last executing test programs:

13.142773816s ago: executing program 4 (id=555):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, 0x0)
r1 = gettid()
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x1e, &(0x7f0000000180)=0x400000001, 0xc2)
setsockopt$inet6_tcp_int(r2, 0x6, 0x2000000000000022, &(0x7f0000000340)=0x1, 0x4)
connect$inet6(r2, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c)
io_setup(0x6, &(0x7f0000000680)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000040)=[&(0x7f0000000000)={0x180a, 0x3000, 0x3, 0x1, 0x80, r2, 0x0, 0x3000, 0xff91}])
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)

13.013899418s ago: executing program 2 (id=557):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$TIPC_CONN_TIMEOUT(0xffffffffffffffff, 0x10f, 0x82, &(0x7f00000020c0), &(0x7f0000002100)=0x4)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x2)
syz_io_uring_setup(0x1ae4, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_procfs$pagemap(0x0, 0x0)
r2 = fsopen(&(0x7f0000000080)='ext3\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x1, &(0x7f0000002180)='test_dummy_encryption', &(0x7f0000000180)='vuto_da_alloc', 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="0100000000000000000005000000180001801400020073797a5f74756e0000000800000000001800038014000580"], 0x44}}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
r5 = syz_open_procfs(0x0, &(0x7f0000000040)='smaps\x00')
r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
syz_usb_connect(0x7, 0x3d, &(0x7f0000000000)={{0x12, 0x1, 0x250, 0x5f, 0x7c, 0x8a, 0x10, 0x41e, 0x401f, 0x8fb6, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2b, 0x1, 0x5, 0xe0, 0x0, 0x6, [{{0x9, 0x4, 0x3f, 0x10, 0x2, 0x6, 0xa9, 0x1c, 0x2, [], [{{0x9, 0x5, 0xa, 0x8, 0x20, 0x6, 0xa, 0x8}}, {{0x9, 0x5, 0x0, 0x4, 0x8, 0x1, 0x8, 0x8, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x9, 0x2}]}}]}}]}}]}}, 0x0)
getdents64(r6, &(0x7f0000000340)=""/79, 0x4f)
write$P9_RFLUSH(r6, &(0x7f0000002140)={0x7, 0x6d, 0x2}, 0x7)
exit(0x8)
getdents(r6, 0x0, 0x3b)
read$FUSE(r5, &(0x7f0000000080)={0x2020}, 0x2020)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000040)={0x0, 0x3}, &(0x7f0000000140)=0x8)
bind$packet(0xffffffffffffffff, &(0x7f0000000380)={0x11, 0x4, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
syz_emit_ethernet(0x9f, &(0x7f00000000c0)=ANY=[@ANYBLOB="aaaabb8863f0048841c11ee6551a604e9628f3854d5821aee990225411ffcb8200cdc4d5e62aba445f8e5fdc4711da0c45b34768bd9bf8bee3948cb80af6ccd02600925f192a7165d40c6de73d6eeb316e74c95eaf1d51e0d56e9cd9741e02ed218837608114c63902802f022c8cfa1640eba62f35d0558b6e2592a37dab6823d6799c3be0c7af041e20fbb249ab6bda24fd68ab64bfc45c470156ec2d5470897017157c7a9f3cb29806626dc1d41d542706951b1fd136347d31c374e3e8af55932b2e111435b82ce71e7ae8291090298c8fd79d42665c0ac755a43cf2364240c6d27547c06195dbf23732c8a077c9a345e5b0f5c240000000"], 0x0)

12.8699034s ago: executing program 4 (id=560):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000a00000a88000000060a0b040000000000000000020000005c000480580001800a000100696e6e65720000004800028008000240000000840800034000edff06080004400000000f0800014000000000240005800c0001007061796c6f6164001400028008000340000000b908000240000000040900010073797a30000000000900020073797a32"], 0xb0}}, 0x0)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x1064, 0x80, 0x4, 0x224}, &(0x7f0000000040)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffb, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000340)=@IORING_OP_SYNC_FILE_RANGE={0x8, 0x2, 0x0, @fd_index=0x3, 0x6, 0x0, 0x3, 0x5})
io_uring_enter(r3, 0x47fb, 0x0, 0x0, 0x0, 0x0)

9.914448142s ago: executing program 3 (id=568):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
inotify_add_watch(0xffffffffffffffff, &(0x7f0000000200)='./file1\x00', 0x62000776)
write$binfmt_elf64(r0, &(0x7f0000000180)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x4, 0x0, 0x0, 0x7fff, 0x3, 0x3e, 0xfffbffec, 0x294, 0x40, 0x3e5, 0x0, 0x8f2c, 0x38, 0x1, 0x0, 0x2}, [{0x3, 0xf97, 0x4, 0xd, 0x1c8, 0xe2, 0x1, 0x3}]}, 0x78)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000) (async)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)

9.594389401s ago: executing program 3 (id=570):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=@newsa={0xfc, 0x16, 0x633, 0x19, 0x80000000, {{@in=@dev={0xac, 0x14, 0x14, 0xa}, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {@in=@broadcast, 0x4d2, 0x32}, @in6=@loopback, {}, {0x5, 0x200003, 0x0, 0x5}, {0x4, 0x2}, 0x2, 0x2, 0xa, 0x4, 0x18}, [@mark={0xc, 0x15, {0x35075c, 0x1}}]}, 0xfc}}, 0x0)

8.773167262s ago: executing program 2 (id=574):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
listen(r0, 0x2)
r1 = syz_io_uring_setup(0x6440, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x40, 0x0, 0x3, 0x1, 0x0, 0x8, 0x0, 0x1})
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r5, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000640)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0x88, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x5}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x60, 0x4, 0x0, 0x1, [{0x0, 0x1, 0x0, 0x1, @counter={{}, @void}}, {0x0, 0x1, 0x0, 0x1, @reject={{}, @void}}, {0x0, 0x1, 0x0, 0x1, @rt={{}, @val={0x0, 0x2, 0x0, 0x1, [@NFTA_RT_KEY={0x0, 0x2, 0x1, 0x0, 0x1}, @NFTA_RT_DREG={0x0, 0x1, 0x1, 0x0, 0xc}]}}}, {0x0, 0x1, 0x0, 0x1, @ct={{}, @val={0x0, 0x2, 0x0, 0x1, [@NFTA_CT_SREG={0x0, 0x4, 0x1, 0x0, 0x14}, @NFTA_CT_DIRECTION={0x0, 0x3, 0x1}, @NFTA_CT_DIRECTION={0x0, 0x3, 0x1}, @NFTA_CT_KEY={0x0, 0x2, 0x1, 0x0, 0x15}, @NFTA_CT_KEY={0x0, 0x2, 0x1, 0x0, 0x10}]}}}, {0x0, 0x1, 0x0, 0x1, @nat={{}, @void}}, {0x0, 0x1, 0x0, 0x1, @masq={{}, @void}}, {0x0, 0x1, 0x0, 0x1, @match={{}, @val={0x0, 0x2, 0x0, 0x1, [@NFTA_MATCH_NAME={0x0, 0x1, 'connlimit\x00'}, @NFTA_MATCH_INFO={0x0, 0x3, "c94bea2b1a7d2ec415fd72b687e0abb9f34613f3772269a8067c9c273eedb038b979e24498a52632e43656ddf05ff48f635c05522b17e3434bc2c0e1693cefaf17455dda1400566b6d81a27cf6d3d5ef6b9c968326103115173ce917a9a9eab664a55d7c567450f6620dff238a3126a611707bcb82124c5919ede814c7bf1dead991ad12d7e084ab2fd8fedd38c12f9d09e0130792cff7c3a1d3b4c76905db30a95894434ed1e7a6d40b33ffd97d263d34839a7ea77ce443088d0d23e52b5f1f7441d4cfca10e41cfbebf701fbce198645296d8a82ac4985115821d4"}, @NFTA_MATCH_REV={0x0, 0x2, 0x1, 0x0, 0x1}, @NFTA_MATCH_INFO={0x0, 0x3, "eff2e70de7063eb299ad4d7e103a8b9b4972c2c6851080b5bdea876fde635838af855d07d4bf37"}, @NFTA_MATCH_NAME={0x0, 0x1, 'physdev\x00'}, @NFTA_MATCH_REV={0x0, 0x2, 0x1, 0x0, 0x3}]}}}, {0x0, 0x1, 0x0, 0x1, @last={{}, @val={0x0, 0x2, 0x0, 0x1, [@NFTA_LAST_SET={0x0, 0x1, 0x1, 0x0, 0x10}, @NFTA_LAST_SET={0x0, 0x1, 0x1, 0x0, 0x2}, @NFTA_LAST_MSECS={0x0, 0x2, 0x1, 0x0, 0x3}, @NFTA_LAST_SET={0x0, 0x1, 0x1, 0x0, 0xce}, @NFTA_LAST_SET={0x0, 0x1, 0x1, 0x0, 0xa}, @NFTA_LAST_SET={0x0, 0x1, 0x1, 0x0, 0x3cc}, @NFTA_LAST_MSECS={0x0, 0x2, 0x1, 0x0, 0x5}, @NFTA_LAST_SET={0x0, 0x1, 0x1, 0x0, 0x1}, @NFTA_LAST_MSECS={0x0, 0x2, 0x1, 0x0, 0x2}]}}}, {0x0, 0x1, 0x0, 0x1, @immediate={{}, @val={0x0, 0x2, 0x0, 0x1, [@NFTA_IMMEDIATE_DATA={0x0, 0x2, 0x0, 0x1, [@NFTA_DATA_VALUE={0x0, 0x1, "ed6e621c6675a15a5b5ac12af84905655deddaefed8c9fe1a4aa5b2dea51e5f0f97d80597cae6a0b066e0f3c0eb0a1fb994923cef3cfcc1669262782002a0f0b5cc561d019517cc8419d23661c18adf4b128ac58e806839bf8d17584e92fb405e8eb75a14bb39ffd4f8d6e57063b1462d9ea9c0e944e561e383e85232d9058d6e4e6f1f28414c09557247362a58d28adeda146d753bb1d6a3e2c11add043b7ce5b078550c140ee182dac61469e937451d669c3d6335f0f9b9c8bcd56"}, @NFTA_DATA_VALUE={0x0, 0x1, "c8a7e80cd1813c783f84d6703f1dfa9bcd72c2b0ac9388c3965df941b7804e80f1181351af16f95d3c6364dddd530b819f882ca98ea04c93a5e3f544ea6a798304e16a009efb3e57eb29bebc3317d1eec5ce8ae8171d502f30b19695e0898b6e1eef072a75b78b4d9411918fae62476ecd76bc8aad8e953795b54d7e2b6d7dab967de7e1b7e1dd2944125c91d721e33c4a0d00f250590102cdc070fd2cb58781206ff9bbba4b05fdaca52e41c3f854bad31b7556e79ed7cdb3ac8b89d5920956cee017225c7a04639ea5986e6527a0f4cb0ded6f0cc29026"}, @NFTA_DATA_VALUE={0x0, 0x1, "2f9aeacbe9acddf178370f7705a0f9e253863ea462adc7150820936f2da5d226eb83b641e66eebaae50f4e94dcaceb1313f95f37864b640a31c1d5465995a8b2791cdf1d57dff87ad4e674d3ade98162ee43f49f6d181d5b90434c8a373cf3027c3175c36ba129bfc77e72715f7a5199d994cf275e4d5f142fe664107eb19c51b67f9b780867e9fa08f3352b55236b3f11fc7bf303f7e6e544b5f7f80da0028adb9cb541ae7fe5e140e9c97d9a65cc978e1b"}]}]}}}]}, @NFTA_RULE_CHAIN={0x0, 0x2, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xcb}, 0x1, 0x0, 0x0, 0x8890}, 0x24000000)
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB='.'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x11, r4, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_WRITE={0x17, 0x55, 0x2000, @fd_index=0xd, 0x7, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

