last executing test programs:

6.318549956s ago: executing program 3 (id=2005):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r0, 0x84, 0x24, &(0x7f0000000300)={0x0, @in6={{0xa, 0x4e24, 0xffffff7d, @private1, 0x400}}}, &(0x7f0000000080)=0x84)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_DSTOPTS(r1, 0x29, 0x3b, &(0x7f0000000240)=ANY=[], 0x1b0)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x0, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x6, 0x41, 0x9, 0x0, 0xcec, 0x10000000, 0x1f7, 0x0, 0xfffffffe}, 0x0)
syz_usb_connect(0x0, 0x5f, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000b1f203401e0903003bd7010203010902"], 0x0)
r4 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC(r4, 0x0, 0xcc, &(0x7f0000000140)={@multicast2, @multicast1, 0x0, "aaa517d60f2811d48c8a2cc60c4380bc23b510d442ff13482864280a9c0f4eb5"}, 0x3c)
io_setup(0xffff, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000140)=ANY=[], 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="7400400000000104000000000000000002000000240001801400018008000100e000000208000200ac1414000c0002800500010000000000240002800c00028005000100000000001400018008000100e000000208000200e0000002080007400000000010000d8008000100000000000400038074b34de615e45e52bd1804cec4112e73262d75240a3d3af95b9d0b810aff75de373c2318e9dcb8068d11c42fd629df9f15474843988a06b23ba7158249edf2c59ffc6c160e295118951166074607de83f82b9501d5801f5c02a46dbaf7673e"], 0x74}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000004000800000", @ANYBLOB="feffffff00"/14, @ANYRES32, @ANYBLOB="0300"/13], 0x50)
keyctl$dh_compute(0x17, 0x0, &(0x7f00000000c0)=""/51, 0x33, 0x0)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000040)={0x191, 0x258, 0x1e0, 0x3f, 0x32, 0x1, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x4})
r6 = gettid()
r7 = syz_io_uring_setup(0x16ed, &(0x7f0000000500)={0x0, 0xfc48, 0xd4c9913329a97f1f, 0x0, 0x1e1}, &(0x7f0000000300)=<r8=>0x0, &(0x7f0000000340)=<r9=>0x0)
syz_io_uring_submit(r8, r9, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r7})
io_uring_enter(r7, 0x1, 0x2, 0x1, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r6}, &(0x7f0000bbdffc))

5.3207908s ago: executing program 2 (id=2013):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000001c0)={0x2, &(0x7f0000000040)=[{0x20, 0x1, 0x0, 0x4}, {0x6, 0x5, 0x0, 0x5}]}, 0x10)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xc, &(0x7f0000000240)=@assoc_value={<r3=>0x0}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000200)={r3, 0xfa}, &(0x7f0000000040)=0x8) (async)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000000)={r3, 0x0, 0xfff3}, &(0x7f0000000080)=0x8)

5.258405097s ago: executing program 4 (id=2015):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x94, r1, 0x205, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x52, 0xe, {{{}, {}, @device_b, @broadcast, @from_mac=@device_b}, 0x0, @default, 0x5d7f, @void, @val, @val={0x3, 0x1, 0xb8}, @void, @void, @void, @void, @val={0x2a, 0x1, {0x0, 0x1}}, @val={0x3c, 0x4, {0x1, 0x3, 0xa, 0x1}}, @val={0x2d, 0x1a, {0x10, 0x1, 0x6, 0x0, {0x9, 0xc9, 0x0, 0x7, 0x0, 0x1, 0x0, 0x2, 0x1}, 0x8, 0xb, 0x4}}, @void, @void, @void}}, @NL80211_ATTR_IE_ASSOC_RESP={0x23, 0x80, [@ht={0x2d, 0x1a, {0x231a, 0x3, 0x1, 0x0, {0x101, 0xa, 0x0, 0x90, 0x0, 0x0, 0x1, 0x1, 0x1}, 0x1, 0x4f3b, 0x5}}, @sec_chan_ofs={0x3e, 0x1, 0x2}]}]]}, 0x94}}, 0x0)

5.144386118s ago: executing program 2 (id=2017):
syz_mount_image$fuse(0x0, 0x0, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='fd=\r'], 0x0, 0x0, 0x0)
syz_usb_connect(0x0, 0x36, &(0x7f0000000580)=ANY=[@ANYBLOB="120100004c87c810cd0615011e1a0102030109022407000000000009040000026048fe0009050b000000000000090503"], 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = socket$pptp(0x18, 0x1, 0x2)
sendmmsg$sock(r2, &(0x7f0000001540)=[{{0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000040)="6a304789fad3e244ab6be7c73cfec901b68d810f260e434c94da8b4a18edbadad7ddd32046fe13a57b447e9640554e245131a8521e2f88b0", 0x38}, {&(0x7f0000000100)="7b53ae14", 0x4}, {&(0x7f0000000180)="d46094f283b64f28d55e889e87c776ed5ff688744908f44033e2d30840b2cd0cb9e57b7aeaccadc28f4586dfdb58bc9554676024ed569651e878f5b6f4db1cda71102a3db0465c7b89333bf3d11dae5695dda1b192be47e421313339e47149f21756ac10884e988188461adbdb12f217df563b9005d53f1bfeef5d0b56d2e5dcdae34b3de9fca9292a15f2a47749d8e3d91ff9edce488f74e22a75df5f387e13d2e40a5d9adb8a00fa2ea28909891eff864766738aa5000f1bcbceab4d410f535e5fa3c1ff494d70112f7cb2cc0f2db04f60f11a977cf682f8c44ae829", 0xdd}], 0x3, &(0x7f00000003c0)=[@txtime={{0x18, 0x1, 0x3d, 0xffffffffffffffff}}, @txtime={{0x18, 0x1, 0x3d, 0x1ea}}], 0x30}}, {{0x0, 0x0, &(0x7f0000001440)=[{&(0x7f0000000400)="6a0e230daf3de004080e142e831641ecb4f375ee8a4c", 0x16}, {&(0x7f0000000440)="f37f4bef9ed6bdf6c2a3a37e1785ca430e81af0188d41d10854e503c3de31da57614b99a113b1ec3b7a39fd11fd404a60ec8136033dcae4df13269ee2d78d48ed5ae7ad61c475ae6dbc6b46b11280521eb50d31bfc85d16f079cc7629771658497d82dcdb570de09a0db730245a944987d51e1215bf1b1fbb50fee53a991fcdc26bc38ee47c82329aa40449869399b5caa52415551d75e3a1a73f7d7561fcdefab515b05950099d267d8b0764736c580bbee9127d1f38dca2cd89ebe478633ad3f05e77bafb93a55451ee90f5b3db4a2bf17b7d73c7dd04be032d68304fd9e011a5892c88014fb8cf09e7644b89a31be5bd15da2e4e06275b96069bdeb64e0e30da7aaec0b2ada7a8343bc829be08b327c23c7d5e972b901a12d8b6aba164eccf99c03bf2897176aa45fda9a542a9df77d54e7dae10f4fc33efc223611752328f83f70667f62655e217437e442dc8d0f46b283db6b0fca1135039c13f4b0b0cc97d9b0caa470cfd96348d0a9369fb11751a49212492f5aabb7636bb88924859c5513a6488180de079206f766485f86d8f8012e481985786a8625ca78d45c0ab90a01e81ff603691d82ff94290b90033f389d68b2b2a588e86ae961f7902312d872d2cee76261f9630a48d68d1c52dd05931ce0cbc6eca336fe6f49fe0100b5fe7ba2f1d7d0294b19db551500f9e35cd67f2d2a76d3ddafd617f199a5e642a3bbdc5a58a409586b0776c97b348c96b122f260050a8fcc2924c8f454ecff4dad9a602c7328c6030935f7242550b5a240f7cfddfcf0be9f1d7a518c2046ac2a85c02dc5c9634ff77a5de74cab5f16157d323d26c386a76b1758d410fe83493dee808f92a122b229058cb4d982b499bef4be4e47db389ec2805428b3840d8c5345282b0b3ea34e67f2114f57348b8d8dcb93646874da2530cdd039fbf525df1dee5b8673d84b8f736c53303a91dba0d97df60ade1de4a5c87271b949622c9a70149b17666a1d2291af29c3deeba6a0d5bc902a54f429d9135caf73f89b7f1e182e03c1cb0b2894ea164d774307b2389c5c6051bcf742ae2f64668cd22c6c1fc6d20727db33bf766cb016afc767e0dbacc25ea96e822998962297df1488c2bbbf44f128dadbb5c4ca216f43b203b02ab3f06cb21804afa5974fea68cea72a4d53a45a4f61a57d04b92c0e18c8d1d8e1dee8e1928b68ae43b26d34be500a96c4f7f88adae713cfb082e69a9b90929964d4706aa456688b946b2aa7b940443ccbe78aed5b510603d0b62c25b4034ed8372a4ac27c13e61fb39d2b310d718d4500b1b6c4d3d4cef33c8a8eef4471df38016c2c340e0a4e435a5a84a257cd4e858c50a515cfbaa9c15575a2d5b98af398cb4b87663fa979b44d7c3c678c2f9675cb267111a3d19c75a9b81beeb56a5fe3dea5f02604ef1424ad0c549c7241bbdb0e4355676139dcee45184ce76521fc37fc23050ba5908de565ff541a0010bef803ed8535317756e48b91fa2ddfb6a1a41498c4d80e09a6a2a2670020de8cb105b0dfb26c0ea3efd4d9f0b02a3f7dcea00daa2a238879d8795ab39043ffb26db81a8499c53beb2f7107aeb9e3fd3985962d751aebebe0f1a29bdaa6af8ff07c92e7116fd097177e2e8f9da122cbdf90f9df0bdf59cb5841c5a3ed307db2d44afa02bdea7887467636172dfb127db8d1a45b7de3f3ea975b765f53e262ff42f52875efedbbc7b02c016d60e6397bd982e743800ff45dabf34783d5caca893d977fec1174b3727e4dc71b408e8bbfc1ba240297bad67917abc2a5768855e9ab903f00cd007799dc3aa4971a6085d7041d5cb58c3960467e1d81b6b8890630c74d96a810be1d710fadaf76152818f8ecb65fcdbf7db08925a02ff8e7406d257b35c0bd439c86a419313a8db8b47864e63eeaa10d3f032906e59e043e573dfd6beaee67e0b152ffbb394ee50aca3f0a67924964dde34334bd14c8082a4699f785fc4055726742c6c795b56dbd4aea6292a1a646d87d21e89bc723c5df8809f0730ade4d83652ebb71d5457ecffc494683ad2bd9eb9f7d03eff5bae88461b962884f959b5408bddafe660cf845ee7ef392dc59fde65a91112f3bc06d9708a079bf164dcfce6e6b4564afc3fdaffb7eced716cfaa36d3f0c7589e006547719bfd4d06bad5b95b8dab480be84d3465cdc6c8e491ac2d020e82e82095fe1cbcb8532589aaad5ba2091aef4072f6588d4390246019e13077fec7ebc3fb2cb37cb5478f6182853fd02181269a4ae713d5f6d8855f1465ad6aa076b83ddf47e25527ba20c24d2df774a13d05f42bb65025bc5ef9a3e7126dec56e28ca19e4e3925ca4fc95f9636ea1314ba8aa2a05a0257254f982a11d91a4a754c6c6a381d6edd297714985286f8448cc4d870a014760ac787bf14188878a7eda893ea30f90f12fcfbb33bc8b072b1da683361fc68a1675ef2e81e7d0bb540f49ecca002e69ff57d6f7024c46b6cb6f1a9905ecb5e0ebad47f0ab9f658ae2739c3862952b12e2dad5319d2198c94af5b373e8eb52d6059ef54cef16238b9ac462506bf6a3b2f96650fbbf15a8099e9c9bfaee98ef6e4553792d50dcd2abd4fffb40e37c348c023168128a34c2a56e3e97d14b2df3bba3f3c7601b464193f154a392ce940c07069bfa268c45fe16625037db05cd5f9a8672c2bd77c77d96658ba205a87abe340575684ab904bf8d18a5e66903c18b377521eb706292c55b49a9d3a5bba9b879b707da08458e75475a0ef8e7ea7f7f1d1e6420fb6fe3a5fc6fc6d92aa7674de6bb3073371ad7bf83acaa6a9e1e2cf3bc34e1d638efca0a694b6e5987dfb6926ae3a5fe4ee2874ef72f806bb34820dbf308a571010176a9de98d9f8d70b324aae617ab4789e80779bedde3aa98cca822ae7874300145ab042c12b24a2cf8763a8f19bc78a4638cb6407787448b12b8b02aae8af7ec15ee40da2afaf9fa6f5625fe84cff7a822dc9b9928946363d13473433ff2ee97f74d83fd46ab411b151727ad563c897dbc891d74cdc09344143674263d2f8887f9708de375a7ec9e465bf1b660bb51b5822ad27c7072aa60cd7e037183e87ae5c5727b6fcf51492a8b68cb302c99ae1988af6c26d61bc4d5a6a1af5d914802ff99be95be1616a7cc5eefd946f9a062d1032b32d468397387d62cc504281101d658c0e9e490ad334a7f3109618e9ee7c324338ab9a971703b1d566c7ed48af70f00018f3ae84472256c9f7b9d5a016ba8629d63e1765277fd11c89ab4ae9e6a5ca1707f21ac857794c9c5b734aa73276cc9f61eb6067ae6ac286018a2ee0ba497216e42f6341553e58df958a5a81dfa1cb1815bf7ccd38b57c6ce65e0d204d9b09e7a8bc3d3eb1b8cb68363a1f1920bc1b084e233597ee9d0d14377809dab0a7ae0f443cabaf2c752ae50660b8b4deb79e17a0a76ad3456d62c3d4046edf2905f82ace7217b2480e124153e278804101d32efc85f584d66fb09c6230b6ca39b627ea1ef81710f48ad156612181c34b0c75f7a24bac294c704a1589741722578de49dd928a8f8894fa32b96c1c5aadbd912251917343f73d6f6333a85b8045a410f079e82556e3cc2ad6a4f1dcfb750e50f65476302976c21a1d5e7162df69b76ae2c1645f4f09fcee71f0344dbce11018d79aaa4ac855665a64048906520e01240c6f8bd49c9ff7e2164f0f5301d3facd0b10e03afdf049d6f24d2ae2fdb82d12864e6be89659443e7b70b47c8b1a8ec1b7183968a67e84e735d831db152294516cb5b0f4e5a4aae1470bd2913d154f6e079634ba51fe7eda0b5f7b1495833a006821553471a62fc52c523cc415e49bb23b1d460fb6df88521698597e19779b076bb5ed0e0a9a697b1330747947f52157ec9b15bc4204535de48a8d4f47a4bbaa38ed5e9a62ae320e60930ef8fcc4dafa091b5902fc39e96178362bf005d49283039ec061c58c21c8d82e64d5f42e5f2dc05ca0be401bb873cb85028325fe75a80f8b138d46d1432009f7a46b03413bbb951596cc99c390d21b37f45d5fbeb869d8c17f3bf7fca0e68b6d6517a43ad12558972934450cdb143882cde3ddf9e2fbcf9a4bc97f7016b6756eea84e4696190afe930e13b0e5755071625621bf5763032373ae5ee1e134eadec0ddb4f3d8e5d478b6cb76fcc50d34160adc09de2ac70dc498d69d0a5e30bd363042332909feb82c3182108fcfef59391330fc9ef953a2dc7e01afbd16c3ed5793a4a1125384c8c4ee8468cf36a3abe8bb111245270014b3066d0af095702ae4a95199d321e9d2542630bceb8845f4ba0d9fbeb8d245da7f03dd5267d1b0e76b75db3f416f2c473cbfe18ae2c882b8ffb3ad0799091ddceafde11ce89c8cedadd9e1fb7d5c5d4223346d5210ed5e578a13817907b208498279f25552dbdc38c88544e0a1d4fdaba6934c233346b031a33c8e55d494bc29f40bc80181236b2b9295fc958ec49d84f46ca7440428a3314e7d1caee9bd3445114497feb37fcc9453b64e1442c0e4ecbdc81033a5478775236f25fea51629bcdd360085766ae662251b3af9398b0b881bd848a59197bd659fe4502dc60a22639edacaf7b4c3b7965480ebe2958b14c53662f879880b9a1160655506da576a5023c43ceeb37d5b246911cef2773c0779880eab7cf2de36261295f2b9cd73386bf7a77d4b1fd7eb1b28765efe086405f7aeefff4b4afd031a7d035762a901d5d7a60da09b217a79b5c047481c69ae77e79e46c201622e6ac58672de5c47380fec281cda984541c3678879935dc6a76299ff2299c5f3f8e36f9b87859229da153797acafa4e54fd44327e08bd14bc770b1e40fffd9bd1850238bcac84c7cd94586463d311468362942ab952d40c29566859e8e0e2427b0a17003999c39ffc96e60f4a1878ffdb3b03e5b84d979abc77ba32f607a514327be6e9f03491a875937f53cc8704fa6fd0f1454483296c3ef0521069cfe7bdd2a2428f8aab2ab4a088e3848d4b1da6abce668d24e2a48dfb02be306ef3b29a3b0a1712f351b9d2d4e49dc126eaba5db339b7c6664c92bc3cc2b549d89c7fd1aff21243e6962edf75c06d275b08fbc620eea5abe11b479b63ddaaac63a767fd1d5266270e1699d4379b33aedfb51c296e2594f7ee81ca18e211a540258c9c6209b468d6518285c200c81e1addc750197a4d05ed566b6c6f1462141f77937926d6808c3f6d4f824ea59946bbfc52ce8664a05fe0d6db645a8da2b78caa39f4201c68db3563d0e34f2dadef90f80d360f003f979f5487a3e1efd75050440d4bad6bdf5537ae9eaae1e57e16fbef7620b84be5351049b98d7ef24ee3c51d41c74685a3e4d9160e71c53f82426659e9ba1fba9ce77ef36cef56c2ee54c0059186721e23209d8084ccf5ef97d09190764b1949a22d68c6a3e551828c655b46b143d4d98a93b60b6929f25f62fca3f58718cc0c29585a52a5c08690c214d456e3a17b7fc104ac003188ec1208dfe6ef32929fd2cf98f844fe3d0d95ae34b3989784490dd187be571a1da14c68d01fb7fa3e99e0bb67ef3b41630b0360420c1ad17cffe9abf5d523cd96fd8d72dc75fa804590ce72dd90b4ee161c3524122a271c68f06d11f9c70dbc9fd8da8b65385a54bd483d52e062cf98ad4dc6564de2b9946c759e36384f17aeaa40824250cb1b3e5ba0aaaf12d4406cb26658f19c57fbec11f23d4d1df2bcce815b134bb246992f884aa919cd9d2bea1b9a1ca8dc2a473c2c362ad19c2117b70bececa9fe9ed87e9062ae2209d9ea171e886caacac699368b7d95", 0x1000}], 0x2, &(0x7f0000001480)=[@timestamping={{0x14, 0x1, 0x25, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x4}}, @mark={{0x14, 0x1, 0x24, 0x6}}, @mark={{0x14, 0x1, 0x24, 0x1}}, @timestamping={{0x14, 0x1, 0x25, 0x5}}, @timestamping={{0x14, 0x1, 0x25, 0x9}}], 0x90}}], 0x2, 0x10)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_HYPERV_SYNIC2(r3, 0x4068aea3, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f00000002c0)={[0x8aba, 0x4, 0x4, 0x804, 0x7, 0xf, 0x120000, 0xff, 0x0, 0x8, 0x8000000000000001, 0x2, 0x0, 0x101, 0x6, 0x1], 0x8000000, 0x141200})
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x10, 0x2, 0xb6, '\x00', 0x2})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
openat(0xffffffffffffffff, &(0x7f00000015c0)='./file0\x00', 0x2, 0x11)

5.045008955s ago: executing program 4 (id=2018):
r0 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100))
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000200), 0xa2442, 0x0)
set_mempolicy(0x4005, &(0x7f0000000080)=0x3, 0x2) (async)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r2, 0x107, 0xd, &(0x7f0000000000)=@req3={0x410000, 0x100000001, 0x210000, 0x1, 0xb}, 0x1c) (async)
r3 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
write$dsp(r1, &(0x7f00000004c0)='\x00', 0x1) (async)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x42102, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r6, 0x4008ae9c, &(0x7f0000000740)={0x8, 0x1})
r7 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2) (async)
r8 = socket$nl_route(0x10, 0x3, 0x0) (async)
r9 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r9, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r10=>0x0})
sendmsg$nl_route(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@ipv4_newaddr={0x30, 0x14, 0x509, 0x0, 0x25dfdbfd, {0x2, 0x0, 0x0, 0xfe, r10}, [@IFA_LOCAL={0x8, 0x2, @multicast2}, @IFA_FLAGS={0x8, 0x8, 0x612}, @IFA_ADDRESS={0x8, 0x1, @remote}]}, 0x30}}, 0x0)
ioctl$KVM_SET_MSRS(r7, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYRES16=r10, @ANYRESDEC=r3, @ANYRES32=r5, @ANYRES16=r9]) (async)
ioctl$SNDRV_PCM_IOCTL_SW_PARAMS(r3, 0xc0884113, &(0x7f0000000240)={0x1, 0x2000002, 0x0, 0x80000000008, 0x8000000000000000, 0x0, 0xfffdfffffffffffd, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffd, 0x2}) (async)
lstat(&(0x7f0000000b40)='./file0\x00', 0x0) (async)
ioctl$SNDCTL_DSP_SYNC(r1, 0x5001, 0x0) (async)
r11 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_TTSTAMP(r3, 0x40044103, &(0x7f0000000000)=0x7f0) (async)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r11, 0x40045532, &(0x7f0000000100)) (async)
r12 = syz_open_dev$sndpcmp(&(0x7f0000001200), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_REWIND(r12, 0x40084146, &(0x7f00000003c0)=0x2)

