last executing test programs:

14.714136696s ago: executing program 0 (id=758):
io_setup(0x3ff, &(0x7f0000000500)=<r0=>0x0)
io_destroy(r0)
io_getevents(r0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a00000000000000000000000000000500010073797a30000000003c000000090a000000000007000000000000000008000a40000000000900020073797a32000000000900010073797a300000000008000540000000003c0000000e0a00000000000000000000000000000900020073797a32000000000900010073797a3000000000100003800c00008008000180040003"], 0xc0}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000003b0007010000000000000000027c00000400000014000180060006008847"], 0x2c}}, 0x0)
r2 = socket$kcm(0x2, 0x3, 0x2)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
ioctl$SIOCSIFHWADDR(r2, 0x8914, 0x0)
r3 = getpid()
ptrace$setopts(0x4206, r3, 0xbef9, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, 0x0, &(0x7f00000003c0)=r5}, 0x1c)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc513, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x400}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io(r6, &(0x7f0000000400)={0x2c, &(0x7f0000000280)={0x0, 0x0, 0x7, {0x7, 0x0, "5a7da32917"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000001c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000004140)="d93720db4195e1a34be0ad2f56793935d453c377b35280952f39a19a1c8aacd2cc08dadc1451ecf3ea5602c4fa11e48f06f5c22319277e0ecdb53e2eda975d8b0c0703a4299a9ea93c68dafd02607b4a3fe826919b5010e88399105cacd421aa27d0544308c67ddcc8ff8517d764ffdad87a0dbe21d14a2503d0e96b506de87ea8c0540d52272460cdacaa16211442539f7fe78e5bb111ee23ff07f71a84f64490211f584aebce5979ffc51196826d5688fd197222f5b5b97cff2009a2845c699caa42420e8cea4ea07953369cd8e1f641273236d745f419b4d9922155209b212331da3aa5f73672aa21bb2d574372fa957b3a287d6ebe921bef5b55428bfd6460032889d75a3ee4018353773d52124165020d2eb95dd39e04b2a74886ab6fffd382297d01fb2cb60a978968975d54c66c3912fb40a0e8aa264da27aa9be4f0e01b94446266c4521aa9bbfd034e158a7c7a20a2ba328cc054088bd3f88cc921fecb6e81d83cf43616a7240f76ef1da19cfec4207aa8998417e7dc568719ca154ae9bb38ad2fadddaa995de3a7073c53bcb05a4a13e0ad1d4ffdef949549081819986e07d150e5a000e0fe4d80544732dd3cfe0c9922f4f1773a55c5957e4788eb54d9299456b2c67d353fcd06a8ee6c679013ecbbc9690a22483bd7201c6582d97c1064beadceb37fa5ecbcce3589e1981e0ab13a5a1c9d4433ed3ad5aa23c38e5ec3628c75801d783ac39db125db8d9b6179ec9fa898140c07e30ba85b7e570c5ea1e8cab93586bb5f21918bda1fc4e3966276b736ab987fedca531c81ec0d1b833db24f54751d2d0c28ba9afd26e570cd35a02a4ccdcf9f8ff3a637befb831dee77d4cc084cc17e6eeb813b9c2016672b02e9c6f0364729b0b0c5d821bc4a621a9c95658967c83978042c07a562ca74971bfcdb25109aa90e7c3b8d1ceffd243cfa9cd3bdcb40e3cdadcfcaad0dac169c0187cce25f7de991f6c90ac27ee9bfd2713e88f100b1716f8bd33bd56be5109c20bb36a8f913037bcbe4c3e530d8e87ce0f90f2e0f75d4ece99de86441af8ad7f4f61fcfbcb0f370255e651d99c2f3ba139f6fe73fa43d3084f6930c7f8c436ff5e591d7c117dd7a4b6db5f6ec75484f859ac56e5d721b914b4cc9266ad2797f721f6d2a0ac0c4547136f3959c21f7f13a1cc62a9dc64a9b90afd753b18554cf35c5892b4da6cc12c17ce35ac37cf5b355d325de3b1dd7c4c7777b58e301e33ec1637a99423d1c98e363fbf28c1d4e99c2d2f979cba6f092574a4bad6e231df33a509f74140a3d038fbec7ec9642d618eb8e539f872b3464fb8f79a2975c6744dfa4cf607e2f497f91965c83cf0c77752dd9b4b12876150d916da828640be87402ebd7228518995dc612ed05faa6decbc4ddeae47693ac515f62fc0038ed9942c6f4d9bc4b5f73c4818ee6f08c6b37e8efd647057fbd91e1bdb5b2bc4076fff1b6bcc254d8a6ee92f61a74da856ae11c898a3c44ae3e4d1d375216a46354055c3c41642e687fca57686b592eb9444e89e420bd2bdd7a76a1113f7c7d77244002b26466d2c7d20a27d67649fb174fe42821c23b1938b5e19fa07292bed86eee6f9ff58bcdf23715cac06fc2f9bfef5085279c1ca0200d8c3e2a6f3e0bb77fa3b1007a0995124b94baf563dc27aa79a65bb589a51481311655ce2aabfec217101bc915cb215f16bb380b233e7535b54aef19abbd1c31fc9e3500dd227caa36377a5ef4d9fb085226c5d3798f6462d616751978753efabe90ad79cdc85fc06f4dfab89002fb7f2fa2189cec8fdc0d6d2a83df9aa2a4fd3f1d11944c2bf49c92f73970acb8a673595f88bab87821a5f05971204fbdc3065a167a6631ffd0cfa5f701d7c0332557b1ba18f20b37478d5bd0e6554b6f73944d6ca3f550dfaace341c437003f079dcc0eaac0f764d16307ade63a2125ba686f5028f2e6972c9875abfda0dc3aa0c2116202d0d66798f2410be640a5553d9400dd8510799963dcc296ec29484b61770e4520d752e04da3dbf60ddcdc6a4976b5ce7356accc79dbd0f48ec114ea4f2cb5d53e7d2a1757f6bc7ca65eeeee3f63f36db72af868c117718f41c428444ff494e857198fccfbe89e8cffa5d587ea59208e47e002f16fd8770d950c5a8ec894927b2105c41aa5e92a68829791c2f8a16a3949da8168f173864a20a389f0b20c446aebea7e0cffaf114182513256de11c8866e0f652d0ec2d8e745c6cf76232dbafa7dc9d5337fa87ae61bbefb2a4b9c90403198bfe1b7035169e97eb2ef7bac31801ee32dc415c06062d0c19c70960377ea2a851b2229d8d306c95106477245d758808a993440834687739543a08484a7e23678f141adce3397ceab56e83cc490a6530cc60c84f721aa342f351b08391e795633cf19b7bfe8dc2233234a96c796584bdaba4c7eedda1277aae5c57eda8acfd046a75604dee4a275a6b6abcd63d54f1abe272703c00d79e1ba85f3464fcd58cbfe0d6f8872e3d99c06456fd80e126b3e9e1dc46b1773dcc9eda7acd7dba6f7d703b08307475a2b2413f443d7e90c1dbafb0d68bb4dc8353cba5e5bb3d1d527baf9bda6d7a21288e7719ed106633435e3a6a85c743c243f38dc4d2365ce16c5d21aa55a30869c5992a5be2ae13d96b2caff60bca18dd5faa6e329dc3f4e9e029963a6ec0edff0d4f9da8c27d7cc987076d50d9e3d88dd6a18ce4de277d8e73efee3aa97413ae2b7a4ef9875f6ffa04872572b65ba828c42fd23614d22809b5be5a91ac0b96839e5e2346e3cb8d448c93a4d98a07dbf6dce164459deb30518bf4b3272e7e4f499d7b253e486878f3d8d9fa7ad404946e9cbe31bfcf43fce405a5f93588a04c656faa32a05e66a5595ed301dde5a126469f0b679708fe58edd86c2eb6b97a03c0b019eddd7f6d88db1e475021b0879c344018a130233a7ca57c448b263cf802cdc09f965fead4f48ba2d4049c6b88f752f112dbcf8882b26f27b15e5971834ec4ab94c936b15b8f74a38cb96344a445aee1ff02467b6cb4c76df8c4b68523028d7f59d30d4dbe984b989ed1870a59b202072252c306b38a0530780dc031c6015702230e744701032d36507d417293fbb21fe75a01ae3128640d1e03138e2680bec75c0af12ddf95300ba3f126e2f8019ca09a67ea5053f30bf724e5670c17851c537201c8bcb248a5e9849e467b26a2a7b0c6cf6f4690b2e72740591e85b0e7cdeb876390338b8cf74946726a0dd8226718b29d8450e2089cfeb21ff37961afb408c24dac407567ce728607d37e9847a4e82ac84a256d1625d812a1c581fe65e66baa741bed0977c1a728370da67908ea6be3c5c5845fd1da0862b4eb94e2b724fcc18732bd1973e92301a33aa022fa7c913a7f43f43f15eef223c7b193c129f861232e4683fa0d86a31db99b4239ff85d14b0fb8b87adbfab7383aabe4748aea807e4c3fe37ce6cd536ad283878598455a9ff7d0baa3f27f7a57fac2f47afdc14b4a334cafb21a8380ad141eeda6f3e069359e98c522c97559a1de5ff7d0f71edc4e433a57dd2d7a035485cf4ad4a55bbdd056dfe03a30bc85c7cf47ba8ed4de220fc056cea68ab77e5cc30f6a2de9abfdbdbd88725b8542b593d81e65945bb0b53bf9815fee368520939ba9fb55588c956d07db9770c6e3b325bd2641cdd1e5201d6910b2ae50feffd28d85ca166cf2949d5a335fd9fd7d77906dbfade2ee6884ae8ca66c39a920ad0a309a8ccb2956306458902116074c4541c85ca4b3e3ba968f17feb17d1a2436424578393ff56a0112635180f0af89db2e33e6935507b025779aea9dbd067edecbd49634ebc77c0d6c4dd4c295dc0e8eb1c44406c64a33ea23c6a93c3a2895fc23cb4f773a29efb05d90beb96479888c55639931e024733a4c32dc576d6e52142b38d8a9b9d2fe312f0159ede1d25df20114b7955c3bb78ecc54add0f357670d031931dbb640f4b57c017e97e71a97c571605125faeca107f8beeb58079b90e6a6cabb1677210c5b2d2659d552fa2daa15faa7b17061abfea725b49dd016a078517c285cf47592bbff7cafa16595884f48e11346b1e4588a083d9dceecd146b3ea0a6b87d049f71b1222ed8864c697e2ccfdb9fc3c7f22187e10a91598e479d25d1546e4fc68dbe56ec94d5bc792e246e817d7769f166104853e405b08b246a2022bda6f9c3f739c6d6d2f3a7f870ee183a76978ec00c43d94aefafe468f0f1021fc74770142db7e5967bae852291ab9c3e56f00a1229b12eea414b8b6fb2c9635f0b5d32175f5be4a04fb572368258a4ed72d4d3494637c8d6ee4c6d4bf35c8c494ac4d2da1864786ad0f41d362d1cf07d60dacd9779c3ef8b8b120b27aab34d9805df829db55e6a691740e118cf542b4f6b28c0d860d4aae677e2702dcfd822fe5457c66dc2f8c457715eede8cac7837a936b731c297927c463b463c1d03d502485b41306dd2063780afe9543f96da9c086fffe3910f2314a382dbbee9f72b7e66e90f44b9049f1059a819ec8ca7af8f836704c6d188e94e7f8bebacc682c4c46de1fde391ab0e5ec89e2a488639e70fc1d9cd5e04c4122903d958d3a03419121e3424a23231289634d010f582c440d87e91286abbe95a86481927f2765f6d0f3c2e9ef60b33ad763035055840c64ada2c841adad19b7d5924a2b86da236f15ee50c0914a0a1cfba62317aa2d33de78d08ab6287618bba0e3fe9496a695f059a475d37c6c937e9dfa77215aa3af6f0a862c23e1c9d15921982e8e17c63a1208b9da0100000072c4bf855600950cf0ea6e77a91b81e6aebe0e35809464599bf916984ecf8268813a3faee2260c3e28545637e463de165dac512e8b784e5163da5471ee710ffec3c496e78d5c5ec941d2616286960f0a7bbc4d4f778309cf5091ba7e05b7a598d7865ee10e1813515dba5e7b4a3e23c1ba33bec878b0b8f3a13e17b59aa07452fe645069c4e2f7b82f106dc1a6093d45abf393f4a68f57f6521662f639d8136914823c393e0cae4bd3784e6b2bda5671fc8ebc68b3dc7aee2d876a48c205a4e7df8ea786f124f6c83baa8b85df819e8ee366eb5507809a1e36fd3f17facb562dfe511b9183b62852312eaf947fe6a61dc168de4602910c6d12ce15e35e3b4125b5f9714ea1c49a1fdfff7a8ead500b288549b30bf2a1f4f198393432498334e65e198f0352b6c181491859f166e64846570dc551b909d1bf8bc15935ba82183c81c6c49210a347a37db3467c32c7d1e3a8aa3c7957ba2c37eb3f27b928f45908cfd22dab3c604dd053ca2425f122e11fc09cea1344d0e850a28240128e501b4425333dbd5dbba9269d62c516b4d3b16783489c7e25b2816a6f167ffeb6f19a8636b18e15926f5ad1