last executing test programs:

3m3.044177412s ago: executing program 3 (id=1700):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000cc0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x5, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz1\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x1400}, [@NFTA_RULE_EXPRESSIONS={0x30, 0x4, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, @tproxy={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_TPROXY_FAMILY={0x8}, @NFTA_TPROXY_REG_ADDR={0x8, 0x2, 0x1, 0x0, 0xd}, @NFTA_TPROXY_FAMILY={0x8, 0x1, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0xcc}}, 0x0)

3m3.007870425s ago: executing program 3 (id=1701):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000000580)={0x2, {"a2e3ad214fc752f91b450a0787f70e06d038e7ff7fc6e5539b326d078b089b2008385d090890e0878f0e1ac6e70a9b334a959b689a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31320d095d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5bb6f5dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f0841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b158b41f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b00005e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85824056526f889af43a605608057228652010400006c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d82d6734b849304c27b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a4d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833c596c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f5d6d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9ef6d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ca4d24ad92f243941ed274f12a29ff962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e029efe0703615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712ea5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9b97474a5966a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185daba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687fd1602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81da8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6687f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741258c5488efeee327415cc19451432c6f14c27693102a5bd848d7cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a941f0000005f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c86310e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39e3313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13b5c1fa7cfaadba85c7248758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb9957697c9ede7885d94ffb0759be0daf60a842b09eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f49013a3a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000210000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1271e0400", 0x1000}}, 0x1006)
r2 = syz_open_dev$sg(&(0x7f0000000380), 0x0, 0x0)
ioctl$BLKTRACESTART(r2, 0x2275, 0xffefff1f00000000)
socket$nl_route(0x10, 0x3, 0x0)
syz_usb_connect(0x0, 0x62, &(0x7f0000000100)=ANY=[], 0x0)

3m2.364268687s ago: executing program 3 (id=1717):
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502"], 0x3c}, 0x1, 0x0, 0x0, 0x8800}, 0x10)

3m2.298290057s ago: executing program 3 (id=1719):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000280)=ANY=[@ANYBLOB="12010000d3750820c80a2103be6f000000010902120001000000000904"], 0x0)
syz_usb_connect(0x2, 0x718, &(0x7f00000002c0)={{0x12, 0x1, 0x200, 0x1d, 0x86, 0x72, 0x10, 0xdb0, 0x3822, 0x20a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x706, 0x2, 0x7, 0x0, 0x40, 0xb9, [{{0x9, 0x4, 0x76, 0xc, 0xe, 0x72, 0xd9, 0xfd, 0xbf, [], [{{0x9, 0x5, 0xa, 0x0, 0x3ff, 0x0, 0x9, 0x5}}, {{0x9, 0x5, 0xb, 0x0, 0x3ff, 0x8, 0x9, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x1, 0x6a1}]}}, {{0x9, 0x5, 0x3, 0x0, 0x8, 0x5, 0x97, 0x25, [@generic={0xe, 0x1, "cb3a9d5b0ad4fc3810a777fd"}]}}, {{0x9, 0x5, 0x6, 0x0, 0xab3b5c32b724fbb2, 0x2c, 0x8, 0x0, [@generic={0x86, 0x2, "74153ba47d50c401b23799e05df6f51932eaf3a328f35d2374a0d553c3e9179a797e8481cd8027ae435c6e3adc696ca1fc968027e7823b257cb3ca0f43dae0483ec81abf2464c96a4d431ecc185c6f91c69fa05a58df3946df8bb9bfa7ec61898e1c9326ad856349fa61241d121cf0486c3936bd348cd4aecfe79000a4ac7e49c30475e8"}]}}, {{0x9, 0x5, 0x1, 0x0, 0x3ff, 0x5, 0x4, 0x1}}, {{0x9, 0x5, 0x5, 0x0, 0x3ff, 0x9, 0x9, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xf7, 0x2}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x7, 0x8a0}]}}, {{0x9, 0x5, 0x0, 0x10, 0x397, 0x7c, 0x1, 0x9}}, {{0x9, 0x5, 0x1, 0x10, 0x3ff, 0x7, 0x80, 0x2, [@generic={0x9e, 0x31, "9a209dfec5931f98df20bd3b5a65c37518488682e15ab0b3fd8e019343955754bdbc2280558731b5a5e596a30adae26e379cb080969ff682a7046e4ac0cfbdde66e7e9140c7f6a37f9e82ed8916def6f2c30859cb3bfbf6761d2ad7d74344768fcbc63c72ad5fd92cc47eb4c0c1944aec8430c83527277431ef09b4e745db5e33855db2f5373296c0d1ec5550808cebd1eef969b89fa36a18d9b29b1"}, @generic={0x4c, 0x4, "c08ca4572ef5076d21e34b8d72942247e3d9ce718d7918e83f0cbb0dedd211c62fda28b2df75e6458ea64fddcd8e7b028fd3eeb1e8f5f836fc7a265b65517cf5d11eb423fa0895dfcf26"}]}}, {{0x9, 0x5, 0xe, 0x10, 0x10, 0x4, 0x0, 0x2}}, {{0x9, 0x5, 0x8, 0x0, 0x3ff, 0x1a, 0x1, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x5, 0x1000}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x3, 0xc}]}}, {{0x9, 0x5, 0xf, 0xbae761344071bd8e, 0x20, 0x80, 0xc, 0xd}}, {{0x9, 0x5, 0x9, 0xf84976f3e484a2a2, 0x0, 0x2, 0x3, 0x5}}, {{0x9, 0x5, 0xa, 0x0, 0x8, 0xf7, 0x76, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0xd, 0x2}]}}, {{0x9, 0x5, 0x83, 0x3, 0x20, 0xe9, 0x2, 0x1, [@generic={0x2a, 0x2a, "a511b3d970325d3341ef167ce00e30d6bf03947ec29e862b02f82e8dd7601939317bf9b6b3a9f641"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x2, 0x6}]}}]}}, {{0x9, 0x4, 0x20, 0x1, 0x6, 0xff, 0xff, 0xff, 0xc9, [@uac_control={{0xa, 0x24, 0x1, 0x9, 0x2}, [@processing_unit={0x9, 0x24, 0x7, 0x6, 0x6, 0x7, '-J'}, @extension_unit={0x8, 0x24, 0x8, 0x3, 0x2, 0x5, "e2"}, @output_terminal={0x9, 0x24, 0x3, 0x4, 0x304, 0x5, 0x1, 0x2}, @input_terminal={0xc, 0x24, 0x2, 0x2, 0x206, 0x3, 0x9, 0x9, 0x2, 0x78}]}], [{{0x9, 0x5, 0x9, 0x1, 0x200, 0xda, 0x3, 0x5}}, {{0x9, 0x5, 0x6, 0x10, 0x200, 0x5a, 0x6, 0x1}}, {{0x9, 0x5, 0x80, 0x1, 0x3ff, 0xff, 0x7f, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x2, 0x8}, @generic={0xc8, 0x4, "6816ff0a75b8437ce5f3f8f10febbfbe9ffbfc0235ebd007b5169a62ae41b033c0647c5bd469085a48e7277d286a9a98fd6ab438de6691d6260c9948eedb6c8485c508d269ee210abd84babdeafc8be3978e216f66c4eb27259626a2b1bf70e695791433a4f468eb98419624f560281ed29f430de7d75e28c7c532dcb26f55497d2e103994a074bc37cd821d30074ccb534d6f2ac2e90e4e6f24e136b928f2667f2d94f8d580985b33f6685d3002bf2e9f04cec1deca33483bd5af8af485d6cf7b98cff624a9"}]}}, {{0x9, 0x5, 0x3, 0x1, 0x8, 0x3, 0x6, 0x7e, [@generic={0xd4, 0xe, "478ac9dbba2ed1626310e627f09f7f4a1bed66030b0c3e2724f3fb1a5607f316df1f256553ee7cc1532d66ddefdc52c7fcd4c3ac9176d49e8dc034159455a3fd542a6ac92bd8d11755cc06c73c9c37fea45e379b705700fe32fb7cedbcd91f3b271f4ef4a5b601bfbf8512e56219b99b6f812d752b7a4847166e4fc6dec77eaf8982be8907394866505dbb665e9d7f4ae9ab870afcf3fe1b87e39e1b203e7d667569c9cdf0d482850a23c2ea2989459cd2c0ae76523f7a82fc58fcb0ddf152f0fef6deaea010ba70e890a690f6041927d4eb"}, @generic={0x96, 0x2, "12cf8d589b30edac6698cf84c9c4b9d6acb27b183d2f9bd96d1a251be7061d4c109700cf9e380ea6b7cdbabf1791f1f82d2df210a2c12e5d3dbdd33a8611c734cd69a6d052c48cb6e7fa57db37e647cc65c61926a4571331d83ec5fdf4800243da52373eca5cc5b1351446f55e5db8263dbfe5b0d186eb7b13099d34ef77ed762011f4e16a9f2d097d52875304d5a378eef69b9a"}]}}, {{0x9, 0x5, 0x6, 0x10, 0x40, 0x2, 0x4, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x40, 0xff71}, @generic={0xa3, 0x23, "67a736f9ee7575422dd8c55450d64d52b6dc54eef944cca8ad430386ce4b910ee161eae8c14423d57418f4a2be67c4441a24ed15dcf89128379a3d1d34136cb3ea5c8f93a4093b96528a78e25d01b016fd940358594b69e9489a5b5fa225396d728a11c9065b5f0725b0d4f136981e4ce7530f6772918860e978fff1311d6c5cd80947f0926816a57b80ddb9118db676efab2e0af0288f4e3bc573f7e9f68ba860"}]}}, {{0x9, 0x5, 0x1, 0x1, 0x10, 0xc, 0xfe, 0x40, [@generic={0x4d, 0x21, "b1732c868d940c895fc57b29c99f9244fd8fb09aae7760d843da7d08399c55b96c1d1d0e7f6e07d363e9c5040bb117d3ac1ff1b50bc8945ecb1b830c6f4082a2b3e644695baaefb6770865"}, @generic={0xff, 0xc, "00e4a2447c0354759bda00dea7e66148b284b444770c56287759378722eb5423a17661486efe8c81754ad143572fa78284e9a43f105fb105e37332c0297a13b9ffe2ac2af28498829f261b4474f32ee56c1b0d197779e8f4876ac5b738505916afcbcfe5382e07583ba00d02888d7a104ceb3f126785de83d5f20361f56e40ab6d891faa5c3a40b46404b7a2a3a78b6b614c64031ba68f66bc9c40a55bb384cf257bba5e81506010dfe3501f61cb934a0e764e722a09be805e87553d44e10338b83d748f646596acc2f52f66ac6ba2e6c4cb86b525d5385a7f4b14ee8cf73679e2c0b4824ec8c1467d2b4871fc837da6dd311ed23192ba937082905176"}]}}]}}]}}]}}, &(0x7f0000000a40)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x300, 0x0, 0x6, 0x7, 0x40, 0x3}, 0x11, &(0x7f0000000a00)={0x5, 0xf, 0x11, 0x1, [@ssp_cap={0xc, 0x10, 0xa, 0x0, 0x0, 0xc, 0x780}]}}) (async)
syz_usb_connect(0x2, 0x718, &(0x7f00000002c0)={{0x12, 0x1, 0x200, 0x1d, 0x86, 0x72, 0x10, 0xdb0, 0x3822, 0x20a, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x706, 0x2, 0x7, 0x0, 0x40, 0xb9, [{{0x9, 0x4, 0x76, 0xc, 0xe, 0x72, 0xd9, 0xfd, 0xbf, [], [{{0x9, 0x5, 0xa, 0x0, 0x3ff, 0x0, 0x9, 0x5}}, {{0x9, 0x5, 0xb, 0x0, 0x3ff, 0x8, 0x9, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x1, 0x6a1}]}}, {{0x9, 0x5, 0x3, 0x0, 0x8, 0x5, 0x97, 0x25, [@generic={0xe, 0x1, "cb3a9d5b0ad4fc3810a777fd"}]}}, {{0x9, 0x5, 0x6, 0x0, 0xab3b5c32b724fbb2, 0x2c, 0x8, 0x0, [@generic={0x86, 0x2, "74153ba47d50c401b23799e05df6f51932eaf3a328f35d2374a0d553c3e9179a797e8481cd8027ae435c6e3adc696ca1fc968027e7823b257cb3ca0f43dae0483ec81abf2464c96a4d431ecc185c6f91c69fa05a58df3946df8bb9bfa7ec61898e1c9326ad856349fa61241d121cf0486c3936bd348cd4aecfe79000a4ac7e49c30475e8"}]}}, {{0x9, 0x5, 0x1, 0x0, 0x3ff, 0x5, 0x4, 0x1}}, {{0x9, 0x5, 0x5, 0x0, 0x3ff, 0x9, 0x9, 0x1, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0xf7, 0x2}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x7, 0x8a0}]}}, {{0x9, 0x5, 0x0, 0x10, 0x397, 0x7c, 0x1, 0x9}}, {{0x9, 0x5, 0x1, 0x10, 0x3ff, 0x7, 0x80, 0x2, [@generic={0x9e, 0x31, "9a209dfec5931f98df20bd3b5a65c37518488682e15ab0b3fd8e019343955754bdbc2280558731b5a5e596a30adae26e379cb080969ff682a7046e4ac0cfbdde66e7e9140c7f6a37f9e82ed8916def6f2c30859cb3bfbf6761d2ad7d74344768fcbc63c72ad5fd92cc47eb4c0c1944aec8430c83527277431ef09b4e745db5e33855db2f5373296c0d1ec5550808cebd1eef969b89fa36a18d9b29b1"}, @generic={0x4c, 0x4, "c08ca4572ef5076d21e34b8d72942247e3d9ce718d7918e83f0cbb0dedd211c62fda28b2df75e6458ea64fddcd8e7b028fd3eeb1e8f5f836fc7a265b65517cf5d11eb423fa0895dfcf26"}]}}, {{0x9, 0x5, 0xe, 0x10, 0x10, 0x4, 0x0, 0x2}}, {{0x9, 0x5, 0x8, 0x0, 0x3ff, 0x1a, 0x1, 0x9, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x5, 0x1000}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x3, 0xc}]}}, {{0x9, 0x5, 0xf, 0xbae761344071bd8e, 0x20, 0x80, 0xc, 0xd}}, {{0x9, 0x5, 0x9, 0xf84976f3e484a2a2, 0x0, 0x2, 0x3, 0x5}}, {{0x9, 0x5, 0xa, 0x0, 0x8, 0xf7, 0x76, 0x6, [@uac_iso={0x7, 0x25, 0x1, 0x82, 0xd, 0x2}]}}, {{0x9, 0x5, 0x83, 0x3, 0x20, 0xe9, 0x2, 0x1, [@generic={0x2a, 0x2a, "a511b3d970325d3341ef167ce00e30d6bf03947ec29e862b02f82e8dd7601939317bf9b6b3a9f641"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x2, 0x6}]}}]}}, {{0x9, 0x4, 0x20, 0x1, 0x6, 0xff, 0xff, 0xff, 0xc9, [@uac_control={{0xa, 0x24, 0x1, 0x9, 0x2}, [@processing_unit={0x9, 0x24, 0x7, 0x6, 0x6, 0x7, '-J'}, @extension_unit={0x8, 0x24, 0x8, 0x3, 0x2, 0x5, "e2"}, @output_terminal={0x9, 0x24, 0x3, 0x4, 0x304, 0x5, 0x1, 0x2}, @input_terminal={0xc, 0x24, 0x2, 0x2, 0x206, 0x3, 0x9, 0x9, 0x2, 0x78}]}], [{{0x9, 0x5, 0x9, 0x1, 0x200, 0xda, 0x3, 0x5}}, {{0x9, 0x5, 0x6, 0x10, 0x200, 0x5a, 0x6, 0x1}}, {{0x9, 0x5, 0x80, 0x1, 0x3ff, 0xff, 0x7f, 0x4, [@uac_iso={0x7, 0x25, 0x1, 0x0, 0x2, 0x8}, @generic={0xc8, 0x4, "6816ff0a75b8437ce5f3f8f10febbfbe9ffbfc0235ebd007b5169a62ae41b033c0647c5bd469085a48e7277d286a9a98fd6ab438de6691d6260c9948eedb6c8485c508d269ee210abd84babdeafc8be3978e216f66c4eb27259626a2b1bf70e695791433a4f468eb98419624f560281ed29f430de7d75e28c7c532dcb26f55497d2e103994a074bc37cd821d30074ccb534d6f2ac2e90e4e6f24e136b928f2667f2d94f8d580985b33f6685d3002bf2e9f04cec1deca33483bd5af8af485d6cf7b98cff624a9"}]}}, {{0x9, 0x5, 0x3, 0x1, 0x8, 0x3, 0x6, 0x7e, [@generic={0xd4, 0xe, "478ac9dbba2ed1626310e627f09f7f4a1bed66030b0c3e2724f3fb1a5607f316df1f256553ee7cc1532d66ddefdc52c7fcd4c3ac9176d49e8dc034159455a3fd542a6ac92bd8d11755cc06c73c9c37fea45e379b705700fe32fb7cedbcd91f3b271f4ef4a5b601bfbf8512e56219b99b6f812d752b7a4847166e4fc6dec77eaf8982be8907394866505dbb665e9d7f4ae9ab870afcf3fe1b87e39e1b203e7d667569c9cdf0d482850a23c2ea2989459cd2c0ae76523f7a82fc58fcb0ddf152f0fef6deaea010ba70e890a690f6041927d4eb"}, @generic={0x96, 0x2, "12cf8d589b30edac6698cf84c9c4b9d6acb27b183d2f9bd96d1a251be7061d4c109700cf9e380ea6b7cdbabf1791f1f82d2df210a2c12e5d3dbdd33a8611c734cd69a6d052c48cb6e7fa57db37e647cc65c61926a4571331d83ec5fdf4800243da52373eca5cc5b1351446f55e5db8263dbfe5b0d186eb7b13099d34ef77ed762011f4e16a9f2d097d52875304d5a378eef69b9a"}]}}, {{0x9, 0x5, 0x6, 0x10, 0x40, 0x2, 0x4, 0x2, [@uac_iso={0x7, 0x25, 0x1, 0x2, 0x40, 0xff71}, @generic={0xa3, 0x23, "67a736f9ee7575422dd8c55450d64d52b6dc54eef944cca8ad430386ce4b910ee161eae8c14423d57418f4a2be67c4441a24ed15dcf89128379a3d1d34136cb3ea5c8f93a4093b96528a78e25d01b016fd940358594b69e9489a5b5fa225396d728a11c9065b5f0725b0d4f136981e4ce7530f6772918860e978fff1311d6c5cd80947f0926816a57b80ddb9118db676efab2e0af0288f4e3bc573f7e9f68ba860"}]}}, {{0x9, 0x5, 0x1, 0x1, 0x10, 0xc, 0xfe, 0x40, [@generic={0x4d, 0x21, "b1732c868d940c895fc57b29c99f9244fd8fb09aae7760d843da7d08399c55b96c1d1d0e7f6e07d363e9c5040bb117d3ac1ff1b50bc8945ecb1b830c6f4082a2b3e644695baaefb6770865"}, @generic={0xff, 0xc, "00e4a2447c0354759bda00dea7e66148b284b444770c56287759378722eb5423a17661486efe8c81754ad143572fa78284e9a43f105fb105e37332c0297a13b9ffe2ac2af28498829f261b4474f32ee56c1b0d197779e8f4876ac5b738505916afcbcfe5382e07583ba00d02888d7a104ceb3f126785de83d5f20361f56e40ab6d891faa5c3a40b46404b7a2a3a78b6b614c64031ba68f66bc9c40a55bb384cf257bba5e81506010dfe3501f61cb934a0e764e722a09be805e87553d44e10338b83d748f646596acc2f52f66ac6ba2e6c4cb86b525d5385a7f4b14ee8cf73679e2c0b4824ec8c1467d2b4871fc837da6dd311ed23192ba937082905176"}]}}]}}]}}]}}, &(0x7f0000000a40)={0xa, &(0x7f0000000240)={0xa, 0x6, 0x300, 0x0, 0x6, 0x7, 0x40, 0x3}, 0x11, &(0x7f0000000a00)={0x5, 0xf, 0x11, 0x1, [@ssp_cap={0xc, 0x10, 0xa, 0x0, 0x0, 0xc, 0x780}]}})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf) (async)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000100)={0x1c, &(0x7f0000000440)=ANY=[], 0x0, 0x0})
r2 = add_key$keyring(&(0x7f0000000080), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff9)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.effective_mems\x00', 0x275a, 0x0) (async)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.effective_mems\x00', 0x275a, 0x0)
fcntl$lock(r3, 0x6, &(0x7f0000000080)={0x1, 0x1})
fcntl$lock(r3, 0x7, &(0x7f0000000100)={0x0, 0x1, 0x36, 0xc1b0})
fcntl$lock(r3, 0x7, &(0x7f0000000180)={0x0, 0x2, 0x2, 0xdbd})
fcntl$lock(r3, 0x25, &(0x7f0000000000)={0x0, 0x1, 0x7, 0x3})
close(r3) (async)
close(r3)
syz_init_net_socket$rose(0xb, 0x5, 0x0) (async)
r4 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r4, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @null}, 0x1c)
add_key$fscrypt_v1(&(0x7f0000000000), &(0x7f0000000040)={'fscrypt:', @desc1}, &(0x7f0000000140)={0x0, "00b8d44259c4cfc17f3a6c677d99ffa71f7943c59f7031dc61cd1f885a09764cef01ba722e78d8124ec934517d74747d5a669662cceb3a9752853ec186fea5d5", 0x39}, 0x48, r2)

2m29.119233491s ago: executing program 3 (id=1743):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
syz_io_uring_setup(0x7304, &(0x7f0000000340)={0x0, 0x9f7, 0x80, 0x3, 0x38}, &(0x7f0000000100), 0x0)
ioctl$CEC_RECEIVE(0xffffffffffffffff, 0xc0386106, &(0x7f0000000180)={0x10, 0x1, 0x0, 0x6, 0x0, 0x0, "5dc9ca561a5fbf61048955f6f876b2ff", 0x0, 0x1})
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000800)={0x0, 0x0, r1}, 0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={'nhpoly1305-neon\x00'}})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x51)
ioctl$FS_IOC_FSSETXATTR(r2, 0x401c5820, &(0x7f0000000080)={0x8})
link(&(0x7f0000000080)='.\x00', &(0x7f00000000c0)='./file0\x00')
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=ANY=[@ANYBLOB="5c0100001000130427bd7000fbdbdf25fe800000000000000000000000000000ac1414bb000088000000000000000000000000000000000000000000005a3e00", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac1414aa0000000000000000000000000000000032000000fe8000000000000000000000000000bb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000b00000000000000000000000000000000800000000000000000000000000000fdffffff00000000003500000a000000000000000000000060001200726663343130362867636d28616573292900"/234, @ANYRES32=0x0, @ANYBLOB="02"], 0x15c}}, 0x4000080)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0xfffffffffffffffe)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000880)='ns\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
getdents(r4, 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = socket$pppl2tp(0x18, 0x1, 0x1)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r5, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r6, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
r7 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000200), r2)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r8, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010026bd70000400000005000000080009000200000008000b01000000000600010007000000050005000100000008000c0002000000"], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x20)
socket$nl_xfrm(0x10, 0x3, 0x6)
r9 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(r4, &(0x7f00004b8fe4)={0xa, 0x4e1f, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
sendto$inet6(r9, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r9, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x4, @dev={0xfe, 0x80, '\x00', 0x15}}}, 0x0, 0x0, 0x300, 0x0, 0x44, 0x80000000}, 0x9c)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r10 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
rmdir(&(0x7f0000000080)='./cgroup/../file0\x00')
syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000000000010ac054102060000000001092c8f00000000000009040000010300020009210100000122100d090581032000090000"], 0x0)
syz_clone3(&(0x7f0000000240)={0x200a00000, 0x0, 0x0, 0x0, {0x1a}, 0x0, 0x0, 0x0, 0x0, 0x0, {r10}}, 0x58)

2m29.103915002s ago: executing program 3 (id=1752):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000b80)=ANY=[@ANYBLOB="c40000001900674c000000000000000000000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="01000000000002000000000000000000000000000000000000000000000000000000000000000000ffff7f00000000000000000000000000fcffffffffffffff0000000000000000b0ac0000000000000000000004000000000000000000000000040000c06b6e0000000300000000000a00100001"], 0xc4}}, 0x4c050)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003082f00fe88a43de1a400000005000000007d01ff020000000000000000000000000001"], 0xfdef)

2m13.996803122s ago: executing program 32 (id=1752):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000b80)=ANY=[@ANYBLOB="c40000001900674c000000000000000000000000000000000000000000000000ac1e000100000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="01000000000002000000000000000000000000000000000000000000000000000000000000000000ffff7f00000000000000000000000000fcffffffffffffff0000000000000000b0ac0000000000000000000004000000000000000000000000040000c06b6e0000000300000000000a00100001"], 0xc4}}, 0x4c050)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003082f00fe88a43de1a400000005000000007d01ff020000000000000000000000000001"], 0xfdef)

10.344679145s ago: executing program 0 (id=2987):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000140)=ANY=[@ANYBLOB="034886dd010000000000140000006000000003083200fe88a43de1a400000000000000007d01ff020000001200000000000000000001"], 0xfdef)