8.433461893s ago: executing program 2 (id=576):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
rmdir(&(0x7f0000000040)='./file0/../file0/file0\x00')
read$FUSE(r0, &(0x7f000000e280)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, r1}, 0x50)
r2 = accept4$unix(0xffffffffffffffff, &(0x7f0000000180), &(0x7f0000000200)=0x6e, 0x81000)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60)
ioctl$KVM_CAP_DISABLE_QUIRKS2(r4, 0x4068aea3, &(0x7f0000000240)={0xd5, 0x0, 0x1b})
ioctl$KVM_CREATE_PIT2(r4, 0x4040ae77, &(0x7f0000000040))
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_PIT(r4, 0x8048ae66, &(0x7f0000000100)={[{0x5, 0x4000, 0x4, 0x5, 0x0, 0x8, 0x3, 0xa, 0x7e, 0x4, 0x11, 0x5, 0x80204}, {0x1ff, 0x1, 0x1, 0x45, 0x7, 0x2, 0x1, 0xff, 0x0, 0x4, 0x6, 0x7f, 0x20c}, {0x1, 0xffff, 0x38, 0x5, 0x84, 0x7, 0x3, 0x50, 0x0, 0x70, 0x6, 0x5}], 0xffffffff})
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f00000003c0)={[0x60000000000, 0x8000002000000006, 0x0, 0x41, 0x2000001, 0x0, 0x2004cb, 0xa8d, 0x0, 0x68ff, 0x2000000009, 0x40, 0x7], 0x1, 0x4})
syz_open_procfs(0x0, &(0x7f0000000040)='loginuid\x00')
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="48000000150081fb7059ae08060c04000aff0f11000000040011018701546fabca1b4e7d06a6bd7c493872f750375ed08a562af5745e17b8c119418f0f000000d6", 0x41}], 0x1}, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)
getsockname$unix(r2, &(0x7f0000000240), &(0x7f00000002c0)=0x6e)
syz_fuse_handle_req(r0, &(0x7f000000c280)="897c6500ff3035465c7acb4e06980b05687c1480c7aafe631c0543db2bf0d6f539506e8782da06c1ca018774d72e9e5a3418ab66ee78dad68457b17ec9d47bf7d8272d607c1c0a4bd906f0cee7f8451828d2458596bdd6a459ba18ebaf61b38f5d66c27fa8a024ad7832a85e58689a4c254c94cbcf7208fce6e61d9566459789d15a6f91dd7db7c54cc3a94da956fb290a8a15f849270bc459d9d9f47801be86dd5c9d18382081a993b7bfde5c28adca4c7132fd6be743b076033b5859891703eb65fa256d6f47450b6edacbd05a9bd8b372e90cfc30f32826566dac6c48e6ef001881cbc30482f9ec469e476a101da496b8c0785eaf875d3608b0c49e9d39baaa1041f903a805f0f24aa63722fa2d87b98595fa5cfaf8b79c458de43ee39904e7cac7540a934b4108957785d58807abff186949f1b94cd21b724aff34ac45c7066dcdbd68ea7b766af9d045cd7fafeafc5c5a0c3400ef4e0c71a6fdd5b8d68a6f317644cda9d2fd2c839a82b97b3d909b54c672227bef573c9de1991d65a63017f724d1f7f1575e69db53318a7fd7065b303e751518c8eef04f642dbd4dfa349040a7b5401050ffc2b4ef62803a7c8eaba99e011dfac24d81b2b61e0b0581e53bf520f623eca17f0545c5e59ff15b527475f970f589894ae589145fa4283f7225088ccfeba1d72e9128f8c223ae1840f2edae3dbcdf7e560d5cdf4f71c9ada1931c0f8312c000101b264aaddb9fab166ba8d8903d6098eca20935ca607ea79e936798b3dfb22a7e159abb234cf21f3733dbf263a8ff116092f251659108892b2e21e1b428fd225096a5040270b2d70347013eaa1fd8e452942200283aab092c4ffc5b8b427b5d691a5a773e09da20539ff0f8214331c5d84107ae8a59aeb58efe22d7a079e446f1dfb07510377799bfdc7ee59cabcd76af0fe8a427ac8258ff33bbad5a8061f1cfdfbf375d73d676cc7916d6658ce46a0b17ad6350150f98e3512b513e25ca73f5f5df0a1fb9582ace7906c493fe1fd2889d9aac0b7c29c2b6c205537627bad64df433336a5ace32ca871e51b4dab0fbb00886a1fa81a98b74de0a26cebf65723515ebb807fc3c161ed42d1a7b6b55717613577ea437f3a2967c66ce45ff85a6a35b7cd40625fc575b107d7394e3d2db51d58347276c33e21f50b5a6b5672bf9fda63139bb75aead1fe4ee9a4064af5a5958466aa39faa6d821489fa415224c8d69d3b5922236832c2b1e4f6b8863b32f9aea83fb522a2de081d674502b48f73ce6db98d84136059b4a6676bc85ac6b7626329afa9bc7d3f9f2caa3c4d872744e0a8e02d72a75c6c545b8ec8e15b6fb0fe4185bd0d154960e6fef05ba40e5fe2968eb1301dcc52a03337179e74ba1522af93d77827845f8941c69ed8bb84567e3c63f1cc378a542f1de7007b688ff0a9c69d5861f0b85402c30a2fd391c52bafbe65f8e82135fd38361d7c0b43c982b2f3e7cb09c40c7e215114f4243d670cd576bcd93c1e959345170c75d6c3cf89cf8c2c70dc792e646e7c649d4c5f36bb016c7acd466ad58473d40dfef36394e581065a8581ab852250403cf372ac0065bf757fa3f445424ac0d82aec1938a2ea116bdfd306baa1cb06c62a4a97d66ab1b9489469cb8ba842da12e310caed02c5ef05c0be1e1e8c9c8b87d6871c94c57d164d08672b205c948086a06a545b266b7ad902a908681eb188bc51b6190b5cb9d8ca59b8c4c6e7369c00d6f6119fd5d437239e3d3c89cb81e09e560fb817590106015f08e7b09f1e1e65bfab3b8489fa058e24081978b9e25463d9945bfbca81c08885d4b6d4c62e217bd9e19460762f36c66bc948fe31cde089626fbb310e3c78a8d3f2eac21d374d9b58d887235d3a95721168e4b9475849071d60ecfe7ea5d6c4bf60da3747612ef59bb651270f326c0af31bc8c71361f851de34ccb3c8071b96f1128d7ee79b41246e566edd0272dbd3ccfe472b38e5e03d3ef83218bd498e6de8b4d92cb6f82716449ede7ba845028eccdb9137be8a622ac88ac53118fbc39637fa7a93cd3abc6f7671c7804420d66e94720acbcac916950f9baca77fef4217155ccc2cd0507339a0486f9f468eb28772986ee768c63eba671bf8c52e48a2a5dc2cc24fe925368706c2d712dd1064692b0fb2a32ddfbd4a0ffcf9c2abcedaae6e527bc1d42637aff2a275b76a7a7f010e42e1cc1d27141f6c3585a2bf58c6c5789ce61551d10118a000e3764631ec0b7f4b1a6f22a678133a30940b79dc76f863dd9f6e0d7776300898c97cef286c731c2050928c492439256e481652bff0d202db3cfdc54c9816ceea7895357bfa0362fad79afd09ed55189294d6ead7e898ac091cddbe7efcedb314bc02a18dd5bbddc42e089124758bb491fd1536aab27c5c124567bc325e7028bced5a179a011d1cb9a5ffb61d7af863e91ec8e60495561188b74d158ba1418228d44e92915a22eb1c166ef7d6179e84381ed950ffd747f13e24172942d922ca3109fb8b1e4e6264fa4a4eec75ad0d0e22579d90f45d6cd157300e38ae665eb56457202e25a8dd5877ba99725de288660badd2704345d9bad208c903ba27ea167dd45a77f77b6502b525b2973270582858183c784c324c1366fbba8d410c38bf75b41e067f6a9a017c56595161db4fc5639393fdafb1f148d3f416c1adc5fe1ab9cebe4689855c9b4bda6dcba5d5fa858a1b87d2ad23cdf54dbdf4d14aa4462da0b6f1107f4afa0091c2643508861a4d9f133ba77751941bb8fb756abf1a104205b80d47a3b4a59724d959c8b5833da4f56fb6613231f230a9378c9af741e94fd2c7213ac1d7625559b3f032f6c8df3ab441929720fe43d7c548cc661eed5b3c62b3c61f538ea3228376e2a18c6da2ad906322f64fb4865cde8e1889a8e5237fd6a39bbd6662f1dedc22fbd74e4376fa610cd710703dbd3924a38beae69783d1d5abf36122cbb87129ba719042748f060f4303a3199c5891c5040fd8cdb9761b006bf64cdcb65e5cc50a29994b8c1c34b83760ece12ed9ed7c3d2a7f8911cdf23a1afe0d7db1bf342aa0123dd5cd31339f5c8e160c4efef882602b3eccbe76fb690162b8bfb8a31910bcdf9a4a5dde76c2ac2fcd8678add7a000cfdcab398eb2171c026313eb6eb56b4b87bf8ef93f7f8a1c0bcc3775b681d4229ea561cb52281d8ba4315c3694ed08433596884d5a7ce3a8b1f82359846b7136726e2fe37bf4f7b7e2206cdcdb0705ced9f0dcaaa2ed3a78ea70d2cfeab668eb321400fc955e9aeb7bbcf86cd03f02dd443503a1480d9d9f899f53bd747a95293786798fc59fceb09e686a9328da4f929b6201841bbbefaffcf3386abdf69540e3b46a643ec10f0acf21f27c0053dc13f18485dbc898729dfbeaaa4887b58cd442d7ffa941808cd9658595be8650a815b088621278d89f0d8a4252566b923df3a3cd65c0e4af08fad385927251b31d35f75eaf25e6cf13a579aeeb0bcc0a14ca4a20a6831d532be0b2af3821792a2df95131b7fafef245aa19b214053342aa820c35858d13f84e496294529411015c41ed447b5b51dc44a45d52552a2be1abfc157f3ace7bfa32d5b931421d5a152dd66b7bf549311b08325e5a7201f793037b38990bedeca8a647c08d2478670f8fc2b4e8983ea18bcd514daeeeeb9d7a778f783c76edf01bd4beda4b77b612cd2e865c2e4f58ca7ae06147bf66ae6aee221cf9b9505dc07e6fb6cf4f82dc8c406c78e270210c11cf2531011ed678d9dfe1f49c9a69a95a9f3b0e5b624d9c2664d787ab911b75a4a38d63e9d6c353f8aaf433ff961fe5e34d84936ead0d0bc7954caf84e541f5c6f3f20c9eed21eb0316b82c0dc5182540e63a0af25565496792153d6395adc2b8d68b8bcd93dd110ff5685879db4384ec390d44b89663d43a5de3bdc0e103b7c1b355dc5f6fe3518c93628780ba03f156badea65d1d0af8433c9e8a975fdd19453da662a33fa9f0f5fa15fdb216b483fb48370a967246e0b763df8b3bc7924a6c76c4b114f803dbfa3b312e6815b4eb67be167283a9e482d9a5beac250089d069d4c386b7fda5fc228404a0f58b12ca4dc131c381b49b42b570bcfc0dd663f24afaf65a26a21f6d92f52c9f8de36cb76bacbaa0eef98ba6b7dbbc2629a03bb2b6f83fc5adaf20c217bc8d0f0d2421e01472532bcb546aeb2d483c8f95011a3ba1d2fd8086a717cb015dd53064ef4a80b6d6fdc12d9069223fdf2aa9b192a0e0bdb38436f49d9eedfef3665815633fee4344aff11162526362b70b18e1dbedbb5d8c4698860beccf667851878a25a1e766caae2861f2e23404aac859e62fdfeac06a6057554828d7035806e8ab3ee2fa6d711e5811db61231a22f4672f6a11b27641f350bcab78792362e6ebc1c054a643bbbf2746678c14dc567d1f73e37005c8ab6374c4d8d3106384a2d32c5fcf05cb9ba97cb7fa1aff11505a701bead543e555f3901ef3b693d5b9ebf49518c3509af042b7e84b1b867c22b7e08725220e4338fd074edce428212e6a3563a08e2ccd8ab71910256532904542e93d5c7deb5bf5d49beb3202d4da4f643649e55edbb91188cdcf0883a40c6ed6b8a086fb5c50dc08fee00308420121d4c7431b3cfb80f9c1e099423ac451d67b12e930d9e391d0a799c7d4b54a0d56ea0aae00c1d009e21fb5459416b464b227d66ccc1a68da59d64c1583dee54bbcd7d61ffe541fd0fb7452adba91906918966a7d58019ad1f8fdebeceeed7018837b6e4272eefeec8385abe7207fb2d7061fa6cdc478165a98971f9729b818a73edefed976d5c7c0a651c091cfd1174c020e39330a79144271fe4cbc61ea0ffa274d0d87d06dd08c1d5f8a0364d46ef7b54426bc286330c75fa257afeb2715c2ae511ff53b1189cc59ab80b1325fbdcedfdb8f36ed71f70091116e16b52188b794e637755027caac8db8554f8674b844964c710cacd7a9d6b06baf6fef76159a380e639b0d3e66080a7cf7f86baac01dbe47fe687fcef2f3bfbf6f8fba045181dee688360a11ee56e5fc73ed31c0e2924ae57f0cc93c63a30662a65c5d5f17123ae28cc5b74dd13ed81b03dc7fa61dc575668868c0df12d3553269f04ba79084d070abcdbd4745de80e90e4e3e524f27249b5c4a2f2d4c8b331b0cb6d4efe62a298daacc6eacdfe008c1f912795dbdc37098c42db860953120fda709baa6d46f52eaba781505e68561ca0f281e850532ef8e7c779883e312806e1c357bdef8d0dda005e710cfa6eb8686e8bf3bff036b3fcdc4036541d93530ce6f598442c24170b307ef05f23c93aa0ec96831b532d8120402214a940d1fa01ed649061a4a71308be189cffd729a196754fb8a75f23851189589be1b819f0612cad3dc94ccee88f4ab9ef6ac9c7daad8cf94f5ed9496c4c824e5b4f66ce32a80e7a6ef069a32f6812e656aa5f5742bd432afdf026c86e8f28212c1139dad47d7fc07e5c1a83e993daaa4a4bb5f0c9435ccab2a10f867ffe259dba7a1d9168619b1e3048860a5122e4a5d0b00372eaae861a0cc88549852fffa76e6d78739b654d67df15ea97a9a46b7c382d83191a673aa619b4a10ec05bc681379b0d6df824cb6fe158e9d89ae5dd1ef66976f67972b553db52eb6feef836dca6026293f83a61e117754a7424a3da63bd82d017f87f0603e2a9b8fc550aae611681935ae91f7ca2b5341b05a25208bd28f1a202a7f2a213b1d7411ffb557470aec00c4d13c70163f22a038a189710dd19a47e8db4a87c3fd329a63abca172a9810edad2d8e19ef85b57ea4287cfb3d740d7ea3fa9c80d06e1aa84b317f678ddb3c147ba5e0db432125f59ca4944c8e9050281ca82a3ecf67b2a5df678697a52a7297af1ecb03c586af7b91d74e881964ed95f7be12fa07e2a4e71aab8b913a13996fa33e915144bf00e49b8e7adec5b2c4b8165f54ba3155230e241ee023af77a295ab87c40f63f6092ccee05cb08a265abe8f57c9919bf45064b6c2240ba8011db223a283a4e2292d9b59df8c9a4fdc763f0631007db9976f351717db0e6b5f9c6e5f227c2efa1ae5fe0be1af0b22fc164f9f9678a01fe8b059749fe8a2972455732da1989c609d191544ef9fbb3e58da93ec4a582430523f260b776e4d747312747d18a9bae14740f5dcd35fd1072f8a4d81573b5882203be856b62d7e1d87081a9e431872c9d68864197bbc61f15dd8aeae950d34d6ce97182deebd2ad64cabd1c723baf512acfc7e94675b31369bd60e155af79b97bb734312569f736dcd5b5a78223ffaa0f7e93e1a112cb9f6a5b88fe3cf12c30024c16c6b8380fdf086c662665d3751c11617cc4dbd5b8bc7543301a23fbc90ba8d060193cdc2b68c31c734d516707b759f7db009c8f06e69b40154e1cd8ae444afb28134acdf871136b4fd78bd86d7faaaf618afb25e92d1ee37cdff0595278f9565f5eb109e181e9cacec2f22e32e9f34774ee223fdb992febcc5dbc5cceeda16cbcf1434730d859e7e03d36ff17636a7a7e66956b515894da114f3040909f90ce3cfbb2d7d46e37049c0fb124e0683d662eb427cd7b851ada229451e6e3aaee64b9964ced3036bde5d9d80eb062474f96ecfb9b65fcafc719494ac12ab7df245475f2a5e7f85ca4789833ca373e6214d39176c8f51dde87a4cfe5414a20f68bb9f34709979b99533ba3435c4aa56e525195e10ffd00f8e41aee30a909c07b973bbf733d45500b539ebe2206d438216690998d9e256db1b7ac6bef3e810785e1986985c945a2b820323a592721fcfa444934d0faf8aa439d5efca5dcd77b72d1eb91b3790d50d0a7483e354c415f81d99c133d648c1293e795b3c43f9b47e23ef982e10072ea5baafb0df675e69af1807b225afa0cec3eafbde8535d3ecaa0ea6ddbffe4465207425bb003670320324df0aeeb16b38a043f9c0e85673b36def332fd68b2b1e6edda621d0cadebbced8c7fc8f890489115b457249e8d8103676b3207a472804d33e0fe511ac56cd8dc5333b2333892f87b455940ada78fcf5075c358fce990e6f65f095eb416d876ce6f120b8b02cfa6b176ee269c942f881247c3e464cce2aa65c39137607c585aeb4b5f24f5f8e058c9c8b48003c1809da3e8aad1bee7955c3a976d43fe132e2b16f4758a0a9884e51d13b930675a4361ff366b0fed190ad7b2a00385528951e39cd44ea06d8921b9d613d7626221154cf86249a550198fe4e5b05ad3052b474291da0a0a2f701759859bc0392adf243ad5eca89e6d18e28dff99ef95743bcabe75504be8c715cd6360facf3bb06cb97c29989d4f6ff5083573cefe6ef0b39a252a2678112fa88e5b06c9a6bfc9597cc96e5a49710c4fc120fb0da4945b9d94e46de1e9989d0fc3d8d20df23d815b660c799a903f651b0d013f7fe158f1d297f7fcb6a48780ca5525f1d081ada0aafa83552318b848783306549750b6254cf676c7b934cf7fdab992717f0cdc089b34278f3fb151cadde14d0d3250e85a4b0ff2a2778a219aa40563d3ef575285484424b6d0e7cc8392342e4848c6fc8cb20fa1b450cc4c1fea19f3bbdd9e342e6c49cd7ac893b1eda2e93d1d74d20969465946b398fbc733757741ac822c4a118632cd242a439fc37512cf79b7c629504ccc1e7f2f11798955c3262b5e9695625ba74d8050e20f51d4769e1ab938f487f1bc4b55b5abcaa3ec079c2d0972b2ae9bfb7c5423b959119292ea05f1d79d35afe47e49d97c946b193bffc0a8f607f18a6845cecbbdd98cd351db2b2dce05a4848ba84a6a497b4618950130cb7e76c03d0976eb2fb41d3a42a1430063ed8e5b8c67e80fd4fc1148911958babbcbff33a6505de209b0d9320017fd736fd027a16564008ab2e1f48a6dd66c9256730e9fda0a606875d0871b2b9b0bc2ed4e1b696dbf0283c8dc72cf4338e595266f5390bc3a21f988353118f2948fc75d050ea076b73508d9ed89bade0ba305c1f4e5daf9d40d2f5e7ababed8d1b1d919c61a6d3fb149c1a9b44e38585a2fe322f83d73a3aecb44da3f0e82942d75d62ed3f91eb44f3411df014f88839e4cb1e21b9b259d4eb4adaf6b0be433d0ed4c87ec77dde5ee9d566e3dd8d928fc1875c63af26c59daba5ae267d9bd5da72b99a03e6a33cc48ed961ab484ff4a46c2d5fa597e626e00b530d7b9a9705e4e08d03f3a7f2a5a5233ad6340e3b5c89db81ca713b6d7d855c6324955f85109b204566f50178cd88abe3fcba25de905e8ea0b75ad51831761ed9b1af2470f976f05ec73bf74d137c207270cfd614170518cdc449aeeb663e114359c8124eaf2499d8cf5dc84a0872301db2e57b50bd285060ec4390d99d4ae3674ca3bb8679c1b08e566ba4f30daec8684a980055eb43cb5a1306c4b52a154682aa96637e06c869278aa2f74ef7345632c11265ef8ac97e953745302556881ba0cb590fef271c0abb193fb84d18ee3f24d9976ae816b857d6f68d1fdfe10b312c799fe014debf875d04bff8b4f387859e97c6bf13f7083c28a2045a0b5eb09c94e781a165965e8617c0efed1701ea9667aeca26d9577ea7b1242e1d91b25d6a66756cc627648a293b9f4345966bc469fafaeddc1118d0972bd5c7751a1f51e5989fd952f314ae10417c97b41e60ebfbc47e496486fa4a89fd16aea7fa1eabebd26eb2a37a3e2b351e0c9d2f67b2e5be0f921adc9b6045b045948e5103af0e5050b9c0799b513c00865deebda730de538f956ceb6164e08bd6f58655a294b4b44fc65309b30f9c00f92ef5bd5b911a3d830f72c258b19521bb8e80db02129954efb61423f518d2c5f36587303890cad9a93fa4f4bcd0e24c67db679c67ea59c1350b8442577632d5e8735833f3daf5a74bc7bd82659a81beba8c889632efe03cd24187aee856cf659e16e195464f52f2b984fc7a299e7b2aa53979a147ebed35705d5e89691666536f2febacfcef9b32d14952f958b72512869e4f6a0a34176918217888b1eb8b89322ebb6bb1dead2b4744e728479880db70e6147edaff6c3f083f18e0696bdbd78cf0bda14d9f42e5c1077ced00041aadff90470aacec0e48e2a5f2a0ed37818a173b96061e8c5bf24c0bde9e09f9e0ddb8e13306ef1d4eb8043ebadde5d7553e5212ecd4691eb426251f9d6720b8276ac543dde02399a35d974b22c1727d4b6df01957cae47443b706d43165e01d6932b136f561ce837431254cfb2a6e7d8070a2d3805aaa15b3c10ccd0cda2e9b418ce9ef380e5d08217752e12b3b892d03a9495c83d78d674612fde5a67738b2d4649ce44606ecce6bf3bd1293eca246a83643e4f1c7ba362b110e07c8479f216e3d4afc4fcb8d0820c8ab702a66d8183e83174597035e92b9b500dee08c80b927b42c3689c7c9617b4112c9e54cbfa51e989b5fd42b80c595d3edd265f138e8128cfbbb0e4f53aa0aa95a2ecda4518b2e564c42d5de7671560843d08103b9bdceac5fdeb0b1266f72f491265dd2b2b80a225a50955167da1812364ea340d82f61535401bae6f3140a8795d7c318a64cee4676627244930957b2f0b227be21b72d90027e6a5a7af3c59470c74dcdb71d1ef090a0f49c91acd604c792385c8f4e085765292822ee5eca03885fd6bfeaca9b3bbbdeac939f7846a487c5a483ed1e4fbf37c93886ea27bb35c812089b900b77c7c924147e97b6a71533610750bc84921012aa8158b213f7601d934a20bdd1f757b0a33042a683af6b9069f3900059d7f80f9fdcc9f33ece8cf7888dc9e24f1fc6ca0ecccf161c5334c60f440feb3acfc3d115011c176dfa05314c5bcf089e3c82bbe7680a3eefdcdbf3ac27265b779db4f49bade0128eda6e29bc5933ef454601db1b49628fd39ab938794fa46a33937a086ece7050d31a21524e2f0cacb307ed4412a2078636f9cc8e11c5c31cc0f9edd7be6d1e31a1513a58e25215f5a24245cb988589e6d5e5119f4f6557c697fad7d1c3a7e3bae064db4382701e33e48c5b6a52fe9141a385ef2325c6f7781134607e98bfd02c43d6deefaa861700388b40d98e941cfb2ddec209f977e8b9f93d29fdbf85e3010ce7cd622e8c75ce3df535e392052b6d65d5042d2a6e78bbfe5ee146e8b18d4bc7fb024dbba57cbe0402205593766a313950cb719d00c67bb6b3bcaa1015b89e820f11475afce655947113a7c3dcbb52427f090df994fbf076db867e0ab3f6125fb8884c1d13ff3e99fab5fa8b9f0b72cb44db4d0a48d9ec17f9733764e213c40a15ad821ec60e4a88cb2fd9dd9a4f35e6a708f4b74067f4be3f03a95261f6b191df53fa5bb5164e4a164630ad9ce39087aa950ad9e60cd2c44fa2237c49abf858c97737fd21180fd0b9542767150fbed3f39a29e6c3484d9437e15d2439f2a54b2a1ac7e63e6c436658abc3f1dd52d984f6c6901768a8cf2ec98ebf44e90e0fc0c24f8957c62e05d8eacecaf25b178fd710af609a8a1bc4d7955b5f0cb4f48a37685e6304ea5843573a1abff37b5106916c83c8f23f939a0dc43aea8d196191ed6e18dd793990d1f37d7de0bf8fac6f469843724eaab86be8a483be281b8ecf4aa29d9c571951cde8cd8c2aaf4d597ac2cb48f23fad145916920a55d655924940573b64dbd42a280cddc4810434f930183fdbbdc72db1491a4c9d44daf9b1bc2fecd855508648063040faeb125da0e68e6cd2002181118eecff0be1dd8eae726af5d451630cd65119c52abd6dded97f931202f186a18c4ba34bc2c3f6d765e2d8f445e959f26ffb55827cf3ff2cc0289f17b82c8caa5a2d3d54306a300f0ef42bbe4ea9e32c5d4b1173942745cdcfe4f5d1619eefaf8dc600afbc9171d516f7f4b35331d0b9be005132ffad5e9df59710278b842afb626a78b8b8b37fc3a894dc705b2d4e0940cb264e9dc87eaa148e6faf78125462f28a0f1d7b3c65a291b85713fa71ffc478f6601e8716c35489f4a54ed0c70bcfd5502cc91374dc3c982075c5180398bc6b195b36e79dcc4087cb990cc9d964a150e0dcc887d496bdd27c3f298736b9ad8345ba2df46021964cf43c38f9d2e94b77bee2b7bf059e0870ff9f17b9ef1320c0aa88a2fa9781e9017ab64643de9a3df9ed4b8cfd8fa080a2e494409520b795eb1517d224a05e450c4c8ae0e9fd29c0e72d3a592cce55f6dd5107f21214e1a3f9a5448384de06149f959ec0c92790f0ff229ab4971171f1c528ae6d095ec007bf5e7f55d623a68194e9ea8edc3af418075338328f24e7504341c22bef72c2963fc9c3237ba990d29c2c8aa3007395f6d96e95b40ee1b18dbad550bf39d0d98268cb74dde76d987c3169c9067495fb1b88508bbb7e94cbb7dfc15c03b1d5b163132c8a468906f02d422a8cf98d0b432b5779dd962074b72dd27439b2e94312f573435e5aa84664432c1914839cd6e172186ce93eeb1d7cb0659696d9d550eb3b185f8c6ee16e53f78233cbe709f99d2879d63d93f7d0ed133241d2f1ab1eb2c56605ca0f0e01c39ab0ba2370fe5c4e68de0561b517ff9a10023c386236398372c7176e35443e2cf5dd6cbed9f23395f231e6a54f65626cb5860a8b72122c34664119e7c47204ef4a70583a00", 0x2000, &(0x7f0000001940)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000780)={0x90, 0x0, 0x6, {0x4, 0x1, 0x0, 0x0, 0x1, 0x0, {0x0, 0x0, 0x4, 0x3, 0x0, 0x0, 0x0, 0x2000000, 0x0, 0x4000, 0xfffffffd}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000340), 0x410940, 0x0)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r6, r7, 0x0, 0x20000023896)
ioctl$KDGKBTYPE(r6, 0x4b33, &(0x7f0000000380))
r8 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r8}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x1, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0)

7.346125919s ago: executing program 2 (id=578):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socket(0x400000000010, 0x3, 0x0)
r0 = openat$nvram(0xffffffffffffff9c, 0x0, 0x8ac3094c6a9c458c, 0x0)
ioctl$UI_SET_LEDBIT(r0, 0x40045569, 0x3)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
r3 = syz_open_dev$admmidi(&(0x7f0000000000), 0x2, 0x1a9882)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r3, 0xc0305710, &(0x7f0000000040)={0x0, 0x7ff, 0x41})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x6, 0x4, 0x400000000000, 0x0, 0xfffffffffffffffe}, 0x0)
prctl$PR_SVE_GET_VL(0x33, 0x14cd)
r4 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r4, &(0x7f0000000080)={0x18, 0x0, {0x15, @remote, 'tunl0\x00'}}, 0x1e)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=@newlink={0x44, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xffffff81}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_FORWARD_DELAY={0x8, 0x1, 0x1c}]}}}]}, 0x44}}, 0x20048010)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e23, @loopback}, 0x10)
syz_emit_ethernet(0x86, &(0x7f0000000440)={@multicast, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x20, 0x0, 0x0, 0x11, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}, @empty=0xe0000001}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x3, 0x4, "3e714a947b47f6f2e31a6590a668d1966fe1c9ff54c0097bfdcea8fb52ec7d44", "aef47ad7201ded8c4a48e30f1b7c4eef", {"9ff745dd31b51e6758bae2c87e024d5d", "8f6938e525fd2dcded87c7bf7c159e4f"}}}}}}}, 0x0)
r7 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r7, &(0x7f0000000400)={0x18, 0x0, {0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, 'lo\x00'}}, 0x1e)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = syz_usb_connect(0x2, 0x239, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000e388d640697a01006ba8010203010902270201020010000904"], 0x0)
syz_usb_control_io(r9, 0x0, 0x0)
syz_usb_control_io(r9, 0x0, 0x0)
sendmsg$nl_route(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x1, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x600}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)
io_uring_enter(0xffffffffffffffff, 0x92, 0x0, 0x0, 0x0, 0x0)
ioprio_set$pid(0x1, 0x0, 0x4000)

5.929487771s ago: executing program 0 (id=581):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x10, 0x4, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @rt={{0x7}, @void}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_USERDATA={0x6, 0x7, 0x1, 0x0, "69b8"}]}], {0x14}}, 0x6c}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4080000000000006110540000000000a6080000000000009500000000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x8, 0x10, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x10000000}, 0x10}, 0x94)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000004c0)={'bond0\x00'}) (async)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000004c0)={'bond0\x00', <r2=>0x0})
r3 = syz_usbip_server_init(0x1)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed000000010902"], 0x0) (async)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed000000010902"], 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000080)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "e400ff", 0x30, 0x3a, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x0, {0x0, 0x6, '\x00', 0x0, 0x11, 0x0, @empty, @loopback}}}}}}}, 0x0)
write$usbip_server(r3, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000300000001"], 0x35)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001000010025bd7000fadbdf2500000000", @ANYRES32=r2, @ANYBLOB="138000002b9205002400128009000100626f6e6400000000140002800800030007000000080020"], 0x44}, 0x1, 0x0, 0x0, 0x40448e0}, 0x4000) (async)
sendmsg$nl_route(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001000010025bd7000fadbdf2500000000", @ANYRES32=r2, @ANYBLOB="138000002b9205002400128009000100626f6e6400000000140002800800030007000000080020"], 0x44}, 0x1, 0x0, 0x0, 0x40448e0}, 0x4000)

5.654291232s ago: executing program 1 (id=582):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x2, 0x300)
socket$inet6(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
getpid()
socket$vsock_stream(0x28, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x100}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, &(0x7f00000001c0)='GPL\x00'}, 0x94)
io_uring_enter(r2, 0x6feb, 0x3ec0, 0xf, 0x0, 0x39)

4.75791166s ago: executing program 4 (id=583):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
socket$inet6(0xa, 0x3, 0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
sched_rr_get_interval(0x0, &(0x7f0000000080))
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
ustat(0x11, &(0x7f0000000600))
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000780)=""/185, 0xb9, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
recvmmsg(r4, &(0x7f0000000980)=[{{0x0, 0x0, &(0x7f0000000bc0)=[{0x0}], 0x1}, 0x1}], 0x1, 0x4000, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$netlink(r6, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), r4)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000140)={0xa0, 0x6, 0x0, 0x1, 0x0, 0x2000, 0x0})

3.809309049s ago: executing program 1 (id=584):
r0 = socket$inet6(0xa, 0x80000, 0x7)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000040)={0x1, 0xffffffff}, 0x8)
r1 = syz_io_uring_setup(0x3c, &(0x7f0000001840)={0x0, 0xaddc, 0x10100, 0x3, 0x203}, &(0x7f0000000380)=<r2=>0x0, &(0x7f00000003c0)=<r3=>0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000400)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
syz_io_uring_submit(r2, r3, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r4, 0x0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f00000002c0)=""/183, 0xb7}], 0x1}, 0x0, 0x80002103, 0x1})
io_uring_enter(r1, 0xd81, 0x0, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000280), r5)
close(r0)

