last executing test programs:

14.656991304s ago: executing program 2 (id=1864):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x20d})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
ftruncate(r0, 0x9)
io_setup(0x5, &(0x7f0000000740)=<r1=>0x0)
io_submit(r1, 0x4, &(0x7f0000000300)=[&(0x7f0000000840)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

14.483549916s ago: executing program 2 (id=1866):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020800000100000000000001000000000100140003"], 0x18}}, 0x0)
io_setup(0x8, &(0x7f0000000600)=<r0=>0x0)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000002740), 0x101002)
io_submit(r0, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, r1, &(0x7f00000000c0)="01", 0x24, 0xfeffffffffffffff}])

13.831635502s ago: executing program 2 (id=1871):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="7c000000000101040000000000000000020000002400018014000180080001000000000008000200ac1414000c0002800500010021000000240002800c000280050001000000000014000180080001"], 0x7c}}, 0x0)

13.567897863s ago: executing program 2 (id=1876):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1e7d, 0x319c, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x3, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r1, 0xc0502100, &(0x7f0000000380)={0x0, <r2=>0x0})
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
r3 = add_key$keyring(&(0x7f0000000080), &(0x7f00000000c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000100)='asymmetric\x00', 0x0, &(0x7f0000000140)="1081", 0xfffff, r3)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
r7 = dup(r6)
ioctl$KVM_SET_CPUID2(r7, 0x4008ae90, &(0x7f0000000180)=ANY=[@ANYBLOB="010000000000000001000080"])
ioctl$KVM_SET_MSRS(r7, 0xc008ae88, &(0x7f00000007c0)=ANY=[@ANYBLOB="3b00000000000000410101c0"])
r8 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r8, 0xc06864b8, &(0x7f0000000580)={0x0, 0x2000, 0x80, 0x3231564e, 0x2, [0x2], [0x2000], [], [0x9, 0x0, 0xffffffffffffffff]})
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r9, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r9, &(0x7f000000c3c0)={0x2020, 0x0, <r10=>0x0}, 0x2020)
write$FUSE_INIT(r9, &(0x7f0000000000)={0x50, 0x0, r10, {0x7, 0x1f, 0x0, 0x10000, 0x441}}, 0x50)
syz_fuse_handle_req(r9, &(0x7f000000e400)="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000141bdb7989c08b32000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000180000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f0ffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001f00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ed10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000889049938edebcd600", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r9, &(0x7f0000004140)="02f00c1d0dda83190c8b2969e5d107b997d557314c4da896298ff72343456d7ad8d0a3c9d50de42ef139d0d06f47aefa86d39e623e4983730bc4acd2a3453e9ce8ab83ca57bba44ef9418053978935925402ab801b6979708a525ed019908b34e02f859ad4fe7ea4a350535a413c192c59200cfe1146cfce7eecb4623aeba4b78d98a60a06859f115f185f5849bc4bf657cc34fdbd22e7093ab80cc806d17ca48f8eece4181c9ac3c9683567bd26348a00f13b4227b52da5dbbff4d3903749eb428bb6a464379db2f0332abbfe4d5a1d8f3175def20fd81e00e99af5cd23e1fe1a02affae45d2fcca7311570b269f073fc727285b6eeaacd862f40f1e5b84abec8f63212c89e4458c61ab5c32f7347d7d537d267708129701bdc744d35218ce52988699adf1e34f61493fd397296b4ca0aefbeeea873eff80fe26c0bf3c058ab0ae570ac08e3c53079d31669f34bee6d68b92398fe21c1d76a24d858af557d7723d27c0435f70fe46b18d17f3c207ad809bf3cf81c3074be87ba9d2beb513903109a9dae4a56576ae7bd3ecd4917a2f22c756f100eb0f3b48f3c506aa5d717b9683762e8d268ecddcf5121ab06300b1cf3586c910bf23de3defeedfcc1e899c899eb483c9b30cc56181f34937c70e9a2482ce13531bb80293f85fe080e722bb628b67a1cc9a9e7607313f0ce60a8f79fb0807139f503622c7cdfbdef26fc004897ca200a9b4328e0961a79e46ea7734a51d3c8930ff903d4779a48b338f43ba5d6b50f27f69802ffeb5473b15e66835035b7bf41489804e99eab0fc7579f569b1ba37151913454be46c6cb12b4e5f8c7a0a64c992fe18e07088d4ae91fbe6ef05d74d63173823bcd63948ebd29b70f144c7a03c951de8e3873623c14c4a99b52a9ad881206005e66f8588b0d73994cbfd6aefddbf8cec9622f948fe21287b38b9daf40c6ccb3feedf50f90e8f4da6a6bbc14b87e514cd976302e223a3c9165ec4b79f341908a97e13331582f39da15f2e9a6ea5a836bff4a42cd816f7f2028763bee37e7bbd0ccdf419edd48c55a6883825cb3373eb0b222187fdbf7a0dd4c862e9c658a5590c62b95b2467b155a87013ad20d47bfc8e8049f8bee091cb893b5d507772ccaadabf407a25647019312cad64b940137ceb603e9854a41d540649d52e5b2a39e7865ac1ab41cc1304712520e8e2827403b01dbee87b8b0caffa3c1bdd3b81538743a5422be517a5c679543282fdb46b29cf256a9d7e1c3dfb69c399db615e2e785d5a3cc719cafaa7973a542679b3185f5f86e4864637ececc4557a5465b05bfbdfe433546fe822d00f41b45c1473fe88d8a6911cd673f3d71518d3d3918ed766030448f01ad5e5ab66a6eac88720f7205491f9bd15d448172de258c865534b0dad6e607819aca86211254ecaafe4597af845c1c92098320dc14d1bae44486a02b8e81733a2be227acf940df9a2e717d9373a52a82ae0863af2320ec820fa8778b1e0123d41e6a79055adbe1b63da8e84ad6eb7906ab65b92c493a8150685dab1e2f2a16da54abe9cddf141dc41ea8a600a5e28bd8a342be318fa91d2e98c36a681c98f5676b27583d49f4948666c80f3b49b2ef6b71896e980c6cf93856d2dfb59cdeab1d8940296207d1f15cf75d7beb6f744fdb38f34e00148f48b3b92d65dab43f3514761864c693e6fdf1e08be74ec507d180301d419cf151901bf2bbc1245bedfe9f8b91f64c869d0741026acb0499a4a7cb167107f609141c349a7810d16b417727ded0decd32b4d48a624d027a3d057a9763ac5139adb0042d70caf9969c7a6bad7afe5d8a48d0e5726396d379a2bfaf957468748c9944bad2dcbefb1474a7d782b2e8e278a10dc6d6dc921476d661cea4439d8ba17c95c9189ef879b52a1889574f70c022b0cb973587a70e5d4147aaf1d1f58836540eb0824e73386d2c3a94d253b99d4532c97c2a75588c536cbc24e47088dfebf31ffc0cb23076bb2f515546b3721d8063e3b88d3a8ea196b88564f65e5f808eff5ab6a30095d6e0978a286b9d693a6053231d71dbf96967b5a2c6eec44117078851bab60718ff22a3e8c522fa8d85d6df1a816b62a557b47b05c5df626a47928523541c23e9f0a0a86515437bc0eb7b9b4b7bb866206e093fb4a5dba6ad9d2424d7fb2f8f220b00be734c781a91ad4555f2714c6c59588300ad47d3ecb86fae178609fe60d9f604be31c05cf3cf1edffb45cc2ce24ec44434107834c6335ac09e2e931b0a8c6cea5ddee3686ec9bf9ef6693fc85e36a7fe1146aa93da6f4dd5f36ab0dcbc28d29ddeb481d5d4f8a2817733a8dff3cb07ac1256bd43dab768c1661e4c8bd3ede3aa548f90424fea8e39c6d5d639b49b7b4da6a95700ac6d9f66bae43320ebe5add0c0cf5fb8a1482c60a21d1ed54ca7967bc22362ccad5c9aca0a7151b53546618500ab0a32151c7e61fc1cd7207f165449d4935337ac69259142d952d83e415bf39227224f208ccd4f6476804b7a9ed45f14f7414e36c9c1000ae4ff34e5ccfa224875c81bf30a73300a22c9dbba7770d0078ff37c965b2d9f97e50e64072d7db371fe4cd364e305f64c1fc70b682cde8fa865fdd7cefbc528f3177a67a4f31f3085ab385705a5008d7572b8f6690c07a9f0d8754614bf036d4efa96b09258cc43787df3259138f995a6d9dd13728fa1745c8e4af63e48853bc63106859defe07c53ead96f2bbd300ace2df4281ee764ba0c2234d4e0da8c0bce90ee74322d50a5653001a6706c8f4f315219bbc7fa42ee186ac031ae2a7f806e539f6d498514c3b657f6b6864ba1cc94879bc70ec199ce4124907bbaf5087280f9288a51f6d2849a2ad906aac9e98874fa678c66e0d71479f71d81aea11acca91b1a80e1517f6ce93d63deb7712a15232856db2e4e33b0c50f638c5c0b11fb81c4d9d1f4ba9914b8cdb1ee091b320db91850700a5ee1f8b837deaf3eac758b1aa03ceaf559cd87f5bea97897b97661746fd0e08713fd5fe42a87de04a2c9256571a14818750dc51d3c5190d8c2055860c0470309ebdbcdf1c050e0de01e6111bafd83eed68935fa61dea3dc55c278080935ee9d36233148dcc1ea0a3867ece386248ffb58ad2c198ef8ba29ea07983740e584daad92c62ec10c3dc16be4283bae22ed5e39a9821a29a40952950abf6b41732933950312719749ad06eee0c08eae0136eb4f16cee5ed167df66482ece475632dd25cc43782df12a8573492fa46da81b527213b098e3d9b0bfc9da02bde9c8f0672778cc418f4c0a113a513b358674de8b218fd3345ccf4179a9db6c0e1858e558e749036ea70c045d572ead75e60cf08fb26551741fdb86ff3c0bfcda029aecb789c9b8e27f360ce04159b9814674a3b5ac823546d4ac467ae878d2d4482e4d5bbf8945155410b8e7ec05619c3d6e254e30879f4dcc3d93b5c3e3f73230e2bb406accf83cc5a3f4b8388b851a98fafa03ddf392b9c0c5232445a313f440f158b20cbc34c29a0e36a062a10ec77d0bbeeba5771da4dfdf3654140f53e85d98f6a065850ff5afec907eddae8b7128ba9dd0821acc8511f3e3c68e9ef9da35df09315619ab781192a648baf254fd5f35cb650b7672a9a82f989bf2039961f68763e34db401c903a40a5ee9495b7011893639ed3c3b83998503905cdc1dcfbc223bec4cbb5e1459ec4bfc6eb14dec0741e2364eb9cd9d988013ae2740b722704d99576f897aca6b3d5c34a057d8a5f51c1bce080936a21fe214c3516c6edda99c4fd104e033fb553839a386fa74549921ff4216589dfee205fec1031e121bb58ede2fad12805785abedd162396e11d36dcdb1993853eefb6e1c8c72afecf98969db8216da5276e347a327c60ec97865e2397127198151feeb9e0e6268fa6e88c50ec8d681450e642fc01455fa216f9835d6e309f9e4b5129a2a56db042f0c0486a47033b52f59513094864c0c6c313c7edebebc28db44679c3544e93375c80cb782763f37d85eba6c0bae5934875444245d467de5d6a463443933ae95400f88441d70891e6455f73356717f68e408b0cf91f0deb9aabce6c1cbb1459d8095433a1e08039132fb8ec30687f856e524ca8ba00b6a20225da41bfd260fa214c26de5844246d44ac5ee2af44f158da1f55188277161d7158fcb97b1e37ff3088cad7e79e78b19c7440ae76356f0b094f928a61e9195fe87a0330baa29dc5e1370abc024577a521ad224074f5ee52c30326e2d1e87044b2027232ac28ba099e211a7b33df9fb6d2fd662b7d38a14c40538dcad133f4f75ce114cf8e583f74d2d5251547541af0236aa59075263e2611fc807ff898163c56ef01e7454da2a6000ac229530ea7bf1eb75529d3c98e6f7fbf3d4cba327ed5cdcb83df0c11fbead1de4ec3ac5c2cb8dda8591f4c316e23a0668ca25149f8a55a47649daf9e40f784319e8b901e70a8a31bb4f8c0a86a4999bdfcb0e9f297e753bdb2a275ef98a92b8dbab2d6eedc06ce92502ae7ae76f6b13264ba41e717f8257e34bf1ba512b335d5d178d74742cc0ec6e7b16942095cde010cd90b5c8a158b65fc51d958a96a7d20446c1fd8d1b0fc9f2de8f404a80b504098dc68e2c60b0f43ab538cba0ca5409dacfbdff2267374775605dce498514ee7b32a7f55452986b12dc6178d6a926dfbac6bbdcc051d0cd54bc3aca47bd665e01bf1f050f7903f031197594c513ce5ba931e2819f5bb63c5238c19c1be9f4d9668e5c075804fd43ea60f0ab9f00e06683b8e29379a9326b40e8fe05161adf1cb519c31ecebcb042ed1fbb4b9f1b12470bef6e964855baaff5a7dd6146f07caa8097c778bd10e5ce995884d1f3b91962a7974d84de6157d3f54735d5b82e11e6fc000874ecd396114c693ce2297caf7a9c6a6814a890e4d74e17a16339ba103c0d2da87e522ed67cd23047c7d9bd1562234aec98b85ad4534522cca58ee17ccb9c8fe7cd68ad3d6d6e0edbb550ec957772ee1109d501ab76e364a988e02e6b4a5b62f72e61fa7cc6120d12414d3c8ea09bfaac8e806d19dd76f940b769863d200861e44c72bfd870005f6663a7a6d1d60ac1e376806293d5143968d37af14301c9d6506985eb7bdd607dfa4d3cb5cb058019cc5502c534d3a5a1337bbf6306184230cc21e3ef7744b839cd82fc6347316e098e05ced0f25b9cf5721f2d003bdb4e0a79eff90ec4aacd6afbb78ca6f129cd16c8b2f3aefb5a2036951db7ebb40d36723a75723b3d1011e6085493664bf5d336c5cb4079ae1ca2412c53c464831844c27f089ffe345a2029118672b2fd2a24c72f9088dc5f92cc5f3bcd6c7359f52d32ea15172e95af7e6c81c52f20995877cafed48dd49762701c88c225bbffbbc3160d838957588fc2d41efab4148bc961e8d66b5b21e7eb4228a132d61a1c9f6e2baf7430d92478a3948fca4e10594167ca5e72678189cb4e90a0b0e45caada64d15010d73157cd8b4d04099ecefb1ed187d673d1bd33f13dbe4b44d351a34738280f21a79b3146b0071a0924e643c1dffe0d8c72b3bdcc00f203153f63c249f18e0e9e7ed1c0237411893832fc5be40d308b194bb04a17e38f0717a0808058b7291d20b6f0f1e5ba11e2351d985138c61806b41ea5a77ef80feb1f6f7383000e97549487f1bc9c3b5e8ccb6ed7ab8e08b258c75d5aad2a01fe8b5777ef5c7ec1eb3feca16dabf8eb50312f8786d5018d7bb7c9776f028af7b3423af3410696587f3feba823e5e3ccacfeb23fd4359c252b2ab5136d2fa7a6633758b5c45099f70a672999329eba1c89f07af0eb7c3fea5ac468ce042d699b6f391eaccadcf6d14e97c620a5eff7d92946f09d79d31cc876da261182a73a3234d5e53709185680c8b5376e4d8445fe4fff988062f23e42e4b7908ec079a840f0be839062074c22c44b7f4c4b23be2b6656abbb103acc0bd5058e0112a7d55cdce5042a76fe24ba5e9a1105c68dab94dddd44cc6c860172847f20e6ebc49787ed8ca19824b09468933ae9a496e960b7c592e783b6a5f10a9d9c2265794c5891ae7eb9cca9b3f99981a252d522047b95fdb518fe681829948a9d329b9cc7cb2f806ee81a3c930c73c8f12a05b47f1470ff08d5a03f37dacc1e4a7f65563f8825f9ffc316c2ed7a5ea434cab348c850d1b8eaaa0ab2ef7460269aef06f9c46a1957575cee49e1aa72d470dc9763b4abd61d34693e462353c1d023249bb7085f1362ec6bab9d349633d5f9637e6a12690e502f8af9c2d37a3f573411595539c66e9f82d5b39c01606af258e769b2391c3cd0bb0d93eaa36e168136b301d516724ecb173a0766ea9e9d5be5dcbf58e0322261e584d22594cfac91d16bcf38b8cb69e022b0956fb4be2981a526bb1832749ea1f7b188dce590927620ad9d6162ea52bbdbd14b45ff967f183c1af4269dc16a1be7b0b5278ec02a259aed022039e70a9c1456997fc1d053b1ab54238d8282dd11b68b806c745a257a7c0fcfad3277245b1f7749243f457121b3d17122f27be6b1c56e9bc151f52db66c92246072ca4e5d10619a6730b1609f133b5db1f2b0bb4a86dee2c44a6e25299ee74b99eeab5f195728aa45dc7bd300bccb48819bd40b12152b40e1395ac25d8b0cd1ae12b9cd46a8e54f495cca85a680cd43f70f55505f1a72c030dcebbb2e5b26ec971cd58c76ee67d86fe075bcad475658f1cdf09c94bcb5b4db83b3147882f65f67921267f8471d8deb7b159761c83fb9547db71b6878a21287aef6a2e01134e735c073645d2488138f280754ddf66cf8c0208e51a96696e185120a6b84a73d2c9bfbfa9e501f1126b44c491ec437a0b490cbcec5e8e0e0c21f803354d2d1923fe82509706ab34eb03101dded5f6421a6b90dea3db643a22eee1549e30d44184bbe7b842a656b91184ebbea76d00942b429dc07c704750fcab290c43bfdd2aed8257c21312933a11a76d0be361753a49ccbad5fab68eef867e11fa99a1d8021218809c0ce0bd52bed2d5c97fff7283e549afee371b7f1b3973ebebcf11f9687c7086129ada7bc09bca2da4fc02c0af28aa043f3f2c1e02dadfbc3a245dfd2e30e6050e05388006852e871b6890ddc006072d1a062978240df6166ba6ccb732195f21bec579d3d2b3f13e818e9fac77be72152fd441f6ab772b7fd3f888a91f8420f336e5a69e36dfdcc23b066506167960dcd1e5c84d4f236bb83f8daf03007d86d5b34aee798755077dea9b4faf98daa725cc3ab671b3b2b95c193530e0d018309a460a518878ee82e8495622028383ee97fe6a0111521b9a60fe51011bd0c62ee11e7a3dc5a0e8e8b82e476e752f63c5ba75a32e7b5b40d8ed1f539b3262351ce42d1bbcae0371ca72790ca4deff1441404f072947970ed3f23894e6c894c9fc7644c4082188b1ac8ef1e5c045bf438b9b81c7333859fcd071100785e14568c784ca30c4aea8a728a7796a201aa1b65a9355cf368b440498c433414141aaeaf722b9ee70b7cd28a3c2beb61ed99b619a4486b4b7210fe5b1cffa4474421b41303f6de7432874327532cbaecd0e1e9e90f00cf03161e9748807f3728e947c1ce281f3417a3a162deb2d01a5aa330e95b5624769d278aabfdfe6e8089c62ee1c26be5c121cfef2fcb549c1671497a05c2a397f5090caf6913fb39f01a095d55d33ae31d36bf223cd506ef2eaa48b1729c2dbdd7cf84bd1c2d0ebed7b6487991de616517c4e53665e60e6bbf559dd5cddd5eb88087fe6d0e2632f10b9e0f653bafbf992f55dd2592bea82a9a5958ae3e767bcf2c50b691e33dab8d2b1b2fb33419b5dae945a7d4a0169ec64817cc02b02139d7f70bfb42516c913311b42323cca46e690467c894a26ea624432b3c536f48ad569d56d8bf131048f81c0bf77460bf7acdf513087bcca1366bbfd05136ab5456f7e99f545f343eebf57299bfb4ef4a3af05357037e7080ba36084505eaa7339fc981cb99e381c3456d3de6cec5c5dc76427b13db53c9bfe516577b51411602146929e08c8762e6c99325a00242bd15f511f25eed7aac3537aca0407c70f362a0583fa10bb259f758feca1edb4f8adff7626bbf67fa0d940bb773d1afd523033b25107fe02161faa7a2bfcd629e58d681be5e980f8d563daac8532bc747a4242fa539416bfedf38cd8e3aab1764102c87627308abc41f6ebf8f03126d26ef90c10f0dd0fb5be22ee794fffb3ef0537f640b92c2ec335ff99422fe5fa41467e1a95fdc98e13881e1912f73afb489f237acfa971f6f64d9dc0066552167ebad1a7797412998a748d3b236e41ee5a8c223a1fa033389dfd2beb582987344db19988096e3bc0c44c8fcc4ef4a1d60b3991a5e3eb08d476c6dbdef30ce2b7f84de6925e28eed23daafe6be895d9b9c055519f9f3dd5c67cfafb5138380f581ec2bcd15c415087c85c32db56fd589883d3f1c81d56fe2436e910bc873596d4fc5abe0046e00934912f70c028c41390091988fe9fc46df6f10edb697bd1408486860fb6e77c76b4778a151769be25d891c1bde084ddcf964a7d3e528fb39835d8a003ee95e31f7c6c8f22e2d97454b8bff0450f6d9d3f3066041f19aa7e99cd00bcdb238e493912ffa5992eaa0c10dc4e0c4277ad8b5b9be74f72a0b2b89cb5df3ff6e06d84b4db052a1846a2b8284d49c0562f561dde8fe38bde79afa4eb12095c9fcfb9805ff76db4c63f2c737bb97117f880284feac51aeb26e21071a8770cffb4670fb94894c5b7cb6b60c3cc6a0e04458371bf59669f07be5517d5aafd2485aac11e29332bc9c0d9aab851d40aa713665be691c1887ed057e63bdb4da732f70dfe503a009c6c431d6780559273215a222228082dbe613d2dc235908927b1693adf812ddd267d1f7b64abc5e174b057e550c60d5b4e5f4aed8fe16dc5ecd7d7fbc3647efe8abbd9f2ce4f21a14d2e76af8a0551d99f1d35cfee6a068f521af0340750658b415685ae99459744c3b29e24f70977ca21e8638045a3dcb88556904f4cdb31920b89dadc5b846d7a1306d1f86d179e1f611d0c061146e3df0aac42cc6710231d844e167a57b99f68ca174152d088d5af232d5d4e186f026dbd0fff228e7de1ce0e5d28f439e94b6cf106306a740071a03ee25387d1c0b2da3b24dfbbbf078458e3db1c42d1c369b3f57946cfba615151c118e5bc31d43f9621bc30ab6fca226285c50eaca6daedb148d0c4acf1d9691e875338221074630d9ac117fc704b06da6b595f9906681f5a598d0308da0d56e45a216860a3acbb2e00376d2931a21695239a8216347d39f649c0d990191a62a32563cc967a03e606ada7dc76e67a1e867ace9e05e8a27d96987b93eec3cbce6c8c4021ef2a7a862bcb49b2450c63802c41bbfd8ae9f3c9a55a570470c41a9ac7ec88c83d5c1f2c9342b30ab09e50271a7be04feedf85abac9efaf1422a045f6383886d3014c6436c7986f264d119b1f8aec8c67be8147feebbb94266c009d98db54dcfd9b6f275f13c210d10d808b55cb558faaa2a89f90023fb7aff01dcd6143c7fb985e286ae7bcd521916794ac148bf85ef14d8a54fe91739a4b0c3bfa4e77d70ebe0bd187364be48953bbcbb220dd43f2e9382d430dd0baf069b6e3fa46d696317b4b0dc030c7edf27c416f33082ae1b0b13290580b5c513adb90fd373af0403f268521fcad12940dec7f0532aff0f78813416cf965937f7ca0eaeee97dcf7a7ec603b892ba55801a6637ff1a8e4d99bbb969ae06bfadc232f131b19cece7b8c998d6c57b9b68d2252d7e543091583b67b868c8dc079c1c95294c5e039c637b1a02e58d614fdb79f3f08a29f9f90ba09370675ac1b071f07bbf97e48d3e3d102590c2fc4ccf5354c088f41f1abe507901a1b5e246c88f81e297a2876182669b16f1be10e68f3bc66c7e20f34ea5a5252ea013f71ef78931ea4e99f5ee9e4761cc3f773eb02fce9065c333eb58da334a67525d9f885747aeeb3193c3e6b60e037b7006435be7bf1eb5ac592e288984885b5f9781a900885c59ee235785501ab93d73ce758aba261f5cf1d732246096412a0a9334fc113b1fdedd0a15961a252479a91a889dd312a4fe44a49a5c8f3364740e2c84ad375226b0a8070d6e5f316320c6f33461e7c32395c60b531aef2690da2ce0a965df38756c26be257f62e89404ce58a62846e11ae30490ed476a484c5b798d0c67cbd795b7e02d460fc1be0dbf85180fbc7d650c14cc86cfe65259fde8d330ff96a175c49ccdca9dcc9886dcfdd763a8ac7bf4c02cec7ca5f808406a9a04ea18cab07febdb8f1f65e987de2cf830ed782ee590f857385f3514798bd3c98bc0bf3c9ceb63b7d2c4d084332f0f4702c185fe9b1a5780f8b11f18b10c9eae1d18a5d45d2677cda5c927906c507f21b987026965d5a9edc182cf6b104878aa8afe22731b2ec16b692cd2819b37a50036db1b6a47f6c47299a8bd35735d180eb1d75d956e8d020db4279fe1332664dfc01cedb5742545a3f2173a159841e11552564c3fbd39fdff26c4438d0b2f66b65f4ddd5778734562eb2bf1d56f5970a8463b520cbbc55dbacdf37a6a16e5c7135f3120c7bd4bf2fcefdf47d55d5a7ac628341ecf694098fd457d23bcce0b2296bf99ab9aff749af11b22fa2f24d4ee95659f3faf48978aea794a80415c845a6d7f924c68a62972db65b9185ff527719c5f8bae299fd50bb7ee1ced73528ab0648b870d8e8ff0acecabf2de8fd4ad30b1fce4084d8e1cfcee237f13a27e4d238f6d2eff350f2393f5ed9918cc35917f2035b1a5faf297bff886b6716db37215b822c8af5142ac94849e5484adb4e59ef85dd56473b1f6e1f6065c8e744377d98815f53244558c42af67e3502865bc81c37741c5ed3ed07e33c64a9d8b2f527e54e3c7e10666dd95eed759e8a3244c5a704a9349ee929752226d01c10bfa94d31ac2ced8261e5fc3a15f68500a9e7b5ad53fe3de581ae3fc9a03fc4da706c17b40ba5d9505938dd55f09989812e25ee54f7668fe8bd274e0c0b040a15c18b9d8bcee0cc88590637a8e7b6792ea8aa8dfd4fa8cfa183f3ce15308acc9d91d02e7f7b46f472c8fabead73ebe033fcc507384948a1eaf03548d79b649be7715b1aa0814a59183424e49e86bc9781ce2e9e8277a85f9b0b4faff231453829faa628ab00daedf8b8aeaeef758bbcbeaf8863ba179e1054b3da56466486fd9b8dcc42ca1bae2d4ff8e0877d9a726744080e125f7a1bbca906bcc59e8798e73bd79e5de3b4a79aa2bc2e8be40b695b5add3a8fc0952053bfc352849fe1ba9da83daca4c904c66fe91e55709ebca2a36356912a285f2206446b3216d78c9fe498431025b1af22d99537d5f86efb23e11e6e8e7d6cd97069c533e908cfb234c26a3424915459c53bf76ff18d7cceca11511b689611ff74118844aed1d4882f5d2a9d051bc3e051a53b7633138d0325082263497c9102cd33fb16c27a93055617ad14befe6321d40251d239d45a89bb079e24b04470fa75454d91bcc39c233eb0ad4a03d5667b9c7eea0d927d665dc2db377c71cfee93bbcd77f6096a2dd14452f1d74a9ebc7288670943ce9910f", 0x2000, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x18, 0xfffffffffffffffe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r11 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x4882, 0x0)
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x13, r11, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f00000000c0)={0x0, 0x0, 0x7, {0x7, 0x0, "a7ea31d2a5"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_netfilter(r7, &(0x7f0000000280)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x398019}, 0xc, &(0x7f0000000200)={&(0x7f0000000800)={0x1dc, 0x14, 0xb, 0x801, 0x70bd2a, 0x25dfdbff, {0xa, 0x0, 0x7}, [@typed={0x8, 0x8, 0x0, 0x0, @pid=r2}, @generic="462d6f7f6073388a0dda0b008f7431f72e04ca7ce745439e113f498b8a4a0324bdb968e8b2d7010e2e71845948f47c7717af8dfb97b6fd0717de8039a130de73372a7e14b6b290", @generic="d754dface6fc65059d4ef618e8ef0c1dd00b23d9ef73c47e71e84d64cb5e05517d0edf2d7d21ef93ddede41492b14632e9bfb220966442fd99af10dc1210c303acefef4aaaa1dc68a4838c43e6e8c8b50d4a000cd3e2806ec56598d0b28cf0c6e5220a25d709ef973294416bcaa52f4015648d1d46f60b93d9975d73fca08863b6ab087c0154983168a61e745b0faaa55ca20d7053bde6c0058280b421ffde956d0258172a0c83956baaee197d8694ccd56a8c7ce7d70748a34b82cc78ca3aa346a936644910", @typed={0xad, 0x4, 0x0, 0x0, @binary="e42e99e2875919a6e56991ea7d85786cde8b9d20a122082fa5f7484c8a805c871a7952c2df9521731d218c3cf2212153b1cb6e494295c881c6de9af4776ece8a6ebc131b4456904f266ac7903ca37e4983d79827bf6f5e187ad5e00256c7609d9a2ef9816c85d3669afc58355b8f4c633bbbad071d7b401a9f3f983b513a1b7618dfaa38d2fe34788e2de05a502347fcc0871befc83afb633344346fd2af56d21e15df72333795d76d"}]}, 0x1dc}, 0x1, 0x0, 0x0, 0x4004010}, 0x0)