10.201143186s ago: executing program 0 (id=2990):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffb}, {0x0, 0x0, 0x200000000000000}}, [@mark={0xc, 0x15, {0x35075a, 0x81}}]}, 0xc4}}, 0x2c000010)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
r2 = add_key$keyring(&(0x7f00000000c0), &(0x7f0000000100)={'syz', 0x1}, 0x0, 0x0, 0xffffffffffffffff)
r3 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r2)
r4 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x2}, 0x0, 0x0, r3)
add_key$keyring(0x0, &(0x7f0000000300)={'syz', 0x0}, 0x0, 0x0, r4)
keyctl$KEYCTL_MOVE(0x1e, r3, r2, r4, 0x0)
setsockopt$inet_int(r1, 0x0, 0x15, &(0x7f0000000080), 0x4)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)=@updpolicy={0xb4, 0x15, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x10}, {0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, 0x0, 0x6e6bb5}}, 0xb4}, 0x1, 0x0, 0x0, 0x810}, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000780)={{0x12, 0x1, 0x310, 0x3, 0x74, 0x48, 0x40, 0x1604, 0x8005, 0xa1c9, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0xd, 0x6, 0xb0, 0xa, [{{0x9, 0x4, 0x78, 0x5, 0x0, 0x5a, 0x40, 0x33, 0x7}}]}}]}}, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x6, [{0xe7, &(0x7f0000000340)=@string={0xe7, 0x3, "fd04d4ef9dab099515644d92a02cde3e87c4da29f76cd0dfdd02367b8b3a85638155ff24cb64a7f6709080c799a1eb6acac5ad1ca7c472a342ae19ee986bd2a086458395de24e44080f6c14db1d45af940577472a02c8de83b2e428a461e8fa6dcf47d6a03de60823bd6393861dee45aa8ba4d5460b8284bb566c30a68ae6e608be033a26f297f1c4d84a929ae0935e6bce8037b410577593b25820bf7335154b5ef7c11ef016eb4e8658f4e9d2f1c292077e785d0f28bc86ce13fa1393082ad70abdd05e5591d27bb50f29dae52413a0f5416345d06fe13bde1386bf75bab1dcd0c945e0d"}}, {0x87, &(0x7f00000000c0)=@string={0x87, 0x3, "c2ad768480fd88a3dfea4f20b20eec362d79bc0e2b20d6e8163931cc8d656d555cdf59b0360771fc62fdae224efb0654f0f43684ccf03227564e28b3cc37ac4338c46802c6d305a633e61fd50478f266fa2a5827258a7fd1e0633b19fb68316a181f2f13b56593cdc6fe18dcf6bbd8d85bf35951cfd78ab683d7a1f28c0dbeee97ce1b0803"}}, {0x99, &(0x7f00000005c0)=@string={0x99, 0x3, "431457495417067e34e2d008094df98eedaa92cac703b9f264ae1ebfb90603ad5461ad7bd59ca39710e79400984f33e9256db466b28d215d0bfec3dba6c7975551663a0aaffa592d677f1438369cae66f302283c37b9d12d4f7a91c1c356b9e417bebcd408b25ed99d36a61b7e6df3502116b484a485cab8ccc259e24d6cf48c8c7ff3f8e43188604db1ba3a61f7070f87a4e85f08845c"}}, {0x54, &(0x7f0000000000)=@string={0x54, 0x3, "28b146bab7f8390ae52dbeac6077b39234fc6cd376a89f80852119f249f877d259d8ec691a80174e685a22e8e21b41dbbe20a41cee288b7f04ad6d02a2593738d3bf72683bf0a8d4477aa8d40d4344b26968"}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x42a}}, {0x4, &(0x7f0000000440)=@lang_id={0x4, 0x3, 0x422}}]})

10.200688346s ago: executing program 2 (id=2991):
syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x20400)
r0 = socket$inet6(0xa, 0x3, 0x7)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r1 = socket$inet_sctp(0x2, 0x800000000000001, 0x84)
sendto$inet(r1, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
shutdown(r1, 0x1)
getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000000)={0x0, 0x2, 0x1, 0xffff, 0x3, 0x1ff, 0x2d, 0x200005d7, {0x0, @in={{0x2, 0x4e22, @empty}}, 0x8, 0x80000000, 0x23, 0x800000d, 0x800000e}}, &(0x7f00000000c0)=0xb0)
setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000006c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x1e}, @in6=@mcast2, 0x4e24, 0x0, 0x4e25, 0x0, 0xa, 0x0, 0x550de49aff84e605, 0x3c}, {0x69d, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3, 0x2}, {0xffffffffffffffff}, 0x0, 0x6e6bb9, 0x1, 0x1}, {{@in=@broadcast, 0xfffffffc, 0x32}, 0x0, @in=@broadcast, 0x0, 0x0, 0x2, 0x7, 0x200, 0xfffffffc}}, 0xe8)
sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/mdstat\x00', 0x0, 0x0)
pread64(r2, &(0x7f0000001440)=""/126, 0x7e, 0x41)
syz_usb_connect(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x28801, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x1)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r6, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r7 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r8 = socket$unix(0x1, 0x2, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc22fe88c43b82a0a5d3eb61c238a5159ea98db9c00aeef644ae98a8cb8dffff3b7ba14d7971910b559623af8295", 0x13c}], 0x2, 0x0, 0x48}, 0x0)
mount(0x0, 0x0, &(0x7f0000000580)='tracefs\x00', 0x800000, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8b18, &(0x7f0000000000)={'wlan0\x00'})
pipe2(&(0x7f0000000180)={<r9=>0xffffffffffffffff}, 0x80080)
r10 = syz_open_dev$video4linux(&(0x7f0000000200), 0x0, 0x642040)
poll(&(0x7f0000000040)=[{r10}, {r9, 0x4110}], 0x2, 0x8001)
ioctl$KVM_SET_XSAVE(r9, 0x5000aea5, &(0x7f00000014c0)={[0x6, 0x2, 0x6, 0x100, 0xe, 0x8, 0x8, 0x74aa, 0xfffffffd, 0x7, 0xabf, 0x6, 0x3ff, 0x7fff, 0x7fffffff, 0x5, 0x7, 0x5, 0x101, 0x8, 0x3b, 0x0, 0x6, 0x40000, 0x3, 0x7, 0x7, 0x7, 0x9540, 0xfffffff2, 0x35a, 0xa3, 0x0, 0x81, 0x2, 0x7f, 0x1, 0x7, 0x3, 0x5, 0xff, 0xfffffc01, 0x39f, 0xd4, 0x8, 0x0, 0x2, 0xfffffff8, 0x80000001, 0x1, 0x4, 0x400, 0x10, 0xa, 0x9, 0xd, 0xf32, 0x8001, 0xffffffe8, 0x18000000, 0x0, 0x3, 0x400, 0x7, 0xae0, 0x5, 0x900, 0x2, 0x1, 0x400, 0x1, 0x2, 0x9, 0x2, 0x0, 0x2, 0xc, 0x0, 0xffffff1e, 0x1, 0x0, 0xfffffff8, 0x2, 0x5, 0x4c4a, 0x0, 0x2, 0x7fff, 0x5, 0x2, 0x40, 0x0, 0x1, 0x1000, 0x3, 0x6, 0x10, 0x5, 0x0, 0x0, 0x1ff, 0xc1fb, 0x2, 0x3, 0x9, 0xffff725c, 0xf, 0x5, 0x240, 0x4, 0x2, 0x8, 0x9, 0x7fff, 0x6ee0, 0xfffffff9, 0x1, 0x5, 0x401, 0x1, 0xc4, 0x8, 0x3, 0x6, 0x9, 0x7e, 0x10, 0x9e62, 0xffffffff, 0x1b86, 0x7fff, 0x6, 0x3, 0x10001, 0xa8, 0x61f5c01d, 0x6, 0x3, 0x7, 0x10001, 0x1000, 0x3, 0x10000, 0xfff, 0x2, 0x3, 0x10001, 0x4, 0x1, 0x5, 0x8, 0xd5, 0x4, 0x401, 0x8, 0x7, 0x0, 0x21e70423, 0x1, 0x0, 0x0, 0x1, 0x9, 0x0, 0x180000, 0x3, 0x10001, 0xffffffff, 0xffffffff, 0x2, 0xaf, 0xab27, 0x9, 0x4, 0x6, 0x9, 0x2, 0xffff4591, 0xf5, 0x1, 0x597, 0xd, 0x7, 0x800, 0x1, 0xfffffff8, 0xfffffffc, 0x2, 0x7, 0x1000, 0x1, 0x3c89, 0x2, 0x8, 0x7, 0x1ff, 0x0, 0xfffffffc, 0xc4, 0x5, 0x7, 0x401, 0x8, 0x8, 0x54, 0x3, 0x2, 0xf7fc, 0x5, 0x4, 0x1678, 0x3, 0x23b, 0x6, 0x101, 0x5, 0x80, 0x4, 0x4, 0x8, 0x7, 0x1ff, 0x3, 0xe, 0x3ff, 0xfffffff7, 0x8, 0x1, 0x6, 0x8, 0x6, 0x4, 0x6, 0x6, 0x8, 0x8, 0x1000, 0x7, 0x81, 0x736c, 0x98, 0xfff, 0x2, 0x7, 0x2, 0x1, 0x2, 0x6, 0xff, 0xc, 0x0, 0x3, 0x6, 0x80000001, 0x3, 0x8, 0x1, 0x7fffffff, 0xfffffffc, 0x200, 0x10001, 0x6000, 0x1, 0x5, 0x2000000, 0x163, 0xfffffffb, 0x80000000, 0x9, 0x0, 0x2, 0x7ff, 0x9, 0x3, 0x60bd, 0x2, 0x842, 0x3, 0x2, 0x7fffffff, 0x8, 0x27b, 0xffff5d16, 0x6, 0x5, 0x5, 0x8, 0x3, 0xea58, 0x2, 0x2, 0x10000, 0x80000001, 0x1, 0xdf30, 0xfff, 0x2fd7, 0x6, 0x9, 0x1, 0x80000000, 0x6, 0x2, 0x200, 0x8, 0x4, 0x1, 0x7ff, 0x7, 0x9, 0xb94, 0x3, 0x7fff, 0x33e, 0x200, 0x9, 0xffffff67, 0x53fc, 0xfff, 0x81, 0x6, 0x9, 0x8, 0x9, 0x2, 0x200000, 0xe363eba7, 0x2, 0x8, 0x7fffffff, 0x5, 0x45, 0x0, 0x0, 0x3, 0x9e4, 0x7, 0x6, 0xfff, 0x6, 0x7fff, 0xb2, 0xfffffffa, 0x6e, 0xab, 0x7, 0x9, 0x0, 0x9, 0x7, 0x6, 0x6, 0x1, 0x3, 0x5, 0x5, 0x9, 0xde, 0x80, 0x1, 0x10001, 0x7, 0x41d0, 0x5, 0x7ff, 0x1, 0x0, 0x0, 0x9, 0x7fff, 0x1, 0x5, 0x5, 0x5377, 0xd, 0x1, 0xe, 0x1, 0x7f, 0x7fffffff, 0xa, 0x4, 0x1b, 0x1, 0x4, 0x5, 0x4, 0xa, 0xffffffa4, 0x5e6, 0x4, 0x46e, 0x10000, 0x81, 0xfa, 0x1ff, 0x5a5, 0x33c, 0x3, 0x12, 0x9, 0x7, 0x3, 0x7, 0x8, 0x8, 0x2, 0x1, 0x1, 0x0, 0x1, 0x2, 0x8, 0x40, 0x4d2b, 0x4, 0x5, 0x90, 0x3, 0x9, 0x80000001, 0x21d, 0x4, 0x5, 0x8, 0x7, 0xffff, 0x2, 0x100, 0x7, 0x200, 0x4, 0x239309d7, 0xa0, 0x9, 0x0, 0x5, 0x4, 0x3, 0x291, 0x2ed2, 0x7, 0x8001, 0xb, 0x6, 0xc8, 0x7, 0x2, 0x7f, 0x5a, 0x9, 0x9c27, 0xfffffff1, 0x2, 0xffffffff, 0x10000, 0xffff8000, 0x80, 0x3b, 0x1, 0xfffffffc, 0x6, 0x101, 0x2dd5, 0x51d9, 0xfffffffe, 0xfffffffd, 0xfff, 0x10, 0xf, 0x1ff, 0x3, 0x4, 0x6, 0x0, 0xa76b, 0x5, 0x6, 0x2, 0x2199, 0x5, 0x794, 0x10001, 0x7, 0x10, 0x3, 0x2, 0x3, 0x400, 0x1, 0xf, 0x80, 0x1ff, 0x4, 0x8, 0x4, 0x8, 0x0, 0x7f, 0x800, 0x2, 0x0, 0x3, 0x0, 0xfffffff5, 0x0, 0x101, 0x200, 0x3, 0x0, 0x0, 0x0, 0x6, 0x6, 0x1262a1e5, 0x5, 0x4, 0x1, 0x6, 0x5, 0x7393, 0x5, 0x7, 0xfffffffe, 0x400, 0xfffffffe, 0xff9, 0x8, 0x1, 0x5, 0x2, 0x91f, 0x5, 0x1, 0xa, 0x100, 0x10001, 0x8, 0x4, 0x100, 0x9, 0x3, 0x8, 0xe0000, 0xfffffc69, 0x0, 0xfffffff8, 0xa7a, 0x0, 0x800, 0x10001, 0x4, 0xe, 0x0, 0xfffffffb, 0x5, 0x4, 0x8, 0x2, 0x9, 0xe91c, 0xec, 0x7ac, 0x1000, 0x5915, 0x2, 0x2, 0x3ff, 0x7, 0x6, 0x4, 0x3, 0x10000, 0x4e7, 0xfff, 0x5, 0x3, 0xfffffc00, 0x2, 0x0, 0xfff, 0x7f, 0x1, 0xffffffff, 0x10, 0x2, 0x1, 0x7, 0xbe, 0x7fffffff, 0xfb4, 0x8, 0x5, 0x0, 0xbebf, 0x2, 0x9, 0x5, 0x428d, 0xc0, 0xff, 0x7, 0x4, 0x57, 0x1, 0x8000, 0x0, 0x9, 0x0, 0x10, 0x2, 0x10000, 0x4, 0x2, 0x3ba, 0x6, 0xd, 0x8, 0xae79, 0x5, 0x9, 0x2, 0x3, 0x8, 0x3, 0x2, 0xffffffff, 0x1ff, 0x7f, 0x61, 0xbcb, 0x0, 0x22, 0x9a, 0x800, 0x8, 0x5, 0x2036, 0x3, 0xa00000, 0x2, 0x1, 0x1c, 0x8, 0x5b, 0x6, 0x1, 0x9, 0xc, 0x101, 0x2, 0x2, 0x7, 0x0, 0x8, 0x0, 0x3, 0x5, 0xff78, 0x56d, 0x2, 0x2, 0x9, 0x1, 0xfffffffe, 0xc1a, 0x9, 0x7, 0x1, 0x6, 0x3ff, 0x80000001, 0x800, 0xd88, 0x495, 0x9, 0x3ff, 0x62e7, 0x4, 0x1e, 0x0, 0x5c7e, 0x65e, 0x9332, 0x7f, 0x145, 0x5, 0x5, 0x80000000, 0x6, 0x7fffffff, 0x1, 0x3d8, 0x7, 0x9, 0x13, 0x4, 0xdc7, 0x0, 0x9, 0xc, 0x4, 0x1ff, 0x2, 0x5, 0x5, 0x7ff, 0x5, 0x3, 0x6, 0xff, 0x2, 0x5, 0x400, 0x5, 0x40, 0x3, 0x5bcb, 0x4, 0x8, 0xd, 0x48, 0xe, 0x6, 0x8, 0x3ff, 0xfffffff8, 0xfffff800, 0x0, 0x5, 0x7, 0x8, 0x2, 0x1, 0x5, 0x6400000, 0x7, 0x5, 0x6, 0x400, 0x1, 0x6, 0x0, 0x3, 0xac, 0x1, 0x7, 0x1, 0x7, 0x2, 0x401, 0xff, 0xcc, 0x4, 0x9, 0x6, 0x6, 0xee5, 0x1, 0x8e, 0x0, 0xfffffffc, 0x3, 0x9dbe, 0x2, 0x100, 0x8, 0x7, 0xa372, 0xfffffffe, 0x8, 0x6, 0x5, 0x9, 0x6, 0x6, 0xa, 0x380, 0x2, 0x9, 0xfffffffb, 0x5, 0x2, 0x7fff, 0x7, 0x9c6, 0xff, 0x1, 0x7ff, 0x3, 0x7ec4, 0x9, 0x7f, 0x3, 0x4, 0xffff, 0xb7a, 0x5, 0x9, 0x4, 0x80000000, 0x8, 0x9, 0xc, 0x1, 0x3, 0x5, 0x2, 0x4, 0x7, 0xc, 0x8001, 0x4, 0x4, 0x8, 0xe8a, 0x401, 0x2, 0x9, 0x0, 0x68ba, 0x1, 0x4, 0x80, 0x1, 0x29, 0x200, 0xfffffff9, 0x2, 0x7ff, 0x1f7, 0x1, 0xfffff000, 0x3, 0x8, 0x40, 0x5, 0xfffffffe, 0xb, 0xd, 0xf, 0xc, 0x9, 0x0, 0x5, 0x1, 0x6, 0x3, 0x0, 0x4, 0xfffffff7, 0x9, 0x401, 0x80000000, 0x9, 0x0, 0xffffffff, 0xffffba5f, 0x6, 0x6, 0x2, 0x80000000, 0x1, 0xee5, 0x9, 0x4ba, 0x8080000, 0x8, 0xff, 0x1, 0x5, 0x5, 0x101, 0x8, 0x76b2, 0x9, 0x8001, 0x6c, 0x9, 0xae0, 0x5, 0x7, 0x3, 0x39, 0x0, 0xaf99, 0x2, 0x8, 0x9, 0x7f, 0x4, 0x5, 0x7da4, 0xfffffffd, 0x3, 0x9, 0x6, 0x2, 0x8, 0x6f8, 0x2, 0x5, 0x7, 0xaa6c, 0xcce, 0x1, 0x5, 0x0, 0x5, 0xffff, 0x6, 0x0, 0x3, 0xffff, 0x10, 0x5, 0xdeb1, 0x2, 0x7f, 0x4, 0x7, 0x4, 0x0, 0x1, 0x7f, 0x2, 0x10, 0x800, 0x3, 0xe, 0x8, 0x8, 0xfffffff7, 0x9625, 0xd5, 0x3, 0x7, 0x9, 0xd60, 0x9, 0x6, 0x9, 0x800, 0x1, 0x8, 0x80000000, 0x0, 0x6, 0x2, 0x4, 0x8, 0x0, 0x8, 0x81, 0x0, 0xec6, 0x8, 0x4, 0xfffffff3, 0x1, 0x1, 0x200, 0x9ddb37b, 0x5, 0xab, 0x3, 0x5, 0x6, 0x1, 0x0, 0x6, 0xd, 0x8, 0xfffffff2, 0xd4, 0xfffffffb, 0x2, 0x1ff, 0x1, 0x2, 0x860, 0x51e, 0x9, 0x8, 0xc, 0xd, 0xd9c, 0x31d, 0xfffffffe, 0x8, 0x1a, 0x200, 0x3, 0xfffffffd, 0x7, 0x2, 0x7, 0xb19, 0x7, 0x400, 0x9, 0xfffffcac, 0x54565c08, 0x1ff, 0x4a2f, 0x3, 0x1, 0x5, 0xff, 0x6, 0x9, 0x2391, 0x80000001, 0x6cc35be9, 0x200, 0x4, 0x0, 0x4e80, 0x9, 0x8, 0x1cd, 0x3ff, 0x1, 0x9]})
write$tun(r6, &(0x7f0000000400)={@val={0x0, 0x86dd}, @val={0x0, 0x0, 0x12, 0x0, 0x29f0}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "fc0300", 0xd8, 0x2c, 0x0, @local, @mcast2, {[@fragment={0x3a}], @ni={0x8b, 0x0, 0x0, 0x0, 0xfff8, 0x6, "0703420571caa9a71aca7927f92f20ebd9e53800bc31ed7d1d36fecab761002c592c9eb5ba222d0aaae937d153d59aaf27bd3a961076201108aee57a27eeca5f032484a58e57231d39efa404ef1b1327a0e1f7d74e4c69230c1e4c6794e6c3ebff2c4191da9109189f25d702aaba1ad5385ed06983ba949fcd2a700fa6d5a5c36da2dfaca16c54963b31b4202693f516029363e8c27777c7180f4ed0899644ae7ed231df30aa451e6fe7679fa675ac76225844d11dc913a57226b0149ce8d007"}}}}}, 0x10e)
ioctl$KVM_SET_USER_MEMORY_REGION2(r4, 0x40a0ae49, &(0x7f0000000340)={0x1, 0x4, 0x80a0000, 0x2000, &(0x7f000060b000/0x2000)=nil, 0x8000, r5})

7.704485803s ago: executing program 4 (id=2998):
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=0x0, @ANYRES16], 0x0)

7.015373445s ago: executing program 0 (id=2999):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000000)={<r1=>0x0, @in6={{0xa, 0x4e22, 0x3ff, @remote, 0x1}}, 0x9, 0x8, 0x101, 0x0, 0x2}, &(0x7f00000000c0)=0x98)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000780)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8=<r4=>r3, @ANYRES64=r2], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, r3, 0x0)
ioctl$KVM_X86_SETUP_MCE(r3, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f25, 0x4})
sendmmsg$inet6(r2, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
sendto$inet(r5, 0x0, 0x0, 0x48805, 0x0, 0x0)
io_setup(0x8, &(0x7f0000000100))
r6 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f00000000c0)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast2}}}})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r6, 0x89f6, &(0x7f0000000100)={'syztnl0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x8000, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @broadcast}}}})
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
setsockopt$inet6_mtu(r0, 0x29, 0x17, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
accept4$packet(0xffffffffffffffff, 0x0, &(0x7f0000000c80), 0x80000)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, &(0x7f0000000d00)={r1, @in6={{0xa, 0x4e22, 0x7, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}}}, 0x84)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xa)
sendmsg$inet6(r3, &(0x7f00000022c0)={&(0x7f0000000140)={0xa, 0x4e22, 0x10000, @empty}, 0x1c, 0x0, 0x0, &(0x7f0000002280)}, 0x4004000)
syz_emit_vhci(&(0x7f0000002300)=ANY=[@ANYBLOB="040e0ec5ebd12d01407e56a8962969f988"], 0x11)
r7 = socket$unix(0x1, 0x5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$batadv(&(0x7f00000023c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000002540)={'wlan1\x00'})
landlock_create_ruleset(&(0x7f0000002680)={0x4000, 0x2, 0x1}, 0x18, 0x3)
socket(0x1a, 0xa, 0xfffffff6)
mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000000, 0x80010, 0xffffffffffffffff, 0x10000000)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000028c0)={&(0x7f00000027c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000002880)={&(0x7f0000000180)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="000229bd7000fddbdf250f00000008000c00640000003aa924043b71c97db26c076d3af5640da9d62c3a680641", @ANYRES8=r4, @ANYRES64=r8], 0x1c}, 0x1, 0x0, 0x0, 0x4004080}, 0x80)

