last executing test programs:

9.562975331s ago: executing program 0 (id=4646):
openat$uinput(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.io_serviced_recursive\x00', 0x275a, 0x0)
socket(0xa, 0x3, 0x4)
socket$inet(0x2, 0x4000000000000001, 0x0)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
dup(r2)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
socket(0x1000000010, 0x80002, 0x0)
socket$vsock_stream(0x28, 0x1, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
pipe2(&(0x7f0000000040)={<r3=>0xffffffffffffffff}, 0x0)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000200)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff000005024524", @ANYRES8=r0, @ANYBLOB="05", @ANYRES16=r0, @ANYRES8, @ANYRES16=r1, @ANYRES16=r3], 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d032, 0xffffffffffffffff, 0x0)
r5 = userfaultfd(0x801)
syz_emit_ethernet(0x79, &(0x7f0000000380)={@multicast, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, @void, {@generic={0x883e, "21b6547dfe4cad4d537311e75ce73b31829d403940732a9f99d5610b0059de922e1aa59873b73a5eee974ca05aa3fba4071fa82fd563cd0c5a0aa8636ba9f11de7e04dc8fcd3a1a919f07f40d51389f0437d4b2a081288c7610cfe9c6c4d4ed95ce19348a4026291757fb2"}}}, 0x0)
ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
r6 = syz_io_uring_setup(0x378c, &(0x7f0000000140)={0x0, 0x4774, 0x80, 0x1, 0x372}, &(0x7f0000000080), &(0x7f0000000280))
syz_io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x2040000, 0x0, 0x0, r6}, &(0x7f00000011c0), &(0x7f0000ff4000))
ioctl$F2FS_IOC_MOVE_RANGE(r4, 0x541b, &(0x7f0000000040))

8.663267384s ago: executing program 2 (id=4649):
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000280)={0x4000001, 0xcf5e})
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
io_setup(0x3fe, &(0x7f0000000100)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f00000001c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000080)=' ', 0x1}])
pipe(&(0x7f0000000080))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r6, 0x0, 0x41, 0x0, 0x68)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000340)=ANY=[@ANYBLOB="50000000138ba06506a85c5e0fbe229a1d7a88d3a28d10000305000000001b000000000800008152b882c9706e610f8adb11a807c6f5b293af4d65e7670f7193a76db377ffbea89b00000000093cb75962f5b4c7", @ANYBLOB="00000000000000003000128008000100677265002400028005001600010000000500080007000000050008000900000008000400000100"], 0x50}}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r7, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r7, &(0x7f00000014c0)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="845d", 0x2}], 0x1}}], 0x1, 0x4000c000)
sendto$inet6(r7, &(0x7f0000000300), 0x5a8, 0x0, 0x0, 0xfffffffffffffdfd)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000200)=[0x0, 0x0], 0x2})

7.682361551s ago: executing program 2 (id=4651):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r1 = socket(0x23, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000940)={0x0, 0x0, 0x0}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f00000001c0)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
write$tun(r2, &(0x7f00000008c0)=ANY=[@ANYBLOB="1c0000f5000000000000000000e1ff00000002"], 0x73)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = syz_open_dev$vbi(0x0, 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r4, 0xc100565c, &(0x7f00000013c0)={0x0, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [], [0x8200]}}})
clock_gettime(0x0, &(0x7f0000000000))
ioctl$VIDIOC_QBUF(r4, 0xc058565d, &(0x7f0000000040)=@multiplanar_userptr={0x1, 0x6, 0x4, 0x70000, 0x5, {0x0, 0xea60}, {0x6, 0x0, 0x7, 0x9, 0xb, 0x5, "a232b57e"}, 0x6, 0x2, {&(0x7f00000001c0)=[{0xabf1, 0x8, {&(0x7f00000000c0)}, 0x4}, {0x1, 0x0, {&(0x7f0000000140)}, 0xd}]}, 0xb, 0x0, r0})
r5 = socket$netlink(0x10, 0x3, 0xb)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r5, 0x10e, 0x1, &(0x7f0000000080)=0x1e, 0x4)
io_setup(0x222, &(0x7f0000000180)=<r6=>0x0)
r7 = openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000004002, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xce, 0x1, 0x5, 0x8, 0x13d3, 0x3335, 0xb977, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xc0, 0xd, 0x6e}}]}}]}}, 0x0)
io_submit(r6, 0x2, &(0x7f0000001500)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x1000, r7, &(0x7f0000000480)}, 0x0])
openat$cuse(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
r8 = socket$l2tp(0x2, 0x2, 0x73)
bind$inet(r8, &(0x7f0000000000)={0x2, 0x0, @multicast1}, 0x10)
connect$inet(r8, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
socket$l2tp(0x2, 0x2, 0x73)
syz_emit_ethernet(0x74, &(0x7f0000000000)={@link_local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x73, 0x0, @private=0x300, @multicast1}, {0x0, 0x0, 0xfffffe9a, 0x0, @gue={{0x2}}}}}}}, 0x0)

7.155161986s ago: executing program 3 (id=4653):
writev(0xffffffffffffffff, &(0x7f0000000500)=[{&(0x7f00000002c0)="21f82d8c896a72a34cb308f5534e22da27094c8e3076b329c6bf383aa2d8b13c7768cb5dec06436af4f3686c", 0x2c}], 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x54}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f00000004c0)={'tunl0\x00', &(0x7f0000002080)={'sit0\x00', <r0=>0x0, 0x8000, 0x80, 0xfffffffa, 0x800, {{0x35, 0x4, 0x1, 0x6, 0xd4, 0x65, 0x0, 0x6, 0x19ebc3d69574e8e3, 0x0, @broadcast, @empty, {[@timestamp_addr={0x44, 0x14, 0x45, 0x1, 0x3, [{@private=0xa010102, 0x400}, {@initdev={0xac, 0x1e, 0x0, 0x0}, 0x1}]}, @end, @end, @timestamp_addr={0x44, 0x3c, 0xe9, 0x1, 0x3, [{@multicast2, 0xfffffffb}, {@loopback, 0x4}, {@remote, 0x6}, {@remote, 0x5}, {@remote, 0xffffffe9}, {@broadcast, 0x2}, {@local, 0x6}]}, @timestamp_addr={0x44, 0x4c, 0xbc, 0x1, 0x5, [{@multicast2, 0xac}, {@rand_addr=0x64010100, 0x3}, {@private=0xa010100, 0x2}, {@dev={0xac, 0x14, 0x14, 0x33}, 0x7}, {@rand_addr=0x64010101, 0x9}, {@empty, 0x4}, {@multicast1, 0x3}, {@multicast2, 0xa}, {@broadcast, 0xffff}]}, @ssrr={0x89, 0x1f, 0x23, [@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x64010101, @remote, @broadcast, @multicast1, @multicast1]}]}}}}})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r2, {0x2, 0x0, @private}, 0x4}}, 0x26)
ioctl$PPPIOCGCHAN(r3, 0x80047437, &(0x7f0000000100))
read$FUSE(r3, &(0x7f0000004380)={0x2020}, 0x2020)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, 0x0, 0x0, 0x2, 0x0)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x13, 0x10, 0x2}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x8, 0x17, &(0x7f0000000c80)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r7}, {}, {0x7, 0x0, 0xb, 0x2}, {0x85, 0x0, 0x0, 0x51}}, {{0x5, 0x0, 0x5, 0x9, 0x0, 0x1, 0x2000000}}, [@printk={@d}]}, &(0x7f0000000000)='GPL\x00'}, 0x7b)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000000)={'geneve1\x00', 0x400})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delqdisc={0x2c, 0x25, 0x400, 0x70bd27, 0x25dfdbff, {0x0, 0x0, 0x0, r0, {0xc, 0x4}, {0x5, 0xd}, {0xa, 0x7}}, [@TCA_RATE={0x6, 0x5, {0x6, 0x5}}]}, 0x2c}}, 0x0)
socket(0x10, 0x803, 0x0)
r8 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r9 = syz_open_dev$vim2m(&(0x7f0000000000), 0x100000001, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r9, 0xc0d05605, &(0x7f0000000140)={0x1, @pix={0x0, 0x0, 0x32314152}})
ioctl$KVM_CREATE_VM(r8, 0xae01, 0x0)

6.348288044s ago: executing program 0 (id=4654):
r0 = socket$inet(0x2, 0x2000080001, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
ptrace$ARCH_MAP_VDSO_32(0x1e, 0x0, 0x5, 0x2002)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x10, r0, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x46, 0x0, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x10, &(0x7f0000000180), 0x4)
connect$inet6(r2, 0x0, 0x0)
mlockall(0x1)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f00000000c0)={0x10})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f00000001c0))
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000040)=0x10000)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000a00)=0x40000)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}}, {{@in, 0x0, 0x6c}, 0x0, @in=@rand_addr=0x64010101}}, 0xe8)
sendmsg$nl_xfrm(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="c4000000190001000000000000000000ac1414bb0000000000000000000000000000000000000000000000000000000000000000000000000a00", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e5ffffffffffffff00000000000000000000000000000000000000000000000000000a0010000100000000000000"], 0xc4}}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="100000001d0001000000004000e0"], 0x10}}, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000440)=ANY=[@ANYBLOB="787337cfac950551208c2c484a4bba44ced1aa384fccc6fb10df7c5da4ad1a86a7a4f80930671be56864d7a3aeb2abc956de721363ae8f33e14e34b9eb91324e1a77af1bce93862db6a277eadbb9c286cfb6185c27bab06af6c1f733faaafc0a1adfe904651cadb1a89c3074d5e285a33210cf9fe4c99ea91d4d6199561b1762f6274cb08b0e2dee2121645beba0bd6c11347b0ae5bbf35c86a53d31850ed84a95d451e2f9c3eb9aa619e6b90f48644e2137cf14e5335810d7548cdcadc98011bb205d6ec7ce7bde747437f547"], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
mprotect(&(0x7f0000001000/0x400000)=nil, 0x400000, 0x0)

6.099384601s ago: executing program 4 (id=4656):
syz_emit_ethernet(0x2e, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffffe04671674521a818000000019078ac1414bbac1414bb440400000800907800000000e2124adef8208bcf67ed4090ff1f5544ef7bac73abda1aaa1e7862ef4870ff78d89448ee06d773d617c89913bd82680d68d5cb5f144d51b9b4857a3b5070d8101e3a89548dd950372d1bdf7549e5044277e2b6dc2877122b33735519524181d6bca22f2eeaa18edd5bb086c973b0ecd318ba38b276d056550ba4eae2ff93a81c0d8a75ac914f0b02e8"], 0x0)
syz_usb_connect(0x0, 0x3d, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x92, 0xe5, 0x9e, 0x20, 0x108c, 0x169, 0x75b9, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xdb, 0x0, 0x2, 0xd, 0xfa, 0x0, 0x3, [], [{{0x9, 0x5, 0x80, 0x0, 0x0, 0x0, 0xfc, 0x0, [@generic={0x7, 0x5, "db224370bf"}]}}, {{0x9, 0x5, 0xb, 0x2, 0x3ff}}]}}]}}]}}, 0x0)
syz_open_procfs(0x0, &(0x7f0000002180)='net/anycast6\x00')
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000005, 0x12, r1, 0x0)
r2 = socket(0xf, 0x3, 0x2)
write(r2, &(0x7f0000a97ff0)="020baf040200000000067bbc8e1d4b48", 0x10)

5.963707826s ago: executing program 0 (id=4657):
pipe(&(0x7f0000000300))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x0, 0x6c000000}, 0x40)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
getdents64(r3, &(0x7f0000002f40)=""/4098, 0x1002)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000003c0))
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0xc4c85513, &(0x7f0000000700)={{0x2}, 0x0, [0x2000000, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffffffffffd]})
epoll_create1(0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
shmctl$IPC_RMID(0x0, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000540)=0x14)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000880))
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x4)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r6, 0x0}, 0x20)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'lo\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYRES32=r9, @ANYBLOB="08000200ac"], 0x20}}, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)

5.963005844s ago: executing program 1 (id=4658):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x1, 0x0, 0x1, 0xe98, '\x00', 0x0, 0xffffffffffffffff, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, 0x0, &(0x7f0000000080)}, 0x20)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3400000002"], 0x34}}, 0x0)
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(r0, &(0x7f0000000380)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r5 = io_uring_setup(0x1698, &(0x7f0000000140)={0x0, 0x3, 0x0, 0xfffffffc, 0x4})
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
syz_open_procfs(0x0, 0x0)
ioctl$CEC_RECEIVE(0xffffffffffffffff, 0xc0386106, &(0x7f0000000180)={0x1, 0x1, 0x0, 0x0, 0x0, 0x0, "5debca561a5fbf61048955f6f876b2ff"})
r6 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r6}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha1-ssse3\x00'}})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r7 = openat$cgroup_ro(r4, &(0x7f0000000300)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000200), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)

5.380313485s ago: executing program 3 (id=4659):
syz_emit_ethernet(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x200000100000011, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r3)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000000300)=""/56, 0x38)
getdents64(r4, &(0x7f0000000f80)=""/4096, 0x1000)
memfd_create(&(0x7f00000000c0)='v\xa6\xf5lj6,r\xaf\xe8\x10/\xecg\xed\xe3h\x80\xb8!y6w\xda\xdd\xb9\nR\xe8@\x99\xb9\x8a\x0fZ\t\x90\x8bp\x10\x84\x86t\x8a\xba\xc6\xfb\xd2\f\xef&\xad\xa8M\xe8\b\xb0#\xac)\x81\x1e\x8a\f\x11D\x90\xf5\xbb\x1c\xac\xc7\xad\xdc\\\x11\x95\xf8\xe6\xa7\xc3\xbc\x18+\x92\x92N\a\xa7\x7fN\x9bL\xf8\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9d\x85\xea\x1a*\x1bC\xd8\x1c\xe8\x9bYS', 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000004e00), r7)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r7, &(0x7f0000005200)={0x0, 0x0, &(0x7f00000051c0)={&(0x7f0000005180)={0x14, r8, 0x1}, 0x14}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000200000071000040"])
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r9=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="400004001400c2b26dd2", @ANYRES32=r9, @ANYBLOB="14000200fe8000000000000000000000000000aa140006000000000001f0ffff0000000000000000"], 0x40}}, 0x0)

4.876876458s ago: executing program 1 (id=4660):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000400), 0x105000, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vxcan0\x00'})
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000000000)={0x4, <r2=>r0})
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000140)={{{@in=@dev, @in=@private}}, {{@in=@remote}, 0x0, @in6=@initdev}}, &(0x7f0000000280)=0xe8)
fsopen(0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r3, &(0x7f0000001880)=[{&(0x7f0000033a80)=""/102383, 0x18fef}], 0x1, 0x200007, 0x6d3)
syz_open_dev$sndctrl(&(0x7f0000000080), 0x4, 0x80080)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_int(r4, 0x6, 0x0, &(0x7f0000000c00), &(0x7f0000002000)=0x2)
r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x2, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x0)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x0)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
open$dir(&(0x7f00000002c0)='./control/file0\x00', 0x80040, 0x0)
rename(&(0x7f0000000300)='./control/file0\x00', &(0x7f0000000340)='./file1\x00')
ioctl$USBDEVFS_CONTROL(r5, 0xc0105500, &(0x7f0000000040)={0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_emit_ethernet(0x46, &(0x7f00000000c0)=ANY=[@ANYRES16], 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
getpid()
setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000400)="3f4e55f1", 0x4)
sendto$unix(0xffffffffffffffff, &(0x7f0000000080), 0xffffff9d, 0x0, 0x0, 0x0)
recvfrom(0xffffffffffffffff, &(0x7f00000030c0)=""/4117, 0xffffffffffffffbf, 0x0, 0x0, 0xffffffffffffff54)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005c40)=[{{0x0, 0x0, &(0x7f0000001500)=[{&(0x7f00000001c0)=',', 0x1}], 0x1}}], 0x1, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

4.785897448s ago: executing program 0 (id=4661):
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000280)={0x4000001, 0xcf5e})
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r1 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
io_setup(0x3fe, &(0x7f0000000100)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f00000001c0)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f0000000080)=' ', 0x1}])
pipe(&(0x7f0000000080))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r6, 0x0, 0x41, 0x0, 0x68)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000340)=ANY=[@ANYBLOB="50000000138ba06506a85c5e0fbe229a1d7a88d3a28d10000305000000001b000000000800008152b882c9706e610f8adb11a807c6f5b293af4d65e7670f7193a76db377ffbea89b00000000093cb75962f5b4c7", @ANYBLOB="00000000000000003000128008000100677265002400028005001600010000000500080007000000050008000900000008000400000100"], 0x50}}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r7 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r7, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendmmsg$inet6(r7, &(0x7f00000014c0)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)="845d", 0x2}], 0x1}}], 0x1, 0x4000c000)
sendto$inet6(r7, &(0x7f0000000300), 0x5a8, 0x0, 0x0, 0xfffffffffffffdfd)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000200)=[0x0, 0x0], 0x2})

4.395095611s ago: executing program 2 (id=4662):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(0xffffffffffffffff, 0xc01064b5, 0x0)
r1 = syz_open_dev$video(&(0x7f0000000040), 0x0, 0x0)
ioctl$VIDIOC_G_PRIORITY(r1, 0x80045643, 0x4dd395b241fb0335)
openat2$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0/..\x00', &(0x7f0000000300), 0x18)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000000340)=ANY=[@ANYRES64, @ANYRES32=r1, @ANYBLOB="ceb85c00eaa76f7f07f3a27d6e7081a3fddc1e678735f391f49abd24b7ecbf2fb1ca8db4ec77b45c0ac20afa621da9f205e01a0a1ffe5035544ca809f839505abc1d2a5a5e60"], 0x0)
setxattr$trusted_overlay_opaque(&(0x7f0000000140)='./file2\x00', &(0x7f0000000180), 0x0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x6c, r3, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x0, @loopback, 0xa27}}, {0x20, 0x2, @in6={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @multicast2}}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x6c}}, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
sched_rr_get_interval(0xffffffffffffffff, 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0)
setitimer(0x0, 0x0, 0x0)
r4 = fsopen(&(0x7f0000000000)='udf\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f0000000080)='iocharset', &(0x7f00000000c0)='io#harset', 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TCFLSH(r5, 0x540b, 0x1)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000280), 0x90800, 0x0)
timer_create(0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd, 0x0, 0x0, 0x0, {0x25c8}, 0x3})
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)

4.206896405s ago: executing program 1 (id=4663):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
lgetxattr(0x0, 0x0, 0x0, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='vlan0\x00', 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$loop(&(0x7f00000001c0), 0x75d, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="fc000000190001000000000000000000e0000001000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000044000500ac141400"/176], 0xfc}}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r2, &(0x7f0000005080), 0x0, 0x20008851)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="14f0ffff0f000100007b8ba64b0000000000000a14000000100001000000"], 0x28}}, 0x0)
r3 = socket$inet(0x2, 0x3, 0x14)
setsockopt$inet_msfilter(r3, 0x0, 0x21, &(0x7f00000000c0)=ANY=[], 0x1)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000014c0)={0x2, 0x0, 0x0}, 0x0)
r5 = accept4$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000340)=0x14, 0x1000)
getsockname$packet(r5, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x7b)
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="b40500000000000079109c000000000005000000000000009500000000000020ebeb5c4be7f470a9bc6858fa271210e07dfd01cec21f33c5d9a1d879bb396151b3e506a9a84b1c2b8bbaf5633d806326d00517474a1180732e3d1643f8e6022d7c8333090000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
openat$vmci(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0xbe, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff0800450000b0000000000011907841a806cb6994a98800000000009c90780100000000000000f4cb985d33b16266b5efb88aaa87eda081bac8b2f9a49d564054f1c9218f47b3cf8743eb4d9e776f94a6a58d36e006ac614f6f7bce9217cbfea31675d4a860cf6003977b1e4dbb16dc31cc76522bf19d5043edd2a8cc8c41345f8feb1a7a8e23043b8a465b1ed5bf8bc91307c7193f7edd1efc4742dc481e6f57f901948177bcc5dea4029ba4683a6bdcd7a1"], 0x0)
sendmsg$nl_route(r6, 0x0, 0x0)
r7 = openat$capi20(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$CAPI_NCCI_OPENCOUNT(r7, 0xc0104307, &(0x7f0000000080)=0x3)

4.031019207s ago: executing program 3 (id=4664):
syz_emit_ethernet(0x4a, &(0x7f0000000140)={@multicast, @remote, @void, {@ipv4={0x800, @icmp={{0x8, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local, {[@ra={0x94, 0x4, 0x1}, @end, @ssrr={0x89, 0x3, 0x92}, @noop]}}, @time_exceeded={0x3, 0x1, 0x0, 0x3, 0x0, 0x0, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0xc, 0x0, @empty, @remote}}}}}}, 0x0)
socket$nl_generic(0x11, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @local, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x2b, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @multicast1}, @address_request}}}}, 0x0)
sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@caif=@dgm={0x25, 0xd}, 0x2c, &(0x7f00000005c0)=[{&(0x7f0000000000)="4ba72c4cfd81685544f46c3f0800", 0x3e}], 0x2, 0x0, 0x0, 0x11000000}, 0x0)

3.946145726s ago: executing program 1 (id=4665):
syz_emit_ethernet(0x5, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080), 0x20000, 0x0)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x200000100000011, 0x3, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r3)
r4 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000000300)=""/56, 0x38)
getdents64(r4, &(0x7f0000000f80)=""/4096, 0x1000)
memfd_create(&(0x7f00000000c0)='v\xa6\xf5lj6,r\xaf\xe8\x10/\xecg\xed\xe3h\x80\xb8!y6w\xda\xdd\xb9\nR\xe8@\x99\xb9\x8a\x0fZ\t\x90\x8bp\x10\x84\x86t\x8a\xba\xc6\xfb\xd2\f\xef&\xad\xa8M\xe8\b\xb0#\xac)\x81\x1e\x8a\f\x11D\x90\xf5\xbb\x1c\xac\xc7\xad\xdc\\\x11\x95\xf8\xe6\xa7\xc3\xbc\x18+\x92\x92N\a\xa7\x7fN\x9bL\xf8\xebQs\x02\xf9\xadi\x8f\x0f\xff\x02n\x9d\x85\xea\x1a*\x1bC\xd8\x1c\xe8\x9bYS', 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000004e00), r7)
sendmsg$NL80211_CMD_GET_PROTOCOL_FEATURES(r7, &(0x7f0000005200)={0x0, 0x0, &(0x7f00000051c0)={&(0x7f0000005180)={0x14, r8, 0x1}, 0x14}}, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000200000071000040"])
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r9=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="400004001400c2b26dd25272000000", @ANYRES32=r9, @ANYBLOB="14000200fe8000000000000000000000000000aa140006000000000001f0ffff0000000000000000"], 0x40}}, 0x0)