4.703673249s ago: executing program 4 (id=2019):
r0 = syz_open_dev$sndctrl(&(0x7f0000000600), 0x2, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x8, 0x0, 0x0, 0x1000000000000b4c, 0x8, 0x8, 0x0, 0x3}, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
r3 = syz_open_procfs(0x0, &(0x7f0000000140)='fdinfo/4\x00')
ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4020}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2000c005}, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0x40086602, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r4, 0x0, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x24040084)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
sendmsg$NL80211_CMD_REGISTER_BEACONS(r6, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="f212bb5cf13c04fab07f39b010b84fcdb188065b8fcbcfe4", @ANYRES16=r8, @ANYBLOB="00082abd7000fedbdf2555"], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x40081)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r0, 0x80045530, &(0x7f0000002480)=""/4110)

3.740963594s ago: executing program 0 (id=2021):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'wlan0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000380)=ANY=[@ANYBLOB="8400000010000305000000040000000000000000", @ANYRES32=0x0, @ANYBLOB="1546010000000000540012800c0001006d6163766c616e0044000280060002000100000008000100010000000800030003000000080007000500000008000100100000000600020001ffef00100009800a000400aaaaaaaaaa2e000008000500", @ANYRES32=r1], 0x84}}, 0x20008040)

3.350818111s ago: executing program 0 (id=2022):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0xa0, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x78, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x40, 0x1, 0x0, 0x1, @bitwise={{0x8848}, @val={0x30, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_DATA={0xc, 0x7, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '\x00\x00'}]}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x3}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x114}}, 0x0) (fail_nth: 2)

3.177052743s ago: executing program 2 (id=2023):
syz_usb_connect(0x5, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf"], 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="70000000140009050000000000000000020100ff", @ANYRES32, @ANYBLOB], 0x70}}, 0x0)
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x40, 0x0)
ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000040)=""/95)

3.173741946s ago: executing program 3 (id=2024):
ioctl$VIDIOC_S_OUTPUT(0xffffffffffffffff, 0xc004562f, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r2, @ANYBLOB='\b\x00'], 0x3c}, 0x1, 0x0, 0x0, 0x7000000}, 0x0)

2.76602713s ago: executing program 0 (id=2025):
mkdir(&(0x7f00000022c0)='./file0\x00', 0x5)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000df000000bfa300000000000007030000f0ffffff720af0fff8ffffff71a4f0ff000000005d040200000000001d400500000000004704000001ed000062030000000000003f440000000000007a0a00fe00ffffffd704000020000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a1074649c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c0dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6acdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fed000000007baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca485683252b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a0032f37ff559be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x882c, &(0x7f0000000740)=ANY=[], 0x6, 0x0, 0x0)

2.656823888s ago: executing program 3 (id=2026):
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000ac0), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r1, 0xc0285700, &(0x7f0000000b00)={0x4, "abacd211119ca94c63377526aeb5ab2c7b9ca5fa07558139ede6dc06270ee042"})
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000f40)={0x101, "7bb9595931028deda525e19bdeffafde2500f6d15c9e31df9454310ad7c18e65"})
dup(r0)
socket$inet6_tcp(0xa, 0x1, 0x0)
pipe(&(0x7f00000001c0))
socket$nl_rdma(0x10, 0x3, 0x14)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/dev_mcast\x00')
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000009a40)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000040900010073797a30000000002c000000030a01080000000000000000010000000900030073797a32000000000900010073797a300000000250000000060a010400000000000000000100000008000b40000000000900010073797a30000000002800048024000180090001006d6574610000000014000280080001400000001208000240000000", @ANYRES16=r2], 0xc4}}, 0x0)

2.486754425s ago: executing program 0 (id=2027):
socket$nl_generic(0x10, 0x3, 0x10)
epoll_create1(0x0)
socket$xdp(0x2c, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
pipe(&(0x7f0000000100))
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB="6000000010000304f500"/20, @ANYRES32=0x0, @ANYBLOB="ef050000000000003000128009000100766c616e00000000200002800c0002000a0000001f00000006000100000000000600050088a8000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x60}, 0x1, 0x0, 0x0, 0x4004014}, 0x4000000)

2.288362559s ago: executing program 1 (id=2029):
socket(0x10, 0x80002, 0x0)
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB="400000006800010000000000000000000a00000000000000060007000800000008000500", @ANYRES32, @ANYBLOB="180008"], 0x40}}, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000080)={<r2=>0xffffffffffffffff}, 0x13f, 0x3}}, 0x20)
write$RDMA_USER_CM_CMD_DESTROY_ID(r1, &(0x7f0000000140)={0x1, 0x10, 0xfa00, {&(0x7f0000000040), r2}}, 0x18)
socket$can_raw(0x1d, 0x3, 0x1)
open(&(0x7f0000000140)='./file0\x00', 0x2a481, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f0000000300)=@abs, 0x6e)
socket$nl_audit(0x10, 0x3, 0x9)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r6, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x60240)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r7, 0xc0a85320, &(0x7f0000000180)={{0x80}, 'port0\x00', 0x7e, 0xa1c07, 0x6, 0xb97, 0x100000})
r8 = epoll_create(0x101)
epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r7, &(0x7f0000000080)={0x40000014})
r9 = syz_open_dev$video(&(0x7f0000000000), 0x7, 0x0)
ioctl$VIDIOC_S_PARM(r9, 0xc0cc5616, &(0x7f00000000c0)={0x9, @output={0x0, 0x0, {0x6, 0x9}, 0x6, 0xed5c}})
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000140), 0x8417f, 0x0)
socket$inet(0x2, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})

2.265153632s ago: executing program 4 (id=2030):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000160a03400000000000000000010000000900010073797a3000000000400000001c0a07000000000000000000010000000900010073797a3000000000090002"], 0xc0}}, 0x0)

2.197515776s ago: executing program 3 (id=2031):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r1, &(0x7f0000000240)={0x0, 0xffffff3d, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB="1c00000002030300000000000000000001000000080001002200001f"], 0x1c}, 0x1, 0x0, 0x0, 0x400c010}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)={0x1c, 0x2, 0x3, 0x3, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f00000000c0)=ANY=[@ANYBLOB="20000000010301080000000000000000000000000c0002"], 0x20}}, 0x48001)

2.053978778s ago: executing program 3 (id=2032):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wg0\x00', <r2=>0x0})
sendto$packet(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000240)={0x6, 0x0, r2, 0x1, 0x0, 0x6, @random="4a99fee2a74d"}, 0x14)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r3, &(0x7f00000001c0)={0x500, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYRES8=r2], 0x50}}, 0x0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000100)=[{0x28, 0x8, 0x0, 0xfffff034}, {0x80000006, 0x0, 0x9, 0x3ff}]}, 0x10)
r4 = socket$inet6(0xa, 0x800000000000002, 0x0)
sendto$inet6(r4, 0x0, 0x0, 0x0, &(0x7f0000000400)={0xa, 0x4e23, 0x0, @mcast2}, 0x1c)
r5 = syz_io_uring_setup(0x5c2, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x3, 0x3d9}, &(0x7f0000000240)=<r6=>0x0, &(0x7f0000000340)=<r7=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r6, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r6, r7, &(0x7f00000004c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x38, 0x3, r5, 0x0, 0x0, 0x0, 0x1, 0x1, {0x3}})
io_uring_enter(r5, 0x6e2, 0x3900, 0x1, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
r8 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x10100, 0x3, 0x17d}, &(0x7f0000000100)=<r9=>0x0, &(0x7f00000007c0)=<r10=>0x0)
r11 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x2)
r12 = epoll_create(0x2)
epoll_ctl$EPOLL_CTL_ADD(r12, 0x1, r11, &(0x7f0000000040)={0x1000000d})
syz_io_uring_submit(r9, r10, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x3, &(0x7f0000000440)=[{&(0x7f0000000580)="1a", 0x1}], 0x1})
io_uring_enter(r8, 0x4d10, 0x2, 0x2, 0x0, 0x0)
capset(&(0x7f0000000140)={0x20071026}, &(0x7f0000000180)={0x0, 0x7, 0x2, 0x9, 0x81, 0xc})
r13 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x0)
fcntl$setlease(r13, 0x400, 0x1)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0x3e)
r14 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
fsconfig$FSCONFIG_SET_PATH(r14, 0x3, &(0x7f00000005c0)='\x00', &(0x7f0000000600)='./file0\x00', 0xffffffffffffffff)
close_range(r13, 0xffffffffffffffff, 0x0)
ioctl$BTRFS_IOC_QGROUP_ASSIGN(r8, 0x40189429, &(0x7f0000000040)={0x1, 0x0, 0x10})
openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0), 0x10800, 0x0)

1.962677852s ago: executing program 4 (id=2033):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b40)=@mangle={'mangle\x00', 0x10, 0x6, 0x740, 0x328, 0x580, 0x580, 0xd0, 0x328, 0x670, 0x670, 0x670, 0x670, 0x670, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0, 0x0, {0x7a00000000000000}}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}, {{@uncond, 0x0, 0x230, 0x258, 0x0, {}, [@common=@inet=@hashlimit3={{0x158}, {'veth1_to_batadv\x00', {0x8, 0x5, 0x3c, 0x97, 0x6, 0x401, 0x4, 0x120e, 0x18, 0x40}, {0x5}}}, @common=@srh={{0x30}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0xfff7, 0x4}}}, {{@uncond, 0x0, 0xd0, 0x118, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @DNPT={0x48, 'DNPT\x00', 0x0, {@ipv6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @ipv6=@mcast1}}}, {{@ipv6={@private0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [], [], 'veth1\x00', 'ip6gretap0\x00', {}, {}, 0x0, 0x2}, 0x0, 0xf8, 0x140, 0x0, {}, [@inet=@rpfilter={{0x28}, {0x2}}, @inet=@rpfilter={{0x28}, {0x1}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@local, @ipv4=@multicast1}}}, {{@ipv6={@mcast1, @mcast2, [], [0x0, 0x1000000], 'wg1\x00', 'vxcan1\x00', {0xff}, {}, 0x2c}, 0x0, 0xa8, 0xf0}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@mcast2, @ipv6=@local}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x7a0)

1.901063905s ago: executing program 0 (id=2034):
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000140)={'ip_vti0\x00', &(0x7f0000000040)={'erspan0\x00', 0x0, 0x700, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x22, 0x14, 0x0, 0x0, 0x0, 0x4, 0x0, @rand_addr, @multicast1}}}})
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0)
r1 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0x5ba8, 0xfffffffffffffffd)
keyctl$read(0xb, r1, &(0x7f0000000240)=""/112, 0x349b7f55)
syz_usb_connect(0x5, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000c4b20710200e01015a7a0102030109021b00010000000009040000012e6d0a150905ff27", @ANYRESOCT=0x0], 0x0)

1.74761628s ago: executing program 4 (id=2035):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_FILTER(r0, 0x6b, 0x1, &(0x7f0000000180)=[{0x2, 0x1, {0x2, 0xf0, 0x2}, {0x2, 0xff, 0x4}, 0xff}], 0x41)
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f0000000140)={0x4000000})
ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f0000000040)={0x4000000})
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000080)={0x8, {"70ca253e230ef7cea884834d6c465f42def02f94c45b1f01cfd13fd2861758c6a3f127481e685c30df940fabe7e21f351b0c7c1b8de44552a95e7bc2997931185cdd971d5e6eb64794c87e1fec87a1a270a7bbbab5be8c0815954251fc2e177c022a16298decd4a2566ade604f962c561b894cdd8c8cf2a10c9da36d16647cdcbf6e575406baf4b5730e3e7e57622384fb84a0e9cd2b8ad525a43aebfbccad8e0e39512d2daeafc434c2f2234c59fa4ddb14477949df126432e20d94eac5ea6b880dbb7862010f40482da409cef850a503d0d8eba1d9b0de9c4fe0c1aa8af96afa487c89608b76c9791ae6bd00939d567acb5b11d54398aa649c9f60131e2ce92df810af5dd279c14f70a97c4735249817a2bf26af0fb9befc6be91ee11e10efaeb20bf2e58e4698b820bc7493d7cb4cd9a67b4517c589ef0bbd2f0deb3f8df2701a65c9cffa95e9d91fec02ad09a5822c683e346bc75160941a0e85ddf2485ee64ac7320e72767a0ed3a0788435f6a137773a9327450b780de47ad36a45a2431f4cec1ba7a1c63676f21456878798e8881ac7d692c182893bbb158790c8b30ae773a4c487bd6c5248d0ac861160f114f2fb0bf313f3eed9040d7ddbca03d2fcf6450b658209e4976ce602d5e976de5b17550fdd711206c667e644e5c58732549a1d9ea03ef6a4b96b9342851bbd4d9d31965ff1a5c96ff57f2af85b15519b08641eb6c3451167a28954ab9c713ce8c9890165717d52ef0557dd5c79d861deb2c66fb1a40b4f4c850970a74b5154b1120222a0b5bf5a1935623cb37042a9e98026b8800c53a187a532d759187da97f679e9525d79db3d253ab8622bca7357d164c51a762426296f9e518687bcc3d34264e16de8c8e2d74454c4ea5278fdcfc9a935fc059fb8476eb0c1d8f61b58a7bbe509b687a00ecf37095f2b4aed0b9a0f4c61f38254448081651bada010e316a23b1a22e598314c581e88a21a8b428ddf33e082499e0e8964543e36ecc72f759ee86432298f175aaf1350f54193965539dca6eaa159765c87ad5a6649b47e80b2dd93b076cccc9cbc95da67f3d52c94c5cd683c38c9f548da3b8714d44b5109f761dab9800a258759a8597e995615ba771d74479c8728d933733fbe62a722807e1839f5a537ebb2ee9d5e93252d64abfab5a7eac00413623924f48f9b304df00634b82c95650eb4bec42d1386c37a993ad5fae4483a9177421c454026af1ccce94b80b785671fc209264ce374a9add2ce2d95a08c31ad5c62d6608c338ff5a28d5400ea4d71f847381a83c2a7ba1437cebd9b665377595d5cd8f82f462b7763bcc5d0453a3ed95a99d316040b8f3578f516e79d53cccf98fd4548902a5deaaca146b799b4cdeeb60a429beb6d912153b793b725eca39b8ab21e34966dca1d24edbb891443cd619ef0435ea2ef563fbf3f3a07dff8f29381b13990a2d909e43dd3f57e176d7808e2d91b1364c1748880d96bc29101b0987f0e280886dd20c40b6bec7e721ebda7954fb1e77e1abb1a47da1ff213f994a22759a7d186f4d0f23e7f042b97051c9b12ca3bd47a30f05a0e8648201450f68b78ed541ed6ea9a920731caec520c2d6991ccbff20cedacbd07e94046ab083a6be822a020c19889f4bef2e057910c81e340a2869197906e2e9da4f8dc11bf778a72aa5590254a72520aa1a80ff8d02eb47e98053b23e9c98358c871e04669606838f8eb599dc0df5287dde674c05636a403fdb22f9b19182db445d732bd397d154d66dc1b9206b638ed38b15a3ed5eb72d28401398f7379541c715faf1b78985df2f41be10ec3c27ce1ea495cfd682a3efb9049ebab3e2b97b371b487c7a56bf16d371742002be0fa27693dadfc10290b37825f2d4a1a7385fdd812d71fcb951a3f329a183132894bdd256dc078e0b6216ebd341fc56c1175c80bd74064610a65655e4140a8c5920a516060f1a02e867de51136d2a82cf0450914a61288d92506ad04fc7e54a4003d3b102345fbe2e3fd5a75714345eefd25ef74aadb17a52ff41c7597163cd7de6e24c26d157176be3c3936c77916f8b51b9cd0ac9c583371a5f68add5561c306867ca4592965bd8932716f45dece476ea210a56386f102039316da5e3e632b0ebaab0856c1803f21c44d67fa9ec35c1aedf79ac427adb62f48cfab8c308faafadd00d24194e95a51f2f7c60a2fec8e094b71f8c1e6b0ba27c32c30e8da05f928d848fa295e3c9594220bafd302bf915d34a1bb20638aafaba3bd55b6f58b0427a863a961372add3d240a72913cf78772487b073d3db96b7447e2a85de6e8df404f49cd79feaddc69ed4e8061a6122d4e12d3cd32f20360b6f57c0d29cdbfd8f0fbb0f58328213680ca465efc7a891fce48174b12473f90850b56f246f83826e13ba4f39041d0344032be484a11473d31dce46cf28166680237199d55ae53b18acc4d67cd0ea8859d0362b68cda330e801e7fcceb0421a029615511900777583c2da500fd048382e54435ad7be5cec1499c6fa3e4688107b9946ea2f81fe935be159fafaacd07dc6a9de0d4d6a02a493e53a572c2880e59b29aebd31fa7e0bbd08119586d923cf76e3bb0ee5083e31e26dd2e103ce687b9aad198d7cb650965ca3a7d63155f4976127e37ce8f4668f4583419b3587cafb33b202816539000c9f45422c4642aa5e3aa6fe82c83f9151476f3c10e4531a419cdd72455c271d20317658c116b3f122c6bfe87db2a63d8235eeed3d3dc92e3b640cffcd0672dad125b9b7d850b8b27f5c1e3c89b121c5449acb9377c33f4a2ea99a580ff98e2d6e937834d556ea2afece5e75850600ddb540693d0f37a45e7cd9c4a186f34e18e334bbb2e9302e6e7159d73e6c654e5e6748e1ba24fec14a9a37701b9dcb3b8cdad2f6e6edcb955ef3f33f2db362c1f08ae514af64c4c02f079726128be3a487320dfaaf7feac2845878c23fa21b1edff5f5df1268cef6e94308a75161f1cb3aee1d8c1d574e1bd15a97df84983768ec12453c1d5418ab30568cee229c3ff0ee163d159165b5841c701a622e63236301e0a05764cf4ab14e4ddb6d6a0c10689f23decbffdfa5c71c7384bd986f76872033f47b920ac84f5decdd029444ec0b5780fcbc298350af77020ea5b328e1d6ea51f5ad6a2aac2c4e6ac3da48c1671fafba498e676b16ae1d11cc7d835f2a5ab0014fc1b408057620356e261e4721e1fd6cc4fb789641bab7c7897d29904d9bdf14c8b62f640da42776c10f4763dce9d0cd7b0231f4281cc48e9e6255a03ee0ae5ff7a13db515e2fcde1664d8030d48fd0936a9eb2b35ae4989d8ce527a5987d46f34f5f67e302ddc86ef8d1358a3929462b8cf302238172f18984c0129204eb84f88e4875c9ed62c4df4dec9b31a35fc47f49f371800e929f6ff6afb7006419581fb776dbd8e3669b799c920605ea26fbfe8b2eceba96e80c430967b4f154f9a8191b0ad02ad0e43b7219d4a1426c71e7dd69b52c35fbce6be14c07f7c38539a9c043e585f0b1baaaab411271962e1e28a9638dab16c568b8911c25d1100f970f629869f4bbe30efbaee3ec3e086477be178a882cbbbf698e6f456a3d0ee5f64325bb238b55f70f51cd4884b3002276c05ce7f8e801cc0238395fd98f884a12e6a980e79f434734a6d29f6724e2e6b4e41d72c7694a03fe1ca3d8ce9df03eafe3d7273b922cf942b224d795445c8716b092be6de27ac9e9e365d2dfa79a702fadc4472f42fe383b16688b4e9cd64ac288a466ed152f1fcc91f8d22912c750bbfe15ca304fcd82ff1c11c12f5df148d74a27caaf75780128fe17ad86c3b7f3d97659ffa1abbe292b2896c82f76d1b503eb80eae07fb1e7f68da96a536817c12d964b9f4ef6b6f901373ac365cbf6d276ad8b295a30de3288bc50ce3744b7d63c183e1fb072463baa366f67bcf6e7aa01c4fc129654413dba4747786ae3967a77a6f5d0bb24b1a18e276e9899a8fdc45df61ef84368964d77204c187b12d06ed7961b239aa3aad6b2ae75edebe0018335b77f9ff7a90a3518417ebad569ca9df6d9d028c347b0bc0754ff05bd30bc10057c339eb09fbdd875cb4a0760aa2e0a88633bf5b4beccbd3146046a490d66278cf75de76671c4ba8124fc9de5427ad120b202b8424e734eddbe08466259e757214f58b47cf3aaa21b8c98f6e8d4f66e9fda897732827855d987e6f8e310fce14a05034cf1d53d211aa4ad56eab17bbd39fc69d950ba5d14bcd5db8605950b6785acd04f00cf054998613dda8a6630102a86550205331444ce0248f2c44d3edec23a935cee7b093e47fd4fd72cae4bd1421adff6f2c13525692c511c19bd4008624510aafcf120801d7f6366806d3e377e2e39f47e341a40f812715e8a1130ee9770f998cea169038f43ba9bbefbff9882a85fe984a39c1930b7255ae8ddce424c1e5468557f072a3a76aa6932cc16a2633b27572a0696bd2a3303deba70cca4cad54b34ddb67acee56a95dde9c157890e36784576a9b8f96163c463c2c8392fb54e34da218c42616b8186c6e45298973af8769446a9fced6440543e4b355c0d1f2288f769ad5c62394f5ac6907d811c9f0e5c228ff01d7837833ffbe3b0fc4e45ee6356fe8fca29b6a5a7f498cce5c765ab77108ede41f455aa325d387bbf175a525104878d344d32e5afdfb68c4108551c2a45089c943456deb57f5dfe634fbcd305c076a4b93bb30286b474317e7daeadd45fa1a3fa21b74832c932773fa4d4f95794355c7692fd58e0b8a331e77d06d590ba1b14ed1349febb6782a695f16d8ebae63dd5e14650783f904e8f4835f941ff1f9d07208541a90f3412308074a882236abfb0540ded765b8ee18aef943ae608d5d8889d3d7d6b4871cdfb548d408dc67fee80ded13ad01e99cd9d6630099566f811d23859c65a87440790729e136e972734047262a8be47c4d8794fd4605b284db6365a8da83da9a3c3f6951e13ece5b2a454aa9e9d3421153e6e822cf05896a59561cea7d7ceec0a5e80141706ce6ff41429806d80fea11b222eda4ee1e3d983970fd31dc529de82e0b37d8b1d58692c1a45bdaee904359020d9bbad4c16ac667ad3c966019e988c498fa9041a7eece51ea6fd9292e522bd3f62876a3b29fb5cc759913495364bb505d200b9a7aa327f252453251099d5d815de77e81c4d75ada7630b4a72b184594d8e97ba8b09fcec10bd873e04b50f9f914067fe92d28691aec9f15c205ec4d59022798715348ed787418c2c7127f7077dbd83e72590675b237a9a0f88603b07679bdfb24e6dfdbc7718fc72d060c3ca002e42d5d93ab5b13ddab1aca5ac8cf245951e0ab9bb80060421053ff84e1b83751b7fa3449c326c5c5d5e0c0261a7e3ed779e376b3522b831e7d33a296e95d06ce7275f1f7d52b69e0116e4ade52cfc508e3bf9717aeb3320e3621c5d2fe06ef071d00c89698af91c37bdf52228f029412d18018baf7daae644fd700ba99331593f470ebf919f7bb360ab433cc5425b38ee89e1bc8c3e82da0b96c41a4506023146da65d5c1ef3b1bc968aa03c60933d6792e34bb221dec52509ece5d0976088acc0c36685f599e900aef4e86377e4206d0e54cf7fa76bbee156ceea501176807879f705ca5fea9ec6464d61b3c8f89ae03bef165e086a53104c0fa87c8007996bfd1c8f43d7d8ac3a7ae4e1bdf94d5fa9092eb580ca5756181d89f22f12b7e8d253958f0b281688e915e729b40cfe98ec9a8c0211b0c10ed3b2e88dc210b757153a797ccc22d349a7a419", 0x1000}}, 0x1006)
r3 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f010400000009058303"], 0x0)
ioctl$EVIOCSCLOCKID(0xffffffffffffffff, 0x400445a0, &(0x7f0000000080)=0xb309)
syz_usb_ep_write$ath9k_ep2(r3, 0x83, 0x8, &(0x7f0000000080)=ANY=[])
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$EVIOCRMFF(0xffffffffffffffff, 0x550c, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep2(r3, 0x83, 0x8, &(0x7f00000000c0)=ANY=[])
close_range(r1, 0xffffffffffffffff, 0x0)