5.186981171s ago: executing program 0 (id=3001):
r0 = syz_usb_connect$hid(0x5, 0x99, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000000000405f141202000000000001090224000100002000090400010103000100092100100601220700090581030000"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080))
sendmsg$netlink(r1, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140100001400210200000000fcdbdf250a"], 0x114}], 0x1}, 0x0)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0), 0xc2d41, 0x0)
ioctl$SNAPSHOT_ALLOC_SWAP_PAGE(r2, 0x80083314, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000100)={0x24, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB='k'], 0x0}, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000001b00)={0x2020, 0x0, 0x0, <r3=>0x0}, 0x2020)
quotactl_fd$Q_GETNEXTQUOTA(r1, 0xffffffff80000902, r3, &(0x7f0000000840))
syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000140)=ANY=[@ANYBLOB="2001b8000000b801800138931915399679d1fe3332795175e968a0e2521d4dc38ca20e60c0375f1fbf3099a7e2db08776bf3b141636aaeb2af428d0966cea35c8e4133c9207cad77970f336e2c7b3943684db91f4c71d5d3d974d00fd619e9bec526e4af733a8eaa908d7f668f8646461f1126611bf80a0871cbb99111a1d6bdcd0558fe49466500b59c8e1844b4ac7cf3de54c39afb6798b2d5780a68c9083554209e1fdd7c1f72ca393e3baedb15294bd8c94c01547e2f24b300dfba8b"], &(0x7f0000000200)={0x0, 0x3, 0xa8, @string={0xa8, 0x3, "96ae0767c3d0af3cab0529f43506f5c22d284ad8109340bd8531bff173e58c35c27fbdf229fac9bfebed6f1c9cd4a53544bc7e8642379fe15a56bd165d6fb0fb66a19c4c67c103fd1e498f163121997236ecab0acc4d3257a9e80c998b4aa599ad803a0130a0d9bd8f3ea018c38511f0b5a80bebb9f51b4dc9216250c3c2457aa02b8f3fbb7005a9d1e7008750e78b84d3d833166ef1eb7ab846b7be51126468f047645a667d"}}, &(0x7f0000000080)={0x0, 0xf, 0x56, {0x5, 0xf, 0x56, 0x6, [@ptm_cap={0x3}, @wireless={0xb, 0x10, 0x1, 0xc, 0x8, 0x2, 0x3, 0x7, 0xd0}, @wireless={0xb, 0x10, 0x1, 0x0, 0x0, 0x2, 0x0, 0x3ff, 0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x8, "6f5b6bdb127ce62aba3c7cf515dba26f"}, @ss_container_id={0x14, 0x10, 0x4, 0x5, "66fa1f1eff711c2905c4f73f4cd29007"}, @ssp_cap={0x10, 0x10, 0xa, 0x40, 0x1, 0x8, 0xf00f, 0x8, [0x0]}]}}, &(0x7f0000000000)={0x20, 0x29, 0xf, {0xf, 0x29, 0x3a, 0x2, 0xf, 0x3, "2b6c8b58", "63e8c1dd"}}, &(0x7f0000000300)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x1, 0x0, 0x9, 0x90, 0x1, 0x20, 0x3ff}}}, &(0x7f0000000780)={0x84, &(0x7f0000000380)={0x40, 0x7, 0x38, "dd4e96702a7f93ce804e3722d0979a6998d944cf1d3b64b0b637c63c3350ecbefa51d13c3f7406e7775628a44686e9b06f8320a1d7703e87"}, &(0x7f00000003c0)={0x0, 0xa, 0x1}, &(0x7f0000000400)={0x0, 0x8, 0x1, 0x6}, &(0x7f0000000440)={0x20, 0x0, 0x4}, &(0x7f0000000480)={0x20, 0x0, 0x8, {0x2, 0x4, [0xf00]}}, &(0x7f00000004c0)={0x40, 0x7, 0x2, 0x9b}, &(0x7f0000000500)={0x40, 0x9, 0x1, 0x2}, &(0x7f0000000540)={0x40, 0xb, 0x2, '3/'}, &(0x7f0000000580)={0x40, 0xf, 0x2, 0x6}, &(0x7f00000005c0)={0x40, 0x13, 0x6, @multicast}, &(0x7f0000000600)={0x40, 0x17, 0x6, @remote}, &(0x7f0000000640)={0x40, 0x19, 0x2, "f94e"}, &(0x7f0000000680)={0x40, 0x1a, 0x2, 0x40}, &(0x7f00000006c0)={0x40, 0x1c, 0x1, 0x6}, &(0x7f0000000700)={0x40, 0x1e, 0x1, 0x9}, &(0x7f0000000740)={0x40, 0x21, 0x1, 0x5}})

4.340204672s ago: executing program 2 (id=3002):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f0000000080)=0xa40, 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305839, &(0x7f00000002c0)={0x0, 0x7, 0xefff, 0xfa64})
r2 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
setsockopt$inet6_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4)
write$tun(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000031011ff00000000000100070000000000600000ff0200000000000000000000000000014f194e20"], 0xfdef)

4.329828195s ago: executing program 4 (id=3003):
socket$kcm(0x10, 0x400000002, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="f80000001600010000000000000000000a01010000000000000000000000000000000000000000000000ffff000000000000000000000000000080a000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000ffffac141428000000003300000000"], 0xf8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013070000000000000000e000000100000000000000fff0000000fc00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000072c42572f64a264410b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbc18c8582fc7800000000000000000000000050019000000000028001a"], 0x120}}, 0x0)

3.978811193s ago: executing program 1 (id=3005):
r0 = socket$igmp(0x2, 0x3, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000400)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r3, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502"], 0x3c}, 0x1, 0x600, 0x0, 0x8800}, 0x10)

3.978685541s ago: executing program 1 (id=3006):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)}], 0x1}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100007add1520450580800103000000010902120001000000000904"], 0x0)

3.780858492s ago: executing program 4 (id=3007):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000200000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d61637674617000000008000140"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)

3.577333783s ago: executing program 4 (id=3008):
syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000280)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
io_setup(0xca6, &(0x7f0000000040)=<r2=>0x0)
io_submit(r2, 0xf000, &(0x7f0000000300)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000001c0)='m', 0xfffffdfc}])
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r5, 0x0)
preadv(r5, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x44, 0x0, 0x0)
ioctl$KVM_SET_FPU(r5, 0x41a0ae8d, &(0x7f0000000240)={'\x00', 0x4, 0x9, 0xbd, 0x0, 0xffff, 0x2, 0x2, '\x00', 0x654})
ioctl$KVM_RUN(r6, 0xae80, 0x0)

3.318957401s ago: executing program 2 (id=3009):
r0 = memfd_create(&(0x7f0000000400)='y\x105\xfb\a\x00\x83%\x1f\xe09@zr\xc2\xb9x0\x90P\x03\x00\x00\x00\x82\xd9\xf0\x14\xd7\'\xd1$\x9bl\xbcc\x04_\x86\x00\x00\x00\x00\xfe,\x1c\xf1\xdd\xcf]\xac\xbc\t\xbb\xfc\xa4j\x9f\xceX\x8f5=\xaa\xd5\xe9n\xab s\xa5\x00\x8d\tV\t\x91\x18\x06O\xb0=D\xda\xb6F\x1a\xc82\x8b\xc0l\xd0\x89d\xe6\xb7\xd8\x97\xb8\xde\xa3\x89\xc2%/u\x17\xdaM\x8d\x01Lh\x1e^\x9ej\x1c\xc5\xf0\xf6\x92\x05\x9aH\x00\'\xd4\x94d_\v\xfc\xad\x0f\xa8\xc5\xad\x00\xc2\x12\xff\xff\xff\xff\xff\xff\x00\x00\x00\x00\nj\x8c\xef\x90\xc0Z\xfa\x1a\xb3\xf0wVq\xe9d\xf8N\x80\xd1g\xd8e\xc8\x16\xad1\x02\xab\xce3\xb2\xb0\xd1\xff\x7f\xc2G)5\x86\x7fki\x8f\xc6\xce\x90\xe4H\"j+kV$\x80\x8aJ$\x81\xc0\x16\xf5\x9cz\x10\x97\xdb\x12H\xee/\xe3sY\x02D;L~\xd0\xb44\x01*\xfb\xa4 \xb2b\x90H$\xb2\xad\xbf\x8aM\xb6\x81\x81=\xdd+$\xc06J\xb4\xf0\xab\x85Xz\x9f\xb2D$\xbe\xd9\x7f-\r\x9aj9r\n_\x11\xd4\x19\xb0\xa0G\xb7\x94\xf7\xfd~\xe9\xb6G\xbfE\xbb\x15<J\x94\xd9\b\x86\xb8\xa0\x92\x15\xa6\xca2\xd0\xd3\x8c\xf7nO\xf9\xa8\xfd\x8a\xd2\xb2\xab\xff\xe4\xb0', 0x0)
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
lsetxattr$system_posix_acl(&(0x7f0000000180)='./file0\x00', &(0x7f0000003380)='system.posix_acl_access\x00', &(0x7f0000000540)={{}, {0x1, 0x3}, [], {}, [], {0x10, 0x5}}, 0x24, 0x0)
lchown(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
fcntl$addseals(r0, 0x409, 0x7)
r1 = fanotify_init(0x24, 0x40000)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='oom_score\x00')
pread64(r2, &(0x7f0000000100)=""/253, 0xfd, 0xadc)
fanotify_mark(r1, 0x0, 0x3, r2, &(0x7f0000000100)='./file0\x00')
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})
ioctl$TUNATTACHFILTER(r3, 0x401054d5, &(0x7f0000000040)={0x5, &(0x7f0000000000)=[{0x4d, 0x1, 0x3, 0x80000000}, {0x60, 0x8}, {}, {0x2, 0xfd}, {0x6, 0x0, 0x0, 0x10000000}]})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000080)={'pimreg0\x00', 0x7c2})

2.476410849s ago: executing program 1 (id=3010):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f00000002c0), r0)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000140)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0100fcffffff0000008001000000100007800c00028008000500", @ANYRES32, @ANYBLOB="0c0002"], 0x30}}, 0x20000000)
socketpair(0x1d, 0x80000, 0x7, &(0x7f0000000000)={0x0, 0x0})
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r4=>0xffffffffffffffff})
sendmsg$NBD_CMD_RECONFIGURE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="98000000", @ANYRES16=r3, @ANYBLOB="2da52abd7000fbdbdf250300000008000100000000000800010000000000340007800c00018008000100", @ANYRES32=r4], 0x98}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000000100)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x20, r3, 0x8, 0x70bd29, 0x25dfdbfb, {}, [@NBD_ATTR_TIMEOUT={0xc, 0x4, 0xa202417}]}, 0x20}, 0x1, 0x0, 0x0, 0x90}, 0x20000034)

2.259203864s ago: executing program 1 (id=3011):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
write$tun(r0, &(0x7f0000000400)={@val={0x0, 0x86dd}, @val={0x0, 0x0, 0x12, 0x0, 0x29f0}, @mpls={[], @ipv6=@icmpv6={0x0, 0x6, "fc0300", 0xd8, 0x2c, 0x0, @local, @mcast2, {[@fragment={0x3a}], @ni={0x8b, 0x0, 0x0, 0x0, 0xfff8, 0x6, "0703420571caa9a71aca7927f92f20ebd9e53800bc31ed7d1d36fecab761002c592c9eb5ba222d0aaae937d153d59aaf27bd3a961076201108aee57a27eeca5f032484a58e57231d39efa404ef1b1327a0e1f7d74e4c69230c1e4c6794e6c3ebff2c4191da9109189f25d702aaba1ad5385ed06983ba949fcd2a700fa6d5a5c36da2dfaca16c54963b31b4202693f516029363e8c27777c7180f4ed0899644ae7ed231df30aa451e6fe7679fa675ac76225844d11dc913a57226b0149ce8d007"}}}}}, 0x10e)

1.798813824s ago: executing program 0 (id=3012):
r0 = openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f0000000180)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=0x0, @ANYRES16=r0], 0x0)

1.116449777s ago: executing program 2 (id=3013):
r0 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x2440)
ioctl$CEC_ADAP_S_LOG_ADDRS(r0, 0xc05c6104, &(0x7f0000000040)={"0e00", 0x0, 0x5, 0x4, 0x0, 0x0, "030000000000000000000000002000", '\x00\x00\a\x00', "0300", '\x00', ["d5c227b72c8519ec9d00b600", "808e8889dc7fb3eacf821b00", "09000000060007004000", "1100"]})

1.030158712s ago: executing program 4 (id=3014):
socket$key(0xf, 0x3, 0x2)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs2/binder1\x00', 0x802, 0x0)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0xa4, 0x0, &(0x7f0000000500)=[@enter_looper, @transaction_sg={0x40486311, {0x3, 0x0, 0x0, 0x0, 0x20, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000400)={@fda={0x66646185, 0x2, 0x2, 0x2}, @flat=@handle={0x73682a85, 0xb, 0x3}, @ptr={0x70742a85, 0x1, &(0x7f00000005c0)=""/129, 0x81, 0x2, 0x23}}, &(0x7f0000000300)={0x0, 0x20, 0x38}}, 0x400}, @release={0x40046306, 0x3}, @decrefs={0x40046307, 0x1}, @reply={0x40406301, {0xffffffff, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x50, 0x18, &(0x7f0000000280)={@flat=@weak_handle={0x77682a85, 0x1, 0x1}, @fda={0x66646185, 0x7, 0x0, 0x9}, @fd={0x66642a85, 0x0, r1}}, &(0x7f0000000040)={0x0, 0x18, 0x38}}}], 0x53, 0x0, &(0x7f0000000200)="174d31534e7fd69d3bebb37a114b36e33d4e16ece367bc061aae0dee78d6a30718fea59aa08009e0a009d5dfb98fe73e093fdb881a68a9a95b9304dfc421014777f14969e31eb004a47b43976a825ef1e41070"})
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, &(0x7f0000000340)={'veth1_to_hsr\x00'})
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=@newsa={0x104, 0x10, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2}, {0x0, 0x200000, 0x7}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}]}, 0x104}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000000c0)=ANY=[@ANYBLOB="040100001a"], 0x104}}, 0x0)

889.953081ms ago: executing program 2 (id=3015):
syz_open_dev$usbfs(&(0x7f0000000080), 0x76, 0x129b01)
epoll_create1(0x80000)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000040), 0x502, 0x0)
openat$vimc0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
syz_open_dev$evdev(&(0x7f0000001500), 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="58010000100013070000000000000000fc020000000000000000000000000001fe8000000000000000000000000000aa0000002000"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ac141417000000000000000000000000000004d533000000e000000100000000000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000220000000000000000000000000000000200000000000000000000005c001400636d616328616573290000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000003509fe8fd57fd44aa5074c50bc700e530c001c00", @ANYRES32=0x0, @ANYRES64=r0], 0x158}}, 0x0)

880.840998ms ago: executing program 1 (id=3016):
socket$kcm(0x10, 0x400000002, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=ANY=[@ANYBLOB="f80000001600010000000000000000000a01010000000000000000000000000000000000000000000000ffff000000000000000000000000000080a000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000ffffac141428000000003300000000"], 0xf8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="20010000120013070000000000000000e000000100000000000000efff000000fc00"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000072c42572f64a264410b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fbc18c8582fc7800000000000000000000000050019000000000028001a"], 0x120}}, 0x0)

552.94203ms ago: executing program 1 (id=3017):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a310000000054000000030a01020000000300000000010000000900030073797a320000000028000480080002400000000008000140000000051400030076657468315f6d6163767461700000000900010073797a31000000004c000000050a01020000000000000000010020000c00024000000000000000010900010073797a3100000000200004801400030076657468315f6d61637674617000000008000140"], 0xe8}, 0x1, 0x0, 0x0, 0x40040000}, 0x0)

504.390158ms ago: executing program 4 (id=3018):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000040)}], 0x1}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100007add1520450580800103000000010902120001000000000904"], 0x0)

369.859724ms ago: executing program 2 (id=3019):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000000)={<r1=>0x0, @in6={{0xa, 0x4e22, 0x3ff, @remote, 0x1}}, 0x9, 0x8, 0x101, 0x0, 0x2}, &(0x7f00000000c0)=0x98)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
setsockopt$inet6_mtu(r0, 0x29, 0x17, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0)
accept4$packet(0xffffffffffffffff, 0x0, &(0x7f0000000c80), 0x80000)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, &(0x7f0000000d00)={r1, @in6={{0xa, 0x4e22, 0x7, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x4}}}, 0x84)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0xa)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000001540), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r3 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r2, &(0x7f0000000240)={@val={0x8, 0x800}, @val={0x7, 0x0, 0x0, 0x0, 0x14}, @ipv4=@udp={{0x6, 0x4, 0x3, 0x1b, 0xfc0, 0x66, 0x0, 0x40, 0x11, 0x0, @private=0xa010102, @dev={0xac, 0x14, 0x14, 0x1a}, {[@timestamp={0x44, 0x4, 0x1c, 0x0, 0x6}]}}, {0x4e20, 0x4e22, 0xfa8, 0x0, @wg=@data={0x4, 0x2, 0xa, "e8771ac366586e56f446dcd22ec94c672f1cd650516a2fbeddd0cb5cffc4ef63a1c2be9551171e48bb8559ac9077c099289048d76df434e4ec536c04816b127eb525176f5737b934b37a9d109ea3aa64d0fb30013becb29f6a39d4cbdbc4e2540996ed75b90498301c99df853d4baac4654e6f1a06cf03a87aa2d2d74199bcafa0dc84a8ea112fba51687b8727bb905c7b42a0c9b26559b4ecc397c6a33731df0fca1aee35968435e8129f8e6d52a0754fcaa693706c4557af6be8821983e702fdd3dac90b6cbe00b1fe59f5bcd890dbb87c0d8d80ba8727e4ff6b89af3ecda43705a9dc113396c950947e85193eabe1364909509babcad37d21392d071480ff4f69dc5db442263d4608ff94e5157c65bb35c3f4a7af6bfb562a317cf13292abdbd5ac3f31d47da6fe5e8be324c78b37e2f351955bbf5f18f86a0cd98d68dca14aea59917ce05e0dc0e3a2033d22a506109db846c49f8c7d575c02349736311e40bc497c9a7da1fe4f94d8e601a5cff4cbd63ed730a01c7f07dd74d603b951557b93e551b0e028232412d568dadc29c2c9e01ca85b83d779cd3b918f9c73ba471ee9079fc42b511b45c3d4f80a46f8e9ad22a05ef5422348ff415b2131e2b2ae0ef5fab9f678bc5ef02d611655d6264e0755e176ade135a971851bd22666ae753ff5135bf14a005cea45a8b163706ea52af786f2b48362ec8619f8f728ab9fee21bcc9e000d1c470a51cec5a510f06de4dc52fc82e0be10fe0ac55f09e086cdb7f5d5f935033e4925a6ca1b1ea42f511dafd63a3cc32bcfe20aca26adb6eded22fc956b96cf2b70b5e78dbf4c2da06438c9be342f44f1dbc9bc4e453bad09f8e7d2b611e9f33f681c4342e31fee49d613b170d9ae6c93c7ece1bf0d8aaf00870b6896b8fee4ee9d705608a044ec3537ae6c46b5345e4c41576911757d4ed5bdee8e14f73df14b88af36b4c303346d88b424fea428c77cabc55198fafbcec9b027f9a9759638d733fe2dec7996ddba717fd7e0f0188f9213701c304a2b01186c72a8cfdcb87dd9c8711ec0c438eb7c229b8dfbec5c14bfeec20810b4be8944f7d6f44e5bb8839b84afe25a8654ac821efb9c850394d452873db8e9f05de381103b1278f3b34ec0b920d3aa111c82fe424588debe04dd75ac991c5f650f0b8e72c1783d975d663fc0d939f32bca98650141b381af26436c6352d98a6e30843d956ad68f998851b8c64c49a59ca6937355ac4412009cd0a2e4cacf5b02063908f7937e7563e6f63703adc5aff159f3628eb64071fc74e4e66e142113a176c2a649d653f55e833a3f184f91995547a79f46c7ca02813136c920fe6f69fe466656518478ccb84c02d751a502dff90558ce066d9be71c8fa800d7a1d56b5ca52be3122aae2cfbfe1b11d454ad72bdf7fd9d450a74734594f5e566ac2a37ca8b648fee012bf7f83f1126743b0f4791592e17dfca010a3dafeac81b88c5a47d948fc772fe4b48146b10aa319a13ca4f4dc05861859929d3c1d69967d18290cc87777a4231a6ce8dc2a4e34450e3a7659c05e5e12239d768ef8394f82278b975a68497571d1e5191ac329a66b5219f3f7f20f21261cdc3028a3662b6c10198bf7d3d513b5b823d4703cb29d89b84da69a6358a269769a8b23712c6291e77fc4da837e0857b4bbc08bba0659c55a1e06fdf1736df13948824a37515f8c49de6d502519077197debfc74709ed564315279ec804c7a0305526b14efcab44364105aa805efd97f0444d6016e35712dba75b038ea63917e6163614a3a6c694d7612e00cddab8bd31f6ba146d08e949d50ed3b0ef8fd3412ffd020bfabbcfbc5c3fa436022de3fd973869066871ec639653f3b4b5f01374adf3b60940d241a5dda6df550662ccb1a4575e2419baf1a76a246c9b7f39a05c03d832aa28293a54c619865fed0fdccd570859ffc7b1844ea8cff1e12389382e39211e665fec9d82faf11fd2300412d24dab176515aff938a6b12b5427b7fa6b42a3042248977b2f4eae9d96534a85b9ed500f62866d39f5301a3b6e60d392248fcfad25c2803c875e00010f40caca1a5932e00765c3b52427a2a8d6875a73ccb3b8e78dd27555994bf4358b2e577efe8886939515be37889e3656a5e0a949619f0f0b9cae7dc59a2415bec72df3439e563cfe69b7952abfad6cb6a979c146355e590ace810017d04075f23a1554a81bcdfb82c2396fd61fe95cd0f9c2e394bdbb0900648675ec09b94b1d4672e613be577cb398bb5d188b7c09865e2edbb273f8d9b0ae836f24b34ae6cd22e37e1ab31c835c23bd8f6deb49402f19406b0c7cddfbe357ab496910a8efa939dd9ab91de3ba67d07103063fbf9ee6fbd7b61c6b65ebe735cfab2c1162b379a3cbcbdb14d82b7f2e707ddd896ac5085ef5b15da85663df079bd5ef6180c775a4b7d645630aa9ea704f69ec8ea052f8f41e62f0e6f78a5a846e9130c53eb29a7bab9b102bf08729243f6ffe0ee6f28e98e4d0c1f49813aa04c2774f1f076310d923e900fe1c609bc5a308421fb82a12b03b9be47ce6d88635bb1722739d1abcdbc28133de131d2151d76f565be56813bb3edcf4d870f4acd0bfe5b30d60ef065158bf7b8401096a1647de88c7b0144eacecabfdf9d48d91573e82f2efecab095339e799e36ab3ee1eb66db9f9c21d96bcb2b7bf4ab01e8e56df8c4bca2bed7732472468a3b447024bc997adff639ba35e2af10f661199c4a8a2b2a8e3e59ff4ed5da468c1c2c41001efc0529636ce4ef9dd6b28deed0ad5a758abd2a3a3f024f56dd17fb4b1af62a6b91f24973071a9982df0047f85280f4a5decece67fc02428f830343e910fef6f3467c9d7776a06c133a50752cff4aa72bcbb9e4dbd8489e2e3698aae45a8753071fb6d803943d171adb60e8fcec9865e46df8fa120b939537a05b63daec7e0ecf9713c491646f04435364de697fbabf3c72d08a24f1bf34212bcdb7d5e038ac28ff76d5243b695e7faa1211a940da618930d79acdc6fdc7c9f2f4a5435d3f748ec68429f5ca2548315801cf73d74816f1ece3dfa6fb557ac105ad28d4532e1c8c6b5ab3526fbe73916dbe123acb4ac89c1b5a0664b81e216453db066e3c4318006ba3e25ed6cfe22c80f17619b7372947013749c7d04f13277f81f4461492d9237c5961be4d30965607a4d5db095070df02230cc87d9ab8633e60de83aedf8814e632bac8566bbfcdf159c9a2a7944be1a61792b8af10dd28d0ebadf7e4f231af099450813c5e27f934112e11124b01106615cee48aee88947f31a1839b83ad5c8326e30f318ae57b56becaec7094c4e7d2a377bfcb0c29ce046623e6ec120ea63c53cef94deb3d813d4b1749009084c3ade1675b55490b9d1faa03d7a2fd34921d62c31d7ef1f181883ac312dbb08b2600edce0ba197d1704485e2f155ec659de742a22628270968905324381f203a1ad7ac30b252d4c3ff9915fe32c16cbf4684a7c517b9a2ecec2433685f4741b6f02f8aa2bd0f6bf370962f38214899129012a0d36ba14c0a3e93742d063f09f0c1e838fc1095b065089c91d02a4b2e1d0a49d2294682a38d578424d1e81ff959b33f746114b795319a047d65f5e3b7a347e6cf8b0fad9eaea3db5eca7e953f77bc6c23de8f938bb505013f5c39173cb69312af98d5ff14715794c729f41490297c2b418eef11841a788eaaa7ebdb77880b64701aee50371f542e79831321833dda60213fa741ec197419d83f61c06397a47a75f50b986c53e6fdf8a6e07008e1a29b1774ceb11429a1ecec05bf80da802239c58f226ab5eb34d522ff62bc0528d87e716793e56c48352648291470bb592981acc06c2ba1547e11babf3f1d22f5e01e1f759c05816cdfe0c986c58ebbd08d8449807cd2579d5b7265930f696f8aff73e247cec12c0d1fdbcc4880245b866c2cab8b6bdf0951c2c6beccab7513ba28545036d164b407e1228a831e3b37f9c56721c347d499c1c29b8a972d2d1cfeb47f20975b4eb0b62e25dfa4ef116e62e415cde22bc039d1ccb9e70a5599881bb8b61f680670b787afc8734ac8c39ca50fbed619e54ac1421bc2584d4f7027593e12f738ba0f2d5fe03fcc7168056332477eb0b26c0579d54d8537f941acc183fdca495a7ffa10f0d3189f8c32742d5564c97e26b659969f7060a7c8864445c252c5b1755a3e8473ef9b0909eb74cabb553c3d6ab58f12ed75703d9139a4f57ef71af90815a5273e64282582623c41c51352d12ce48e0712f50ab3dc528619e1e16b52452204b3c7e1e16556e8fbdf0d623216186ff5ca84ad730ff457b06e766e085d5dee40a308fae8b4e19e18245a3ed02967f07441903c149ae9da5fe238194009ded2a3d80a67e1c3abdfb63fad0155529c48a748ef499252d5d3e912304b1d11ee77dc25427e5e9a115583a692558aef65faba0e1f0bc4aa6b6ac21d4fe4741feac17a7c6b5699384e30f7236f400d9df6d658add13b4f0a4b16a77d1f9e6b4d3045f7ba7ee68ce171008e635496ad631f59846b7895aa329390d2ad9980b6586d383a740f1e1b0883a3fddc4126c2d09fd5815dd892692e1c3b7eb2951b766bd4bca19896f75dbfaf51ad4ca9f97d00049082091e3c6cdf16026b1de4603ac7afde08a7a8ffd110636d3d063c2bb6fa84bfd7fff8ad04d0c812fe14a77bd3a9b9fdcc3e0fbaf5ac2475130987f81ac8c9898f95112aa597f40ec11e04684e45b56d81e11180f59b606886306fbc62c076a12a41238ccd74d3154f312f10f3ad215d64a468cb15eae30a3f7f7e5cf6a87dbd813df8093d2b3586693ddee6a5c1b0caaec1ef419657b89692bbd2a7064767cf5b4c3ef6d120557b4df5e7ee6094f935870edc070ae3e96c850a61356c5d79008fc98728dd87470a98aa1c1ab6056990110c0b3108e50b573d77ad4856c03da8098c8fd176685803db471a642dfb9a9ef2d14e186eea96219ea0fa03cc28d7ea2686e61c3f46f15c23213a6432d77ffea182ec26dbf9118a2fc082bdee517e0974982819a7a996b7a30f5901dd3c44b3344bdf93a61ecc4cddb969d3b94e6f4910a9b38ff886d5c96a820092f112ee6eb0ce094940280a2040862157497b3a3374a4d62c34d1fdf6826811db1ea7f28b64f22304e2246dcee44ca361370c0d1727f951dbdb1a329368a5dd76ba4486ce508a28d0ce2eb95daab36caf101dc2351c4efdf3ec70221888dad522b0d51a0b9765a410ca8cf00baaeb074d310cdd908e76586e59d0c7c27eb5557e474ac54525c237d5b2eedccab12b0f96fa2c00239e2017dfeb645fdd748d5c21684181b81464d32909b4995f274a9717f224c1e34cd41c8d12b9f13daeae3f65510c6ecf94956d630db0478fbf87c7d7c75221046a1a1886696f89e427b94139164b99b88d83b633122b5d9483f4261be27d01d6011cee48b1c24a3aff62c4d04f9dfb00e1a7a1013f97e87306147b7da305a36077cf0a7618563a754e34e65c2ee95932eb2da4b73ca83f3afcce93d8d59357ca7b5d9f37e5ba475be39bb8870af109d95527b44777ff8f55ace0adf84f73ce065371a4ce78b22d7a6bbf1bbae4c57b44262ddff39f4ce8b858f89737f33786445cbaf271959da24"}}}}, 0xfce)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x3)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_hci_HCI_TIME_STAMP(r5, 0x0, 0x3, &(0x7f0000000300), 0x4)
ioctl$TIOCGPTPEER(r4, 0x935, 0x200000000005)
ioctl$TCSETSW2(r4, 0x402c542c, &(0x7f0000000100)={0x9aa, 0x16, 0x8001, 0xfffffc00, 0xff, "3adbca543eea96d0b38aa44ede18dfb3e4a278", 0xeed, 0xfffffffe})
sendmsg$inet6(r0, &(0x7f00000022c0)={&(0x7f0000000e00)={0xa, 0x4e24, 0x10000, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c, 0x0, 0x0, &(0x7f00000012c0)=[@dontfrag={{0x14, 0x29, 0x3e, 0x9}}, @dontfrag={{0x14, 0x29, 0x3e, 0x594}}, @pktinfo={{0x24, 0x29, 0x32, {@empty}}}, @rthdr={{0x38, 0x29, 0x39, {0x1, 0x4, 0x0, 0x7, 0x0, [@private0, @private2={0xfc, 0x2, '\x00', 0x1}]}}}, @dstopts_2292={{0x30, 0x29, 0x4, {0x0, 0x2, '\x00', [@enc_lim={0x4, 0x1, 0x2}, @hao={0xc9, 0x10, @empty}]}}}, @dstopts={{0x138, 0x29, 0x37, {0x32, 0x24, '\x00', [@jumbo={0xc2, 0x4, 0x3660}, @ra={0x5, 0x2, 0x5}, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @generic={0x88, 0xed, "e996f48c5b32ddc7a9921b15d16b7963c31342a844f43d4677f79111feaa4f7a95e7470fe00fbd4f4180a0eca37488a7a56a0a5cc17408267d06d5fed9bca1ac56f111456b4b3b29bd0b0a0629eb97a0f3521dbb869b81c1cc5526776bd55257f443508e62bac543c43972b3f6b7df0fe5b38b434fc0e2be92facb9903007a576c717117d2852b61e6b7e81802d2b9972cd371f5f6fd66fe4c76dbc1c462e2b2b93ec16986de1f4209d26a583d60d4faf0027dca579a34910e83105138f3c7dce8d5accaf43123152b3615a663434b8b26c768394529d313d4b79b7d3121abd0f5c0e3b098c252958bd45481d5"}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, '\x00', 0x23}}, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @jumbo={0xc2, 0x4, 0x9}]}}}, @flowinfo={{0x14, 0x29, 0xb, 0x5}}, @hoplimit={{0x14, 0x29, 0x34, 0x6}}, @dstopts={{0x20, 0x29, 0x37, {0x3c, 0x0, '\x00', [@enc_lim={0x4, 0x1, 0x1}, @enc_lim]}}}], 0x248}, 0x4004000)
syz_emit_vhci(&(0x7f0000002300)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0xe}, @hci_rp_read_local_ext_features={{0x7}, {0x0, 0x1, 0x40, "7e56f98800"}}}}, 0x11)
r6 = socket$unix(0x1, 0x5, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f00000023c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000002540)={'wlan1\x00'})
ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r4, 0xc0905664, &(0x7f0000000140)={0x0, 0x0, '\x00', @raw_data=[0x3, 0x4, 0x3, 0xfa, 0x7660c201, 0x7, 0x9, 0x2, 0x1, 0x1, 0x2, 0x7, 0x10, 0x949, 0x0, 0x8, 0x16, 0x8, 0x7, 0x9, 0xb42a, 0x6, 0x7, 0x9, 0x4, 0x5, 0x5c1, 0x80, 0x5, 0x6, 0x100, 0xffffffff]})
landlock_create_ruleset(&(0x7f0000002680)={0x4000, 0x2, 0x1}, 0x18, 0x0)
socket(0x1a, 0xa, 0xfffffff6)
bind$ax25(r4, &(0x7f0000001240)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @bcast]}, 0x48)
mmap$IORING_OFF_SQES(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x2000000, 0x80010, 0xffffffffffffffff, 0x10000000)
sendmsg$NL80211_CMD_START_AP(r7, &(0x7f00000028c0)={&(0x7f00000027c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000002880)={&(0x7f0000002840)={0x1c, 0x0, 0x200, 0x70bd29, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_BEACON_INTERVAL={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4004080}, 0x80)

