last executing test programs:

10.409711491s ago: executing program 1 (id=7730):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller1\x00', 0x2})
write$tun(r0, &(0x7f0000000240)=ANY=[@ANYBLOB="0000534863c49f0a03310180c200000e88a8000081000002"], 0x3e)

10.236466045s ago: executing program 1 (id=7731):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000200)="66b9a00d00000f32dbd567f0879f00a00000670f4fa1ea000000660f388080062e0f01c5baf80c66b8d789868866efbafc0cec0f0666b9800000c00f320f304466b8010000000f23d80f21f86635800000300f23f866350a00000044360f01d1", 0x60}], 0x1, 0x54, 0x0, 0x0)
syz_usb_connect(0x0, 0x68, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000a1121710950b2a17f4f701020301090224"], 0x0)
openat$binderfs(0xffffff9c, &(0x7f0000000080)='./binderfs/binder1\x00', 0x806, 0x0)
pipe2(&(0x7f0000000200), 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000880)={0x0, 0x0, @pic={0x2a, 0xc0, 0x7, 0x6, 0xfb, 0x0, 0xf, 0x24, 0x3, 0x0, 0x3, 0x0, 0x7, 0x6, 0x6, 0x7f}})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x8000000000000035, 0x400ffc, 0x14000000215b9037, 0x40190, 0x1, 0x11, 0x8000000000f2, 0x7, 0x3, 0x20000005, 0x5, 0xc6bd, 0x568, 0x45, 0x5, 0xff], 0x6006, 0x1c0293})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

8.91080003s ago: executing program 2 (id=7745):
syz_open_dev$video4linux(&(0x7f0000000000), 0xff, 0x2001)
socket(0x5, 0x800, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x8, 0x81, 0x0, 0x9, 0xfffffffffffffffd, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
r2 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000140)=<r4=>0x0, &(0x7f0000000180)=<r5=>0x0)
syz_io_uring_submit(r3, r4, r5, &(0x7f00000001c0)=@IORING_OP_UNLINKAT={0x24, 0x9, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x200})
io_uring_enter(r2, 0x1, 0x1, 0x1, 0x0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000200)={0x48})
r6 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r6, 0x40345410, &(0x7f0000000180)={{0x1, 0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r6, 0x40505412, &(0x7f00000000c0)={0x3, 0x3, 0x0, 0x0, 0xf})
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000001080)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x6c, 0x2, 0x6, 0x1, 0x6000000, 0x0, {}, [@IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_DATA={0x24, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast}}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @empty=0x80ffffff}}, @IPSET_ATTR_NETMASK={0x5, 0x14, 0x2}]}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x6c}}, 0x0)

8.43598236s ago: executing program 1 (id=7755):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000004200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_ABORT_SCAN(r0, &(0x7f0000004300)={0x0, 0x0, &(0x7f00000042c0)={&(0x7f0000004280)={0x1c, r1, 0x1, 0x70bd27, 0x25dfdbff, {{}, {@val={0x8}, @void}}}, 0x1c}}, 0x4800)

7.891737642s ago: executing program 1 (id=7759):
sendto$inet(0xffffffffffffffff, &(0x7f0000000100)="1ce0", 0xffeb, 0x0, &(0x7f0000001100)={0x2, 0x0, @private}, 0x10)
r0 = socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$FS_IOC_GETFSMAP(r2, 0xc0c0583b, &(0x7f0000000380)={0x0, 0x0, 0x2, 0x0, '\x00', [{0x0, 0x800, 0x10, 0x3, 0x101, 0x8}, {0x10000, 0x8000, 0xeb, 0x9, 0x4, 0x8}], ['\x00', '\x00']})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f00000001c0)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={0x141, 0x0, 0x4}, 0x18)
r3 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r3, 0xc008561c, &(0x7f0000000040)={0xf0f002, 0x4})
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x85c68e8ab9c77084, 0x0)
openat$sequencer2(0xffffff9c, &(0x7f0000000080), 0x143240, 0x0)
r4 = openat$ttyprintk(0xffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TCSETSF2(r4, 0x402c542d, &(0x7f0000000280)={0x4f, 0xd09, 0x2, 0x17ff, 0x4, "e802b7e4ed93000600000000000000eaffffff", 0x3})
socket$nl_xfrm(0x10, 0x3, 0x6)
gettid()
setsockopt$MRT6_INIT(r0, 0x29, 0xc8, &(0x7f0000000340), 0x4)
setsockopt$MRT6_ADD_MIF(r0, 0x29, 0xca, &(0x7f0000000040)={0x1, 0x1, 0x40}, 0xc)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @remote}}, {0xa, 0x0, 0x0, @empty}}, 0x5c)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r5, &(0x7f0000002180)=[{&(0x7f0000000080)=""/215, 0xd7}], 0x31, &(0x7f0000002540)=[{&(0x7f00000021c0)=""/233, 0xe9}], 0x1, 0x0)
setsockopt$MRT6_FLUSH(r0, 0x29, 0xd4, &(0x7f0000000080)=0x6, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000000a40), 0x0, 0x40000002, 0x0)
fanotify_init(0x200, 0x0)
openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x123201, 0x0)

7.084983779s ago: executing program 2 (id=7768):
unshare(0x6a040000)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)=@newlink={0x38, 0x10, 0x439, 0x70fd2c, 0xffffffea, {0x0, 0x0, 0xe403, 0x0, 0x3, 0x610c3}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @sit={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPTUN_REMOTE={0x8, 0x3, @dev}]}}}]}, 0x38}}, 0x0)

5.963059381s ago: executing program 2 (id=7780):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/bus/input/devices\x00', 0x0, 0x0)
r1 = syz_io_uring_setup(0x1d5a, &(0x7f0000000080)={0x0, 0x0, 0xc00, 0x10000, 0x374}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000180)=<r4=>0x0)
syz_io_uring_submit(r2, r3, r4, &(0x7f0000000000)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x4004, @fd_index=0x4, 0x718a, 0x0, 0x0, 0x12, 0x1, {0x2}})
io_uring_enter(r1, 0x742f, 0x77ae, 0x1, 0x0, 0x0)
clock_adjtime(0x0, 0x0)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x405c5503, &(0x7f0000000480)={{0xfffc, 0x9, 0x0, 0x1}, 'syz0\x00', 0x3})
ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501)
close_range(r0, 0xffffffffffffffff, 0x0)

5.827622297s ago: executing program 2 (id=7783):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)={0x90, r0, 0x5, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x51, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @val={0x5, 0x3, {0x7, 0xc7, 0x6}}, @void, @void, @void, @val={0x2d, 0x1a, {0x300, 0x1, 0x7, 0x0, {0xa600000000000000, 0x2, 0x0, 0x3fe, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x9, 0x3}}, @val={0x72, 0x6}, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x90}}, 0x20000014)

5.751478515s ago: executing program 2 (id=7784):
syz_open_dev$sndctrl(&(0x7f0000000600), 0x0, 0x8801)
signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x2]}, 0x8, 0x0)
memfd_create(&(0x7f0000000180)='\x8a\'\x0e\xda4N\x0e\xea\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\x01\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc0\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5%\xdd\x19\x03K\x98\xf5`\xcb\x1e\x99\x83\xcd\b\xd1\x02R\xae\x80z\xc4]V\xfa\xdc\x1f\xf9\x15\n8Z\xd2}\xf5\xe4\x9f5\x9b7\xaf\xb7o\x01\xf9', 0x1)
socket$inet_smc(0x2b, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x7, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
getsockopt$sock_linger(0xffffffffffffffff, 0x1, 0xd, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = syz_open_dev$sg(&(0x7f00000003c0), 0x1, 0x40002)
writev(r3, &(0x7f00000002c0)=[{0x0}], 0x1)
openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r4 = socket$kcm(0x29, 0x5, 0x0)
write$cgroup_pressure(r4, &(0x7f0000000300)={'some'}, 0x2f)

5.738360949s ago: executing program 1 (id=7785):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x2000000000000013, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xb8, &(0x7f0000000140)=""/184, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

4.349233919s ago: executing program 0 (id=7797):
r0 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x0, 0xc00, 0x0, 0x374}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0, &(0x7f0000000180)=<r3=>0x0)
syz_io_uring_submit(r1, r2, r3, &(0x7f0000000000)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x4004, @fd_index=0x4, 0x718a, 0x0, 0x0, 0x12, 0x1, {0x2}})
io_uring_enter(r0, 0x742f, 0x77ae, 0x1, 0x0, 0x0)

4.12057302s ago: executing program 0 (id=7799):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x44, 0x6, 0x3b4, 0x164, 0x164, 0x94, 0x28c, 0x94, 0x320, 0x320, 0x320, 0x320, 0x320, 0x6, 0x0, {[{{@ip={@multicast1, @dev={0xac, 0x14, 0x14, 0x13}, 0xff, 0xff000000, 'pim6reg1\x00', 'bridge_slave_0\x00', {}, {0xff}, 0x88, 0x3}, 0x0, 0x70, 0x94, 0x0, {0x0, 0x8800}}, @TTL={0x24, 'TTL\x00', 0x0, {0x1, 0x9}}}, {{@ip={@private=0xa010100, @local, 0x0, 0x0, 'vcan0\x00', 'veth0_virt_wifi\x00', {}, {0xff}, 0x6}, 0x0, 0x70, 0xd0, 0x0, {0x1000000000000}}, @common=@SET={0x20, 'SET\x00', 0x0, {{0x0, [0x11, 0x6, 0x0, 0x1100, 0x88]}, {0x0, [0x5, 0x11, 0x700, 0x2, 0x4], 0x3, 0x6}}}}, {{@ip={@remote, @remote, 0xff, 0x0, 'wlan1\x00', 'veth1_macvtap\x00', {}, {}, 0x11, 0x0, 0x54}, 0x0, 0x70, 0x94}, @unspec=@CHECKSUM={0x24}}, {{@ip={@private=0xa010102, @multicast1, 0x0, 0xffffffff, 'syzkaller0\x00', 'bond0\x00', {}, {0xff}}, 0x0, 0x70, 0x94}, @unspec=@CHECKSUM={0x24}}, {{@uncond, 0x0, 0x70, 0x94}, @ECN={0x24, 'ECN\x00', 0x0, {0x0, 0xfc}}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x410)

3.490051319s ago: executing program 0 (id=7809):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000100)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000003c0)={0x84, &(0x7f0000001000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
openat$null(0xffffff9c, &(0x7f0000000000), 0x2200, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000)
r2 = dup2(r1, r1)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000040)=0x1)
r3 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x0, 0xc00, 0x0, 0x374}, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180))
io_uring_enter(r3, 0x742f, 0x77ae, 0x1, 0x0, 0x0)

3.231446024s ago: executing program 4 (id=7813):
pipe(0x0)
close(0xffffffffffffffff)
r0 = epoll_create1(0x80000)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/power/wakeup_count', 0x0, 0x10)
syz_clone(0x211, 0x0, 0x0, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a})
read$char_usb(r1, &(0x7f0000000340)=""/170, 0xaa)

3.06460164s ago: executing program 4 (id=7815):
r0 = syz_open_dev$vbi(&(0x7f0000000100), 0x2, 0x2)
ioctl$VIDIOC_S_PARM(r0, 0xc0cc5616, 0x0)

2.90877316s ago: executing program 4 (id=7816):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_int(r0, 0x29, 0x46, 0x0, 0x0)
sendmmsg$inet6(r0, &(0x7f0000000480), 0x0, 0x8000)

2.829546692s ago: executing program 4 (id=7817):
socket$inet6_tcp(0xa, 0x1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket(0x11, 0x3, 0x0)
epoll_create(0x7e)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xffffffffffffffff, 0x0, 0xfffffffffffffffd, 0x1000001000, 0x46}, 0x0, &(0x7f0000000000)={0x3ff, 0x7, 0xff00, 0x9, 0x0, 0xf, 0x80000002}, 0x0, 0x0)
close(0x3)

1.897425127s ago: executing program 4 (id=7825):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000040)=ANY=[@ANYBLOB="280400001600e5632bbd7000fedbdf25fc010000000000000000000000000000ac1414aa0000000000000000000000004e230fff4e2300050200808021000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fe800000000000000000000000000035000004d432000000ac1414bb000000000000000000000000050000000000000002000000000000000004000000000000070000000000000007000000000000006cee0000000000000700000000000000ff0300000000000001"], 0x428}}, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[@ANYBLOB="f800000016008502000000000000000020010000000000000000000000000002a600000200"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fe8000000000000000000000000000bb0000000032"], 0xf8}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000000)=ANY=[], 0x134}}, 0x0)

1.765428438s ago: executing program 0 (id=7827):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001680)={0x30, r1, 0x1, 0x0, 0x3, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa, 0x6, @broadcast}, @NL80211_ATTR_LOCAL_MESH_POWER_MODE={0x8, 0xa4, 0x3}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

1.704354113s ago: executing program 4 (id=7829):
r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d000110000000090400"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r1 = syz_open_dev$vim2m(0x0, 0x47b, 0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
bind$inet6(r2, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$sndtimer(0xffffffffffffff9c, 0x0, 0x8002)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, &(0x7f00000001c0), 0x4)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20040000)
r3 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r3, &(0x7f0000000100)={0xa, 0x80, 0x380000, @dev={0xfe, 0x80, '\x00', 0x13}, 0x1}, 0x1c)
syz_emit_vhci(&(0x7f0000000100)=ANY=[@ANYBLOB="040e0600120c"], 0x9)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
ioctl$vim2m_VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000080)={0xf0f007, 0x3})

1.599690229s ago: executing program 0 (id=7830):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x11}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x40)
syz_emit_ethernet(0x26, &(0x7f00000001c0)={@local, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @void, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x18, 0x0, 0x0, 0x0, 0x84, 0x0, @empty, @broadcast}, "dd9dec79"}}}}, 0x0)

1.497561099s ago: executing program 0 (id=7831):
syz_open_dev$tty1(0xc, 0x4, 0x1)
mkdir(0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x2000000000000013, &(0x7f0000000440)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xb8, &(0x7f0000000140)=""/184, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r3, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @multicast1}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r3, 0x6, 0x16, &(0x7f0000000000)=[@mss, @sack_perm, @window={0x3, 0x7}, @mss={0x2, 0xfff}, @window={0x3, 0x0, 0x401}, @window], 0x20000000000000e4)
setsockopt$inet_tcp_TCP_REPAIR(r3, 0x6, 0x13, &(0x7f00000001c0), 0x4)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0xb, 0x0, 0x0)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0xc9100120, 0x0, 0xfffffffffffffd25)

953.248396ms ago: executing program 3 (id=7833):
r0 = socket$kcm(0x1e, 0x4, 0x0)
setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, &(0x7f00000008c0), 0x43)
setsockopt$sock_attach_bpf(r0, 0x10f, 0x87, 0x0, 0x0)

851.204156ms ago: executing program 3 (id=7834):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)={0x90, r1, 0x5, 0x70bd26, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x51, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @val={0x5, 0x3, {0x7, 0xc7, 0x6}}, @void, @void, @void, @val={0x2d, 0x1a, {0x300, 0x1, 0x7, 0x0, {0xa600000000000000, 0x2, 0x0, 0x3fe, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x9, 0x3}}, @val={0x72, 0x6}, @void, @void}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x90}}, 0x20000014)

751.233668ms ago: executing program 3 (id=7835):
r0 = syz_open_dev$midi(&(0x7f0000000000), 0x2, 0x28002)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x40045730, 0x0)
mkdir(0x0, 0x8)
r1 = syz_io_uring_setup(0x32d9, &(0x7f0000000200)={0x0, 0x6277, 0x8, 0xffffffff, 0x400000}, &(0x7f0000000100), &(0x7f0000000140), &(0x7f00000000c0))
io_uring_enter(r1, 0x1, 0x21, 0x1, 0x0, 0x0)

639.070791ms ago: executing program 3 (id=7836):
r0 = socket$packet(0x11, 0x3, 0x300)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x0, 0x13012, r0, 0x0)
mprotect(&(0x7f0000ff7000/0x1000)=nil, 0x1000, 0xb)
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)

485.052934ms ago: executing program 3 (id=7837):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x3c, r1, 0x211, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x28, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @mcast1}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x3c}}, 0x0)

356.970281ms ago: executing program 3 (id=7838):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f0000000100)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f00020000000905050200de7e001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000003c0)={0x84, &(0x7f0000001000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
openat$null(0xffffff9c, &(0x7f0000000000), 0x2200, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000)
r2 = dup2(r1, r1)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000040)=0x1)
r3 = syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x0, 0xc00, 0x0, 0x374}, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180))
io_uring_enter(r3, 0x742f, 0x77ae, 0x1, 0x0, 0x0)

16.67179ms ago: executing program 2 (id=7839):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, 0x0)
sendmsg$NL80211_CMD_SET_STATION(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)={0x30, r1, 0x1, 0x0, 0x3, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_PEER_AID={0x6, 0xb5, 0x70}]}, 0x30}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