ee4a4dd242a7f1a2fdfc7bfbf40b75da981a566d4965f50657e8179e0d3b40185f29a5061ea351e60970cb3d142c28375a5d8dced003a5b01846b4ed6460acdf2cbde7529da68aecd562d3ae10aa1c1e2325f09884df99e0f4246b2f9b879d711ab49757910c54f8fa48439dd47ce70935cd4f3b1ff85a28232b6ccbb51fd5d36a69c4eb5abf9cef8642172399f94cb2daed8d2d6ed279c6e35284e7ac5db840ca12ed7d168454725e19f552aad7de59ab368e4d42238444a8672f937aedc61c2159b6d1d4aada07c6de08ae40a1bae8ca696273f5748a6259ff4bcc39510e11a5f8ba25766c6779f07761c936ac0d0d01f1d4b488c3d2742c1a3029da837cc33dd1780695c5fc1542830006989b3faa62a9c8538ae840c8285cde8a13085cd295f695a0ab6d27b03a16b1904fc62fe25776df3fa792f54f4a5ad98f1f0be45848c81e34d70d4850a4ac3a5a7dbc56fff68eb4212bb1109f6f129c12babef6ef9671901c73da50966fb18d1f0c1575cbf985fd5a5c36f33386a1ce35c2ca4422b3c0522fbcbd873d8f0f80734b4f3e0bd1aa80beb6b1ec9a40a2d39adac14b7de089820c1314ef3b2fc2988778b9cbca0fe0f64cb858a90a6bcf67961644f6bd5825c43c9d4d4b0a8e5c7321346edf5f56558c00550891392055e15a6402220301235ac8593dbbe26f1f5105d50b1199d2fe2d74a78ea8e83fb409716c7d508ac1476d067c5aa77b1f689488e406bb6702648aa1faeecdcce8702f3d66e66c927487cfba756c070065126f2206fc58fe54d50923f1c7b14ce478d40f4bf9eccc441c8c931359f97898e6d8fe42a175546ec8c6d52672947e0233c1cccad78d44494361f6c81c530e9bea0e911d30998f0aeddeda8269e1a87e86509a5a4c2ed5f49e8b1bfdae1cfda352dee261ea029f80418e2232616e9f8443fce5d3f82e6bc8b8fc1e65419dc2fd1451e445f6e06ea3d12206ecadf4e45f9bf1340e162be57ea63787580c50a452af6d3b12fe4e2b8aa861e435f7766f35fa272841094149c81a40e7bff1f7177c38787b53b1b4fcf18e50c89ad3049f35f306fe628d4bdbacc07c44f8fc0006023407b4484ad6fbc15094b02a009f50e34efc0e75ab23dcc1b8355f4cd5f693aaf01e6fde20ce36fbd7fac42e00ce6100b0dfa974680dfef60ffa7f905840a2c345410abc5907edbd18d01556e6ce2593c910b282be64b225e6ce5b9b2388d602023959680981f0ee1296ecdf08e57c6a797421997a022e869f8e8a48a91a1bbe30169f608a2e854bd4de33adf2fe67577de2feee46424a679f7666307ab2134bbe9e79a12af724f97dda27d075e00cd59a260ca33be676df34ee96e13d436395edbafe4a83e1246b7b0194bd4c40d74521e52f06572102ecddd71da2bc35057eb66e7278801512f349d9f798ac8c38ba4fd2523d9f2f9586749b64dc8a0e3461cd7b7fb82e575bbba20c359ca2076cd669cb1ef83f082f21868c31fd750a2dac5670317c550a79324db88b68dd0f16e98c4b83710024d059569f5402eae23e8052b5b4b48502e0fc2483a20e38417f57cdb7ae870ce3c8352b1f4c6ffd61ed8e2751f5b93e266617b087c94a68ef704731409f3fd49bf677bdcc0c58e6094a8fd99cce1df278570390c37f51faf6fe93923f62984d5672a2d867f18ca76b964e2f7c259f639ab1122e749dd9c4f9b4470d8b68502f6f40685b74a24323837cf7e32b433c3ccbf064be0e70ffc2e5c2eae587154a7958d6c3f696fe42da49e4292404461908f7a1437b000a7f115cba487a9b426aa6ebdecbf0673e39356f894c0b3417491d0dd266a97b8711d16e6ed053028995e414d602f3296542ed46591c44a5dd1c466a92d8826bc12973e44028d37fb13bbe9ed2947334787c60f48b4f61089e3425fd165eaa1e3a2707891732875018420060afa179687c9e0f3f43b45e81fff95e07a518c9db494d0e4e453b8a35c7a0dd1ae81f4c0fd49f40fc9a6165a01ec00e0a97cd7282fb0c264709fa6e8310372bf06f66fd0f53d7919cba43d59cfcbb9f3b148b73edbdd75acdfe5f5fe2ffe40416c097e18a0fc0619bfbb78066f372d21f5d52fe4753ab29a0edf66b05c5bd3e6a5190f248561919dea3f20185e89f79fea4aaa12a44f14041a0620b23f28d5c535f40bae130843125a879e7f33d6c61cbe55ba51837b3194245237317d8532f94ed06543f5cc55535045b8b514c0d76097f520387e7b182c48c7b0173ac353d48566fafa00e7e5f7962f79645f73150c6921b6d6bcd240898aedb21b4453d63ba838bf90efbc5363beae5ad0609469a5b1c51aeae051fa57b16ad7f7c7a3f018e292ca5fbd9be583cfa9babbbb21caa574d35d8d778b1ae56e627ace9121fe5de64ed6dc684e5ee65c85baf2237953a0ced94eaa01e8c1911f487fb8324089f687040aac05dbb39475b26b1549c3d0a6b2d701fabd478b0d2e22cf720a6c80dc8971b1f0a9f39b4732fc7923a23b736966ee1537199511018723632631d36f6eca17c1192b6ec5cd68fd0de31c256270d668db457bbf57de66cb5054f446cdba23440cf485c5b379639284fb653141e20f8ab14c43f1faa181feae3a09cc6654ccc76e901c9c2fa67eeb17f488db52cde8cd26fba1f20db19c1dd92d9b09d1d2e9c8383aca4029492e5b91039fe624b35212c068120cd33a40b3ee7369bed5a705e0f7b13f0f266ff985a535d99c0a99366ab9767254da39964cd1a5df670bb7cebc06a5054d8a63aa5472f4a1d381cfc3d0e0ca8ee8c6f06974facc76538f6eaad66fc673f2dcc5cc65309fa7c821045813a1cf30d6b0a7e83e65b78f47957f28a7a80f34a14754b3347cd16e1b4d2a596099d1a17c681be6d9e4aa3724ea8a6fd6cf1a7492bedca5b47d22f1fbd710a77146acf6a11b95b36eeb2dd15c76ce7a54817c4181c90799ded1cf8c1168b39f5338822f485fc258ca42e1474927f6fb0ebf46bde59fe4e0b216fcb4015c40af76da02ef309039bc9fad472d5e9088b1f47b4a03e50458392a9d1cf4612690289429bbb60be45d9b658d1e88c2df6383c766b6246760238ff968f344311f6d9c3619763c573b7f27b99cdff92d6090003164ca5e684c60690fb13118f46424e98592b37755d715416c7fc758881f29f87371d086d24c759eb4455b50eff93123b5b150186e5a9e20945d0833a7d1039712736f5b266a7041a2ea20e959ed0a5286352f9a5f96b5b72df30df35c693379304d02200052b491a1dc18239ad5b953ae70c0f33623de25256cbf637bf25e24b21d4c78ba4591481e8424f1a1f329958c5f3ec3cc8ee72a6950dc2c1cfdf2354143e285ca9f82bec1fdf51ccab28ee51035c8dbcef7170843e858d01360266860800571a4fe0936ba82b97c8fcf76f19d49f6f95bc37b23997f8153c22b49d43598af71797547e02050f24fdaa4defe4513aab82f18e2223e2372cfaa95ec24fac636025bfdba5a4fbe25bb4beb596d272d06bc5c19e88e323d4c3afac75ded11b05cf3a0aef570e2700fad7d4b714cc8db83ed5a1c8d398d37bf1a3686ff122b76f06f4ece5413c5da26944e31177e5088e5b4255ff0cd2358b997f511bbc6593b3a6d14b3411a3a22a4e1751c3d0459fadbeae6f0bc399c7e526ba309708fc374e4c3dffbf03355b5147794704a71d6714e2329523dcfbdd6137c87212bc13d9b83d00b11422ba73abee769374762df22f55efde6766ca37c351a07552255a42aba6b9aab9ccb8576da44a7341797af0d86b68d3ab17821e86405e34e49cb73198b78b2536d49f5590ba2cc75ba9d0cb7b7f7c13bce023301a84b67d1afddad8bd1904803f9a4392ae7742bfb35530f0da566a295ba5a0786db745bd4ad5de86120fbc0b453131b4f21bd519aefe216cd7658d80e3a6afdf0f8c28ce0df38a38f0ffb5d7dac8692808be0299423253b91a347aabdf60db0a5c35404ee4148d31ae75e0095b8f07e6471be0c19fb41591cb290342a04ad89f17b3d00af14a0500a71ae376c9f707ee7cf3254e42d2641239d531e7e1c94805df8bc58a8075ce535cc648da9a3e0a9decf6d699173b1f65d25e366b0c8701eb53e0b509ca077bfd142f5ad6de215c8bbafcfffb0b8c0d6751de09f68d0b23834ea46370568c9a4fb7630fc1e82dffc56da06090ce3d61aa1dd5807a98dc6aac17518a0cebb00200000028743fa9ff0381e730df6c6b0137667a0875f1c4d8c820b0ae44253a5e3047f4a64bbcc64dcb1035b43c2c63a97df5a8cbf3be7ec92ac92e3d8ab7f257ab63eefde2ffe5abbf040d3776bef144c5e372f044fafdaba0540368615c92dfb61a3ff45651835bbd6610f4f6e5b7875d9c74367e913fb2dca9f6c755a070d01a600633f399af71d99aef87871ebdd8c0a27dbbab4961ca83df205c9440658ad3192dc116281e26eb6f236fd701667d5dae9f1c48e66c7396366b48f2557dcfd30ca4a96a7daf292c3a6b3278d910a728bcc39e66dec14969b1742d960307c45bb38fdec8f9c26775cbc7ec671873f4af31eaf9339de30b60fc3613724de2171ae81d86949c534f169b8ee5fe8318a2ec64e3b690da09e0c355225c8205c6adacde1f25c242aa1b456d6b23f0bda02b369bb0c751623fe4d40c6e6999d9e494423481ce01c85dd45ae4f6f6993388bdd32bdf01b9c22215c644ba8b517498ca02dee7f32fde3d8f591896c21cb68c82b90d84694ffbf2fcc875abce3ecbc33d9a6c58807cb0c2f3a5f77f107653c1dca780ee861799498e8165c2be957ba9f6c8bf57549674b389d341e2b99fc7931ea40793d9a17604298220af7254eb8e972cd28ea877d8ed52bab1162de7a66a0e9afd10e649b5554f41df0a7623c3e1744f439f39685de6afc65dd6c37069681afd30e476c09142c8460191526ddde6c651767ac59371a881f757d3cf2bae6d48ea781e89931b9e3ea3f65097b006fe15b61cbefede125e949abf541d670f122eff8be716b2cd662d69ead1dc797d58efe39aab72af7e610452746cff38d63b8eb217b4fc66de320aebac6e02e149f197b1ab53544162c22597ad7499f7bd75d0307ce75ce5f3b606b009c7dae85615bccaadb3cf261549be0cfe29e8faa175403342384b3efb79ecbdd4350ac768ab6d40957dd185fc4509938f9d387c86c06ed93baf9b4f931f53ded6aa431531a64a39e4fbe92b25d2c28f9314a5570b72ec33a0080d3ab68bc9fcb1786ccd5876856fa1310480f8272ee931679195e19ba116ccfe4b82c928698fe6b96b03d5f33b332bf2fb9fdfb82e386a716853d35a4374f092c2ab00e43fb8639fc525a87d41548e2289074345ca780e29c871c1ae27d27abb25dc9f5cc7460fedea216fd36ee28f69b00f7535dbf931d638f4ed710720cd94de10938ac2018888df4d1aee5676d09e4999b92d48a579916d86faebdefb9562e32e4a43857ab90af69ebd6b22ae50a1a99f8f0ffc731b2db79889824b587b75043265fa1dca7b68c2c2df36b774b5103a149bcfd4d1b3cbce3e4f257f981f973693a8120c4d4d1aefad1451c24dc12fdf798c23786c7498c6faa2b46057bd4d4be51d219a373a6153711a490c588c2085befdaa31c17cc1efc08e341e065e27489ec987a994aceffc0d3ed764606e2195bf3553fbab72a0583396f49743c7059371a3083a4fe7dcc553e26a871503990a9b99539ff0cf90866b90b6183e65756c3f5c9387aa83854c8b5335fd6a71b32383c34f22241cd25d538989d19ec7052a41523d7bdd8a834315dab3c27d9b92274fb9148119d458b38eba62d8cf955a326437f7d13ff61142748410a2fbba9341f58ddfdd45cfd77106b1ec6bae9666537705bd79e645f7a735f07865e603ed2583936a4c92377b0099fd6de8cf29b1761846a6bb803fb6ad1830e6d72beb73d89956ceaab9c2e711ac22e5823e341e14d33093d382344f811c105e7e0e0a8d73602edb2e9860235cf5e65a7c4f91d85f8038ea6706f68688576bfb75b4832fad45e4d31a3832e56b83cdacb09f10097028de8931d155b6b68adae12d7c3fb030b9436697ce648d33d0c6ce9d281e11d4c126634f50693b5edee21526b96f69f565668b7cb811151a2d27f44cca69bc36edab2cdf09de88d53246c5bcfd91c2a409f98075e64ff2d706701e28b30f5e3e2834f8cce5b8", 0x2000, &(0x7f0000000240)={&(0x7f0000000100)={0x50, 0xb, 0x0, {0x7, 0x27, 0x0, 0x1040, 0x2, 0x80}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