12.506188611s ago: executing program 4 (id=1885):
socket$nl_sock_diag(0x10, 0x3, 0x4)
openat$binfmt(0xffffff9c, 0x0, 0x41, 0x1ff)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYRES8=r0], 0x3c}}, 0x0)

12.281639692s ago: executing program 4 (id=1886):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x20d})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
ftruncate(r0, 0x9)
io_submit(0x0, 0x4, &(0x7f0000000300)=[&(0x7f0000000840)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

12.184815567s ago: executing program 4 (id=1888):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/nfs', 0x0, 0x0)
set_mempolicy(0x0, 0x0, 0x0)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000140)='ceph\x00', &(0x7f0000000180), &(0x7f0000000040), 0x1d4, r2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
ioprio_set$pid(0x3, 0x0, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b7000000000000004e00000000000000bf300000000000009500000000000000d4f29c251e4b4261250a94c5041901eedb770ec4bacb4152e8664c65b23294220982d1eb39866a5acf8e23bb5c58ce292446c591505d17949963675733dbed1e7446e2ef85ea7646f293507cf4c148ad2dd34d11fbfc2e2858a0bb87b32dacf44a28d6448beeef2052aca3fed6d48b6e3632722c136bf240c49ed98c9b382155151f0ebc767c6eee99716614fd65c16abc152f34a6c04bd8335148da8fb589c201444dc0ba2b99591888"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xb579, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xe, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x23)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000f1d566201e043c40d7cc000000010902120001000000000904"], 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)

10.318323744s ago: executing program 0 (id=1838):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = dup(r0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x4c, 0x2, 0x6, 0x5, 0x0, 0xf0ffff, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}}, 0x0) (fail_nth: 3)

10.105580973s ago: executing program 0 (id=1895):
socket(0x26, 0x80801, 0x5)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$packet(r1, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x1000000}}, 0x1c)

9.36250092s ago: executing program 3 (id=1897):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x20d})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
ftruncate(r0, 0x9)
io_submit(0x0, 0x4, &(0x7f0000000300)=[&(0x7f0000000840)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

9.297568017s ago: executing program 0 (id=1898):
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r0, &(0x7f0000000080)=[{&(0x7f0000000040)="93d90400030300", 0x7}, {&(0x7f0000000000)="b2", 0x1}], 0x2)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x2}, 0x20)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
socket(0x21, 0x3, 0x8)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x19, 0x11, &(0x7f0000000300)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@map_fd={0x18, 0x1}]}, &(0x7f0000000180)='syzkaller\x00', 0x9, 0x14, &(0x7f0000000200)=""/20, 0x41100, 0x99d25ad752a8a38, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x8, &(0x7f0000000240)={0x5, 0x3}, 0x8, 0x10, &(0x7f00000003c0)={0x2, 0xc, 0x9, 0xff}, 0x10, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, &(0x7f0000000400)=[0xffffffffffffffff], 0x0, 0x10, 0x4, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x8, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="850000002e000000350000000000ba008500000008000000950000000000000064f1c09faf5d6806f8a1572b41a141d524581835d80532cb457f454698165b61a3cf5fc6dd8442230e35230163cf094949fc8b0a9114f43d1b6538f5976be4adc07e8c97d76b1895c322a1ef1f83dd6c1023158a1086f7d0f9dce435554bc34e6bdea4217cfaa9a1f8ad1087c697acd9a7ab696922c9e35f0aee6156c599c7b297de0019b27d67bfb3fe241454a04080bf7f8ce021879c820f9b80fe04be5b11cc7bf16c8a029df573db051357c71be1f5e8ce8db0f96ee1d8a312e9671e652bd6f32c7a458f129a8d8bc9a5d905441c0785d333135a04001bb4cd5b295b9add7a0247cada056be3a9e29f9d4b57ddd4130ccbbbcd6e000000000000004102d74c391acc0880312cc8a8c51c7bddd3698f620a69f46984c2a2e742fadecf0e18c91f1715450ff0e09b7e52fd66a7c81b7e62ca8c3572c3dc46dc7579c100010000000000001af7d2149c8ab5ef187087f74b65a6c7da154853894437ffcb5cc3a2b13759c42b350b09a639a8f257d81204e7e61b7f7230db061fabbdc611df1129695265a3426e02f9b24ebc243a8b7ab50e4279be8594af30231a567d1f0ac5297daa6e9e82eb90c602adffc6a3de64b1db82ac547a6a4b78a323aebbf4917450e54b989c6065aeafe708ed91d86ee0aebd842815a9bad226f1eda090456f50863060f074c0469fb82752e4aacbf6ab830391cdb628b5f371ce3b1431b2726cbd8b933f3ce2d452d46d56a8cc49e160581b4a23e881264d498b4b6e7c2f9bc962da260e699aa50d2da32c555047ca"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x99, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$SW_SYNC_IOC_INC(r7, 0x40045701, &(0x7f0000000180)=0xffffffff)
r8 = syz_usb_connect(0x0, 0x24, &(0x7f0000000cc0)=ANY=[@ANYBLOB="120100004f92b90857152077ebb7000000010902120001000000000904"], 0x0)
syz_usb_control_io(r8, 0x0, &(0x7f0000000f80)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0x40, 0x13, 0x6, @local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r8, 0x0, &(0x7f00000012c0)={0x44, &(0x7f0000000c40)=ANY=[@ANYBLOB="000324"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r8, 0x0, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f00000002c0)=r4, 0x4)
sendmsg$unix(r6, &(0x7f0000000e80)={0x0, 0x0, 0x0}, 0x0)

9.193768315s ago: executing program 3 (id=1899):
syz_emit_ethernet(0x38, &(0x7f0000000200)=ANY=[@ANYBLOB="0180c20000000180c200000008004900002a004000000000907800000000ffffffff000000000100081d8d31"], 0x0)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x1200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91d13ee8db164c6e4b4e00d96070000001ea89de2b7fb0a0100000000000080000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00"}})

9.025457778s ago: executing program 3 (id=1900):
socket$nl_sock_diag(0x10, 0x3, 0x4)
openat$binfmt(0xffffff9c, 0x0, 0x41, 0x1ff)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB, @ANYRES8=r0], 0x3c}}, 0x0)

8.793440658s ago: executing program 3 (id=1901):
r0 = open(&(0x7f0000000000)='./cgroup\x00', 0x10000, 0xd1)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000400)=[{&(0x7f00000000c0)="390000001000111867090707a640400f0021ff3f30000000170a00170000000004003700090003", 0x27}], 0x1)
r1 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000000080)=@newtaction={0x60, 0x30, 0x0, 0x0, 0x0, {}, [{0x4c, 0x1, [@m_skbedit={0x48, 0x1, 0x0, 0x0, {{0xc}, {0x1c, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18}]}, {0x4}, {0xc}, {0xc, 0x9}}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x40}, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0xffffff2d, &(0x7f0000000080)=[{&(0x7f0000000040)="c00e02003c000b05d25a806f8c6394f90324fc602f00001550000100053582c137153e370248018088471700d1bd", 0x33fe0}], 0x1}, 0x0)
r2 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$vhost_msg_v2(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, {&(0x7f0000000280)=""/236, 0xec, &(0x7f0000000380)=""/142, 0x2, 0x2}}, 0x48)
r3 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'batadv0\x00', <r4=>0x0})
sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000004340)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)={0x24, r3, 0x331, 0x0, 0x0, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r4}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x24}}, 0x0)
r5 = socket$can_bcm(0x1d, 0x2, 0x2)
recvmmsg(r5, &(0x7f0000007ec0)=[{{0x0, 0x0, &(0x7f0000003e00)=[{&(0x7f0000001a80)=""/18, 0x12}], 0x1}}], 0x1, 0x0, 0x0)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000500)='status\x00')
read$nci(r6, &(0x7f0000000a80)=""/218, 0xda)
connect$can_bcm(r5, &(0x7f00000000c0), 0x10)
sendmsg$can_bcm(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="05000000270000000200000000000000", @ANYRES64=0x0, @ANYRES64=0x2710], 0x48}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000880)={0x18, 0x6, &(0x7f00000005c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1}, [@jmp={0x5, 0x1, 0xb, 0x4, 0x1, 0x80, 0xe}, @map_val={0x18, 0xb, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x1}]}, &(0x7f00000006c0)='syzkaller\x00', 0x6, 0xdb, &(0x7f0000000700)=""/219, 0x40f00, 0x8, '\x00', r4, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000800)={0x9, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000840)=[r0], 0x0, 0x10, 0x8000, @void, @value}, 0x94)
sendmsg$BATADV_CMD_GET_BLA_CLAIM(r0, &(0x7f00000004c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f00000001c0)={&(0x7f0000000440)={0x48, r3, 0x200, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x45}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x5}, @BATADV_ATTR_AP_ISOLATION_ENABLED={0x5, 0x2a, 0x1}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @random="f70d0874cd5e"}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x800)
dup(r2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020800000100000000000001000000000100140003"], 0x18}}, 0x0)
pwrite64(0xffffffffffffffff, &(0x7f0000000640)="27092452c7e0b04f4e3240f380cf62b7ee0d7bdd86aec6c76b4308df9100d6873a6efd34e5a13dcf03b58ea1399e8e02c497e0a0fd787a4b282d44948d886b30059d71b61f25d3395ac93e37520dcdfba94c", 0x52, 0x21)
io_setup(0x8, &(0x7f0000000600)=<r7=>0x0)
io_submit(r7, 0x1, &(0x7f0000000180)=[&(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x0, 0xffffffffffffffff, &(0x7f00000000c0)="01", 0x24}])
socket$inet_udplite(0x2, 0x2, 0x88)

8.743590312s ago: executing program 4 (id=1902):
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000680), 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000004c0)={{{@in6=@private2, @in, 0x0, 0x0, 0x0, 0xfffd, 0x0, 0x80, 0x0, 0x0, 0x0, 0xee01}}, {{@in6=@ipv4={'\x00', '\xff\xff', @loopback}}, 0x0, @in=@empty}}, 0xe8)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f0000000100)=0x40049, 0x4)
recvmmsg(r0, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f00000003c0)='/proc/slabinfo\x00', 0x0, 0x0)
preadv(r1, &(0x7f0000000300)=[{&(0x7f0000000180)=""/137, 0x89}], 0x1, 0x8001, 0x0)

8.508567923s ago: executing program 1 (id=1904):
syz_emit_vhci(&(0x7f0000000880)=ANY=[@ANYBLOB="04"], 0x10)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="540100001a0013070000000000000000ac141400"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff0000000000000000000000000000000032000000ac141417000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c"], 0x154}}, 0x0)

8.321641951s ago: executing program 1 (id=1905):
r0 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000005c0)={&(0x7f0000000000)=""/96, 0x128000, 0x800}, 0x20)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_mreq(r1, 0x29, 0xe, &(0x7f0000000180)={@mcast1, <r2=>0x0}, &(0x7f00000001c0)=0x14)
sendto(r0, &(0x7f00000000c0)="f53d93b405e31115e571be17c5a16759f5a6ef8fe7db1ecdb9f76016496aca12bf4e1844fcd843d592e49b5c37a4", 0x2e, 0x0, &(0x7f0000000380)=@xdp={0x2c, 0xc, r2, 0x2b}, 0x80)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000140)=0x20, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x40008d0, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00', <r3=>0x0})
setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000300)=0x2, 0x4)
r4 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r4, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000500)=ANY=[@ANYBLOB="020300030e00000000070000000000000200090010000000e925000000000000030000000000000000000002000100000000000000000d00000000030005000000000002000000ac1414000000000000000000020013000700000025bd7000ff3400"/112], 0x70}, 0x1, 0x7}, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f0000000100)=0x20, 0x4)
bind$xdp(r0, &(0x7f00000002c0)={0x2c, 0x0, r3}, 0x10)
shutdown(0xffffffffffffffff, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x400000000000004)
writev(r5, &(0x7f0000000140)=[{&(0x7f0000000240)="480000001400190d09004beafd0d8c562c84ed7a80ffe05e959126dda8900db462060f000000000000a2bc5603ca00000f7f89000000200000000101ff0000000309ff5bffff00c7", 0x48}], 0x1)

8.321140122s ago: executing program 3 (id=1906):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000740)=ANY=[@ANYBLOB="54010000120013070000000000000000ac141400"/64, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="ffffffff00000000000000000000000000000000320000007f141417000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000048000200656362286369706865725f6e756c6c29000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c001c"], 0x154}}, 0x0)

8.290777813s ago: executing program 2 (id=1907):
r0 = syz_open_dev$loop(&(0x7f0000000440), 0x81, 0x2a00)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.stat\x00', 0x275a, 0x0)
write$binfmt_aout(r1, &(0x7f00000010c0)=ANY=[], 0x1a3)
lsetxattr$system_posix_acl(0x0, &(0x7f0000000040)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x18, 0x0, 0x700, 0x0, 0x0, 0x1c, "fee8a2ab78fc179fd1f8a0e91ddaaca7bd64c6a4b4e00d9683dda1af1ea89de2b7fb0a0100000000000000000300", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "90be8b1c551265406c7f306003d8a0f4bd00", [0x6]}})

8.101246307s ago: executing program 3 (id=1908):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000001540)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0xf, {[@global=@item_4={0x3, 0x1, 0x0, "c9c0e2f5"}, @local=@item_4={0x3, 0x2, 0x2, "71b9a7ab"}, @main=@item_4={0x3, 0x0, 0xb, "1000090e"}]}}, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xc018480b, &(0x7f0000000040)={0x3, 0xffffffff})
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
recvmmsg(r2, &(0x7f00000066c0)=[{{&(0x7f0000000480)=@x25, 0x80, &(0x7f0000001900)=[{&(0x7f0000000500)=""/103, 0x67}, {&(0x7f0000000580)=""/253, 0xfd}, {&(0x7f0000000680)=""/4096, 0x1000}, {&(0x7f0000001680)=""/193, 0xc1}, {&(0x7f0000001780)=""/128, 0x80}, {&(0x7f0000001800)=""/81, 0x51}, {&(0x7f0000001880)=""/72, 0x48}], 0x7, &(0x7f0000001980)=""/22, 0x16}, 0x3}, {{&(0x7f00000019c0)=@nl, 0x80, &(0x7f0000001e40)=[{&(0x7f0000001a40)=""/124, 0x7c}, {&(0x7f0000001ac0)=""/252, 0xfc}, {&(0x7f0000001bc0)=""/72, 0x48}, {&(0x7f0000001c40)=""/97, 0x61}, {&(0x7f0000001cc0)=""/143, 0x8f}, {&(0x7f0000001d80)=""/192, 0xc0}], 0x6, &(0x7f0000001ec0)=""/15, 0xf}, 0xffffffff}, {{0x0, 0x0, &(0x7f0000001f40)=[{&(0x7f0000001f00)}], 0x1}}, {{&(0x7f0000001f80)=@pppol2tp={0x18, 0x1, {0x0, <r3=>0xffffffffffffffff, {0x2, 0x0, @private}}}, 0x80, &(0x7f0000002480)=[{&(0x7f0000002000)=""/212, 0xd4}, {&(0x7f0000002100)=""/119, 0x77}, {&(0x7f0000002180)=""/251, 0xfb}, {&(0x7f0000002280)=""/207, 0xcf}, {&(0x7f0000002380)=""/118, 0x76}, {&(0x7f0000002400)=""/94, 0x5e}], 0x6, &(0x7f0000002500)=""/236, 0xec}, 0x2}, {{&(0x7f0000002600)=@tipc=@id, 0x80, &(0x7f0000003680)=[{&(0x7f0000002680)=""/4096, 0x1000}], 0x1, &(0x7f00000036c0)=""/102, 0x66}, 0x9}, {{&(0x7f0000003740)=@rc, 0x80, &(0x7f0000004b80)=[{&(0x7f00000037c0)=""/142, 0x8e}, {&(0x7f0000003880)=""/245, 0xf5}, {&(0x7f0000003980)=""/40, 0x28}, {&(0x7f00000039c0)=""/27, 0x1b}, {&(0x7f0000003a00)=""/4096, 0x1000}, {&(0x7f0000004a00)=""/153, 0x99}, {&(0x7f0000004ac0)=""/131, 0x83}], 0x7}, 0x4}, {{&(0x7f0000004c00)=@ax25={{0x3, @netrom}, [@default, @rose, @default, @netrom, @bcast, @default, @bcast, @default]}, 0x80, &(0x7f0000005180)=[{&(0x7f0000004c80)=""/52, 0x34}, {&(0x7f0000004cc0)=""/204, 0xcc}, {&(0x7f0000004dc0)=""/172, 0xac}, {&(0x7f0000004e80)=""/244, 0xf4}, {&(0x7f0000004f80)=""/210, 0xd2}, {&(0x7f0000005080)=""/228, 0xe4}], 0x6}, 0x10}, {{&(0x7f0000005200)=@ieee802154, 0x80, &(0x7f00000065c0)=[{&(0x7f0000005280)=""/210, 0xd2}, {&(0x7f0000005380)=""/4096, 0x1000}, {&(0x7f0000006380)=""/105, 0x69}, {&(0x7f0000006400)=""/67, 0x43}, {&(0x7f0000006480)=""/116, 0x74}, {&(0x7f0000006500)=""/47, 0x2f}, {&(0x7f0000006540)=""/112, 0x70}], 0x7, &(0x7f0000006640)=""/68, 0x44}, 0xffffb42c}], 0x8, 0x2060, &(0x7f00000068c0)={0x0, 0x3938700})
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSIFADDR(r5, 0x8916, &(0x7f0000000000)={'wlan1\x00', {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xe}}})
ioctl$sock_inet_SIOCSIFADDR(r4, 0x891c, &(0x7f0000000000)={'wlan1\x00', {0x2, 0x0, @empty=0xfe000000}})
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000006b80)=@bpf_tracing={0x1a, 0x11, &(0x7f0000006900)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@map_val={0x18, 0x3, 0x2, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x20c}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001f00)='GPL\x00', 0xfffffffa, 0x5d, &(0x7f00000069c0)=""/93, 0x40f00, 0x3a, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000006a40)={0x4, 0xb, 0x4, 0xffffffff}, 0x10, 0x21a49, 0xffffffffffffffff, 0xa, &(0x7f0000006a80)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000006ac0)=[{0x2, 0x2, 0xa, 0x5}, {0x0, 0x4, 0xf, 0x3}, {0x2, 0x3, 0xb, 0x3}, {0x4, 0x2, 0xb, 0x8}, {0x3, 0x4, 0x8, 0x7}, {0x4, 0x2, 0x1, 0x2}, {0x2, 0x3, 0x6, 0x4}, {0x5, 0x5, 0x5, 0xa}, {0x0, 0x1, 0x0, 0x9}, {0x0, 0x2, 0x8, 0x1}], 0x10, 0xfffffffc, @void, @value}, 0x94)
ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000006c40)={r6, r7})
socket(0x10, 0x2, 0x0)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_rx_ring(r8, 0x107, 0x5, &(0x7f00000000c0)=@req={0x8000, 0xb4f, 0x300, 0x1daf6}, 0x10)
setsockopt$sock_int(r8, 0x1, 0x31, &(0x7f0000fee000), 0x4)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f00000013c0), 0xffffffffffffffff)
r10 = socket$nl_generic(0x10, 0x3, 0x10)
r11 = socket$nl_audit(0x10, 0x3, 0x9)
ioctl$sock_SIOCGIFINDEX_80211(r11, 0x8933, &(0x7f0000002200)={'wlan0\x00', <r12=>0x0})
sendmsg$NL80211_CMD_SET_NOACK_MAP(r10, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000002280)={&(0x7f00000003c0)={0x24, r9, 0x1, 0x0, 0x10000000, {{}, {@val={0x8, 0x3, r12}, @void}}, [@NL80211_ATTR_NOACK_MAP={0x6, 0x95, 0x7fff}]}, 0x24}, 0x1, 0x0, 0x0, 0x40408c0}, 0x8080)
r13 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r14 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
sendmsg$NL80211_CMD_START_AP(r13, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000880)=ANY=[@ANYBLOB="301cf453fc3d0543451334d7971277b4000000", @ANYRES16=r9, @ANYBLOB="01002abd7000fddbdf250f0000000c009900000000007d00000008000d000b0f000008000c0064000000"], 0x30}, 0x1, 0x0, 0x0, 0x20040000}, 0x24000801)
write$sndseq(r13, &(0x7f0000000280)=[{0x0, 0x0, 0x5, 0x8, @time={0xd, 0x7b937080}, {0x1, 0x9e}, {0x7f, 0x1}, @ext={0xcf, &(0x7f00000000c0)="9d65264300a25d8e96a6e0bc28a481495f7ffc1d9480d63913499ec2a87dba410fd22910b4f2b12c8f6e089d1ae2bea40cbc00f3ba3f767d4f48ab5d26ff75fbc7d1437bf39a7fc68018b6fe1396dcc20429edd1100222686f71a002cd1ed7b22bca685d68343b6a19c495a902a4fc87e22507cb56cc24f04f51f13ae9fd3b371717329868e172d21d7c1c0d10a9d553ac17e7d60668252fc5ec20bdaf8ddf8642f2509abf27c0163434e2eb67d954066cdc8df72d046a55d1e49c2764bda7cb05dbd70dd90914f249d838552739b8"}}, {0x8, 0x1, 0xff, 0x3, @tick=0x5354, {0x0, 0x3}, {0x6, 0x8}, @result={0xfffffffe, 0x8ccd}}, {0x1, 0x1, 0x4, 0x9e, @tick=0x4, {0x1, 0x4}, {0x0, 0x8}, @control={0x0, 0x7ff, 0x9}}, {0x20, 0x4, 0x2, 0xcf, @time={0x100, 0x2}, {0xd, 0x1}, {0x6, 0x36}, @note={0x1, 0xe, 0xb, 0x3, 0x7}}, {0x8, 0x0, 0x4, 0xb, @time={0xb3, 0xade9}, {0x7, 0x9}, {0x3, 0x5}, @time=@time={0x2171, 0x800}}, {0x1, 0x3, 0x4d, 0x6, @tick=0x100, {0x7, 0xa}, {0xa, 0x2}, @raw8={"17010100003f3f818109029f"}}, {0x5, 0x9, 0x6, 0x7, @tick=0xcb6f, {0x0, 0x9}, {0x4, 0x8}, @queue={0x9, {0x0, 0x1b0}}}, {0xf6, 0x6, 0x8, 0x1, @time={0x7, 0x2}, {0x3, 0x7}, {0x5, 0xe0}, @raw8={"e965ecb29a93448f0fbebd7d"}}, {0x5d, 0x88, 0x2, 0x7f, @tick=0xafc, {0x1, 0x6}, {0x83, 0x4}, @result={0xffff, 0x8a}}, {0x7f, 0x5, 0x40, 0xff, @time={0x19d2, 0x114802c}, {0x9, 0x2}, {0x4, 0x5}, @time=@time={0x8, 0x9}}], 0x118)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r14, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r15 = syz_open_procfs(0x0, &(0x7f0000000000)='net/packet\x00')
read(r15, &(0x7f0000001180)=""/4096, 0x1000)

8.054096014s ago: executing program 1 (id=1909):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x20d})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
io_setup(0x5, &(0x7f0000000740)=<r1=>0x0)
io_submit(r1, 0x4, &(0x7f0000000300)=[&(0x7f0000000840)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

8.005939306s ago: executing program 2 (id=1910):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x103)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r1, 0x10e, 0xb, 0x0, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000600)=@newqdisc={0x68, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x14, 0x2, {{0x6, 0x80000000, 0x9, 0x7, 0x1, 0x8000}, [@TCA_NETEM_CORR={0x10, 0x1, {0x2, 0x5, 0x9}}, @TCA_NETEM_REORDER={0xc, 0x3, {0xcf2, 0x80000001}}]}}}]}, 0x68}}, 0x0)
r4 = socket(0x2b, 0x1, 0x1)
sendmmsg$sock(r4, &(0x7f0000001280)=[{{&(0x7f0000000240)=@in6={0xa, 0x0, 0x0, @dev, 0x5}, 0x80, 0x0}}], 0x1, 0x20000001)
connect$netlink(r4, &(0x7f0000000000)=@unspec, 0xc)
r5 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
r6 = fcntl$dupfd(r5, 0x406, r5)
io_uring_setup(0x35e9, &(0x7f00000006c0)={0x0, 0xcfe1, 0x0, 0x0, 0x389, 0x0, r6})
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB="2c67726f758410696440c8e1e17c20f0b2cea554bd37f2729b5890200cb641fe95d6cf548028591042739b4fd28ab6a092c010f360d5403097d9605e921ffb3b6d83aceabf59288d07453f3c90b5e6d0a9a05da0c115c54c26172b736a7ab355ded56b3c3f80519c3ee09f1cd50be9a7e30eb55c36e0794f7cdd7c8c70218819ef38638ec6362db56ca05538e71c06b88e03547667e1ce83014b992c6cd58ca768e06c6db7b2", @ANYRESDEC=0x0])
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xe, 0x4008031, 0xffffffffffffffff, 0x20000000)
r7 = openat$vmci(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r7, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r7, 0x7a0, &(0x7f0000000000)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r7, 0x7a8, &(0x7f0000000100)={{@my=0x1, 0x800000}, @hyper, 0x0, 0x2925, 0x0, 0x20000000, 0x4, 0x0, 0x2})
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
read$FUSE(r5, 0x0, 0x0)
write$FUSE_NOTIFY_INVAL_ENTRY(r5, &(0x7f0000000640)=ANY=[@ANYBLOB="7e000000030000000000000000000200010000000000000077feffff0000000025971728b239f62f108d187eaf1e9fbb9f1cdaa62e2de13b4f328e4200810d4eb44a016fde8f6e4809ccc615df7dce640fb35bca60d8da8988e8fc4d86038615b42746cac4d4203a11ed0c1b12ea3200"/126], 0x7e)
write$FUSE_ATTR(r5, 0x0, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r8, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
r9 = socket$inet6(0xa, 0x80002, 0x0)
bind$inet6(r9, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
sendmsg$NFULNL_MSG_CONFIG(r6, &(0x7f00000009c0)={&(0x7f00000008c0)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000980)={&(0x7f0000000140)=ANY=[@ANYBLOB="324cdfff0104010f0000000000000000070000040500010002000000080005400000080008ffe8400000b2af08000340000010050500010004000000050001000700000008d0044000000009d6fd4017"], 0x4c}, 0x1, 0x0, 0x0, 0x80}, 0x0)
syz_open_dev$vbi(&(0x7f0000000300), 0x2, 0x2)

7.913850828s ago: executing program 1 (id=1911):
socket$nl_sock_diag(0x10, 0x3, 0x4)
openat$binfmt(0xffffff9c, 0x0, 0x41, 0x1ff)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r2, @ANYBLOB, @ANYRES8=r0], 0x3c}}, 0x0)

7.657456616s ago: executing program 1 (id=1913):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_create_resource$binfmt(&(0x7f0000000040)='./file1\x00')
openat$binfmt(0xffffffffffffff9c, r1, 0x42, 0x1ff)
syz_open_dev$tty1(0xc, 0x4, 0x1)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/fs/nfs', 0x0, 0x0)
set_mempolicy(0x0, 0x0, 0x0)
r2 = add_key$keyring(&(0x7f0000000000), &(0x7f00000000c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
add_key(&(0x7f0000000140)='ceph\x00', &(0x7f0000000180), &(0x7f0000000040), 0x1d4, r2)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
ioprio_set$pid(0x3, 0x0, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b7000000000000004e00000000000000bf300000000000009500000000000000d4f29c251e4b4261250a94c5041901eedb770ec4bacb4152e8664c65b23294220982d1eb39866a5acf8e23bb5c58ce292446c591505d17949963675733dbed1e7446e2ef85ea7646f293507cf4c148ad2dd34d11fbfc2e2858a0bb87b32dacf44a28d6448beeef2052aca3fed6d48b6e3632722c136bf240c49ed98c9b382155151f0ebc767c6eee99716614fd65c16abc152f34a6c04bd8335148da8fb589c201444dc0ba2b99591888"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xb579, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xe, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x23)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = syz_usb_connect(0x0, 0x24, &(0x7f0000000500)=ANY=[@ANYBLOB="12010000f1d566201e043c40d7cc000000010902120001000000000904"], 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000280)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r3, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r3, 0x0, 0x0)