3.905496378s ago: executing program 4 (id=4666):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r2 = socket$inet6(0xa, 0x3, 0x8000000003c)
unshare(0x28020480)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7ffc0000}]})
rseq(&(0x7f0000000040), 0x20, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x43}, 0x9}, 0x1c)
sendmsg(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000030c0)=[{&(0x7f0000000000)=',', 0x1}], 0x1}, 0x8940)
r3 = socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x0, 0x13012, r3, 0x0)
setrlimit(0x2, &(0x7f00000000c0)={0x0, 0x2400000})
mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x1000403, 0x2000000000032, 0xffffffffffffffff, 0x0)
writev(r2, &(0x7f0000000340)=[{&(0x7f0000000100)="5fc908ce8cb5049e077f3ba953190a8ce22e51a45861006641e661523ed30e13487a64d3e98231a20c5e08ebe24801b531c63d06db0e6cca2bdb10dd7d02d74ab9dd95bd33747598fc1e063ff967b7c16abd2076323dca7cd2cc5ab8225b6d31c8029cfe91c8f8c054ff41", 0x6b}, {&(0x7f0000000980)="941dd634f75d70afed00837e63d7a620c1b5fd6f48660a86826b474ffb6274f02f52586f30140dafd6a0baffee63a7bafec8837268f35cf21be882e4ac6c522534080f35b3033aeb3f84e473f0b8c5a0d132378d8d7ff5299fd7616415c9c97f6331af9d07a746bb657558522dcee4c292efe922ce9584ec0ca31b7f5362419bd2084f5f9d2ef32bb866383dcb862e17ae85989ce20040b023f6d6b6cae15622b6b9ab922f95edd7f1fe11b20efdecc038027fe452320671c98e51817e1ab6e62610629bb0fa0b8513df543828b7dc90c220c6e7b17c4c7176508749", 0x50c}, {&(0x7f0000000480)="11", 0x10}], 0x3)
r4 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'syz_tun\x00', <r5=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000e40)={0x0, 0x0, &(0x7f0000000e00)={&(0x7f0000000000)=@ipv4_newaddr={0x3c, 0x14, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r5}, [@IFA_BROADCAST={0x8, 0x4, @dev}, @IFA_LABEL={0x14}, @IFA_LOCAL={0x8, 0x2, @remote}]}, 0x3c}}, 0x0)

3.703392293s ago: executing program 3 (id=4667):
r0 = socket$inet(0x2, 0x2000080001, 0x84)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
ptrace$ARCH_MAP_VDSO_32(0x1e, 0x0, 0x5, 0x2002)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x10, r0, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x46, 0x0, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x10, &(0x7f0000000180), 0x4)
connect$inet6(r2, 0x0, 0x0)
mlockall(0x1)
epoll_ctl$EPOLL_CTL_MOD(0xffffffffffffffff, 0x3, 0xffffffffffffffff, &(0x7f00000000c0)={0x10})
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, &(0x7f00000001c0))
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000040)=0x10000)
ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000a00)=0x40000)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f0000005b80)={{{@in6=@remote, @in6=@rand_addr=' \x01\x00', 0x0, 0x0, 0x20}, {0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}}, {{@in, 0x0, 0x6c}, 0x0, @in=@rand_addr=0x64010101}}, 0xe8)
sendmsg$nl_xfrm(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="c4000000190001000000000000000000ac1414bb0000000000000000000000000000000000000000000000000000000000000000000000000a00", @ANYRES32=0x0, @ANYRES32=0xee01, @ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e5ffffffffffffff00000000000000000000000000000000000000000000000000000a0010000100000000000000"], 0xc4}}, 0x0)
sendmsg$nl_xfrm(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="100000001d0001000000004000e0"], 0x10}}, 0x0)
syz_emit_ethernet(0x56, &(0x7f0000000440)=ANY=[@ANYBLOB="787337cfac950551208c2c484a4bba44ced1aa384fccc6fb10df7c5da4ad1a86a7a4f80930671be56864d7a3aeb2abc956de721363ae8f33e14e34b9eb91324e1a77af1bce93862db6a277eadbb9c286cfb6185c27bab06af6c1f733faaafc0a1adfe904651cadb1a89c3074d5e285a33210cf9fe4c99ea91d4d6199561b1762f6274cb08b0e2dee2121645beba0bd6c11347b0ae5bbf35c86a53d31850ed84a95d451e2f9c3eb9aa619e6b90f48644e2137cf14e5335810d7548cdcadc98011bb205d6ec7ce7bde747437f547"], 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
mprotect(&(0x7f0000001000/0x400000)=nil, 0x400000, 0x0)

3.549855895s ago: executing program 0 (id=4668):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'wlan0\x00'})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x44}}, 0x0)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000000000202505a8a440000102030109021b00010100000009040000010701010009050102"], 0x0)
ioctl$VIDIOC_STREAMOFF(0xffffffffffffffff, 0x40045613, &(0x7f0000000180)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(0xffffffffffffffff, 0x40045532, 0x0)
r2 = openat$audio(0xffffffffffffff9c, 0x0, 0x88602, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r2, 0x80045017, 0x0)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0xfff, 0xffffffffffffffff, 0x0, 0xa0028000}, 0x38)
syz_io_uring_setup(0x4ea1, &(0x7f00000002c0)={0x0, 0x0, 0x10100}, &(0x7f0000000080), &(0x7f00000000c0)=<r3=>0x0)
syz_io_uring_setup(0x5de, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x1c3}, &(0x7f0000000940)=<r4=>0x0, &(0x7f0000000000))
syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD)
write$char_usb(0xffffffffffffffff, &(0x7f0000000140)="83", 0x1)
lstat(0x0, 0x0)

3.2986562s ago: executing program 3 (id=4669):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$FBIOGET_CON2FBMAP(r0, 0x460f, &(0x7f0000000080)={0x7})
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000001d40), 0x12200)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, &(0x7f0000002540)={0x2, 0x3, 0x7, 0x1, 0x7fffffff})
sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000000d14080025bd7000fbdbdf25080001ff0000100008000300010000000800030008003e0005000000252e5b7d33455a7721c685067d38160a0d30d0053f1f5d49278b1ac75249ec5554e515e915607d0c278ab173bda247b77d72"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x4042050)
r2 = syz_usb_connect$hid(0x6, 0x36, &(0x7f0000001580)=ANY=[], 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f0000000b00)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r3 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUCODE(r3, 0xc018480d, &(0x7f00000000c0)={0x2, 0x100, 0x0, 0xfffffffe})
syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0x2)
io_uring_setup(0x282, &(0x7f00000013c0)={0x0, 0x100000, 0x800, 0x0, 0xffffffff})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x400000000010001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0x29, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001280)={0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x55, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, &(0x7f0000001340)=[{0x4, 0x3, 0x8, 0x1}, {0x0, 0x3, 0x6, 0x8}, {0x5, 0x5, 0x88, 0x2}, {0x1, 0x3, 0xf, 0x4}, {0x3, 0x3, 0x7, 0x3}], 0x10, 0x406}, 0x90)
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000, 0x553732321a7ba210, &(0x7f0000136000/0x3000)=nil)
set_mempolicy_home_node(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r5, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x10, 0xffffffffffffffff, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
unshare(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r6 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r6, 0xc0a85320, &(0x7f0000000040)={{0x80}, 'port0\x00', 0xe3, 0x1b0407, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2})
read(r6, &(0x7f0000000280)=""/4096, 0x1000)

3.285814439s ago: executing program 4 (id=4670):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000001c0)={0x1b, 0x0, 0x0, 0x1, 0x0, 0x1, 0xe98, '\x00', 0x0, 0xffffffffffffffff, 0x5}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{}, 0x0, &(0x7f0000000080)}, 0x20)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000b80)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3400000002"], 0x34}}, 0x0)
r0 = syz_io_uring_setup(0x24fa, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(r0, &(0x7f0000000380)='cpuacct.usage_sys\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r4, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r5 = io_uring_setup(0x1698, &(0x7f0000000140)={0x0, 0x3, 0x0, 0xfffffffc, 0x4})
io_uring_register$IORING_REGISTER_BUFFERS(r5, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
syz_open_procfs(0x0, 0x0)
ioctl$CEC_RECEIVE(0xffffffffffffffff, 0xc0386106, &(0x7f0000000180)={0x1, 0x1, 0x0, 0x0, 0x0, 0x0, "5debca561a5fbf61048955f6f876b2ff"})
r6 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r6, r6, r6}, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha1-ssse3\x00'}})
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r7 = openat$cgroup_ro(r4, &(0x7f0000000300)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r7, &(0x7f0000000200), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r7, 0x0)

3.246556569s ago: executing program 2 (id=4671):
pipe(&(0x7f0000000300))
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{0x0}], 0x1, 0x0, 0x0, 0x6c000000}, 0x40)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = syz_open_procfs(0x0, 0x0)
getdents64(r3, &(0x7f0000002f40)=""/4098, 0x1002)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f00000003c0))
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r4 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r4, 0xc4c85513, &(0x7f0000000700)={{0x2}, 0x0, [0x2000000, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x2000000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xfffffffffffffffd]})
epoll_create1(0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
shmctl$IPC_RMID(0x0, 0x0)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000540)=0x14)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r5, 0x8933, &(0x7f0000000880))
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000380)={0xffffffffffffffff, <r6=>0xffffffffffffffff}, 0x4)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r6, 0x0}, 0x20)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'lo\x00', <r9=>0x0})
sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYRES32=r9, @ANYBLOB="08000200ac"], 0x20}}, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0xd931d3864d39dcca)

2.7311717s ago: executing program 1 (id=4672):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f00000002c0)=0x4000007, 0x4)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000008c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x0, 0x268, 0x311, 0x0, 0x268, 0x3f0, 0x460, 0x460, 0x3f0, 0x460, 0x9, 0x0, {[{{@uncond, 0x160, 0x288, 0x2b0, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0x9, 0x0, 0x0, 0x0, 0x5, 0x9}}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @local, @private2, @remote, [], [], [], 0x0, 0x7863}}]}, @common=@unspec=@NFQUEUE2={0x28}}, {{@ipv6={@private2, @remote, [], [], 'ip6gretap0\x00', 'ip6_vti0\x00'}, 0x0, 0xd8, 0x140, 0xe4030000, {}, [@common=@unspec=@realm={{0x30}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, &(0x7f0000000500)={'filter\x00', 0x7, 0x4, 0x3f0, 0x0, 0x0, 0x1f8, 0xe8, 0x308, 0x308, 0x4, 0x0, {[{{@arp={@multicast2, @rand_addr, 0x0, 0x0, 0x0, 0x0, {@mac=@local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_hsr\x00', 'bond_slave_1\x00'}, 0xc0, 0xe8}, @unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@arp={@empty, @loopback, 0x0, 0x0, 0x0, 0x0, {}, {@mac=@random="b298f684aa1e"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'xfrm0\x00', 'bridge0\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@broadcast, @multicast1, @broadcast}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac=@dev, @remote, @local}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x440)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
r5 = fsopen(&(0x7f0000000ec0)='zonefs\x00', 0x0)
r6 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000f80)='./file0\x00', &(0x7f0000000fc0)={0x2c00, 0x40, 0x9}, 0x18)
fsconfig$FSCONFIG_SET_PATH_EMPTY(r5, 0x4, &(0x7f0000000f00)='-\x00', &(0x7f0000000f40)='./file0\x00', r6)
r7 = syz_open_dev$vbi(&(0x7f0000000040), 0x2, 0x2)
ioctl$VIDIOC_S_CTRL(r7, 0xc008561c, &(0x7f00000000c0)={0x2, 0x4})
io_uring_setup(0x0, &(0x7f0000000000)={0x0, 0x0, 0x2000, 0x1, 0x317})
io_uring_setup(0x2849, &(0x7f0000000e40)={0x0, 0x7922, 0x8, 0xfffffffb, 0x10, 0x0, r4})
setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000000000)=0x5, 0x4)
socket$inet_udplite(0x2, 0x2, 0x88)
bind$inet6(r4, &(0x7f0000000080)={0xa, 0x14e22, 0x0, @ipv4}, 0x1c)
listen(r4, 0x0)
listen(r1, 0x0)
close(0xffffffffffffffff)
sendmsg$IPCTNL_MSG_CT_GET_STATS(r0, &(0x7f0000000e00)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f00000004c0)={0x0}, 0x1, 0x0, 0x0, 0x4084}, 0x800)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000000)={'filter\x00', 0xb001, 0x4, 0x3c0, 0x2d8, 0x0, 0xe8, 0x2d8, 0x2d8, 0x2d8, 0x7fffffe, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE0={0x28}}, {{@arp={@loopback, @broadcast, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'wg2\x00', 'bridge_slave_0\x00'}, 0xc0, 0xe8, 0x0, {0x0, 0x1e03}}, @unspec=@MARK={0x28}}, {{@arp={@empty, @broadcast, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'nicvf0\x00', 'veth0_to_hsr\x00'}, 0xc0, 0x108}, @unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00'}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x410)
r8 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000480), 0x2, 0x0)
ioctl$VIDIOC_S_FMT(r8, 0xc0d05605, &(0x7f0000000080)={0x9, @pix={0x22b1, 0x2a, 0x38414262, 0x8, 0x529feb92, 0x3, 0x3, 0x8, 0x1, 0x2, 0x0, 0x2}})
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a300000000040000000160a01000000000000000000010000000900010073797a30000000000900020073797a3000000000140003800800014000000000080002400000000050000000160a0101000b000000000000010000000900020073797a30000000000900010073797a30000000001c000380180003801400010076657468305f746f5f68737200000000080007"], 0xd8}, 0x1, 0x0, 0x0, 0x4}, 0x40000)

2.503539364s ago: executing program 1 (id=4673):
writev(0xffffffffffffffff, &(0x7f0000000500)=[{&(0x7f00000002c0)="21f82d8c896a72a34cb308f5534e22da27094c8e3076b329c6bf383aa2d8b13c7768cb5dec06436af4f3686c", 0x2c}], 0x1)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={0x0, 0x54}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x288, 0x65, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {}, {0xfff2}}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_u32={{0x8}, {0x54, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth0_to_team\x00'}, @TCA_U32_INDEV={0x14, 0x8, 'veth0\x00'}, @TCA_U32_HASH={0x8}, @TCA_U32_CLASSID={0x8}, @TCA_U32_MARK={0x10}, @TCA_U32_FLAGS={0x8}]}}, @TCA_CHAIN={0x8}, @TCA_RATE={0x6}, @filter_kind_options=@f_route={{0xa}, {0x1e4, 0x2, [@TCA_ROUTE4_ACT={0x130, 0x6, [@m_csum={0xd0, 0x1, 0x0, 0x0, {{0x9}, {0x74, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x1, 0x38000000, 0x20000000, 0x8, 0x4}, 0x57}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x9, 0x6, 0x10000006, 0x10001, 0x60}, 0x49}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x1, 0x4, 0xffffffffffffffff, 0x6, 0x2}, 0x45}}, @TCA_CSUM_PARMS={0x1c, 0x1, {{0x5, 0x400, 0x10000000, 0x1d4ff1bb, 0x4}, 0x1c}}]}, {0x31, 0x6, "991484448f1d00330606eae8262acc6b874adb0b5f39b5acc02b0f0c146eb28c42c5557089903d448af6c4bff6"}, {0xc}, {0xc, 0x8, {0x2}}}}, @m_nat={0x2c, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_csum={0x30, 0x0, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}, @TCA_ROUTE4_ACT={0x98, 0x6, [@m_connmark={0x94, 0x0, 0x0, 0x0, {{0xd}, {0x4}, {0x61, 0x6, "91a991d04aa8cb411880b88050856c4a5b99aafe5cf70a535f4e162db7c30535ebf5e9ab54237bf6d2780785c80bcf9eae2d6d6d65f242d28d9992d8a093d12a497447bc2a6c4f73538dbca11ebb12d1c8ea001eac3246ebaf518402b8"}, {0xc}, {0xc}}}]}, @TCA_ROUTE4_TO={0x8}, @TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_FROM={0x8, 0x3, 0xa3}]}}]}, 0x288}}, 0x0)
r0 = socket(0x10, 0x803, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_DISCSIGNAL(r1, 0x8010550e, &(0x7f0000000300)={0x0, 0x0})
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000380)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f00000003c0)={0x58, 0x0, 0x100, 0x70bd29, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @val={0xc, 0x99, {0x1400, 0x51}}}}, [@NL80211_ATTR_CQM={0x4}, @NL80211_ATTR_CQM={0x2c, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x5]}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x5ee}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0xffffffff}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x200]}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0xffff7fff}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x10}, 0x80)
r3 = openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r3, 0x3b81, &(0x7f00000002c0)={0xc, 0x0, <r4=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r3, 0x3b85, 0x0)
ioctl$IOMMU_IOAS_MAP(r3, 0x3b85, &(0x7f0000000140)={0x28, 0x0, r4, 0x0, &(0x7f0000000040)})
syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r5 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r5, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000107d1e5a2d00000000000109022400010000000009040000010300020009210000000122050009058103000000005f4a97"], 0x0)
r7 = socket(0x10, 0x3, 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0)
ioctl$TUNSETQUEUE(r8, 0x400454d9, &(0x7f0000000600)={'pimreg1\x00', 0x600})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
sendmsg$nl_route_sched(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000100)=@newqdisc={0x3c, 0x24, 0xd0f, 0x20, 0x0, {0x60, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0xc, 0x2, [@TCA_CAKE_FWMARK={0x8}]}}]}, 0x3c}}, 0x0)
syz_usb_control_io(r6, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000f40)=ANY=[@ANYBLOB], 0x0)
r9 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r9, 0x4601, &(0x7f0000000040)={0x190, 0x258, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x2, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3})
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

2.190486854s ago: executing program 2 (id=4674):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@getchain={0x24, 0x66, 0x20, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xa, 0xfff3}, {0x0, 0xd}, {0x0, 0x10}}}, 0x24}}, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc601})
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c86dd0784f0"], 0xffe)

2.164260536s ago: executing program 4 (id=4675):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
lgetxattr(0x0, 0x0, 0x0, 0x0)
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='vlan0\x00', 0x10)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_open_dev$loop(&(0x7f00000001c0), 0x75d, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="fc000000190001000000000000000000e0000001000000000000000000000000fc01000000000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000044000500ac141400"/176], 0xfc}}, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet6(r2, &(0x7f0000005080), 0x0, 0x20008851)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="14f0ffff0f000100007b8ba64b0000000000000a14000000100001000000"], 0x28}}, 0x0)
r3 = socket$inet(0x2, 0x3, 0x14)
setsockopt$inet_msfilter(r3, 0x0, 0x21, &(0x7f00000000c0)=ANY=[], 0x1)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f00000014c0)={0x2, 0x0, 0x0}, 0x0)
r5 = accept4$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000340)=0x14, 0x1000)
getsockname$packet(r5, &(0x7f0000000380)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x7b)
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000500)=ANY=[@ANYBLOB="b40500000000000079109c000000000005000000000000009500000000000020ebeb5c4be7f470a9bc6858fa271210e07dfd01cec21f33c5d9a1d879bb396151b3e506a9a84b1c2b8bbaf5633d806326d00517474a1180732e3d1643f8e6022d7c8333090000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
openat$vmci(0xffffff9c, &(0x7f0000000180), 0x2, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
syz_emit_ethernet(0xbe, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff0800450000b0000000000011907841a806cb6994a98800000000009c90780100000000000000f4cb985d33b16266b5efb88aaa87eda081bac8b2f9a49d564054f1c9218f47b3cf8743eb4d9e776f94a6a58d36e006ac614f6f7bce9217cbfea31675d4a860cf6003977b1e4dbb16dc31cc76522bf19d5043edd2a8cc8c41345f8feb1a7a8e23043b8a465b1ed5bf8bc91307c7193f7edd1efc4742dc481e6f57f901948177bcc5dea4029ba4683a6bdcd7a1"], 0x0)
sendmsg$nl_route(r6, 0x0, 0x0)
r7 = openat$capi20(0xffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$CAPI_NCCI_OPENCOUNT(r7, 0xc0104307, &(0x7f0000000080)=0x3)

1.950144622s ago: executing program 4 (id=4676):
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x74, 0x101201)
ioctl$USBDEVFS_CONTROL(r0, 0xc0185500, &(0x7f0000000000)={0x0, 0x1, 0x1, 0xfe, 0x0, 0x0, 0x0})
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x1}, 0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0xcf88, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
sendfile(r2, 0xffffffffffffffff, 0x0, 0x7ffffffd)
r3 = dup(0xffffffffffffffff)
write$UHID_INPUT(r3, &(0x7f0000002080)={0xf, {"a2e3ad21e08eeb661b5e060987f70e06d038e7ff7fc6e5539b0d650e8b089b3f363b68090890e0878f0e1ac6e7049b3b44959b649a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07420936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c554336909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f6777478bc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5dc29a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f6435f7590000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9a53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02da93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d0300000000000000b378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d678746383074c6bc1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b3c7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0da42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x104d}}, 0x1006)

1.928760237s ago: executing program 2 (id=4677):
socket(0x200000100000011, 0x2, 0x0)
openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x20301, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4040aea0, &(0x7f00000000c0)={0x73, 0x0, 0xfc, 0x0, 0xffffffff, 0xa, 0x7f, 0x7, 0x0, 0x0, 0xc, 0x7, 0x0, 0x5, 0x4, 0xba, 0x0, 0x4, 0x1, '\x00', 0x0, 0x9})
socket$caif_stream(0x25, 0x1, 0x1)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
write$FUSE_INIT(r0, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r3 = dup(r2)
sendmsg$inet(r3, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYRESHEX=0x0], 0x18}, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r5 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r6 = fcntl$dupfd(r5, 0x0, r4)
ioctl$SOUND_MIXER_READ_STEREODEVS(r6, 0x80044dfb, &(0x7f0000000080))
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r7 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
r8 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r8, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
memfd_create(&(0x7f0000000ac0)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d  \x97\xf5G\x97A\xc2\xd8\xf0Uq\xe6+\xa5l\x94\v\xb6\a\x17\\\xfb\x04!\xe4\xc4\xb1\xa2\x1c\a\x00;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\xa1\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\xb7/\xa5\xa7\xeb\xf4b/\xef!\x8f\xf6]-\xe9k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xffY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84,\xd3\x06\xaeO \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x00\x04\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96\xb8\x02\x13pA\x19\tf\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcc\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2Cw\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93', 0xe)
socket$nl_route(0x10, 0x3, 0x0)
r9 = syz_usb_connect(0x1, 0x36, &(0x7f0000000680)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a86200000904000002ca744d07090503020000ff99090805848f"], &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x2, [{0x0, 0x0}, {0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x1401}}]})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, 0x0, &(0x7f0000000380))
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r9)
r10 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r10, 0xffffffffffffffff, 0x0)