14.241986423s ago: executing program 4 (id=761):
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0) (async)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000740)=@newlink={0x90, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x60, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x50, 0x2, 0x0, 0x1, [@IFLA_VLAN_INGRESS_QOS={0x4, 0x3}, @IFLA_VLAN_ID={0x6}, @IFLA_VLAN_INGRESS_QOS={0x40, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x6a}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x8001}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x4, 0x1}}, @IFLA_VLAN_QOS_MAPPING={0xc}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x80}}]}]}}}, @IFLA_LINK={0x8, 0x5, r3}, @IFLA_MASTER={0x8, 0xa, r3}]}, 0x90}, 0x1, 0xba01}, 0x810) (async)
socket$inet6_mptcp(0xa, 0x1, 0x106) (async)
socket$key(0xf, 0x3, 0x2) (async)
socket$inet6_mptcp(0xa, 0x1, 0x106)
socket$l2tp6(0xa, 0x2, 0x73) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$TIPC_NL_NODE_GET(r4, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x4c, 0x0, 0x400, 0x70bd2a, 0x25dfdbfc, {}, [@TIPC_NLA_SOCK={0x38, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x2}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3345}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x40}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}]}]}, 0x4c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000000) (async)
socket$nl_route(0x10, 0x3, 0x0) (async)
openat$userio(0xffffff9c, &(0x7f00000000c0), 0x103040, 0x0) (async)
socket$inet_dccp(0x2, 0x6, 0x0) (async)
pipe(&(0x7f00000004c0)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="540000001000010400000000000000ffff000000", @ANYRES32=0x0, @ANYBLOB="0380000000000000240012800c0001006d6163766c616e0014000280080001000800000006ef02000100000008000500", @ANYRES32=r5, @ANYBLOB='\b\x00\n\x00', @ANYRES32], 0x54}}, 0x0)

13.918884924s ago: executing program 4 (id=764):
syz_usb_connect(0x0, 0xc23, &(0x7f0000000e00)=ANY=[@ANYBLOB="12010000bcc38110050b91175704010203010902110c04fd00000009049d04057e4f3b080824060000468c120524007f000d240f01a40000000008f6150505241503000a24070805000200050006240600009205240002000d240f010800000000000004fd0524010004072414b80607000c241b060000000602ff7f0397241309ebfbc8a5ceb8e4440105a21c6da2920dfaed363d5291381d818a6a02f02972921fd5d1c5d696265ed6e193ae0e9fefff021d83191bec527571e36080f9d9a14d99a769dba779c88541dce68c266b9643eb14f129b4fb9aa68b24f6f6a8cd18e3bbe00a0c2a0b786bf33749521b633cc1a22ca203091f5f3284859539786af97428a8b3222ebea899f74c16822a0d59329a518309058b1f2000040820072501800001010905071000020407a307250102fa0700f611a15112d5db9111bca3e1876f8f2b36053f50531982fe0926db2f674b2d567146594690ae05ecc9195aeac3c127ab94c2a961df0c2538e5493482e5a26fe70ebbaa28e019d07cc0ededf506f37b734a31f1db7a9bf13f162b96f5123531e6586f9a30f53ba96c97d644b9b5462fc5b6745858b2e2e932d1ee5f8c5b2ce8ccd086006960c37ea6ce01454a1d6b08effdd34db9e3ad0d66e611cfd653aefc90eb52c607d5c8306709d98a5663e7f8a6cf5f67a3b68c9e92408fa1de0d95662ba0690d0b93eb0493b7899989c16efd3960f37153e0d124010f15df7b4baa6ea2666f44c212ccbdd89f67a14f08a7374746026a1f0ade09050d400800b80b03310248d4c4e81350d1fa5bbce7829076c9589882f0706e31550f367cbdd00d1a608ddf2ec93da1bc96981d5eb67003cabf090504000002f902200725018205070009050d8508000600080904d5090e0e0100f2112402010202"], 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x84, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3d, 0xe, {{{}, {}, @device_a, @device_b}, 0x0, @default, 0x0, @void, @void, @void, @val={0x4, 0x6}, @void, @void, @val={0x25, 0x3}, @void, @void, @void, @void, @void, @val={0x76, 0x6, {0xf, 0x7, 0x3b, 0x8}}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x4}]}]}]}, 0x84}}, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000240)={@local})
r4 = syz_open_dev$audion(&(0x7f00000001c0), 0x4, 0xc0)
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r4, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0x38, r2, 0x300, 0x70bd28, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x0, 0xf}}}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x43}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x34}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x63}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x10)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x20, 0x2247, 0x1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x64, 0x50, 0x5, [{{0x9, 0x4, 0x0, 0x6, 0x2, 0x3, 0x1, 0x0, 0x5, {0x9, 0x21, 0x27, 0xff, 0x1, {0x22, 0x359}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x0, 0x9, 0x4}}}}}]}}]}}, &(0x7f0000000240)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x200, 0xf, 0x9, 0xb, 0x8, 0x9}, 0x2e, &(0x7f0000000080)={0x5, 0xf, 0x2e, 0x3, [@ss_container_id={0x14, 0x10, 0x4, 0x2, "dcab456d1ef909322dc7b94904a38868"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0xa, 0xff, 0x0, 0x6}, @wireless={0xb, 0x10, 0x1, 0x0, 0x42, 0x2, 0x9, 0x13, 0xd}]}, 0x2, [{0x2c, &(0x7f0000000100)=@string={0x2c, 0x3, "ee98a31aa6fef0b8f252413d62b046f7f4e123a558a3f7a30e291fe536ae4509262869265800895c3bf7"}}, {0x4, &(0x7f0000000140)=@lang_id={0x4, 0x3, 0x7528bf031b58c437}}]})

11.58495943s ago: executing program 0 (id=770):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000ab9fd540501d6f60d49fbc0000010902120001000040000904"], 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000002c0)='sessionid\x00')
read$FUSE(r1, &(0x7f0000003e40)={0x2020, 0x0, 0x0, <r2=>0x0, 0x0, <r3=>0x0}, 0x2020)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000000c0)={'wlan1\x00'})
sendmsg$NL80211_CMD_CONNECT(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)={0x2c, r5, 0x5, 0x0, 0x0, {{}, {@void, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @crypto_settings=[@NL80211_ATTR_CIPHER_SUITE_GROUP={0x8}, @NL80211_ATTR_CIPHER_SUITES_PAIRWISE={0x4}]]}, 0x2c}}, 0x0)
r6 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000000040)={0x84, @loopback, 0x0, 0x0, 'rr\x00', 0x25, 0x4, 0xfffffffd}, 0x2c)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
sendmmsg$inet_sctp(r7, &(0x7f0000001680)=[{&(0x7f0000000000)=@in={0x2, 0x0, @loopback}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000040)="9e", 0x1}], 0x1}], 0x1, 0xfc)
r8 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6}]})
sendmsg$IPVS_CMD_GET_SERVICE(0xffffffffffffffff, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r8, 0xc0502103, &(0x7f00000001c0))
sendmsg$NL80211_CMD_START_SCHED_SCAN(r1, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r5, 0x28, 0x70bd2d, 0x25dfdbfb, {{}, {@void, @void}}, [@NL80211_ATTR_SCHED_SCAN_RELATIVE_RSSI={0x5, 0xf6, 0x1}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000004}, 0x4)
ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0186405, &(0x7f0000000240)={0xfffffffb, 0x1, {r3}, {r2}, 0x7, 0x3})
r9 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000002300)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r9, &(0x7f0000000300)={'#! ', './file1/file0', [{0x20, 'memory.events\x00'}], 0xa, "d161050000000000000074bdca9720dfcc73de5b223a3c160f225bcf4c83ef6cefab8104649d48cdb9a6c7669fce915c6e7588a6259b6eb774f58cd31674f96d061a0a52557ef17ec0c8dd11d285470d6593ad67b8abeffaefcf36c8627e38b8b9bcee53"}, 0x84)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r9, 0x0)
r10 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r10, 0x0, 0x33, &(0x7f0000000080), 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000001c0)={0x1, 0x4, &(0x7f0000000600)=@framed={{0x18, 0x0, 0x0, 0x0, 0x9}, [@ldst={0x7, 0x3, 0x1, 0x0, 0x0, 0x1}]}, &(0x7f00000000c0)='GPL\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000400)={0x44, &(0x7f0000000040)=ANY=[@ANYBLOB="00010c"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$VIDIOC_SUBDEV_S_FMT(r9, 0xc0585605, &(0x7f00000004c0)={0x0, 0x0, {0x8, 0x3f, 0x3002, 0x9, 0x1, 0x3}})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000480)={0x44, &(0x7f0000000080)=ANY=[@ANYBLOB="000028000000996d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