7.657239553s ago: executing program 4 (id=1914):
socket(0x26, 0x80801, 0x5)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$packet(r1, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x14)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback={0x1020000}}, 0x1c)

7.327523167s ago: executing program 4 (id=1915):
timer_settime(0x0, 0x1, &(0x7f0000000000)={{}, {0x77359400}}, 0x0)
pipe(&(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x8000002}, 0x1c)
sendto$inet6(r1, 0x0, 0x0, 0x22004001, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c)
sendto$inet6(r1, &(0x7f0000000080)="44f9b108b1cdc885c9c533d21f474bec8bfef1df1e2da71e578dc6b91d09f7ab15378571d8e27546090000006e75436914ab717528ee4b7a9beaf908d11137c11903064e83b4951f4d433a5404970c85d92d7083fd38844cbb0c6c5eb508ddc2dc7a590aa7941b1e9eeb5a688138dea09b776cbfa784cbf550bf3074fb0d775da4df5a3f48bbdf452eeb6b923da9d0e25b80f76a873664b5753444fe05f33e5f91045540836c3cd6af10f0cd018f0c6f57f926ac959a5628c45088fbe0c87fbe6cbcda4662d2a12f6d00"/215, 0xd0d0c2ac, 0x1, 0x0, 0x0)
splice(r1, 0x0, r0, 0x0, 0x406f413, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000300)={0x0, 0x989680}, 0x0)
socket$can_j1939(0x1d, 0x2, 0x7)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect$cdc_ncm(0x3, 0x0, 0x0, 0x0)
r2 = add_key(&(0x7f00000002c0)='cifs.spnego\x00', &(0x7f0000000180)={'syz', 0x0}, &(0x7f0000000200)="e13e6be714b6fc3f505ec7ecc78e8a4f99ca3dcccdc0cf3968cdbbabae95daf9ae681e2305ff0b3dff96847152a1df4431d738b469e8f6bd5858d866bdf55da9715d7dda510867b59c2ec2dd22679f7f031ea46bbcd7fac8", 0x58, 0xfffffffffffffffc)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, 0x0, &(0x7f0000000280)=@secondary)
syz_usb_connect(0x5, 0x1e6, &(0x7f0000000c00)={{0x12, 0x1, 0x250, 0x5b, 0xa, 0x38, 0x40, 0x16d8, 0x6002, 0xb2a0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1d4, 0x1, 0x3, 0x4, 0x0, 0xe, [{{0x9, 0x4, 0xf2, 0x8, 0x6, 0xbc, 0x80, 0x27, 0x45, [], [{{0x9, 0x5, 0xe, 0x4, 0x8, 0x7, 0x1, 0x3}}, {{0x9, 0x5, 0xa, 0x0, 0x20, 0x3, 0x7, 0x5}}, {{0x9, 0x5, 0xa, 0x1, 0x200, 0x2, 0x8, 0x3a, [@uac_iso={0x7, 0x25, 0x1, 0x80, 0x80, 0x4}]}}, {{0x9, 0x5, 0xc, 0x0, 0x400, 0x5, 0x6, 0xdb, [@generic={0xcd, 0x7, "fd91a305dd403976eacd8338de166142ca530dc437568890d725343dd011a6619be67dd1b2a6dde110ecdc8b2924640843d69ff0ac07e05d092057a097096a53d5069e777480d13e2e6ed51a3d866d4f742e312228af3dd264b0897c403ea0504e66c2e86b8ca81e01187aeec92677813e9f295e2fab41743b1ff43a6df598ef9eda1fd49bfb3cbe59951d5f36ae12b5e19e573a1f27c45fa87b5e39fafe3b8b95d89af0f6fccd4b5de064fd8c1d08d1adbc44b7456d90f7d03171e3093d1339f7904942e6a9ca0e3736fd"}, @uac_iso={0x7, 0x25, 0x1, 0x0, 0x9, 0x4}]}}, {{0x9, 0x5, 0x7, 0x2, 0x10, 0x3, 0x9, 0x8, [@generic={0xaf, 0x9, "8846768b288cc36542a1d79acda5756e752e4262a8163884470703e0e6c50d0e193811802dfe0cbeb45bb8292f3bb779ac2d11ecac57550ec6832b5287589db056602ffd4b2bf670955337ea5b450e08affc0a60d6ed06d0974821309840698d237e8be2ae3131655dbb0cff80921de3f26050e339fa6016f2fba3bc763850cf94835e11078817380e7196c7439fc18fd2f0d6eec29fbc7948e5dc1400ab026b88496e7dc2938a608b04044d84"}]}}, {{0x9, 0x5, 0x3, 0x4, 0x40, 0x4, 0x3e, 0x9, [@generic={0x2, 0x31}]}}]}}]}}]}}, &(0x7f00000001c0)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x200, 0x77, 0x7, 0x40, 0x40, 0x10}, 0x5, &(0x7f0000000140)={0x5, 0xf, 0x5}, 0x1, [{0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x42d}}]})
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)

7.318015988s ago: executing program 0 (id=1916):
socket$packet(0x11, 0x3, 0x300) (async)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x9004}, 0x4)
syz_emit_ethernet(0x66, &(0x7f0000000080)={@multicast, @dev, @val={@void}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x2, 0x0, 0x0, 0x0, @empty}}}}}, 0x0) (async)
syz_emit_ethernet(0x66, &(0x7f0000000080)={@multicast, @dev, @val={@void}, {@ipv4={0x800, @generic={{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x2, 0x0, 0x0, 0x0, @empty}}}}}, 0x0)
r1 = fsopen(&(0x7f0000000280)='binfmt_misc\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
fsmount(r1, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x7, 0x0, 0x0, 0x0) (async)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x7, 0x0, 0x0, 0x0)
r2 = openat$qrtrtun(0xffffff9c, &(0x7f0000000040), 0x14000)
r3 = openat$nvme_fabrics(0xffffff9c, &(0x7f0000000140), 0x941, 0x0)
setsockopt$inet6_opts(r3, 0x29, 0x39, &(0x7f0000000180)=@fragment={0x3c, 0x0, 0x7, 0x1, 0x0, 0x0, 0x65}, 0x8)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x728, 0xffffffffff, &(0x7f00000000c0))
ioprio_get$pid(0x2, 0x0)
read$qrtrtun(r2, &(0x7f00000000c0)=""/67, 0x43) (async)
read$qrtrtun(r2, &(0x7f00000000c0)=""/67, 0x43)

7.118430991s ago: executing program 0 (id=1917):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = dup(r0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)={0x4c, 0x2, 0x6, 0x5, 0x2000, 0xf0ffff, {}, [@IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_TYPENAME={0x14, 0x3, 'hash:ip,port,ip\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x4c}}, 0x0)

7.017293658s ago: executing program 0 (id=1918):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="12010000459bb2405804035000000000000109021b00011100000009040000019569", @ANYRES32], 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000240)}, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/fs/bpf', 0x0, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000040)='io.stat\x00', 0x275a, 0x0)
r2 = socket$inet_sctp(0x2, 0x5, 0x84)
r3 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r4 = ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="380000001000"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000180012800c0001006d6163766c616e001800028004000580ae442be9ec0f27fe30f5acf9cfef54d568e76d01db82bfef6965e45bebab74f55027d960580f75c8515cde379a77b3b1f749cbdbd06724850afbc10b84da03a43c86285b12e9d661b278a3aea1e05d4d2e3b24a51c79b5b283612c606f06b22da5c3497833f165c5dc34edfb778c3e56f2e6b3f666a3497107fd4a7113e1"], 0x38}}, 0x0)
r5 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x1b, &(0x7f0000000100)={&(0x7f0000000480)={0x70, 0x0, 0x0, 0x0, 0x0, {}, [@L2TP_ATTR_PROTO_VERSION={0x5}, @L2TP_ATTR_DATA_SEQ={0x5}, @L2TP_ATTR_VLAN_ID={0x6}, @L2TP_ATTR_CONN_ID={0x8}, @L2TP_ATTR_VLAN_ID={0x5, 0xe, 0xfffa}, @L2TP_ATTR_PROTO_VERSION={0x5, 0x7, 0x3}, @L2TP_ATTR_L2SPEC_TYPE={0x5, 0x5, 0x1}, @L2TP_ATTR_UDP_CSUM={0x0, 0xd, 0x1}, @L2TP_ATTR_IFNAME={0x14, 0x8, 'veth0_vlan\x00'}, @L2TP_ATTR_UDP_DPORT={0x6, 0x1b, 0x4e20}]}, 0x70}}, 0x0)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003b000b05d25a806c8c6394f90224fc60100005000a000200053582c137153e37000c0180fc0b10000600", 0x33fe0}], 0x1}, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x5, 0x0)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
ioctl$LOOP_CTL_REMOVE(r3, 0x4c81, r4)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00'})
r6 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
preadv(r6, &(0x7f0000001880)=[{&(0x7f0000001a80)=""/102400, 0x19000}], 0x1, 0xfffffffc, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a24000000000a01010000000000000000050000000900010073797a30000000000400060070000000030a01030000000000000000050000000900010073797a30000000001c0008800c00024000000000000000000c00014000000000000000000900030073797a3200000000280004800800024000000000080001400000000014000300766c616e3000"/167], 0xd0}}, 0x0)
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r8, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000380)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x7, 0xc2, 0x0, 0x0, 0x0, {[@mss={0x2, 0x4, 0xa005}, @sack_perm={0x4, 0x2}]}}}}}}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)

0s ago: executing program 1 (id=1919):
r0 = socket$inet(0x2, 0x1, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f0000000180)={'sit0\x00', &(0x7f0000000480)={'tunl0\x00', <r1=>0x0, 0x8, 0x80, 0x6, 0x5, {{0x5, 0x4, 0x0, 0x6, 0x14, 0x67, 0x0, 0x40, 0x29, 0x0, @rand_addr=0x64010102, @local}}}})
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r2, 0x40045010, &(0x7f0000000100))
ioctl$SNDCTL_DSP_SPEED(r2, 0xc0045002, &(0x7f0000000080)=0x10000)
r3 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = getuid()
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000000)={{{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e22, 0x0, 0x4e21, 0x0, 0x2, 0x30, 0x20, 0x3b, r1, r4}, {0x4, 0x1fb, 0x101, 0x8, 0xff, 0x4, 0x6bd9, 0x7}, {0xf35, 0x60, 0x8001, 0x3}, 0x8, 0x6e6bc0, 0x3, 0x1, 0x2, 0x1}, {{@in=@multicast2, 0x4d4, 0x2b}, 0x2, @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x3505, 0x4, 0x2, 0x69, 0x10001, 0xc7d2, 0x1}}, 0xe8)

kernel console output (not intermixed with test programs):