1.372576382s ago: executing program 2 (id=2036):
ioctl$VIDIOC_S_OUTPUT(0xffffffffffffffff, 0xc004562f, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_COALESCE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000200000008000300", @ANYRES32=r2, @ANYBLOB='\b\x00'], 0x3c}, 0x1, 0x0, 0x0, 0x7000000}, 0x0)

1.273808515s ago: executing program 1 (id=2037):
mkdir(&(0x7f00000022c0)='./file0\x00', 0x5)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b7000000df000000bfa300000000000007030000f0ffffff720af0fff8ffffff71a4f0ff000000005d040200000000001d400500000000004704000001ed000062030000000000003f440000000000007a0a00fe00ffffffd704000020000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a1074649c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c0dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6acdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fed000000007baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x882c, &(0x7f0000000740)=ANY=[], 0x6, 0x0, 0x0)

1.141726499s ago: executing program 2 (id=2038):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x8880)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_VENDOR(0xffffffffffffffff, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000800)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYBLOB], 0x1c}}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockname(0xffffffffffffffff, 0x0, &(0x7f00000000c0))
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000019600)='blkio.bfq.empty_time\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000200), 0xfffffd9d)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='htcp\x00', 0x5)
sendfile(r0, r1, 0x0, 0x8000002b)
ioctl$HIDIOCSFLAG(r1, 0x4004480f, &(0x7f0000000040)=0x3)

1.07973937s ago: executing program 1 (id=2039):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)={0x80, r1, 0x205, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x52, 0xe, {{{}, {}, @device_b, @broadcast, @from_mac=@device_b}, 0x0, @default, 0x5d7f, @void, @val, @val={0x3, 0x1, 0xb8}, @void, @void, @void, @void, @val={0x2a, 0x1, {0x0, 0x1}}, @val={0x3c, 0x4, {0x1, 0x3, 0xa, 0x1}}, @val={0x2d, 0x1a, {0x10, 0x1, 0x6, 0x0, {0x9, 0xc9, 0x0, 0x7, 0x0, 0x1, 0x0, 0x2, 0x1}, 0x8, 0xb, 0x4}}, @void, @void, @void}}, @NL80211_ATTR_IE_ASSOC_RESP={0xd, 0x80, [@ext_channel_switch={0x3c, 0x4, {0x0, 0xff, 0x84, 0x7}}, @sec_chan_ofs={0x3e, 0x1, 0x2}]}]]}, 0x80}}, 0x0)

936.946358ms ago: executing program 3 (id=2040):
r0 = syz_open_dev$sndctrl(&(0x7f0000000600), 0x2, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r2, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x8, 0x0, 0x0, 0x1000000000000b4c, 0x8, 0x8, 0x0, 0x3}, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1})
r3 = syz_open_procfs(0x0, &(0x7f0000000140)='fdinfo/4\x00')
ioctl$vim2m_VIDIOC_QBUF(0xffffffffffffffff, 0xc058560f, 0x0)
ioctl$vim2m_VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045612, 0x0)
open_tree(0xffffffffffffff9c, 0x0, 0x89901)
sendmsg$WG_CMD_SET_DEVICE(r3, &(0x7f00000003c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4020}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2000c005}, 0x0)
ioctl$EXT4_IOC_GET_ES_CACHE(0xffffffffffffffff, 0x40086602, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(r4, 0x0, 0x0)
sendmsg$nl_route_sched(r4, 0x0, 0x24040084)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
sendmsg$NL80211_CMD_REGISTER_BEACONS(r6, &(0x7f0000000240)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="f212bb5cf13c04fab07f39b010b84fcdb188065b8fcbcfe4", @ANYRES16=r8, @ANYBLOB="00082abd7000fedbdf2555"], 0x14}, 0x1, 0x0, 0x0, 0x1}, 0x40081)
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r0, 0x80045530, &(0x7f0000002480)=""/4110)

818.858703ms ago: executing program 1 (id=2041):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="50000000070601020000000000000000000000060900020073797a32000000000500018007"], 0x50}, 0x1, 0x0, 0x2000, 0x4000000}, 0x0)

568.037945ms ago: executing program 1 (id=2042):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x8001, 0x5, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xfffffffe}, 0x1c)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_int(r1, 0x0, 0x33, &(0x7f0000000000)=0x80020000, 0x4)
listen(r1, 0x2)

177.013667ms ago: executing program 0 (id=2043):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0xa0, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x78, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}]}}}, {0x40, 0x1, 0x0, 0x1, @bitwise={{0x8848}, @val={0x30, 0x2, 0x0, 0x1, [@NFTA_BITWISE_LEN={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_BITWISE_SREG={0x8, 0x1, 0x1, 0x0, 0x14}, @NFTA_BITWISE_DREG={0x8, 0x2, 0x1, 0x0, 0x12}, @NFTA_BITWISE_DATA={0xc, 0x7, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, '\x00\x00'}]}, @NFTA_BITWISE_OP={0x8, 0x6, 0x1, 0x0, 0x3}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x114}}, 0x0) (fail_nth: 3)

80.822669ms ago: executing program 1 (id=2044):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f0000000280)={@multicast1, @local, 0x1, 0x2, [@multicast1, @multicast1]}, 0x18)
r1 = syz_open_procfs(0x0, &(0x7f0000000400)='fd\x00')
getdents64(r1, &(0x7f0000000300)=""/222, 0xde)
getdents(r1, 0xffffffffffffffff, 0x5a)
ioctl$PIO_FONTX(r1, 0x4b6c, &(0x7f00000006c0)={0x1fc, 0x8, &(0x7f00000002c0)="6a5e39e0216869682d961bc66895bd9975663c21a680a2f035bf35945a309b0c579aead526bce531a3718ea2107312b2c11da74723d6a7a8d3f31d4220aa832e590306cf0c58a53dc5a797bf9d30c034a1404a0b79888288bbb4a49439be4fbc07865583d418f1bc0aecd2266e5f2bd011b37c1bb17a63cb57fd3530423a37357aef4804e0227e9b414d70bd318ac65b4b2f72eaa6e583444afa23529af465cb711c654c8b9102ec4e7d500557a8ec3ada7f42e8be8c221ebb267231e96de5daac54cc518cd7449620a32ccbc34923a071fa00c6a98e3e1a4a9eb490e00915f1383fe2a2d16ab20b3833d41c5e5c39ce0911a7ef5c2f279c8056b50df11cb5fb005fdd7805d91d80b50d34e712b9a3b543d1bec15ff2f90d40a9c40baab0478db579f8b46d1edb27dd926b9de8d061ea0b00a5ef161c234fdcf0f2ba2335dc79651f6637ad4f8dafefcefa39f6c7c4956f1773503df70da3d64c25d38730482c76c4c6a573f9516c65c4c3c774199dcb3101ab767f35bd04d1373365a541dc391c909f5a77eaa453f5be895c9811fadd74111a4a5ae470ffc13542119c9d3d40bb8d191bc4d4578396353ce51ded357e773e011dcb0ff89e15b96a77bcca4b7240e59d303b0abfae5bde2b593f93b9bd17ba144c5338ccd3fcf41a949ff49ec78a8c05f195e4cba4d605613a3a952f9e4cba770d033584eaa5205b8428f5134715dfdd2f97ec77248cf3dd9a38e172fc6277ec3d1b9f8d8d9c9cd81e79f8666421fd54ccf00a236d9cfda2a61353963444361f3cc96cc553350d0624dbd3077ece41a05a20fb142347f6c39ef7370ff090e36dfa652892ec4267d321d75b182ef4a9f794b8a75f3a39f2128d6945c9be93b3e66c2615e9872b9a581df71026f5661bd6d2336566607560da43d9b7f49d56c4d7c3311f9277461200a9061c4054e07be027a2002136a758f5e0425dd1de80059893a4475c13383bca76a46caa3c05cdc1d536bccc038ae7e0d9d7e89a5c25bc014eab9fd516ac910e6e9477c933ac5fbff56fd1d30d206db24c1f6550e9f7fd77abd71828169ff958fc2e9f60a0bab107039f0521d368f525b32c152fedc757c79bbbb90b324bfe24c7081ebb1f512fc979146035ad30c8679c679d98d85e22c4fe5a2e246d0b518d82b02845ce7427d9f1a67b78fe860a29658115a110907531fc8a48979579fd03b5bbac3310506d5c73d482a848fa774fe6db7a105c00b26a5786b1b49fe3fefdbc3eb0d27f378c67548a013cc719973741ee58fb31f60b0aedee56b54351681afe78b53059bcbdfb8512bfcf8246414bf771cbb1b06b53cb1e1eb0a3f882cc2c7d108b8a48a347aa0c8cf5b3c1d7fb023f904238db3db144410bf3c19e3bbd4c851ab321b7ecc517793950f2cad435eda7808e543e45c7aa1ad9e0d19443637e4ee95ca50b"})
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
r2 = add_key$keyring(&(0x7f0000000180), &(0x7f00000001c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$restrict_keyring(0x1d, r2, &(0x7f0000000200)='.dead\x00', &(0x7f0000000240)='full')
r3 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x40000, 0x0)
lseek(r3, 0xffffffffffffffb7, 0x4)
r4 = socket$kcm(0x29, 0x5, 0x0)
r5 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
ioctl$I2C_RDWR(r5, 0x707, &(0x7f0000000000)={&(0x7f0000000080)=[{0xb, 0x200, 0x7d, &(0x7f00000000c0)="53559c0409789e7dedaf1ac0be826147bbf29b9193c0d02db424ecead53a87826ef36d9f1a87fc42a841f2ac82f0ce17a626e8bbec4d17009de823fbe13a553db4d683ac7680c258e4872662b7a12b37e373c34338121ee54f0f81dd706dbfcc44d7081353f7af909c7f39e08c9a666f1b2650c0552f603c7795557d34"}, {0x8000, 0x400, 0x0, 0x0}], 0x2})
write$cgroup_pressure(r4, &(0x7f0000000140)={'full'}, 0xfffffdef)
syz_clone(0x640c7400, 0x0, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 2 (id=2045):
r0 = socket$kcm(0x2, 0x1000000000000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000500)={0x2, 0x4e1d, @loopback}, 0x10, 0x0, 0x0, &(0x7f0000000000)=[@ip_retopts={{0x14, 0xfffffffd, 0x7, {[@end]}}}], 0x18}, 0x4000810)

kernel console output (not intermixed with test programs):