11.081185915s ago: executing program 1 (id=773):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, 0x0, 0x0)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$alg(0x26, 0x5, 0x0)

10.809184399s ago: executing program 4 (id=774):
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
sendmsg$nl_crypto(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@delrng={0x10, 0x14, 0x220, 0x70bd2c, 0x25dfdbfc, "", ["", "", "", ""]}, 0x10}}, 0x400c0)
r1 = socket$igmp(0x2, 0x3, 0x2)
getpeername$inet(r1, &(0x7f0000000000)={0x2, 0x0, @empty}, &(0x7f0000000040)=0x10)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x800)
setsockopt$inet_sctp_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f00000000c0)=0x200, 0x4)
setsockopt$inet_sctp_SCTP_EVENTS(r2, 0x84, 0xb, &(0x7f0000000300)={0x4, 0xfe, 0x26, 0x9, 0x5, 0x6, 0xfe, 0x81, 0x5, 0x7, 0x4, 0x2, 0xca, 0x9}, 0xe)
symlinkat(&(0x7f0000000200)='./file0\x00', r2, &(0x7f00000002c0)='./file0\x00')

10.763169383s ago: executing program 3 (id=775):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$usbfs(&(0x7f0000003f00), 0x1ff, 0xa401)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1b1c, 0x1c0d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_open_dev$tty1(0xc, 0x4, 0x1)
sendmsg$nl_generic(r2, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x3000000}, 0x24000854)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f0000001180)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x9, "ca0400"}]}}, 0x0}, 0x0)
ioctl$USBDEVFS_ALLOC_STREAMS(r0, 0x8008551c, &(0x7f0000000280)={0x6, 0x1, [{0x1, 0x1}]})
r3 = socket(0xa, 0x2, 0x0)
close(r3)
socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$IPSET_CMD_RENAME(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)={0x34, 0x5, 0x6, 0x301, 0x0, 0x0, {0x7}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz2\x00'}]}, 0x34}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(0xffffffffffffffff, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000580)=ANY=[@ANYBLOB="1c000000", @ANYRES16, @ANYBLOB="210f000000000000000020000043ad00030076ee2db880c5c87b91d09556ba38b2bd9563a60a47601579bd5a2ca2c70da73b396be27ec7639196ece147f63845455f5834b50218170197edd5843fbcd3a695e361dc9cf91b3ee709c16997531cdc", @ANYRES32, @ANYBLOB], 0x1c}}, 0x0)

10.561069051s ago: executing program 4 (id=777):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
llistxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
umount2(&(0x7f0000001540)='./file0\x00', 0x2)
dup3(r1, r2, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = syz_open_dev$swradio(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000d80)={0x1f, 0xb, 0x0, "2ac0749f7a19d71029970ac5e8092a6c6bd27d45d01f1af84d4f7d0b48a36eb2"})
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000000)={r6, @in={{0x2, 0x4e22, @empty}}, 0x0, 0xffff}, 0x90)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r3, 0x84, 0x73, &(0x7f00000000c0)={r6, 0x9, 0x10, 0x7, 0x100000001}, &(0x7f0000000100)=0x18)
close_range(0xffffffffffffffff, r0, 0x2)
getsockopt$SO_COOKIE(r0, 0x1, 0x39, &(0x7f0000000080), &(0x7f0000000040)=0x8)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000bc0)=@dellink={0x34, 0x11, 0x1, 0x0, 0x25dfdbfd, {}, [@IFLA_IFNAME={0x14, 0x3, 'macvlan0\x00'}]}, 0x34}}, 0x48842)

10.431514875s ago: executing program 4 (id=778):
io_setup(0x9, &(0x7f0000000040))
r0 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12082505a8a440000102030109021b0001010000000904000001070101005abe24e98802f15886000000000000"], 0x0)
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000006c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)={0x20, 0x0, 0x1}})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pwritev(r1, &(0x7f00000008c0)=[{&(0x7f00000000c0)="ff", 0x1}], 0x1, 0x0, 0x0)

10.206808355s ago: executing program 1 (id=779):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
accept4$alg(r2, 0x0, 0x0, 0x0)
syz_io_uring_setup(0x24f9, &(0x7f0000000080)={0x0, 0x0, 0x10100}, 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f00000000c0)={0x4000}, 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
mkdir(&(0x7f00000001c0)='./file0\x00', 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='net/sctp\x00')
open_tree(r3, &(0x7f0000000640)='\x00', 0x89901)
r4 = syz_io_uring_setup(0x239, 0x0, &(0x7f0000000180), &(0x7f00000001c0))
io_uring_enter(r4, 0x2def, 0x4000, 0x0, 0x0, 0x0)
open$dir(&(0x7f0000000180)='./file0\x00', 0x7e, 0x0)