0s ago: executing program 0 (id=3020):
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000274c035cab0560000611000000010902120001000d00000904a80000f4075000"], 0x0)
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000580)={0x53, 0x0, 0x7, 0x60, @buffer={0x0, 0xb2, &(0x7f0000000280)=""/178}, &(0x7f0000000200)="a4ff0088ac0000", 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_connect(0x2, 0x0, 0x0, &(0x7f0000000b40)={0x0, 0x0, 0xf, &(0x7f00000000c0)={0x5, 0xf, 0xf, 0x1, [@ss_cap={0xa, 0x10, 0x3, 0x2, 0x0, 0x3, 0x7, 0x9}]}})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'xts-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20)
r2 = accept$alg(r1, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000007a40)=[{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000100)="d27e096c28b61f974c288a94d2dc0db0cc", 0x11}], 0x1, 0x0, 0x0, 0x80}], 0x1, 0x4004041)
recvmmsg(r2, &(0x7f0000000940)=[{{0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000240)=""/13, 0xd}, {&(0x7f0000000340)=""/15, 0xf}], 0x2}, 0xd}], 0x1, 0x40010120, 0x0)
r3 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
r4 = socket$xdp(0x2c, 0x3, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000140)={<r6=>0x0, 0x30, "2b1adc0a38dc0a2bc41516cb35cd53daf1945714de7dc9c31550a50501e51b56d99209228a14d9f7150382338b4d8264"}, &(0x7f0000000180)=0x38)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(0xffffffffffffffff, 0x84, 0x17, &(0x7f0000000b80)={r6, 0x79, 0x1000, "a3227c05b5f3598096e29243a75e9993dc6ebab724f11e9725d4f54dd43affa862a0df11b0682edf6b02a11fc27851b51c91e19fd6b950c3cda3beb7443dd1131949e6be3e743b5bf9e73f48ed0fbc48981373a234533fd0054c64b85ee7b48e1600134845db69d0488bed14c674e9b92753659563e7924b22ca77392c6b37b250ecae35a223136ebd89e02c8f8ad9b1971c5f63c35647e9a9feea801598c9c05ecdbd6e9b98b49dea4e31fb694f43b6efe8add88ee63966d6a7139284eeac1a6876c77a084cc59030f0631b382e750cfe7ef9057d239e501c041b08b9f9f91776057bcc5d55c54b383a048610f60c936630d8eacc3e6b52e576fec93429864d5d9fd94bb05225638fccbc93daf6bb4d969109e9c199f1966ced4fac73ccf953394923dfb0935f306d71582143ab67744403bc8da6368b2976c4e9adedb54f4746a670eddb63dab3050d9e9ef6fd5274673af27acb123eb9ce4ad26154eb42247bfa952f89deae59cadd75f72af5c8327821c72b72361bf60f5a27478eb367567d87fcdcb787c1a0f7515b5f855998d888765cade89d31f77d92972875c5c536b3706e3bbf148de535f38b02fd2fd10c1d339c0e1c979e404606bd29bf0be4103bac7f2692a9f6d3ee5e4234d5a1e8fada3cf0f9131e94074e81410c11c914b9eaa856b44011940533eb6ea755760d8b9c5b3b80a4828e67eb37e9ea6add982e4f46ca9ec7b3fa5d20ec22398fdb62f381d848b3c34a2308276bb12ce80fa9521b645f1c7ff2c50c7377262cb69e910e69047ff1338b85f4878150d6eb07c0b7194a05a2a9fd101d33994efd86e4cb53ca7a31bd703f3ed7b21e0260724552f597e340a76d2493d59b608d7abfed7f1f9236b2ba21a875d42dbf2b4a322a9e2ad357327894a01586f8b07aeabfe06984e75e26d296074b8f44b509a09d576cb1216e349b2223f92adebcdb8538310e5d492712a28ffee592319aabeaeab1bee80d317ce2e98567e6cb341b849da8c50b63a041e30e24f5189e66986ea00c5439e78971931d278d51912fadd096ea7aabd5490c1a0a88fa3d031e6b84401f376b585acad718582079b61c325239ad938716fc1e5985011ad004337ea7283bf6cb6a4953500089db54f98a87e95a5e1ca8d1156adc3f1d43e1108e7fdf26afb60813e5d1dc47f8d6bd2e8b0760ccf79a27e8f134d1e0154ff694316282260d3129f3a3c6e11095a3cea46eb1dc562e93e886a1cd02415fbb00c2eb0c0146b941b869b515624d80d8e24585e16ff69a9ee22e90e5d9af20ca8c4ae15e679f0f27b02a574c023670ba509ce253009defcbd4ec14e800ae61dcc774b11d30717a568a58de569c813d57af6fa691d6dfb2e43609d45cee18047b7741f37ba93805fe4292607df86ad0c5ec6af9c51dc739e5ddaf44365a314e1e0ae4295723965c202d1c4485cb2f976d2f318f2168b3122b559ff568e66eb799667f7446f15e1ebecf339623b0037bd4082f466854491135d0075a42676f95902ad53a9798b36f17075028c9aaeed32277cc7f36d556333b53644f65755ed560c2f41876723e6425e96db290fc85da726fe2b76bf15e8901b3013b578a2c339dcb3a559b9aec0081ae4de6bd4df4066b2f77e817c39fd8c8abbce8a749eed3745f64965bcd76b752b72c34328fd6bf3efd2598dfe54c6b63f22b5c14bc4274486c6f9e43c646efe563b82cbb562541367828022bdd1ef09ae8c00a997844f711846f9bf1c4007dddb88e3c4df18f2e8b7428bbdd3b89a189e6a1b93313ffb55f09a17499637434ea074be3df587d2a79fdc6c0ae8f55a4b96a552ee615c9142a9ecadd790b1a71fa38861bd7526cd69e659a9af8e39a24292170757932d4f894726ec7b509619d4a1d5979ee5f8efce62259830a2e822d1aed515d43d433e9112696380377f48d9e94ad2e267ece7e4f17df276aaf20d2ec3ce68b0c15fd9fab76a3615e932c54556bfc548c571308879656c13ff6f809a953c4b8c3fc6b38e77bbef7c83d7356e0dc908ec4ee42c590a3eb6bf628c410de3aa9600613a425b5d22e871b06f27e945695f13e2451e643eddb217b99f5d9d86c04852ffdb6e042f9633403729760a8039ed66de6f91dda570a510ae75e9e5f0b497315fc115abbd55686227d4bb152b43deebc6984ba05fcecf57437534009d71b34e38dba5af2eeafe4f01f0aab2e1149abcb685320c499455bb358bdffa8030de30af057e84ddf59164430e99966bc82ee6ee3029ae5ff6c34e47d42467af96190d31faead06cb4bb1a6a18aa35b3631d728726ca01942b5b7a0b78920e23d891615943567e5cf8b2519c9cddea220d20a3b0f91d2a8dabd0cb6a7a462255cc63ebbfbeda4325dd1ed59f3651010f97c8d62b1d08dafb4fbf5cc1e71aeaa452bf60323c4a28785bb61de358ceafa4bed395d8bed169598899a797a90f3319692ec7b6b58efb17d4376bb689a76872652c2d324032110b9e27af7a34a5f0b65ec451f5bba6e7c3eed651e819fb1558b3f7b02ebbc5057e06e356b6fe9aea37d1152abfeddcd26759b2fbbba2738a4c104d78b09cff0d21af1dac20f10a593ef1ce224105f65a534353720b3d69ab836405ad4991ee25c759a3652ced2737f0876b5026d9862a38673069859b12d4ec6dd40e8514a28abcd8bf941fb45430db06518ecf187963fe3202ec2bb29835869596068816ad3cd806a8309b3edf70013954c3c1007264517a173151745ef7f7ed6b49e49f7d4c68ce0dc1cdc207ffd6257bf62969ae2b445ecfe6cc1ac0f4257735275d1a213ba67ac2611fe077927e1d6f94f5a2b998d38fae82da5cfe55f2dea1e448e73e086073e826cb47143ca4bde16be3e5ceb9dceb1abb86bfa2b3c9cf3b03461204a1168a9e48de3927debffec468ea611712386688a3c5ded7d05396e4f77fde420ba019616c9b09300a4a94733d441ea11ea354ff44d596fb9a831c589c91d2d39bcaf85401f7e5135a601aa5557e6f3d9b8b2fcbdb49d7f2427bdf6321e87289e5e907ce83deb9abb0469fac1cda3ab3d165ab27c194ba67455565c31803f124b30853ed3877fbbd187664c6350c069b8b22696aeb4f24c54b48201042f3faaec26b14b86f0575ec0e8e00fa9d44df7fe9f123d877da67f7cb62e397f31ce36b32569fc8db5f5e18f4dcb6e88e7aa3987e2458cc5efdfddaa99faeb1208e12dd3734a44b090d208f541266ca61a3133a63d57f59875d1c4813d46d941c78fcc0ca098c37dc92a19a4706792f7d4f804a8cfccc988191acd8cc9d83949d27cbda60aac20e105cc511e139726e9bbd0ec969dfd78527e64271b26f76b1a57d862facbcdb0479898b87b1e9477e4e4838baa78aa15a4c1be2fa7c1e67dad4113364bba27e8672c9d4b23a1390fa131fc544e13fabf37a365233f7c084185ca9d937e570735748c29f03a6371388041e0a4b88065bc5e865d1a7307c7c121fd6fa3c62d4d5ce97c8665cb5c2a380471c8a24e7399b7e4e0a284ac87c621f7fb1e75a2cc2b0c7e83c3ea8c2d1c472571b86476964598bf49df793af8a62cd70a517e06084cc89578ddd6ddbd2f462823100772eb15bd59c7d5c2877417db0bf01205f9321e3411749651c1e394053bd7627280518d97303f76395cfce4ba07c9760cbe0f7bf3db862193f56ea0d288a4fd154adf04954e87d5b1b14cfeb66a782fb0739edc80e406f0a8f167050d2a58b3c400c87c7869b292c3f4171245ab4605cd9c12228ea387533b1ba6ae2c0b54528559d222b224c51a1b515c1089879e161d0f50aa1089e83665c8e8c43c15c7b4ae7eb3a7fc82cdfce2996c29fa019e6f1a616806a5dbddd793c074b11d1807f1485c78290a1186fcaa8d89525c568b9a6701def082f5cf7b5d88158287ef9aa75b8cfc7fa825ca293840e3894dc764830494fbd518203e04b000a0440a7c97740a312c9efb7d88c5318b60bf337568cefd2d24369caeb02596aa6883c1af58e711a50c70a6b1b7f31207f01d14370a0e1697ea4e1b4d25210587286a6da1b202feef049c41e2ba64cb2def5ab2db6ad1d1899423b425218fcaf2d8b8a4d09cabd5eecb9374f6b6ca72e5384147d5ba24c064988cf94293cc37345ca90919a34bae9d69dcaaa8bd55e004f4dff8fe8811f98f06f203b7f017382fe882f944578bacbb0dc8fc8fed10528cbf53df94ee29ae794b64ee941a8677012ee30edf84291a920b7daa66990d7e54a6f15f5f2c3e3d0383619137afd21f4bc699f48e53e0e97bfb9e27255af3bada915608518c2e25b39331f3344fbb649cb11b0a8fa8093b84f9b7349e7d5978b8c8616608eb3a3a387f89887803ed908db598c3a53e0b1d71c7db1a7c5035d11d708a7bbccece89ddd018ee2975a2803f24374285ef6e85addd830d642c9f5bfd2e544177f33109063bcd31b9c09141885d3583d6eb7144bc9e527d7cfbe3173e0ab3c394e2a2a5080dffa4e98d078c557a3e7d1e382ca511f12fbc39b8cd28331816b1d390b00abe195cb831c9514a4ea4c6689cfc9e5bd8949c418b8ca1c8842d9fed727308fe4a978ead027f9502ba91cd7e3748b22977f5c4cda027de7b8e14738e55e552c62db49a2031b9d5292502d3fdb3b2b1980f2536855651ca237c5b4f2093a470ef39250c27105cbfbba39ecd6ccf063badd95a90b4c1303255d0c5ac1da8fec26aa48b9e9212761119ed6ae67a6ef93497b362899b0e74ad7b1ae012ef4f3fa50cfc614ad1eaf7adbde79ff87916632a5a865d783eb953ade263c971ffa709f4038083f6a34c69dca0fc4238d1d9ecfd6236a5374ab97ef11ca24890abeba5e89f68f33a012ea2918e80c1cc631c7cf348b278b3b15cdda00f7c738f75872d4fc48f600c7ce25bbd54519e85b763d68f9f0e5a5a3f7395957f3aa857a2d26ecd27f0fc49c1621b5794a13dd16f8a1e49f7cade0c8564cdf17b3afbd8a3385c0816c203ef06616c5e12d7371e8d32a094f030095e42de8799d91d04fad186c4ab419f0229ee756e8af90cff5594781e502bfd02219c1420ae4b7bf77d615af8b4b4f93d4924ce47a73483b3d38ca2d21854762135052b1ff565c0dfc945a6ac37381a14f3c14ae194f941b3d5a0422f2820079b886f2bddb2874f3ea749064489deeeb850ad8d75b749947fd400a7b14579fc37b89421a6e194685ea941bd142735e1c02daf4da70f7fd23b0b36eaf6c35a67440eb7516374aeff0b3c8932eb06d118ca67dc26fe5de033b4b51465f6b2fca1126e71a881b6bb83a6dffdab94df96dbdb8c14ff04d71edc702b2e8d44b38ac54379c6bc4633959f540066522dc45104c982f5126b5947f67878f7db64021908f2c029be2e95912beee9f11ee3aa52098dc28f0c2fd1e77ee46c97ce241f83d63b43b57b17360f26abecc808811d9bc38bb0241caa2268dd4975b5aa0c222caabd0bea4bacc33548f7422871f5994508104266bf01491a6893dd7cf75845465d519a4a131405115591d36844b31f624614c299cbeb9955261dab764f41f262387e6d12dec0ca870f409d7cff691be9049bcaca0b32c0cffe4fd8173af2abdb976b5b3c24fb22295fe42b5b768f03bfbbb115f8afff215c4df78552ed5c468c2e91082130d3e1c1a9a5b35d1d59f9338097b6bbda8521b3febb77b9eaa8f7163b12254692f12179666d1c17d476e41b7d0044a8684ed4b3566bb81de2467576cab87adfd2b27bd6bb85ed00252a29917a156ea2847b83e730b1a64cc7ae82b9ad64cc3524a1af0c90d686"}, 0x1008)
r7 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl802154(&(0x7f00000003c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r7, 0x8933, &(0x7f0000000380)={'wpan3\x00', <r9=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r7, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000b40)={0x28, r8, 0x1, 0xfffffffd, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r9}, @NL802154_ATTR_SEC_DEVKEY={0xc, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_FRAME_COUNTER={0x8, 0x1, 0x79e7}]}]}, 0x28}}, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r5, 0xc01064ab, &(0x7f0000000240))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, 0xffffffffffffffff, 0x0)
ftruncate(0xffffffffffffffff, 0x200c17a)
r10 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TCSETS(r10, 0x4b72, &(0x7f0000000040)={0x5, 0x80, 0x0, 0x0, 0xd, "4060930000efa4894200f99ef16200"})
setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/58, 0x10c000, 0x800, 0x0, 0x1}, 0x20)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)

kernel console output (not intermixed with test programs):

