last executing test programs:

1m5.486873126s ago: executing program 3 (id=4140):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_KEY_STATUS(0xffffffffffffffff, 0x40086e81, &(0x7f0000000080)={@id={0x2, 0x0, @c}})
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@textreal={0x8, 0x0}], 0x1, 0x42, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x500000000000000)

1m4.55755132s ago: executing program 3 (id=4144):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$IPCTNL_MSG_EXP_DELETE(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000340)=ANY=[@ANYBLOB="cc00000002020102000000000000000001000003080009000000000404000380"], 0xcc}, 0x1, 0x0, 0x0, 0x81}, 0x800)
r2 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)=@getchain={0x0, 0x66, 0x2, 0x70bd2c, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {0xd, 0xa}, {0x9, 0x8}, {0x10, 0xb}}, [{0x0, 0xb, 0x7}]}, 0x48}}, 0x0)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003f000b05d25a806c8c6394f90324fc60100002000a000300053582c137153e3704020180fc0b09000c00", 0x33fe0}], 0x1}, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r3 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCSFF(r3, 0x40304580, &(0x7f0000000b40)={0x52, 0x1, 0x1, {0x2, 0x1}, {0x60, 0x2}, @period={0x58, 0x96, 0x6, 0x1, 0x8001, {0x5, 0x10, 0x0, 0x5}, 0x0, 0x0}})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r5 = openat$cgroup_ro(r4, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r5, &(0x7f0000000200)=0x1000000001, 0x12)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r7, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x0, 0x1000, &(0x7f0000000000/0x1000)=nil})
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r9, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="280000000406011100000000000000000200000105000100070000000900020073797a320000"], 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004)
ioctl$KVM_SET_MSRS(r8, 0x4008ae89, &(0x7f0000000200)={0x1, 0x0, [{0x4b564d00, 0x0, 0x9}]})
r10 = io_uring_setup(0x3eae, &(0x7f0000000080)={0x0, 0xc95e})
socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, 0x0)
r11 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r11, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="480000001000070629bd70000000010000000000", @ANYRES32=0x0, @ANYBLOB="93200000000000001c0012800b00010067726574617000000c00028008000700000000000a000100aaaaaaaaaa200000"], 0x48}}, 0x20000000)
io_uring_register$IORING_REGISTER_BUFFERS(r10, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x1ef6e3}], 0x100000000000011a)

1m2.575861223s ago: executing program 3 (id=4148):
ioctl$HIDIOCSREPORT(0xffffffffffffffff, 0x400c4808, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f00000000c0)={0x0, 0x2, "9bc8"}, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="0100000005000000ec0b000007"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000), &(0x7f0000000280), 0x105, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000180)={r0, &(0x7f00000000c0), &(0x7f0000000d40)=""/4096}, 0x20)

1m2.230122962s ago: executing program 3 (id=4149):
r0 = syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
socket$inet6(0xa, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r4, &(0x7f0000000140)=ANY=[@ANYBLOB="016f000d01000000f70b14"], 0x36)
r6 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r7=>0x0, &(0x7f0000000240)=<r8=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r7, r8, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xfffffe62}], 0x1})
io_uring_enter(r6, 0x847ba, 0x0, 0xe, 0x0, 0x0)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r9 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9801)
move_mount(r9, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r10 = openat(r0, &(0x7f00000000c0)='./file0\x00', 0x101040, 0x3a)
sendmsg$NFT_MSG_GETSETELEM(r10, &(0x7f0000000300)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x6000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)={0x4c, 0xd, 0xa, 0x101, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x2}]}, 0x4c}, 0x1, 0x0, 0x0, 0x800}, 0x4080)
r11 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r11, 0x84, 0xc, 0x0, &(0x7f0000000040))
r12 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r12, 0x0, 0x0)
mount$fuseblk(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x24000, 0x0)
open_tree(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x89901)
r13 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r13, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[], 0xc4}, 0x1, 0x0, 0x0, 0x20004000}, 0x90)

59.746902662s ago: executing program 3 (id=4156):
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
syz_open_dev$loop(&(0x7f00000005c0), 0x10000, 0x109041)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x8, 0xffff, 0x0, 0xd, 0x0, 0xfffffdffffffffff, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x1}, 0x2)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000180)='/sys/power/disk', 0xa2c41, 0x10)
write$cgroup_int(r2, &(0x7f0000000200)=0x2b00, 0x12)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
r3 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r4, 0x107, 0x5, &(0x7f00000000c0)=@req3={0x8000, 0x6, 0x8000, 0x6}, 0x1c)
mmap(&(0x7f0000000000/0x2000)=nil, 0x30000, 0x2, 0x11, r4, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r5, 0x1, 0x3c, 0x0, 0x0)
sendmmsg$inet(r5, &(0x7f0000000040)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000001c0)=[{&(0x7f0000000000)="238f855838e03eb2881387ce43f5b6658341e24b9bff94d45946f8feee8b863106388891b02d64bf45", 0x29}, {&(0x7f0000000500)="86e9a0d8", 0x4}, {&(0x7f00000005c0)}], 0x3}}], 0x1, 0x40008c0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x8, 0x0, 0x0, 0x0, 0x8004, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x15, r3}, 0x94)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0)

59.461907817s ago: executing program 3 (id=4157):
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1, 0x2a, &(0x7f0000000280)=ANY=[@ANYBLOB="9e1d0c"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

58.486496868s ago: executing program 32 (id=4157):
bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x1, 0x2a, &(0x7f0000000280)=ANY=[@ANYBLOB="9e1d0c"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

12.749635227s ago: executing program 1 (id=4311):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffb)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000040)={0x4, 0xffffffff, 0xfffffff8, 0xfffffffc}, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e900"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf090000f300000055"], 0x0, 0x7, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
poll(&(0x7f0000000040), 0x55, 0x0)
r3 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x20004080)
write$binfmt_misc(r4, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r3, 0x4c0a, &(0x7f00000002c0)={r4, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd00b94e3d500007000000e0ff00000018000500", [0x0, 0x2000000000001]}})
r5 = syz_io_uring_setup(0x110, &(0x7f0000001280)={0x0, 0xfad3, 0x0, 0xfffffffc, 0x2}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f00000000c0)=0x10001, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_POLL_ADD)
io_uring_enter(r5, 0xdb4, 0x0, 0x0, 0x0, 0x0)
vmsplice(r2, &(0x7f0000000a40)=[{&(0x7f0000000140)="afa63198c5600b55824939a413f97ae4da46194532f9e370fd64b8ce659bc134ab9f44dde3ee0c44e78b0b6729", 0x2d}, {&(0x7f0000000500)="99196facd4c0de1ec9132f40b1d5c89d3a4d04f7aad9e4ee0067e6a039a5f05230788859c099f0d67c73612dad6cd27d0f5219db1fb43ca55d874fed7eed878cbb8da38e27c09380a3e9bf045e3692e66da693b73ba538b134d6da5f4f0a67adc68e8744efd83318d67e51952b8258fbdf07ab4b97a827652cfdecd26e12f0db18bd880672eb1a4b042ae9d73906e9b22a6eba0c6a2b4d4d505e8aacfd0ba5614cf03f970bc6abf18e58863a355049f0498dd8086d641dded77c7ea2280c41a80b3d6ee52114ee1479f2de02cbe8", 0xce}, {&(0x7f0000000600)="0c6f4db4dae4524164f78a3796ac6d7fd927f4390a89b729b48151d457a955a5500ad754f8ed37ef03fa4f1a90dd723af82b61fde2a17f1b8936431b15332a2619c06df2fbced732c652aad12b186e12d8a96a009dfed53dcd246b655007145099e3c6ba475f", 0x66}, {&(0x7f0000000700)="ece7312f1c40f513f00ed3e911609da323efc03fb315f49eb7b1c341f3304466684f49395fcfd8ad16bd67372b5ee088153dcc0d1ee766b1b184aba9761df4b18fb6cbde218ea495a4c918f0410fcffb1a00130c14b744d178909492ead432923b2ae24f33229712a4c915144c367e0dd6bfed73d6ed72d3c702ed81c1c054dbbc0a83b2b6e37d74b0876a1d5edab9625b36f7598d9df3244d29750110841421692576b963d4b05cf2f093210949ba43c54e290cad581db29664963810", 0xbd}, {&(0x7f00000007c0)="08f68accc0bd1ba29958b4124e625ad5cd0c7f0bb2fa2fe702e646bb8af38a3f16348d888e94cee0f8c194cf1bd38639a77c9b9058c81543716ecb0bf3811e76713864e035e15a69de16c09db85cacfd8b5182f363c7df39f1d3fde02df9eba90b4ce47b0d4d2f644b8c72a15fbc4373a71a2412d7991cdda5c1974c252bc6c6294fe3bc5f4e5fef0b711e9b7ff39055df3c229d5c31e0be70c47d55959e961ee998ee9a98cf45e75f9f5127128dbdf1969a617536a1c82bc9df6f4dc5800d596c25c954219c7cf917b6db", 0xcb}, {&(0x7f00000008c0)="3ea570e88ddbad96eb29bf472f91828bd8a634ca48e835a65b7b2ac015904c14affdf8a22b606b8e426a685c1be16f5aa745efc25acf6df9485c49a12b41299e8969063d46d4bc0a4af4aa07bcd2f125ded977f519c0b3bd389dcd23fa34d004e66941e11c52e5f5a13e2eac9b78215d387ec3df1247fed8a23d37aa7954c31d36a0c8468f0d35da316541320faed4a760a74da5e260659e", 0x98}, {&(0x7f0000000980)="eeb69e5f488222ed266218a63366efd13d8840789183951d78453d80e972c547a55f962162f9eb318f9fead0afe743b6c5b97de2c4b07c3d116c3fde5145d0cc44ad8fb53342b90ea9d8a1af8c6efd9823e1445757f42641e0d4c0440f4fdfe931169aaca50922973933e73c884d2d7ec25f513e8f49cd5c3bc6ae69522b8ff2d83770a05186f2a647d65d9f7977d30cbe52ff647fa7eb28dbf2", 0x9a}, {&(0x7f00000001c0)="a0e734", 0x3}], 0x8, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r5, 0x18, &(0x7f0000000000)={0xfeffffff, 0xffffffffffffffff, 0x3, {0x3b4, 0x9}, 0x6}, 0x1)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)

8.314961065s ago: executing program 0 (id=4327):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x24, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xfff1, 0xffff}}}, 0x24}, 0x1, 0xfffc}, 0x4000800)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000940)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r3}}, 0x24}, 0x1, 0x0, 0x1000000}, 0x0)

8.31223884s ago: executing program 1 (id=4328):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES16], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0) (async)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0xf, {[@local=@item_4={0x3, 0x2, 0x0, "2e2b5aa4"}, @local=@item_4={0x3, 0x2, 0x0, "f85edaca"}, @main=@item_4={0x3, 0x0, 0x8}]}}, 0x0}, 0x0) (async)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xc018480b, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xc018480b, &(0x7f0000000780)={0x2, 0xffffffff, 0x8, 0x20000, 0x10000, 0x4}) (async)
syz_usb_connect(0x0, 0x68, &(0x7f0000000080)={{0x12, 0x1, 0x201, 0xb1, 0x98, 0xbf, 0x8, 0x45e, 0x47a, 0x9d2a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x56, 0x1, 0x0, 0x0, 0xc0, 0x4, [{{0x9, 0x4, 0x9a, 0x8, 0x0, 0x1a, 0x21, 0x95, 0x0, [@cdc_ncm={{0x6, 0x24, 0x6, 0x0, 0x1, 'k'}, {0x5, 0x24, 0x0, 0x2}, {0xd, 0x24, 0xf, 0x1, 0xe, 0xfffb, 0x1, 0x9}, {0x6, 0x24, 0x1a, 0x4, 0x30}, [@network_terminal={0x7, 0x24, 0xa, 0x3, 0xa, 0x3, 0x1}]}, @cdc_ecm={{0x7, 0x24, 0x6, 0x0, 0x0, "a693"}, {0x5, 0x24, 0x0, 0x4}, {0xd, 0x24, 0xf, 0x1, 0xf50, 0x6, 0x5e, 0x8}, [@ncm={0x6, 0x24, 0x1a, 0x9, 0x1d}]}]}}]}}]}}, 0x0)

8.305675727s ago: executing program 5 (id=4329):
syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x1b1c, 0xc10, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x60, 0x6, [{{0x9, 0x4, 0x0, 0x10, 0x5, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x0, 0x16, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0xc, 0x0, 0x7}}}}}]}}]}}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$kcm(0xa, 0x1, 0x0)
socket$kcm(0x10, 0x2, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
r0 = socket$netlink(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff00", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e00140002800800010008000000060002000100000008000500", @ANYRES32=r1, @ANYBLOB='\b\x00\n\x00', @ANYBLOB='v'], 0x54}}, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

7.902076009s ago: executing program 0 (id=4331):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffb)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e900"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf090000f300000055"], 0x0, 0x7, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
poll(&(0x7f0000000040), 0x55, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x20004080)
write$binfmt_misc(r3, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd00b94e3d500007000000e0ff00000018000500", [0x0, 0x2000000000001]}})
r4 = socket(0x2b, 0x1, 0x0)
r5 = syz_io_uring_setup(0x110, &(0x7f0000001280)={0x0, 0xfad3, 0x0, 0xfffffffc, 0x2}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f00000000c0)=0x10001, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r4})
io_uring_enter(r5, 0xdb4, 0x0, 0x0, 0x0, 0x0)
vmsplice(r1, &(0x7f0000000a40)=[{&(0x7f0000000140)="afa63198c5600b55824939a413f97ae4da46194532f9e370fd64b8ce659bc134ab9f44dde3ee0c44e78b0b6729", 0x2d}, {&(0x7f0000000500)="99196facd4c0de1ec9132f40b1d5c89d3a4d04f7aad9e4ee0067e6a039a5f05230788859c099f0d67c73612dad6cd27d0f5219db1fb43ca55d874fed7eed878cbb8da38e27c09380a3e9bf045e3692e66da693b73ba538b134d6da5f4f0a67adc68e8744efd83318d67e51952b8258fbdf07ab4b97a827652cfdecd26e12f0db18bd880672eb1a4b042ae9d73906e9b22a6eba0c6a2b4d4d505e8aacfd0ba5614cf03f970bc6abf18e58863a355049f0498dd8086d641dded77c7ea2280c41a80b3d6ee52114ee1479f2de02cbe8", 0xce}, {&(0x7f0000000600)="0c6f4db4dae4524164f78a3796ac6d7fd927f4390a89b729b48151d457a955a5500ad754f8ed37ef03fa4f1a90dd723af82b61fde2a17f1b8936431b15332a2619c06df2fbced732c652aad12b186e12d8a96a009dfed53dcd246b655007145099e3c6ba475f", 0x66}, {&(0x7f0000000700)="ece7312f1c40f513f00ed3e911609da323efc03fb315f49eb7b1c341f3304466684f49395fcfd8ad16bd67372b5ee088153dcc0d1ee766b1b184aba9761df4b18fb6cbde218ea495a4c918f0410fcffb1a00130c14b744d178909492ead432923b2ae24f33229712a4c915144c367e0dd6bfed73d6ed72d3c702ed81c1c054dbbc0a83b2b6e37d74b0876a1d5edab9625b36f7598d9df3244d29750110841421692576b963d4b05cf2f093210949ba43c54e290cad581db29664963810", 0xbd}, {&(0x7f00000007c0)="08f68accc0bd1ba29958b4124e625ad5cd0c7f0bb2fa2fe702e646bb8af38a3f16348d888e94cee0f8c194cf1bd38639a77c9b9058c81543716ecb0bf3811e76713864e035e15a69de16c09db85cacfd8b5182f363c7df39f1d3fde02df9eba90b4ce47b0d4d2f644b8c72a15fbc4373a71a2412d7991cdda5c1974c252bc6c6294fe3bc5f4e5fef0b711e9b7ff39055df3c229d5c31e0be70c47d55959e961ee998ee9a98cf45e75f9f5127128dbdf1969a617536a1c82bc9df6f4dc5800d596c25c954219c7cf917b6db", 0xcb}, {&(0x7f00000008c0)="3ea570e88ddbad96eb29bf472f91828bd8a634ca48e835a65b7b2ac015904c14affdf8a22b606b8e426a685c1be16f5aa745efc25acf6df9485c49a12b41299e8969063d46d4bc0a4af4aa07bcd2f125ded977f519c0b3bd389dcd23fa34d004e66941e11c52e5f5a13e2eac9b78215d387ec3df1247fed8a23d37aa7954c31d36a0c8468f0d35da316541320faed4a760a74da5e260659e", 0x98}, {&(0x7f0000000980)="eeb69e5f488222ed266218a63366efd13d8840789183951d78453d80e972c547a55f962162f9eb318f9fead0afe743b6c5b97de2c4b07c3d116c3fde5145d0cc44ad8fb53342b90ea9d8a1af8c6efd9823e1445757f42641e0d4c0440f4fdfe931169aaca50922973933e73c884d2d7ec25f513e8f49cd5c3bc6ae69522b8ff2d83770a05186f2a647d65d9f7977d30cbe52ff647fa7eb28dbf2", 0x9a}, {&(0x7f00000001c0)="a0e734", 0x3}], 0x8, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r5, 0x18, &(0x7f0000000000)={0xfeffffff, r4, 0x3, {0x3b4, 0x9}, 0x6}, 0x1)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)

6.44286477s ago: executing program 5 (id=4333):
openat$dsp(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_SET_IRQCHIP(r2, 0xc208ae62, 0x0)
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, 0x0, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0x4f}, {0x60, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1, 0xfc], 0x80, [0x8, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x4}]}}]}, 0x90}}, 0x4008804)
ptrace$getregset(0x4204, 0x0, 0x4, &(0x7f00000004c0)={&(0x7f0000000480)=""/21, 0x15})
mkdir(&(0x7f00000002c0)='./file2\x00', 0x0)
r4 = socket(0x15, 0x5, 0x0)
getsockopt(r4, 0x200000000114, 0x2718, 0x0, &(0x7f0000000040))

6.361968685s ago: executing program 2 (id=4334):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000680)={'wlan0\x00', <r1=>0x0})
r2 = socket(0x10, 0x803, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x340440f1)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x12, &(0x7f00000007c0), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000120000002400000008000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000}, 0x94)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c00000010000304000000000000000200000000", @ANYRES32=r1, @ANYBLOB="a4280400000000001400350076657468305f746f5f626f6e6400000008000a00", @ANYRES32=r3], 0x3c}, 0x1, 0x0, 0x0, 0x4008800}, 0x8000)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000001c0))

6.337817361s ago: executing program 1 (id=4335):
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x20002, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r3=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f00000000c0)={0x28, 0x7, r3, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r2, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r3, 0x0, 0xffffffffffffffff, 0x1})
openat$ptp0(0xffffffffffffff9c, 0x0, 0x4100, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = syz_open_procfs$namespace(0x0, &(0x7f0000000680)='ns/pid_for_children\x00')
setns(r4, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r6, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
openat$apparmor_thread_current(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f00000000c0)={"3c24139ed44aec57f2e2ad238a7b448ed886923c31d4b8affbf514fd00"})
socket$nl_route(0x10, 0x3, 0x0)
mkdirat(0xffffffffffffffff, 0x0, 0x60)
r7 = syz_open_dev$vbi(&(0x7f0000000080), 0x3, 0x2)
ioctl$VIDIOC_S_OUTPUT(r7, 0xc004562f, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000400)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000040)=0x14)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff)

5.750611983s ago: executing program 2 (id=4336):
r0 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r0, &(0x7f0000000000)=@abs={0x0, 0x0, 0x4e21}, 0x6e) (async)
r1 = socket$inet6_sctp(0xa, 0x0, 0x84) (async)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000080)={<r2=>0x0, 0x1d, "dcdc74892ab2a58cb070534897a40fa349232587e89b527d491f54f0ed"}, &(0x7f00000000c0)=0x25)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000100)={r2, 0x6}, 0x8) (async)
getsockname(r1, &(0x7f0000000140)=@alg, &(0x7f00000001c0)=0x80) (async, rerun: 64)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000200), 0x802e2, 0x0) (rerun: 64)
fsync(r3) (async)
newfstatat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, <r4=>0x0}, 0x400)
setsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, &(0x7f0000000300)={{{@in6=@ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, @in=@local, 0x4e21, 0x0, 0x4e24, 0x5, 0x2, 0x20, 0x80, 0x8, 0x0, r4}, {0x5, 0x5, 0x55, 0x0, 0x6, 0xff, 0x7, 0x9}, {0x8d, 0x91, 0x354, 0x2}, 0x7fff, 0x0, 0x1, 0x1, 0x0, 0x3}, {{@in=@broadcast, 0x4d2, 0xff}, 0xa, @in6=@empty, 0x3503, 0x1, 0x0, 0x8e, 0x200, 0x1, 0xb}}, 0xe8)
statfs(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)=""/15) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000004c0)={0x5, &(0x7f0000000480)=[{0x5c, 0x76, 0xb, 0x4a10}, {0x3ff, 0x68, 0x6, 0x7f}, {0x7, 0x4, 0xd8, 0xffffffff}, {0x401, 0x9, 0x5, 0x80000001}, {0xfffe, 0x0, 0x2, 0x4}]})
ioctl$TIOCL_SELLOADLUT(0xffffffffffffffff, 0x541c, &(0x7f0000000500)={0x5, 0x8, 0xfffffffffffff800, 0x2d0, 0x3}) (async, rerun: 64)
ioctl$AUTOFS_DEV_IOCTL_PROTOVER(0xffffffffffffffff, 0xc0189372, &(0x7f0000000540)={{0x1, 0x1, 0x18, <r5=>r0, {0x7fff}}, './file0\x00'}) (rerun: 64)
getsockopt$CAN_RAW_FD_FRAMES(r5, 0x65, 0x5, &(0x7f0000000580), &(0x7f00000005c0)=0x4) (async)
lsetxattr(&(0x7f0000000600)='./file0\x00', &(0x7f0000000640)=@known='trusted.overlay.metacopy\x00', &(0x7f0000000680)='#.}{\x00', 0x5, 0x3) (async)
r6 = openat$cuse(0xffffffffffffff9c, &(0x7f00000006c0), 0x2, 0x0)
read$FUSE(r6, &(0x7f0000000700)={0x2020, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}, 0x2020)
ioctl$TUNSETTXFILTER(r5, 0x400454d1, &(0x7f0000002740)={0x1, 0x7, [@empty, @local, @remote, @multicast, @remote, @local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x19}]}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000002780)) (async, rerun: 64)
timer_create(0x7, &(0x7f00000027c0)={0x0, 0x5, 0x2, @tid=r7}, &(0x7f0000002800)) (async, rerun: 64)
mq_notify(r5, &(0x7f0000002840)={0x0, 0x13, 0x4, @tid=r7}) (async)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000002880)={<r8=>0x0}, &(0x7f00000028c0)=0xc)
sched_setattr(r8, &(0x7f0000002900)={0x38, 0x3, 0x56, 0x81, 0x8, 0x6, 0x5, 0x80000001, 0xf8, 0x100}, 0x0) (async, rerun: 32)
setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r5, 0x84, 0x7, &(0x7f0000002940)={0x8}, 0x4) (async, rerun: 32)
setsockopt$inet6_IPV6_DSTOPTS(r6, 0x29, 0x3b, &(0x7f0000002980)={0x3b, 0x0, '\x00', [@pad1]}, 0x10)
r9 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000002a40)={0xa, &(0x7f00000029c0)=[{0x101, 0x6, 0x0, 0x3}, {0x0, 0x9, 0x4, 0x9}, {0xd3, 0x3, 0x2}, {0x8, 0x0, 0x3, 0x2}, {0x8, 0x8, 0x3, 0x4}, {0xda11, 0x2, 0x0, 0x7}, {0x8de, 0x0, 0x0, 0x1}, {0x1000, 0x5e, 0x1, 0x6}, {0x7, 0xe8, 0xc, 0x815}, {0x6, 0x9, 0xee, 0x5}]})
ioctl$SECCOMP_IOCTL_NOTIF_ID_VALID(r9, 0x40082102, &(0x7f0000002a80)) (async, rerun: 32)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r5, 0xc0189371, &(0x7f0000002ac0)={{0x1, 0x1, 0x18, <r10=>r5}, './file0\x00'}) (rerun: 32)
ioctl$PPPIOCNEWUNIT(r10, 0xc004743e, &(0x7f0000002b00))

