain found.
[  547.880101][T12537] netlink: 'syz.3.1962': attribute type 8 has an invalid length.
[  547.921298][T12537] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1962'.
[  547.959432][T12541] fuse: Bad value for 'fd'
[  548.006158][T12545] netlink: 'syz.0.1964': attribute type 30 has an invalid length.
[  548.031837][T12545] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  548.042123][T12545] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  548.051796][T12545] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  548.060635][T12545] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  548.076956][T12546] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1964'.
[  548.110650][T12545] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  548.120154][T12545] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  548.129141][T12545] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  548.138670][T12545] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  548.154862][T12546] x_tables: ip6_tables: TCPMSS target: only valid for protocol 6
[  548.309540][ T5880] usb 2-1: USB disconnect, device number 77
[  548.744305][T12561] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1969'.
[  549.162963][T12567] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  549.792187][T12586] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1977'.
[  549.851277][T12582] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  550.011755][T12591] netlink: 'syz.1.1978': attribute type 4 has an invalid length.
[  550.028581][T12590] netlink: 'syz.1.1978': attribute type 4 has an invalid length.
[  550.168797][T12597] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1981'.
[  550.262508][ T5921] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[  550.321633][T12603] input: syz0 as /devices/virtual/input/input72
[  550.420178][   T30] audit: type=1326 audit(1747065918.381:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12600 comm="syz.0.1982" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fce6d18e969 code=0x0
[  550.422492][ T5921] usb 5-1: Using ep0 maxpacket: 32
[  550.560446][ T5921] usb 5-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  550.569730][ T5921] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  550.655750][ T5921] usb 5-1: Product: syz
[  550.660006][ T5921] usb 5-1: Manufacturer: syz
[  550.754858][ T5921] usb 5-1: SerialNumber: syz
[  550.793198][ T5921] usb 5-1: config 0 descriptor??
[  550.876628][T12614] input: syz0 as /devices/virtual/input/input73
[  551.561227][ T5921] RobotFuzz Open Source InterFace, OSIF 5-1:0.0: version d4.15 found at bus 005 address 088
[  551.646649][T12626] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  552.041805][   T30] audit: type=1326 audit(1747065920.001:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12628 comm="syz.2.1990" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f1e3618e969 code=0x0
[  552.350314][T12633] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1992'.
[  552.524311][T12639] netlink: 'syz.0.1993': attribute type 8 has an invalid length.
[  552.533660][T12639] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1993'.
[  552.762533][ T5883] usb 2-1: new high-speed USB device number 78 using dummy_hcd
[  552.912447][ T5883] usb 2-1: Using ep0 maxpacket: 16
[  552.919809][ T5883] usb 2-1: config 0 descriptor has 1 excess byte, ignoring
[  552.929983][ T5883] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid maxpacket 65516, setting to 1024
[  552.970945][ T5883] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024
[  553.013917][ T5883] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  553.064495][ T5883] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0
[  553.084716][ T9981] usb 5-1: USB disconnect, device number 88
[  553.126219][ T5883] usb 2-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[  553.161468][ T5883] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  553.195208][ T5883] usb 2-1: Product: syz
[  553.199425][ T5883] usb 2-1: Manufacturer: syz
[  553.223178][ T5883] usb 2-1: SerialNumber: syz
[  553.230750][ T5883] usb 2-1: config 0 descriptor??
[  553.251030][T12637] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  553.313408][ T5883] mcba_usb 2-1:0.0 can0: couldn't setup read URBs
[  553.325836][ T5883] mcba_usb 2-1:0.0 can0: couldn't start device: -90
[  553.452978][ T5883] mcba_usb 2-1:0.0: probe with driver mcba_usb failed with error -90
[  553.560537][ T5883] usb 2-1: USB disconnect, device number 78
[  553.751467][T12665] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2004'.
[  554.017333][T12668] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  554.425007][T12677] netlink: 'syz.1.2009': attribute type 1 has an invalid length.