vice=c0.6f
[  415.032670][ T5870] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  415.040776][ T5870] usb 5-1: Product: syz
[  415.044993][ T5870] usb 5-1: Manufacturer: syz
[  415.049636][ T5870] usb 5-1: SerialNumber: syz
[  415.057590][ T5870] usb 5-1: config 0 descriptor??
[  415.069609][ T5870] usb 5-1: invalid MIDI EP
[  415.077368][ T5870] usb 5-1: snd-bcd2000: error during probing
[  415.085488][ T5870] snd-bcd2000 5-1:0.82: probe with driver snd-bcd2000 failed with error -22
[  415.206966][T14060] netlink: 256 bytes leftover after parsing attributes in process `syz.2.2888'.
[  415.218028][T14060] random: crng reseeded on system resumption
[  415.270515][T14079] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  415.285960][ T5870] usb 5-1: USB disconnect, device number 52
[  415.292722][T14079] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  415.306482][ T5965] uclogic 0003:145F:0212.001E: interface is invalid, ignoring
[  415.819907][   T55] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  415.832990][T14101] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2906'.
[  416.002506][   T55] usb 5-1: unable to get BOS descriptor or descriptor too short
[  416.011621][   T55] usb 5-1: config 3 has an invalid interface number: 8 but max is 3
[  416.020055][   T55] usb 5-1: config 3 has an invalid descriptor of length 70, skipping remainder of the config
[  416.030412][   T55] usb 5-1: config 3 has 1 interface, different from the descriptor's value: 4
[  416.039306][   T55] usb 5-1: config 3 has no interface number 0
[  416.045490][   T55] usb 5-1: config 3 interface 8 altsetting 6 endpoint 0x82 has an invalid bInterval 248, changing to 11
[  416.056676][   T55] usb 5-1: config 3 interface 8 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  416.070571][   T55] usb 5-1: config 3 interface 8 has no altsetting 0
[  416.080447][   T55] usb 5-1: New USB device found, idVendor=05ac, idProduct=921d, bcdDevice=c2.be
[  416.089921][   T55] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  416.097951][   T55] usb 5-1: Product: syz
[  416.102382][   T55] usb 5-1: Manufacturer: syz
[  416.107057][   T55] usb 5-1: SerialNumber: syz
[  416.196132][ T6714] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found
[  416.203440][ T5870] usb 1-1: new high-speed USB device number 104 using dummy_hcd
[  416.211422][ T6714] cdc_ncm 2-1:1.0: bind() failure
[  416.231379][ T6714] usb 2-1: USB disconnect, device number 2
[  416.332603][T14090] fuse: Bad value for 'fd'
[  416.389576][ T5870] usb 1-1: Using ep0 maxpacket: 16
[  416.409352][ T5870] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  416.419962][ T5870] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  416.435806][ T5870] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  416.448659][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  416.457270][ T5870] usb 1-1: Product: syz
[  416.462857][ T5870] usb 1-1: Manufacturer: syz
[  416.467794][ T5870] usb 1-1: SerialNumber: syz
[  416.602240][   T55] appledisplay 5-1:3.8: Error while getting initial brightness: -71
[  416.618205][   T55] appledisplay 5-1:3.8: probe with driver appledisplay failed with error -71
[  416.630637][   T55] usbhid 5-1:3.8: can't add hid device: -22
[  416.636766][   T55] usbhid 5-1:3.8: probe with driver usbhid failed with error -22
[  416.658663][   T55] usb 5-1: USB disconnect, device number 53
[  416.687669][ T5870] usb 1-1: 0:2 : does not exist
[  416.707635][ T5870] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  416.738919][ T6714] usb 3-1: USB disconnect, device number 113
[  416.760305][ T5870] usb 1-1: USB disconnect, device number 104
[  416.817462][T10663] udevd[10663]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  417.239338][T14123] Mount JFS Failure: -5
[  417.340731][T14129] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2918'.
[  417.407085][T14134] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2920'.
[  417.459019][  T795] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  417.582641][T14141] tmpfs: Bad value for 'mpol'
[  417.640114][  T795] usb 5-1: Using ep0 maxpacket: 16
[  417.641699][  T795] usb 5-1: config 0 has an invalid descriptor of length 49, skipping remainder of the config
[  417.641725][  T795] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 5
[  417.641762][  T795] usb 5-1: New USB device found, idVendor=0458, idProduct=0087, bcdDevice= 0.00
[  417.641786][  T795] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  417.644466][  T795] usb 5-1: config 0 descriptor??
[  417.767670][T14149] jfs: Unknown parameter 'discardevents'
[  417.888374][T14156] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2928'.
[  417.929609][   T10] usb 1-1: new high-speed USB device number 105 using dummy_hcd
[  418.009406][  T795] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  418.043915][T14160] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2930'.
[  418.088706][   T10] usb 1-1: Using ep0 maxpacket: 16
[  418.095562][   T10] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  418.106016][   T10] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  418.119394][   T10] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  418.128712][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  418.136736][   T10] usb 1-1: Product: syz
[  418.140978][   T10] usb 1-1: Manufacturer: syz
[  418.145576][   T10] usb 1-1: SerialNumber: syz
[  418.178678][  T795] usb 2-1: Using ep0 maxpacket: 16
[  418.185118][  T795] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  418.196371][  T795] usb 2-1: New USB device found, idVendor=0000, idProduct=0000, bcdDevice= 0.00
[  418.205625][  T795] usb 2-1: New USB device strings: Mfr=0, Product=8, SerialNumber=0
[  418.213913][  T795] usb 2-1: Product: syz
[  418.221794][  T795] usb 2-1: config 0 descriptor??
[  418.232942][  T795] gspca_main: spca501-2.14.0 probing 0000:0000
[  418.357637][   T10] usb 1-1: 0:2 : does not exist
[  418.366940][   T10] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  418.387249][   T10] usb 1-1: USB disconnect, device number 105
[  418.416392][T10663] udevd[10663]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  418.428396][  T795] gspca_spca501: reg write: error -71
[  418.440672][  T795] spca501 2-1:0.0: Reg write failed for 0x02,0x0f,0x05
[  418.447928][  T795] spca501 2-1:0.0: probe with driver spca501 failed with error -22
[  418.466015][  T795] usb 2-1: USB disconnect, device number 3
[  419.000488][T14172] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2935'.
[  419.097612][T14179] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2938'.
[  419.237979][  T795] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  419.327947][ T5870] usb 3-1: new high-speed USB device number 114 using dummy_hcd
[  419.407995][  T795] usb 2-1: Using ep0 maxpacket: 32
[  419.415238][  T795] usb 2-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.01
[  419.424480][  T795] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  419.434271][  T795] usb 2-1: config 0 descriptor??
[  419.444818][  T795] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[  419.453489][  T795] input: xirlink-cit as /devices/platform/dummy_hcd.1/usb2/2-1/input/input50
[  419.487923][ T5870] usb 3-1: Using ep0 maxpacket: 32
[  419.508922][ T5870] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  419.528381][ T5870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  419.537846][ T5828] usb 1-1: new high-speed USB device number 106 using dummy_hcd
[  419.556824][ T5870] usb 3-1: config 0 descriptor??
[  419.645230][ T6714] usb 2-1: USB disconnect, device number 4
[  419.719862][ T5828] usb 1-1: Using ep0 maxpacket: 16
[  419.726895][ T5828] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  419.739337][ T5828] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  419.750431][ T5828] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  419.759823][ T5828] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.768096][ T5828] usb 1-1: Product: syz
[  419.772306][ T5828] usb 1-1: Manufacturer: syz
[  419.776947][ T5828] usb 1-1: SerialNumber: syz
[  419.782229][ T5870] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  419.798626][ T5870] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  419.811186][ T5870] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  419.818605][ T5870] usb 3-1: media controller created
[  419.831865][ T5870] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  419.996255][ T5828] usb 1-1: 0:2 : does not exist
[  420.015397][ T5828] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  420.048454][ T5828] usb 1-1: USB disconnect, device number 106
[  420.061983][ T5870] az6027: usb out operation failed. (-71)
[  420.072232][ T5870] az6027: usb out operation failed. (-71)
[  420.084737][ T5870] stb0899_attach: Driver disabled by Kconfig
[  420.091293][ T5870] az6027: no front-end attached
[  420.091293][ T5870] 
[  420.103717][ T5870] az6027: usb out operation failed. (-71)
[  420.110542][T10663] udevd[10663]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  420.118025][ T5870] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  420.138275][ T5870] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input51
[  420.151921][ T5870] dvb-usb: schedule remote query interval to 400 msecs.
[  420.160064][ T5870] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  420.191451][ T5870] usb 3-1: USB disconnect, device number 114
[  420.264843][ T5870] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  420.265265][  T795] usb 5-1: USB disconnect, device number 54
[  420.354622][   T30] audit: type=1400 audit(6291402550.952:18): apparmor="DENIED" operation="change_hat" class="file" info="unconfined can not change_hat" error=-1 profile="unconfined" pid=14196 comm="syz.4.2944"
[  420.464206][T14203] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2946'.
[  420.619276][T14210] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2949'.
[  420.677225][  T795] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  420.787132][   T10] usb 1-1: new low-speed USB device number 107 using dummy_hcd
[  420.830728][  T795] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  420.842157][  T795] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  420.862334][  T795] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  420.889818][  T795] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  420.907574][  T795] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.921185][  T795] usb 5-1: config 0 descriptor??
[  420.936892][  T795] hub 5-1:0.0: USB hub found
[  420.947202][   T10] usb 1-1: Invalid ep0 maxpacket: 16
[  421.077062][   T10] usb 1-1: new low-speed USB device number 108 using dummy_hcd
[  421.247992][   T10] usb 1-1: Invalid ep0 maxpacket: 16
[  421.253947][   T10] usb usb1-port1: attempt power cycle
[  421.278319][T14230] netlink: 104 bytes leftover after parsing attributes in process `syz.1.2958'.
[  421.332202][  T795] hub 5-1:0.0: config failed, can't read hub descriptor (err -22)
[  421.368353][  T795] usb 5-1: USB disconnect, device number 55
[  421.507057][ T5965] usb 3-1: new high-speed USB device number 115 using dummy_hcd
[  421.556708][ T5870] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  421.616755][   T10] usb 1-1: new low-speed USB device number 109 using dummy_hcd
[  421.637340][   T10] usb 1-1: Invalid ep0 maxpacket: 16
[  421.656616][ T5965] usb 3-1: Using ep0 maxpacket: 32
[  421.663254][ T5965] usb 3-1: config 0 has an invalid interface number: 146 but max is 0
[  421.671529][ T5965] usb 3-1: config 0 has no interface number 0
[  421.677683][ T5965] usb 3-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  421.688607][ T5965] usb 3-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  421.700305][ T5965] usb 3-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[  421.712457][ T5965] usb 3-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  421.716735][ T5870] usb 2-1: Using ep0 maxpacket: 16
[  421.723012][ T5965] usb 3-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82
[  421.732030][ T5870] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  421.741196][ T5965] usb 3-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  421.751544][ T5870] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  421.760976][ T5965] usb 3-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  421.779249][   T10] usb 1-1: new low-speed USB device number 110 using dummy_hcd
[  421.782031][ T5870] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  421.786990][ T5965] usb 3-1: config 0 interface 146 altsetting 0 endpoint 0x1 has invalid maxpacket 19968, setting to 1024
[  421.787020][ T5965] usb 3-1: config 0 interface 146 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[  421.787040][ T5965] usb 3-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  421.797036][ T5870] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  421.810214][ T5965] usb 3-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[  421.818982][ T5870] usb 2-1: Product: syz
[  421.833064][   T10] usb 1-1: Invalid ep0 maxpacket: 16
[  421.841866][ T5870] usb 2-1: Manufacturer: syz
[  421.849043][   T10] usb usb1-port1: unable to enumerate USB device
[  421.852543][ T5870] usb 2-1: SerialNumber: syz
[  421.859672][ T5965] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  421.884918][ T5965] usb 3-1: Product: syz
[  421.889202][ T5965] usb 3-1: Manufacturer: syz
[  421.893880][ T5965] usb 3-1: SerialNumber: syz
[  421.904639][ T5965] usb 3-1: config 0 descriptor??
[  421.912245][T14228] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  421.920158][T14228] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[  421.930776][ T5965] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3
[  421.941456][ T5965] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2
[  421.963325][ T5965] scsi host1: microtekX6
[  421.970623][T14236] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2960'.
[  422.071040][ T5870] usb 2-1: 0:2 : does not exist
[  422.083444][ T5870] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[  422.117439][ T5870] usb 2-1: USB disconnect, device number 5
[  422.152162][ T5965] usb 3-1: USB disconnect, device number 115
[  422.163353][T10663] udevd[10663]: setting mode of /dev/snd/controlC3 to 020660 failed: No such file or directory
[  422.182627][T10663] udevd[10663]: setting owner of /dev/snd/controlC3 to uid=0, gid=29 failed: No such file or directory
[  422.465534][T14254] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2968'.
[  422.518908][T14256] netlink: 72 bytes leftover after parsing attributes in process `syz.4.2969'.
[  422.605919][T14258] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2970'.
[  422.841326][T14274] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2978'.
[  422.855638][T14273] Bluetooth: hci1: Frame reassembly failed (-84)
[  422.863908][ T2944] Bluetooth: hci1: Frame reassembly failed (-84)
[  422.870596][ T2944] Bluetooth: hci1: Frame reassembly failed (-84)
[  422.986124][   T10] usb 3-1: new high-speed USB device number 116 using dummy_hcd
[  423.136396][   T10] usb 3-1: Using ep0 maxpacket: 32
[  423.143026][   T10] usb 3-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.01
[  423.153063][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  423.164359][   T10] usb 3-1: config 0 descriptor??
[  423.174214][   T10] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[  423.182358][   T10] input: xirlink-cit as /devices/platform/dummy_hcd.2/usb3/3-1/input/input52
[  423.375802][ T5870] usb 3-1: USB disconnect, device number 116
[  424.164667][T14306] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2990'.
[  424.252629][T14311] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2992'.
[  424.297145][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  424.310039][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  424.310057][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  424.310065][ T5832] Workqueue: hci4 hci_rx_work
[  424.310088][ T5832] Call Trace:
[  424.310095][ T5832]  <TASK>
[  424.310100][ T5832]  dump_stack_lvl+0x189/0x250
[  424.310119][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  424.310131][ T5832]  ? __pfx__printk+0x10/0x10
[  424.310147][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  424.310157][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  424.310168][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  424.310180][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  424.310196][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  424.310213][ T5832]  kobject_add_internal+0x59f/0xb70
[  424.310232][ T5832]  kobject_add+0x155/0x220
[  424.310247][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  424.310261][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  424.310274][ T5832]  ? get_device_parent+0x366/0x3a0
[  424.310291][ T5832]  device_add+0x408/0xb80
[  424.310307][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  424.310322][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  424.310338][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  424.310348][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  424.310364][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  424.310375][ T5832]  ? skb_pull_data+0xfb/0x200
[  424.310390][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  424.310401][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  424.310414][ T5832]  hci_event_packet+0x78f/0x1260
[  424.310436][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  424.310448][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  424.310462][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  424.310476][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  424.310491][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  424.310504][ T5832]  hci_rx_work+0x3ee/0x1060
[  424.310524][ T5832]  ? process_one_work+0x868/0x15e0
[  424.310534][ T5832]  process_one_work+0x93a/0x15e0
[  424.310543][ T5832]  ? __lock_acquire+0xab9/0xd20
[  424.310564][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  424.310580][ T5832]  ? assign_work+0x3a1/0x410
[  424.310592][ T5832]  worker_thread+0x9b0/0xee0
[  424.310616][ T5832]  kthread+0x711/0x8a0
[  424.310631][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  424.310641][ T5832]  ? __pfx_kthread+0x10/0x10
[  424.310654][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  424.310665][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  424.310675][ T5832]  ? __pfx_kthread+0x10/0x10
[  424.310688][ T5832]  ret_from_fork+0x599/0xb30
[  424.310700][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  424.310716][ T5832]  ? __switch_to_asm+0x39/0x70
[  424.310728][ T5832]  ? __switch_to_asm+0x33/0x70
[  424.310739][ T5832]  ? __pfx_kthread+0x10/0x10
[  424.310752][ T5832]  ret_from_fork_asm+0x1a/0x30
[  424.310773][ T5832]  </TASK>
[  424.310791][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  424.465113][   T10] usb 3-1: new full-speed USB device number 117 using dummy_hcd
[  424.470054][ T5832] Bluetooth: hci4: failed to register connection device
[  424.614342][ T5870] usb 1-1: new full-speed USB device number 111 using dummy_hcd
[  424.616262][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  424.631683][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  424.631709][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  424.631719][ T5832] Workqueue: hci4 hci_rx_work
[  424.631738][ T5832] Call Trace:
[  424.631743][ T5832]  <TASK>
[  424.631748][ T5832]  dump_stack_lvl+0x189/0x250
[  424.631765][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  424.631784][ T5832]  ? __pfx__printk+0x10/0x10
[  424.631809][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  424.631826][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  424.631845][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  424.631863][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  424.631890][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  424.631918][ T5832]  kobject_add_internal+0x59f/0xb70
[  424.631951][ T5832]  kobject_add+0x155/0x220
[  424.631980][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  424.632003][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  424.632027][ T5832]  ? get_device_parent+0x366/0x3a0
[  424.632056][ T5832]  device_add+0x408/0xb80
[  424.632082][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  424.632107][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  424.632138][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  424.632155][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  424.632195][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  424.632215][ T5832]  ? skb_pull_data+0xfb/0x200
[  424.632242][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  424.632263][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  424.632287][ T5832]  hci_event_packet+0x78f/0x1260
[  424.632305][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  424.632317][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  424.632331][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  424.632344][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  424.632358][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  424.632371][ T5832]  hci_rx_work+0x3ee/0x1060
[  424.632391][ T5832]  ? process_one_work+0x868/0x15e0
[  424.632401][ T5832]  process_one_work+0x93a/0x15e0
[  424.632411][ T5832]  ? __lock_acquire+0xab9/0xd20
[  424.632432][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  424.632450][ T5832]  ? assign_work+0x3a1/0x410
[  424.632463][ T5832]  worker_thread+0x9b0/0xee0
[  424.632487][ T5832]  kthread+0x711/0x8a0
[  424.632501][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  424.632512][ T5832]  ? __pfx_kthread+0x10/0x10
[  424.632525][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  424.632536][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  424.632547][ T5832]  ? __pfx_kthread+0x10/0x10
[  424.632560][ T5832]  ret_from_fork+0x599/0xb30
[  424.632572][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  424.632588][ T5832]  ? __switch_to_asm+0x39/0x70
[  424.632599][ T5832]  ? __switch_to_asm+0x33/0x70
[  424.632611][ T5832]  ? __pfx_kthread+0x10/0x10
[  424.632624][ T5832]  ret_from_fork_asm+0x1a/0x30
[  424.632646][ T5832]  </TASK>
[  424.632663][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  424.809314][ T5870] usb 1-1: unable to get BOS descriptor or descriptor too short
[  424.816462][   T10] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  424.819392][ T5870] usb 1-1: not running at top speed; connect to a high speed hub
[  424.823252][   T10] usb 3-1: config 179 has no interface number 0
[  424.831636][ T5832] Bluetooth: hci4: failed to register connection device
[  424.835556][   T10] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  424.844172][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  424.846783][   T10] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 64
[  424.850529][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  424.850553][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  424.850565][ T5832] Workqueue: hci4 hci_rx_work
[  424.850594][ T5832] Call Trace:
[  424.850603][ T5832]  <TASK>
[  424.850611][ T5832]  dump_stack_lvl+0x189/0x250
[  424.850639][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  424.850661][ T5832]  ? __pfx__printk+0x10/0x10
[  424.850688][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  424.850705][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  424.850727][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  424.850748][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  424.850776][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  424.850805][ T5832]  kobject_add_internal+0x59f/0xb70
[  424.850838][ T5832]  kobject_add+0x155/0x220
[  424.850868][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  424.850892][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  424.850916][ T5832]  ? get_device_parent+0x366/0x3a0
[  424.850944][ T5832]  device_add+0x408/0xb80
[  424.850972][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  424.851000][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  424.851030][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  424.851047][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  424.851077][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  424.851097][ T5832]  ? skb_pull_data+0xfb/0x200
[  424.851123][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  424.851144][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  424.851167][ T5832]  hci_event_packet+0x78f/0x1260
[  424.851195][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  424.851214][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  424.851241][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  424.851271][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  424.851296][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  424.851320][ T5832]  hci_rx_work+0x3ee/0x1060
[  424.851357][ T5832]  ? process_one_work+0x868/0x15e0
[  424.851374][ T5832]  process_one_work+0x93a/0x15e0
[  424.851392][ T5832]  ? __lock_acquire+0xab9/0xd20
[  424.851436][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  424.851465][ T5832]  ? assign_work+0x3a1/0x410
[  424.851489][ T5832]  worker_thread+0x9b0/0xee0
[  424.851535][ T5832]  kthread+0x711/0x8a0
[  424.851561][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  424.851580][ T5832]  ? __pfx_kthread+0x10/0x10
[  424.851604][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  424.851623][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  424.851643][ T5832]  ? __pfx_kthread+0x10/0x10
[  424.851666][ T5832]  ret_from_fork+0x599/0xb30
[  424.851688][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  424.851717][ T5832]  ? __switch_to_asm+0x39/0x70
[  424.851738][ T5832]  ? __switch_to_asm+0x33/0x70
[  424.851759][ T5832]  ? __pfx_kthread+0x10/0x10
[  424.851783][ T5832]  ret_from_fork_asm+0x1a/0x30
[  424.851823][ T5832]  </TASK>
[  424.852067][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  424.856700][   T10] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  424.859244][ T5832] Bluetooth: hci4: failed to register connection device
[  424.864313][   T10] usb 3-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 45824, setting to 64
[  424.864339][   T10] usb 3-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  424.864396][   T10] usb 3-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  424.869568][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  424.874310][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  424.879651][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  424.879676][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  424.879689][ T5832] Workqueue: hci4 hci_rx_work
[  424.879717][ T5832] Call Trace:
[  424.879725][ T5832]  <TASK>
[  424.879734][ T5832]  dump_stack_lvl+0x189/0x250
[  424.879762][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  424.879785][ T5832]  ? __pfx__printk+0x10/0x10
[  424.879813][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  424.879831][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  424.879852][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  424.879872][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  424.879901][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  424.879932][ T5832]  kobject_add_internal+0x59f/0xb70
[  424.879966][ T5832]  kobject_add+0x155/0x220
[  424.879995][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  424.880020][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  424.880043][ T5832]  ? get_device_parent+0x366/0x3a0
[  424.880072][ T5832]  device_add+0x408/0xb80
[  424.880099][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  424.880127][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  424.880156][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  424.880172][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  424.880202][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  424.880223][ T5832]  ? skb_pull_data+0xfb/0x200
[  424.880250][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  424.880270][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  424.880294][ T5832]  hci_event_packet+0x78f/0x1260
[  424.880321][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  424.880343][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  424.880369][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  424.880391][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  424.880426][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  424.880449][ T5832]  hci_rx_work+0x3ee/0x1060
[  424.880484][ T5832]  ? process_one_work+0x868/0x15e0
[  424.880502][ T5832]  process_one_work+0x93a/0x15e0
[  424.880521][ T5832]  ? __lock_acquire+0xab9/0xd20
[  424.880561][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  424.880588][ T5832]  ? assign_work+0x3a1/0x410
[  424.880611][ T5832]  worker_thread+0x9b0/0xee0
[  424.880657][ T5832]  kthread+0x711/0x8a0
[  424.880683][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  424.880701][ T5832]  ? __pfx_kthread+0x10/0x10
[  424.880726][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  424.880746][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  424.880766][ T5832]  ? __pfx_kthread+0x10/0x10
[  424.880789][ T5832]  ret_from_fork+0x599/0xb30
[  424.880811][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  424.880841][ T5832]  ? __switch_to_asm+0x39/0x70
[  424.880863][ T5832]  ? __switch_to_asm+0x33/0x70
[  424.880884][ T5832]  ? __pfx_kthread+0x10/0x10
[  424.880907][ T5832]  ret_from_fork_asm+0x1a/0x30
[  424.880948][ T5832]  </TASK>
[  424.880976][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  424.884866][ T5965] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  424.889085][ T5832] Bluetooth: hci4: failed to register connection device
[  424.897680][T14308] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  424.900618][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  424.906098][   T51] Bluetooth: hci1: command 0x1003 tx timeout
[  424.908592][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  424.908617][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  424.908631][ T5832] Workqueue: hci4 hci_rx_work
[  424.908661][ T5832] Call Trace:
[  424.908669][ T5832]  <TASK>
[  424.908677][ T5832]  dump_stack_lvl+0x189/0x250
[  424.908706][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  424.908728][ T5832]  ? __pfx__printk+0x10/0x10
[  424.908756][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  424.908774][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  424.908796][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  424.908817][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  424.908844][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  424.908873][ T5832]  kobject_add_internal+0x59f/0xb70
[  424.908907][ T5832]  kobject_add+0x155/0x220
[  424.908936][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  424.908960][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  424.908984][ T5832]  ? get_device_parent+0x366/0x3a0
[  424.909013][ T5832]  device_add+0x408/0xb80
[  424.909040][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  424.909067][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  424.909097][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  424.909114][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  424.909143][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  424.909163][ T5832]  ? skb_pull_data+0xfb/0x200
[  424.909190][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  424.909210][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  424.909234][ T5832]  hci_event_packet+0x78f/0x1260
[  424.909261][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  424.909281][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  424.909308][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  424.909331][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  424.909356][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  424.909379][ T5832]  hci_rx_work+0x3ee/0x1060
[  424.909422][ T5832]  ? process_one_work+0x868/0x15e0
[  424.909441][ T5832]  process_one_work+0x93a/0x15e0
[  424.909459][ T5832]  ? __lock_acquire+0xab9/0xd20
[  424.909499][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  424.909527][ T5832]  ? assign_work+0x3a1/0x410
[  424.909552][ T5832]  worker_thread+0x9b0/0xee0
[  424.909596][ T5832]  kthread+0x711/0x8a0
[  424.909624][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  424.909643][ T5832]  ? __pfx_kthread+0x10/0x10
[  424.909668][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  424.909686][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  424.909706][ T5832]  ? __pfx_kthread+0x10/0x10
[  424.909730][ T5832]  ret_from_fork+0x599/0xb30
[  424.909752][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  424.909781][ T5832]  ? __switch_to_asm+0x39/0x70
[  424.909803][ T5832]  ? __switch_to_asm+0x33/0x70
[  424.909824][ T5832]  ? __pfx_kthread+0x10/0x10
[  424.909848][ T5832]  ret_from_fork_asm+0x1a/0x30
[  424.909888][ T5832]  </TASK>
[  424.909917][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  424.914595][ T5834] Bluetooth: hci1: Opcode 0x1003 failed: -110
[  424.916649][ T5832] Bluetooth: hci4: failed to register connection device