5.555528324s ago: executing program 2 (id=4337):
syz_open_dev$ttys(0xc, 0x2, 0x1)
r0 = syz_open_dev$ptys(0xc, 0x3, 0x1)
r1 = dup(r0)
read$FUSE(r1, &(0x7f0000006c00)={0x2020}, 0x2020)
ioctl$TCSETSW(r1, 0x5403, &(0x7f00000002c0)={0x6, 0x800001, 0xd, 0x10003, 0x16, "b44600"})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x44, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_SRC={0x4}]}, 0x44}}, 0x0)

5.223559471s ago: executing program 0 (id=4338):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r2 = io_uring_setup(0x54a0, &(0x7f0000000000)={0x0, 0x70e6, 0x2, 0x2, 0xf2})
io_uring_register$IORING_UNREGISTER_IOWQ_AFF(r2, 0x12, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r2, 0x13, &(0x7f0000000400)=[0xe758, 0x8], 0x2)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0x7, &(0x7f0000000180)={0x1, 0x1, 0x8001, 0x1}, 0x10)
read$FUSE(r1, &(0x7f0000000880)={0x2020}, 0x2020)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7f, 0x20000006, 0x4d, 0x9, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x6, 0x8, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x1, 0x5, 0x5, 0xe661, 0x4, 0x7, 0x5, 0x8, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x7, 0x1, 0x407, 0x5, 0xfffffff7, 0x8, 0x4006, 0x6, 0x7, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x6, 0x9, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012b, 0x8004, 0x5, 0x6, 0x129432e2, 0x1, 0xf9, 0xe, 0x10, 0x6c7, 0x9, 0xfffffffc, 0x80000003, 0x203, 0x0, 0x5, 0x2f, 0xe, 0x312, 0xd, 0xea4, 0xa1, 0x4, 0x7, 0x7fff, 0x5a7c, 0x7ff, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x401, 0x101, 0x8, 0x9, 0x9, 0x47, 0x8000, 0x1, 0xfdffffff, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x9, 0x250, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x404, 0x0, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x0, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x2, 0x5, 0x8, 0x401, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0xdfe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x6, 0x40, 0x0, 0x7ff, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x0, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x7, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xffffffff, 0x80000003, 0x5, 0xfffffff9, 0xc8, 0x9, 0xfffff000, 0x7, 0x3, 0x7e, 0x100, 0x9602, 0x1ff, 0xaf, 0xfffffff9, 0x6, 0x226, 0x5, 0x7, 0x8, 0x30b1d693, 0xa21, 0x1000f40, 0x5, 0x1, 0x6c1b, 0x0, 0x4, 0xffef, 0xb1e, 0xd7, 0x200, 0xffff3441, 0x40fff]}, 0x45c)
request_key(&(0x7f0000000480)='big_key\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000100)='\\\\@}\x01\x00\x00@\xf5\xe2\xdbE\xc0P\x02\xe0\xf2\xaa\xe6\x00\x00\x00\x00\x00\x00\x00\xd0\xa1B\x80\xd3\xcc\x06D\a\x00\x00\x00\x00\x00\x00\x04)\'\x03t\xcd\xe8\xd0u\x01\xff\x01\xd1', 0xfffffffffffffffe)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000900)='/proc/keys\x00', 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
read$FUSE(r4, &(0x7f0000000940)={0x2020}, 0x2020)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
openat2(r4, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000240)={0x10000, 0xa0, 0x23}, 0x18)
sendmsg$inet(r5, &(0x7f0000001200)={0x0, 0x0, 0x0}, 0x0)
r6 = socket$kcm(0x10, 0x100000000002, 0x4)
sendmsg$kcm(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)="39000000140081ae00002c000500015601618575e285af0180000000171300883795c04a31ba377a1b2cc32b38d3740000ffffffffffffffff", 0x39}], 0x1, 0x0, 0x0, 0xc00e}, 0x0)
unshare(0x2040400)
ppoll(&(0x7f00000000c0)=[{}], 0x1, 0x0, 0x0, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000001240)={'wlan1\x00', <r8=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r7, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000040)={0x1c, r0, 0x1, 0x71bd25, 0x3, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}}, 0x4)

5.222567957s ago: executing program 4 (id=4339):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x1, 0x2, &(0x7f0000000280)=ANY=[@ANYBLOB="8125bf008000000018"], &(0x7f00000000c0)='GPL\x00', 0x7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7}, 0x94)

4.977816976s ago: executing program 4 (id=4340):
r0 = socket$inet6(0xa, 0x1, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff00000000000109022d000100000000090400001503000000092140000001220f00090581", @ANYRES32], 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x48e80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x200)
ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f0000000000)=0x3)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_IRQCHIP(r3, 0x8208ae63, &(0x7f00000003c0)={0x2, 0x0, @ioapic={0xe89b1ba254ccdb64, 0xb5, 0xa9c1, 0xeffffdff, 0x0, [{0x0, 0x80}, {0x9, 0x5, 0x0, '\x00', 0x10}, {0xfc, 0x4}, {0xfe, 0x90, 0x3, '\x00', 0xff}, {0x8, 0x2, 0x5, '\x00', 0x9}, {0x0, 0x60}, {0x0, 0x85, 0xbe}, {0x0, 0x6, 0x2, '\x00', 0xb9}, {0x0, 0x6, 0x0, '\x00', 0xff}, {0xc, 0x4, 0xfe, '\x00', 0x42}, {0x0, 0x2}, {0x4, 0x50, 0xb}, {0x2, 0x0, 0x31, '\x00', 0x3}, {0x1, 0x4d}, {0x2, 0x2, 0x4, '\x00', 0xfe}, {0x0, 0x3}, {0x1, 0x0, 0x4, '\x00', 0x4}, {0x0, 0x0, 0x0, '\x00', 0xdd}, {0x1, 0x3, 0x7, '\x00', 0x6}, {0x80, 0x0, 0xe, '\x00', 0x7}, {0x5, 0xe5}, {0x0, 0x40, 0x0, '\x00', 0x70}, {0x1, 0x0, 0xfe, '\x00', 0xe}, {0x10, 0x83, 0xe, '\x00', 0xf4}]}})
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000180)="96bc", 0x2}], 0x2}, 0x40010)
r5 = syz_usb_connect(0x0, 0x24, &(0x7f0000000680)=ANY=[@ANYBLOB="12010000cf8bed20d90f21004029000000010902120001000000000904"], 0x0)
r6 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000001c0), 0x101540, 0x0)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r6, &(0x7f0000000040)={0x10000010})
ioctl$SNDCTL_SEQ_RESET(r6, 0x5100)
syz_usb_control_io$uac1(r5, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000380)=ANY=[@ANYBLOB="201101"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r5, &(0x7f0000000280)={0x14, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0003470000004703208485b90bf9988894c0d6eb1b05f6f544c279df59995139a14e3136c508a4"]}, &(0x7f0000000500)={0x34, &(0x7f00000002c0)={0x0, 0x5, 0x82, "37d97757f071c8d0494b7293ad51c43df3075d0a16b144b5fc421295293c9e91722a0d65dbdb08f830710e945adc3eaf96da9f8b8fab23b79c4b2075c6630609e22e177181038c3f1778afb031f40c270dfc101a86da19be6b147eff8b5884040fab761a8f26df2c144c5a1285dbadcced7369b79e96e04aa592ced0446e166559c4"}, &(0x7f00000003c0)={0x0, 0xa, 0x1, 0x81}, &(0x7f0000000400)={0x0, 0x8, 0x1, 0x4}, &(0x7f0000000440)={0xc0, 0xa1, 0x4, 0x7}, &(0x7f0000000480)={0x40, 0xa0, 0x4, 0x7}, &(0x7f00000004c0)={0xc0, 0xa2, 0x2f, "62df5fb6002862f4c0681446fe3b9413c27ed94b899765fcb937537bb2bba44fc634f806a93be684f7f222b8e84040"}})
syz_usb_control_io$lan78xx(r5, &(0x7f0000000200)={0x14, &(0x7f0000000100)={0x40, 0x22, 0x10, {0x10, 0x10, "5e3ea67e86daacee98455f2af9ac"}}, &(0x7f00000001c0)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x3401}}}, &(0x7f0000000640)={0x34, &(0x7f0000000240)={0x0, 0x5, 0x7, "c399f0aa87c3b4"}, &(0x7f0000000280)={0x0, 0xa, 0x1, 0x4}, &(0x7f00000002c0)={0x0, 0x8, 0x1, 0x51}, &(0x7f0000000300)={0xc0, 0xa1, 0x4, 0xad08}, &(0x7f0000000380)={0x40, 0xa0, 0x4, 0xf5}, &(0x7f0000000600)={0xc0, 0xa2, 0x2f, "a3c340baccf390331ee3948bdef2bbff35073a1b279e5f6031a5d7f62ceac7b0c501a35ae77f5c4112e065b552e123"}})
getsockopt$sock_buf(r0, 0x1, 0x1c, &(0x7f00000006c0)=""/192, &(0x7f0000000780)=0xc0)
r8 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r8, 0x501c4814, &(0x7f00000000c0)={0x2})
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x20, 0x9, @ipv4={'\x00', '\xff\xff', @local}, 0x8}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x3, 0x100000df, @private2, 0x80}, 0x1c)

4.830017685s ago: executing program 1 (id=4341):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x19, 0x0, 0x0)
sendmmsg$inet6(r0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
landlock_restrict_self(0xffffffffffffffff, 0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsconfig$FSCONFIG_SET_BINARY(0xffffffffffffffff, 0x2, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
openat$vimc0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sched_setattr(0x0, 0x0, 0x0)
unshare(0x24020400)
r3 = creat(&(0x7f00000016c0)='./file0\x00', 0x40)
r4 = add_key(&(0x7f0000000200)='id_legacy\x00', &(0x7f0000000240)={'syz', 0x2}, &(0x7f0000000440)='\a', 0x1, 0xfffffffffffffffc)
keyctl$KEYCTL_WATCH_KEY(0x20, r4, r3, 0x7a)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000200000a88000012060a010400000000000000000a0000050900010073797a31000000005c000480580001800a000135664000696e6e657200000048000280080004400000001724000580090001006d6574610000000014000280080001400000001608000240000000100800034000000002080002400000008408000140000000000900020073797a32000000001400000011000100000000000000000001394a8f713c089ff26c9a9f27ae4654959bd3104e3e0d773b75ec6378cd2477152e101cd476274797a148cc5d24319e09f15dc090ec9dc79670243f380fd11b6320c6af0bac64bec88a5ba9da776a49460443c5e996f0f8a42912f3"], 0xb0}, 0x1, 0x0, 0x0, 0x8890}, 0x24000000)
r6 = socket$inet(0x2, 0x80000, 0x80000)
setsockopt$inet_tcp_int(r6, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x7a, 0x4)
r7 = syz_open_dev$video4linux(&(0x7f0000000740), 0x5, 0x0)
ioctl$VIDIOC_SUBDEV_G_FMT(r7, 0xc0585604, &(0x7f00000001c0)={0x0, 0x1000000, {0x28, 0x64, 0x2025, 0x5, 0x1, 0x0, 0x1, 0x4}})
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$SO_ATTACH_FILTER(r6, 0x1, 0x1a, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0xe4}]}, 0x10)
sendto$inet(r6, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
migrate_pages(0x0, 0x1fc, &(0x7f00000002c0)=0x7, &(0x7f00000003c0)=0x20000000000005)

4.798397654s ago: executing program 5 (id=4342):
eventfd2(0x5, 0x2)
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[], 0x7c}}, 0x8000)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000210000000000000000000000000a6c000000160a3f360000000000000000020000000900010073797a30000000004000038008000240000000002c0003801400010076657468305f746f5f626f6e64000000140001007665746830000000000000000000000008000140000000000900020073797a300000000014000000110001"], 0x94}}, 0x8000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'bridge0\x00', <r2=>0x0})
setsockopt$sock_linger(r0, 0x1, 0x3d, &(0x7f0000000080)={0x1}, 0x8)
sendmmsg$sock(r0, &(0x7f00000072c0)=[{{&(0x7f0000000280)=@xdp={0x2c, 0x6, r2, 0x34}, 0x80, 0x0, 0x0, &(0x7f0000002800)=[@txtime={{0x18, 0x1, 0x3d, 0x2}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}], 0x30}}], 0x1, 0x8840)

4.701935667s ago: executing program 5 (id=4343):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000040))
socket$pppoe(0x18, 0x1, 0x0)
socket(0x2, 0x80805, 0x0)
pipe2(&(0x7f0000000180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4880)
r3 = socket$packet(0x11, 0x2, 0x300)
syz_usb_connect$uac1(0x5, 0xa4, &(0x7f0000001200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2405000005000000000000000c240000e9fffff5ffffffff092403f3", @ANYRES8=r2, @ANYRES64=r3], 0x0)
r4 = ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r2, 0x4c81, r4)

4.497867594s ago: executing program 2 (id=4344):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000001700)=[{{&(0x7f0000000e40)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001400)=[{&(0x7f0000000f40)="3b8cdf123843ef7738146fd3d2c93e08a17543c8190fee51961db120c4da14a3d13a8942ee58f9326bfee40626eca588de67647a5b52dd14303de6b3aa4939454ba921baaab43708f3bf9707b63753f5f1b3bde2ffebcb9cb69da4a06847d56986ffa468475b520cda61d09e0e1011a323a9f03ddde1bb75c44572778ff9317c71ad038be352f8fd48b7a12387adaf27ed3f954d06625f3151f6a530292d599fe8a557239fe884301ead1f48e93e0b01ba38caa44b314cb57c07505f2aeb04d0f8", 0xc1}, {&(0x7f0000001040)="e9528163d321f9d061dd42275421fd59ac719473f8eadf3f528fda380351526a0e0233569ca05309910c198ef6d56d18fc7fd7340f1e402799c4d365950f9a7d5e47899f3f4ac8fdecd2d382882eb62a8036622d69d91f9e5a67b59c9bc20faedfc6aa2aa2c3d193f01838eddf26e9ab1ea714df1dcae552e952a2855fcb4ca6d27dda0d6baee390eece63916347143ecfca111bb5b34ecd00aea0623badc4862d9e521224125572cb08c5d5c45ae814e80f42cb4423deee5dfc0275d2ce", 0xbe}, {&(0x7f0000001100)="9525553b553efd487adb9a372824d9f715159b0211aa22f38244adef5ce582ac167db8ed79a83bfb86e30765c6ba8e91eaf3fbfd69c6c7ed69eafb6210b4fa1999fba40645be3670b98361b984db93cdad6e309988a6a933381955e7c1e267ec3ecefa9435c10417aab65ffafa1f8cc8c43731b76580ed202b8c6d1ed2c05ae872aee49ae997bea997d87c17c95a129bcaa4637c972f54fc616f2ec3afd510d96ee16c5e31749605154ae69dcfca0ffa873bdf5332b1d9ab7bb7c1584c707a42aeae71906590d815201134c8d4b93dc42d9df888", 0xd4}, {&(0x7f0000001200)="51978f9f1e43594c82be414a2f258620973fb641d77f75dd951cf0e92fd632194ce0ac970f4e9cd76de242aec9282904da0285e0dc36483d9bb1a955922209e94781bf264358e3ce8e2e1e095a9918605946773561ac3fe46d77b2335591191082d1ef6a070a2e02eae4f6ce5ccd07d5d8fe0d0da5524e91dcd50ebfea79bc4d30a135f40ebc10bfe5c5abb6e73aab2d56e25f06947c0ee8ca4b6f20f13a65ea3171499f0451", 0xa6}, {&(0x7f00000012c0)="4cf555ded7ad692c2c2d47a5e9760b8b34282aebea49c1aaae67d059958743641d2d7785756791323f89c44fc10881816ee2d9563d70c625df4d4d38ef39d9112dddd880a73b43e5c409ae96c5646cfa1ae2be90d08d2a9de985a744635117854ecddc4351c57779241a17cdd56eda83e5ecab234f", 0x75}, {&(0x7f0000001340)="4ddc5103e72e54a43f4692ac0169223285cd8bbef8f9ba7e81c16078af7b12577c88e5ab29dd1bba76bf140376b3f7b7ab12236d5797b2989f49d3bca967190ef9a9b3e225326d83c08ad646ab03e51948a6b4c4f01f17122caf3af13abb64d2da73dfdc879b2226012a4a15287605c80b3b6c1d339507d5fb60adc8915d9eaf9a904e637affbafe", 0x88}], 0x6, &(0x7f0000001880)=[@cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [r0, r1, r0, r0, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x34, 0x1, 0x1, [r0, r1, r1, 0xffffffffffffffff, r1, r1, r0, r0, r1]}}, @rights={{0x10}}], 0xf8, 0x44010}}], 0x1, 0x44011)
recvmmsg(r0, &(0x7f00000000c0), 0x0, 0x10120, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0xc, 0x0, 0x3}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000300)=ANY=[@ANYBLOB="b7000000001f0000bfa30000000000000703000018feffff620af0fff8ffffff71a4f0ff00000000ae04020000000000be400300000000006504030001ed00007b130000000000004d44000000000000630a00fe000000007933000000000000b5040000000000009500000000000000023bc065b7a379d17cf9333379fc05000000912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50bec919bc461e91a7168c5181554d1b583c587e436fe275daf51efd601b6bf01c8e8b1b526375ec5dd6fcd82e4fee5bef7af9a0200000000000000e3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f645679c294392cf538b07ce2646cb7798b3e6440c2fbdb00a3e35208b0bb1d2cd871c5548930be3835f2554b4a28610643a98d9ec21ead2ed51b104d4d91af25b84550a7925c3109b151b8b9f75d80000000eda88c658d42ecbf28bf7076c15b463bebc72f526d8e4a9e231d512381e7a78afcb913466aae7f6df70252e79166d858fc152b659da074e1320060d0b11008e59a5923906f88b53987ad1714e72ba7a5b74f0c33d39000d06a59ff61622cfd9aa58fe8d485ae2c0cc65c2a36aaec2477584b6a89adaf17b0a6041bde4cc3ed54d27f777e92b87496e6649cf728d236619074d6ebdf098bc908c423d228a40f9411fe7226a40409d6e37c4f46756d31cb46761bade70063e5291569b33d21dae356e1c51f03fb8a63e089679216da18de0ae564162a27afea62d84f3a10746443d64364f56e24e6d21053d901204a1deeed41556175cbd4041b7d301bcb72652d950ad31928b0b093778b68e2e9853c02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f98928d5e9b94ff9ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cff538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595bcf50ab32d710b651f898ba749e40bc6980fe78683ac5c0c31030699ddd71063b59261b2e1aab1675b34a220488c126aeef5f510a8f1aded94a129e4aec6f8c3a13596c2ea3e2e04cfdce669e51731b2875353193f82ade69d0540059fe6c7fe7c00fb7502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abd47b64a1b304502dda787343ce3c95300000000010000003baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022af46667cf25c5d3038816106dec28eaeb88343261a48a18f562ae00003ea96d10f172c0374d6eed82641687f3b3a70bfeff59d54d1f92ecc4e95dd2d18383117c03987d198899b212c55318294270a1ad10d30fef7c24b78b29d83238273f4fc87afce829ba0f85da6d888f18ea40ab959f6074ab2a4009b9e5f07ab513cdc6c0e57fb1c1ca571380d7b4ead8eaf68b0c5dda0467d35a3807000000b702396df7e0cbe02b6e4114f244a9bf93f04beb72f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ea1e717d29135753208165b9cdbae037f315c7d951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d7012c1b45f6ada1ee7baa5b6a686b50f09b7f778af083e055f6138a757ebd0ed91114a6b244f9acf41ac4d73a008364e0602a594817031fc2ff2c32a1989e00f52f8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a9037d2283c42efc54fa84323a3c3e6e4fd2e016820f78b796a825b3dad9ce7b37507e0b83c3ecd01549bca6a016b3e18a00c748894dc3bfe5efda8b0a477d6a6562fdee45eb16e276dee992094ba9830f6c164179e7d532d86060bea930118d3cae1b8f916b9671b7000000000040f4bee5ad2dea2d14e195265504c05bba38b095e1679f96ddef65ba5de9c8cfb6465ae4165c0689a314a6eb6b36aa705b957edef3035e14b879d4e7dc00624708042e00bf9a7f7ae5f308744770759558e4fcb99c0dc957521ef255362bf2f3966f3754e81fb9bdef22c19f5a49147b85343f9f36bcda9f64b7a5c5b2f5452f5b1de02e6f15c5640bf89d4a74d51dc233dee628c1dfbb5566b98478c174b34eb234481547e484c6af101396b6977dd668b401391c1dc54f2edccf1cabe6be9868d383eb937efdfd9ade018106f544f04fc07ad525497f65fbad3cf145396acf3b0d38e6b46e28d86880fd6f62c373000000000000000000005d194c27cd4d8f6727de79be80fb4493a0ee2e85f59c71dc84311c0f1fb6c87081c7be9355288610c32c2d8c18bf2027212182903687f48262aea54c5f8a315c9aa4a5af1aa2c4007d1baae38c270012b7eb9411ae451204dba30f8321b07a18db97c3e0cf6a15170e515b1cc463a67a5b2b23ec5662ccfa898b8d5075647bdfb390cde56efb8fd42df12c5c8f66bdc58449ec2b38bf12f5f0a49dcbcf4e6f11c47d23fa34793a0000a1cbb1e06e9a8d2449451d7a05ec0a0d3c9716f505ddeba488c60ebf44cac05c2739694359c925148137376dd3f1330ed0e9211f73ee279cc0b5c298422395ce438f48a39ff569375e609f9e904aacc3d8011326d5e4d654c74501cf16bbf72d3984f9b4ef000000003a8a3d49fc837001e4622e58e3a4ef6b55a8dd0680d951cdb6e54ed92a9a6a0e5e494b7b7b0ef4b4bafc5d964551b2a22bfd12b0761ef07a103e51e84917ee44f860b9785e264343f6a80e9318edecf73df6940856cd56c56eb3831445833c701044aaa49439a44a624267580b3c0980d7f87437bf498f6e1915450400000000000000564a02552c0a5fedbcf4da0db6ed03b9dbc224ee76d20aaf1ac74bcb7eb6f202209e64cc4d130dcf6ab3df8ae4911deb4bb5c7df97fc348d151e834be73915f854272f69d88123f666448b6a8e73322b04fffea9cc05e4129debf311c73b4d1a244b1e5b9943028745a0b6477686740ab877315e35624d791e6f71adb1acd3e22cf472ff7e048b16c11c84da9a3b16b92665912132a4dba680052919c20e191311d8092a09f3c609823fed1bd651ce1c34de105790ba2ca3afa26647f66efbf97b109e7226c74e32beb14ff3fd6918e255fc9b42f86b0188cf885afcc9bb77a7fc3ca7ec1015af494add960f8a11422ca005f24006867cd156e0350022943e301b2c07f4d37d07b05ac2fa1f1d5a0d6eb7e992b076bd77509c26034d2a740d578476410b413591884136259693effaf27e7bcfb58efa92625fb9bd68ecca42047f6e7d24b0446ea16a310073c163d1c6aa3ba1fe76b4e88d5f98cc05c6d033e2c28b4990892230d6b4e5c083a601a25145eb22f4f77313117f8147810d95c64fb78b0a000000000000000000000000e92ba8b066e4bd82bb6003d5da8791d838bcd6eefb13000000000000000000000000000000b652ff6fbad82da75114742bc6a27cba894ef490531be709a3a3c81b267dfafa55e6f855200b4e7518682c30f40808cd5bb8f00beb63b4989cc01d8e75a182337b9f9e08430ccec9bda0134d07a9f54b60033182f5d2bb61fd130d65e68bf148d26470060c707a8cf750ca954ee63c78cd975c7f565783383f02edcb7ce4a9ed0c511d18fe32352276d72eefe0d566f97ccae16b3492f60b96574aac4f1862fb6e4932c181dbf8c68ca16b765de9edba0bf5bfb9c4950d19c0bc31db02f374ce62141160436639d4b6cb0033a47ffdc54d55f1136743b1b26946f200000000000000007590ab8f29c7accd9d11786c4ca1271cd2293b572f14a3dfcaa3467f2783fc09e3eee3fa4b82b7b6ce904e05fa797a2f7ff63e4f874bd870821f6460904e05d7a3f8295a9a5fd21e3587b9d9e878c86ba9b66c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000080), 0xfffffffffffffdbb}, 0x48)
socket(0x10, 0x3, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580), 0x200, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000600)=@newlink={0x30, 0x10, 0x1, 0x70bd28, 0x25dfdbf9, {0x0, 0x0, 0x0, 0x0, 0x48815, 0x3}, [@IFLA_TXQLEN={0x8, 0xd, 0x1}, @IFLA_GROUP={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x40801}, 0x4000000)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)=@newlink={0x30, 0x10, 0x1, 0x70bd25, 0x25dfdbf9, {0x0, 0x0, 0x0, 0x0, 0x48815, 0x40003}, [@IFLA_GROUP={0x8}, @IFLA_TXQLEN={0x8}]}, 0x30}, 0x1, 0x0, 0x0, 0x46801}, 0x4000000)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_open_dev$mouse(0x0, 0xe046, 0x202000)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000001480)={[{0x9570000, 0x3, 0x0, 0x0, 0x85, 0x1, 0xff, 0x2, 0x6, 0x9, 0x47, 0xf, 0x100000001}, {0x9f83, 0x7, 0xe, 0x5a, 0x0, 0x3, 0x9, 0x81, 0x7, 0x5, 0x6, 0x3, 0x6}, {0x6, 0x1005, 0x81, 0xa, 0x16, 0x1, 0x9, 0x4d, 0xf, 0x98, 0x1a, 0x1, 0x8}], 0x3})
r6 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
sendfile(0xffffffffffffffff, r6, &(0x7f00000000c0)=0xfffffffffffffffa, 0x0)
ioctl$DRM_IOCTL_MODE_LIST_LESSEES(0xffffffffffffffff, 0xc01064c7, &(0x7f00000002c0)={0x0, 0x0, 0x0})
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
io_setup(0x2cf, &(0x7f0000000280)=<r8=>0x0)
io_cancel(r8, &(0x7f0000000ec0)={0x0, 0x0, 0x0, 0x6, 0x7, r7, 0x0, 0x0, 0xcf, 0x0, 0x1}, &(0x7f0000000f00))
setsockopt$IP_VS_SO_SET_ADD(r7, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'lblcr\x00', 0x10, 0x8, 0x11}, 0x2c)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