sb5-port1: unable to enumerate USB device
[  542.615252][T13420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  542.639340][T13420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  542.660426][ T5285] usb 4-1: USB disconnect, device number 123
[  542.688618][T13420] batman_adv: batadv0: Interface activated: batadv_slave_0
[  542.831024][T13420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  542.855134][T13420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  542.865868][T13420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  542.876901][T13420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  542.889125][T13420] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  542.903768][T13420] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  542.916223][T13420] batman_adv: batadv0: Interface activated: batadv_slave_1
[  542.934595][T13565] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  542.964667][T13565] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  542.994555][T13565] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  543.017567][T13420] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  543.027032][T13420] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  543.035919][T13420] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  543.044744][T13420] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  543.091723][T13702] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1633'.
[  543.093048][T13565] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  543.393819][ T6683] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  543.459032][ T6683] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  543.672837][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  543.701741][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  543.742899][T13726] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1639'.
[  543.878480][ T5283] usb 4-1: new high-speed USB device number 124 using dummy_hcd
[  543.925189][T13565] 8021q: adding VLAN 0 to HW filter on device bond0
[  543.977958][T13738] bridge0: port 3(macvlan2) entered blocking state
[  544.009110][T13738] bridge0: port 3(macvlan2) entered disabled state
[  544.031780][ T5283] usb 4-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[  544.048501][ T5283] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  544.075262][ T5283] usb 4-1: Product: syz
[  544.078558][T13738] macvlan2: entered allmulticast mode
[  544.091585][ T5283] usb 4-1: Manufacturer: syz
[  544.096219][ T5283] usb 4-1: SerialNumber: syz
[  544.106744][T13738] macvlan2: entered promiscuous mode
[  544.124069][ T5283] usb 4-1: config 0 descriptor??
[  544.164440][ T5283] i2c-tiny-usb 4-1:0.0: version 6d.cc found at bus 004 address 124
[  544.241028][T13565] 8021q: adding VLAN 0 to HW filter on device team0
[  544.319477][ T6683] bridge0: port 1(bridge_slave_0) entered blocking state
[  544.326656][ T6683] bridge0: port 1(bridge_slave_0) entered forwarding state
[  544.362658][ T6683] bridge0: port 2(bridge_slave_1) entered blocking state
[  544.364807][T13721] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  544.369835][ T6683] bridge0: port 2(bridge_slave_1) entered forwarding state
[  544.416607][T13721] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  544.488646][ T4628] Bluetooth: hci2: command tx timeout
[  544.530432][T13764] FAULT_INJECTION: forcing a failure.
[  544.530432][T13764] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  544.543715][T13764] CPU: 0 UID: 0 PID: 13764 Comm: syz.4.1648 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  544.554514][T13764] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  544.564684][T13764] Call Trace:
[  544.567985][T13764]  <TASK>
[  544.570944][T13764]  dump_stack_lvl+0x241/0x360
[  544.575661][T13764]  ? __pfx_dump_stack_lvl+0x10/0x10
[  544.580888][T13764]  ? __pfx__printk+0x10/0x10
[  544.585517][T13764]  ? __pfx_lock_release+0x10/0x10
[  544.590586][T13764]  should_fail_ex+0x3b0/0x4e0
[  544.595305][T13764]  _copy_from_user+0x2f/0xe0
[  544.599928][T13764]  copy_msghdr_from_user+0xae/0x680
[  544.605169][T13764]  ? __pfx_copy_msghdr_from_user+0x10/0x10
[  544.611030][T13764]  __sys_sendmsg+0x22d/0x380
[  544.615646][T13764]  ? __pfx___sys_sendmsg+0x10/0x10
[  544.620793][T13764]  ? __pfx_vfs_write+0x10/0x10
[  544.625572][T13764]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  544.631910][T13764]  ? do_syscall_64+0x100/0x230
[  544.636670][T13764]  ? do_syscall_64+0xb6/0x230
[  544.641340][T13764]  do_syscall_64+0xf3/0x230
[  544.645836][T13764]  ? clear_bhb_loop+0x35/0x90
[  544.650602][T13764]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  544.656507][T13764] RIP: 0033:0x7f748457dff9
[  544.660923][T13764] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  544.680529][T13764] RSP: 002b:00007f74852d2038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  544.688941][T13764] RAX: ffffffffffffffda RBX: 00007f7484735f80 RCX: 00007f748457dff9
[  544.696932][T13764] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004
[  544.704898][T13764] RBP: 00007f74852d2090 R08: 0000000000000000 R09: 0000000000000000
[  544.712862][T13764] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  544.720827][T13764] R13: 0000000000000000 R14: 00007f7484735f80 R15: 00007f748485fa28
[  544.728804][T13764]  </TASK>
[  544.760418][T13721] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  544.806339][  T938] IPVS: starting estimator thread 0...
[  544.826524][T13565] 8021q: adding VLAN 0 to HW filter on device batadv0
[  544.851211][T13721] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  544.874349][T13565] veth0_vlan: entered promiscuous mode
[  544.958060][T13771] IPVS: using max 20 ests per chain, 48000 per kthread
[  544.986220][T13565] veth1_vlan: entered promiscuous mode
[  545.051968][ T5283]  (null): failure setting delay to 10us
[  545.081521][ T5283] i2c-tiny-usb 4-1:0.0: probe with driver i2c-tiny-usb failed with error -5
[  545.104615][T13565] veth0_macvtap: entered promiscuous mode
[  545.117472][ T5283] usb 4-1: USB disconnect, device number 124
[  545.138558][T11113] usb 5-1: new high-speed USB device number 121 using dummy_hcd
[  545.151681][T13565] veth1_macvtap: entered promiscuous mode
[  545.205406][T13565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  545.234119][T13565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  545.245517][T13565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  545.246152][T13789] fuse: Bad value for 'fd'
[  545.256532][T13565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  545.272410][T13565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  545.291445][T13565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  545.303654][T13565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  545.318341][T11113] usb 5-1: Using ep0 maxpacket: 8
[  545.330437][T11113] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  545.333553][T13565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  545.358316][T11113] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  545.368014][T13565] batman_adv: batadv0: Interface activated: batadv_slave_0
[  545.396825][T13565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  545.406283][T11113] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  545.410244][T13565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  545.449552][T11113] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  545.450114][T13565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  545.480632][T11113] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  545.486807][T13565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  545.500130][T11113] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  545.506088][T13565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  545.518662][T11113] usb 5-1: Product: syz
[  545.518686][T11113] usb 5-1: Manufacturer: syz
[  545.518703][T11113] usb 5-1: SerialNumber: syz
[  545.533500][T11113] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[  545.538553][T13565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  545.551177][T11113] usbtest 5-1:1.0: Linux user mode ISO test driver
[  545.558577][T11113] usbtest 5-1:1.0: high-speed {control bulk-out iso-in} tests (+alt)
[  545.568667][T13565] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  545.584015][T13565] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  545.595685][T13565] batman_adv: batadv0: Interface activated: batadv_slave_1
[  545.606774][T13799] bridge0: port 4(macvlan3) entered blocking state
[  545.619386][T13799] bridge0: port 4(macvlan3) entered disabled state
[  545.626359][T13799] macvlan3: entered allmulticast mode
[  545.633146][T13799] macvlan3: entered promiscuous mode
[  545.650776][T13565] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  545.661798][T13565] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  545.678898][ T5285] usb 3-1: new high-speed USB device number 104 using dummy_hcd
[  545.699714][T13565] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  545.718414][T13565] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  545.820499][   T29] kauditd_printk_skb: 2 callbacks suppressed
[  545.820516][   T29] audit: type=1326 audit(1727786436.640:8735): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13805 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160837dff9 code=0x7ffc0000
[  545.848953][    C1] vkms_vblank_simulate: vblank timer overrun
[  545.855523][T13807] FAULT_INJECTION: forcing a failure.
[  545.855523][T13807] name failslab, interval 1, probability 0, space 0, times 0
[  545.865471][ T5285] usb 3-1: config 0 has no interfaces?
[  545.887170][ T6673] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  545.898374][T13807] CPU: 0 UID: 0 PID: 13807 Comm: syz.0.1659 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  545.906056][ T6673] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  545.909243][T13807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  545.909259][T13807] Call Trace:
[  545.909267][T13807]  <TASK>
[  545.909277][T13807]  dump_stack_lvl+0x241/0x360
[  545.909305][T13807]  ? __pfx_dump_stack_lvl+0x10/0x10
[  545.917155][ T5285] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  545.926599][T13807]  ? __pfx__printk+0x10/0x10
[  545.926642][T13807]  ? ref_tracker_alloc+0x332/0x490
[  545.926665][T13807]  should_fail_ex+0x3b0/0x4e0
[  545.948444][ T5285] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  545.951745][T13807]  ? skb_clone+0x20c/0x390
[  545.956321][ T5285] usb 3-1: Product: syz
[  545.961412][T13807]  should_failslab+0xac/0x100
[  545.961447][T13807]  ? skb_clone+0x20c/0x390
[  545.961466][T13807]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  545.961492][T13807]  skb_clone+0x20c/0x390
[  545.961516][T13807]  __netlink_deliver_tap+0x3cc/0x7c0
[  545.961543][T13807]  ? netlink_deliver_tap+0x2e/0x1b0
[  545.961559][T13807]  netlink_deliver_tap+0x19d/0x1b0
[  545.961578][T13807]  netlink_dump+0x851/0xd80
[  545.961612][T13807]  ? __pfx_netlink_dump+0x10/0x10
[  545.961659][T13807]  __netlink_dump_start+0x5a2/0x790
[  545.961693][T13807]  xsk_diag_handler_dump+0x1dc/0x270
[  545.961718][T13807]  ? __pfx_xsk_diag_handler_dump+0x10/0x10
[  545.961738][T13807]  ? __pfx_xsk_diag_dump+0x10/0x10
[  545.961764][T13807]  ? sock_diag_lock_handler+0x19/0x280
[  545.961785][T13807]  ? __pfx_xsk_diag_handler_dump+0x10/0x10
[  545.961809][T13807]  sock_diag_rcv_msg+0x3dc/0x5f0
[  545.961831][T13807]  netlink_rcv_skb+0x1e3/0x430
[  545.982061][   T29] audit: type=1326 audit(1727786436.640:8736): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13805 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160837dff9 code=0x7ffc0000
[  545.983036][T13807]  ? __pfx_sock_diag_rcv_msg+0x10/0x10
[  545.991228][ T5285] usb 3-1: Manufacturer: syz
[  545.992096][T13807]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  545.997482][ T5285] usb 3-1: SerialNumber: syz
[  546.001681][T13807]  ? netlink_deliver_tap+0x2e/0x1b0
[  546.001710][T13807]  netlink_unicast+0x7f6/0x990
[  546.001743][T13807]  ? __pfx_netlink_unicast+0x10/0x10
[  546.017282][   T29] audit: type=1326 audit(1727786436.640:8737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13805 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=267 compat=0 ip=0x7f160837dff9 code=0x7ffc0000
[  546.021771][T13807]  ? __virt_addr_valid+0x183/0x530
[  546.021801][T13807]  ? __check_object_size+0x48e/0x900
[  546.038079][   T29] audit: type=1326 audit(1727786436.640:8738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13805 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160837dff9 code=0x7ffc0000
[  546.043048][T13807]  netlink_sendmsg+0x8e4/0xcb0
[  546.043087][T13807]  ? __pfx_netlink_sendmsg+0x10/0x10
[  546.049211][ T5285] usb 3-1: config 0 descriptor??
[  546.053605][T13807]  ? aa_sock_msg_perm+0x91/0x160
[  546.090293][ T8745] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  546.091432][T13807]  ? __pfx_netlink_sendmsg+0x10/0x10
[  546.091458][T13807]  __sock_sendmsg+0x221/0x270
[  546.096928][ T8745] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  546.101464][T13807]  sock_write_iter+0x2d7/0x3f0
[  546.101493][T13807]  ? __pfx_sock_write_iter+0x10/0x10
[  546.117802][   T29] audit: type=1326 audit(1727786436.640:8739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13805 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160837dff9 code=0x7ffc0000
[  546.121282][T13807]  do_iter_readv_writev+0x600/0x880
[  546.121317][T13807]  ? __pfx_do_iter_readv_writev+0x10/0x10
[  546.148339][   T29] audit: type=1326 audit(1727786436.670:8740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13805 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=144 compat=0 ip=0x7f160837dff9 code=0x7ffc0000
[  546.148939][T13807]  ? bpf_lsm_file_permission+0x9/0x10
[  546.154190][   T29] audit: type=1326 audit(1727786436.670:8741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13805 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160837dff9 code=0x7ffc0000
[  546.159377][T13807]  ? security_file_permission+0x74/0x280
[  546.159410][T13807]  ? rw_verify_area+0x1c3/0x6f0
[  546.159438][T13807]  vfs_writev+0x376/0xba0
[  546.159473][T13807]  ? __pfx_vfs_writev+0x10/0x10
[  546.159522][T13807]  ? fdget_pos+0x19a/0x320
[  546.159545][T13807]  do_writev+0x1b1/0x350
[  546.159572][T13807]  ? __pfx_do_writev+0x10/0x10
[  546.159597][T13807]  ? do_syscall_64+0x100/0x230
[  546.159620][T13807]  ? do_syscall_64+0xb6/0x230
[  546.159640][T13807]  do_syscall_64+0xf3/0x230
[  546.182011][    C1] vkms_vblank_simulate: vblank timer overrun
[  546.186742][T13807]  ? clear_bhb_loop+0x35/0x90
[  546.229274][   T29] audit: type=1326 audit(1727786436.670:8742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13805 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160837dff9 code=0x7ffc0000
[  546.231583][T13807]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  546.247070][   T29] audit: type=1326 audit(1727786436.670:8743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13805 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f160837dff9 code=0x7ffc0000
[  546.259200][T13807] RIP: 0033:0x7f5f6177dff9
[  546.259224][T13807] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  546.259241][T13807] RSP: 002b:00007f5f625c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  546.259264][T13807] RAX: ffffffffffffffda RBX: 00007f5f61935f80 RCX: 00007f5f6177dff9
[  546.274759][   T29] audit: type=1326 audit(1727786436.670:8744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13805 comm="syz.3.1658" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f160837dff9 code=0x7ffc0000
[  546.292525][T13807] RDX: 0000000000000001 RSI: 0000000020000140 RDI: 0000000000000005
[  546.292549][T13807] RBP: 00007f5f625c0090 R08: 0000000000000000 R09: 0000000000000000
[  546.292562][T13807] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  546.292573][T13807] R13: 0000000000000000 R14: 00007f5f61935f80 R15: 00007f5f61a5fa28
[  546.292599][T13807]  </TASK>
[  546.495926][    C1] vkms_vblank_simulate: vblank timer overrun
[  546.979157][T12586] usb 2-1: new high-speed USB device number 126 using dummy_hcd
[  546.987023][ T5285] usb 1-1: new high-speed USB device number 87 using dummy_hcd
[  547.118660][ T5315] usb 4-1: new full-speed USB device number 125 using dummy_hcd
[  547.142240][ T5285] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  547.152944][ T5285] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  547.163042][T12586] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  547.174250][ T5285] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  547.182679][T12586] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  547.194499][ T5285] usb 1-1: config 0 descriptor??
[  547.199642][T12586] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  547.212480][ T5285] pwc: Askey VC010 type 2 USB webcam detected.
[  547.222548][T12586] usb 2-1: config 0 descriptor??
[  547.282367][ T5315] usb 4-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  547.291972][ T5315] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  547.303917][ T5315] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 4
[  547.320137][ T5315] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  547.332243][ T5315] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  547.340818][ T5315] usb 4-1: Product: syz
[  547.345084][ T5315] usb 4-1: Manufacturer: syz
[  547.350080][ T5315] usb 4-1: SerialNumber: syz
[  547.415425][ T5285] pwc: send_video_command error -71
[  547.427319][ T5285] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  547.435560][ T5285] Philips webcam 1-1:0.0: probe with driver Philips webcam failed with error -71
[  547.450803][ T5285] usb 1-1: USB disconnect, device number 87
[  547.572645][ T5315] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor
[  547.583359][ T5315] usb 4-1: 2:1 : unknown format tag 0x0 is detected.  processed as MPEG.
[  547.591899][ T5315] usb 4-1: found format II with max.bitrate = 128, frame size=0
[  547.600174][ T5315] usb 4-1: 2:1: All rates were zero
[  547.628566][ T5315] usb 4-1: USB disconnect, device number 125
[  547.644152][T13817] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1660'.
[  547.659539][T12586] keytouch 0003:0926:3333.0053: fixing up Keytouch IEC report descriptor
[  547.682088][ T8978] udevd[8978]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  547.718627][T12586] input: HID 0926:3333 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0926:3333.0053/input/input132
[  547.815010][T12586] keytouch 0003:0926:3333.0053: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.1-1/input0
[  547.849656][ T5283] usb 5-1: USB disconnect, device number 121
[  547.968724][  T938] usb 1-1: new high-speed USB device number 88 using dummy_hcd
[  548.128599][  T938] usb 1-1: Using ep0 maxpacket: 32
[  548.137387][  T938] usb 1-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  548.149017][  T938] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  548.170726][  T938] usb 1-1: config 0 descriptor??
[  548.196719][  T938] gspca_main: sq930x-2.14.0 probing 041e:403c
[  548.204823][ T5316] usb 2-1: USB disconnect, device number 126
[  548.427411][T13836] openvswitch: netlink: Actions may not be safe on all matching packets
[  548.471096][ T5316] usb 3-1: USB disconnect, device number 104
[  548.597478][T13842] FAULT_INJECTION: forcing a failure.
[  548.597478][T13842] name failslab, interval 1, probability 0, space 0, times 0
[  548.611011][T13842] CPU: 1 UID: 0 PID: 13842 Comm: syz.4.1670 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  548.621815][T13842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  548.631874][T13842] Call Trace:
[  548.635158][T13842]  <TASK>
[  548.638255][T13842]  dump_stack_lvl+0x241/0x360
[  548.642938][T13842]  ? __pfx_dump_stack_lvl+0x10/0x10
[  548.648137][T13842]  ? __pfx__printk+0x10/0x10
[  548.652740][T13842]  ? fs_reclaim_acquire+0x93/0x140
[  548.657886][T13842]  ? __pfx___might_resched+0x10/0x10
[  548.663181][T13842]  should_fail_ex+0x3b0/0x4e0
[  548.667875][T13842]  ? tomoyo_encode+0x26f/0x540
[  548.672641][T13842]  should_failslab+0xac/0x100
[  548.677328][T13842]  ? tomoyo_encode+0x26f/0x540
[  548.682084][T13842]  __kmalloc_noprof+0xd8/0x400
[  548.686861][T13842]  tomoyo_encode+0x26f/0x540
[  548.691507][T13842]  tomoyo_realpath_from_path+0x59e/0x5e0
[  548.697159][T13842]  tomoyo_check_open_permission+0x255/0x500
[  548.703052][T13842]  ? tomoyo_check_open_permission+0x204/0x500
[  548.709127][T13842]  ? __pfx_tomoyo_check_open_permission+0x10/0x10
[  548.715595][T13842]  ? mnt_get_write_access+0x68/0x2b0
[  548.720883][T13842]  ? mnt_get_write_access+0x68/0x2b0
[  548.726165][T13842]  security_file_open+0x777/0x990
[  548.731195][T13842]  do_dentry_open+0x369/0x1460
[  548.735976][T13842]  vfs_open+0x3e/0x330
[  548.740042][T13842]  path_openat+0x2c84/0x3590
[  548.744642][T13842]  ? __pfx_path_openat+0x10/0x10
[  548.749688][T13842]  do_filp_open+0x235/0x490
[  548.754221][T13842]  ? __pfx_do_filp_open+0x10/0x10
[  548.759269][T13842]  ? _raw_spin_unlock+0x28/0x50
[  548.764114][T13842]  ? alloc_fd+0x5a1/0x640
[  548.768450][T13842]  do_sys_openat2+0x13e/0x1d0
[  548.773147][T13842]  ? __pfx_do_sys_openat2+0x10/0x10
[  548.778381][T13842]  __x64_sys_openat+0x247/0x2a0
[  548.783244][T13842]  ? __pfx___x64_sys_openat+0x10/0x10
[  548.788641][T13842]  ? do_syscall_64+0x100/0x230
[  548.793426][T13842]  ? do_syscall_64+0xb6/0x230
[  548.798109][T13842]  do_syscall_64+0xf3/0x230
[  548.802601][T13842]  ? clear_bhb_loop+0x35/0x90
[  548.807268][T13842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  548.813169][T13842] RIP: 0033:0x7f748457dff9
[  548.817589][T13842] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  548.837195][T13842] RSP: 002b:00007f74852d2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  548.845610][T13842] RAX: ffffffffffffffda RBX: 00007f7484735f80 RCX: 00007f748457dff9
[  548.853616][T13842] RDX: 0000000000161842 RSI: 000000002000c380 RDI: ffffffffffffff9c
[  548.861600][T13842] RBP: 00007f74852d2090 R08: 0000000000000000 R09: 0000000000000000
[  548.869576][T13842] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  548.877565][T13842] R13: 0000000000000000 R14: 00007f7484735f80 R15: 00007f748485fa28
[  548.885550][T13842]  </TASK>
[  548.888693][    C1] vkms_vblank_simulate: vblank timer overrun
[  548.899983][T13842] ERROR: Out of memory at tomoyo_realpath_from_path.
[  549.119719][ T5316] usb 3-1: new high-speed USB device number 105 using dummy_hcd
[  549.151344][  T938] gspca_sq930x: reg_w 0105 bf00 failed -71
[  549.211197][  T938] sq930x 1-1:0.0: probe with driver sq930x failed with error -71
[  549.232336][  T938] usb 1-1: USB disconnect, device number 88
[  549.273539][T13859] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1676'.
[  549.297002][ T5316] usb 3-1: config 0 has an invalid interface number: 183 but max is 0
[  549.315338][ T5316] usb 3-1: config 0 has no interface number 0
[  549.322306][ T5316] usb 3-1: config 0 interface 183 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  549.342808][ T5316] usb 3-1: New USB device found, idVendor=083a, idProduct=2600, bcdDevice=c9.c0
[  549.358679][ T5316] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.371582][ T5316] usb 3-1: Product: syz
[  549.377367][ T5316] usb 3-1: Manufacturer: syz
[  549.382758][ T5316] usb 3-1: SerialNumber: syz
[  549.393251][ T5316] usb 3-1: config 0 descriptor??
[  549.398387][ T5285] usb 5-1: new high-speed USB device number 122 using dummy_hcd
[  549.409143][T13840] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  549.499190][T13865] netlink: 'syz.1.1678': attribute type 9 has an invalid length.
[  549.506922][T13865] netlink: 134660 bytes leftover after parsing attributes in process `syz.1.1678'.
[  549.570551][ T5285] usb 5-1: Using ep0 maxpacket: 8
[  549.577066][ T5285] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  549.589922][ T5285] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  549.603559][ T5285] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  549.623653][ T5285] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  549.651587][ T5315] usb 3-1: USB disconnect, device number 105
[  549.661718][  T938] usb 4-1: new high-speed USB device number 126 using dummy_hcd
[  549.685869][ T5285] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  549.709015][ T5285] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  549.718969][ T5285] usb 5-1: Product: syz
[  549.723167][ T5285] usb 5-1: Manufacturer: syz
[  549.729646][ T5285] usb 5-1: SerialNumber: syz
[  549.758714][ T5285] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[  549.804219][ T5285] usbtest 5-1:1.0: Linux user mode ISO test driver
[  549.822114][ T5285] usbtest 5-1:1.0: high-speed {control bulk-out iso-in} tests (+alt)
[  549.838405][ T5316] usb 2-1: new high-speed USB device number 127 using dummy_hcd
[  549.860076][  T938] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  549.860109][  T938] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 7
[  549.860136][  T938] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  549.860169][  T938] usb 4-1: New USB device found, idVendor=2040, idProduct=1605, bcdDevice= a.94
[  549.860193][  T938] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  549.879608][  T938] usb 4-1: config 0 descriptor??
[  550.039662][ T5316] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  550.050824][ T5316] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  550.061796][ T5316] usb 2-1: New USB device found, idVendor=056a, idProduct=0029, bcdDevice= 0.00
[  550.074422][ T5316] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  550.092058][ T5316] usb 2-1: config 0 descriptor??
[  550.280009][T13876] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  550.309153][T13876] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  550.367290][T13879] netlink: 'syz.2.1681': attribute type 9 has an invalid length.
[  550.376850][T13879] netlink: 134660 bytes leftover after parsing attributes in process `syz.2.1681'.
[  550.599400][ T5316] usbhid 2-1:0.0: can't add hid device: -71
[  550.613852][ T5316] usbhid 2-1:0.0: probe with driver usbhid failed with error -71
[  550.625470][ T5316] usb 2-1: USB disconnect, device number 127
[  550.672610][T13885] FAULT_INJECTION: forcing a failure.
[  550.672610][T13885] name failslab, interval 1, probability 0, space 0, times 0
[  550.685771][T13885] CPU: 1 UID: 0 PID: 13885 Comm: syz.0.1683 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  550.696547][T13885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  550.706682][T13885] Call Trace:
[  550.709951][T13885]  <TASK>
[  550.712867][T13885]  dump_stack_lvl+0x241/0x360
[  550.717538][T13885]  ? __pfx_dump_stack_lvl+0x10/0x10
[  550.722722][T13885]  ? __pfx__printk+0x10/0x10
[  550.727308][T13885]  ? __pfx_lock_acquire+0x10/0x10
[  550.732329][T13885]  should_fail_ex+0x3b0/0x4e0
[  550.736999][T13885]  ? __sigqueue_alloc+0x42e/0x540
[  550.742040][T13885]  should_failslab+0xac/0x100
[  550.746702][T13885]  ? __sigqueue_alloc+0x42e/0x540
[  550.751711][T13885]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  550.757075][T13885]  __sigqueue_alloc+0x42e/0x540
[  550.761914][T13885]  __send_signal_locked+0x22f/0xdc0
[  550.767096][T13885]  ? __lock_task_sighand+0x29/0x2d0
[  550.772283][T13885]  do_send_sig_info+0xc9/0x170
[  550.777039][T13885]  ? __pfx_do_send_sig_info+0x10/0x10
[  550.782394][T13885]  ? sigio_perm+0x2b/0x3c0
[  550.786799][T13885]  ? sigio_perm+0x307/0x3c0
[  550.791293][T13885]  send_sigio_to_task+0x2a3/0x400
[  550.796306][T13885]  ? __pfx_lock_acquire+0x10/0x10
[  550.801325][T13885]  ? __pfx_send_sigio_to_task+0x10/0x10
[  550.806861][T13885]  ? __pfx__raw_read_lock_irqsave+0x10/0x10
[  550.812753][T13885]  send_sigio+0x298/0x390
[  550.817069][T13885]  ? send_sigio+0x9b/0x390
[  550.821475][T13885]  kill_fasync+0x256/0x4f0
[  550.825876][T13885]  ? kill_fasync+0x54/0x4f0
[  550.830366][T13885]  lease_break_callback+0x26/0x30
[  550.835375][T13885]  __break_lease+0x6d5/0x1820
[  550.840045][T13885]  ? __pfx___break_lease+0x10/0x10
[  550.845140][T13885]  ? __pfx_apparmor_file_open+0x10/0x10
[  550.850691][T13885]  ? mnt_get_write_access+0x68/0x2b0
[  550.855960][T13885]  ? mnt_get_write_access+0x68/0x2b0
[  550.861237][T13885]  ? bpf_lsm_file_open+0x9/0x10
[  550.866069][T13885]  ? security_file_open+0x509/0x990
[  550.871252][T13885]  do_dentry_open+0x8d4/0x1460
[  550.876008][T13885]  vfs_open+0x3e/0x330
[  550.880067][T13885]  path_openat+0x2c84/0x3590
[  550.884663][T13885]  ? __pfx_path_openat+0x10/0x10
[  550.889606][T13885]  do_filp_open+0x235/0x490
[  550.894106][T13885]  ? __pfx_do_filp_open+0x10/0x10
[  550.899131][T13885]  ? _raw_spin_unlock+0x28/0x50
[  550.903972][T13885]  ? alloc_fd+0x5a1/0x640
[  550.908308][T13885]  do_sys_openat2+0x13e/0x1d0
[  550.912988][T13885]  ? __pfx_do_sys_openat2+0x10/0x10
[  550.918179][T13885]  __x64_sys_openat+0x247/0x2a0
[  550.923025][T13885]  ? __pfx___x64_sys_openat+0x10/0x10
[  550.928388][T13885]  ? do_syscall_64+0x100/0x230
[  550.933136][T13885]  ? do_syscall_64+0xb6/0x230
[  550.937796][T13885]  do_syscall_64+0xf3/0x230
[  550.942285][T13885]  ? clear_bhb_loop+0x35/0x90
[  550.946947][T13885]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  550.952837][T13885] RIP: 0033:0x7f5f6177dff9
[  550.957236][T13885] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  550.976837][T13885] RSP: 002b:00007f5f625c0038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  550.985244][T13885] RAX: ffffffffffffffda RBX: 00007f5f61935f80 RCX: 00007f5f6177dff9
[  550.993201][T13885] RDX: 0000000000161842 RSI: 000000002000c380 RDI: ffffffffffffff9c
[  551.001157][T13885] RBP: 00007f5f625c0090 R08: 0000000000000000 R09: 0000000000000000
[  551.009120][T13885] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  551.017078][T13885] R13: 0000000000000000 R14: 00007f5f61935f80 R15: 00007f5f61a5fa28
[  551.025045][T13885]  </TASK>
[  551.028125][    C1] vkms_vblank_simulate: vblank timer overrun
[  551.274496][T13893] pimreg: entered allmulticast mode
[  551.307601][T13893] pimreg: left allmulticast mode
[  551.489336][ T5316] usb 3-1: new high-speed USB device number 106 using dummy_hcd
[  551.560703][T13895] IPv6: sit1: Disabled Multicast RS
[  551.748409][ T5316] usb 3-1: Using ep0 maxpacket: 16
[  551.755662][ T5316] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  551.774065][ T5316] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  551.835744][ T5316] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice=ff.40
[  551.846567][ T5316] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  551.911564][ T5316] usb 3-1: Product: syz
[  551.916480][ T5316] usb 3-1: SerialNumber: syz
[  551.940505][ T5285] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  552.117944][  T938] usb 5-1: USB disconnect, device number 122
[  552.126936][ T5285] usb 2-1: unable to read config index 0 descriptor/start: -61
[  552.148892][ T5285] usb 2-1: can't read configurations, error -61
[  552.330314][ T5285] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  552.360290][T13905] bridge0: port 3(macvlan2) entered blocking state
[  552.388447][T13905] bridge0: port 3(macvlan2) entered disabled state
[  552.421084][T11113] usb 4-1: USB disconnect, device number 126
[  552.443443][T13905] macvlan2: entered allmulticast mode
[  552.497080][T13905] macvlan2: entered promiscuous mode
[  552.543682][ T5285] usb 2-1: unable to read config index 0 descriptor/start: -61
[  552.567662][ T5285] usb 2-1: can't read configurations, error -61
[  552.599679][ T5285] usb usb2-port1: attempt power cycle
[  552.653473][T13911] binder: 13910:13911 ioctl c0306201 0 returned -14
[  552.668469][ T5315] usb 1-1: new low-speed USB device number 89 using dummy_hcd
[  552.758562][T13914] netlink: 'syz.4.1694': attribute type 9 has an invalid length.
[  552.775040][T13914] netlink: 134660 bytes leftover after parsing attributes in process `syz.4.1694'.
[  552.828442][ T5315] usb 1-1: Invalid ep0 maxpacket: 64
[  552.948762][ T5285] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  552.973314][ T5285] usb 2-1: unable to read config index 0 descriptor/start: -61
[  553.003352][ T5315] usb 1-1: new low-speed USB device number 90 using dummy_hcd
[  553.011014][ T5285] usb 2-1: can't read configurations, error -61
[  553.172431][ T5285] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  553.198412][ T5315] usb 1-1: Invalid ep0 maxpacket: 64
[  553.214651][ T5315] usb usb1-port1: attempt power cycle
[  553.242650][ T5285] usb 2-1: unable to read config index 0 descriptor/start: -61
[  553.265649][ T5285] usb 2-1: can't read configurations, error -61
[  553.326482][ T5285] usb usb2-port1: unable to enumerate USB device
[  553.563350][T13937] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1702'.
[  553.588568][ T5315] usb 1-1: new low-speed USB device number 91 using dummy_hcd
[  553.608788][ T5285] usb 4-1: new high-speed USB device number 127 using dummy_hcd
[  553.634818][ T5315] usb 1-1: Invalid ep0 maxpacket: 64
[  553.770921][ T5315] usb 1-1: new low-speed USB device number 92 using dummy_hcd
[  553.781405][ T5285] usb 4-1: Using ep0 maxpacket: 8
[  553.793658][ T5285] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  553.806695][ T5285] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  553.820773][ T5315] usb 1-1: Invalid ep0 maxpacket: 64