9.184865641s ago: executing program 1 (id=780):
io_setup(0x3ff, &(0x7f0000000500)=<r0=>0x0)
io_destroy(r0)
io_getevents(r0, 0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a00000000000000000000000000000500010073797a30000000003c000000090a000000000007000000000000000008000a40000000000900020073797a32000000000900010073797a300000000008000540000000003c0000000e0a00000000000000000000000000000900020073797a32000000000900010073797a3000000000100003800c00008008000180040003"], 0xc0}}, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000003b0007010000000000000000027c00000400000014000180060006008847"], 0x2c}}, 0x0)
r2 = socket$kcm(0x2, 0x3, 0x2)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000180))
ioctl$SIOCSIFHWADDR(r2, 0x8914, 0x0)
r3 = getpid()
ptrace$setopts(0x4206, r3, 0xbef9, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x19, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00'}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r4}, 0x0, &(0x7f00000003c0)=r5}, 0x1c)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc513, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x400}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io(r6, &(0x7f0000000400)={0x2c, &(0x7f0000000280)={0x0, 0x0, 0x7, {0x7, 0x0, "5a7da32917"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000001c0)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000004140)="d93720db4195e1a34be0ad2f56793935d453c377b35280952f39a19a1c8aacd2cc08dadc1451ecf3ea5602c4fa11e48f06f5c22319277e0ecdb53e2eda975d8b0c0703a4299a9ea93c68dafd02607b4a3fe826919b5010e88399105cacd421aa27d0544308c67ddcc8ff8517d764ffdad87a0dbe21d14a2503d0e96b506de87ea8c0540d52272460cdacaa16211442539f7fe78e5bb111ee23ff07f71a84f64490211f584aebce5979ffc51196826d5688fd197222f5b5b97cff2009a2845c699caa42420e8cea4ea07953369cd8e1f641273236d745f419b4d9922155209b212331da3aa5f73672aa21bb2d574372fa957b3a287d6ebe921bef5b55428bfd6460032889d75a3ee4018353773d52124165020d2eb95dd39e04b2a74886ab6fffd382297d01fb2cb60a978968975d54c66c3912fb40a0e8aa264da27aa9be4f0e01b94446266c4521aa9bbfd034e158a7c7a20a2ba328cc054088bd3f88cc921fecb6e81d83cf43616a7240f76ef1da19cfec4207aa8998417e7dc568719ca154ae9bb38ad2fadddaa995de3a7073c53bcb05a4a13e0ad1d4ffdef949549081819986e07d150e5a000e0fe4d80544732dd3cfe0c9922f4f1773a55c5957e4788eb54d9299456b2c67d353fcd06a8ee6c679013ecbbc9690a22483bd7201c6582d97c1064beadceb37fa5ecbcce3589e1981e0ab13a5a1c9d4433ed3ad5aa23c38e5ec3628c75801d783ac39db125db8d9b6179ec9fa898140c07e30ba85b7e570c5ea1e8cab93586bb5f21918bda1fc4e3966276b736ab987fedca531c81ec0d1b833db24f54751d2d0c28ba9afd26e570cd35a02a4ccdcf9f8ff3a637befb831dee77d4cc084cc17e6eeb813b9c2016672b02e9c6f0364729b0b0c5d821bc4a621a9c95658967c83978042c07a562ca74971bfcdb25109aa90e7c3b8d1ceffd243cfa9cd3bdcb40e3cdadcfcaad0dac169c0187cce25f7de991f6c90ac27ee9bfd2713e88f100b1716f8bd33bd56be5109c20bb36a8f913037bcbe4c3e530d8e87ce0f90f2e0f75d4ece99de86441af8ad7f4f61fcfbcb0f370255e651d99c2f3ba139f6fe73fa43d3084f6930c7f8c436ff5e591d7c117dd7a4b6db5f6ec75484f859ac56e5d721b914b4cc9266ad2797f721f6d2a0ac0c4547136f3959c21f7f13a1cc62a9dc64a9b90afd753b18554cf35c5892b4da6cc12c17ce35ac37cf5b355d325de3b1dd7c4c7777b58e301e33ec1637a99423d1c98e363fbf28c1d4e99c2d2f979cba6f092574a4bad6e231df33a509f74140a3d038fbec7ec9642d618eb8e539f872b3464fb8f79a2975c6744dfa4cf607e2f497f91965c83cf0c77752dd9b4b12876150d916da828640be87402ebd7228518995dc612ed05faa6decbc4ddeae47693ac515f62fc0038ed9942c6f4d9bc4b5f73c4818ee6f08c6b37e8efd647057fbd91e1bdb5b2bc4076fff1b6bcc254d8a6ee92f61a74da856ae11c898a3c44ae3e4d1d375216a46354055c3c41642e687fca57686b592eb9444e89e420bd2bdd7a76a1113f7c7d77244002b26466d2c7d20a27d67649fb174fe42821c23b1938b5e19fa07292bed86eee6f9ff58bcdf23715cac06fc2f9bfef5085279c1ca0200d8c3e2a6f3e0bb77fa3b1007a0995124b94baf563dc27aa79a65bb589a51481311655ce2aabfec217101bc915cb215f16bb380b233e7535b54aef19abbd1c31fc9e3500dd227caa36377a5ef4d9fb085226c5d3798f6462d616751978753efabe90ad79cdc85fc06f4dfab89002fb7f2fa2189cec8fdc0d6d2a83df9aa2a4fd3f1d11944c2bf49c92f73970acb8a673595f88bab87821a5f05971204fbdc3065a167a6631ffd0cfa5f701d7c0332557b1ba18f20b37478d5bd0e6554b6f73944d6ca3f550dfaace341c437003f079dcc0eaac0f764d16307ade63a2125ba686f5028f2e6972c9875abfda0dc3aa0c2116202d0d66798f2410be640a5553d9400dd8510799963dcc296ec29484b61770e4520d752e04da3dbf60ddcdc6a4976b5ce7356accc79dbd0f48ec114ea4f2cb5d53e7d2a1757f6bc7ca65eeeee3f63f36db72af868c117718f41c428444ff494e857198fccfbe89e8cffa5d587ea59208e47e002f16fd8770d950c5a8ec894927b2105c41aa5e92a68829791c2f8a16a3949da8168f173864a20a389f0b20c446aebea7e0cffaf114182513256de11c8866e0f652d0ec2d8e745c6cf76232dbafa7dc9d5337fa87ae61bbefb2a4b9c90403198bfe1b7035169e97eb2ef7bac31801ee32dc415c06062d0c19c70960377ea2a851b2229d8d306c95106477245d758808a993440834687739543a08484a7e23678f141adce3397ceab56e83cc490a6530cc60c84f721aa342f351b08391e795633cf19b7bfe8dc2233234a96c796584bdaba4c7eedda1277aae5c57eda8acfd046a75604dee4a275a6b6abcd63d54f1abe272703c00d79e1ba85f3464fcd58cbfe0d6f8872e3d99c06456fd80e126b3e9e1dc46b1773dcc9eda7acd7dba6f7d703b08307475a2b2413f443d7e90c1dbafb0d68bb4dc8353cba5e5bb3d1d527baf9bda6d7a21288e7719ed106633435e3a6a85c743c243f38dc4d2365ce16c5d21aa55a30869c5992a5be2ae13d96b2caff60bca18dd5faa6e329dc3f4e9e029963a6ec0edff0d4f9da8c27d7cc987076d50d9e3d88dd6a18ce4de277d8e73efee3aa97413ae2b7a4ef9875f6ffa04872572b65ba828c42fd23614d22809b5be5a91ac0b96839e5e2346e3cb8d448c93a4d98a07dbf6dce164459deb30518bf4b3272e7e4f499d7b253e486878f3d8d9fa7ad404946e9cbe31bfcf43fce405a5f93588a04c656faa32a05e66a5595ed301dde5a126469f0b679708fe58edd86c2eb6b97a03c0b019eddd7f6d88db1e475021b0879c344018a130233a7ca57c448b263cf802cdc09f965fead4f48ba2d4049c6b88f752f112dbcf8882b26f27b15e5971834ec4ab94c936b15b8f74a38cb96344a445aee1ff02467b6cb4c76df8c4b68523028d7f59d30d4dbe984b989ed1870a59b202072252c306b38a0530780dc031c6015702230e744701032d36507d417293fbb21fe75a01ae3128640d1e03138e2680bec75c0af12ddf95300ba3f126e2f8019ca09a67ea5053f30bf724e5670c17851c537201c8bcb248a5e9849e467b26a2a7b0c6cf6f4690b2e72740591e85b0e7cdeb876390338b8cf74946726a0dd8226718b29d8450e2089cfeb21ff37961afb408c24dac407567ce728607d37e9847a4e82ac84a256d1625d812a1c581fe65e66baa741bed0977c1a728370da67908ea6be3c5c5845fd1da0862b4eb94e2b724fcc18732bd1973e92301a33aa022fa7c913a7f43f43f15eef223c7b193c129f861232e4683fa0d86a31db99b4239ff85d14b0fb8b87adbfab7383aabe4748aea807e4c3fe37ce6cd536ad283878598455a9ff7d0baa3f27f7a57fac2f47afdc14b4a334cafb21a8380ad141eeda6f3e069359e98c522c97559a1de5ff7d0f71edc4e433a57dd2d7a035485cf4ad4a55bbdd056dfe03a30bc85c7cf47ba8ed4de220fc056cea68ab77e5cc30f6a2de9abfdbdbd88725b8542b593d81e65945bb0b53bf9815fee368520939ba9fb55588c956d07db9770c6e3b325bd2641cdd1e5201d6910b2ae50feffd28d85ca166cf2949d5a335fd9fd7d77906dbfade2ee6884ae8ca66c39a920ad0a309a8ccb2956306458902116074c4541c85ca4b3e3ba968f17feb17d1a2436424578393ff56a0112635180f0af89db2e33e6935507b025779aea9dbd067edecbd49634ebc77c0d6c4dd4c295dc0e8eb1c44406c64a33ea23c6a93c3a2895fc23cb4f773a29efb05d90beb96479888c55639931e024733a4c32dc576d6e52142b38d8a9b9d2fe312f0159ede1d25df20114b7955c3bb78ecc54add0f357670d031931dbb640f4b57c017e97e71a97c571605125faeca107f8beeb58079b90e6a6cabb1677210c5b2d2659d552fa2daa15faa7b17061abfea725b49dd016a078517c285cf47592bbff7cafa16595884f48e11346b1e4588a083d9dceecd146b3ea0a6b87d049f71b1222ed8864c697e2ccfdb9fc3c7f22187e10a91598e479d25d1546e4fc68dbe56ec94d5bc792e246e817d7769f166104853e405b08b246a2022bda6f9c3f739c6d6d2f3a7f870ee183a76978ec00c43d94aefafe468f0f1021fc74770142db7e5967bae852291ab9c3e56f00a1229b12eea414b8b6fb2c9635f0b5d32175f5be4a04fb572368258a4ed72d4d3494637c8d6ee4c6d4bf35c8c494ac4d2da1864786ad0f41d362d1cf07d60dacd9779c3ef8b8b120b27aab34d9805df829db55e6a691740e118cf542b4f6b28c0d860d4aae677e2702dcfd822fe5457c66dc2f8c457715eede8cac7837a936b731c297927c463b463c1d03d502485b41306dd2063780afe9543f96da9c086fffe3910f2314a382dbbee9f72b7e66e90f44b9049f1059a819ec8ca7af8f836704c6d188e94e7f8bebacc682c4c46de1fde391ab0e5ec89e2a488639e70fc1d9cd5e04c4122903d958d3a03419121e3424a23231289634d010f582c440d87e91286abbe95a86481927f2765f6d0f3c2e9ef60b33ad763035055840c64ada2c841adad19b7d5924a2b86da236f15ee50c0914a0a1cfba62317aa2d33de78d08ab6287618bba0e3fe9496a695f059a475d37c6c937e9dfa77215aa3af6f0a862c23e1c9d15921982e8e17c63a1208b9da0100000072c4bf855600950cf0ea6e77a91b81e6aebe0e35809464599bf916984ecf8268813a3faee2260c3e28545637e463de165dac512e8b784e5163da5471ee710ffec3c496e78d5c5ec941d2616286960f0a7bbc4d4f778309cf5091ba7e05b7a598d7865ee10e1813515dba5e7b4a3e23c1ba33bec878b0b8f3a13e17b59aa07452fe645069c4e2f7b82f106dc1a6093d45abf393f4a68f57f6521662f639d8136914823c393e0cae4bd3784e6b2bda5671fc8ebc68b3dc7aee2d876a48c205a4e7df8ea786f124f6c83baa8b85df819e8ee366eb5507809a1e36fd3f17facb562dfe511b9183b62852312eaf947fe6a61dc168de4602910c6d12ce15e35e3b4125b5f9714ea1c49a1fdfff7a8ead500b288549b30bf2a1f4f198393432498334e65e198f0352b6c181491859f166e64846570dc551b909d1bf8bc15935ba82183c81c6c49210a347a37db3467c32c7d1e3a8aa3c7957ba2c37eb3f27b928f45908cfd22dab3c604dd053ca2425f122e11fc09cea1344d0e850a28240128e501b4425333dbd5dbba9269d62c516b4d3b16