3.32645602s ago: executing program 2 (id=585):
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000480)=ANY=[@ANYRES64=0x0, @ANYRES32=0x0, @ANYRES16], &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'essiv(authenc(rmd160-generic,cbc-camellia-aesni-avx2),sha1-avx)\x00'}, 0x58)
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYRES32=r0], 0xe0}}, 0x80)
r3 = syz_open_dev$I2C(&(0x7f0000000040), 0x6c, 0x220400)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETFLOWTABLE(r4, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000200)={&(0x7f0000000600)={0x11c, 0x17, 0xa, 0x900, 0x0, 0x0, {0x2, 0x0, 0x5}, [@NFTA_FLOWTABLE_HOOK={0x8c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x7, 0x3, 0x0, 0x1, [{0x14, 0x1, 'wlan0\x00'}, {0x14, 0x1, 'macvlan0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x54, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_to_bridge\x00'}, {0x14, 0x1, 'syzkaller0\x00'}, {0x14, 0x1, 'bond_slave_1\x00'}, {0x14, 0x1, 'erspan0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HOOK={0x70, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x7}, @NFTA_FLOWTABLE_HOOK_DEVS={0x4}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x400}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'bond0\x00'}, {0x14, 0x1, 'vlan1\x00'}, {0x14, 0x1, 'dummy0\x00'}]}]}]}, 0x11c}, 0x1, 0x0, 0x0, 0x40800}, 0x404c005)
r5 = syz_open_dev$I2C(&(0x7f00000000c0), 0xb, 0x10000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x11, 0xffffffffffffffff, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000940)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
r8 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000500)=@ipv4_newrule={0x38, 0x1e, 0x100, 0x0, 0x10000002, {0x2, 0x10, 0x20, 0x0, 0x1, 0x0, 0x0, 0xe}, [@FRA_GENERIC_POLICY=@FRA_OIFNAME={0x14, 0x11, 'veth1_to_hsr\x00'}, @FRA_GENERIC_POLICY=@FRA_SUPPRESS_IFGROUP={0x8, 0xd, 0x8}]}, 0x38}, 0x1, 0x0, 0x0, 0x2}, 0x2810)
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(r6, 0xc05064a7, &(0x7f0000000a00)={0x0, 0x0, &(0x7f00000008c0)=[0x0], &(0x7f00000190c0), 0x0, 0x1, 0x0, 0x0, r7})
ioctl$I2C_RDWR(r5, 0x707, &(0x7f0000000300)={&(0x7f00000002c0)=[{0x3, 0x4810, 0x1000, &(0x7f0000001740)="bb44cb710dd7329eac285f6057bc77469d1f5f0f5e425e35c7a71fb9b2e4d529f01a62ad1e84ced768b83c1de215fcd4f15749a2d69b7b49380b2cac39891f6617249e375676315f5e0bc9323763170c8de3fd56a91bebbae234df87ab6804f19b681b682d70ab95ea3c3129e5f1d28657f879c217443e9bff8e9e2da1ef68917e4fb9ace7d4d0f0d38d3ef9890eea1c71b7ec7e94468114cb502fc14d3412daa5e2138399fb4aad6309d7cd03468d824951c20ffba53eedbe23b636677794d7f9cc37c821c4a421d97df98e413757cffde0b70c2478720dd010dfa0e22370bfae7a256a7c6877ac58149722f9e998b1bb4b8fe3427299c258247d7b800588bca5f1c18e6876142f83acd389a9c1362f7c809aba69a0f9a767e27c26566c3cfd774e3bbe797e39529b0d44269d8325a829f38f2b3b9b406cc66c7f68ddfd1f5ca89a03583b0fe3d2b7c17998575bd9aa81385ef1a976464041da3b73a123ef535664bf579cdaf709ef7211f620d80a5c65b5e16afbdfed67a4aee51788d3ecd9603a0070c029a156675d30ac9c95cd3b4348596c39157c093a29bcb714274bc679bb8c27d11d0358e416bcd340217167d26b98cd0e511a94fd510b879744f868fb74793363e7e39baab55f03be0107fba2fcc89bfcb37e8b820e09e4ffcd8ab35cbab5dce7c118bdbaf5e286db3653f2cb14367d9af5991340bf2f507d07160e0808bdc4826f18c4b0c9e568620c7a5523483f9423fbc6aee81df54efc5805117c7e7bed8b392ed4d09af70152ff9827da09aa04b568308e5d35e5cde9cc2fad92fd7309986e3e50403089063cc478e50c2a0a224338b2f5a11e8ec84462ec94ef4ca96bc8dc14f268a13a932f19698d73b5741d99fb10beb00e2cc4daf601fb77c863ffeec9b75620e1ccc72d85a8de30aadcd70b3c72da6193096935bcfce460e17fb0e36b75db14035bf41b2b34d9aa76123642bcd8e58cc39e683c45120cd0eed4c53eb9e705d02f7af17869ca4f6074379078a282e32948e201f32793864b5ba9af70cda35119c10893f2eae9fb6b48384a2268d5e30deab62fbbed11f8d5de98d079e5a2fd1c178c33960b896060ca18b86ac15dd6e866004ce0f6e374215b106159c81c9f2be2ab3685532803f1348aa066fe46ffe4af3bda25c3be47a10073266d2c1589a3f457dfb7817eebf922e1b67b31319775bdac090cc5801ed6cdb87298576835a275a838897a9268158a07130cc1837cd5e4c890006b16e0dbae74ed9bd34dacccf535ca48ff9e2bef06f39f9b2f367dc3a04aa9c54ce15079330217e6ee0e299bdb2b61c50f677d1dbfd3292629abb7b55076fd170b7e8a3d69cdaf103ac5c7579dbabf4046a177c2b159cfa52b218cb4b54703c465422b8a61e4f7b919f8ea4059f57f96c063d7cfa4c8e2c5edd6de7bd5791cbb3db162b7f76f096725c0bafacabdf7512c55e3646eaca62294799f4e289f24778f7484d4d9fe7ba04d5c078b4769bf4ee7f28570eaf70d14d8539fae35c7ab040f0684bda71072617ebc01f4c735161078b68a5bd87e0e1c063f5549d245d5e6cd9086f3b7e7632694f6e1615a260e16861aa4661662dc6d5f06505297c3a4908f8b0fe69177924c3b955316cce61b8f9893f0e986b22955cc61aae1b2c31f9677ad3129620f8c0eda7f76ad4ca6866d3d32ed7b8456455098e4b0482aa36fc3b1a457cac72a9b053a1c1358f0e4a5168198f240b18767aa21f976d6846295b54241183f25b147985c82426d807d74886d4473d56638ef332cf35a7d49c32b3c93a5c4b94f54ac4e3ac9ebe1d7c99447ef165bd9c92db2c63f0a4c7e9832f93c633925d23933ea6009994acfc919188d42dfd4f90b6a761e233185506d485de7e26e3de1199a67dab82a6c60b7c9b996ed0b71cdf6f133da3761c9ebabf7f10421718c68f4a8f7f3be035c6dd606dce1702df1510b705124846ade4861a70605f9fa3cff7677bba48aff3233fece49f8b9927d437131dd91933a7a0252a70bde4ee034f15dad1f556a56049f39917aa01462a7530a198bbe3f71f5345956b24cee5c08bb33f7ee9db8ce8625f0622dea5619b9e1d2da375d88b7f1f82081e4112c6174a0b49f233bf7cdc56c0c4eaa95546e311f33c54d76cfd945e2b72a42c16abdbda7d87e1ede42568f36a9aa883aa410c3838c787bd6f9f17f3c58d4e09fc67a54c5a6783eed8c0762ea39587340dedbfcd72b08d91682954e0016ccde7dd06e6936dd032490170d71df45eddf1e4ab93de1a9fc5f55b096a542d9d385f74750c2693c0059589bf15b94a9a2481e5a05d6fa159aca8b6d5d52840cfa7d6b55f502ca5087109f808bf526b221f6eef77e6b26f6848b93f82aae68faa9d259fe3e502454e3925b4d942f413869b78495d83b0c6f6cc92695c09fd7e40e7848319b555e3a6d401fb421d3505a676c396693c21f1d0f654ea409211de995f3bc7665ff4b58642772f3dccebedf3b117ca41d4bfa52def4f09da2af782f2be521438597942fbfd327f6458791893e9880f3573842fd1ecfb7c2f39ebad9196e39defbdb8aae277eb6f20d4a6f20fdea6238b8ba064c0e235fe602dee74cce0db682f71b228973a13598c402ce7d8b554bc24444d06ecd375084718bbba2702972c30f728c36564a9a1e9c777c0b6e1b740ea2298c96efc69963e86ff4c6a3dfab5880d80f2efffbd325b72d1b9e2487c04b2aee0d35c7a534d006dc636e0f08d85c346084c05e5e44bd658a6531b43fc065700b461687bec9bd1780da382a6ed9f621412fb56660872af12d75ddc0efe87622ed60ce8b92c48a936a35f7616c6534a3923996d8b4ef4dd63d1fec338dad4ff3a9717d36f6baad6ddf2065ea1a5f5cd90ea9a772345f46a241e909aaccfa84ebd9a1adbb7d1399ec79e0e73c8a86dcfb136c39ecbc888548198e1d0704c45298dcad65e585076de3066bf0040f17c3ac596fa56f491b2dac6feb35f7646224b3174fe7d6ea700fdea7baf9c04cc00980ec1c4f8dab79a714a734652babcd838792ff05b22c438c9ed8cf50ec0ee2ee6268d004d5dd52a0c5d2a84c3ae3bd875457031707157d6973b744e87ca2582eb460cc115a57bc4241e621504e2d53929a160a8020b40fda63a76439b6ab861027d947476fe059bb19ab2a7c8148c8dfcc1b56ca7ff2cde57c7639705b2c45dd78ec3de7df2a135080b91c56ee4f64e49fc989bd226cad19fc3e37c8be8c8beb9f18fd540f92434fddaf18891d6faf3898e67e157098c91fe67a26f881f3fd96d949130feedb32346d3cd4485375f1199f1b307c9e3b6092a766022411c37a2952e334128c5878e33ba2e5a70181b4340fa6ac4d995fe7bddd259f161b19a7e8bb47460ebafee1b5976f30f99140401742c2e93b1e456e6d45ce814ed46489c85f11402783681f51d60df8cd3b4e469ba968b4de2735c3557fac1f775af065b5a277e176b93dae426c4235cf3dc7649c7284cf9a48aadc2ecdfc89927ac1f16204264d60cbbad3ab52dfb3d2552bba2939b470370e0843412a0d72cd5b2da048b7dc4956c65318841297155ef81c776fcb8622058c14fb1a2ce3282b5ec6ac9844248ae81c662912a46170eb087ef1fbf6e62e8513d94f5bd0b7e842f7f665d07ac89be576f7c2bb4c5c58e7e86a691f833a189fa2b265c59ea23435b5b9a994acd9b108318e8836cfc65235b1be136ed2c4606b084705e5c35b07cfc161de8d42b84d1e81f9a689ffc62e4ae3159d92c15df5028ccd97cd2f77576c83171d3c2baefbd6f7a6cbb686d4eb885299b721a40c7726ac8ad5035741fdfddc5212f2f4180d2428426270c56ae216dbbd1419ccf15eb760294c8ce9273bf51cfdd1e4898fd45c46c251f0d60262b43d474478f5042cff8d0f46718422309fe0371a1c920ab8451461a90814d35aadb019b4f5a0bbf4506c43bd8b3c567f9100504b2cd098977c5d49563c004e347659b15846af4ea5aa9c2b418dba099b27978f8f19d53e2d9e656d946807fa34698ac0d632ebd1931bd743dc3f3286ccb3132d47e10cc121f8cab502e67ebbf82285199d495e3697d474dea88475078f11c23da9b286d01870fd4c97e395dbe5243f70997773c1cebeb74b198d0326beb03de0ab76dcd56de3ddbe02040904c0abe17431bc575b2b9a115739721d89f8fc4cccc20a05d91f037e246e10a53ce8ff7f90872198a066a784100040956581fd3083a5d060130019b541dfe3fc1920cc355c1513a673caf2a2b42f97be57503718c710a38a362baf67ac601d7e7def6cee26d3c38546e9e07ad8b728b5344bb49d16ce576c8131ad8d1a8629ce7126bd5965edbeb19f32df273977243989e1ae374a135d6dfcae70656fd7936d6ddbf05351b9c8cd45753ca7a8aebf767ac790962b098e0e3427596eefc8efd647e5c4d08b9d13682ec6ae0cc5cf2fc9a7e656e931b2e16de91eb33a9ef14de6e6f2978fb4389f98b5562c494ca8679a7d1ddd1ba441143f0fa644b57a0666e95c0da71ba7ff2fb1f5740f964384a1a63e3a75648b09de9508635c299a8e08386fbfa9bb5f3a95ce6545284b840a316cac0caa605d1ec9dae6bfe8a12b990007c4af6413cd16662e56158de64d0f0f5b5486a3e4529840c1a249c1996d6bb56baae0a3d0d0e8b5b0015cd73a3dafb75e7c7accbe0119c7dc936b1123dd497c92974b2771b2309b49ca3992d6daa76f50096643bb2a49764d85fc78a279294d269c3e1ef67cc2096199fb3b7fabe15bb69e0dbc286d6e4bd3868a8a9d51b1c392d02778aa4b20aa490285939d2b7b044556d8e6151bb76dabffaa24f86302d07dfe1e3f07417861301293bade7c2cab56810d8a271ece0ddec654bc99ddb5af62cfe6a89ef1d62ce5d32a7d8892b938edb60f20d462880cf1d3ed3fc59829035c9f60c08f02d467142cddd83ad11f030fc78181e66412c166e7d64275e2679f0d52d04b1bfad4918ba9a47633bab89d26c675ed44be44f23b9c39f34be95219131cff6718160ff09ced3d5b19d2df883e64a72d7093daed8fcf05dbfba94e54f4477bf95d4623b168423bf022241ddee114957baa168390af4ae3efd4b6bea48970d69c9fd13df0e918779e2cd110e8a577d357e606204d3f8d4963e8e0c85fd8a60afce3fb31f492bc670562547a67f7de85c58f79a28c2c7baf13ad235549766c14324b02d9680cdddfd25d6f873c5a5fac558a1b9fe55ddf82f82ab5109919317260dce0e79c535402fb65489c2c2a29607dd4a77fe5610c2c996d50818f7fd27be0ac7175f03ab882fa0595c8f3aa43f549f141e3425032e018772b1e06e9025f10361f04ab76bc131f8e1d4a021c2a2febf05c0f14a131ee59f13a20a2f9336d909444eef5e8b0accf37d08bf8574e9164f321f5a4f9004966f6a7da17f8fe0d628daa28a853d4f8506006daba0000f2dc577b10fd97282bdc1bbc2425a39178a848c07db2e6c4d7ca3ce3c51af80f14bbef3812ff9333d9110b97877c92851ba427cebcd04e9b6483a0979827dc5372c9fdfcc30d87fece8be3acd10dff4305f778bf14ec57650d86ed5593a553ddafd05d957927ed0855814b87bcaed8987ea3d24c25017f591b02a40b11c63727ee9ace4b2cba23dede9f4d160b2ffc51a20ac8f452c9e7e7a0cac5e855c7e658b890fb63de20f0e5dc7a5e086546f1c883fd8b6aa31454e4edbe94a3d77487f78c872f042de271ca78acfd44cdacd203d3ceddc689f4e7cbae76ecaa720d59095441f21d50dfc9d6"}, {0x401, 0x10, 0xd1, &(0x7f0000000100)="d6d8843815aaeadf797ff4c79f6c8e9029166d33c7a5e70dd14b0dd72c0d9ba73b9f5e97d45a4aeb187ebc678db3b94e20b823b48efcd836f8772cd2ff28aeecd08ef2e4ea20c6e03ab38b3701bc4ba05377602ceeeb8c6f584cd00f20ae2b4fc3eef0af008ab32194beb00efb50c3363b55e23cacf91d162a794fa19b86623f65a782525b6f6126acef64aaf299648ec8bd03e26d6be96c4123d295ff3fbf778be341f4c77d030e821631836b817e4497fa4eee1a32cb33fa8b0493d5ccebfdd0b739e9e644c0a59e1e0d192b4f01f3d6"}, {0x2, 0x800, 0x36, &(0x7f0000000280)="74c6ddf59970f7d63280a7755dacea0114651cc66e3af2e0d4ea00b3680e8a974bd1f50630557d2b8d0100634a0ad93cb1ee50b0561b"}, {0x3, 0xa801, 0x98, &(0x7f00000003c0)="b776537d58a9120055839b69fbeff0f33f875427c85c6b4dc7a421ae3637849abf0218c4ee9c40355faa0f1f98a4d76607a9eb8c6134a44c1f1e45547ba00aacd3262d44993d07718bae37880e0692c501c6f12c2ae56988b39a1a961976b219d9d801e74150163266c3e800f34c5d9a7a94483cdf0b21cf580cc7bd4516c6edc5d47c4613798ef19857d8e4521ee7a381c086a8e3cae899"}], 0x4})
ioctl$I2C_RDWR(r3, 0x707, &(0x7f0000000a40)={&(0x7f0000000380)=[{0x3, 0x6041, 0x0, 0x0}], 0x1})

2.842359843s ago: executing program 4 (id=586):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VHOST_VDPA_GET_CONFIG_SIZE(r0, 0x8004af79, &(0x7f0000000040))
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180)={0x0, 0x0, 0x2})
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r2, 0x10e, 0x1, &(0x7f0000000200)=0x1, 0x4)
sendmsg$nl_generic(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, 0x15, 0x301, 0x70bd28, 0x25dfdbfd, {0xc}, [@typed={0xd, 0x4, 0x0, 0x0, @str='\x00\x00\x00\x00\x00\x00\x00\x00\xfb'}]}, 0x24}, 0x1, 0x0, 0x0, 0xc000}, 0x4000000)

2.811817019s ago: executing program 0 (id=587):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000000)={0x3, {{0x2, 0x0, @multicast2}}}, 0x88)
r1 = gettid()
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x2000)
landlock_create_ruleset(&(0x7f0000000180)={0x4642, 0x3, 0x2}, 0x18, 0x0)
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x0)
ioctl$sock_TIOCOUTQ(r3, 0x5411, 0x0)
r4 = syz_open_dev$sg(&(0x7f0000000140), 0x4, 0x2)
r5 = gettid()
madvise(&(0x7f000042f000/0x800000)=nil, 0x80fd00, 0x66)
syz_open_procfs$pagemap(0x0, &(0x7f0000000040))
ptrace$ARCH_GET_GS(0x1e, r1, &(0x7f00000000c0), 0x1004)
timer_create(0x2, &(0x7f00000003c0)={0x0, 0x37, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc))
ioctl$SG_BLKTRACESETUP(r4, 0xc0481273, &(0x7f0000000240)={'\x00', 0x60, 0x2, 0x401, 0x100000001, 0x0, r5})
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r7 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r7, &(0x7f00000001c0)='\\', 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
read$eventfd(r6, &(0x7f0000000340), 0x8)
r8 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x62d00)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x6, 0x0, <r9=>0x0})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r8, 0xc02064b2, &(0x7f0000000280)={0x40, 0x403, 0xc})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(0xffffffffffffffff, 0xc02064b2, &(0x7f0000000000)={0x8, 0x1, 0x7})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r8, 0xc00464b4, &(0x7f0000000400)={r9})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xfffffffffbfffff5]}, 0x8, 0x0)

2.693498137s ago: executing program 1 (id=588):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={0x0, 0x24}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x2ba)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)=ANY=[@ANYBLOB="540000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800e0001006970366772657461700000001800028014000700fc00000000000000000000000000000008000a00", @ANYRES32=r5], 0x54}}, 0x0)
r6 = socket(0x1, 0x803, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000007c0)=@newlink={0x50, 0x10, 0xf11, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x104}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x20, 0x20}}}}}}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x50}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

2.614157979s ago: executing program 4 (id=589):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x0, 0x100000, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
open_tree(r2, &(0x7f0000000100)='./file0\x00', 0x89901)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r5)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
close(r7)
r8 = socket$unix(0x1, 0x1, 0x0)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0xffffffff, {0x0, 0x0, 0x0, r10, {0x0, 0xb}, {0xffff, 0xffff}, {0xb}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0xa, 0x7f61, 0xfffffffd, 0xc5, 0xe23, 0x1, 0x1, 0x7fff, 0x1}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20008001}, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70bd2c, 0x80000, {0x0, 0x0, 0x0, r10, {}, {0xffe6, 0xb}, {0xffe0, 0x3}}, [@qdisc_kind_options=@q_blackhole={0xe}]}, 0x34}, 0x1, 0x0, 0x0, 0x2000c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r7, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})
r11 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='fd}', @ANYRESHEX=r11, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
umount2(&(0x7f00000001c0)='./file0\x00', 0x8)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r12 = fsmount(r0, 0x0, 0x0)
fchdir(r12)
r13 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r13, 0xfffffffffffffffd, 0x58)

2.368246102s ago: executing program 1 (id=590):
socket$inet6_sctp(0xa, 0x5, 0x84)
r0 = syz_open_procfs(0x0, &(0x7f0000000340)='fd\x00')
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r6 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r6, 0xc06864a1, &(0x7f00000003c0)={0x0, 0x0, 0x0, <r7=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r6, 0xc06864ce, &(0x7f0000000440)={r7, 0x0, 0x0, 0x0, 0x0, [<r8=>0x0], [], [0x7fff]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0xb5})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r5, 0xc00c642d, &(0x7f0000000040)={r8})
sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)}], 0x1}, 0x3)
shutdown(r3, 0x0)
r9 = getpid()
ioctl$KDFONTOP_GET(0xffffffffffffffff, 0x4b72, 0x0)
r10 = syz_pidfd_open(r9, 0x0)
ioctl$DRM_IOCTL_AGP_ENABLE(0xffffffffffffffff, 0x40086432, 0x0)
setns(r10, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xf, 0x0, 0x100000}, 0x20)
getdents64(r0, &(0x7f0000001f00)=""/4111, 0x100f)
syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007b, 0x0)

1.876844569s ago: executing program 0 (id=591):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000001c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_OCB(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x24, r1, 0x1, 0x70bd2a, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1464}]}, 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4000)

1.790684658s ago: executing program 0 (id=592):
r0 = socket(0x15, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x2719, 0x0, &(0x7f00000006c0))
rt_sigaction(0x1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f00000002c0)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
ioctl$TIOCL_BLANKSCREEN(r1, 0x560e, &(0x7f0000000000))
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='stat\x00')
preadv(r3, 0x0, 0x0, 0x8, 0xfffffffe)
r4 = syz_usb_connect$hid(0x5, 0x36, 0x0, 0x0)
syz_usb_control_io(r4, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100))
syz_usb_control_io$hid(r4, 0x0, 0x0)
bind$netlink(r3, &(0x7f0000000240)={0x10, 0x0, 0x25dfdbfb, 0x20000000}, 0xc)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket$inet6(0xa, 0x800, 0x6)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, 0x0, 0x0)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r8, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r9, 0xc008ae88, &(0x7f0000000040)=ANY=[@ANYBLOB="010000000000f9ff9302"])
sendmsg$nl_xfrm(r6, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="b8000000190001000000000000000000e00000020000000000000000000000000000000000000000000000000000000000000000000000000a00000029"], 0xb8}}, 0x4004)
sendmsg$nl_xfrm(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0xb8}}, 0x0)
r10 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r10, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000340)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast2, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x29}, {0x0, 0x0, 0x9, 0x0, 0x0, 0x2, 0xffffffffffffffff}, {0x1, 0x0, 0x0, 0xffffffffffffffff}, 0x7, 0x0, 0x2}}, 0xb8}}, 0x10)

1.788631007s ago: executing program 3 (id=570):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000600)=@newsa={0xfc, 0x16, 0x633, 0x19, 0x80000000, {{@in=@dev={0xac, 0x14, 0x14, 0xa}, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0xa}, {@in=@broadcast, 0x4d2, 0x32}, @in6=@loopback, {}, {0x5, 0x200003, 0x0, 0x5}, {0x4, 0x2}, 0x2, 0x2, 0xa, 0x4, 0x18}, [@mark={0xc, 0x15, {0x35075c, 0x1}}]}, 0xfc}}, 0x0)

1.522765426s ago: executing program 3 (id=593):
socket$packet(0x11, 0x2, 0x300)
pipe(&(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002, 0x2000}, 0x1c)
sendto$inet6(r1, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a68", 0x6c, 0x1, 0x0, 0x0)
splice(r1, 0x0, r0, 0x0, 0x406f413, 0x0)

1.350091407s ago: executing program 3 (id=594):
syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
socket$inet6(0xa, 0x3, 0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000000)='dctcp\x00', 0x6)
getsockopt$inet_tcp_buf(r2, 0x6, 0x1a, 0x0, &(0x7f0000001100))
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f0000000000)=0x190, 0x8)
sched_rr_get_interval(0x0, &(0x7f0000000080))
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000))
ustat(0x11, &(0x7f0000000600))
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
mq_getsetattr(0xffffffffffffffff, 0x0, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000780)=""/185, 0xb9, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
recvmmsg(r4, &(0x7f0000000040), 0x0, 0x40000020, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r6, 0x10e, 0xc, 0x0, 0x0)
sendmsg$netlink(r6, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x60}}, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), r4)

1.330606973s ago: executing program 4 (id=595):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = syz_io_uring_setup(0x230, &(0x7f00000002c0)={0x0, 0x0, 0xa000, 0x0, 0x30}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
r4 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
write$UHID_CREATE2(r4, &(0x7f00000007c0)=ANY=[@ANYBLOB="0b00000073797a31000000dfff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a30000037b35f0a000089b4c45a10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073797a3100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001"], 0x119)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x8031, r4, 0x1000)
read$FUSE(r4, &(0x7f0000000a00)={0x2020}, 0x2020)
r5 = syz_open_dev$hidraw(&(0x7f00000004c0), 0x0, 0x14a042)
close(0x3)
dup(r5)
syz_io_uring_submit(r2, r3, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r1, 0x207a98, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x35, 0x1, 0x10001000, 0x9, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000300)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a58000000060a01040000f6ffffff00000a0000040900010073797a31000000002c000480280001800d00010073796e70726f78790000000014000280080003400000000505000200010000000900020073797a320000000014000000110001"], 0x80}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010)
syz_emit_ethernet(0x4a, &(0x7f0000000980)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd608e01f300142c00fe80000000fc00000000000059f70ffb6766795a3fea2524516e55e3c1d3120000000000000000001100"], 0x0)