0s ago: executing program 1 (id=7840):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x8000}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000400)={'veth0_to_hsr\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfe, {0x0, 0x0, 0x0, r1, {0x0, 0xffe1}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x9}}]}}]}, 0x48}}, 0xc840)
sendmsg$nl_route_sched(r0, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000800)=@newtfilter={0x54, 0x2c, 0xd2b, 0x70bd2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r1, {0x6}, {}, {0x7, 0xfff1}}, [@filter_kind_options=@f_u32={{0x8}, {0x28, 0x2, [@TCA_U32_SEL={0x24, 0x5, {0xd, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0xb709, 0x58f, [{0x0, 0x20008000, 0x4, 0x1}]}}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x4084}, 0x24040084)
recvmmsg$unix(r0, &(0x7f0000000580)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000002c0)=""/219, 0xdb}], 0x1}}], 0x1, 0x60, 0x0)
sendmsg$GTP_CMD_NEWPDP(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)={0x2c, 0x0, 0x1, 0x2, 0x25dfdbfe, {}, [@GTPA_LINK={0x8}, @GTPA_I_TEI={0x8, 0x8, 0x1}, @GTPA_FLOW={0x6, 0x6, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4004054}, 0x4000044)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[], 0xc3}, 0x1, 0x100000000000000, 0x0, 0x2000}, 0x40400c0)
r2 = socket(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0)

kernel console output (not intermixed with test programs):