[  424.916994][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  425.009387][T14308] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  425.019475][ T5870] usb 1-1: config 13 has an invalid interface number: 120 but max is 0
[  425.105425][ T5965] usb 5-1: Using ep0 maxpacket: 32
[  425.106175][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  425.106198][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  425.106210][ T5832] Workqueue: hci4 hci_rx_work
[  425.106241][ T5832] Call Trace:
[  425.106249][ T5832]  <TASK>
[  425.106258][ T5832]  dump_stack_lvl+0x189/0x250
[  425.106288][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  425.106311][ T5832]  ? __pfx__printk+0x10/0x10
[  425.106338][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  425.106355][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  425.106377][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  425.106408][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  425.106439][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  425.106471][ T5832]  kobject_add_internal+0x59f/0xb70
[  425.106505][ T5832]  kobject_add+0x155/0x220
[  425.106535][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  425.106561][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  425.106585][ T5832]  ? get_device_parent+0x366/0x3a0
[  425.106613][ T5832]  device_add+0x408/0xb80
[  425.106638][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  425.106666][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  425.106697][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  425.106714][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  425.106743][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  425.106764][ T5832]  ? skb_pull_data+0xfb/0x200
[  425.106791][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  425.106812][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  425.106835][ T5832]  hci_event_packet+0x78f/0x1260
[  425.106862][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  425.106884][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  425.106909][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  425.106932][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  425.106956][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  425.106980][ T5832]  hci_rx_work+0x3ee/0x1060
[  425.107014][ T5832]  ? process_one_work+0x868/0x15e0
[  425.107032][ T5832]  process_one_work+0x93a/0x15e0
[  425.107049][ T5832]  ? __lock_acquire+0xab9/0xd20
[  425.107090][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  425.107117][ T5832]  ? assign_work+0x3a1/0x410
[  425.107140][ T5832]  worker_thread+0x9b0/0xee0
[  425.107185][ T5832]  kthread+0x711/0x8a0
[  425.107211][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  425.107230][ T5832]  ? __pfx_kthread+0x10/0x10
[  425.107255][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  425.107274][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  425.107294][ T5832]  ? __pfx_kthread+0x10/0x10
[  425.107317][ T5832]  ret_from_fork+0x599/0xb30
[  425.107338][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  425.107368][ T5832]  ? __switch_to_asm+0x39/0x70
[  425.107397][ T5832]  ? __switch_to_asm+0x33/0x70
[  425.107419][ T5832]  ? __pfx_kthread+0x10/0x10
[  425.107443][ T5832]  ret_from_fork_asm+0x1a/0x30
[  425.107485][ T5832]  </TASK>
[  425.107513][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  425.162857][ T5965] usb 5-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.01
[  425.167609][ T5832] Bluetooth: hci4: failed to register connection device
[  425.167995][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  425.253994][ T5965] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.259530][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  425.259556][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  425.259570][ T5832] Workqueue: hci4 hci_rx_work
[  425.259598][ T5832] Call Trace:
[  425.259608][ T5832]  <TASK>
[  425.259617][ T5832]  dump_stack_lvl+0x189/0x250
[  425.259645][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  425.259667][ T5832]  ? __pfx__printk+0x10/0x10
[  425.259694][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  425.259712][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  425.259734][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  425.259755][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  425.259783][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  425.259812][ T5832]  kobject_add_internal+0x59f/0xb70
[  425.259845][ T5832]  kobject_add+0x155/0x220
[  425.259874][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  425.259907][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  425.259932][ T5832]  ? get_device_parent+0x366/0x3a0
[  425.259962][ T5832]  device_add+0x408/0xb80
[  425.259991][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  425.260018][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  425.260049][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  425.260065][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  425.260095][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  425.260116][ T5832]  ? skb_pull_data+0xfb/0x200
[  425.260142][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  425.260163][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  425.260187][ T5832]  hci_event_packet+0x78f/0x1260
[  425.260215][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  425.260236][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  425.260263][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  425.260286][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  425.260311][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  425.260335][ T5832]  hci_rx_work+0x3ee/0x1060
[  425.260369][ T5832]  ? process_one_work+0x868/0x15e0
[  425.260396][ T5832]  process_one_work+0x93a/0x15e0
[  425.260414][ T5832]  ? __lock_acquire+0xab9/0xd20
[  425.260454][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  425.260481][ T5832]  ? assign_work+0x3a1/0x410
[  425.260505][ T5832]  worker_thread+0x9b0/0xee0
[  425.260551][ T5832]  kthread+0x711/0x8a0
[  425.260577][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  425.260595][ T5832]  ? __pfx_kthread+0x10/0x10
[  425.260620][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  425.260641][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  425.260660][ T5832]  ? __pfx_kthread+0x10/0x10
[  425.260683][ T5832]  ret_from_fork+0x599/0xb30
[  425.260704][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  425.260734][ T5832]  ? __switch_to_asm+0x39/0x70
[  425.260755][ T5832]  ? __switch_to_asm+0x33/0x70
[  425.260776][ T5832]  ? __pfx_kthread+0x10/0x10
[  425.260799][ T5832]  ret_from_fork_asm+0x1a/0x30
[  425.260840][ T5832]  </TASK>
[  425.260870][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  425.385124][ T5965] usb 5-1: config 0 descriptor??
[  425.387681][ T5832] Bluetooth: hci4: failed to register connection device
[  425.388031][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  425.453694][ T5965] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[  425.457277][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  425.457301][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  425.457315][ T5832] Workqueue: hci4 hci_rx_work
[  425.457352][ T5832] Call Trace:
[  425.457361][ T5832]  <TASK>
[  425.457370][ T5832]  dump_stack_lvl+0x189/0x250
[  425.457399][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  425.457423][ T5832]  ? __pfx__printk+0x10/0x10
[  425.457450][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  425.457467][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  425.457486][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  425.457508][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  425.457537][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  425.457566][ T5832]  kobject_add_internal+0x59f/0xb70
[  425.457599][ T5832]  kobject_add+0x155/0x220
[  425.457628][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  425.457654][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  425.457677][ T5832]  ? get_device_parent+0x366/0x3a0
[  425.457706][ T5832]  device_add+0x408/0xb80
[  425.457733][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  425.457760][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  425.457790][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  425.457807][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  425.457837][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  425.457858][ T5832]  ? skb_pull_data+0xfb/0x200
[  425.457884][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  425.457906][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  425.457929][ T5832]  hci_event_packet+0x78f/0x1260
[  425.457957][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  425.457995][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  425.458022][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  425.458046][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  425.458070][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  425.458092][ T5832]  hci_rx_work+0x3ee/0x1060
[  425.458127][ T5832]  ? process_one_work+0x868/0x15e0
[  425.458145][ T5832]  process_one_work+0x93a/0x15e0
[  425.458162][ T5832]  ? __lock_acquire+0xab9/0xd20
[  425.458201][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  425.458229][ T5832]  ? assign_work+0x3a1/0x410
[  425.458252][ T5832]  worker_thread+0x9b0/0xee0
[  425.458297][ T5832]  kthread+0x711/0x8a0
[  425.458323][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  425.458350][ T5832]  ? __pfx_kthread+0x10/0x10
[  425.458375][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  425.458395][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  425.458415][ T5832]  ? __pfx_kthread+0x10/0x10
[  425.458440][ T5832]  ret_from_fork+0x599/0xb30
[  425.458462][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  425.458492][ T5832]  ? __switch_to_asm+0x39/0x70
[  425.458514][ T5832]  ? __switch_to_asm+0x33/0x70
[  425.458535][ T5832]  ? __pfx_kthread+0x10/0x10
[  425.458559][ T5832]  ret_from_fork_asm+0x1a/0x30
[  425.458599][ T5832]  </TASK>
[  425.458627][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  425.594232][ T5965] input: xirlink-cit as /devices/platform/dummy_hcd.4/usb5/5-1/input/input53
[  425.597452][ T5832] Bluetooth: hci4: failed to register connection device
[  425.597840][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  425.902334][ T5965] usb 5-1: USB disconnect, device number 56
[  425.904234][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  425.904259][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  425.904272][ T5832] Workqueue: hci4 hci_rx_work
[  425.904301][ T5832] Call Trace:
[  425.904320][ T5832]  <TASK>
[  425.904329][ T5832]  dump_stack_lvl+0x189/0x250
[  425.904358][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  425.904381][ T5832]  ? __pfx__printk+0x10/0x10
[  425.904408][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  425.904425][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  425.904447][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  425.904468][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  425.904497][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  425.904525][ T5832]  kobject_add_internal+0x59f/0xb70
[  425.904560][ T5832]  kobject_add+0x155/0x220
[  425.904589][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  425.904614][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  425.904637][ T5832]  ? get_device_parent+0x366/0x3a0
[  425.904666][ T5832]  device_add+0x408/0xb80
[  425.904695][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  425.904722][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  425.904752][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  425.904768][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  425.904798][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  425.904819][ T5832]  ? skb_pull_data+0xfb/0x200
[  425.904845][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  425.904866][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  425.904889][ T5832]  hci_event_packet+0x78f/0x1260
[  425.904916][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  425.904937][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  425.904963][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  425.904987][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  425.905012][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  425.905034][ T5832]  hci_rx_work+0x3ee/0x1060
[  425.905068][ T5832]  ? process_one_work+0x868/0x15e0
[  425.905086][ T5832]  process_one_work+0x93a/0x15e0
[  425.905104][ T5832]  ? __lock_acquire+0xab9/0xd20
[  425.905136][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  425.905160][ T5832]  ? assign_work+0x3a1/0x410
[  425.905184][ T5832]  worker_thread+0x9b0/0xee0
[  425.905228][ T5832]  kthread+0x711/0x8a0
[  425.905255][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  425.905273][ T5832]  ? __pfx_kthread+0x10/0x10
[  425.905298][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  425.905327][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  425.905347][ T5832]  ? __pfx_kthread+0x10/0x10
[  425.905372][ T5832]  ret_from_fork+0x599/0xb30
[  425.905395][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  425.905425][ T5832]  ? __switch_to_asm+0x39/0x70
[  425.905449][ T5832]  ? __switch_to_asm+0x33/0x70
[  425.905468][ T5832]  ? __pfx_kthread+0x10/0x10
[  425.905492][ T5832]  ret_from_fork_asm+0x1a/0x30
[  425.905533][ T5832]  </TASK>
[  425.905857][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  427.265410][ T5832] Bluetooth: hci4: failed to register connection device
[  427.267949][ T5870] usb 1-1: config 13 has no interface number 0
[  427.279459][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  427.288995][ T5870] usb 1-1: config 13 interface 120 has no altsetting 0
[  427.289613][ T5870] usb 1-1: string descriptor 0 read error: -71
[  427.296974][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  427.296997][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  427.297009][ T5832] Workqueue: hci4 hci_rx_work
[  427.297038][ T5832] Call Trace:
[  427.297046][ T5832]  <TASK>
[  427.297055][ T5832]  dump_stack_lvl+0x189/0x250
[  427.297084][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  427.297106][ T5832]  ? __pfx__printk+0x10/0x10
[  427.297134][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  427.297152][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  427.297174][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  427.297194][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  427.297224][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  427.297256][ T5832]  kobject_add_internal+0x59f/0xb70
[  427.297289][ T5832]  kobject_add+0x155/0x220
[  427.297319][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  427.297343][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  427.297367][ T5832]  ? get_device_parent+0x366/0x3a0
[  427.297395][ T5832]  device_add+0x408/0xb80
[  427.297424][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  427.297451][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  427.297481][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  427.297498][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  427.297528][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  427.297550][ T5832]  ? skb_pull_data+0xfb/0x200
[  427.297576][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  427.297596][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  427.297619][ T5832]  hci_event_packet+0x78f/0x1260
[  427.297646][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  427.297667][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  427.297693][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  427.297716][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  427.297741][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  427.297764][ T5832]  hci_rx_work+0x3ee/0x1060
[  427.297798][ T5832]  ? process_one_work+0x868/0x15e0
[  427.297816][ T5832]  process_one_work+0x93a/0x15e0
[  427.297835][ T5832]  ? __lock_acquire+0xab9/0xd20
[  427.297874][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  427.297901][ T5832]  ? assign_work+0x3a1/0x410
[  427.297932][ T5832]  worker_thread+0x9b0/0xee0
[  427.297978][ T5832]  kthread+0x711/0x8a0
[  427.298004][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  427.298023][ T5832]  ? __pfx_kthread+0x10/0x10
[  427.298049][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  427.298069][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  427.298088][ T5832]  ? __pfx_kthread+0x10/0x10
[  427.298113][ T5832]  ret_from_fork+0x599/0xb30
[  427.298134][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  427.298163][ T5832]  ? __switch_to_asm+0x39/0x70
[  427.298184][ T5832]  ? __switch_to_asm+0x33/0x70
[  427.298205][ T5832]  ? __pfx_kthread+0x10/0x10
[  427.298228][ T5832]  ret_from_fork_asm+0x1a/0x30
[  427.298269][ T5832]  </TASK>
[  427.298295][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  427.308921][ T5870] usb 1-1: New USB device found, idVendor=1604, idProduct=8005, bcdDevice=a1.c9
[  427.313286][ T5832] Bluetooth: hci4: failed to register connection device
[  427.316247][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  427.334535][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  427.335030][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  427.335054][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  427.335067][ T5832] Workqueue: hci4 hci_rx_work
[  427.335100][ T5832] Call Trace:
[  427.335108][ T5832]  <TASK>
[  427.335116][ T5832]  dump_stack_lvl+0x189/0x250
[  427.335144][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  427.335165][ T5832]  ? __pfx__printk+0x10/0x10
[  427.335193][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  427.335210][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  427.335233][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  427.335254][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  427.335283][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  427.335312][ T5832]  kobject_add_internal+0x59f/0xb70
[  427.335346][ T5832]  kobject_add+0x155/0x220
[  427.335375][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  427.335400][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  427.335423][ T5832]  ? get_device_parent+0x366/0x3a0
[  427.335452][ T5832]  device_add+0x408/0xb80
[  427.335480][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  427.335505][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  427.335535][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  427.335551][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  427.335581][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  427.335602][ T5832]  ? skb_pull_data+0xfb/0x200
[  427.335628][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  427.335650][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  427.335673][ T5832]  hci_event_packet+0x78f/0x1260
[  427.335700][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  427.335720][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  427.335746][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  427.335769][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  427.335794][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  427.335817][ T5832]  hci_rx_work+0x3ee/0x1060
[  427.335853][ T5832]  ? process_one_work+0x868/0x15e0
[  427.335870][ T5832]  process_one_work+0x93a/0x15e0
[  427.335888][ T5832]  ? __lock_acquire+0xab9/0xd20
[  427.335949][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  427.335978][ T5832]  ? assign_work+0x3a1/0x410
[  427.336002][ T5832]  worker_thread+0x9b0/0xee0
[  427.336048][ T5832]  kthread+0x711/0x8a0
[  427.336076][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  427.336095][ T5832]  ? __pfx_kthread+0x10/0x10
[  427.336119][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  427.336139][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  427.336158][ T5832]  ? __pfx_kthread+0x10/0x10
[  427.336182][ T5832]  ret_from_fork+0x599/0xb30
[  427.336204][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  427.336233][ T5832]  ? __switch_to_asm+0x39/0x70
[  427.336254][ T5832]  ? __switch_to_asm+0x33/0x70
[  427.336275][ T5832]  ? __pfx_kthread+0x10/0x10
[  427.336299][ T5832]  ret_from_fork_asm+0x1a/0x30
[  427.336339][ T5832]  </TASK>
[  427.336486][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  427.370314][ T5870] usb 1-1: can't set config #13, error -71
[  427.373608][ T5832] Bluetooth: hci4: failed to register connection device
[  427.393861][ T5870] usb 1-1: USB disconnect, device number 111
[  427.400157][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  427.969648][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  427.969676][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  427.969688][ T5832] Workqueue: hci4 hci_rx_work
[  427.969714][ T5832] Call Trace:
[  427.969722][ T5832]  <TASK>
[  427.969730][ T5832]  dump_stack_lvl+0x189/0x250
[  427.969756][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  427.969776][ T5832]  ? __pfx__printk+0x10/0x10
[  427.969800][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  427.969816][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  427.969837][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  427.969856][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  427.969884][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  427.969913][ T5832]  kobject_add_internal+0x59f/0xb70
[  427.969945][ T5832]  kobject_add+0x155/0x220
[  427.969971][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  427.969993][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  427.970012][ T5832]  ? get_device_parent+0x366/0x3a0
[  427.970038][ T5832]  device_add+0x408/0xb80
[  427.970064][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  427.970089][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  427.970117][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  427.970143][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  427.970170][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  427.970191][ T5832]  ? skb_pull_data+0xfb/0x200
[  427.970216][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  427.970236][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  427.970258][ T5832]  hci_event_packet+0x78f/0x1260
[  427.970286][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  427.970306][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  427.970332][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  427.970355][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  427.970379][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  427.970401][ T5832]  hci_rx_work+0x3ee/0x1060
[  427.970434][ T5832]  ? process_one_work+0x868/0x15e0
[  427.970453][ T5832]  process_one_work+0x93a/0x15e0
[  427.970471][ T5832]  ? __lock_acquire+0xab9/0xd20
[  427.970508][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  427.970533][ T5832]  ? assign_work+0x3a1/0x410
[  427.970559][ T5832]  worker_thread+0x9b0/0xee0
[  427.970603][ T5832]  kthread+0x711/0x8a0
[  427.970632][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  427.970650][ T5832]  ? __pfx_kthread+0x10/0x10
[  427.970674][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  427.970694][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  427.970712][ T5832]  ? __pfx_kthread+0x10/0x10
[  427.970735][ T5832]  ret_from_fork+0x599/0xb30
[  427.970757][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  427.970786][ T5832]  ? __switch_to_asm+0x39/0x70
[  427.970809][ T5832]  ? __switch_to_asm+0x33/0x70
[  427.970831][ T5832]  ? __pfx_kthread+0x10/0x10
[  427.970857][ T5832]  ret_from_fork_asm+0x1a/0x30
[  427.970895][ T5832]  </TASK>
[  427.970921][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  428.063641][T10663] udevd[10663]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[  428.065799][ T5832] Bluetooth: hci4: failed to register connection device
[  428.281654][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  428.291040][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  428.291067][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  428.291080][ T5832] Workqueue: hci4 hci_rx_work
[  428.291110][ T5832] Call Trace:
[  428.291118][ T5832]  <TASK>
[  428.291127][ T5832]  dump_stack_lvl+0x189/0x250
[  428.291155][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  428.291178][ T5832]  ? __pfx__printk+0x10/0x10
[  428.291203][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  428.291218][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  428.291237][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  428.291256][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  428.291282][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  428.291307][ T5832]  kobject_add_internal+0x59f/0xb70
[  428.291339][ T5832]  kobject_add+0x155/0x220
[  428.291366][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  428.291389][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  428.291410][ T5832]  ? get_device_parent+0x366/0x3a0
[  428.291436][ T5832]  device_add+0x408/0xb80
[  428.291459][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  428.291484][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  428.291512][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  428.291527][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  428.291554][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  428.291574][ T5832]  ? skb_pull_data+0xfb/0x200
[  428.291598][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  428.291619][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  428.291640][ T5832]  hci_event_packet+0x78f/0x1260
[  428.291665][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  428.291684][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  428.291709][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  428.291731][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  428.291754][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  428.291774][ T5832]  hci_rx_work+0x3ee/0x1060
[  428.291805][ T5832]  ? process_one_work+0x868/0x15e0
[  428.291833][ T5832]  process_one_work+0x93a/0x15e0
[  428.291850][ T5832]  ? __lock_acquire+0xab9/0xd20
[  428.291886][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  428.291913][ T5832]  ? assign_work+0x3a1/0x410
[  428.291937][ T5832]  worker_thread+0x9b0/0xee0
[  428.291979][ T5832]  kthread+0x711/0x8a0
[  428.292006][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  428.292026][ T5832]  ? __pfx_kthread+0x10/0x10
[  428.292055][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  428.292076][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  428.292095][ T5832]  ? __pfx_kthread+0x10/0x10
[  428.292119][ T5832]  ret_from_fork+0x599/0xb30
[  428.292139][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  428.292168][ T5832]  ? __switch_to_asm+0x39/0x70
[  428.292190][ T5832]  ? __switch_to_asm+0x33/0x70
[  428.292210][ T5832]  ? __pfx_kthread+0x10/0x10
[  428.292231][ T5832]  ret_from_fork_asm+0x1a/0x30
[  428.292268][ T5832]  </TASK>
[  428.292297][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  428.591446][ T5832] Bluetooth: hci4: failed to register connection device
[  428.599000][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  428.608429][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  428.608454][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  428.608467][ T5832] Workqueue: hci4 hci_rx_work
[  428.608496][ T5832] Call Trace:
[  428.608504][ T5832]  <TASK>
[  428.608512][ T5832]  dump_stack_lvl+0x189/0x250
[  428.608541][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  428.608564][ T5832]  ? __pfx__printk+0x10/0x10
[  428.608594][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  428.608612][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  428.608635][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  428.608657][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  428.608686][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  428.608718][ T5832]  kobject_add_internal+0x59f/0xb70
[  428.608753][ T5832]  kobject_add+0x155/0x220
[  428.608784][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  428.608809][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  428.608833][ T5832]  ? get_device_parent+0x366/0x3a0
[  428.608863][ T5832]  device_add+0x408/0xb80
[  428.608894][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  428.608922][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  428.608951][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  428.608968][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  428.608999][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  428.609021][ T5832]  ? skb_pull_data+0xfb/0x200
[  428.609048][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  428.609070][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  428.609103][ T5832]  hci_event_packet+0x78f/0x1260
[  428.609132][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  428.609154][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  428.609182][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  428.609206][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  428.609231][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  428.609255][ T5832]  hci_rx_work+0x3ee/0x1060
[  428.609291][ T5832]  ? process_one_work+0x868/0x15e0
[  428.609310][ T5832]  process_one_work+0x93a/0x15e0
[  428.609328][ T5832]  ? __lock_acquire+0xab9/0xd20
[  428.609369][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  428.609397][ T5832]  ? assign_work+0x3a1/0x410
[  428.609422][ T5832]  worker_thread+0x9b0/0xee0
[  428.609470][ T5832]  kthread+0x711/0x8a0
[  428.609497][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  428.609517][ T5832]  ? __pfx_kthread+0x10/0x10
[  428.609543][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  428.609563][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  428.609604][ T5832]  ? __pfx_kthread+0x10/0x10
[  428.609630][ T5832]  ret_from_fork+0x599/0xb30
[  428.609653][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  428.609684][ T5832]  ? __switch_to_asm+0x39/0x70
[  428.609707][ T5832]  ? __switch_to_asm+0x33/0x70
[  428.609729][ T5832]  ? __pfx_kthread+0x10/0x10
[  428.609754][ T5832]  ret_from_fork_asm+0x1a/0x30
[  428.609795][ T5832]  </TASK>
[  428.609824][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  428.666196][ T5965] usb 5-1: new high-speed USB device number 57 using dummy_hcd
[  428.822913][ T5965] usb 5-1: Using ep0 maxpacket: 16
[  428.841643][ T5832] Bluetooth: hci4: failed to register connection device
[  428.918870][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  428.928292][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  428.928320][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  428.928333][ T5832] Workqueue: hci4 hci_rx_work
[  428.928361][ T5832] Call Trace:
[  428.928368][ T5832]  <TASK>
[  428.928376][ T5832]  dump_stack_lvl+0x189/0x250
[  428.928406][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  428.928429][ T5832]  ? __pfx__printk+0x10/0x10
[  428.928457][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  428.928473][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  428.928492][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  428.928514][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  428.928538][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  428.928567][ T5832]  kobject_add_internal+0x59f/0xb70
[  428.928602][ T5832]  kobject_add+0x155/0x220
[  428.928632][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  428.928657][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  428.928681][ T5832]  ? get_device_parent+0x366/0x3a0
[  428.928710][ T5832]  device_add+0x408/0xb80
[  428.928738][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  428.928776][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  428.928806][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  428.928825][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  428.928855][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  428.928878][ T5832]  ? skb_pull_data+0xfb/0x200
[  428.928907][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  428.928928][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  428.928952][ T5832]  hci_event_packet+0x78f/0x1260
[  428.928982][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  428.929004][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  428.929030][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  428.929055][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  428.929081][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  428.929105][ T5832]  hci_rx_work+0x3ee/0x1060
[  428.929141][ T5832]  ? process_one_work+0x868/0x15e0
[  428.929160][ T5832]  process_one_work+0x93a/0x15e0
[  428.929177][ T5832]  ? __lock_acquire+0xab9/0xd20
[  428.929219][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  428.929249][ T5832]  ? assign_work+0x3a1/0x410
[  428.929273][ T5832]  worker_thread+0x9b0/0xee0
[  428.929320][ T5832]  kthread+0x711/0x8a0
[  428.929348][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  428.929367][ T5832]  ? __pfx_kthread+0x10/0x10