[  554.667468][T12679] 8021q: adding VLAN 0 to HW filter on device bond8
[  554.731131][T12679] bond7: (slave bond8): making interface the new active one
[  554.760501][T12679] bond7: (slave bond8): Enslaving as an active interface with an up link
[  554.817979][T12682] macsec2: entered promiscuous mode
[  554.823324][T12682] bond7: entered promiscuous mode
[  554.828402][T12682] bond8: entered promiscuous mode
[  554.832631][ T5921] usb 5-1: new high-speed USB device number 89 using dummy_hcd
[  554.833954][T12682] macsec2: entered allmulticast mode
[  554.849602][T12682] bond7: entered allmulticast mode
[  554.861850][T12682] bond8: entered allmulticast mode
[  555.028674][ T5921] usb 5-1: unable to get BOS descriptor or descriptor too short
[  555.038254][ T5921] usb 5-1: config 1 has an invalid interface number: 15 but max is 1
[  555.047183][ T5921] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  555.056299][ T5921] usb 5-1: config 1 has no interface number 0
[  555.062788][ T5921] usb 5-1: too many endpoints for config 1 interface 15 altsetting 190: 179, using maximum allowed: 30
[  555.083081][ T5921] usb 5-1: config 1 interface 15 altsetting 190 has 0 endpoint descriptors, different from the interface descriptor's value: 179
[  555.113895][ T5921] usb 5-1: config 1 interface 15 has no altsetting 0
[  555.129288][ T5921] usb 5-1: New USB device found, idVendor=2040, idProduct=bb90, bcdDevice=f6.75
[  555.140764][T12693] fuse: Unknown parameter '0x0000000000000004'
[  555.147047][ T5921] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  555.158891][ T5921] usb 5-1: Product: syz
[  555.172714][ T5921] usb 5-1: Manufacturer: syz
[  555.177533][ T5921] usb 5-1: SerialNumber: syz
[  555.334282][ T5901] usb 4-1: new high-speed USB device number 78 using dummy_hcd
[  555.512535][ T5901] usb 4-1: Using ep0 maxpacket: 16
[  555.525780][ T5901] usb 4-1: New USB device found, idVendor=0783, idProduct=1200, bcdDevice=ff.76
[  555.539495][ T5901] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  555.548059][ T5901] usb 4-1: Product: syz
[  555.552254][ T5901] usb 4-1: Manufacturer: syz
[  555.557469][ T5901] usb 4-1: SerialNumber: syz
[  555.567149][ T5901] usb 4-1: config 0 descriptor??
[  555.599112][ T5921] usb 5-1: USB disconnect, device number 89
[  555.744454][T12706] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2021'.
[  555.990634][ T5901] usb 4-1: USB disconnect, device number 78
[  556.060213][T12713] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  556.229612][T12716] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2024'.
[  556.481655][T12726] fuse: Unknown parameter '0x0000000000000004'
[  556.804370][T12730] Cannot find del_set index 2 as target
[  556.993009][T12745] netlink: 'syz.3.2034': attribute type 8 has an invalid length.
[  557.032929][T12745] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2034'.
[  557.079539][T12745] FAULT_INJECTION: forcing a failure.
[  557.079539][T12745] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  557.104130][T12745] CPU: 1 UID: 0 PID: 12745 Comm: syz.3.2034 Not tainted 6.15.0-rc6-syzkaller #0 PREEMPT(full) 
[  557.104157][T12745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  557.104168][T12745] Call Trace:
[  557.104177][T12745]  <TASK>
[  557.104184][T12745]  dump_stack_lvl+0x189/0x250
[  557.104219][T12745]  ? __pfx_dump_stack_lvl+0x10/0x10
[  557.104245][T12745]  ? __pfx__printk+0x10/0x10
[  557.104275][T12745]  should_fail_ex+0x414/0x560
[  557.104298][T12745]  _copy_to_user+0x31/0xb0
[  557.104326][T12745]  simple_read_from_buffer+0xe1/0x170
[  557.104353][T12745]  proc_fail_nth_read+0x1df/0x250
[  557.104382][T12745]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  557.104410][T12745]  ? rw_verify_area+0x258/0x650
[  557.104429][T12745]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  557.104456][T12745]  vfs_read+0x1fd/0x980
[  557.104488][T12745]  ? __pfx___mutex_lock+0x10/0x10
[  557.104512][T12745]  ? __pfx_vfs_read+0x10/0x10
[  557.104533][T12745]  ? __fget_files+0x2a/0x420
[  557.104578][T12745]  ? __fget_files+0x3a0/0x420