[ 3325.802333][ T4451] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[ 3325.824483][ T5879] usb 4-1: config 0 has an invalid interface number: 231 but max is 0
[ 3325.832993][ T5879] usb 4-1: config 0 has no interface number 0
[ 3325.839305][ T5879] usb 4-1: config 0 interface 231 altsetting 0 endpoint 0x6 has invalid maxpacket 1023, setting to 64
[ 3325.853119][ T5879] usb 4-1: New USB device found, idVendor=067b, idProduct=27a1, bcdDevice=b0.9b
[ 3325.855465][T28080] usb 2-1: device descriptor read/64, error -71
[ 3325.863575][ T5879] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3325.878201][ T5879] usb 4-1: Product: syz
[ 3325.882485][ T5879] usb 4-1: Manufacturer: syz
[ 3325.887425][ T5879] usb 4-1: SerialNumber: syz
[ 3325.897977][ T5879] usb 4-1: config 0 descriptor??
[ 3325.910822][T10882] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[ 3325.938106][ T5879] plusb 4-1:0.231 usb0: register 'plusb' at usb-dummy_hcd.3-1, Prolific PL-2301/PL-2302/PL-25A1/PL-27A1, 22:09:f4:68:8d:3a
[ 3325.952421][ T4451] usb 3-1: device descriptor read/64, error -71
[ 3326.112372][T28080] usb 2-1: new high-speed USB device number 51 using dummy_hcd
[ 3326.130419][ T5879] usb 4-1: USB disconnect, device number 36
[ 3326.149551][ T5879] plusb 4-1:0.231 usb0: unregister 'plusb' usb-dummy_hcd.3-1, Prolific PL-2301/PL-2302/PL-25A1/PL-27A1
[ 3326.202395][ T4451] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[ 3326.243369][T28080] usb 2-1: device descriptor read/64, error -71
[ 3326.352354][ T4451] usb 3-1: device descriptor read/64, error -71
[ 3326.363077][T28080] usb usb2-port1: attempt power cycle
[ 3326.462731][ T4451] usb usb3-port1: attempt power cycle
[ 3326.679004][ T4230] i2c i2c-1: ec100: i2c rd failed=-110 reg=33
[ 3326.715820][T28080] usb 2-1: new high-speed USB device number 52 using dummy_hcd
[ 3326.753395][T28080] usb 2-1: device descriptor read/8, error -71
[ 3326.815496][ T4451] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[ 3326.843107][ T4451] usb 3-1: device descriptor read/8, error -71
[ 3326.987930][T10922] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7400'.
[ 3327.013370][T28080] usb 2-1: new high-speed USB device number 53 using dummy_hcd
[ 3327.034442][T28080] usb 2-1: device descriptor read/8, error -71
[ 3327.092311][ T4451] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[ 3327.123396][ T4451] usb 3-1: device descriptor read/8, error -71
[ 3327.144366][T28080] usb usb2-port1: unable to enumerate USB device
[ 3327.243540][ T4451] usb usb3-port1: unable to enumerate USB device
[ 3327.442350][T28080] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[ 3327.556422][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 3327.562769][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 3327.615173][T28080] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[ 3327.623479][T28080] usb 1-1: config 0 has no interface number 0
[ 3327.637431][T28080] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 3327.647482][T28080] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3327.655641][T28080] usb 1-1: Product: syz
[ 3327.659960][T28080] usb 1-1: Manufacturer: syz
[ 3327.664772][T28080] usb 1-1: SerialNumber: syz
[ 3327.671026][T28080] usb 1-1: config 0 descriptor??
[ 3327.806196][ T4230] usb 5-1: USB disconnect, device number 13
[ 3327.975426][T28080] usb 1-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[ 3328.012164][T28080] usb 1-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 3328.024883][T28080] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[ 3328.035246][T28080] usb 1-1: media controller created
[ 3328.047220][T28080] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 3328.301357][T10922] netlink: 48 bytes leftover after parsing attributes in process `syz.0.7400'.
[ 3328.432404][ T4451] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[ 3328.604799][ T4451] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 3328.646525][ T4451] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 3328.664933][ T4451] usb 5-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=95.91
[ 3328.676019][ T4451] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3328.684501][ T4451] usb 5-1: Product: syz
[ 3328.688811][ T4451] usb 5-1: Manufacturer: syz
[ 3328.695367][ T4451] usb 5-1: SerialNumber: syz
[ 3328.706827][ T4451] usb 5-1: config 0 descriptor??
[ 3329.212535][T28080] i2c i2c-1: ec100: i2c rd failed=-110 reg=33
[ 3329.219854][T10921] usb 1-1: dvb_usb_ec168: I2C read not implemented
[ 3329.237076][T10947] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 3329.335997][T10931] bridge0: port 3(team0) entered disabled state
[ 3329.342591][T10931] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3329.349720][T10931] bridge0: port 1(
) entered disabled state
[ 3329.625104][T10931] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 3329.641044][T10931] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 3330.031141][T18221] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 3330.066385][T18221] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 3330.095525][T18221] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 3330.123714][T18221] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 3330.408487][T10958] netlink: 4172 bytes leftover after parsing attributes in process `syz.3.7409'.
[ 3330.453680][T10958] openvswitch: netlink: Missing valid actions attribute.
[ 3330.472040][T10958] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 3330.505949][T10958] syz_tun: entered allmulticast mode
[ 3330.629317][T10968] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7411'.
[ 3331.162328][ T4451] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[ 3331.339586][ T5879] usb 5-1: USB disconnect, device number 14
[ 3331.378972][T10957] syz_tun: left allmulticast mode
[ 3331.420368][T28080] usb 1-1: USB disconnect, device number 56
[ 3331.459076][ T4451] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[ 3331.459101][ T4451] usb 2-1: config 0 has no interface number 0
[ 3331.500996][ T4451] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 3331.501026][ T4451] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3331.501046][ T4451] usb 2-1: Product: syz
[ 3331.501062][ T4451] usb 2-1: Manufacturer: syz
[ 3331.501077][ T4451] usb 2-1: SerialNumber: syz
[ 3331.537579][T10978] capability: warning: `syz.0.7413' uses deprecated v2 capabilities in a way that may be insecure
[ 3331.542002][ T4451] usb 2-1: config 0 descriptor??
[ 3331.591768][T10982] FAULT_INJECTION: forcing a failure.
[ 3331.591768][T10982] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3331.591796][T10982] CPU: 0 UID: 0 PID: 10982 Comm: syz.3.7415 Not tainted syzkaller #0 PREEMPT(full) 
[ 3331.591815][T10982] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 3331.591825][T10982] Call Trace:
[ 3331.591832][T10982]  <TASK>
[ 3331.591840][T10982]  dump_stack_lvl+0xe8/0x150
[ 3331.591875][T10982]  should_fail_ex+0x412/0x560
[ 3331.591910][T10982]  _copy_from_user+0x2d/0xb0
[ 3331.591932][T10982]  __sys_sendto+0x2b0/0x710
[ 3331.591955][T10982]  ? __pfx___sys_sendto+0x10/0x10
[ 3331.591995][T10982]  ? fput+0xa0/0xd0
[ 3331.592020][T10982]  ? ksys_write+0x242/0x270
[ 3331.592045][T10982]  __ia32_sys_sendto+0xdd/0x100
[ 3331.592069][T10982]  __do_fast_syscall_32+0x20d/0x640
[ 3331.592095][T10982]  ? do_fast_syscall_32+0x33/0x70
[ 3331.592117][T10982]  ? asm_int80_emulation+0x1a/0x20
[ 3331.592134][T10982]  ? do_int80_emulation+0x274/0x4d0
[ 3331.592155][T10982]  ? trace_irq_disable+0x3b/0x150
[ 3331.592174][T10982]  do_fast_syscall_32+0x33/0x70
[ 3331.592195][T10982]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 3331.592215][T10982] RIP: 0023:0xf7fa6f6c
[ 3331.592230][T10982] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 3331.592242][T10982] RSP: 002b:00000000f546650c EFLAGS: 00000206 ORIG_RAX: 0000000000000171
[ 3331.592260][T10982] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000080
[ 3331.592271][T10982] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 0000000080000000
[ 3331.592281][T10982] RBP: 000000000000001c R08: 0000000000000000 R09: 0000000000000000
[ 3331.592290][T10982] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 3331.592301][T10982] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 3331.592336][T10982]  </TASK>
[ 3331.788458][ T4451] usb 2-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[ 3331.816016][ T4451] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 3331.816304][ T4451] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[ 3331.816349][ T4451] usb 2-1: media controller created
[ 3331.847398][ T4451] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 3331.852368][T28080] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[ 3332.047067][T10968] netlink: 48 bytes leftover after parsing attributes in process `syz.1.7411'.
[ 3332.072412][T28080] usb 1-1: Using ep0 maxpacket: 16
[ 3332.077689][T28080] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 3332.078916][T28080] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 96, changing to 7
[ 3332.083399][T28080] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 3332.083426][T28080] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3332.083465][T28080] usb 1-1: Product: syz
[ 3332.083481][T28080] usb 1-1: Manufacturer: syz
[ 3332.083496][T28080] usb 1-1: SerialNumber: syz
[ 3332.097672][T10995] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7419'.
[ 3332.583632][ T5879] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[ 3332.704524][T10978] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 3332.724741][T10978] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 3332.945863][ T5879] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 3332.945889][ T5879] usb 4-1: config 0 has no interface number 0
[ 3332.948668][ T5879] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 3332.948690][ T5879] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3332.948701][ T5879] usb 4-1: Product: syz
[ 3332.948709][ T5879] usb 4-1: Manufacturer: syz
[ 3332.948720][ T5879] usb 4-1: SerialNumber: syz
[ 3333.001479][T28080] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found
[ 3333.001757][ T5879] usb 4-1: config 0 descriptor??
[ 3333.011463][ T4451] i2c i2c-1: ec100: i2c rd failed=-110 reg=33
[ 3333.192133][T28080] usb 1-1: 2:1 : UAC_AS_GENERAL descriptor not found
[ 3333.207948][ T5879] usb 4-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[ 3333.212932][ T5879] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 3333.213219][ T5879] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[ 3333.213263][ T5879] usb 4-1: media controller created
[ 3333.240537][ T5879] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 3333.385033][T28080] usb 1-1: USB disconnect, device number 57
[ 3333.490227][T10994] netlink: 48 bytes leftover after parsing attributes in process `syz.3.7419'.
[ 3333.938638][T10998] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7420'.
[ 3334.192337][ T5204] usb 1-1: new full-speed USB device number 58 using dummy_hcd
[ 3334.353266][ T5879] i2c i2c-2: ec100: i2c rd failed=-110 reg=33
[ 3334.456837][ T4451] usb 2-1: USB disconnect, device number 54
[ 3334.511201][T11004] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7422'.
[ 3334.531081][T11004] openvswitch: netlink: Key type 3344 is out of range max 32
[ 3334.541844][ T5204] usb 1-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[ 3334.555486][ T5204] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[ 3334.565370][ T5204] usb 1-1: Product: syz
[ 3334.569722][ T5204] usb 1-1: Manufacturer: syz
[ 3334.570302][T11006] FAULT_INJECTION: forcing a failure.
[ 3334.570302][T11006] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3334.588086][ T5204] usb 1-1: SerialNumber: syz
[ 3334.588189][T11006] CPU: 0 UID: 0 PID: 11006 Comm: syz.1.7423 Not tainted syzkaller #0 PREEMPT(full) 
[ 3334.588210][T11006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 3334.588220][T11006] Call Trace:
[ 3334.588228][T11006]  <TASK>
[ 3334.588235][T11006]  dump_stack_lvl+0xe8/0x150
[ 3334.588264][T11006]  should_fail_ex+0x412/0x560
[ 3334.588294][T11006]  _copy_from_user+0x2d/0xb0
[ 3334.588322][T11006]  get_compat_msghdr+0xb3/0x4c0
[ 3334.588342][T11006]  ? __lock_acquire+0x6b5/0x2cf0
[ 3334.588367][T11006]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 3334.588388][T11006]  ? kstrtoull+0x12f/0x1d0
[ 3334.588417][T11006]  ___sys_sendmsg+0x201/0x360
[ 3334.588443][T11006]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3334.588466][T11006]  ? get_pid_task+0x20/0x1f0
[ 3334.588482][T11006]  ? get_pid_task+0x20/0x1f0
[ 3334.588496][T11006]  ? get_pid_task+0x20/0x1f0
[ 3334.588532][T11006]  ? __fget_files+0x2a/0x420
[ 3334.588547][T11006]  ? __fget_files+0x3a0/0x420
[ 3334.588570][T11006]  __sys_sendmsg+0x183/0x260
[ 3334.588593][T11006]  ? __pfx___sys_sendmsg+0x10/0x10
[ 3334.588630][T11006]  __do_fast_syscall_32+0x20d/0x640
[ 3334.588655][T11006]  ? do_fast_syscall_32+0x33/0x70
[ 3334.588677][T11006]  ? asm_int80_emulation+0x1a/0x20
[ 3334.588693][T11006]  ? do_int80_emulation+0x274/0x4d0
[ 3334.588717][T11006]  do_fast_syscall_32+0x33/0x70
[ 3334.588741][T11006]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 3334.588760][T11006] RIP: 0023:0xf709ef6c
[ 3334.588775][T11006] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 3334.588788][T11006] RSP: 002b:00000000f548d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 3334.588806][T11006] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001900
[ 3334.588817][T11006] RDX: 0000000010004000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3334.588827][T11006] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 3334.588836][T11006] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 3334.588846][T11006] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 3334.588870][T11006]  </TASK>
[ 3334.839568][ T5204] usb 1-1: config 0 descriptor??
[ 3334.871740][   T30] kauditd_printk_skb: 52 callbacks suppressed
[ 3334.871751][   T30] audit: type=1326 audit(1775919308.787:29646): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11003 comm="syz.2.7422" exe="/root/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf6fdef6c code=0x0
[ 3334.940457][ T4451] usb 4-1: USB disconnect, device number 37
[ 3335.148339][T11023] FAULT_INJECTION: forcing a failure.
[ 3335.148339][T11023] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3335.162034][T11023] CPU: 0 UID: 0 PID: 11023 Comm: syz.2.7429 Not tainted syzkaller #0 PREEMPT(full) 
[ 3335.162056][T11023] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 3335.162066][T11023] Call Trace:
[ 3335.162074][T11023]  <TASK>
[ 3335.162082][T11023]  dump_stack_lvl+0xe8/0x150
[ 3335.162110][T11023]  should_fail_ex+0x412/0x560
[ 3335.162137][T11023]  _copy_from_user+0x2d/0xb0
[ 3335.162158][T11023]  get_compat_msghdr+0xb3/0x4c0
[ 3335.162180][T11023]  ? __lock_acquire+0x6b5/0x2cf0
[ 3335.162204][T11023]  ? __pfx_get_compat_msghdr+0x10/0x10
[ 3335.162226][T11023]  ? kstrtoull+0x12f/0x1d0
[ 3335.162266][T11023]  ___sys_sendmsg+0x201/0x360
[ 3335.162293][T11023]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3335.162317][T11023]  ? get_pid_task+0x20/0x1f0
[ 3335.162333][T11023]  ? get_pid_task+0x20/0x1f0
[ 3335.162347][T11023]  ? get_pid_task+0x20/0x1f0
[ 3335.162382][T11023]  ? __fget_files+0x2a/0x420
[ 3335.162397][T11023]  ? __fget_files+0x3a0/0x420
[ 3335.162419][T11023]  __sys_sendmsg+0x183/0x260
[ 3335.162443][T11023]  ? __pfx___sys_sendmsg+0x10/0x10
[ 3335.162483][T11023]  __do_fast_syscall_32+0x20d/0x640
[ 3335.162509][T11023]  ? do_fast_syscall_32+0x33/0x70
[ 3335.162530][T11023]  ? asm_int80_emulation+0x1a/0x20
[ 3335.162546][T11023]  ? do_int80_emulation+0x274/0x4d0
[ 3335.162568][T11023]  ? trace_irq_disable+0x3b/0x150
[ 3335.162587][T11023]  do_fast_syscall_32+0x33/0x70
[ 3335.162611][T11023]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 3335.162632][T11023] RIP: 0023:0xf6fdef6c
[ 3335.162648][T11023] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 3335.162662][T11023] RSP: 002b:00000000f53cd50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 3335.162680][T11023] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080001900
[ 3335.162693][T11023] RDX: 0000000010004000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3335.162703][T11023] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 3335.162713][T11023] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 3335.162723][T11023] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 3335.162745][T11023]  </TASK>
[ 3335.569826][T11030] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7431'.
[ 3335.743114][T11027] netlink: 4 bytes leftover after parsing attributes in process `syz.1.7428'.
[ 3335.936997][   T30] audit: type=1326 audit(1775919309.857:29647): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.4.7433" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000
[ 3335.991496][T11040] loop5: detected capacity change from 0 to 7
[ 3336.022893][T11040] Dev loop5: unable to read RDB block 7
[ 3336.028682][T11040]  loop5: AHDI p1
[ 3336.034101][T11040] loop5: partition table partially beyond EOD, truncated
[ 3336.078208][   T30] audit: type=1326 audit(1775919309.857:29648): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.4.7433" exe="/root/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf70aef6c code=0x7ffc0000
[ 3336.220069][   T30] audit: type=1326 audit(1775919309.857:29649): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.4.7433" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000
[ 3336.267619][   T30] audit: type=1326 audit(1775919309.887:29650): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.4.7433" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000
[ 3336.292667][   T30] audit: type=1326 audit(1775919309.887:29651): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.4.7433" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf70aef6c code=0x7ffc0000
[ 3336.370209][   T30] audit: type=1326 audit(1775919309.887:29652): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.4.7433" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000
[ 3336.402371][ T4451] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[ 3336.424802][   T30] audit: type=1326 audit(1775919309.887:29653): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.4.7433" exe="/root/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf70aef6c code=0x7ffc0000
[ 3336.456213][   T30] audit: type=1326 audit(1775919309.887:29654): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.4.7433" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70aef6c code=0x7ffc0000
[ 3336.480371][T11044] FAULT_INJECTION: forcing a failure.
[ 3336.480371][T11044] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3336.493924][   T30] audit: type=1326 audit(1775919309.887:29655): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11036 comm="syz.4.7433" exe="/root/syz-executor" sig=0 arch=40000003 syscall=354 compat=1 ip=0xf70aef6c code=0x7ffc0000
[ 3336.516971][T11044] CPU: 0 UID: 0 PID: 11044 Comm: syz.3.7435 Not tainted syzkaller #0 PREEMPT(full) 
[ 3336.516994][T11044] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 3336.517005][T11044] Call Trace:
[ 3336.517012][T11044]  <TASK>
[ 3336.517020][T11044]  dump_stack_lvl+0xe8/0x150
[ 3336.517049][T11044]  should_fail_ex+0x412/0x560
[ 3336.517080][T11044]  _copy_to_user+0x31/0xb0
[ 3336.517103][T11044]  simple_read_from_buffer+0xe1/0x170
[ 3336.517142][T11044]  proc_fail_nth_read+0x1bb/0x230
[ 3336.517171][T11044]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 3336.517199][T11044]  ? rw_verify_area+0x2a6/0x4d0
[ 3336.517217][T11044]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 3336.517243][T11044]  vfs_read+0x20c/0xa70
[ 3336.517260][T11044]  ? fdget_pos+0x246/0x320
[ 3336.517275][T11044]  ? __pfx_do_ip_setsockopt+0x10/0x10
[ 3336.517303][T11044]  ? __pfx___mutex_lock+0x10/0x10
[ 3336.517327][T11044]  ? __pfx_vfs_read+0x10/0x10
[ 3336.517346][T11044]  ? __fget_files+0x2a/0x420
[ 3336.517360][T11044]  ? __fget_files+0x3a0/0x420
[ 3336.517369][T11044]  ? __fget_files+0x2a/0x420
[ 3336.517382][T11044]  ksys_read+0x150/0x270
[ 3336.517396][T11044]  ? __pfx_ksys_read+0x10/0x10
[ 3336.517410][T11044]  ? asm_int80_emulation+0x1a/0x20
[ 3336.517422][T11044]  do_int80_emulation+0x173/0x4d0
[ 3336.517436][T11044]  ? trace_irq_disable+0x3b/0x150
[ 3336.517445][T11044]  ? asm_int80_emulation+0x1a/0x20
[ 3336.517455][T11044]  ? clear_bhb_loop+0x40/0x90
[ 3336.517465][T11044]  ? clear_bhb_loop+0x40/0x90
[ 3336.517476][T11044]  asm_int80_emulation+0x1a/0x20
[ 3336.517486][T11044] RIP: 0023:0xf71a5cab
[ 3336.517496][T11044] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 3336.517505][T11044] RSP: 002b:00000000f54664bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 3336.517516][T11044] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f54665d0