1.849681365s ago: executing program 0 (id=4678):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@my=0x0})
gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000700), 0x0)
read(r2, &(0x7f0000000200)=""/209, 0xd1)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r2, 0x40505331, &(0x7f00000000c0)={0x80})
tkill(0x0, 0x7)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_buf(r3, 0x0, 0x10, &(0x7f0000000000)="170000000200020000ffbe8c5ee17688120032000203000aff3f000057fc5ad90200bb6a880000d6c9db0000db15000200ff01800a0000ebfc0607bdff59100ac45761547a681f009cee4a5acba400001fb700674f00c88ebbf9315033bf79ac2dfc061f15003901dee2ffffffffe9000000000000000062068f5ee50c08af9b1c568302ffff02ff03310800ab0840024f0298e9e90539062a80e605007f71174ab498a30b3e5a1b47b63a6323ded2aa084cd36276a3a5f7", 0xb8)
r4 = socket$inet_dccp(0x2, 0x6, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, 0xffffffffffffffff, 0x0)
setsockopt(r4, 0x800000010d, 0x0, &(0x7f0000000000)="dd4e2f10", 0x4)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r1, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r1, 0x7b1, &(0x7f0000000140)={0x0, 0x6, 0xffffffffffffff3b})
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)=ANY=[@ANYBLOB="120100006516b7108c0d0e008f8e0700030109021b0001000000000904080001030000000905443f"], 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r5, 0x4068aea3, &(0x7f0000000080)={0xdb, 0x0, 0x7})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="38000000100000000000f000000000000000000083ac62766761c63925a1476781fb6ccd930727f240ffff9a836b1aec39f640c3edb83863149aa90ea70443d9b39f98cf317a8325a3c2e3383d1ebd4ad8d88bd66cd3e86da7fb48bb1dae632ec46915b3b5f8e16aaa4f48fde6f55df02f4a73bf98d6576b5e822317e5eb1a1b33dd396f1913764dc7b2e7f8f5360f317cb1d8801658ce3a74bb0001e838e1c1d3f5d35173bc8f472859c5", @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800b00010067656e65766500000800028004000e00"], 0x38}}, 0x0)
socket$kcm(0x10, 0x3, 0x10)
ioctl$PPPIOCGNPMODE(0xffffffffffffffff, 0xc008744c, &(0x7f0000000480)={0xc029, 0x3})
sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x34, 0x0, 0x0, 0x0, 0x0, {0x10}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_hsr\x00'}]}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_LOW={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000400}, 0x0)
r6 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r6, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
accept4(r6, 0x0, 0x0, 0x0)

1.699189582s ago: executing program 4 (id=4679):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB="12010000000000406d6a32c500000000000109022400010000000009040000010300000009210000000905810300000000004368b8a8a29ac1b5fb4998f10b04dcf3e671638c356d12fe2cb88af971e01a21584adb70fc84a9e20cec7d40d9238ddfc890e1076d2f7a27dd4b8934f08d77af5be234e2b08afe450f1c3d039d22455d72479436d58c2272b0056d9de14d5239de350def596d5ab28ddac3c84b12000000005200b84d3c483a6f"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00220200003fd6448a07a8671c832b28a115ae0019b4"], 0x0}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="a40000005065f55d0c7d89d534a3a5e55a1a7bf70a116a8007152b5062399236b559bc0d00f124ecb4adb2", @ANYRES16=r2, @ANYBLOB="010000000000000000000100000058000880540000802c00098028000080060001000a0000001400020000000000000000000000000000000000050003000200000024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c24000300b08073e8d44e91e3da922c22438244bb885c69e269c8e9d835b114293a4ddc6e1400020077673000"/158], 0xa4}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f0000000340), 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x8000000000080001, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r5)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_DEL_TX_TS(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)=ANY=[@ANYBLOB="300000006de1edf62f826ec89f873b8877fa265bd86fc81c2c31df0b10ca30043eb0f17a04dd45dec5f06e86b8aa5796507ed7573a444300f34439cc78488dabfd1110aa3f80bf1f1fdc5ef088b778afe40ea1b51b2c85d20a3dc1315d787e759077bd72d0c440f9e0a90fc494e00fdbff4735bb", @ANYRES8=r3, @ANYBLOB="010000000000000000006a02000008af9828c6a3000300", @ANYRES32=r6], 0x30}, 0x1, 0x0, 0x0, 0x4000080}, 0x0)
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f00000000c0)={0xe8, {{0xa, 0x0, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}}}, {{0xa, 0x0, 0xfffffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x108)
r7 = syz_open_procfs(0x0, &(0x7f0000000380)='mounts\x00')
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90124fc60", 0x14}], 0x1}, 0x0)
recvmsg$kcm(r8, &(0x7f0000000140)={0x0, 0x34, &(0x7f00000001c0)=[{&(0x7f0000002640)=""/4093, 0xffd}, {&(0x7f0000000080)=""/184, 0xb8}], 0x2}, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000600)=ANY=[@ANYBLOB="8400000000010103000000000000000000000000240001801400016a79a0e1000000000108000200ac1414bb0600028005000100000000002400028000000340000400000000018000000300fc02000000000000000000000000000000000400000000000000000000000000000000010800074000000000204f889b91000180080001007f000001080002000c0000000000018000000100ac1414aa000002"], 0x84}}, 0x48800)
read$FUSE(r7, &(0x7f0000006480)={0x2020}, 0x2020)
preadv(r7, &(0x7f0000001680)=[{&(0x7f0000000580)=""/81, 0x51}], 0x1, 0xfffffffd, 0x0)
read$FUSE(r7, &(0x7f00000016c0)={0x2020}, 0x2020)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0x4008af12, 0x0)

0s ago: executing program 3 (id=4680):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB="12010000000000406d6a32c500000000000109022400010000000009040000010300000009210000000905810300000000004368b8a8a29ac1b5fb4998f10b04dcf3e671638c356d12fe2cb88af971e01a21584adb70fc84a9e20cec7d40d9238ddfc890e1076d2f7a27dd4b8934f08d77af5be234e2b08afe450f1c3d039d22455d72479436d58c2272b0056d9de14d5239de350def596d5ab28ddac3c84b12000000005200b84d3c483a6f"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00220200003fd6448a07a8671c832b28a115ae0019b4"], 0x0}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$WG_CMD_SET_DEVICE(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)=ANY=[@ANYBLOB="a40000005065f55d0c7d89d534a3a5e55a1a7bf70a116a8007152b5062399236b559bc0d00f124ecb4adb2", @ANYRES16=r2, @ANYBLOB="010000000000000000000100000058000880540000802c00098028000080060001000a0000001400020000000000000000000000000000000000050003000200000024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c24000300b08073e8d44e91e3da922c22438244bb885c69e269c8e9d835b114293a4ddc6e1400020077673000"/158], 0xa4}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000)
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(0xffffffffffffffff, 0x84, 0x21, &(0x7f0000000340), 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x8000000000080001, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r5)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000000)={'wlan1\x00'})
setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f00000000c0)={0xe8, {{0xa, 0x0, 0x3, @private1={0xfc, 0x1, '\x00', 0x1}}}, {{0xa, 0x0, 0xfffffffe, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x108)
r7 = syz_open_procfs(0x0, &(0x7f0000000380)='mounts\x00')
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90124fc60", 0x14}], 0x1}, 0x0)
recvmsg$kcm(r8, &(0x7f0000000140)={0x0, 0x34, &(0x7f00000001c0)=[{&(0x7f0000002640)=""/4093, 0xffd}, {&(0x7f0000000080)=""/184, 0xb8}], 0x2}, 0x0)
read$FUSE(r7, &(0x7f0000006480)={0x2020}, 0x2020)
preadv(r7, &(0x7f0000001680)=[{&(0x7f0000000580)=""/81, 0x51}], 0x1, 0xfffffffd, 0x0)
read$FUSE(r7, &(0x7f00000016c0)={0x2020}, 0x2020)
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)

kernel console output (not intermixed with test programs):