783489c7e25b2816a6f167ffeb6f19a8636b18e15926f5ad1ee4a4dd242a7f1a2fdfc7bfbf40b75da981a566d4965f50657e8179e0d3b40185f29a5061ea351e60970cb3d142c28375a5d8dced003a5b01846b4ed6460acdf2cbde7529da68aecd562d3ae10aa1c1e2325f09884df99e0f4246b2f9b879d711ab49757910c54f8fa48439dd47ce70935cd4f3b1ff85a28232b6ccbb51fd5d36a69c4eb5abf9cef8642172399f94cb2daed8d2d6ed279c6e35284e7ac5db840ca12ed7d168454725e19f552aad7de59ab368e4d42238444a8672f937aedc61c2159b6d1d4aada07c6de08ae40a1bae8ca696273f5748a6259ff4bcc39510e11a5f8ba25766c6779f07761c936ac0d0d01f1d4b488c3d2742c1a3029da837cc33dd1780695c5fc1542830006989b3faa62a9c8538ae840c8285cde8a13085cd295f695a0ab6d27b03a16b1904fc62fe25776df3fa792f54f4a5ad98f1f0be45848c81e34d70d4850a4ac3a5a7dbc56fff68eb4212bb1109f6f129c12babef6ef9671901c73da50966fb18d1f0c1575cbf985fd5a5c36f33386a1ce35c2ca4422b3c0522fbcbd873d8f0f80734b4f3e0bd1aa80beb6b1ec9a40a2d39adac14b7de089820c1314ef3b2fc2988778b9cbca0fe0f64cb858a90a6bcf67961644f6bd5825c43c9d4d4b0a8e5c7321346edf5f56558c00550891392055e15a6402220301235ac8593dbbe26f1f5105d50b1199d2fe2d74a78ea8e83fb409716c7d508ac1476d067c5aa77b1f689488e406bb6702648aa1faeecdcce8702f3d66e66c927487cfba756c070065126f2206fc58fe54d50923f1c7b14ce478d40f4bf9eccc441c8c931359f97898e6d8fe42a175546ec8c6d52672947e0233c1cccad78d44494361f6c81c530e9bea0e911d30998f0aeddeda8269e1a87e86509a5a4c2ed5f49e8b1bfdae1cfda352dee261ea029f80418e2232616e9f8443fce5d3f82e6bc8b8fc1e65419dc2fd1451e445f6e06ea3d12206ecadf4e45f9bf1340e162be57ea63787580c50a452af6d3b12fe4e2b8aa861e435f7766f35fa272841094149c81a40e7bff1f7177c38787b53b1b4fcf18e50c89ad3049f35f306fe628d4bdbacc07c44f8fc0006023407b4484ad6fbc15094b02a009f50e34efc0e75ab23dcc1b8355f4cd5f693aaf01e6fde20ce36fbd7fac42e00ce6100b0dfa974680dfef60ffa7f905840a2c345410abc5907edbd18d01556e6ce2593c910b282be64b225e6ce5b9b2388d602023959680981f0ee1296ecdf08e57c6a797421997a022e869f8e8a48a91a1bbe30169f608a2e854bd4de33adf2fe67577de2feee46424a679f7666307ab2134bbe9e79a12af724f97dda27d075e00cd59a260ca33be676df34ee96e13d436395edbafe4a83e1246b7b0194bd4c40d74521e52f06572102ecddd71da2bc35057eb66e7278801512f349d9f798ac8c38ba4fd2523d9f2f9586749b64dc8a0e3461cd7b7fb82e575bbba20c359ca2076cd669cb1ef83f082f21868c31fd750a2dac5670317c550a79324db88b68dd0f16e98c4b83710024d059569f5402eae23e8052b5b4b48502e0fc2483a20e38417f57cdb7ae870ce3c8352b1f4c6ffd61ed8e2751f5b93e266617b087c94a68ef704731409f3fd49bf677bdcc0c58e6094a8fd99cce1df278570390c37f51faf6fe93923f62984d5672a2d867f18ca76b964e2f7c259f639ab1122e749dd9c4f9b4470d8b68502f6f40685b74a24323837cf7e32b433c3ccbf064be0e70ffc2e5c2eae587154a7958d6c3f696fe42da49e4292404461908f7a1437b000a7f115cba487a9b426aa6ebdecbf0673e39356f894c0b3417491d0dd266a97b8711d16e6ed053028995e414d602f3296542ed46591c44a5dd1c466a92d8826bc12973e44028d37fb13bbe9ed2947334787c60f48b4f61089e3425fd165eaa1e3a2707891732875018420060afa179687c9e0f3f43b45e81fff95e07a518c9db494d0e4e453b8a35c7a0dd1ae81f4c0fd49f40fc9a6165a01ec00e0a97cd7282fb0c264709fa6e8310372bf06f66fd0f53d7919cba43d59cfcbb9f3b148b73edbdd75acdfe5f5fe2ffe40416c097e18a0fc0619bfbb78066f372d21f5d52fe4753ab29a0edf66b05c5bd3e6a5190f248561919dea3f20185e89f79fea4aaa12a44f14041a0620b23f28d5c535f40bae130843125a879e7f33d6c61cbe55ba51837b3194245237317d8532f94ed06543f5cc55535045b8b514c0d76097f520387e7b182c48c7b0173ac353d48566fafa00e7e5f7962f79645f73150c6921b6d6bcd240898aedb21b4453d63ba838bf90efbc5363beae5ad0609469a5b1c51aeae051fa57b16ad7f7c7a3f018e292ca5fbd9be583cfa9babbbb21caa574d35d8d778b1ae56e627ace9121fe5de64ed6dc684e5ee65c85baf2237953a0ced94eaa01e8c1911f487fb8324089f687040aac05dbb39475b26b1549c3d0a6b2d701fabd478b0d2e22cf720a6c80dc8971b1f0a9f39b4732fc7923a23b736966ee1537199511018723632631d36f6eca17c1192b6ec5cd68fd0de31c256270d668db457bbf57de66cb5054f446cdba23440cf485c5b379639284fb653141e20f8ab14c43f1faa181feae3a09cc6654ccc76e901c9c2fa67eeb17f488db52cde8cd26fba1f20db19c1dd92d9b09d1d2e9c8383aca4029492e5b91039fe624b35212c068120cd33a40b3ee7369bed5a705e0f7b13f0f266ff985a535d99c0a99366ab9767254da39964cd1a5df670bb7cebc06a5054d8a63aa5472f4a1d381cfc3d0e0ca8ee8c6f06974facc76538f6eaad66fc673f2dcc5cc65309fa7c821045813a1cf30d6b0a7e83e65b78f47957f28a7a80f34a14754b3347cd16e1b4d2a596099d1a17c681be6d9e4aa3724ea8a6fd6cf1a7492bedca5b47d22f1fbd710a77146acf6a11b95b36eeb2dd15c76ce7a54817c4181c90799ded1cf8c1168b39f5338822f485fc258ca42e1474927f6fb0ebf46bde59fe4e0b216fcb4015c40af76da02ef309039bc9fad472d5e9088b1f47b4a03e50458392a9d1cf4612690289429bbb60be45d9b658d1e88c2df6383c766b6246760238ff968f344311f6d9c3619763c573b7f27b99cdff92d6090003164ca5e684c60690fb13118f46424e98592b37755d715416c7fc758881f29f87371d086d24c759eb4455b50eff93123b5b150186e5a9e20945d0833a7d1039712736f5b266a7041a2ea20e959ed0a5286352f9a5f96b5b72df30df35c693379304d02200052b491a1dc18239ad5b953ae70c0f33623de25256cbf637bf25e24b21d4c78ba4591481e8424f1a1f329958c5f3ec3cc8ee72a6950dc2c1cfdf2354143e285ca9f82bec1fdf51ccab28ee51035c8dbcef7170843e858d01360266860800571a4fe0936ba82b97c8fcf76f19d49f6f95bc37b23997f8153c22b49d43598af71797547e02050f24fdaa4defe4513aab82f18e2223e2372cfaa95ec24fac636025bfdba5a4fbe25bb4beb596d272d06bc5c19e88e323d4c3afac75ded11b05cf3a0aef570e2700fad7d4b714cc8db83ed5a1c8d398d37bf1a3686ff122b76f06f4ece5413c5da26944e31177e5088e5b4255ff0cd2358b997f511bbc6593b3a6d14b3411a3a22a4e1751c3d0459fadbeae6f0bc399c7e526ba309708fc374e4c3dffbf03355b5147794704a71d6714e2329523dcfbdd6137c87212bc13d9b83d00b11422ba73abee769374762df22f55efde6766ca37c351a07552255a42aba6b9aab9ccb8576da44a7341797af0d86b68d3ab17821e86405e34e49cb73198b78b2536d49f5590ba2cc75ba9d0cb7b7f7c13bce023301a84b67d1afddad8bd1904803f9a4392ae7742bfb35530f0da566a295ba5a0786db745bd4ad5de86120fbc0b453131b4f21bd519aefe216cd7658d80e3a6afdf0f8c28ce0df38a38f0ffb5d7dac8692808be0299423253b91a347aabdf60db0a5c35404ee4148d31ae75e0095b8f07e6471be0c19fb41591cb290342a04ad89f17b3d00af14a0500a71ae376c9f707ee7cf3254e42d2641239d531e7e1c94805df8bc58a8075ce535cc648da9a3e0a9decf6d699173b1f65d25e366b0c8701eb53e0b509ca077bfd142f5ad6de215c8bbafcfffb0b8c0d6751de09f68d0b23834ea46370568c9a4fb7630fc1e82dffc56da06090ce3d61aa1dd5807a98dc6aac17518a0cebb00200000028743fa9ff0381e730df6c6b0137667a0875f1c4d8c820b0ae44253a5e3047f4a64bbcc64dcb1035b43c2c63a97df5a8cbf3be7ec92ac92e3d8ab7f257ab63eefde2ffe5abbf040d3776bef144c5e372f044fafdaba0540368615c92dfb61a3ff45651835bbd6610f4f6e5b7875d9c74367e913fb2dca9f6c755a070d01a600633f399af71d99aef87871ebdd8c0a27dbbab4961ca83df205c9440658ad3192dc116281e26eb6f236fd701667d5dae9f1c48e66c7396366b48f2557dcfd30ca4a96a7daf292c3a6b3278d910a728bcc39e66dec14969b1742d960307c45bb38fdec8f9c26775cbc7ec671873f4af31eaf9339de30b60fc3613724de2171ae81d86949c534f169b8ee5fe8318a2ec64e3b690da09e0c355225c8205c6adacde1f25c242aa1b456d6b23f0bda02b369bb0c751623fe4d40c6e6999d9e494423481ce01c85dd45ae4f6f6993388bdd32bdf01b9c22215c644ba8b517498ca02dee7f32fde3d8f591896c21cb68c82b90d84694ffbf2fcc875abce3ecbc33d9a6c58807cb0c2f3a5f77f107653c1dca780ee861799498e8165c2be957ba9f6c8bf57549674b389d341e2b99fc7931ea40793d9a17604298220af7254eb8e972cd28ea877d8ed52bab1162de7a66a0e9afd10e649b5554f41df0a7623c3e1744f439f39685de6afc65dd6c37069681afd30e476c09142c8460191526ddde6c651767ac59371a881f757d3cf2bae6d48ea781e89931b9e3ea3f65097b006fe15b61cbefede125e949abf541d670f122eff8be716b2cd662d69ead1dc797d58efe39aab72af7e610452746cff38d63b8eb217b4fc66de320aebac6e02e149f197b1ab53544162c22597ad7499f7bd75d0307ce75ce5f3b606b009c7dae85615bccaadb3cf261549be0cfe29e8faa175403342384b3efb79ecbdd4350ac768ab6d40957dd185fc4509938f9d387c86c06ed93baf9b4f931f53ded6aa431531a64a39e4fbe92b25d2c28f9314a5570b72ec33a0080d3ab68bc9fcb1786ccd5876856fa1310480f8272ee931679195e19ba116ccfe4b82c928698fe6b96b03d5f33b332bf2fb9fdfb82e386a716853d35a4374f092c2ab00e43fb8639fc525a87d41548e2289074345ca780e29c871c1ae27d27abb25dc9f5cc7460fedea216fd36ee28f69b00f7535dbf931d638f4ed710720cd94de10938ac2018888df4d1aee5676d09e4999b92d48a579916d86faebdefb9562e32e4a43857ab90af69ebd6b22ae50a1a99f8f0ffc731b2db79889824b587b75043265fa1dca7b68c2c2df36b774b5103a149bcfd4d1b3cbce3e4f257f981f973693a8120c4d4d1aefad1451c24dc12fdf798c23786c7498c6faa2b46057bd4d4be51d219a373a6153711a490c588c2085befdaa31c17cc1efc08e341e065e27489ec987a994aceffc0d3ed764606e2195bf3553fbab72a0583396f49743c7059371a3083a4fe7dcc553e26a871503990a9b99539ff0cf90866b90b6183e65756c3f5c9387aa83854c8b5335fd6a71b32383c34f22241cd25d538989d19ec7052a41523d7bdd8a834315dab3c27d9b92274fb9148119d458b38eba62d8cf955a326437f7d13ff61142748410a2fbba9341f58ddfdd45cfd77106b1ec6bae9666537705bd79e645f7a735f07865e603ed2583936a4c92377b0099fd6de8cf29b1761846a6bb803fb6ad1830e6d72beb73d89956ceaab9c2e711ac22e5823e341e14d33093d382344f811c105e7e0e0a8d73602edb2e9860235cf5e65a7c4f91d85f8038ea6706f68688576bfb75b4832fad45e4d31a3832e56b83cdacb09f10097028de8931d155b6b68adae12d7c3fb030b9436697ce648d33d0c6ce9d281e11d4c126634f50693b5edee21526b96f69f565668b7cb811151a2d27f44cca69bc36edab2cdf09de88d53246c5bcfd91c2a409f98075e64ff2d706701e28b30f5e3e2834f8cce5b8", 0x2000, &(0x7f0000000240)={&(0x7f0000000100)={0x50, 0xb, 0x0, {0x7, 0x27, 0x0, 0x1040, 0x2, 0x80}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