[  430.497623][ T5838] usb 3-1: USB disconnect, device number 66
[  430.954933][ T5838] usb 3-1: new full-speed USB device number 67 using dummy_hcd
[  431.112138][T10895] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  431.145183][T10895] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  431.179665][ T5838] usb 3-1: unable to get BOS descriptor or descriptor too short
[  431.188518][ T5838] usb 3-1: no configurations
[  431.193251][ T5838] usb 3-1: can't read configurations, error -22
[  431.687977][ T5838] usb 3-1: new full-speed USB device number 68 using dummy_hcd
[  431.849380][ T5838] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  431.873344][ T5838] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  431.901490][ T5838] usb 3-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00
[  431.947055][ T5838] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  432.038469][ T5838] usb 3-1: config 0 descriptor??
[  432.307904][   T10] usb 2-1: USB disconnect, device number 66
[  432.455726][ T5838] kye 0003:0458:0138.0012: unknown main item tag 0x0
[  432.510227][ T5838] kye 0003:0458:0138.0012: unknown main item tag 0x0
[  432.517004][ T5838] kye 0003:0458:0138.0012: unknown main item tag 0x0
[  432.582376][ T5838] kye 0003:0458:0138.0012: unknown main item tag 0x0
[  432.590831][ T5838] kye 0003:0458:0138.0012: unknown main item tag 0x0
[  432.613418][ T5838] kye 0003:0458:0138.0012: unknown main item tag 0x0
[  432.650077][ T5838] kye 0003:0458:0138.0012: unknown main item tag 0x0
[  432.697039][ T5838] kye 0003:0458:0138.0012: hidraw0: USB HID v0.00 Device [HID 0458:0138] on usb-dummy_hcd.2-1/input0
[  432.761396][ T5838] usb 3-1: USB disconnect, device number 68
[  432.817775][   T10] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  433.008604][   T10] usb 2-1: Using ep0 maxpacket: 16
[  433.023941][   T10] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[  433.034957][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  433.079648][   T10] usb 2-1: config 0 has no interface number 0
[  433.106684][T10928] FAULT_INJECTION: forcing a failure.
[  433.106684][T10928] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  433.110159][   T10] usb 2-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  433.163350][T10928] CPU: 1 UID: 0 PID: 10928 Comm: syz.3.1589 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  433.163382][T10928] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  433.163396][T10928] Call Trace:
[  433.163404][T10928]  <TASK>
[  433.163422][T10928]  dump_stack_lvl+0x241/0x360
[  433.163460][T10928]  ? __pfx_dump_stack_lvl+0x10/0x10
[  433.163491][T10928]  ? __pfx__printk+0x10/0x10
[  433.163534][T10928]  should_fail_ex+0x424/0x570
[  433.163562][T10928]  _copy_from_user+0x2d/0xb0
[  433.163594][T10928]  copy_msghdr_from_user+0xb3/0x580
[  433.163630][T10928]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  433.163656][T10928]  ? __fget_files+0x2a/0x420
[  433.163684][T10928]  ? __fget_files+0x2a/0x420
[  433.163713][T10928]  __sys_sendmsg+0x20a/0x360
[  433.163741][T10928]  ? __pfx___sys_sendmsg+0x10/0x10
[  433.163822][T10928]  ? do_syscall_64+0xb6/0x230
[  433.163853][T10928]  do_syscall_64+0xf3/0x230
[  433.163879][T10928]  ? clear_bhb_loop+0x45/0xa0
[  433.163905][T10928]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  433.163926][T10928] RIP: 0033:0x7fdb0f38e169
[  433.163944][T10928] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  433.163961][T10928] RSP: 002b:00007fdb1012b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  433.163984][T10928] RAX: ffffffffffffffda RBX: 00007fdb0f5b5fa0 RCX: 00007fdb0f38e169
[  433.163999][T10928] RDX: 0000000004000040 RSI: 00002000000000c0 RDI: 0000000000000003
[  433.164013][T10928] RBP: 00007fdb1012b090 R08: 0000000000000000 R09: 0000000000000000
[  433.164026][T10928] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  433.164039][T10928] R13: 0000000000000000 R14: 00007fdb0f5b5fa0 R15: 00007fdb0f6dfa28
[  433.164070][T10928]  </TASK>
[  433.191997][   T10] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  433.654720][T10936] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1591'.
[  433.660987][   T10] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  433.686670][   T10] usb 2-1: Product: syz
[  433.742595][   T10] usb 2-1: SerialNumber: syz
[  433.751569][T10938] vlan0: entered promiscuous mode
[  433.786754][   T10] usb 2-1: config 0 descriptor??
[  433.925649][T10945] batman_adv: batadv0: Adding interface: dummy0
[  433.940063][T10945] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  434.019840][   T10] usbhid 2-1:0.8: couldn't find an input interrupt endpoint
[  434.102132][   T10] usb 2-1: USB disconnect, device number 67
[  434.155344][T10947] openvswitch: netlink: Key type 1296 is out of range max 32
[  434.174815][T10945] batman_adv: batadv0: Interface activated: dummy0
[  434.488357][T10951] loop2: detected capacity change from 0 to 7
[  434.527752][T10951] Dev loop2: unable to read RDB block 7
[  434.534204][T10951]  loop2: unable to read partition table
[  434.541385][T10951] loop2: partition table beyond EOD, truncated
[  434.567687][T10951] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  434.625151][ T5212] Dev loop2: unable to read RDB block 7
[  434.647204][ T5212]  loop2: unable to read partition table
[  434.674220][ T5212] loop2: partition table beyond EOD, truncated
[  434.978693][   T30] audit: type=1326 audit(1744904821.769:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10958 comm="syz.2.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f386798e169 code=0x7ffc0000
[  435.022330][T10963] batadv0: mtu less than device minimum
[  435.028234][   T30] audit: type=1326 audit(1744904821.769:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10958 comm="syz.2.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f386798e169 code=0x7ffc0000
[  435.052341][T10963] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  435.063951][T10963] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  435.075442][T10963] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  435.086875][T10963] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  435.098406][T10963] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  435.109814][T10963] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  435.121315][T10963] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  435.132747][T10963] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  435.165893][   T30] audit: type=1326 audit(1744904821.769:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10958 comm="syz.2.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f386798e169 code=0x7ffc0000
[  435.217262][   T30] audit: type=1326 audit(1744904821.769:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10958 comm="syz.2.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f386798e169 code=0x7ffc0000
[  435.370534][   T30] audit: type=1326 audit(1744904821.769:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10958 comm="syz.2.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f386798e169 code=0x7ffc0000
[  435.396289][   T30] audit: type=1326 audit(1744904821.769:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10958 comm="syz.2.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f386798e169 code=0x7ffc0000
[  435.477806][   T30] audit: type=1326 audit(1744904821.769:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10958 comm="syz.2.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f386798e169 code=0x7ffc0000
[  435.516106][   T30] audit: type=1326 audit(1744904821.769:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10958 comm="syz.2.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f386798e169 code=0x7ffc0000
[  435.578168][   T30] audit: type=1326 audit(1744904821.769:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10958 comm="syz.2.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f386798e169 code=0x7ffc0000
[  435.601184][   T30] audit: type=1326 audit(1744904821.769:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10958 comm="syz.2.1599" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f386798e169 code=0x7ffc0000
[  435.867663][T10966] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  435.874232][T10966] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  435.901747][T10966] vhci_hcd vhci_hcd.0: Device attached
[  436.087740][   T10] vhci_hcd: vhci_device speed not set
[  436.179499][   T10] usb 41-1: new full-speed USB device number 2 using vhci_hcd
[  436.426563][T10968] vhci_hcd: connection reset by peer
[  436.444042][ T7089] vhci_hcd: stop threads
[  436.456760][ T7089] vhci_hcd: release socket
[  436.488276][ T7089] vhci_hcd: disconnect device
[  436.566537][T10992] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1611'.
[  436.578223][   T47] usb 1-1: new high-speed USB device number 72 using dummy_hcd
[  436.747794][   T47] usb 1-1: Using ep0 maxpacket: 16
[  436.763420][   T47] usb 1-1: unable to get BOS descriptor or descriptor too short
[  436.771351][ T5886] usb 3-1: new high-speed USB device number 69 using dummy_hcd
[  436.795499][   T47] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0x82 has invalid maxpacket 64
[  436.817658][   T47] usb 1-1: config 1 interface 0 altsetting 3 bulk endpoint 0x3 has invalid maxpacket 32
[  436.833978][   T47] usb 1-1: config 1 interface 0 altsetting 3 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  436.869826][   T47] usb 1-1: config 1 interface 0 has no altsetting 0
[  436.886806][   T47] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  436.909821][   T47] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  436.930396][   T47] usb 1-1: Product: syz
[  436.947729][ T5886] usb 3-1: Using ep0 maxpacket: 16
[  436.954268][   T47] usb 1-1: Manufacturer: syz
[  436.962462][   T47] usb 1-1: SerialNumber: syz
[  436.971154][ T5886] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[  436.996417][ T5886] usb 3-1: config 0 has an invalid descriptor of length 143, skipping remainder of the config
[  437.018495][T10985] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  437.044586][T10985] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  437.050615][ T5886] usb 3-1: config 0 has no interface number 0
[  437.071353][ T5886] usb 3-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  437.087360][ T5886] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  437.098172][ T5886] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  437.106447][ T5886] usb 3-1: Product: syz
[  437.111403][ T5886] usb 3-1: SerialNumber: syz
[  437.167289][ T5886] usb 3-1: config 0 descriptor??
[  437.191932][ T5886] usbhid 3-1:0.8: couldn't find an input interrupt endpoint
[  437.275016][   T47] usb 1-1: bad CDC descriptors
[  437.294106][   T47] usb 1-1: USB disconnect, device number 72
[  437.409858][ T5838] usb 3-1: USB disconnect, device number 69
[  437.468659][T11000] batadv_slave_1: entered promiscuous mode
[  437.475450][T11000] batadv_slave_1: left promiscuous mode
[  438.057873][T11012] FAULT_INJECTION: forcing a failure.
[  438.057873][T11012] name failslab, interval 1, probability 0, space 0, times 0
[  438.099263][T11012] CPU: 1 UID: 0 PID: 11012 Comm: syz.4.1618 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  438.099296][T11012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  438.099310][T11012] Call Trace:
[  438.099318][T11012]  <TASK>
[  438.099328][T11012]  dump_stack_lvl+0x241/0x360
[  438.099367][T11012]  ? __pfx_dump_stack_lvl+0x10/0x10
[  438.099397][T11012]  ? __pfx__printk+0x10/0x10
[  438.099431][T11012]  ? __pfx___might_resched+0x10/0x10
[  438.099461][T11012]  should_fail_ex+0x424/0x570
[  438.099489][T11012]  should_failslab+0xac/0x100
[  438.099519][T11012]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  438.099550][T11012]  ? __alloc_skb+0x1c2/0x480
[  438.099575][T11012]  __alloc_skb+0x1c2/0x480
[  438.099600][T11012]  ? __pfx___alloc_skb+0x10/0x10
[  438.099622][T11012]  ? netlink_autobind+0xd6/0x2f0
[  438.099652][T11012]  ? netlink_autobind+0x2b0/0x2f0
[  438.099689][T11012]  netlink_sendmsg+0x638/0xcd0
[  438.099733][T11012]  ? __pfx_netlink_sendmsg+0x10/0x10
[  438.099769][T11012]  ? aa_sock_msg_perm+0x91/0x160
[  438.099804][T11012]  ? __pfx_netlink_sendmsg+0x10/0x10
[  438.099832][T11012]  __sock_sendmsg+0x221/0x270
[  438.099864][T11012]  ____sys_sendmsg+0x523/0x860
[  438.099896][T11012]  ? __pfx_____sys_sendmsg+0x10/0x10
[  438.099916][T11012]  ? __fget_files+0x2a/0x420
[  438.099939][T11012]  ? __fget_files+0x2a/0x420
[  438.099990][T11012]  __sys_sendmsg+0x271/0x360
[  438.100019][T11012]  ? __pfx___sys_sendmsg+0x10/0x10
[  438.100099][T11012]  ? do_syscall_64+0xb6/0x230
[  438.100129][T11012]  do_syscall_64+0xf3/0x230
[  438.100154][T11012]  ? clear_bhb_loop+0x45/0xa0
[  438.100180][T11012]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  438.100200][T11012] RIP: 0033:0x7f6f4bf8e169
[  438.100218][T11012] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  438.100239][T11012] RSP: 002b:00007f6f4cde8038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  438.100262][T11012] RAX: ffffffffffffffda RBX: 00007f6f4c1b5fa0 RCX: 00007f6f4bf8e169
[  438.100277][T11012] RDX: 0000000004000040 RSI: 00002000000000c0 RDI: 0000000000000003
[  438.100290][T11012] RBP: 00007f6f4cde8090 R08: 0000000000000000 R09: 0000000000000000
[  438.100303][T11012] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  438.100314][T11012] R13: 0000000000000000 R14: 00007f6f4c1b5fa0 R15: 00007f6f4c2dfa28
[  438.100345][T11012]  </TASK>
[  438.821511][T11026] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1624'.
[  439.499326][ T5886] usb 2-1: new full-speed USB device number 68 using dummy_hcd
[  439.574825][T11039] kvm: vcpu 0: requested 1792 ns lapic timer period limited to 200000 ns
[  439.628668][T11039] ptrace attach of "./syz-executor exec"[5866] was attempted by ""[11039]
[  439.661723][ T5886] usb 2-1: not running at top speed; connect to a high speed hub
[  439.689062][ T5886] usb 2-1: config 1 interface 0 has no altsetting 0
[  439.756183][T11047] ref_tracker: memory allocation failure, unreliable refcount tracker.
[  439.853112][   T47] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[  440.037666][   T47] usb 5-1: Using ep0 maxpacket: 16
[  440.046141][   T47] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[  440.067676][   T47] usb 5-1: config 0 has an invalid descriptor of length 143, skipping remainder of the config
[  440.081301][   T47] usb 5-1: config 0 has no interface number 0
[  440.087580][   T47] usb 5-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  440.112440][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  440.119288][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  440.127703][   T47] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  440.138142][   T47] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  440.146305][   T47] usb 5-1: Product: syz
[  440.157679][   T47] usb 5-1: SerialNumber: syz
[  440.169555][   T47] usb 5-1: config 0 descriptor??
[  440.177978][T11058] netlink: 64 bytes leftover after parsing attributes in process `syz.2.1635'.
[  440.201749][   T47] usbhid 5-1:0.8: couldn't find an input interrupt endpoint
[  440.282908][T11061] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1636'.
[  440.404865][ T5838] usb 5-1: USB disconnect, device number 69
[  441.240454][T11076] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1640'.
[  441.338217][   T10] vhci_hcd: vhci_device speed not set
[  441.487697][ T6235] usb 3-1: new high-speed USB device number 70 using dummy_hcd
[  441.862804][ T6235] usb 3-1: config 0 has no interfaces?
[  441.895794][ T6235] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  441.905134][ T6235] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  441.933209][ T6235] usb 3-1: Product: syz
[  441.964323][ T6235] usb 3-1: Manufacturer: syz
[  441.984602][ T6235] usb 3-1: SerialNumber: syz
[  442.021586][ T6235] usb 3-1: config 0 descriptor??
[  442.234112][ T5886] usb 2-1: New USB device found, idVendor=1c4f, idProduct=0059, bcdDevice= 0.40
[  442.277969][T11075] loop8: detected capacity change from 0 to 7
[  442.285857][T11075] Dev loop8: unable to read RDB block 7
[  442.300563][ T5886] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  442.327285][T11075]  loop8: unable to read partition table
[  442.361762][ T5886] usb 2-1: Product: 栯踎⥫싦燤秀谬嘉��䖇谣틘홥亻�䎚䚓滽蠵颥
[  442.435977][ T5886] usb 2-1: can't set config #1, error -71
[  442.460510][ T5886] usb 2-1: USB disconnect, device number 68
[  442.492365][T11094] netlink: 'syz.2.1639': attribute type 10 has an invalid length.
[  442.503950][T11075] loop8: partition table beyond EOD, truncated
[  442.535721][T11075] loop_reread_partitions: partition scan of loop8 (þ被x) failed (rc=-5)
[  442.545466][T11093] FAULT_INJECTION: forcing a failure.
[  442.545466][T11093] name failslab, interval 1, probability 0, space 0, times 0
[  442.616787][T11093] CPU: 1 UID: 0 PID: 11093 Comm: syz.0.1646 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  442.616816][T11093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  442.616829][T11093] Call Trace:
[  442.616838][T11093]  <TASK>
[  442.616847][T11093]  dump_stack_lvl+0x241/0x360
[  442.616886][T11093]  ? __pfx_dump_stack_lvl+0x10/0x10
[  442.616915][T11093]  ? __pfx__printk+0x10/0x10
[  442.616943][T11093]  ? __pfx___might_resched+0x10/0x10
[  442.616966][T11093]  should_fail_ex+0x424/0x570
[  442.616985][T11093]  should_failslab+0xac/0x100
[  442.617008][T11093]  kmem_cache_alloc_lru_noprof+0x7d/0x390
[  442.617036][T11093]  ? __d_alloc+0x31/0x740
[  442.617064][T11093]  __d_alloc+0x31/0x740
[  442.617091][T11093]  d_alloc_parallel+0xe9/0x1660
[  442.617121][T11093]  ? __lock_acquire+0xad5/0xd80
[  442.617146][T11093]  ? __pfx_d_alloc_parallel+0x10/0x10
[  442.617167][T11093]  ? __raw_spin_lock_init+0x45/0x100
[  442.617190][T11093]  ? __init_waitqueue_head+0xae/0x150
[  442.617215][T11093]  __lookup_slow+0x127/0x400
[  442.617240][T11093]  ? __pfx___lookup_slow+0x10/0x10
[  442.617276][T11093]  ? lookup_fast+0x1a8/0x5a0
[  442.617299][T11093]  lookup_slow+0x53/0x70
[  442.617321][T11093]  walk_component+0x2f4/0x420
[  442.617337][T11093]  path_lookupat+0x169/0x440
[  442.617358][T11093]  do_o_path+0x97/0x230
[  442.617374][T11093]  ? __pfx_do_o_path+0x10/0x10
[  442.617396][T11093]  path_openat+0x2ef4/0x35d0
[  442.617416][T11093]  ? stack_trace_save+0x11a/0x1d0
[  442.617445][T11093]  ? __pfx_kstrtoull+0x10/0x10
[  442.617470][T11093]  ? __pfx_stack_trace_save+0x10/0x10
[  442.617507][T11093]  ? stack_depot_save_flags+0x44/0x940
[  442.617544][T11093]  ? kasan_save_track+0x51/0x80
[  442.617566][T11093]  ? kasan_save_track+0x3f/0x80
[  442.617587][T11093]  ? kmem_cache_alloc_noprof+0x1e1/0x390
[  442.617616][T11093]  ? __pfx_path_openat+0x10/0x10
[  442.617638][T11093]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.617678][T11093]  do_filp_open+0x284/0x4e0
[  442.617706][T11093]  ? __pfx_do_filp_open+0x10/0x10
[  442.617728][T11093]  ? do_raw_spin_lock+0x151/0x370
[  442.617797][T11093]  do_sys_openat2+0x12b/0x1d0
[  442.617832][T11093]  ? __pfx_do_sys_openat2+0x10/0x10
[  442.617860][T11093]  ? __fget_files+0x2a/0x420
[  442.617883][T11093]  ? __fget_files+0x2a/0x420
[  442.617910][T11093]  __x64_sys_openat+0x249/0x2a0
[  442.617945][T11093]  ? __pfx___x64_sys_openat+0x10/0x10
[  442.617989][T11093]  ? do_syscall_64+0xb6/0x230
[  442.618021][T11093]  do_syscall_64+0xf3/0x230
[  442.618048][T11093]  ? clear_bhb_loop+0x45/0xa0
[  442.618074][T11093]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.618094][T11093] RIP: 0033:0x7f0763f8e169
[  442.618113][T11093] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  442.618131][T11093] RSP: 002b:00007f0764e0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  442.618153][T11093] RAX: ffffffffffffffda RBX: 00007f07641b5fa0 RCX: 00007f0763f8e169
[  442.618169][T11093] RDX: 0000000000218240 RSI: 0000200000000400 RDI: ffffffffffffff9c
[  442.618183][T11093] RBP: 00007f0764e0f090 R08: 0000000000000000 R09: 0000000000000000
[  442.618196][T11093] R10: 0000000000000110 R11: 0000000000000246 R12: 0000000000000001
[  442.618208][T11093] R13: 0000000000000000 R14: 00007f07641b5fa0 R15: 00007f07642dfa28
[  442.618241][T11093]  </TASK>
[  443.070792][T11094] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  443.335148][T11102] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1648'.
[  443.437651][ T6235] usb 5-1: new full-speed USB device number 70 using dummy_hcd
[  443.590094][ T6235] usb 5-1: unable to get BOS descriptor or descriptor too short
[  443.620945][ T6235] usb 5-1: not running at top speed; connect to a high speed hub
[  443.684790][ T6235] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  443.730293][T11107] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[  443.733664][ T6235] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 2039, setting to 64
[  443.912023][ T6235] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  443.956530][ T6235] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  443.990634][ T6235] usb 5-1: Product: syz
[  444.024018][ T6235] usb 5-1: Manufacturer: syz
[  444.075612][ T6235] usb 5-1: SerialNumber: syz
[  444.112117][T11095] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  444.137661][   T47] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  444.287838][   T47] usb 2-1: Using ep0 maxpacket: 16
[  444.295662][   T47] usb 2-1: config 0 has an invalid interface number: 8 but max is 0
[  444.305497][   T47] usb 2-1: config 0 has an invalid descriptor of length 143, skipping remainder of the config
[  444.316030][   T47] usb 2-1: config 0 has no interface number 0
[  444.333022][T11095] net_ratelimit: 11 callbacks suppressed
[  444.333054][T11095] dccp_invalid_packet: P.Data Offset(0) too small
[  444.369186][   T47] usb 2-1: config 0 interface 8 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  444.401271][   T47] usb 2-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  444.416382][   T47] usb 2-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  444.509496][   T47] usb 2-1: Product: syz
[  444.529408][   T47] usb 2-1: SerialNumber: syz
[  444.531313][ T5838] usb 3-1: USB disconnect, device number 70
[  444.553450][   T47] usb 2-1: config 0 descriptor??
[  444.570014][   T47] usbhid 2-1:0.8: couldn't find an input interrupt endpoint
[  444.775361][   T10] usb 2-1: USB disconnect, device number 69
[  444.797708][ T5886] usb 1-1: new high-speed USB device number 73 using dummy_hcd
[  444.957763][ T5886] usb 1-1: Using ep0 maxpacket: 32
[  444.969372][ T5886] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  444.987671][ T5886] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.999579][ T5886] usb 1-1: config 0 descriptor??
[  445.069979][   T24] usb 3-1: new high-speed USB device number 71 using dummy_hcd
[  445.222381][ T5886] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  445.235961][ T5886] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  445.246660][ T5886] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  445.254394][ T5886] usb 1-1: media controller created
[  445.298728][ T5886] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  445.398031][   T24] usb 3-1: Using ep0 maxpacket: 8
[  445.406186][   T24] usb 3-1: unable to get BOS descriptor or descriptor too short
[  445.416994][   T24] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEE, changing to 0x8E
[  445.429956][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  445.493420][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  445.528741][ T6235] cdc_ncm 5-1:1.0: bind() failure
[  445.537411][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  445.572998][ T6235] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  445.580164][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  445.604953][ T6235] cdc_ncm 5-1:1.1: bind() failure
[  445.614190][   T24] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0xC has invalid maxpacket 0
[  445.644218][ T6235] usb 5-1: USB disconnect, device number 70
[  445.657720][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  445.688334][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  445.691237][   T24] usb 3-1: New USB device found, idVendor=0763, idProduct=1002, bcdDevice=5f.84
[  445.691271][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  445.691321][   T24] usb 3-1: Product: syz
[  445.691337][   T24] usb 3-1: Manufacturer: syz
[  445.691354][   T24] usb 3-1: SerialNumber: syz
[  445.696358][   T24] usb 3-1: config 0 descriptor??
[  445.716222][   T24] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  445.979448][ T6249] udevd[6249]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  446.078042][ T5886] az6027: usb out operation failed. (-71)