[  428.929391][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  428.929411][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  428.929430][ T5832]  ? __pfx_kthread+0x10/0x10
[  428.929454][ T5832]  ret_from_fork+0x599/0xb30
[  428.929477][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  428.929507][ T5832]  ? __switch_to_asm+0x39/0x70
[  428.929529][ T5832]  ? __switch_to_asm+0x33/0x70
[  428.929551][ T5832]  ? __pfx_kthread+0x10/0x10
[  428.929575][ T5832]  ret_from_fork_asm+0x1a/0x30
[  428.929617][ T5832]  </TASK>
[  428.929645][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  428.956314][ T5965] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  428.957509][ T5832] Bluetooth: hci4: failed to register connection device
[  428.957861][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  428.960629][ T5965] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  428.965286][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  428.965309][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  428.965322][ T5832] Workqueue: hci4 hci_rx_work
[  428.965349][ T5832] Call Trace:
[  428.965357][ T5832]  <TASK>
[  428.965366][ T5832]  dump_stack_lvl+0x189/0x250
[  428.965395][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  428.965418][ T5832]  ? __pfx__printk+0x10/0x10
[  428.965447][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  428.965464][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  428.965483][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  428.965503][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  428.965530][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  428.965559][ T5832]  kobject_add_internal+0x59f/0xb70
[  428.965594][ T5832]  kobject_add+0x155/0x220
[  428.965622][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  428.965646][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  428.965670][ T5832]  ? get_device_parent+0x366/0x3a0
[  428.965699][ T5832]  device_add+0x408/0xb80
[  428.965727][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  428.965755][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  428.965798][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  428.965816][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  428.965846][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  428.965868][ T5832]  ? skb_pull_data+0xfb/0x200
[  428.965894][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  428.965915][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  428.965939][ T5832]  hci_event_packet+0x78f/0x1260
[  428.965965][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  428.965986][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  428.966011][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  428.966035][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  428.966059][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  428.966082][ T5832]  hci_rx_work+0x3ee/0x1060
[  428.966117][ T5832]  ? process_one_work+0x868/0x15e0
[  428.966135][ T5832]  process_one_work+0x93a/0x15e0
[  428.966152][ T5832]  ? __lock_acquire+0xab9/0xd20
[  428.966191][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  428.966218][ T5832]  ? assign_work+0x3a1/0x410
[  428.966242][ T5832]  worker_thread+0x9b0/0xee0
[  428.966287][ T5832]  kthread+0x711/0x8a0
[  428.966313][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  428.966332][ T5832]  ? __pfx_kthread+0x10/0x10
[  428.966357][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  428.966376][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  428.966396][ T5832]  ? __pfx_kthread+0x10/0x10
[  428.966419][ T5832]  ret_from_fork+0x599/0xb30
[  428.966442][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  428.966470][ T5832]  ? __switch_to_asm+0x39/0x70
[  428.966492][ T5832]  ? __switch_to_asm+0x33/0x70
[  428.966513][ T5832]  ? __pfx_kthread+0x10/0x10
[  428.966536][ T5832]  ret_from_fork_asm+0x1a/0x30
[  428.966575][ T5832]  </TASK>
[  428.966604][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  429.118366][ T5965] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  429.122949][ T5832] Bluetooth: hci4: failed to register connection device
[  429.123308][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  429.150302][ T5965] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.151966][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  429.151995][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  429.152009][ T5832] Workqueue: hci4 hci_rx_work
[  429.152037][ T5832] Call Trace:
[  429.152046][ T5832]  <TASK>
[  429.152054][ T5832]  dump_stack_lvl+0x189/0x250
[  429.152080][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  429.152102][ T5832]  ? __pfx__printk+0x10/0x10
[  429.152130][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  429.152146][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  429.152169][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  429.152190][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  429.152217][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  429.152245][ T5832]  kobject_add_internal+0x59f/0xb70
[  429.152279][ T5832]  kobject_add+0x155/0x220
[  429.152307][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  429.152332][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  429.152359][ T5832]  ? get_device_parent+0x366/0x3a0
[  429.152387][ T5832]  device_add+0x408/0xb80
[  429.152416][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  429.152443][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  429.152473][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  429.152490][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  429.152519][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  429.152539][ T5832]  ? skb_pull_data+0xfb/0x200
[  429.152566][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  429.152586][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  429.152610][ T5832]  hci_event_packet+0x78f/0x1260
[  429.152637][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  429.152658][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  429.152685][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  429.152708][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  429.152733][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  429.152755][ T5832]  hci_rx_work+0x3ee/0x1060
[  429.152790][ T5832]  ? process_one_work+0x868/0x15e0
[  429.152808][ T5832]  process_one_work+0x93a/0x15e0
[  429.152825][ T5832]  ? __lock_acquire+0xab9/0xd20
[  429.152864][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  429.152892][ T5832]  ? assign_work+0x3a1/0x410
[  429.152915][ T5832]  worker_thread+0x9b0/0xee0
[  429.152959][ T5832]  kthread+0x711/0x8a0
[  429.152985][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  429.153011][ T5832]  ? __pfx_kthread+0x10/0x10
[  429.153035][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  429.153055][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  429.153075][ T5832]  ? __pfx_kthread+0x10/0x10
[  429.153099][ T5832]  ret_from_fork+0x599/0xb30
[  429.153121][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  429.153151][ T5832]  ? __switch_to_asm+0x39/0x70
[  429.153172][ T5832]  ? __switch_to_asm+0x33/0x70
[  429.153193][ T5832]  ? __pfx_kthread+0x10/0x10
[  429.153216][ T5832]  ret_from_fork_asm+0x1a/0x30
[  429.153256][ T5832]  </TASK>
[  429.154129][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  429.237810][ T5965] usb 5-1: Product: syz
[  429.254764][ T5870] usb 3-1: USB disconnect, device number 117
[  429.263621][    C0] xpad 3-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  429.872958][    C0] xpad 3-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  429.917209][ T5832] Bluetooth: hci4: failed to register connection device
[  429.924631][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  429.934271][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  429.934298][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  429.934311][ T5832] Workqueue: hci4 hci_rx_work
[  429.934340][ T5832] Call Trace:
[  429.934349][ T5832]  <TASK>
[  429.934357][ T5832]  dump_stack_lvl+0x189/0x250
[  429.934387][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  429.934411][ T5832]  ? __pfx__printk+0x10/0x10
[  429.934439][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  429.934457][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  429.934480][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  429.934502][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  429.934532][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  429.934562][ T5832]  kobject_add_internal+0x59f/0xb70
[  429.934597][ T5832]  kobject_add+0x155/0x220
[  429.934627][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  429.934651][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  429.934675][ T5832]  ? get_device_parent+0x366/0x3a0
[  429.934701][ T5832]  device_add+0x408/0xb80
[  429.934729][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  429.934757][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  429.934787][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  429.934805][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  429.934835][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  429.934858][ T5832]  ? skb_pull_data+0xfb/0x200
[  429.934893][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  429.934912][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  429.934933][ T5832]  hci_event_packet+0x78f/0x1260
[  429.934963][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  429.934984][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  429.935008][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  429.935031][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  429.935051][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  429.935070][ T5832]  hci_rx_work+0x3ee/0x1060
[  429.935102][ T5832]  ? process_one_work+0x868/0x15e0
[  429.935118][ T5832]  process_one_work+0x93a/0x15e0
[  429.935135][ T5832]  ? __lock_acquire+0xab9/0xd20
[  429.935170][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  429.935195][ T5832]  ? assign_work+0x3a1/0x410
[  429.935218][ T5832]  worker_thread+0x9b0/0xee0
[  429.935266][ T5832]  kthread+0x711/0x8a0
[  429.935289][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  429.935306][ T5832]  ? __pfx_kthread+0x10/0x10
[  429.935330][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  429.935347][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  429.935366][ T5832]  ? __pfx_kthread+0x10/0x10
[  429.935389][ T5832]  ret_from_fork+0x599/0xb30
[  429.935410][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  429.935437][ T5832]  ? __switch_to_asm+0x39/0x70
[  429.935460][ T5832]  ? __switch_to_asm+0x33/0x70
[  429.935481][ T5832]  ? __pfx_kthread+0x10/0x10
[  429.935506][ T5832]  ret_from_fork_asm+0x1a/0x30
[  429.935546][ T5832]  </TASK>
[  429.935575][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  430.012810][ T5965] usb 5-1: Manufacturer: syz
[  430.032203][ T5832] Bluetooth: hci4: failed to register connection device
[  430.040476][ T5965] usb 5-1: SerialNumber: syz
[  430.044669][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  430.060806][ T5965] usb 5-1: can't set config #1, error -71
[  430.065902][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  430.065927][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  430.065941][ T5832] Workqueue: hci4 hci_rx_work
[  430.065971][ T5832] Call Trace:
[  430.065978][ T5832]  <TASK>
[  430.065987][ T5832]  dump_stack_lvl+0x189/0x250
[  430.066016][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  430.066039][ T5832]  ? __pfx__printk+0x10/0x10
[  430.066067][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  430.066085][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  430.066107][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  430.066128][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  430.066156][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  430.066186][ T5832]  kobject_add_internal+0x59f/0xb70
[  430.066220][ T5832]  kobject_add+0x155/0x220
[  430.066249][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  430.066273][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  430.066297][ T5832]  ? get_device_parent+0x366/0x3a0
[  430.066326][ T5832]  device_add+0x408/0xb80
[  430.066354][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  430.066381][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  430.066411][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  430.066428][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  430.066457][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  430.066478][ T5832]  ? skb_pull_data+0xfb/0x200
[  430.066505][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  430.066526][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  430.066548][ T5832]  hci_event_packet+0x78f/0x1260
[  430.066576][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  430.066596][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  430.066630][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  430.066655][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  430.066681][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  430.066706][ T5832]  hci_rx_work+0x3ee/0x1060
[  430.066741][ T5832]  ? process_one_work+0x868/0x15e0
[  430.066759][ T5832]  process_one_work+0x93a/0x15e0
[  430.066776][ T5832]  ? __lock_acquire+0xab9/0xd20
[  430.066816][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  430.066843][ T5832]  ? assign_work+0x3a1/0x410
[  430.066867][ T5832]  worker_thread+0x9b0/0xee0
[  430.066913][ T5832]  kthread+0x711/0x8a0
[  430.066938][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  430.066957][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.066982][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  430.067002][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  430.067021][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.067044][ T5832]  ret_from_fork+0x599/0xb30
[  430.067066][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  430.067095][ T5832]  ? __switch_to_asm+0x39/0x70
[  430.067116][ T5832]  ? __switch_to_asm+0x33/0x70
[  430.067137][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.067161][ T5832]  ret_from_fork_asm+0x1a/0x30
[  430.067201][ T5832]  </TASK>
[  430.067233][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  430.082357][ T5965] usb 5-1: USB disconnect, device number 57
[  430.088740][ T5832] Bluetooth: hci4: failed to register connection device
[  430.264354][T14338] __nla_validate_parse: 1 callbacks suppressed
[  430.264373][T14338] netlink: 104 bytes leftover after parsing attributes in process `syz.1.3004'.
[  430.275155][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  430.483660][T14349] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3003'.
[  430.488248][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  430.488273][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  430.488286][ T5832] Workqueue: hci4 hci_rx_work
[  430.488315][ T5832] Call Trace:
[  430.488323][ T5832]  <TASK>
[  430.488333][ T5832]  dump_stack_lvl+0x189/0x250
[  430.488361][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  430.488383][ T5832]  ? __pfx__printk+0x10/0x10
[  430.488411][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  430.488429][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  430.488451][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  430.488472][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  430.488501][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  430.488530][ T5832]  kobject_add_internal+0x59f/0xb70
[  430.488564][ T5832]  kobject_add+0x155/0x220
[  430.488605][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  430.488630][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  430.488654][ T5832]  ? get_device_parent+0x366/0x3a0
[  430.488684][ T5832]  device_add+0x408/0xb80
[  430.488711][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  430.488739][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  430.488769][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  430.488786][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  430.488815][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  430.488836][ T5832]  ? skb_pull_data+0xfb/0x200
[  430.488863][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  430.488884][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  430.488907][ T5832]  hci_event_packet+0x78f/0x1260
[  430.488934][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  430.488955][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  430.488982][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  430.489005][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  430.489029][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  430.489053][ T5832]  hci_rx_work+0x3ee/0x1060
[  430.489087][ T5832]  ? process_one_work+0x868/0x15e0
[  430.489105][ T5832]  process_one_work+0x93a/0x15e0
[  430.489122][ T5832]  ? __lock_acquire+0xab9/0xd20
[  430.489161][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  430.489190][ T5832]  ? assign_work+0x3a1/0x410
[  430.489212][ T5832]  worker_thread+0x9b0/0xee0
[  430.489258][ T5832]  kthread+0x711/0x8a0
[  430.489284][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  430.489303][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.489327][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  430.489347][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  430.489367][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.489390][ T5832]  ret_from_fork+0x599/0xb30
[  430.489411][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  430.489440][ T5832]  ? __switch_to_asm+0x39/0x70
[  430.489461][ T5832]  ? __switch_to_asm+0x33/0x70
[  430.489482][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.489505][ T5832]  ret_from_fork_asm+0x1a/0x30
[  430.489546][ T5832]  </TASK>
[  430.489573][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  430.492572][   T10] usb 1-1: new high-speed USB device number 112 using dummy_hcd
[  430.497703][ T5832] Bluetooth: hci4: failed to register connection device
[  430.631636][ T5965] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  430.635916][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  430.653926][   T10] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  430.657712][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  430.657735][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  430.657748][ T5832] Workqueue: hci4 hci_rx_work
[  430.657777][ T5832] Call Trace:
[  430.657786][ T5832]  <TASK>
[  430.657796][ T5832]  dump_stack_lvl+0x189/0x250
[  430.657832][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  430.657855][ T5832]  ? __pfx__printk+0x10/0x10
[  430.657883][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  430.657901][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  430.657923][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  430.657943][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  430.657971][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  430.658001][ T5832]  kobject_add_internal+0x59f/0xb70
[  430.658035][ T5832]  kobject_add+0x155/0x220
[  430.658065][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  430.658089][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  430.658113][ T5832]  ? get_device_parent+0x366/0x3a0
[  430.658142][ T5832]  device_add+0x408/0xb80
[  430.658170][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  430.658197][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  430.658227][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  430.658244][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  430.658273][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  430.658294][ T5832]  ? skb_pull_data+0xfb/0x200
[  430.658321][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  430.658342][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  430.658365][ T5832]  hci_event_packet+0x78f/0x1260
[  430.658393][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  430.658414][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  430.658441][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  430.658465][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  430.658489][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  430.658513][ T5832]  hci_rx_work+0x3ee/0x1060
[  430.658547][ T5832]  ? process_one_work+0x868/0x15e0
[  430.658565][ T5832]  process_one_work+0x93a/0x15e0
[  430.658582][ T5832]  ? __lock_acquire+0xab9/0xd20
[  430.658622][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  430.658649][ T5832]  ? assign_work+0x3a1/0x410
[  430.658673][ T5832]  worker_thread+0x9b0/0xee0
[  430.658718][ T5832]  kthread+0x711/0x8a0
[  430.658745][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  430.658763][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.658788][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  430.658807][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  430.658832][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.658856][ T5832]  ret_from_fork+0x599/0xb30
[  430.658878][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  430.658908][ T5832]  ? __switch_to_asm+0x39/0x70
[  430.658929][ T5832]  ? __switch_to_asm+0x33/0x70
[  430.658950][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.658973][ T5832]  ret_from_fork_asm+0x1a/0x30
[  430.659014][ T5832]  </TASK>
[  430.659052][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  430.688103][   T10] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  430.688367][ T5832] Bluetooth: hci4: failed to register connection device
[  430.711593][   T10] usb 1-1: config 0 interface 0 has no altsetting 0
[  430.714257][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  430.729010][   T10] usb 1-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00
[  430.730586][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  430.730608][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  430.730622][ T5832] Workqueue: hci4 hci_rx_work
[  430.730650][ T5832] Call Trace:
[  430.730660][ T5832]  <TASK>
[  430.730668][ T5832]  dump_stack_lvl+0x189/0x250
[  430.730695][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  430.730718][ T5832]  ? __pfx__printk+0x10/0x10
[  430.730746][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  430.730763][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  430.730785][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  430.730805][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  430.730842][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  430.730872][ T5832]  kobject_add_internal+0x59f/0xb70
[  430.730907][ T5832]  kobject_add+0x155/0x220
[  430.730937][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  430.730961][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  430.730985][ T5832]  ? get_device_parent+0x366/0x3a0
[  430.731013][ T5832]  device_add+0x408/0xb80
[  430.731041][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  430.731068][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  430.731098][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  430.731115][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  430.731144][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  430.731166][ T5832]  ? skb_pull_data+0xfb/0x200
[  430.731192][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  430.731213][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  430.731236][ T5832]  hci_event_packet+0x78f/0x1260
[  430.731264][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  430.731285][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  430.731311][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  430.731333][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  430.731358][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  430.731382][ T5832]  hci_rx_work+0x3ee/0x1060
[  430.731416][ T5832]  ? process_one_work+0x868/0x15e0
[  430.731433][ T5832]  process_one_work+0x93a/0x15e0
[  430.731451][ T5832]  ? __lock_acquire+0xab9/0xd20
[  430.731495][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  430.731522][ T5832]  ? assign_work+0x3a1/0x410
[  430.731545][ T5832]  worker_thread+0x9b0/0xee0
[  430.731590][ T5832]  kthread+0x711/0x8a0
[  430.731617][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  430.731635][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.731659][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  430.731679][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  430.731699][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.731722][ T5832]  ret_from_fork+0x599/0xb30
[  430.731743][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  430.731773][ T5832]  ? __switch_to_asm+0x39/0x70
[  430.731795][ T5832]  ? __switch_to_asm+0x33/0x70
[  430.731821][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.731845][ T5832]  ret_from_fork_asm+0x1a/0x30
[  430.731885][ T5832]  </TASK>
[  430.731968][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  430.761699][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.763934][ T5832] Bluetooth: hci4: failed to register connection device
[  430.788995][ T5965] usb 2-1: Using ep0 maxpacket: 32
[  430.790549][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  430.800496][ T5965] usb 2-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.01
[  430.804490][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  430.804516][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  430.804528][ T5832] Workqueue: hci4 hci_rx_work
[  430.804557][ T5832] Call Trace:
[  430.804565][ T5832]  <TASK>
[  430.804574][ T5832]  dump_stack_lvl+0x189/0x250
[  430.804599][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  430.804621][ T5832]  ? __pfx__printk+0x10/0x10
[  430.804649][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  430.804667][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  430.804690][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  430.804710][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  430.804738][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  430.804768][ T5832]  kobject_add_internal+0x59f/0xb70
[  430.804801][ T5832]  kobject_add+0x155/0x220
[  430.804841][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  430.804867][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  430.804892][ T5832]  ? get_device_parent+0x366/0x3a0
[  430.804921][ T5832]  device_add+0x408/0xb80
[  430.804950][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  430.804978][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  430.805007][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  430.805025][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  430.805055][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  430.805076][ T5832]  ? skb_pull_data+0xfb/0x200
[  430.805103][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  430.805124][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  430.805148][ T5832]  hci_event_packet+0x78f/0x1260
[  430.805176][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  430.805197][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  430.805224][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  430.805247][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  430.805273][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  430.805296][ T5832]  hci_rx_work+0x3ee/0x1060
[  430.805331][ T5832]  ? process_one_work+0x868/0x15e0
[  430.805349][ T5832]  process_one_work+0x93a/0x15e0
[  430.805367][ T5832]  ? __lock_acquire+0xab9/0xd20
[  430.805406][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  430.805434][ T5832]  ? assign_work+0x3a1/0x410
[  430.805458][ T5832]  worker_thread+0x9b0/0xee0
[  430.805503][ T5832]  kthread+0x711/0x8a0
[  430.805529][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  430.805548][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.805572][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  430.805592][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  430.805611][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.805635][ T5832]  ret_from_fork+0x599/0xb30
[  430.805656][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  430.805686][ T5832]  ? __switch_to_asm+0x39/0x70
[  430.805708][ T5832]  ? __switch_to_asm+0x33/0x70
[  430.805729][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.805752][ T5832]  ret_from_fork_asm+0x1a/0x30
[  430.805793][ T5832]  </TASK>
[  430.805829][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  430.839692][   T10] usb 1-1: config 0 descriptor??
[  430.841380][ T5832] Bluetooth: hci4: failed to register connection device
[  430.860841][ T5965] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.866214][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  430.917704][ T5965] usb 2-1: config 0 descriptor??
[  430.919047][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  430.919068][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  430.919080][ T5832] Workqueue: hci4 hci_rx_work
[  430.919110][ T5832] Call Trace:
[  430.919117][ T5832]  <TASK>
[  430.919126][ T5832]  dump_stack_lvl+0x189/0x250
[  430.919155][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  430.919178][ T5832]  ? __pfx__printk+0x10/0x10
[  430.919204][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  430.919222][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  430.919245][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  430.919267][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  430.919296][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  430.919326][ T5832]  kobject_add_internal+0x59f/0xb70
[  430.919360][ T5832]  kobject_add+0x155/0x220
[  430.919390][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  430.919414][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  430.919438][ T5832]  ? get_device_parent+0x366/0x3a0
[  430.919467][ T5832]  device_add+0x408/0xb80
[  430.919495][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  430.919522][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  430.919551][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  430.919569][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  430.919598][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  430.919619][ T5832]  ? skb_pull_data+0xfb/0x200
[  430.919646][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  430.919667][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  430.919691][ T5832]  hci_event_packet+0x78f/0x1260
[  430.919718][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  430.919739][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  430.919765][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  430.919797][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  430.919823][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  430.919848][ T5832]  hci_rx_work+0x3ee/0x1060
[  430.919883][ T5832]  ? process_one_work+0x868/0x15e0
[  430.919902][ T5832]  process_one_work+0x93a/0x15e0
[  430.919920][ T5832]  ? __lock_acquire+0xab9/0xd20
[  430.919961][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  430.919988][ T5832]  ? assign_work+0x3a1/0x410
[  430.920012][ T5832]  worker_thread+0x9b0/0xee0
[  430.920058][ T5832]  kthread+0x711/0x8a0
[  430.920084][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  430.920102][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.920127][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  430.920146][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  430.920166][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.920190][ T5832]  ret_from_fork+0x599/0xb30
[  430.920211][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  430.920240][ T5832]  ? __switch_to_asm+0x39/0x70
[  430.920262][ T5832]  ? __switch_to_asm+0x33/0x70
[  430.920283][ T5832]  ? __pfx_kthread+0x10/0x10
[  430.920306][ T5832]  ret_from_fork_asm+0x1a/0x30
[  430.920347][ T5832]  </TASK>
[  430.920376][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  431.005125][ T5965] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[  431.007144][ T5832] Bluetooth: hci4: failed to register connection device
[  431.059374][ T5965] input: xirlink-cit as /devices/platform/dummy_hcd.1/usb2/2-1/input/input54
[  431.068332][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  431.264755][ T5965] usb 2-1: USB disconnect, device number 6
[  431.275993][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  431.276020][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  431.276034][ T5832] Workqueue: hci4 hci_rx_work
[  431.276064][ T5832] Call Trace:
[  431.276072][ T5832]  <TASK>
[  431.276081][ T5832]  dump_stack_lvl+0x189/0x250
[  431.276109][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  431.276132][ T5832]  ? __pfx__printk+0x10/0x10
[  431.276159][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  431.276177][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  431.276198][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  431.276219][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  431.276248][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  431.276277][ T5832]  kobject_add_internal+0x59f/0xb70
[  431.276311][ T5832]  kobject_add+0x155/0x220
[  431.276340][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  431.276365][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  431.276388][ T5832]  ? get_device_parent+0x366/0x3a0