s!
[ 1225.634783][T23635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1225.643202][T16625] usb 4-1: config 1 interface 0 altsetting 14 endpoint 0x1 has invalid maxpacket 11455, setting to 64
[ 1225.651358][T23635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1225.672159][T16625] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1225.677400][T23635] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1225.681436][T16625] usb 4-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice= 0.40
[ 1225.707324][T23635] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1225.713502][T16625] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1225.726084][T16625] usb 4-1: Product: syz
[ 1225.749563][T16625] usb 4-1: Manufacturer: syz
[ 1225.763194][  T940] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input56
[ 1225.783840][T23635] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1225.801601][T16625] usb 4-1: SerialNumber: syz
[ 1225.846612][ T4665] bcm5974 1-1:1.0: could not read from device
[ 1225.885854][ T4665] bcm5974 1-1:1.0: could not read from device
[ 1225.906022][  T940] usb 1-1: USB disconnect, device number 116
[ 1225.923084][ T4665] bcm5974 1-1:1.0: could not read from device
[ 1226.010416][T23635] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1226.035050][T23635] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1226.052398][T23635] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1226.073983][T23904] netlink: 12 bytes leftover after parsing attributes in process `syz.4.4416'.
[ 1226.083300][T23635] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1226.193345][T16625] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input57
[ 1226.254823][ T4665] bcm5974 4-1:1.0: could not read from device
[ 1226.310254][ T4665] bcm5974 4-1:1.0: could not read from device
[ 1226.322160][T16625] usb 4-1: USB disconnect, device number 76
[ 1226.536577][T22911] hsr_slave_0: left promiscuous mode
[ 1226.543309][T23919] FAULT_INJECTION: forcing a failure.
[ 1226.543309][T23919] name failslab, interval 1, probability 0, space 0, times 0
[ 1226.560476][T22911] hsr_slave_1: left promiscuous mode
[ 1226.576649][T22911] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1226.598017][T22911] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1226.615244][T22911] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1226.622346][T23919] CPU: 0 UID: 0 PID: 23919 Comm: syz.0.4419 Not tainted 6.11.0-rc4-syzkaller-00255-gd2bafcf224f3 #0
[ 1226.633583][T23919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1226.643632][T23919] Call Trace:
[ 1226.646905][T23919]  <TASK>
[ 1226.649826][T23919]  dump_stack_lvl+0x241/0x360
[ 1226.654501][T23919]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1226.659688][T23919]  ? __pfx__printk+0x10/0x10
[ 1226.664275][T23919]  ? __kmalloc_noprof+0xb0/0x400
[ 1226.669207][T23919]  ? __pfx___might_resched+0x10/0x10
[ 1226.674483][T23919]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1226.680459][T23919]  should_fail_ex+0x3b0/0x4e0
[ 1226.685217][T23919]  ? sock_kmalloc+0xd7/0x160
[ 1226.689799][T23919]  should_failslab+0xac/0x100
[ 1226.694474][T23919]  ? sock_kmalloc+0xd7/0x160
[ 1226.699057][T23919]  __kmalloc_noprof+0xd8/0x400
[ 1226.703814][T23919]  sock_kmalloc+0xd7/0x160
[ 1226.708222][T23919]  af_alg_alloc_areq+0x90/0x260
[ 1226.713071][T23919]  skcipher_recvmsg+0x382/0x1230
[ 1226.718011][T23919]  ? __pfx_skcipher_recvmsg+0x10/0x10
[ 1226.723371][T23919]  ? aa_sock_msg_perm+0x91/0x160
[ 1226.728299][T23919]  ? bpf_lsm_socket_recvmsg+0x9/0x10
[ 1226.733575][T23919]  ? security_socket_recvmsg+0x90/0xb0
[ 1226.739029][T23919]  ? __pfx_skcipher_recvmsg+0x10/0x10
[ 1226.744393][T23919]  sock_recvmsg+0x22f/0x280
[ 1226.748924][T23919]  ____sys_recvmsg+0x1db/0x470
[ 1226.753726][T23919]  ? __pfx_____sys_recvmsg+0x10/0x10
[ 1226.759056][T23919]  do_recvmmsg+0x474/0xae0
[ 1226.763474][T23919]  ? __pfx_lock_release+0x10/0x10
[ 1226.768505][T23919]  ? __pfx_do_recvmmsg+0x10/0x10
[ 1226.773451][T23919]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[ 1226.779340][T23919]  ? ksys_write+0x23e/0x2c0
[ 1226.783837][T23919]  ? __pfx_lock_release+0x10/0x10
[ 1226.788859][T23919]  ? vfs_write+0x7c4/0xc90
[ 1226.793277][T23919]  ? __mutex_unlock_slowpath+0x21d/0x750
[ 1226.798908][T23919]  ? __fget_files+0x3f6/0x470
[ 1226.803591][T23919]  __x64_sys_recvmmsg+0x199/0x250
[ 1226.808609][T23919]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[ 1226.814150][T23919]  ? do_syscall_64+0x100/0x230
[ 1226.818903][T23919]  ? do_syscall_64+0xb6/0x230
[ 1226.823574][T23919]  do_syscall_64+0xf3/0x230
[ 1226.828067][T23919]  ? clear_bhb_loop+0x35/0x90
[ 1226.832736][T23919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1226.838619][T23919] RIP: 0033:0x7fec0f579e79
[ 1226.843026][T23919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1226.862707][T23919] RSP: 002b:00007fec103f5038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 1226.871109][T23919] RAX: ffffffffffffffda RBX: 00007fec0f715f80 RCX: 00007fec0f579e79
[ 1226.879069][T23919] RDX: 0000000000000001 RSI: 0000000020001c40 RDI: 0000000000000004
[ 1226.887033][T23919] RBP: 00007fec103f5090 R08: 0000000000000000 R09: 0000000000000000
[ 1226.895014][T23919] R10: 0000000000000001 R11: 0000000000000246 R12: 0000000000000001
[ 1226.902991][T23919] R13: 0000000000000000 R14: 00007fec0f715f80 R15: 00007fec0f83fa38
[ 1226.910976][T23919]  </TASK>
[ 1226.933260][T22911] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1227.030791][T22911] veth1_macvtap: left promiscuous mode
[ 1227.044705][T22911] veth0_macvtap: left promiscuous mode
[ 1227.060750][T22911] veth1_vlan: left promiscuous mode
[ 1227.097931][T22911] veth0_vlan: left promiscuous mode
[ 1227.602285][T16625] usb 3-1: new high-speed USB device number 92 using dummy_hcd
[ 1227.816805][T16625] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1227.866818][T16625] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1227.920541][T16625] usb 3-1: New USB device found, idVendor=6a6d, idProduct=c532, bcdDevice= 0.00
[ 1227.971551][T16625] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1228.023839][T16625] usb 3-1: config 0 descriptor??
[ 1228.035792][T16625] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1228.615258][T22911] team0 (unregistering): Port device team_slave_1 removed
[ 1228.724603][T22911] team0 (unregistering): Port device team_slave_0 removed
[ 1228.775372][T23966] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4427'.
[ 1229.701279][T23960] IPVS: Error connecting to the multicast addr
[ 1229.865406][T14514] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1229.918695][T14514] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1230.071435][T14521] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1230.091114][T14521] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1230.327683][T16625] usb 4-1: new high-speed USB device number 77 using dummy_hcd
[ 1230.554399][T16625] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1230.649710][T16625] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1230.690120][T16625] usb 4-1: config 0 descriptor??
[ 1230.700476][T23999] IPVS: Error connecting to the multicast addr
[ 1230.710169][T16625] cp210x 4-1:0.0: cp210x converter detected
[ 1230.906274][ T1793] usb 3-1: USB disconnect, device number 92
[ 1231.157594][T16625] usb 4-1: cp210x converter now attached to ttyUSB0
[ 1231.196153][T16625] usb 4-1: USB disconnect, device number 77
[ 1231.242422][T16625] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1231.274862][T16625] cp210x 4-1:0.0: device disconnected
[ 1231.288140][T24008] FAULT_INJECTION: forcing a failure.
[ 1231.288140][T24008] name failslab, interval 1, probability 0, space 0, times 0
[ 1231.356694][T24008] CPU: 0 UID: 0 PID: 24008 Comm: syz.2.4433 Not tainted 6.11.0-rc4-syzkaller-00255-gd2bafcf224f3 #0
[ 1231.367484][T24008] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1231.377534][T24008] Call Trace:
[ 1231.380802][T24008]  <TASK>
[ 1231.383738][T24008]  dump_stack_lvl+0x241/0x360
[ 1231.388425][T24008]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1231.393624][T24008]  ? __pfx__printk+0x10/0x10
[ 1231.398227][T24008]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[ 1231.404221][T24008]  ? __pfx___might_resched+0x10/0x10
[ 1231.409499][T24008]  should_fail_ex+0x3b0/0x4e0
[ 1231.414169][T24008]  should_failslab+0xac/0x100
[ 1231.418839][T24008]  ? __alloc_skb+0x1c3/0x440
[ 1231.423423][T24008]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 1231.429239][T24008]  __alloc_skb+0x1c3/0x440
[ 1231.433649][T24008]  ? __pfx___alloc_skb+0x10/0x10
[ 1231.438567][T24008]  ? netlink_autobind+0xd6/0x2f0
[ 1231.443485][T24008]  ? netlink_autobind+0x2b0/0x2f0
[ 1231.448503][T24008]  netlink_sendmsg+0x638/0xcb0
[ 1231.453271][T24008]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1231.458537][T24008]  ? __import_iovec+0x536/0x820
[ 1231.463372][T24008]  ? aa_sock_msg_perm+0x91/0x160
[ 1231.468293][T24008]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1231.473566][T24008]  ? security_socket_sendmsg+0x87/0xb0
[ 1231.479024][T24008]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1231.484296][T24008]  __sock_sendmsg+0x221/0x270
[ 1231.488960][T24008]  ____sys_sendmsg+0x525/0x7d0
[ 1231.493713][T24008]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1231.498996][T24008]  __sys_sendmsg+0x2b0/0x3a0
[ 1231.503666][T24008]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1231.508759][T24008]  ? vfs_write+0x7c4/0xc90
[ 1231.513182][T24008]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1231.519492][T24008]  ? do_syscall_64+0x100/0x230
[ 1231.524238][T24008]  ? do_syscall_64+0xb6/0x230
[ 1231.528912][T24008]  do_syscall_64+0xf3/0x230
[ 1231.533400][T24008]  ? clear_bhb_loop+0x35/0x90
[ 1231.538058][T24008]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1231.543933][T24008] RIP: 0033:0x7f10b0779e79
[ 1231.548341][T24008] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1231.567941][T24008] RSP: 002b:00007f10b148e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1231.576353][T24008] RAX: ffffffffffffffda RBX: 00007f10b0915f80 RCX: 00007f10b0779e79
[ 1231.584312][T24008] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000000000004
[ 1231.592281][T24008] RBP: 00007f10b148e090 R08: 0000000000000000 R09: 0000000000000000
[ 1231.600244][T24008] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1231.608206][T24008] R13: 0000000000000000 R14: 00007f10b0915f80 R15: 00007f10b0a3fa38
[ 1231.616173][T24008]  </TASK>
[ 1231.619235][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1232.034990][T24023] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4435'.
[ 1232.252353][ T1793] usb 3-1: new high-speed USB device number 93 using dummy_hcd
[ 1232.362247][T16625] usb 5-1: new high-speed USB device number 103 using dummy_hcd
[ 1232.372265][T17461] usb 1-1: new high-speed USB device number 117 using dummy_hcd
[ 1232.452269][ T1793] usb 3-1: Using ep0 maxpacket: 32
[ 1232.459774][ T1793] usb 3-1: config 0 has an invalid interface number: 219 but max is 0
[ 1232.468749][ T1793] usb 3-1: config 0 has no interface number 0
[ 1232.475154][ T1793] usb 3-1: config 0 interface 219 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1232.486340][ T1793] usb 3-1: config 0 interface 219 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[ 1232.498186][ T1793] usb 3-1: config 0 interface 219 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[ 1232.509717][ T1793] usb 3-1: config 0 interface 219 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1232.521895][ T1793] usb 3-1: config 0 interface 219 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023
[ 1232.540146][ T1793] usb 3-1: config 0 interface 219 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1232.560621][ T1793] usb 3-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9
[ 1232.562194][T16625] usb 5-1: Using ep0 maxpacket: 32
[ 1232.569865][ T1793] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1232.587645][ T1793] usb 3-1: Product: syz
[ 1232.592412][ T1793] usb 3-1: Manufacturer: syz
[ 1232.597428][ T1793] usb 3-1: SerialNumber: syz
[ 1232.599703][T17461] usb 1-1: too many endpoints for config 0 interface 0 altsetting 115: 64, using maximum allowed: 30
[ 1232.611973][ T1793] usb 3-1: config 0 descriptor??
[ 1232.628611][T16625] usb 5-1: config 0 has an invalid interface number: 219 but max is 0
[ 1232.642400][T17461] usb 1-1: config 0 interface 0 altsetting 115 has 0 endpoint descriptors, different from the interface descriptor's value: 64
[ 1232.656396][T24029] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1232.671539][T24029] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1232.681965][T16625] usb 5-1: config 0 has no interface number 0
[ 1232.694035][T16625] usb 5-1: config 0 interface 219 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1232.705200][T17461] usb 1-1: config 0 interface 0 has no altsetting 0
[ 1232.724801][T17461] usb 1-1: New USB device found, idVendor=1039, idProduct=2121, bcdDevice=9e.ff
[ 1232.742770][T17461] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1232.750924][T16625] usb 5-1: config 0 interface 219 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[ 1232.764333][T17461] usb 1-1: Product: syz
[ 1232.768939][T17461] usb 1-1: Manufacturer: syz
[ 1232.774376][T16625] usb 5-1: config 0 interface 219 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[ 1232.785911][T17461] usb 1-1: SerialNumber: syz
[ 1232.803666][T17461] usb 1-1: config 0 descriptor??
[ 1232.809247][T16625] usb 5-1: config 0 interface 219 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1232.832662][T17461] usb 1-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2121) Rev (0X9EFF): Eagle II
[ 1232.850039][T16625] usb 5-1: config 0 interface 219 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023
[ 1232.861564][T16625] usb 5-1: config 0 interface 219 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1232.877886][T16625] usb 5-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9
[ 1232.887143][T16625] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1232.895752][T16625] usb 5-1: Product: syz
[ 1232.900078][T16625] usb 5-1: Manufacturer: syz
[ 1232.904771][T16625] usb 5-1: SerialNumber: syz
[ 1232.918833][T16625] usb 5-1: config 0 descriptor??
[ 1232.935015][ T1793] etas_es58x 3-1:0.219: Starting syz syz (Serial Number syz)
[ 1232.935880][T24035] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1232.949630][ T1793] etas_es58x 3-1:0.219: could not retrieve the product info string
[ 1232.961066][T24035] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[ 1233.012482][T17461] usb 1-1: reset high-speed USB device number 117 using dummy_hcd
[ 1233.030693][ T1793] usb 3-1: USB disconnect, device number 93
[ 1233.060904][ T1793] etas_es58x 3-1:0.219: Disconnecting syz syz
[ 1233.238231][T16625] etas_es58x 5-1:0.219: Starting syz syz (Serial Number syz)
[ 1233.261466][T16625] etas_es58x 5-1:0.219: could not retrieve the product info string
[ 1233.306450][T16625] usb 5-1: USB disconnect, device number 103
[ 1233.318294][T16625] etas_es58x 5-1:0.219: Disconnecting syz syz
[ 1233.402250][ T5278] usb 2-1: new high-speed USB device number 105 using dummy_hcd
[ 1233.602242][ T5278] usb 2-1: Using ep0 maxpacket: 8
[ 1233.613927][ T5278] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[ 1233.624561][ T5278] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1233.636550][ T5278] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[ 1233.649748][ T5278] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1233.675865][ T5278] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[ 1233.690821][ T5278] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1233.711032][ T5278] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[ 1233.723864][ T5278] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1233.745748][ T5278] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[ 1233.761985][ T5278] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1233.775103][ T5278] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[ 1233.786695][ T5278] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1233.841009][ T5278] usb 2-1: string descriptor 0 read error: -22
[ 1233.854520][T17461] usb 1-1: [ueagle-atm] pre-firmware device, uploading firmware
[ 1233.881473][ T5278] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1233.905977][ T5278] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1233.923905][T17461] usb 1-1: [ueagle-atm] loading firmware ueagle-atm/eagleII.fw
[ 1233.931955][T16625] usb 1-1: Direct firmware load for ueagle-atm/eagleII.fw failed with error -2
[ 1233.945524][T17461] usb 1-1: USB disconnect, device number 117
[ 1233.960805][T16625] usb 1-1: Falling back to sysfs fallback for: ueagle-atm/eagleII.fw
[ 1233.981716][T16625] kobject: kobject_add_internal failed for firmware (error: -2 parent: 1-1)
[ 1233.995602][ T5278] adutux 2-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 1234.015214][T16625] firmware ueagle-atm!eagleII.fw: fw_load_sysfs_fallback: device_register failed
[ 1234.028901][T16625] usb 1-1: [UEAGLE-ATM] firmware is not available
[ 1234.038413][T24055] netlink: 28 bytes leftover after parsing attributes in process `syz.0.4445'.
[ 1234.191056][T16625] usb 2-1: USB disconnect, device number 105
[ 1234.368211][T24062] kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[ 1234.411016][T24043] adutux: No device or device unplugged -19
[ 1234.512356][ T1793] usb 4-1: new high-speed USB device number 78 using dummy_hcd
[ 1234.731592][ T1793] usb 4-1: New USB device found, idVendor=1039, idProduct=2121, bcdDevice=9e.ff
[ 1234.755730][ T1793] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1234.785110][ T1793] usb 4-1: Product: syz
[ 1234.789470][ T1793] usb 4-1: Manufacturer: syz
[ 1234.799284][ T1793] usb 4-1: SerialNumber: syz
[ 1234.812273][T17461] usb 1-1: new high-speed USB device number 118 using dummy_hcd
[ 1234.818737][ T1793] usb 4-1: config 0 descriptor??
[ 1234.846795][ T1793] usb 4-1: [ueagle-atm] ADSL device founded vid (0X1039) pid (0X2121) Rev (0X9EFF): Eagle II
[ 1234.985734][ T5279] usb 3-1: new high-speed USB device number 94 using dummy_hcd
[ 1235.013324][ T1793] usb 4-1: reset high-speed USB device number 78 using dummy_hcd
[ 1235.057730][    C1] raw-gadget.0 gadget.3: ignoring, device is not running
[ 1235.072316][T17461] usb 1-1: Using ep0 maxpacket: 16
[ 1235.110794][T17461] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[ 1235.180953][T17461] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 8196, setting to 1024
[ 1235.204351][ T5279] usb 3-1: Using ep0 maxpacket: 16
[ 1235.214386][ T5279] usb 3-1: config 0 has an invalid interface number: 57 but max is 0
[ 1235.222238][T17461] usb 1-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[ 1235.262289][T17461] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1235.264932][ T5279] usb 3-1: config 0 has no interface number 0
[ 1235.314809][T17461] usb 1-1: config 0 descriptor??
[ 1235.326245][ T5279] usb 3-1: config 0 interface 57 altsetting 127 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1235.373319][ T5279] usb 3-1: config 0 interface 57 has no altsetting 0
[ 1235.418634][ T5279] usb 3-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[ 1235.456708][ T5279] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1235.512803][ T5279] usb 3-1: config 0 descriptor??
[ 1235.883969][ T1793] usb 4-1: [ueagle-atm] pre-firmware device, uploading firmware
[ 1235.909592][T24069] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1235.916668][ T5276] usb 4-1: Direct firmware load for ueagle-atm/eagleII.fw failed with error -2
[ 1235.927756][ T1793] usb 4-1: [ueagle-atm] loading firmware ueagle-atm/eagleII.fw
[ 1235.962893][ T5276] usb 4-1: Falling back to sysfs fallback for: ueagle-atm/eagleII.fw
[ 1235.980099][ T1793] usb 4-1: USB disconnect, device number 78
[ 1236.018073][T24069] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1236.100566][T24076] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4452'.
[ 1236.158812][T24069] overlayfs: missing 'lowerdir'
[ 1237.295845][T17461] usbhid 1-1:0.0: can't add hid device: -71
[ 1237.317172][T17461] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1237.391252][T17461] usb 1-1: USB disconnect, device number 118
[ 1237.588446][ T5279] usb 3-1: string descriptor 0 read error: -71
[ 1237.649398][ T5279] gspca_main: sonixj-2.14.0 probing 0471:0327
[ 1237.674170][ T5279] gspca_sonixj: reg_w1 err -71
[ 1237.699409][ T5279] sonixj 3-1:0.57: probe with driver sonixj failed with error -71
[ 1237.704826][T24088] netlink: 55 bytes leftover after parsing attributes in process `syz.2.4457'.
[ 1237.736959][ T5279] usb 3-1: USB disconnect, device number 94
[ 1237.783201][T24089] AppArmor: change_hat: Invalid input 'ü'
[ 1237.792822][T24088] FAULT_INJECTION: forcing a failure.
[ 1237.792822][T24088] name failslab, interval 1, probability 0, space 0, times 0
[ 1237.861958][T24088] CPU: 1 UID: 0 PID: 24088 Comm: syz.2.4457 Not tainted 6.11.0-rc4-syzkaller-00255-gd2bafcf224f3 #0
[ 1237.872773][T24088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1237.882848][T24088] Call Trace:
[ 1237.886139][T24088]  <TASK>
[ 1237.889068][T24088]  dump_stack_lvl+0x241/0x360
[ 1237.893763][T24088]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1237.898995][T24088]  ? __pfx__printk+0x10/0x10
[ 1237.903615][T24088]  ? __kmalloc_cache_noprof+0x44/0x2c0
[ 1237.909094][T24088]  ? __pfx___might_resched+0x10/0x10
[ 1237.914418][T24088]  should_fail_ex+0x3b0/0x4e0
[ 1237.919116][T24088]  should_failslab+0xac/0x100
[ 1237.923802][T24088]  ? device_add+0xc1/0xbf0
[ 1237.928209][T24088]  __kmalloc_cache_noprof+0x6c/0x2c0
[ 1237.933492][T24088]  device_add+0xc1/0xbf0
[ 1237.937723][T24088]  ? device_initialize+0x266/0x460
[ 1237.942822][T24088]  netdev_register_kobject+0x17e/0x320
[ 1237.948280][T24088]  register_netdevice+0x12c5/0x1b00
[ 1237.953485][T24088]  ? __pfx_register_netdevice+0x10/0x10
[ 1237.959023][T24088]  ? alloc_netdev_mqs+0xc55/0x1000
[ 1237.964137][T24088]  br_dev_newlink+0x27/0x100
[ 1237.968720][T24088]  ? __pfx_br_dev_newlink+0x10/0x10
[ 1237.973912][T24088]  rtnl_newlink+0x1591/0x20a0
[ 1237.978604][T24088]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1237.983619][T24088]  ? __pfx___mutex_trylock_common+0x10/0x10
[ 1237.989507][T24088]  ? rcu_is_watching+0x15/0xb0
[ 1237.994273][T24088]  ? trace_contention_end+0x3c/0x120
[ 1237.999548][T24088]  ? __mutex_lock+0x2ef/0xd70
[ 1238.004275][T24088]  ? __pfx_lock_release+0x10/0x10
[ 1238.009301][T24088]  ? __pfx_rtnl_newlink+0x10/0x10
[ 1238.014319][T24088]  rtnetlink_rcv_msg+0x73f/0xcf0
[ 1238.019249][T24088]  ? rtnetlink_rcv_msg+0x1a7/0xcf0
[ 1238.024357][T24088]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1238.029812][T24088]  ? ref_tracker_free+0x643/0x7e0
[ 1238.034830][T24088]  netlink_rcv_skb+0x1e3/0x430
[ 1238.039590][T24088]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[ 1238.045042][T24088]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1238.050356][T24088]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1238.055548][T24088]  netlink_unicast+0x7f6/0x990
[ 1238.060313][T24088]  ? __pfx_netlink_unicast+0x10/0x10
[ 1238.065593][T24088]  ? __virt_addr_valid+0x183/0x530
[ 1238.070695][T24088]  ? __check_object_size+0x49c/0x900
[ 1238.075969][T24088]  ? bpf_lsm_netlink_send+0x9/0x10
[ 1238.081071][T24088]  netlink_sendmsg+0x8e4/0xcb0
[ 1238.085833][T24088]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1238.091106][T24088]  ? aa_sock_msg_perm+0x91/0x160
[ 1238.096035][T24088]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1238.101309][T24088]  ? security_socket_sendmsg+0x87/0xb0
[ 1238.106761][T24088]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1238.112031][T24088]  __sock_sendmsg+0x221/0x270
[ 1238.116709][T24088]  __sys_sendto+0x3a4/0x4f0
[ 1238.121208][T24088]  ? __pfx___sys_sendto+0x10/0x10
[ 1238.126240][T24088]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1238.132214][T24088]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1238.138538][T24088]  __x64_sys_sendto+0xde/0x100
[ 1238.143317][T24088]  do_syscall_64+0xf3/0x230
[ 1238.147812][T24088]  ? clear_bhb_loop+0x35/0x90
[ 1238.152496][T24088]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1238.158379][T24088] RIP: 0033:0x7f10b0779e79
[ 1238.162783][T24088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1238.182377][T24088] RSP: 002b:00007f10b148e038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[ 1238.190779][T24088] RAX: ffffffffffffffda RBX: 00007f10b0915f80 RCX: 00007f10b0779e79
[ 1238.198738][T24088] RDX: 0000000000010a73 RSI: 0000000020000000 RDI: 0000000000000003
[ 1238.206718][T24088] RBP: 00007f10b148e090 R08: 0000000000000000 R09: 4b6ae4f95a5de35b
[ 1238.214679][T24088] R10: 0000000000000800 R11: 0000000000000246 R12: 0000000000000002
[ 1238.222637][T24088] R13: 0000000000000000 R14: 00007f10b0915f80 R15: 00007f10b0a3fa38
[ 1238.230607][T24088]  </TASK>
[ 1238.652511][ T5279] usb 2-1: new high-speed USB device number 106 using dummy_hcd
[ 1238.692240][T17461] usb 4-1: new high-speed USB device number 79 using dummy_hcd
[ 1238.695724][T11129] usb 5-1: new high-speed USB device number 104 using dummy_hcd
[ 1238.712336][ T5274] usb 3-1: new high-speed USB device number 95 using dummy_hcd
[ 1238.814751][T24107] netlink: 8 bytes leftover after parsing attributes in process `syz.0.4463'.
[ 1238.854731][ T5279] usb 2-1: Using ep0 maxpacket: 16
[ 1238.872360][T17461] usb 4-1: Using ep0 maxpacket: 16
[ 1238.876538][ T5279] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1238.898083][ T5279] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1238.900486][T17461] usb 4-1: config 0 has an invalid interface number: 57 but max is 0
[ 1238.919035][ T5279] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1238.931400][ T5274] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1238.941902][T11129] usb 5-1: Using ep0 maxpacket: 32
[ 1238.952526][ T5279] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1238.953639][T17461] usb 4-1: config 0 has no interface number 0
[ 1238.967178][ T5274] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1238.974122][T17461] usb 4-1: config 0 interface 57 altsetting 127 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1239.003329][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[ 1239.011337][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.026464][T11129] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1239.064812][T17461] usb 4-1: config 0 interface 57 has no altsetting 0