[  446.078084][ T5886] stb0899_attach: Driver disabled by Kconfig
[  446.078098][ T5886] az6027: no front-end attached
[  446.078098][ T5886] 
[  446.078502][ T5886] az6027: usb out operation failed. (-71)
[  446.078520][ T5886] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  446.081361][ T5886] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input31
[  446.083403][ T5886] dvb-usb: schedule remote query interval to 400 msecs.
[  446.083428][ T5886] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  446.093235][ T5886] usb 1-1: USB disconnect, device number 73
[  446.193278][T11131] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1660'.
[  446.365438][ T5886] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  446.908945][T11144] loop2: detected capacity change from 0 to 7
[  446.935229][T11144] Dev loop2: unable to read RDB block 7
[  446.947847][T11144]  loop2: unable to read partition table
[  446.953295][T11146] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1667'.
[  447.102390][T11144] loop2: partition table beyond EOD, truncated
[  447.115686][T11144] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  447.307771][   T10] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[  447.504221][   T10] usb 2-1: config index 0 descriptor too short (expected 43540, got 77)
[  447.581211][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  447.621905][T11156] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1671'.
[  447.660418][   T10] usb 2-1: config 0 has no interfaces?
[  447.690433][   T24] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[  447.701663][ T5838] usb 3-1: USB disconnect, device number 71
[  447.740978][   T10] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  447.884619][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  447.898508][   T24] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  447.924346][   T24] usb 5-1: config 0 has no interfaces?
[  447.935775][   T24] usb 5-1: config 0 has no interfaces?
[  447.978213][   T24] usb 5-1: config 0 has no interfaces?
[  448.018038][   T24] usb 5-1: config 0 has no interfaces?
[  448.043048][   T24] usb 5-1: config 0 has no interfaces?
[  448.061270][   T10] usb 2-1: Product: syz
[  448.065500][   T10] usb 2-1: Manufacturer: syz
[  448.132395][   T24] usb 5-1: config 0 has no interfaces?
[  448.149774][   T24] usb 5-1: config 0 has no interfaces?
[  448.157672][   T10] usb 2-1: SerialNumber: syz
[  448.166065][   T24] usb 5-1: config 0 has no interfaces?
[  448.173654][   T10] usb 2-1: config 0 descriptor??
[  448.181693][   T24] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  448.190999][   T24] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  448.201234][   T24] usb 5-1: Product: syz
[  448.205416][   T24] usb 5-1: Manufacturer: syz
[  448.242021][   T24] usb 5-1: SerialNumber: syz
[  448.271198][   T24] usb 5-1: config 0 descriptor??
[  448.866819][   T10] usb 3-1: new high-speed USB device number 72 using dummy_hcd
[  448.919928][ T6235] usb 5-1: USB disconnect, device number 71
[  449.241154][   T10] usb 3-1: config 0 has no interfaces?
[  449.273040][   T10] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  449.342706][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  449.387673][   T10] usb 3-1: Product: syz
[  449.405009][   T10] usb 3-1: Manufacturer: syz
[  449.419750][   T10] usb 3-1: SerialNumber: syz
[  449.435576][   T10] usb 3-1: config 0 descriptor??
[  449.706216][T11184] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  449.722630][T11172] netlink: 'syz.2.1675': attribute type 10 has an invalid length.
[  449.763498][T11172] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1675'.
[  450.024719][   T24] usb 2-1: USB disconnect, device number 70
[  450.209055][T11194] vlan2: entered promiscuous mode
[  450.347173][T11195] vlan0: entered promiscuous mode
[  450.548796][ T5886] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[  450.556520][   T24] usb 4-1: new full-speed USB device number 66 using dummy_hcd
[  450.707775][ T5886] usb 2-1: Using ep0 maxpacket: 8
[  450.711162][   T24] usb 4-1: not running at top speed; connect to a high speed hub
[  450.711344][ T5886] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[  450.711362][ T5886] usb 2-1: config 0 has no interface number 0
[  450.711390][ T5886] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  450.711409][ T5886] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  450.711464][ T5886] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  450.711484][ T5886] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  450.711514][ T5886] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  450.711532][ T5886] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  450.714501][ T5886] usb 2-1: config 0 descriptor??
[  450.722274][ T5886] ldusb 2-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  450.726607][   T24] usb 4-1: config 2 has an invalid interface number: 186 but max is 0
[  450.726630][   T24] usb 4-1: config 2 has no interface number 0
[  450.726661][   T24] usb 4-1: config 2 interface 186 altsetting 4 has an invalid descriptor for endpoint zero, skipping
[  450.726678][   T24] usb 4-1: config 2 interface 186 altsetting 4 has an invalid descriptor for endpoint zero, skipping
[  450.726694][   T24] usb 4-1: config 2 interface 186 has no altsetting 0
[  450.730695][   T24] usb 4-1: New USB device found, idVendor=2040, idProduct=5200, bcdDevice=ff.14
[  450.730719][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.730735][   T24] usb 4-1: Product: 〉
[  450.730746][   T24] usb 4-1: Manufacturer: à°‡
[  450.730758][   T24] usb 4-1: SerialNumber: 嗇㉹嘒駅듓痢ﺤ욿螠ێ⒫筟ᮧ��懚㳉퓘ﺄꎬ瑋譹쩧擡쟈��襪矛凉驽럌檪舷퉰뤛䘠劢�蓽ꘑ簧�군��哩㋙䫙瓩秞餔먪禄ꊈ�笰麚�冕漛⠴䩀쿳邽廈䱻皬傴饽�릳嫇⡺嶧䓣⾲
[  451.143666][   T24] dvb-usb: found a 'Hauppauge Nova-TD Stick (52009)' in cold state, will try to load a firmware
[  451.181964][   T24] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  451.182158][   T24] dib0700: firmware download failed at 7 with -22
[  451.196320][   T24] usb 4-1: USB disconnect, device number 66
[  451.404480][   T10] usb 2-1: USB disconnect, device number 71
[  451.409945][   T10] ldusb 2-1:0.55: LD USB Device #0 now disconnected
[  451.479959][   T30] kauditd_printk_skb: 49 callbacks suppressed
[  451.479975][   T30] audit: type=1326 audit(1744904838.279:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11211 comm="syz.4.1690" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f6f4bf8e169 code=0x0
[  451.670709][ T5886] usb 3-1: USB disconnect, device number 72
[  451.681844][T11203] tty tty20: ldisc open failed (-12), clearing slot 19
[  452.512030][T11239] usb usb8: usbfs: process 11239 (syz.0.1698) did not claim interface 0 before use
[  452.797650][ T5886] usb 1-1: new high-speed USB device number 74 using dummy_hcd
[  452.853120][T11249] FAULT_INJECTION: forcing a failure.
[  452.853120][T11249] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  452.958366][T11249] CPU: 1 UID: 0 PID: 11249 Comm: syz.1.1704 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  452.958397][T11249] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  452.958410][T11249] Call Trace:
[  452.958419][T11249]  <TASK>
[  452.958427][T11249]  dump_stack_lvl+0x241/0x360
[  452.958465][T11249]  ? __pfx_dump_stack_lvl+0x10/0x10
[  452.958496][T11249]  ? __pfx__printk+0x10/0x10
[  452.958539][T11249]  should_fail_ex+0x424/0x570
[  452.958566][T11249]  _copy_from_user+0x2d/0xb0
[  452.958598][T11249]  copy_msghdr_from_user+0xb3/0x580
[  452.958633][T11249]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  452.958659][T11249]  ? __fget_files+0x2a/0x420
[  452.958682][T11249]  ? __fget_files+0x2a/0x420
[  452.958710][T11249]  __sys_sendmsg+0x20a/0x360
[  452.958746][T11249]  ? __pfx___sys_sendmsg+0x10/0x10
[  452.958826][T11249]  ? do_syscall_64+0xb6/0x230
[  452.958856][T11249]  do_syscall_64+0xf3/0x230
[  452.958882][T11249]  ? clear_bhb_loop+0x45/0xa0
[  452.958907][T11249]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  452.958927][T11249] RIP: 0033:0x7f161238e169
[  452.958946][T11249] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  452.958963][T11249] RSP: 002b:00007f16131db038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  452.958986][T11249] RAX: ffffffffffffffda RBX: 00007f16125b5fa0 RCX: 00007f161238e169
[  452.959001][T11249] RDX: 0000000000000000 RSI: 0000200000000bc0 RDI: 0000000000000004
[  452.959014][T11249] RBP: 00007f16131db090 R08: 0000000000000000 R09: 0000000000000000
[  452.959027][T11249] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  452.959039][T11249] R13: 0000000000000000 R14: 00007f16125b5fa0 R15: 00007f16126dfa28
[  452.959071][T11249]  </TASK>
[  453.336791][ T5886] usb 1-1: Using ep0 maxpacket: 32
[  453.348599][ T5886] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  453.379138][ T5886] usb 1-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  453.407634][ T5886] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  453.415705][ T5886] usb 1-1: Product: syz
[  453.423811][T11252] FAULT_INJECTION: forcing a failure.
[  453.423811][T11252] name failslab, interval 1, probability 0, space 0, times 0
[  453.445527][T11252] CPU: 0 UID: 0 PID: 11252 Comm: syz.3.1705 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  453.445558][T11252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  453.445571][T11252] Call Trace:
[  453.445580][T11252]  <TASK>
[  453.445588][T11252]  dump_stack_lvl+0x241/0x360
[  453.445627][T11252]  ? __pfx_dump_stack_lvl+0x10/0x10
[  453.445670][T11252]  ? __pfx__printk+0x10/0x10
[  453.445704][T11252]  ? __pfx___might_resched+0x10/0x10
[  453.445735][T11252]  should_fail_ex+0x424/0x570
[  453.445763][T11252]  should_failslab+0xac/0x100
[  453.445794][T11252]  __kmalloc_noprof+0xdf/0x4d0
[  453.445824][T11252]  ? io_cache_alloc_new+0x44/0x100
[  453.445854][T11252]  ? __lock_acquire+0xad5/0xd80
[  453.445880][T11252]  io_cache_alloc_new+0x44/0x100
[  453.445916][T11252]  __io_prep_rw+0x228/0xd30
[  453.445945][T11252]  ? __pfx___io_prep_rw+0x10/0x10
[  453.445965][T11252]  ? percpu_ref_get_many+0x1f/0x1d0
[  453.446004][T11252]  ? __asan_memset+0x23/0x50
[  453.446028][T11252]  io_prep_rwv+0x96/0x460
[  453.446053][T11252]  ? __pfx_io_prep_rwv+0x10/0x10
[  453.446084][T11252]  ? io_task_refs_refill+0xbb/0x180
[  453.446118][T11252]  io_submit_sqes+0x94c/0x1ce0
[  453.446174][T11252]  __se_sys_io_uring_enter+0x2cd/0x3560
[  453.446204][T11252]  ? rcu_read_lock_any_held+0xbb/0x160
[  453.446234][T11252]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  453.446267][T11252]  ? vfs_write+0xb29/0xd10
[  453.446301][T11252]  ? ksys_write+0x24e/0x2d0
[  453.446332][T11252]  ? __pfx___se_sys_io_uring_enter+0x10/0x10
[  453.446363][T11252]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  453.446389][T11252]  ? __fget_files+0x2a/0x420
[  453.446412][T11252]  ? __fget_files+0x2a/0x420
[  453.446438][T11252]  ? fput+0x9b/0xd0
[  453.446458][T11252]  ? ksys_write+0x275/0x2d0
[  453.446493][T11252]  ? __x64_sys_io_uring_enter+0x21/0xf0
[  453.446520][T11252]  do_syscall_64+0xf3/0x230
[  453.446547][T11252]  ? clear_bhb_loop+0x45/0xa0
[  453.446572][T11252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.446593][T11252] RIP: 0033:0x7fdb0f38e169
[  453.446611][T11252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  453.446629][T11252] RSP: 002b:00007fdb1012b038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  453.446652][T11252] RAX: ffffffffffffffda RBX: 00007fdb0f5b5fa0 RCX: 00007fdb0f38e169
[  453.446675][T11252] RDX: 0000000000000002 RSI: 0000000000004d10 RDI: 0000000000000004
[  453.446687][T11252] RBP: 00007fdb1012b090 R08: 0000000000000000 R09: 0000000000000000
[  453.446701][T11252] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  453.446713][T11252] R13: 0000000000000000 R14: 00007fdb0f5b5fa0 R15: 00007fdb0f6dfa28
[  453.446745][T11252]  </TASK>
[  453.466116][ T5886] usb 1-1: Manufacturer: syz
[  453.469767][    C0] vkms_vblank_simulate: vblank timer overrun
[  453.487673][ T5886] usb 1-1: SerialNumber: syz
[  453.609128][T11253] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1706'.
[  453.665078][ T5886] usb 1-1: config 0 descriptor??
[  454.281766][T11266] netlink: 'syz.3.1709': attribute type 27 has an invalid length.
[  454.398865][T11266] bridge0: port 2(bridge_slave_1) entered disabled state
[  454.406274][T11266] bridge0: port 1(bridge_slave_0) entered disabled state
[  454.770336][T11266] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  454.822892][T11266] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  455.117949][   T47] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[  455.235807][T11288] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1716'.
[  455.248469][T11266] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  455.258264][T11266] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  455.267374][T11266] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  455.277083][T11266] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  455.339158][T11266] bond0: left promiscuous mode
[  455.344061][T11266] bond_slave_0: left promiscuous mode
[  455.361659][   T47] usb 5-1: Using ep0 maxpacket: 16
[  455.368923][   T47] usb 5-1: config 0 has an invalid interface number: 161 but max is 0
[  455.377328][   T47] usb 5-1: config 0 has no interface number 0
[  455.383702][   T47] usb 5-1: config 0 interface 161 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 64
[  455.402534][   T47] usb 5-1: New USB device found, idVendor=0bfd, idProduct=0102, bcdDevice=9a.fd
[  455.414813][   T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  455.422944][   T47] usb 5-1: Product: syz
[  455.427218][   T47] usb 5-1: Manufacturer: syz
[  455.435975][   T47] usb 5-1: SerialNumber: syz
[  455.444136][   T47] usb 5-1: config 0 descriptor??
[  455.452792][T11277] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  455.466194][   T47] kvaser_usb 5-1:0.161: error -ENODEV: Cannot get usb endpoint(s)
[  455.514263][ T5838] usb 1-1: USB disconnect, device number 74
[  455.529750][T11266] macvlan2: left promiscuous mode
[  455.624966][T11266] macvlan3: left allmulticast mode
[  455.643190][T11266] bond3: left allmulticast mode
[  455.655996][T11266] gretap1: left allmulticast mode
[  455.665357][T11266] mac80211_hwsim hwsim6 wlan0: left allmulticast mode
[  455.674014][T11266] macvlan4: left allmulticast mode
[  455.931073][T11269] 8021q: adding VLAN 0 to HW filter on device team0
[  455.964779][T11269] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  456.023750][T11276] netlink: 'syz.4.1712': attribute type 12 has an invalid length.
[  456.032045][T11276] netlink: 'syz.4.1712': attribute type 29 has an invalid length.
[  456.047063][T11276] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1712'.
[  456.056888][T11276] netlink: 'syz.4.1712': attribute type 2 has an invalid length.
[  456.068072][T11276] netlink: 43 bytes leftover after parsing attributes in process `syz.4.1712'.
[  456.086058][   T10] usb 5-1: USB disconnect, device number 72
[  456.109943][T11288] dummy0: entered promiscuous mode
[  456.116178][T11288] dummy0: left promiscuous mode
[  456.360515][T11295] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1718'.
[  456.373258][T11295] bridge_slave_0: entered promiscuous mode
[  456.796153][T11300] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1720'.
[  456.807691][ T5894] usb 3-1: new high-speed USB device number 73 using dummy_hcd
[  457.017725][ T5894] usb 3-1: Using ep0 maxpacket: 16
[  457.044478][ T5894] usb 3-1: config 1 has an invalid descriptor of length 97, skipping remainder of the config
[  457.077773][ T5894] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  457.120142][ T5894] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  457.157635][ T5894] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  457.196316][ T5894] usb 3-1: Product: syz
[  457.234205][ T5894] usb 3-1: Manufacturer: syz
[  457.260626][ T5894] usb 3-1: SerialNumber: syz
[  457.808259][ T5894] usb 3-1: 0:2 : does not exist
[  457.832326][ T5894] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  457.953820][ T5894] usb 3-1: USB disconnect, device number 73
[  458.055530][T11333] netlink: 156 bytes leftover after parsing attributes in process `syz.2.1733'.
[  458.234255][ T6250] udevd[6250]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  458.666778][T11356] FAULT_INJECTION: forcing a failure.
[  458.666778][T11356] name failslab, interval 1, probability 0, space 0, times 0
[  458.736730][T11356] CPU: 0 UID: 0 PID: 11356 Comm: syz.0.1741 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  458.736762][T11356] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  458.736775][T11356] Call Trace:
[  458.736783][T11356]  <TASK>
[  458.736792][T11356]  dump_stack_lvl+0x241/0x360
[  458.736829][T11356]  ? __pfx_dump_stack_lvl+0x10/0x10
[  458.736857][T11356]  ? __pfx__printk+0x10/0x10
[  458.736887][T11356]  ? __pfx___might_resched+0x10/0x10
[  458.736915][T11356]  should_fail_ex+0x424/0x570
[  458.736941][T11356]  should_failslab+0xac/0x100
[  458.736973][T11356]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  458.737002][T11356]  ? __alloc_skb+0x1c2/0x480
[  458.737023][T11356]  __alloc_skb+0x1c2/0x480
[  458.737046][T11356]  ? __pfx___alloc_skb+0x10/0x10
[  458.737074][T11356]  netlink_sendmsg+0x638/0xcd0
[  458.737114][T11356]  ? __pfx_netlink_sendmsg+0x10/0x10
[  458.737145][T11356]  ? aa_sock_msg_perm+0x91/0x160
[  458.737177][T11356]  ? __pfx_netlink_sendmsg+0x10/0x10
[  458.737203][T11356]  __sock_sendmsg+0x221/0x270
[  458.737231][T11356]  ____sys_sendmsg+0x523/0x860
[  458.737289][T11356]  ? __pfx_____sys_sendmsg+0x10/0x10
[  458.737308][T11356]  ? __fget_files+0x2a/0x420
[  458.737328][T11356]  ? __fget_files+0x2a/0x420
[  458.737354][T11356]  __sys_sendmsg+0x271/0x360
[  458.737380][T11356]  ? __pfx___sys_sendmsg+0x10/0x10
[  458.737452][T11356]  ? do_syscall_64+0xb6/0x230
[  458.737478][T11356]  do_syscall_64+0xf3/0x230
[  458.737504][T11356]  ? clear_bhb_loop+0x45/0xa0
[  458.737527][T11356]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  458.737546][T11356] RIP: 0033:0x7f0763f8e169
[  458.737563][T11356] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  458.737580][T11356] RSP: 002b:00007f0764e0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  458.737602][T11356] RAX: ffffffffffffffda RBX: 00007f07641b5fa0 RCX: 00007f0763f8e169
[  458.737616][T11356] RDX: 0000000000000000 RSI: 0000200000000bc0 RDI: 0000000000000004
[  458.737629][T11356] RBP: 00007f0764e0f090 R08: 0000000000000000 R09: 0000000000000000
[  458.737642][T11356] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  458.737654][T11356] R13: 0000000000000000 R14: 00007f07641b5fa0 R15: 00007f07642dfa28
[  458.737685][T11356]  </TASK>
[  458.963974][    C0] vkms_vblank_simulate: vblank timer overrun
[  459.135670][T11362] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1743'.
[  459.148624][ T5894] usb 2-1: new high-speed USB device number 72 using dummy_hcd
[  459.275831][T11367] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1745'.
[  459.327745][ T5894] usb 2-1: Using ep0 maxpacket: 8
[  459.342887][ T5894] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[  459.354023][ T5894] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  459.369695][ T5894] usb 2-1: Product: syz
[  459.387887][ T5894] usb 2-1: Manufacturer: syz
[  459.392587][ T5894] usb 2-1: SerialNumber: syz
[  459.448715][ T5894] usb 2-1: config 0 descriptor??
[  459.665698][T11360] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  459.704850][T11360] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  459.729391][ T5894] usb 2-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[  459.989565][T11382] loop2: detected capacity change from 0 to 7
[  460.004887][T11382] Dev loop2: unable to read RDB block 7
[  460.012182][T11382]  loop2: unable to read partition table
[  460.023871][T11382] loop2: partition table beyond EOD, truncated
[  460.028145][   T47] usb 4-1: new low-speed USB device number 67 using dummy_hcd
[  460.037598][T11382] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  460.233136][   T47] usb 4-1: string descriptor 0 read error: -22
[  460.240368][   T47] usb 4-1: New USB device found, idVendor=1415, idProduct=0003, bcdDevice=65.5d
[  460.251977][   T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  460.267850][   T47] usb 4-1: config 0 descriptor??
[  460.341382][T11360] openvswitch: netlink: Message has 8 unknown bytes.
[  460.357076][T11360] IPv6: addrconf: prefix option has invalid lifetime
[  460.385330][T11360] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  460.407421][T11360] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  460.436254][ T5894] usb write operation failed. (-71)
[  460.460087][ T5894] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  460.487275][T11378] netlink: 'syz.3.1749': attribute type 4 has an invalid length.
[  460.497050][ T5894] dvbdev: DVB: registering new adapter (Terratec H7)
[  460.510267][T11389] ALSA: mixer_oss: invalid OSS volume 'M'
[  460.527113][   T47] dvb-usb: found a 'Sony PlayTV' in cold state, will try to load a firmware
[  460.540332][ T5894] usb 2-1: media controller created
[  460.561244][ T5894] usb read operation failed. (-71)
[  460.569362][   T47] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  460.578089][   T47] dib0700: firmware download failed at 7 with -22
[  460.587790][ T5894] usb write operation failed. (-71)
[  460.611688][ T5894] dvb_usb_az6007 2-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[  460.629152][   T47] usb 4-1: USB disconnect, device number 67
[  460.650706][ T5894] usb 2-1: USB disconnect, device number 72
[  460.710370][   T10] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[  460.728035][T11393] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1755'.
[  460.743361][T11393] 8021q: VLANs not supported on gre0
[  460.888868][   T10] usb 5-1: Using ep0 maxpacket: 16
[  460.895697][   T10] usb 5-1: config 0 has an invalid interface number: 41 but max is 0
[  460.905135][   T10] usb 5-1: config 0 has no interface number 0
[  460.911552][   T10] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  460.921880][   T10] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  460.932671][   T10] usb 5-1: config 0 interface 41 has no altsetting 0
[  460.944805][T11399] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1757'.
[  460.946298][   T10] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[  460.972914][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  460.978445][ T5886] usb 3-1: new high-speed USB device number 74 using dummy_hcd
[  460.984931][   T10] usb 5-1: Product: syz
[  460.993296][   T10] usb 5-1: Manufacturer: syz
[  460.999334][   T10] usb 5-1: SerialNumber: syz
[  461.025004][   T10] usb 5-1: config 0 descriptor??
[  461.048756][T11390] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  461.060229][T11390] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  461.151582][ T5886] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 56, changing to 9
[  461.171462][ T5886] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 8703, setting to 1024
[  461.179547][T11402] input: syz1 as /devices/virtual/input/input32
[  461.193498][ T5886] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  461.221914][ T5886] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  461.273614][ T5886] usb 3-1: config 0 descriptor??
[  461.282791][T11390] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  461.298310][T11390] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  461.487851][ T5838] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[  461.499579][T11408] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1756'.
[  461.533462][ T5886] ath6kl: Failed to submit usb control message: -71
[  461.558958][ T5886] ath6kl: unable to send the bmi data to the device: -71
[  461.581733][ T5894] usb 4-1: new high-speed USB device number 68 using dummy_hcd
[  461.594241][ T5886] ath6kl: Unable to send get target info: -71
[  461.605076][ T5886] ath6kl: Failed to init ath6kl core: -71
[  461.620850][ T5886] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -71
[  461.671067][ T5838] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  461.681733][ T5886] usb 3-1: USB disconnect, device number 74
[  461.689644][ T5838] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  461.706545][ T5838] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  461.730894][   T10] Error reading MAC address
[  461.748078][ T5838] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  461.755157][ T5894] usb 4-1: Using ep0 maxpacket: 32