4.273446948s ago: executing program 0 (id=4345):
socket$key(0xf, 0x3, 0x2)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}], 0x1}, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANE(0xffffffffffffffff, 0xc02064b6, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="58000000020605000000000000000000000000001400078005001400090000000800124008001f000500010006000000050005000200000005000400000000000900020073797a31000000000c000300686173683a6970"], 0x58}, 0x1, 0x6000000}, 0x0)
setsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffffff, 0x84, 0x77, &(0x7f0000000000)={0x0, 0x6, 0x1, [0xfffa]}, 0xa)
r2 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/fs/cgroup', 0x0, 0x0)
ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000200)={'geneve0\x00', 0x800})
getdents(r2, &(0x7f0000000580)=""/39, 0x27)
bind$inet6(r2, &(0x7f00000001c0)={0xa, 0x4e23, 0xfc8, @remote, 0x8}, 0x1c)
getdents(r2, 0x0, 0x0)
ioctl$MON_IOCX_MFETCH(r2, 0xc0109207, &(0x7f0000000180)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0xe})

4.106777211s ago: executing program 0 (id=4346):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = msgget$private(0x0, 0x3a9)
msgctl$IPC_STAT(r1, 0x2, &(0x7f00000007c0)=""/34)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000003c0)={<r2=>0x0, <r3=>0x0, <r4=>0x0}, &(0x7f0000000400)=0xc)
msgctl$IPC_SET(r1, 0x1, &(0x7f0000000840)={{0x2, 0xee00, r4, r3, 0xee01, 0x0, 0x80}, 0x0, 0x0, 0x80, 0x0, 0x10, 0xfffffffffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1, 0x0, r2})
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
rseq(&(0x7f00000004c0), 0x20, 0x0, 0x0)
r6 = openat$nullb(0xffffffffffffff9c, 0x0, 0x123a02, 0x0)
pwritev(r6, 0x0, 0x0, 0x7, 0x1)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_READY(0xffffffffffffffff, 0xc0189376, &(0x7f0000000080)={{0x1, 0x1, 0x18, <r7=>r0, {0x7fffffff}}, './file0\x00'})
r8 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000640)={<r10=>0xffffffffffffffff}, 0x106, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r8, &(0x7f00000001c0)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0x8, @local, 0x4}, {0xa, 0x4e21, 0x8, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x74}, r10, 0xfffffffc}}, 0x48)
syz_open_dev$video(&(0x7f0000000700), 0x15, 0x2020)
r11 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
ioctl$TUNSETIFF(r11, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r12 = socket(0x400000000010, 0x3, 0x0)
r13 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r13, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r14=>0x0})
sendmsg$nl_route_sched(r12, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r14, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r15 = socket(0x10, 0x803, 0x0)
r16 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r16, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r17=>0x0})
sendmsg$nl_route_sched(r15, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000001c0)=@newtfilter={0x68, 0x2c, 0xd27, 0x70bd2a, 0x8000002, {0x0, 0x0, 0x0, r17, {0x0, 0x6}, {}, {0x7, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0x38, 0x2, [@TCA_BASIC_EMATCHES={0x34, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0xffff}}, @TCA_EMATCH_TREE_LIST={0x28, 0x2, 0x0, 0x1, [@TCF_EM_CMP={0x10, 0x1, 0x0, 0x0, {{0xff, 0x1, 0x8001}, {0x8, 0x6a6, 0xffff, 0x5, 0x2, 0x2}}}, @TCF_EM_CONTAINER={0xc, 0x2, 0x0, 0x0, {{0xffff, 0x0, 0x7540}}}]}]}]}}]}, 0x68}, 0x1, 0x0, 0x0, 0x24008004}, 0x0)
writev(r7, &(0x7f0000000580)=[{&(0x7f00000000c0)="ef925ad79d7d27418be5def0eeef0d1844bc3e5afd4fc5cdd32a2c8654f753c5964f6454345bb217186bfc4d01517cab78fb", 0x32}, {&(0x7f0000000180)="3f7644ee3125687a08861c78b1f65853c465fedf328c44579eb8c98a078a5a246cd3d14324c6a2fb6e7e4ff4c4d44d9e941f4e915ed972edf4370bacf4c1a156a9eaaedacfdad6814984f4e3a4b99a527c3f51a654aae050bd7596c28f6a083a1b568504b35f0f8582534034e085e4689e6d17daebbf81b691794fda59936f244b940cc31ee1c0e53889040b", 0x8c}, {&(0x7f0000000240)="b6f99e0abe347c58b004a843a690d7d1327114e5c6de0c61a476e433c47d462eea1d47052259db8b3c6c4bb5eb52bc", 0x2f}, {&(0x7f0000000280)="fbb72a211977422502", 0x9}, {&(0x7f00000002c0)="b772dc7f7c21d3effdb9f7570c49be2c56528c282b3b82c88e40e116bd89270a74da07aa562bddb70f68b4dbd5671783b3e1126156a29ea231cb01857967dd855d5550ac2e12f76202d7be12de5126dea1f2181d68f30fe506240ecd29782a772046c82afd91ac0a299efe1d18c3882230e61ae84df8027d8e14f996b5f1f9cc75ede2dfda6ef60e15070bd86cd20c5423d857ca51354a4181e74fa4043e6043fc37abd8d8be3521d4bbf6ac8da660efcde9b176b6a4f2ad5bae878d95f484ec0280a98dee376b21181d6b5d992f249fa8d4d482f5044c51ff9c0a92236f4c7f94f4a0cfb06971fca8", 0xe9}, {&(0x7f0000000440)="4f62a36da4ac", 0x6}, {&(0x7f0000000480)="4ad96d206f996a790c6bd2d0d399445254d00efd393ee8ed3b2d7107aa21e8d2334da73b271781f0d2bc899236a8f255a72f063565eda55810917232223ecfe587fedb568cf5165227d5821fcfd4f57bb829f0f7b4d0c6d7689c7ab9323f796ba57bc8a66c1d5f44cee381b53f6f3f5ff4d8eed6f5131ce66e3569d21e958ef7d0bbd8917d9551e2ae13ec766441ccff6564fecb8f6676412dec4434022d5823c89f1c768f1091f5e58303ad779cbcc93068d785d985076d8e45eb9d21a37ea91ce2fcc3cf2974fb816b343c6b7dd0c44702cb1f49a3bf9941e8468d5829943cc90746f89966ef517dd4dd3afa5113d39c58f6324f5a8029", 0xf8}], 0x7)

2.911216723s ago: executing program 5 (id=4347):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, 0x0, 0x0)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000540)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000040)={0x1c, &(0x7f0000000000)={0x0, 0xd}, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$EVIOCGMASK(r1, 0x5b03, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000040), 0x2, 0x2a803)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r2, 0xc10c5541, &(0x7f00000003c0)={0x2, 0x100004, 0x20})
keyctl$KEYCTL_PKEY_VERIFY(0x1c, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='enc=oaep hash=blake2s-224-generic\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\"\x00\x00\x00\x00\x00\x00\x00\x00\x00'], 0x0, 0x0)
r3 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f00000002c0)="c633c3b6ccb0aaba4a9598afb6de3218289f118157aa73dc545efbdd923c5e5d52183c380dfbda11e4f3c16c7709736269576c4395fed2a03062be4261deb1bb5493677795481b0deae8587d5cf768bcfc9dfa70efd87a639ae62bec9b74a061e39ac5f6e88ecd4703149871157603bf62ca40aa4e25a4ed25a76179b3d4", 0x7e, 0xfffffffffffffffe)
keyctl$read(0xb, r3, 0x0, 0x0)
keyctl$KEYCTL_PKEY_DECRYPT(0x1a, &(0x7f00000001c0)={r3, 0x77, 0x85}, 0x0, &(0x7f0000000200)="5e35676c15d51695bf82921d966d8be37982c1a9ae0239ac5fd3ac80f1e1c42c94fd5639b2b22913ae04244c952b1b34be947095145585902a8bd330c89199e98207d80c0bcc6cc354215922c76d0008a4db7dd034c371551b7c08e2ccbbdfd5d5cfa0d5787d63df6fdc4637d3d7fb4c7b1a94ec50c015", &(0x7f0000000280)=""/133)
keyctl$KEYCTL_PKEY_QUERY(0x18, 0x0, 0x0, &(0x7f0000000080)=' hash=', 0x0)
syz_usb_connect(0x3, 0x24, &(0x7f0000000000)=ANY=[@ANYRES32=r2, @ANYRESDEC=0x0], &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x1, [{0xe8, &(0x7f0000000080)=@string={0xe8, 0x3, "a19c951a8514ce4aa0c4cd2f229c428d9b3601f11f74c6f13962b77d23066bff4e441d781708d45e9feb981fbf7fecbbdeda2196589403e94eed9851559f47438d21102be52849a950de6a89f4cd51f18c12016a23087f8ec47efa14b1de264ad50e6dde5b5f21bc8d164269c479c3d0a048c6f772acccde22b00595753de5ebf6c6391dbe936acfc21d072e92139339222eecd8e129443e5602bad1ca5df97f486aec56f9c74a1fbe661a2bc1f4f0cc12b9c09849420b7528bf516e74af0e4dd6fac1aaa5c3cf9cc49996b83326f07d12b729759f38bf7b5c6b314dc8f3245052ce30255de8"}}]})

2.750092445s ago: executing program 2 (id=4348):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
listen(r0, 0x5)
accept(r0, &(0x7f0000000080)=@can, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendto$inet6(r1, &(0x7f0000000000)='(', 0x1, 0x8000, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @loopback={0xffffffffffff0000}, 0x2}, 0x1c)

2.747868054s ago: executing program 1 (id=4349):
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x2, 0x0, 0x4002004c4, 0x1004, 0xffffffffffffffff, 0xc595, 0x0, 0x1, 0xffffffffffffffff, 0x2000000000000000, 0x80000004000000, 0x8d], 0xeeee8000, 0x2010d3})
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x500, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0xffffffff9673e35d]}})

2.657989399s ago: executing program 4 (id=4350):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000040)={0x0, 0x9, 0x200, 0x6}, 0x8)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), r1)
ioctl$BTRFS_IOC_QUOTA_RESCAN(r1, 0x4040942c, &(0x7f0000000100)={0x0, 0xfffffffffffffff3, [0xfffffffffffffc69, 0x4, 0x6, 0x1, 0x1, 0x3]})
sendmsg$BATADV_CMD_GET_DAT_CACHE(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x1c, r3, 0x83625fc5352ba305, 0x0, 0x0, {}, [@BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x9}]}, 0x1c}, 0x1, 0x0, 0x0, 0x15}, 0x0)
sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, r3, 0x4, 0x70bd26, 0x25dfdbfd, {}, [@BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xa9178e90}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0xfffffff7}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40091}, 0x0)
r4 = socket$l2tp(0x2, 0x2, 0x73)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000018c0)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000005c0)="b8", 0xffa6}], 0x1}, 0xa6}], 0x1, 0x4008440)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r4, &(0x7f0000000200)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x64}}, 0x10)
sendmmsg$inet(r4, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)
connect$pppl2tp(r0, 0x0, 0x0)

2.54510293s ago: executing program 4 (id=4351):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
openat$vicodec0(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x44, r5, 0x211, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x30, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e21}, @MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @loopback}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x44}}, 0x0)
sendmsg$MPTCP_PM_CMD_GET_LIMITS(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="94000000", @ANYRES16=r5, @ANYBLOB="04002abd7000fcdbdf2506000000050005000000000008000200020000001c0006800800060008000000060001000200000008000300ffffffff54000180080003007f0000010400fe80000000000000000000000000000000000000000000001206000100020000000800030064010102080006001f00000008001300e00000010000"], 0x94}, 0x1, 0x0, 0x0, 0x404c010}, 0x24040013)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, 0x0, 0x0)
r6 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r7=>0x0, &(0x7f0000000280)=<r8=>0x0)
syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r6, 0x47f6, 0x0, 0x4, 0x0, 0x0)
r9 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtaction={0x70, 0x30, 0x0, 0x870bd2d, 0x0, {0x9}, [{0x5c, 0x1, [@m_sample={0x58, 0x0, 0x0, 0x0, {{0xb}, {0x2c, 0x2, 0x0, 0x1, [@TCA_SAMPLE_RATE={0x8, 0x3, 0x5}, @TCA_SAMPLE_RATE={0x8}, @TCA_SAMPLE_PARMS={0x18, 0x2, {0x8, 0x4000000, 0x0, 0x1ff}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x5}}}}]}]}, 0x70}}, 0x20048000)
r10 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r10, 0x8933, &(0x7f0000000100)={'batadv_slave_1\x00', <r11=>0x0})
r12 = socket$nl_route(0x10, 0x3, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(r10, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r11, @ANYBLOB="08000100", @ANYRES32=r12], 0x90}, 0x1, 0x0, 0x0, 0x800}, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r9, 0xc01064ab, &(0x7f0000000240)={0x6})
socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt(r0, 0x1, 0x5, &(0x7f00000002c0)=""/60, &(0x7f0000000400)=0x3c)

2.369958968s ago: executing program 1 (id=4352):
openat$dsp(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
ioctl$KVM_SET_IRQCHIP(r2, 0xc208ae62, 0x0)
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb4c, 0x9, 0x6, 0x0, 0x3}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000800)=@newqdisc={0x90, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, 0x0, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0x4f}, {0x60, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1, 0xfc], 0x80, [0x8, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x4}]}}]}, 0x90}}, 0x4008804)
ptrace$getregset(0x4204, 0x0, 0x4, &(0x7f00000004c0)={&(0x7f0000000480)=""/21, 0x15})
mkdir(&(0x7f00000002c0)='./file2\x00', 0x0)
r4 = socket(0x15, 0x5, 0x0)
getsockopt(r4, 0x200000000114, 0x2718, 0x0, &(0x7f0000000040))

1.785916015s ago: executing program 2 (id=4353):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffb)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaa"], 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0xf, &(0x7f0000000200)=ANY=[@ANYBLOB="1800008080b63428e900"/20, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7020000000000008500000051000000bf090000f300000055"], 0x0, 0x7, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x6}, 0x94)
poll(&(0x7f0000000040), 0x55, 0x0)
r2 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x80}, 0x20004080)
write$binfmt_misc(r3, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000002c0)={r3, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd00b94e3d500007000000e0ff00000018000500", [0x0, 0x2000000000001]}})
r4 = socket(0x2b, 0x1, 0x0)
r5 = syz_io_uring_setup(0x110, &(0x7f0000001280)={0x0, 0xfad3, 0x0, 0xfffffffc, 0x2}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000100)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f00000000c0)=0x10001, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r4})
io_uring_enter(r5, 0xdb4, 0x0, 0x0, 0x0, 0x0)
vmsplice(r1, &(0x7f0000000a40)=[{&(0x7f0000000140)="afa63198c5600b55824939a413f97ae4da46194532f9e370fd64b8ce659bc134ab9f44dde3ee0c44e78b0b6729", 0x2d}, {&(0x7f0000000500)="99196facd4c0de1ec9132f40b1d5c89d3a4d04f7aad9e4ee0067e6a039a5f05230788859c099f0d67c73612dad6cd27d0f5219db1fb43ca55d874fed7eed878cbb8da38e27c09380a3e9bf045e3692e66da693b73ba538b134d6da5f4f0a67adc68e8744efd83318d67e51952b8258fbdf07ab4b97a827652cfdecd26e12f0db18bd880672eb1a4b042ae9d73906e9b22a6eba0c6a2b4d4d505e8aacfd0ba5614cf03f970bc6abf18e58863a355049f0498dd8086d641dded77c7ea2280c41a80b3d6ee52114ee1479f2de02cbe8", 0xce}, {&(0x7f0000000600)="0c6f4db4dae4524164f78a3796ac6d7fd927f4390a89b729b48151d457a955a5500ad754f8ed37ef03fa4f1a90dd723af82b61fde2a17f1b8936431b15332a2619c06df2fbced732c652aad12b186e12d8a96a009dfed53dcd246b655007145099e3c6ba475f", 0x66}, {&(0x7f0000000700)="ece7312f1c40f513f00ed3e911609da323efc03fb315f49eb7b1c341f3304466684f49395fcfd8ad16bd67372b5ee088153dcc0d1ee766b1b184aba9761df4b18fb6cbde218ea495a4c918f0410fcffb1a00130c14b744d178909492ead432923b2ae24f33229712a4c915144c367e0dd6bfed73d6ed72d3c702ed81c1c054dbbc0a83b2b6e37d74b0876a1d5edab9625b36f7598d9df3244d29750110841421692576b963d4b05cf2f093210949ba43c54e290cad581db29664963810", 0xbd}, {&(0x7f00000007c0)="08f68accc0bd1ba29958b4124e625ad5cd0c7f0bb2fa2fe702e646bb8af38a3f16348d888e94cee0f8c194cf1bd38639a77c9b9058c81543716ecb0bf3811e76713864e035e15a69de16c09db85cacfd8b5182f363c7df39f1d3fde02df9eba90b4ce47b0d4d2f644b8c72a15fbc4373a71a2412d7991cdda5c1974c252bc6c6294fe3bc5f4e5fef0b711e9b7ff39055df3c229d5c31e0be70c47d55959e961ee998ee9a98cf45e75f9f5127128dbdf1969a617536a1c82bc9df6f4dc5800d596c25c954219c7cf917b6db", 0xcb}, {&(0x7f00000008c0)="3ea570e88ddbad96eb29bf472f91828bd8a634ca48e835a65b7b2ac015904c14affdf8a22b606b8e426a685c1be16f5aa745efc25acf6df9485c49a12b41299e8969063d46d4bc0a4af4aa07bcd2f125ded977f519c0b3bd389dcd23fa34d004e66941e11c52e5f5a13e2eac9b78215d387ec3df1247fed8a23d37aa7954c31d36a0c8468f0d35da316541320faed4a760a74da5e260659e", 0x98}, {&(0x7f0000000980)="eeb69e5f488222ed266218a63366efd13d8840789183951d78453d80e972c547a55f962162f9eb318f9fead0afe743b6c5b97de2c4b07c3d116c3fde5145d0cc44ad8fb53342b90ea9d8a1af8c6efd9823e1445757f42641e0d4c0440f4fdfe931169aaca50922973933e73c884d2d7ec25f513e8f49cd5c3bc6ae69522b8ff2d83770a05186f2a647d65d9f7977d30cbe52ff647fa7eb28dbf2", 0x9a}, {&(0x7f00000001c0)="a0e734", 0x3}], 0x8, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r5, 0x18, &(0x7f0000000000)={0xfeffffff, r4, 0x3, {0x3b4, 0x9}, 0x6}, 0x1)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)

860.564483ms ago: executing program 0 (id=4354):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00221d1b95fa864d0fbbca8c84e9b21d32e820000000972313b309002d6a1a418fe9891d00b2d1f92a8fe0070800be0093000000001b0903"], 0x0}, 0x0)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0x862b01)
ioctl$EVIOCGRAB(r1, 0x40044590, &(0x7f0000000000))
ioctl$EVIOCGRAB(r1, 0x40044590, 0x0)

366.184482ms ago: executing program 5 (id=4355):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mmap(&(0x7f00000fe000/0xd000)=nil, 0xd000, 0x1000005, 0xd2952, 0xffffffffffffffff, 0xfffff000)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'xfrm0\x00', 0x800})
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000140)={0x10200, 0x0, 0x2000, 0x2000, &(0x7f0000ffe000/0x2000)=nil})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNSETSNDBUF(r3, 0x400454d4, &(0x7f0000000080)=0xa)
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x0, 0x2}, 0xc)
r5 = openat$vnet(0xffffffffffffff9c, &(0x7f00000038c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r5, 0xaf01, 0x0)
eventfd(0x80000001)
ioctl$VHOST_RESET_OWNER(r5, 0xaf02, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19}, 0x42)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r6, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r7=>0xffffffffffffffff}, 0x2, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r6, &(0x7f0000000100)={0x16, 0x10, 0xfa00, {&(0x7f00000010c0), r7, r6}}, 0x18)

339.458323ms ago: executing program 4 (id=4356):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x25dfdbfe, {{@in6=@private0={0xfc, 0x0, '\x00', 0x40}, @in6=@ipv4={'\x00', '\xff\xff', @loopback}, 0x0, 0x400, 0x0, 0x0, 0xa, 0x60, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0xb800000000000000}, {}, 0x1}}, 0xb8}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r3 = socket$key(0xf, 0x3, 0x2)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f00000001c0), 0x4)
sendmsg$key(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=ANY=[@ANYBLOB="020b000102"], 0x10}}, 0x0)
sendmsg$key(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000240)=ANY=[@ANYBLOB="0212000002"], 0x10}}, 0x0)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x0, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x40, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x9}, {0x0, 0x5}}}, 0xb8}}, 0x4000)

0s ago: executing program 4 (id=4357):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$EVIOCGRAB(0xffffffffffffffff, 0x40044590, &(0x7f00000001c0)=0x2)
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$vimc1(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000a40)={'ip6tnl0\x00', &(0x7f00000009c0)={'syztnl0\x00', 0x0, 0x4, 0x6, 0x4, 0x4, 0x31, @mcast2, @mcast1, 0x7, 0x10, 0xe03, 0x1}})
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000200)={'\x00', 0x401, 0x8, 0x1, 0x6, 0x5, <r5=>0x0})
fcntl$lock(r2, 0x24, &(0x7f0000000280)={0x2, 0x1, 0x0, 0x2, r5})
r6 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = fsmount(r6, 0x0, 0x0)
fchdir(r7)
r8 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
io_setup(0x202, &(0x7f0000000200)=<r9=>0x0)
io_submit(r9, 0x3b, &(0x7f0000000540)=[&(0x7f00000000c0)={0x25, 0x0, 0x0, 0x1, 0x0, r8, &(0x7f0000000000), 0x4000, 0xa00, 0x0, 0x2000000}])
r10 = socket$can_bcm(0x1d, 0x2, 0x2)
sendmsg$can_bcm(r10, 0x0, 0x0)
ioctl$KVM_UNREGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae68, &(0x7f0000000000)={0x2000})
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x1, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
syz_emit_ethernet(0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb86dd6000000000142c00fe800000000000000000000000000008000000000000000000000000000000002c000003", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="500000c1e94a0be7"], 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(r8, 0x4068aea3, &(0x7f00000002c0))

kernel console output (not intermixed with test programs):