[  553.826940][ T5315] usb usb1-port1: unable to enumerate USB device
[  553.834157][ T5285] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  553.848443][ T5285] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  553.899260][ T5285] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  553.924762][ T5285] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  553.932646][T13941] binder: 13940:13941 ioctl c0306201 0 returned -14
[  553.935574][ T5285] usb 4-1: Product: syz
[  553.947081][ T5285] usb 4-1: Manufacturer: syz
[  553.953607][ T5285] usb 4-1: SerialNumber: syz
[  553.976337][ T5285] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -22
[  553.995184][ T5285] usbtest 4-1:1.0: Linux user mode ISO test driver
[  554.006956][ T5285] usbtest 4-1:1.0: high-speed {control bulk-out iso-in} tests (+alt)
[  554.080200][ T5316] usb 3-1: 0:2 : does not exist
[  554.151841][ T5316] usb 3-1: USB disconnect, device number 106
[  554.319266][T13950] fuse: Bad value for 'group_id'
[  554.324402][T13950] fuse: Bad value for 'group_id'
[  554.410906][T11113] usb 5-1: new high-speed USB device number 123 using dummy_hcd
[  554.568639][T11113] usb 5-1: Using ep0 maxpacket: 32
[  554.578074][T11113] usb 5-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=6f.be
[  554.588461][T11113] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  554.597871][T11113] usb 5-1: config 0 descriptor??
[  554.606767][T11113] gspca_main: vc032x-2.14.0 probing 0ac8:0321
[  554.678414][ T5316] usb 3-1: new full-speed USB device number 107 using dummy_hcd
[  554.746838][T13956] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1710'.
[  554.756709][T13956] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1710'.
[  554.833284][ T5316] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  554.844645][ T5316] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  554.855133][ T5316] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  554.865367][ T5316] usb 3-1: config 0 descriptor??
[  554.970796][ T4628] Bluetooth: hci0: command 0x0406 tx timeout
[  555.248361][ T5315] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  555.294406][T13952] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  555.320859][T13952] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  555.332739][ T5316] keytouch 0003:0926:3333.0054: fixing up Keytouch IEC report descriptor
[  555.349582][ T5316] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0054/input/input134
[  555.410903][ T5315] usb 2-1: config 0 has an invalid interface number: 69 but max is 0
[  555.438771][ T5315] usb 2-1: config 0 has no interface number 0
[  555.445013][ T5315] usb 2-1: config 0 interface 69 altsetting 0 endpoint 0x8 has invalid maxpacket 1023, setting to 64
[  555.460083][ T5316] keytouch 0003:0926:3333.0054: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[  555.489154][ T5315] usb 2-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  555.517056][ T5315] usb 2-1: config 0 interface 69 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  555.540736][ T5315] usb 2-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  555.554849][ T5315] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  555.564476][ T5315] usb 2-1: Product: syz
[  555.571018][ T5315] usb 2-1: Manufacturer: syz
[  555.575789][ T5315] usb 2-1: SerialNumber: syz
[  555.594791][ T5315] usb 2-1: config 0 descriptor??
[  555.600935][T13965] raw-gadget.4 gadget.1: fail, usb_ep_enable returned -22
[  555.621905][ T5315] cyberjack 2-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  555.642067][ T5315] cyberjack ttyUSB0: usb_submit_urb(read int) failed
[  555.654580][   T29] kauditd_printk_skb: 89 callbacks suppressed
[  555.654597][   T29] audit: type=1326 audit(1727786446.470:8834): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13968 comm="syz.0.1714" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5f6177dff9 code=0x0
[  555.683924][ T5315] usb 2-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  555.820104][ T5315] usb 2-1: USB disconnect, device number 6
[  555.844373][ T5315] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[  555.864716][ T5315] cyberjack 2-1:0.69: device disconnected
[  555.916592][T13971] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1708'.
[  555.929906][T13971] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1708'.
[  555.939679][T13971] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1708'.
[  555.949248][T13971] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1708'.
[  556.044336][T11113] gspca_vc032x: reg_w err -71
[  556.059778][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.065195][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.071399][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.076846][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.082847][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.088212][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.094927][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.101160][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.106640][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.113099][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.118841][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.124796][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.130725][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.136093][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.141933][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.147311][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.154827][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.160487][T11113] gspca_vc032x: I2c Bus Busy Wait 00
[  556.165971][T11113] gspca_vc032x: Unknown sensor...
[  556.171565][T11113] vc032x 5-1:0.0: probe with driver vc032x failed with error -22
[  556.185640][T11113] usb 5-1: USB disconnect, device number 123
[  556.250087][ T5280] usb 4-1: USB disconnect, device number 127
[  556.315115][T13975] binder: 13974:13975 ioctl c0306201 0 returned -14
[  556.531296][T13982] fuse: Bad value for 'group_id'
[  556.537245][T13982] fuse: Bad value for 'group_id'
[  556.697228][T13990] bridge0: port 5(macvlan4) entered blocking state
[  556.718490][ T5280] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  556.730770][T13990] bridge0: port 5(macvlan4) entered disabled state
[  556.739590][T13990] macvlan4: entered allmulticast mode
[  556.745786][T13990] macvlan4: entered promiscuous mode
[  556.889656][ T5280] usb 4-1: device descriptor read/64, error -71
[  557.118394][ T5283] usb 1-1: new high-speed USB device number 93 using dummy_hcd
[  557.128525][ T5280] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  557.229159][T14003] binder: 14002:14003 ioctl c0306201 0 returned -14
[  557.270207][ T5315] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  557.274561][ T5283] usb 1-1: Using ep0 maxpacket: 8
[  557.282949][ T5280] usb 4-1: device descriptor read/64, error -71
[  557.304431][ T5283] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  557.312737][ T5283] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  557.322678][ T5283] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  557.332570][ T5283] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 52768, setting to 1024
[  557.343905][ T5283] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  557.354661][ T5283] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  557.367986][ T5283] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  557.377441][ T5283] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  557.408694][ T5280] usb usb4-port1: attempt power cycle
[  557.438480][ T5315] usb 2-1: Using ep0 maxpacket: 8
[  557.446785][ T5315] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  557.460380][ T5315] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  557.470673][ T5315] usb 2-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  557.480833][ T5315] usb 2-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  557.496542][ T5315] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  557.513916][  T938] usb 3-1: USB disconnect, device number 107
[  557.520966][ T5315] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  557.529366][ T5315] usb 2-1: Product: syz
[  557.533561][ T5315] usb 2-1: Manufacturer: syz
[  557.538178][ T5315] usb 2-1: SerialNumber: syz
[  557.577440][T14010] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1728'.
[  557.577793][ T5315] cdc_ether 2-1:1.0: probe with driver cdc_ether failed with error -22
[  557.593991][ T5283] usb 1-1: usb_control_msg returned -32
[  557.596070][ T5315] usbtest 2-1:1.0: Linux user mode ISO test driver
[  557.607747][ T5283] usbtmc 1-1:16.0: can't read capabilities
[  557.607971][ T5315] usbtest 2-1:1.0: high-speed {control bulk-out iso-in} tests (+alt)
[  557.635032][T14010] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  557.748458][ T5280] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  557.769123][ T5280] usb 4-1: device descriptor read/8, error -71
[  558.009589][ T5280] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  558.042962][ T5280] usb 4-1: device descriptor read/8, error -71
[  558.058422][  T938] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[  558.158672][ T5280] usb usb4-port1: unable to enumerate USB device
[  558.240437][  T938] usb 3-1: Using ep0 maxpacket: 16
[  558.254100][  T938] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  558.265827][  T938] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  558.276969][  T938] usb 3-1: New USB device found, idVendor=1770, idProduct=ff00, bcdDevice= 0.00
[  558.286076][  T938] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.297279][  T938] usb 3-1: config 0 descriptor??
[  558.510387][  T938] gt683r_led 0003:1770:FF00.0055: unknown main item tag 0x0
[  558.520366][  T938] gt683r_led 0003:1770:FF00.0055: hidraw0: USB HID v0.00 Device [HID 1770:ff00] on usb-dummy_hcd.2-1/input0
[  558.578763][ T5280] usb 5-1: new high-speed USB device number 124 using dummy_hcd
[  558.710138][ T5283] usb 3-1: USB disconnect, device number 108
[  558.723817][ T5229] gt683r_led 0003:1770:FF00.0055: failed to send set report request: -19
[  558.742087][ T5280] usb 5-1: config 1 interface 0 altsetting 3 endpoint 0x1 has invalid maxpacket 1983, setting to 1024
[  558.754303][ T5280] usb 5-1: config 1 interface 0 altsetting 3 bulk endpoint 0x1 has invalid maxpacket 1024
[  558.765197][ T5280] usb 5-1: config 1 interface 0 has no altsetting 0
[  558.774681][ T5280] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  558.784264][ T5280] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  558.793027][ T5280] usb 5-1: Product: syz
[  558.797299][ T5280] usb 5-1: Manufacturer: syz
[  558.802309][ T5280] usb 5-1: SerialNumber: syz
[  558.810957][T14022] raw-gadget.4 gadget.4: fail, usb_ep_enable returned -22
[  559.026818][ T5280] usb 5-1: USB disconnect, device number 124
[  559.389495][T14032] bridge0: port 3(macvlan2) entered blocking state
[  559.417477][T14032] bridge0: port 3(macvlan2) entered disabled state
[  559.438598][T14032] macvlan2: entered allmulticast mode
[  559.446740][T14032] macvlan2: entered promiscuous mode
[  559.467474][T14034] binder: 14033:14034 ioctl c0306201 0 returned -14
[  559.556310][T14039] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1739'.
[  559.584780][T14039] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  559.654222][ T5241] Bluetooth: hci1: Received unexpected HCI Event 0x00
[  559.665369][T14041] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1740'.
[  559.758464][ T5280] usb 3-1: new high-speed USB device number 109 using dummy_hcd
[  559.913562][ T5229] usb 1-1: USB disconnect, device number 93
[  559.931193][ T5280] usb 3-1: Using ep0 maxpacket: 32
[  559.978617][ T5280] usb 3-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  560.003518][ T5280] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.024051][ T5280] usb 3-1: config 0 descriptor??
[  560.035448][ T5315] usb 2-1: USB disconnect, device number 7
[  560.039932][ T5280] gspca_main: sunplus-2.14.0 probing 0458:7006
[  560.194319][T14060] binder: 14059:14060 ioctl c0306201 0 returned -14
[  560.195255][T14062] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1750'.
[  560.233495][T14062] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  560.311677][T14065] bridge0: port 6(macvlan5) entered blocking state
[  560.321796][  T938] usb 5-1: new high-speed USB device number 125 using dummy_hcd
[  560.323204][T14065] bridge0: port 6(macvlan5) entered disabled state
[  560.343163][T14065] macvlan5: entered allmulticast mode
[  560.351748][T14065] macvlan5: entered promiscuous mode
[  560.452182][T14074] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1754'.
[  560.468444][T14074] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1754'.
[  560.522949][  T938] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  560.534805][  T938] usb 5-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  560.544666][  T938] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.556576][  T938] usb 5-1: config 0 descriptor??
[  560.578512][ T5315] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  560.586404][ T5241] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  560.593815][T14080] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1756'.
[  560.718845][ T5315] usb 2-1: device descriptor read/64, error -71
[  560.963358][ T5315] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  560.975889][  T938] keytouch 0003:0926:3333.0056: fixing up Keytouch IEC report descriptor
[  560.978941][ T5229] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  560.987181][  T938] input: HID 0926:3333 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0926:3333.0056/input/input135
[  561.078455][ T5283] usb 1-1: new high-speed USB device number 94 using dummy_hcd
[  561.080936][  T938] keytouch 0003:0926:3333.0056: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.4-1/input0
[  561.106098][ T5315] usb 2-1: device descriptor read/64, error -71
[  561.178412][ T5229] usb 4-1: Using ep0 maxpacket: 32
[  561.190130][ T5229] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  561.206448][ T5229] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  561.220767][ T5315] usb usb2-port1: attempt power cycle
[  561.225476][ T5229] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  561.237201][ T5229] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  561.255472][ T5229] usb 4-1: config 0 descriptor??
[  561.261198][ T5283] usb 1-1: Using ep0 maxpacket: 8
[  561.280720][ T5280] gspca_sunplus: reg_w_riv err -71
[  561.286118][ T5283] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  561.299230][ T5229] hub 4-1:0.0: USB hub found
[  561.304486][ T5283] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  561.314487][ T5280] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  561.322793][ T5283] usb 1-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  561.334610][ T5280] usb 3-1: USB disconnect, device number 109
[  561.343833][ T5283] usb 1-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  561.366276][ T5283] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  561.376389][ T5283] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  561.391135][ T5283] usb 1-1: Product: syz
[  561.395407][ T5283] usb 1-1: Manufacturer: syz
[  561.402625][ T5283] usb 1-1: SerialNumber: syz
[  561.415610][ T5283] cdc_ether 1-1:1.0: probe with driver cdc_ether failed with error -22
[  561.424971][ T5283] usbtest 1-1:1.0: Linux user mode ISO test driver
[  561.431584][ T5283] usbtest 1-1:1.0: high-speed {control bulk-out iso-in} tests (+alt)
[  561.457164][ T5283] usb 5-1: USB disconnect, device number 125
[  561.487797][ T5229] hub 4-1:0.0: 1 port detected
[  561.568381][ T5315] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  561.589009][ T5315] usb 2-1: device descriptor read/8, error -71
[  561.828469][ T5315] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  561.864475][ T5315] usb 2-1: device descriptor read/8, error -71
[  561.945917][T14092] binder: 14091:14092 ioctl c0306201 0 returned -14
[  561.978736][ T5315] usb usb2-port1: unable to enumerate USB device
[  562.034725][T14095] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1763'.
[  562.060787][T14095] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  562.098161][ T5229] hub 4-1:0.0: activate --> -90
[  562.106948][T14099] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1764'.
[  562.328024][T14107] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1767'.
[  562.468511][ T1167] usb 5-1: new high-speed USB device number 126 using dummy_hcd
[  562.503635][ T5280] usb 4-1: USB disconnect, device number 6
[  562.509664][ T5229] usb 4-1-port1: config error
[  562.632063][ T1167] usb 5-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  562.642382][ T1167] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  562.663604][ T1167] usb 5-1: Product: syz
[  562.673831][ T1167] usb 5-1: Manufacturer: syz
[  562.679080][ T1167] usb 5-1: SerialNumber: syz
[  562.685215][ T1167] usb 5-1: config 0 descriptor??
[  562.694109][ T1167] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  563.134444][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  563.140939][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  563.220239][ T1167] gspca_sunplus: reg_r err -110
[  563.433055][ T5316] usb 5-1: USB disconnect, device number 126
[  563.588759][ T5315] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  563.802823][T14131] binder: 14130:14131 ioctl c0306201 0 returned -14
[  563.824254][ T5316] usb 1-1: USB disconnect, device number 94
[  563.858469][ T5285] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  563.933648][T14139] bridge0: port 3(macvlan2) entered blocking state
[  563.939550][T14140] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1779'.
[  563.953029][T14139] bridge0: port 3(macvlan2) entered disabled state
[  563.962842][T14139] macvlan2: entered allmulticast mode
[  563.974734][T14139] macvlan2: entered promiscuous mode
[  564.010045][ T5285] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  564.032592][ T5285] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  564.048066][ T5285] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  564.087542][ T5285] usb 4-1: config 0 descriptor??
[  564.108404][ T1167] usb 5-1: new high-speed USB device number 127 using dummy_hcd
[  564.125433][ T5241] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  564.144972][T14151] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1782'.
[  564.278735][ T1167] usb 5-1: Using ep0 maxpacket: 32
[  564.286092][ T1167] usb 5-1: New USB device found, idVendor=10fd, idProduct=de00, bcdDevice= 0.01
[  564.313563][ T1167] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  564.326763][ T1167] usb 5-1: config 0 descriptor??
[  564.345119][ T1167] go7007 5-1:0.0: The Lifeview TV Walker Ultra is not supported. Sorry!
[  564.428634][ T5316] usb 1-1: new high-speed USB device number 95 using dummy_hcd
[  564.515199][ T5285] keytouch 0003:0926:3333.0057: fixing up Keytouch IEC report descriptor
[  564.527297][ T5285] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0057/input/input136
[  564.552829][ T1167] usb 5-1: USB disconnect, device number 127
[  564.579928][ T5280] usb 3-1: new high-speed USB device number 110 using dummy_hcd
[  564.609335][ T5316] usb 1-1: Using ep0 maxpacket: 16
[  564.625318][ T5285] keytouch 0003:0926:3333.0057: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  564.640683][ T5316] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  564.658373][ T5316] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  564.679889][ T5316] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  564.690761][ T5316] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  564.701152][ T5316] usb 1-1: config 0 descriptor??
[  564.738472][ T5280] usb 3-1: Using ep0 maxpacket: 8
[  564.745500][ T5280] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  564.757145][ T5280] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  564.768370][ T5280] usb 3-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  564.778168][ T5280] usb 3-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  564.793604][ T5280] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  564.798499][ T5315] usb 2-1: device descriptor read/64, error -71
[  564.804629][ T5280] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  564.817329][ T5280] usb 3-1: Product: syz
[  564.821803][ T5280] usb 3-1: Manufacturer: syz
[  564.827546][ T5280] usb 3-1: SerialNumber: syz
[  564.839388][ T5280] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  564.849102][ T5280] usbtest 3-1:1.0: Linux user mode ISO test driver
[  564.855624][ T5280] usbtest 3-1:1.0: high-speed {control bulk-out iso-in} tests (+alt)
[  564.933030][ T5285] usb 4-1: USB disconnect, device number 7
[  565.049422][ T5315] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  565.114955][ T5316] microsoft 0003:045E:07DA.0058: unknown main item tag 0x1
[  565.122454][ T5316] microsoft 0003:045E:07DA.0058: unknown main item tag 0x0
[  565.131524][ T5316] microsoft 0003:045E:07DA.0058: unknown main item tag 0x0
[  565.141989][ T5316] microsoft 0003:045E:07DA.0058: unknown main item tag 0x0
[  565.150007][ T5316] microsoft 0003:045E:07DA.0058: No inputs registered, leaving
[  565.158496][ T5316] microsoft 0003:045E:07DA.0058: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  565.170061][ T5316] microsoft 0003:045E:07DA.0058: no inputs found
[  565.176397][ T5316] microsoft 0003:045E:07DA.0058: could not initialize ff, continuing anyway
[  565.220939][ T5315] usb 2-1: config 3 has an invalid interface number: 242 but max is 0
[  565.229753][ T5315] usb 2-1: config 3 has no interface number 0
[  565.236813][ T5315] usb 2-1: config 3 interface 242 altsetting 8 has a duplicate endpoint with address 0xA, skipping
[  565.248181][ T5315] usb 2-1: config 3 interface 242 altsetting 8 endpoint 0xC has invalid maxpacket 1024, setting to 64
[  565.260477][ T5315] usb 2-1: config 3 interface 242 altsetting 8 bulk endpoint 0x7 has invalid maxpacket 16
[  565.270591][ T5315] usb 2-1: config 3 interface 242 has no altsetting 0
[  565.280051][ T5315] usb 2-1: string descriptor 0 read error: -22
[  565.286442][ T5315] usb 2-1: New USB device found, idVendor=16d8, idProduct=6002, bcdDevice=b2.a0
[  565.295621][ T5315] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  565.305639][T14167] raw-gadget.4 gadget.1: fail, usb_ep_enable returned -22
[  565.315054][ T5315] option 2-1:3.242: GSM modem (1-port) converter detected
[  565.338722][ T5280] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  565.377856][T14170] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  565.391579][T14170] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  565.402470][T14153] fuse: Unknown parameter '•''
[  565.498443][ T5280] usb 5-1: Using ep0 maxpacket: 8
[  565.507307][ T5280] usb 5-1: config 0 has an invalid interface number: 168 but max is 0
[  565.524039][ T5280] usb 5-1: config 0 has no interface number 0
[  565.524555][ T5315] usb 2-1: USB disconnect, device number 13
[  565.533508][ T5280] usb 5-1: New USB device found, idVendor=0421, idProduct=042f, bcdDevice=a8.f8
[  565.540864][ T5315] option 2-1:3.242: device disconnected
[  565.549489][ T5280] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  565.578015][ T5280] usb 5-1: Product: syz
[  565.583965][ T5280] usb 5-1: Manufacturer: syz
[  565.589084][ T5280] usb 5-1: SerialNumber: syz
[  565.597251][ T5280] usb 5-1: config 0 descriptor??
[  565.606021][ T5280] usb 5-1: bad CDC descriptors
[  565.669707][ T5285] usb 1-1: USB disconnect, device number 95
[  565.842629][ T5280] usb 5-1: USB disconnect, device number 2
[  566.108587][ T5315] usb 4-1: new low-speed USB device number 8 using dummy_hcd
[  566.248586][ T5315] usb 4-1: device descriptor read/64, error -71
[  566.290588][T14199] bridge0: port 7(macvlan6) entered blocking state
[  566.297314][T14199] bridge0: port 7(macvlan6) entered disabled state
[  566.304376][T14199] macvlan6: entered allmulticast mode
[  566.311192][T14199] macvlan6: entered promiscuous mode
[  566.499841][ T5315] usb 4-1: new low-speed USB device number 9 using dummy_hcd
[  566.568459][ T5280] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  566.618626][ T5285] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[  566.638404][ T5315] usb 4-1: device descriptor read/64, error -71
[  566.638475][T11113] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  566.731829][ T5280] usb 2-1: config 3 has an invalid interface number: 242 but max is 0
[  566.741410][ T5280] usb 2-1: config 3 has no interface number 0
[  566.747583][ T5280] usb 2-1: config 3 interface 242 altsetting 8 has a duplicate endpoint with address 0xA, skipping
[  566.758825][ T5315] usb usb4-port1: attempt power cycle
[  566.759262][ T5280] usb 2-1: config 3 interface 242 altsetting 8 endpoint 0xC has invalid maxpacket 1024, setting to 64
[  566.775960][ T5280] usb 2-1: config 3 interface 242 altsetting 8 bulk endpoint 0x7 has invalid maxpacket 16
[  566.786213][ T5280] usb 2-1: config 3 interface 242 has no altsetting 0
[  566.789904][ T5285] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  566.797572][ T5280] usb 2-1: string descriptor 0 read error: -22
[  566.809536][ T5285] usb 1-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  566.810236][T11113] usb 5-1: Using ep0 maxpacket: 32
[  566.819796][ T5285] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  566.830272][ T5280] usb 2-1: New USB device found, idVendor=16d8, idProduct=6002, bcdDevice=b2.a0
[  566.835427][ T5285] usb 1-1: config 0 descriptor??
[  566.841505][ T5280] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  566.865401][T11113] usb 5-1: New USB device found, idVendor=0458, idProduct=7006, bcdDevice=69.91
[  566.881420][T11113] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  566.891880][T14200] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  566.909662][ T5280] option 2-1:3.242: GSM modem (1-port) converter detected
[  566.925808][T11113] usb 5-1: config 0 descriptor??
[  566.941102][T11113] gspca_main: sunplus-2.14.0 probing 0458:7006
[  567.108466][ T5315] usb 4-1: new low-speed USB device number 10 using dummy_hcd
[  567.139054][ T5315] usb 4-1: device descriptor read/8, error -71
[  567.173586][ T5316] usb 2-1: USB disconnect, device number 14
[  567.186011][ T5316] option 2-1:3.242: device disconnected
[  567.264125][ T5285] keytouch 0003:0926:3333.0059: fixing up Keytouch IEC report descriptor
[  567.287187][ T5285] input: HID 0926:3333 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:0926:3333.0059/input/input138
[  567.319312][ T1167] usb 3-1: USB disconnect, device number 110
[  567.378781][ T5315] usb 4-1: new low-speed USB device number 11 using dummy_hcd
[  567.408679][ T5285] keytouch 0003:0926:3333.0059: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.0-1/input0
[  567.439457][ T5315] usb 4-1: device descriptor read/8, error -71
[  567.550006][ T5315] usb usb4-port1: unable to enumerate USB device
[  567.710742][ T5280] usb 1-1: USB disconnect, device number 96
[  567.837619][T14215] FAULT_INJECTION: forcing a failure.
[  567.837619][T14215] name failslab, interval 1, probability 0, space 0, times 0
[  567.843445][T14216] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1809'.
[  567.850745][ T5241] Bluetooth: hci3: Received unexpected HCI Event 0x00
[  567.867416][T14215] CPU: 1 UID: 0 PID: 14215 Comm: syz.1.1808 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  567.878221][T14215] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  567.888296][T14215] Call Trace:
[  567.891591][T14215]  <TASK>
[  567.894542][T14215]  dump_stack_lvl+0x241/0x360
[  567.899246][T14215]  ? __pfx_dump_stack_lvl+0x10/0x10
[  567.904465][T14215]  ? __pfx__printk+0x10/0x10
[  567.909085][T14215]  ? kmem_cache_alloc_node_noprof+0x49/0x320
[  567.915093][T14215]  ? __pfx___might_resched+0x10/0x10
[  567.920407][T14215]  should_fail_ex+0x3b0/0x4e0
[  567.925109][T14215]  should_failslab+0xac/0x100
[  567.929813][T14215]  ? __alloc_skb+0x1c3/0x440
[  567.934433][T14215]  kmem_cache_alloc_node_noprof+0x71/0x320
[  567.940275][T14215]  __alloc_skb+0x1c3/0x440
[  567.944713][T14215]  ? __pfx___alloc_skb+0x10/0x10
[  567.949681][T14215]  ? netlink_autobind+0xd6/0x2f0
[  567.954641][T14215]  ? netlink_autobind+0x2b0/0x2f0
[  567.959698][T14215]  netlink_sendmsg+0x638/0xcb0
[  567.964495][T14215]  ? __pfx_netlink_sendmsg+0x10/0x10
[  567.969803][T14215]  ? aa_sock_msg_perm+0x91/0x160
[  567.974766][T14215]  ? __pfx_netlink_sendmsg+0x10/0x10
[  567.980072][T14215]  __sock_sendmsg+0x221/0x270
[  567.984773][T14215]  ____sys_sendmsg+0x52a/0x7e0
[  567.989572][T14215]  ? __pfx_____sys_sendmsg+0x10/0x10
[  567.994890][T14215]  __sys_sendmsg+0x292/0x380
[  567.999517][T14215]  ? __pfx___sys_sendmsg+0x10/0x10
[  568.004742][T14215]  ? __pfx_vfs_write+0x10/0x10
[  568.009531][T14215]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  568.015886][T14215]  ? do_syscall_64+0x100/0x230
[  568.020680][T14215]  ? do_syscall_64+0xb6/0x230
[  568.025399][T14215]  do_syscall_64+0xf3/0x230
[  568.029912][T14215]  ? clear_bhb_loop+0x35/0x90
[  568.034605][T14215]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  568.040526][T14215] RIP: 0033:0x7f13cb77dff9
[  568.044958][T14215] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  568.064614][T14215] RSP: 002b:00007f13cc48f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  568.073051][T14215] RAX: ffffffffffffffda RBX: 00007f13cb935f80 RCX: 00007f13cb77dff9
[  568.081029][T14215] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000004
[  568.089019][T14215] RBP: 00007f13cc48f090 R08: 0000000000000000 R09: 0000000000000000
[  568.097006][T14215] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  568.104982][T14215] R13: 0000000000000000 R14: 00007f13cb935f80 R15: 00007f13cba5fa28
[  568.112978][T14215]  </TASK>
[  568.173702][T11113] gspca_sunplus: reg_w_riv err -71
[  568.194709][T11113] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  568.214486][T11113] usb 5-1: USB disconnect, device number 3
[  568.462429][T14229] x_tables: ip_tables: osf match: only valid for protocol 6
[  568.472882][T14237] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1817'.
[  568.593000][T14244] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  568.600170][ T5285] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  568.677897][T14247] FAULT_INJECTION: forcing a failure.
[  568.677897][T14247] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  568.698920][T14247] CPU: 1 UID: 0 PID: 14247 Comm: syz.2.1821 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  568.709815][T14247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  568.719889][T14247] Call Trace:
[  568.723181][T14247]  <TASK>
[  568.726123][T14247]  dump_stack_lvl+0x241/0x360
[  568.730824][T14247]  ? __pfx_dump_stack_lvl+0x10/0x10
[  568.736049][T14247]  ? __pfx__printk+0x10/0x10
[  568.740639][T14247]  ? __pfx_lock_release+0x10/0x10
[  568.745673][T14247]  ? __local_bh_enable_ip+0x168/0x200
[  568.751047][T14247]  ? copy_fpstate_to_sigframe+0x179/0xdc0
[  568.756783][T14247]  should_fail_ex+0x3b0/0x4e0
[  568.761468][T14247]  copy_fpstate_to_sigframe+0xacc/0xdc0
[  568.767049][T14247]  ? __pfx_copy_fpstate_to_sigframe+0x10/0x10
[  568.773162][T14247]  ? fpu__alloc_mathframe+0xab/0x130
[  568.778479][T14247]  get_sigframe+0x5d9/0x800
[  568.783085][T14247]  ? __pfx_get_sigframe+0x10/0x10
[  568.788103][T14247]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  568.794094][T14247]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  568.800446][T14247]  x64_setup_rt_frame+0x180/0xcc0
[  568.805475][T14247]  ? lockdep_hardirqs_on+0x99/0x150
[  568.810850][T14247]  ? _raw_spin_unlock_irq+0x2e/0x50
[  568.816143][T14247]  ? __pfx_x64_setup_rt_frame+0x10/0x10
[  568.821692][T14247]  arch_do_signal_or_restart+0x458/0x860
[  568.827328][T14247]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  568.833484][T14247]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  568.839473][T14247]  ? syscall_exit_to_user_mode+0xa3/0x370
[  568.845193][T14247]  syscall_exit_to_user_mode+0xc9/0x370
[  568.850741][T14247]  do_syscall_64+0x100/0x230
[  568.855322][T14247]  ? clear_bhb_loop+0x35/0x90
[  568.859997][T14247]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  568.865894][T14247] RIP: 0033:0x7fa5c283e880
[  568.870306][T14247] Code: 44 24 20 0f 29 44 24 30 0f 29 44 24 40 48 8b 44 24 08 ff d0 48 83 c4 50 31 c0 5b 5d 41 5c 41 5d 41 5e c3 0f 1f 80 00 00 00 00 <c3> 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 c3 66 66 2e 0f 1f
[  568.889912][T14247] RSP: 002b:00007fa5c36a9a78 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  568.898330][T14247] RAX: 0000000000000000 RBX: 00007fa5c2b35f80 RCX: 00007fa5c297dff9
[  568.906302][T14247] RDX: 00007fa5c36a9a80 RSI: 00007fa5c36a9bb0 RDI: 0000000000000011
[  568.914269][T14247] RBP: 00007fa5c36aa090 R08: 0000000000000000 R09: 0000000000000000
[  568.922238][T14247] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  568.930205][T14247] R13: 0000000000000000 R14: 00007fa5c2b35f80 R15: 00007fa5c2c5fa28
[  568.938182][T14247]  </TASK>
[  569.101782][T14260] TCP: request_sock_TCP: Possible SYN flooding on port 0.0.0.0:20002. Sending cookies.