[ 3336.517523][T11044] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 3336.517529][T11044] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 3336.517534][T11044] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 3336.517541][T11044] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 3336.517554][T11044]  </TASK>
[ 3336.962343][ T4451] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[ 3336.978434][ T4451] usb 2-1: config 0 has no interface number 0
[ 3336.990302][ T4451] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 3337.000503][ T4451] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3337.011582][ T4451] usb 2-1: Product: syz
[ 3337.016263][ T5879] usb 1-1: USB disconnect, device number 58
[ 3337.027879][ T4451] usb 2-1: Manufacturer: syz
[ 3337.034024][ T4451] usb 2-1: SerialNumber: syz
[ 3337.050304][ T4451] usb 2-1: config 0 descriptor??
[ 3337.117314][T11051] FAULT_INJECTION: forcing a failure.
[ 3337.117314][T11051] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3337.131378][T11051] CPU: 0 UID: 0 PID: 11051 Comm: syz.0.7438 Not tainted syzkaller #0 PREEMPT(full) 
[ 3337.131399][T11051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 3337.131409][T11051] Call Trace:
[ 3337.131416][T11051]  <TASK>
[ 3337.131424][T11051]  dump_stack_lvl+0xe8/0x150
[ 3337.131452][T11051]  should_fail_ex+0x412/0x560
[ 3337.131483][T11051]  _copy_from_user+0x2d/0xb0
[ 3337.131505][T11051]  __ia32_compat_sys_socketcall+0x169/0xa10
[ 3337.131531][T11051]  ? __pfx___ia32_compat_sys_socketcall+0x10/0x10
[ 3337.131556][T11051]  ? fput+0xa0/0xd0
[ 3337.131593][T11051]  __do_fast_syscall_32+0x20d/0x640
[ 3337.131617][T11051]  ? do_fast_syscall_32+0x33/0x70
[ 3337.131639][T11051]  ? asm_int80_emulation+0x1a/0x20
[ 3337.131655][T11051]  ? do_int80_emulation+0x274/0x4d0
[ 3337.131676][T11051]  ? trace_irq_disable+0x3b/0x150
[ 3337.131695][T11051]  do_fast_syscall_32+0x33/0x70
[ 3337.131717][T11051]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 3337.131736][T11051] RIP: 0023:0xf707ef6c
[ 3337.131752][T11051] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 3337.131765][T11051] RSP: 002b:00000000f546c460 EFLAGS: 00000206 ORIG_RAX: 0000000000000066
[ 3337.131782][T11051] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 00000000f546c470
[ 3337.131793][T11051] RDX: 00000000f7442ff4 RSI: 0000000000000001 RDI: 0000000000000000
[ 3337.131803][T11051] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 3337.131812][T11051] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 3337.131821][T11051] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 3337.131844][T11051]  </TASK>
[ 3337.312427][ T4451] usb 2-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[ 3337.359645][ T4451] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 3337.400535][ T4451] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[ 3337.435825][ T4451] usb 2-1: media controller created
[ 3337.471309][ T4451] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 3337.662432][T11035] netlink: 48 bytes leftover after parsing attributes in process `syz.1.7428'.
[ 3337.697641][T11064] FAULT_INJECTION: forcing a failure.
[ 3337.697641][T11064] name failslab, interval 1, probability 0, space 0, times 0
[ 3337.732344][T11064] CPU: 1 UID: 0 PID: 11064 Comm: syz.0.7442 Not tainted syzkaller #0 PREEMPT(full) 
[ 3337.732368][T11064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 3337.732380][T11064] Call Trace:
[ 3337.732388][T11064]  <TASK>
[ 3337.732396][T11064]  dump_stack_lvl+0xe8/0x150
[ 3337.732428][T11064]  should_fail_ex+0x412/0x560
[ 3337.732454][T11064]  should_failslab+0xa8/0x100
[ 3337.732469][T11064]  __kmalloc_noprof+0xe8/0x760
[ 3337.732481][T11064]  ? tomoyo_encode+0x28b/0x550
[ 3337.732494][T11064]  tomoyo_encode+0x28b/0x550
[ 3337.732507][T11064]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 3337.732522][T11064]  ? tomoyo_path_number_perm+0x219/0x630
[ 3337.732536][T11064]  tomoyo_path_number_perm+0x246/0x630
[ 3337.732551][T11064]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 3337.732566][T11064]  ? __lock_acquire+0x6b5/0x2cf0
[ 3337.732594][T11064]  ? __fget_files+0x2a/0x420
[ 3337.732606][T11064]  ? __fget_files+0x3a0/0x420
[ 3337.732614][T11064]  ? __fget_files+0x2a/0x420
[ 3337.732625][T11064]  security_file_ioctl_compat+0xc3/0x2a0
[ 3337.732639][T11064]  __ia32_compat_sys_ioctl+0x139/0x950
[ 3337.732654][T11064]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 3337.732668][T11064]  ? __fget_files+0x3a0/0x420
[ 3337.732688][T11064]  ? fput+0xa0/0xd0
[ 3337.732713][T11064]  ? ksys_write+0x242/0x270
[ 3337.732741][T11064]  __do_fast_syscall_32+0x20d/0x640
[ 3337.732761][T11064]  ? do_fast_syscall_32+0x33/0x70
[ 3337.732774][T11064]  ? asm_int80_emulation+0x1a/0x20
[ 3337.732784][T11064]  ? do_int80_emulation+0x274/0x4d0
[ 3337.732799][T11064]  do_fast_syscall_32+0x33/0x70
[ 3337.732813][T11064]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 3337.732825][T11064] RIP: 0023:0xf707ef6c
[ 3337.732835][T11064] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 3337.732844][T11064] RSP: 002b:00000000f546d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 3337.732856][T11064] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000005601
[ 3337.732862][T11064] RDX: 0000000080000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3337.732868][T11064] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 3337.732874][T11064] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 3337.732880][T11064] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 3337.732893][T11064]  </TASK>
[ 3337.732921][T11064] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 3338.602721][ T4451] i2c i2c-1: ec100: i2c rd failed=-110 reg=33
[ 3338.612332][T11027] usb 2-1: dvb_usb_ec168: I2C read not implemented
[ 3338.715275][T11079] loop5: detected capacity change from 0 to 7
[ 3338.734643][T11079] Dev loop5: unable to read RDB block 7
[ 3338.743629][T11079]  loop5: AHDI p1
[ 3338.747311][T11079] loop5: partition table partially beyond EOD, truncated
[ 3338.780262][ T5828] Bluetooth: hci2: SCO packet for unknown connection handle 200
[ 3338.818011][T11083] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[ 3338.832300][T11083] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 3338.849373][T11083] vhci_hcd vhci_hcd.0: Device attached
[ 3339.102312][T28080] usb 41-1: new low-speed USB device number 2 using vhci_hcd
[ 3339.122390][ T5204] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[ 3339.282460][ T5204] usb 5-1: Using ep0 maxpacket: 8
[ 3339.300962][ T5204] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[ 3339.325761][ T5204] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 3339.362355][ T5204] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 3339.382451][ T5204] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 3339.402616][ T5204] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 3339.432333][ T5204] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 3339.452721][ T5204] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3339.701188][ T4451] usb 2-1: USB disconnect, device number 55
[ 3339.732592][T11089] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7449'.
[ 3339.795591][T11093] FAULT_INJECTION: forcing a failure.
[ 3339.795591][T11093] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3339.809865][T11093] CPU: 0 UID: 0 PID: 11093 Comm: syz.1.7451 Not tainted syzkaller #0 PREEMPT(full) 
[ 3339.809884][T11093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 3339.809893][T11093] Call Trace:
[ 3339.809899][T11093]  <TASK>
[ 3339.809906][T11093]  dump_stack_lvl+0xe8/0x150
[ 3339.809932][T11093]  should_fail_ex+0x412/0x560
[ 3339.809957][T11093]  _copy_to_user+0x31/0xb0
[ 3339.809977][T11093]  simple_read_from_buffer+0xe1/0x170
[ 3339.810001][T11093]  proc_fail_nth_read+0x1bb/0x230
[ 3339.810023][T11093]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 3339.810046][T11093]  ? rw_verify_area+0x2a6/0x4d0
[ 3339.810062][T11093]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 3339.810083][T11093]  vfs_read+0x20c/0xa70
[ 3339.810097][T11093]  ? fdget_pos+0x246/0x320
[ 3339.810109][T11093]  ? __pfx_do_ip_setsockopt+0x10/0x10
[ 3339.810132][T11093]  ? __pfx___mutex_lock+0x10/0x10
[ 3339.810153][T11093]  ? __pfx_vfs_read+0x10/0x10
[ 3339.810170][T11093]  ? __fget_files+0x2a/0x420
[ 3339.810187][T11093]  ? __fget_files+0x3a0/0x420
[ 3339.810199][T11093]  ? __fget_files+0x2a/0x420
[ 3339.810219][T11093]  ksys_read+0x150/0x270
[ 3339.810236][T11093]  ? __pfx_ksys_read+0x10/0x10
[ 3339.810256][T11093]  ? asm_int80_emulation+0x1a/0x20
[ 3339.810275][T11093]  do_int80_emulation+0x173/0x4d0
[ 3339.810294][T11093]  ? trace_irq_disable+0x3b/0x150
[ 3339.810307][T11093]  ? asm_int80_emulation+0x1a/0x20
[ 3339.810320][T11093]  ? clear_bhb_loop+0x40/0x90
[ 3339.810334][T11093]  ? clear_bhb_loop+0x40/0x90
[ 3339.810352][T11093]  asm_int80_emulation+0x1a/0x20
[ 3339.810366][T11093] RIP: 0023:0xf71d5cab
[ 3339.810381][T11093] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 3339.810394][T11093] RSP: 002b:00000000f548d4bc EFLAGS: 00000246 ORIG_RAX: 0000000000000003
[ 3339.810410][T11093] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f548d5d0
[ 3339.810420][T11093] RDX: 000000000000000f RSI: 0000000000000000 RDI: 0000000000000000
[ 3339.810429][T11093] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 3339.810437][T11093] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 3339.810446][T11093] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 3339.810468][T11093]  </TASK>
[ 3340.160004][T11098] openvswitch: netlink: Actions may not be safe on all matching packets
[ 3340.168519][ T5204] usb 1-1: new full-speed USB device number 59 using dummy_hcd
[ 3340.274636][T11098] netlink: 1264 bytes leftover after parsing attributes in process `syz.2.7454'.
[ 3340.326329][ T5204] usb 1-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[ 3340.336062][ T5204] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[ 3340.365891][ T5204] usb 1-1: Product: syz
[ 3340.370078][ T5204] usb 1-1: Manufacturer: syz
[ 3340.382292][ T5204] usb 1-1: SerialNumber: syz
[ 3340.401348][ T5204] usb 1-1: config 0 descriptor??
[ 3340.411809][T11109] usbtmc 5-1:16.0: simple usb_control_msg returned 0
[ 3340.453714][T11115] nftables ruleset with unbound set
[ 3340.483829][T11110] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 3340.614265][ T5879] usb 5-1: USB disconnect, device number 15
[ 3340.624463][T11084] usb 41-1: recv xbuf, 0
[ 3340.661134][  T987] vhci_hcd vhci_hcd.4: stop threads
[ 3340.666947][  T987] vhci_hcd vhci_hcd.4: release socket
[ 3340.688207][  T987] vhci_hcd vhci_hcd.4: disconnect device
[ 3340.702459][ T4230] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[ 3340.725307][T28080] vhci_hcd vhci_hcd.4: vhci_device speed not set
[ 3340.862303][ T4230] usb 2-1: Using ep0 maxpacket: 32
[ 3340.884449][ T4230] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 3340.921651][ T4230] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 3340.932574][ T5204] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[ 3340.953325][ T4230] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[ 3340.975614][ T4230] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[ 3341.003935][ T4230] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 3341.021252][ T4230] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3341.035730][ T4230] usb 2-1: Product: syz
[ 3341.047051][ T4230] usb 2-1: Manufacturer: syz
[ 3341.061813][ T4230] usb 2-1: SerialNumber: syz
[ 3341.112410][ T5204] usb 4-1: Using ep0 maxpacket: 16
[ 3341.120733][ T5204] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 3341.143885][ T5204] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[ 3341.158269][ T5204] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3341.169754][ T5204] usb 4-1: Product: syz
[ 3341.176144][ T5204] usb 4-1: Manufacturer: syz
[ 3341.187925][ T5204] usb 4-1: SerialNumber: syz
[ 3341.206332][ T5204] usb 4-1: config 0 descriptor??
[ 3341.221683][ T5204] hub 4-1:0.0: bad descriptor, ignoring hub
[ 3341.229867][ T5204] hub 4-1:0.0: probe with driver hub failed with error -5
[ 3341.252983][ T5204] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input10
[ 3341.330946][ T4230] usb 2-1: 0:2 : does not exist
[ 3341.463344][ T4230] usb 2-1: USB disconnect, device number 56
[ 3341.674122][T11125] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 3341.683119][T11125] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 3341.697222][T11125] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 3341.712236][T11125] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 3341.732117][T11125] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 3341.852779][ T5879] usb 4-1: USB disconnect, device number 38
[ 3342.218800][T11134] netlink: 64 bytes leftover after parsing attributes in process `syz.2.7463'.
[ 3342.300310][T11126] chnl_net:caif_netlink_parms(): no params data found
[ 3342.427361][T11126] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3342.437154][   T30] kauditd_printk_skb: 65 callbacks suppressed
[ 3342.437169][   T30] audit: type=1326 audit(1775919316.357:29721): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11138 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3342.466765][   T30] audit: type=1326 audit(1775919316.357:29722): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11138 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3342.470478][T11126] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3342.489105][   T30] audit: type=1326 audit(1775919316.387:29723): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11138 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3342.489147][   T30] audit: type=1326 audit(1775919316.387:29724): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11138 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3342.489183][   T30] audit: type=1326 audit(1775919316.387:29725): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11138 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3342.489218][   T30] audit: type=1326 audit(1775919316.387:29726): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11138 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3342.489251][   T30] audit: type=1326 audit(1775919316.387:29727): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11138 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3342.489286][   T30] audit: type=1326 audit(1775919316.387:29728): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11138 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3342.489321][   T30] audit: type=1326 audit(1775919316.387:29729): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11138 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3342.489356][   T30] audit: type=1326 audit(1775919316.387:29730): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11138 comm="syz.3.7465" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3342.695766][T28080] usb 1-1: USB disconnect, device number 59
[ 3342.698355][T11126] bridge_slave_0: entered allmulticast mode
[ 3342.715918][T11126] bridge_slave_0: entered promiscuous mode
[ 3342.757815][ T4451] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[ 3342.859546][T11126] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3342.921137][T11126] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3342.936259][T11126] bridge_slave_1: entered allmulticast mode
[ 3342.945860][ T4451] usb 2-1: Using ep0 maxpacket: 32
[ 3342.961636][ T4451] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[ 3342.974026][ T4451] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 50128, setting to 1024
[ 3343.004639][T11145] loop5: detected capacity change from 0 to 7
[ 3343.014763][ T4451] usb 2-1: New USB device found, idVendor=2b73, idProduct=000a, bcdDevice= 0.40
[ 3343.030435][ T4502] Dev loop5: unable to read RDB block 7
[ 3343.042499][ T4451] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3343.050577][ T4502]  loop5: AHDI p1
[ 3343.060726][ T4502] loop5: partition table partially beyond EOD, truncated
[ 3343.069324][ T4451] usb 2-1: Product: syz
[ 3343.082845][T11126] bridge_slave_1: entered promiscuous mode
[ 3343.094567][ T4451] usb 2-1: Manufacturer: syz
[ 3343.104227][ T8806] team0: left allmulticast mode
[ 3343.112975][T11145] Dev loop5: unable to read RDB block 7
[ 3343.122483][ T4451] usb 2-1: SerialNumber: syz
[ 3343.127305][T11145]  loop5: AHDI p1
[ 3343.136341][ T8806] team_slave_0: left allmulticast mode
[ 3343.148155][T11145] loop5: partition table partially beyond EOD, truncated
[ 3343.184531][ T8806] team_slave_1: left allmulticast mode
[ 3343.212193][ T8806] team0: left promiscuous mode
[ 3343.239293][ T8806] team_slave_0: left promiscuous mode
[ 3343.255643][ T8806] team_slave_1: left promiscuous mode
[ 3343.282375][ T8806] bridge0: port 3(team0) entered disabled state
[ 3343.310134][ T8806] bridge_slave_1: left allmulticast mode
[ 3343.337973][ T8806] bridge_slave_1: left promiscuous mode
[ 3343.362131][ T8806] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3343.389684][ T8806] 
: left allmulticast mode
[ 3343.411821][ T8806] 
: left promiscuous mode
[ 3343.426765][ T4451] usb 2-1: 1:1 : UAC_AS_GENERAL descriptor not found
[ 3343.439312][ T8806] bridge0: port 1(
) entered disabled state
[ 3343.448369][ T4451] usb 2-1: 2:1 : UAC_AS_GENERAL descriptor not found
[ 3343.548715][ T4451] snd-usb-audio 2-1:1.0: probe with driver snd-usb-audio failed with error -71
[ 3343.585001][ T4451] usb 2-1: USB disconnect, device number 57
[ 3343.645065][ T4502] udevd[4502]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 3343.762664][ T5879] usb 1-1: new high-speed USB device number 60 using dummy_hcd
[ 3343.781085][ T8806] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3343.792414][ T5828] Bluetooth: hci5: command tx timeout
[ 3343.800759][ T8806] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3343.816540][ T8806] bond0 (unregistering): Released all slaves
[ 3343.848547][T11126] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3343.863028][T11126] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3343.903384][T11126] team0: Port device team_slave_0 added
[ 3343.911754][T11126] team0: Port device team_slave_1 added
[ 3343.944396][ T5879] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[ 3343.955553][ T8806] tipc: Disabling bearer <udp:syz2>
[ 3343.961730][ T5879] usb 1-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[ 3343.973274][ T8806] tipc: Left network mode
[ 3343.979123][T11126] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 3343.986992][ T5879] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[ 3343.996182][T11126] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 3344.022850][ T5879] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[ 3344.038614][ T5879] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[ 3344.054505][T11126] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 3344.066936][ T5879] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[ 3344.078545][T11126] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 3344.102954][ T5879] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[ 3344.132361][T11126] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 3344.158333][ T5879] usb 1-1: Product: syz
[ 3344.162585][ T5879] usb 1-1: Manufacturer: syz
[ 3344.190530][ T5879] cdc_wdm 1-1:1.0: skipping garbage
[ 3344.199722][T11166] random: crng reseeded on system resumption
[ 3344.212454][ T5879] cdc_wdm 1-1:1.0: skipping garbage
[ 3344.252313][T11126] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 3344.266546][ T5879] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[ 3344.292212][ T5879] cdc_wdm 1-1:1.0: Unknown control protocol
[ 3344.490918][T11126] hsr_slave_0: entered promiscuous mode
[ 3344.527199][T11126] hsr_slave_1: entered promiscuous mode
[ 3344.557368][T11126] debugfs: 'hsr0' already exists in 'hsr'
[ 3344.586378][T11126] Cannot create hsr debugfs directory
[ 3344.630047][T11157] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 3344.669357][T11157] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 3344.697735][T11157] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 3344.724191][T11157] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 3344.747011][    C1] cdc_wdm 1-1:1.0: unknown notification 241 received: index 1706 len 10969
[ 3344.780650][T11157] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 3344.828704][T11157] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 3344.876288][ T4451] usb 1-1: USB disconnect, device number 60
[ 3345.802536][ T4451] usb 2-1: new full-speed USB device number 58 using dummy_hcd
[ 3345.873070][ T5828] Bluetooth: hci5: command tx timeout
[ 3346.001914][ T4451] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 3346.063036][ T4451] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 3346.112228][ T4451] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=95.91
[ 3346.146356][ T4451] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3346.208445][ T4451] usb 2-1: Product: syz
[ 3346.227622][ T4451] usb 2-1: Manufacturer: syz
[ 3346.239184][ T4451] usb 2-1: SerialNumber: syz