[  461.783100][ T5838] usb 2-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  461.787017][ T5894] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  461.808949][ T5838] usb 2-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  461.817362][ T5838] usb 2-1: Manufacturer: syz
[  461.832169][ T5894] usb 4-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  461.840158][ T5838] usb 2-1: config 0 descriptor??
[  461.848833][ T5894] usb 4-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  461.865728][ T5894] usb 4-1: Product: syz
[  461.872925][ T5894] usb 4-1: Manufacturer: syz
[  461.880737][ T5894] usb 4-1: SerialNumber: syz
[  461.902440][ T5894] usb 4-1: config 0 descriptor??
[  461.921991][T11407] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  461.932151][T11390] x_tables: duplicate underflow at hook 2
[  461.939677][T11390] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  461.944422][ T5894] hub 4-1:0.0: bad descriptor, ignoring hub
[  461.947025][T11390] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  461.962854][ T5894] hub 4-1:0.0: probe with driver hub failed with error -5
[  461.997480][T11419] random: crng reseeded on system resumption
[  462.187248][   T10] sr9700 5-1:0.41 (unnamed net_device) (uninitialized): Error reading MAC address
[  462.204700][   T10] usb 5-1: USB disconnect, device number 73
[  462.271580][ T5838] appleir 0003:05AC:8243.0013: unknown main item tag 0x0
[  462.295710][ T5838] appleir 0003:05AC:8243.0013: No inputs registered, leaving
[  462.341917][ T5838] appleir 0003:05AC:8243.0013: hiddev1,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.1-1/input0
[  462.501745][   T10] usb 2-1: USB disconnect, device number 73
[  462.913521][T11431] cgroup: fork rejected by pids controller in /syz4
[  463.367881][ T5894] usb 4-1: USB disconnect, device number 68
[  463.702222][ T5894] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[  463.911899][ T5894] usb 2-1: config index 0 descriptor too short (expected 43540, got 77)
[  463.931342][ T5894] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  463.955870][ T5894] usb 2-1: config 0 has no interfaces?
[  463.969729][ T5894] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  464.006820][ T5894] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  464.017710][ T5838] usb 1-1: new high-speed USB device number 75 using dummy_hcd
[  464.021645][ T5894] usb 2-1: Product: syz
[  464.030036][ T5894] usb 2-1: Manufacturer: syz
[  464.041709][ T5894] usb 2-1: SerialNumber: syz
[  464.061840][ T5894] usb 2-1: config 0 descriptor??
[  464.216549][ T5838] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  464.246061][ T5838] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  464.269545][   T13] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.285718][ T5838] usb 1-1: config 0 descriptor??
[  464.378968][   T13] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.545683][   T13] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.839358][   T13] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  464.941269][T11443] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1771'.
[  465.588082][ T5894] usb 3-1: new high-speed USB device number 75 using dummy_hcd
[  465.615447][   T13] bridge_slave_1: left allmulticast mode
[  465.652254][   T13] bridge_slave_1: left promiscuous mode
[  465.671824][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  465.782854][ T5894] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  465.792439][ T5894] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  465.805327][   T13] bridge_slave_0: left allmulticast mode
[  465.827141][   T13] bridge_slave_0: left promiscuous mode
[  465.850285][ T5894] usb 3-1: Product: syz
[  465.878518][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  465.912563][ T5894] usb 3-1: Manufacturer: syz
[  465.925394][ T5894] usb 3-1: SerialNumber: syz
[  465.979471][ T5894] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  466.015418][ T6235] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  466.464259][T11448] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  466.518428][T11448] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  466.580966][   T10] usb 3-1: USB disconnect, device number 75
[  466.713701][   T55] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  466.724178][   T55] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  466.732533][   T55] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  466.741787][   T55] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  466.750364][   T55] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  466.889686][ T5838] usb 1-1: Cannot set autoneg
[  466.925255][ T5838] MOSCHIP usb-ethernet driver 1-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  467.021276][ T5838] usb 1-1: USB disconnect, device number 75
[  467.157673][ T6235] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  467.164793][ T6235] ath9k_htc: Failed to initialize the device
[  467.266949][   T10] usb 3-1: ath9k_htc: USB layer deinitialized
[  467.311690][   T47] usb 2-1: USB disconnect, device number 74
[  467.435173][   T13] bridge0 (unregistering): left promiscuous mode
[  467.555762][T11476] loop2: detected capacity change from 0 to 7
[  467.592880][T11476] Dev loop2: unable to read RDB block 7
[  467.639507][T11476]  loop2: unable to read partition table
[  467.645471][T11476] loop2: partition table beyond EOD, truncated
[  467.675725][   T13] bond0 (unregistering): left promiscuous mode
[  467.684942][T11476] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  467.684951][   T13] bond_slave_0: left promiscuous mode
[  467.705337][   T13] bond_slave_1: left promiscuous mode
[  467.711209][   T10] usb 3-1: new high-speed USB device number 76 using dummy_hcd
[  467.825452][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  467.848066][   T10] usb 3-1: device descriptor read/64, error -71
[  467.869906][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  467.891566][   T13] bond0 (unregistering): Released all slaves
[  468.035609][   T13] tipc: Left network mode
[  468.101772][   T10] usb 3-1: new high-speed USB device number 77 using dummy_hcd
[  468.129573][ T5887] usb 4-1: new high-speed USB device number 69 using dummy_hcd
[  468.268894][   T10] usb 3-1: device descriptor read/64, error -71
[  468.307692][ T5887] usb 4-1: Using ep0 maxpacket: 16
[  468.332148][ T5887] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  468.410029][   T10] usb usb3-port1: attempt power cycle
[  468.428834][ T5887] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  468.506139][ T5887] usb 4-1: config 0 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  468.610907][ T5887] usb 4-1: config 0 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  468.655994][ T5887] usb 4-1: config 0 interface 0 has no altsetting 0
[  468.674569][ T5887] usb 4-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[  468.690229][ T5887] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  468.745361][ T5887] usb 4-1: config 0 descriptor??
[  468.826127][   T13] mac80211_hwsim hwsim8 wlan0 (unregistering): left allmulticast mode
[  468.835475][   T10] usb 3-1: new high-speed USB device number 78 using dummy_hcd
[  468.843693][ T5840] Bluetooth: hci2: command tx timeout
[  468.879026][   T10] usb 3-1: device descriptor read/8, error -71
[  469.137799][   T10] usb 3-1: new high-speed USB device number 79 using dummy_hcd
[  469.169195][   T10] usb 3-1: device descriptor read/8, error -71
[  469.197393][ T5887] hid (null): unknown global tag 0xd
[  469.202735][T11505] vlan0: entered promiscuous mode
[  469.232014][ T5887] hid (null): unknown global tag 0x35
[  469.259096][ T5887] hid (null): unknown global tag 0xe
[  469.288074][   T10] usb usb3-port1: unable to enumerate USB device
[  469.358396][ T5887] input: HID 0458:5010 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0458:5010.0014/input/input33
[  469.381918][T11466] chnl_net:caif_netlink_parms(): no params data found
[  469.416835][ T5887] kye 0003:0458:5010.0014: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.3-1/input0
[  469.497324][ T5887] usb 4-1: USB disconnect, device number 69
[  469.641910][   T13] hsr_slave_0: left promiscuous mode
[  469.677994][   T13] hsr_slave_1: left promiscuous mode
[  469.694504][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  469.720146][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  469.729155][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  469.763151][   T13] veth0_macvtap: left promiscuous mode
[  469.774194][   T13] veth1_vlan: left promiscuous mode
[  469.780836][   T13] veth0_vlan: left promiscuous mode
[  470.585165][ T6235] usb 1-1: new high-speed USB device number 76 using dummy_hcd
[  470.765149][T11521] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1789'.
[  470.890059][ T6235] usb 1-1: config index 0 descriptor too short (expected 43540, got 77)
[  470.901563][ T6235] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  470.917986][ T5840] Bluetooth: hci2: command tx timeout
[  470.927717][ T6235] usb 1-1: config 0 has no interfaces?
[  470.940989][ T6235] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  470.956449][ T6235] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  470.964705][ T6235] usb 1-1: Product: syz
[  470.978197][ T6235] usb 1-1: Manufacturer: syz
[  470.986848][ T6235] usb 1-1: SerialNumber: syz
[  471.010810][ T6235] usb 1-1: config 0 descriptor??
[  472.010231][T11531] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1791'.
[  472.074066][   T13] team0 (unregistering): Port device team_slave_1 removed
[  472.294451][   T13] team0 (unregistering): Port device team_slave_0 removed
[  472.991096][ T5840] Bluetooth: hci2: command tx timeout
[  473.024383][   T13] team0 (unregistering): Port device batadv0 removed
[  473.243432][   T47] usb 1-1: USB disconnect, device number 76
[  473.915092][T11521] vlan3: entered promiscuous mode
[  473.964839][T11531] netlink: 368 bytes leftover after parsing attributes in process `syz.1.1791'.
[  474.360768][T11466] bridge0: port 1(bridge_slave_0) entered blocking state
[  474.394576][T11466] bridge0: port 1(bridge_slave_0) entered disabled state
[  474.428560][T11466] bridge_slave_0: entered allmulticast mode
[  474.469885][T11466] bridge_slave_0: entered promiscuous mode
[  474.524885][T11466] bridge0: port 2(bridge_slave_1) entered blocking state
[  474.553065][T11466] bridge0: port 2(bridge_slave_1) entered disabled state
[  474.571853][T11466] bridge_slave_1: entered allmulticast mode
[  474.590436][T11466] bridge_slave_1: entered promiscuous mode
[  475.068085][ T5840] Bluetooth: hci2: command tx timeout
[  475.133465][T11466] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  475.174592][T11466] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  475.441721][T11466] team0: Port device team_slave_0 added
[  475.563378][T11466] team0: Port device team_slave_1 added
[  475.781919][T11466] batman_adv: batadv0: Adding interface: batadv_slave_0
[  475.825174][T11466] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  475.926199][T11466] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  476.009868][T11466] batman_adv: batadv0: Adding interface: batadv_slave_1
[  476.047412][T11466] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  476.073420][    C1] vkms_vblank_simulate: vblank timer overrun
[  476.192902][T11466] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  476.537836][T11600] loop2: detected capacity change from 0 to 7
[  476.578240][T11600] Dev loop2: unable to read RDB block 7
[  476.590447][T11600]  loop2: unable to read partition table
[  476.607864][T11600] loop2: partition table beyond EOD, truncated
[  476.630291][T11600] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  476.759220][T11466] hsr_slave_0: entered promiscuous mode
[  476.782260][T11466] hsr_slave_1: entered promiscuous mode
[  476.803083][T11601] ima: Can not allocate md4 (reason: -2)
[  476.815159][T11466] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  476.828609][   T30] audit: type=1800 audit(1744904863.619:157): pid=11601 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1806" name="/" dev="fuse" ino=1 res=0 errno=0
[  476.855423][T11466] Cannot create hsr debugfs directory
[  477.123103][T11617] fuse: Bad value for 'fd'
[  477.583068][T11625] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1814'.
[  477.672843][T11625] 8021q: VLANs not supported on gre0
[  479.377849][T11651] vlan0: entered promiscuous mode
[  479.543981][T11466] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  479.598567][T11466] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  479.703690][T11466] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  479.800031][T11466] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  480.058060][  T882] usb 4-1: new low-speed USB device number 70 using dummy_hcd
[  480.207352][T11663] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1823'.
[  480.229613][T11663] netlink: 'syz.1.1823': attribute type 7 has an invalid length.
[  480.249193][T11663] netlink: 'syz.1.1823': attribute type 8 has an invalid length.
[  480.250389][  T882] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  480.256993][T11663] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1823'.
[  480.305860][  T882] usb 4-1: config 0 has no interface number 0
[  480.331684][T11466] 8021q: adding VLAN 0 to HW filter on device bond0
[  480.355040][  T882] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  480.374187][  T882] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  480.375921][T11663] gretap0: entered promiscuous mode
[  480.391594][  T882] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  480.418590][  T882] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  480.442870][T11663] batadv_slave_1: entered promiscuous mode
[  480.450363][  T882] usb 4-1: config 0 descriptor??
[  480.461354][T11655] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  480.469538][T11667] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1825'.
[  480.489502][T11663] gretap0: left promiscuous mode
[  480.494711][  T882] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  480.506607][T11663] batadv_slave_1: left promiscuous mode
[  480.580832][T11466] 8021q: adding VLAN 0 to HW filter on device team0
[  480.630871][ T1334] bridge0: port 1(bridge_slave_0) entered blocking state
[  480.639296][ T1334] bridge0: port 1(bridge_slave_0) entered forwarding state
[  480.766966][ T1334] bridge0: port 2(bridge_slave_1) entered blocking state
[  480.774262][ T1334] bridge0: port 2(bridge_slave_1) entered forwarding state
[  480.951640][T11677] FAULT_INJECTION: forcing a failure.
[  480.951640][T11677] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  481.003622][T11677] CPU: 1 UID: 0 PID: 11677 Comm: syz.0.1827 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  481.003656][T11677] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  481.003670][T11677] Call Trace:
[  481.003679][T11677]  <TASK>
[  481.003688][T11677]  dump_stack_lvl+0x241/0x360
[  481.003729][T11677]  ? __pfx_dump_stack_lvl+0x10/0x10
[  481.003760][T11677]  ? __pfx__printk+0x10/0x10
[  481.003805][T11677]  should_fail_ex+0x424/0x570
[  481.003834][T11677]  _copy_from_iter+0x211/0x1c70
[  481.003877][T11677]  ? __build_skb_around+0x247/0x3d0
[  481.003904][T11677]  ? __alloc_skb+0x298/0x480
[  481.003924][T11677]  ? __pfx__copy_from_iter+0x10/0x10
[  481.003956][T11677]  ? __pfx___alloc_skb+0x10/0x10
[  481.003980][T11677]  ? skb_put+0x114/0x1f0
[  481.004006][T11677]  netlink_sendmsg+0x73c/0xcd0
[  481.004053][T11677]  ? __pfx_netlink_sendmsg+0x10/0x10
[  481.004089][T11677]  ? aa_sock_msg_perm+0x91/0x160
[  481.004126][T11677]  ? __pfx_netlink_sendmsg+0x10/0x10
[  481.004155][T11677]  __sock_sendmsg+0x221/0x270
[  481.004189][T11677]  ____sys_sendmsg+0x523/0x860
[  481.004222][T11677]  ? __pfx_____sys_sendmsg+0x10/0x10
[  481.004244][T11677]  ? __fget_files+0x2a/0x420
[  481.004268][T11677]  ? __fget_files+0x2a/0x420
[  481.004298][T11677]  __sys_sendmsg+0x271/0x360
[  481.004327][T11677]  ? __pfx___sys_sendmsg+0x10/0x10
[  481.004409][T11677]  ? do_syscall_64+0xb6/0x230
[  481.004440][T11677]  do_syscall_64+0xf3/0x230
[  481.004467][T11677]  ? clear_bhb_loop+0x45/0xa0
[  481.004492][T11677]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  481.004513][T11677] RIP: 0033:0x7f0763f8e169
[  481.004533][T11677] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  481.004551][T11677] RSP: 002b:00007f0764e0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  481.004575][T11677] RAX: ffffffffffffffda RBX: 00007f07641b5fa0 RCX: 00007f0763f8e169
[  481.004591][T11677] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  481.004605][T11677] RBP: 00007f0764e0f090 R08: 0000000000000000 R09: 0000000000000000
[  481.004619][T11677] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  481.004632][T11677] R13: 0000000000000000 R14: 00007f07641b5fa0 R15: 00007f07642dfa28
[  481.004664][T11677]  </TASK>
[  481.110885][T11466] 8021q: adding VLAN 0 to HW filter on device batadv0
[  481.114204][    C1] vkms_vblank_simulate: vblank timer overrun
[  481.246171][    C1] vkms_vblank_simulate: vblank timer overrun
[  481.252169][    C1] hrtimer: interrupt took 244651175 ns
[  481.352233][    C1] vkms_vblank_simulate: vblank timer overrun
[  481.359725][T11684] fuse: Bad value for 'fd'
[  481.382021][ T6235] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[  481.421408][T11466] veth0_vlan: entered promiscuous mode
[  481.434758][T11466] veth1_vlan: entered promiscuous mode
[  481.504086][T11466] veth0_macvtap: entered promiscuous mode
[  481.515182][T11466] veth1_macvtap: entered promiscuous mode
[  481.536997][T11466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  481.548552][T11466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  481.558545][T11466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  481.577390][T11466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  481.607745][ T6235] usb 3-1: Using ep0 maxpacket: 8
[  481.613471][T11466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  481.661394][ T6235] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  481.680815][ T6235] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  481.719586][T11466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  481.741272][ T6235] usb 3-1: Product: syz
[  481.752687][ T6235] usb 3-1: Manufacturer: syz
[  481.765181][T11466] batman_adv: batadv0: Interface activated: batadv_slave_0
[  481.777679][ T6235] usb 3-1: SerialNumber: syz
[  481.829200][ T6235] usb 3-1: config 0 descriptor??
[  481.921224][T11466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  482.010734][T11466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.031101][T11466] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  482.080413][ T6235] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  482.102864][T11466] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  482.117345][T11466] batman_adv: batadv0: Interface activated: batadv_slave_1
[  482.226286][T11466] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  482.245811][T11466] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  482.276225][T11466] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  482.287058][T11466] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  482.919146][  T882] usb 4-1: USB disconnect, device number 70
[  483.292753][ T1334] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  483.341963][ T1334] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  483.703325][ T7866] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  483.736891][ T7866] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  484.123187][ T6235] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[  484.141702][ T6235] usb 3-1: USB disconnect, device number 80
[  484.679942][T11742] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1839'.
[  484.697602][T11736] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(4)
[  484.704172][T11736] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  484.768970][T11736] vhci_hcd vhci_hcd.0: Device attached
[  484.775267][T11739] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1838'.
[  484.804564][T11743] vhci_hcd: connection closed
[  484.815175][ T7871] vhci_hcd: stop threads
[  484.846527][ T7871] vhci_hcd: release socket
[  484.860264][ T7871] vhci_hcd: disconnect device
[  484.924040][T11750] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1841'.
[  484.961475][T11749] netlink: 156 bytes leftover after parsing attributes in process `syz.3.1842'.
[  484.974682][T11750] 8021q: VLANs not supported on gre0
[  485.189454][T11757] vlan2: entered promiscuous mode
[  485.236799][T11762] fuse: Bad value for 'fd'
[  486.066807][T11778] FAULT_INJECTION: forcing a failure.
[  486.066807][T11778] name failslab, interval 1, probability 0, space 0, times 0
[  486.130453][T11780] FAULT_INJECTION: forcing a failure.
[  486.130453][T11780] name failslab, interval 1, probability 0, space 0, times 0
[  486.144177][T11780] CPU: 0 UID: 0 PID: 11780 Comm: syz.2.1850 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  486.144209][T11780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  486.144229][T11780] Call Trace:
[  486.144239][T11780]  <TASK>
[  486.144248][T11780]  dump_stack_lvl+0x241/0x360
[  486.144288][T11780]  ? __pfx_dump_stack_lvl+0x10/0x10
[  486.144319][T11780]  ? __pfx__printk+0x10/0x10
[  486.144347][T11780]  ? __lock_acquire+0xad5/0xd80
[  486.144382][T11780]  should_fail_ex+0x424/0x570
[  486.144411][T11780]  should_failslab+0xac/0x100
[  486.144443][T11780]  kmem_cache_alloc_noprof+0x78/0x390
[  486.144472][T11780]  ? skb_clone+0x20c/0x390
[  486.144503][T11780]  skb_clone+0x20c/0x390
[  486.144531][T11780]  __netlink_deliver_tap+0x3c4/0x7f0
[  486.144575][T11780]  ? netlink_deliver_tap+0x2e/0x1b0
[  486.144604][T11780]  netlink_deliver_tap+0x19d/0x1b0
[  486.144636][T11780]  netlink_unicast+0x7c6/0x9a0
[  486.144674][T11780]  ? __pfx_netlink_unicast+0x10/0x10
[  486.144704][T11780]  ? skb_put+0x114/0x1f0
[  486.144730][T11780]  netlink_sendmsg+0x8c3/0xcd0
[  486.144776][T11780]  ? __pfx_netlink_sendmsg+0x10/0x10
[  486.144811][T11780]  ? aa_sock_msg_perm+0x91/0x160
[  486.144846][T11780]  ? __pfx_netlink_sendmsg+0x10/0x10
[  486.144873][T11780]  __sock_sendmsg+0x221/0x270
[  486.144905][T11780]  ____sys_sendmsg+0x523/0x860
[  486.144939][T11780]  ? __pfx_____sys_sendmsg+0x10/0x10
[  486.144959][T11780]  ? __fget_files+0x2a/0x420
[  486.144983][T11780]  ? __fget_files+0x2a/0x420
[  486.145013][T11780]  __sys_sendmsg+0x271/0x360
[  486.145042][T11780]  ? __pfx___sys_sendmsg+0x10/0x10
[  486.145126][T11780]  ? do_syscall_64+0xb6/0x230
[  486.145157][T11780]  do_syscall_64+0xf3/0x230
[  486.145184][T11780]  ? clear_bhb_loop+0x45/0xa0
[  486.145210][T11780]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  486.145238][T11780] RIP: 0033:0x7f386798e169
[  486.145258][T11780] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  486.145276][T11780] RSP: 002b:00007f38688d1038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  486.145299][T11780] RAX: ffffffffffffffda RBX: 00007f3867bb5fa0 RCX: 00007f386798e169
[  486.145315][T11780] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[  486.145328][T11780] RBP: 00007f38688d1090 R08: 0000000000000000 R09: 0000000000000000
[  486.145341][T11780] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  486.145354][T11780] R13: 0000000000000000 R14: 00007f3867bb5fa0 R15: 00007f3867cdfa28
[  486.145388][T11780]  </TASK>
[  486.406638][T11778] CPU: 0 UID: 0 PID: 11778 Comm: syz.3.1849 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  486.406674][T11778] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  486.406688][T11778] Call Trace:
[  486.406697][T11778]  <TASK>
[  486.406706][T11778]  dump_stack_lvl+0x241/0x360
[  486.406744][T11778]  ? __pfx_dump_stack_lvl+0x10/0x10
[  486.406775][T11778]  ? __pfx__printk+0x10/0x10
[  486.406808][T11778]  ? __pfx___might_resched+0x10/0x10
[  486.406840][T11778]  should_fail_ex+0x424/0x570
[  486.406870][T11778]  should_failslab+0xac/0x100
[  486.406902][T11778]  __kmalloc_cache_noprof+0x73/0x370
[  486.406931][T11778]  ? nfnetlink_rcv+0x1037/0x28f0
[  486.406960][T11778]  nfnetlink_rcv+0x1037/0x28f0
[  486.407020][T11778]  ? __pfx_nfnetlink_rcv+0x10/0x10
[  486.407095][T11778]  ? skb_clone+0x240/0x390
[  486.407134][T11778]  ? netlink_deliver_tap+0x2e/0x1b0
[  486.407170][T11778]  ? netlink_deliver_tap+0x2e/0x1b0
[  486.407201][T11778]  netlink_unicast+0x7f8/0x9a0
[  486.407249][T11778]  ? __pfx_netlink_unicast+0x10/0x10