[  569.166855][ T5285] usb 2-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  569.176101][ T5285] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  569.199866][ T5285] usb 2-1: Product: syz
[  569.204078][ T5285] usb 2-1: Manufacturer: syz
[  569.209124][ T5285] usb 2-1: SerialNumber: syz
[  569.226691][ T5285] usb 2-1: config 0 descriptor??
[  569.236045][ T5285] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  569.237128][ T5241] Bluetooth: unknown link type 237
[  569.248121][ T5241] Bluetooth: hci4: connection err: -111
[  569.363288][ T5241] Bluetooth: hci4: Received unexpected HCI Event 0x00
[  569.366908][T14275] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1832'.
[  569.448885][  T938] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  569.601251][  T938] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  569.615911][  T938] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  569.627854][  T938] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  569.652270][  T938] usb 4-1: config 0 descriptor??
[  569.718432][   T25] usb 3-1: new high-speed USB device number 111 using dummy_hcd
[  569.748634][ T5285] gspca_sunplus: reg_r err -110
[  569.898431][   T25] usb 3-1: Using ep0 maxpacket: 16
[  569.906414][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  569.924862][   T25] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  569.949150][   T25] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  569.966049][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  569.972539][ T6673] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  569.985955][   T25] usb 3-1: config 0 descriptor??
[  570.000190][ T5280] usb 2-1: USB disconnect, device number 15
[  570.070452][  T938] keytouch 0003:0926:3333.005A: fixing up Keytouch IEC report descriptor
[  570.088924][  T938] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.005A/input/input140
[  570.155846][ T6673] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.207648][  T938] keytouch 0003:0926:3333.005A: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  570.402900][ T4628] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  570.417239][ T4628] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  570.435701][ T4628] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  570.437097][   T25] microsoft 0003:045E:07DA.005B: No inputs registered, leaving
[  570.468979][ T4628] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  570.479750][ T6673] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.490418][ T4628] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  570.497873][ T4628] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  570.506344][   T25] microsoft 0003:045E:07DA.005B: hidraw1: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  570.526772][   T25] microsoft 0003:045E:07DA.005B: no inputs found
[  570.575718][   T25] microsoft 0003:045E:07DA.005B: could not initialize ff, continuing anyway
[  570.585680][T11113] usb 4-1: USB disconnect, device number 12
[  570.613406][ T6673] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  570.664400][T14277] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  570.670325][T14293] dvmrp0: entered allmulticast mode
[  570.703908][T14277] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  570.859926][ T6673] macvlan6: left allmulticast mode
[  570.865097][ T6673] macvlan6: left promiscuous mode
[  570.879118][ T6673] bridge0: port 7(macvlan6) entered disabled state
[  570.887300][ T6673] macvlan5: left allmulticast mode
[  570.894712][ T6673] macvlan5: left promiscuous mode
[  570.903721][ T6673] bridge0: port 6(macvlan5) entered disabled state
[  570.915185][ T6673] macvlan4: left allmulticast mode
[  570.922663][ T6673] macvlan4: left promiscuous mode
[  570.927861][ T6673] bridge0: port 5(macvlan4) entered disabled state
[  570.956011][ T5315] usb 3-1: USB disconnect, device number 111
[  570.976551][ T6673] macvlan3: left allmulticast mode
[  570.983296][ T6673] macvlan3: left promiscuous mode
[  571.001079][ T6673] bridge0: port 4(macvlan3) entered disabled state
[  571.013003][ T6673] macvlan2: left allmulticast mode
[  571.018176][ T6673] macvlan2: left promiscuous mode
[  571.023738][ T6673] bridge0: port 3(macvlan2) entered disabled state
[  571.032684][ T6673] bridge_slave_1: left allmulticast mode
[  571.038811][ T6673] bridge_slave_1: left promiscuous mode
[  571.044522][ T6673] bridge0: port 2(bridge_slave_1) entered disabled state
[  571.063002][ T6673] bridge_slave_0: left allmulticast mode
[  571.069327][ T6673] bridge_slave_0: left promiscuous mode
[  571.075797][ T6673] bridge0: port 1(bridge_slave_0) entered disabled state
[  571.121286][T14304] fuse: Bad value for 'fd'
[  571.227076][T14307] FAULT_INJECTION: forcing a failure.
[  571.227076][T14307] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  571.250697][T14307] CPU: 0 UID: 0 PID: 14307 Comm: syz.3.1845 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  571.261511][T14307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  571.271592][T14307] Call Trace:
[  571.273523][T14309] loop9: detected capacity change from 0 to 7
[  571.274868][T14307]  <TASK>
[  571.274882][T14307]  dump_stack_lvl+0x241/0x360
[  571.274910][T14307]  ? __pfx_dump_stack_lvl+0x10/0x10
[  571.293735][T14307]  ? __pfx__printk+0x10/0x10
[  571.298341][T14307]  should_fail_ex+0x3b0/0x4e0
[  571.303024][T14307]  strncpy_from_user+0x36/0x250
[  571.307878][T14307]  getname_flags+0xf1/0x540
[  571.309287][ T5315] usb 3-1: new full-speed USB device number 112 using dummy_hcd
[  571.312373][T14307]  do_sys_openat2+0xd2/0x1d0
[  571.312407][T14307]  ? __pfx_do_sys_openat2+0x10/0x10
[  571.312441][T14307]  __x64_sys_openat+0x247/0x2a0
[  571.334686][T14307]  ? __pfx___x64_sys_openat+0x10/0x10
[  571.340075][T14307]  ? do_syscall_64+0x100/0x230
[  571.344841][T14307]  ? do_syscall_64+0xb6/0x230
[  571.349515][T14307]  do_syscall_64+0xf3/0x230
[  571.354012][T14307]  ? clear_bhb_loop+0x35/0x90
[  571.358697][T14307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  571.364620][T14307] RIP: 0033:0x7f160837c990
[  571.369030][T14307] Code: 48 89 44 24 20 75 93 44 89 54 24 0c e8 19 8f 02 00 44 8b 54 24 0c 89 da 48 89 ee 41 89 c0 bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 77 38 44 89 c7 89 44 24 0c e8 6c 8f 02 00 8b 44
[  571.388642][T14307] RSP: 002b:00007f1609176ef0 EFLAGS: 00000293 ORIG_RAX: 0000000000000101
[  571.397065][T14307] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f160837c990
[  571.405045][T14307] RDX: 0000000000000002 RSI: 00007f16083f002c RDI: 00000000ffffff9c
[  571.412544][T14309] Dev loop9: unable to read RDB block 7
[  571.413014][T14307] RBP: 00007f16083f002c R08: 0000000000000000 R09: 0000000000000000
[  571.418946][T14309]  loop9: AHDI p3
[  571.426498][T14307] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000005
[  571.426517][T14307] R13: 00000000000001e6 R14: 0000000020000c00 R15: 00007f160865fa28
[  571.426545][T14307]  </TASK>
[  571.426670][    C0] vkms_vblank_simulate: vblank timer overrun
[  571.430541][T14309] loop9: partition table partially beyond EOD, truncated
[  571.503529][ T5315] usb 3-1: unable to get BOS descriptor or descriptor too short
[  571.549017][ T5315] usb 3-1: not running at top speed; connect to a high speed hub
[  571.583289][ T5315] usb 3-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  571.592972][ T5315] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  571.602589][ T5315] usb 3-1: config 1 has no interface number 1
[  571.623848][ T5315] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  571.633087][ T5315] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  571.641459][ T5315] usb 3-1: Product: syz
[  571.645657][ T5315] usb 3-1: Manufacturer: syz
[  571.650365][ T5315] usb 3-1: SerialNumber: syz
[  571.871700][T14277] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  571.902031][   T25] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  571.915177][T14277] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  571.949913][ T5315] usb 3-1: 2:1: invalid format type 0x1001 is detected, processed as PCM
[  571.959299][ T5315] usb 3-1: 2:1 : invalid UAC_FORMAT_TYPE desc
[  572.013447][ T5315] usb 3-1: USB disconnect, device number 112
[  572.047334][ T8978] udevd[8978]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  572.065518][ T6673] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  572.083211][ T6673] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  572.105554][   T25] usb 5-1: config 0 has no interfaces?
[  572.113274][   T25] usb 5-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  572.122594][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  572.131939][   T25] usb 5-1: Product: syz
[  572.142263][   T25] usb 5-1: Manufacturer: syz
[  572.146990][   T25] usb 5-1: SerialNumber: syz
[  572.156880][ T6673] bond0 (unregistering): Released all slaves
[  572.163802][   T25] usb 5-1: config 0 descriptor??
[  572.208683][T11113] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  572.333338][T14294] chnl_net:caif_netlink_parms(): no params data found
[  572.369991][T11113] usb 2-1: Using ep0 maxpacket: 8
[  572.377150][T11113] usb 2-1: config 129 has an invalid interface number: 225 but max is 0
[  572.389024][T11113] usb 2-1: config 129 has no interface number 0
[  572.412805][T11113] usb 2-1: config 129 interface 225 has no altsetting 0
[  572.445614][T11113] usb 2-1: New USB device found, idVendor=0707, idProduct=0200, bcdDevice=62.94
[  572.459828][T11113] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  572.470614][T11113] usb 2-1: Product: syz
[  572.474818][T11113] usb 2-1: Manufacturer: syz
[  572.484537][T11113] usb 2-1: SerialNumber: syz
[  572.568633][ T4628] Bluetooth: hci4: command tx timeout
[  572.686776][T14294] bridge0: port 1(bridge_slave_0) entered blocking state
[  572.694340][T14294] bridge0: port 1(bridge_slave_0) entered disabled state
[  572.705259][T14294] bridge_slave_0: entered allmulticast mode
[  572.713435][T14294] bridge_slave_0: entered promiscuous mode
[  572.790974][ T6673] hsr_slave_0: left promiscuous mode
[  572.798016][ T6673] hsr_slave_1: left promiscuous mode
[  572.811453][ T6673] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  572.833261][ T6673] batman_adv: batadv0: Removing interface: batadv_slave_0
[  572.854572][ T6673] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  572.869412][ T6673] batman_adv: batadv0: Removing interface: batadv_slave_1
[  572.930750][ T6673] veth1_macvtap: left promiscuous mode
[  572.936324][ T6673] veth0_macvtap: left promiscuous mode
[  572.949265][ T6673] veth1_vlan: left promiscuous mode
[  572.954613][ T6673] veth0_vlan: left promiscuous mode
[  573.372192][T11113] pegasus 2-1:129.225: probe with driver pegasus failed with error -71
[  573.398989][T11113] usb 2-1: USB disconnect, device number 16
[  573.724159][ T5315] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  573.802967][ T6673] team0 (unregistering): Port device team_slave_1 removed
[  573.858177][ T6673] team0 (unregistering): Port device team_slave_0 removed
[  573.890398][ T5315] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  573.901771][ T5315] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  573.931322][ T5315] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  573.983252][ T5315] usb 4-1: config 0 descriptor??
[  574.412193][ T5315] keytouch 0003:0926:3333.005C: fixing up Keytouch IEC report descriptor
[  574.440418][ T5315] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.005C/input/input142
[  574.577907][ T5315] keytouch 0003:0926:3333.005C: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  574.649605][ T4628] Bluetooth: hci4: command tx timeout
[  574.736281][ T5280] usb 5-1: USB disconnect, device number 4
[  574.835122][T14366] loop9: detected capacity change from 0 to 7
[  574.850033][T14366] Dev loop9: unable to read RDB block 7
[  574.858179][ T5315] usb 4-1: USB disconnect, device number 13
[  574.881529][T14366]  loop9: AHDI p3
[  574.896833][T14366] loop9: partition table partially beyond EOD, truncated
[  574.933281][T14294] bridge0: port 2(bridge_slave_1) entered blocking state
[  574.961817][T14294] bridge0: port 2(bridge_slave_1) entered disabled state
[  574.977214][T14294] bridge_slave_1: entered allmulticast mode
[  575.009198][T14294] bridge_slave_1: entered promiscuous mode
[  575.116294][T14294] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  575.141662][T14294] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  575.192207][ T5285] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  575.253230][T14294] team0: Port device team_slave_0 added
[  575.263266][T14294] team0: Port device team_slave_1 added
[  575.366061][ T5285] usb 5-1: config 3 has an invalid interface number: 242 but max is 0
[  575.394555][ T5285] usb 5-1: config 3 has no interface number 0
[  575.396048][T14294] batman_adv: batadv0: Adding interface: batadv_slave_0
[  575.414226][T14294] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  575.423011][ T5285] usb 5-1: config 3 interface 242 altsetting 8 has a duplicate endpoint with address 0xA, skipping
[  575.440498][T14294] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  575.459279][ T5285] usb 5-1: config 3 interface 242 altsetting 8 endpoint 0xC has invalid maxpacket 1024, setting to 64
[  575.478376][T14294] batman_adv: batadv0: Adding interface: batadv_slave_1
[  575.485352][T14294] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  575.523465][T14294] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  575.567833][ T5285] usb 5-1: config 3 interface 242 altsetting 8 bulk endpoint 0x7 has invalid maxpacket 16
[  575.611047][T14384] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1867'.
[  575.620396][ T5285] usb 5-1: config 3 interface 242 has no altsetting 0
[  575.639879][ T5285] usb 5-1: New USB device found, idVendor=16d8, idProduct=6002, bcdDevice=b2.a0
[  575.650590][T14384] FAULT_INJECTION: forcing a failure.
[  575.650590][T14384] name failslab, interval 1, probability 0, space 0, times 0
[  575.663438][ T5285] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  575.702103][T14384] CPU: 0 UID: 0 PID: 14384 Comm: syz.1.1867 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  575.706248][ T5285] usb 5-1: Product: syz
[  575.712898][T14384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  575.712916][T14384] Call Trace:
[  575.712924][T14384]  <TASK>
[  575.712933][T14384]  dump_stack_lvl+0x241/0x360
[  575.712960][T14384]  ? __pfx_dump_stack_lvl+0x10/0x10
[  575.733152][ T5285] usb 5-1: Manufacturer: syz
[  575.733357][T14384]  ? __pfx__printk+0x10/0x10
[  575.738135][ T5285] usb 5-1: SerialNumber: syz
[  575.743202][T14384]  ? __kmalloc_node_track_caller_noprof+0xb2/0x440
[  575.743234][T14384]  ? __pfx___might_resched+0x10/0x10
[  575.743258][T14384]  ? lockdep_init_map_type+0xa1/0x910
[  575.774162][T14384]  should_fail_ex+0x3b0/0x4e0
[  575.778886][T14384]  should_failslab+0xac/0x100
[  575.783595][T14384]  __kmalloc_node_track_caller_noprof+0xda/0x440
[  575.786213][T14367] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  575.789930][T14384]  ? xfrm_add_sa+0x1fb0/0x3b60
[  575.801828][T14384]  kmemdup_noprof+0x2a/0x60
[  575.806354][T14384]  xfrm_add_sa+0x1fb0/0x3b60
[  575.810983][T14384]  ? __pfx_xfrm_add_sa+0x10/0x10
[  575.815956][T14384]  ? __nla_parse+0x40/0x60
[  575.820400][T14384]  xfrm_user_rcv_msg+0x75b/0xa80
[  575.825370][T14384]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  575.830889][T14384]  ? __mutex_trylock_common+0x183/0x2e0
[  575.836462][T14384]  ? __pfx___might_resched+0x10/0x10
[  575.841786][T14384]  netlink_rcv_skb+0x1e3/0x430
[  575.846581][T14384]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  575.852070][T14384]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  575.857414][T14384]  xfrm_netlink_rcv+0x79/0x90
[  575.862120][T14384]  netlink_unicast+0x7f6/0x990
[  575.866930][T14384]  ? __pfx_netlink_unicast+0x10/0x10
[  575.872278][T14384]  ? __virt_addr_valid+0x183/0x530
[  575.877414][T14384]  ? __check_object_size+0x48e/0x900
[  575.882728][T14384]  netlink_sendmsg+0x8e4/0xcb0
[  575.887621][T14384]  ? __pfx_netlink_sendmsg+0x10/0x10
[  575.892931][T14384]  ? aa_sock_msg_perm+0x91/0x160
[  575.897901][T14384]  ? __pfx_netlink_sendmsg+0x10/0x10
[  575.903209][T14384]  __sock_sendmsg+0x221/0x270
[  575.907918][T14384]  ____sys_sendmsg+0x52a/0x7e0
[  575.912713][T14384]  ? __pfx_____sys_sendmsg+0x10/0x10
[  575.918038][T14384]  __sys_sendmsg+0x292/0x380
[  575.922655][T14384]  ? __pfx___sys_sendmsg+0x10/0x10
[  575.927802][T14384]  ? __pfx_vfs_write+0x10/0x10
[  575.932611][T14384]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  575.938997][T14384]  ? do_syscall_64+0x100/0x230
[  575.943790][T14384]  ? do_syscall_64+0xb6/0x230
[  575.948499][T14384]  do_syscall_64+0xf3/0x230
[  575.953025][T14384]  ? clear_bhb_loop+0x35/0x90
[  575.957727][T14384]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  575.963653][T14384] RIP: 0033:0x7f13cb77dff9
[  575.968091][T14384] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  575.969600][T14399] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1871'.
[  575.987704][T14384] RSP: 002b:00007f13cc48f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  575.987736][T14384] RAX: ffffffffffffffda RBX: 00007f13cb935f80 RCX: 00007f13cb77dff9
[  575.987751][T14384] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  575.987763][T14384] RBP: 00007f13cc48f090 R08: 0000000000000000 R09: 0000000000000000
[  575.987775][T14384] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  575.987787][T14384] R13: 0000000000000000 R14: 00007f13cb935f80 R15: 00007f13cba5fa28
[  575.987815][T14384]  </TASK>
[  576.074642][ T5285] option 5-1:3.242: GSM modem (1-port) converter detected
[  576.098948][ T5285] usb 5-1: USB disconnect, device number 5
[  576.107988][ T5285] option 5-1:3.242: device disconnected
[  576.131735][T14403] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1873'.
[  576.221744][T14294] hsr_slave_0: entered promiscuous mode
[  576.271120][T14294] hsr_slave_1: entered promiscuous mode
[  576.281553][T14294] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  576.296347][T14294] Cannot create hsr debugfs directory
[  576.658511][ T5280] usb 3-1: new high-speed USB device number 113 using dummy_hcd
[  576.728474][ T4628] Bluetooth: hci4: command tx timeout
[  576.899153][T14432] netlink: 'syz.3.1880': attribute type 9 has an invalid length.
[  576.908415][ T5280] usb 3-1: Using ep0 maxpacket: 8
[  576.919824][ T5280] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  576.927074][T14432] netlink: 134672 bytes leftover after parsing attributes in process `syz.3.1880'.
[  576.948239][T14432] openvswitch: netlink: Key 2 has unexpected len 20 expected 4
[  576.999815][ T5280] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  577.073034][ T5280] usb 3-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  577.125769][ T5280] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  577.196311][ T5280] usb 3-1: config 0 descriptor??
[  577.378151][T14442] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1883'.
[  577.393095][T14442] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1883'.
[  577.397007][T14447] netlink: 'syz.3.1884': attribute type 5 has an invalid length.
[  577.423548][T14446] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1885'.
[  577.476802][T14294] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  577.505764][T14294] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  577.561059][T14294] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  577.611244][T14294] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  577.678922][ T5285] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  577.843283][T14294] 8021q: adding VLAN 0 to HW filter on device bond0
[  577.870053][ T5285] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  577.888463][T11113] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  577.898643][ T5285] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 0
[  577.911049][T14294] 8021q: adding VLAN 0 to HW filter on device team0
[  577.936852][ T5285] usb 2-1: New USB device found, idVendor=0499, idProduct=5ae2, bcdDevice= 9.0f
[  577.938480][ T1167] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  577.956238][ T6680] bridge0: port 1(bridge_slave_0) entered blocking state
[  577.963436][ T6680] bridge0: port 1(bridge_slave_0) entered forwarding state
[  577.964570][ T5285] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  578.007686][ T5285] usb 2-1: Product: syz
[  578.019069][ T5285] usb 2-1: Manufacturer: syz
[  578.023764][ T5285] usb 2-1: SerialNumber: syz
[  578.039716][ T5285] usb 2-1: config 0 descriptor??
[  578.058323][ T8745] bridge0: port 2(bridge_slave_1) entered blocking state
[  578.065469][ T8745] bridge0: port 2(bridge_slave_1) entered forwarding state
[  578.200808][ T1167] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  578.229035][ T1167] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  578.250218][T14442] netlink: 2 bytes leftover after parsing attributes in process `syz.1.1883'.
[  578.258445][ T1167] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  578.287415][ T1167] usb 5-1: config 0 descriptor??
[  578.320860][ T1167] pwc: Askey VC010 type 2 USB webcam detected.
[  578.323878][T14294] 8021q: adding VLAN 0 to HW filter on device batadv0
[  578.405726][T14294] veth0_vlan: entered promiscuous mode
[  578.422832][T14294] veth1_vlan: entered promiscuous mode
[  578.444956][T14294] veth0_macvtap: entered promiscuous mode
[  578.455564][T14294] veth1_macvtap: entered promiscuous mode
[  578.471894][T14294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  578.482696][T14294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  578.492651][T14294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  578.504311][T14294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  578.510044][ T1167] pwc: send_video_command error -71
[  578.514496][T14294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  578.530015][T14294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  578.539922][T14294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  578.550935][T14294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  578.562787][T14294] batman_adv: batadv0: Interface activated: batadv_slave_0
[  578.573060][T14294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  578.581703][ T1167] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  578.583606][T14294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  578.600880][T14294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  578.611584][T14294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  578.621519][T14294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  578.631998][T14294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  578.641929][T14294] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  578.643061][ T1167] Philips webcam 5-1:0.0: probe with driver Philips webcam failed with error -71
[  578.652875][T14294] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  578.654369][T14294] batman_adv: batadv0: Interface activated: batadv_slave_1
[  578.682631][T14294] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  578.691455][T14294] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  578.700499][T14294] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  578.709397][T14294] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  578.798892][ T1167] usb 5-1: USB disconnect, device number 6
[  578.809146][ T4628] Bluetooth: hci4: command tx timeout
[  578.884713][T14474] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1890'.
[  578.925735][T14474] netlink: 'syz.3.1890': attribute type 7 has an invalid length.
[  578.933955][T14474] netlink: 'syz.3.1890': attribute type 8 has an invalid length.
[  578.942074][T14474] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1890'.
[  578.954387][T14481] netlink: 'syz.1.1891': attribute type 9 has an invalid length.
[  578.977730][T14474] gretap0: entered promiscuous mode
[  578.985705][T14481] openvswitch: netlink: Key 2 has unexpected len 20 expected 4
[  578.989186][T14474] batadv_slave_1: entered promiscuous mode
[  578.999513][ T5285] usb 2-1: USB disconnect, device number 17
[  579.017779][T14474] gretap0: left promiscuous mode
[  579.020192][ T8978] udevd[8978]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  579.047423][T14474] batadv_slave_1: left promiscuous mode
[  579.208497][ T1167] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  579.247266][ T6673] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  579.256034][ T6673] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  579.349269][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  579.357139][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  579.358488][ T1167] usb 5-1: Using ep0 maxpacket: 32
[  579.370500][ T1167] usb 5-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  579.389370][ T1167] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  579.429322][ T1167] usb 5-1: config 0 descriptor??
[  579.501425][ T1167] gspca_main: sq930x-2.14.0 probing 041e:403c
[  579.690685][T14500] FAULT_INJECTION: forcing a failure.
[  579.690685][T14500] name failslab, interval 1, probability 0, space 0, times 0
[  579.698465][T11113] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  579.733888][T14500] CPU: 1 UID: 0 PID: 14500 Comm: syz.3.1894 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  579.744708][T14500] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  579.754785][T14500] Call Trace:
[  579.758072][T14500]  <TASK>
[  579.761001][T14500]  dump_stack_lvl+0x241/0x360
[  579.765690][T14500]  ? __pfx_dump_stack_lvl+0x10/0x10
[  579.770887][T14500]  ? __pfx__printk+0x10/0x10
[  579.775478][T14500]  ? __kmalloc_node_noprof+0xb7/0x440
[  579.780860][T14500]  ? __pfx___might_resched+0x10/0x10
[  579.786149][T14500]  should_fail_ex+0x3b0/0x4e0
[  579.790861][T14500]  should_failslab+0xac/0x100
[  579.795543][T14500]  __kmalloc_node_noprof+0xdf/0x440
[  579.800742][T14500]  ? crypto_create_tfm_node+0x88/0x3d0
[  579.806209][T14500]  crypto_create_tfm_node+0x88/0x3d0
[  579.811508][T14500]  crypto_alloc_tfm_node+0x161/0x360
[  579.816812][T14500]  esp_init_state+0x611/0x10b0
[  579.821615][T14500]  ? __pfx_esp_init_state+0x10/0x10
[  579.826823][T14500]  ? __xfrm_init_state+0x708/0xea0
[  579.831933][T14500]  ? __pfx_lock_release+0x10/0x10
[  579.836981][T14500]  __xfrm_init_state+0x9db/0xea0
[  579.841923][T14500]  xfrm_add_sa+0x2a79/0x3b60
[  579.846533][T14500]  ? __pfx_xfrm_add_sa+0x10/0x10
[  579.851483][T14500]  ? __nla_parse+0x40/0x60
[  579.855902][T14500]  xfrm_user_rcv_msg+0x75b/0xa80
[  579.860852][T14500]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  579.866351][T14500]  ? __mutex_trylock_common+0x183/0x2e0
[  579.871906][T14500]  ? __pfx___might_resched+0x10/0x10
[  579.877219][T14500]  netlink_rcv_skb+0x1e3/0x430
[  579.882004][T14500]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  579.887508][T14500]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  579.892840][T14500]  xfrm_netlink_rcv+0x79/0x90
[  579.897530][T14500]  netlink_unicast+0x7f6/0x990
[  579.902306][T14500]  ? __pfx_netlink_unicast+0x10/0x10
[  579.907798][T14500]  ? __virt_addr_valid+0x183/0x530
[  579.912956][T14500]  ? __check_object_size+0x48e/0x900
[  579.918254][T14500]  netlink_sendmsg+0x8e4/0xcb0
[  579.923042][T14500]  ? __pfx_netlink_sendmsg+0x10/0x10
[  579.928345][T14500]  ? aa_sock_msg_perm+0x91/0x160
[  579.933297][T14500]  ? __pfx_netlink_sendmsg+0x10/0x10
[  579.938598][T14500]  __sock_sendmsg+0x221/0x270
[  579.943289][T14500]  ____sys_sendmsg+0x52a/0x7e0
[  579.948062][T14500]  ? __pfx_____sys_sendmsg+0x10/0x10
[  579.953361][T14500]  __sys_sendmsg+0x292/0x380
[  579.957952][T14500]  ? __pfx___sys_sendmsg+0x10/0x10
[  579.963066][T14500]  ? __pfx_vfs_write+0x10/0x10
[  579.967841][T14500]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  579.974181][T14500]  ? do_syscall_64+0x100/0x230
[  579.978965][T14500]  ? do_syscall_64+0xb6/0x230
[  579.983651][T14500]  do_syscall_64+0xf3/0x230
[  579.988154][T14500]  ? clear_bhb_loop+0x35/0x90
[  579.992841][T14500]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  579.998754][T14500] RIP: 0033:0x7f160837dff9
[  580.003175][T14500] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  580.022782][T14500] RSP: 002b:00007f160919a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  580.031202][T14500] RAX: ffffffffffffffda RBX: 00007f1608535f80 RCX: 00007f160837dff9
[  580.039175][T14500] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000003
[  580.047147][T14500] RBP: 00007f160919a090 R08: 0000000000000000 R09: 0000000000000000
[  580.055116][T14500] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  580.063087][T14500] R13: 0000000000000000 R14: 00007f1608535f80 R15: 00007f160865fa28
[  580.071076][T14500]  </TASK>
[  580.163113][T11113] usb 2-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  580.178350][T11113] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  580.219858][T11113] usb 2-1: Product: syz
[  580.224148][T11113] usb 2-1: Manufacturer: syz
[  580.273871][T11113] usb 2-1: SerialNumber: syz
[  580.304127][T11113] usb 2-1: config 0 descriptor??
[  580.332652][T11113] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  580.549312][ T1167] gspca_sq930x: reg_w 0105 bf00 failed -71
[  580.608535][ T1167] sq930x 5-1:0.0: probe with driver sq930x failed with error -71
[  580.629009][ T1167] usb 5-1: USB disconnect, device number 7
[  580.861387][T11113] gspca_sunplus: reg_r err -110
[  580.895904][T14527] __nla_validate_parse: 2 callbacks suppressed
[  580.895923][T14527] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1900'.
[  580.913145][ T5316] usb 1-1: new high-speed USB device number 97 using dummy_hcd
[  581.085268][ T5316] usb 1-1: Using ep0 maxpacket: 8
[  581.098507][T11113] usb 2-1: USB disconnect, device number 18
[  581.107401][ T5316] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  581.152812][ T5316] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  581.184495][T14534] netlink: 'syz.3.1901': attribute type 9 has an invalid length.
[  581.198240][ T5316] usb 1-1: config 0 descriptor??
[  581.248465][T14534] netlink: 134672 bytes leftover after parsing attributes in process `syz.3.1901'.
[  581.265713][T14534] openvswitch: netlink: Key 2 has unexpected len 20 expected 4
[  581.377718][ T4628] Bluetooth: hci2: Received unexpected HCI Event 0x00
[  581.389496][T14547] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1904'.
[  581.480276][ T5280] usbhid 3-1:0.0: can't add hid device: -71
[  581.486323][ T5280] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  581.533730][ T5280] usb 3-1: USB disconnect, device number 113
[  581.604822][T14552] netlink: 324 bytes leftover after parsing attributes in process `syz.3.1906'.
[  581.829414][ T5316] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -32
[  581.844973][ T5316] asix 1-1:0.0: probe with driver asix failed with error -32
[  581.887426][ T5316] usb 1-1: USB disconnect, device number 97
[  581.912572][ T6680] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  581.980075][T14566] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1911'.
[  581.998425][ T5315] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  582.075888][ T6680] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.204839][ T5315] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  582.228781][ T5315] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  582.231121][ T6680] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.248378][ T5315] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  582.313406][ T5315] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  582.343139][ T5315] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  582.376582][ T5315] usb 4-1: config 0 descriptor??
[  582.412565][ T6680] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  582.448506][ T5316] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  582.665982][ T5316] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  582.685845][ T5316] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  582.685863][ T5241] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  582.706664][ T5316] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  582.707161][ T5241] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  582.727946][ T5241] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  582.739419][ T5241] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  582.747109][ T5316] usb 2-1: config 0 descriptor??
[  582.757116][ T5241] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  582.767492][ T5241] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  582.786054][ T5316] pwc: Askey VC010 type 2 USB webcam detected.
[  582.829762][ T5315] plantronics 0003:047F:FFFF.005D: ignoring exceeding usage max
[  582.852386][ T6680] macvlan2: left allmulticast mode
[  582.857568][ T6680] macvlan2: left promiscuous mode
[  582.884061][ T5315] plantronics 0003:047F:FFFF.005D: No inputs registered, leaving
[  582.900947][ T6680] bridge0: port 3(macvlan2) entered disabled state
[  582.929316][ T5315] plantronics 0003:047F:FFFF.005D: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  582.958045][ T6680] bridge_slave_1: left allmulticast mode
[  582.974269][ T6680] bridge_slave_1: left promiscuous mode