1.08185958s ago: executing program 0 (id=596):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f0000000140)=@add_del={0x2, 0x0})

546.985712ms ago: executing program 0 (id=597):
syz_usb_connect(0x5, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x300, 0x29, 0x6f, 0xb6, 0x8, 0x9022, 0xd484, 0xff88, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x4, 0x95, 0x0, 0x81, [{{0x9, 0x4, 0x1e, 0x80, 0x0, 0x56, 0xa7, 0xf6, 0x2}}]}}]}}, &(0x7f0000001700)={0xffffffa0, 0x0, 0x0, 0x0, 0x16})
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'essiv(authenc(rmd160-generic,cbc-camellia-aesni-avx2),sha1-avx)\x00'}, 0x58)
r1 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="e0000000130001"], 0xe0}}, 0x0)
r2 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
ioctl$I2C_RDWR(r2, 0x707, &(0x7f0000000a40)={&(0x7f0000000380)=[{0x1900, 0x6041, 0x0, 0x0}], 0x1})

224.410124ms ago: executing program 1 (id=598):
seccomp$SECCOMP_SET_MODE_FILTER(0x1, 0x1, &(0x7f0000000140)={0x1, &(0x7f0000000280)=[{0x6, 0x0, 0x0, 0x7fff0000}]}) (async)
process_mrelease(0xffffffffffffffff, 0x0) (async)
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000880)={{0x12, 0x1, 0x0, 0xc8, 0x5c, 0xcc, 0x10, 0x1189, 0x893, 0xf495, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x63, 0x64, 0x3b, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x10}}, {{0x9, 0x5, 0x82, 0x2, 0x40}}]}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

90.331554ms ago: executing program 2 (id=599):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x10, 0x803, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0x7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x3c, 0x2c, 0xd27, 0x70bd26, 0x8000006, {0x0, 0x0, 0x0, r4, {0x0, 0x6}, {}, {0x1, 0xa}}, [@filter_kind_options=@f_basic={{0xa}, {0xc, 0x2, [@TCA_BASIC_CLASSID={0x8, 0x1, {0x1, 0xffff}}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24008000}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[], 0x3c}, 0x1, 0x4000000000000000}, 0x0)

13.809056ms ago: executing program 3 (id=600):
r0 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x100}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r0, 0x6feb, 0x3ec0, 0xf, 0x0, 0x39)

0s ago: executing program 1 (id=601):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$packet(0x11, 0x2, 0x300)
socket$inet6(0xa, 0x2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
getpid()
socket$vsock_stream(0x28, 0x1, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x100}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, &(0x7f00000001c0)='GPL\x00'}, 0x94)
io_uring_enter(r2, 0x6feb, 0x3ec0, 0xf, 0x0, 0x39)

kernel console output (not intermixed with test programs):