[  557.104601][T12745]  ? __fget_files+0x2a/0x420
[  557.104634][T12745]  ksys_read+0x145/0x250
[  557.104654][T12745]  ? rcu_is_watching+0x15/0xb0
[  557.104684][T12745]  ? __pfx_ksys_read+0x10/0x10
[  557.104709][T12745]  ? do_syscall_64+0xba/0x210
[  557.104739][T12745]  do_syscall_64+0xf6/0x210
[  557.104763][T12745]  ? clear_bhb_loop+0x45/0xa0
[  557.104787][T12745]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  557.104805][T12745] RIP: 0033:0x7f53d4b8d37c
[  557.104822][T12745] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  557.104839][T12745] RSP: 002b:00007f53d5aca030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  557.104859][T12745] RAX: ffffffffffffffda RBX: 00007f53d4db5fa0 RCX: 00007f53d4b8d37c
[  557.104874][T12745] RDX: 000000000000000f RSI: 00007f53d5aca0a0 RDI: 0000000000000005
[  557.104886][T12745] RBP: 00007f53d5aca090 R08: 0000000000000000 R09: 0000000000000000
[  557.104898][T12745] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  557.104909][T12745] R13: 0000000000000000 R14: 00007f53d4db5fa0 R15: 00007f53d4edfa28
[  557.104939][T12745]  </TASK>
[  557.431940][   T30] audit: type=1326 audit(1747065925.331:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12746 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e3618e969 code=0x7ffc0000
[  557.499016][   T30] audit: type=1326 audit(1747065925.341:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12746 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e3618e969 code=0x7ffc0000
[  557.554941][   T30] audit: type=1326 audit(1747065925.341:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12746 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e3618e969 code=0x7ffc0000
[  557.586175][   T30] audit: type=1326 audit(1747065925.341:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12746 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1e3618e969 code=0x7ffc0000
[  557.608909][   T30] audit: type=1326 audit(1747065925.341:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12746 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e3618e969 code=0x7ffc0000
[  557.631564][   T30] audit: type=1326 audit(1747065925.341:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12746 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f1e3618e969 code=0x7ffc0000
[  557.686770][   T30] audit: type=1326 audit(1747065925.341:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12746 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e3618e969 code=0x7ffc0000
[  557.728308][T12762] netlink: 'syz.3.2036': attribute type 3 has an invalid length.
[  557.751560][T12762] netlink: 'syz.3.2036': attribute type 3 has an invalid length.
[  557.772225][T12762] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2036'.
[  557.969399][   T30] audit: type=1326 audit(1747065925.341:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12746 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f1e3618e969 code=0x7ffc0000
[  558.628471][   T30] audit: type=1326 audit(1747065925.341:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12746 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e3618e969 code=0x7ffc0000
[  558.735230][T12739] syz.4.2030: attempt to access beyond end of device
[  558.735230][T12739] md2: rw=2048, sector=0, nr_sectors = 8 limit=0
[  558.748350][   T30] audit: type=1326 audit(1747065925.341:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12746 comm="syz.2.2035" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1e3618e969 code=0x7ffc0000
[  558.957477][T12775] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2039'.
[  559.165025][T12777] openvswitch: netlink: Tunnel attr 4104 out of range max 16
[  559.424537][ T5901] usb 3-1: new high-speed USB device number 86 using dummy_hcd
[  559.471869][T12772] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000009: 0000 [#1] SMP KASAN PTI
[  559.483785][T12772] KASAN: null-ptr-deref in range [0x0000000000000048-0x000000000000004f]
[  559.492190][T12772] CPU: 0 UID: 0 PID: 12772 Comm: syz.0.2039 Not tainted 6.15.0-rc6-syzkaller #0 PREEMPT(full) 