00000000000000
[ 1023.483584][T19106] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1023.483595][T19106] R13: 00007fcd5bdd6038 R14: 00007fcd5bdd5fa0 R15: 00007fcd5beffa28
[ 1023.483627][T19106]  </TASK>
[ 1023.483807][T19106] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1023.488563][T19104] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1023.744583][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1024.494442][    T9] em28xx 3-1:0.132: Config register raw data: 0xffffffed
[ 1024.719034][    T9] em28xx 3-1:0.132: AC97 chip type couldn't be determined
[ 1024.740505][    T9] em28xx 3-1:0.132: No AC97 audio processor
[ 1024.758524][   T24] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[ 1024.773886][    T9] usb 3-1: Decoder not found
[ 1024.794739][    T9] em28xx 3-1:0.132: failed to create media graph
[ 1024.823734][    T9] em28xx 3-1:0.132: V4L2 device video103 deregistered
[ 1024.823828][T19120] netlink: 132 bytes leftover after parsing attributes in process `syz.0.3570'.
[ 1025.023546][    T9] em28xx 3-1:0.132: Remote control support is not available for this card.
[ 1025.046734][ T5987] em28xx 3-1:0.132: Closing input extension
[ 1025.088537][    T9] usb 4-1: USB disconnect, device number 92
[ 1025.117231][    T9] ldusb 4-1:0.55: LD USB Device #0 now disconnected
[ 1025.153250][ T5987] em28xx 3-1:0.132: Freeing device
[ 1025.158860][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1025.191978][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1025.219943][   T24] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1025.262872][   T24] usb 2-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00
[ 1025.297500][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1025.373755][   T24] usb 2-1: config 0 descriptor??
[ 1025.406934][T19128] program syz.0.3573 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1025.530678][T19130] loop2: detected capacity change from 0 to 7
[ 1025.767875][ T5987] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[ 1025.903423][T19130] Dev loop2: unable to read RDB block 7
[ 1025.956011][T19130]  loop2: unable to read partition table
[ 1025.962097][T19130] loop2: partition table beyond EOD, truncated
[ 1025.968430][T19130] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[ 1026.008264][ T5987] usb 3-1: Using ep0 maxpacket: 8
[ 1026.025275][   T24] hid-multitouch 0003:0EEF:72D0.001A: hidraw0: USB HID v0.00 Device [HID 0eef:72d0] on usb-dummy_hcd.1-1/input0
[ 1026.365841][T19146] binder: 19140:19146 ioctl 7ab 200000000100 returned -22
[ 1026.612018][T19150] FAULT_INJECTION: forcing a failure.
[ 1026.612018][T19150] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1026.628471][T19150] CPU: 0 UID: 0 PID: 19150 Comm: syz.4.3578 Not tainted syzkaller #0 PREEMPT(full) 
[ 1026.628490][T19150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1026.628497][T19150] Call Trace:
[ 1026.628503][T19150]  <TASK>
[ 1026.628508][T19150]  dump_stack_lvl+0x189/0x250
[ 1026.628527][T19150]  ? __pfx____ratelimit+0x10/0x10
[ 1026.628541][T19150]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1026.628554][T19150]  ? __pfx__printk+0x10/0x10
[ 1026.628569][T19150]  ? __might_fault+0xb0/0x130
[ 1026.628597][T19150]  should_fail_ex+0x414/0x560
[ 1026.628616][T19150]  _copy_from_user+0x2d/0xb0
[ 1026.628632][T19150]  ___sys_sendmsg+0x158/0x2a0
[ 1026.628648][T19150]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1026.628683][T19150]  ? __fget_files+0x2a/0x420
[ 1026.628693][T19150]  ? __fget_files+0x3a0/0x420
[ 1026.628709][T19150]  __x64_sys_sendmsg+0x19b/0x260
[ 1026.628729][T19150]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1026.628749][T19150]  ? __pfx_ksys_write+0x10/0x10
[ 1026.628762][T19150]  ? rcu_is_watching+0x15/0xb0
[ 1026.628777][T19150]  ? do_syscall_64+0xbe/0x3b0
[ 1026.628792][T19150]  do_syscall_64+0xfa/0x3b0
[ 1026.628803][T19150]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1026.628814][T19150]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1026.628825][T19150]  ? clear_bhb_loop+0x60/0xb0
[ 1026.628838][T19150]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1026.628849][T19150] RIP: 0033:0x7f92ef98eba9
[ 1026.628860][T19150] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1026.628869][T19150] RSP: 002b:00007f92f0855038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1026.628883][T19150] RAX: ffffffffffffffda RBX: 00007f92efbd5fa0 RCX: 00007f92ef98eba9
[ 1026.628892][T19150] RDX: 0000000020000050 RSI: 0000200000000300 RDI: 0000000000000003
[ 1026.628899][T19150] RBP: 00007f92f0855090 R08: 0000000000000000 R09: 0000000000000000
[ 1026.628906][T19150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1026.628914][T19150] R13: 00007f92efbd6038 R14: 00007f92efbd5fa0 R15: 00007f92efcffa28
[ 1026.628932][T19150]  </TASK>
[ 1027.512748][ T5946] usb 2-1: USB disconnect, device number 6
[ 1028.454396][ T5987] usb 3-1: device descriptor read/all, error -71
[ 1029.858043][   T24] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[ 1029.881494][T19200] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1030.042729][   T24] usb 1-1: Using ep0 maxpacket: 32
[ 1030.079942][   T24] usb 1-1: config 0 has an invalid interface number: 230 but max is 0
[ 1030.098268][   T24] usb 1-1: config 0 has no interface number 0
[ 1030.112626][   T24] usb 1-1: config 0 interface 230 has no altsetting 0
[ 1030.139191][   T24] usb 1-1: New USB device found, idVendor=0781, idProduct=0005, bcdDevice= 0.05
[ 1030.158470][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1030.184568][   T24] usb 1-1: Product: syz
[ 1030.201734][   T24] usb 1-1: Manufacturer: syz
[ 1030.220565][   T24] usb 1-1: SerialNumber: syz
[ 1030.242346][   T24] usb 1-1: config 0 descriptor??
[ 1030.323883][   T24] ums-usbat 1-1:0.230: USB Mass Storage device detected
[ 1030.546846][   T24] ums-usbat 1-1:0.230: Quirks match for vid 0781 pid 0005: 1
[ 1030.569259][T19207] loop2: detected capacity change from 0 to 7
[ 1030.608755][T19207] Dev loop2: unable to read RDB block 7
[ 1030.656047][T19207]  loop2: unable to read partition table
[ 1030.767665][T19207] loop2: partition table beyond EOD, truncated
[ 1030.774245][T19207] loop_reread_partitions: partition scan of loop2 (�被x������ ) failed (rc=-5)
[ 1031.044243][T19220] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3595'.
[ 1031.316302][T19223] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3595'.
[ 1031.819946][T19228] netlink: 132 bytes leftover after parsing attributes in process `syz.3.3598'.
[ 1032.614422][T19239] fuse: Unknown parameter 'g�d'
[ 1032.712985][   T24] ums-usbat 1-1:0.230: probe with driver ums-usbat failed with error -5
[ 1033.858544][T19244] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3603'.
[ 1034.074306][T13496] usb 1-1: USB disconnect, device number 96
[ 1034.263815][T19258] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1034.352695][T19259] iommufd_mock iommufd_mock1: Adding to iommu group 1
[ 1034.452149][T19261] iommufd_mock iommufd_mock2: Adding to iommu group 2
[ 1035.581878][T19282] fuse: Unknown parameter '0xffffffffffffffff'
[ 1035.671789][T19283] loop2: detected capacity change from 0 to 7
[ 1035.679982][T19283]  loop2: p1 p4
[ 1035.683606][T19283] loop2: partition table partially beyond EOD, truncated
[ 1035.692740][T19283] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1035.873127][T19283] loop2: p4 start 2495 is beyond EOD, truncated
[ 1036.159120][T19287] netlink: 16 bytes leftover after parsing attributes in process `syz.4.3615'.
[ 1037.578480][T14992] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[ 1037.748025][T14992] usb 2-1: Using ep0 maxpacket: 16
[ 1037.791835][T14992] usb 2-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[ 1037.801294][T14992] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1037.810551][T14992] usb 2-1: Product: syz
[ 1037.821632][T14992] usb 2-1: Manufacturer: syz
[ 1037.901647][T19305] netlink: 276 bytes leftover after parsing attributes in process `syz.3.3621'.
[ 1037.910981][T14992] usb 2-1: SerialNumber: syz
[ 1037.946625][T14992] usb 2-1: config 0 descriptor??
[ 1037.999262][T14992] ums-onetouch 2-1:0.0: USB Mass Storage device detected
[ 1038.132081][T19311] macvlan1: entered promiscuous mode
[ 1038.188765][T19311] macvlan1: left promiscuous mode
[ 1038.293259][T19313] binder: 19308:19313 ioctl 7ab 200000000100 returned -22
[ 1038.802655][T19317] netlink: 24 bytes leftover after parsing attributes in process `syz.0.3624'.
[ 1038.877711][T19317] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3624'.
[ 1039.725628][T19322] kernel read not supported for file /memory.swap.events (pid: 19322 comm: syz.0.3627)
[ 1039.782397][   T30] kauditd_printk_skb: 17 callbacks suppressed
[ 1039.782415][   T30] audit: type=1800 audit(1757550463.938:774): pid=19322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.3627" name="memory.swap.events" dev="mqueue" ino=82007 res=0 errno=0
[ 1040.062918][   T24] usb 1-1: new high-speed USB device number 97 using dummy_hcd
[ 1040.115463][T14992] usb 2-1: USB disconnect, device number 7
[ 1040.428059][   T24] usb 1-1: Using ep0 maxpacket: 16
[ 1040.447071][T19340] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3630'.
[ 1040.520528][   T24] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1040.558022][   T24] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1040.608459][   T24] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1040.638207][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1040.656488][   T24] usb 1-1: Product: syz
[ 1040.701619][   T24] usb 1-1: Manufacturer: syz
[ 1040.744732][   T24] usb 1-1: SerialNumber: syz
[ 1041.008394][   T24] usb 1-1: 0:2 : does not exist
[ 1041.036486][   T24] usb 1-1: unit 6 not found!
[ 1041.238458][   T24] usb 1-1: USB disconnect, device number 97
[ 1041.256724][ T5946] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[ 1041.404656][T18423] udevd[18423]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1041.450333][ T5946] usb 2-1: Using ep0 maxpacket: 32
[ 1041.455589][ T9988] Bluetooth: hci3: command 0x0406 tx timeout
[ 1041.466675][ T5946] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1041.497429][ T5946] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1041.522662][ T5946] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1041.536565][ T5946] usb 2-1: Product: syz
[ 1041.541858][ T5946] usb 2-1: Manufacturer: syz
[ 1041.546471][ T5946] usb 2-1: SerialNumber: syz
[ 1041.578895][ T5946] usb 2-1: config 0 descriptor??
[ 1041.788372][ T5946] gs_usb 2-1:0.0: Configuring for 1 interfaces
[ 1041.874745][ T5946] gs_usb 2-1:0.0: Couldn't get bit timing const for channel 0 (-EPROTO)
[ 1041.892815][ T5946] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -71
[ 1041.974038][ T5946] usb 2-1: USB disconnect, device number 8
[ 1042.480560][   T30] audit: type=1326 audit(1757550466.618:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19359 comm="syz.1.3641" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcd5bb8eba9 code=0x0
[ 1042.987735][    T9] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[ 1043.248096][    T9] usb 3-1: device descriptor read/64, error -71
[ 1043.488039][    T9] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 1043.958247][    T9] usb 3-1: device descriptor read/64, error -71
[ 1044.068319][    T9] usb usb3-port1: attempt power cycle
[ 1044.431894][    T9] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 1044.469078][    T9] usb 3-1: device descriptor read/8, error -71
[ 1044.510906][   T24] usb 4-1: new full-speed USB device number 93 using dummy_hcd
[ 1044.706168][   T24] usb 4-1: not running at top speed; connect to a high speed hub
[ 1044.718040][   T24] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1044.726856][   T24] usb 4-1: can't read configurations, error -61
[ 1044.761089][    T9] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[ 1044.809553][T19407] pim6reg: entered allmulticast mode
[ 1044.822076][    T9] usb 3-1: device descriptor read/8, error -71
[ 1044.838060][T19409] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3652'.
[ 1044.938640][    T9] usb usb3-port1: unable to enumerate USB device
[ 1044.948055][   T24] usb 4-1: new full-speed USB device number 94 using dummy_hcd
[ 1045.154903][   T24] usb 4-1: not running at top speed; connect to a high speed hub
[ 1045.176978][   T24] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1045.194833][   T24] usb 4-1: can't read configurations, error -61
[ 1045.214404][   T24] usb usb4-port1: attempt power cycle
[ 1045.588242][   T24] usb 4-1: new full-speed USB device number 95 using dummy_hcd
[ 1045.818356][   T24] usb 4-1: not running at top speed; connect to a high speed hub
[ 1045.839351][   T24] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1045.910740][   T24] usb 4-1: can't read configurations, error -61
[ 1046.054482][T19403] pim6reg: left allmulticast mode
[ 1046.108595][T19422] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3656'.
[ 1046.121617][   T24] usb 4-1: new full-speed USB device number 96 using dummy_hcd
[ 1046.219749][   T24] usb 4-1: not running at top speed; connect to a high speed hub
[ 1046.247672][   T24] usb 4-1: unable to read config index 0 descriptor/start: -61
[ 1046.255944][   T24] usb 4-1: can't read configurations, error -61
[ 1046.389263][   T24] usb usb4-port1: unable to enumerate USB device
[ 1047.089763][   T24] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[ 1047.098157][    T9] usb 1-1: new high-speed USB device number 98 using dummy_hcd
[ 1047.110514][T19432] macvlan1: entered promiscuous mode
[ 1047.141843][T19432] macvlan1: left promiscuous mode
[ 1047.266140][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1047.293863][    T9] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1047.327245][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1047.354867][    T9] usb 1-1: config 0 descriptor??
[ 1047.376273][    T9] pwc: Askey VC010 type 2 USB webcam detected.
[ 1047.850828][    T9] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1047.886809][    T9] pwc: recv_control_msg error -32 req 02 val 2700
[ 1047.904422][    T9] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1048.054485][    T9] pwc: recv_control_msg error -32 req 04 val 1000
[ 1048.069735][T19455] binder: 19445:19455 ioctl 7ab 200000000100 returned -22
[ 1048.158084][ T5955] usb 4-1: new high-speed USB device number 97 using dummy_hcd
[ 1048.213319][    T9] pwc: recv_control_msg error -32 req 04 val 1300
[ 1048.588100][    T9] pwc: recv_control_msg error -32 req 04 val 1400
[ 1048.608931][    T9] pwc: recv_control_msg error -32 req 02 val 2000
[ 1048.617290][    T9] pwc: recv_control_msg error -32 req 02 val 2100
[ 1048.625915][    T9] pwc: recv_control_msg error -32 req 04 val 1500
[ 1048.636650][    T9] pwc: recv_control_msg error -32 req 02 val 2500
[ 1048.646584][    T9] pwc: recv_control_msg error -32 req 02 val 2400
[ 1048.699747][ T5955] usb 4-1: Using ep0 maxpacket: 16
[ 1048.740330][ T5955] usb 4-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[ 1048.749488][ T5955] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1048.757544][ T5955] usb 4-1: Product: syz
[ 1048.761844][ T5955] usb 4-1: Manufacturer: syz
[ 1048.766456][ T5955] usb 4-1: SerialNumber: syz
[ 1048.779970][ T5955] usb 4-1: config 0 descriptor??
[ 1048.789541][ T5955] ums-onetouch 4-1:0.0: USB Mass Storage device detected
[ 1048.918322][    T9] pwc: recv_control_msg error -71 req 02 val 2900
[ 1049.040244][    T9] pwc: recv_control_msg error -71 req 02 val 2800
[ 1049.309802][    T9] pwc: recv_control_msg error -71 req 04 val 1100
[ 1049.325296][    T9] pwc: recv_control_msg error -71 req 04 val 1200
[ 1049.344751][    T9] pwc: Registered as video103.
[ 1049.363963][    T9] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input44
[ 1049.431146][    T9] usb 1-1: USB disconnect, device number 98
[ 1049.904851][T19470] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3667'.
[ 1050.096651][T19472] fuse: Bad value for 'rootmode'
[ 1051.899653][ T5955] usb 4-1: USB disconnect, device number 97
[ 1052.128014][ T5946] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[ 1052.319898][ T5946] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1052.372873][ T5946] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1052.418005][ T5946] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1052.498042][ T5946] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1052.528081][ T5946] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1052.559468][ T5946] usb 2-1: config 0 descriptor??
[ 1053.176391][T19484] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1053.185217][T19484] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1053.663991][T19502] Invalid logical block size (536870912)
[ 1053.712561][ T5946] usbhid 2-1:0.0: can't add hid device: -71
[ 1053.738453][ T5946] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1053.862403][ T5946] usb 2-1: USB disconnect, device number 10
[ 1054.734661][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.741447][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.757058][T19526] FAULT_INJECTION: forcing a failure.
[ 1054.757058][T19526] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1054.770488][T19526] CPU: 0 UID: 0 PID: 19526 Comm: syz.1.3685 Not tainted syzkaller #0 PREEMPT(full) 
[ 1054.770515][T19526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1054.770526][T19526] Call Trace:
[ 1054.770534][T19526]  <TASK>
[ 1054.770543][T19526]  dump_stack_lvl+0x189/0x250
[ 1054.770569][T19526]  ? __pfx____ratelimit+0x10/0x10
[ 1054.770589][T19526]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1054.770610][T19526]  ? __pfx__printk+0x10/0x10
[ 1054.770634][T19526]  ? __might_fault+0xb0/0x130
[ 1054.770673][T19526]  should_fail_ex+0x414/0x560
[ 1054.770706][T19526]  _copy_from_user+0x2d/0xb0
[ 1054.770731][T19526]  ___sys_sendmsg+0x158/0x2a0
[ 1054.770758][T19526]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1054.770822][T19526]  ? __fget_files+0x2a/0x420
[ 1054.770838][T19526]  ? __fget_files+0x3a0/0x420
[ 1054.770864][T19526]  __x64_sys_sendmsg+0x19b/0x260
[ 1054.770890][T19526]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1054.770921][T19526]  ? __pfx_ksys_write+0x10/0x10
[ 1054.770942][T19526]  ? rcu_is_watching+0x15/0xb0
[ 1054.770966][T19526]  ? do_syscall_64+0xbe/0x3b0
[ 1054.770991][T19526]  do_syscall_64+0xfa/0x3b0
[ 1054.771009][T19526]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1054.771027][T19526]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1054.771045][T19526]  ? clear_bhb_loop+0x60/0xb0
[ 1054.771067][T19526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1054.771083][T19526] RIP: 0033:0x7fcd5bb8eba9
[ 1054.771102][T19526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1054.771119][T19526] RSP: 002b:00007fcd5ca77038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1054.771139][T19526] RAX: ffffffffffffffda RBX: 00007fcd5bdd5fa0 RCX: 00007fcd5bb8eba9
[ 1054.771153][T19526] RDX: 0000000000044000 RSI: 0000200000000280 RDI: 0000000000000003
[ 1054.771164][T19526] RBP: 00007fcd5ca77090 R08: 0000000000000000 R09: 0000000000000000
[ 1054.771176][T19526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1054.771187][T19526] R13: 00007fcd5bdd6038 R14: 00007fcd5bdd5fa0 R15: 00007fcd5beffa28
[ 1054.771216][T19526]  </TASK>
[ 1055.319311][T19530] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3683'.
[ 1055.518541][T19536] netlink: 'syz.1.3686': attribute type 1 has an invalid length.
[ 1055.569884][T19536] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1055.632281][T19538] bond1: (slave wlan0): Releasing active interface
[ 1055.754536][T19538] bond2: (slave wlan0): Enslaving as an active interface with a down link
[ 1056.084171][T19540] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3687'.
[ 1056.118149][   T30] audit: type=1326 audit(1757550480.268:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19541 comm="syz.1.3688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5bb8eba9 code=0x7ffc0000
[ 1056.206271][T19540] batadv0: entered promiscuous mode
[ 1056.211874][   T30] audit: type=1326 audit(1757550480.268:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19541 comm="syz.1.3688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5bb8eba9 code=0x7ffc0000
[ 1056.253969][T19540] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1056.294282][T19540] batadv0: left promiscuous mode
[ 1056.326152][   T30] audit: type=1326 audit(1757550480.308:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19541 comm="syz.1.3688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7fcd5bb8eba9 code=0x7ffc0000
[ 1056.388066][   T30] audit: type=1326 audit(1757550480.308:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19541 comm="syz.1.3688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5bb8eba9 code=0x7ffc0000
[ 1056.534652][   T30] audit: type=1326 audit(1757550480.308:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19541 comm="syz.1.3688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5bb8eba9 code=0x7ffc0000
[ 1056.545918][T19548] loop2: detected capacity change from 0 to 7
[ 1056.606008][   T30] audit: type=1326 audit(1757550480.308:781): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19541 comm="syz.1.3688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fcd5bb8eba9 code=0x7ffc0000
[ 1056.632494][   T30] audit: type=1326 audit(1757550480.328:782): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19541 comm="syz.1.3688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5bb8eba9 code=0x7ffc0000
[ 1056.677077][   T30] audit: type=1326 audit(1757550480.328:783): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19541 comm="syz.1.3688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5bb8eba9 code=0x7ffc0000
[ 1056.691368][T19548] Dev loop2: unable to read RDB block 7
[ 1056.715837][   T30] audit: type=1326 audit(1757550480.328:784): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19541 comm="syz.1.3688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7fcd5bb8eba9 code=0x7ffc0000
[ 1056.748451][    T9] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[ 1056.868330][T19548]  loop2: AHDI p1 p2
[ 1056.876987][T19548] loop2: partition table partially beyond EOD, truncated
[ 1056.894793][T19548] loop2: p1 start 1668641394 is beyond EOD, truncated
[ 1056.940869][   T30] audit: type=1326 audit(1757550480.328:785): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19541 comm="syz.1.3688" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5bb8eba9 code=0x7ffc0000
[ 1057.014418][ T5237] Dev loop2: unable to read RDB block 7
[ 1057.028142][ T5237]  loop2: AHDI p1 p2
[ 1057.032118][ T5237] loop2: partition table partially beyond EOD, truncated
[ 1057.058501][ T5237] loop2: p1 start 1668641394 is beyond EOD, truncated
[ 1057.087977][    T9] usb 2-1: Using ep0 maxpacket: 16
[ 1057.136019][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1057.178167][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1057.212241][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1057.286725][    T9] usb 2-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1057.328075][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1057.362805][    T9] usb 2-1: config 0 descriptor??
[ 1057.751416][T19565] loop2: detected capacity change from 0 to 7
[ 1057.763971][T19565]  loop2: p1 p4
[ 1057.767720][T19565] loop2: partition table partially beyond EOD, truncated
[ 1057.776547][T19565] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1057.792391][T19565] loop2: p4 start 2495 is beyond EOD, truncated
[ 1057.921624][    T9] HID 045e:07da: Invalid code 65791 type 1
[ 1058.004973][    T9] input: HID 045e:07da as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:045E:07DA.001B/input/input45
[ 1058.066058][    T9] microsoft 0003:045E:07DA.001B: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.1-1/input0
[ 1058.089605][    T9] usb 2-1: USB disconnect, device number 11
[ 1058.308026][T17102] usb 5-1: new high-speed USB device number 123 using dummy_hcd
[ 1058.478044][T17102] usb 5-1: Using ep0 maxpacket: 32
[ 1058.510245][T17102] usb 5-1: config index 0 descriptor too short (expected 35577, got 27)
[ 1058.548204][T17102] usb 5-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[ 1058.572994][T17102] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 92
[ 1058.594371][T19572] fido_id[19572]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[ 1058.619001][T17102] usb 5-1: config 1 has no interface number 0
[ 1058.627111][T17102] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1058.651650][T19578] binder: 19573:19578 ioctl 7ab 200000000100 returned -22
[ 1058.669722][T17102] usb 5-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 10229, setting to 1024