id=0 ses=4294967295 subj=unconfined pid=7075 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff57138ebe9 code=0x7ffc0000
[  155.044637][ T5929] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  155.068807][ T5929] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.193377][ T5929] usb 3-1: Product: syz
[  155.197606][ T5929] usb 3-1: Manufacturer: syz
[  155.202954][   T30] audit: type=1326 audit(1756149951.099:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7075 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7ff57138ebe9 code=0x7ffc0000
[  155.229185][ T5929] usb 3-1: SerialNumber: syz
[  155.235893][ T5929] usb 3-1: config 0 descriptor??
[  155.242012][   T30] audit: type=1326 audit(1756149951.099:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7075 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff57138ebe9 code=0x7ffc0000
[  155.264697][    C1] vkms_vblank_simulate: vblank timer overrun
[  155.286359][ T5929] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  155.313640][ T5929] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[  155.331276][   T30] audit: type=1326 audit(1756149951.099:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7075 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7ff57138ebe9 code=0x7ffc0000
[  155.405367][   T30] audit: type=1326 audit(1756149951.099:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7075 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff57138ebe9 code=0x7ffc0000
[  155.427666][    C1] vkms_vblank_simulate: vblank timer overrun
[  155.501946][   T30] audit: type=1326 audit(1756149951.099:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7075 comm="syz.0.273" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff57138ebe9 code=0x7ffc0000
[  155.741422][ T1147] bridge_slave_1: left allmulticast mode
[  155.758957][ T1147] bridge_slave_1: left promiscuous mode
[  155.770053][ T1147] bridge0: port 2(bridge_slave_1) entered disabled state
[  155.779784][ T5872] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  155.791004][ T5872] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  155.804080][ T5872] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  155.828966][ T5872] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  155.838764][ T5872] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  155.881367][ T5929] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  155.890703][ T5929] em28xx 3-1:0.0: Config register raw data: 0x36
[  155.898944][ T5929] em28xx 3-1:0.0: I2S Audio (3 sample rate(s))
[  155.911109][ T5929] em28xx 3-1:0.0: No AC97 audio processor
[  155.980930][ T1147] bridge_slave_0: left allmulticast mode
[  156.015400][ T1147] bridge_slave_0: left promiscuous mode
[  156.036676][ T1147] bridge0: port 1(bridge_slave_0) entered disabled state
[  156.526555][ T5929] usb 3-1: USB disconnect, device number 13
[  156.670202][ T7102] netlink: 12 bytes leftover after parsing attributes in process `syz.0.277'.
[  157.714156][ T1147] $H� (unregistering): (slave bond_slave_0): Releasing backup interface
[  157.723329][ T1147] bond_slave_0: left promiscuous mode
[  157.735300][ T1147] $H� (unregistering): (slave bond_slave_1): Releasing backup interface
[  157.779046][ T1147] bond_slave_1: left promiscuous mode
[  157.806668][ T1147] $H� (unregistering): Released all slaves
[  157.908976][ T1147] bond1 (unregistering): Released all slaves
[  157.916813][ T5867] Bluetooth: hci4: command tx timeout
[  157.937994][ T7113] netlink: 52 bytes leftover after parsing attributes in process `syz.4.279'.
[  158.195544][ T7113] netlink: 52 bytes leftover after parsing attributes in process `syz.4.279'.
[  158.236391][ T7112] netlink: 4083 bytes leftover after parsing attributes in process `syz.4.279'.
[  158.336282][ T1147] : left promiscuous mode
[  158.472447][ T7113] netlink: 52 bytes leftover after parsing attributes in process `syz.4.279'.
[  159.785516][ T7144] FAULT_INJECTION: forcing a failure.
[  159.785516][ T7144] name failslab, interval 1, probability 0, space 0, times 0
[  159.829454][ T7144] CPU: 1 UID: 0 PID: 7144 Comm: syz.2.285 Not tainted syzkaller #0 PREEMPT(full) 
[  159.829478][ T7144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  159.829489][ T7144] Call Trace:
[  159.829496][ T7144]  <TASK>
[  159.829504][ T7144]  dump_stack_lvl+0x189/0x250
[  159.829538][ T7144]  ? __pfx____ratelimit+0x10/0x10
[  159.829565][ T7144]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.829584][ T7144]  ? __pfx__printk+0x10/0x10
[  159.829611][ T7144]  ? __pfx___might_resched+0x10/0x10
[  159.829628][ T7144]  ? fs_reclaim_acquire+0x7d/0x100
[  159.829656][ T7144]  should_fail_ex+0x414/0x560
[  159.829683][ T7144]  should_failslab+0xa8/0x100
[  159.829707][ T7144]  __kmalloc_noprof+0xcb/0x4f0
[  159.829727][ T7144]  ? kfree+0x4d/0x440
[  159.829743][ T7144]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  159.829766][ T7144]  tomoyo_realpath_from_path+0xe3/0x5d0
[  159.829785][ T7144]  ? tomoyo_domain+0xd9/0x130
[  159.829808][ T7144]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  159.829830][ T7144]  tomoyo_path_number_perm+0x1e8/0x5a0
[  159.829854][ T7144]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  159.829893][ T7144]  ? __lock_acquire+0xab9/0xd20
[  159.829943][ T7144]  ? __fget_files+0x2a/0x420
[  159.829969][ T7144]  ? __fget_files+0x2a/0x420
[  159.829988][ T7144]  ? __fget_files+0x3a0/0x420
[  159.830008][ T7144]  ? __fget_files+0x2a/0x420
[  159.830033][ T7144]  security_file_ioctl+0xcb/0x2d0
[  159.830056][ T7144]  __se_sys_ioctl+0x47/0x170
[  159.830079][ T7144]  do_syscall_64+0xfa/0x3b0
[  159.830099][ T7144]  ? lockdep_hardirqs_on+0x9c/0x150
[  159.830120][ T7144]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.830136][ T7144]  ? clear_bhb_loop+0x60/0xb0
[  159.830156][ T7144]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.830171][ T7144] RIP: 0033:0x7fae1e98ebe9
[  159.830192][ T7144] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.830204][ T7144] RSP: 002b:00007fae1f8ac038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  159.830227][ T7144] RAX: ffffffffffffffda RBX: 00007fae1ebb5fa0 RCX: 00007fae1e98ebe9
[  159.830238][ T7144] RDX: 0000000000000000 RSI: 0000000000005111 RDI: 0000000000000004
[  159.830249][ T7144] RBP: 00007fae1f8ac090 R08: 0000000000000000 R09: 0000000000000000
[  159.830260][ T7144] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  159.830270][ T7144] R13: 00007fae1ebb6038 R14: 00007fae1ebb5fa0 R15: 00007fae1ecdfa28
[  159.830300][ T7144]  </TASK>
[  160.084235][ T7144] ERROR: Out of memory at tomoyo_realpath_from_path.
[  160.116681][ T5867] Bluetooth: hci4: command tx timeout
[  160.168718][ T7148] syz.4.286 uses obsolete (PF_INET,SOCK_PACKET)
[  160.277790][ T1147] hsr_slave_0: left promiscuous mode
[  160.330455][ T1147] hsr_slave_1: left promiscuous mode
[  160.358027][ T1147] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  160.368250][ T1147] batman_adv: batadv0: Removing interface: batadv_slave_0
[  160.383107][ T1147] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  160.390528][ T1147] batman_adv: batadv0: Removing interface: batadv_slave_1
[  160.429588][ T1147] veth1_macvtap: left promiscuous mode
[  160.436606][ T1147] veth0_macvtap: left promiscuous mode
[  160.442364][ T1147] veth1_vlan: left promiscuous mode
[  160.447964][ T1147] veth0_vlan: left promiscuous mode
[  160.952465][ T5952] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  161.101922][ T5952] usb 2-1: device descriptor read/64, error -71
[  161.186355][ T1147] team0 (unregistering): Port device team_slave_1 removed
[  161.241447][ T1147] team0 (unregistering): Port device team_slave_0 removed
[  161.351932][ T5952] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  161.502033][ T5952] usb 2-1: device descriptor read/64, error -71
[  161.622316][ T5952] usb usb2-port1: attempt power cycle
[  161.868669][ T7096] chnl_net:caif_netlink_parms(): no params data found
[  161.992876][ T5952] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  162.053450][ T5952] usb 2-1: device descriptor read/8, error -71
[  162.152354][ T5867] Bluetooth: hci4: command tx timeout
[  162.302140][ T5952] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  162.318652][ T7096] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.326431][ T7096] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.334509][ T7096] bridge_slave_0: entered allmulticast mode
[  162.343445][ T7096] bridge_slave_0: entered promiscuous mode
[  162.350562][ T5929] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  162.360877][ T5952] usb 2-1: device descriptor read/8, error -71
[  162.365433][ T7096] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.399386][ T7096] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.415724][  T981] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  162.435261][ T7096] bridge_slave_1: entered allmulticast mode
[  162.457801][ T7096] bridge_slave_1: entered promiscuous mode
[  162.476369][ T5952] usb usb2-port1: unable to enumerate USB device
[  162.526318][ T5929] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  162.538179][ T5929] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  162.589788][  T981] usb 3-1: Using ep0 maxpacket: 32
[  162.633295][ T5929] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  162.642527][  T981] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[  162.642554][  T981] usb 3-1: config 0 has no interface number 0
[  162.642594][  T981] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  162.642618][  T981] usb 3-1: config 0 interface 85 has no altsetting 0
[  162.645399][  T981] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  162.722242][  T981] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.730557][  T981] usb 3-1: Product: syz
[  162.737414][  T981] usb 3-1: Manufacturer: syz
[  162.745607][  T981] usb 3-1: SerialNumber: syz
[  162.755470][ T5929] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9
[  162.797505][  T981] usb 3-1: config 0 descriptor??
[  162.800920][ T7096] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  162.818335][ T5929] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024
[  162.857308][ T5929] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  162.882009][ T5929] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  162.891666][ T7096] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  162.906356][ T5929] usb 5-1: Product: syz
[  162.910658][ T5929] usb 5-1: Manufacturer: syz
[  162.939623][ T5929] cdc_wdm 5-1:1.0: skipping garbage
[  162.949503][ T5929] cdc_wdm 5-1:1.0: skipping garbage
[  162.990184][ T5929] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  162.997108][ T7096] team0: Port device team_slave_0 added
[  163.007922][ T5929] cdc_wdm 5-1:1.0: Unknown control protocol
[  163.020252][ T7096] team0: Port device team_slave_1 added
[  163.035857][ T7174] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  163.085455][ T7174] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  163.165804][ T7096] batman_adv: batadv0: Adding interface: batadv_slave_0
[  163.191732][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  163.198700][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  163.206726][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  163.213355][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  163.219677][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  163.226391][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  163.233953][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  163.240862][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  163.247710][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  163.254332][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  163.260950][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  163.267561][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  163.275432][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  163.282239][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  163.289057][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  163.295668][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  163.301995][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  163.308623][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  163.314929][    C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71
[  163.321642][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes
[  163.328278][ T5929] usb 5-1: USB disconnect, device number 14
[  163.334371][    C1] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  163.352247][ T7096] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.428383][ T7096] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  163.466693][ T7096] batman_adv: batadv0: Adding interface: batadv_slave_1
[  163.495903][ T7096] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.600440][  T981] appletouch 3-1:0.85: Geyser mode initialized.
[  163.610332][  T981] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input17
[  163.620635][ T7096] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  163.859670][ T7174] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  163.891413][ T7194] FAULT_INJECTION: forcing a failure.
[  163.891413][ T7194] name failslab, interval 1, probability 0, space 0, times 0
[  163.941491][ T7174] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  163.955521][ T7194] CPU: 1 UID: 0 PID: 7194 Comm: syz.1.295 Not tainted syzkaller #0 PREEMPT(full) 
[  163.955542][ T7194] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  163.955550][ T7194] Call Trace:
[  163.955556][ T7194]  <TASK>
[  163.955562][ T7194]  dump_stack_lvl+0x189/0x250
[  163.955582][ T7194]  ? __pfx____ratelimit+0x10/0x10
[  163.955600][ T7194]  ? __pfx_dump_stack_lvl+0x10/0x10
[  163.955615][ T7194]  ? __pfx__printk+0x10/0x10
[  163.955636][ T7194]  ? __pfx___might_resched+0x10/0x10
[  163.955649][ T7194]  ? fs_reclaim_acquire+0x7d/0x100
[  163.955671][ T7194]  should_fail_ex+0x414/0x560
[  163.955692][ T7194]  should_failslab+0xa8/0x100
[  163.955723][ T7194]  __kmalloc_noprof+0xcb/0x4f0
[  163.955742][ T7194]  ? kfree+0x4d/0x440
[  163.955754][ T7194]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  163.955770][ T7194]  tomoyo_realpath_from_path+0xe3/0x5d0
[  163.955785][ T7194]  ? tomoyo_domain+0xd9/0x130
[  163.955804][ T7194]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  163.955822][ T7194]  tomoyo_path_number_perm+0x1e8/0x5a0
[  163.955842][ T7194]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  163.955878][ T7194]  ? __lock_acquire+0xab9/0xd20
[  163.955920][ T7194]  ? __fget_files+0x2a/0x420
[  163.955942][ T7194]  ? __fget_files+0x2a/0x420
[  163.955959][ T7194]  ? __fget_files+0x3a0/0x420
[  163.955977][ T7194]  ? __fget_files+0x2a/0x420
[  163.955998][ T7194]  security_file_ioctl+0xcb/0x2d0
[  163.956020][ T7194]  __se_sys_ioctl+0x47/0x170
[  163.956041][ T7194]  do_syscall_64+0xfa/0x3b0
[  163.956060][ T7194]  ? lockdep_hardirqs_on+0x9c/0x150
[  163.956079][ T7194]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.956094][ T7194]  ? clear_bhb_loop+0x60/0xb0
[  163.956114][ T7194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  163.956130][ T7194] RIP: 0033:0x7f9c5d78ebe9
[  163.956146][ T7194] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  163.956160][ T7194] RSP: 002b:00007f9c5e571038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  163.956177][ T7194] RAX: ffffffffffffffda RBX: 00007f9c5d9b5fa0 RCX: 00007f9c5d78ebe9
[  163.956187][ T7194] RDX: 0000200000000100 RSI: 00000000c048aeca RDI: 0000000000000006
[  163.956196][ T7194] RBP: 00007f9c5e571090 R08: 0000000000000000 R09: 0000000000000000
[  163.956204][ T7194] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  163.956212][ T7194] R13: 00007f9c5d9b6038 R14: 00007f9c5d9b5fa0 R15: 00007f9c5dadfa28
[  163.956232][ T7194]  </TASK>
[  163.956269][ T7194] ERROR: Out of memory at tomoyo_realpath_from_path.
[  164.236121][ T5867] Bluetooth: hci4: command tx timeout
[  164.245522][ T7096] hsr_slave_0: entered promiscuous mode
[  164.263749][ T7096] hsr_slave_1: entered promiscuous mode
[  164.307879][ T7096] debugfs: 'hsr0' already exists in 'hsr'
[  164.357396][ T7096] Cannot create hsr debugfs directory
[  164.573181][  T981] usb 3-1: USB disconnect, device number 14
[  164.618467][  T981] appletouch 3-1:0.85: input: appletouch disconnected
[  164.787190][ T1147] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  164.948790][ T1147] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.268485][ T1147] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.507245][ T1147] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  165.932524][ T5951] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  166.315970][ T5951] usb 5-1: Using ep0 maxpacket: 8
[  166.348705][ T5951] usb 5-1: config 0 has no interfaces?
[  166.721178][ T5872] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  166.733194][ T5872] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  166.745289][ T5872] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  166.758666][ T5872] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  166.773769][ T5872] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  167.350113][ T1147] bridge_slave_1: left allmulticast mode
[  167.356876][ T1147] bridge_slave_1: left promiscuous mode
[  167.363405][ T1147] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.382762][ T1147] 
: left allmulticast mode
[  167.390983][ T1147] 
: left promiscuous mode
[  167.401877][ T1147] bridge0: port 1(
) entered disabled state
[  168.606873][ T1147] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  168.620619][ T1147] bond_slave_0: left promiscuous mode
[  168.628939][ T1147] bond_slave_0: left allmulticast mode
[  168.640996][ T1147] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  168.656696][ T1147] bond_slave_1: left promiscuous mode
[  168.663015][ T1147] bond_slave_1: left allmulticast mode
[  168.680245][ T1147] bond0 (unregistering): Released all slaves
[  168.785805][ T1147] tipc: Left network mode
[  168.882093][ T5872] Bluetooth: hci0: command tx timeout
[  169.059589][ T5951] usb 5-1: string descriptor 0 read error: -71
[  169.122098][ T5951] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  169.153260][ T5951] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.206401][ T5951] usb 5-1: config 0 descriptor??
[  169.246745][ T5951] usb 5-1: can't set config #0, error -71
[  169.283079][ T5951] usb 5-1: USB disconnect, device number 15
[  169.561948][    T9] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  169.732015][    T9] usb 3-1: Using ep0 maxpacket: 32
[  169.733987][ T1147] hsr_slave_0: left promiscuous mode
[  169.739086][    T9] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  169.764045][ T1147] hsr_slave_1: left promiscuous mode
[  169.767808][    T9] usb 3-1: config 0 has no interface number 0
[  169.770416][ T1147] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  169.791412][    T9] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  169.802674][ T1147] batman_adv: batadv0: Removing interface: batadv_slave_0
[  169.815080][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.829148][ T1147] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  169.838230][    T9] usb 3-1: Product: syz
[  169.838254][    T9] usb 3-1: Manufacturer: syz
[  169.838268][    T9] usb 3-1: SerialNumber: syz
[  169.849236][    T9] usb 3-1: config 0 descriptor??
[  169.876062][    T9] smsc95xx v2.0.0
[  169.892205][ T1147] batman_adv: batadv0: Removing interface: batadv_slave_1
[  169.944770][ T5929] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  169.966730][ T1147] veth1_macvtap: left promiscuous mode
[  169.982535][ T1147] veth0_macvtap: left promiscuous mode
[  169.990689][ T1147] veth1_vlan: left promiscuous mode
[  170.013531][ T1147] veth0_vlan: left promiscuous mode
[  170.135275][ T5929] usb 5-1: Using ep0 maxpacket: 8
[  170.166420][ T5929] usb 5-1: config 0 has an invalid interface number: 154 but max is 0
[  170.178511][ T5929] usb 5-1: config 0 has no interface number 0
[  170.201960][ T5929] usb 5-1: config 0 interface 154 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  170.238978][ T5929] usb 5-1: config 0 interface 154 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  170.263287][ T5929] usb 5-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=9e.bc
[  170.282692][ T5929] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  170.295608][    T9] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  170.302012][ T5929] usb 5-1: Product: syz
[  170.310163][    T9] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  170.310957][ T5929] usb 5-1: Manufacturer: syz
[  170.339828][ T5929] usb 5-1: SerialNumber: syz
[  170.357203][ T5929] usb 5-1: config 0 descriptor??
[  170.382789][ T5929] appletouch 5-1:0.154: Could not find int-in endpoint
[  170.396118][ T5929] appletouch 5-1:0.154: probe with driver appletouch failed with error -5
[  170.417340][ T5929] usbhid 5-1:0.154: couldn't find an input interrupt endpoint
[  170.584761][ T5867] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  170.596610][ T5867] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  170.609111][ T5867] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  170.620456][ T5867] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  170.625983][ T5951] usb 5-1: USB disconnect, device number 16
[  170.633322][ T5867] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  170.962626][ T5867] Bluetooth: hci0: command tx timeout
[  171.003591][ T1147] team0 (unregistering): Port device team_slave_1 removed
[  171.062016][ T1147] team0 (unregistering): Port device team_slave_0 removed
[  171.909821][ T7096] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  171.995997][ T7096] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  172.109454][ T7096] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  172.126048][ T7249] chnl_net:caif_netlink_parms(): no params data found
[  172.222988][ T7096] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  172.567634][ T7249] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.584278][ T7249] bridge0: port 1(bridge_slave_0) entered disabled state
[  172.606534][ T7249] bridge_slave_0: entered allmulticast mode
[  172.629302][ T7249] bridge_slave_0: entered promiscuous mode
[  172.645503][ T7249] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.653406][ T7249] bridge0: port 2(bridge_slave_1) entered disabled state
[  172.660879][ T7249] bridge_slave_1: entered allmulticast mode
[  172.671549][ T7249] bridge_slave_1: entered promiscuous mode
[  172.713934][ T5867] Bluetooth: hci2: command tx timeout
[  172.802413][    T9] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  172.818557][ T7249] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  172.833214][    T9] smsc95xx 3-1:0.67: probe with driver smsc95xx failed with error -71
[  172.872358][    T9] usb 3-1: USB disconnect, device number 15
[  172.933875][ T7249] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  173.032570][ T5867] Bluetooth: hci0: command tx timeout
[  173.116391][ T7249] team0: Port device team_slave_0 added
[  173.155351][ T7249] team0: Port device team_slave_1 added
[  173.291072][ T7249] batman_adv: batadv0: Adding interface: batadv_slave_0
[  173.318664][ T7249] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.345634][    C0] vkms_vblank_simulate: vblank timer overrun
[  173.392041][ T7249] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  173.418225][ T7282] chnl_net:caif_netlink_parms(): no params data found
[  173.477650][ T7249] batman_adv: batadv0: Adding interface: batadv_slave_1
[  173.495207][ T7249] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  173.522125][    C0] vkms_vblank_simulate: vblank timer overrun
[  173.532678][ T7249] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  173.932156][ T7249] hsr_slave_0: entered promiscuous mode
[  173.950861][ T7249] hsr_slave_1: entered promiscuous mode
[  173.970387][ T7249] debugfs: 'hsr0' already exists in 'hsr'
[  173.984190][ T7249] Cannot create hsr debugfs directory
[  174.370861][ T7282] bridge0: port 1(bridge_slave_0) entered blocking state
[  174.432350][ T7282] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.450248][ T7282] bridge_slave_0: entered allmulticast mode
[  174.459193][ T7282] bridge_slave_0: entered promiscuous mode
[  174.480058][ T7282] bridge0: port 2(bridge_slave_1) entered blocking state
[  174.493236][ T7282] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.500744][ T7282] bridge_slave_1: entered allmulticast mode
[  174.509040][ T7282] bridge_slave_1: entered promiscuous mode
[  174.731519][ T1147] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.779476][ T7282] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  174.792389][ T5867] Bluetooth: hci2: command tx timeout
[  174.816585][ T7282] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  174.851790][ T7358] warning: `syz.2.322' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  174.966370][ T1147] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.117944][ T5867] Bluetooth: hci0: command tx timeout
[  175.220757][ T1147] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.254019][ T7096] 8021q: adding VLAN 0 to HW filter on device bond0
[  175.276514][ T7282] team0: Port device team_slave_0 added
[  175.321039][ T7282] team0: Port device team_slave_1 added
[  175.389122][ T1147] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.441095][ T7282] batman_adv: batadv0: Adding interface: batadv_slave_0
[  175.450485][ T7282] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.479863][ T7282] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  175.720914][ T7096] 8021q: adding VLAN 0 to HW filter on device team0
[  175.798567][ T7282] batman_adv: batadv0: Adding interface: batadv_slave_1
[  175.831683][ T7282] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  175.887579][ T7282] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  175.938091][ T6966] bridge0: port 1(bridge_slave_0) entered blocking state
[  175.945327][ T6966] bridge0: port 1(bridge_slave_0) entered forwarding state
[  175.963970][ T6966] bridge0: port 2(bridge_slave_1) entered blocking state
[  175.971717][ T6966] bridge0: port 2(bridge_slave_1) entered forwarding state
[  176.076469][ T7282] hsr_slave_0: entered promiscuous mode
[  176.095224][ T7282] hsr_slave_1: entered promiscuous mode
[  176.104066][ T7282] debugfs: 'hsr0' already exists in 'hsr'
[  176.109839][ T7282] Cannot create hsr debugfs directory
[  176.122175][    T9] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  176.302525][    T9] usb 3-1: Using ep0 maxpacket: 16
[  176.319780][    T9] usb 3-1: config 0 has an invalid interface number: 236 but max is 0
[  176.331924][    T9] usb 3-1: config 0 has no interface number 0
[  176.361542][    T9] usb 3-1: New USB device found, idVendor=1de1, idProduct=c102, bcdDevice=84.33
[  176.377335][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.421907][    T9] usb 3-1: Product: syz
[  176.426309][    T9] usb 3-1: Manufacturer: syz
[  176.430930][    T9] usb 3-1: SerialNumber: syz
[  176.475365][    T9] usb 3-1: config 0 descriptor??
[  176.490080][    T9] usb-storage 3-1:0.236: USB Mass Storage device detected
[  176.537766][    T9] usb-storage 3-1:0.236: device ignored
[  176.609085][ T1147] bridge_slave_1: left allmulticast mode
[  176.621505][ T1147] bridge_slave_1: left promiscuous mode
[  176.628821][ T1147] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.656410][ T1147] bridge_slave_0: left allmulticast mode
[  176.670407][ T1147] bridge_slave_0: left promiscuous mode
[  176.677667][ T1147] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.695977][    T9] usb 3-1: USB disconnect, device number 16
[  176.792366][  T981] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  176.873340][ T5867] Bluetooth: hci2: command tx timeout
[  176.970548][  T981] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  176.991374][  T981] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.006736][  T981] usb 5-1: Product: syz
[  177.011111][  T981] usb 5-1: Manufacturer: syz
[  177.023302][  T981] usb 5-1: SerialNumber: syz
[  177.034544][  T981] usb 5-1: config 0 descriptor??
[  177.266511][ T7380] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  177.302954][ T7380] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  177.327569][   T24] usb 5-1: USB disconnect, device number 17
[  177.376485][ T1147] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.419774][ T1147] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.430634][ T1147] bond0 (unregistering): Released all slaves
[  177.460657][ T7395] 
: renamed from vlan1 (while UP)
[  177.467791][ T7396] netlink: 4 bytes leftover after parsing attributes in process `syz.2.327'.
[  177.500041][ T7396] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.564042][ T7396] bridge_slave_1 (unregistering): left allmulticast mode
[  177.571238][ T7396] bridge_slave_1 (unregistering): left promiscuous mode
[  177.581132][ T7396] bridge0: port 2(bridge_slave_1) entered disabled state
[  177.626927][ T1147] tipc: Left network mode
[  177.631619][ T7249] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  177.651653][ T7249] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  177.667993][ T7249] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  177.767807][ T7249] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  177.968731][ T7413] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  177.968731][ T7413] The task syz.2.329 (7413) triggered the difference, watch for misbehavior.
[  178.300771][ T7096] 8021q: adding VLAN 0 to HW filter on device batadv0
[  178.412004][ T5929] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  178.627232][ T1147] hsr_slave_0: left promiscuous mode
[  178.668361][ T5929] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  178.679137][ T1147] hsr_slave_1: left promiscuous mode
[  178.736887][ T5929] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  178.747054][ T1147] veth1_macvtap: left promiscuous mode
[  178.755350][ T5929] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.764920][ T1147] veth0_macvtap: left promiscuous mode
[  178.776274][ T5929] usb 3-1: Product: syz
[  178.776880][ T1147] veth1_vlan: left promiscuous mode
[  178.781232][ T5929] usb 3-1: Manufacturer: syz
[  178.817393][ T5929] usb 3-1: SerialNumber: syz
[  178.852231][ T5929] usb 3-1: config 0 descriptor??
[  178.952943][ T5867] Bluetooth: hci2: command tx timeout
[  180.465650][ T1147] team0 (unregistering): Port device team_slave_1 removed
[  180.558863][ T1147] team0 (unregistering): Port device team_slave_0 removed
[  181.376598][ T7096] veth0_vlan: entered promiscuous mode
[  181.500524][ T7096] veth1_vlan: entered promiscuous mode