9.156895278s ago: executing program 2 (id=781):
r0 = openat$fb0(0xffffff9c, &(0x7f0000000140), 0x8000, 0x0)
ioctl$FBIOPUT_CON2FBMAP(r0, 0x4610, &(0x7f0000000180)={0x2f, 0x1})
set_mempolicy(0x4, 0x0, 0x0)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

9.030779785s ago: executing program 2 (id=782):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000010c0)={0x20, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)

8.932746521s ago: executing program 2 (id=783):
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x2ec, 0x65, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffe0}}, [@TCA_CHAIN={0x8}, @filter_kind_options=@f_u32={{0x8}, {0x54, 0x2, [@TCA_U32_INDEV={0x14, 0x8, 'veth0_to_team\x00'}, @TCA_U32_INDEV={0x14, 0x8, 'veth0\x00'}, @TCA_U32_HASH={0x8}, @TCA_U32_CLASSID={0x8, 0x1, {0xffe0}}, @TCA_U32_POLICE={0x10, 0x6, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x5}]}, @TCA_U32_FLAGS={0x8}]}}, @TCA_CHAIN={0x8}, @filter_kind_options=@f_flower={{0xb}, {0xbc, 0x2, [@TCA_FLOWER_KEY_ARP_OP_MASK={0x5, 0x3e, 0x9}, @TCA_FLOWER_KEY_TCP_DST={0x6}, @TCA_FLOWER_KEY_ENC_OPTS_MASK={0x84, 0x55, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x3c, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_CLASS={0x6, 0x1, 0xfff9}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x4}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_DATA={0x5, 0x3, 0x7}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x15}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x7b}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5}, @TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0xf}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0x4}, @TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x34, 0x3, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5, 0x4, 0x9}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0x7}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_INDEX={0x8, 0x2, 0x8}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_DIR={0x5, 0x3, 0xb}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_VER={0x5}, @TCA_FLOWER_KEY_ENC_OPT_ERSPAN_HWID={0x5}]}, @TCA_FLOWER_KEY_ENC_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPT_GENEVE_TYPE={0x5, 0x2, 0x31}]}]}, @TCA_FLOWER_KEY_CVLAN_PRIO={0x5, 0x4e, 0x5}, @TCA_FLOWER_KEY_CT_LABELS={0x14, 0x61, "cda6a02c3728266fd864bc6b04f6c051"}, @TCA_FLOWER_KEY_TCP_DST={0x6}]}}, @filter_kind_options=@f_route={{0xa}, {0x188, 0x2, [@TCA_ROUTE4_FROM={0x8}, @TCA_ROUTE4_ACT={0x11c, 0x6, [@m_connmark={0x118, 0x0, 0x0, 0x0, {{0xd}, {0xac, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x30000003}}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x7, 0x5}}}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x1}}}, @TCA_CONNMARK_PARMS={0x1c}]}, {0x40, 0x6, "91a991d04aa8cb411880b88050856c4a5b99aafe5cf70a535f4e162db7c30535ebf5e9ab54237bf6d2780785c80bcf9eae2d6d6d65f242d28d9992d8"}, {0xc}, {0xc}}}]}, @TCA_ROUTE4_ACT={0x60, 0x6, [@m_nat={0x2c, 0x19, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}, @m_csum={0x30, 0x0, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x2ec}}, 0x0)
sendto(0xffffffffffffffff, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000008c0)="d8000000180081000181f782db4cb904021d0800fe007c05e8fe50a10a000700014002020c600e41b0000900ac000a0501000000160012000a00ff150048035c3b61c1d67f6f94007134cf6efb8007a007a290457f01a7cee4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5a02000000ca9ec855eff0eb3f365d3a71d95667daffffffffff1f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5b7276505dba36efab70cdb67e8d1cc5c7b06b1eab31f7b05da962834cedde6fdfcf45add8e51ff159ca9680d0", 0xd8}], 0x1}, 0x0) (fail_nth: 4)
recvmmsg(0xffffffffffffffff, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})
r1 = socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0x33fe0)
r2 = syz_open_dev$video(&(0x7f0000000040), 0x0, 0x0)
ioctl$VIDIOC_S_FMT(r2, 0xc0d05640, &(0x7f0000000180)={0x8, @pix={0x2000, 0x0, 0x34565348, 0x5, 0x0, 0x5}})
openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x10001)
r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
preadv(r3, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000007bc0), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_SET_PMKSA(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=ANY=[@ANYBLOB='L\x00', @ANYRESHEX=0x0, @ANYBLOB="0100000000000000000034000000", @ANYRES32, @ANYBLOB="14005500f2a061aa1180009b0e07efaadd67505c0a0006"], 0x4c}, 0x1, 0x0, 0x0, 0xffd53e6684c53ef9}, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f00000000c0)=[{0x0}], 0x1)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r5, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r5, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r5, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
sendmmsg$inet6(r5, &(0x7f0000003c40)=[{{&(0x7f0000000180)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000200)="03", 0x1}], 0x1}}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r5, 0x84, 0x78, &(0x7f0000000100), 0x4)

8.626812211s ago: executing program 2 (id=784):
syz_usb_connect(0x0, 0xc23, &(0x7f0000000e00)=ANY=[@ANYBLOB="12010000bcc38110050b91175704010203010902110c04fd00000009049d04057e4f3b080824060000468c120524007f000d240f01a40000000008f6150505241503000a24070805000200050006240600009205240002000d240f010800000000000004fd0524010004072414b80607000c241b060000000602ff7f0397241309ebfbc8a5ceb8e4440105a21c6da2920dfaed363d5291381d818a6a02f02972921fd5d1c5d696265ed6e193ae0e9fefff021d83191bec527571e36080f9d9a14d99a769dba779c88541dce68c266b9643eb14f129b4fb9aa68b24f6f6a8cd18e3bbe00a0c2a0b786bf33749521b633cc1a22ca203091f5f3284859539786af97428a8b3222ebea899f74c16822a0d59329a518309058b1f2000040820072501800001010905071000020407a307250102fa0700f611a15112d5db9111bca3e1876f8f2b36053f50531982fe0926db2f674b2d567146594690ae05ecc9195aeac3c127ab94c2a961df0c2538e5493482e5a26fe70ebbaa28e019d07cc0ededf506f37b734a31f1db7a9bf13f162b96f5123531e6586f9a30f53ba96c97d644b9b5462fc5b6745858b2e2e932d1ee5f8c5b2ce8ccd086006960c37ea6ce01454a1d6b08effdd34db9e3ad0d66e611cfd653aefc90eb52c607d5c8306709d98a5663e7f8a6cf5f67a3b68c9e92408fa1de0d95662ba0690d0b93eb0493b7899989c16efd3960f37153e0d124010f15df7b4baa6ea2666f44c212ccbdd89f67a14f08a7374746026a1f0ade09050d400800b80b03310248d4c4e81350d1fa5bbce7829076c9589882f0706e31550f367cbdd00d1a608ddf2ec93da1bc96981d5eb67003cabf090504000002f902200725018205070009050d8508000600080904d5090e0e0100f2112402010202"], 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000300)={0x84, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x3d, 0xe, {{{}, {}, @device_a, @device_b}, 0x0, @default, 0x0, @void, @void, @void, @val={0x4, 0x6}, @void, @void, @val={0x25, 0x3}, @void, @void, @void, @void, @void, @val={0x76, 0x6, {0xf, 0x7, 0x3b, 0x8}}}}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_HE_GI={0x5, 0x6, 0x4}]}]}]}, 0x84}}, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000240)={@local})
r4 = syz_open_dev$audion(&(0x7f00000001c0), 0x4, 0xc0)
sendmsg$NL80211_CMD_UPDATE_OWE_INFO(r4, &(0x7f0000000440)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f00000003c0)={&(0x7f00000002c0)={0x38, r2, 0x300, 0x70bd28, 0x25dfdbfb, {{}, {@void, @val={0xc, 0x99, {0x0, 0xf}}}}, [@NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x43}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x34}, @NL80211_ATTR_STATUS_CODE={0x6, 0x48, 0x63}]}, 0x38}, 0x1, 0x0, 0x0, 0x4000000}, 0x10)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x20, 0x2247, 0x1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x64, 0x50, 0x5, [{{0x9, 0x4, 0x0, 0x6, 0x2, 0x3, 0x1, 0x0, 0x5, {0x9, 0x21, 0x27, 0xff, 0x1, {0x22, 0x359}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x0, 0x9, 0x4}}}}}]}}]}}, &(0x7f0000000240)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x200, 0xf, 0x9, 0xb, 0x8, 0x9}, 0x31, &(0x7f0000000080)={0x5, 0xf, 0x31, 0x4, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0x2, "dcab456d1ef909322dc7b94904a38868"}, @ss_cap={0xa, 0x10, 0x3, 0x2, 0xa, 0xff, 0x0, 0x6}, @wireless={0xb, 0x10, 0x1, 0x0, 0x42, 0x2, 0x9, 0x13, 0xd}]}, 0x2, [{0x2c, &(0x7f0000000100)=@string={0x2c, 0x3, "ee98a31aa6fef0b8f252413d62b046f7f4e123a558a3f7a30e291fe536ae4509262869265800895c3bf7"}}, {0x0, 0x0}]})

8.621638907s ago: executing program 3 (id=785):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000a00)=@expire={0x138, 0x18, 0x1, 0x70bd29, 0x0, {{{@in=@multicast1, @in=@loopback}, {@in=@broadcast}, @in=@dev={0xac, 0x14, 0x14, 0x35}, {0x0, 0x0, 0xfffffffffffffffd}, {0x6}}}, [@algo_auth={0x48, 0x1, {{'digest_null\x00'}}}]}, 0x138}}, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x2000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000500)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x65}, [@ldst={0x6}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd96, &(0x7f0000000080)=""/201, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffd56, 0x10, &(0x7f0000000000), 0x1dd, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

8.48115045s ago: executing program 0 (id=786):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/route\x00')
lseek(r0, 0x3ff, 0x20)

8.473398467s ago: executing program 0 (id=787):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10) (async, rerun: 64)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0) (rerun: 64)
syz_usb_control_io$hid(r1, 0x0, 0x0) (async, rerun: 64)
syz_usb_control_io(r1, 0x0, 0x0) (async, rerun: 64)
syz_usb_control_io$cdc_ecm(r1, 0x0, &(0x7f00000004c0)={0x1c, &(0x7f0000000dc0)=ANY=[], 0x0, 0x0}) (async)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r1, 0x0, 0x0) (async)
syz_usb_control_io(r1, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ecm(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0) (async)
syz_usb_control_io(r1, 0x0, 0x0) (async, rerun: 32)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0) (rerun: 32)
syz_usb_control_io$uac1(r1, 0x0, 0x0) (async)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0) (async)
syz_usb_control_io$printer(r1, 0x0, 0x0) (async)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0) (async, rerun: 64)
syz_usb_control_io$hid(r1, 0x0, 0x0) (rerun: 64)
openat(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0)
r2 = eventfd2(0x0, 0x0)
write$eventfd(r2, &(0x7f0000000000)=0xfffffffffffffffe, 0x8)
r3 = syz_io_uring_setup(0xf3b, &(0x7f0000000480), &(0x7f0000000080)=<r4=>0x0, &(0x7f0000000540)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) (async, rerun: 32)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) (async, rerun: 32)
io_uring_enter(r3, 0x6b1e, 0x0, 0x4, 0x0, 0x0) (async)
read$eventfd(r2, &(0x7f0000000f40), 0x8) (async, rerun: 64)
syz_usb_control_io$printer(r1, 0x0, 0x0) (async, rerun: 64)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)

8.374788848s ago: executing program 3 (id=788):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
llistxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
umount2(&(0x7f0000001540)='./file0\x00', 0x2)
dup3(r1, r2, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = syz_open_dev$swradio(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_ENUM_FMT(r4, 0xc0405602, &(0x7f0000000d80)={0x1f, 0xb, 0x0, "2ac0749f7a19d71029970ac5e8092a6c6bd27d45d01f1af84d4f7d0b48a36eb2"})
r5 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r5, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r6=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000000)={r6, @in={{0x2, 0x4e22, @empty}}, 0x0, 0xffff}, 0x90)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r3, 0x84, 0x73, &(0x7f00000000c0)={r6, 0x9, 0x10, 0x7, 0x100000001}, &(0x7f0000000100)=0x18)
close_range(0xffffffffffffffff, r0, 0x2)
getsockopt$SO_COOKIE(r0, 0x1, 0x39, &(0x7f0000000080), &(0x7f0000000040)=0x8)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000bc0)=@dellink={0x34, 0x11, 0x1, 0x0, 0x25dfdbfd, {}, [@IFLA_IFNAME={0x14, 0x3, 'macvlan0\x00'}]}, 0x34}}, 0x48842)

8.19645474s ago: executing program 3 (id=789):
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = msgget$private(0x0, 0x0)
msgctl$MSG_STAT(r1, 0xb, &(0x7f00000001c0)=""/13)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_WIPHY(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000040)={0x28, r3, 0xf81, 0x0, 0x0, {{}, {@val={0x8}, @void, @val={0xffffffbd}}}}, 0x28}}, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xb007}, 0x4)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000003900)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b07080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf5af51d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000000000007d5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d42645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa16509945ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000cf7b6c4ba9bec153d6834bfef080df374703a8ff56a63ec1fe5f2e05a79e3cace7283dd68d41e94420c325fe4dae144fde5ec25a87d625cab20753a77b323fa3783c8b675859b9012647885a242adfee2fe812ecbe5191e0a15142f7349e"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0xf1, 0x100000}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f0000000340)=ANY=[@ANYRESHEX=r3, @ANYRES64=0x0], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x14, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r5}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
read(0xffffffffffffffff, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
process_madvise(0xffffffffffffffff, &(0x7f0000000200), 0x1000000000000276, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r9 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x101641)
ioctl$USBDEVFS_IOCTL(r9, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r9, 0xc0105512, &(0x7f0000000000)=@usbdevfs_connect)