[ 1058.695739][T17102] usb 5-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[ 1059.053006][T17102] usb 5-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[ 1059.123682][T17102] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1059.151229][T19571] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1059.180775][T17102] snd_usb_pod 5-1:1.1: Line 6 Pocket POD found
[ 1059.288147][   T24] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[ 1059.406317][T19571] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1059.460621][   T24] usb 2-1: config 2 has an invalid interface number: 211 but max is 0
[ 1059.543051][T17102] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now attached
[ 1059.548007][   T24] usb 2-1: config 2 has no interface number 0
[ 1059.556120][   T24] usb 2-1: config 2 interface 211 altsetting 0 endpoint 0x4 has invalid maxpacket 512, setting to 64
[ 1059.675028][   T24] usb 2-1: config 2 interface 211 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 4
[ 1059.978736][    T9] usb 5-1: USB disconnect, device number 123
[ 1059.986351][    T9] snd_usb_pod 5-1:1.1: Line 6 Pocket POD now disconnected
[ 1060.053162][   T24] usb 2-1: New USB device found, idVendor=2040, idProduct=8268, bcdDevice=27.95
[ 1060.214767][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1060.222961][   T24] usb 2-1: Product: syz
[ 1060.244508][   T24] usb 2-1: Manufacturer: syz
[ 1060.250163][   T24] usb 2-1: SerialNumber: syz
[ 1060.298177][T19581] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[ 1060.340657][   T24] em28xx 2-1:2.211: New device syz syz @ 12 Mbps (2040:8268, interface 211, class 211)
[ 1060.364052][T19595] netlink: 28 bytes leftover after parsing attributes in process `syz.0.3703'.
[ 1060.396535][   T24] em28xx 2-1:2.211: Device initialization failed.
[ 1060.408222][   T24] em28xx 2-1:2.211: Device must be connected to a high-speed USB 2.0 port.
[ 1060.569585][T19581] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1060.608507][T19581] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1060.625262][T14992] usb 2-1: USB disconnect, device number 12
[ 1061.132145][T19604] netlink: 32 bytes leftover after parsing attributes in process `syz.4.3706'.
[ 1061.213436][T19604] netlink: 112 bytes leftover after parsing attributes in process `syz.4.3706'.
[ 1062.156020][T19622] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3713'.
[ 1062.324556][T19632] netlink: 'syz.2.3717': attribute type 8 has an invalid length.
[ 1062.458049][   T24] usb 5-1: new full-speed USB device number 124 using dummy_hcd
[ 1062.703362][   T24] usb 5-1: Invalid ep0 maxpacket: 9
[ 1062.908059][   T24] usb 5-1: new full-speed USB device number 125 using dummy_hcd
[ 1063.069881][   T24] usb 5-1: Invalid ep0 maxpacket: 9
[ 1063.088651][   T24] usb usb5-port1: attempt power cycle
[ 1063.418917][T19652] loop2: detected capacity change from 0 to 7
[ 1063.439291][T19652]  loop2: p1 p4
[ 1063.443101][T19652] loop2: partition table partially beyond EOD, truncated
[ 1063.452954][T19652] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1063.491318][   T24] usb 5-1: new full-speed USB device number 126 using dummy_hcd
[ 1063.758940][T19652] loop2: p4 start 2495 is beyond EOD, truncated
[ 1063.788964][   T24] usb 5-1: Invalid ep0 maxpacket: 9
[ 1063.948037][   T24] usb 5-1: new full-speed USB device number 127 using dummy_hcd
[ 1064.228807][   T24] usb 5-1: Invalid ep0 maxpacket: 9
[ 1064.236395][   T24] usb usb5-port1: unable to enumerate USB device
[ 1065.028548][T19661] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3724'.
[ 1065.038833][T19661] netlink: 'syz.1.3724': attribute type 7 has an invalid length.
[ 1065.047267][T19661] netlink: 'syz.1.3724': attribute type 8 has an invalid length.
[ 1065.056645][T19661] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3724'.
[ 1067.958101][ T5946] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[ 1068.118129][ T5946] usb 2-1: Using ep0 maxpacket: 8
[ 1068.135955][ T5946] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1068.135985][ T5946] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 1068.172541][ T5946] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1c00, bcdDevice=b4.82
[ 1068.183709][ T5946] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1068.196213][ T5946] usb 2-1: Product: syz
[ 1068.200732][ T5946] usb 2-1: Manufacturer: syz
[ 1068.200755][ T5946] usb 2-1: SerialNumber: syz
[ 1068.214941][ T5946] usb 2-1: config 0 descriptor??
[ 1068.435039][T19697] fuse: Bad value for 'fd'
[ 1068.501763][T19683] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1068.588541][T19683] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1069.698081][    T9] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[ 1069.868908][    T9] usb 5-1: device descriptor read/64, error -71
[ 1070.108059][    T9] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[ 1070.248716][    T9] usb 5-1: device descriptor read/64, error -71
[ 1070.369349][    T9] usb usb5-port1: attempt power cycle
[ 1070.389625][   T24] usb 2-1: USB disconnect, device number 13
[ 1070.728062][    T9] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[ 1070.771727][    T9] usb 5-1: device descriptor read/8, error -71
[ 1071.018575][    T9] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[ 1071.209207][    T9] usb 5-1: device descriptor read/8, error -71
[ 1071.370432][    T9] usb usb5-port1: unable to enumerate USB device
[ 1072.599662][T19744] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3748'.
[ 1072.976151][T19748] netlink: 'syz.1.3750': attribute type 10 has an invalid length.
[ 1073.046020][T19748] veth1_vlan: left allmulticast mode
[ 1073.495521][   T30] audit: type=1326 audit(1757550497.608:786): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19749 comm="syz.2.3751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1073.622850][   T30] audit: type=1326 audit(1757550497.608:787): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19749 comm="syz.2.3751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1073.790241][   T30] audit: type=1326 audit(1757550497.608:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19749 comm="syz.2.3751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1073.898023][   T30] audit: type=1326 audit(1757550497.608:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19749 comm="syz.2.3751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1074.096378][T19759] fuse: Bad value for 'fd'
[ 1074.121524][   T30] audit: type=1326 audit(1757550497.608:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19749 comm="syz.2.3751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1074.249579][   T30] audit: type=1326 audit(1757550497.608:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19749 comm="syz.2.3751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=200 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1074.433321][   T30] audit: type=1326 audit(1757550497.608:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19749 comm="syz.2.3751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f471ed2ada9 code=0x7ffc0000
[ 1074.476216][   T30] audit: type=1326 audit(1757550497.608:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19749 comm="syz.2.3751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1074.568037][   T30] audit: type=1326 audit(1757550497.608:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19749 comm="syz.2.3751" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1074.707300][   T30] audit: type=1326 audit(1757550498.458:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19769 comm="syz.1.3756" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd5bb8eba9 code=0x7ffc0000
[ 1076.095410][T19786] fuse: Unknown parameter 'fd0xffffffffffffffff'
[ 1076.247765][T19788] netlink: 'syz.3.3760': attribute type 1 has an invalid length.
[ 1076.480232][T19788] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1077.129065][T19805] netlink: 276 bytes leftover after parsing attributes in process `syz.3.3765'.
[ 1078.001033][T19827] pim6reg: entered allmulticast mode
[ 1078.440811][T19821] fuse: Bad value for 'fd'
[ 1079.020883][T19841] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3775'.
[ 1079.048770][T19840] binder: 19836:19840 ioctl 7ab 200000000100 returned -22
[ 1079.440291][T19822] pim6reg: left allmulticast mode
[ 1081.267838][T19878] bond1: entered allmulticast mode
[ 1081.313961][T19880] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1081.364643][T19885] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3788'.
[ 1081.460517][T19888] netlink: 48 bytes leftover after parsing attributes in process `syz.4.3787'.
[ 1082.300404][ T5953] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[ 1082.488725][ T5953] usb 5-1: Using ep0 maxpacket: 8
[ 1082.509109][ T5953] usb 5-1: config 162 has an invalid interface number: 46 but max is 1
[ 1082.532369][ T5953] usb 5-1: config 162 has an invalid descriptor of length 223, skipping remainder of the config
[ 1082.563036][ T5953] usb 5-1: config 162 has no interface number 0
[ 1082.592175][ T5953] usb 5-1: config 162 interface 1 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1082.646843][ T5953] usb 5-1: config 162 interface 46 altsetting 1 has a duplicate endpoint with address 0x9, skipping
[ 1082.691826][ T5953] usb 5-1: config 162 interface 46 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[ 1082.735254][ T5953] usb 5-1: config 162 interface 46 altsetting 1 endpoint 0x86 has invalid maxpacket 26439, setting to 1024
[ 1082.765933][ T5953] usb 5-1: config 162 interface 46 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[ 1082.782332][ T5953] usb 5-1: config 162 interface 1 has no altsetting 0
[ 1082.800687][ T5953] usb 5-1: config 162 interface 46 has no altsetting 0
[ 1082.813887][ T5953] usb 5-1: New USB device found, idVendor=0bb4, idProduct=0a89, bcdDevice=26.be
[ 1082.823635][ T5953] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1082.844385][ T5953] usb 5-1: Product: syz
[ 1082.861680][ T5953] usb 5-1: Manufacturer: syz
[ 1082.873924][ T5953] usb 5-1: SerialNumber: syz
[ 1083.874332][T19922] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3799'.
[ 1083.898256][T19922] batadv0: entered promiscuous mode
[ 1083.906112][T19922] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1083.975117][T19922] batadv0: left promiscuous mode
[ 1084.266853][ T5953] ipaq 5-1:162.46: PocketPC PDA converter detected
[ 1084.286701][ T5953] usb 5-1: active config #162 != 1 ??
[ 1084.346320][ T5953] usb 5-1: USB disconnect, device number 6
[ 1084.368794][T19929] Invalid logical block size (1101653259)
[ 1084.988016][ T5946] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[ 1085.492690][T19960] fuse: Bad value for 'fd'
[ 1085.782202][T19965] netlink: 'syz.3.3813': attribute type 1 has an invalid length.
[ 1086.233117][T19965] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1086.870370][T19970] bond2: (slave wlan0): Enslaving as an active interface with a down link
[ 1087.348791][T14992] hid_parser_main: 59 callbacks suppressed
[ 1087.348811][T14992] hid-generic 0000:0000:0000.001C: unknown main item tag 0x0
[ 1087.423133][T14992] hid-generic 0000:0000:0000.001C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 1088.273238][T19993] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3821'.
[ 1088.294269][T19993] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[ 1088.315580][T19993] netlink: 44 bytes leftover after parsing attributes in process `syz.3.3821'.
[ 1089.164930][T20001] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3825'.
[ 1089.195099][T20001] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3825'.
[ 1089.257529][T20001] dummy0: entered promiscuous mode
[ 1089.326801][T20001] team0: entered promiscuous mode
[ 1089.355072][T16682] tipc: Subscription rejected, illegal request
[ 1089.367744][T20001] team_slave_0: entered promiscuous mode
[ 1089.384089][T20001] team_slave_1: entered promiscuous mode
[ 1089.416995][T20001] team0: left promiscuous mode
[ 1089.438914][T20001] team_slave_0: left promiscuous mode
[ 1089.454864][T20001] team_slave_1: left promiscuous mode
[ 1089.507203][T20001] dummy0: left promiscuous mode
[ 1089.535307][T20011] tipc: Started in network mode
[ 1089.535334][T20011] tipc: Node identity 4, cluster identity 4711
[ 1089.535349][T20011] tipc: Node number set to 4
[ 1089.548787][T20016] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3829'.
[ 1090.518397][T20037] netlink: 48 bytes leftover after parsing attributes in process `syz.1.3834'.
[ 1090.523126][T20038] netlink: 28 bytes leftover after parsing attributes in process `syz.4.3833'.
[ 1090.541137][T20038] netlink: 'syz.4.3833': attribute type 7 has an invalid length.
[ 1090.561970][T20038] netlink: 'syz.4.3833': attribute type 8 has an invalid length.
[ 1090.590693][T20038] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3833'.
[ 1090.650506][T20038] ip6gretap0: entered promiscuous mode
[ 1090.657593][T20038] batadv_slave_1: entered promiscuous mode
[ 1090.672723][T20038] erspan0: entered promiscuous mode
[ 1093.948042][   T24] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[ 1094.132296][   T24] usb 3-1: Using ep0 maxpacket: 32
[ 1094.144228][   T24] usb 3-1: config 0 has no interfaces?
[ 1094.152963][   T24] usb 3-1: New USB device found, idVendor=108c, idProduct=dd68, bcdDevice=84.5c
[ 1094.167342][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1094.181825][   T24] usb 3-1: Product: syz
[ 1094.186186][   T24] usb 3-1: Manufacturer: syz
[ 1094.191714][   T24] usb 3-1: SerialNumber: syz
[ 1094.201527][   T24] usb 3-1: config 0 descriptor??
[ 1094.691499][   T24] usb 1-1: new high-speed USB device number 99 using dummy_hcd
[ 1095.070872][   T24] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1095.131335][   T24] usb 1-1: config 6 has an invalid interface number: 158 but max is 0
[ 1095.190181][   T24] usb 1-1: config 6 has no interface number 0
[ 1095.223369][   T24] usb 1-1: config 6 interface 158 has no altsetting 0
[ 1095.230884][ T5953] usb 3-1: USB disconnect, device number 36
[ 1095.257127][   T24] usb 1-1: New USB device found, idVendor=0bda, idProduct=0140, bcdDevice=da.29
[ 1095.277422][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1095.287365][   T24] usb 1-1: Product: syz
[ 1095.302780][   T24] usb 1-1: Manufacturer: syz
[ 1095.318586][   T24] usb 1-1: SerialNumber: syz
[ 1096.492996][T20099] loop6: detected capacity change from 0 to 7
[ 1096.532776][T20099] Dev loop6: unable to read RDB block 7
[ 1096.598246][T20099]  loop6: unable to read partition table
[ 1096.746428][T20099] loop6: partition table beyond EOD, truncated
[ 1096.838214][T20099] loop_reread_partitions: partition scan of loop6 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[ 1096.993111][T20105] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3854'.
[ 1097.042288][T20105] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3854'.
[ 1097.335752][T20111] netlink: 132 bytes leftover after parsing attributes in process `syz.4.3857'.
[ 1097.926988][   T24] rtsx_usb 1-1:6.158: probe with driver rtsx_usb failed with error -71
[ 1097.976473][   T24] usb 1-1: USB disconnect, device number 99
[ 1098.106819][T20116] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1098.401619][T17102] usb 4-1: new high-speed USB device number 98 using dummy_hcd
[ 1099.128200][T17102] usb 4-1: Using ep0 maxpacket: 16
[ 1099.159481][T17102] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 1099.188081][T17102] usb 4-1: config 0 has no interface number 0
[ 1099.207056][T17102] usb 4-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[ 1099.217147][T17102] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1099.240175][T17102] usb 4-1: Product: syz
[ 1099.244371][T17102] usb 4-1: Manufacturer: syz
[ 1099.254173][T17102] usb 4-1: SerialNumber: syz
[ 1099.348561][T17102] usb 4-1: config 0 descriptor??
[ 1099.362706][T17102] gspca_main: spca1528-2.14.0 probing 04fc:1528
[ 1099.430594][ T5955] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[ 1099.608415][ T5955] usb 2-1: Using ep0 maxpacket: 8
[ 1099.636639][ T5955] usb 2-1: config 0 has an invalid interface number: 31 but max is 0
[ 1099.645724][ T5955] usb 2-1: config 0 has no interface number 0
[ 1099.655473][ T5955] usb 2-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[ 1099.665975][ T5955] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1099.675217][ T5955] usb 2-1: Product: syz
[ 1099.688103][ T5955] usb 2-1: Manufacturer: syz
[ 1099.703228][ T5955] usb 2-1: SerialNumber: syz
[ 1099.730986][ T5955] usb 2-1: config 0 descriptor??
[ 1100.299117][T17102] gspca_spca1528: reg_w err -110
[ 1100.332316][T17102] spca1528 4-1:0.1: probe with driver spca1528 failed with error -110
[ 1100.583560][ T5955] usb 2-1: Found UVC 0.04 device syz (046d:08c3)
[ 1100.609868][ T5955] uvcvideo 2-1:0.31: Entity type for entity Output 6 was not initialized!
[ 1100.650083][ T5955] usb 2-1: Failed to create links for entity 5
[ 1100.665517][ T5955] usb 2-1: Failed to register entities (-22).
[ 1100.714632][T20152] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3867'.
[ 1100.782279][ T5955] usb 2-1: USB disconnect, device number 14
[ 1101.283288][ T5953] usb 4-1: USB disconnect, device number 98
[ 1101.508110][T13496] usb 1-1: new high-speed USB device number 100 using dummy_hcd
[ 1101.727570][T13496] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1101.747190][T13496] usb 1-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00
[ 1101.809067][T13496] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1101.817162][ T5953] usb 4-1: new high-speed USB device number 99 using dummy_hcd
[ 1101.846906][T13496] usb 1-1: config 0 descriptor??
[ 1102.039819][ T5953] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1102.088608][T20158] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1102.108436][ T5953] usb 4-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[ 1102.146125][T20158] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1102.166089][ T5953] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1102.169424][T20173] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3876'.
[ 1102.274606][T20173] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3876'.
[ 1102.280580][ T5953] usb 4-1: config 0 descriptor??
[ 1102.330777][ T5953] pwc: Askey VC010 type 2 USB webcam detected.
[ 1102.795224][ T5953] pwc: recv_control_msg error -32 req 02 val 2b00
[ 1102.812501][ T5987] usb 1-1: USB disconnect, device number 100
[ 1103.012295][ T5953] pwc: recv_control_msg error -32 req 02 val 2c00
[ 1103.028042][ T5953] pwc: recv_control_msg error -32 req 04 val 1000
[ 1103.045525][ T5953] pwc: recv_control_msg error -32 req 04 val 1300
[ 1103.100067][T20189] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3872'.
[ 1103.121489][ T5953] pwc: recv_control_msg error -32 req 04 val 1400
[ 1103.177456][ T5953] pwc: recv_control_msg error -32 req 02 val 2000
[ 1103.256008][ T5953] pwc: recv_control_msg error -32 req 02 val 2100
[ 1103.550070][ T5953] pwc: recv_control_msg error -71 req 02 val 2500
[ 1103.565718][ T5953] pwc: recv_control_msg error -71 req 02 val 2400
[ 1103.576600][ T5953] pwc: recv_control_msg error -71 req 02 val 2600
[ 1103.589039][ T5953] pwc: recv_control_msg error -71 req 02 val 2900
[ 1103.675626][T20195] netlink: 'syz.4.3880': attribute type 1 has an invalid length.
[ 1103.708606][ T5953] pwc: recv_control_msg error -71 req 02 val 2800
[ 1103.758664][ T5953] pwc: recv_control_msg error -71 req 04 val 1100
[ 1103.774140][ T5953] pwc: recv_control_msg error -71 req 04 val 1200
[ 1103.824645][ T5953] pwc: Registered as video103.
[ 1103.854491][ T5953] input: PWC snapshot button as /devices/platform/dummy_hcd.3/usb4/4-1/input/input47
[ 1103.928929][T20195] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1104.038325][ T5953] usb 4-1: USB disconnect, device number 99
[ 1105.634826][   T30] kauditd_printk_skb: 38 callbacks suppressed
[ 1105.635177][   T30] audit: type=1804 audit(1757550529.788:834): pid=20220 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3887" name="/newroot/189/file1" dev="fuse" ino=1 res=1 errno=0
[ 1105.757381][T20231] netlink: 276 bytes leftover after parsing attributes in process `syz.1.3890'.
[ 1105.870940][T20233] trusted_key: syz.1.3891 sent an empty control message without MSG_MORE.
[ 1105.978880][ T5987] usb 4-1: new high-speed USB device number 100 using dummy_hcd
[ 1106.050147][T20236] netlink: 'syz.4.3892': attribute type 27 has an invalid length.
[ 1106.058751][T20236] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3892'.
[ 1106.200014][ T5987] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1106.226838][ T5987] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1106.293098][ T5987] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1106.318678][T20245] loop2: detected capacity change from 0 to 7
[ 1106.334227][T20246] fuse: Unknown parameter 'fd0x0000000000000004'
[ 1106.336903][ T5987] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1106.352226][T20245] Dev loop2: unable to read RDB block 7
[ 1106.394845][T20245]  loop2: AHDI p1 p2
[ 1106.407155][T20245] loop2: partition table partially beyond EOD, truncated
[ 1106.414580][ T5987] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1106.437792][ T5987] usb 4-1: config 0 descriptor??
[ 1106.455160][T20245] loop2: p1 start 1668641394 is beyond EOD, truncated
[ 1106.516008][ T5237] Dev loop2: unable to read RDB block 7
[ 1106.536006][ T5237]  loop2: AHDI p1 p2
[ 1106.581840][ T5237] loop2: partition table partially beyond EOD, truncated
[ 1106.596119][ T5237] loop2: p1 start 1668641394 is beyond EOD, truncated
[ 1106.979863][ T5987] plantronics 0003:047F:FFFF.001E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[ 1107.201667][ T5987] usb 4-1: USB disconnect, device number 100
[ 1107.355127][T20268] pim6reg: entered allmulticast mode
[ 1107.458619][T20262] fido_id[20262]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[ 1108.560442][T20256] pim6reg: left allmulticast mode
[ 1108.639773][T20280] netlink: 48 bytes leftover after parsing attributes in process `syz.3.3904'.
[ 1108.917685][T20287] fuse: Unknown parameter 'fd0x0000000000000004'
[ 1109.790062][T20304] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3914'.
[ 1109.803989][T20304] batadv0: entered promiscuous mode
[ 1109.811612][T20304] 8021q: adding VLAN 0 to HW filter on device macvlan3
[ 1109.820125][T20304] batadv0: left promiscuous mode
[ 1109.948045][ T5953] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[ 1109.997544][T20308] netlink: 'syz.0.3916': attribute type 10 has an invalid length.
[ 1110.006174][T20308] macvlan0: entered allmulticast mode
[ 1110.015628][T20308] veth1_vlan: entered allmulticast mode
[ 1110.023710][T20308] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[ 1110.140829][ T5953] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1110.184647][ T5953] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1110.250600][ T5953] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1110.277965][ T5953] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1110.298190][T20302] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1110.311080][ T5953] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[ 1110.423077][T20320] Invalid logical block size (1348568976)
[ 1110.640301][ T5987] usb 5-1: USB disconnect, device number 8
[ 1111.208503][T13496] usb 1-1: new high-speed USB device number 101 using dummy_hcd
[ 1111.278111][ T5953] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[ 1111.369157][T13496] usb 1-1: Using ep0 maxpacket: 8
[ 1111.380145][T13496] usb 1-1: too many configurations: 248, using maximum allowed: 8
[ 1111.402499][T13496] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 8
[ 1111.414711][T13496] usb 1-1: can't read configurations, error -22
[ 1111.440253][ T5953] usb 2-1: Using ep0 maxpacket: 32
[ 1111.447533][ T5953] usb 2-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1111.489005][ T5953] usb 2-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 1111.506667][ T5953] usb 2-1: config 0 interface 0 has no altsetting 0
[ 1111.544123][ T5953] usb 2-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[ 1111.568222][T13496] usb 1-1: new high-speed USB device number 102 using dummy_hcd
[ 1111.592454][ T5953] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1111.695338][T20355] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.3928'.
[ 1111.736072][ T5953] usb 2-1: config 0 descriptor??
[ 1111.798259][T13496] usb 1-1: Using ep0 maxpacket: 8
[ 1111.862218][T13496] usb 1-1: too many configurations: 248, using maximum allowed: 8
[ 1111.872219][T13496] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 8
[ 1111.882732][T13496] usb 1-1: can't read configurations, error -22