[  486.407279][T11778]  ? skb_put+0x114/0x1f0
[  486.407304][T11778]  netlink_sendmsg+0x8c3/0xcd0
[  486.407347][T11778]  ? __pfx_netlink_sendmsg+0x10/0x10
[  486.407382][T11778]  ? aa_sock_msg_perm+0x91/0x160
[  486.407419][T11778]  ? __pfx_netlink_sendmsg+0x10/0x10
[  486.407448][T11778]  __sock_sendmsg+0x221/0x270
[  486.407481][T11778]  ____sys_sendmsg+0x523/0x860
[  486.407520][T11778]  ? __pfx_____sys_sendmsg+0x10/0x10
[  486.407539][T11778]  ? __fget_files+0x2a/0x420
[  486.407563][T11778]  ? __fget_files+0x2a/0x420
[  486.407591][T11778]  __sys_sendmsg+0x271/0x360
[  486.407620][T11778]  ? __pfx___sys_sendmsg+0x10/0x10
[  486.407703][T11778]  ? do_syscall_64+0xb6/0x230
[  486.407736][T11778]  do_syscall_64+0xf3/0x230
[  486.407764][T11778]  ? clear_bhb_loop+0x45/0xa0
[  486.407790][T11778]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  486.407811][T11778] RIP: 0033:0x7fdb0f38e169
[  486.407831][T11778] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  486.407849][T11778] RSP: 002b:00007fdb1012b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  486.407872][T11778] RAX: ffffffffffffffda RBX: 00007fdb0f5b5fa0 RCX: 00007fdb0f38e169
[  486.407887][T11778] RDX: 0000000004000040 RSI: 00002000000000c0 RDI: 0000000000000003
[  486.407902][T11778] RBP: 00007fdb1012b090 R08: 0000000000000000 R09: 0000000000000000
[  486.407915][T11778] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  486.407928][T11778] R13: 0000000000000000 R14: 00007fdb0f5b5fa0 R15: 00007fdb0f6dfa28
[  486.407961][T11778]  </TASK>
[  487.310285][T11790] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1854'.
[  487.477706][ T5894] usb 4-1: new full-speed USB device number 71 using dummy_hcd
[  487.653835][ T5894] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  487.708377][ T5894] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[  487.723946][T11799] xt_CT: You must specify a L4 protocol and not use inversions on it
[  487.768762][ T5894] usb 4-1: config 0 interface 0 has no altsetting 0
[  487.818021][ T5894] usb 4-1: New USB device found, idVendor=5543, idProduct=3031, bcdDevice= 0.00
[  487.829593][ T5894] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  487.858826][ T5894] usb 4-1: config 0 descriptor??
[  487.967714][ T6235] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[  488.132916][ T6235] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  488.152722][ T6235] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  488.172318][ T6235] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  488.244875][ T6235] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  488.298642][ T5894] usbhid 4-1:0.0: can't add hid device: -71
[  488.305725][ T5894] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  488.335295][ T6235] usb 3-1: config 0 descriptor??
[  488.396359][ T5894] usb 4-1: USB disconnect, device number 71
[  488.719172][   T10] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[  488.900718][   T10] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  488.910194][   T10] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  488.949124][   T10] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  489.023090][   T10] usb 5-1: config 1 has no interface number 1
[  489.033719][   T10] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  489.036770][ T6235] usb 3-1: string descriptor 0 read error: -22
[  489.087103][   T10] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  489.098530][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  489.129807][   T10] usb 5-1: Product: syz
[  489.155996][   T10] usb 5-1: Manufacturer: syz
[  489.185798][   T10] usb 5-1: SerialNumber: syz
[  489.396603][ T6235] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0015/input/input34
[  489.622079][ T6235] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0015/input/input35
[  489.650132][   T10] usb 5-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  489.716847][   T10] usb 5-1: MIDIStreaming interface descriptor not found
[  489.845081][ T6235] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0015/input/input36
[  489.906083][   T10] usb 5-1: USB disconnect, device number 74
[  489.968770][ T6235] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:256C:006D.0015/input/input37
[  490.062392][ T6235] uclogic 0003:256C:006D.0015: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.2-1/input0
[  490.223447][ T6249] udevd[6249]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  490.299283][ T6235] usb 3-1: USB disconnect, device number 81
[  490.928074][ T5838] usb 2-1: new high-speed USB device number 75 using dummy_hcd
[  491.126426][ T5838] usb 2-1: config 0 has no interfaces?
[  491.139963][ T5838] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  491.195255][ T5838] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  491.263248][ T5838] usb 2-1: Product: syz
[  491.283339][ T5838] usb 2-1: Manufacturer: syz
[  491.295757][T11874] sctp: [Deprecated]: syz.2.1875 (pid 11874) Use of int in maxseg socket option.
[  491.295757][T11874] Use struct sctp_assoc_value instead
[  491.324436][T11875] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1874'.
[  491.339112][ T5838] usb 2-1: SerialNumber: syz
[  491.366530][T11875] 8021q: VLANs not supported on gre0
[  491.411861][ T5838] usb 2-1: config 0 descriptor??
[  491.489385][T11879] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1876'.
[  491.682497][ T5838] usb 2-1: USB disconnect, device number 75
[  491.868099][ T5894] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[  491.967866][ T5887] usb 1-1: new high-speed USB device number 77 using dummy_hcd
[  492.570853][ T5894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  492.588856][ T5894] usb 3-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00
[  492.590663][ T5887] usb 1-1: device descriptor read/64, error -71
[  492.616912][ T5894] usb 3-1: New USB device strings: Mfr=0, Product=223, SerialNumber=0
[  492.667813][ T5894] usb 3-1: Product: syz
[  492.682177][ T5894] usb 3-1: config 0 descriptor??
[  492.694824][ T5894] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  492.842005][ T5887] usb 1-1: new high-speed USB device number 78 using dummy_hcd
[  492.987697][ T5887] usb 1-1: device descriptor read/64, error -71
[  493.167835][ T5887] usb usb1-port1: attempt power cycle
[  493.198536][T11883] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  493.209275][T11883] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  493.587710][ T5887] usb 1-1: new high-speed USB device number 79 using dummy_hcd
[  493.638744][ T5887] usb 1-1: device descriptor read/8, error -71
[  493.841851][T11923] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1883'.
[  493.861227][T11923] dummy0: entered promiscuous mode
[  493.873955][T11923] dummy0: left promiscuous mode
[  493.887905][ T5887] usb 1-1: new high-speed USB device number 80 using dummy_hcd
[  493.911353][ T5887] usb 1-1: device descriptor read/8, error -71
[  493.937764][   T24] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[  494.038821][ T5887] usb usb1-port1: unable to enumerate USB device
[  494.099724][   T24] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  494.124089][   T24] usb 4-1: config 1 has no interface number 1
[  494.138991][   T24] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  494.155501][   T24] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 255, changing to 7
[  494.181522][   T24] usb 4-1: New USB device found, idVendor=1d6b, idProduct=8101, bcdDevice= 0.40
[  494.202235][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  494.213641][   T24] usb 4-1: Product: syz
[  494.218402][   T24] usb 4-1: Manufacturer: syz
[  494.224281][   T24] usb 4-1: SerialNumber: syz
[  494.250729][T11909] raw-gadget.3 gadget.3: fail, usb_ep_enable returned -22
[  494.502545][   T24] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor
[  494.517197][   T24] usb 4-1: 2:1: invalid format type 0x1001 is detected, processed as PCM
[  494.602219][   T24] usb 4-1: USB disconnect, device number 72
[  494.694348][T11932] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1886'.
[  494.841070][ T5923] udevd[5923]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  495.016603][ T5887] usb 3-1: USB disconnect, device number 82
[  495.177874][ T5838] usb 1-1: new high-speed USB device number 81 using dummy_hcd
[  495.379164][ T5838] usb 1-1: config 0 has no interfaces?
[  495.387401][ T5838] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  495.410057][ T5838] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  495.485339][ T5838] usb 1-1: Product: syz
[  495.513608][ T5838] usb 1-1: Manufacturer: syz
[  495.533905][ T5838] usb 1-1: SerialNumber: syz
[  495.589279][ T5838] usb 1-1: config 0 descriptor??
[  495.737984][ T5887] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[  496.684668][ T5887] usb 5-1: config 0 has no interfaces?
[  496.692456][ T5887] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  496.727676][ T5887] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  496.737278][ T6235] usb 1-1: USB disconnect, device number 81
[  496.778926][ T5887] usb 5-1: Product: syz
[  496.783285][ T5887] usb 5-1: Manufacturer: syz
[  496.807654][ T5887] usb 5-1: SerialNumber: syz
[  496.845565][ T5887] usb 5-1: config 0 descriptor??
[  497.100995][ T5887] usb 5-1: USB disconnect, device number 75
[  498.837778][   T24] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[  499.030780][   T24] usb 2-1: Using ep0 maxpacket: 16
[  499.033267][T11984] loop2: detected capacity change from 0 to 7
[  499.045384][T11984] Dev loop2: unable to read RDB block 7
[  499.061560][T11984]  loop2: unable to read partition table
[  499.072722][   T24] usb 2-1: config 0 has an invalid interface number: 41 but max is 0
[  499.091961][T11984] loop2: partition table beyond EOD, truncated
[  499.107662][   T24] usb 2-1: config 0 has no interface number 0
[  499.112120][T11984] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  499.113805][   T24] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  499.186699][ T5212] Dev loop2: unable to read RDB block 7
[  499.195450][   T24] usb 2-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  499.224703][ T5212]  loop2: unable to read partition table
[  499.234796][   T24] usb 2-1: config 0 interface 41 has no altsetting 0
[  499.241911][ T5212] loop2: partition table beyond EOD, truncated
[  499.272483][   T24] usb 2-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  499.285429][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  499.330912][   T24] usb 2-1: Product: syz
[  499.335234][   T24] usb 2-1: Manufacturer: syz
[  499.374531][   T24] usb 2-1: SerialNumber: syz
[  499.417926][   T24] usb 2-1: config 0 descriptor??
[  499.425684][T11975] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  499.457735][T11975] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  499.631682][T11988] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1905'.
[  499.711580][T11975] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  499.740758][T11988] hsr0: entered promiscuous mode
[  499.746074][T11988] vlan2: entered promiscuous mode
[  499.766404][T11975] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  499.948127][   T10] usb 1-1: new high-speed USB device number 82 using dummy_hcd
[  500.133269][   T10] usb 1-1: config 0 has no interfaces?
[  500.161018][   T10] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  500.199557][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  500.232262][   T10] usb 1-1: Product: syz
[  500.236506][   T10] usb 1-1: Manufacturer: syz
[  500.317596][   T10] usb 1-1: SerialNumber: syz
[  500.365802][   T10] usb 1-1: config 0 descriptor??
[  500.603868][T11975] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  500.607792][ T5838] usb 3-1: new high-speed USB device number 83 using dummy_hcd
[  500.615827][T11975] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  500.641921][   T24] CoreChips 2-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  500.685915][ T5894] usb 1-1: USB disconnect, device number 82
[  500.797961][ T5838] usb 3-1: Using ep0 maxpacket: 32
[  500.807331][ T5838] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  500.838981][ T5838] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  500.877753][ T5838] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  500.907060][ T5838] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  500.978129][ T5838] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  501.011279][ T5838] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  501.079536][ T5838] usb 3-1: New USB device found, idVendor=04e7, idProduct=6651, bcdDevice=ba.8a
[  501.119789][ T5838] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  501.137688][ T5838] usb 3-1: Product: syz
[  501.150938][ T5838] usb 3-1: Manufacturer: syz
[  501.167770][ T5838] usb 3-1: SerialNumber: syz
[  501.191022][T12009] netlink: 64 bytes leftover after parsing attributes in process `syz.3.1912'.
[  501.209097][   T24] CoreChips 2-1:0.41: probe with driver CoreChips failed with error -71
[  501.241766][ T5838] usb 3-1: config 0 descriptor??
[  501.282059][   T24] usb 2-1: USB disconnect, device number 76
[  501.302490][ T5838] usb 3-1: bad CDC descriptors
[  501.348347][ T5838] cdc_acm 3-1:0.0: Zero length descriptor references
[  501.385809][ T5838] cdc_acm 3-1:0.0: probe with driver cdc_acm failed with error -22
[  501.533734][ T5838] usb 3-1: USB disconnect, device number 83
[  501.551509][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  501.558131][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  501.665386][T12015] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1915'.
[  502.379776][   T24] usb 4-1: new high-speed USB device number 73 using dummy_hcd
[  502.627657][   T24] usb 4-1: Using ep0 maxpacket: 8
[  502.638863][   T24] usb 4-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  502.690763][   T24] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  502.794991][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  502.937807][ T5838] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[  502.951372][ T5887] usb 1-1: new high-speed USB device number 83 using dummy_hcd
[  503.209962][ T5838] usb 5-1: config 0 has no interfaces?
[  503.218060][ T5838] usb 5-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  503.227463][ T5838] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  503.258824][ T5838] usb 5-1: Product: syz
[  503.263059][ T5838] usb 5-1: Manufacturer: syz
[  503.303842][ T5838] usb 5-1: SerialNumber: syz
[  503.342546][ T5887] usb 1-1: config 0 has no interfaces?
[  503.378125][ T5887] usb 1-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  503.429097][ T5838] usb 5-1: config 0 descriptor??
[  503.520011][ T5887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  503.603563][ T5887] usb 1-1: Product: syz
[  503.617680][   T24] usb 3-1: new high-speed USB device number 84 using dummy_hcd
[  503.753101][   T10] usb 5-1: USB disconnect, device number 76
[  503.842136][ T5887] usb 1-1: Manufacturer: syz
[  503.874836][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  503.892060][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  503.915010][   T24] usb 3-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  503.915664][ T5887] usb 1-1: SerialNumber: syz
[  503.953419][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.991525][   T24] usb 3-1: config 0 descriptor??
[  504.010016][ T5887] usb 1-1: config 0 descriptor??
[  504.261513][T12048] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  504.272065][T12048] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  504.765032][   T24] glorious 0003:258A:0036.0016: unknown main item tag 0x0
[  504.776788][   T24] glorious 0003:258A:0036.0016: hidraw0: USB HID v0.00 Device [Glorious Model O] on usb-dummy_hcd.2-1/input0
[  505.180980][ T5838] usb 3-1: USB disconnect, device number 84
[  505.904844][ T5894] usb 4-1: USB disconnect, device number 73
[  506.135532][T12069] vlan2: entered promiscuous mode
[  506.298047][ T5887] usb 3-1: new high-speed USB device number 85 using dummy_hcd
[  506.547639][ T5894] usb 5-1: new full-speed USB device number 77 using dummy_hcd
[  506.592772][   T47] usb 1-1: USB disconnect, device number 83
[  506.635138][ T5887] usb 3-1: config index 0 descriptor too short (expected 43540, got 77)
[  506.676818][ T5887] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  506.753467][ T5887] usb 3-1: config 0 has no interfaces?
[  506.773179][ T5894] usb 5-1: config 0 has an invalid interface number: 113 but max is 0
[  506.785939][ T5894] usb 5-1: config 0 has no interface number 0
[  506.812697][ T5887] usb 3-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  506.828630][ T5887] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  506.851763][ T5887] usb 3-1: Product: syz
[  506.854197][ T5894] usb 5-1: config 0 interface 113 has no altsetting 0
[  506.865043][ T5887] usb 3-1: Manufacturer: syz
[  506.870048][ T5887] usb 3-1: SerialNumber: syz
[  506.882655][ T5887] usb 3-1: config 0 descriptor??
[  506.945420][T12082] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1936'.
[  506.971014][ T5894] usb 5-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[  506.974165][T12082] vlan0: entered promiscuous mode
[  506.980848][ T5894] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  507.133474][ T5894] usb 5-1: Product: syz
[  507.139806][ T5894] usb 5-1: Manufacturer: syz
[  507.147795][ T5894] usb 5-1: SerialNumber: syz
[  507.156271][ T5894] usb 5-1: config 0 descriptor??
[  507.689629][    C1] usb 5-1: NFC: Urb failure (status -71)
[  507.697839][    C1] usb 5-1: NFC: Urb failure (status -71)
[  507.705926][ T5894] usb 5-1: NFC: Unable to get FW version
[  507.712766][ T5894] pn533_usb 5-1:0.113: probe with driver pn533_usb failed with error -71
[  507.749942][ T5894] usb 5-1: USB disconnect, device number 77
[  508.227619][ T5887] usb 1-1: new high-speed USB device number 84 using dummy_hcd
[  508.402422][ T5887] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  508.413621][ T5887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  508.453661][ T5887] usb 1-1: Product: syz
[  508.466919][ T5887] usb 1-1: Manufacturer: syz
[  508.584131][ T5887] usb 1-1: SerialNumber: syz
[  508.661333][ T5887] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  508.685695][   T10] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  508.908439][T12089] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  508.917282][T12089] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  508.953507][T12089] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  508.972739][T12097] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1942'.
[  508.998526][T12089] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  509.043277][T12089] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  509.069476][T12089] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  509.140266][    T9] usb 1-1: USB disconnect, device number 84
[  509.305131][ T5887] usb 3-1: USB disconnect, device number 85
[  509.312340][ T5838] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[  509.617731][ T5838] usb 5-1: Using ep0 maxpacket: 32
[  509.628837][ T5838] usb 5-1: New USB device found, idVendor=04e8, idProduct=6601, bcdDevice=81.9b
[  509.651423][ T5838] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  509.665603][T12108] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1945'.
[  509.674855][ T5838] usb 5-1: Product: syz
[  509.684322][ T5838] usb 5-1: Manufacturer: syz
[  509.693106][T12108] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1945'.
[  509.731117][ T5838] usb 5-1: SerialNumber: syz
[  509.747670][  T882] usb 2-1: new high-speed USB device number 77 using dummy_hcd
[  509.756234][T12112] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1946'.
[  509.793660][   T10] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  509.811881][   T10] ath9k_htc: Failed to initialize the device
[  509.820006][    T9] usb 1-1: ath9k_htc: USB layer deinitialized
[  509.856100][T12112] dummy0: entered promiscuous mode
[  509.899059][T12112] dummy0: left promiscuous mode
[  509.961175][  T882] usb 2-1: config index 0 descriptor too short (expected 43540, got 77)
[  509.981942][  T882] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  510.013181][ T5838] visor 5-1:1.0: Handspring Visor / Palm OS converter detected
[  510.040704][  T882] usb 2-1: config 0 has no interfaces?
[  510.064701][ T5838] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  510.171082][  T882] usb 2-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  510.184807][  T882] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  510.194210][ T5838] usb 5-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  510.205805][  T882] usb 2-1: Product: syz
[  510.210081][  T882] usb 2-1: Manufacturer: syz
[  510.215224][  T882] usb 2-1: SerialNumber: syz
[  510.235060][  T882] usb 2-1: config 0 descriptor??
[  510.237769][   T47] usb 3-1: new full-speed USB device number 86 using dummy_hcd
[  510.240163][    T9] usb 1-1: new high-speed USB device number 85 using dummy_hcd
[  510.443693][    T9] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  510.453138][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  510.461654][    T9] usb 1-1: Product: syz
[  510.465934][    T9] usb 1-1: Manufacturer: syz
[  510.470999][    T9] usb 1-1: SerialNumber: syz
[  510.500845][   T47] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  510.518450][   T47] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 255, setting to 64
[  510.521551][    T9] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  510.541523][   T47] usb 3-1: New USB device found, idVendor=04f3, idProduct=0754, bcdDevice= 0.00
[  510.551576][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  510.571745][   T47] usb 3-1: config 0 descriptor??
[  510.582969][T12115] raw-gadget.6 gadget.2: fail, usb_ep_enable returned -22
[  510.768058][ T5886] usb 1-1: USB disconnect, device number 85
[  510.850195][   T47] usbhid 3-1:0.0: can't add hid device: -71
[  510.852516][  T882] usb 1-1: ath9k_htc: Firmware - ath9k_htc/htc_9271-1.4.0.fw download failed
[  510.870835][   T47] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  510.908114][ T5886] usb 1-1: ath9k_htc: USB layer deinitialized
[  511.034180][   T47] usb 3-1: USB disconnect, device number 86
[  511.156857][T12130] block device autoloading is deprecated and will be removed.
[  511.278872][T12130] syz.3.1950: attempt to access beyond end of device
[  511.278872][T12130] md0: rw=2048, sector=0, nr_sectors = 8 limit=0
[  511.817878][  T882] usb 3-1: new high-speed USB device number 87 using dummy_hcd
[  512.030253][   T47] usb 5-1: USB disconnect, device number 78
[  512.042122][   T47] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  512.077718][  T882] usb 3-1: device descriptor read/64, error -71
[  512.214846][T12140] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1954'.
[  512.233251][   T47] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  512.272635][   T47] visor 5-1:1.0: device disconnected
[  512.359623][  T882] usb 3-1: new high-speed USB device number 88 using dummy_hcd
[  512.464524][   T10] usb 2-1: USB disconnect, device number 77
[  512.507627][  T882] usb 3-1: device descriptor read/64, error -71
[  512.569721][T12142] netlink: 156 bytes leftover after parsing attributes in process `syz.4.1955'.
[  512.634797][  T882] usb usb3-port1: attempt power cycle
[  513.074940][  T882] usb 3-1: new high-speed USB device number 89 using dummy_hcd
[  513.113867][  T882] usb 3-1: device descriptor read/8, error -71
[  513.260276][T12155] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1959'.
[  513.377775][  T882] usb 3-1: new high-speed USB device number 90 using dummy_hcd
[  513.399274][T12155] dummy0: entered promiscuous mode
[  513.420990][T12155] dummy0: left promiscuous mode
[  513.427624][    T9] usb 1-1: new high-speed USB device number 86 using dummy_hcd
[  513.436682][  T882] usb 3-1: device descriptor read/8, error -71
[  513.558166][  T882] usb usb3-port1: unable to enumerate USB device
[  513.617783][    T9] usb 1-1: Using ep0 maxpacket: 32
[  513.625437][    T9] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  513.637270][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  513.655768][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  513.694138][    T9] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  513.716222][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  513.768153][    T9] usb 1-1: config 0 descriptor??
[  513.775703][T12153] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  513.794482][T12162] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1963'.