[  431.276417][ T5832]  device_add+0x408/0xb80
[  431.276446][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  431.276472][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  431.276502][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  431.276520][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  431.276548][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  431.276570][ T5832]  ? skb_pull_data+0xfb/0x200
[  431.276596][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  431.276617][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  431.276640][ T5832]  hci_event_packet+0x78f/0x1260
[  431.276667][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  431.276687][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  431.276714][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  431.276737][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  431.276762][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  431.276793][ T5832]  hci_rx_work+0x3ee/0x1060
[  431.276829][ T5832]  ? process_one_work+0x868/0x15e0
[  431.276848][ T5832]  process_one_work+0x93a/0x15e0
[  431.276866][ T5832]  ? __lock_acquire+0xab9/0xd20
[  431.276905][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  431.276932][ T5832]  ? assign_work+0x3a1/0x410
[  431.276956][ T5832]  worker_thread+0x9b0/0xee0
[  431.277000][ T5832]  kthread+0x711/0x8a0
[  431.277027][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  431.277046][ T5832]  ? __pfx_kthread+0x10/0x10
[  431.277070][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  431.277090][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  431.277110][ T5832]  ? __pfx_kthread+0x10/0x10
[  431.277133][ T5832]  ret_from_fork+0x599/0xb30
[  431.277155][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  431.277184][ T5832]  ? __switch_to_asm+0x39/0x70
[  431.277205][ T5832]  ? __switch_to_asm+0x33/0x70
[  431.277226][ T5832]  ? __pfx_kthread+0x10/0x10
[  431.277250][ T5832]  ret_from_fork_asm+0x1a/0x30
[  431.277290][ T5832]  </TASK>
[  431.277318][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  431.320169][T14339] netlink: 256 bytes leftover after parsing attributes in process `syz.0.3001'.
[  431.323351][ T5832] Bluetooth: hci4: failed to register connection device
[  431.427372][T14362] random: crng reseeded on system resumption
[  431.434605][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  431.479869][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  431.479892][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  431.479904][ T5832] Workqueue: hci4 hci_rx_work
[  431.479931][ T5832] Call Trace:
[  431.479939][ T5832]  <TASK>
[  431.479947][ T5832]  dump_stack_lvl+0x189/0x250
[  431.479973][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  431.479994][ T5832]  ? __pfx__printk+0x10/0x10
[  431.480020][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  431.480038][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  431.480058][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  431.480077][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  431.480105][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  431.480136][ T5832]  kobject_add_internal+0x59f/0xb70
[  431.480172][ T5832]  kobject_add+0x155/0x220
[  431.480200][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  431.480225][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  431.480249][ T5832]  ? get_device_parent+0x366/0x3a0
[  431.480278][ T5832]  device_add+0x408/0xb80
[  431.480306][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  431.480334][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  431.480363][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  431.480380][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  431.480409][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  431.480431][ T5832]  ? skb_pull_data+0xfb/0x200
[  431.480457][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  431.480479][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  431.480502][ T5832]  hci_event_packet+0x78f/0x1260
[  431.480529][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  431.480548][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  431.480575][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  431.480598][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  431.480623][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  431.480646][ T5832]  hci_rx_work+0x3ee/0x1060
[  431.480681][ T5832]  ? process_one_work+0x868/0x15e0
[  431.480699][ T5832]  process_one_work+0x93a/0x15e0
[  431.480716][ T5832]  ? __lock_acquire+0xab9/0xd20
[  431.480756][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  431.480792][ T5832]  ? assign_work+0x3a1/0x410
[  431.480817][ T5832]  worker_thread+0x9b0/0xee0
[  431.480863][ T5832]  kthread+0x711/0x8a0
[  431.480891][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  431.480910][ T5832]  ? __pfx_kthread+0x10/0x10
[  431.480936][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  431.480956][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  431.480975][ T5832]  ? __pfx_kthread+0x10/0x10
[  431.480999][ T5832]  ret_from_fork+0x599/0xb30
[  431.481021][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  431.481055][ T5832]  ? __switch_to_asm+0x39/0x70
[  431.481076][ T5832]  ? __switch_to_asm+0x33/0x70
[  431.481096][ T5832]  ? __pfx_kthread+0x10/0x10
[  431.481120][ T5832]  ret_from_fork_asm+0x1a/0x30
[  431.481161][ T5832]  </TASK>
[  431.481260][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  431.548713][ T5832] Bluetooth: hci4: failed to register connection device
[  431.587374][   T10] uclogic 0003:145F:0212.001F: interface is invalid, ignoring
[  431.589614][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  431.600192][ T5832] CPU: 1 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  431.600216][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  431.600236][ T5832] Workqueue: hci4 hci_rx_work
[  431.600262][ T5832] Call Trace:
[  431.600271][ T5832]  <TASK>
[  431.600278][ T5832]  dump_stack_lvl+0x189/0x250
[  431.600305][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  431.600328][ T5832]  ? __pfx__printk+0x10/0x10
[  431.600354][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  431.600372][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  431.600394][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  431.600414][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  431.600443][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  431.600472][ T5832]  kobject_add_internal+0x59f/0xb70
[  431.600505][ T5832]  kobject_add+0x155/0x220
[  431.600534][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  431.600559][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  431.600581][ T5832]  ? get_device_parent+0x366/0x3a0
[  431.600610][ T5832]  device_add+0x408/0xb80
[  431.600638][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  431.600665][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  431.600696][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  431.600713][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  431.600742][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  431.600772][ T5832]  ? skb_pull_data+0xfb/0x200
[  431.600799][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  431.600820][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  431.600844][ T5832]  hci_event_packet+0x78f/0x1260
[  431.600872][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  431.600893][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  431.600919][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  431.600944][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  431.600967][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  431.600994][ T5832]  hci_rx_work+0x3ee/0x1060
[  431.601030][ T5832]  ? process_one_work+0x868/0x15e0
[  431.601047][ T5832]  process_one_work+0x93a/0x15e0
[  431.601064][ T5832]  ? __lock_acquire+0xab9/0xd20
[  431.601104][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  431.601132][ T5832]  ? assign_work+0x3a1/0x410
[  431.601156][ T5832]  worker_thread+0x9b0/0xee0
[  431.601201][ T5832]  kthread+0x711/0x8a0
[  431.601227][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  431.601246][ T5832]  ? __pfx_kthread+0x10/0x10
[  431.601270][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  431.601289][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  431.601308][ T5832]  ? __pfx_kthread+0x10/0x10
[  431.601331][ T5832]  ret_from_fork+0x599/0xb30
[  431.601353][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  431.601382][ T5832]  ? __switch_to_asm+0x39/0x70
[  431.601403][ T5832]  ? __switch_to_asm+0x33/0x70
[  431.601423][ T5832]  ? __pfx_kthread+0x10/0x10
[  431.601448][ T5832]  ret_from_fork_asm+0x1a/0x30
[  431.601487][ T5832]  </TASK>
[  431.601589][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  431.659368][ T5832] Bluetooth: hci4: failed to register connection device
[  431.915833][T14366] nbd: socks must be embedded in a SOCK_ITEM attr
[  431.940532][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  431.952882][ T5870] usb 1-1: USB disconnect, device number 112
[  431.966277][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  431.966304][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  431.966316][ T5832] Workqueue: hci4 hci_rx_work
[  431.966347][ T5832] Call Trace:
[  431.966355][ T5832]  <TASK>
[  431.966364][ T5832]  dump_stack_lvl+0x189/0x250
[  431.966392][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  431.966415][ T5832]  ? __pfx__printk+0x10/0x10
[  431.966443][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  431.966461][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  431.966491][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  431.966513][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  431.966542][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  431.966572][ T5832]  kobject_add_internal+0x59f/0xb70
[  431.966605][ T5832]  kobject_add+0x155/0x220
[  431.966635][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  431.966659][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  431.966683][ T5832]  ? get_device_parent+0x366/0x3a0
[  431.966711][ T5832]  device_add+0x408/0xb80
[  431.966739][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  431.966766][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  431.966796][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  431.966812][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  431.966842][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  431.966863][ T5832]  ? skb_pull_data+0xfb/0x200
[  431.966889][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  431.966910][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  431.966932][ T5832]  hci_event_packet+0x78f/0x1260
[  431.966957][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  431.966976][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  431.967002][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  431.967025][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  431.967049][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  431.967072][ T5832]  hci_rx_work+0x3ee/0x1060
[  431.967104][ T5832]  ? process_one_work+0x868/0x15e0
[  431.967121][ T5832]  process_one_work+0x93a/0x15e0
[  431.967139][ T5832]  ? __lock_acquire+0xab9/0xd20
[  431.967178][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  431.967206][ T5832]  ? assign_work+0x3a1/0x410
[  431.967229][ T5832]  worker_thread+0x9b0/0xee0
[  431.967274][ T5832]  kthread+0x711/0x8a0
[  431.967300][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  431.967319][ T5832]  ? __pfx_kthread+0x10/0x10
[  431.967343][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  431.967363][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  431.967382][ T5832]  ? __pfx_kthread+0x10/0x10
[  431.967405][ T5832]  ret_from_fork+0x599/0xb30
[  431.967451][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  431.967486][ T5832]  ? __switch_to_asm+0x39/0x70
[  431.967508][ T5832]  ? __switch_to_asm+0x33/0x70
[  431.967530][ T5832]  ? __pfx_kthread+0x10/0x10
[  431.967554][ T5832]  ret_from_fork_asm+0x1a/0x30
[  431.967595][ T5832]  </TASK>
[  431.967623][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  431.980111][T14366] netlink: 64 bytes leftover after parsing attributes in process `syz.1.3010'.
[  431.983829][ T5832] Bluetooth: hci4: failed to register connection device
[  431.993473][T14366] block nbd0: not configured, cannot reconfigure
[  432.003033][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  432.833024][ T5870] usb 1-1: new high-speed USB device number 113 using dummy_hcd
[  433.000452][ T5870] usb 1-1: Using ep0 maxpacket: 16
[  433.080589][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  433.080622][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  433.080635][ T5832] Workqueue: hci4 hci_rx_work
[  433.080664][ T5832] Call Trace:
[  433.080672][ T5832]  <TASK>
[  433.080681][ T5832]  dump_stack_lvl+0x189/0x250
[  433.080710][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  433.080733][ T5832]  ? __pfx__printk+0x10/0x10
[  433.080761][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  433.080779][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  433.080802][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  433.080822][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  433.080852][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  433.080882][ T5832]  kobject_add_internal+0x59f/0xb70
[  433.080917][ T5832]  kobject_add+0x155/0x220
[  433.080947][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  433.080973][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  433.080997][ T5832]  ? get_device_parent+0x366/0x3a0
[  433.081026][ T5832]  device_add+0x408/0xb80
[  433.081055][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  433.081083][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  433.081114][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  433.081131][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  433.081161][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  433.081183][ T5832]  ? skb_pull_data+0xfb/0x200
[  433.081211][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  433.081232][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  433.081256][ T5832]  hci_event_packet+0x78f/0x1260
[  433.081284][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  433.081305][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  433.081332][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  433.081358][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  433.081382][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  433.081403][ T5832]  hci_rx_work+0x3ee/0x1060
[  433.081436][ T5832]  ? process_one_work+0x868/0x15e0
[  433.081453][ T5832]  process_one_work+0x93a/0x15e0
[  433.081472][ T5832]  ? __lock_acquire+0xab9/0xd20
[  433.081511][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  433.081538][ T5832]  ? assign_work+0x3a1/0x410
[  433.081562][ T5832]  worker_thread+0x9b0/0xee0
[  433.081614][ T5832]  kthread+0x711/0x8a0
[  433.081641][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  433.081661][ T5832]  ? __pfx_kthread+0x10/0x10
[  433.081686][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  433.081707][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  433.081727][ T5832]  ? __pfx_kthread+0x10/0x10
[  433.081751][ T5832]  ret_from_fork+0x599/0xb30
[  433.081774][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  433.081804][ T5832]  ? __switch_to_asm+0x39/0x70
[  433.081826][ T5832]  ? __switch_to_asm+0x33/0x70
[  433.081848][ T5832]  ? __pfx_kthread+0x10/0x10
[  433.081873][ T5832]  ret_from_fork_asm+0x1a/0x30
[  433.081914][ T5832]  </TASK>
[  433.082063][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  433.098887][ T5870] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  433.107227][ T5832] Bluetooth: hci4: failed to register connection device
[  433.109495][ T5870] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  433.127279][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  433.192700][ T5870] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  433.204544][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  433.204572][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  433.204585][ T5832] Workqueue: hci4 hci_rx_work
[  433.204622][ T5832] Call Trace:
[  433.204631][ T5832]  <TASK>
[  433.204640][ T5832]  dump_stack_lvl+0x189/0x250
[  433.204668][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  433.204691][ T5832]  ? __pfx__printk+0x10/0x10
[  433.204718][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  433.204736][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  433.204757][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  433.204778][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  433.204806][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  433.204836][ T5832]  kobject_add_internal+0x59f/0xb70
[  433.204869][ T5832]  kobject_add+0x155/0x220
[  433.204897][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  433.204922][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  433.204946][ T5832]  ? get_device_parent+0x366/0x3a0
[  433.204974][ T5832]  device_add+0x408/0xb80
[  433.205002][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  433.205029][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  433.205059][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  433.205075][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  433.205105][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  433.205127][ T5832]  ? skb_pull_data+0xfb/0x200
[  433.205153][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  433.205173][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  433.205197][ T5832]  hci_event_packet+0x78f/0x1260
[  433.205225][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  433.205246][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  433.205272][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  433.205296][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  433.205321][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  433.205345][ T5832]  hci_rx_work+0x3ee/0x1060
[  433.205379][ T5832]  ? process_one_work+0x868/0x15e0
[  433.205397][ T5832]  process_one_work+0x93a/0x15e0
[  433.205414][ T5832]  ? __lock_acquire+0xab9/0xd20
[  433.205453][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  433.205480][ T5832]  ? assign_work+0x3a1/0x410
[  433.205504][ T5832]  worker_thread+0x9b0/0xee0
[  433.205550][ T5832]  kthread+0x711/0x8a0
[  433.205575][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  433.205603][ T5832]  ? __pfx_kthread+0x10/0x10
[  433.205628][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  433.205649][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  433.205669][ T5832]  ? __pfx_kthread+0x10/0x10
[  433.205693][ T5832]  ret_from_fork+0x599/0xb30
[  433.205715][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  433.205745][ T5832]  ? __switch_to_asm+0x39/0x70
[  433.205767][ T5832]  ? __switch_to_asm+0x33/0x70
[  433.205788][ T5832]  ? __pfx_kthread+0x10/0x10
[  433.205812][ T5832]  ret_from_fork_asm+0x1a/0x30
[  433.205853][ T5832]  </TASK>
[  433.205880][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  433.284107][ T5870] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  433.290508][ T5832] Bluetooth: hci4: failed to register connection device
[  433.327441][ T5870] usb 1-1: Product: syz
[  433.331718][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  433.347800][ T5870] usb 1-1: Manufacturer: syz
[  433.353279][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  433.353304][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  433.353318][ T5832] Workqueue: hci4 hci_rx_work
[  433.353345][ T5832] Call Trace:
[  433.353354][ T5832]  <TASK>
[  433.353362][ T5832]  dump_stack_lvl+0x189/0x250
[  433.353392][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  433.353415][ T5832]  ? __pfx__printk+0x10/0x10
[  433.353445][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  433.353464][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  433.353486][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  433.353507][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  433.353529][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  433.353557][ T5832]  kobject_add_internal+0x59f/0xb70
[  433.353601][ T5832]  kobject_add+0x155/0x220
[  433.353632][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  433.353657][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  433.353681][ T5832]  ? get_device_parent+0x366/0x3a0
[  433.353710][ T5832]  device_add+0x408/0xb80
[  433.353755][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  433.353782][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  433.353812][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  433.353830][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  433.353861][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  433.353883][ T5832]  ? skb_pull_data+0xfb/0x200
[  433.353909][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  433.353929][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  433.353953][ T5832]  hci_event_packet+0x78f/0x1260
[  433.353980][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  433.354000][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  433.354027][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  433.354050][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  433.354075][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  433.354098][ T5832]  hci_rx_work+0x3ee/0x1060
[  433.354133][ T5832]  ? process_one_work+0x868/0x15e0
[  433.354151][ T5832]  process_one_work+0x93a/0x15e0
[  433.354169][ T5832]  ? __lock_acquire+0xab9/0xd20
[  433.354208][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  433.354236][ T5832]  ? assign_work+0x3a1/0x410
[  433.354259][ T5832]  worker_thread+0x9b0/0xee0
[  433.354304][ T5832]  kthread+0x711/0x8a0
[  433.354330][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  433.354348][ T5832]  ? __pfx_kthread+0x10/0x10
[  433.354373][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  433.354392][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  433.354411][ T5832]  ? __pfx_kthread+0x10/0x10
[  433.354435][ T5832]  ret_from_fork+0x599/0xb30
[  433.354457][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  433.354486][ T5832]  ? __switch_to_asm+0x39/0x70
[  433.354507][ T5832]  ? __switch_to_asm+0x33/0x70
[  433.354528][ T5832]  ? __pfx_kthread+0x10/0x10
[  433.354552][ T5832]  ret_from_fork_asm+0x1a/0x30
[  433.354599][ T5832]  </TASK>
[  433.354628][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  433.419922][ T5870] usb 1-1: SerialNumber: syz
[  433.425011][ T5832] Bluetooth: hci4: failed to register connection device
[  433.569273][T14381] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3016'.
[  433.576544][ T5832] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:0'
[  433.697700][ T5870] usb 1-1: 0:2 : does not exist
[  433.699546][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  433.699575][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  433.699589][ T5832] Workqueue: hci4 hci_rx_work
[  433.699618][ T5832] Call Trace:
[  433.699627][ T5832]  <TASK>
[  433.699635][ T5832]  dump_stack_lvl+0x189/0x250
[  433.699665][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  433.699688][ T5832]  ? __pfx__printk+0x10/0x10
[  433.699715][ T5832]  ? kernfs_path_from_node+0x250/0x290
[  433.699733][ T5832]  ? kernfs_path_from_node+0x2f/0x290
[  433.699754][ T5832]  sysfs_create_dir_ns+0x259/0x280
[  433.699775][ T5832]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  433.699808][ T5832]  ? do_raw_spin_unlock+0x122/0x240
[  433.699838][ T5832]  kobject_add_internal+0x59f/0xb70
[  433.699871][ T5832]  kobject_add+0x155/0x220
[  433.699901][ T5832]  ? __pfx_kobject_add+0x10/0x10
[  433.699924][ T5832]  ? _raw_spin_unlock+0x28/0x50
[  433.699948][ T5832]  ? get_device_parent+0x366/0x3a0
[  433.699977][ T5832]  device_add+0x408/0xb80
[  433.700005][ T5832]  hci_conn_add_sysfs+0xd5/0x210
[  433.700031][ T5832]  le_conn_complete_evt+0xf1d/0x1420
[  433.700062][ T5832]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  433.700078][ T5832]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  433.700108][ T5832]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  433.700129][ T5832]  ? skb_pull_data+0xfb/0x200
[  433.700156][ T5832]  hci_le_enh_conn_complete_evt+0x189/0x4a0
[  433.700177][ T5832]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  433.700200][ T5832]  hci_event_packet+0x78f/0x1260
[  433.700227][ T5832]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  433.700248][ T5832]  ? __pfx_hci_event_packet+0x10/0x10
[  433.700275][ T5832]  ? kcov_remote_start+0x4d3/0x810
[  433.700299][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  433.700323][ T5832]  ? hci_send_to_monitor+0xe2/0x590
[  433.700346][ T5832]  hci_rx_work+0x3ee/0x1060
[  433.700381][ T5832]  ? process_one_work+0x868/0x15e0
[  433.700399][ T5832]  process_one_work+0x93a/0x15e0
[  433.700416][ T5832]  ? __lock_acquire+0xab9/0xd20
[  433.700455][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  433.700483][ T5832]  ? assign_work+0x3a1/0x410
[  433.700507][ T5832]  worker_thread+0x9b0/0xee0
[  433.700553][ T5832]  kthread+0x711/0x8a0
[  433.700587][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  433.700606][ T5832]  ? __pfx_kthread+0x10/0x10
[  433.700631][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  433.700651][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  433.700671][ T5832]  ? __pfx_kthread+0x10/0x10
[  433.700695][ T5832]  ret_from_fork+0x599/0xb30
[  433.700717][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  433.700746][ T5832]  ? __switch_to_asm+0x39/0x70
[  433.700767][ T5832]  ? __switch_to_asm+0x33/0x70
[  433.700788][ T5832]  ? __pfx_kthread+0x10/0x10
[  433.700812][ T5832]  ret_from_fork_asm+0x1a/0x30
[  433.700852][ T5832]  </TASK>
[  433.701018][ T5832] kobject: kobject_add_internal failed for hci4:0 with -EEXIST, don't try to register things with the same name in the same directory.
[  433.753263][ T5870] usb 1-1: 5:0: failed to get current value for ch 0 (-22)
[  433.753776][ T5832] Bluetooth: hci4: failed to register connection device
[  433.841198][ T5870] usb 1-1: USB disconnect, device number 113
[  433.844474][ T5832] Bluetooth: hci4: unexpected event 0x06 length: 4 > 3
[  433.971297][T10663] udevd[10663]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  433.976552][ T5832] ------------[ cut here ]------------
[  434.085822][T14389] syzkaller1: entered promiscuous mode
[  434.086096][ T5832] WARNING: net/bluetooth/hci_conn.c:567 at hci_conn_timeout+0xff/0x2d0, CPU#0: kworker/u9:3/5832
[  434.092238][T14389] syzkaller1: entered allmulticast mode
[  434.095774][ T5832] Modules linked in:
[  434.095874][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  434.095896][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  434.095908][ T5832] Workqueue: hci4 hci_conn_timeout
[  434.095937][ T5832] RIP: 0010:hci_conn_timeout+0xff/0x2d0
[  434.095960][ T5832] Code: 48 89 df e8 83 77 09 00 eb 07 e8 ac 33 61 f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 27 bb fe ff e8 92 33 61 f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[  434.319637][ T6714] usb 5-1: new high-speed USB device number 58 using dummy_hcd
[  434.323787][ T5832] RSP: 0018:ffffc900040dfa50 EFLAGS: 00010293
[  434.499561][ T6714] usb 5-1: Using ep0 maxpacket: 32
[  434.501568][ T5832] 
[  434.507389][ T6714] usb 5-1: New USB device found, idVendor=0545, idProduct=8080, bcdDevice= 3.01
[  434.518446][ T5832] RAX: ffffffff8a60e9be RBX: ffff888034f90000 RCX: ffff88807bdbdb80
[  434.518470][ T5832] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[  434.518482][ T5832] RBP: 00000000ffffffff R08: ffff888034f90013 R09: 1ffff110069f2002
[  434.518496][ T5832] R10: dffffc0000000000 R11: ffffed10069f2003 R12: dffffc0000000000
[  434.518511][ T5832] R13: 1ffff1100f7b7c00 R14: ffff888034f90a40 R15: ffff888034f90010
[  434.518527][ T5832] FS:  0000000000000000(0000) GS:ffff888125a6e000(0000) knlGS:0000000000000000
[  434.518551][ T5832] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  434.518564][ T5832] CR2: 000055c08f088660 CR3: 00000000620b0000 CR4: 00000000003526f0
[  434.518581][ T5832] Call Trace:
[  434.518593][ T5832]  <TASK>
[  434.518609][ T5832]  ? process_one_work+0x868/0x15e0
[  434.518635][ T5832]  process_one_work+0x93a/0x15e0
[  434.518655][ T5832]  ? __lock_acquire+0xab9/0xd20
[  434.518738][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  434.550591][ T6714] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  434.554661][ T5832]  ? assign_work+0x3a1/0x410
[  434.585164][ T6714] usb 5-1: config 0 descriptor??
[  434.585209][ T5832]  worker_thread+0x9b0/0xee0
[  434.602903][ T6714] gspca_main: xirlink-cit-2.14.0 probing 0545:8080
[  434.605454][ T5832]  kthread+0x711/0x8a0
[  434.611500][ T5870] usb 1-1: new full-speed USB device number 114 using dummy_hcd
[  434.615966][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  434.640530][ T6714] input: xirlink-cit as /devices/platform/dummy_hcd.4/usb5/5-1/input/input55
[  434.643901][ T5832]  ? __pfx_kthread+0x10/0x10
[  434.759490][ T5870] usb 1-1: device descriptor read/64, error -71
[  434.761331][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  434.815907][ T6714] usb 5-1: USB disconnect, device number 58
[  434.818656][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  434.818687][ T5832]  ? __pfx_kthread+0x10/0x10
[  434.818720][ T5832]  ret_from_fork+0x599/0xb30
[  435.040930][ T5870] usb 1-1: new full-speed USB device number 115 using dummy_hcd
[  435.182720][ T5870] usb 1-1: device descriptor read/64, error -71
[  435.187241][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  435.210949][ T5832]  ? __switch_to_asm+0x39/0x70
[  435.215714][ T5832]  ? __switch_to_asm+0x33/0x70
[  435.220587][ T5832]  ? __pfx_kthread+0x10/0x10
[  435.225197][ T5832]  ret_from_fork_asm+0x1a/0x30
[  435.230091][ T5832]  </TASK>
[  435.233215][ T5832] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  435.240482][ T5832] CPU: 0 UID: 0 PID: 5832 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[  435.249921][ T5832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  435.259963][ T5832] Workqueue: hci4 hci_conn_timeout
[  435.265079][ T5832] Call Trace:
[  435.268350][ T5832]  <TASK>
[  435.271267][ T5832]  dump_stack_lvl+0x99/0x250
[  435.275853][ T5832]  ? __asan_memcpy+0x40/0x70
[  435.280442][ T5832]  ? __pfx_dump_stack_lvl+0x10/0x10
[  435.285643][ T5832]  ? __pfx__printk+0x10/0x10
[  435.290245][ T5832]  vpanic+0x237/0x6d0
[  435.294231][ T5832]  ? __pfx_vpanic+0x10/0x10
[  435.298718][ T5832]  ? is_bpf_text_address+0x26/0x2b0
[  435.303915][ T5832]  panic+0xb9/0xc0
[  435.307624][ T5832]  ? __pfx_panic+0x10/0x10
[  435.312034][ T5832]  __warn+0x318/0x4d0
[  435.316006][ T5832]  ? hci_conn_timeout+0xff/0x2d0
[  435.320966][ T5832]  ? hci_conn_timeout+0xff/0x2d0
[  435.325894][ T5832]  report_bug+0x2be/0x4f0
[  435.330233][ T5832]  ? hci_conn_timeout+0xff/0x2d0
[  435.335177][ T5832]  ? hci_conn_timeout+0xff/0x2d0
[  435.340142][ T5832]  ? hci_conn_timeout+0x101/0x2d0
[  435.345183][ T5832]  handle_bug+0x84/0x160
[  435.349431][ T5832]  exc_invalid_op+0x1a/0x50
[  435.353932][ T5832]  asm_exc_invalid_op+0x1a/0x20
[  435.358779][ T5832] RIP: 0010:hci_conn_timeout+0xff/0x2d0
[  435.364321][ T5832] Code: 48 89 df e8 83 77 09 00 eb 07 e8 ac 33 61 f7 b0 13 0f b6 f0 48 89 df 5b 41 5c 41 5e 41 5f 5d e9 27 bb fe ff e8 92 33 61 f7 90 <0f> 0b 90 eb 8c 44 89 f9 80 e1 07 80 c1 03 38 c1 0f 8c 31 ff ff ff
[  435.383920][ T5832] RSP: 0018:ffffc900040dfa50 EFLAGS: 00010293
[  435.389983][ T5832] RAX: ffffffff8a60e9be RBX: ffff888034f90000 RCX: ffff88807bdbdb80
[  435.397949][ T5832] RDX: 0000000000000000 RSI: 00000000ffffffff RDI: 0000000000000000
[  435.405909][ T5832] RBP: 00000000ffffffff R08: ffff888034f90013 R09: 1ffff110069f2002
[  435.414142][ T5832] R10: dffffc0000000000 R11: ffffed10069f2003 R12: dffffc0000000000
[  435.422107][ T5832] R13: 1ffff1100f7b7c00 R14: ffff888034f90a40 R15: ffff888034f90010
[  435.430083][ T5832]  ? hci_conn_timeout+0xfe/0x2d0
[  435.435029][ T5832]  ? process_one_work+0x868/0x15e0
[  435.440131][ T5832]  process_one_work+0x93a/0x15e0
[  435.445062][ T5832]  ? __lock_acquire+0xab9/0xd20
[  435.449921][ T5832]  ? __pfx_process_one_work+0x10/0x10
[  435.455292][ T5832]  ? assign_work+0x3a1/0x410
[  435.459875][ T5832]  worker_thread+0x9b0/0xee0
[  435.464473][ T5832]  kthread+0x711/0x8a0
[  435.468539][ T5832]  ? __pfx_worker_thread+0x10/0x10
[  435.473727][ T5832]  ? __pfx_kthread+0x10/0x10
[  435.478314][ T5832]  ? _raw_spin_unlock_irq+0x23/0x50
[  435.483507][ T5832]  ? lockdep_hardirqs_on+0x9c/0x150
[  435.488695][ T5832]  ? __pfx_kthread+0x10/0x10
[  435.493280][ T5832]  ret_from_fork+0x599/0xb30
[  435.497864][ T5832]  ? __pfx_ret_from_fork+0x10/0x10
[  435.502973][ T5832]  ? __switch_to_asm+0x39/0x70
[  435.507730][ T5832]  ? __switch_to_asm+0x33/0x70
[  435.512489][ T5832]  ? __pfx_kthread+0x10/0x10
[  435.517083][ T5832]  ret_from_fork_asm+0x1a/0x30
[  435.521854][ T5832]  </TASK>
[  435.525228][ T5832] Kernel Offset: disabled
[  435.529603][ T5832] Rebooting in 86400 seconds..