[  181.517881][ T7249] 8021q: adding VLAN 0 to HW filter on device bond0
[  181.642980][ T7282] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  181.656890][ T5952] usb 3-1: USB disconnect, device number 17
[  181.709655][ T7282] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  181.779082][ T7249] 8021q: adding VLAN 0 to HW filter on device team0
[  181.820913][ T7282] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  181.857567][ T7282] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  181.956197][ T1147] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.964191][ T1147] bridge0: port 1(bridge_slave_0) entered forwarding state
[  181.989648][ T7463] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  182.043161][ T1147] bridge0: port 2(bridge_slave_1) entered blocking state
[  182.050376][ T1147] bridge0: port 2(bridge_slave_1) entered forwarding state
[  182.197268][ T7096] veth0_macvtap: entered promiscuous mode
[  182.311587][ T7096] veth1_macvtap: entered promiscuous mode
[  182.736840][ T7096] batman_adv: batadv0: Interface activated: batadv_slave_0
[  182.774577][ T7096] batman_adv: batadv0: Interface activated: batadv_slave_1
[  182.824141][ T6964] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  182.840237][ T7249] 8021q: adding VLAN 0 to HW filter on device batadv0
[  182.856819][ T6964] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  182.909541][ T6964] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  183.025456][ T7282] 8021q: adding VLAN 0 to HW filter on device bond0
[  183.039286][ T6964] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  183.081251][ T7492] netlink: 'syz.4.339': attribute type 4 has an invalid length.
[  183.175564][ T7494] netlink: 'syz.4.339': attribute type 4 has an invalid length.
[  183.359524][ T7282] 8021q: adding VLAN 0 to HW filter on device team0
[  183.394127][ T6964] bridge0: port 1(bridge_slave_0) entered blocking state
[  183.401345][ T6964] bridge0: port 1(bridge_slave_0) entered forwarding state
[  183.438677][ T6964] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.446661][ T6964] bridge0: port 2(bridge_slave_1) entered forwarding state
[  183.467212][ T7500] netlink: 'syz.2.340': attribute type 1 has an invalid length.
[  183.471937][ T5929] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  183.486728][ T7249] veth0_vlan: entered promiscuous mode
[  183.500378][ T6964] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.539504][ T7500] 8021q: adding VLAN 0 to HW filter on device bond2
[  183.540186][ T6964] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.561488][ T7249] veth1_vlan: entered promiscuous mode
[  183.613653][ T7503] bond2: (slave geneve2): making interface the new active one
[  183.624589][ T7503] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  183.642886][ T5929] usb 5-1: Using ep0 maxpacket: 16
[  183.659313][ T5929] usb 5-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  183.669127][ T5929] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.692490][ T5929] usb 5-1: Product: syz
[  183.696909][ T5929] usb 5-1: Manufacturer: syz
[  183.701634][ T5929] usb 5-1: SerialNumber: syz
[  183.716510][ T5929] usb 5-1: config 0 descriptor??
[  183.724713][ T5929] visor 5-1:0.0: Sony Clie 3.5 converter detected
[  183.759332][ T6964] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  183.773626][ T6964] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  183.867313][ T7282] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  183.903693][ T7249] veth0_macvtap: entered promiscuous mode
[  183.934416][ T7249] veth1_macvtap: entered promiscuous mode
[  183.965614][ T5929] usb 5-1: clie_3_5_startup: get config number bad return length: 0
[  184.002123][ T5929] visor 5-1:0.0: probe with driver visor failed with error -5
[  184.010874][ T7249] batman_adv: batadv0: Interface activated: batadv_slave_0
[  184.038790][ T7282] 8021q: adding VLAN 0 to HW filter on device batadv0
[  184.055587][ T7249] batman_adv: batadv0: Interface activated: batadv_slave_1
[  184.095974][ T1147] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  184.111565][ T1147] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  184.126185][ T6958] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  184.172772][ T6958] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  184.199234][ T5929] usb 5-1: USB disconnect, device number 18
[  184.256992][ T7515] netlink: 'syz.3.342': attribute type 1 has an invalid length.
[  184.298394][ T7515] fuse: Unknown parameter '0x0000000000000004'
[  184.378388][ T7282] veth0_vlan: entered promiscuous mode
[  184.460314][ T6958] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  184.493185][ T6958] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  184.509029][ T7282] veth1_vlan: entered promiscuous mode
[  184.591177][ T6960] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  184.641200][ T6960] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  184.684365][ T7282] veth0_macvtap: entered promiscuous mode
[  184.743928][ T7282] veth1_macvtap: entered promiscuous mode
[  184.836193][ T7282] batman_adv: batadv0: Interface activated: batadv_slave_0
[  184.885605][ T7282] batman_adv: batadv0: Interface activated: batadv_slave_1
[  185.041781][ T6966] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  185.113681][ T6966] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  185.198711][ T6966] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  185.306976][ T6966] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  185.555674][ T6958] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  185.600276][ T6958] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  185.822312][ T4400] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  185.842144][ T4400] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  186.182034][  T981] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  186.352278][  T981] usb 1-1: Using ep0 maxpacket: 16
[  186.360168][  T981] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  186.384259][  T981] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  186.406383][  T981] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  186.422112][  T981] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  186.481697][  T981] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.501294][ T7555] netlink: 8 bytes leftover after parsing attributes in process `syz.1.349'.
[  186.511483][  T981] usb 1-1: config 0 descriptor??
[  186.524815][ T7555] netlink: 8 bytes leftover after parsing attributes in process `syz.1.349'.
[  186.613617][    T9] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  186.742965][ T7561] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  186.772182][    T9] usb 4-1: Using ep0 maxpacket: 16
[  186.772495][ T7561] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  186.795713][    T9] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 4.00
[  186.807220][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.849869][  T981] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  186.860138][  T981] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  186.876892][    T9] usb 4-1: Product: syz
[  186.881411][  T981] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  186.965434][    T9] usb 4-1: Manufacturer: syz
[  186.993297][    T9] usb 4-1: SerialNumber: syz
[  187.002968][  T981] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  187.015959][  T981] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  187.073009][    T9] usb 4-1: config 0 descriptor??
[  187.096291][    T9] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  187.110403][  T981] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  187.134062][    T9] usb 4-1: Detected FT232B
[  187.139740][  T981] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  187.149396][  T981] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  187.157733][  T981] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  187.165425][  T981] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  187.347573][  T981] microsoft 0003:045E:07DA.0005: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  187.385371][  T981] microsoft 0003:045E:07DA.0005: no inputs found
[  187.396925][  T981] microsoft 0003:045E:07DA.0005: could not initialize ff, continuing anyway
[  187.432803][ T7570] FAULT_INJECTION: forcing a failure.
[  187.432803][ T7570] name failslab, interval 1, probability 0, space 0, times 0
[  187.455234][  T981] usb 1-1: USB disconnect, device number 14
[  187.467191][ T7570] CPU: 1 UID: 0 PID: 7570 Comm: syz.4.352 Not tainted syzkaller #0 PREEMPT(full) 
[  187.467219][ T7570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  187.467229][ T7570] Call Trace:
[  187.467237][ T7570]  <TASK>
[  187.467246][ T7570]  dump_stack_lvl+0x189/0x250
[  187.467293][ T7570]  ? __pfx____ratelimit+0x10/0x10
[  187.467320][ T7570]  ? __pfx_dump_stack_lvl+0x10/0x10
[  187.467405][ T7570]  ? __pfx__printk+0x10/0x10
[  187.467735][ T7570]  ? __pfx___might_resched+0x10/0x10
[  187.467757][ T7570]  ? fs_reclaim_acquire+0x7d/0x100
[  187.467787][ T7570]  should_fail_ex+0x414/0x560
[  187.467816][ T7570]  should_failslab+0xa8/0x100
[  187.467842][ T7570]  __kmalloc_cache_noprof+0x70/0x3d0
[  187.467864][ T7570]  ? fuse_lookup_name+0x1b5/0x860
[  187.467889][ T7570]  fuse_lookup_name+0x1b5/0x860
[  187.467916][ T7570]  ? __lock_acquire+0xab9/0xd20
[  187.467941][ T7570]  ? __pfx_fuse_lookup_name+0x10/0x10
[  187.467961][ T7570]  ? fuse_lock_inode+0xd3/0x120
[  187.467994][ T7570]  ? percpu_ref_get_many+0x19/0x140
[  187.468025][ T7570]  fuse_lookup+0x1e9/0x640
[  187.468049][ T7570]  ? __pfx_fuse_lookup+0x10/0x10
[  187.468066][ T7570]  ? do_raw_spin_lock+0x121/0x290
[  187.468091][ T7570]  ? do_raw_spin_unlock+0x122/0x240
[  187.468111][ T7570]  ? _raw_spin_unlock+0x28/0x50
[  187.468129][ T7570]  ? d_alloc+0x144/0x190
[  187.468149][ T7570]  lookup_one_qstr_excl+0x12e/0x360
[  187.468172][ T7570]  filename_create+0x224/0x3c0
[  187.468194][ T7570]  ? __pfx_filename_create+0x10/0x10
[  187.468219][ T7570]  do_symlinkat+0xbc/0x3f0
[  187.468241][ T7570]  ? __pfx_do_symlinkat+0x10/0x10
[  187.468257][ T7570]  ? strncpy_from_user+0x150/0x290
[  187.468281][ T7570]  ? getname_flags+0x1e5/0x540
[  187.468302][ T7570]  __x64_sys_symlink+0x7a/0x90
[  187.468322][ T7570]  do_syscall_64+0xfa/0x3b0
[  187.468343][ T7570]  ? lockdep_hardirqs_on+0x9c/0x150
[  187.468362][ T7570]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.468377][ T7570]  ? clear_bhb_loop+0x60/0xb0
[  187.468397][ T7570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  187.468412][ T7570] RIP: 0033:0x7f449278ebe9
[  187.468429][ T7570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  187.468442][ T7570] RSP: 002b:00007f4493538038 EFLAGS: 00000246 ORIG_RAX: 0000000000000058
[  187.468462][ T7570] RAX: ffffffffffffffda RBX: 00007f44929b5fa0 RCX: 00007f449278ebe9
[  187.468474][ T7570] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000200000000080
[  187.468485][ T7570] RBP: 00007f4493538090 R08: 0000000000000000 R09: 0000000000000000
[  187.468495][ T7570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  187.468505][ T7570] R13: 00007f44929b6038 R14: 00007f44929b5fa0 R15: 00007f4492adfa28
[  187.468535][ T7570]  </TASK>
[  187.816401][ T7571] fido_id[7571]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  188.705150][ T7585] tipc: Started in network mode
[  188.721607][ T7585] tipc: Node identity 6eadc6fb36b5, cluster identity 4711
[  188.802526][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  188.802545][   T30] audit: type=1326 audit(1756149985.629:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7586 comm="syz.4.358" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f449278ebe9 code=0x0
[  188.833169][ T7585] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  188.842552][ T7593] syzkaller0: entered promiscuous mode
[  188.862608][ T7593] syzkaller0: entered allmulticast mode
[  188.902555][ T7585] tipc: Resetting bearer <eth:syzkaller0>
[  188.956488][ T7585] tipc: Disabling bearer <eth:syzkaller0>
[  189.522153][    T9] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  189.564154][    T9] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  189.620093][    T9] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  189.651103][    T9] usb 4-1: USB disconnect, device number 14
[  189.690944][    T9] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  189.734427][    T9] ftdi_sio 4-1:0.0: device disconnected
[  189.807080][ T7606] bridge_slave_0: left allmulticast mode
[  189.812926][ T7606] bridge_slave_0: left promiscuous mode
[  189.818965][ T7606] bridge0: port 1(bridge_slave_0) entered disabled state
[  189.999882][ T7606] bridge_slave_1: left allmulticast mode
[  190.048461][ T7606] bridge_slave_1: left promiscuous mode
[  190.058110][ T7606] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.140124][ T7606] bond0: (slave bond_slave_0): Releasing backup interface
[  190.179143][ T7606] bond0: (slave bond_slave_1): Releasing backup interface
[  190.216476][ T7606] team0: Port device team_slave_0 removed
[  190.237598][ T7606] team0: Port device team_slave_1 removed
[  190.247724][ T7606] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  190.255780][ T7606] batman_adv: batadv0: Removing interface: batadv_slave_0
[  190.267254][ T7606] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  190.275397][ T7606] batman_adv: batadv0: Removing interface: batadv_slave_1
[  190.622881][ T7619] netlink: 'syz.3.366': attribute type 13 has an invalid length.
[  190.896869][ T7623] netlink: 8 bytes leftover after parsing attributes in process `syz.1.368'.
[  190.968020][ T7623] netdevsim netdevsim1 netdevsim0: entered allmulticast mode
[  191.717162][ T7635] FAULT_INJECTION: forcing a failure.
[  191.717162][ T7635] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  191.740903][ T7635] CPU: 1 UID: 0 PID: 7635 Comm: syz.4.373 Not tainted syzkaller #0 PREEMPT(full) 
[  191.740927][ T7635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  191.740937][ T7635] Call Trace:
[  191.740944][ T7635]  <TASK>
[  191.740953][ T7635]  dump_stack_lvl+0x189/0x250
[  191.740979][ T7635]  ? __pfx____ratelimit+0x10/0x10
[  191.741004][ T7635]  ? __pfx_dump_stack_lvl+0x10/0x10
[  191.741022][ T7635]  ? __pfx__printk+0x10/0x10
[  191.741054][ T7635]  ? __might_fault+0xb0/0x130
[  191.741087][ T7635]  should_fail_ex+0x414/0x560
[  191.741116][ T7635]  _copy_from_user+0x2d/0xb0
[  191.741135][ T7635]  ___sys_sendmsg+0x158/0x2a0
[  191.741158][ T7635]  ? __pfx____sys_sendmsg+0x10/0x10
[  191.741208][ T7635]  ? __fget_files+0x2a/0x420
[  191.741228][ T7635]  ? __fget_files+0x3a0/0x420
[  191.741257][ T7635]  __x64_sys_sendmsg+0x19b/0x260
[  191.741276][ T7635]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  191.741301][ T7635]  ? __pfx_ksys_write+0x10/0x10
[  191.741319][ T7635]  ? rcu_is_watching+0x15/0xb0
[  191.741338][ T7635]  ? do_syscall_64+0xbe/0x3b0
[  191.741362][ T7635]  do_syscall_64+0xfa/0x3b0
[  191.741381][ T7635]  ? lockdep_hardirqs_on+0x9c/0x150
[  191.741402][ T7635]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.741418][ T7635]  ? clear_bhb_loop+0x60/0xb0
[  191.741437][ T7635]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  191.741453][ T7635] RIP: 0033:0x7f449278ebe9
[  191.741470][ T7635] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  191.741484][ T7635] RSP: 002b:00007f4493538038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  191.741503][ T7635] RAX: ffffffffffffffda RBX: 00007f44929b5fa0 RCX: 00007f449278ebe9
[  191.741516][ T7635] RDX: 0000000000004000 RSI: 00002000000002c0 RDI: 0000000000000003
[  191.741526][ T7635] RBP: 00007f4493538090 R08: 0000000000000000 R09: 0000000000000000
[  191.741537][ T7635] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  191.741547][ T7635] R13: 00007f44929b6038 R14: 00007f44929b5fa0 R15: 00007f4492adfa28
[  191.741572][ T7635]  </TASK>
[  191.749239][ T7636] netlink: 'syz.2.371': attribute type 1 has an invalid length.
[  192.047510][ T7639] veth7: entered promiscuous mode
[  193.506988][ T7674] netlink: 'syz.1.387': attribute type 1 has an invalid length.
[  193.943158][ T7674] veth3: entered promiscuous mode
[  193.961977][  T981] usb 1-1: new full-speed USB device number 15 using dummy_hcd
[  194.103025][  T981] usb 1-1: device descriptor read/64, error -71
[  194.351990][  T981] usb 1-1: new full-speed USB device number 16 using dummy_hcd
[  194.396460][ T1304] ieee802154 phy0 wpan0: encryption failed: -22
[  194.403567][ T1304] ieee802154 phy1 wpan1: encryption failed: -22
[  194.512037][  T981] usb 1-1: device descriptor read/64, error -71
[  194.705161][  T981] usb usb1-port1: attempt power cycle
[  195.100420][  T981] usb 1-1: new full-speed USB device number 17 using dummy_hcd
[  195.133943][  T981] usb 1-1: device descriptor read/8, error -71
[  195.187945][ T5929] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  195.394781][ T5929] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  195.422066][  T981] usb 1-1: new full-speed USB device number 18 using dummy_hcd
[  195.443548][ T5929] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.462506][  T981] usb 1-1: device descriptor read/8, error -71
[  195.481858][ T5929] usb 4-1: Product: syz
[  195.489797][ T5929] usb 4-1: Manufacturer: syz
[  195.513397][ T5929] usb 4-1: SerialNumber: syz
[  195.553060][ T5929] usb 4-1: config 0 descriptor??
[  195.579434][ T5929] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  195.582407][  T981] usb usb1-port1: unable to enumerate USB device
[  195.611999][ T5929] usb 4-1: setting power ON
[  195.635326][ T5929] dvb-usb: bulk message failed: -22 (2/0)
[  195.702501][ T5929] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  195.788156][ T5929] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) error while loading driver (-19)
[  195.797336][ T7700] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  195.806239][ T7700] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  195.842713][ T5929] dvb_usb_cxusb 4-1:0.0: probe with driver dvb_usb_cxusb failed with error -22
[  195.892234][ T5929] usb 4-1: USB disconnect, device number 15
[  196.168359][ T7709] netdevsim netdevsim2 netdevsim0: entered allmulticast mode
[  196.239411][ T7713] netlink: 209852 bytes leftover after parsing attributes in process `syz.2.400'.
[  196.305218][ T7715] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  196.392391][ T5929] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  196.579696][ T5929] usb 5-1: config 0 has no interfaces?
[  196.674814][ T5929] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  196.689607][ T5929] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.724289][ T5929] usb 5-1: Product: syz
[  196.732213][ T5929] usb 5-1: Manufacturer: syz
[  196.739008][ T5929] usb 5-1: SerialNumber: syz
[  196.756276][ T5929] usb 5-1: config 0 descriptor??
[  196.883374][ T7727] fuse: Unknown parameter 'gboup_i�d00000000000000000000'
[  197.093990][ T7711] netlink: 8 bytes leftover after parsing attributes in process `syz.4.398'.
[  197.182067][ T7711] netlink: 16 bytes leftover after parsing attributes in process `syz.4.398'.
[  197.288018][ T7728] netlink: 84 bytes leftover after parsing attributes in process `syz.0.406'.
[  197.824312][   T30] audit: type=1326 audit(1756149994.729:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7744 comm="syz.0.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90b98ebe9 code=0x7ffc0000
[  197.863961][   T30] audit: type=1326 audit(1756149994.739:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7744 comm="syz.0.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90b98ebe9 code=0x7ffc0000
[  197.904739][   T30] audit: type=1326 audit(1756149994.739:169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7744 comm="syz.0.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa90b98ebe9 code=0x7ffc0000
[  197.930733][   T30] audit: type=1326 audit(1756149994.739:170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7744 comm="syz.0.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90b98ebe9 code=0x7ffc0000
[  197.956796][   T30] audit: type=1326 audit(1756149994.739:171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7744 comm="syz.0.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90b98ebe9 code=0x7ffc0000
[  197.986097][   T30] audit: type=1326 audit(1756149994.739:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7744 comm="syz.0.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7fa90b98ebe9 code=0x7ffc0000
[  198.017548][   T30] audit: type=1326 audit(1756149994.739:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7744 comm="syz.0.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90b98ebe9 code=0x7ffc0000
[  198.061290][   T30] audit: type=1326 audit(1756149994.739:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7744 comm="syz.0.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa90b98ebe9 code=0x7ffc0000
[  198.098747][   T30] audit: type=1326 audit(1756149994.739:175): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7744 comm="syz.0.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa90b98ebe9 code=0x7ffc0000
[  198.127558][   T30] audit: type=1326 audit(1756149994.739:176): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7744 comm="syz.0.411" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fa90b98ebe9 code=0x7ffc0000
[  198.781412][ T7760] netlink: 24 bytes leftover after parsing attributes in process `syz.2.415'.
[  199.030863][ T7769] netlink: 32 bytes leftover after parsing attributes in process `syz.2.417'.
[  199.120070][ T5983] usb 5-1: USB disconnect, device number 19
[  199.290754][ T5867] Bluetooth: hci3: Malformed Event: 0x13
[  200.077658][ T7783] netlink: 4 bytes leftover after parsing attributes in process `syz.1.422'.
[  200.228124][ T7783] fuse: Bad value for 'group_id'
[  200.239202][ T7783] fuse: Bad value for 'group_id'
[  200.385851][ T5983] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  200.547910][ T5983] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  200.565349][ T5983] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.585578][ T5983] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.613654][ T5983] usb 5-1: config 0 interface 0 has no altsetting 0
[  200.632336][ T5983] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.641580][ T5983] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.660671][ T5983] usb 5-1: config 0 interface 0 has no altsetting 0
[  200.672951][ T5983] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.687488][ T5983] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.709565][ T5983] usb 5-1: config 0 interface 0 has no altsetting 0
[  200.718754][ T5983] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.734429][ T5983] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.753035][ T5983] usb 5-1: config 0 interface 0 has no altsetting 0
[  200.761249][ T5983] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.774339][ T5983] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.785892][ T5983] usb 5-1: config 0 interface 0 has no altsetting 0
[  200.859114][ T5983] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.871626][ T5983] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.887944][ T5983] usb 5-1: config 0 interface 0 has no altsetting 0
[  200.896568][ T5983] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  200.909149][ T5983] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  200.920871][ T5983] usb 5-1: config 0 interface 0 has no altsetting 0
[  200.933466][ T5983] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  201.004637][ T5983] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  201.017071][ T5983] usb 5-1: config 0 interface 0 has no altsetting 0
[  201.029450][ T5983] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  201.041083][ T5983] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  201.053700][ T5983] usb 5-1: Product: syz
[  201.059402][ T5983] usb 5-1: Manufacturer: syz
[  201.066776][ T5983] usb 5-1: SerialNumber: syz
[  201.086304][ T5983] usb 5-1: config 0 descriptor??
[  201.143280][ T5983] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  201.365477][ T5929] usb 5-1: USB disconnect, device number 20
[  201.403407][ T5929] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  201.592104][ T5183] Bluetooth: hci1: command 0x0406 tx timeout
[  201.600140][ T5872] Bluetooth: hci3: command 0x0406 tx timeout
[  201.730023][ T7816] netlink: 28 bytes leftover after parsing attributes in process `syz.2.431'.
[  201.884805][ T7820] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  202.022186][ T5929] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  202.238794][ T5929] usb 5-1: Using ep0 maxpacket: 32
[  202.262084][ T5929] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  202.293729][ T5929] usb 5-1: config 0 has no interface number 0
[  202.335845][ T5929] usb 5-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  202.405922][ T5929] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.561981][ T5929] usb 5-1: Product: syz
[  202.581302][ T5929] usb 5-1: Manufacturer: syz
[  202.620039][ T5929] usb 5-1: SerialNumber: syz
[  202.638680][ T5929] usb 5-1: config 0 descriptor??
[  202.679096][ T5929] usb 5-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  202.713957][ T5929] usb 5-1: selecting invalid altsetting 1
[  202.719750][ T5929] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  202.775086][ T5929] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  202.793023][ T5929] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  202.808601][ T5929] usb 5-1: media controller created
[  202.872280][ T5929] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  202.911921][ T5952] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  203.041084][ T6960] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.083759][ T5929] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  203.099889][ T5929] zl10353_read_register: readreg error (reg=127, ret==-71)
[  203.112015][ T5952] usb 3-1: Using ep0 maxpacket: 16
[  203.118438][    T9] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  203.128646][ T5929] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  203.141971][ T5952] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  203.172193][ T5952] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  203.202108][ T5952] usb 3-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00
[  203.223314][ T5952] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.262829][ T5952] usb 3-1: config 0 descriptor??
[  203.263461][ T6960] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.302148][    T9] usb 4-1: Using ep0 maxpacket: 8
[  203.315454][    T9] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  203.328019][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  203.349979][ T5929] usb 5-1: USB disconnect, device number 21
[  203.359106][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  203.387032][    T9] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  203.404622][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.425801][    T9] usb 4-1: config 0 descriptor??
[  203.475762][ T6960] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.645463][ T6960] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  203.933253][ T7838] FAULT_INJECTION: forcing a failure.
[  203.933253][ T7838] name failslab, interval 1, probability 0, space 0, times 0
[  203.966906][ T7838] CPU: 1 UID: 0 PID: 7838 Comm: syz.3.439 Not tainted syzkaller #0 PREEMPT(full) 
[  203.966935][ T7838] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  203.966946][ T7838] Call Trace:
[  203.966953][ T7838]  <TASK>
[  203.966961][ T7838]  dump_stack_lvl+0x189/0x250
[  203.966985][ T7838]  ? __pfx____ratelimit+0x10/0x10
[  203.967009][ T7838]  ? __pfx_dump_stack_lvl+0x10/0x10
[  203.967027][ T7838]  ? __pfx__printk+0x10/0x10
[  203.967054][ T7838]  ? __pfx___might_resched+0x10/0x10
[  203.967075][ T7838]  should_fail_ex+0x414/0x560
[  203.967102][ T7838]  should_failslab+0xa8/0x100
[  203.967129][ T7838]  kmem_cache_alloc_noprof+0x73/0x3c0
[  203.967150][ T7838]  ? ptlock_alloc+0x20/0x70
[  203.967175][ T7838]  ptlock_alloc+0x20/0x70
[  203.967195][ T7838]  pte_alloc_one+0x7d/0x170
[  203.967217][ T7838]  __pte_alloc+0x25/0x1a0
[  203.967238][ T7838]  __handle_mm_fault+0x49b3/0x5440
[  203.967274][ T7838]  ? __pfx___handle_mm_fault+0x10/0x10
[  203.967310][ T7838]  ? find_vma+0xe7/0x160
[  203.967329][ T7838]  ? __pfx_find_vma+0x10/0x10
[  203.967353][ T7838]  handle_mm_fault+0x40a/0x8e0
[  203.967385][ T7838]  do_user_addr_fault+0x764/0x1390
[  203.967426][ T7838]  exc_page_fault+0x76/0xf0
[  203.967445][ T7838]  ? __might_fault+0xb0/0x130
[  203.967467][ T7838]  asm_exc_page_fault+0x26/0x30
[  203.967483][ T7838] RIP: 0010:rep_movs_alternative+0x4a/0x90
[  203.967502][ T7838] Code: 09 04 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 48 8b 06 48 89 07 48 83 c6 08 48 83 c7 08 83 e9 08 74 db 83 f9 08 73 e8 eb c5 <f3> a4 c3 cc cc cc cc 48 8b 06 48 89 07 48 8d 47 08 48 83 e0 f8 48
[  203.967516][ T7838] RSP: 0018:ffffc90004fbf780 EFLAGS: 00050206
[  203.967539][ T7838] RAX: 00007ffffffff001 RBX: 0000000000001000 RCX: 0000000000001000
[  203.967551][ T7838] RDX: 0000000000000001 RSI: 000020000022a000 RDI: ffff8880b4400000
[  203.967562][ T7838] RBP: 0000000000000001 R08: ffff8880b4400fff R09: 1ffff110168801ff
[  203.967573][ T7838] R10: dffffc0000000000 R11: ffffed1016880200 R12: 00000000000001ff
[  203.967585][ T7838] R13: ffff8880b4400000 R14: ffff8880b4400000 R15: 000020000022a000
[  203.967615][ T7838]  _copy_from_user+0x7a/0xb0
[  203.967636][ T7838]  copy_folio_from_user+0x1e4/0x320
[  203.967662][ T7838]  mfill_atomic_copy+0xf9c/0x1390
[  203.967703][ T7838]  ? __pfx_mfill_atomic_copy+0x10/0x10
[  203.967738][ T7838]  userfaultfd_ioctl+0x29fb/0x4c80
[  203.967772][ T7838]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  203.967817][ T7838]  ? kasan_quarantine_put+0xdd/0x220
[  203.967848][ T7838]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  203.967872][ T7838]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  203.967900][ T7838]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  203.967924][ T7838]  ? vfs_write+0x956/0xb30
[  203.967975][ T7838]  ? ksys_write+0x1e1/0x250
[  203.967999][ T7838]  ? bpf_lsm_file_ioctl+0x9/0x20
[  203.968019][ T7838]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[  203.968038][ T7838]  __se_sys_ioctl+0xf9/0x170
[  203.968058][ T7838]  do_syscall_64+0xfa/0x3b0
[  203.968080][ T7838]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.968095][ T7838]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  203.968110][ T7838]  ? clear_bhb_loop+0x60/0xb0
[  203.968129][ T7838]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  203.968144][ T7838] RIP: 0033:0x7faedc38ebe9