[ 3346.293875][ T4451] usb 2-1: config 0 descriptor??
[ 3346.359737][T11205] random: crng reseeded on system resumption
[ 3346.817015][T11126] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 3347.149566][T11126] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 3347.314412][T11214] netlink: 4 bytes leftover after parsing attributes in process `syz.0.7476'.
[ 3347.325459][T11211] bridge0: port 3(team0) entered disabled state
[ 3347.331886][T11211] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3347.339101][T11211] bridge0: port 1(
) entered disabled state
[ 3347.467221][T11211] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 3347.496384][T11211] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 3347.622438][ T4451] usb 1-1: new full-speed USB device number 61 using dummy_hcd
[ 3347.661701][T11126] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 3347.678449][T11126] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 3347.708283][T11227] netlink: 'syz.3.7477': attribute type 16 has an invalid length.
[ 3347.718550][T14769] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 3347.733268][T14769] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 3347.757569][T11225] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 3347.823649][T14769] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 3347.840086][T14769] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 3347.857301][ T4451] usb 1-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[ 3347.893010][ T4451] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[ 3347.919006][ T4451] usb 1-1: Product: syz
[ 3347.942315][ T4451] usb 1-1: Manufacturer: syz
[ 3347.953055][ T5828] Bluetooth: hci5: command tx timeout
[ 3347.975758][ T4451] usb 1-1: SerialNumber: syz
[ 3348.021492][ T4451] usb 1-1: config 0 descriptor??
[ 3348.030105][ T8806] hsr_slave_0: left promiscuous mode
[ 3348.048507][ T8806] hsr_slave_1: left promiscuous mode
[ 3348.065688][ T8806] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 3348.109623][ T8806] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 3348.441100][T11244] netlink: 4 bytes leftover after parsing attributes in process `syz.2.7479'.
[ 3348.864604][ T4451] usb 2-1: USB disconnect, device number 58
[ 3349.152950][T28080] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[ 3349.172576][ T8806] team0 (unregistering): Port device team_slave_1 removed
[ 3349.222675][ T8806] team0 (unregistering): Port device team_slave_0 removed
[ 3349.354088][T28080] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[ 3349.373250][T28080] usb 3-1: config 0 has no interface number 0
[ 3349.397631][T28080] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 3349.421386][T28080] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3349.478524][T28080] usb 3-1: Product: syz
[ 3349.506523][T28080] usb 3-1: Manufacturer: syz
[ 3349.545863][T28080] usb 3-1: SerialNumber: syz
[ 3349.593807][T28080] usb 3-1: config 0 descriptor??
[ 3349.797131][T11126] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3349.937016][T11126] 8021q: adding VLAN 0 to HW filter on device team0
[ 3350.035516][  T987] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3350.042465][ T5828] Bluetooth: hci5: command tx timeout
[ 3350.042673][  T987] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3350.107231][T28080] usb 3-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[ 3350.108677][  T987] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3350.122901][  T987] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3350.205845][T28080] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 3350.241159][ T4230] usb 1-1: USB disconnect, device number 61
[ 3350.300641][T28080] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[ 3350.346698][T28080] usb 3-1: media controller created
[ 3350.422750][T28080] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 3350.454980][T11126] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 3350.574430][T11126] veth0_vlan: entered promiscuous mode
[ 3350.624097][T11126] veth1_vlan: entered promiscuous mode
[ 3350.697728][T11126] veth0_macvtap: entered promiscuous mode
[ 3350.737173][T11126] veth1_macvtap: entered promiscuous mode
[ 3350.833518][T11126] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 3350.867424][T11126] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 3350.915440][T18221] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3350.945297][T18221] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3350.984092][T18221] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3351.042339][T18221] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3351.267484][T18221] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3351.304008][ T5204] usb 1-1: new full-speed USB device number 62 using dummy_hcd
[ 3351.328826][T18221] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3351.444415][ T8806] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3351.461231][ T8806] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3351.514329][ T5204] usb 1-1: config 255 has an invalid interface number: 133 but max is 0
[ 3351.532453][   T30] kauditd_printk_skb: 40 callbacks suppressed
[ 3351.532467][   T30] audit: type=1326 audit(1775919325.447:29771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11290 comm="syz.3.7486" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3351.542132][ T5204] usb 1-1: config 255 has no interface number 0
[ 3351.586778][T28080] i2c i2c-1: ec100: i2c rd failed=-110 reg=33
[ 3351.666996][ T5204] usb 1-1: config 255 interface 133 has no altsetting 0
[ 3351.667112][   T30] audit: type=1326 audit(1775919325.457:29772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11290 comm="syz.3.7486" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3351.696497][   T30] audit: type=1326 audit(1775919325.487:29773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11290 comm="syz.3.7486" exe="/root/syz-executor" sig=0 arch=40000003 syscall=331 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3351.718763][   T30] audit: type=1326 audit(1775919325.487:29774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11290 comm="syz.3.7486" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3351.741728][   T30] audit: type=1326 audit(1775919325.487:29775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11290 comm="syz.3.7486" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3351.763898][   T30] audit: type=1326 audit(1775919325.487:29776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11290 comm="syz.3.7486" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3351.796423][   T30] audit: type=1326 audit(1775919325.487:29777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11290 comm="syz.3.7486" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3351.829929][   T30] audit: type=1326 audit(1775919325.487:29778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11290 comm="syz.3.7486" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3351.862179][ T5204] usb 1-1: New USB device found, idVendor=1943, idProduct=2255, bcdDevice=d7.fb
[ 3351.881380][   T30] audit: type=1326 audit(1775919325.517:29779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11290 comm="syz.3.7486" exe="/root/syz-executor" sig=0 arch=40000003 syscall=436 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3351.939744][   T30] audit: type=1326 audit(1775919325.517:29780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11290 comm="syz.3.7486" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fa6f6c code=0x7ffc0000
[ 3351.978989][ T5204] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3352.008965][T28080] usb 3-1: USB disconnect, device number 32
[ 3352.017408][ T5204] usb 1-1: Product: syz
[ 3352.048418][ T5204] usb 1-1: Manufacturer: syz
[ 3352.069777][ T5204] usb 1-1: SerialNumber: syz
[ 3352.300674][T11125] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 3352.310159][T11125] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 3352.318172][T11125] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 3352.326102][T11125] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 3352.333975][T11125] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 3352.453918][ T5204] s2255 1-1:255.133: Could not find bulk-in endpoint
[ 3352.466960][ T5204] Sensoray 2255 driver load failed: 0xfffffff4
[ 3352.491715][ T5204] s2255 1-1:255.133: probe with driver s2255 failed with error -12
[ 3352.520562][ T5204] usbhid 1-1:255.133: couldn't find an input interrupt endpoint
[ 3352.534459][ T5204] usb 1-1: USB disconnect, device number 62
[ 3352.720077][T11311] chnl_net:caif_netlink_parms(): no params data found
[ 3352.819602][T11311] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3352.827449][T11311] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3352.835924][T11311] bridge_slave_0: entered allmulticast mode
[ 3352.845568][T11311] bridge_slave_0: entered promiscuous mode
[ 3352.855474][T11311] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3352.863866][T11311] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3352.872947][T11311] bridge_slave_1: entered allmulticast mode
[ 3352.882948][T11311] bridge_slave_1: entered promiscuous mode
[ 3352.964002][T11311] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3352.975484][T11311] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3353.016733][T11311] team0: Port device team_slave_0 added
[ 3353.030780][T11311] team0: Port device team_slave_1 added
[ 3353.074823][T11311] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 3353.088829][T11311] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 3353.143547][T11311] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 3353.168869][T11311] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 3353.186009][T11311] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 3353.244213][T11311] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 3353.309805][T11311] hsr_slave_0: entered promiscuous mode
[ 3353.333274][T11311] hsr_slave_1: entered promiscuous mode
[ 3353.339296][T11311] debugfs: 'hsr0' already exists in 'hsr'
[ 3353.352413][T11311] Cannot create hsr debugfs directory
[ 3353.812391][ T5204] usb 2-1: new full-speed USB device number 59 using dummy_hcd
[ 3353.979499][T14769] netdevsim netdevsim2 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 3353.991737][T14769] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3354.003435][ T5204] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 3354.014232][ T5204] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 3354.040404][ T5204] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=95.91
[ 3354.049857][ T5204] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3354.059341][ T5204] usb 2-1: Product: syz
[ 3354.064681][ T5204] usb 2-1: Manufacturer: syz
[ 3354.069381][ T5204] usb 2-1: SerialNumber: syz
[ 3354.078550][ T5204] usb 2-1: config 0 descriptor??
[ 3354.130824][T14769] netdevsim netdevsim2 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 3354.141232][T14769] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3354.216774][T14769] netdevsim netdevsim2 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 3354.402321][T14769] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3354.433668][ T5828] Bluetooth: hci2: command tx timeout
[ 3354.486583][T14769] netdevsim netdevsim2 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[ 3354.531308][T14769] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3354.617964][T11327] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 3354.785545][T14769] team0: left allmulticast mode
[ 3354.798739][T14769] team_slave_0: left allmulticast mode
[ 3354.806148][T14769] team_slave_1: left allmulticast mode
[ 3354.811710][T14769] team0: left promiscuous mode
[ 3354.821846][T14769] team_slave_0: left promiscuous mode
[ 3354.844881][T14769] team_slave_1: left promiscuous mode
[ 3354.862651][T14769] bridge0: port 3(team0) entered disabled state
[ 3354.878641][T14769] bridge_slave_1: left allmulticast mode
[ 3354.890484][T14769] bridge_slave_1: left promiscuous mode
[ 3354.899014][T14769] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3354.914149][T14769] 
: left allmulticast mode
[ 3354.921074][T14769] 
: left promiscuous mode
[ 3354.927476][T14769] bridge0: port 1(
) entered disabled state
[ 3355.370967][T14769] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3355.401172][T14769] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3355.432926][T14769] bond0 (unregistering): Released all slaves
[ 3355.513716][T14769] tipc: Disabling bearer <udp:syz2>
[ 3355.527745][T14769] tipc: Left network mode
[ 3355.867965][T11311] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 3355.884294][T11311] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 3355.898271][T11311] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 3355.931272][T11311] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 3356.149197][T11311] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3356.201714][T11311] 8021q: adding VLAN 0 to HW filter on device team0
[ 3356.230085][ T8806] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3356.237191][ T8806] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3356.279224][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3356.286320][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3356.406131][T11311] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 3356.477889][T11311] veth0_vlan: entered promiscuous mode
[ 3356.490062][T11311] veth1_vlan: entered promiscuous mode
[ 3356.516234][ T5828] Bluetooth: hci2: command tx timeout
[ 3356.527868][T11311] veth0_macvtap: entered promiscuous mode
[ 3356.549889][T11311] veth1_macvtap: entered promiscuous mode
[ 3356.587215][T11311] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 3356.601070][T11311] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 3356.624417][T17241] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3356.635969][T17241] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3356.646272][T17241] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3356.667273][T17241] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3356.767073][T18221] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3356.778852][T18221] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3356.818006][ T8806] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3356.828972][ T8806] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3356.880115][ T4451] usb 2-1: USB disconnect, device number 59
[ 3356.954645][T11367] FAULT_INJECTION: forcing a failure.
[ 3356.954645][T11367] name failslab, interval 1, probability 0, space 0, times 0
[ 3356.967418][T11367] CPU: 1 UID: 0 PID: 11367 Comm: syz.2.7488 Not tainted syzkaller #0 PREEMPT(full) 
[ 3356.967433][T11367] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 3356.967439][T11367] Call Trace:
[ 3356.967444][T11367]  <TASK>
[ 3356.967448][T11367]  dump_stack_lvl+0xe8/0x150
[ 3356.967467][T11367]  should_fail_ex+0x412/0x560
[ 3356.967486][T11367]  should_failslab+0xa8/0x100
[ 3356.967501][T11367]  __kmalloc_noprof+0xe8/0x760
[ 3356.967513][T11367]  ? tomoyo_encode+0x28b/0x550
[ 3356.967527][T11367]  tomoyo_encode+0x28b/0x550
[ 3356.967540][T11367]  tomoyo_realpath_from_path+0x58d/0x5d0
[ 3356.967555][T11367]  ? tomoyo_path_number_perm+0x219/0x630
[ 3356.967569][T11367]  tomoyo_path_number_perm+0x246/0x630
[ 3356.967584][T11367]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 3356.967599][T11367]  ? __lock_acquire+0x6b5/0x2cf0
[ 3356.967628][T11367]  ? __fget_files+0x2a/0x420
[ 3356.967639][T11367]  ? __fget_files+0x3a0/0x420
[ 3356.967647][T11367]  ? __fget_files+0x2a/0x420
[ 3356.967658][T11367]  security_file_ioctl_compat+0xc3/0x2a0
[ 3356.967673][T11367]  __ia32_compat_sys_ioctl+0x139/0x950
[ 3356.967687][T11367]  ? __pfx___ia32_compat_sys_ioctl+0x10/0x10
[ 3356.967701][T11367]  ? __fget_files+0x3a0/0x420
[ 3356.967713][T11367]  ? fput+0xa0/0xd0
[ 3356.967727][T11367]  ? ksys_write+0x242/0x270
[ 3356.967744][T11367]  __do_fast_syscall_32+0x20d/0x640
[ 3356.967760][T11367]  ? do_fast_syscall_32+0x33/0x70
[ 3356.967773][T11367]  ? asm_int80_emulation+0x1a/0x20
[ 3356.967782][T11367]  ? do_int80_emulation+0x274/0x4d0
[ 3356.967795][T11367]  ? trace_irq_disable+0x3b/0x150
[ 3356.967806][T11367]  do_fast_syscall_32+0x33/0x70
[ 3356.967819][T11367]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 3356.967831][T11367] RIP: 0023:0xf6fdef6c
[ 3356.967841][T11367] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 3356.967849][T11367] RSP: 002b:00000000f53cd50c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[ 3356.967861][T11367] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000400454cd
[ 3356.967868][T11367] RDX: 000000000000030c RSI: 0000000000000000 RDI: 0000000000000000
[ 3356.967873][T11367] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 3356.967879][T11367] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 3356.967885][T11367] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 3356.967899][T11367]  </TASK>
[ 3356.967910][T11367] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 3357.340415][T14769] hsr_slave_0: left promiscuous mode
[ 3357.346515][T14769] hsr_slave_1: left promiscuous mode
[ 3357.352192][T14769] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 3357.359647][T14769] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 3357.369093][T14769] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 3357.376537][T14769] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 3357.388019][T14769] veth1_macvtap: left promiscuous mode
[ 3357.395069][T14769] veth0_macvtap: left promiscuous mode
[ 3357.401086][T14769] veth1_vlan: left promiscuous mode
[ 3357.406476][T14769] veth0_vlan: left promiscuous mode
[ 3357.547533][T14769] team0 (unregistering): Port device team_slave_1 removed
[ 3357.569430][T14769] team0 (unregistering): Port device team_slave_0 removed
[ 3358.592413][ T5828] Bluetooth: hci2: command tx timeout
[ 3360.672360][ T5828] Bluetooth: hci2: command tx timeout
[ 3365.592616][T11125] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[ 3365.616105][T11125] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[ 3365.625709][T11125] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[ 3365.634203][T11125] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[ 3365.642700][T11125] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[ 3365.837945][T11371] chnl_net:caif_netlink_parms(): no params data found
[ 3365.894360][T11371] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3365.902111][T11371] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3365.909860][T11371] bridge_slave_0: entered allmulticast mode
[ 3365.916799][T11371] bridge_slave_0: entered promiscuous mode
[ 3365.924374][T11371] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3365.931467][T11371] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3365.938664][T11371] bridge_slave_1: entered allmulticast mode
[ 3365.946094][T11371] bridge_slave_1: entered promiscuous mode
[ 3365.977741][T11371] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3365.991013][T11371] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3366.026927][  T987] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3366.049737][T11371] team0: Port device team_slave_0 added
[ 3366.057457][T11371] team0: Port device team_slave_1 added
[ 3366.078000][T11371] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 3366.084996][T11371] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 3366.111663][T11371] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 3366.131908][  T987] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3366.146440][T11371] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 3366.153719][T11371] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 3366.179814][T11371] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 3366.219011][T11371] hsr_slave_0: entered promiscuous mode
[ 3366.225161][T11371] hsr_slave_1: entered promiscuous mode
[ 3366.231409][T11371] debugfs: 'hsr0' already exists in 'hsr'
[ 3366.237181][T11371] Cannot create hsr debugfs directory
[ 3366.250345][  T987] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3366.309610][  T987] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3366.468262][  T987] team0: left allmulticast mode
[ 3366.473682][  T987] team_slave_0: left allmulticast mode
[ 3366.479169][  T987] team_slave_1: left allmulticast mode
[ 3366.484999][  T987] team0: left promiscuous mode
[ 3366.489773][  T987] team_slave_0: left promiscuous mode
[ 3366.495937][  T987] team_slave_1: left promiscuous mode
[ 3366.501660][  T987] bridge0: port 3(team0) entered disabled state
[ 3366.521665][  T987] bridge_slave_1: left allmulticast mode
[ 3366.527435][  T987] bridge_slave_1: left promiscuous mode
[ 3366.533508][  T987] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3366.544059][  T987] 
: left allmulticast mode
[ 3366.548585][  T987] 
: left promiscuous mode
[ 3366.555896][  T987] bridge0: port 1(
) entered disabled state