[ 1111.891402][T13496] usb usb1-port1: attempt power cycle
[ 1111.990776][T20333] netlink: 16 bytes leftover after parsing attributes in process `syz.1.3924'.
[ 1112.004799][ T5953] usbhid 2-1:0.0: can't add hid device: -71
[ 1112.025371][T20358] netlink: 4400 bytes leftover after parsing attributes in process `syz.3.3930'.
[ 1112.068126][ T5953] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1112.096597][ T5953] usb 2-1: USB disconnect, device number 15
[ 1112.288224][T13496] usb 1-1: new high-speed USB device number 103 using dummy_hcd
[ 1112.311639][T13496] usb 1-1: Using ep0 maxpacket: 8
[ 1112.317531][T13496] usb 1-1: too many configurations: 248, using maximum allowed: 8
[ 1112.327044][T13496] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 8
[ 1112.336000][T13496] usb 1-1: can't read configurations, error -22
[ 1112.338070][ T5987] usb 4-1: new high-speed USB device number 101 using dummy_hcd
[ 1112.468313][T13496] usb 1-1: new high-speed USB device number 104 using dummy_hcd
[ 1112.488946][T13496] usb 1-1: Using ep0 maxpacket: 8
[ 1112.501548][T13496] usb 1-1: too many configurations: 248, using maximum allowed: 8
[ 1112.519995][ T5987] usb 4-1: Using ep0 maxpacket: 16
[ 1112.532167][ T5987] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1112.562209][T13496] usb 1-1: invalid descriptor for config index 0: type = 0x2, length = 8
[ 1112.564359][ T5987] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1112.591767][T13496] usb 1-1: can't read configurations, error -22
[ 1112.614685][T13496] usb usb1-port1: unable to enumerate USB device
[ 1112.615664][ T5987] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1112.678063][ T5987] usb 4-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[ 1112.711193][ T5987] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1112.770566][ T5987] usb 4-1: config 0 descriptor??
[ 1112.818146][T20366] netlink: 'syz.1.3934': attribute type 1 has an invalid length.
[ 1112.902134][T20366] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1112.933223][T20370] bond2: (slave wlan0): Releasing active interface
[ 1112.967113][T20370] bond3: (slave wlan0): Enslaving as an active interface with a down link
[ 1113.202657][T20377] netlink: 24 bytes leftover after parsing attributes in process `syz.2.3937'.
[ 1113.204459][ T5987] hid (null): usage index exceeded
[ 1113.234278][ T5987] hid-multitouch 0003:0457:07DA.001F: ignoring exceeding usage max
[ 1113.248447][ T5987] hid-multitouch 0003:0457:07DA.001F: usage index exceeded
[ 1113.256491][ T5987] hid-multitouch 0003:0457:07DA.001F: item 0 4 2 0 parsing failed
[ 1113.280243][ T5987] hid-multitouch 0003:0457:07DA.001F: probe with driver hid-multitouch failed with error -22
[ 1113.434609][T20381] loop2: detected capacity change from 0 to 7
[ 1113.447758][T20381]  loop2: p1 p4
[ 1113.452447][T20381] loop2: partition table partially beyond EOD, truncated
[ 1113.523909][T20381] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1113.596605][T20381] loop2: p4 start 2495 is beyond EOD, truncated
[ 1113.840452][T20392] netlink: 'syz.4.3940': attribute type 1 has an invalid length.
[ 1113.889441][T20392] 8021q: adding VLAN 0 to HW filter on device bond4
[ 1113.972631][T20392] bond4: (slave dummy0): making interface the new active one
[ 1113.987004][T20392] bond4: (slave dummy0): Enslaving as an active interface with an up link
[ 1114.146299][T20396] netlink: 'syz.4.3940': attribute type 10 has an invalid length.
[ 1114.155041][T20396] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3940'.
[ 1114.165052][T20396] dummy0: entered promiscuous mode
[ 1114.177268][T20396] bond4: (slave dummy0): Releasing active interface
[ 1115.235778][T17102] usb 4-1: USB disconnect, device number 101
[ 1115.557005][T20428] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3950'.
[ 1116.178772][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.185137][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[ 1116.222128][T20444] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3955'.
[ 1116.266631][T20445] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3952'.
[ 1116.308048][ T5953] usb 4-1: new full-speed USB device number 102 using dummy_hcd
[ 1116.561616][T20444] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3955'.
[ 1116.621992][ T5953] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1116.670812][T20444] netlink: 52 bytes leftover after parsing attributes in process `syz.4.3955'.
[ 1116.705423][ T5953] usb 4-1: not running at top speed; connect to a high speed hub
[ 1116.737580][ T5953] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1116.757071][ T5953] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[ 1116.826012][ T5953] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[ 1117.011333][ T5953] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1117.020871][ T5953] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1117.034328][ T5953] usb 4-1: Product: syz
[ 1117.120689][ T5953] usb 4-1: Manufacturer: syz
[ 1117.125387][ T5953] usb 4-1: SerialNumber: syz
[ 1117.270776][T20455] netlink: 28 bytes leftover after parsing attributes in process `syz.1.3957'.
[ 1117.296122][T20455] netlink: 'syz.1.3957': attribute type 7 has an invalid length.
[ 1117.332490][T20455] netlink: 'syz.1.3957': attribute type 8 has an invalid length.
[ 1117.341148][T20455] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3957'.
[ 1117.575163][T20436] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1117.605717][T20436] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1117.638874][ T5953] usb 4-1: 1:1 : UAC_AS_GENERAL descriptor not found
[ 1117.653115][ T5953] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor
[ 1117.668814][ T5953] usb 4-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[ 1117.949532][ T5953] usb 4-1: USB disconnect, device number 102
[ 1119.218567][   T30] audit: type=1326 audit(1757550543.328:835): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20467 comm="syz.4.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92ef98eba9 code=0x7ffc0000
[ 1119.390718][   T30] audit: type=1326 audit(1757550543.328:836): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=20467 comm="syz.4.3961" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f92ef98eba9 code=0x7ffc0000
[ 1119.416621][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1119.578856][T20479] FAULT_INJECTION: forcing a failure.
[ 1119.578856][T20479] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1119.628081][T20479] CPU: 1 UID: 0 PID: 20479 Comm: syz.3.3964 Not tainted syzkaller #0 PREEMPT(full) 
[ 1119.628108][T20479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1119.628120][T20479] Call Trace:
[ 1119.628129][T20479]  <TASK>
[ 1119.628137][T20479]  dump_stack_lvl+0x189/0x250
[ 1119.628165][T20479]  ? __pfx____ratelimit+0x10/0x10
[ 1119.628187][T20479]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1119.628209][T20479]  ? __pfx__printk+0x10/0x10
[ 1119.628251][T20479]  should_fail_ex+0x414/0x560
[ 1119.628286][T20479]  _copy_to_user+0x31/0xb0
[ 1119.628315][T20479]  simple_read_from_buffer+0xe1/0x170
[ 1119.628349][T20479]  proc_fail_nth_read+0x1b3/0x220
[ 1119.628375][T20479]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1119.628401][T20479]  ? rw_verify_area+0x2a6/0x4d0
[ 1119.628424][T20479]  ? __lock_acquire+0xab9/0xd20
[ 1119.628449][T20479]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1119.628472][T20479]  vfs_read+0x200/0xa30
[ 1119.628496][T20479]  ? fdget_pos+0x247/0x320
[ 1119.628519][T20479]  ? __pfx___mutex_lock+0x10/0x10
[ 1119.628539][T20479]  ? __pfx_vfs_read+0x10/0x10
[ 1119.628565][T20479]  ? __fget_files+0x2a/0x420
[ 1119.628587][T20479]  ? __fget_files+0x3a0/0x420
[ 1119.628603][T20479]  ? __fget_files+0x2a/0x420
[ 1119.628631][T20479]  ksys_read+0x145/0x250
[ 1119.628660][T20479]  ? __pfx_ksys_read+0x10/0x10
[ 1119.628679][T20479]  ? rcu_is_watching+0x15/0xb0
[ 1119.628705][T20479]  ? do_syscall_64+0xbe/0x3b0
[ 1119.628730][T20479]  do_syscall_64+0xfa/0x3b0
[ 1119.628749][T20479]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1119.628767][T20479]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1119.628787][T20479]  ? clear_bhb_loop+0x60/0xb0
[ 1119.628810][T20479]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1119.628829][T20479] RIP: 0033:0x7fb93298d5bc
[ 1119.628847][T20479] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1119.628864][T20479] RSP: 002b:00007fb933730030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1119.628888][T20479] RAX: ffffffffffffffda RBX: 00007fb932bd5fa0 RCX: 00007fb93298d5bc
[ 1119.628902][T20479] RDX: 000000000000000f RSI: 00007fb9337300a0 RDI: 0000000000000004
[ 1119.628923][T20479] RBP: 00007fb933730090 R08: 0000000000000000 R09: 0000000000000000
[ 1119.628936][T20479] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1119.628948][T20479] R13: 00007fb932bd6038 R14: 00007fb932bd5fa0 R15: 00007fb932cffa28
[ 1119.628982][T20479]  </TASK>
[ 1119.876057][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1120.298113][T20495] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3970'.
[ 1121.294406][T20515] loop2: detected capacity change from 0 to 7
[ 1121.308421][T20515]  loop2: p1 p4
[ 1121.312078][T20515] loop2: partition table partially beyond EOD, truncated
[ 1121.319681][T20515] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1121.441620][T20515] loop2: p4 start 2495 is beyond EOD, truncated
[ 1122.124899][T18423] udevd[18423]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1124.598317][T20546] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1124.897404][T20554] netlink: 'syz.0.3988': attribute type 1 has an invalid length.
[ 1125.211454][T20554] 8021q: adding VLAN 0 to HW filter on device bond2
[ 1125.518870][ T5946] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[ 1125.698972][ T5946] usb 3-1: config 0 has no interfaces?
[ 1125.714642][ T5946] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 1125.724975][ T5946] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1125.763958][ T5946] usb 3-1: Product: syz
[ 1125.783159][ T5946] usb 3-1: Manufacturer: syz
[ 1125.921705][ T5946] usb 3-1: SerialNumber: syz
[ 1126.034319][ T5946] usb 3-1: config 0 descriptor??
[ 1128.948561][ T5946] usb 3-1: USB disconnect, device number 37
[ 1129.954862][T20639] loop2: detected capacity change from 0 to 7
[ 1129.963412][T20639]  loop2: p1 p4
[ 1129.967141][T20639] loop2: partition table partially beyond EOD, truncated
[ 1130.029499][ T5946] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[ 1130.189912][ T5946] usb 3-1: Using ep0 maxpacket: 16
[ 1130.213103][ T5946] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1130.272290][ T5946] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1130.351719][ T5946] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1130.457455][ T5946] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1130.516352][T20639] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1130.535553][ T5946] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1130.584712][T20639] loop2: p4 start 2495 is beyond EOD, truncated
[ 1130.608066][ T5946] usb 3-1: config 0 descriptor??
[ 1130.957965][ T5953] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[ 1131.025363][ T5946] microsoft 0003:045E:07DA.0020: unknown main item tag 0x0
[ 1131.051726][ T5946] microsoft 0003:045E:07DA.0020: ignoring exceeding usage max
[ 1131.070420][T20667] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4011'.
[ 1131.133675][ T5946] microsoft 0003:045E:07DA.0020: unknown main item tag 0x0
[ 1131.156782][ T5946] microsoft 0003:045E:07DA.0020: unknown main item tag 0x0
[ 1131.169746][ T5953] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1131.186742][ T5953] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1131.199426][ T5946] microsoft 0003:045E:07DA.0020: unknown main item tag 0x0
[ 1131.220989][ T5946] microsoft 0003:045E:07DA.0020: unknown main item tag 0x0
[ 1131.238226][ T5953] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1131.251611][ T5946] microsoft 0003:045E:07DA.0020: unknown main item tag 0x0
[ 1131.260413][ T5946] microsoft 0003:045E:07DA.0020: unknown main item tag 0x0
[ 1131.271211][ T5953] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1131.289391][ T5946] microsoft 0003:045E:07DA.0020: unknown main item tag 0x0
[ 1131.296967][ T5953] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1131.326092][ T5946] microsoft 0003:045E:07DA.0020: unknown main item tag 0x0
[ 1131.340976][ T5953] usb 5-1: config 0 descriptor??
[ 1131.349412][ T5946] microsoft 0003:045E:07DA.0020: unknown main item tag 0x0
[ 1131.369264][ T5953] hub 5-1:0.0: USB hub found
[ 1131.384191][ T5946] microsoft 0003:045E:07DA.0020: unsupported Resolution Multiplier 0
[ 1131.487199][ T5946] microsoft 0003:045E:07DA.0020: unsupported Resolution Multiplier 0
[ 1131.545017][ T5946] microsoft 0003:045E:07DA.0020: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[ 1131.577129][ T5953] hub 5-1:0.0: 9 ports detected
[ 1131.591575][ T5953] hub 5-1:0.0: insufficient power available to use all downstream ports
[ 1131.629415][ T5946] microsoft 0003:045E:07DA.0020: no inputs found
[ 1131.668862][ T5946] microsoft 0003:045E:07DA.0020: could not initialize ff, continuing anyway
[ 1131.685755][T20669] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1131.792265][T20661] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1131.810242][T20661] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1131.936029][T20661] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1132.020460][T20661] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1132.435170][ T5953] hub 5-1:0.0: hub_hub_status failed (err = -71)
[ 1132.497177][ T5953] hub 5-1:0.0: config failed, can't get hub status (err -71)
[ 1132.600219][ T5953] usb 5-1: USB disconnect, device number 9
[ 1132.844416][T20686] loop2: detected capacity change from 0 to 7
[ 1132.867346][T20686]  loop2: p1 p4
[ 1132.874012][T20686] loop2: partition table partially beyond EOD, truncated
[ 1132.926972][T20686] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1132.975922][T20686] loop2: p4 start 2495 is beyond EOD, truncated
[ 1133.064125][T20694] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4017'.
[ 1133.859050][T20698] tipc: Started in network mode
[ 1133.864087][T20698] tipc: Node identity c2199f2fb9f5, cluster identity 4711
[ 1133.928615][ T5955] usb 3-1: USB disconnect, device number 38
[ 1133.942801][T20698] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1134.028531][T20700] syzkaller0: entered promiscuous mode
[ 1134.139682][T20700] syzkaller0: entered allmulticast mode
[ 1134.278308][T20698] tipc: Resetting bearer <eth:syzkaller0>
[ 1134.424813][T20697] tipc: Resetting bearer <eth:syzkaller0>
[ 1134.574846][T20697] tipc: Disabling bearer <eth:syzkaller0>
[ 1134.625323][ T5987] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[ 1134.858081][ T5987] usb 3-1: Using ep0 maxpacket: 16
[ 1134.876533][ T5987] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1134.934315][ T5987] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1135.018470][ T5987] usb 3-1: New USB device found, idVendor=0b05, idProduct=17e0, bcdDevice= 0.00
[ 1135.027589][ T5987] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1135.182429][ T5987] usb 3-1: config 0 descriptor??
[ 1135.490617][T20710] input: syz1 as /devices/virtual/input/input49
[ 1135.545686][T20726] xfrm0: entered promiscuous mode
[ 1135.551529][T20726] xfrm0: entered allmulticast mode
[ 1135.924328][ T5987] asus 0003:0B05:17E0.0021: hidraw0: USB HID v0.00 Device [HID 0b05:17e0] on usb-dummy_hcd.2-1/input0
[ 1135.991446][ T5987] asus 0003:0B05:17E0.0021: Asus input not registered
[ 1136.058861][ T5987] asus 0003:0B05:17E0.0021: probe with driver asus failed with error -12
[ 1136.192808][T17102] usb 3-1: USB disconnect, device number 39
[ 1136.281098][T20736] fido_id[20736]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[ 1137.794462][T20759] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.4035'.
[ 1138.418587][ T5946] usb 1-1: new high-speed USB device number 105 using dummy_hcd
[ 1138.624121][ T5946] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1138.670248][ T5946] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1138.699453][ T5946] usb 1-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[ 1138.725009][ T5946] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1138.768090][T17102] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[ 1138.798465][ T5946] usb 1-1: config 0 descriptor??
[ 1138.948016][T17102] usb 5-1: Using ep0 maxpacket: 8
[ 1138.955830][T17102] usb 5-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[ 1138.976452][T17102] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1139.028792][T17102] usb 5-1: config 0 descriptor??
[ 1139.224963][ T5946] hid_parser_main: 6 callbacks suppressed
[ 1139.224987][ T5946] cp2112 0003:10C4:EA90.0022: unknown main item tag 0x0
[ 1139.243849][T17102] asix 5-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[ 1139.278757][ T5946] cp2112 0003:10C4:EA90.0022: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.0-1/input0
[ 1139.412010][ T5946] cp2112 0003:10C4:EA90.0022: Part Number: 0x82 Device Version: 0xFE
[ 1139.800115][T20799] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4051'.
[ 1139.809333][T20799] netlink: 28 bytes leftover after parsing attributes in process `syz.2.4051'.
[ 1139.834055][T20799] ip6gretap0: entered promiscuous mode
[ 1139.842711][T20799] batadv_slave_1: entered promiscuous mode
[ 1139.850668][T20799] debugfs: 'hsr1' already exists in 'hsr'
[ 1139.856487][T20799] Cannot create hsr debugfs directory
[ 1140.075675][T20766] cp2112 0003:10C4:EA90.0022: Multi-message I2C transactions not supported
[ 1140.086981][ T5946] cp2112 0003:10C4:EA90.0022: error reading lock byte: -71
[ 1140.137084][ T5946] usb 1-1: USB disconnect, device number 105
[ 1141.901874][T20817] fuse: Bad value for 'fd'
[ 1142.252351][T20822] loop6: detected capacity change from 0 to 7
[ 1142.271413][T18423] Dev loop6: unable to read RDB block 7
[ 1142.282768][T18423]  loop6: unable to read partition table
[ 1142.296636][T18423] loop6: partition table beyond EOD, truncated
[ 1142.351499][T20822] Dev loop6: unable to read RDB block 7
[ 1142.542675][T20822]  loop6: unable to read partition table
[ 1142.575235][T20822] loop6: partition table beyond EOD, truncated
[ 1142.584035][T20822] loop_reread_partitions: partition scan of loop6 (�被x������ ) failed (rc=-5)
[ 1142.668769][T17102] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1142.668804][T17102] asix 5-1:0.0 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0088: ffffffb9
[ 1142.669122][T17102] asix 5-1:0.0: probe with driver asix failed with error -71
[ 1142.673071][T17102] usb 5-1: USB disconnect, device number 10
[ 1143.006455][T20828] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4058'.
[ 1143.032986][T20828] batadv0: entered promiscuous mode
[ 1143.056312][T20828] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1143.077569][T20828] batadv0: left promiscuous mode
[ 1143.353603][T20837] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1144.059614][T20845] netlink: 32 bytes leftover after parsing attributes in process `syz.3.4065'.
[ 1144.897071][T20855] fuse: Bad value for 'fd'
[ 1146.410195][T20874] macvlan1: entered promiscuous mode
[ 1146.432474][T20874] macvlan1: left promiscuous mode
[ 1146.662434][T20875] fuse: Bad value for 'fd'
[ 1147.151887][T20882] netlink: 20 bytes leftover after parsing attributes in process `syz.1.4078'.
[ 1148.145172][T20902] loop2: detected capacity change from 0 to 7
[ 1148.338358][T20902]  loop2: p1 p4
[ 1148.351061][T20902] loop2: partition table partially beyond EOD, truncated
[ 1148.363985][T20902] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1148.374771][T20902] loop2: p4 start 2495 is beyond EOD, truncated
[ 1148.586139][T20911] netlink: 'syz.3.4087': attribute type 1 has an invalid length.
[ 1149.412542][T20918] bond3: entered promiscuous mode
[ 1149.424166][T20918] bond3: entered allmulticast mode
[ 1149.444579][T20918] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1149.467514][T20923] bridge3: entered promiscuous mode
[ 1149.473279][T20923] bridge3: entered allmulticast mode
[ 1149.480544][T20923] bond3: (slave bridge3): Enslaving as a backup interface with an up link
[ 1149.554807][ T3568] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[ 1149.812528][ T3568] bond3: Warning: No 802.3ad response from the link partner for any adapters in the bond
[ 1150.372585][T20935] netlink: 212376 bytes leftover after parsing attributes in process `syz.0.4091'.
[ 1151.014380][T20948] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4095'.
[ 1151.318005][T20953] fuse: Bad value for 'fd'
[ 1151.859385][T20957] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4097'.
[ 1152.088236][T20962] netlink: 'syz.0.4099': attribute type 8 has an invalid length.
[ 1152.525376][T20966] pim6reg: entered allmulticast mode
[ 1152.990773][T20975] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1153.111690][T20977] loop2: detected capacity change from 0 to 7
[ 1153.200727][T20963] pim6reg: left allmulticast mode
[ 1153.267823][T20977]  loop2: p1 p4
[ 1153.272956][T20977] loop2: partition table partially beyond EOD, truncated
[ 1153.280787][T20977] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1153.347018][T20977] loop2: p4 start 2495 is beyond EOD, truncated
[ 1154.586233][T20995] loop2: detected capacity change from 0 to 7
[ 1154.759241][T20995]  loop2: p1 p4
[ 1154.820779][T20995] loop2: partition table partially beyond EOD, truncated
[ 1154.828334][T20995] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1154.853351][T20995] loop2: p4 start 2495 is beyond EOD, truncated
[ 1156.498406][ T5946] usb 4-1: new high-speed USB device number 103 using dummy_hcd
[ 1156.668083][ T5946] usb 4-1: Using ep0 maxpacket: 32
[ 1156.692397][ T5946] usb 4-1: config 0 has an invalid interface number: 119 but max is 0
[ 1156.703368][ T5946] usb 4-1: config 0 has no interface number 0
[ 1156.719747][ T5946] usb 4-1: New USB device found, idVendor=0458, idProduct=7003, bcdDevice=d9.19
[ 1156.736536][ T5946] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1156.754434][ T5946] usb 4-1: Product: syz
[ 1156.763338][ T5946] usb 4-1: Manufacturer: syz
[ 1156.773614][ T5946] usb 4-1: SerialNumber: syz
[ 1156.995840][T21025] fuse: Bad value for 'fd'
[ 1157.027097][ T5946] usb 4-1: config 0 descriptor??
[ 1157.046773][ T5946] gspca_main: sn9c2028-2.14.0 probing 0458:7003
[ 1157.481693][ T5946] gspca_sn9c2028: read1 error -71
[ 1157.491755][ T5946] gspca_sn9c2028: read1 error -71
[ 1157.502961][ T5946] sn9c2028 4-1:0.119: probe with driver sn9c2028 failed with error -71
[ 1157.586017][ T5946] usb 4-1: USB disconnect, device number 103
[ 1157.972473][T21035] loop2: detected capacity change from 0 to 7
[ 1158.005029][T21035]  loop2: p1 p4
[ 1158.008736][T21035] loop2: partition table partially beyond EOD, truncated
[ 1158.016801][T21035] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1158.154426][T21035] loop2: p4 start 2495 is beyond EOD, truncated
[ 1158.528610][T21046] pim6reg: entered allmulticast mode
[ 1158.821306][T18423] udevd[18423]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1159.109425][T21041] pim6reg: left allmulticast mode
[ 1159.380149][T21056] loop2: detected capacity change from 0 to 7
[ 1159.728105][T21056]  loop2: p1 p4
[ 1159.748297][T21056] loop2: partition table partially beyond EOD, truncated
[ 1159.767714][T21056] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1159.844862][T21056] loop2: p4 start 2495 is beyond EOD, truncated
[ 1160.015861][ T5237]  loop2: p1 p4
[ 1160.024969][ T5237] loop2: partition table partially beyond EOD, truncated
[ 1160.040436][ T5237] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1160.084238][ T5237] loop2: p4 start 2495 is beyond EOD, truncated
[ 1160.229382][T18423] udevd[18423]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1160.326021][T21068] macvlan1: entered promiscuous mode
[ 1160.361598][T21068] macvlan1: left promiscuous mode
[ 1161.234014][T21079] netlink: 'syz.3.4129': attribute type 1 has an invalid length.
[ 1161.405040][T21079] 8021q: adding VLAN 0 to HW filter on device bond4
[ 1161.481535][T21085] bond2: (slave wlan0): Releasing active interface
[ 1161.574453][T21085] bond4: (slave wlan0): Enslaving as an active interface with a down link
[ 1162.143263][T21102] pim6reg: entered allmulticast mode
[ 1162.799728][T21093] pim6reg: left allmulticast mode
[ 1164.012761][T21113] loop2: detected capacity change from 0 to 7
[ 1164.113167][T21113]  loop2: p1 p4
[ 1164.117042][T21113] loop2: partition table partially beyond EOD, truncated