[  203.968157][ T7838] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  203.968170][ T7838] RSP: 002b:00007faedd23f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  203.968186][ T7838] RAX: ffffffffffffffda RBX: 00007faedc5b5fa0 RCX: 00007faedc38ebe9
[  203.968198][ T7838] RDX: 00002000000000c0 RSI: 00000000c028aa03 RDI: 0000000000000007
[  203.968209][ T7838] RBP: 00007faedd23f090 R08: 0000000000000000 R09: 0000000000000000
[  203.968219][ T7838] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  203.968228][ T7838] R13: 00007faedc5b6038 R14: 00007faedc5b5fa0 R15: 00007faedc6dfa28
[  203.968255][ T7838]  </TASK>
[  204.351057][    C1] vkms_vblank_simulate: vblank timer overrun
[  204.449512][ T5952] zeroplus 0003:0C12:0030.0006: item fetching failed at offset 3/5
[  204.458381][ T5952] zeroplus 0003:0C12:0030.0006: parse failed
[  204.486096][ T5952] zeroplus 0003:0C12:0030.0006: probe with driver zeroplus failed with error -22
[  205.021973][ T5983] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  205.192429][ T5983] usb 5-1: Using ep0 maxpacket: 32
[  205.203975][ T5983] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  205.223683][ T5983] usb 5-1: config 0 has no interface number 0
[  205.236425][ T6960] bridge_slave_1: left allmulticast mode
[  205.251192][ T5983] usb 5-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  205.261932][ T6960] bridge_slave_1: left promiscuous mode
[  205.274653][ T5983] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.283193][ T6960] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.310211][ T7858] netlink: 4 bytes leftover after parsing attributes in process `syz.0.445'.
[  205.324086][ T5862] usb 4-1: USB disconnect, device number 16
[  205.352265][ T5983] usb 5-1: Product: syz
[  205.360768][ T5983] usb 5-1: Manufacturer: syz
[  205.374110][ T5983] usb 5-1: SerialNumber: syz
[  205.420721][ T6960] bridge_slave_0: left allmulticast mode
[  205.439229][ T5983] usb 5-1: config 0 descriptor??
[  205.454915][ T6960] bridge_slave_0: left promiscuous mode
[  205.490914][ T6960] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.499077][ T5983] usb 5-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  205.547135][ T5983] usb 5-1: selecting invalid altsetting 1
[  205.568915][ T5983] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  205.598671][ T5983] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  205.638749][ T5983] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  205.664805][ T5865] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  205.675440][ T5865] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  205.685488][ T5865] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  205.698565][ T5865] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  205.712564][ T5865] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  205.730248][ T5983] usb 5-1: media controller created
[  205.790862][ T5983] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  205.822678][ T5862] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  205.852239][ T5983] usb 5-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  205.866383][ T5983] zl10353_read_register: readreg error (reg=127, ret==-71)
[  205.892171][ T5983] usb 5-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  205.996519][ T5862] usb 4-1: config 0 has an invalid interface number: 249 but max is 0
[  205.997200][ T5983] usb 5-1: USB disconnect, device number 22
[  206.030002][ T5862] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  206.057626][ T5862] usb 4-1: config 0 has no interface number 0
[  206.079042][ T5862] usb 4-1: config 0 interface 249 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  206.090492][ T5862] usb 4-1: config 0 interface 249 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 0
[  206.106632][ T5862] usb 4-1: config 0 interface 249 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  206.121132][ T5862] usb 4-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=be.87
[  206.133499][ T5862] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.151161][ T5862] usb 4-1: config 0 descriptor??
[  206.166971][ T5862] port100 4-1:0.249: NFC: Could not find bulk-in or bulk-out endpoint
[  206.238888][ T5862] usb 3-1: USB disconnect, device number 18
[  206.408506][ T7862] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.419799][ T7862] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.449193][ T7862] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  206.458948][ T7862] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  206.489074][ T5862] usb 4-1: USB disconnect, device number 17
[  207.193989][ T6960] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  207.225821][ T6960] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  207.271780][ T6960] bond0 (unregistering): Released all slaves
[  207.293878][ T7883] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  207.467498][ T6960] tipc: Left network mode
[  207.752013][ T5867] Bluetooth: hci2: command tx timeout
[  208.236208][ T7910] netlink: 20 bytes leftover after parsing attributes in process `syz.4.455'.
[  208.295890][ T7915] netlink: 28 bytes leftover after parsing attributes in process `syz.4.455'.
[  208.393598][ T7916] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  208.607457][ T6960] hsr_slave_0: left promiscuous mode
[  208.673720][ T6960] hsr_slave_1: left promiscuous mode
[  208.683239][ T6960] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  208.838140][ T6960] batman_adv: batadv0: Removing interface: batadv_slave_0
[  208.875219][ T7931] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[  208.882207][ T7931] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  208.914346][ T6960] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  208.920970][ T7931] vhci_hcd vhci_hcd.0: Device attached
[  208.936876][ T7932] vhci_hcd: connection closed
[  208.939175][ T6966] vhci_hcd: stop threads
[  208.951143][ T6966] vhci_hcd: release socket
[  208.960914][ T6960] batman_adv: batadv0: Removing interface: batadv_slave_1
[  208.968610][ T6966] vhci_hcd: disconnect device
[  209.126587][ T6960] veth1_macvtap: left promiscuous mode
[  209.132251][ T6960] veth0_macvtap: left promiscuous mode
[  209.138038][ T6960] veth1_vlan: left promiscuous mode
[  209.145188][ T6960] veth0_vlan: left promiscuous mode
[  209.832038][ T5867] Bluetooth: hci2: command tx timeout
[  210.091031][ T6960] team0 (unregistering): Port device team_slave_1 removed
[  210.134125][ T6960] team0 (unregistering): Port device team_slave_0 removed
[  210.528048][ T7866] chnl_net:caif_netlink_parms(): no params data found
[  210.727932][ T7950] FAULT_INJECTION: forcing a failure.
[  210.727932][ T7950] name failslab, interval 1, probability 0, space 0, times 0
[  210.769659][ T7950] CPU: 1 UID: 0 PID: 7950 Comm: syz.0.463 Not tainted syzkaller #0 PREEMPT(full) 
[  210.769686][ T7950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  210.769696][ T7950] Call Trace:
[  210.769704][ T7950]  <TASK>
[  210.769712][ T7950]  dump_stack_lvl+0x189/0x250
[  210.769737][ T7950]  ? __pfx____ratelimit+0x10/0x10
[  210.769760][ T7950]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.769779][ T7950]  ? __pfx__printk+0x10/0x10
[  210.769807][ T7950]  ? __pfx___might_resched+0x10/0x10
[  210.769823][ T7950]  ? fs_reclaim_acquire+0x7d/0x100
[  210.769851][ T7950]  should_fail_ex+0x414/0x560
[  210.769885][ T7950]  should_failslab+0xa8/0x100
[  210.769910][ T7950]  __kmalloc_cache_noprof+0x70/0x3d0
[  210.769930][ T7950]  ? tcp_sendmsg_fastopen+0x1de/0x5e0
[  210.769956][ T7950]  tcp_sendmsg_fastopen+0x1de/0x5e0
[  210.769984][ T7950]  tcp_sendmsg_locked+0x4d9b/0x5620
[  210.770009][ T7950]  ? tcp_sendmsg_locked+0x4b1/0x5620
[  210.770032][ T7950]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  210.770082][ T7950]  ? __lock_acquire+0xab9/0xd20
[  210.770156][ T7950]  ? __pfx_tcp_sendmsg_locked+0x10/0x10
[  210.770174][ T7950]  ? __local_bh_enable_ip+0x12d/0x1c0
[  210.770195][ T7950]  ? __local_bh_enable_ip+0x12d/0x1c0
[  210.770226][ T7950]  tcp_sendmsg+0x2f/0x50
[  210.770247][ T7950]  __sock_sendmsg+0xe5/0x270
[  210.770272][ T7950]  __sys_sendto+0x3bd/0x520
[  210.770291][ T7950]  ? __pfx___sys_sendto+0x10/0x10
[  210.770305][ T7950]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  210.770346][ T7950]  ? __fget_files+0x3a0/0x420
[  210.770380][ T7950]  ? ksys_write+0x22a/0x250
[  210.770403][ T7950]  ? __pfx_ksys_write+0x10/0x10
[  210.770421][ T7950]  ? rcu_is_watching+0x15/0xb0
[  210.770443][ T7950]  __x64_sys_sendto+0xde/0x100
[  210.770464][ T7950]  do_syscall_64+0xfa/0x3b0
[  210.770484][ T7950]  ? lockdep_hardirqs_on+0x9c/0x150
[  210.770505][ T7950]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.770521][ T7950]  ? clear_bhb_loop+0x60/0xb0
[  210.770542][ T7950]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.770558][ T7950] RIP: 0033:0x7fa90b98ebe9
[  210.770575][ T7950] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.770589][ T7950] RSP: 002b:00007fa90c87b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  210.770608][ T7950] RAX: ffffffffffffffda RBX: 00007fa90bbb5fa0 RCX: 00007fa90b98ebe9
[  210.770621][ T7950] RDX: 0000000000000091 RSI: 0000000000000000 RDI: 0000000000000003
[  210.770631][ T7950] RBP: 00007fa90c87b090 R08: 0000200000b63fe4 R09: 000000000000001c
[  210.770647][ T7950] R10: 0000000022004001 R11: 0000000000000246 R12: 0000000000000001
[  210.770658][ T7950] R13: 00007fa90bbb6038 R14: 00007fa90bbb5fa0 R15: 00007fa90bcdfa28
[  210.770688][ T7950]  </TASK>
[  211.047626][    C1] vkms_vblank_simulate: vblank timer overrun
[  211.288725][ T7955] netlink: 12 bytes leftover after parsing attributes in process `syz.3.465'.
[  211.534243][ T5952] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  211.619959][ T7961] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  211.704170][ T7866] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.712783][ T5952] usb 4-1: Using ep0 maxpacket: 16
[  211.746234][ T5952] usb 4-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  211.766950][ T7866] bridge0: port 1(bridge_slave_0) entered disabled state
[  211.798015][ T5952] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  211.808364][ T7866] bridge_slave_0: entered allmulticast mode
[  211.842391][ T7866] bridge_slave_0: entered promiscuous mode
[  211.850865][ T5952] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  211.889106][ T5952] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.902574][ T7866] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.912753][ T5867] Bluetooth: hci2: command tx timeout
[  211.942417][ T5952] usb 4-1: Product: syz
[  211.946712][ T5952] usb 4-1: Manufacturer: syz
[  211.951479][ T7866] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.989120][ T5952] usb 4-1: SerialNumber: syz
[  211.999797][ T7866] bridge_slave_1: entered allmulticast mode
[  212.046431][ T7866] bridge_slave_1: entered promiscuous mode
[  212.295370][ T5952] usb 4-1: 0:2 : does not exist
[  212.333410][ T5952] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  212.344358][ T7866] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  212.415031][ T5952] usb 4-1: USB disconnect, device number 18
[  212.496193][ T7866] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  212.562094][ T5922] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  212.617636][ T5973] udevd[5973]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  212.701461][ T7866] team0: Port device team_slave_0 added
[  212.741000][ T5922] usb 3-1: Using ep0 maxpacket: 8
[  212.754364][ T5922] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  212.778615][ T5922] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  212.851008][ T5922] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  212.867302][ T5922] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  212.891872][ T5922] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  212.926413][ T7866] team0: Port device team_slave_1 added
[  213.026259][ T5922] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  213.100323][ T5922] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.110157][ T7993] program syz.3.471 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  213.228393][ T7866] batman_adv: batadv0: Adding interface: batadv_slave_0
[  213.238639][ T7866] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.265069][    C1] vkms_vblank_simulate: vblank timer overrun
[  213.375230][ T5922] usb 3-1: usb_control_msg returned -32
[  213.391315][ T5922] usbtmc 3-1:16.0: can't read capabilities
[  213.450208][ T7866] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  213.578042][ T7866] batman_adv: batadv0: Adding interface: batadv_slave_1
[  213.657780][ T7866] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  213.854058][ T7866] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  213.955403][ T7866] hsr_slave_0: entered promiscuous mode
[  213.992114][ T5867] Bluetooth: hci2: command tx timeout
[  214.001432][ T7866] hsr_slave_1: entered promiscuous mode
[  214.015079][ T7866] debugfs: 'hsr0' already exists in 'hsr'
[  214.020974][ T7866] Cannot create hsr debugfs directory
[  214.158547][   T30] kauditd_printk_skb: 418 callbacks suppressed
[  214.158565][   T30] audit: type=1326 audit(1756150011.069:595): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8007 comm="syz.0.474" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa90b98ebe9 code=0x0
[  214.194740][ T8003] usbtmc 3-1:16.0: usb_control_msg returned -32
[  214.399222][ T5983] usb 3-1: USB disconnect, device number 19
[  214.787595][ T8020] FAULT_INJECTION: forcing a failure.
[  214.787595][ T8020] name failslab, interval 1, probability 0, space 0, times 0
[  214.852859][ T8020] CPU: 1 UID: 0 PID: 8020 Comm: syz.4.476 Not tainted syzkaller #0 PREEMPT(full) 
[  214.852883][ T8020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  214.852900][ T8020] Call Trace:
[  214.852907][ T8020]  <TASK>
[  214.852914][ T8020]  dump_stack_lvl+0x189/0x250
[  214.852937][ T8020]  ? __pfx____ratelimit+0x10/0x10
[  214.852958][ T8020]  ? __pfx_dump_stack_lvl+0x10/0x10
[  214.852975][ T8020]  ? __pfx__printk+0x10/0x10
[  214.852996][ T8020]  ? __pfx___might_resched+0x10/0x10
[  214.853010][ T8020]  ? fs_reclaim_acquire+0x7d/0x100
[  214.853036][ T8020]  should_fail_ex+0x414/0x560
[  214.853059][ T8020]  should_failslab+0xa8/0x100
[  214.853080][ T8020]  __kmalloc_noprof+0xcb/0x4f0
[  214.853099][ T8020]  ? tomoyo_encode+0x28b/0x550
[  214.853118][ T8020]  tomoyo_encode+0x28b/0x550
[  214.853138][ T8020]  tomoyo_realpath_from_path+0x58d/0x5d0
[  214.853154][ T8020]  ? tomoyo_domain+0xd9/0x130
[  214.853175][ T8020]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  214.853194][ T8020]  tomoyo_path_number_perm+0x1e8/0x5a0
[  214.853215][ T8020]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  214.853250][ T8020]  ? __lock_acquire+0xab9/0xd20
[  214.853289][ T8020]  ? __fget_files+0x2a/0x420
[  214.853311][ T8020]  ? __fget_files+0x2a/0x420
[  214.853329][ T8020]  ? __fget_files+0x3a0/0x420
[  214.853346][ T8020]  ? __fget_files+0x2a/0x420
[  214.853369][ T8020]  security_file_ioctl+0xcb/0x2d0
[  214.853390][ T8020]  __se_sys_ioctl+0x47/0x170
[  214.853410][ T8020]  do_syscall_64+0xfa/0x3b0
[  214.853430][ T8020]  ? lockdep_hardirqs_on+0x9c/0x150
[  214.853448][ T8020]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.853462][ T8020]  ? clear_bhb_loop+0x60/0xb0
[  214.853481][ T8020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  214.853495][ T8020] RIP: 0033:0x7f449278ebe9
[  214.853510][ T8020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  214.853523][ T8020] RSP: 002b:00007f4493538038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  214.853540][ T8020] RAX: ffffffffffffffda RBX: 00007f44929b5fa0 RCX: 00007f449278ebe9
[  214.853551][ T8020] RDX: 0000200000000040 RSI: 000000004004ae86 RDI: 0000000000000005
[  214.853561][ T8020] RBP: 00007f4493538090 R08: 0000000000000000 R09: 0000000000000000
[  214.853570][ T8020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  214.853579][ T8020] R13: 00007f44929b6038 R14: 00007f44929b5fa0 R15: 00007f4492adfa28
[  214.853605][ T8020]  </TASK>
[  214.853627][ T8020] ERROR: Out of memory at tomoyo_realpath_from_path.
[  214.923736][ T5983] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  215.281898][ T5983] usb 4-1: device descriptor read/64, error -71
[  215.462937][   T30] audit: type=1326 audit(1756150012.369:596): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.2.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae1e98ebe9 code=0x7ffc0000
[  215.522103][ T5983] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  215.577521][   T30] audit: type=1326 audit(1756150012.369:597): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.2.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae1e98ebe9 code=0x7ffc0000
[  215.680976][ T7866] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  215.797379][ T7866] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  215.851986][ T5983] usb 4-1: device descriptor read/64, error -71
[  215.903754][   T30] audit: type=1326 audit(1756150012.369:598): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.2.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=56 compat=0 ip=0x7fae1e98ebe9 code=0x7ffc0000
[  215.961156][ T7866] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  215.996068][ T5983] usb usb4-port1: attempt power cycle
[  216.000026][ T7866] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  216.065989][   T30] audit: type=1326 audit(1756150012.399:599): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.2.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae1e98ebe9 code=0x7ffc0000
[  216.229802][   T30] audit: type=1326 audit(1756150012.429:600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8044 comm="syz.2.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fae1e9c14a5 code=0x7ffc0000
[  216.285926][   T30] audit: type=1326 audit(1756150012.489:601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.2.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae1e98ebe9 code=0x7ffc0000
[  216.359597][   T30] audit: type=1326 audit(1756150012.489:602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.2.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fae1e98ebe9 code=0x7ffc0000
[  216.401665][   T30] audit: type=1326 audit(1756150012.489:603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.2.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae1e98ebe9 code=0x7ffc0000
[  216.452002][ T5983] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  216.467602][   T30] audit: type=1326 audit(1756150012.489:604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8040 comm="syz.2.481" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fae1e98ebe9 code=0x7ffc0000
[  216.509294][ T5983] usb 4-1: device descriptor read/8, error -71
[  216.761954][ T5983] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  216.786378][ T5983] usb 4-1: device descriptor read/8, error -71
[  216.830744][ T8071] ptrace attach of "./syz-executor exec"[5879] was attempted by "./syz-executor exec"[8071]
[  216.962431][ T5983] usb usb4-port1: unable to enumerate USB device
[  217.064655][ T7866] 8021q: adding VLAN 0 to HW filter on device bond0
[  217.200307][ T7866] 8021q: adding VLAN 0 to HW filter on device team0
[  217.257443][ T8077] netlink: 4 bytes leftover after parsing attributes in process `syz.4.484'.
[  217.352713][ T6964] bridge0: port 1(bridge_slave_0) entered blocking state
[  217.359962][ T6964] bridge0: port 1(bridge_slave_0) entered forwarding state
[  217.380470][ T6964] bridge0: port 2(bridge_slave_1) entered blocking state
[  217.387698][ T6964] bridge0: port 2(bridge_slave_1) entered forwarding state
[  217.631950][   T24] usb 5-1: new low-speed USB device number 23 using dummy_hcd
[  217.697090][ T7866] 8021q: adding VLAN 0 to HW filter on device batadv0
[  217.800996][ T8085] input: syz0 as /devices/virtual/input/input20
[  218.080296][ T7866] veth0_vlan: entered promiscuous mode
[  218.200329][ T7866] veth1_vlan: entered promiscuous mode
[  218.207321][   T24] usb 5-1: unable to get BOS descriptor or descriptor too short
[  218.232333][   T24] usb 5-1: no configurations
[  218.236976][   T24] usb 5-1: can't read configurations, error -22
[  218.289264][ T7866] veth0_macvtap: entered promiscuous mode
[  218.456817][ T7866] veth1_macvtap: entered promiscuous mode
[  218.649557][ T7866] batman_adv: batadv0: Interface activated: batadv_slave_0
[  218.663395][ T7866] batman_adv: batadv0: Interface activated: batadv_slave_1
[  218.698257][ T6966] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  218.756538][ T6968] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  218.844210][ T6968] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  218.961140][ T6968] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  219.518874][ T6968] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  219.540068][ T6968] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  220.113025][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  220.184680][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  222.758371][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  222.758387][   T30] audit: type=1326 audit(1756150019.669:623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8164 comm="syz.4.503" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f449278ebe9 code=0x0
[  224.286662][ T5865] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  224.296152][ T5865] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  224.325106][ T5865] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  224.356581][ T5865] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  224.372173][ T5865] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  224.474016][ T5952] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  224.638105][ T5952] usb 2-1: Using ep0 maxpacket: 16
[  224.655806][ T5952] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  224.706982][ T5952] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  224.741489][ T5952] usb 2-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00
[  224.756887][ T5952] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  224.800151][ T5952] usb 2-1: config 0 descriptor??
[  224.862057][ T5862] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  225.002328][  T981] usb 1-1: new full-speed USB device number 19 using dummy_hcd
[  225.162481][ T8224] netlink: 'syz.4.512': attribute type 15 has an invalid length.
[  225.184320][ T5922] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  225.187217][ T8224] netlink: 24 bytes leftover after parsing attributes in process `syz.4.512'.
[  225.393108][  T981] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  225.424170][  T981] usb 1-1: New USB device found, idVendor=0c70, idProduct=f00b, bcdDevice= 0.00
[  225.439033][  T981] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.470622][  T981] usb 1-1: config 0 descriptor??
[  225.577070][ T8215] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  225.597659][ T8215] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  225.883007][ T8196] chnl_net:caif_netlink_parms(): no params data found
[  225.887318][ T8233] netlink: 4 bytes leftover after parsing attributes in process `syz.4.513'.
[  225.965468][  T981] aquacomputer_d5next 0003:0C70:F00B.0007: hidraw0: USB HID v1.01 Device [HID 0c70:f00b] on usb-dummy_hcd.0-1/input0
[  226.474074][ T5867] Bluetooth: hci1: command tx timeout
[  226.899602][ T8196] bridge0: port 1(bridge_slave_0) entered blocking state
[  226.940952][ T8196] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.960240][ T8196] bridge_slave_0: entered allmulticast mode
[  226.999226][ T8196] bridge_slave_0: entered promiscuous mode
[  227.067930][ T8196] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.098282][ T8196] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.111320][ T8196] bridge_slave_1: entered allmulticast mode
[  227.163016][ T8196] bridge_slave_1: entered promiscuous mode
[  227.478539][ T8196] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  227.531372][ T8196] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  227.642126][  T981] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  227.739603][ T5862] usb 1-1: USB disconnect, device number 19
[  227.783260][ T8196] team0: Port device team_slave_0 added
[  227.822009][  T981] usb 5-1: Using ep0 maxpacket: 16
[  227.847881][  T981] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  227.860054][ T8196] team0: Port device team_slave_1 added
[  227.916153][  T981] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  227.976423][  T981] usb 5-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  228.033572][  T981] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  228.075338][ T8196] batman_adv: batadv0: Adding interface: batadv_slave_0
[  228.087228][ T8196] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.113686][    C1] vkms_vblank_simulate: vblank timer overrun
[  228.124166][  T981] usb 5-1: config 0 descriptor??
[  228.159797][ T8196] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  228.194854][ T8196] batman_adv: batadv0: Adding interface: batadv_slave_1
[  228.207721][ T8196] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  228.243054][ T8196] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  228.347917][ T8244] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  228.372642][ T8244] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  228.392309][    T9] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  228.539733][ T8196] hsr_slave_0: entered promiscuous mode
[  228.552194][ T5867] Bluetooth: hci1: command tx timeout
[  228.563081][    T9] usb 1-1: Using ep0 maxpacket: 16
[  228.563514][ T8196] hsr_slave_1: entered promiscuous mode
[  228.575978][ T8196] debugfs: 'hsr0' already exists in 'hsr'
[  228.582122][ T8196] Cannot create hsr debugfs directory
[  228.622947][    T9] usb 1-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  228.641597][ T5952] usbhid 2-1:0.0: can't add hid device: -71
[  228.656128][  T981] hid (null): global environment stack underflow
[  228.662905][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.666340][ T5952] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  228.671560][    T9] usb 1-1: Product: syz
[  228.708504][  T981] hid (null): unknown global tag 0x24
[  228.716777][  T981] hid (null): report_id 0 is invalid
[  228.726444][ T5922] usb 4-1: unable to get BOS descriptor or descriptor too short
[  228.739183][ T5922] usb 4-1: too many configurations: 111, using maximum allowed: 8
[  228.771901][    T9] usb 1-1: Manufacturer: syz
[  228.783241][ T5952] usb 2-1: USB disconnect, device number 22
[  228.787149][    T9] usb 1-1: SerialNumber: syz
[  228.795276][ T5922] usb 4-1: unable to read config index 0 descriptor/start: -71
[  228.803639][ T5922] usb 4-1: can't read configurations, error -71
[  228.869331][    T9] usb 1-1: config 0 descriptor??
[  228.894251][    T9] ssu100 1-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  229.092858][ T8196] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.155468][ T5952] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  229.232773][    T9] ssu100 1-1:0.0: probe with driver ssu100 failed with error -110
[  229.328751][ T8196] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.332691][ T5952] usb 2-1: config 0 interface 0 has no altsetting 0
[  229.367047][ T5952] usb 2-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  229.385032][ T5952] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  229.407138][ T5952] usb 2-1: config 0 descriptor??
[  229.432356][ T5922] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[  229.455862][  T981] letsketch 0003:6161:4D15.0008: Device info: ఁ
[  229.466496][ T8196] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.566551][ T8196] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  229.627592][ T8248] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  229.649462][ T8248] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  229.660999][ T8248] netlink: 'syz.1.517': attribute type 4 has an invalid length.
[  229.686710][ T8252] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  229.709640][ T8252] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  229.734800][  T981] usb 5-1: Max retries (5) exceeded reading string descriptor 201
[  229.745484][  T981] letsketch 0003:6161:4D15.0008: probe with driver letsketch failed with error -71
[  229.827526][  T981] usb 5-1: USB disconnect, device number 26
[  229.967301][ T8196] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  229.981671][ T8196] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  230.000120][ T8196] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  230.017074][ T8196] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  230.135188][ T8196] 8021q: adding VLAN 0 to HW filter on device bond0
[  230.164204][ T8196] 8021q: adding VLAN 0 to HW filter on device team0
[  230.179912][ T4400] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.187176][ T4400] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.218882][ T6966] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.226146][ T6966] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.327534][   T30] audit: type=1326 audit(1756150027.239:624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8263 comm="syz.4.519" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f449278ebe9 code=0x0
[  230.346936][ T8196] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  230.362038][ T8196] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  230.436454][ T8196] 8021q: adding VLAN 0 to HW filter on device batadv0
[  230.542841][ T8196] veth0_vlan: entered promiscuous mode
[  230.589482][ T8196] veth1_vlan: entered promiscuous mode
[  230.642231][ T5867] Bluetooth: hci1: command tx timeout
[  230.725549][ T8196] veth0_macvtap: entered promiscuous mode
[  230.757318][ T8196] veth1_macvtap: entered promiscuous mode
[  230.804177][ T8196] batman_adv: batadv0: Interface activated: batadv_slave_0
[  230.822434][ T5952] video4linux radio48: keene_cmd_set failed (-110)
[  230.829304][ T5952] radio-keene 2-1:0.0: V4L2 device registered as radio48
[  230.849425][ T8196] batman_adv: batadv0: Interface activated: batadv_slave_1
[  230.919895][ T6968] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.943619][ T6968] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.959422][ T6968] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.974148][ T6968] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  231.150693][    T9] usb 1-1: USB disconnect, device number 20