[ 3366.731876][  T987] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3366.743385][  T987] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3366.753910][  T987] bond0 (unregistering): Released all slaves
[ 3366.830863][  T987] tipc: Disabling bearer <udp:syz2>
[ 3366.840607][  T987] tipc: Left network mode
[ 3367.067017][T11371] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 3367.085687][T11371] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 3367.107299][T11371] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 3367.141329][T11371] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 3367.288199][T11371] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3367.335976][T11371] 8021q: adding VLAN 0 to HW filter on device team0
[ 3367.348646][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3367.355809][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3367.370452][T14769] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3367.377613][T14769] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3367.456659][T11371] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 3367.502831][T11371] veth0_vlan: entered promiscuous mode
[ 3367.512095][T11371] veth1_vlan: entered promiscuous mode
[ 3367.539296][T11371] veth0_macvtap: entered promiscuous mode
[ 3367.557046][T11371] veth1_macvtap: entered promiscuous mode
[ 3367.580599][T11371] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 3367.600433][T11371] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 3367.626991][T14769] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3367.636030][T14769] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3367.648032][T14769] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3367.660721][T14769] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3367.712691][T11125] Bluetooth: hci0: command tx timeout
[ 3367.744688][  T987] hsr_slave_0: left promiscuous mode
[ 3367.750411][  T987] hsr_slave_1: left promiscuous mode
[ 3367.756407][  T987] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 3367.763829][  T987] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 3367.771447][  T987] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 3367.778951][  T987] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 3367.790303][  T987] veth1_macvtap: left promiscuous mode
[ 3367.796016][  T987] veth0_macvtap: left promiscuous mode
[ 3367.801520][  T987] veth1_vlan: left promiscuous mode
[ 3367.808006][  T987] veth0_vlan: left promiscuous mode
[ 3367.957368][  T987] team0 (unregistering): Port device team_slave_1 removed
[ 3367.974866][  T987] team0 (unregistering): Port device team_slave_0 removed
[ 3368.066294][T11226] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3368.090040][T11226] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3368.129888][T11226] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3368.138391][T11226] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3369.803194][T11125] Bluetooth: hci0: command tx timeout
[ 3371.872567][T11125] Bluetooth: hci0: command tx timeout
[ 3373.953806][T11125] Bluetooth: hci0: command tx timeout
[ 3378.689309][ T5828] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 3378.705497][ T5828] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 3378.716201][ T5828] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 3378.724288][ T5828] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 3378.733594][ T5828] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 3378.782572][ T5204] usb 1-1: new high-speed USB device number 63 using dummy_hcd
[ 3378.964878][ T5204] usb 1-1: config index 0 descriptor too short (expected 39, got 27)
[ 3378.980144][ T5204] usb 1-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[ 3379.028561][ T5204] usb 1-1: config 0 interface 0 has no altsetting 0
[ 3379.041882][T11444] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 3379.066764][ T5204] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 3379.076400][ T5204] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 3379.102568][ T5204] usb 1-1: Product: syz
[ 3379.122118][ T5204] usb 1-1: Manufacturer: syz
[ 3379.162603][ T5204] usb 1-1: SerialNumber: syz
[ 3379.187048][T11442] bridge0: port 3(team0) entered blocking state
[ 3379.200111][ T5204] usb 1-1: config 0 descriptor??
[ 3379.228563][ T5204] hub 1-1:0.0: bad descriptor, ignoring hub
[ 3379.252376][ T5204] hub 1-1:0.0: probe with driver hub failed with error -5
[ 3379.281078][T11442] bridge0: port 3(team0) entered disabled state
[ 3379.297188][ T5204] usb 1-1: selecting invalid altsetting 0
[ 3379.320388][T11442] team0: entered allmulticast mode
[ 3379.326798][T11442] team_slave_0: entered allmulticast mode
[ 3379.837127][T11442] team_slave_1: entered allmulticast mode
[ 3379.856100][T11442] team0: entered promiscuous mode
[ 3379.861152][T11442] team_slave_0: entered promiscuous mode
[ 3379.867221][T11442] team_slave_1: entered promiscuous mode
[ 3379.876611][T11442] bridge0: port 3(team0) entered blocking state
[ 3379.882945][T11442] bridge0: port 3(team0) entered forwarding state
[ 3380.221231][T11460] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7500'.
[ 3380.235105][ T4230] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 3380.422444][ T4230] usb 3-1: Using ep0 maxpacket: 32
[ 3380.458789][ T4230] usb 3-1: config 0 has an invalid interface number: 188 but max is 0
[ 3380.492419][ T4230] usb 3-1: config 0 has no interface number 0
[ 3380.521429][ T4230] usb 3-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[ 3380.566986][T11445] chnl_net:caif_netlink_parms(): no params data found
[ 3380.587179][ T4230] usb 3-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[ 3380.623878][ T4230] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3380.645104][T14769] team0: left allmulticast mode
[ 3380.657181][T14769] team_slave_0: left allmulticast mode
[ 3380.676787][ T4230] usb 3-1: Product: syz
[ 3380.683595][T14769] team_slave_1: left allmulticast mode
[ 3380.689260][ T4230] usb 3-1: Manufacturer: syz
[ 3380.701234][T14769] team0: left promiscuous mode
[ 3380.708828][ T4230] usb 3-1: SerialNumber: syz
[ 3380.735071][T14769] team_slave_0: left promiscuous mode
[ 3380.752328][ T5828] Bluetooth: hci1: command tx timeout
[ 3380.756836][ T4230] usb 3-1: config 0 descriptor??
[ 3380.768475][T14769] team_slave_1: left promiscuous mode
[ 3380.785803][T11456] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 3380.795089][T14769] bridge0: port 3(team0) entered disabled state
[ 3380.810060][T14769] bridge_slave_1: left allmulticast mode
[ 3380.816957][T14769] bridge_slave_1: left promiscuous mode
[ 3380.822865][T14769] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3380.832601][T14769] 
: left allmulticast mode
[ 3380.850820][T14769] 
: left promiscuous mode
[ 3380.862318][ T5900] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[ 3380.869285][T14769] bridge0: port 1(
) entered disabled state
[ 3381.008603][T11456] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 3381.048074][T14769] dvmrp1 (unregistering): left allmulticast mode
[ 3381.124544][T14769] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3381.135424][T14769] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3381.148112][T14769] bond0 (unregistering): Released all slaves
[ 3381.164832][T21912] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[ 3381.200672][T14769] bond1 (unregistering): Released all slaves
[ 3381.277733][ T4230] asix 3-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[ 3381.342080][ T4230] asix 3-1:0.188: probe with driver asix failed with error -71
[ 3381.345269][ T5900] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[ 3381.389635][ T5900] usb 4-1: config 0 has no interface number 0
[ 3381.405068][T21912] usb 5-1: config 255 has an invalid interface number: 133 but max is 0
[ 3381.445373][ T4230] usb 3-1: USB disconnect, device number 33
[ 3381.455880][T21912] usb 5-1: config 255 has no interface number 0
[ 3381.467461][ T5900] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[ 3381.504817][T21912] usb 5-1: config 255 interface 133 has no altsetting 0
[ 3381.514459][T21912] usb 5-1: New USB device found, idVendor=1943, idProduct=2255, bcdDevice=d7.fb
[ 3381.516739][ T5900] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3381.523567][T21912] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3381.523590][T21912] usb 5-1: Product: syz
[ 3381.523604][T21912] usb 5-1: Manufacturer: syz
[ 3381.523618][T21912] usb 5-1: SerialNumber: syz
[ 3381.542750][T11478] bridge0: port 3(veth3) entered blocking state
[ 3381.586422][T11481] netlink: 40 bytes leftover after parsing attributes in process `syz.2.7502'.
[ 3381.596007][T11478] bridge0: port 3(veth3) entered disabled state
[ 3381.604586][ T5900] usb 4-1: Product: syz
[ 3381.613222][T11478] veth3: entered allmulticast mode
[ 3381.622286][ T5900] usb 4-1: Manufacturer: syz
[ 3381.628549][T11478] veth3: entered promiscuous mode
[ 3381.634079][ T5900] usb 4-1: SerialNumber: syz
[ 3381.660277][T14769] tipc: Disabling bearer <udp:syz2>
[ 3381.673546][ T5900] usb 4-1: config 0 descriptor??
[ 3381.678755][T14769] tipc: Left network mode
[ 3381.833744][T21912] s2255 5-1:255.133: Could not find bulk-in endpoint
[ 3381.863170][T11445] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3381.889287][T11445] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3381.899527][T11445] bridge_slave_0: entered allmulticast mode
[ 3381.900278][T21912] Sensoray 2255 driver load failed: 0xfffffff4
[ 3381.908665][T11445] bridge_slave_0: entered promiscuous mode
[ 3381.962055][T11445] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3381.971058][ T5900] usb 4-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[ 3381.979691][T21912] s2255 5-1:255.133: probe with driver s2255 failed with error -12
[ 3381.980211][T21912] usbhid 5-1:255.133: couldn't find an input interrupt endpoint
[ 3381.993054][T21912] usb 5-1: USB disconnect, device number 16
[ 3382.014669][T11445] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3382.021785][T11445] bridge_slave_1: entered allmulticast mode
[ 3382.050408][T11445] bridge_slave_1: entered promiscuous mode
[ 3382.079610][ T5900] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[ 3382.112399][ T5900] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[ 3382.148389][ T5900] usb 4-1: media controller created
[ 3382.183944][T11445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3382.204612][ T5900] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 3382.225058][T11445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3382.348767][T11464] netlink: 48 bytes leftover after parsing attributes in process `syz.3.7500'.
[ 3382.521753][T11445] team0: Port device team_slave_0 added
[ 3382.574962][T11445] team0: Port device team_slave_1 added
[ 3382.805469][T11445] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 3382.838755][ T5828] Bluetooth: hci1: command tx timeout
[ 3382.838758][T11445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 3382.838783][T11445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 3382.952350][ T7769] usb 3-1: new full-speed USB device number 34 using dummy_hcd
[ 3382.987454][T11445] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 3382.995088][T11445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 3383.025990][T11445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 3383.138505][ T7769] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 3383.150766][ T7769] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[ 3383.169764][ T7769] usb 3-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=95.91
[ 3383.180329][ T7769] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3383.195858][T11445] hsr_slave_0: entered promiscuous mode
[ 3383.201677][ T7769] usb 3-1: Product: syz
[ 3383.211505][T11445] hsr_slave_1: entered promiscuous mode
[ 3383.217607][ T7769] usb 3-1: Manufacturer: syz
[ 3383.222997][ T7769] usb 3-1: SerialNumber: syz
[ 3383.228422][T11445] debugfs: 'hsr0' already exists in 'hsr'
[ 3383.249298][ T7769] usb 3-1: config 0 descriptor??
[ 3383.255873][T11445] Cannot create hsr debugfs directory
[ 3383.312842][ T5900] i2c i2c-1: ec100: i2c rd failed=-110 reg=33
[ 3383.622063][ T5893] usb 1-1: USB disconnect, device number 63
[ 3384.085623][T11516] FAULT_INJECTION: forcing a failure.
[ 3384.085623][T11516] name failslab, interval 1, probability 0, space 0, times 0
[ 3384.132201][T11516] CPU: 1 UID: 0 PID: 11516 Comm: syz.0.7505 Not tainted syzkaller #0 PREEMPT(full) 
[ 3384.132228][T11516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 3384.132239][T11516] Call Trace:
[ 3384.132246][T11516]  <TASK>
[ 3384.132253][T11516]  dump_stack_lvl+0xe8/0x150
[ 3384.132292][T11516]  should_fail_ex+0x412/0x560
[ 3384.132323][T11516]  should_failslab+0xa8/0x100
[ 3384.132347][T11516]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 3384.132369][T11516]  ? __alloc_skb+0x1d0/0x7d0
[ 3384.132388][T11516]  ? __local_bh_enable_ip+0xd0/0x130
[ 3384.132415][T11516]  __alloc_skb+0x1d0/0x7d0
[ 3384.132437][T11516]  netlink_dump+0x1ef/0xe80
[ 3384.132466][T11516]  ? __pfx_netlink_dump+0x10/0x10
[ 3384.132497][T11516]  ? kmem_cache_free+0x187/0x630
[ 3384.132516][T11516]  ? netlink_recvmsg+0x5d6/0xa50
[ 3384.132538][T11516]  netlink_recvmsg+0x690/0xa50
[ 3384.132565][T11516]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 3384.132589][T11516]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 3384.132618][T11516]  ? bpf_lsm_socket_recvmsg+0x9/0x20
[ 3384.132637][T11516]  ? security_socket_recvmsg+0x7e/0x2c0
[ 3384.132724][T11516]  ? __pfx_netlink_recvmsg+0x10/0x10
[ 3384.132744][T11516]  sock_recvmsg+0x172/0x1b0
[ 3384.132764][T11516]  ____sys_recvmsg+0x1e6/0x4a0
[ 3384.132800][T11516]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 3384.132821][T11516]  ? get_compat_msghdr+0x34b/0x4c0
[ 3384.132858][T11516]  ___sys_recvmsg+0x215/0x590
[ 3384.132882][T11516]  ? __lock_acquire+0x6b5/0x2cf0
[ 3384.132903][T11516]  ? __pfx____sys_recvmsg+0x10/0x10
[ 3384.132948][T11516]  ? __fget_files+0x3a0/0x420
[ 3384.132974][T11516]  do_recvmmsg+0x3a5/0x800
[ 3384.133002][T11516]  ? __pfx_do_recvmmsg+0x10/0x10
[ 3384.133035][T11516]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 3384.133063][T11516]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[ 3384.133094][T11516]  __sys_recvmmsg+0x1a5/0x290
[ 3384.133119][T11516]  ? __pfx___sys_recvmmsg+0x10/0x10
[ 3384.133143][T11516]  ? ksys_write+0x242/0x270
[ 3384.133169][T11516]  __ia32_compat_sys_recvmmsg_time32+0xbf/0xe0
[ 3384.133195][T11516]  __do_fast_syscall_32+0x20d/0x640
[ 3384.133219][T11516]  ? do_fast_syscall_32+0x33/0x70
[ 3384.133241][T11516]  ? asm_int80_emulation+0x1a/0x20
[ 3384.133256][T11516]  ? do_int80_emulation+0x274/0x4d0
[ 3384.133276][T11516]  ? trace_irq_disable+0x3b/0x150
[ 3384.133295][T11516]  do_fast_syscall_32+0x33/0x70
[ 3384.133320][T11516]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 3384.133341][T11516] RIP: 0023:0xf7f88f6c
[ 3384.133363][T11516] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 3384.133376][T11516] RSP: 002b:00000000f544650c EFLAGS: 00000206 ORIG_RAX: 0000000000000151
[ 3384.133402][T11516] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080001980
[ 3384.133415][T11516] RDX: 0000000000000001 RSI: 0000000000002120 RDI: 0000000000000000
[ 3384.133425][T11516] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 3384.133436][T11516] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 3384.133446][T11516] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 3384.133472][T11516]  </TASK>
[ 3384.553411][T11445] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 3384.565368][T11445] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 3384.576162][T11445] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 3384.586709][T11445] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 3384.741173][T11445] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3384.759563][T11445] 8021q: adding VLAN 0 to HW filter on device team0
[ 3384.800825][  T987] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3384.807973][  T987] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3384.833011][T11530] FAULT_INJECTION: forcing a failure.
[ 3384.833011][T11530] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 3384.861656][T18221] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3384.868764][T18221] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3384.881097][T11530] CPU: 0 UID: 0 PID: 11530 Comm: syz.0.7507 Not tainted syzkaller #0 PREEMPT(full) 
[ 3384.881118][T11530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 3384.881128][T11530] Call Trace:
[ 3384.881135][T11530]  <TASK>
[ 3384.881142][T11530]  dump_stack_lvl+0xe8/0x150
[ 3384.881170][T11530]  should_fail_ex+0x412/0x560
[ 3384.881200][T11530]  _copy_from_user+0x2d/0xb0
[ 3384.881221][T11530]  kstrtouint_from_user+0xd6/0x180
[ 3384.881240][T11530]  ? __pfx_kstrtouint_from_user+0x10/0x10
[ 3384.881270][T11530]  proc_fail_nth_write+0x8e/0x210
[ 3384.881294][T11530]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 3384.881320][T11530]  ? __pfx_proc_fail_nth_write+0x10/0x10
[ 3384.881345][T11530]  vfs_write+0x29a/0xb90
[ 3384.881373][T11530]  ? __pfx_vfs_write+0x10/0x10
[ 3384.881394][T11530]  ? __fget_files+0x2a/0x420
[ 3384.881414][T11530]  ? __fget_files+0x3a0/0x420
[ 3384.881428][T11530]  ? __fget_files+0x2a/0x420
[ 3384.881451][T11530]  ksys_write+0x150/0x270
[ 3384.881470][T11530]  ? __pfx_ksys_write+0x10/0x10
[ 3384.881491][T11530]  ? asm_int80_emulation+0x1a/0x20
[ 3384.881514][T11530]  do_int80_emulation+0x173/0x4d0
[ 3384.881539][T11530]  ? trace_irq_disable+0x3b/0x150
[ 3384.881555][T11530]  ? asm_int80_emulation+0x1a/0x20
[ 3384.881571][T11530]  ? clear_bhb_loop+0x40/0x90
[ 3384.881589][T11530]  ? clear_bhb_loop+0x40/0x90
[ 3384.881610][T11530]  asm_int80_emulation+0x1a/0x20
[ 3384.881627][T11530] RIP: 0023:0xf7185cab
[ 3384.881643][T11530] Code: 57 56 53 8b 44 24 14 f6 00 08 75 23 8b 44 24 18 8b 5c 24 1c 8b 4c 24 20 8b 54 24 24 8b 74 24 28 8b 7c 24 2c 8b 6c 24 30 cd 80 <5b> 5e 5f 5d c3 5b 5e 5f 5d e9 f7 a1 ff ff 66 90 66 90 66 90 90 53
[ 3384.881658][T11530] RSP: 002b:00000000f54464bc EFLAGS: 00000246 ORIG_RAX: 0000000000000004
[ 3384.881677][T11530] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000f54465d0
[ 3384.881689][T11530] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 0000000000000000
[ 3384.881699][T11530] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 3384.881716][T11530] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 3384.881726][T11530] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 3384.881751][T11530]  </TASK>
[ 3385.100714][ T5828] Bluetooth: hci1: command tx timeout
[ 3385.192972][ T5900] usb 4-1: USB disconnect, device number 39
[ 3385.401367][T14769] hsr_slave_0: left promiscuous mode
[ 3385.438905][T14769] hsr_slave_1: left promiscuous mode
[ 3385.446143][T14769] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 3385.458384][T14769] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 3385.465683][ T4451] usb 1-1: new high-speed USB device number 64 using dummy_hcd
[ 3385.511995][T28080] usb 3-1: USB disconnect, device number 34
[ 3385.523717][T11545] netlink: 'syz.3.7512': attribute type 1 has an invalid length.
[ 3385.632631][ T4451] usb 1-1: Using ep0 maxpacket: 16
[ 3385.666951][ T4451] usb 1-1: config 1 interface 0 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[ 3385.688084][ T4451] usb 1-1: config 1 interface 0 altsetting 0 has a duplicate endpoint with address 0x5, skipping
[ 3385.703752][ T4451] usb 1-1: config 1 interface 0 altsetting 0 has a duplicate endpoint with address 0xB, skipping
[ 3385.724486][ T4451] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0xD has invalid maxpacket 1024, setting to 64
[ 3385.769884][ T4451] usb 1-1: New USB device found, idVendor=0499, idProduct=1041, bcdDevice= 0.40
[ 3385.801479][ T4451] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3385.821342][ T4451] usb 1-1: Product: syz
[ 3385.838818][ T4451] usb 1-1: Manufacturer: syz
[ 3385.850743][ T4451] usb 1-1: SerialNumber: syz
[ 3385.948651][T14769] team0 (unregistering): Port device team_slave_1 removed
[ 3385.973651][T14769] team0 (unregistering): Port device team_slave_0 removed
[ 3386.131226][ T4451] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[ 3386.236708][T11445] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 3386.250649][ T4451] snd-usb-audio 1-1:1.0: probe with driver snd-usb-audio failed with error -2
[ 3386.267159][ T4451] usb 1-1: USB disconnect, device number 64
[ 3386.309797][T11453] udevd[11453]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 3386.410899][T11545] 8021q: adding VLAN 0 to HW filter on device bond2
[ 3386.644002][T11445] veth0_vlan: entered promiscuous mode
[ 3386.761433][T11445] veth1_vlan: entered promiscuous mode
[ 3386.887144][T11445] veth0_macvtap: entered promiscuous mode
[ 3386.931803][T11445] veth1_macvtap: entered promiscuous mode
[ 3386.932571][ T7769] usb 5-1: new full-speed USB device number 17 using dummy_hcd