[  559.502521][T12772] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  559.512593][T12772] RIP: 0010:do_move_mount+0x27d/0xb10
[  559.518049][T12772] Code: e8 d8 28 83 ff 41 be ea ff ff ff 49 bd 00 00 00 00 00 fc ff df 48 8b 6c 24 18 4c 8b 7c 24 08 48 8d 5d 48 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 54 1d e5 ff 48 8b 1b 31 ff 48 89
[  559.537655][T12772] RSP: 0018:ffffc90003897d50 EFLAGS: 00010206
[  559.543724][T12772] RAX: 0000000000000009 RBX: 0000000000000048 RCX: 0000000000080000
[  559.551687][T12772] RDX: ffffc9000fb12000 RSI: 0000000000000191 RDI: 0000000000000192
[  559.559656][T12772] RBP: 0000000000000000 R08: ffffffff8dc1683b R09: 1ffffffff1b82d07
[  559.567628][T12772] R10: dffffc0000000000 R11: fffffbfff1b82d08 R12: ffff888028f63288
[  559.575600][T12772] R13: dffffc0000000000 R14: 00000000ffffffea R15: ffff888033fa5580
[  559.583656][T12772] FS:  00007fce6df706c0(0000) GS:ffff8881260c9000(0000) knlGS:0000000000000000
[  559.592594][T12772] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  559.599175][T12772] CR2: 00002000005d5000 CR3: 000000007eb5e000 CR4: 00000000003526f0
[  559.607153][T12772] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  559.615130][T12772] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  559.623103][T12772] Call Trace:
[  559.626383][T12772]  <TASK>
[  559.629322][T12772]  __se_sys_move_mount+0x4aa/0x580
[  559.634454][T12772]  ? __pfx___se_sys_move_mount+0x10/0x10
[  559.640095][T12772]  ? do_syscall_64+0xba/0x210
[  559.644791][T12772]  ? __x64_sys_move_mount+0x20/0xc0
[  559.649997][T12772]  do_syscall_64+0xf6/0x210
[  559.654506][T12772]  ? clear_bhb_loop+0x45/0xa0
[  559.659195][T12772]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  559.665093][T12772] RIP: 0033:0x7fce6d18e969
[  559.669515][T12772] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  559.689140][T12772] RSP: 002b:00007fce6df70038 EFLAGS: 00000246 ORIG_RAX: 00000000000001ad
[  559.697574][T12772] RAX: ffffffffffffffda RBX: 00007fce6d3b6160 RCX: 00007fce6d18e969
[  559.705552][T12772] RDX: ffffffffffffff9c RSI: 0000200000000140 RDI: 0000000000000007
[  559.713533][T12772] RBP: 00007fce6d210ab1 R08: 0000000000000000 R09: 0000000000000000
[  559.721515][T12772] R10: 0000200000000180 R11: 0000000000000246 R12: 0000000000000000
[  559.729493][T12772] R13: 0000000000000000 R14: 00007fce6d3b6160 R15: 00007fce6d4dfa28
[  559.737492][T12772]  </TASK>
[  559.740536][T12772] Modules linked in:
[  559.745369][T12772] ---[ end trace 0000000000000000 ]---
[  559.762836][T12772] RIP: 0010:do_move_mount+0x27d/0xb10
[  559.776333][T12772] Code: e8 d8 28 83 ff 41 be ea ff ff ff 49 bd 00 00 00 00 00 fc ff df 48 8b 6c 24 18 4c 8b 7c 24 08 48 8d 5d 48 48 89 d8 48 c1 e8 03 <42> 80 3c 28 00 74 08 48 89 df e8 54 1d e5 ff 48 8b 1b 31 ff 48 89
[  559.839987][T12772] RSP: 0018:ffffc90003897d50 EFLAGS: 00010206
[  559.847547][ T5901] usb 3-1: Using ep0 maxpacket: 16
[  559.857044][T12772] RAX: 0000000000000009 RBX: 0000000000000048 RCX: 0000000000080000
[  559.871005][ T5901] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[  559.872474][T12772] RDX: ffffc9000fb12000 RSI: 0000000000000191 RDI: 0000000000000192
[  559.888014][T12772] RBP: 0000000000000000 R08: ffffffff8dc1683b R09: 1ffffffff1b82d07
[  559.897573][T12772] R10: dffffc0000000000 R11: fffffbfff1b82d08 R12: ffff888028f63288
[  559.908154][T12772] R13: dffffc0000000000 R14: 00000000ffffffea R15: ffff888033fa5580
[  559.916690][T12772] FS:  00007fce6df706c0(0000) GS:ffff8881261c9000(0000) knlGS:0000000000000000
[  559.928570][T12772] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  559.936434][T12772] CR2: 0000200000f62000 CR3: 000000007eb5e000 CR4: 00000000003526f0
[  559.971710][ T5901] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  559.995173][ T5901] usb 3-1: config 0 has no interface number 0
[  560.001469][T12772] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  560.010775][T12772] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  560.020783][T12772] Kernel panic - not syncing: Fatal exception
[  560.027231][T12772] Kernel Offset: disabled
[  560.031572][T12772] Rebooting in 86400 seconds..