[ 1164.125514][T21113] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1164.257642][T21113] loop2: p4 start 2495 is beyond EOD, truncated
[ 1164.746359][T21127] netlink: 'syz.4.4142': attribute type 4 has an invalid length.
[ 1164.764194][T18423] udevd[18423]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1164.847398][T21128] netlink: 'syz.4.4142': attribute type 4 has an invalid length.
[ 1165.058716][T21135] netlink: 212400 bytes leftover after parsing attributes in process `syz.3.4144'.
[ 1165.411216][T21137] loop2: detected capacity change from 0 to 7
[ 1165.475510][T21137]  loop2: p1 p4
[ 1165.507012][T21137] loop2: partition table partially beyond EOD, truncated
[ 1165.521183][T21137] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1165.717362][T21137] loop2: p4 start 2495 is beyond EOD, truncated
[ 1165.925293][ T5946] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[ 1165.935677][T18423] udevd[18423]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1166.083707][ T5946] usb 5-1: device descriptor read/64, error -71
[ 1166.358122][ T5946] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[ 1166.518363][ T5946] usb 5-1: device descriptor read/64, error -71
[ 1166.653049][ T5946] usb usb5-port1: attempt power cycle
[ 1166.770671][T21146] pim6reg: entered allmulticast mode
[ 1167.257992][ T5946] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[ 1167.302366][ T5946] usb 5-1: device descriptor read/8, error -71
[ 1167.451770][   T30] audit: type=1326 audit(1757550591.608:837): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21157 comm="syz.0.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a89b8eba9 code=0x7ffc0000
[ 1167.597832][T21161] PF_CAN: dropped non conform CAN FD skbuff: dev type 65534, len 40
[ 1167.688148][ T5946] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[ 1167.868144][   T30] audit: type=1326 audit(1757550591.628:838): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21157 comm="syz.0.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7f7a89b8eba9 code=0x7ffc0000
[ 1167.891574][ T5946] usb 5-1: device descriptor read/8, error -71
[ 1167.932275][T21143] pim6reg: left allmulticast mode
[ 1168.036211][   T30] audit: type=1326 audit(1757550591.638:839): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21157 comm="syz.0.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a89b8eba9 code=0x7ffc0000
[ 1168.812543][ T5946] usb usb5-port1: unable to enumerate USB device
[ 1168.853161][   T30] audit: type=1326 audit(1757550591.638:840): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21157 comm="syz.0.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f7a89b8eba9 code=0x7ffc0000
[ 1168.901802][   T30] audit: type=1326 audit(1757550591.638:841): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21157 comm="syz.0.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a89b8eba9 code=0x7ffc0000
[ 1169.098400][   T30] audit: type=1326 audit(1757550591.638:842): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21157 comm="syz.0.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f7a89b8eba9 code=0x7ffc0000
[ 1169.169120][   T30] audit: type=1326 audit(1757550591.698:843): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21157 comm="syz.0.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a89b8eba9 code=0x7ffc0000
[ 1169.206451][   T30] audit: type=1326 audit(1757550591.698:844): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21157 comm="syz.0.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a89b8eba9 code=0x7ffc0000
[ 1169.237352][   T30] audit: type=1326 audit(1757550591.698:845): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21157 comm="syz.0.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f7a89b8eba9 code=0x7ffc0000
[ 1169.328150][   T30] audit: type=1326 audit(1757550591.698:846): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21157 comm="syz.0.4151" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a89b8eba9 code=0x7ffc0000
[ 1169.810836][T14992] usb 1-1: new high-speed USB device number 106 using dummy_hcd
[ 1169.971315][T14992] usb 1-1: Using ep0 maxpacket: 8
[ 1170.068086][T14992] usb 1-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=c4.6d
[ 1170.108026][T14992] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1170.158135][T14992] usb 1-1: Product: syz
[ 1170.176526][T14992] usb 1-1: Manufacturer: syz
[ 1170.201565][T14992] usb 1-1: SerialNumber: syz
[ 1170.258241][T21181] loop2: detected capacity change from 0 to 7
[ 1170.266223][T21181]  loop2: p1 p4
[ 1170.276292][T21181] loop2: partition table partially beyond EOD, truncated
[ 1170.289607][T14992] usb 1-1: config 0 descriptor??
[ 1170.323190][T21181] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1170.356118][T21181] loop2: p4 start 2495 is beyond EOD, truncated
[ 1170.378557][T14992] gspca_main: sonixj-2.14.0 probing 0c45:614a
[ 1170.399672][ T5237]  loop2: p1 p4
[ 1170.403220][ T5237] loop2: partition table partially beyond EOD, truncated
[ 1170.438292][ T5237] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1170.468300][ T5237] loop2: p4 start 2495 is beyond EOD, truncated
[ 1171.217248][T21190] loop2: detected capacity change from 0 to 7
[ 1171.276399][T21190]  loop2: p1 p4
[ 1171.296790][T21190] loop2: partition table partially beyond EOD, truncated
[ 1171.314941][T21190] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1171.432780][T21190] loop2: p4 start 2495 is beyond EOD, truncated
[ 1171.654856][T21197] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1172.290166][T21205] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1172.298958][T21205] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1172.475527][T21207] fuse: Bad value for 'fd'
[ 1172.911615][ T9988] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1172.921987][ T9988] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1172.930561][ T9988] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1172.939667][ T9988] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1172.947260][ T9988] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1173.480263][T13496] usb 1-1: USB disconnect, device number 106
[ 1173.759595][T21220] netlink: 24 bytes leftover after parsing attributes in process `syz.2.4167'.
[ 1173.895559][T21210] chnl_net:caif_netlink_parms(): no params data found
[ 1173.990493][T21227] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1174.038469][T21227] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1174.272812][ T5946] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[ 1174.450420][T21241] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4170'.
[ 1174.487738][T21248] netlink: 'syz.2.4171': attribute type 4 has an invalid length.
[ 1174.507175][T21241] netlink: 'syz.4.4170': attribute type 7 has an invalid length.
[ 1174.534594][T21241] netlink: 'syz.4.4170': attribute type 8 has an invalid length.
[ 1174.554344][T21250] netlink: 'syz.2.4171': attribute type 4 has an invalid length.
[ 1174.575622][T21241] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4170'.
[ 1174.809361][ T5946] usb 2-1: Using ep0 maxpacket: 16
[ 1174.827798][ T5946] usb 2-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[ 1174.842875][ T5946] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1175.042397][T21254] loop2: detected capacity change from 0 to 7
[ 1175.152181][T16005] Bluetooth: hci1: command tx timeout
[ 1175.203709][T21241] syz_tun: entered promiscuous mode
[ 1175.220908][ T5946] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1175.230114][ T5946] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1175.238219][ T5946] usb 2-1: Product: syz
[ 1175.242443][ T5946] usb 2-1: Manufacturer: syz
[ 1175.247125][ T5946] usb 2-1: SerialNumber: syz
[ 1175.270217][T21254]  loop2: p1 p4
[ 1175.274103][T21254] loop2: partition table partially beyond EOD, truncated
[ 1175.394528][T21254] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1175.407705][T21241] syz_tun: left promiscuous mode
[ 1175.447800][T21254] loop2: p4 start 2495 is beyond EOD, truncated
[ 1175.514794][T18423] udevd[18423]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1175.582910][ T5946] usb 2-1: 0:2 : does not exist
[ 1175.626561][ T5946] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[ 1175.713252][T21210] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1175.732232][T21210] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1175.760693][T21210] bridge_slave_0: entered allmulticast mode
[ 1175.781274][T21210] bridge_slave_0: entered promiscuous mode
[ 1175.822716][T21210] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1175.848860][ T5946] usb 2-1: USB disconnect, device number 16
[ 1175.888179][T21210] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1175.895530][T21210] bridge_slave_1: entered allmulticast mode
[ 1175.933596][T21210] bridge_slave_1: entered promiscuous mode
[ 1175.977540][T18423] udevd[18423]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1176.206842][T21210] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1176.244217][T21210] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1176.549149][T21210] team0: Port device team_slave_0 added
[ 1176.571727][T21210] team0: Port device team_slave_1 added
[ 1176.918448][T21210] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1176.925544][T21210] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1176.927964][ T5987] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[ 1177.034461][T21210] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1177.199925][T21210] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1177.206936][T21210] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1177.240866][T21210] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1177.261637][T16005] Bluetooth: hci1: command tx timeout
[ 1177.273101][T21276] input: syz1 as /devices/virtual/input/input52
[ 1177.286013][ T5987] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1177.313104][ T5987] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1177.325102][ T5987] usb 5-1: Product: syz
[ 1177.333118][ T5987] usb 5-1: Manufacturer: syz
[ 1177.377138][ T5987] usb 5-1: SerialNumber: syz
[ 1177.544532][T21282] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1177.566238][T21210] hsr_slave_0: entered promiscuous mode
[ 1177.592699][T21210] hsr_slave_1: entered promiscuous mode
[ 1177.612890][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.621393][T21210] debugfs: 'hsr0' already exists in 'hsr'
[ 1177.621563][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.627288][T21210] Cannot create hsr debugfs directory
[ 1177.649895][   T30] kauditd_printk_skb: 16 callbacks suppressed
[ 1177.649914][   T30] audit: type=1326 audit(1757550601.808:863): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21286 comm="syz.2.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1177.682500][   T30] audit: type=1326 audit(1757550601.808:864): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21286 comm="syz.2.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1177.797223][   T30] audit: type=1326 audit(1757550601.808:865): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21286 comm="syz.2.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1177.851607][ T5987] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[ 1177.864089][ T5987] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1177.884091][ T5987] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1177.919605][ T5987] lan78xx 5-1:1.0: probe with driver lan78xx failed with error -71
[ 1178.101689][   T30] audit: type=1326 audit(1757550601.808:866): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21286 comm="syz.2.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1178.149261][   T30] audit: type=1326 audit(1757550601.808:867): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21286 comm="syz.2.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1178.165925][ T5987] usb 5-1: USB disconnect, device number 15
[ 1178.216940][   T30] audit: type=1326 audit(1757550601.808:868): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21286 comm="syz.2.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1178.301390][   T30] audit: type=1326 audit(1757550601.808:869): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21286 comm="syz.2.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1178.334180][   T30] audit: type=1326 audit(1757550601.808:870): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21286 comm="syz.2.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1178.364646][   T30] audit: type=1326 audit(1757550601.808:871): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21286 comm="syz.2.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=293 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1178.404645][   T30] audit: type=1326 audit(1757550601.808:872): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=21286 comm="syz.2.4187" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f471ed8eba9 code=0x7ffc0000
[ 1178.453561][T21300] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4192'.
[ 1178.689819][T21304] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4193'.
[ 1178.779178][T21304] netlink: 44 bytes leftover after parsing attributes in process `syz.4.4193'.
[ 1179.040472][T21210] netdevsim netdevsim5 netdevsim0: renamed from eth0
[ 1179.076913][T21210] netdevsim netdevsim5 netdevsim1: renamed from eth1
[ 1179.123413][T21210] netdevsim netdevsim5 netdevsim2: renamed from eth2
[ 1179.164595][T21210] netdevsim netdevsim5 netdevsim3: renamed from eth3
[ 1179.288195][T16005] Bluetooth: hci1: command tx timeout
[ 1179.559864][T21210] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1179.636493][T21210] 8021q: adding VLAN 0 to HW filter on device team0
[ 1179.698802][ T3536] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1179.706062][ T3536] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1179.820369][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1179.827564][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1180.252874][T21210] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1180.430677][T21210] veth0_vlan: entered promiscuous mode
[ 1180.483750][T21210] veth1_vlan: entered promiscuous mode
[ 1180.586292][T21352] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1180.636962][T21210] veth0_macvtap: entered promiscuous mode
[ 1180.665205][T21210] veth1_macvtap: entered promiscuous mode
[ 1180.839955][T21210] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1181.121229][T21210] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1181.161351][ T1168] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1181.180329][ T1168] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1181.267620][ T1168] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1181.356506][ T1168] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1181.368148][T16005] Bluetooth: hci1: command tx timeout
[ 1181.790564][ T3536] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1181.830858][ T3536] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1182.142489][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1182.173093][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1182.375630][T21364] fuse: Bad value for 'fd'
[ 1182.764391][T21366] Invalid logical block size (-1744830465)
[ 1183.535385][T21381] pim6reg: entered allmulticast mode
[ 1183.537994][    T9] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[ 1183.668779][T13496] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[ 1183.868382][    T9] usb 3-1: Using ep0 maxpacket: 32
[ 1183.877781][    T9] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1183.889188][    T9] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1183.904546][    T9] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1183.928412][T13496] usb 2-1: Using ep0 maxpacket: 32
[ 1183.936048][T13496] usb 2-1: config index 0 descriptor too short (expected 548, got 36)
[ 1184.014450][T13496] usb 2-1: config 0 has an invalid interface number: 12 but max is 0
[ 1184.038002][    T9] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[ 1184.051669][T13496] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1184.313623][T13496] usb 2-1: config 0 has no interface number 0
[ 1184.322459][T13496] usb 2-1: config 0 interface 12 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1184.335922][    T9] usb 3-1: Product: syz
[ 1184.335957][    T9] usb 3-1: Manufacturer: syz
[ 1184.357701][T13496] usb 2-1: config 0 interface 12 has no altsetting 0
[ 1184.368562][T13496] usb 2-1: New USB device found, idVendor=2cc2, idProduct=1202, bcdDevice=85.40
[ 1184.385608][T13496] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1184.394817][T13496] usb 2-1: Product: syz
[ 1184.401857][T21376] pim6reg: left allmulticast mode
[ 1184.455089][T13496] usb 2-1: Manufacturer: syz
[ 1184.476744][T13496] usb 2-1: SerialNumber: syz
[ 1184.488537][    T9] hub 3-1:4.0: USB hub found
[ 1184.503470][T13496] usb 2-1: config 0 descriptor??
[ 1184.836068][T21395] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1184.858480][T21395] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1184.925096][ T5987] usb 2-1: USB disconnect, device number 17
[ 1185.981065][T21411] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4223'.
[ 1186.385783][T21420] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1186.532323][ T5946] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[ 1186.690214][ T5946] usb 2-1: config 8 has an invalid interface number: 101 but max is 0
[ 1186.706460][ T5946] usb 2-1: config 8 has no interface number 0
[ 1186.760983][T21403] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4221'.
[ 1186.775264][    T9] hub 3-1:4.0: config failed, can't read hub descriptor (err -22)
[ 1186.826695][    T9] usb 3-1: USB disconnect, device number 40
[ 1186.844506][ T5946] usb 2-1: config 8 interface 101 has no altsetting 0
[ 1186.899425][ T9988] Bluetooth: hci1: command 0x0405 tx timeout
[ 1186.925300][ T5946] usb 2-1: New USB device found, idVendor=046d, idProduct=0960, bcdDevice=97.b4
[ 1187.049035][ T5946] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1187.487155][T21428] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.4226'.
[ 1187.506097][T21419] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1187.571743][T21419] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1187.626860][T21419] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1187.656627][T21419] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1187.713166][ T5946] usb 2-1: string descriptor 0 read error: -71
[ 1187.788903][ T5946] gspca_main: sunplus-2.14.0 probing 046d:0960
[ 1187.910106][ T5946] gspca_sunplus: reg_w_riv err -71
[ 1187.916394][ T5946] sunplus 2-1:8.101: probe with driver sunplus failed with error -71
[ 1187.950294][ T5946] usb 2-1: USB disconnect, device number 18
[ 1188.704940][T21433] fuse: Bad value for 'fd'
[ 1190.143483][T21444] fuse: Bad value for 'fd'
[ 1190.365027][T21447] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1192.321750][T21480] netlink: 'syz.1.4237': attribute type 10 has an invalid length.
[ 1193.624295][T21486] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4241'.
[ 1193.845075][T21492] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1194.050242][   T30] kauditd_printk_skb: 13 callbacks suppressed
[ 1194.050266][   T30] audit: type=1804 audit(1757550618.158:886): pid=21499 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.4244" name="/newroot/200/file1" dev="fuse" ino=1 res=1 errno=0
[ 1195.435606][T21507] fuse: Bad value for 'fd'
[ 1195.638461][T13496] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[ 1195.827936][T13496] usb 2-1: Using ep0 maxpacket: 16
[ 1195.902310][T13496] usb 2-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[ 1195.912421][T13496] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1195.924376][T13496] usb 2-1: Product: syz
[ 1195.933326][T13496] usb 2-1: Manufacturer: syz
[ 1195.943992][T13496] usb 2-1: SerialNumber: syz
[ 1195.956698][T13496] usb 2-1: config 0 descriptor??
[ 1195.986902][T13496] ums-onetouch 2-1:0.0: USB Mass Storage device detected
[ 1196.512741][T21531] netlink: 132 bytes leftover after parsing attributes in process `syz.5.4250'.
[ 1196.785535][T21540] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1198.558072][T13496] usb 1-1: new full-speed USB device number 107 using dummy_hcd
[ 1198.892780][    T9] usb 2-1: USB disconnect, device number 19
[ 1200.130814][T21570] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1202.152853][T13496] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1202.175214][T13496] usb 1-1: unable to read config index 0 descriptor/start: -71
[ 1202.212578][T21584] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4265'.
[ 1202.238635][T13496] usb 1-1: can't read configurations, error -71
[ 1202.266005][T21584] netlink: 'syz.5.4265': attribute type 7 has an invalid length.
[ 1202.287434][T21584] netlink: 'syz.5.4265': attribute type 8 has an invalid length.
[ 1202.298095][T21584] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4265'.
[ 1202.368793][T21590] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1202.503927][T21584] ip6gretap0: entered promiscuous mode
[ 1202.527069][T21584] batadv_slave_1: entered promiscuous mode
[ 1202.882989][T21584] erspan0: entered promiscuous mode
[ 1202.935144][T21584] debugfs: 'hsr1' already exists in 'hsr'
[ 1202.944503][T21584] Cannot create hsr debugfs directory
[ 1204.521858][T21604] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4268'.
[ 1204.536968][T21604] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4268'.
[ 1204.918327][ T5953] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[ 1205.092052][ T5953] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 1205.132505][ T5953] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1205.162251][ T5953] usb 5-1: Product: syz
[ 1205.177981][ T5953] usb 5-1: Manufacturer: syz
[ 1205.182802][ T5953] usb 5-1: SerialNumber: syz
[ 1205.219032][ T5953] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[ 1205.253194][T13496] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[ 1206.009314][T21624] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[ 1206.036598][ T5953] usb 5-1: USB disconnect, device number 16
[ 1206.340842][T13496] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[ 1206.370374][T13496] ath9k_htc: Failed to initialize the device
[ 1206.403502][ T5953] usb 5-1: ath9k_htc: USB layer deinitialized
[ 1207.941784][T21647] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1207.974556][T21649] fuse: Bad value for 'fd'
[ 1208.521871][T21659] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4285'.
[ 1208.582772][T21659] batadv0: entered promiscuous mode
[ 1208.655343][T21659] 8021q: adding VLAN 0 to HW filter on device macvlan2
[ 1208.686788][T21659] batadv0: left promiscuous mode
[ 1208.888271][ T5955] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[ 1209.057198][ T5955] usb 5-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1209.108101][ T5955] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1209.153385][ T5955] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[ 1209.294355][ T5955] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[ 1209.312908][ T5955] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1209.356468][T21662] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1209.365716][ T5987] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 1209.547984][ T5987] usb 6-1: Using ep0 maxpacket: 16
[ 1209.562214][ T5987] usb 6-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[ 1209.583504][T21674] fuse: Bad value for 'user_id'
[ 1209.588747][T21674] fuse: Bad value for 'user_id'
[ 1209.643097][ T5987] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1209.663464][ T5987] usb 6-1: Product: syz
[ 1209.673675][ T5987] usb 6-1: Manufacturer: syz
[ 1209.678791][ T5987] usb 6-1: SerialNumber: syz
[ 1209.704775][ T5987] usb 6-1: config 0 descriptor??
[ 1209.730587][ T5987] ssu100 6-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[ 1209.837422][T21676] QAT: failed to copy from user cfg_data.
[ 1209.858365][T13496] usb 1-1: new high-speed USB device number 109 using dummy_hcd
[ 1210.061103][T13496] usb 1-1: Using ep0 maxpacket: 8
[ 1210.127718][T21681] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4292'.
[ 1210.136980][T21681] netlink: 'syz.1.4292': attribute type 7 has an invalid length.
[ 1210.145755][T21681] netlink: 'syz.1.4292': attribute type 8 has an invalid length.
[ 1210.158092][T21681] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4292'.
[ 1210.276731][ T5955] aiptek 5-1:17.0: Aiptek using 400 ms programming speed
[ 1210.314351][ T5955] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input62
[ 1210.387555][T13496] usb 1-1: config 0 has no interfaces?