[ 3386.996935][T11445] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 3387.025870][T11445] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 3387.042353][ T4230] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[ 3387.074869][   T49] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3387.106488][   T49] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3387.114119][ T7769] usb 5-1: config 255 has an invalid interface number: 133 but max is 0
[ 3387.134040][ T7769] usb 5-1: config 255 has no interface number 0
[ 3387.146216][ T7769] usb 5-1: config 255 interface 133 has no altsetting 0
[ 3387.153692][ T5828] Bluetooth: hci1: command tx timeout
[ 3387.153968][   T49] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3387.171395][ T7769] usb 5-1: New USB device found, idVendor=1943, idProduct=2255, bcdDevice=d7.fb
[ 3387.190811][ T7769] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3387.205356][ T7769] usb 5-1: Product: syz
[ 3387.209531][ T7769] usb 5-1: Manufacturer: syz
[ 3387.213615][   T49] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3387.222312][ T4230] usb 3-1: Using ep0 maxpacket: 32
[ 3387.229909][ T7769] usb 5-1: SerialNumber: syz
[ 3387.234161][   T30] kauditd_printk_skb: 31 callbacks suppressed
[ 3387.234175][   T30] audit: type=1326 audit(1775919361.147:29812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11589 comm="syz.3.7519" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fa6f6c code=0x0
[ 3387.242681][ T4230] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[ 3387.318482][ T4230] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 3387.342310][ T4230] usb 3-1: config 0 has no interface number 0
[ 3387.360748][ T4230] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 3387.379857][T11592] netlink: 32 bytes leftover after parsing attributes in process `syz.3.7519'.
[ 3387.380410][ T4230] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3387.417510][ T4230] usb 3-1: Product: syz
[ 3387.421804][T14769] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3387.429967][ T4230] usb 3-1: Manufacturer: syz
[ 3387.439948][ T4230] usb 3-1: SerialNumber: syz
[ 3387.455651][T14769] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3387.465875][ T4230] usb 3-1: config 0 descriptor??
[ 3387.479333][ T5893] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[ 3387.512662][T18221] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3387.514888][ T4230] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 3387.520480][T18221] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3387.552786][ T5893] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 3387.679766][T11594] fido_id[11594]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 3387.725842][T11581] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 3387.740665][T11581] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 3388.364534][T11125] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 3388.373589][T11125] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 3388.381819][T11125] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 3388.390299][T11125] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 3388.398194][T11125] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 3388.687596][T11614] FAULT_INJECTION: forcing a failure.
[ 3388.687596][T11614] name failslab, interval 1, probability 0, space 0, times 0
[ 3388.700769][T11614] CPU: 1 UID: 0 PID: 11614 Comm: syz.1.7525 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 3388.700793][T11614] Tainted: [L]=SOFTLOCKUP
[ 3388.700799][T11614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 3388.700810][T11614] Call Trace:
[ 3388.700817][T11614]  <TASK>
[ 3388.700825][T11614]  dump_stack_lvl+0xe8/0x150
[ 3388.700853][T11614]  should_fail_ex+0x412/0x560
[ 3388.700882][T11614]  should_failslab+0xa8/0x100
[ 3388.700907][T11614]  kmem_cache_alloc_node_noprof+0x8f/0x690
[ 3388.700927][T11614]  ? __alloc_skb+0x186/0x7d0
[ 3388.700946][T11614]  ? __alloc_skb+0x1d0/0x7d0
[ 3388.700961][T11614]  ? __local_bh_enable_ip+0xd0/0x130
[ 3388.700983][T11614]  __alloc_skb+0x1d0/0x7d0
[ 3388.700997][T11614]  ? bpf_lsm_socket_getpeersec_dgram+0x9/0x20
[ 3388.701018][T11614]  netlink_sendmsg+0x5d4/0xb40
[ 3388.701044][T11614]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3388.701063][T11614]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 3388.701090][T11614]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 3388.701112][T11614]  ____sys_sendmsg+0x972/0x9f0
[ 3388.701140][T11614]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3388.701165][T11614]  ? kstrtoull+0x12f/0x1d0
[ 3388.701196][T11614]  ___sys_sendmsg+0x2a5/0x360
[ 3388.701222][T11614]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3388.701245][T11614]  ? get_pid_task+0x20/0x1f0
[ 3388.701262][T11614]  ? get_pid_task+0x20/0x1f0
[ 3388.701276][T11614]  ? get_pid_task+0x20/0x1f0
[ 3388.701311][T11614]  ? __fget_files+0x2a/0x420
[ 3388.701326][T11614]  ? __fget_files+0x3a0/0x420
[ 3388.701349][T11614]  __sys_sendmsg+0x183/0x260
[ 3388.701372][T11614]  ? __pfx___sys_sendmsg+0x10/0x10
[ 3388.701412][T11614]  __do_fast_syscall_32+0x20d/0x640
[ 3388.701437][T11614]  ? do_fast_syscall_32+0x33/0x70
[ 3388.701466][T11614]  ? asm_int80_emulation+0x1a/0x20
[ 3388.701482][T11614]  ? do_int80_emulation+0x274/0x4d0
[ 3388.701503][T11614]  ? trace_irq_disable+0x3b/0x150
[ 3388.701522][T11614]  do_fast_syscall_32+0x33/0x70
[ 3388.701546][T11614]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 3388.701566][T11614] RIP: 0023:0xf702ef6c
[ 3388.701581][T11614] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 3388.701595][T11614] RSP: 002b:00000000f541d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[ 3388.701613][T11614] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800001c0
[ 3388.701625][T11614] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[ 3388.701636][T11614] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 3388.701645][T11614] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 3388.701655][T11614] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 3388.701679][T11614]  </TASK>
[ 3388.997027][ T1300] ieee802154 phy0 wpan0: encryption failed: -22
[ 3389.003355][ T1300] ieee802154 phy1 wpan1: encryption failed: -22
[ 3389.101793][   T49] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3389.218459][   T49] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3389.286969][   T49] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3389.363971][   T49] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 3389.391256][T11610] chnl_net:caif_netlink_parms(): no params data found
[ 3389.416278][ T7769] s2255 5-1:255.133: Could not find bulk-in endpoint
[ 3389.432440][ T5893] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[ 3389.443762][ T7769] Sensoray 2255 driver load failed: 0xfffffff4
[ 3389.476815][ T7769] s2255 5-1:255.133: probe with driver s2255 failed with error -12
[ 3389.516235][ T7769] usbhid 5-1:255.133: couldn't find an input interrupt endpoint
[ 3389.572336][ T7769] usb 5-1: USB disconnect, device number 17
[ 3389.614314][ T5893] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[ 3389.660142][ T5893] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 3389.669627][ T5893] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 3389.679929][ T5893] usb 2-1: SerialNumber: syz
[ 3389.888065][   T49] team0: left allmulticast mode
[ 3389.897368][   T49] team_slave_0: left allmulticast mode
[ 3389.905633][   T49] team_slave_1: left allmulticast mode
[ 3389.922893][   T49] team0: left promiscuous mode
[ 3389.943698][   T49] team_slave_0: left promiscuous mode
[ 3389.968280][   T49] team_slave_1: left promiscuous mode
[ 3389.988191][T11620] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7527'.
[ 3389.997765][   T49] bridge0: port 3(team0) entered disabled state
[ 3390.021786][   T49] bridge_slave_1: left allmulticast mode
[ 3390.039335][   T49] bridge_slave_1: left promiscuous mode
[ 3390.060411][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3390.082526][ T5893] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -71
[ 3390.102115][   T49] 
: left allmulticast mode
[ 3390.114072][   T49] 
: left promiscuous mode
[ 3390.118703][   T49] bridge0: port 1(
) entered disabled state
[ 3390.150690][ T5893] usb 2-1: USB disconnect, device number 60
[ 3390.432580][ T5828] Bluetooth: hci4: command tx timeout
[ 3390.749537][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 3390.785453][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 3390.797980][   T49] bond0 (unregistering): Released all slaves
[ 3390.815585][   T49] bond1 (unregistering): Released all slaves
[ 3390.831017][   T49] bond2 (unregistering): Released all slaves
[ 3390.845897][T11610] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3390.857813][T11610] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3390.866701][T11610] bridge_slave_0: entered allmulticast mode
[ 3390.874571][T11610] bridge_slave_0: entered promiscuous mode
[ 3390.892299][ T5204] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[ 3390.901351][T11610] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3390.915688][T11610] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3390.923094][T11610] bridge_slave_1: entered allmulticast mode
[ 3390.930708][T11610] bridge_slave_1: entered promiscuous mode
[ 3390.976057][T11610] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 3391.004122][T11610] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 3391.068658][ T5204] usb 5-1: Using ep0 maxpacket: 16
[ 3391.091052][T11610] team0: Port device team_slave_0 added
[ 3391.101012][ T5204] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 3391.112581][ T5204] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 127, changing to 7
[ 3391.124082][T11610] team0: Port device team_slave_1 added
[ 3391.142035][ T5204] usb 5-1: New USB device found, idVendor=103d, idProduct=0100, bcdDevice= 0.40
[ 3391.161780][ T5204] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3391.177719][ T5204] usb 5-1: Product: syz
[ 3391.182034][T11610] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 3391.193476][ T5204] usb 5-1: Manufacturer: syz
[ 3391.198135][T11610] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 3391.224514][ T5204] usb 5-1: SerialNumber: syz
[ 3391.231179][T11610] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 3391.254899][T11610] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 3391.268730][T11610] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 3391.319953][T11610] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 3391.426216][T11610] hsr_slave_0: entered promiscuous mode
[ 3391.441825][T11610] hsr_slave_1: entered promiscuous mode
[ 3391.455181][T11610] debugfs: 'hsr0' already exists in 'hsr'
[ 3391.460958][T11610] Cannot create hsr debugfs directory
[ 3392.456573][   T49] tipc: Disabling bearer <udp:syz2>
[ 3392.481478][   T49] tipc: Left network mode
[ 3392.525596][ T5204] usb 5-1: Audio class v2/v3 interfaces need an interface association
[ 3392.539480][ T5204] snd-usb-audio 5-1:1.0: probe with driver snd-usb-audio failed with error -22
[ 3392.568696][ T5828] Bluetooth: hci4: command tx timeout
[ 3392.593301][ T4230] usb 3-1: qt2_attach - failed to power on unit: -110
[ 3392.600336][ T4230] quatech2 3-1:0.51: probe with driver quatech2 failed with error -110
[ 3392.701788][ T5204] usb 5-1: USB disconnect, device number 18
[ 3393.109225][T11610] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 3393.124690][T28080] usb 3-1: USB disconnect, device number 35
[ 3393.134716][T11610] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 3393.180205][T11610] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 3393.205926][T11610] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 3393.526194][T11610] 8021q: adding VLAN 0 to HW filter on device bond0
[ 3393.635683][T11610] 8021q: adding VLAN 0 to HW filter on device team0
[ 3393.681486][  T987] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3393.688600][  T987] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3393.884876][  T987] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3393.892011][  T987] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3394.592316][ T5828] Bluetooth: hci4: command tx timeout
[ 3394.689356][T11610] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 3394.729505][T11610] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 3395.229709][T11610] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 3395.352326][ T4230] usb 2-1: new full-speed USB device number 61 using dummy_hcd
[ 3395.584249][ T4230] usb 2-1: config 255 has an invalid interface number: 133 but max is 0
[ 3395.611135][ T4230] usb 2-1: config 255 has no interface number 0
[ 3395.617562][ T4230] usb 2-1: config 255 interface 133 has no altsetting 0
[ 3395.629393][ T4230] usb 2-1: New USB device found, idVendor=1943, idProduct=2255, bcdDevice=d7.fb
[ 3395.769712][ T4230] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3395.789923][ T4230] usb 2-1: Product: syz
[ 3395.794912][ T4230] usb 2-1: Manufacturer: syz
[ 3395.811505][ T4230] usb 2-1: SerialNumber: syz
[ 3395.926037][T11610] veth0_vlan: entered promiscuous mode
[ 3395.948986][T11610] veth1_vlan: entered promiscuous mode
[ 3396.246262][T11610] veth0_macvtap: entered promiscuous mode
[ 3396.316625][T11610] veth1_macvtap: entered promiscuous mode
[ 3396.403715][T11610] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 3396.436963][T11610] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 3396.520056][  T987] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 3396.549324][  T987] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 3396.581038][  T987] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 3396.639712][  T987] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 3396.673876][ T5828] Bluetooth: hci4: command tx timeout
[ 3396.895373][   T49] hsr_slave_0: left promiscuous mode
[ 3396.943461][   T49] hsr_slave_1: left promiscuous mode
[ 3396.959808][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 3396.984210][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 3397.011481][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 3397.027970][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 3397.067767][   T49] veth1_macvtap: left promiscuous mode
[ 3397.086247][   T49] veth0_macvtap: left promiscuous mode
[ 3397.104308][   T49] veth1_vlan: left promiscuous mode
[ 3397.120289][   T49] veth0_vlan: left promiscuous mode
[ 3397.132745][ T5900] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[ 3397.309516][ T5900] usb 3-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[ 3397.362301][ T5900] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 3397.386873][ T5900] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 3397.421510][ T5900] usb 3-1: config 1 has no interface number 1
[ 3397.434285][ T5900] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 3397.473882][ T5900] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 3397.502261][ T5900] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3397.512774][ T5900] usb 3-1: Product: syz
[ 3397.516944][ T5900] usb 3-1: Manufacturer: syz
[ 3397.521544][ T5900] usb 3-1: SerialNumber: syz
[ 3397.651774][ T4230] s2255 2-1:255.133: Could not find bulk-in endpoint
[ 3397.677433][   T49] team0 (unregistering): Port device team_slave_1 removed
[ 3397.681831][ T4230] Sensoray 2255 driver load failed: 0xfffffff4
[ 3397.695709][ T4230] s2255 2-1:255.133: probe with driver s2255 failed with error -12
[ 3397.710666][ T4230] usbhid 2-1:255.133: couldn't find an input interrupt endpoint
[ 3397.729508][ T4230] usb 2-1: USB disconnect, device number 61
[ 3397.772698][   T49] team0 (unregistering): Port device team_slave_0 removed
[ 3398.218649][T11776] batadv_slave_1: entered promiscuous mode
[ 3398.240318][T11775] batadv_slave_1: left promiscuous mode
[ 3398.334712][ T8806] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3398.378803][ T8806] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3398.401427][ T5900] usb 3-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[ 3398.410976][ T5900] usb 3-1: MIDIStreaming interface descriptor not found
[ 3398.443310][T18221] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 3398.451129][T18221] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 3398.681863][ T5900] usb 3-1: USB disconnect, device number 36
[ 3399.338985][T11849] bridge1: entered promiscuous mode
[ 3399.358246][T11849] bridge1: entered allmulticast mode
[ 3399.840899][T11858] bridge1: entered promiscuous mode
[ 3399.897039][T11858] bridge1: entered allmulticast mode
[ 3400.388581][T11868] i2c i2c-0: DVB: adapter 0 frontend 0 frequency 34222784 out of range (51000000..2150000000)
[ 3400.585227][T11871] netlink: 12 bytes leftover after parsing attributes in process `syz.4.7580'.
[ 3401.042542][T11879] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7583'.
[ 3401.312516][ T5893] usb 1-1: new high-speed USB device number 65 using dummy_hcd
[ 3401.403038][T11886] hub 8-0:1.0: USB hub found
[ 3401.421721][T11886] hub 8-0:1.0: 1 port detected
[ 3401.498875][ T5893] usb 1-1: Using ep0 maxpacket: 8
[ 3401.510347][ T5893] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 3401.552581][ T5893] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 3401.598975][ T5893] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 3401.639241][ T5893] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 3401.670731][ T5893] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 3401.690883][ T5893] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3401.968261][ T5893] usb 1-1: GET_CAPABILITIES returned 0
[ 3401.984280][ T5893] usbtmc 1-1:16.0: can't read capabilities
[ 3402.427155][ T4451] usb 1-1: USB disconnect, device number 65
[ 3403.306529][T11903] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7590'.
[ 3403.458866][T11907] netlink: 164 bytes leftover after parsing attributes in process `syz.0.7592'.
[ 3403.496089][T11907] netlink: 164 bytes leftover after parsing attributes in process `syz.0.7592'.
[ 3403.841128][T11917] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7596'.
[ 3403.872551][T11917] netlink: 8 bytes leftover after parsing attributes in process `syz.4.7596'.
[ 3404.145690][T11925] 8021q: VLANs not supported on ipvlan1
[ 3404.847629][ T5828] Bluetooth: hci5: adv larger than maximum supported
[ 3405.917018][T11953] input: syz0 as /devices/virtual/input/input11
[ 3406.319538][T11966] netlink: 1320 bytes leftover after parsing attributes in process `syz.0.7617'.
[ 3406.559420][T11968] bridge1: entered promiscuous mode
[ 3406.572949][T11968] bridge1: entered allmulticast mode
[ 3407.752077][   T30] audit: type=1326 audit(1775919381.657:29813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11984 comm="syz.2.7624" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[ 3407.857069][   T30] audit: type=1326 audit(1775919381.697:29814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11984 comm="syz.2.7624" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[ 3407.935416][   T30] audit: type=1326 audit(1775919381.747:29815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11984 comm="syz.2.7624" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7115cab code=0x7ffc0000
[ 3408.010883][   T30] audit: type=1326 audit(1775919381.747:29816): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11984 comm="syz.2.7624" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[ 3408.059534][   T30] audit: type=1326 audit(1775919381.747:29817): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11984 comm="syz.2.7624" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[ 3408.120129][   T30] audit: type=1326 audit(1775919381.757:29818): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11984 comm="syz.2.7624" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[ 3408.196593][   T30] audit: type=1326 audit(1775919381.757:29819): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11984 comm="syz.2.7624" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[ 3408.273332][   T30] audit: type=1326 audit(1775919381.757:29820): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11984 comm="syz.2.7624" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[ 3408.412375][   T30] audit: type=1326 audit(1775919381.767:29821): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11984 comm="syz.2.7624" exe="/root/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[ 3408.488317][   T30] audit: type=1326 audit(1775919381.767:29822): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11984 comm="syz.2.7624" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf6fdef6c code=0x7ffc0000
[ 3408.724838][T11989] pim6reg: entered allmulticast mode
[ 3408.753398][T12000] pim6reg: left allmulticast mode
[ 3409.768374][T12017] input: syz0 as /devices/virtual/input/input13
[ 3410.234799][T12040] input: syz0 as /devices/virtual/input/input14