[  582.998534][  T938] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  583.008616][ T5316] pwc: send_video_command error -71
[  583.012806][ T6680] bridge0: port 2(bridge_slave_1) entered disabled state
[  583.013822][ T5316] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  583.046263][ T6680] bridge_slave_0: left allmulticast mode
[  583.050711][ T5316] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71
[  583.072633][ T6680] bridge_slave_0: left promiscuous mode
[  583.073080][ T5316] usb 2-1: USB disconnect, device number 19
[  583.090854][ T6680] bridge0: port 1(bridge_slave_0) entered disabled state
[  583.098408][ T5285] usb 1-1: new high-speed USB device number 98 using dummy_hcd
[  583.211309][  T938] usb 5-1: config 3 has an invalid interface number: 242 but max is 0
[  583.225218][  T938] usb 5-1: config 3 has no interface number 0
[  583.239337][  T938] usb 5-1: config 3 interface 242 altsetting 8 has a duplicate endpoint with address 0xA, skipping
[  583.254124][  T938] usb 5-1: config 3 interface 242 altsetting 8 endpoint 0xC has invalid maxpacket 1024, setting to 64
[  583.280356][ T5285] usb 1-1: config 17 has an invalid descriptor of length 255, skipping remainder of the config
[  583.310267][  T938] usb 5-1: config 3 interface 242 altsetting 8 bulk endpoint 0x7 has invalid maxpacket 16
[  583.324735][ T5285] usb 1-1: config 17 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  583.350469][  T938] usb 5-1: config 3 interface 242 has no altsetting 0
[  583.363003][  T938] usb 5-1: New USB device found, idVendor=16d8, idProduct=6002, bcdDevice=b2.a0
[  583.374283][ T5285] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  583.386033][  T938] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  583.398671][ T5285] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  583.406775][  T938] usb 5-1: Product: syz
[  583.427225][  T938] usb 5-1: Manufacturer: syz
[  583.438546][  T938] usb 5-1: SerialNumber: syz
[  583.452877][T14591] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  583.588455][ T5316] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  583.648969][T14593] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.1918'.
[  583.670491][T14593] openvswitch: netlink: Tunnel attr 0 has unexpected len 2 expected 8
[  583.778686][ T5316] usb 2-1: Using ep0 maxpacket: 32
[  583.797015][ T5316] usb 2-1: New USB device found, idVendor=041e, idProduct=403c, bcdDevice=cc.d7
[  583.807525][ T5316] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  583.827579][ T5316] usb 2-1: config 0 descriptor??
[  583.843477][ T5316] gspca_main: sq930x-2.14.0 probing 041e:403c
[  584.928669][ T5241] Bluetooth: hci3: command tx timeout
[  586.468365][ T5316] gspca_sq930x: reg_r 001f failed -110
[  586.474058][ T5316] sq930x 2-1:0.0: probe with driver sq930x failed with error -110
[  586.968614][ T5241] Bluetooth: hci3: command tx timeout
[  587.017457][    T0] sched: DL replenish lagged too much
[  587.099831][ T5315] usb 2-1: USB disconnect, device number 20
[  587.208397][   T25] usb 4-1: reset high-speed USB device number 15 using dummy_hcd
[  589.048641][ T5241] Bluetooth: hci3: command tx timeout
[  589.818942][ T5285] usb 1-1: string descriptor 0 read error: -32
[  589.840482][  T938] option 5-1:3.242: GSM modem (1-port) converter detected
[  589.858893][   T25] usb 4-1: device descriptor read/64, error -32
[  602.750087][ T5241] Bluetooth: hci3: command tx timeout
[  603.894715][ T5285] aiptek 1-1:17.0: interface has no int in endpoints, but must have minimum 1
[  604.129923][   T25] usb 4-1: reset high-speed USB device number 15 using dummy_hcd
[  604.249440][ T5285] usb 1-1: USB disconnect, device number 98
[  604.325629][  T938] usb 5-1: USB disconnect, device number 8
[  604.390964][  T938] option 5-1:3.242: device disconnected
[  604.438435][   T25] usb 4-1: device descriptor read/64, error -32
[  604.565290][ T6680] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  604.748446][   T25] usb 4-1: reset high-speed USB device number 15 using dummy_hcd
[  604.848939][ T6680] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  604.878873][   T25] usb 4-1: device descriptor read/8, error -32
[  604.969316][ T6680] bond0 (unregistering): Released all slaves
[  605.179992][   T25] usb 4-1: reset high-speed USB device number 15 using dummy_hcd
[  605.294108][   T25] usb 4-1: device descriptor read/8, error -32
[  605.451796][   T25] raw-gadget.0 gadget.3: failed to queue suspend event
[  605.560486][ T5316] usb 4-1: USB disconnect, device number 15
[  605.630413][ T5316] raw-gadget.0 gadget.3: failed to queue reset event
[  605.801320][ T5316] raw-gadget.0 gadget.3: failed to queue resume event
[  605.949643][ T5316] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  606.040307][    C1] raw-gadget.0 gadget.3: ignoring, device is not running
[  606.053659][ T5316] raw-gadget.0 gadget.3: failed to queue reset event
[  606.181916][ T5241] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  606.191436][ T5241] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  606.199608][ T5316] raw-gadget.0 gadget.3: failed to queue resume event
[  606.230435][ T5241] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  606.243842][ T5241] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  606.252466][ T5241] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  606.260314][ T5241] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  606.299176][ T5316] usb 4-1: device descriptor read/64, error -32
[  606.408553][ T5316] raw-gadget.0 gadget.3: failed to queue suspend event
[  606.415730][ T5316] raw-gadget.0 gadget.3: failed to queue reset event
[  606.423202][ T5239] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  606.431969][ T5237] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  606.449975][ T5239] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  606.457829][ T5237] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  606.466277][ T5237] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  606.499017][ T5237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  606.509885][ T5237] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  606.517788][ T5237] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  606.525794][ T5239] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  606.533084][ T5237] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  606.544874][ T5237] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  606.552275][ T5239] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  606.611436][ T5316] raw-gadget.0 gadget.3: failed to queue resume event
[  606.738633][ T5241] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  606.746989][ T5316] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  606.760953][ T5241] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  606.770406][ T5241] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  606.778618][ T5241] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  606.789524][ T5241] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  606.800883][ T5241] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  606.874075][    C1] raw-gadget.0 gadget.3: ignoring, device is not running
[  606.883737][ T5316] raw-gadget.0 gadget.3: failed to queue reset event
[  606.988542][ T5316] raw-gadget.0 gadget.3: failed to queue resume event
[  607.068530][ T5316] usb 4-1: device descriptor read/64, error -32
[  607.178539][ T5316] raw-gadget.0 gadget.3: failed to queue suspend event
[  607.188878][ T5316] usb usb4-port1: attempt power cycle
[  607.196080][ T5316] raw-gadget.0 gadget.3: failed to queue disconnect event
[  607.247571][ T5316] raw-gadget.0 gadget.3: failed to queue reset event
[  607.325666][ T5316] raw-gadget.0 gadget.3: failed to queue resume event
[  607.335264][ T5316] raw-gadget.0 gadget.3: failed to queue reset event
[  607.566779][ T5316] raw-gadget.0 gadget.3: failed to queue resume event
[  607.638490][ T5316] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  607.670345][    C1] raw-gadget.0 gadget.3: ignoring, device is not running
[  607.677536][ T5316] usb 4-1: device descriptor read/8, error -32
[  607.794164][ T5316] raw-gadget.0 gadget.3: failed to queue suspend event
[  607.808617][ T5316] raw-gadget.0 gadget.3: failed to queue reset event
[  607.880747][ T5316] raw-gadget.0 gadget.3: failed to queue resume event
[  607.953990][ T5316] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  607.978574][    C1] raw-gadget.0 gadget.3: ignoring, device is not running
[  607.985730][ T5316] usb 4-1: device descriptor read/8, error -32
[  608.116019][ T5316] raw-gadget.0 gadget.3: failed to queue suspend event
[  608.130948][ T5316] usb usb4-port1: unable to enumerate USB device
[  608.329940][ T4628] Bluetooth: hci4: command tx timeout
[  608.728573][ T4628] Bluetooth: hci0: command tx timeout
[  608.808503][ T4628] Bluetooth: hci5: command tx timeout
[  608.891584][ T4628] Bluetooth: hci6: command tx timeout
[  610.408437][ T4628] Bluetooth: hci4: command tx timeout
[  610.808506][ T4628] Bluetooth: hci0: command tx timeout
[  610.888476][ T4628] Bluetooth: hci5: command tx timeout
[  610.968483][ T4628] Bluetooth: hci6: command tx timeout
[  612.488496][ T4628] Bluetooth: hci4: command tx timeout
[  612.888514][ T4628] Bluetooth: hci0: command tx timeout
[  612.968543][ T4628] Bluetooth: hci5: command tx timeout
[  613.049401][ T4628] Bluetooth: hci6: command tx timeout
[  614.568611][ T4628] Bluetooth: hci4: command tx timeout
[  614.968635][ T4628] Bluetooth: hci0: command tx timeout
[  615.048701][ T4628] Bluetooth: hci5: command tx timeout
[  615.132042][ T4628] Bluetooth: hci6: command tx timeout
[  624.583776][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  624.590218][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  644.853321][ T5241] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  644.886600][ T5241] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  644.925840][ T5241] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  645.027437][ T5241] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  645.111763][ T5241] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  645.155775][ T5241] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  647.294256][ T5241] Bluetooth: hci1: command tx timeout
[  649.368615][ T5241] Bluetooth: hci1: command tx timeout
[  651.448616][ T5241] Bluetooth: hci1: command tx timeout
[  653.528645][ T5241] Bluetooth: hci1: command tx timeout
[  667.073011][ T4628] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  667.082660][ T4628] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  667.118558][ T4628] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  667.138793][ T4628] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  667.146461][ T4628] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  667.157187][ T4628] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  667.220087][ T5241] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  667.238974][ T5241] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  667.249985][ T5241] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  667.287296][ T5241] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  667.295136][ T5241] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  667.304605][ T5241] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  667.449792][ T4628] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  667.463348][ T4628] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  667.478990][ T4628] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  667.487267][ T4628] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  667.495636][ T4628] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  667.503267][ T4628] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  667.647530][ T5241] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  667.658031][ T5241] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  667.668030][ T5241] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  667.676415][ T5241] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  667.684568][ T5241] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  667.692337][ T5241] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  669.208485][ T4628] Bluetooth: hci2: command tx timeout
[  669.368544][ T4628] Bluetooth: hci7: command tx timeout
[  669.608687][ T4628] Bluetooth: hci8: command tx timeout
[  669.768936][ T4628] Bluetooth: hci9: command tx timeout
[  671.290770][ T4628] Bluetooth: hci2: command tx timeout
[  671.448626][ T4628] Bluetooth: hci7: command tx timeout
[  671.688691][ T4628] Bluetooth: hci8: command tx timeout
[  671.848516][ T4628] Bluetooth: hci9: command tx timeout
[  673.373620][ T4628] Bluetooth: hci2: command tx timeout
[  673.528675][ T4628] Bluetooth: hci7: command tx timeout
[  673.768752][ T4628] Bluetooth: hci8: command tx timeout
[  673.928514][ T4628] Bluetooth: hci9: command tx timeout
[  675.448567][ T4628] Bluetooth: hci2: command tx timeout
[  675.608461][ T4628] Bluetooth: hci7: command tx timeout
[  675.848670][ T4628] Bluetooth: hci8: command tx timeout
[  676.008452][ T4628] Bluetooth: hci9: command tx timeout
[  686.018035][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  686.024495][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  696.250948][    T8] kworker/0:0 (8) used greatest stack depth: 16752 bytes left
[  705.363582][ T5241] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  705.426179][ T5241] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  705.484817][ T5241] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  705.546891][ T5241] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  705.556460][ T5241] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  705.568543][ T5241] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  707.608732][ T5241] Bluetooth: hci10: command tx timeout
[  708.577204][ T5241] Bluetooth: hci3: command 0x0406 tx timeout
[  709.694176][ T4628] Bluetooth: hci10: command tx timeout
[  711.768541][ T4628] Bluetooth: hci10: command tx timeout
[  713.858395][ T4628] Bluetooth: hci10: command tx timeout
[  727.583895][T14663] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  727.594185][T14663] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  727.602676][T14663] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  727.613933][T14663] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  727.621691][T14663] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  727.629512][T14663] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  727.682051][T14664] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  727.693003][T14664] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  727.701350][T14664] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  727.709657][T14664] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  727.733650][T14664] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  727.741176][T14664] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  728.400335][T14663] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  728.414770][T14663] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  728.423135][T14663] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  728.431527][T14663] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  728.439320][T14663] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  728.447079][T14663] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  728.543912][T14664] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  728.557515][T14664] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  728.566984][T14664] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  728.576068][T14664] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  728.588847][T14664] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  728.607228][T14664] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  729.062887][T14664] Bluetooth: hci0: command 0x0406 tx timeout
[  729.069060][T14663] Bluetooth: hci6: command 0x0406 tx timeout
[  729.208774][T14664] Bluetooth: hci5: command 0x0406 tx timeout
[  729.214863][ T5237] Bluetooth: hci4: command 0x0406 tx timeout
[  729.688547][ T4628] Bluetooth: hci11: command tx timeout
[  729.848494][ T4628] Bluetooth: hci12: command tx timeout
[  730.488684][ T4628] Bluetooth: hci13: command tx timeout
[  730.648528][ T4628] Bluetooth: hci14: command tx timeout
[  731.768659][ T4628] Bluetooth: hci11: command tx timeout
[  731.928450][ T4628] Bluetooth: hci12: command tx timeout
[  732.568750][ T4628] Bluetooth: hci13: command tx timeout
[  732.728591][ T4628] Bluetooth: hci14: command tx timeout
[  733.848573][ T4628] Bluetooth: hci11: command tx timeout
[  734.008647][ T4628] Bluetooth: hci12: command tx timeout
[  734.648723][ T4628] Bluetooth: hci13: command tx timeout
[  734.808653][ T4628] Bluetooth: hci14: command tx timeout
[  735.928656][ T4628] Bluetooth: hci11: command tx timeout
[  736.088725][ T4628] Bluetooth: hci12: command tx timeout
[  736.728693][ T4628] Bluetooth: hci13: command tx timeout
[  736.888570][ T4628] Bluetooth: hci14: command tx timeout
[  747.456719][ T1269] ieee802154 phy0 wpan0: encryption failed: -22
[  747.463192][ T1269] ieee802154 phy1 wpan1: encryption failed: -22
[  765.932145][ T5241] Bluetooth: hci15: unexpected cc 0x0c03 length: 249 > 1
[  766.002418][ T5241] Bluetooth: hci15: unexpected cc 0x1003 length: 249 > 9
[  766.023746][ T5241] Bluetooth: hci15: unexpected cc 0x1001 length: 249 > 9
[  766.122928][ T5241] Bluetooth: hci15: unexpected cc 0x0c23 length: 249 > 4
[  766.130893][ T5241] Bluetooth: hci15: unexpected cc 0x0c25 length: 249 > 3
[  766.138479][ T5241] Bluetooth: hci15: unexpected cc 0x0c38 length: 249 > 2
[  767.932236][   T30] INFO: task dhcpcd:4897 blocked for more than 143 seconds.
[  767.958348][   T30]       Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  767.966041][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  768.010978][   T30] task:dhcpcd          state:D stack:22272 pid:4897  tgid:4897  ppid:1      flags:0x00000002
[  768.076929][   T30] Call Trace:
[  768.086261][   T30]  <TASK>
[  768.106513][   T30]  __schedule+0x1895/0x4b30
[  768.178489][   T30]  ? __pfx___schedule+0x10/0x10
[  768.183419][   T30]  ? __pfx_lock_release+0x10/0x10
[  768.188778][ T5241] Bluetooth: hci15: command tx timeout
[  768.275750][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  768.282008][   T30]  ? schedule+0x90/0x320
[  768.286302][   T30]  schedule+0x14b/0x320
[  768.309147][   T30]  schedule_preempt_disabled+0x13/0x30
[  768.314679][   T30]  __mutex_lock+0x6a7/0xd70
[  768.325856][   T30]  ? __mutex_lock+0x52a/0xd70
[  768.331063][   T30]  ? vlan_ioctl_handler+0x112/0x9d0
[  768.336308][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  768.349121][   T30]  ? __might_fault+0xc6/0x120
[  768.353852][   T30]  vlan_ioctl_handler+0x112/0x9d0
[  768.364920][   T30]  ? sock_ioctl+0x661/0x8e0
[  768.369848][   T30]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[  768.375450][   T30]  ? __pfx_vlan_ioctl_handler+0x10/0x10
[  768.387157][   T30]  sock_ioctl+0x680/0x8e0
[  768.391818][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[  768.396723][   T30]  ? __pfx_sock_ioctl+0x10/0x10
[  768.416606][   T30]  __se_sys_ioctl+0xf9/0x170
[  768.426523][   T30]  do_syscall_64+0xf3/0x230
[  768.431837][   T30]  ? clear_bhb_loop+0x35/0x90
[  768.436558][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  768.448565][   T30] RIP: 0033:0x7f0a78f79d49
[  768.453025][   T30] RSP: 002b:00007ffe76d78ec8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  768.466997][   T30] RAX: ffffffffffffffda RBX: 000055cafa6bada0 RCX: 00007f0a78f79d49
[  768.475311][   T30] RDX: 00007ffe76d78ed0 RSI: 0000000000008982 RDI: 0000000000000011
[  768.488847][   T30] RBP: 0000000000000002 R08: 0000000000000008 R09: 0000000000000000
[  768.496853][   T30] R10: 00007ffe76d89550 R11: 0000000000000246 R12: 00007ffe76d78ed0
[  768.519675][   T30] R13: 00007ffe76d78f90 R14: 000055cafa6bada0 R15: 000055cafaaccc40
[  768.527707][   T30]  </TASK>
[  768.535757][   T30] INFO: task kworker/u8:13:6680 blocked for more than 143 seconds.
[  768.545721][   T30]       Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  768.560481][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  768.575507][   T30] task:kworker/u8:13   state:D stack:20480 pid:6680  tgid:6680  ppid:2      flags:0x00004000
[  768.586033][   T30] Workqueue: netns cleanup_net
[  768.596860][   T30] Call Trace:
[  768.600462][   T30]  <TASK>
[  768.604960][   T30]  __schedule+0x1895/0x4b30
[  768.621662][   T30]  ? __pfx___schedule+0x10/0x10
[  768.626574][   T30]  ? __pfx_lock_release+0x10/0x10
[  768.634516][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  768.643694][   T30]  ? kthread_data+0x52/0xd0
[  768.648242][   T30]  ? schedule+0x90/0x320
[  768.656888][   T30]  ? wq_worker_sleeping+0x66/0x240
[  768.667218][   T30]  ? schedule+0x90/0x320
[  768.674012][   T30]  schedule+0x14b/0x320
[  768.678213][   T30]  schedule_preempt_disabled+0x13/0x30
[  768.687500][   T30]  __mutex_lock+0x6a7/0xd70
[  768.694563][   T30]  ? __mutex_lock+0x52a/0xd70
[  768.702869][   T30]  ? ieee80211_unregister_hw+0x55/0x2c0
[  768.714091][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  768.722912][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  768.733498][   T30]  ? rcu_is_watching+0x15/0xb0
[  768.741940][   T30]  ieee80211_unregister_hw+0x55/0x2c0
[  768.747362][   T30]  mac80211_hwsim_del_radio+0x2c4/0x4c0
[  768.757819][   T30]  ? __pfx_mac80211_hwsim_del_radio+0x10/0x10
[  768.768135][   T30]  hwsim_exit_net+0x5c1/0x670
[  768.775497][   T30]  ? __pfx_hwsim_exit_net+0x10/0x10
[  768.784354][   T30]  ? __ip_vs_dev_cleanup_batch+0x239/0x260
[  768.792739][   T30]  cleanup_net+0x802/0xcc0
[  768.797192][   T30]  ? __pfx_cleanup_net+0x10/0x10
[  768.809502][   T30]  ? process_scheduled_works+0x976/0x1850
[  768.815270][   T30]  process_scheduled_works+0xa63/0x1850
[  768.827170][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  768.834829][   T30]  ? assign_work+0x364/0x3d0
[  768.844234][   T30]  worker_thread+0x870/0xd30
[  768.850356][   T30]  ? __kthread_parkme+0x169/0x1d0
[  768.855430][   T30]  ? __pfx_worker_thread+0x10/0x10
[  768.866938][   T30]  kthread+0x2f0/0x390
[  768.872869][   T30]  ? __pfx_worker_thread+0x10/0x10
[  768.878024][   T30]  ? __pfx_kthread+0x10/0x10
[  768.887646][   T30]  ret_from_fork+0x4b/0x80
[  768.895734][   T30]  ? __pfx_kthread+0x10/0x10
[  768.905029][   T30]  ret_from_fork_asm+0x1a/0x30
[  768.914289][   T30]  </TASK>
[  768.917477][   T30] INFO: task kworker/u8:17:8745 blocked for more than 144 seconds.
[  768.928703][   T30]       Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  768.938146][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  768.950676][   T30] task:kworker/u8:17   state:D stack:21208 pid:8745  tgid:8745  ppid:2      flags:0x00004000
[  768.966130][   T30] Workqueue: events_unbound linkwatch_event
[  768.974718][   T30] Call Trace:
[  768.978026][   T30]  <TASK>
[  768.985242][   T30]  __schedule+0x1895/0x4b30
[  768.992345][   T30]  ? __pfx___schedule+0x10/0x10
[  768.997246][   T30]  ? __pfx_lock_release+0x10/0x10
[  769.006153][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  769.017552][   T30]  ? kthread_data+0x52/0xd0
[  769.025693][   T30]  ? schedule+0x90/0x320
[  769.032520][   T30]  ? wq_worker_sleeping+0x66/0x240
[  769.037823][   T30]  ? schedule+0x90/0x320
[  769.045968][   T30]  schedule+0x14b/0x320
[  769.053004][   T30]  schedule_preempt_disabled+0x13/0x30
[  769.064214][   T30]  __mutex_lock+0x6a7/0xd70
[  769.075561][   T30]  ? __mutex_lock+0x52a/0xd70
[  769.083940][   T30]  ? linkwatch_event+0xe/0x60
[  769.091637][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  769.096710][   T30]  ? process_scheduled_works+0x976/0x1850
[  769.106306][   T30]  linkwatch_event+0xe/0x60
[  769.117042][   T30]  process_scheduled_works+0xa63/0x1850
[  769.126311][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  769.135054][   T30]  ? assign_work+0x364/0x3d0
[  769.143493][   T30]  worker_thread+0x870/0xd30
[  769.148151][   T30]  ? __kthread_parkme+0x169/0x1d0
[  769.155860][   T30]  ? __pfx_worker_thread+0x10/0x10
[  769.166357][   T30]  kthread+0x2f0/0x390
[  769.173091][   T30]  ? __pfx_worker_thread+0x10/0x10
[  769.178244][   T30]  ? __pfx_kthread+0x10/0x10
[  769.183513][   T30]  ret_from_fork+0x4b/0x80
[  769.187958][   T30]  ? __pfx_kthread+0x10/0x10
[  769.198360][   T30]  ret_from_fork_asm+0x1a/0x30
[  769.203187][   T30]  </TASK>
[  769.206227][   T30] INFO: task syz-executor:11621 blocked for more than 144 seconds.
[  769.223040][   T30]       Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  769.232373][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  769.256288][   T30] task:syz-executor    state:D stack:20992 pid:11621 tgid:11621 ppid:1      flags:0x00004006
[  769.282597][   T30] Call Trace:
[  769.285923][   T30]  <TASK>
[  769.298746][   T30]  __schedule+0x1895/0x4b30
[  769.303322][   T30]  ? __pfx___schedule+0x10/0x10
[  769.308203][   T30]  ? __pfx_lock_release+0x10/0x10
[  769.320505][   T30]  ? schedule+0x90/0x320
[  769.324797][   T30]  schedule+0x14b/0x320
[  769.336203][   T30]  schedule_timeout+0xb0/0x310
[  769.342440][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  769.347859][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  769.360046][   T30]  ? wait_for_completion+0x2fe/0x620
[  769.365379][   T30]  ? wait_for_completion+0x2fe/0x620
[  769.376701][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  769.384499][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  769.393316][   T30]  ? wait_for_completion+0x2fe/0x620
[  769.401308][   T30]  wait_for_completion+0x355/0x620
[  769.406479][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  769.415860][   T30]  ? __flush_work+0xe7/0xc50
[  769.424514][   T30]  __flush_work+0xa37/0xc50
[  769.434109][   T30]  ? __flush_work+0xe7/0xc50
[  769.441684][   T30]  ? __pfx___flush_work+0x10/0x10
[  769.446891][   T30]  ? __pfx_wq_barrier_func+0x10/0x10
[  769.470675][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  769.477061][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  769.488697][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  769.493944][   T30]  unregister_netdevice_many_notify+0x87b/0x1da0
[  769.506174][   T30]  ? __pfx_lock_release+0x10/0x10
[  769.511598][   T30]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  769.524528][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  769.537865][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  769.548767][   T30]  ? __queue_work+0x199/0xf50
[  769.553494][   T30]  ? queue_delayed_work_on+0x1eb/0x390
[  769.564644][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  769.570229][   T30]  unregister_netdevice_queue+0x303/0x370
[  769.575991][   T30]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  769.589634][   T30]  __tun_detach+0x6b9/0x1600
[  769.594276][   T30]  tun_chr_close+0x105/0x1b0
[  769.604863][   T30]  ? __pfx_tun_chr_close+0x10/0x10
[  769.610487][   T30]  __fput+0x23f/0x880
[  769.614777][   T30]  task_work_run+0x24f/0x310
[  769.627595][   T30]  ? kasan_quarantine_put+0xdc/0x230
[  769.634564][   T30]  ? __pfx_task_work_run+0x10/0x10
[  769.643645][   T30]  ? do_exit+0xa2a/0x28e0
[  769.648019][   T30]  ? kmem_cache_free+0x1a2/0x420
[  769.655711][   T30]  ? do_exit+0xa2a/0x28e0
[  769.664089][   T30]  do_exit+0xa2f/0x28e0
[  769.672629][   T30]  ? __pfx_do_exit+0x10/0x10
[  769.677343][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  769.686463][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  769.696262][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  769.706321][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  769.713949][   T30]  do_group_exit+0x207/0x2c0
[  769.723553][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  769.732808][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  769.738056][   T30]  get_signal+0x16a3/0x1740
[  769.746505][   T30]  ? __pfx_get_signal+0x10/0x10
[  769.754040][   T30]  arch_do_signal_or_restart+0x96/0x860
[  769.764681][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  769.775680][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  769.785362][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  769.793652][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  769.802862][   T30]  do_syscall_64+0x100/0x230
[  769.807488][   T30]  ? clear_bhb_loop+0x35/0x90
[  769.816324][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  769.825842][   T30] RIP: 0033:0x7f748457ca3c
[  769.834667][   T30] RSP: 002b:00007f748485fd90 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  769.846903][   T30] RAX: fffffffffffffe00 RBX: 0000000000000003 RCX: 00007f748457ca3c
[  769.859383][   T30] RDX: 0000000000000028 RSI: 00007f748485fe40 RDI: 00000000000000f9
[  769.867405][   T30] RBP: 00007f748485fdec R08: 0000000000000000 R09: 0079746972756365
[  769.881723][   T30] R10: 00007f74847087e0 R11: 0000000000000246 R12: 00005555718eb603
[  769.893980][   T30] R13: 00005555718eb590 R14: 0000000000000005 R15: 00007f748485fe40
[  769.904528][   T30]  </TASK>
[  769.907656][   T30] INFO: task syz.3.1908:14612 blocked for more than 145 seconds.
[  769.922707][   T30]       Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  769.934105][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  769.949066][   T30] task:syz.3.1908      state:D stack:25824 pid:14612 tgid:14557 ppid:13238  flags:0x00004006
[  769.964366][   T30] Call Trace:
[  769.967691][   T30]  <TASK>
[  769.973487][   T30]  __schedule+0x1895/0x4b30
[  769.978061][   T30]  ? __pfx___schedule+0x10/0x10
[  769.987929][   T30]  ? __pfx_lock_release+0x10/0x10
[  769.994431][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  770.003496][   T30]  ? schedule+0x90/0x320
[  770.007783][   T30]  schedule+0x14b/0x320
[  770.013942][ T5241] Bluetooth: hci1: command 0x0406 tx timeout
[  770.031647][   T30]  schedule_preempt_disabled+0x13/0x30
[  770.041761][   T30]  __mutex_lock+0x6a7/0xd70
[  770.046326][   T30]  ? __mutex_lock+0x52a/0xd70
[  770.054948][   T30]  ? tun_chr_close+0x3b/0x1b0
[  770.062487][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  770.067647][   T30]  ? __pfx_call_rcu+0x10/0x10
[  770.080688][   T30]  tun_chr_close+0x3b/0x1b0
[  770.085236][   T30]  ? __pfx_tun_chr_close+0x10/0x10
[  770.094281][   T30]  __fput+0x23f/0x880
[  770.100884][   T30]  task_work_run+0x24f/0x310
[  770.105515][   T30]  ? kasan_quarantine_put+0xdc/0x230
[  770.115026][   T30]  ? __pfx_task_work_run+0x10/0x10
[  770.124089][   T30]  ? do_exit+0xa2a/0x28e0
[  770.132241][   T30]  ? kmem_cache_free+0x1a2/0x420
[  770.137220][   T30]  ? do_exit+0xa2a/0x28e0
[  770.147079][   T30]  do_exit+0xa2f/0x28e0
[  770.154925][   T30]  ? __pfx_do_exit+0x10/0x10
[  770.162281][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  770.167702][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  770.181892][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  770.191920][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  770.197084][   T30]  do_group_exit+0x207/0x2c0
[  770.204292][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  770.213167][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  770.223492][   T30]  get_signal+0x16a3/0x1740
[  770.228050][   T30]  ? __pfx_get_signal+0x10/0x10
[  770.236697][   T30]  arch_do_signal_or_restart+0x96/0x860
[  770.246379][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  770.252876][ T5241] Bluetooth: hci15: command tx timeout
[  770.266742][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  770.273075][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  770.284943][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  770.290945][   T30]  do_syscall_64+0x100/0x230
[  770.295574][   T30]  ? clear_bhb_loop+0x35/0x90
[  770.306285][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.312496][   T30] RIP: 0033:0x7f160837dff9
[  770.316946][   T30] RSP: 002b:00007f16090f5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  770.334248][   T30] RAX: 0000000000000024 RBX: 00007f16085363b8 RCX: 00007f160837dff9
[  770.342643][   T30] RDX: 0000000000008080 RSI: 00000000200008c0 RDI: 000000000000000b
[  770.358059][   T30] RBP: 00007f16083f0296 R08: 0000000000000000 R09: 0000000000000000
[  770.367913][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  770.381791][   T30] R13: 0000000000000000 R14: 00007f16085363b8 R15: 00007f160865fa28
[  770.391386][   T30]  </TASK>
[  770.396163][   T30] INFO: task syz.1.1919:14620 blocked for more than 145 seconds.
[  770.408678][   T30]       Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  770.416332][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  770.431693][   T30] task:syz.1.1919      state:D stack:25488 pid:14620 tgid:14619 ppid:13565  flags:0x00004006
[  770.463660][   T30] Call Trace:
[  770.466992][   T30]  <TASK>
[  770.477756][   T30]  __schedule+0x1895/0x4b30
[  770.482684][   T30]  ? __pfx___schedule+0x10/0x10
[  770.487580][   T30]  ? __pfx_lock_release+0x10/0x10
[  770.507048][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  770.512940][   T30]  ? schedule+0x90/0x320
[  770.517224][   T30]  schedule+0x14b/0x320
[  770.528521][   T30]  schedule_preempt_disabled+0x13/0x30
[  770.534036][   T30]  __mutex_lock+0x6a7/0xd70
[  770.544905][   T30]  ? __mutex_lock+0x52a/0xd70
[  770.551825][   T30]  ? tun_chr_close+0x3b/0x1b0