[ 1239.071601][T17461] usb 4-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[ 1239.084746][T11129] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1239.095307][ T5279] usb 2-1: config 0 descriptor??
[ 1239.104238][ T5274] usb 3-1: New USB device found, idVendor=6a6d, idProduct=c532, bcdDevice= 0.00
[ 1239.125168][ T5274] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1239.133351][T11129] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1239.143909][T11129] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1239.153360][ T5274] usb 3-1: config 0 descriptor??
[ 1239.165399][ T5274] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1239.192264][T11129] usb 5-1: Product: syz
[ 1239.206130][T11129] usb 5-1: Manufacturer: syz
[ 1239.210971][T11129] usb 5-1: SerialNumber: syz
[ 1239.231299][T17461] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1239.264037][T17461] usb 4-1: config 0 descriptor??
[ 1239.506968][T24100] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1239.546894][T11129] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 104 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 1239.562574][T24100] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1239.573120][T11129] usb 5-1: USB disconnect, device number 104
[ 1239.593824][T24100] overlayfs: missing 'lowerdir'
[ 1239.630840][T11129] usblp0: removed
[ 1239.698913][T24097] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1239.709523][T24097] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1240.228761][T24117] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4461'.
[ 1240.272367][T11129] usb 1-1: new high-speed USB device number 119 using dummy_hcd
[ 1240.474844][T11129] usb 1-1: config 0 has too many interfaces: 255, using maximum allowed: 32
[ 1240.523660][T11129] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 255
[ 1240.601314][T11129] usb 1-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1240.629987][T11129] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1240.657272][T11129] usb 1-1: Product: syz
[ 1240.673987][T11129] usb 1-1: Manufacturer: syz
[ 1240.679382][T11129] usb 1-1: SerialNumber: syz
[ 1240.697416][T11129] usb 1-1: config 0 descriptor??
[ 1240.922834][ T5274] usb 5-1: new high-speed USB device number 105 using dummy_hcd
[ 1240.937209][T24115] fuse: Bad value for 'fd'
[ 1241.123121][ T5274] usb 5-1: Using ep0 maxpacket: 32
[ 1241.147423][ T5274] usb 5-1: no configurations
[ 1241.154619][ T5274] usb 5-1: can't read configurations, error -22
[ 1241.314735][ T5274] usb 5-1: new high-speed USB device number 106 using dummy_hcd
[ 1241.332753][ T5279] usbhid 2-1:0.0: can't add hid device: -71
[ 1241.341067][ T5279] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1241.359636][ T5279] usb 2-1: USB disconnect, device number 106
[ 1241.501680][T11129] usb 3-1: USB disconnect, device number 95
[ 1241.512363][ T5274] usb 5-1: Using ep0 maxpacket: 32
[ 1241.524759][T17461] usb 4-1: string descriptor 0 read error: -71
[ 1241.549300][ T5274] usb 5-1: no configurations
[ 1241.554070][T17461] gspca_main: sonixj-2.14.0 probing 0471:0327
[ 1241.556005][T17461] gspca_sonixj: reg_w1 err -71
[ 1241.593144][T17461] sonixj 4-1:0.57: probe with driver sonixj failed with error -71
[ 1241.594584][T24130] netlink: 64 bytes leftover after parsing attributes in process `syz.1.4468'.
[ 1241.611549][ T5274] usb 5-1: can't read configurations, error -22
[ 1241.637559][T17461] usb 4-1: USB disconnect, device number 79
[ 1241.642733][ T5274] usb usb5-port1: attempt power cycle
[ 1242.062495][ T5274] usb 5-1: new high-speed USB device number 107 using dummy_hcd
[ 1242.123078][ T5274] usb 5-1: Using ep0 maxpacket: 32
[ 1242.131904][ T5274] usb 5-1: no configurations
[ 1242.142412][ T5274] usb 5-1: can't read configurations, error -22
[ 1242.322327][ T5274] usb 5-1: new high-speed USB device number 108 using dummy_hcd
[ 1242.362974][ T5274] usb 5-1: Using ep0 maxpacket: 32
[ 1242.369181][ T5274] usb 5-1: no configurations
[ 1242.377612][ T5274] usb 5-1: can't read configurations, error -22
[ 1242.401196][ T5274] usb usb5-port1: unable to enumerate USB device
[ 1242.990979][ T5278] usb 1-1: USB disconnect, device number 119
[ 1243.327998][T24162] dvmrp0: entered allmulticast mode
[ 1243.381594][T24158] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4477'.
[ 1243.802340][T11129] usb 2-1: new high-speed USB device number 107 using dummy_hcd
[ 1244.022709][T11129] usb 2-1: Using ep0 maxpacket: 16
[ 1244.076819][T11129] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1244.119420][T11129] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1244.151603][T11129] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1244.179265][T11129] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1244.237483][T11129] usb 2-1: config 0 descriptor??
[ 1244.302207][T16625] usb 3-1: new high-speed USB device number 96 using dummy_hcd
[ 1244.414384][T24176] vivid-000: disconnect
[ 1244.436112][T24176] vivid-000: reconnect
[ 1244.512305][T16625] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1244.537566][T16625] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1244.597302][T16625] usb 3-1: New USB device found, idVendor=6a6d, idProduct=c532, bcdDevice= 0.00
[ 1244.642293][T16625] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1244.664011][T16625] usb 3-1: config 0 descriptor??
[ 1244.685716][T16625] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1244.731333][T24166] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1244.752900][T24166] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1244.904595][T24179] AppArmor: change_hat: Invalid input 'ü'
[ 1245.452437][ T5279] usb 1-1: new high-speed USB device number 120 using dummy_hcd
[ 1245.612278][ T5274] usb 4-1: new high-speed USB device number 80 using dummy_hcd
[ 1245.655957][ T5279] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1245.677759][ T5279] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x8B has invalid maxpacket 31301, setting to 1024
[ 1245.718741][ T5279] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1245.737286][ T5279] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1245.754755][ T5279] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1245.763677][ T5279] usb 1-1: Product: syz
[ 1245.768433][ T5279] usb 1-1: Manufacturer: syz
[ 1245.775626][ T5279] usb 1-1: SerialNumber: syz
[ 1245.790851][T24191] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4480'.
[ 1245.812282][ T5274] usb 4-1: Using ep0 maxpacket: 16
[ 1245.829819][ T5274] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1245.861582][ T5274] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1245.893439][ T5274] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1245.906003][ T5274] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1245.924404][ T5274] usb 4-1: config 0 descriptor??
[ 1246.178830][T24196] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4486'.
[ 1246.285594][ T5279] cdc_ncm 1-1:1.0: bind() failure
[ 1246.315286][ T5279] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[ 1246.332662][ T5279] cdc_ncm 1-1:1.1: bind() failure
[ 1246.353232][ T5279] usb 1-1: USB disconnect, device number 120
[ 1246.472061][T24198] IPVS: Error connecting to the multicast addr
[ 1246.559633][T11129] usbhid 2-1:0.0: can't add hid device: -71
[ 1246.591302][T11129] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1246.606707][T11129] usb 2-1: USB disconnect, device number 107
[ 1246.613839][T24189] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1246.671055][T24189] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1247.045968][T24207] FAULT_INJECTION: forcing a failure.
[ 1247.045968][T24207] name failslab, interval 1, probability 0, space 0, times 0
[ 1247.062002][T24207] CPU: 1 UID: 0 PID: 24207 Comm: syz.0.4491 Not tainted 6.11.0-rc4-syzkaller-00255-gd2bafcf224f3 #0
[ 1247.072773][T24207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1247.082844][T24207] Call Trace:
[ 1247.086115][T24207]  <TASK>
[ 1247.089029][T24207]  dump_stack_lvl+0x241/0x360
[ 1247.093800][T24207]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1247.098988][T24207]  ? __pfx__printk+0x10/0x10
[ 1247.103564][T24207]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[ 1247.109532][T24207]  ? __pfx___might_resched+0x10/0x10
[ 1247.114828][T24207]  should_fail_ex+0x3b0/0x4e0
[ 1247.119506][T24207]  should_failslab+0xac/0x100
[ 1247.124194][T24207]  ? __alloc_skb+0x1c3/0x440
[ 1247.128763][T24207]  kmem_cache_alloc_node_noprof+0x71/0x320
[ 1247.134552][T24207]  __alloc_skb+0x1c3/0x440
[ 1247.138957][T24207]  ? __pfx___alloc_skb+0x10/0x10
[ 1247.143883][T24207]  ? netlink_ack_tlv_len+0x6e/0x200
[ 1247.149068][T24207]  netlink_ack+0x13f/0xa30
[ 1247.153471][T24207]  ? __sys_sendmsg+0x2b0/0x3a0
[ 1247.158213][T24207]  ? do_syscall_64+0xf3/0x230
[ 1247.162904][T24207]  netlink_rcv_skb+0x262/0x430
[ 1247.167693][T24207]  ? __pfx_nfnetlink_rcv_msg+0x10/0x10
[ 1247.173146][T24207]  ? __pfx_netlink_rcv_skb+0x10/0x10
[ 1247.178429][T24207]  ? apparmor_capable+0x13b/0x1b0
[ 1247.183449][T24207]  ? bpf_lsm_capable+0x9/0x10
[ 1247.188105][T24207]  ? security_capable+0x90/0xb0
[ 1247.192942][T24207]  nfnetlink_rcv+0x297/0x2ad0
[ 1247.197600][T24207]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1247.203303][T24207]  ? __dev_queue_xmit+0x2da/0x3e90
[ 1247.208396][T24207]  ? __dev_queue_xmit+0x1763/0x3e90
[ 1247.213574][T24207]  ? kasan_save_track+0x51/0x80
[ 1247.218410][T24207]  ? do_syscall_64+0xf3/0x230
[ 1247.223067][T24207]  ? __pfx_nfnetlink_rcv+0x10/0x10
[ 1247.228158][T24207]  ? __dev_queue_xmit+0x2da/0x3e90
[ 1247.233253][T24207]  ? __pfx___dev_queue_xmit+0x10/0x10
[ 1247.238615][T24207]  ? ref_tracker_free+0x643/0x7e0
[ 1247.243629][T24207]  ? __asan_memcpy+0x40/0x70
[ 1247.248207][T24207]  ? __pfx_ref_tracker_free+0x10/0x10
[ 1247.253572][T24207]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1247.258748][T24207]  ? skb_clone+0x240/0x390
[ 1247.263151][T24207]  ? __pfx_lock_release+0x10/0x10
[ 1247.268164][T24207]  ? __netlink_deliver_tap+0x77e/0x7c0
[ 1247.273619][T24207]  ? netlink_deliver_tap+0x2e/0x1b0
[ 1247.278795][T24207]  netlink_unicast+0x7f6/0x990
[ 1247.283548][T24207]  ? __pfx_netlink_unicast+0x10/0x10
[ 1247.288831][T24207]  ? __virt_addr_valid+0x183/0x530
[ 1247.293923][T24207]  ? __check_object_size+0x49c/0x900
[ 1247.299186][T24207]  ? bpf_lsm_netlink_send+0x9/0x10
[ 1247.304281][T24207]  netlink_sendmsg+0x8e4/0xcb0
[ 1247.309032][T24207]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1247.314302][T24207]  ? aa_sock_msg_perm+0x91/0x160
[ 1247.319232][T24207]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1247.324501][T24207]  ? security_socket_sendmsg+0x87/0xb0
[ 1247.329948][T24207]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1247.335210][T24207]  __sock_sendmsg+0x221/0x270
[ 1247.339879][T24207]  ____sys_sendmsg+0x525/0x7d0
[ 1247.344627][T24207]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1247.349900][T24207]  __sys_sendmsg+0x2b0/0x3a0
[ 1247.354471][T24207]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1247.359566][T24207]  ? vfs_write+0x7c4/0xc90
[ 1247.363985][T24207]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1247.370391][T24207]  ? do_syscall_64+0x100/0x230
[ 1247.375230][T24207]  ? do_syscall_64+0xb6/0x230
[ 1247.379886][T24207]  do_syscall_64+0xf3/0x230
[ 1247.384372][T24207]  ? clear_bhb_loop+0x35/0x90
[ 1247.389033][T24207]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1247.394908][T24207] RIP: 0033:0x7fec0f579e79
[ 1247.399319][T24207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1247.418905][T24207] RSP: 002b:00007fec103f5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1247.427301][T24207] RAX: ffffffffffffffda RBX: 00007fec0f715f80 RCX: 00007fec0f579e79
[ 1247.435253][T24207] RDX: 0000000000000000 RSI: 0000000020000080 RDI: 0000000000000003
[ 1247.443291][T24207] RBP: 00007fec103f5090 R08: 0000000000000000 R09: 0000000000000000
[ 1247.451240][T24207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1247.459198][T24207] R13: 0000000000000000 R14: 00007fec0f715f80 R15: 00007fec0f83fa38
[ 1247.467179][T24207]  </TASK>
[ 1247.486202][T24206] IPVS: Error connecting to the multicast addr
[ 1247.540286][T16625] usb 3-1: USB disconnect, device number 96
[ 1248.404654][ T5274] usbhid 4-1:0.0: can't add hid device: -71
[ 1248.418951][ T5274] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1248.443778][ T5274] usb 4-1: USB disconnect, device number 80
[ 1249.033503][ T5274] usb 3-1: new high-speed USB device number 97 using dummy_hcd
[ 1249.180502][T24243] ip6t_srh: unknown srh invflags 7863
[ 1249.232568][ T5279] usb 1-1: new high-speed USB device number 121 using dummy_hcd
[ 1249.253781][ T5274] usb 3-1: New USB device found, idVendor=0582, idProduct=00c4, bcdDevice=ac.5f
[ 1249.268807][ T5274] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1249.294918][ T5274] usb 3-1: config 0 descriptor??
[ 1249.445466][ T5279] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1249.461033][ T5279] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1249.479504][ T5279] usb 1-1: New USB device found, idVendor=6a6d, idProduct=c532, bcdDevice= 0.00
[ 1249.488882][ T5279] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1249.506427][ T5279] usb 1-1: config 0 descriptor??
[ 1249.536373][ T5279] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1249.563758][T24252] FAULT_INJECTION: forcing a failure.
[ 1249.563758][T24252] name failslab, interval 1, probability 0, space 0, times 0
[ 1249.576672][T24252] CPU: 1 UID: 0 PID: 24252 Comm: syz.3.4505 Not tainted 6.11.0-rc4-syzkaller-00255-gd2bafcf224f3 #0
[ 1249.587448][T24252] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1249.597524][T24252] Call Trace:
[ 1249.600818][T24252]  <TASK>
[ 1249.603763][T24252]  dump_stack_lvl+0x241/0x360
[ 1249.608463][T24252]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1249.613681][T24252]  ? __pfx__printk+0x10/0x10
[ 1249.618303][T24252]  ? fs_reclaim_acquire+0x93/0x140
[ 1249.623428][T24252]  ? __pfx___might_resched+0x10/0x10
[ 1249.628704][T24252]  ? dynamic_dname+0x141/0x1b0
[ 1249.633468][T24252]  should_fail_ex+0x3b0/0x4e0
[ 1249.638158][T24252]  ? tomoyo_encode+0x26f/0x540
[ 1249.642924][T24252]  should_failslab+0xac/0x100
[ 1249.647599][T24252]  ? tomoyo_encode+0x26f/0x540
[ 1249.652355][T24252]  __kmalloc_noprof+0xd8/0x400
[ 1249.657197][T24252]  tomoyo_encode+0x26f/0x540
[ 1249.661778][T24252]  ? __pfx_sockfs_dname+0x10/0x10
[ 1249.666801][T24252]  tomoyo_realpath_from_path+0x59e/0x5e0
[ 1249.672440][T24252]  tomoyo_path_number_perm+0x23a/0x880
[ 1249.677894][T24252]  ? tomoyo_path_number_perm+0x208/0x880
[ 1249.683517][T24252]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1249.689525][T24252]  ? __fget_files+0x29/0x470
[ 1249.694111][T24252]  ? __fget_files+0x3f6/0x470
[ 1249.698782][T24252]  ? __fget_files+0x29/0x470
[ 1249.703369][T24252]  security_file_ioctl+0x75/0xb0
[ 1249.708300][T24252]  __se_sys_ioctl+0x47/0x170
[ 1249.712884][T24252]  do_syscall_64+0xf3/0x230
[ 1249.717376][T24252]  ? clear_bhb_loop+0x35/0x90
[ 1249.722115][T24252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1249.728048][T24252] RIP: 0033:0x7f830c179e79
[ 1249.732466][T24252] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1249.752087][T24252] RSP: 002b:00007f830cef6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1249.760504][T24252] RAX: ffffffffffffffda RBX: 00007f830c316058 RCX: 00007f830c179e79
[ 1249.768467][T24252] RDX: 0000000020000000 RSI: 0000000000008936 RDI: 000000000000000a
[ 1249.776428][T24252] RBP: 00007f830cef6090 R08: 0000000000000000 R09: 0000000000000000
[ 1249.784389][T24252] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1249.792378][T24252] R13: 0000000000000000 R14: 00007f830c316058 R15: 00007f830c43fa38
[ 1249.800369][T24252]  </TASK>
[ 1249.806902][T24252] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1249.905973][ T5275] usb 5-1: new high-speed USB device number 109 using dummy_hcd
[ 1249.938761][T22906] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1250.092391][ T5275] usb 5-1: Using ep0 maxpacket: 8
[ 1250.096471][T22906] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1250.136659][ T5275] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 1250.156023][ T5275] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1250.196277][ T5275] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[ 1250.207787][ T5275] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1250.220903][ T5275] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 1250.236853][ T5275] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1250.248146][T22906] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1250.265415][ T5275] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[ 1250.286634][ T5275] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1250.331781][ T5275] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[ 1250.345089][ T5275] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[ 1250.357346][ T5275] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[ 1250.369582][ T5275] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1250.384865][ T5275] usb 5-1: string descriptor 0 read error: -22
[ 1250.395528][T22906] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1250.396947][ T5275] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1250.415410][ T5275] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1250.444238][ T5275] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 1250.579433][ T5275] usb 3-1: USB disconnect, device number 97
[ 1250.682650][T24265] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4508'.
[ 1250.847862][T22906] bridge_slave_1: left allmulticast mode
[ 1250.871221][T22906] bridge_slave_1: left promiscuous mode
[ 1250.889186][T22906] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1250.915844][ T5275] usb 5-1: USB disconnect, device number 109
[ 1250.937808][T22906] bridge_slave_0: left allmulticast mode
[ 1250.970420][T22906] bridge_slave_0: left promiscuous mode
[ 1250.991354][T22906] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1251.113200][T24241] adutux: No device or device unplugged -19
[ 1251.191581][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1251.204897][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1251.214562][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1251.228115][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1251.239242][   T54] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1251.247234][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1251.812511][ T5275] usb 3-1: new high-speed USB device number 98 using dummy_hcd
[ 1251.851370][   T29] kauditd_printk_skb: 16 callbacks suppressed
[ 1251.851388][   T29] audit: type=1326 audit(1724488248.590:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24291 comm="syz.4.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1251.887422][T24292] FAULT_INJECTION: forcing a failure.
[ 1251.887422][T24292] name failslab, interval 1, probability 0, space 0, times 0
[ 1251.902597][T24292] CPU: 0 UID: 0 PID: 24292 Comm: syz.4.4511 Not tainted 6.11.0-rc4-syzkaller-00255-gd2bafcf224f3 #0
[ 1251.913381][T24292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1251.923428][T24292] Call Trace:
[ 1251.926702][T24292]  <TASK>
[ 1251.929623][T24292]  dump_stack_lvl+0x241/0x360
[ 1251.934297][T24292]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1251.939487][T24292]  ? __pfx__printk+0x10/0x10
[ 1251.944076][T24292]  ? __kmalloc_cache_noprof+0x44/0x2c0
[ 1251.949524][T24292]  ? __pfx___might_resched+0x10/0x10
[ 1251.954894][T24292]  should_fail_ex+0x3b0/0x4e0
[ 1251.959567][T24292]  should_failslab+0xac/0x100
[ 1251.964240][T24292]  ? yama_ptracer_add+0x57/0x4b0
[ 1251.969172][T24292]  __kmalloc_cache_noprof+0x6c/0x2c0
[ 1251.974464][T24292]  yama_ptracer_add+0x57/0x4b0
[ 1251.979310][T24292]  ? yama_task_prctl+0x42/0x500
[ 1251.984159][T24292]  yama_task_prctl+0x365/0x500
[ 1251.988918][T24292]  security_task_prctl+0x81/0x110
[ 1251.993942][T24292]  __se_sys_prctl+0x110/0x3990
[ 1251.998711][T24292]  ? stack_trace_save+0x118/0x1d0
[ 1252.003744][T24292]  ? __pfx_stack_trace_save+0x10/0x10
[ 1252.009120][T24292]  ? stack_depot_save_flags+0x29/0x830
[ 1252.014581][T24292]  ? kasan_save_track+0x51/0x80
[ 1252.019432][T24292]  ? kasan_save_track+0x3f/0x80
[ 1252.024284][T24292]  ? __pfx___se_sys_prctl+0x10/0x10
[ 1252.029478][T24292]  ? __seccomp_filter+0xb38/0x1fe0
[ 1252.034581][T24292]  ? syscall_trace_enter+0xa8/0x150
[ 1252.039766][T24292]  ? do_syscall_64+0xcc/0x230
[ 1252.044429][T24292]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1252.050507][T24292]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1252.056496][T24292]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1252.062821][T24292]  ? kasan_quarantine_put+0xdc/0x230
[ 1252.068109][T24292]  ? lockdep_hardirqs_on+0x99/0x150
[ 1252.073305][T24292]  ? __seccomp_filter+0xb38/0x1fe0
[ 1252.078412][T24292]  ? kmem_cache_free+0x145/0x350
[ 1252.083361][T24292]  ? __seccomp_filter+0xb38/0x1fe0
[ 1252.088474][T24292]  ? __might_fault+0xaa/0x120
[ 1252.093144][T24292]  ? __pfx_lock_release+0x10/0x10
[ 1252.098162][T24292]  ? __pfx___seccomp_filter+0x10/0x10
[ 1252.103526][T24292]  ? __might_fault+0xaa/0x120
[ 1252.108224][T24292]  ? rcu_is_watching+0x15/0xb0
[ 1252.112981][T24292]  ? __rseq_handle_notify_resume+0x353/0x14e0
[ 1252.119071][T24292]  ? __x64_sys_prctl+0x20/0xc0
[ 1252.123912][T24292]  do_syscall_64+0xf3/0x230
[ 1252.128491][T24292]  ? clear_bhb_loop+0x35/0x90
[ 1252.133164][T24292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1252.139047][T24292] RIP: 0033:0x7fcb0c979e79
[ 1252.143468][T24292] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1252.163147][T24292] RSP: 002b:00007fcb0d77c038 EFLAGS: 00000246 ORIG_RAX: 000000000000009d
[ 1252.171555][T24292] RAX: ffffffffffffffda RBX: 00007fcb0cb15f80 RCX: 00007fcb0c979e79
[ 1252.179514][T24292] RDX: 0000000000000000 RSI: 01ffffffffffffff RDI: 0000000059616d61
[ 1252.187482][T24292] RBP: 00007fcb0d77c090 R08: 0000000000000000 R09: 0000000000000000
[ 1252.195450][T24292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1252.203408][T24292] R13: 0000000000000000 R14: 00007fcb0cb15f80 R15: 00007fcb0cc3fa38
[ 1252.211377][T24292]  </TASK>
[ 1252.214535][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1252.242386][   T29] audit: type=1326 audit(1724488248.620:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24291 comm="syz.4.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1252.249576][ T5274] usb 1-1: USB disconnect, device number 121
[ 1252.266254][   T29] audit: type=1326 audit(1724488248.630:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24291 comm="syz.4.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1252.294300][   T29] audit: type=1326 audit(1724488248.630:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24291 comm="syz.4.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1252.337063][ T5275] usb 3-1: config 1 interface 0 altsetting 14 has an endpoint descriptor with address 0x11, changing to 0x1
[ 1252.359886][   T29] audit: type=1326 audit(1724488248.630:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24291 comm="syz.4.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1252.370962][ T5275] usb 3-1: config 1 interface 0 altsetting 14 endpoint 0x1 has invalid maxpacket 11455, setting to 64
[ 1252.416148][ T5275] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1252.461200][   T29] audit: type=1326 audit(1724488248.630:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24291 comm="syz.4.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fcb0c978810 code=0x7ffc0000
[ 1252.466526][ T5275] usb 3-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice= 0.40
[ 1252.484430][   T29] audit: type=1326 audit(1724488248.630:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24291 comm="syz.4.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcb0c97895f code=0x7ffc0000
[ 1252.514842][T24294] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4512'.
[ 1252.519713][   T29] audit: type=1326 audit(1724488248.630:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24291 comm="syz.4.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1252.530523][ T5275] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1252.548502][   T29] audit: type=1326 audit(1724488249.040:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24291 comm="syz.4.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7fcb0c9788bc code=0x7ffc0000
[ 1252.580659][   T29] audit: type=1326 audit(1724488249.040:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24291 comm="syz.4.4511" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fcb0c97895f code=0x7ffc0000
[ 1252.602857][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1252.617476][ T5275] usb 3-1: Product: syz
[ 1252.621685][ T5275] usb 3-1: Manufacturer: syz
[ 1252.631912][ T5275] usb 3-1: SerialNumber: syz
[ 1252.836841][T22906] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1252.849211][T22906] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1252.872369][T22906] bond0 (unregistering): Released all slaves
[ 1252.979292][T24300] FAULT_INJECTION: forcing a failure.
[ 1252.979292][T24300] name failslab, interval 1, probability 0, space 0, times 0
[ 1252.996604][ T5275] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input58
[ 1253.001793][T24300] CPU: 0 UID: 0 PID: 24300 Comm: syz.4.4514 Not tainted 6.11.0-rc4-syzkaller-00255-gd2bafcf224f3 #0
[ 1253.016497][T24300] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1253.026550][T24300] Call Trace:
[ 1253.029818][T24300]  <TASK>
[ 1253.032740][T24300]  dump_stack_lvl+0x241/0x360
[ 1253.037414][T24300]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1253.042602][T24300]  ? __pfx__printk+0x10/0x10
[ 1253.047190][T24300]  ? kmem_cache_alloc_noprof+0x44/0x2a0
[ 1253.052726][T24300]  ? __pfx___might_resched+0x10/0x10
[ 1253.058006][T24300]  should_fail_ex+0x3b0/0x4e0
[ 1253.062692][T24300]  ? ptlock_alloc+0x20/0x70
[ 1253.067196][T24300]  should_failslab+0xac/0x100
[ 1253.071868][T24300]  ? ptlock_alloc+0x20/0x70
[ 1253.076366][T24300]  kmem_cache_alloc_noprof+0x6c/0x2a0