[  231.204017][ T6964] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.240108][ T6964] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.405418][ T8271] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  231.446220][ T6966] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  231.454996][ T6966] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.996152][ T5922] usb 4-1: unable to get BOS descriptor or descriptor too short
[  232.018360][ T5922] usb 4-1: too many configurations: 111, using maximum allowed: 8
[  232.048315][ T5922] usb 4-1: unable to read config index 0 descriptor/start: -71
[  232.070970][ T5922] usb 4-1: can't read configurations, error -71
[  232.101171][ T5922] usb usb4-port1: attempt power cycle
[  232.505365][ T8286] netlink: 120 bytes leftover after parsing attributes in process `syz.4.526'.
[  232.712136][ T5867] Bluetooth: hci1: command tx timeout
[  233.421269][   T30] audit: type=1326 audit(1756150030.329:625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8302 comm="syz.4.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449278ebe9 code=0x7ffc0000
[  233.444425][ T5922] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  233.471291][ T5937] usb 2-1: USB disconnect, device number 23
[  233.566154][   T30] audit: type=1326 audit(1756150030.329:626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8302 comm="syz.4.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449278ebe9 code=0x7ffc0000
[  233.588618][    C0] vkms_vblank_simulate: vblank timer overrun
[  233.652070][   T30] audit: type=1326 audit(1756150030.329:627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8301 comm="syz.0.531" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa90b98ebe9 code=0x0
[  233.682398][ T5922] usb 4-1: Using ep0 maxpacket: 16
[  233.693319][ T5922] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  233.705237][ T5922] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  233.716259][   T30] audit: type=1326 audit(1756150030.369:628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8302 comm="syz.4.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7f449278ebe9 code=0x7ffc0000
[  233.738513][    C0] vkms_vblank_simulate: vblank timer overrun
[  233.746525][ T5922] usb 4-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00
[  233.756580][ T5922] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.772464][ T5952] usb 3-1: new low-speed USB device number 20 using dummy_hcd
[  233.777109][   T30] audit: type=1326 audit(1756150030.369:629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8302 comm="syz.4.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449278ebe9 code=0x7ffc0000
[  233.802307][    C0] vkms_vblank_simulate: vblank timer overrun
[  233.812462][ T5922] usb 4-1: config 0 descriptor??
[  233.824101][   T30] audit: type=1326 audit(1756150030.369:630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8302 comm="syz.4.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449278ebe9 code=0x7ffc0000
[  233.848003][   T30] audit: type=1326 audit(1756150030.369:631): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8302 comm="syz.4.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7f449278ebe9 code=0x7ffc0000
[  233.870171][    C0] vkms_vblank_simulate: vblank timer overrun
[  233.878002][   T30] audit: type=1326 audit(1756150030.369:632): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8302 comm="syz.4.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449278ebe9 code=0x7ffc0000
[  233.907184][   T30] audit: type=1326 audit(1756150030.369:633): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8302 comm="syz.4.532" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f449278ebe9 code=0x7ffc0000
[  233.957578][ T5952] usb 3-1: config 1 has an invalid descriptor of length 38, skipping remainder of the config
[  233.968052][ T5952] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  233.978894][ T5952] usb 3-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  233.990846][ T5952] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  234.007085][ T5952] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  234.008628][ T8312] rtc_cmos 00:00: Alarms can be up to one day in the future
[  234.018518][ T5952] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  234.018546][ T5952] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.045663][  T981] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  234.054360][ T8307] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  234.078516][ T5952] hub 3-1:1.0: bad descriptor, ignoring hub
[  234.090913][ T5929] rtc_cmos 00:00: Alarms can be up to one day in the future
[  234.102015][ T5952] hub 3-1:1.0: probe with driver hub failed with error -5
[  234.117318][ T5929] rtc_cmos 00:00: Alarms can be up to one day in the future
[  234.125426][ T5952] cdc_wdm 3-1:1.0: skipping garbage
[  234.132971][ T5929] rtc_cmos 00:00: Alarms can be up to one day in the future
[  234.140514][ T5952] cdc_wdm 3-1:1.0: skipping garbage
[  234.152575][ T5929] rtc_cmos 00:00: Alarms can be up to one day in the future
[  234.160952][ T5952] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  234.189084][ T5952] cdc_wdm 3-1:1.0: Unknown control protocol
[  234.217733][ T5929] rtc rtc0: __rtc_set_alarm: err=-22
[  234.261971][  T981] usb 2-1: Using ep0 maxpacket: 32
[  234.269914][  T981] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  234.431546][  T981] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.514567][  T981] usb 2-1: config 0 descriptor??
[  234.556518][ T8318] veth1_to_bridge: mtu greater than device maximum
[  234.616482][    C1] wdm_int_callback: 2 callbacks suppressed
[  234.616508][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  234.629059][    C1] wdm_int_callback: 2 callbacks suppressed
[  234.629079][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  234.642499][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  234.649398][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  234.657301][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  234.664031][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  234.670190][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1
[  234.754411][  T981] dvb-usb: found a 'Elgato EyeTV Sat' in cold state, will try to load a firmware
[  234.768025][  T981] usb 2-1: Direct firmware load for dvb-usb-az6027-03.fw failed with error -2
[  234.774981][ T8321] FAULT_INJECTION: forcing a failure.
[  234.774981][ T8321] name failslab, interval 1, probability 0, space 0, times 0
[  234.791506][  T981] usb 2-1: Falling back to sysfs fallback for: dvb-usb-az6027-03.fw
[  234.805357][ T8321] CPU: 1 UID: 0 PID: 8321 Comm: syz.4.536 Not tainted syzkaller #0 PREEMPT(full) 
[  234.805382][ T8321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  234.805392][ T8321] Call Trace:
[  234.805399][ T8321]  <TASK>
[  234.805407][ T8321]  dump_stack_lvl+0x189/0x250
[  234.805433][ T8321]  ? __pfx____ratelimit+0x10/0x10
[  234.805464][ T8321]  ? __pfx_dump_stack_lvl+0x10/0x10
[  234.805483][ T8321]  ? __pfx__printk+0x10/0x10
[  234.805511][ T8321]  ? __pfx___might_resched+0x10/0x10
[  234.805532][ T8321]  should_fail_ex+0x414/0x560
[  234.805558][ T8321]  should_failslab+0xa8/0x100
[  234.805582][ T8321]  kmem_cache_alloc_node_noprof+0x76/0x3c0
[  234.805604][ T8321]  ? __alloc_skb+0x112/0x2d0
[  234.805621][ T8321]  __alloc_skb+0x112/0x2d0
[  234.805639][ T8321]  netlink_sendmsg+0x5c6/0xb30
[  234.805670][ T8321]  ? __pfx_netlink_sendmsg+0x10/0x10
[  234.805695][ T8321]  ? aa_sock_msg_perm+0xf1/0x1d0
[  234.805713][ T8321]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  234.805731][ T8321]  ? __pfx_netlink_sendmsg+0x10/0x10
[  234.805754][ T8321]  __sock_sendmsg+0x21c/0x270
[  234.805779][ T8321]  ____sys_sendmsg+0x505/0x830
[  234.805802][ T8321]  ? __pfx_____sys_sendmsg+0x10/0x10
[  234.805829][ T8321]  ? import_iovec+0x74/0xa0
[  234.805852][ T8321]  ___sys_sendmsg+0x21f/0x2a0
[  234.805872][ T8321]  ? __pfx____sys_sendmsg+0x10/0x10
[  234.805925][ T8321]  ? __fget_files+0x2a/0x420
[  234.805946][ T8321]  ? __fget_files+0x3a0/0x420
[  234.805979][ T8321]  __x64_sys_sendmsg+0x19b/0x260
[  234.805997][ T8321]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  234.806024][ T8321]  ? __pfx_ksys_write+0x10/0x10
[  234.806042][ T8321]  ? rcu_is_watching+0x15/0xb0
[  234.806064][ T8321]  ? do_syscall_64+0xbe/0x3b0
[  234.806090][ T8321]  do_syscall_64+0xfa/0x3b0
[  234.806110][ T8321]  ? lockdep_hardirqs_on+0x9c/0x150
[  234.806131][ T8321]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.806147][ T8321]  ? clear_bhb_loop+0x60/0xb0
[  234.806168][ T8321]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.806184][ T8321] RIP: 0033:0x7f449278ebe9
[  234.806200][ T8321] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  234.806214][ T8321] RSP: 002b:00007f4493538038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  234.806234][ T8321] RAX: ffffffffffffffda RBX: 00007f44929b5fa0 RCX: 00007f449278ebe9
[  234.806247][ T8321] RDX: 0000000000004010 RSI: 0000200000000240 RDI: 0000000000000004
[  234.806258][ T8321] RBP: 00007f4493538090 R08: 0000000000000000 R09: 0000000000000000
[  234.806269][ T8321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  234.806280][ T8321] R13: 00007f44929b6038 R14: 00007f44929b5fa0 R15: 00007f4492adfa28
[  234.806308][ T8321]  </TASK>
[  234.874025][ T5983] usb 3-1: USB disconnect, device number 20
[  235.278426][ T8327] netlink: 48 bytes leftover after parsing attributes in process `syz.4.539'.
[  235.432207][ T5952] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  235.439956][ T6004] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  235.449739][ T6004] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  235.615301][ T5952] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  235.636675][ T5952] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  235.686153][ T5952] usb 1-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00
[  235.857786][ T5952] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.890543][ T5952] usb 1-1: config 0 descriptor??
[  236.321060][ T5952] waterforce 0003:1044:7A4D.000A: hidraw0: USB HID v0.00 Device [HID 1044:7a4d] on usb-dummy_hcd.0-1/input0
[  236.471107][ T5952] waterforce 0003:1044:7A4D.000A: fw version request failed with -38
[  236.562141][ T5952] usb 1-1: USB disconnect, device number 21
[  236.617551][ T8347] fido_id[8347]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:1044:7A4D.000A/report_descriptor': No such file or directory
[  236.635345][ T5872] Bluetooth: hci1: command 0x0405 tx timeout
[  236.696917][   T30] audit: type=1326 audit(1756150033.599:634): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8348 comm="syz.1.545" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9b37b8ebe9 code=0x0
[  236.718722][    C0] vkms_vblank_simulate: vblank timer overrun
[  236.937721][ T5922] usbhid 4-1:0.0: can't add hid device: -71
[  236.943971][ T5922] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  236.968393][ T5922] usb 4-1: USB disconnect, device number 26
[  237.194327][ T8353] vivid-004: disconnect
[  237.208100][ T8352] vivid-004: reconnect
[  237.367972][ T8363] tipc: Started in network mode
[  237.376969][ T8363] tipc: Node identity 7aa748e4ff04, cluster identity 4711
[  237.429250][ T8363] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  237.532937][ T8363] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[  237.560154][ T8364] syzkaller0: entered promiscuous mode
[  237.582830][ T8364] syzkaller0: entered allmulticast mode
[  237.654620][ T8363] tipc: Resetting bearer <eth:syzkaller0>
[  237.712137][ T8362] tipc: Resetting bearer <eth:syzkaller0>
[  237.850923][ T8362] tipc: Disabling bearer <eth:syzkaller0>
[  237.887783][ T8378] openvswitch: netlink: Duplicate or invalid key (type 0).
[  237.977384][ T8378] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  237.990640][ T8378] netlink: 4 bytes leftover after parsing attributes in process `syz.3.553'.
[  238.711894][   T30] audit: type=1326 audit(1756150035.599:635): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.3.562" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7faedc38ebe9 code=0x0
[  238.927232][ T8408] veth3: entered promiscuous mode
[  239.150959][ T8409] EXT4-fs: Value of option "test_dummy_encryption" is unrecognized
[  242.654109][ T8440] netlink: 8 bytes leftover after parsing attributes in process `syz.2.574'.
[  242.837812][   T30] audit: type=1326 audit(1756150039.739:636): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8443 comm="syz.0.575" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa90b98ebe9 code=0x0
[  242.989162][ T5865] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  243.000431][ T5865] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  243.010512][ T5865] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  243.020257][ T5865] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  243.030979][ T5865] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  243.677458][ T8454] chnl_net:caif_netlink_parms(): no params data found
[  244.117933][ T8470] bridge1: entered promiscuous mode
[  244.123306][ T8470] bridge1: entered allmulticast mode
[  244.146955][ T8454] bridge0: port 1(bridge_slave_0) entered blocking state
[  244.167610][ T8454] bridge0: port 1(bridge_slave_0) entered disabled state
[  244.177639][ T8454] bridge_slave_0: entered allmulticast mode
[  244.190549][ T8454] bridge_slave_0: entered promiscuous mode
[  244.214488][ T8454] bridge0: port 2(bridge_slave_1) entered blocking state
[  244.228051][ T8454] bridge0: port 2(bridge_slave_1) entered disabled state
[  244.292695][ T8454] bridge_slave_1: entered allmulticast mode
[  244.309419][ T8454] bridge_slave_1: entered promiscuous mode
[  244.372012][ T6004] usb 3-1: new full-speed USB device number 21 using dummy_hcd
[  244.528656][ T6004] usb 3-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  244.576810][ T6004] usb 3-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[  244.596938][ T8454] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  244.612334][ T6004] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.666006][ T6004] usb 3-1: Product: syz
[  244.670363][ T6004] usb 3-1: Manufacturer: syz
[  244.675997][ T6004] usb 3-1: SerialNumber: syz
[  244.697465][ T6004] usb 3-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state
[  244.726755][ T8454] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  244.919991][ T8454] team0: Port device team_slave_0 added
[  245.040004][ T8454] team0: Port device team_slave_1 added
[  245.122084][ T5865] Bluetooth: hci4: command tx timeout
[  245.158516][ T8454] batman_adv: batadv0: Adding interface: batadv_slave_0
[  245.166238][ T8454] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  245.192574][    C0] vkms_vblank_simulate: vblank timer overrun
[  245.199785][ T8454] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  245.213487][ T8454] batman_adv: batadv0: Adding interface: batadv_slave_1
[  245.220566][ T8454] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  245.330042][ T8454] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  245.407359][ T8481] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5)
[  245.413902][ T8481] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  245.432314][ T8481] vhci_hcd vhci_hcd.0: Device attached
[  245.446763][ T8454] hsr_slave_0: entered promiscuous mode
[  245.471040][ T8485] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.486058][ T6004] usb 3-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[  245.504978][ T8454] hsr_slave_1: entered promiscuous mode
[  245.543355][ T8454] debugfs: 'hsr0' already exists in 'hsr'
[  245.634769][ T8485] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.687442][ T8454] Cannot create hsr debugfs directory
[  245.707943][ T8483] vhci_hcd: cannot find a urb of seqnum 1 max seqnum 0
[  245.708063][ T8485] netlink: 'syz.0.581': attribute type 32 has an invalid length.
[  245.771343][ T5922] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  245.910348][ T5952] usb 33-1: new low-speed USB device number 2 using vhci_hcd
[  245.950851][ T8481] netlink: 'syz.0.581': attribute type 32 has an invalid length.
[  245.962004][ T8481] bond0: option coupled_control: mode dependency failed, not supported in mode balance-rr(0)
[  246.013331][ T6964] vhci_hcd: stop threads
[  246.027457][ T6964] vhci_hcd: release socket
[  246.131930][ T6964] vhci_hcd: disconnect device
[  246.142646][ T5922] usb 1-1: device descriptor read/64, error -71
[  246.338448][ T8485] bond0: option coupled_control: mode dependency failed, not supported in mode balance-rr(0)
[  246.392313][ T5922] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  246.617563][ T5922] usb 1-1: device descriptor read/64, error -71
[  246.754149][ T5922] usb usb1-port1: attempt power cycle
[  247.115137][ T8454] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.162084][ T5922] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  247.192711][ T5865] Bluetooth: hci4: command tx timeout
[  247.222836][ T5922] usb 1-1: device descriptor read/8, error -71
[  247.244733][ T8454] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.367295][ T8454] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.462185][ T5922] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  247.507354][ T5922] usb 1-1: device descriptor read/8, error -71
[  247.591269][ T8454] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  247.692505][ T5922] usb usb1-port1: unable to enumerate USB device
[  247.737270][ T5929] usb 3-1: USB disconnect, device number 21
[  248.059891][ T8454] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  248.076103][ T8454] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  248.090952][ T8454] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  248.102939][ T8454] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  248.269019][ T8454] 8021q: adding VLAN 0 to HW filter on device bond0
[  248.310415][ T8454] 8021q: adding VLAN 0 to HW filter on device team0
[  248.346958][ T6968] bridge0: port 1(bridge_slave_0) entered blocking state
[  248.354296][ T6968] bridge0: port 1(bridge_slave_0) entered forwarding state
[  248.369566][ T5929] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  248.391488][ T6968] bridge0: port 2(bridge_slave_1) entered blocking state
[  248.398741][ T6968] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.439440][ T8510] capability: warning: `syz.4.586' uses 32-bit capabilities (legacy support in use)
[  248.512158][ T5929] usb 3-1: device descriptor read/64, error -71
[  248.518459][ T8454] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  248.561887][   T30] audit: type=1326 audit(1756150045.469:637): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8511 comm="syz.0.587" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa90b98ebe9 code=0x0
[  248.583485][    C0] vkms_vblank_simulate: vblank timer overrun
[  248.680763][ T8454] 8021q: adding VLAN 0 to HW filter on device batadv0
[  248.713299][ T8518] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  248.738831][ T8517] veth3: entered promiscuous mode
[  248.757269][ T8518] syzkaller0: entered promiscuous mode
[  248.763369][ T8518] syzkaller0: entered allmulticast mode
[  248.785897][ T8518] tipc: Resetting bearer <eth:syzkaller0>
[  248.793862][ T5929] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  248.795720][ T8518] fuse: Unknown parameter 'fd}0x000000000000000c'
[  248.849917][ T8454] veth0_vlan: entered promiscuous mode
[  248.885964][ T8454] veth1_vlan: entered promiscuous mode
[  248.933206][ T8454] veth0_macvtap: entered promiscuous mode
[  248.942364][ T5929] usb 3-1: device descriptor read/64, error -71
[  248.949225][ T8454] veth1_macvtap: entered promiscuous mode
[  248.972482][ T8454] batman_adv: batadv0: Interface activated: batadv_slave_0
[  248.986263][ T8454] batman_adv: batadv0: Interface activated: batadv_slave_1
[  249.020942][ T4400] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  249.053229][ T4400] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  249.072376][ T4400] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  249.074332][ T5929] usb usb3-port1: attempt power cycle
[  249.119496][ T4400] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  249.251241][ T6960] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.263390][ T6960] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.272343][ T5865] Bluetooth: hci4: command tx timeout
[  249.314270][ T6960] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  249.328531][ T6960] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  249.473209][ T5929] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  249.493994][ T8515] tipc: Resetting bearer <eth:syzkaller0>
[  249.516115][ T5929] usb 3-1: device descriptor read/8, error -71
[  249.575366][ T8529] netlink: 4 bytes leftover after parsing attributes in process `syz.3.570'.
[  249.637950][ T8515] tipc: Disabling bearer <eth:syzkaller0>
[  249.785634][ T5929] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  249.841037][ T5929] usb 3-1: device descriptor read/8, error -71
[  249.972304][ T5929] usb usb3-port1: unable to enumerate USB device
[  250.103007][    T9] hid-generic 0000:0000:0000.000B: unknown main item tag 0x0
[  250.145712][    T9] hid-generic 0000:0000:0000.000B: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  251.002037][ T5937] usb 1-1: new high-speed USB device number 26 using dummy_hcd
[  251.032184][ T5952] vhci_hcd: vhci_device speed not set
[  251.152248][ T5937] usb 1-1: Using ep0 maxpacket: 8
[  251.173538][ T5937] usb 1-1: unable to get BOS descriptor or descriptor too short
[  251.183296][ T5937] usb 1-1: config 4 has an invalid interface number: 30 but max is 0
[  251.191444][ T5937] usb 1-1: config 4 has no interface number 0
[  251.210124][ T5937] usb 1-1: config 4 interface 30 has no altsetting 0
[  251.243187][ T5937] usb 1-1: string descriptor 0 read error: -22
[  251.249517][ T5937] usb 1-1: New USB device found, idVendor=9022, idProduct=d484, bcdDevice=ff.88
[  251.285294][ T5937] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  251.347922][ T5937] dvb-usb: found a 'TeVii S482 (tuner 2)' in warm state.
[  251.353608][ T5865] Bluetooth: hci4: command tx timeout
[  251.386174][ T5937] dw2102: su3000_power_ctrl: 1, initialized 0
[  251.431552][ T5937] dvb-usb: bulk message failed: -22 (2/0)
[  251.465283][ T5937] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  251.487465][ T5937] dvbdev: DVB: registering new adapter (TeVii S482 (tuner 2))
[  251.509435][ T6960] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.531601][ T5937] usb 1-1: media controller created
[  251.541555][ T5937] dvb-usb: bulk message failed: -22 (6/0)
[  251.562664][ T5937] dw2102: i2c transfer failed.
[  251.578984][ T5937] dvb-usb: bulk message failed: -22 (6/0)
[  251.596477][ T5937] dw2102: i2c transfer failed.
[  251.621130][ T8555] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000002: 0000 [#1] SMP KASAN PTI
[  251.633069][ T8555] KASAN: null-ptr-deref in range [0x0000000000000010-0x0000000000000017]
[  251.641493][ T8555] CPU: 1 UID: 0 PID: 8555 Comm: syz.0.597 Not tainted syzkaller #0 PREEMPT(full) 
[  251.650871][ T8555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  251.661098][ T8555] RIP: 0010:su3000_i2c_transfer+0x1ad/0x1040
[  251.667176][ T8555] Code: 4c 89 f8 48 c1 e8 03 49 bc 00 00 00 00 00 fc ff df 42 80 3c 20 00 74 08 4c 89 ff e8 8d 9c 3c fa 49 8b 1f 48 89 d8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 0f 85 5f 09 00 00 0f b6 1b 48 8b 44 24 38 42
[  251.686954][ T8555] RSP: 0018:ffffc900042afaa8 EFLAGS: 00010202
[  251.693102][ T8555] RAX: 0000000000000002 RBX: 0000000000000010 RCX: 0000000000000003
[  251.701261][ T8555] RDX: ffffffff87e67ce5 RSI: ffffffff8f0d4250 RDI: 0000000000001900
[  251.709325][ T8555] RBP: 0000000000000000 R08: ffff88802c430000 R09: 0000000000000002
[  251.717285][ T8555] R10: 0000000000001a00 R11: 0000000000000002 R12: dffffc0000000000
[  251.725286][ T8555] R13: 1ffff11003ff4608 R14: 0000000000000001 R15: ffff88801ffa3048
[  251.733275][ T8555] FS:  00007fa90c85a6c0(0000) GS:ffff888125d1b000(0000) knlGS:0000000000000000
[  251.742277][ T8555] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  251.749124][ T8555] CR2: 00007fa90c859f98 CR3: 000000006f610000 CR4: 00000000003526f0
[  251.757213][ T8555] Call Trace:
[  251.760574][ T8555]  <TASK>
[  251.763643][ T8555]  __i2c_transfer+0x874/0x2170
[  251.768841][ T8555]  ? i2c_transfer+0x11d/0x3a0
[  251.773512][ T8555]  ? __pfx___i2c_transfer+0x10/0x10
[  251.778790][ T8555]  ? rt_mutex_lock_nested+0x172/0x1e0
[  251.784146][ T8555]  ? i2c_transfer+0x11d/0x3a0
[  251.788894][ T8555]  i2c_transfer+0x25b/0x3a0
[  251.793380][ T8555]  ? __pfx_i2c_transfer+0x10/0x10
[  251.798409][ T8555]  ? _copy_from_user+0x94/0xb0
[  251.803207][ T8555]  i2cdev_ioctl_rdwr+0x460/0x740
[  251.808131][ T8555]  i2cdev_ioctl+0x64b/0x7f0
[  251.812614][ T8555]  ? __pfx_i2cdev_ioctl+0x10/0x10
[  251.817724][ T8555]  ? __fget_files+0x3a0/0x420
[  251.822489][ T8555]  ? __fget_files+0x2a/0x420
[  251.827080][ T8555]  ? bpf_lsm_file_ioctl+0x9/0x20
[  251.832108][ T8555]  ? __pfx_i2cdev_ioctl+0x10/0x10
[  251.837131][ T8555]  __se_sys_ioctl+0xf9/0x170
[  251.841927][ T8555]  do_syscall_64+0xfa/0x3b0
[  251.846537][ T8555]  ? lockdep_hardirqs_on+0x9c/0x150
[  251.851779][ T8555]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.857929][ T8555]  ? clear_bhb_loop+0x60/0xb0
[  251.862694][ T8555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.868664][ T8555] RIP: 0033:0x7fa90b98ebe9
[  251.873069][ T8555] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  251.892778][ T8555] RSP: 002b:00007fa90c85a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  251.901461][ T8555] RAX: ffffffffffffffda RBX: 00007fa90bbb6090 RCX: 00007fa90b98ebe9
[  251.909525][ T8555] RDX: 0000200000000a40 RSI: 0000000000000707 RDI: 0000000000000006
[  251.917497][ T8555] RBP: 00007fa90ba11e19 R08: 0000000000000000 R09: 0000000000000000
[  251.925547][ T8555] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  251.933682][ T8555] R13: 00007fa90bbb6128 R14: 00007fa90bbb6090 R15: 00007fa90bcdfa28
[  251.941823][ T8555]  </TASK>
[  251.944828][ T8555] Modules linked in:
[  251.948842][    C1] vkms_vblank_simulate: vblank timer overrun
[  251.956318][ T8555] ---[ end trace 0000000000000000 ]---
[  251.973698][ T6960] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.986771][ T8555] RIP: 0010:su3000_i2c_transfer+0x1ad/0x1040
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  252.041890][ T8555] Code: 4c 89 f8 48 c1 e8 03 49 bc 00 00 00 00 00 fc ff df 42 80 3c 20 00 74 08 4c 89 ff e8 8d 9c 3c fa 49 8b 1f 48 89 d8 48 c1 e8 03 <42> 0f b6 04 20 84 c0 0f 85 5f 09 00 00 0f b6 1b 48 8b 44 24 38 42
[  252.108247][ T6960] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.135535][ T8555] RSP: 0018:ffffc900042afaa8 EFLAGS: 00010202
[  252.181992][ T8555] RAX: 0000000000000002 RBX: 0000000000000010 RCX: 0000000000000003
[  252.192484][ T8559] syz-executor: vmalloc error: size 4194304, failed to allocated page array size 8192, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  252.216313][ T8555] RDX: ffffffff87e67ce5 RSI: ffffffff8f0d4250 RDI: 0000000000001900
[  252.248400][ T8555] RBP: 0000000000000000 R08: ffff88802c430000 R09: 0000000000000002
[  252.282026][ T8555] R10: 0000000000001a00 R11: 0000000000000002 R12: dffffc0000000000
[  252.302057][ T8559] CPU: 0 UID: 0 PID: 8559 Comm: syz-executor Tainted: G      D             syzkaller #0 PREEMPT(full) 
[  252.302087][ T8559] Tainted: [D]=DIE
[  252.302093][ T8559] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  252.302103][ T8559] Call Trace:
[  252.302110][ T8559]  <TASK>
[  252.302117][ T8559]  dump_stack_lvl+0x189/0x250
[  252.302143][ T8559]  ? __pfx_dump_stack_lvl+0x10/0x10
[  252.302158][ T8559]  ? __pfx__printk+0x10/0x10
[  252.302177][ T8559]  ? lock_release+0x4b/0x3e0
[  252.302199][ T8559]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  252.302219][ T8559]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  252.302237][ T8559]  warn_alloc+0x214/0x310
[  252.302262][ T8559]  ? __pfx_warn_alloc+0x10/0x10
[  252.302285][ T8559]  ? __get_vm_area_node+0x28f/0x300
[  252.302305][ T8559]  ? kcov_ioctl+0x55/0x640
[  252.302325][ T8559]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  252.302357][ T8559]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  252.302380][ T8559]  ? __pfx_kcov_ioctl+0x10/0x10
[  252.302399][ T8559]  vmalloc_user_noprof+0xad/0xf0
[  252.302419][ T8559]  ? kcov_ioctl+0x55/0x640
[  252.302438][ T8559]  kcov_ioctl+0x55/0x640
[  252.302457][ T8559]  ? bpf_lsm_file_ioctl+0x9/0x20
[  252.302477][ T8559]  ? __pfx_kcov_ioctl+0x10/0x10
[  252.302495][ T8559]  __se_sys_ioctl+0xf9/0x170
[  252.302515][ T8559]  do_syscall_64+0xfa/0x3b0
[  252.302537][ T8559]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.302553][ T8559]  ? clear_bhb_loop+0x60/0xb0
[  252.302570][ T8559]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  252.302587][ T8559] RIP: 0033:0x7f9f7538e7eb
[  252.302602][ T8559] Code: 00 48 89 44 24 18 31 c0 48 8d 44 24 60 c7 04 24 10 00 00 00 48 89 44 24 08 48 8d 44 24 20 48 89 44 24 10 b8 10 00 00 00 0f 05 <89> c2 3d 00 f0 ff ff 77 1c 48 8b 44 24 18 64 48 2b 04 25 28 00 00
[  252.302628][ T8559] RSP: 002b:00007ffd11b38c60 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  252.302648][ T8559] RAX: ffffffffffffffda RBX: 0000000000080000 RCX: 00007f9f7538e7eb
[  252.302660][ T8559] RDX: 0000000000080000 RSI: ffffffff80086301 RDI: 00000000000000d8
[  252.302672][ T8559] RBP: 00007f9f755b6038 R08: 0000000000000005 R09: 0000000000000000
[  252.302683][ T8559] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  252.302694][ T8559] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  252.302710][ T8559]  </TASK>
[  252.302727][ T8559] Mem-Info:
[  252.451996][ T8555] R13: 1ffff11003ff4608 R14: 0000000000000001 R15: ffff88801ffa3048
[  252.551542][ T8559] active_anon:4107 inactive_anon:0 isolated_anon:0
[  252.551542][ T8559]  active_file:3803 inactive_file:39941 isolated_file:0
[  252.551542][ T8559]  unevictable:768 dirty:74 writeback:0
[  252.551542][ T8559]  slab_reclaimable:11063 slab_unreclaimable:114997
[  252.551542][ T8559]  mapped:8307 shmem:1360 pagetables:864
[  252.551542][ T8559]  sec_pagetables:0 bounce:0
[  252.551542][ T8559]  kernel_misc_reclaimable:0
[  252.551542][ T8559]  free:1339445 free_pcp:13799 free_cma:0
[  252.606604][ T8555] FS:  00007fa90c85a6c0(0000) GS:ffff888125c1b000(0000) knlGS:0000000000000000
[  252.641984][ T8555] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  252.648799][ T8555] CR2: 000055b052449000 CR3: 000000006f610000 CR4: 00000000003526f0
[  252.669288][ T8555] Kernel panic - not syncing: Fatal exception
[  252.675889][ T8555] Kernel Offset: disabled
[  252.680229][ T8555] Rebooting in 86400 seconds..