[ 3410.482291][ T4451] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[ 3410.551916][T12042] pim6reg: entered allmulticast mode
[ 3410.711516][ T4451] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 3410.744701][ T4451] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3410.780920][ T4451] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 3410.799749][T12049] pim6reg: left allmulticast mode
[ 3410.820726][ T4451] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 3410.965071][ T4451] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3411.017556][ T4451] usb 3-1: config 0 descriptor??
[ 3411.044827][T12057] tc_dump_action: action bad kind
[ 3411.451537][ T4451] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[ 3411.489332][ T4451] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[ 3411.520344][ T4451] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[ 3411.542381][ T4451] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[ 3411.559933][ T4451] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[ 3411.579581][ T4451] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[ 3411.597142][ T4451] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[ 3411.612274][ T4451] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[ 3411.629852][ T4451] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[ 3411.660187][ T4451] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[ 3411.721931][ T4451] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[ 3411.782601][ T4451] usb 3-1: USB disconnect, device number 37
[ 3411.904364][T12064] fido_id[12064]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[ 3413.030091][T12102] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7669'.
[ 3413.065518][T12102] netlink: 8 bytes leftover after parsing attributes in process `syz.0.7669'.
[ 3413.968174][T12127] bridge1: entered promiscuous mode
[ 3414.026162][T12127] bridge1: entered allmulticast mode
[ 3414.130703][T12127] team0: Port device bridge1 added
[ 3414.180206][T12132] bridge0: port 4(team0) entered blocking state
[ 3414.189566][T12139] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7683'.
[ 3414.219618][T12132] bridge0: port 4(team0) entered disabled state
[ 3414.226762][T12139] netlink: 8 bytes leftover after parsing attributes in process `syz.1.7683'.
[ 3414.292059][T12132] team0: entered allmulticast mode
[ 3414.337180][T12132] team_slave_0: entered allmulticast mode
[ 3414.379633][T12132] team_slave_1: entered allmulticast mode
[ 3414.428710][T12132] team0: entered promiscuous mode
[ 3414.469483][T12132] team_slave_0: entered promiscuous mode
[ 3414.510564][T12132] team_slave_1: entered promiscuous mode
[ 3414.553820][T12132] bridge0: port 4(team0) entered blocking state
[ 3414.560166][T12132] bridge0: port 4(team0) entered forwarding state
[ 3415.301493][ T5828] Bluetooth: hci4: adv larger than maximum supported
[ 3415.467886][T12173] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7699'.
[ 3416.330598][ T5828] Bluetooth: hci4: adv larger than maximum supported
[ 3416.479750][T12201] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(5)
[ 3416.492941][T12201] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[ 3416.509393][T12201] vhci_hcd vhci_hcd.0: Device attached
[ 3416.812954][ T5204] usb 36-1: SetAddress Request (2) to port 0
[ 3416.819636][ T5204] usb 36-1: new SuperSpeed USB device number 2 using vhci_hcd
[ 3416.831616][T12202] vhci_hcd: connection closed
[ 3416.837084][ T8806] vhci_hcd vhci_hcd.1: stop threads
[ 3416.907508][ T8806] vhci_hcd vhci_hcd.1: release socket
[ 3416.939687][ T8806] vhci_hcd vhci_hcd.1: disconnect device
[ 3417.201918][   T30] kauditd_printk_skb: 57 callbacks suppressed
[ 3417.201935][   T30] audit: type=1326 audit(1775919391.117:29880): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12221 comm="syz.4.7719" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93f6c code=0x7ffc0000
[ 3417.358752][   T30] audit: type=1326 audit(1775919391.177:29881): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12221 comm="syz.4.7719" exe="/root/syz-executor" sig=0 arch=40000003 syscall=437 compat=1 ip=0xf7f93f6c code=0x7ffc0000
[ 3417.381050][   T30] audit: type=1326 audit(1775919391.187:29882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12221 comm="syz.4.7719" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93f6c code=0x7ffc0000
[ 3417.403313][   T30] audit: type=1326 audit(1775919391.187:29883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12221 comm="syz.4.7719" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7195cab code=0x7ffc0000
[ 3417.429623][   T30] audit: type=1326 audit(1775919391.187:29884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12221 comm="syz.4.7719" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93f6c code=0x7ffc0000
[ 3417.452673][   T30] audit: type=1326 audit(1775919391.187:29885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12221 comm="syz.4.7719" exe="/root/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7f93f6c code=0x7ffc0000
[ 3417.480013][   T30] audit: type=1326 audit(1775919391.187:29886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12221 comm="syz.4.7719" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93f6c code=0x7ffc0000
[ 3417.520562][T12229] pim6reg: entered allmulticast mode
[ 3417.592428][   T30] audit: type=1326 audit(1775919391.187:29887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12221 comm="syz.4.7719" exe="/root/syz-executor" sig=0 arch=40000003 syscall=14 compat=1 ip=0xf7f93f6c code=0x7ffc0000
[ 3417.672725][T12232] pim6reg: left allmulticast mode
[ 3417.822523][   T30] audit: type=1326 audit(1775919391.187:29888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12221 comm="syz.4.7719" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f93f6c code=0x7ffc0000
[ 3417.852367][   T30] audit: type=1326 audit(1775919391.187:29889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12221 comm="syz.4.7719" exe="/root/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf7f93f6c code=0x7ffc0000
[ 3418.370361][T12256] pim6reg: entered allmulticast mode
[ 3418.542084][T12263] pim6reg: left allmulticast mode
[ 3418.661955][ T4230] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[ 3418.825335][ T4230] usb 2-1: Using ep0 maxpacket: 16
[ 3418.851785][ T4230] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 3418.882274][ T4230] usb 2-1: config 0 has no interfaces?
[ 3418.890323][ T4230] usb 2-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[ 3418.907283][ T4230] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3418.915374][ T4230] usb 2-1: Product: syz
[ 3418.919905][ T4230] usb 2-1: Manufacturer: syz
[ 3418.924771][ T4230] usb 2-1: SerialNumber: syz
[ 3418.940597][ T4230] usb 2-1: config 0 descriptor??
[ 3419.034406][ T5900] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 3419.167236][ T4230] usb 2-1: USB disconnect, device number 62
[ 3419.242386][ T5900] usb 5-1: Using ep0 maxpacket: 8
[ 3419.252518][ T5900] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 3419.277471][ T5900] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 3419.315655][ T5900] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 3419.340607][ T5900] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 3419.370273][ T5900] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 3419.379718][ T5900] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3419.605811][ T5900] usb 5-1: GET_CAPABILITIES returned 0
[ 3419.611349][ T5900] usbtmc 5-1:16.0: can't read capabilities
[ 3419.909519][ T4451] usb 5-1: USB disconnect, device number 19
[ 3421.157473][T12343] pim6reg: entered allmulticast mode
[ 3421.639463][T12343] pim6reg: left allmulticast mode
[ 3421.952539][ T5204] usb 36-1: device descriptor read/8, error -110
[ 3422.343913][ T5204] usb usb36-port1: attempt power cycle
[ 3422.865053][T12400] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3772261014 (241424704896 ns) > initial count (133065151744 ns). Using initial count to start timer.
[ 3422.942938][ T5204] usb usb36-port1: unable to enumerate USB device
[ 3425.362281][ T5204] usb 1-1: new high-speed USB device number 66 using dummy_hcd
[ 3425.408661][T12472] syzkaller0: entered promiscuous mode
[ 3425.423167][T12472] syzkaller0: entered allmulticast mode
[ 3425.512375][ T5204] usb 1-1: Using ep0 maxpacket: 8
[ 3425.561786][ T5204] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 3425.592427][ T5204] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 3425.623998][ T5204] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 3425.655000][ T5204] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 3425.692275][ T5204] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 3425.712817][ T5204] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3425.955716][ T5204] usb 1-1: GET_CAPABILITIES returned 0
[ 3425.966156][ T5204] usbtmc 1-1:16.0: can't read capabilities
[ 3426.153764][ T4230] usb 1-1: USB disconnect, device number 66
[ 3426.706741][T12498] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7825'.
[ 3426.724665][T12498] netlink: 4 bytes leftover after parsing attributes in process `syz.4.7825'.
[ 3427.134281][ T4451] usb 5-1: new full-speed USB device number 20 using dummy_hcd
[ 3427.323856][ T4451] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[ 3427.362298][ T4451] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 3427.371351][ T4451] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3428.502291][ T5900] usb 4-1: new high-speed USB device number 40 using dummy_hcd
[ 3428.569995][T12535] ------------[ cut here ]------------
[ 3428.575599][T12535] memcpy: detected field-spanning write (size 32) of single field "&new->sel" at net/sched/cls_u32.c:855 (size 16)
[ 3428.587802][T12535] WARNING: net/sched/cls_u32.c:855 at u32_change+0x1da0/0x2720, CPU#0: syz.1.7840/12535
[ 3428.597692][T12535] Modules linked in:
[ 3428.601816][T12535] CPU: 0 UID: 0 PID: 12535 Comm: syz.1.7840 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 3428.613426][T12535] Tainted: [L]=SOFTLOCKUP
[ 3428.617793][T12535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 3428.627939][T12535] RIP: 0010:u32_change+0x1daf/0x2720
[ 3428.633292][T12535] Code: 3d 16 c3 42 06 01 75 33 e8 ae c5 0c f8 eb 50 e8 a7 c5 0c f8 48 8d 3d b0 f5 67 06 b9 10 00 00 00 4c 89 f6 48 c7 c2 c0 aa e1 8c <67> 48 0f b9 3a e9 af ee ff ff e8 82 c5 0c f8 eb 24 e8 7b c5 0c f8
[ 3428.653119][T12535] RSP: 0018:ffffc90003fc6f80 EFLAGS: 00010287
[ 3428.659220][T12535] RAX: ffffffff89b8f969 RBX: ffff88805a49a400 RCX: 0000000000000010
[ 3428.662478][ T5900] usb 4-1: Using ep0 maxpacket: 8
[ 3428.667237][T12535] RDX: ffffffff8ce1aac0 RSI: 0000000000000020 RDI: ffffffff9020ef20
[ 3428.667258][T12535] RBP: ffffc90003fc7138 R08: 0000000000000dc0 R09: 00000000ffffffff
[ 3428.689728][ T5900] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[ 3428.689759][ T5900] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[ 3428.689782][ T5900] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 3428.689805][ T5900] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 3428.689842][ T5900] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[ 3428.689864][ T5900] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3428.751287][T12535] R10: dffffc0000000000 R11: fffffbfff2023b57 R12: ffff88805a4998e8
[ 3428.759547][T12535] R13: 0000000000000001 R14: 0000000000000020 R15: 0000000000000001
[ 3428.767572][T12535] FS:  0000000000000000(0000) GS:ffff888125454000(0063) knlGS:00000000f541db40
[ 3428.777089][T12535] CS:  0010 DS: 002b ES: 002b CR0: 0000000080050033
[ 3428.784082][T12535] CR2: 000000002f61fff8 CR3: 0000000086dda000 CR4: 00000000003526f0
[ 3428.792090][T12535] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 3428.800120][T12535] DR3: 000000000000000e DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 3428.808144][T12535] Call Trace:
[ 3428.811448][T12535]  <TASK>
[ 3428.814461][T12535]  ? __pfx_u32_change+0x10/0x10
[ 3428.819344][T12535]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 3428.825075][T12535]  tc_new_tfilter+0xff8/0x1780
[ 3428.829990][T12535]  ? __pfx_tc_new_tfilter+0x10/0x10
[ 3428.835411][T12535]  ? __pfx_tc_new_tfilter+0x10/0x10
[ 3428.840626][T12535]  rtnetlink_rcv_msg+0x7d5/0xbe0
[ 3428.845685][T12535]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[ 3428.850808][T12535]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3428.856320][T12535]  ? ref_tracker_free+0x693/0x840
[ 3428.861370][T12535]  ? __copy_skb_header+0xa3/0x4a0
[ 3428.866464][T12535]  ? __pfx_ref_tracker_free+0x10/0x10
[ 3428.871850][T12535]  ? __skb_clone+0x63/0x7a0
[ 3428.876954][T12535]  netlink_rcv_skb+0x232/0x4b0
[ 3428.881739][T12535]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3428.887609][T12535]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 3428.892970][T12535]  ? netlink_deliver_tap+0x2e/0x1b0
[ 3428.898192][T12535]  netlink_unicast+0x80f/0x9b0
[ 3428.903060][T12535]  ? __pfx_netlink_unicast+0x10/0x10
[ 3428.908369][T12535]  ? netlink_sendmsg+0x650/0xb40
[ 3428.913502][T12535]  ? skb_put+0x11b/0x210
[ 3428.913721][ T5900] usb 4-1: GET_CAPABILITIES returned 0
[ 3428.917760][T12535]  netlink_sendmsg+0x813/0xb40
[ 3428.917796][T12535]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3428.930803][ T5900] usbtmc 4-1:16.0: can't read capabilities
[ 3428.933344][T12535]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 3428.933383][T12535]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 3428.949455][T12535]  ____sys_sendmsg+0x972/0x9f0
[ 3428.954274][T12535]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3428.959604][T12535]  ? futex_unqueue+0x22/0x240
[ 3428.964365][T12535]  ___sys_sendmsg+0x2a5/0x360
[ 3428.969064][T12535]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3428.974316][T12535]  ? __pfx___futex_wait+0x10/0x10
[ 3428.979966][T12535]  ? __fget_files+0x2a/0x420
[ 3428.985018][T12535]  ? __fget_files+0x3a0/0x420
[ 3428.989722][T12535]  __sys_sendmmsg+0x2e7/0x4e0
[ 3428.994611][T12535]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 3428.999842][T12535]  ? __pfx_do_futex+0x10/0x10
[ 3429.004589][T12535]  ? fd_install+0x94/0x3d0
[ 3429.009112][T12535]  ? __pfx___se_sys_futex_time32+0x10/0x10
[ 3429.015009][T12535]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 3429.020573][T12535]  __do_fast_syscall_32+0x20d/0x640
[ 3429.025850][T12535]  ? lockdep_hardirqs_on+0x7a/0x110
[ 3429.031062][T12535]  ? do_fast_syscall_32+0x33/0x70
[ 3429.036164][T12535]  ? irqentry_exit+0x10e/0x620
[ 3429.040941][T12535]  ? trace_irq_disable+0x3b/0x150
[ 3429.046039][T12535]  do_fast_syscall_32+0x33/0x70
[ 3429.050907][T12535]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 3429.057291][T12535] RIP: 0023:0xf702ef6c
[ 3429.061380][T12535] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 3429.081674][T12535] RSP: 002b:00000000f541d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[ 3429.090549][T12535] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000000
[ 3429.098607][T12535] RDX: 00000000000001f2 RSI: 0000000000000000 RDI: 0000000000000000
[ 3429.106607][T12535] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 3429.114624][T12535] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 3429.122628][T12535] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 3429.130645][T12535]  </TASK>
[ 3429.133728][T12535] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 3429.141013][T12535] CPU: 0 UID: 0 PID: 12535 Comm: syz.1.7840 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 3429.151951][T12535] Tainted: [L]=SOFTLOCKUP
[ 3429.156274][T12535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[ 3429.166331][T12535] Call Trace:
[ 3429.169616][T12535]  <TASK>
[ 3429.172549][T12535]  vpanic+0x56c/0xa60
[ 3429.176580][T12535]  ? __pfx__printk+0x10/0x10
[ 3429.181176][T12535]  ? __pfx_vpanic+0x10/0x10
[ 3429.185693][T12535]  ? is_bpf_text_address+0x292/0x2b0
[ 3429.190991][T12535]  ? is_bpf_text_address+0x26/0x2b0
[ 3429.196197][T12535]  panic+0xc5/0xd0
[ 3429.199918][T12535]  ? __pfx_panic+0x10/0x10
[ 3429.204340][T12535]  __warn+0x315/0x4f0
[ 3429.208318][T12535]  ? u32_change+0x1da0/0x2720
[ 3429.212992][T12535]  ? u32_change+0x1da0/0x2720
[ 3429.217659][T12535]  __report_bug+0x29a/0x540
[ 3429.222237][T12535]  ? ___sys_sendmsg+0x2a5/0x360
[ 3429.227105][T12535]  ? __sys_sendmmsg+0x2e7/0x4e0
[ 3429.231945][T12535]  ? __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 3429.237660][T12535]  ? u32_change+0x1da0/0x2720
[ 3429.242330][T12535]  ? __pfx___report_bug+0x10/0x10
[ 3429.247363][T12535]  report_bug_entry+0x19a/0x290
[ 3429.252210][T12535]  ? u32_change+0x1daf/0x2720
[ 3429.256881][T12535]  ? u32_change+0x1db4/0x2720
[ 3429.261552][T12535]  handle_bug+0xce/0x200
[ 3429.265795][T12535]  exc_invalid_op+0x1a/0x50
[ 3429.270297][T12535]  asm_exc_invalid_op+0x1a/0x20
[ 3429.275138][T12535] RIP: 0010:u32_change+0x1daf/0x2720
[ 3429.280417][T12535] Code: 3d 16 c3 42 06 01 75 33 e8 ae c5 0c f8 eb 50 e8 a7 c5 0c f8 48 8d 3d b0 f5 67 06 b9 10 00 00 00 4c 89 f6 48 c7 c2 c0 aa e1 8c <67> 48 0f b9 3a e9 af ee ff ff e8 82 c5 0c f8 eb 24 e8 7b c5 0c f8
[ 3429.300016][T12535] RSP: 0018:ffffc90003fc6f80 EFLAGS: 00010287
[ 3429.306077][T12535] RAX: ffffffff89b8f969 RBX: ffff88805a49a400 RCX: 0000000000000010
[ 3429.314038][T12535] RDX: ffffffff8ce1aac0 RSI: 0000000000000020 RDI: ffffffff9020ef20
[ 3429.322004][T12535] RBP: ffffc90003fc7138 R08: 0000000000000dc0 R09: 00000000ffffffff
[ 3429.329959][T12535] R10: dffffc0000000000 R11: fffffbfff2023b57 R12: ffff88805a4998e8
[ 3429.337921][T12535] R13: 0000000000000001 R14: 0000000000000020 R15: 0000000000000001
[ 3429.345883][T12535]  ? u32_change+0x1d99/0x2720
[ 3429.350569][T12535]  ? __pfx_u32_change+0x10/0x10
[ 3429.355412][T12535]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[ 3429.361063][T12535]  tc_new_tfilter+0xff8/0x1780
[ 3429.365842][T12535]  ? __pfx_tc_new_tfilter+0x10/0x10
[ 3429.371051][T12535]  ? __pfx_tc_new_tfilter+0x10/0x10
[ 3429.376241][T12535]  rtnetlink_rcv_msg+0x7d5/0xbe0
[ 3429.381176][T12535]  ? rtnetlink_rcv_msg+0x1b9/0xbe0
[ 3429.386276][T12535]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3429.391727][T12535]  ? ref_tracker_free+0x693/0x840
[ 3429.396741][T12535]  ? __copy_skb_header+0xa3/0x4a0
[ 3429.401766][T12535]  ? __pfx_ref_tracker_free+0x10/0x10
[ 3429.407127][T12535]  ? __skb_clone+0x63/0x7a0
[ 3429.411630][T12535]  netlink_rcv_skb+0x232/0x4b0
[ 3429.416391][T12535]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 3429.421852][T12535]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 3429.427141][T12535]  ? netlink_deliver_tap+0x2e/0x1b0
[ 3429.432344][T12535]  netlink_unicast+0x80f/0x9b0
[ 3429.437111][T12535]  ? __pfx_netlink_unicast+0x10/0x10
[ 3429.442390][T12535]  ? netlink_sendmsg+0x650/0xb40
[ 3429.447312][T12535]  ? skb_put+0x11b/0x210
[ 3429.451543][T12535]  netlink_sendmsg+0x813/0xb40
[ 3429.456302][T12535]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 3429.461578][T12535]  ? aa_sock_msg_perm+0xf1/0x1b0
[ 3429.466511][T12535]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[ 3429.471793][T12535]  ____sys_sendmsg+0x972/0x9f0
[ 3429.476554][T12535]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 3429.481831][T12535]  ? futex_unqueue+0x22/0x240
[ 3429.486500][T12535]  ___sys_sendmsg+0x2a5/0x360
[ 3429.491176][T12535]  ? __pfx____sys_sendmsg+0x10/0x10
[ 3429.496372][T12535]  ? __pfx___futex_wait+0x10/0x10
[ 3429.501429][T12535]  ? __fget_files+0x2a/0x420
[ 3429.506016][T12535]  ? __fget_files+0x3a0/0x420
[ 3429.510689][T12535]  __sys_sendmmsg+0x2e7/0x4e0
[ 3429.515365][T12535]  ? __pfx___sys_sendmmsg+0x10/0x10
[ 3429.520564][T12535]  ? __pfx_do_futex+0x10/0x10
[ 3429.525245][T12535]  ? fd_install+0x94/0x3d0
[ 3429.529657][T12535]  ? __pfx___se_sys_futex_time32+0x10/0x10
[ 3429.535478][T12535]  __ia32_compat_sys_sendmmsg+0xa2/0xc0
[ 3429.541018][T12535]  __do_fast_syscall_32+0x20d/0x640
[ 3429.546218][T12535]  ? lockdep_hardirqs_on+0x7a/0x110
[ 3429.551408][T12535]  ? do_fast_syscall_32+0x33/0x70
[ 3429.556432][T12535]  ? irqentry_exit+0x10e/0x620
[ 3429.561196][T12535]  ? trace_irq_disable+0x3b/0x150
[ 3429.566217][T12535]  do_fast_syscall_32+0x33/0x70
[ 3429.571070][T12535]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[ 3429.577388][T12535] RIP: 0023:0xf702ef6c
[ 3429.581447][T12535] Code: 90 85 d2 74 0a 89 ce 81 e6 ff 0f 00 00 89 32 85 c0 74 05 c1 e9 0c 89 08 31 c0 5e 5d c3 90 0f 1f 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 58 b8
[ 3429.601046][T12535] RSP: 002b:00000000f541d50c EFLAGS: 00000206 ORIG_RAX: 0000000000000159
[ 3429.609455][T12535] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000000
[ 3429.617531][T12535] RDX: 00000000000001f2 RSI: 0000000000000000 RDI: 0000000000000000
[ 3429.625512][T12535] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[ 3429.633477][T12535] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[ 3429.641434][T12535] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[ 3429.649401][T12535]  </TASK>
[ 3429.652720][T12535] Kernel Offset: disabled
[ 3429.657028][T12535] Rebooting in 86400 seconds..