[ 1253.081732][T24300]  ptlock_alloc+0x20/0x70
[ 1253.086143][T24300]  pte_alloc_one+0xcd/0x5d0
[ 1253.090655][T24300]  ? __pfx_pte_alloc_one+0x10/0x10
[ 1253.095763][T24300]  ? mark_lock+0x9a/0x350
[ 1253.100088][T24300]  ? __lock_acquire+0x137a/0x2040
[ 1253.105110][T24300]  __pte_alloc+0x79/0x3a0
[ 1253.109428][T24300]  ? mark_lock+0x9a/0x350
[ 1253.113757][T24300]  ? __pfx___pte_alloc+0x10/0x10
[ 1253.118685][T24300]  ? __lock_acquire+0x137a/0x2040
[ 1253.123708][T24300]  handle_pte_fault+0x55cd/0x6fc0
[ 1253.128730][T24300]  ? __pfx_cgroup_rstat_updated+0x10/0x10
[ 1253.134451][T24300]  ? __pfx_lock_acquire+0x10/0x10
[ 1253.139469][T24300]  ? __pfx_handle_pte_fault+0x10/0x10
[ 1253.144829][T24300]  ? do_raw_spin_lock+0x14f/0x370
[ 1253.149854][T24300]  ? follow_page_pte+0xeb2/0x1ee0
[ 1253.154881][T24300]  ? follow_page_pte+0xf33/0x1ee0
[ 1253.159897][T24300]  ? folio_mark_accessed+0x374/0x1ca0
[ 1253.165262][T24300]  ? __pfx_lock_release+0x10/0x10
[ 1253.170282][T24300]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1253.175482][T24300]  handle_mm_fault+0x1029/0x1980
[ 1253.180445][T24300]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1253.185733][T24300]  ? __pfx_find_vma+0x10/0x10
[ 1253.190410][T24300]  ? vma_is_secretmem+0xd/0x50
[ 1253.195162][T24300]  ? check_vma_flags+0x500/0x5a0
[ 1253.200096][T24300]  __get_user_pages+0x6ec/0x16a0
[ 1253.205052][T24300]  ? __pfx___get_user_pages+0x10/0x10
[ 1253.210431][T24300]  __gup_longterm_locked+0xed7/0x17d0
[ 1253.215805][T24300]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1253.222130][T24300]  ? sanity_check_pinned_pages+0x12c2/0x13c0
[ 1253.228110][T24300]  ? gup_fast_fallback+0x221d/0x2b50
[ 1253.233390][T24300]  gup_fast_fallback+0x2742/0x2b50
[ 1253.238518][T24300]  ? __pfx_gup_fast_fallback+0x10/0x10
[ 1253.243973][T24300]  ? finish_task_switch+0x1e5/0x870
[ 1253.249168][T24300]  ? __schedule+0x1808/0x4a60
[ 1253.253849][T24300]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1253.260171][T24300]  ? is_valid_gup_args+0x124/0x200
[ 1253.265276][T24300]  pin_user_pages_fast+0xcc/0x160
[ 1253.270297][T24300]  ? __pfx_pin_user_pages_fast+0x10/0x10
[ 1253.275926][T24300]  ? preempt_schedule+0xe1/0xf0
[ 1253.280775][T24300]  iov_iter_extract_pages+0x3db/0x720
[ 1253.286145][T24300]  extract_iter_to_sg+0x890/0x22b0
[ 1253.291257][T24300]  ? __pfx_extract_iter_to_sg+0x10/0x10
[ 1253.296794][T24300]  ? unpin_user_page+0xe0/0x1e0
[ 1253.301636][T24300]  ? __pfx_unpin_user_page+0x10/0x10
[ 1253.306925][T24300]  ? __local_bh_enable_ip+0x168/0x200
[ 1253.312308][T24300]  ? __pfx___local_bh_enable_ip+0x10/0x10
[ 1253.318035][T24300]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1253.323230][T24300]  ? __asan_memset+0x23/0x50
[ 1253.327813][T24300]  hash_sendmsg+0x513/0x1110
[ 1253.332410][T24300]  ? __pfx_hash_sendmsg+0x10/0x10
[ 1253.337420][T24300]  __sock_sendmsg+0x221/0x270
[ 1253.342097][T24300]  ____sys_sendmsg+0x525/0x7d0
[ 1253.346867][T24300]  ? __pfx_____sys_sendmsg+0x10/0x10
[ 1253.352157][T24300]  __sys_sendmsg+0x2b0/0x3a0
[ 1253.356740][T24300]  ? __pfx___sys_sendmsg+0x10/0x10
[ 1253.361839][T24300]  ? vfs_write+0x7c4/0xc90
[ 1253.366278][T24300]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1253.372609][T24300]  ? do_syscall_64+0x100/0x230
[ 1253.377363][T24300]  ? do_syscall_64+0xb6/0x230
[ 1253.382026][T24300]  do_syscall_64+0xf3/0x230
[ 1253.386524][T24300]  ? clear_bhb_loop+0x35/0x90
[ 1253.391191][T24300]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1253.397074][T24300] RIP: 0033:0x7fcb0c979e79
[ 1253.401477][T24300] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1253.421075][T24300] RSP: 002b:00007fcb0d77c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1253.429483][T24300] RAX: ffffffffffffffda RBX: 00007fcb0cb15f80 RCX: 00007fcb0c979e79
[ 1253.437443][T24300] RDX: 0000000000000000 RSI: 0000000020001880 RDI: 0000000000000008
[ 1253.445402][T24300] RBP: 00007fcb0d77c090 R08: 0000000000000000 R09: 0000000000000000
[ 1253.453363][T24300] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1253.461426][T24300] R13: 0000000000000000 R14: 00007fcb0cb15f80 R15: 00007fcb0cc3fa38
[ 1253.469400][T24300]  </TASK>
[ 1253.472428][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1253.511465][ T5224] Bluetooth: hci1: command tx timeout
[ 1253.564727][ T4665] bcm5974 3-1:1.0: could not read from device
[ 1253.600914][ T4665] bcm5974 3-1:1.0: could not read from device
[ 1253.680698][ T4665] bcm5974 3-1:1.0: could not read from device
[ 1253.707715][ T4665] bcm5974 3-1:1.0: could not read from device
[ 1253.722667][ T5275] usb 3-1: USB disconnect, device number 98
[ 1253.906134][T24309] IPVS: Error connecting to the multicast addr
[ 1254.373373][T22906] hsr_slave_0: left promiscuous mode
[ 1254.396574][T22906] hsr_slave_1: left promiscuous mode
[ 1254.409811][T22906] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1254.419894][T22906] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1254.439371][T22906] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1254.451203][T22906] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1254.513341][ T5275] usb 4-1: new high-speed USB device number 81 using dummy_hcd
[ 1254.523735][T22906] veth1_macvtap: left promiscuous mode
[ 1254.549489][T22906] veth0_macvtap: left promiscuous mode
[ 1254.556860][T22906] veth1_vlan: left promiscuous mode
[ 1254.566004][T22906] veth0_vlan: left promiscuous mode
[ 1254.662412][ T5278] usb 3-1: new high-speed USB device number 99 using dummy_hcd
[ 1254.714938][ T5275] usb 4-1: config 1 interface 0 altsetting 14 has an endpoint descriptor with address 0x11, changing to 0x1
[ 1254.737941][ T5275] usb 4-1: config 1 interface 0 altsetting 14 endpoint 0x1 has invalid maxpacket 11455, setting to 64
[ 1254.751769][ T5275] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1254.767916][ T5275] usb 4-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice= 0.40
[ 1254.777888][ T5275] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1254.790455][ T5275] usb 4-1: Product: syz
[ 1254.813624][ T5275] usb 4-1: Manufacturer: syz
[ 1254.832632][ T5275] usb 4-1: SerialNumber: syz
[ 1254.884716][ T5278] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1254.934923][ T5278] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[ 1254.959795][ T5278] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1254.975068][ T5278] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1254.991234][ T5278] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1255.040361][ T5278] usb 3-1: config 0 descriptor??
[ 1255.058208][T24326] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[ 1255.176902][ T5275] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input59
[ 1255.195033][ T4665] bcm5974 4-1:1.0: could not read from device
[ 1255.219767][ T4665] bcm5974 4-1:1.0: could not read from device
[ 1255.243471][ T4665] bcm5974 4-1:1.0: could not read from device
[ 1255.263451][ T5275] usb 4-1: USB disconnect, device number 81
[ 1255.273433][T17461] usb 5-1: new high-speed USB device number 110 using dummy_hcd
[ 1255.310357][T24326] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1255.361437][T24326] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1255.542539][ T5224] Bluetooth: hci1: command tx timeout
[ 1255.552029][T17461] usb 5-1: Using ep0 maxpacket: 16
[ 1255.612042][T17461] usb 5-1: config 0 has an invalid interface number: 57 but max is 0
[ 1255.662055][T17461] usb 5-1: config 0 has no interface number 0
[ 1255.699742][T17461] usb 5-1: config 0 interface 57 altsetting 127 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1255.801564][T17461] usb 5-1: config 0 interface 57 has no altsetting 0
[ 1255.834741][T17461] usb 5-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[ 1255.869527][T17461] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1255.952184][T17461] usb 5-1: config 0 descriptor??
[ 1256.176945][T24331] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1256.237339][T24331] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1256.255051][T24331] overlayfs: missing 'lowerdir'
[ 1256.445648][T22906] team0 (unregistering): Port device team_slave_1 removed
[ 1256.554915][T22906] team0 (unregistering): Port device team_slave_0 removed
[ 1256.652232][ T5274] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[ 1256.842282][ T5274] usb 4-1: Using ep0 maxpacket: 16
[ 1256.861375][ T5274] usb 4-1: config 0 has an invalid interface number: 57 but max is 0
[ 1256.904454][ T5274] usb 4-1: config 0 has no interface number 0
[ 1256.928495][ T5274] usb 4-1: config 0 interface 57 altsetting 127 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1256.951930][ T5274] usb 4-1: config 0 interface 57 has no altsetting 0
[ 1256.962448][ T5274] usb 4-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[ 1256.971756][ T5274] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1256.987291][ T5274] usb 4-1: config 0 descriptor??
[ 1257.250055][T24335] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1257.276728][T24335] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1257.344552][T24335] overlayfs: missing 'lowerdir'
[ 1257.632496][ T5224] Bluetooth: hci1: command tx timeout
[ 1258.042316][T17461] usb 5-1: string descriptor 0 read error: -71
[ 1258.163401][T17461] gspca_main: sonixj-2.14.0 probing 0471:0327
[ 1258.213682][T17461] gspca_sonixj: reg_w1 err -71
[ 1258.219987][ T5278] usbhid 3-1:0.0: can't add hid device: -71
[ 1258.241810][T17461] sonixj 5-1:0.57: probe with driver sonixj failed with error -71
[ 1258.268618][ T5278] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1258.322753][T17461] usb 5-1: USB disconnect, device number 110
[ 1258.335340][ T5278] usb 3-1: USB disconnect, device number 99
[ 1258.420333][T24278] chnl_net:caif_netlink_parms(): no params data found
[ 1258.912245][   T25] usb 3-1: new high-speed USB device number 100 using dummy_hcd
[ 1259.075368][T24278] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1259.094914][   T25] usb 3-1: Using ep0 maxpacket: 16
[ 1259.112192][T24278] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1259.121515][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1259.133300][T24278] bridge_slave_0: entered allmulticast mode
[ 1259.139630][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1259.152051][T24278] bridge_slave_0: entered promiscuous mode
[ 1259.163895][   T25] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1259.183677][T24278] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1259.213021][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1259.223558][T24278] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1259.316359][T24278] bridge_slave_1: entered allmulticast mode
[ 1259.331680][   T25] usb 3-1: config 0 descriptor??
[ 1259.362648][ T5274] usb 4-1: string descriptor 0 read error: -71
[ 1259.378518][T24278] bridge_slave_1: entered promiscuous mode
[ 1259.415822][ T5274] gspca_main: sonixj-2.14.0 probing 0471:0327
[ 1259.454941][ T5274] gspca_sonixj: reg_w1 err -71
[ 1259.475460][ T5274] sonixj 4-1:0.57: probe with driver sonixj failed with error -71
[ 1259.507308][ T5274] usb 4-1: USB disconnect, device number 82
[ 1259.664512][T24278] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1259.712573][ T5224] Bluetooth: hci1: command tx timeout
[ 1259.870289][T24278] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1260.026883][T24351] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1260.058825][T24351] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1260.070990][T24278] team0: Port device team_slave_0 added
[ 1260.073179][ T5274] usb 4-1: new high-speed USB device number 83 using dummy_hcd
[ 1260.119119][T24278] team0: Port device team_slave_1 added
[ 1260.260053][T24278] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1260.292332][ T5274] usb 4-1: Using ep0 maxpacket: 16
[ 1260.300785][T24278] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1260.303479][ T5274] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1260.326763][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1260.342363][T24278] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1260.365453][T24387] vivid-000: disconnect
[ 1260.383535][T24387] vivid-000: reconnect
[ 1260.427269][ T5274] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1260.438563][ T5274] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1260.451904][ T5274] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1260.469373][ T5274] usb 4-1: config 0 descriptor??
[ 1260.481180][T24278] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1260.498646][T24278] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1260.600266][T24278] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1260.836445][T24278] hsr_slave_0: entered promiscuous mode
[ 1260.843893][T24278] hsr_slave_1: entered promiscuous mode
[ 1261.169664][T24379] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1261.218680][T24379] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1261.602222][ T5278] usb 1-1: new high-speed USB device number 122 using dummy_hcd
[ 1261.718072][   T25] usbhid 3-1:0.0: can't add hid device: -71
[ 1261.767736][   T25] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[ 1261.829391][   T25] usb 3-1: USB disconnect, device number 100
[ 1261.829392][ T5278] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[ 1261.829421][ T5278] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[ 1261.889924][ T5278] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1261.930117][ T5278] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1261.940870][ T5278] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1262.044722][ T5278] usb 1-1: config 0 descriptor??
[ 1262.090678][T24403] raw-gadget.4 gadget.0: fail, usb_ep_enable returned -22
[ 1262.349182][T24403] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1262.372231][ T5279] usb 5-1: new high-speed USB device number 111 using dummy_hcd
[ 1262.380056][   T25] usb 3-1: new high-speed USB device number 101 using dummy_hcd
[ 1262.421528][T24403] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1262.583693][ T5279] usb 5-1: Using ep0 maxpacket: 16
[ 1262.594322][   T25] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1262.624255][ T5279] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1262.624289][ T5279] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1262.624348][ T5279] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1262.624372][ T5279] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1262.631001][ T5279] usb 5-1: config 0 descriptor??
[ 1262.656458][   T25] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1262.656531][   T25] usb 3-1: New USB device found, idVendor=6a6d, idProduct=c532, bcdDevice= 0.00
[ 1262.656575][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1262.659815][   T25] usb 3-1: config 0 descriptor??
[ 1262.677715][   T25] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1262.695632][ T5278] plantronics 0003:047F:FFFF.001A: unknown main item tag 0xd
[ 1262.840008][ T5278] plantronics 0003:047F:FFFF.001A: No inputs registered, leaving
[ 1262.927418][ T5274] usbhid 4-1:0.0: can't add hid device: -71
[ 1262.944966][ T5274] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1262.948653][ T5278] plantronics 0003:047F:FFFF.001A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[ 1262.972078][T24278] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1263.002764][ T5274] usb 4-1: USB disconnect, device number 83
[ 1263.020896][T24278] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1263.061048][ T5278] usb 1-1: USB disconnect, device number 122
[ 1263.089848][T24278] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1263.111970][T24278] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1263.187212][T24416] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1263.212222][T24416] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1263.408217][T24426] dvmrp0: entered allmulticast mode
[ 1263.448756][T24278] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1263.501521][T24278] 8021q: adding VLAN 0 to HW filter on device team0
[ 1263.530536][T14521] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1263.537740][T14521] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1263.637482][T22921] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1263.644626][T22921] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1263.768355][T24434] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4533'.
[ 1263.789953][T24436] fuse: Unknown parameter '000000000000000000000030x0000000000000006'
[ 1263.928701][T24278] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1264.113000][T24278] veth0_vlan: entered promiscuous mode
[ 1264.198336][T24278] veth1_vlan: entered promiscuous mode
[ 1264.291242][T24278] veth0_macvtap: entered promiscuous mode
[ 1264.335047][T24278] veth1_macvtap: entered promiscuous mode
[ 1264.401416][T24278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1264.423312][T24278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1264.450918][T24278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1264.478856][T24278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1264.490741][T24278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1264.526542][T24278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1264.546289][T24278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1264.565968][T24278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1264.584891][T24278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1264.596851][T24278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1264.615344][T24278] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1264.635587][T24278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1264.647425][T24278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1264.660898][T24278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1264.675621][T24278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1264.686834][T24278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1264.700245][T24278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1264.711820][T24278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1264.723137][T24278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1264.734287][T24278] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1264.761252][T24278] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1264.800401][T24278] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1264.885379][T24278] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1264.909481][T24278] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1264.934853][T24278] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1264.945428][T24278] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1265.059668][ T5275] usb 3-1: USB disconnect, device number 101
[ 1265.163755][ T5279] usbhid 5-1:0.0: can't add hid device: -71
[ 1265.197230][ T5279] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1265.242876][ T5279] usb 5-1: USB disconnect, device number 111
[ 1265.267538][T22906] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1265.319207][T22906] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1265.454674][T14521] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1265.499251][T14521] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1266.883661][T24512] vivid-000: disconnect
[ 1266.894494][T24512] vivid-000: reconnect
[ 1266.912210][ T5278] usb 3-1: new high-speed USB device number 102 using dummy_hcd
[ 1267.042294][T16625] usb 2-1: new high-speed USB device number 108 using dummy_hcd
[ 1267.137337][ T5278] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1267.190392][ T5278] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1267.222424][T16625] usb 2-1: device descriptor read/64, error -71
[ 1267.235362][ T5278] usb 3-1: New USB device found, idVendor=6a6d, idProduct=c532, bcdDevice= 0.00
[ 1267.275838][ T5278] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1267.325561][ T5278] usb 3-1: config 0 descriptor??
[ 1267.347165][ T5278] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1267.522380][T16625] usb 2-1: new high-speed USB device number 109 using dummy_hcd
[ 1267.732500][T16625] usb 2-1: device descriptor read/64, error -71
[ 1267.828147][T24537] fuse: Unknown parameter '0x0000000000000004#'
[ 1267.862887][T16625] usb usb2-port1: attempt power cycle
[ 1268.302223][T16625] usb 2-1: new high-speed USB device number 110 using dummy_hcd
[ 1268.363906][T16625] usb 2-1: device descriptor read/8, error -71
[ 1268.652258][T16625] usb 2-1: new high-speed USB device number 111 using dummy_hcd
[ 1268.775792][T16625] usb 2-1: device descriptor read/8, error -71
[ 1268.916264][T16625] usb usb2-port1: unable to enumerate USB device
[ 1269.613304][T24608] FAULT_INJECTION: forcing a failure.
[ 1269.613304][T24608] name failslab, interval 1, probability 0, space 0, times 0
[ 1269.667951][T24608] CPU: 1 UID: 0 PID: 24608 Comm: syz.0.4560 Not tainted 6.11.0-rc4-syzkaller-00255-gd2bafcf224f3 #0
[ 1269.678763][T24608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1269.688869][T24608] Call Trace:
[ 1269.692172][T24608]  <TASK>
[ 1269.695121][T24608]  dump_stack_lvl+0x241/0x360
[ 1269.699829][T24608]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1269.705048][T24608]  ? __pfx__printk+0x10/0x10
[ 1269.709670][T24608]  ? fs_reclaim_acquire+0x93/0x140
[ 1269.714808][T24608]  ? __pfx___might_resched+0x10/0x10
[ 1269.720118][T24608]  should_fail_ex+0x3b0/0x4e0
[ 1269.724820][T24608]  ? tomoyo_encode+0x26f/0x540
[ 1269.729607][T24608]  should_failslab+0xac/0x100
[ 1269.734313][T24608]  ? tomoyo_encode+0x26f/0x540
[ 1269.739086][T24608]  __kmalloc_noprof+0xd8/0x400
[ 1269.743871][T24608]  tomoyo_encode+0x26f/0x540
[ 1269.748490][T24608]  tomoyo_realpath_from_path+0x59e/0x5e0
[ 1269.754170][T24608]  tomoyo_path_number_perm+0x23a/0x880
[ 1269.759667][T24608]  ? tomoyo_path_number_perm+0x208/0x880
[ 1269.765327][T24608]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1269.771379][T24608]  ? __fget_files+0x29/0x470
[ 1269.775996][T24608]  ? __fget_files+0x3f6/0x470
[ 1269.780704][T24608]  ? __fget_files+0x29/0x470
[ 1269.785324][T24608]  security_file_ioctl+0x75/0xb0
[ 1269.790292][T24608]  __se_sys_ioctl+0x47/0x170
[ 1269.794941][T24608]  do_syscall_64+0xf3/0x230
[ 1269.799447][T24608]  ? clear_bhb_loop+0x35/0x90
[ 1269.804144][T24608]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1269.810062][T24608] RIP: 0033:0x7fec0f579e79
[ 1269.814535][T24608] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1269.834231][T24608] RSP: 002b:00007fec103f5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1269.842657][T24608] RAX: ffffffffffffffda RBX: 00007fec0f715f80 RCX: 00007fec0f579e79
[ 1269.850637][T24608] RDX: 0000000000000000 RSI: 00000000401054d6 RDI: 0000000000000003
[ 1269.858662][T24608] RBP: 00007fec103f5090 R08: 0000000000000000 R09: 0000000000000000
[ 1269.866641][T24608] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1269.874614][T24608] R13: 0000000000000000 R14: 00007fec0f715f80 R15: 00007fec0f83fa38
[ 1269.882596][T24608]  </TASK>
[ 1269.923600][T24608] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1269.933517][T24608] tap0: tun_chr_ioctl cmd 1074812118
[ 1269.949218][T17461] usb 3-1: USB disconnect, device number 102
[ 1269.972205][ T1793] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[ 1270.090572][T24615] fuse: Unknown parameter '0x0000000000000003#'
[ 1270.152801][ T1793] usb 4-1: Using ep0 maxpacket: 16
[ 1270.160156][ T1793] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1270.175103][ T1793] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1270.192592][ T1793] usb 4-1: New USB device found, idVendor=172f, idProduct=0032, bcdDevice= 0.00
[ 1270.201677][ T1793] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1270.257442][ T1793] usb 4-1: config 0 descriptor??
[ 1270.281429][ T5224] Bluetooth: Unexpected continuation frame (len 117)
[ 1270.340732][T24628] sg_write: data in/out 655360/1 bytes for SCSI command 0xf2-- guessing data in;
[ 1270.340732][T24628]    program syz.2.4566 not setting count and/or reply_len properly
[ 1270.562229][ T5275] usb 5-1: new high-speed USB device number 112 using dummy_hcd
[ 1270.695696][ T1793] waltop 0003:172F:0032.001B: hidraw0: USB HID v0.00 Device [HID 172f:0032] on usb-dummy_hcd.3-1/input0
[ 1270.742348][ T5275] usb 5-1: Using ep0 maxpacket: 16
[ 1270.755484][ T5275] usb 5-1: config 0 has an invalid interface number: 57 but max is 0
[ 1270.775120][ T5275] usb 5-1: config 0 has no interface number 0
[ 1270.781463][ T5275] usb 5-1: config 0 interface 57 altsetting 127 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1270.809412][ T5275] usb 5-1: config 0 interface 57 has no altsetting 0
[ 1270.830360][ T5275] usb 5-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[ 1270.839943][ T5275] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1270.857547][ T5275] usb 5-1: config 0 descriptor??
[ 1271.146327][T24625] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1271.172460][T24625] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1271.201704][T24625] overlayfs: missing 'lowerdir'
[ 1272.012188][T17461] usb 1-1: new high-speed USB device number 123 using dummy_hcd
[ 1272.202345][T17461] usb 1-1: Using ep0 maxpacket: 8
[ 1272.226859][T17461] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1272.244937][T17461] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1272.256857][T17461] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1272.268454][T17461] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1272.279798][T17461] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1272.295142][T17461] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1272.337113][T17461] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1272.430778][ T5279] usb 4-1: USB disconnect, device number 84
[ 1272.595890][T24642] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1272.624401][T24642] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1272.638125][T17461] usb 1-1: GET_CAPABILITIES returned 0
[ 1272.644805][T17461] usbtmc 1-1:16.0: can't read capabilities
[ 1272.846114][ T5279] usb 1-1: USB disconnect, device number 123
[ 1273.190197][ T5275] usb 5-1: string descriptor 0 read error: -71
[ 1273.201809][ T5275] gspca_main: sonixj-2.14.0 probing 0471:0327
[ 1273.232645][ T5275] gspca_sonixj: reg_w1 err -71
[ 1273.237528][ T5275] sonixj 5-1:0.57: probe with driver sonixj failed with error -71