[ 1210.501272][ T5955] usb 5-1: USB disconnect, device number 17
[ 1210.501340][    C0] aiptek 5-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[ 1210.815672][T21689] loop6: detected capacity change from 0 to 7
[ 1210.911731][T21689]  loop6: [CUMANA/ADFS] p1 [ADFS] p1
[ 1210.917250][T21689] loop6: partition table partially beyond EOD, truncated
[ 1210.996568][ T5987] ssu100 6-1:0.0: probe with driver ssu100 failed with error -71
[ 1211.355940][T21689] loop6: p1 size 2319028379 extends beyond EOD, truncated
[ 1211.557052][ T5987] usb 6-1: USB disconnect, device number 2
[ 1212.377992][ T5955] usb 5-1: new full-speed USB device number 18 using dummy_hcd
[ 1212.603260][ T5955] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1212.684556][ T5955] usb 5-1: not running at top speed; connect to a high speed hub
[ 1212.742546][ T5955] usb 5-1: config 61 has an invalid descriptor of length 0, skipping remainder of the config
[ 1212.859199][ T5955] usb 5-1: config 61 has 0 interfaces, different from the descriptor's value: 1
[ 1212.914946][ T5955] usb 5-1: New USB device found, idVendor=04eb, idProduct=e004, bcdDevice=e3.da
[ 1212.970782][ T5955] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1213.094218][ T5955] usb 5-1: Product: syz
[ 1213.282454][ T5955] usb 5-1: Manufacturer: syz
[ 1213.638399][ T5955] usb 5-1: SerialNumber: syz
[ 1214.982749][ T5955] usb 5-1: can't set config #61, error -71
[ 1214.993474][T13496] usb 1-1: string descriptor 0 read error: -71
[ 1215.021062][T13496] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1215.045100][ T5955] usb 5-1: USB disconnect, device number 18
[ 1215.091796][T13496] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1215.166224][T13496] usb 1-1: config 0 descriptor??
[ 1215.206999][T13496] usb 1-1: can't set config #0, error -71
[ 1215.237516][T13496] usb 1-1: USB disconnect, device number 109
[ 1215.370543][T21723] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1215.617971][T13496] usb 1-1: new high-speed USB device number 110 using dummy_hcd
[ 1215.885932][T13496] usb 1-1: Using ep0 maxpacket: 8
[ 1215.928691][T13496] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1215.955263][T13496] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1215.998228][T13496] usb 1-1: Product: syz
[ 1216.022665][T13496] usb 1-1: Manufacturer: syz
[ 1216.036657][T13496] usb 1-1: SerialNumber: syz
[ 1216.266699][T21733] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4308'.
[ 1216.297471][T13496] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 110 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 1216.492505][T13496] usb 1-1: USB disconnect, device number 110
[ 1216.524449][T13496] usblp0: removed
[ 1216.784847][T21746] netlink: 48 bytes leftover after parsing attributes in process `syz.4.4310'.
[ 1217.131991][T21758] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1217.204267][T21753] loop2: detected capacity change from 0 to 7
[ 1217.231986][T21753]  loop2: p1 p4
[ 1217.235620][T21753] loop2: partition table partially beyond EOD, truncated
[ 1217.243423][T21753] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1217.438315][T21753] loop2: p4 start 2495 is beyond EOD, truncated
[ 1219.171888][T21784] netlink: 'syz.4.4320': attribute type 8 has an invalid length.
[ 1219.577185][T21792] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4322'.
[ 1219.659477][ T5987] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[ 1219.729988][T21795] netlink: 5 bytes leftover after parsing attributes in process `syz.4.4321'.
[ 1219.948435][ T5987] usb 3-1: Using ep0 maxpacket: 8
[ 1220.229824][ T5987] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1220.527264][T21807] FAULT_INJECTION: forcing a failure.
[ 1220.527264][T21807] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1220.571994][T21807] CPU: 1 UID: 0 PID: 21807 Comm: syz.5.4326 Not tainted syzkaller #0 PREEMPT(full) 
[ 1220.572013][T21807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1220.572021][T21807] Call Trace:
[ 1220.572026][T21807]  <TASK>
[ 1220.572032][T21807]  dump_stack_lvl+0x189/0x250
[ 1220.572053][T21807]  ? __pfx____ratelimit+0x10/0x10
[ 1220.572066][T21807]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1220.572080][T21807]  ? __pfx__printk+0x10/0x10
[ 1220.572103][T21807]  should_fail_ex+0x414/0x560
[ 1220.572128][T21807]  _copy_to_user+0x31/0xb0
[ 1220.572145][T21807]  simple_read_from_buffer+0xe1/0x170
[ 1220.572164][T21807]  proc_fail_nth_read+0x1b3/0x220
[ 1220.572179][T21807]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1220.572194][T21807]  ? rw_verify_area+0x2a6/0x4d0
[ 1220.572208][T21807]  ? __lock_acquire+0xab9/0xd20
[ 1220.572222][T21807]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1220.572236][T21807]  vfs_read+0x200/0xa30
[ 1220.572249][T21807]  ? fdget_pos+0x247/0x320
[ 1220.572262][T21807]  ? __pfx___mutex_lock+0x10/0x10
[ 1220.572275][T21807]  ? __pfx_vfs_read+0x10/0x10
[ 1220.572290][T21807]  ? __fget_files+0x2a/0x420
[ 1220.572303][T21807]  ? __fget_files+0x3a0/0x420
[ 1220.572313][T21807]  ? __fget_files+0x2a/0x420
[ 1220.572328][T21807]  ksys_read+0x145/0x250
[ 1220.572344][T21807]  ? __pfx_ksys_read+0x10/0x10
[ 1220.572357][T21807]  ? rcu_is_watching+0x15/0xb0
[ 1220.572373][T21807]  ? do_syscall_64+0xbe/0x3b0
[ 1220.572387][T21807]  do_syscall_64+0xfa/0x3b0
[ 1220.572398][T21807]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1220.572409][T21807]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1220.572421][T21807]  ? clear_bhb_loop+0x60/0xb0
[ 1220.572434][T21807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1220.572445][T21807] RIP: 0033:0x7fa22eb8d5bc
[ 1220.572457][T21807] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1220.572467][T21807] RSP: 002b:00007fa22fadd030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1220.572481][T21807] RAX: ffffffffffffffda RBX: 00007fa22edd5fa0 RCX: 00007fa22eb8d5bc
[ 1220.572490][T21807] RDX: 000000000000000f RSI: 00007fa22fadd0a0 RDI: 0000000000000005
[ 1220.572497][T21807] RBP: 00007fa22fadd090 R08: 0000000000000000 R09: 0000000000000000
[ 1220.572504][T21807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1220.572511][T21807] R13: 00007fa22edd6038 R14: 00007fa22edd5fa0 R15: 00007fa22eeffa28
[ 1220.572530][T21807]  </TASK>
[ 1220.840980][ T5987] usb 3-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[ 1221.099588][ T5987] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1221.202847][ T5987] usb 3-1: config 0 descriptor??
[ 1221.272917][ T5987] usb 3-1: bad CDC descriptors
[ 1221.302854][ T5987] cdc_acm 3-1:0.0: Control and data interfaces are not separated!
[ 1221.336177][ T5987] cdc_acm 3-1:0.0: This needs exactly 3 endpoints
[ 1221.349892][ T5987] cdc_acm 3-1:0.0: probe with driver cdc_acm failed with error -22
[ 1221.355604][T21815] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4327'.
[ 1221.438162][T13496] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[ 1221.618350][   T24] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 1221.639837][T13496] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1221.766079][T13496] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1221.802251][T13496] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1221.812380][T13496] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1221.859648][T13496] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1221.878160][   T24] usb 6-1: Using ep0 maxpacket: 32
[ 1221.883483][T13496] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1221.893236][T21823] loop2: detected capacity change from 0 to 7
[ 1221.902174][   T24] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1221.917946][ T5946] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1221.932374][T13496] usb 2-1: config 0 descriptor??
[ 1221.937631][   T24] usb 6-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[ 1221.965284][T18423]  loop2: p1 p4
[ 1221.967002][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[ 1221.978482][   T24] usb 6-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[ 1221.988128][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1221.989787][T18423] loop2: partition table partially beyond EOD, 
[ 1222.016385][   T24] usb 6-1: config 0 descriptor??
[ 1222.028165][T18423] truncated
[ 1222.031614][T18423] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1222.077074][ T5946] usb 5-1: device descriptor read/64, error -71
[ 1222.091138][T18423] loop2: p4 start 2495 is beyond EOD, truncated
[ 1222.182859][T21827] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1222.229145][T21827] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1222.266112][T21814] netlink: 52 bytes leftover after parsing attributes in process `syz.5.4329'.
[ 1222.277333][T13496] plantronics 0003:047F:FFFF.0023: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[ 1222.285743][T21823]  loop2: p1 p4
[ 1222.294420][T21823] loop2: partition table partially beyond EOD, truncated
[ 1222.302567][T21823] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1222.322248][T21823] loop2: p4 start 2495 is beyond EOD, truncated
[ 1222.328746][ T5946] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1222.351556][   T24] usbhid 6-1:0.0: can't add hid device: -71
[ 1222.398918][   T24] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1222.419219][   T24] usb 6-1: USB disconnect, device number 3
[ 1222.489020][ T5946] usb 5-1: device descriptor read/64, error -71
[ 1222.518058][T13496] usb 2-1: USB disconnect, device number 20
[ 1222.628735][ T5946] usb usb5-port1: attempt power cycle
[ 1222.730764][T21831] fido_id[21831]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[ 1222.857782][T21687] usb 3-1: USB disconnect, device number 41
[ 1222.926638][ T5237]  loop2: p1 p4
[ 1222.955091][ T5237] loop2: partition table partially beyond EOD, truncated
[ 1222.975149][ T5946] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[ 1222.983709][ T5237] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1223.016117][ T5237] loop2: p4 start 2495 is beyond EOD, truncated
[ 1223.028514][ T5946] usb 5-1: device descriptor read/8, error -71
[ 1223.183198][T21836] netlink: 'syz.2.4334': attribute type 1 has an invalid length.
[ 1223.216091][T18426] udevd[18426]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[ 1223.288064][ T5946] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1223.363835][ T5946] usb 5-1: device descriptor read/8, error -71
[ 1223.488240][ T5946] usb usb5-port1: unable to enumerate USB device
[ 1223.495314][T21836] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1223.519196][T21842] netlink: 28 bytes leftover after parsing attributes in process `syz.5.4333'.
[ 1223.649158][T21846] bond1: (slave wlan0): Enslaving as an active interface with a down link
[ 1224.728211][T13496] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[ 1224.899732][T13496] usb 5-1: config index 0 descriptor too short (expected 45, got 36)
[ 1224.925760][T13496] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1224.988004][T13496] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[ 1224.999967][T13496] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1225.016460][T13496] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1225.030304][T13496] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1225.042392][T13496] usb 5-1: config 0 descriptor??
[ 1225.048366][T21865] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1225.098144][   T24] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 1225.127635][T21877] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1225.226191][T21687] IPVS: starting estimator thread 0...
[ 1225.251981][   T24] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1225.277437][   T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1225.328245][T21882] IPVS: using max 26 ests per chain, 62400 per kthread
[ 1225.337196][   T24] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1225.386793][T21879] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1225.413863][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1225.433552][   T24] usb 6-1: SerialNumber: syz
[ 1225.585680][T13496] plantronics 0003:047F:FFFF.0024: reserved main item tag 0xd
[ 1225.635490][T13496] plantronics 0003:047F:FFFF.0024: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[ 1225.861916][   T24] usb 6-1: 0:2 : does not exist
[ 1225.895322][T21865] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1225.904571][   T24] usb 6-1: USB disconnect, device number 4
[ 1225.979289][T21865] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1226.233258][ T5987] usb 5-1: USB disconnect, device number 23
[ 1226.243037][T18423] udevd[18423]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1226.778239][T21895] loop2: detected capacity change from 0 to 7
[ 1226.793585][T18423] Dev loop2: unable to read RDB block 7
[ 1226.808685][T18423]  loop2: AHDI p1 p2
[ 1226.822589][T18423] loop2: partition table partially beyond EOD, truncated
[ 1226.845253][T18423] loop2: p1 start 1668641394 is beyond EOD, truncated
[ 1226.880868][T21895] Dev loop2: unable to read RDB block 7
[ 1226.902745][T21895]  loop2: AHDI p1 p2
[ 1226.915124][T21895] loop2: partition table partially beyond EOD, truncated
[ 1226.938654][T21895] loop2: p1 start 1668641394 is beyond EOD, truncated
[ 1226.952015][ T5987] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1227.137936][ T5987] usb 6-1: Using ep0 maxpacket: 8
[ 1227.147976][ T5987] usb 6-1: config index 0 descriptor too short (expected 301, got 45)
[ 1227.157612][ T5987] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1227.228843][T21905] netlink: 28 bytes leftover after parsing attributes in process `syz.4.4351'.
[ 1227.238211][T21905] netlink: 'syz.4.4351': attribute type 7 has an invalid length.
[ 1227.245968][T21905] netlink: 'syz.4.4351': attribute type 8 has an invalid length.
[ 1227.261411][ T5987] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1227.281565][T21907] netlink: 28 bytes leftover after parsing attributes in process `syz.1.4352'.
[ 1227.297324][ T5987] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1227.312325][T21905] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4351'.
[ 1227.323935][ T5987] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1227.355922][ T5987] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1227.378748][ T5987] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1227.642197][ T5987] usb 6-1: usb_control_msg returned -32
[ 1227.649752][ T5987] usbtmc 6-1:16.0: can't read capabilities
[ 1228.044359][T21912] loop2: detected capacity change from 0 to 7
[ 1228.090611][T21913] usbtmc 6-1:16.0: INITIATE_ABORT_BULK_OUT returned 0
[ 1228.099407][T21913] trusted_key: encrypted_key: master key parameter 'sbiWlC��Ҡ0b�Baޱ�T�gw�H��X}\�h����p��zc��+�t�a�����G�qv�b�@�N%��%�ay��' is invalid
[ 1228.115418][T21912]  loop2: p1 p4
[ 1228.119051][T21912] loop2: partition table partially beyond EOD, truncated
[ 1228.137368][T21913] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1228.151017][T21913] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1228.160687][T21912] loop2: p1 size 1919251295 extends beyond EOD, truncated
[ 1228.293682][T13496] usb 6-1: USB disconnect, device number 5
[ 1228.429503][T21912] loop2: p4 start 2495 is beyond EOD, truncated
[ 1229.613563][T21922] pim6reg: entered allmulticast mode
[ 1230.279121][T21929] page: refcount:515 mapcount:0 mapping:ffff8881442ff9d0 index:0x0 pfn:0x3d800
[ 1230.289515][T21929] head: order:9 mapcount:1 entire_mapcount:1 nr_pages_mapped:0 pincount:0
[ 1230.298122][T21929] aops:hugetlbfs_aops ino:17104 dentry name(?):"anon_hugepage"
[ 1230.305853][T21929] flags: 0xfff00000000041(locked|head|node=0|zone=1|lastcpupid=0x7ff)
[ 1230.314104][T21929] page_type: f4(hugetlb)
[ 1230.318348][T21929] raw: 00fff00000000041 ffffc90003e3fe10 ffffc90003e3fe10 ffff8881442ff9d0
[ 1230.326971][T21929] raw: 0000000000000000 0000000000000000 00000203f4000000 0000000000000000
[ 1230.335664][T21929] head: 00fff00000000041 ffffc90003e3fe10 ffffc90003e3fe10 ffff8881442ff9d0
[ 1230.344338][T21929] head: 0000000000000000 0000000000000000 00000203f4000000 0000000000000000
[ 1230.353008][T21929] head: 00fff00000000009 ffffea0000f60001 0000000000000000 0000000000000000
[ 1230.361675][T21929] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000200
[ 1230.370348][T21929] page dumped because: VM_BUG_ON_FOLIO(folio_mapped(folio))
[ 1230.377653][T21929] page_owner tracks the page as allocated
[ 1230.384563][T21929] page last allocated via order 9, migratetype Movable, gfp_mask 0x146cca(GFP_HIGHUSER_MOVABLE|__GFP_NOWARN|__GFP_RETRY_MAYFAIL|__GFP_COMP), pid 21635, tgid 21629 (syz.1.4276), ts 1206918555315, free_ts 1205067516049
[ 1230.405502][T21929]  post_alloc_hook+0x240/0x2a0
[ 1230.410288][T21929]  get_page_from_freelist+0x21e4/0x22c0
[ 1230.415850][T21929]  __alloc_frozen_pages_noprof+0x181/0x370
[ 1230.421664][T21929]  alloc_buddy_hugetlb_folio+0xdf/0x1c0
[ 1230.427315][T21929]  only_alloc_fresh_hugetlb_folio+0x8c/0x280
[ 1230.433288][T21929]  alloc_surplus_hugetlb_folio+0x103/0x430
[ 1230.439088][T21929]  alloc_hugetlb_folio+0xb1a/0x16a0
[ 1230.444295][T21929]  hugetlb_fault+0x1dc2/0x2970
[ 1230.449057][T21929]  handle_mm_fault+0x740/0x8e0
[ 1230.453855][T21929]  __get_user_pages+0x1699/0x2ce0
[ 1230.458902][T21929]  populate_vma_page_range+0x29f/0x3a0
[ 1230.464353][T21929]  __mm_populate+0x24c/0x380
[ 1230.468935][T21929]  vm_mmap_pgoff+0x387/0x4d0
[ 1230.473519][T21929]  ksys_mmap_pgoff+0x587/0x760
[ 1230.478274][T21929]  do_syscall_64+0xfa/0x3b0
[ 1230.482772][T21929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1230.488656][T21929] page last free pid 21598 tgid 21596 stack trace:
[ 1230.495145][T21929]  free_unref_folios+0xdbd/0x1520
[ 1230.500167][T21929]  folios_put_refs+0x559/0x640
[ 1230.504952][T21929]  free_pages_and_swap_cache+0x4be/0x520
[ 1230.510585][T21929]  tlb_flush_mmu+0x3a0/0x680
[ 1230.515166][T21929]  unmap_page_range+0x3b31/0x4370
[ 1230.520287][T21929]  unmap_vmas+0x399/0x580
[ 1230.524632][T21929]  exit_mmap+0x248/0xb50
[ 1230.529008][T21929]  __mmput+0x118/0x430
[ 1230.533094][T21929]  exit_mm+0x1da/0x2c0
[ 1230.537271][T21929]  do_exit+0x648/0x2300
[ 1230.541444][T21929]  do_group_exit+0x21c/0x2d0
[ 1230.546043][T21929]  get_signal+0x1286/0x1340
[ 1230.550548][T21929]  arch_do_signal_or_restart+0x9a/0x750
[ 1230.556133][T21929]  exit_to_user_mode_loop+0x75/0x110
[ 1230.561441][T21929]  do_syscall_64+0x2bd/0x3b0
[ 1230.566230][T21929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1230.572370][T21929] ------------[ cut here ]------------
[ 1230.577845][T21929] kernel BUG at mm/filemap.c:154!
[ 1230.582986][T21929] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[ 1230.589238][T21929] CPU: 1 UID: 0 PID: 21929 Comm: syz.4.4357 Not tainted syzkaller #0 PREEMPT(full) 
[ 1230.598615][T21929] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[ 1230.608702][T21929] RIP: 0010:filemap_unaccount_folio+0x715/0x790
[ 1230.614957][T21929] Code: a4 c9 ff 48 89 df 48 c7 c6 e0 3b 94 8b e8 63 f1 31 ff 90 0f 0b e8 2b a4 c9 ff 48 89 df 48 c7 c6 c0 3a 94 8b e8 4c f1 31 ff 90 <0f> 0b e8 14 a4 c9 ff 48 89 df 48 c7 c6 e0 3b 94 8b e8 35 f1 31 ff
[ 1230.634582][T21929] RSP: 0018:ffffc90003e4ee20 EFLAGS: 00010046
[ 1230.640732][T21929] RAX: 3c2c21241fd7c000 RBX: ffffea0000f60000 RCX: 3c2c21241fd7c000
[ 1230.648746][T21929] RDX: 0000000000000005 RSI: ffffffff8dba8b31 RDI: ffff888026ba8000
[ 1230.656750][T21929] RBP: 0000000000000001 R08: ffff8880b8724253 R09: 1ffff110170e484a
[ 1230.664735][T21929] R10: dffffc0000000000 R11: ffffed10170e484b R12: 0000000000000040
[ 1230.672825][T21929] R13: 1ffffd40001ec000 R14: 1ffffd40001ec001 R15: ffffea0000f60008
[ 1230.680890][T21929] FS:  00007f92f07f26c0(0000) GS:ffff888125d15000(0000) knlGS:0000000000000000
[ 1230.689828][T21929] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1230.696444][T21929] CR2: 0000200000087030 CR3: 0000000061a8e000 CR4: 00000000003526f0
[ 1230.704582][T21929] Call Trace:
[ 1230.707885][T21929]  <TASK>
[ 1230.710866][T21929]  __filemap_remove_folio+0xc3/0x500
[ 1230.716173][T21929]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1230.721682][T21929]  ? __pfx___filemap_remove_folio+0x10/0x10
[ 1230.727752][T21929]  ? _raw_spin_lock_irq+0xae/0xf0
[ 1230.732792][T21929]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[ 1230.738355][T21929]  filemap_remove_folio+0xe6/0x1f0
[ 1230.743590][T21929]  remove_inode_hugepages+0x594/0x1100
[ 1230.749191][T21929]  ? folio_try_get+0x1c/0x340
[ 1230.753948][T21929]  ? __pfx_remove_inode_hugepages+0x10/0x10
[ 1230.759990][T21929]  ? hugetlbfs_fallocate+0xbaf/0x1100
[ 1230.765471][T21929]  ? up_write+0x1c4/0x420
[ 1230.769828][T21929]  hugetlbfs_fallocate+0xbc7/0x1100
[ 1230.775039][T21929]  ? aa_file_perm+0x13a/0x1550
[ 1230.779824][T21929]  ? __rcu_read_unlock+0x84/0xe0
[ 1230.784780][T21929]  ? __pfx_hugetlbfs_fallocate+0x10/0x10
[ 1230.790454][T21929]  ? __lock_acquire+0xab9/0xd20
[ 1230.795397][T21929]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1230.801321][T21929]  vfs_fallocate+0x669/0x7e0
[ 1230.806103][T21929]  ? __pfx_vfs_fallocate+0x10/0x10
[ 1230.811236][T21929]  madvise_vma_behavior+0x3254/0x3af0
[ 1230.816629][T21929]  ? __pfx_madvise_vma_behavior+0x10/0x10
[ 1230.822377][T21929]  ? rcu_is_watching+0x15/0xb0
[ 1230.827244][T21929]  ? trace_irq_disable+0x37/0x110
[ 1230.832271][T21929]  ? preempt_schedule_irq+0xde/0x150
[ 1230.837568][T21929]  ? __pfx_preempt_schedule_irq+0x10/0x10
[ 1230.843325][T21929]  ? finish_task_switch+0x266/0x950
[ 1230.848583][T21929]  ? irqentry_exit+0x74/0x90
[ 1230.853177][T21929]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1230.858430][T21929]  ? mas_prev_slot+0xb31/0xbb0
[ 1230.863213][T21929]  ? find_vma_prev+0xfc/0x170
[ 1230.868021][T21929]  ? __pfx_find_vma_prev+0x10/0x10
[ 1230.873173][T21929]  ? futex_unqueue+0x22/0x240
[ 1230.877990][T21929]  ? __futex_wait+0x34f/0x3e0
[ 1230.882828][T21929]  madvise_walk_vmas+0x51c/0xa30
[ 1230.887883][T21929]  ? __pfx_madvise_walk_vmas+0x10/0x10
[ 1230.893364][T21929]  ? blk_start_plug+0x6f/0x1b0
[ 1230.898228][T21929]  madvise_do_behavior+0x38e/0x550
[ 1230.903343][T21929]  ? __pfx_madvise_do_behavior+0x10/0x10
[ 1230.909008][T21929]  ? down_read+0x1ad/0x2e0
[ 1230.913555][T21929]  do_madvise+0x1bc/0x270
[ 1230.917909][T21929]  ? __pfx_do_madvise+0x10/0x10
[ 1230.922767][T21929]  ? __se_sys_futex+0x36f/0x400
[ 1230.927620][T21929]  ? rcu_is_watching+0x15/0xb0
[ 1230.932387][T21929]  __x64_sys_madvise+0xa7/0xc0
[ 1230.937167][T21929]  do_syscall_64+0xfa/0x3b0
[ 1230.941765][T21929]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1230.947915][T21929]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1230.953786][T21929]  ? clear_bhb_loop+0x60/0xb0
[ 1230.958485][T21929]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1230.964623][T21929] RIP: 0033:0x7f92ef98eba9
[ 1230.969221][T21929] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1230.989097][T21929] RSP: 002b:00007f92f07f2038 EFLAGS: 00000246 ORIG_RAX: 000000000000001c
[ 1230.997614][T21929] RAX: ffffffffffffffda RBX: 00007f92efbd6270 RCX: 00007f92ef98eba9
[ 1231.005596][T21929] RDX: 0000000000000009 RSI: 0000000000600002 RDI: 0000200000000000
[ 1231.013578][T21929] RBP: 00007f92efa11e19 R08: 0000000000000000 R09: 0000000000000000
[ 1231.021745][T21929] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1231.029807][T21929] R13: 00007f92efbd6308 R14: 00007f92efbd6270 R15: 00007f92efcffa28
[ 1231.037888][T21929]  </TASK>
[ 1231.040913][T21929] Modules linked in:
[ 1231.044812][T21929] ---[ end trace 0000000000000000 ]---
[ 1231.050273][T21929] RIP: 0010:filemap_unaccount_folio+0x715/0x790
[ 1231.056780][T21929] Code: a4 c9 ff 48 89 df 48 c7 c6 e0 3b 94 8b e8 63 f1 31 ff 90 0f 0b e8 2b a4 c9 ff 48 89 df 48 c7 c6 c0 3a 94 8b e8 4c f1 31 ff 90 <0f> 0b e8 14 a4 c9 ff 48 89 df 48 c7 c6 e0 3b 94 8b e8 35 f1 31 ff
[ 1231.076472][T21929] RSP: 0018:ffffc90003e4ee20 EFLAGS: 00010046
[ 1231.082552][T21929] RAX: 3c2c21241fd7c000 RBX: ffffea0000f60000 RCX: 3c2c21241fd7c000
[ 1231.090696][T21929] RDX: 0000000000000005 RSI: ffffffff8dba8b31 RDI: ffff888026ba8000
[ 1231.098757][T21929] RBP: 0000000000000001 R08: ffff8880b8724253 R09: 1ffff110170e484a
[ 1231.106848][T21929] R10: dffffc0000000000 R11: ffffed10170e484b R12: 0000000000000040
[ 1231.114908][T21929] R13: 1ffffd40001ec000 R14: 1ffffd40001ec001 R15: ffffea0000f60008
[ 1231.122963][T21929] FS:  00007f92f07f26c0(0000) GS:ffff888125d15000(0000) knlGS:0000000000000000
[ 1231.131987][T21929] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1231.138738][T21929] CR2: 0000200000087030 CR3: 0000000061a8e000 CR4: 00000000003526f0
[ 1231.146726][T21929] Kernel panic - not syncing: Fatal exception
[ 1231.153341][T21929] Kernel Offset: disabled
[ 1231.157764][T21929] Rebooting in 86400 seconds..