[  770.556547][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  770.568087][   T30]  ? __pfx_call_rcu+0x10/0x10
[  770.584168][   T30]  tun_chr_close+0x3b/0x1b0
[  770.588996][   T30]  ? __pfx_tun_chr_close+0x10/0x10
[  770.594147][   T30]  __fput+0x23f/0x880
[  770.598166][   T30]  task_work_run+0x24f/0x310
[  770.608803][   T30]  ? kasan_quarantine_put+0xdc/0x230
[  770.614130][   T30]  ? __pfx_task_work_run+0x10/0x10
[  770.624386][   T30]  ? do_exit+0xa2a/0x28e0
[  770.630924][   T30]  ? kmem_cache_free+0x1a2/0x420
[  770.635905][   T30]  ? do_exit+0xa2a/0x28e0
[  770.646180][   T30]  do_exit+0xa2f/0x28e0
[  770.652783][   T30]  ? __pfx_do_exit+0x10/0x10
[  770.657415][   T30]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  770.669029][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  770.675061][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  770.688559][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  770.693722][   T30]  do_group_exit+0x207/0x2c0
[  770.703177][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  770.709809][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  770.715052][   T30]  get_signal+0x16a3/0x1740
[  770.724490][   T30]  ? __might_fault+0xaa/0x120
[  770.733375][   T30]  ? __pfx_get_signal+0x10/0x10
[  770.743009][   T30]  arch_do_signal_or_restart+0x96/0x860
[  770.750011][   T30]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  770.757732][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  770.768393][   T30]  ? syscall_exit_to_user_mode+0xa3/0x370
[  770.774160][   T30]  syscall_exit_to_user_mode+0xc9/0x370
[  770.787649][   T30]  do_syscall_64+0x100/0x230
[  770.792582][   T30]  ? clear_bhb_loop+0x35/0x90
[  770.797396][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  770.809307][   T30] RIP: 0033:0x7f13cb77dff9
[  770.813761][   T30] RSP: 002b:00007f13cc48f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  770.828360][   T30] RAX: 0000000000000000 RBX: 00007f13cb935f80 RCX: 00007f13cb77dff9
[  770.836457][   T30] RDX: 0000000020000180 RSI: 00000000000089f0 RDI: 0000000000000003
[  770.851776][   T30] RBP: 00007f13cb7f0296 R08: 0000000000000000 R09: 0000000000000000
[  770.864941][   T30] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  770.875617][   T30] R13: 0000000000000000 R14: 00007f13cb935f80 R15: 00007f13cba5fa28
[  770.893257][   T30]  </TASK>
[  770.896396][   T30] INFO: task syz-executor:14625 blocked for more than 146 seconds.
[  770.908216][   T30]       Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  770.918468][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  770.927158][   T30] task:syz-executor    state:D stack:26672 pid:14625 tgid:14625 ppid:1      flags:0x00004006
[  770.945325][   T30] Call Trace:
[  770.949014][   T30]  <TASK>
[  770.951974][   T30]  __schedule+0x1895/0x4b30
[  770.956536][   T30]  ? __pfx___schedule+0x10/0x10
[  770.968959][   T30]  ? __pfx_lock_release+0x10/0x10
[  770.974034][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  770.989810][   T30]  ? schedule+0x90/0x320
[  770.994100][   T30]  schedule+0x14b/0x320
[  771.004754][   T30]  schedule_preempt_disabled+0x13/0x30
[  771.010613][   T30]  __mutex_lock+0x6a7/0xd70
[  771.015152][   T30]  ? __mutex_lock+0x52a/0xd70
[  771.025955][   T30]  ? register_nexthop_notifier+0x84/0x290
[  771.033769][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  771.044721][   T30]  ? __asan_memset+0x23/0x50
[  771.050057][   T30]  register_nexthop_notifier+0x84/0x290
[  771.055645][   T30]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  771.068396][   T30]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  771.074684][   T30]  ? __pfx_register_nexthop_notifier+0x10/0x10
[  771.088590][   T30]  ? __asan_memset+0x23/0x50
[  771.093229][   T30]  ops_init+0x31e/0x590
[  771.097425][   T30]  ? lockdep_init_map_type+0xa1/0x910
[  771.108812][   T30]  setup_net+0x287/0x9e0
[  771.113100][   T30]  ? __pfx_down_read_killable+0x10/0x10
[  771.124206][   T30]  ? __pfx_setup_net+0x10/0x10
[  771.129483][   T30]  copy_net_ns+0x33f/0x570
[  771.134116][   T30]  create_new_namespaces+0x425/0x7b0
[  771.147335][   T30]  unshare_nsproxy_namespaces+0x124/0x180
[  771.153583][   T30]  ksys_unshare+0x619/0xc10
[  771.158131][   T30]  ? __pfx_ksys_unshare+0x10/0x10
[  771.170658][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  771.176697][   T30]  ? do_syscall_64+0x100/0x230
[  771.184497][   T30]  __x64_sys_unshare+0x38/0x40
[  771.195295][   T30]  do_syscall_64+0xf3/0x230
[  771.202381][   T30]  ? clear_bhb_loop+0x35/0x90
[  771.207093][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  771.216876][   T30] RIP: 0033:0x7fefeb57f7f7
[  771.223937][   T30] RSP: 002b:00007fefeb85ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
[  771.238199][   T30] RAX: ffffffffffffffda RBX: 00007fefeb5f1a85 RCX: 00007fefeb57f7f7
[  771.248883][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[  771.256894][   T30] RBP: 0000000000000000 R08: 00007fefec267d60 R09: 0000000000000000
[  771.272501][   T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c
[  771.283906][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  771.296813][   T30]  </TASK>
[  771.301530][   T30] INFO: task syz-executor:14628 blocked for more than 146 seconds.
[  771.313934][   T30]       Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  771.323193][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  771.336860][   T30] task:syz-executor    state:D stack:26512 pid:14628 tgid:14628 ppid:1      flags:0x00004006
[  771.355228][   T30] Call Trace:
[  771.358910][   T30]  <TASK>
[  771.361876][   T30]  __schedule+0x1895/0x4b30
[  771.366444][   T30]  ? __pfx___schedule+0x10/0x10
[  771.378841][   T30]  ? __pfx_lock_release+0x10/0x10
[  771.383919][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  771.396084][   T30]  ? schedule+0x90/0x320
[  771.400856][   T30]  schedule+0x14b/0x320
[  771.405052][   T30]  schedule_preempt_disabled+0x13/0x30
[  771.416483][   T30]  __mutex_lock+0x6a7/0xd70
[  771.421350][   T30]  ? __mutex_lock+0x52a/0xd70
[  771.426061][   T30]  ? register_nexthop_notifier+0x84/0x290
[  771.437808][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  771.444783][   T30]  ? __asan_memset+0x23/0x50
[  771.455476][   T30]  register_nexthop_notifier+0x84/0x290
[  771.461793][   T30]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  771.467644][   T30]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  771.478752][   T30]  ? __pfx_register_nexthop_notifier+0x10/0x10
[  771.484957][   T30]  ? __asan_memset+0x23/0x50
[  771.496647][   T30]  ops_init+0x31e/0x590
[  771.501168][   T30]  ? lockdep_init_map_type+0xa1/0x910
[  771.506584][   T30]  setup_net+0x287/0x9e0
[  771.516829][   T30]  ? __pfx_down_read_killable+0x10/0x10
[  771.522742][   T30]  ? __pfx_setup_net+0x10/0x10
[  771.527560][   T30]  copy_net_ns+0x33f/0x570
[  771.544279][   T30]  create_new_namespaces+0x425/0x7b0
[  771.553738][   T30]  unshare_nsproxy_namespaces+0x124/0x180
[  771.565434][   T30]  ksys_unshare+0x619/0xc10
[  771.570384][   T30]  ? __pfx_ksys_unshare+0x10/0x10
[  771.576408][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  771.589352][   T30]  ? do_syscall_64+0x100/0x230
[  771.594340][   T30]  __x64_sys_unshare+0x38/0x40
[  771.606063][   T30]  do_syscall_64+0xf3/0x230
[  771.616297][   T30]  ? clear_bhb_loop+0x35/0x90
[  771.625759][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  771.633223][   T30] RIP: 0033:0x7fa380f7f7f7
[  771.637675][   T30] RSP: 002b:00007fa38125ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
[  771.650012][   T30] RAX: ffffffffffffffda RBX: 00007fa380ff1a85 RCX: 00007fa380f7f7f7
[  771.658028][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[  771.671553][   T30] RBP: 0000000000000000 R08: 00007fa381c67d60 R09: 0000000000000000
[  771.683605][   T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c
[  771.697879][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  771.711938][   T30]  </TASK>
[  771.715058][   T30] INFO: task syz-executor:14630 blocked for more than 147 seconds.
[  771.724530][   T30]       Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  771.740192][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  771.753930][   T30] task:syz-executor    state:D stack:26736 pid:14630 tgid:14630 ppid:1      flags:0x00004004
[  771.765622][   T30] Call Trace:
[  771.775012][   T30]  <TASK>
[  771.780818][   T30]  __schedule+0x1895/0x4b30
[  771.785385][   T30]  ? __pfx___schedule+0x10/0x10
[  771.796936][   T30]  ? __pfx_lock_release+0x10/0x10
[  771.804110][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  771.814403][   T30]  ? schedule+0x90/0x320
[  771.820074][   T30]  schedule+0x14b/0x320
[  771.824271][   T30]  schedule_preempt_disabled+0x13/0x30
[  771.834679][   T30]  __mutex_lock+0x6a7/0xd70
[  771.842055][   T30]  ? __mutex_lock+0x52a/0xd70
[  771.846772][   T30]  ? register_nexthop_notifier+0x84/0x290
[  771.860882][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  771.866066][   T30]  ? __asan_memset+0x23/0x50
[  771.874528][   T30]  register_nexthop_notifier+0x84/0x290
[  771.884232][   T30]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  771.895664][   T30]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  771.904450][   T30]  ? __pfx_register_nexthop_notifier+0x10/0x10
[  771.914794][   T30]  ? __asan_memset+0x23/0x50
[  771.921958][   T30]  ops_init+0x31e/0x590
[  771.926191][   T30]  ? lockdep_init_map_type+0xa1/0x910
[  771.937018][   T30]  setup_net+0x287/0x9e0
[  771.945214][   T30]  ? __pfx_down_read_killable+0x10/0x10
[  771.954475][   T30]  ? __pfx_setup_net+0x10/0x10
[  771.961802][   T30]  copy_net_ns+0x33f/0x570
[  771.966263][   T30]  create_new_namespaces+0x425/0x7b0
[  771.975391][   T30]  unshare_nsproxy_namespaces+0x124/0x180
[  771.986710][   T30]  ksys_unshare+0x619/0xc10
[  771.996905][   T30]  ? __pfx_ksys_unshare+0x10/0x10
[  772.004578][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  772.016343][   T30]  ? do_syscall_64+0x100/0x230
[  772.024219][   T30]  __x64_sys_unshare+0x38/0x40
[  772.032713][   T30]  do_syscall_64+0xf3/0x230
[  772.037257][   T30]  ? clear_bhb_loop+0x35/0x90
[  772.046456][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  772.056213][   T30] RIP: 0033:0x7f398d57f7f7
[  772.063188][   T30] RSP: 002b:00007f398d85ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
[  772.075450][   T30] RAX: ffffffffffffffda RBX: 00007f398d5f1a85 RCX: 00007f398d57f7f7
[  772.087478][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[  772.103451][   T30] RBP: 0000000000000000 R08: 00007f398e267d60 R09: 0000000000000000
[  772.114684][   T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c
[  772.126356][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  772.137486][   T30]  </TASK>
[  772.145798][   T30] INFO: task syz-executor:14631 blocked for more than 147 seconds.
[  772.156294][   T30]       Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  772.167621][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  772.178998][   T30] task:syz-executor    state:D stack:26304 pid:14631 tgid:14631 ppid:1      flags:0x00004006
[  772.197327][   T30] Call Trace:
[  772.202050][   T30]  <TASK>
[  772.205014][   T30]  __schedule+0x1895/0x4b30
[  772.214483][   T30]  ? __pfx___schedule+0x10/0x10
[  772.220948][   T30]  ? __pfx_lock_release+0x10/0x10
[  772.226019][   T30]  ? __mutex_trylock_common+0x92/0x2e0
[  772.236517][   T30]  ? schedule+0x90/0x320
[  772.244565][   T30]  schedule+0x14b/0x320
[  772.253792][   T30]  schedule_preempt_disabled+0x13/0x30
[  772.260724][   T30]  __mutex_lock+0x6a7/0xd70
[  772.265272][   T30]  ? __mutex_lock+0x52a/0xd70
[  772.274964][   T30]  ? register_nexthop_notifier+0x84/0x290
[  772.282233][   T30]  ? __pfx___mutex_lock+0x10/0x10
[  772.287307][   T30]  ? __asan_memset+0x23/0x50
[  772.300983][   T30]  register_nexthop_notifier+0x84/0x290
[  772.306580][   T30]  ? __pfx_lockdep_init_map_type+0x10/0x10
[  772.317443][   T30]  ? __pfx_debug_check_no_locks_freed+0x10/0x10
[  772.325363][   T30]  ? __pfx_register_nexthop_notifier+0x10/0x10
[  772.336286][ T4628] Bluetooth: hci15: command tx timeout
[  772.345252][   T30]  ? __asan_memset+0x23/0x50
[  772.355132][   T30]  ops_init+0x31e/0x590
[  772.360873][   T30]  ? lockdep_init_map_type+0xa1/0x910
[  772.366297][   T30]  setup_net+0x287/0x9e0
[  772.375616][   T30]  ? __pfx_down_read_killable+0x10/0x10
[  772.382639][   T30]  ? __pfx_setup_net+0x10/0x10
[  772.387457][   T30]  copy_net_ns+0x33f/0x570
[  772.400539][   T30]  create_new_namespaces+0x425/0x7b0
[  772.405890][   T30]  unshare_nsproxy_namespaces+0x124/0x180
[  772.416765][   T30]  ksys_unshare+0x619/0xc10
[  772.422887][   T30]  ? __pfx_ksys_unshare+0x10/0x10
[  772.427949][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  772.438939][   T30]  ? do_syscall_64+0x100/0x230
[  772.443754][   T30]  __x64_sys_unshare+0x38/0x40
[  772.455069][   T30]  do_syscall_64+0xf3/0x230
[  772.461437][   T30]  ? clear_bhb_loop+0x35/0x90
[  772.466164][   T30]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  772.477019][   T30] RIP: 0033:0x7efdd0f7f7f7
[  772.482892][   T30] RSP: 002b:00007efdd125ffa8 EFLAGS: 00000206 ORIG_RAX: 0000000000000110
[  772.498346][   T30] RAX: ffffffffffffffda RBX: 00007efdd0ff1a85 RCX: 00007efdd0f7f7f7
[  772.506359][   T30] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000040000000
[  772.520285][   T30] RBP: 0000000000000000 R08: 00007efdd1c67d60 R09: 0000000000000000
[  772.532149][   T30] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000000000c
[  772.544181][   T30] R13: 0000000000000003 R14: 0000000000000009 R15: 0000000000000000
[  772.554301][   T30]  </TASK>
[  772.557352][   T30] Future hung task reports are suppressed, see sysctl kernel.hung_task_warnings
[  772.570865][   T30] 
[  772.570865][   T30] Showing all locks held in the system:
[  772.595404][   T30] 1 lock held by khungtaskd/30:
[  772.605439][   T30]  #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  772.617961][   T30] 4 locks held by kworker/0:2/1167:
[  772.625141][   T30] 2 locks held by dhcpcd/4897:
[  772.634828][   T30]  #0: ffffffff8fcb6268 (vlan_ioctl_mutex){+.+.}-{3:3}, at: sock_ioctl+0x661/0x8e0
[  772.647448][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: vlan_ioctl_handler+0x112/0x9d0
[  772.666162][   T30] 2 locks held by getty/4983:
[  772.671030][   T30]  #0: ffff88814c18e0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  772.686780][   T30]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  772.706248][   T30] 3 locks held by kworker/1:5/5285:
[  772.711841][   T30]  #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  772.730562][   T30]  #1: ffffc90004337d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  772.746702][   T30]  #2: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0
[  772.759003][   T30] 3 locks held by kworker/1:6/5313:
[  772.764237][   T30]  #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  772.780370][   T30]  #1: ffffc9000466fd00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  772.796512][   T30]  #2: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20
[  772.811359][   T30] 4 locks held by kworker/u8:13/6680:
[  772.816762][   T30]  #0: ffff88801baed948 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  772.833093][   T30]  #1: ffffc90002e9fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  772.847917][   T30]  #2: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x16a/0xcc0
[  772.861135][   T30]  #3: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: ieee80211_unregister_hw+0x55/0x2c0
[  772.873786][   T30] 3 locks held by kworker/u8:14/6681:
[  772.882759][   T30]  #0: ffff88814bf95148 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  772.904246][   T30]  #1: ffffc90002e6fd00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  772.919047][   T30]  #2: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[  772.934056][   T30] 3 locks held by kworker/u8:17/8745:
[  772.940922][   T30]  #0: ffff88801ac89148 ((wq_completion)events_unbound){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  772.959965][   T30]  #1: ffffc900031bfd00 ((linkwatch_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  772.978418][   T30]  #2: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: linkwatch_event+0xe/0x60
[  772.987465][   T30] 2 locks held by syz-executor/11621:
[  772.998417][   T30]  #0: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  773.010714][   T30]  #1: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0
[  773.025968][   T30] 1 lock held by syz.3.1908/14612:
[  773.033678][   T30]  #0: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  773.048158][   T30] 2 locks held by syz-executor/14595:
[  773.061037][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.074777][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: wg_netns_pre_exit+0x1f/0x1e0
[  773.086823][   T30] 1 lock held by syz.1.1919/14620:
[  773.096775][   T30]  #0: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  773.110010][   T30] 2 locks held by syz-executor/14625:
[  773.115415][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.131338][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  773.145540][   T30] 2 locks held by syz-executor/14628:
[  773.155128][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.167241][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  773.181521][   T30] 2 locks held by syz-executor/14630:
[  773.186922][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.204188][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  773.216360][   T30] 2 locks held by syz-executor/14631:
[  773.227587][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.244596][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  773.255113][   T30] 2 locks held by syz-executor/14636:
[  773.266957][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.276854][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  773.296231][   T30] 2 locks held by syz-executor/14646:
[  773.301986][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.314091][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  773.329863][   T30] 2 locks held by syz-executor/14649:
[  773.335517][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.351178][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  773.363912][   T30] 2 locks held by syz-executor/14652:
[  773.373590][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.385771][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  773.400954][   T30] 2 locks held by syz-executor/14654:
[  773.406355][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.423541][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  773.435294][   T30] 2 locks held by syz-executor/14659:
[  773.446498][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.457609][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  773.478450][   T30] 2 locks held by syz-executor/14668:
[  773.483863][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.503550][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  773.519333][   T30] 2 locks held by syz-executor/14670:
[  773.524735][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.540690][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  773.555431][   T30] 2 locks held by syz-executor/14676:
[  773.563368][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.576583][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  773.589190][   T30] 2 locks held by syz-executor/14678:
[  773.594585][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.611458][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  773.640431][   T30] 2 locks held by syz-executor/14683:
[  773.645847][   T30]  #0: ffffffff8fcc4c50 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  773.660915][   T30]  #1: ffffffff8fcd1748 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  773.675899][   T30] 
[  773.678254][   T30] =============================================
[  773.678254][   T30] 
[  773.688081][   T30] NMI backtrace for cpu 1
[  773.692432][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  773.702945][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  773.713012][   T30] Call Trace:
[  773.716300][   T30]  <TASK>
[  773.719242][   T30]  dump_stack_lvl+0x241/0x360
[  773.723941][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  773.729157][   T30]  ? __pfx__printk+0x10/0x10
[  773.733780][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  773.738831][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  773.744311][   T30]  ? _printk+0xd5/0x120
[  773.748492][   T30]  ? __pfx__printk+0x10/0x10
[  773.753106][   T30]  ? __wake_up_klogd+0xcc/0x110
[  773.757978][   T30]  ? __pfx__printk+0x10/0x10
[  773.762589][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  773.767637][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  773.773637][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  773.779639][   T30]  watchdog+0xff4/0x1040
[  773.783903][   T30]  ? watchdog+0x1ea/0x1040
[  773.788344][   T30]  ? __pfx_watchdog+0x10/0x10
[  773.793044][   T30]  kthread+0x2f0/0x390
[  773.797128][   T30]  ? __pfx_watchdog+0x10/0x10
[  773.801830][   T30]  ? __pfx_kthread+0x10/0x10
[  773.806435][   T30]  ret_from_fork+0x4b/0x80
[  773.810871][   T30]  ? __pfx_kthread+0x10/0x10
[  773.815474][   T30]  ret_from_fork_asm+0x1a/0x30
[  773.820273][   T30]  </TASK>
[  773.824311][   T30] Sending NMI from CPU 1 to CPUs 0:
[  773.830525][    C0] NMI backtrace for cpu 0
[  773.830538][    C0] CPU: 0 UID: 0 PID: 1167 Comm: kworker/0:2 Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  773.830559][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  773.830570][    C0] Workqueue: events nsim_dev_trap_report_work
[  773.830593][    C0] RIP: 0010:deref_stack_reg+0x82/0x210
[  773.830611][    C0] Code: 89 dd 49 c1 ed 03 41 80 7c 15 00 00 74 1c 48 89 df 49 89 f7 e8 7f 10 bd 00 4c 89 fe 4c 8b 04 24 48 ba 00 00 00 00 00 fc ff df <48> 89 5c 24 10 4d 8b 7e 10 4c 89 f3 48 c1 eb 03 0f b6 04 13 84 c0
[  773.830626][    C0] RSP: 0018:ffffc90000006358 EFLAGS: 00000246
[  773.830641][    C0] RAX: fffffffffffffff0 RBX: ffffc90000006490 RCX: 0000000000000000
[  773.830654][    C0] RDX: dffffc0000000000 RSI: ffffc90000000000 RDI: ffffc90000006480
[  773.830667][    C0] RBP: ffffc90000006488 R08: ffffc90000007fe8 R09: 0000000000000000
[  773.830680][    C0] R10: ffffc900000064d0 R11: fffff52000000c9c R12: 1ffff92000000c91
[  773.830693][    C0] R13: 1ffff92000000c92 R14: ffffc90000006480 R15: ffffc900000064d0
[  773.830706][    C0] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  773.830720][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  773.830732][    C0] CR2: 0000000020013000 CR3: 000000000e734000 CR4: 00000000003526f0
[  773.830748][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  773.830758][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  773.830770][    C0] Call Trace:
[  773.830776][    C0]  <NMI>
[  773.830783][    C0]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  773.830803][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  773.830827][    C0]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  773.830845][    C0]  ? nmi_handle+0x2a/0x5a0
[  773.830869][    C0]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  773.830889][    C0]  ? nmi_handle+0x14f/0x5a0
[  773.830906][    C0]  ? nmi_handle+0x2a/0x5a0
[  773.830923][    C0]  ? deref_stack_reg+0x82/0x210
[  773.830938][    C0]  ? default_do_nmi+0x63/0x160
[  773.830957][    C0]  ? exc_nmi+0x123/0x1f0
[  773.830975][    C0]  ? end_repeat_nmi+0xf/0x53
[  773.830998][    C0]  ? deref_stack_reg+0x82/0x210
[  773.831013][    C0]  ? deref_stack_reg+0x82/0x210
[  773.831029][    C0]  ? deref_stack_reg+0x82/0x210
[  773.831067][    C0]  </NMI>
[  773.831073][    C0]  <IRQ>
[  773.831081][    C0]  ? do_softirq+0x11b/0x1e0
[  773.831100][    C0]  unwind_next_frame+0x1799/0x22d0
[  773.831120][    C0]  ? handle_softirqs+0x2c5/0x980
[  773.831141][    C0]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  773.831161][    C0]  arch_stack_walk+0x11c/0x150
[  773.831181][    C0]  ? do_softirq+0x11b/0x1e0
[  773.831202][    C0]  stack_trace_save+0x118/0x1d0
[  773.831221][    C0]  ? __pfx_stack_trace_save+0x10/0x10
[  773.831241][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  773.831266][    C0]  kasan_save_track+0x3f/0x80
[  773.831282][    C0]  ? kasan_save_track+0x3f/0x80
[  773.831301][    C0]  ? kasan_save_free_info+0x40/0x50
[  773.831321][    C0]  ? __kasan_slab_free+0x59/0x70
[  773.831336][    C0]  ? kmem_cache_free+0x1a2/0x420
[  773.831354][    C0]  ? tpacket_rcv+0x20a/0x34f0
[  773.831374][    C0]  ? dev_queue_xmit_nit+0xad4/0xc10
[  773.831396][    C0]  ? dev_hard_start_xmit+0x15f/0x7e0
[  773.831411][    C0]  ? __dev_queue_xmit+0x1b58/0x3e80
[  773.831428][    C0]  ? ip_finish_output2+0xd41/0x1390
[  773.831450][    C0]  ? synproxy_send_client_synack+0x8b8/0xf30
[  773.831471][    C0]  ? nft_synproxy_eval_v4+0x3ca/0x610
[  773.831492][    C0]  ? nft_synproxy_do_eval+0x362/0xa60
[  773.831512][    C0]  ? nft_do_chain+0x4ad/0x1da0
[  773.831527][    C0]  ? nft_do_chain_inet+0x418/0x6b0
[  773.831548][    C0]  ? nf_hook_slow+0xc3/0x220
[  773.831566][    C0]  ? NF_HOOK+0x29e/0x450
[  773.831582][    C0]  ? NF_HOOK+0x3a4/0x450
[  773.831597][    C0]  ? __netif_receive_skb+0x2bf/0x650
[  773.831616][    C0]  ? process_backlog+0x662/0x15b0
[  773.831635][    C0]  ? __napi_poll+0xcb/0x490
[  773.831651][    C0]  ? net_rx_action+0x89b/0x1240
[  773.831670][    C0]  ? handle_softirqs+0x2c5/0x980
[  773.831706][    C0]  kasan_save_free_info+0x40/0x50
[  773.831726][    C0]  __kasan_slab_free+0x59/0x70
[  773.831742][    C0]  ? tpacket_rcv+0x20a/0x34f0
[  773.831761][    C0]  kmem_cache_free+0x1a2/0x420
[  773.831780][    C0]  ? tpacket_rcv+0x20a/0x34f0
[  773.831801][    C0]  tpacket_rcv+0x20a/0x34f0
[  773.831821][    C0]  ? timekeeping_get_ns+0x5c/0x420
[  773.831839][    C0]  ? lockdep_hardirqs_on+0x99/0x150
[  773.831861][    C0]  ? seqcount_lockdep_reader_access+0x1d7/0x220
[  773.831884][    C0]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  773.831905][    C0]  ? __pfx_tpacket_rcv+0x10/0x10
[  773.831928][    C0]  ? ktime_get_with_offset+0x109/0x150
[  773.831946][    C0]  ? __pfx_tpacket_rcv+0x10/0x10
[  773.831966][    C0]  dev_queue_xmit_nit+0xad4/0xc10
[  773.831987][    C0]  ? dev_queue_xmit_nit+0x2b/0xc10
[  773.832013][    C0]  dev_hard_start_xmit+0x15f/0x7e0
[  773.832031][    C0]  ? __pfx_validate_xmit_skb+0x10/0x10
[  773.832052][    C0]  __dev_queue_xmit+0x1b58/0x3e80
[  773.832076][    C0]  ? __dev_queue_xmit+0x2da/0x3e80
[  773.832095][    C0]  ? __pfx___dev_queue_xmit+0x10/0x10
[  773.832122][    C0]  ? mark_lock+0x9a/0x360
[  773.832140][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  773.832165][    C0]  ? ip_finish_output2+0xa14/0x1390
[  773.832188][    C0]  ? ip_finish_output2+0x45f/0x1390
[  773.832209][    C0]  ip_finish_output2+0xd41/0x1390
[  773.832231][    C0]  ? ip_finish_output2+0x45f/0x1390
[  773.832256][    C0]  ? __pfx_ip_finish_output2+0x10/0x10
[  773.832279][    C0]  ? ip_skb_dst_mtu+0x6ba/0x9b0
[  773.832305][    C0]  ? __ip_finish_output+0x349/0x400
[  773.832328][    C0]  synproxy_send_client_synack+0x8b8/0xf30
[  773.832355][    C0]  ? __pfx_synproxy_send_client_synack+0x10/0x10
[  773.832377][    C0]  ? synproxy_pernet+0x45/0x270
[  773.832400][    C0]  nft_synproxy_eval_v4+0x3ca/0x610
[  773.832424][    C0]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  773.832447][    C0]  ? nf_ip_checksum+0x13a/0x500
[  773.832471][    C0]  nft_synproxy_do_eval+0x362/0xa60
[  773.832494][    C0]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  773.832515][    C0]  ? validate_chain+0x11e/0x5920
[  773.832534][    C0]  ? __pfx_validate_chain+0x10/0x10
[  773.832556][    C0]  nft_do_chain+0x4ad/0x1da0
[  773.832578][    C0]  ? __pfx_nft_do_chain+0x10/0x10
[  773.832598][    C0]  ? __local_bh_enable_ip+0x168/0x200
[  773.832630][    C0]  ? __pfx_nf_nat_inet_fn+0x10/0x10
[  773.832650][    C0]  nft_do_chain_inet+0x418/0x6b0
[  773.832671][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  773.832692][    C0]  ? ipt_do_table+0x312/0x1860
[  773.832720][    C0]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  773.832741][    C0]  nf_hook_slow+0xc3/0x220
[  773.832761][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  773.832779][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  773.832797][    C0]  NF_HOOK+0x29e/0x450
[  773.832815][    C0]  ? NF_HOOK+0x9a/0x450
[  773.832831][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  773.832849][    C0]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  773.832870][    C0]  ? ip_rcv_finish+0x406/0x560
[  773.832888][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  773.832906][    C0]  NF_HOOK+0x3a4/0x450
[  773.832922][    C0]  ? __lock_acquire+0x1384/0x2050
[  773.832944][    C0]  ? NF_HOOK+0x9a/0x450
[  773.832960][    C0]  ? __pfx_NF_HOOK+0x10/0x10
[  773.832976][    C0]  ? ip_rcv_core+0x801/0xd10
[  773.832994][    C0]  ? __pfx_ip_rcv_finish+0x10/0x10
[  773.833015][    C0]  ? __pfx_ip_rcv+0x10/0x10
[  773.833032][    C0]  __netif_receive_skb+0x2bf/0x650
[  773.833052][    C0]  ? __pfx_lock_acquire+0x10/0x10
[  773.833074][    C0]  ? __pfx___netif_receive_skb+0x10/0x10
[  773.833091][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  773.833112][    C0]  ? __pfx_lock_release+0x10/0x10
[  773.833134][    C0]  ? _raw_spin_lock_irq+0xdf/0x120
[  773.833160][    C0]  process_backlog+0x662/0x15b0
[  773.833182][    C0]  ? process_backlog+0x33b/0x15b0
[  773.833205][    C0]  ? __pfx_process_backlog+0x10/0x10
[  773.833223][    C0]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  773.833246][    C0]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  773.833270][    C0]  __napi_poll+0xcb/0x490
[  773.833294][    C0]  net_rx_action+0x89b/0x1240
[  773.833323][    C0]  ? __pfx_net_rx_action+0x10/0x10
[  773.833342][    C0]  ? __pfx_tmigr_handle_remote+0x10/0x10
[  773.833378][    C0]  handle_softirqs+0x2c5/0x980
[  773.833401][    C0]  ? do_softirq+0x11b/0x1e0
[  773.833422][    C0]  ? __pfx_handle_softirqs+0x10/0x10
[  773.833446][    C0]  do_softirq+0x11b/0x1e0
[  773.833464][    C0]  </IRQ>
[  773.833470][    C0]  <TASK>
[  773.833477][    C0]  ? __pfx_do_softirq+0x10/0x10
[  773.833495][    C0]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  773.833519][    C0]  ? rcu_is_watching+0x15/0xb0
[  773.833537][    C0]  __local_bh_enable_ip+0x1bb/0x200
[  773.833557][    C0]  ? nsim_dev_trap_report_work+0x75d/0xaa0
[  773.833575][    C0]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  773.833595][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  773.833615][    C0]  ? nsim_dev_trap_report_work+0x6a7/0xaa0
[  773.833635][    C0]  nsim_dev_trap_report_work+0x75d/0xaa0
[  773.833659][    C0]  ? process_scheduled_works+0x976/0x1850
[  773.833681][    C0]  process_scheduled_works+0xa63/0x1850
[  773.833713][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  773.833738][    C0]  ? assign_work+0x364/0x3d0
[  773.833760][    C0]  worker_thread+0x870/0xd30
[  773.833784][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  773.833806][    C0]  ? __kthread_parkme+0x169/0x1d0
[  773.833829][    C0]  ? __pfx_worker_thread+0x10/0x10
[  773.833849][    C0]  kthread+0x2f0/0x390
[  773.833864][    C0]  ? __pfx_worker_thread+0x10/0x10
[  773.833884][    C0]  ? __pfx_kthread+0x10/0x10
[  773.833900][    C0]  ret_from_fork+0x4b/0x80
[  773.833922][    C0]  ? __pfx_kthread+0x10/0x10
[  773.833937][    C0]  ret_from_fork_asm+0x1a/0x30
[  773.833964][    C0]  </TASK>
[  774.821901][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  774.828805][   T30] CPU: 1 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc1-syzkaller-00031-ge32cde8d2bd7 #0
[  774.839327][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  774.849405][   T30] Call Trace:
[  774.852700][   T30]  <TASK>
[  774.855642][   T30]  dump_stack_lvl+0x241/0x360
[  774.860343][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  774.865561][   T30]  ? __pfx__printk+0x10/0x10
[  774.870175][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  774.876192][   T30]  ? vscnprintf+0x5d/0x90
[  774.880552][   T30]  panic+0x349/0x880
[  774.884473][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  774.890649][   T30]  ? __pfx_panic+0x10/0x10
[  774.895086][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  774.900475][   T30]  ? __irq_work_queue_local+0x137/0x410
[  774.906045][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  774.911433][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  774.917609][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  774.923785][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  774.929960][   T30]  watchdog+0x1033/0x1040
[  774.934315][   T30]  ? watchdog+0x1ea/0x1040
[  774.938754][   T30]  ? __pfx_watchdog+0x10/0x10
[  774.943453][   T30]  kthread+0x2f0/0x390
[  774.947536][   T30]  ? __pfx_watchdog+0x10/0x10
[  774.952239][   T30]  ? __pfx_kthread+0x10/0x10
[  774.956845][   T30]  ret_from_fork+0x4b/0x80
[  774.961283][   T30]  ? __pfx_kthread+0x10/0x10
[  774.965888][   T30]  ret_from_fork_asm+0x1a/0x30
[  774.970684][   T30]  </TASK>
[  774.973979][   T30] Kernel Offset: disabled
[  774.978309][   T30] Rebooting in 86400 seconds..