[ 1273.269753][ T5275] usb 5-1: USB disconnect, device number 112
[ 1273.297644][T24657] fuse: Unknown parameter '0x0000000000000003#'
[ 1273.412415][ T5279] usb 1-1: new high-speed USB device number 124 using dummy_hcd
[ 1273.510901][T24667] IPVS: Error connecting to the multicast addr
[ 1273.602045][T24671] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 1273.609631][ T5279] usb 1-1: Using ep0 maxpacket: 8
[ 1273.627835][ T5279] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[ 1273.671744][ T5279] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1273.699193][ T5279] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1273.722228][ T1793] usb 3-1: new high-speed USB device number 103 using dummy_hcd
[ 1273.731132][ T5279] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1273.750971][ T5279] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1273.782000][ T5279] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1273.824333][ T5279] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1273.922255][ T1793] usb 3-1: Using ep0 maxpacket: 16
[ 1273.942647][ T1793] usb 3-1: config 0 has an invalid interface number: 57 but max is 0
[ 1273.958207][ T1793] usb 3-1: config 0 has no interface number 0
[ 1273.965414][ T1793] usb 3-1: config 0 interface 57 altsetting 127 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1274.051413][ T5279] usb 1-1: usb_control_msg returned -71
[ 1274.066785][ T5279] usbtmc 1-1:16.0: can't read capabilities
[ 1274.072908][ T1793] usb 3-1: config 0 interface 57 has no altsetting 0
[ 1274.093124][ T1793] usb 3-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[ 1274.108233][ T5279] usb 1-1: USB disconnect, device number 124
[ 1274.128819][ T1793] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1274.178659][ T1793] usb 3-1: config 0 descriptor??
[ 1274.427489][T24665] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1274.443796][T24678] ip6t_srh: unknown srh invflags 7863
[ 1274.465070][T24665] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1274.505461][T24665] overlayfs: missing 'lowerdir'
[ 1274.582264][ T5274] usb 5-1: new high-speed USB device number 113 using dummy_hcd
[ 1274.792298][ T5274] usb 5-1: Using ep0 maxpacket: 16
[ 1274.830510][ T5274] usb 5-1: config 0 has an invalid interface number: 57 but max is 0
[ 1274.859868][ T5274] usb 5-1: config 0 has no interface number 0
[ 1274.877579][ T5274] usb 5-1: config 0 interface 57 altsetting 127 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1274.891655][ T5274] usb 5-1: config 0 interface 57 has no altsetting 0
[ 1274.898692][ T5274] usb 5-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[ 1274.915947][ T5274] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1274.951649][ T5274] usb 5-1: config 0 descriptor??
[ 1275.273457][T24676] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1275.285368][T24676] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1275.322772][T17461] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[ 1275.338275][T24676] overlayfs: missing 'lowerdir'
[ 1275.544632][T17461] usb 4-1: config 1 interface 0 altsetting 14 has an endpoint descriptor with address 0x11, changing to 0x1
[ 1275.552289][ T5279] usb 1-1: new high-speed USB device number 125 using dummy_hcd
[ 1275.572991][T17461] usb 4-1: config 1 interface 0 altsetting 14 endpoint 0x1 has invalid maxpacket 11455, setting to 64
[ 1275.610656][T17461] usb 4-1: config 1 interface 0 has no altsetting 0
[ 1275.638772][T17461] usb 4-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice= 0.40
[ 1275.671751][T17461] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1275.697844][T17461] usb 4-1: Product: syz
[ 1275.710880][T17461] usb 4-1: Manufacturer: syz
[ 1275.730843][T17461] usb 4-1: SerialNumber: syz
[ 1275.752270][ T5279] usb 1-1: Using ep0 maxpacket: 16
[ 1275.783359][ T5279] usb 1-1: config 0 has an invalid interface number: 57 but max is 0
[ 1275.811418][ T5279] usb 1-1: config 0 has no interface number 0
[ 1275.823812][ T5279] usb 1-1: config 0 interface 57 altsetting 127 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[ 1275.841529][ T5279] usb 1-1: config 0 interface 57 has no altsetting 0
[ 1275.849888][ T5279] usb 1-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[ 1275.860541][ T5279] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1275.887118][ T5279] usb 1-1: config 0 descriptor??
[ 1276.033475][T17461] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/input/input66
[ 1276.070117][ T4665] bcm5974 4-1:1.0: could not read from device
[ 1276.113462][ T4665] bcm5974 4-1:1.0: could not read from device
[ 1276.124886][T24696] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1276.149634][T24696] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1276.158916][T17461] usb 4-1: USB disconnect, device number 85
[ 1276.173176][ T4665] bcm5974 4-1:1.0: could not read from device
[ 1276.188926][ T4665] bcm5974 4-1:1.0: could not read from device
[ 1276.199806][T24696] overlayfs: missing 'lowerdir'
[ 1276.202590][T24704] IPVS: Error connecting to the multicast addr
[ 1276.445731][ T1793] usb 3-1: string descriptor 0 read error: -71
[ 1276.470353][ T1793] gspca_main: sonixj-2.14.0 probing 0471:0327
[ 1276.493446][ T1793] gspca_sonixj: reg_w1 err -71
[ 1276.518027][ T1793] sonixj 3-1:0.57: probe with driver sonixj failed with error -71
[ 1276.549246][ T1793] usb 3-1: USB disconnect, device number 103
[ 1277.256558][ T5274] usb 5-1: string descriptor 0 read error: -71
[ 1277.267344][ T5274] gspca_main: sonixj-2.14.0 probing 0471:0327
[ 1277.292748][ T5274] gspca_sonixj: reg_w1 err -71
[ 1277.309429][ T5274] sonixj 5-1:0.57: probe with driver sonixj failed with error -71
[ 1277.345356][ T5274] usb 5-1: USB disconnect, device number 113
[ 1277.543082][T24418] usb 2-1: new high-speed USB device number 112 using dummy_hcd
[ 1277.775755][T24418] usb 2-1: Using ep0 maxpacket: 8
[ 1277.786684][T24418] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[ 1277.796013][T24418] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1277.809668][T24418] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1277.852233][T24418] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1277.872837][T24418] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1277.890809][T24418] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1277.919818][T24418] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1278.099652][T24724] netlink: 'syz.2.4599': attribute type 4 has an invalid length.
[ 1278.193663][T24717] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1278.212781][ T5279] usb 1-1: string descriptor 0 read error: -71
[ 1278.234799][T24717] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1278.258365][ T5279] gspca_main: sonixj-2.14.0 probing 0471:0327
[ 1278.284700][ T5279] gspca_sonixj: reg_w1 err -71
[ 1278.306062][ T5279] sonixj 1-1:0.57: probe with driver sonixj failed with error -71
[ 1278.321593][T24418] usb 2-1: GET_CAPABILITIES returned 0
[ 1278.349536][ T5279] usb 1-1: USB disconnect, device number 125
[ 1278.355750][T24418] usbtmc 2-1:16.0: can't read capabilities
[ 1278.549831][T24418] usb 2-1: USB disconnect, device number 112
[ 1278.910265][T24756] netlink: 'syz.4.4608': attribute type 12 has an invalid length.
[ 1278.918460][T24756] netlink: 'syz.4.4608': attribute type 29 has an invalid length.
[ 1278.932196][T24756] netlink: 'syz.4.4608': attribute type 2 has an invalid length.
[ 1278.939963][T24756] netlink: 'syz.4.4608': attribute type 2 has an invalid length.
[ 1278.952128][T24756] netlink: 'syz.4.4608': attribute type 1 has an invalid length.
[ 1278.959964][T24756] netlink: 'syz.4.4608': attribute type 37 has an invalid length.
[ 1278.968261][T17461] usb 4-1: new high-speed USB device number 86 using dummy_hcd
[ 1278.977448][T24756] netlink: 80 bytes leftover after parsing attributes in process `syz.4.4608'.
[ 1279.152251][T17461] usb 4-1: device descriptor read/64, error -71
[ 1279.152251][T24418] usb 2-1: new high-speed USB device number 113 using dummy_hcd
[ 1279.183258][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1279.279440][T24767] input: syz1 as /devices/virtual/input/input69
[ 1279.332405][T24418] usb 2-1: Using ep0 maxpacket: 8
[ 1279.341741][T24418] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[ 1279.350148][ T5275] usb 1-1: new high-speed USB device number 126 using dummy_hcd
[ 1279.362444][T24418] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1279.373654][T24418] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1279.383783][T24418] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1279.396089][T24418] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1279.409405][T24418] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1279.422521][T24418] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1279.442407][T17461] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[ 1279.552314][ T5275] usb 1-1: Using ep0 maxpacket: 16
[ 1279.567747][ T5275] usb 1-1: config 7 has too many interfaces: 255, using maximum allowed: 32
[ 1279.599870][ T5275] usb 1-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[ 1279.610799][ T5275] usb 1-1: config 7 has 0 interfaces, different from the descriptor's value: 255
[ 1279.622610][T17461] usb 4-1: device descriptor read/64, error -71
[ 1279.630328][ T5275] usb 1-1: New USB device found, idVendor=0471, idProduct=07da, bcdDevice= 0.00
[ 1279.649694][T24418] usb 2-1: usb_control_msg returned -71
[ 1279.669958][ T5275] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1279.680384][T24418] usbtmc 2-1:16.0: can't read capabilities
[ 1279.709144][T24418] usb 2-1: USB disconnect, device number 113
[ 1279.779120][T17461] usb usb4-port1: attempt power cycle
[ 1280.079884][ T5278] usb 1-1: USB disconnect, device number 126
[ 1280.222788][T17461] usb 4-1: new high-speed USB device number 88 using dummy_hcd
[ 1280.262493][ T5224] Bluetooth: hci5: command tx timeout
[ 1280.268742][T17461] usb 4-1: device descriptor read/8, error -71
[ 1280.302387][T24418] usb 3-1: new high-speed USB device number 104 using dummy_hcd
[ 1280.482374][ T5275] usb 2-1: new high-speed USB device number 114 using dummy_hcd
[ 1280.497970][T24418] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1280.523363][T24418] usb 3-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1280.540635][T24418] usb 3-1: New USB device found, idVendor=6a6d, idProduct=c532, bcdDevice= 0.00
[ 1280.553319][T17461] usb 4-1: new high-speed USB device number 89 using dummy_hcd
[ 1280.560986][T24418] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1280.577568][T24418] usb 3-1: config 0 descriptor??
[ 1280.591302][T24418] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[ 1280.618338][T17461] usb 4-1: device descriptor read/8, error -71
[ 1280.682323][ T5275] usb 2-1: Using ep0 maxpacket: 8
[ 1280.711343][ T5275] usb 2-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 1280.731045][ T5275] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1280.755934][ T5275] usb 2-1: Product: syz
[ 1280.764168][T17461] usb usb4-port1: unable to enumerate USB device
[ 1280.767006][ T5275] usb 2-1: Manufacturer: syz
[ 1280.778276][ T5275] usb 2-1: SerialNumber: syz
[ 1280.805320][ T5275] usb 2-1: config 0 descriptor??
[ 1280.819326][ T5275] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 1281.033347][T24775] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1281.052763][T24775] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1281.076592][ T5275] gspca_sq930x: reg_r 001f failed -71
[ 1281.083633][ T5275] sq930x 2-1:0.0: probe with driver sq930x failed with error -71
[ 1281.099877][T24784] vivid-000: disconnect
[ 1281.113951][ T5275] usb 2-1: USB disconnect, device number 114
[ 1281.124859][T24784] vivid-000: reconnect
[ 1281.322281][T17461] usb 5-1: new high-speed USB device number 114 using dummy_hcd
[ 1281.522745][T17461] usb 5-1: Using ep0 maxpacket: 32
[ 1281.532264][T17461] usb 5-1: no configurations
[ 1281.536983][T17461] usb 5-1: can't read configurations, error -22
[ 1281.722363][T17461] usb 5-1: new high-speed USB device number 115 using dummy_hcd
[ 1281.922244][T17461] usb 5-1: Using ep0 maxpacket: 32
[ 1281.950580][T17461] usb 5-1: no configurations
[ 1281.962482][T17461] usb 5-1: can't read configurations, error -22
[ 1281.972428][T14240] usb 2-1: new high-speed USB device number 115 using dummy_hcd
[ 1281.990548][T17461] usb usb5-port1: attempt power cycle
[ 1282.194912][T14240] usb 2-1: Using ep0 maxpacket: 32
[ 1282.208833][T14240] usb 2-1: config 0 has an invalid interface number: 219 but max is 0
[ 1282.227436][T14240] usb 2-1: config 0 has no interface number 0
[ 1282.246290][T14240] usb 2-1: config 0 interface 219 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1282.266262][T14240] usb 2-1: config 0 interface 219 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[ 1282.291448][T14240] usb 2-1: config 0 interface 219 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[ 1282.313595][T14240] usb 2-1: config 0 interface 219 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1282.334137][T14240] usb 2-1: config 0 interface 219 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023
[ 1282.354886][T14240] usb 2-1: config 0 interface 219 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1282.387463][T14240] usb 2-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9
[ 1282.408856][T14240] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1282.422352][T17461] usb 5-1: new high-speed USB device number 116 using dummy_hcd
[ 1282.431333][T14240] usb 2-1: Product: syz
[ 1282.439748][T14240] usb 2-1: Manufacturer: syz
[ 1282.452071][T14240] usb 2-1: SerialNumber: syz
[ 1282.465732][T17461] usb 5-1: Using ep0 maxpacket: 32
[ 1282.477969][T14240] usb 2-1: config 0 descriptor??
[ 1282.486408][T17461] usb 5-1: no configurations
[ 1282.502237][T17461] usb 5-1: can't read configurations, error -22
[ 1282.507663][T24789] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[ 1282.542489][T24789] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[ 1282.652199][T17461] usb 5-1: new high-speed USB device number 117 using dummy_hcd
[ 1282.714466][T17461] usb 5-1: Using ep0 maxpacket: 32
[ 1282.731292][T17461] usb 5-1: no configurations
[ 1282.752320][T17461] usb 5-1: can't read configurations, error -22
[ 1282.771371][T17461] usb usb5-port1: unable to enumerate USB device
[ 1282.840825][T14240] etas_es58x 2-1:0.219: Starting syz syz (Serial Number syz)
[ 1282.871422][T14240] etas_es58x 2-1:0.219: could not retrieve the product info string
[ 1282.947568][T14240] usb 2-1: USB disconnect, device number 115
[ 1282.992631][T14240] etas_es58x 2-1:0.219: Disconnecting syz syz
[ 1283.080152][ T5275] usb 3-1: USB disconnect, device number 104
[ 1283.114112][    C1] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[ 1283.532668][ T5279] usb 4-1: new high-speed USB device number 90 using dummy_hcd
[ 1283.584313][ T5275] usb 3-1: new high-speed USB device number 105 using dummy_hcd
[ 1283.777884][ T5279] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1283.792245][ T5275] usb 3-1: Using ep0 maxpacket: 8
[ 1283.808263][ T5275] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 1283.826643][ T5279] usb 4-1: config 3 has an invalid interface number: 232 but max is 0
[ 1283.838371][ T5275] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1283.848389][ T5279] usb 4-1: config 3 has no interface number 0
[ 1283.857176][ T5279] usb 4-1: config 3 interface 232 altsetting 16 endpoint 0xF has invalid maxpacket 1024, setting to 64
[ 1283.869455][ T5275] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1283.879572][ T5279] usb 4-1: config 3 interface 232 has no altsetting 0
[ 1283.886486][ T5275] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1283.898744][ T5279] usb 4-1: New USB device found, idVendor=0582, idProduct=0050, bcdDevice=bf.d3
[ 1283.905835][T14240] usb 2-1: new high-speed USB device number 116 using dummy_hcd
[ 1283.908396][ T5275] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1283.929668][ T5279] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1283.938874][ T5279] usb 4-1: Product: syz
[ 1283.943391][ T5279] usb 4-1: Manufacturer: syz
[ 1283.948231][ T5279] usb 4-1: SerialNumber: syz
[ 1283.953224][ T5275] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1283.980941][ T5275] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1284.159164][T14240] usb 2-1: config 1 interface 0 altsetting 14 has an endpoint descriptor with address 0x11, changing to 0x1
[ 1284.173036][T14240] usb 2-1: config 1 interface 0 altsetting 14 endpoint 0x1 has invalid maxpacket 11455, setting to 64
[ 1284.191279][T14240] usb 2-1: config 1 interface 0 has no altsetting 0
[ 1284.223458][T24803] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1284.232881][T14240] usb 2-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice= 0.40
[ 1284.246162][T14240] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1284.256296][T24803] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1284.288456][T24805] xt_cluster: node mask cannot exceed total number of nodes
[ 1284.300739][T14240] usb 2-1: Product: syz
[ 1284.308752][T14240] usb 2-1: Manufacturer: syz
[ 1284.309420][ T5275] usb 3-1: GET_CAPABILITIES returned 0
[ 1284.320607][ T5275] usbtmc 3-1:16.0: can't read capabilities
[ 1284.321100][T14240] usb 2-1: SerialNumber: syz
[ 1284.562333][ T5278] usb 5-1: new high-speed USB device number 118 using dummy_hcd
[ 1284.574766][ T5275] usb 3-1: USB disconnect, device number 105
[ 1284.613091][T14240] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input71
[ 1284.646580][ T4665] bcm5974 2-1:1.0: could not read from device
[ 1284.668254][ T4665] bcm5974 2-1:1.0: could not read from device
[ 1284.698510][ T4665] bcm5974 2-1:1.0: could not read from device
[ 1284.710393][T14240] usb 2-1: USB disconnect, device number 116
[ 1284.727484][ T4665] bcm5974 2-1:1.0: could not read from device
[ 1284.792202][ T5278] usb 5-1: Using ep0 maxpacket: 8
[ 1284.809600][ T5278] usb 5-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 1284.832166][ T5278] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1284.858366][ T5278] usb 5-1: Product: syz
[ 1284.872488][ T5278] usb 5-1: Manufacturer: syz
[ 1284.898132][ T5278] usb 5-1: SerialNumber: syz
[ 1284.921149][ T5278] usb 5-1: config 0 descriptor??
[ 1284.938321][ T5278] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 1285.152300][ T5275] usb 3-1: new high-speed USB device number 106 using dummy_hcd
[ 1285.154233][T24815] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1285.198204][T24815] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1285.260011][ T5278] gspca_sq930x: reg_r 001f failed -71
[ 1285.271064][ T5278] sq930x 5-1:0.0: probe with driver sq930x failed with error -71
[ 1285.294942][ T5278] usb 5-1: USB disconnect, device number 118
[ 1285.352230][ T5275] usb 3-1: Using ep0 maxpacket: 8
[ 1285.382786][ T5275] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[ 1285.393453][T14240] usb 1-1: new high-speed USB device number 127 using dummy_hcd
[ 1285.395233][ T5275] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1285.415417][ T5275] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1285.426318][ T5275] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1285.436962][ T5275] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1285.450519][ T5275] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1285.459715][ T5275] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1285.619802][T14240] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1285.630470][T14240] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1285.644841][T14240] usb 1-1: New USB device found, idVendor=6a6d, idProduct=c532, bcdDevice= 0.00
[ 1285.656828][T14240] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1285.697344][ T5275] usb 3-1: usb_control_msg returned -71
[ 1285.726402][ T5275] usbtmc 3-1:16.0: can't read capabilities
[ 1285.729220][T14240] usb 1-1: config 0 descriptor??
[ 1285.753533][T14240] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1285.775513][ T5275] usb 3-1: USB disconnect, device number 106
[ 1286.351608][ T5279] usb 4-1: USB disconnect, device number 90
[ 1286.482439][ T5275] usb 5-1: new high-speed USB device number 119 using dummy_hcd
[ 1286.579112][T24847] IPVS: Error connecting to the multicast addr
[ 1286.672397][ T5275] usb 5-1: Using ep0 maxpacket: 16
[ 1286.691454][ T5275] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1286.758783][ T5275] usb 5-1: config 1 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1286.775381][ T5275] usb 5-1: config 1 interface 0 has no altsetting 0
[ 1286.786321][ T5275] usb 5-1: New USB device found, idVendor=05ac, idProduct=0272, bcdDevice= 0.40
[ 1286.799008][ T5275] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1286.809303][ T5275] usb 5-1: Product: syz
[ 1286.816887][ T5275] usb 5-1: Manufacturer: syz
[ 1286.825810][ T5275] usb 5-1: SerialNumber: syz
[ 1287.057966][ T5275] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input72
[ 1287.090085][ T4665] bcm5974 5-1:1.0: could not read from device
[ 1287.107015][ T4665] bcm5974 5-1:1.0: could not read from device
[ 1287.121362][ T5275] usb 5-1: USB disconnect, device number 119
[ 1287.139002][ T4665] bcm5974 5-1:1.0: could not read from device
[ 1287.146708][   T54] Bluetooth: hci5: command 0x0406 tx timeout
[ 1287.722718][ T5275] usb 4-1: new high-speed USB device number 91 using dummy_hcd
[ 1287.912290][ T5275] usb 4-1: Using ep0 maxpacket: 32
[ 1287.924127][ T5279] usb 3-1: new high-speed USB device number 107 using dummy_hcd
[ 1287.933119][ T5275] usb 4-1: no configurations
[ 1287.941830][ T5275] usb 4-1: can't read configurations, error -22
[ 1288.094243][ T1793] usb 5-1: new high-speed USB device number 120 using dummy_hcd
[ 1288.119311][ T5275] usb 4-1: new high-speed USB device number 92 using dummy_hcd
[ 1288.134711][ T5279] usb 3-1: config 1 interface 0 altsetting 14 has an endpoint descriptor with address 0x11, changing to 0x1
[ 1288.163755][ T5279] usb 3-1: config 1 interface 0 altsetting 14 endpoint 0x1 has invalid maxpacket 11455, setting to 64
[ 1288.177496][ T5279] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1288.179024][T14240] usb 1-1: USB disconnect, device number 127
[ 1288.193501][ T5279] usb 3-1: New USB device found, idVendor=05ac, idProduct=0245, bcdDevice= 0.40
[ 1288.210606][ T5279] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1288.221083][ T5279] usb 3-1: Product: syz
[ 1288.231698][ T5279] usb 3-1: Manufacturer: syz
[ 1288.239278][ T5279] usb 3-1: SerialNumber: syz
[ 1288.322500][ T1793] usb 5-1: Using ep0 maxpacket: 8
[ 1288.333027][ T5275] usb 4-1: Using ep0 maxpacket: 32
[ 1288.348050][ T1793] usb 5-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[ 1288.358869][ T5275] usb 4-1: no configurations
[ 1288.365713][ T5275] usb 4-1: can't read configurations, error -22
[ 1288.372446][ T1793] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1288.381081][ T5275] usb usb4-port1: attempt power cycle
[ 1288.386791][ T1793] usb 5-1: Product: syz
[ 1288.391852][ T1793] usb 5-1: Manufacturer: syz
[ 1288.396683][ T1793] usb 5-1: SerialNumber: syz
[ 1288.403757][ T1793] usb 5-1: config 0 descriptor??
[ 1288.421119][ T1793] gspca_main: sq930x-2.14.0 probing 2770:930c
[ 1288.478930][ T5279] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input73
[ 1288.492969][ T4665] bcm5974 3-1:1.0: could not read from device
[ 1288.502540][ T4665] bcm5974 3-1:1.0: could not read from device
[ 1288.511304][ T4665] bcm5974 3-1:1.0: could not read from device
[ 1288.528625][ T5279] usb 3-1: USB disconnect, device number 107
[ 1288.555745][ T4665] bcm5974 3-1:1.0: could not read from device
[ 1288.624460][T24864] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1288.638254][T24864] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1288.669605][ T1793] gspca_sq930x: reg_r 001f failed -71
[ 1288.676241][ T1793] sq930x 5-1:0.0: probe with driver sq930x failed with error -71
[ 1288.689763][ T1793] usb 5-1: USB disconnect, device number 120
[ 1288.722420][T14240] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[ 1288.812257][ T5275] usb 4-1: new high-speed USB device number 93 using dummy_hcd
[ 1288.842947][ T5275] usb 4-1: Using ep0 maxpacket: 32
[ 1288.848601][ T5275] usb 4-1: no configurations
[ 1288.853337][ T5275] usb 4-1: can't read configurations, error -22
[ 1288.914060][T14240] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1288.924326][T24418] usb 2-1: new high-speed USB device number 117 using dummy_hcd
[ 1288.934742][T14240] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1288.947138][T14240] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1288.956603][T14240] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1288.964746][T14240] usb 1-1: SerialNumber: syz
[ 1289.002266][ T5275] usb 4-1: new high-speed USB device number 94 using dummy_hcd
[ 1289.032823][ T5275] usb 4-1: Using ep0 maxpacket: 32
[ 1289.038676][ T5275] usb 4-1: no configurations
[ 1289.057191][ T5275] usb 4-1: can't read configurations, error -22
[ 1289.067157][ T5275] usb usb4-port1: unable to enumerate USB device
[ 1289.112354][T24418] usb 2-1: Using ep0 maxpacket: 8
[ 1289.126538][T24418] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[ 1289.143387][T24418] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 1289.163189][T24418] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 1289.178611][T24418] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[ 1289.199342][T24418] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1289.221895][T24418] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[ 1289.231865][T24418] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1289.468758][T24868] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1289.486853][T24868] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1289.691572][T24418] usb 2-1: GET_CAPABILITIES returned 0
[ 1289.816296][T24418] usbtmc 2-1:16.0: can't read capabilities
[ 1289.939558][T24418] usb 2-1: USB disconnect, device number 117
[ 1290.538599][T24418] usb 2-1: new high-speed USB device number 118 using dummy_hcd
[ 1290.552997][ T5274] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[ 1290.752669][T24418] usb 2-1: Using ep0 maxpacket: 16
[ 1290.762243][ T5274] usb 3-1: Using ep0 maxpacket: 8
[ 1290.780671][T24418] usb 2-1: New USB device found, idVendor=17ef, idProduct=720c, bcdDevice= 0.90