[  513.809775][    T9] hub 1-1:0.0: USB hub found
[  513.822896][T12162] netlink: 'syz.3.1963': attribute type 9 has an invalid length.
[  513.997741][    T9] hub 1-1:0.0: config failed, hub doesn't have any ports! (err -19)
[  514.084699][T12167] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1965'.
[  514.252070][T12171] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1960'.
[  514.428941][T12175] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1968'.
[  514.702387][T12184] netlink: 'syz.1.1970': attribute type 4 has an invalid length.
[  514.779602][T12186] netlink: 'syz.2.1971': attribute type 4 has an invalid length.
[  515.214161][T12189] loop5: detected capacity change from 0 to 1231
[  515.550128][   T10] usb 4-1: new high-speed USB device number 74 using dummy_hcd
[  515.729941][   T10] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  515.766883][   T10] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  515.767704][   T47] usb 2-1: new high-speed USB device number 78 using dummy_hcd
[  515.801966][   T10] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  515.821284][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  515.833916][   T10] usb 4-1: SerialNumber: syz
[  515.927691][   T47] usb 2-1: device descriptor read/64, error -71
[  516.187716][   T47] usb 2-1: new high-speed USB device number 79 using dummy_hcd
[  516.314020][    T9] usbhid 1-1:0.0: can't add hid device: -71
[  516.327711][    T9] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  516.327893][   T47] usb 2-1: device descriptor read/64, error -71
[  516.419180][    T9] usb 1-1: USB disconnect, device number 86
[  516.491873][   T47] usb usb2-port1: attempt power cycle
[  516.613056][   T10] usb 4-1: 0:2 : does not exist
[  516.795560][T12211] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1977'.
[  516.812330][   T10] usb 4-1: USB disconnect, device number 74
[  516.857712][   T47] usb 2-1: new high-speed USB device number 80 using dummy_hcd
[  516.878238][   T47] usb 2-1: device descriptor read/8, error -71
[  517.001011][ T6250] udevd[6250]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  517.117726][   T47] usb 2-1: new high-speed USB device number 81 using dummy_hcd
[  517.158125][   T47] usb 2-1: device descriptor read/8, error -71
[  517.361647][   T47] usb usb2-port1: unable to enumerate USB device
[  517.610865][T12219] openvswitch: netlink: Key 4 has unexpected len 2 expected 12
[  517.977609][   T47] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[  518.137599][   T47] usb 5-1: Using ep0 maxpacket: 16
[  518.146625][   T47] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  518.171993][   T47] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  518.184091][   T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  518.211996][   T47] usb 5-1: Product: syz
[  518.288721][   T47] usb 5-1: Manufacturer: syz
[  518.384257][   T47] usb 5-1: SerialNumber: syz
[  518.405775][   T47] usb 5-1: config 0 descriptor??
[  518.439946][   T47] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  518.457619][   T47] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  518.997995][ T6235] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[  519.090000][   T47] em28xx 5-1:0.0: chip ID is em2800
[  519.178605][ T6235] usb 2-1: Using ep0 maxpacket: 16
[  519.185411][ T6235] usb 2-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  519.196943][ T6235] usb 2-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[  519.267910][ T6235] usb 2-1: config 0 interface 0 has no altsetting 0
[  519.290307][T12207] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1975'.
[  519.311201][ T6235] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1c08, bcdDevice= 0.00
[  519.576402][ T6235] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.594918][ T6235] usb 2-1: config 0 descriptor??
[  520.019557][ T6235] usb 2-1: string descriptor 0 read error: -71
[  520.085618][ T6235] usbhid 2-1:0.0: can't add hid device: -71
[  520.114070][ T6235] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  520.123716][T12244] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1988'.
[  520.172843][   T47] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  520.207327][   T47] em28xx 5-1:0.0: board has no eeprom
[  520.220151][ T6235] usb 2-1: USB disconnect, device number 82
[  520.328307][   T47] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  520.379926][   T47] em28xx 5-1:0.0: dvb set to bulk mode.
[  520.385589][ T5894] em28xx 5-1:0.0: Binding DVB extension
[  520.396012][T12248] fuse: Bad value for 'fd'
[  520.673733][ T5894] em28xx 5-1:0.0: Registering input extension
[  520.749266][T12252] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1991'.
[  520.940672][   T10] usb 5-1: USB disconnect, device number 79
[  520.962842][   T10] em28xx 5-1:0.0: Disconnecting em28xx
[  520.989708][   T10] em28xx 5-1:0.0: Closing input extension
[  521.087909][   T10] em28xx 5-1:0.0: Freeing device
[  521.168969][T12262] usb usb9: check_ctrlrecip: process 12262 (syz.2.1995) requesting ep 01 but needs 81
[  521.205878][T12262] usb usb9: usbfs: process 12262 (syz.2.1995) did not claim interface 0 before use
[  521.603526][T12275] netlink: 'syz.2.1997': attribute type 10 has an invalid length.
[  521.640269][T12266] netlink: 'syz.2.1997': attribute type 2 has an invalid length.
[  521.651871][T12266] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1997'.
[  521.865088][T12278] netlink: 200 bytes leftover after parsing attributes in process `syz.0.1999'.
[  521.899162][T12279] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2000'.
[  521.935471][T12278] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1999'.
[  522.298393][T12287] loop2: detected capacity change from 0 to 7
[  522.332590][T12287] Dev loop2: unable to read RDB block 7
[  522.356527][T12287]  loop2: unable to read partition table
[  522.376987][T12287] loop2: partition table beyond EOD, truncated
[  522.442287][T12287] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  522.511273][T12291] syz.0.2006 (12291): drop_caches: 0
[  522.767837][ T6235] usb 4-1: new high-speed USB device number 75 using dummy_hcd
[  522.860765][T12295] vlan3: entered promiscuous mode
[  522.930359][ T6235] usb 4-1: config 0 has no interfaces?
[  522.949888][ T6235] usb 4-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b
[  522.964241][T12297] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2008'.
[  522.975432][ T6235] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  522.989114][ T6235] usb 4-1: Product: syz
[  522.995104][ T6235] usb 4-1: Manufacturer: syz
[  523.002350][ T6235] usb 4-1: SerialNumber: syz
[  523.034063][ T6235] usb 4-1: config 0 descriptor??
[  523.238893][T12306] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2012'.
[  523.778047][ T5894] usb 3-1: new high-speed USB device number 91 using dummy_hcd
[  523.937879][ T5894] usb 3-1: Using ep0 maxpacket: 16
[  523.953053][ T5894] usb 3-1: config index 0 descriptor too short (expected 1828, got 36)
[  523.966105][ T5894] usb 3-1: config 0 has an invalid interface number: 0 but max is -1
[  523.981931][ T5894] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0
[  523.998499][ T5894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  524.023119][ T5894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  524.043953][ T5894] usb 3-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=1a.1e
[  524.060374][ T5894] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  524.087901][ T5894] usb 3-1: Product: syz
[  524.100516][ T5894] usb 3-1: Manufacturer: syz
[  524.127752][ T5894] usb 3-1: SerialNumber: syz
[  524.177069][ T5894] usb 3-1: config 0 descriptor??
[  524.186565][ T5894] keyspan 3-1:0.0: Keyspan 2 port adapter converter detected
[  524.242152][ T5894] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 87
[  524.277362][ T5894] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 7
[  524.297063][ T5894] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 81
[  524.325685][ T5894] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 1
[  524.358720][ T5894] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 2
[  524.474274][ T5894] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 85
[  524.599229][T12335] loop2: detected capacity change from 0 to 7
[  524.606684][T12335] Dev loop2: unable to read RDB block 7
[  524.647683][T12335]  loop2: unable to read partition table
[  524.680698][ T5894] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 5
[  524.695189][T12335] loop2: partition table beyond EOD, truncated
[  524.705780][ T5894] usb 3-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[  524.742245][T12335] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  524.796925][ T5894] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 83
[  524.805704][ T5894] keyspan 3-1:0.0: unsupported endpoint type 0
[  524.812149][ T5894] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 4
[  524.867946][ T5894] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 86
[  524.913078][ T5894] keyspan 3-1:0.0: found no endpoint descriptor for endpoint 6
[  524.977899][ T5894] usb 3-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[  525.017338][T12338] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2021'.
[  525.042437][ T5894] usb 3-1: USB disconnect, device number 91
[  525.104197][ T5894] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[  525.135820][T12338] netlink: 'syz.0.2021': attribute type 9 has an invalid length.
[  525.189545][ T5894] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[  525.244610][ T5894] keyspan 3-1:0.0: device disconnected
[  525.424544][ T6235] usb 4-1: USB disconnect, device number 75
[  525.443445][T12340] FAULT_INJECTION: forcing a failure.
[  525.443445][T12340] name failslab, interval 1, probability 0, space 0, times 0
[  525.497750][T12340] CPU: 1 UID: 0 PID: 12340 Comm: syz.0.2022 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  525.497783][T12340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  525.497797][T12340] Call Trace:
[  525.497806][T12340]  <TASK>
[  525.497816][T12340]  dump_stack_lvl+0x241/0x360
[  525.497857][T12340]  ? __pfx_dump_stack_lvl+0x10/0x10
[  525.497888][T12340]  ? __pfx__printk+0x10/0x10
[  525.497921][T12340]  ? __pfx___might_resched+0x10/0x10
[  525.497954][T12340]  should_fail_ex+0x424/0x570
[  525.497987][T12340]  should_failslab+0xac/0x100
[  525.498018][T12340]  kmem_cache_alloc_node_noprof+0x7d/0x3b0
[  525.498049][T12340]  ? __alloc_skb+0x1c2/0x480
[  525.498073][T12340]  __alloc_skb+0x1c2/0x480
[  525.498098][T12340]  ? __pfx___alloc_skb+0x10/0x10
[  525.498120][T12340]  ? netlink_autobind+0xd6/0x2f0
[  525.498149][T12340]  ? netlink_autobind+0x2b0/0x2f0
[  525.498183][T12340]  netlink_sendmsg+0x638/0xcd0
[  525.498226][T12340]  ? __pfx_netlink_sendmsg+0x10/0x10
[  525.498262][T12340]  ? aa_sock_msg_perm+0x91/0x160
[  525.498297][T12340]  ? __pfx_netlink_sendmsg+0x10/0x10
[  525.498327][T12340]  __sock_sendmsg+0x221/0x270
[  525.498357][T12340]  ____sys_sendmsg+0x523/0x860
[  525.498390][T12340]  ? __pfx_____sys_sendmsg+0x10/0x10
[  525.498411][T12340]  ? __fget_files+0x2a/0x420
[  525.498435][T12340]  ? __fget_files+0x2a/0x420
[  525.498465][T12340]  __sys_sendmsg+0x271/0x360
[  525.498494][T12340]  ? __pfx___sys_sendmsg+0x10/0x10
[  525.498573][T12340]  ? do_syscall_64+0xb6/0x230
[  525.498601][T12340]  do_syscall_64+0xf3/0x230
[  525.498636][T12340]  ? clear_bhb_loop+0x45/0xa0
[  525.498662][T12340]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  525.498682][T12340] RIP: 0033:0x7f0763f8e169
[  525.498700][T12340] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  525.498719][T12340] RSP: 002b:00007f0764e0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  525.498743][T12340] RAX: ffffffffffffffda RBX: 00007f07641b5fa0 RCX: 00007f0763f8e169
[  525.498760][T12340] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000003
[  525.498774][T12340] RBP: 00007f0764e0f090 R08: 0000000000000000 R09: 0000000000000000
[  525.498789][T12340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  525.498801][T12340] R13: 0000000000000000 R14: 00007f07641b5fa0 R15: 00007f07642dfa28
[  525.498834][T12340]  </TASK>
[  525.499511][T12342] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2024'.
[  525.981239][T12346] tmpfs: Unknown parameter '©Oo<ˆŽÛ©Jn¨3êÕr,2“¤“ñG•1݈&Xô1þ�ñ^ú®êƒU‡•8Öîk¦X“ÿ�‹§UK¥ƒþóìy2õ•O1¨xâúæiî +¥F}óçÑÚ¬Cs€äþáŠ"ÚüÛL(�Í¡ùk•%ã¦�iMb^/€ˆ� _:m¢��/žwÇÆJÿ¥Oì
6˯¥ö.–u;cš’E™Áö’’~¥0ÿ
[  525.981239][T12346] `cÔ'ðh„0uLaT'
[  526.047944][  T882] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[  526.218942][  T882] usb 3-1: Using ep0 maxpacket: 16
[  526.229730][  T882] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[  526.241888][  T882] usb 3-1: config 0 has no interface number 0
[  526.252067][  T882] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  526.283599][  T882] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  526.330149][T12352] vlan0: entered promiscuous mode
[  526.330837][  T882] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  526.364403][  T882] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  526.386042][  T882] usb 3-1: Product: syz
[  526.404068][  T882] usb 3-1: SerialNumber: syz
[  526.441115][  T882] usb 3-1: config 0 descriptor??
[  526.450858][  T882] cm109 3-1:0.8: invalid payload size 0, expected 4
[  526.486564][  T882] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input39
[  526.499378][T12356] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2030'.
[  526.691604][    C0] cm109_urb_ctl_callback: 7 callbacks suppressed
[  526.691631][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: urb status -71
[  526.693205][ T6235] usb 3-1: USB disconnect, device number 92
[  526.698021][    C0] cm109 3-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  526.771204][ T6235] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  527.107896][   T10] usb 1-1: new high-speed USB device number 87 using dummy_hcd
[  527.197674][ T5886] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[  527.274934][   T10] usb 1-1: Using ep0 maxpacket: 16
[  527.303654][T12379] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2036'.
[  527.315730][   T10] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  527.338321][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 48, changing to 9
[  527.355142][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 8240, setting to 1024
[  527.357741][ T5886] usb 5-1: Using ep0 maxpacket: 8
[  527.373253][T12381] tmpfs: Unknown parameter '©Oo<ˆŽÛ©Jn¨3êÕr,2“¤“ñG•1݈&Xô1þ�ñ^ú®êƒU‡•8Öîk¦X“ÿ�‹§UK¥ƒþóìy2õ•O1¨xâúæiî +¥F}óçÑÚ¬Cs€äþáŠ"ÚüÛL(�Í¡ùk•%ã¦�iMb^/€ˆ� _:m¢��/žwÇÆJÿ¥Oì
6˯¥ö.–u;cš’E™Áö’’~¥0ÿ
[  527.373253][T12381] `cÔ'ðh„0uLaT'
[  527.398418][   T10] usb 1-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice=7a.5a
[  527.409647][ T5886] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  527.416777][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  527.426667][ T5886] usb 5-1: config 179 has no interface number 0
[  527.433738][ T5886] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  527.443906][   T10] usb 1-1: Product: syz
[  527.459978][   T10] usb 1-1: Manufacturer: syz
[  527.468123][   T10] usb 1-1: SerialNumber: syz
[  527.483238][ T5886] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  527.484092][   T10] usb 1-1: config 0 descriptor??
[  527.527743][ T5886] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 20, changing to 8
[  527.563190][ T5886] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 57696, setting to 1024
[  527.593201][ T5886] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  527.639774][ T5886] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  527.677466][ T5886] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  527.711114][T12375] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  527.717188][   T10] pegasus_notetaker 1-1:0.0: probe with driver pegasus_notetaker failed with error -12
[  527.772301][   T10] usb 1-1: USB disconnect, device number 87
[  528.061318][ T6235] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input41
[  528.420972][   T10] usb 5-1: USB disconnect, device number 80
[  528.421040][    C1] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  528.436142][    C1] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  528.444466][    C1] vkms_vblank_simulate: vblank timer overrun
[  528.676190][T12399] 
[  528.678588][T12399] ======================================================
[  528.685728][T12399] WARNING: possible circular locking dependency detected
[  528.692776][T12399] 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 Not tainted
[  528.699917][T12399] ------------------------------------------------------
[  528.706968][T12399] syz.1.2044/12399 is trying to acquire lock:
[  528.713069][T12399] ffffffff900fd5c8 (rtnl_mutex){+.+.}-{4:4}, at: do_ip_setsockopt+0x10f0/0x39c0
[  528.722192][T12399] 
[  528.722192][T12399] but task is already holding lock:
[  528.729579][T12399] ffff888029fd4428 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x1b2/0xd50
[  528.739701][T12399] 
[  528.739701][T12399] which lock already depends on the new lock.
[  528.739701][T12399] 
[  528.750107][T12399] 
[  528.750107][T12399] the existing dependency chain (in reverse order) is:
[  528.759152][T12399] 
[  528.759152][T12399] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[  528.767766][T12399]        lock_acquire+0x116/0x2f0
[  528.772797][T12399]        __mutex_lock+0x1a5/0x10c0
[  528.777922][T12399]        smc_switch_to_fallback+0x35/0xda0
[  528.783735][T12399]        smc_sendmsg+0x11f/0x530
[  528.788690][T12399]        __sock_sendmsg+0x221/0x270
[  528.793899][T12399]        __sys_sendto+0x365/0x4c0
[  528.798927][T12399]        __x64_sys_sendto+0xde/0x100
[  528.804215][T12399]        do_syscall_64+0xf3/0x230
[  528.809248][T12399]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  528.815753][T12399] 
[  528.815753][T12399] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}:
[  528.823413][T12399]        lock_acquire+0x116/0x2f0
[  528.828441][T12399]        lock_sock_nested+0x48/0x100
[  528.833735][T12399]        do_ip_setsockopt+0x17e9/0x39c0
[  528.839300][T12399]        ip_setsockopt+0x63/0x100
[  528.844331][T12399]        do_sock_setsockopt+0x3b1/0x710
[  528.849883][T12399]        __x64_sys_setsockopt+0x1ee/0x280
[  528.855603][T12399]        do_syscall_64+0xf3/0x230
[  528.860635][T12399]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  528.867052][T12399] 
[  528.867052][T12399] -> #0 (rtnl_mutex){+.+.}-{4:4}:
[  528.874273][T12399]        validate_chain+0xa69/0x24e0
[  528.879572][T12399]        __lock_acquire+0xad5/0xd80
[  528.884778][T12399]        lock_acquire+0x116/0x2f0
[  528.889808][T12399]        __mutex_lock+0x1a5/0x10c0
[  528.894928][T12399]        do_ip_setsockopt+0x10f0/0x39c0
[  528.900509][T12399]        ip_setsockopt+0x63/0x100
[  528.905538][T12399]        smc_setsockopt+0x25c/0xd50
[  528.910739][T12399]        do_sock_setsockopt+0x3b1/0x710
[  528.916284][T12399]        __x64_sys_setsockopt+0x1ee/0x280
[  528.922004][T12399]        do_syscall_64+0xf3/0x230
[  528.927125][T12399]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  528.933547][T12399] 
[  528.933547][T12399] other info that might help us debug this:
[  528.933547][T12399] 
[  528.943777][T12399] Chain exists of:
[  528.943777][T12399]   rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock
[  528.943777][T12399] 
[  528.957351][T12399]  Possible unsafe locking scenario:
[  528.957351][T12399] 
[  528.964802][T12399]        CPU0                    CPU1
[  528.970166][T12399]        ----                    ----
[  528.975527][T12399]   lock(&smc->clcsock_release_lock);
[  528.980924][T12399]                                lock(sk_lock-AF_INET);
[  528.987871][T12399]                                lock(&smc->clcsock_release_lock);
[  528.995773][T12399]   lock(rtnl_mutex);
[  528.999762][T12399] 
[  528.999762][T12399]  *** DEADLOCK ***
[  528.999762][T12399] 
[  529.007905][T12399] 1 lock held by syz.1.2044/12399:
[  529.013014][T12399]  #0: ffff888029fd4428 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x1b2/0xd50
[  529.023566][T12399] 
[  529.023566][T12399] stack backtrace:
[  529.029460][T12399] CPU: 1 UID: 0 PID: 12399 Comm: syz.1.2044 Not tainted 6.15.0-rc2-syzkaller-00087-gcfb2e2c57aef #0 PREEMPT(full) 
[  529.029484][T12399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  529.029496][T12399] Call Trace:
[  529.029503][T12399]  <TASK>
[  529.029511][T12399]  dump_stack_lvl+0x241/0x360
[  529.029540][T12399]  ? __pfx_dump_stack_lvl+0x10/0x10
[  529.029566][T12399]  ? __pfx__printk+0x10/0x10
[  529.029591][T12399]  ? print_lock+0x171/0x1a0
[  529.029613][T12399]  print_circular_bug+0x2e1/0x300
[  529.029638][T12399]  check_noncircular+0x142/0x160
[  529.029663][T12399]  validate_chain+0xa69/0x24e0
[  529.029686][T12399]  ? finish_task_switch+0x1e5/0x870
[  529.029709][T12399]  __lock_acquire+0xad5/0xd80
[  529.029729][T12399]  lock_acquire+0x116/0x2f0
[  529.029746][T12399]  ? do_ip_setsockopt+0x10f0/0x39c0
[  529.029771][T12399]  __mutex_lock+0x1a5/0x10c0
[  529.029792][T12399]  ? do_ip_setsockopt+0x10f0/0x39c0
[  529.029813][T12399]  ? look_up_lock_class+0x7b/0x170
[  529.029834][T12399]  ? register_lock_class+0x54/0x330
[  529.029852][T12399]  ? do_ip_setsockopt+0x10f0/0x39c0
[  529.029871][T12399]  ? __pfx___mutex_lock+0x10/0x10
[  529.029892][T12399]  ? __lock_acquire+0xad5/0xd80
[  529.029913][T12399]  ? __pfx___mutex_trylock_common+0x10/0x10
[  529.029939][T12399]  do_ip_setsockopt+0x10f0/0x39c0
[  529.029962][T12399]  ? __pfx_do_ip_setsockopt+0x10/0x10
[  529.029985][T12399]  ? smc_setsockopt+0x1b2/0xd50
[  529.030005][T12399]  ? __pfx___mutex_lock+0x10/0x10
[  529.030031][T12399]  ip_setsockopt+0x63/0x100
[  529.030051][T12399]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  529.030078][T12399]  smc_setsockopt+0x25c/0xd50
[  529.030099][T12399]  ? __pfx_aa_sk_perm+0x10/0x10
[  529.030123][T12399]  ? __pfx_smc_setsockopt+0x10/0x10
[  529.030143][T12399]  ? aa_sock_opt_perm+0x79/0x120
[  529.030169][T12399]  ? __pfx_smc_setsockopt+0x10/0x10
[  529.030189][T12399]  do_sock_setsockopt+0x3b1/0x710
[  529.030209][T12399]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  529.030225][T12399]  ? __fget_files+0x2a/0x420
[  529.030243][T12399]  ? __fget_files+0x39d/0x420
[  529.030257][T12399]  ? __fget_files+0x2a/0x420
[  529.030274][T12399]  __x64_sys_setsockopt+0x1ee/0x280
[  529.030294][T12399]  do_syscall_64+0xf3/0x230
[  529.030316][T12399]  ? clear_bhb_loop+0x45/0xa0
[  529.030335][T12399]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  529.030352][T12399] RIP: 0033:0x7f161238e169
[  529.030375][T12399] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  529.030390][T12399] RSP: 002b:00007f16131db038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  529.030410][T12399] RAX: ffffffffffffffda RBX: 00007f16125b5fa0 RCX: 00007f161238e169
[  529.030424][T12399] RDX: 0000000000000029 RSI: 0000000000000000 RDI: 0000000000000003
[  529.030437][T12399] RBP: 00007f1612410a68 R08: 0000000000000018 R09: 0000000000000000
[  529.030449][T12399] R10: 0000200000000280 R11: 0000000000000246 R12: 0000000000000000
[  529.030461][T12399] R13: 0000000000000000 R14: 00007f16125b5fa0 R15: 00007f16126dfa28
[  529.030480][T12399]  </TASK>
[  529.328440][    C1] vkms_vblank_simulate: vblank timer overrun
[  529.727605][    T9] usb 1-1: new high-speed USB device number 88 using dummy_hcd
[  529.877577][    T9] usb 1-1: Using ep0 maxpacket: 16
[  529.884184][    T9] usb 1-1: config 0 has an invalid interface number: 8 but max is 0
[  529.892392][    T9] usb 1-1: config 0 has no interface number 0
[  529.898534][    T9] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  529.909452][    T9] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  529.920503][    T9] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  529.929637][    T9] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  529.937783][    T9] usb 1-1: Product: syz
[  529.941956][    T9] usb 1-1: SerialNumber: syz
[  529.947889][    T9] usb 1-1: config 0 descriptor??
[  529.954936][    T9] cm109 1-1:0.8: invalid payload size 0, expected 4
[  529.963882][    T9] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input42
[  530.159733][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  530.159950][ T6235] usb 1-1: USB disconnect, device number 88
[  530.166730][    C0] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  530.184462][ T6235] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19