[ 1290.810654][ T5274] usb 3-1: New USB device found, idVendor=13d3, idProduct=3335, bcdDevice=b9.77
[ 1290.834463][T24418] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1290.849140][ T5274] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1290.884317][T24418] r8152-cfgselector 2-1: Unknown version 0x0000
[ 1290.908188][ T5274] usb 3-1: config 0 descriptor??
[ 1290.921305][T24418] r8152-cfgselector 2-1: config 0 descriptor??
[ 1290.968808][T24418] r8152 2-1:0.0: Expected endpoints are not found
[ 1290.980198][ T5274] r8712u: register rtl8712_netdev_ops to netdev_ops
[ 1291.013997][ T5274] usb 3-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[ 1291.180109][ T5278] r8152-cfgselector 2-1: USB disconnect, device number 118
[ 1291.377231][T14240] usb 1-1: 0:2 : does not exist
[ 1291.412748][T14240] usb 1-1: unit 255 not found!
[ 1291.469085][T14240] usb 1-1: 5:0: cannot get min/max values for control 2 (id 5)
[ 1291.542738][ T5274] usb 3-1: r8712u: Boot from EFUSE: Autoload Failed
[ 1291.576536][ T5274] usb 3-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[ 1291.583039][T14240] usb 1-1: USB disconnect, device number 2
[ 1291.601521][ T5274] usb 3-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[ 1291.642760][T24896] netlink: 12 bytes leftover after parsing attributes in process `syz.0.4654'.
[ 1291.750836][ T5240] udevd[5240]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1292.174117][T16625] usb 5-1: new high-speed USB device number 121 using dummy_hcd
[ 1292.397031][T16625] usb 5-1: Using ep0 maxpacket: 32
[ 1292.446729][T16625] usb 5-1: config 0 has an invalid interface number: 219 but max is 0
[ 1292.484721][T16625] usb 5-1: config 0 has no interface number 0
[ 1292.511128][T16625] usb 5-1: config 0 interface 219 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1292.556950][T16625] usb 5-1: config 0 interface 219 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[ 1292.596449][T16625] usb 5-1: config 0 interface 219 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[ 1292.653447][T16625] usb 5-1: config 0 interface 219 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 1292.682206][T16625] usb 5-1: config 0 interface 219 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023
[ 1292.715590][T16625] usb 5-1: config 0 interface 219 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[ 1292.751869][T16625] usb 5-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9
[ 1292.771848][T16625] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1292.799320][T16625] usb 5-1: Product: syz
[ 1292.828098][T16625] usb 5-1: Manufacturer: syz
[ 1292.872330][T16625] usb 5-1: SerialNumber: syz
[ 1292.925467][T16625] usb 5-1: config 0 descriptor??
[ 1292.950055][T24899] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1292.976104][T24899] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1293.256263][T16625] etas_es58x 5-1:0.219: Starting syz syz (Serial Number syz)
[ 1293.281950][ T5274] usb 3-1: USB disconnect, device number 108
[ 1293.301036][T16625] etas_es58x 5-1:0.219: could not retrieve the product info string
[ 1293.427025][T16625] usb 5-1: USB disconnect, device number 121
[ 1293.483548][T16625] etas_es58x 5-1:0.219: Disconnecting syz syz
[ 1293.567958][T24938] tipc: Started in network mode
[ 1293.586828][T24938] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[ 1293.611598][T24938] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[ 1293.710249][T24942] netlink: 68 bytes leftover after parsing attributes in process `syz.1.4663'.
[ 1294.035012][   T29] kauditd_printk_skb: 3 callbacks suppressed
[ 1294.035030][   T29] audit: type=1326 audit(1724488290.780:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24955 comm="syz.4.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1294.070024][T24956] mmap: syz.4.4666 (24956): VmData 54169600 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[ 1294.134375][   T29] audit: type=1326 audit(1724488290.780:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24955 comm="syz.4.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1294.262454][   T29] audit: type=1326 audit(1724488290.780:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24955 comm="syz.4.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1294.284792][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1294.314989][T24964] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4667'.
[ 1294.375634][   T29] audit: type=1326 audit(1724488290.790:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24955 comm="syz.4.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1294.405124][   T29] audit: type=1326 audit(1724488290.790:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24955 comm="syz.4.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1294.489772][   T29] audit: type=1326 audit(1724488290.790:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24955 comm="syz.4.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1294.556444][   T29] audit: type=1326 audit(1724488290.790:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24955 comm="syz.4.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1294.622235][T16625] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 1294.660886][   T29] audit: type=1326 audit(1724488290.790:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24955 comm="syz.4.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1294.683283][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1294.739334][   T29] audit: type=1326 audit(1724488290.790:529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24955 comm="syz.4.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1294.821495][   T29] audit: type=1326 audit(1724488290.790:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=24955 comm="syz.4.4666" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fcb0c979e79 code=0x7ffc0000
[ 1294.849907][T16625] usb 1-1: Using ep0 maxpacket: 32
[ 1294.857130][T16625] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[ 1294.900524][T16625] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[ 1294.941881][T16625] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1294.951374][T16625] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1294.989103][T16625] usb 1-1: Product: syz
[ 1295.006290][T16625] usb 1-1: Manufacturer: syz
[ 1295.025782][T16625] usb 1-1: SerialNumber: syz
[ 1295.190232][T24982] ip6t_srh: unknown srh invflags 7863
[ 1295.344025][T16625] usblp 1-1:1.0: usblp0: USB Unidirectional printer dev 3 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[ 1295.405835][T16625] usb 1-1: USB disconnect, device number 3
[ 1295.438351][T16625] usblp0: removed
[ 1295.684243][T14240] usb 2-1: new high-speed USB device number 119 using dummy_hcd
[ 1295.746274][T24989] netlink: 68 bytes leftover after parsing attributes in process `syz.4.4675'.
[ 1295.882461][T14240] usb 2-1: Using ep0 maxpacket: 16
[ 1295.942222][T14240] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1295.991263][T14240] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1296.046901][T14240] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[ 1296.080542][T14240] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1296.116137][T14240] usb 2-1: config 0 descriptor??
[ 1296.181055][T25001] xt_hashlimit: overflow, try lower: 3/0
[ 1296.464222][ T5274] usb 5-1: new high-speed USB device number 122 using dummy_hcd
[ 1296.474321][T24418] usb 3-1: new low-speed USB device number 109 using dummy_hcd
[ 1296.575641][T24985] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1296.603075][ T1793] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 1296.615176][T24985] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1296.666578][ T5274] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1296.666657][ T5274] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1296.666701][ T5274] usb 5-1: New USB device found, idVendor=6a6d, idProduct=c532, bcdDevice= 0.00
[ 1296.666718][ T5274] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1296.669431][ T5274] usb 5-1: config 0 descriptor??
[ 1296.680003][ T5274] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1296.751980][T24418] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[ 1296.752033][T24418] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 1296.752056][T24418] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1296.752313][T24418] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[ 1296.752341][T24418] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1296.762531][T24418] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[ 1296.762579][T24418] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 1296.762602][T24418] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1296.762624][T24418] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[ 1296.762649][T24418] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1296.773872][T24418] usb 3-1: config 168 descriptor has 1 excess byte, ignoring
[ 1296.773905][T24418] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 is Bulk; changing to Interrupt
[ 1296.773919][T24418] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1296.773932][T24418] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 10
[ 1296.773954][T24418] usb 3-1: config 168 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1296.799744][T24418] usb 3-1: string descriptor 0 read error: -22
[ 1296.799841][T24418] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[ 1296.799868][T24418] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1296.807741][T24418] adutux 3-1:168.0: ADU100  now attached to /dev/usb/adutux0
[ 1296.862261][ T1793] usb 1-1: Using ep0 maxpacket: 16
[ 1296.865918][ T1793] usb 1-1: config 0 has an invalid interface number: 8 but max is 0
[ 1296.865947][ T1793] usb 1-1: config 0 has no interface number 0
[ 1296.865988][ T1793] usb 1-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x44, changing to 0x4
[ 1296.866015][ T1793] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[ 1296.866040][ T1793] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 1296.868102][ T1793] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[ 1296.868133][ T1793] usb 1-1: New USB device strings: Mfr=7, Product=0, SerialNumber=3
[ 1296.868154][ T1793] usb 1-1: Manufacturer: syz
[ 1296.868170][ T1793] usb 1-1: SerialNumber: syz
[ 1296.871349][ T1793] usb 1-1: config 0 descriptor??
[ 1296.880063][ T1793] usbhid 1-1:0.8: couldn't find an input interrupt endpoint
[ 1297.018716][ T1793] usb 3-1: USB disconnect, device number 109
[ 1297.721993][T25007] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4679'.
[ 1297.872443][   T30] INFO: task syz.3.4186:22988 blocked for more than 143 seconds.
[ 1297.890021][   T30]       Not tainted 6.11.0-rc4-syzkaller-00255-gd2bafcf224f3 #0
[ 1297.898944][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1297.908414][   T30] task:syz.3.4186      state:D stack:25488 pid:22988 tgid:22988 ppid:21581  flags:0x00004004
[ 1297.920137][   T30] Call Trace:
[ 1297.924061][   T30]  <TASK>
[ 1297.928313][   T30]  __schedule+0x1800/0x4a60
[ 1297.934217][   T30]  ? __pfx___schedule+0x10/0x10
[ 1297.939326][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1297.946207][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[ 1297.951860][   T30]  ? schedule+0x90/0x320
[ 1297.971286][   T30]  schedule+0x14b/0x320
[ 1297.976532][   T30]  schedule_preempt_disabled+0x13/0x30
[ 1297.982609][   T30]  __mutex_lock+0x6a4/0xd70
[ 1297.987511][   T30]  ? __mutex_lock+0x527/0xd70
[ 1297.993121][   T30]  ? hugetlb_wp+0x104d/0x3a90
[ 1297.998473][   T30]  ? __pfx___mutex_lock+0x10/0x10
[ 1298.004265][   T30]  ? __pfx_up_write+0x10/0x10
[ 1298.009309][   T30]  ? do_raw_spin_unlock+0x13c/0x8b0
[ 1298.015195][   T30]  ? vma_interval_tree_iter_next+0x193/0x340
[ 1298.021632][   T30]  hugetlb_wp+0x104d/0x3a90
[ 1298.026373][   T30]  ? mark_lock+0x9a/0x350
[ 1298.031036][   T30]  ? __pfx_hugetlb_wp+0x10/0x10
[ 1298.036639][   T30]  ? __pfx___might_resched+0x10/0x10
[ 1298.043452][   T30]  ? __pfx_lock_acquire+0x10/0x10
[ 1298.050086][   T30]  ? do_raw_spin_lock+0x14f/0x370
[ 1298.058121][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1298.065970][   T30]  ? __filemap_get_folio+0x769/0xc10
[ 1298.073471][   T30]  hugetlb_fault+0x27b2/0x3770
[ 1298.078911][   T30]  ? __pfx_hugetlb_fault+0x10/0x10
[ 1298.086635][   T30]  ? reacquire_held_locks+0x3eb/0x690
[ 1298.092426][T16625] usb 4-1: new high-speed USB device number 95 using dummy_hcd
[ 1298.092828][   T30]  ? __pfx_reacquire_held_locks+0x10/0x10
[ 1298.106726][   T30]  handle_mm_fault+0x173f/0x1980
[ 1298.111974][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1298.117418][   T30]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1298.123366][   T30]  ? lock_vma_under_rcu+0x592/0x6e0
[ 1298.130198][   T30]  ? lock_vma_under_rcu+0x18a/0x6e0
[ 1298.136037][   T30]  ? __pfx_lock_vma_under_rcu+0x10/0x10
[ 1298.141897][   T30]  ? exc_page_fault+0x113/0x8c0
[ 1298.148387][   T30]  exc_page_fault+0x459/0x8c0
[ 1298.155046][   T30]  asm_exc_page_fault+0x26/0x30
[ 1298.163440][   T30] RIP: 0033:0x7fa56db41918
[ 1298.168967][   T30] RSP: 002b:00007fa56de3fb98 EFLAGS: 00010202
[ 1298.179157][   T30] RAX: 0000000020000140 RBX: 0000000000000004 RCX: 006d766b2f766564
[ 1298.191066][   T30] RDX: 0000000000000009 RSI: 6d766b2f7665642f RDI: 0000000020000140
[ 1298.211364][   T30] RBP: 00007fa56de3fc68 R08: 00007fa56da00000 R09: 0000000000000001
[ 1298.265043][   T30] R10: 0000000000000001 R11: 0000000000000009 R12: 0000000000000032
[ 1298.275803][   T30] R13: 00007fa56de3fc90 R14: 00007fa56de3fcb0 R15: fffffffffffffffe
[ 1298.288057][   T30]  </TASK>
[ 1298.293657][   T30] INFO: task syz.3.4186:22989 blocked for more than 143 seconds.
[ 1298.304495][   T30]       Not tainted 6.11.0-rc4-syzkaller-00255-gd2bafcf224f3 #0
[ 1298.313129][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1298.317111][T16625] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1298.322549][   T30] task:syz.3.4186      state:D stack:24112 pid:22989 tgid:22988 ppid:21581  flags:0x00004004
[ 1298.350677][   T30] Call Trace:
[ 1298.354743][   T30]  <TASK>
[ 1298.357941][   T30]  __schedule+0x1800/0x4a60
[ 1298.380295][   T30]  ? __pfx___schedule+0x10/0x10
[ 1298.390028][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1298.415600][   T30]  ? irqentry_exit+0x63/0x90
[ 1298.420879][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[ 1298.435965][   T30]  ? schedule+0x90/0x320
[ 1298.437369][T16625] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1298.475649][   T30]  schedule+0x14b/0x320
[ 1298.485174][   T30]  io_schedule+0x8d/0x110
[ 1298.489796][   T30]  folio_wait_bit_common+0x882/0x12b0
[ 1298.507877][   T30]  ? __pfx_folio_wait_bit_common+0x10/0x10
[ 1298.526370][   T30]  ? __pfx_wake_page_function+0x10/0x10
[ 1298.535112][   T30]  ? _raw_spin_unlock+0x28/0x50
[ 1298.541284][   T30]  ? __vma_reservation_common+0x498/0x7d0
[ 1298.553656][   T30]  __filemap_get_folio+0xb7/0xc10
[ 1298.574354][   T30]  hugetlb_fault+0x1b72/0x3770
[ 1298.581580][   T30]  ? __pfx_validate_chain+0x10/0x10
[ 1298.581677][T14240] usbhid 2-1:0.0: can't add hid device: -71
[ 1298.598077][   T30]  ? __pfx_hugetlb_fault+0x10/0x10
[ 1298.598861][T16625] usb 4-1: New USB device found, idVendor=6a6d, idProduct=c532, bcdDevice= 0.00
[ 1298.622296][T14240] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[ 1298.631001][T16625] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1298.656958][   T30]  ? mt_find+0x226/0x850
[ 1298.658393][T14240] usb 2-1: USB disconnect, device number 119
[ 1298.672371][T16625] usb 4-1: config 0 descriptor??
[ 1298.689557][T16625] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1298.698756][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1298.717977][   T30]  handle_mm_fault+0x173f/0x1980
[ 1298.746383][   T30]  ? mt_find+0x62d/0x850
[ 1298.751748][   T30]  ? mt_find+0x226/0x850
[ 1298.756686][   T30]  ? __pfx_mt_find+0x10/0x10
[ 1298.762274][   T30]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1298.769056][   T30]  ? find_vma+0xf9/0x170
[ 1298.776884][   T30]  ? __pfx_find_vma+0x10/0x10
[ 1298.782246][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1298.789445][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1298.797074][   T30]  ? lock_mm_and_find_vma+0x9c/0x2f0
[ 1298.802618][   T30]  exc_page_fault+0x2b9/0x8c0
[ 1298.807759][   T30]  asm_exc_page_fault+0x26/0x30
[ 1298.813204][   T30] RIP: 0010:__put_user_8+0x11/0x20
[ 1298.819258][   T30] Code: 84 00 00 00 00 00 0f 1f 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 48 89 cb 48 c1 fb 3f 48 09 d9 0f 01 cb <48> 89 01 31 c9 0f 01 ca c3 cc cc cc cc 66 90 90 90 90 90 90 90 90
[ 1298.841964][   T30] RSP: 0018:ffffc90004d47778 EFLAGS: 00050202
[ 1298.854991][   T30] RAX: 0000000000800000 RBX: 0000000000000000 RCX: 0000000020000020
[ 1298.866612][   T30] RDX: 0000000000000000 RSI: ffffffff8c0ae6e0 RDI: ffffffff8c606d80
[ 1298.879044][   T30] RBP: ffffc90004d47ec8 R08: ffffffff9017f46f R09: 1ffffffff202fe8d
[ 1298.887484][   T30] R10: dffffc0000000000 R11: fffffbfff202fe8e R12: 1ffff920009a8f7d
[ 1298.906098][   T30] R13: 1ffff920009a8f08 R14: 0000000020800000 R15: 0000000000800000
[ 1298.915275][   T30]  userfaultfd_ioctl+0x28e7/0x70a0
[ 1298.920981][   T30]  ? stack_trace_save+0x118/0x1d0
[ 1298.929683][   T30]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[ 1298.936372][   T30]  ? stack_depot_save_flags+0x29/0x830
[ 1298.946953][   T30]  ? kasan_save_track+0x51/0x80
[ 1298.954388][   T30]  ? kasan_save_track+0x3f/0x80
[ 1298.961844][   T30]  ? kasan_save_free_info+0x40/0x50
[ 1298.971038][   T30]  ? poison_slab_object+0xe0/0x150
[ 1298.979544][   T30]  ? __kasan_slab_free+0x37/0x60
[ 1298.988087][   T30]  ? kfree+0x149/0x360
[ 1299.005133][   T30]  ? tomoyo_path_number_perm+0x68d/0x880
[ 1299.015590][   T30]  ? security_file_ioctl+0x75/0xb0
[ 1299.021008][   T30]  ? __se_sys_ioctl+0x47/0x170
[ 1299.032345][   T30]  ? do_syscall_64+0xf3/0x230
[ 1299.038027][   T30]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1299.048131][   T30]  ? do_vfs_ioctl+0xf0e/0x2e50
[ 1299.059031][   T30]  ? __pfx_do_vfs_ioctl+0x10/0x10
[ 1299.066684][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[ 1299.073653][   T30]  ? tomoyo_path_number_perm+0x208/0x880
[ 1299.080777][   T30]  ? __pfx_lock_release+0x10/0x10
[ 1299.101022][   T30]  ? kfree+0x149/0x360
[ 1299.105774][   T30]  ? tomoyo_path_number_perm+0x208/0x880
[ 1299.111552][   T30]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[ 1299.120054][   T30]  ? __fget_files+0x29/0x470
[ 1299.124883][   T30]  ? __fget_files+0x3f6/0x470
[ 1299.131694][   T30]  ? __fget_files+0x29/0x470
[ 1299.150234][   T30]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1299.158304][   T30]  ? security_file_ioctl+0x87/0xb0
[ 1299.163501][   T30]  ? __pfx_userfaultfd_ioctl+0x10/0x10
[ 1299.169013][   T30]  __se_sys_ioctl+0xfc/0x170
[ 1299.173641][   T30]  do_syscall_64+0xf3/0x230
[ 1299.178141][   T30]  ? clear_bhb_loop+0x35/0x90
[ 1299.183241][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1299.189164][   T30] RIP: 0033:0x7fa56db79e79
[ 1299.195089][   T30] RSP: 002b:00007fa56ea1f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1299.203618][   T30] RAX: ffffffffffffffda RBX: 00007fa56dd15f80 RCX: 00007fa56db79e79
[ 1299.211594][   T30] RDX: 0000000020000000 RSI: 00000000c028aa03 RDI: 0000000000000005
[ 1299.219641][   T30] RBP: 00007fa56dbe793e R08: 0000000000000000 R09: 0000000000000000
[ 1299.227659][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1299.235696][   T30] R13: 0000000000000000 R14: 00007fa56dd15f80 R15: 00007fa56de3fa38
[ 1299.243764][   T30]  </TASK>
[ 1299.246843][   T30] 
[ 1299.246843][   T30] Showing all locks held in the system:
[ 1299.262869][   T30] 1 lock held by khungtaskd/30:
[ 1299.269266][T16625] usb 1-1: USB disconnect, device number 4
[ 1299.278308][   T30]  #0: ffffffff8e938320 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[ 1299.293143][T14240] usb 5-1: USB disconnect, device number 122
[ 1299.308273][   T30] 2 locks held by getty/4977:
[ 1299.313453][   T30]  #0: ffff88802ab7c0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1299.323770][   T30]  #1: ffffc9000312b2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6ac/0x1e00
[ 1299.334309][   T30] 3 locks held by kworker/1:5/5276:
[ 1299.339513][   T30]  #0: ffff888015880948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 1299.350527][   T30]  #1: ffffc9000406fd00 ((work_completion)(&fw_work->work)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 1299.363080][   T30]  #2: ffffffff8e7e1850 (umhelper_sem){++++}-{3:3}, at: usermodehelper_read_lock_wait+0x14e/0x260
[ 1299.373821][   T30] 3 locks held by kworker/0:0/14240:
[ 1299.379108][   T30]  #0: ffff88801d2dc948 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 1299.391338][   T30]  #1: ffffc90003737d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 1299.403398][   T30]  #2: ffff888023d67190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150
[ 1299.415436][   T30] 3 locks held by kworker/0:5/16625:
[ 1299.420848][   T30]  #0: ffff88801d2dc948 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x90a/0x1830
[ 1299.432320][   T30]  #1: ffffc9000509fd00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x945/0x1830
[ 1299.444238][   T30]  #2: ffff888023cc9190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150
[ 1299.453208][   T30] 3 locks held by kworker/u8:10/22927:
[ 1299.458660][   T30]  #0: ffff8880b923e9d8 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xb0/0x140
[ 1299.469358][   T30]  #1: ffff8880b9328948 (&per_cpu_ptr(group->pcpu, cpu)->seq){-.-.}-{0:0}, at: psi_task_switch+0x3a7/0x770
[ 1299.480810][   T30]  #2: ffff8880b932a718 (&base->lock){-.-.}-{2:2}, at: lock_timer_base+0x112/0x240
[ 1299.490575][   T30] 2 locks held by syz.3.4186/22988:
[ 1299.495839][   T30]  #0: ffff88807d65d9b8 (&vma->vm_lock->lock){++++}-{3:3}, at: lock_vma_under_rcu+0x2f9/0x6e0
[ 1299.506204][   T30]  #1: ffff88801beba698 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: hugetlb_wp+0x104d/0x3a90
[ 1299.518192][   T30] 3 locks held by syz.3.4186/22989:
[ 1299.525237][   T30]  #0: ffff88807c41d718 (&mm->mmap_lock){++++}-{3:3}, at: lock_mm_and_find_vma+0x32/0x2f0
[ 1299.535258][   T30]  #1: ffff88801beba698 (&hugetlb_fault_mutex_table[i]){+.+.}-{3:3}, at: hugetlb_fault+0x56f/0x3770
[ 1299.546126][   T30]  #2: ffff88806483f8e8 (&resv_map->rw_sema){++++}-{3:3}, at: hugetlb_fault+0x675/0x3770
[ 1299.556100][   T30] 1 lock held by syz.0.4678/24994:
[ 1299.561232][   T30]  #0: ffffffff8e93d6f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[ 1299.572219][   T30] 1 lock held by syz.4.4679/25006:
[ 1299.577341][   T30]  #0: ffffffff8e93d6f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[ 1299.588360][   T30] 
[ 1299.590722][   T30] =============================================
[ 1299.590722][   T30] 
[ 1299.604660][   T30] NMI backtrace for cpu 0
[ 1299.609017][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc4-syzkaller-00255-gd2bafcf224f3 #0
[ 1299.619518][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1299.629563][   T30] Call Trace:
[ 1299.632833][   T30]  <TASK>
[ 1299.635749][   T30]  dump_stack_lvl+0x241/0x360
[ 1299.640497][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1299.645676][   T30]  ? __pfx__printk+0x10/0x10
[ 1299.650254][   T30]  ? vprintk_emit+0x667/0x7c0
[ 1299.654921][   T30]  ? __pfx_vprintk_emit+0x10/0x10
[ 1299.659931][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[ 1299.664858][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[ 1299.670297][   T30]  ? _printk+0xd5/0x120
[ 1299.674447][   T30]  ? __pfx__printk+0x10/0x10
[ 1299.679035][   T30]  ? __wake_up_klogd+0xcc/0x110
[ 1299.683871][   T30]  ? __pfx__printk+0x10/0x10
[ 1299.688448][   T30]  ? __rcu_read_unlock+0xa1/0x110
[ 1299.693468][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1299.699453][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[ 1299.705435][   T30]  watchdog+0xff4/0x1040
[ 1299.709669][   T30]  ? watchdog+0x1ea/0x1040
[ 1299.714101][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1299.718767][   T30]  kthread+0x2f0/0x390
[ 1299.722829][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1299.727493][   T30]  ? __pfx_kthread+0x10/0x10
[ 1299.732091][   T30]  ret_from_fork+0x4b/0x80
[ 1299.736532][   T30]  ? __pfx_kthread+0x10/0x10
[ 1299.741123][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1299.745980][   T30]  </TASK>
[ 1299.749039][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1299.755431][   T30] Sending NMI from CPU 0 to CPUs 1:
[ 1299.760657][    C1] NMI backtrace for cpu 1 skipped: idling at acpi_safe_halt+0x21/0x30
[ 1299.806629][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[ 1299.813506][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.11.0-rc4-syzkaller-00255-gd2bafcf224f3 #0
[ 1299.824014][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/06/2024
[ 1299.834063][   T30] Call Trace:
[ 1299.837334][   T30]  <TASK>
[ 1299.840257][   T30]  dump_stack_lvl+0x241/0x360
[ 1299.844929][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1299.850116][   T30]  ? __pfx__printk+0x10/0x10
[ 1299.854714][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[ 1299.860692][   T30]  ? vscnprintf+0x5d/0x90
[ 1299.865014][   T30]  panic+0x349/0x860
[ 1299.868910][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 1299.875055][   T30]  ? __pfx_panic+0x10/0x10
[ 1299.879461][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[ 1299.884821][   T30]  ? __irq_work_queue_local+0x137/0x410
[ 1299.890357][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[ 1299.895719][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[ 1299.901867][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[ 1299.908016][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[ 1299.914164][   T30]  watchdog+0x1033/0x1040
[ 1299.918491][   T30]  ? watchdog+0x1ea/0x1040
[ 1299.922902][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1299.927569][   T30]  kthread+0x2f0/0x390
[ 1299.931628][   T30]  ? __pfx_watchdog+0x10/0x10
[ 1299.936386][   T30]  ? __pfx_kthread+0x10/0x10
[ 1299.940969][   T30]  ret_from_fork+0x4b/0x80
[ 1299.945464][   T30]  ? __pfx_kthread+0x10/0x10
[ 1299.950047][   T30]  ret_from_fork_asm+0x1a/0x30
[ 1299.954814][   T30]  </TASK>
[ 1299.958051][   T30] Kernel Offset: disabled
[ 1299.962365][   T30] Rebooting in 86400 seconds..