8.125320783s ago: executing program 3 (id=790):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a010300000000000000000100fffd0900010073797a300000000040000000030a01020000000000000000010000000900030073797a3200000000140004800800024032658aeb08000140000000010900010073797a300000000044000000060a010400000000000001040100000008000b40000000000900010073797a30000000001c000480180001800d00010073796e70726f7879000000000400028014000000110001"], 0xcc}}, 0x0)
syz_emit_ethernet(0xfdef, &(0x7f0000000180)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x64, 0x0, 0x0, 0x6, 0x0, @empty, @empty}, {{0x10, 0x4e26, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x1, 0x0, 0x0, {[@generic={0x2, 0x2}]}}}}}}}, 0x0)

7.856816912s ago: executing program 3 (id=791):
pipe(0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x5)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
mmap(&(0x7f0000b5f000/0x4000)=nil, 0x4000, 0x100000d, 0x2012, 0xffffffffffffffff, 0x0)

4.425638864s ago: executing program 2 (id=792):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000440)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a0104000000000000000002000000400004803c0001800c0001007061796c6f6164002c000280080004400000000008000540000000000800034000000000080002400000090000000840000000000900010073797a30000000000900020073797a32"], 0x94}}, 0x0)
r1 = syz_io_uring_setup(0x5a60, &(0x7f0000000080)={0x0, 0xfffffffc, 0x2, 0x0, 0xfd}, &(0x7f0000000100), &(0x7f0000000000)=<r2=>0x0)
r3 = syz_io_uring_setup(0x34eb, &(0x7f0000000140)={0x0, 0xcaab, 0x0, 0x0, 0x0, 0x0, r1}, &(0x7f00000003c0)=<r4=>0x0, &(0x7f0000001480))
syz_io_uring_submit(r4, r2, &(0x7f00000001c0)=@IORING_OP_MSG_RING={0x28, 0x0, 0x0, r3, 0x0, 0x0})
r5 = socket$inet6(0xa, 0x2, 0x0)
sendmsg$inet6(r5, &(0x7f0000000140)={&(0x7f0000000080)={0xa, 0x4e22, 0x80000, @rand_addr=' \x01\x00', 0x60}, 0x1c, 0x0, 0x0, &(0x7f00000008c0)=[@rthdr={{0x18, 0x29, 0x43, {0x0, 0x0, 0x2}}}], 0x18}, 0x8000)
keyctl$session_to_parent(0x12)
io_uring_enter(r1, 0x2003, 0x0, 0x0, 0x0, 0x0)

4.403133954s ago: executing program 1 (id=793):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000010c0)={0x20, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00'})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0)

4.20062941s ago: executing program 0 (id=794):
ioctl$KVM_XEN_HVM_CONFIG(0xffffffffffffffff, 0x4038ae7a, &(0x7f00000003c0)={0x7, 0xb32, 0x0, &(0x7f00000013c0)="08d27964236601a2bb23ea470402", 0x0, 0xe})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121381, 0x0)
write$binfmt_aout(r0, &(0x7f0000000100)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, "0000fa00ea8000"})
r1 = syz_open_pts(r0, 0x0)
r2 = socket$inet_smc(0x2b, 0x1, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_percpu_user\x00', 0x275a, 0x0)
write$binfmt_aout(r3, &(0x7f00000002c0)=ANY=[], 0xc1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000005, 0x13, r3, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x5, &(0x7f0000000180)=0x1, 0x4)
r4 = dup3(r1, r0, 0x0)
ioctl$TIOCSETD(r4, 0x541b, &(0x7f0000000ec0))

3.422175548s ago: executing program 4 (id=795):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='memory.events\x00', 0x26e1, 0x0)
lseek(r0, 0xfffffffffffdffff, 0x4)
r1 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000280)={{0xa, 0x0, 0x0, @private2={0xfc, 0x2, '\x00', 0x1}}, {0xa, 0x0, 0x80000, @local}, 0x0, {[0x6]}}, 0x5c)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x5)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(blowfish)\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000200)="ad000000", 0x4)
sendmmsg$unix(r5, &(0x7f0000003dc0)=[{{&(0x7f0000000000)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0xfffffffffffffe43, 0x8000}, 0xfffffdef}, {{0x0, 0x0, 0x0}}], 0x2, 0x0)

3.345625324s ago: executing program 1 (id=796):
r0 = semget$private(0x0, 0x2, 0x251)
semctl$GETVAL(r0, 0x4, 0xc, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/xfrm_stat\x00')
writev(r1, &(0x7f00000012c0)=[{&(0x7f0000000180)="9f", 0x1}], 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendto$inet6(r1, &(0x7f0000000040)="9f38b6bedc3c1481c52c55ab508d19ed14ed9aac5a56d20ddd7f65f463ee79f120a001a06d5572fd483231e7096f3bb322ff489b4d87c11c1a3768bfbf987b050222714546085ea3c9e2e5b53c4d5b27994a54f267ac613f81521a935645cef7489bd066ce42f5af193941b0baef12ae460195ea4a53a461b48bb5124d3e16f90bc7c3c5ca3391f23a0b8e93f41923d748adbcd176b8", 0x96, 0x24058800, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
gettid()
syz_emit_ethernet(0x36, &(0x7f0000000100)={@empty, @dev={'\xaa\xaa\xaa\xaa\xaa', 0xa}, @val={@void, {0x8100, 0x4, 0x1, 0x4}}, {@arp={0x806, @generic={0x311, 0x6007, 0x6, 0xd, 0x3, @remote, "79116dea0a4d3424e12085c19e", @dev={'\xaa\xaa\xaa\xaa\xaa', 0x25}, "3e6aaa"}}}}, &(0x7f00000001c0)={0x1, 0x3, [0x8bb, 0x5dc, 0xb2f, 0xcab]})
read$FUSE(r1, &(0x7f0000001300)={0x2020, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}, 0x2020)
timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x4, @tid=r2}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = mq_open(&(0x7f000084dff0)='!selinuxselinux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000300)={0x0, 0x1, 0x7})
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)
mq_timedsend(r3, 0x0, 0x0, 0x0, 0x0)

1.480889912s ago: executing program 0 (id=797):
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000040), 0x2)
r1 = memfd_create(&(0x7f0000000200)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xcda\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\x804\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U\xe8ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
ftruncate(r1, 0xffff)
fcntl$addseals(r1, 0x409, 0x7)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f00000000c0)={r1, 0x0, 0x0, 0x1000000})
ioctl$UDMABUF_CREATE_LIST(r2, 0x40087543, &(0x7f0000000340)=ANY=[@ANYBLOB="00000000010000008de068c9ea4531de4864a8362f2923b43eade0f03fbcb1baf8f93ea05b443b5120ccd259cadc72f1e8988c5d6c078913bc01b27ffd4ee23ed95c1171b803d077351920e3132e8d334aa395077df25a82ec4e44b4e73f6f09d34b2b9989b13c483b50130140be5d8bc720de6f56570f9eb16183572579282ae1b9a7d86e153bb4a04431c8d3f9c8e6c863c5bb22d7e259e1d9a4aee445ea74193c3d783fb63dfdfe1a470d3f", @ANYRES32=r1, @ANYBLOB="0000000000000000000000000000010000000000"])
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs={0x1}, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000fe0500000000000000000000950000000000"], &(0x7f0000000200)='GPL\x00', 0x1e, 0x23, 0x0, 0x41000, 0x14, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x10)
syz_open_dev$loop(0x0, 0x6, 0x80)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r8 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r8, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
r9 = fsopen(&(0x7f00000000c0)='gadgetfs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r9, 0x6, 0x0, 0x0, 0x0)
ioctl$VHOST_SET_VRING_BASE(r3, 0xaf01, 0x0)
r10 = openat$khugepaged_scan(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
ftruncate(r10, 0x10001)

1.182248191s ago: executing program 2 (id=798):
socket(0x10, 0x3, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = dup(r2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000007, 0x38011, r3, 0x0)
ioctl$FIBMAP(r1, 0x1, &(0x7f0000000100)=0x6)
r4 = openat$vicodec0(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
ioctl$VIDIOC_ENUMSTD(r4, 0xc0405619, &(0x7f0000000200)={0x5, 0x4, "9b69c171416bf57c6b549adceb172f01ad4c66f7bef6142c", {0xfffffffd, 0x7}, 0xfffffff7})
sendto$inet6(r3, &(0x7f00000001c0)="d972ab2e7c88ef2f3afc4c7005d47677c5a953ed579fd216970f4d64b39dbd205003b1cb9e8d4388499567ea9e7b343699a1909f4ec0523466a78862434b39fb86990c55ead15b6486d9e318b5903bff96a19c", 0x53, 0x80, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @local, 0x95}, 0x1c)
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r6 = dup(r5)
write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff}, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000540)=[{0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f00000000c0)="e4", 0x1}], 0x1, &(0x7f0000000740)=ANY=[@ANYBLOB="300000000000000017e2ffff010000001800000045f43a7ce45002bdb85e47ab3e39597e422ffab456dd963a0000000018000000000000001701000004000000060200000040000018"], 0x60}], 0x1, 0x8001)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000240)=@req3={0x1000, 0x2, 0x2, 0x3, 0x4, 0x7, 0x28a3ad31}, 0x1c)

0s ago: executing program 1 (id=799):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000000c0)=ANY=[@ANYBLOB="820000000000000070000040"])

kernel console output (not intermixed with test programs):

_after_hwframe+0x84/0x8e
[  314.187213][ T7799] RIP: 0023:0xf7fd5579
[  314.191296][ T7799] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  314.210926][ T7799] RSP: 002b:00000000f57565a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  314.219360][ T7799] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 00000000f5756620
[  314.227345][ T7799] RDX: 000000000000000f RSI: 00000000f745bff4 RDI: 0000000000000000
[  314.235345][ T7799] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  314.243328][ T7799] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  314.251310][ T7799] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  314.259301][ T7799]  </TASK>
[  314.401841][ T7785] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  314.456864][ T4621] Bluetooth: hci4: command 0x0c1a tx timeout
[  314.466680][ T4621] Bluetooth: hci3: command 0x0c1a tx timeout
[  314.541348][ T4621] Bluetooth: hci1: command 0x041b tx timeout
[  314.618328][ T7785] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  314.711915][ T5287] r8712u: register rtl8712_netdev_ops to netdev_ops
[  314.719046][ T5287] usb 4-1: r8712u: USB_SPEED_HIGH with 4 endpoints
[  314.728832][   T11] hsr_slave_0: left promiscuous mode
[  314.734636][   T11] hsr_slave_1: left promiscuous mode
[  314.747627][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  314.765485][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  314.780718][ T5287] usb 4-1: r8712u: Boot from EFUSE: Autoload Failed
[  314.788966][ T5287] usb 4-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  314.796513][ T5287] usb 4-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  314.805404][   T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  314.821711][ T5287] usb 4-1: USB disconnect, device number 43
[  314.841593][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  314.919803][   T11] veth0_macvtap: left promiscuous mode
[  314.934811][   T11] veth1_vlan: left promiscuous mode
[  314.949166][   T11] veth0_vlan: left promiscuous mode
[  315.896917][ T4621] Bluetooth: hci0: command 0x0c1a tx timeout
[  316.082084][   T11] team0 (unregistering): Port device team_slave_1 removed
[  316.154783][   T11] team0 (unregistering): Port device team_slave_0 removed
[  316.269279][   T25] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  316.456863][   T25] usb 2-1: Using ep0 maxpacket: 16
[  316.469905][   T25] usb 2-1: config 0 has an invalid interface number: 107 but max is 0
[  316.479777][   T25] usb 2-1: config 0 has no interface number 0
[  316.485981][   T25] usb 2-1: config 0 interface 107 altsetting 0 endpoint 0x88 has an invalid bInterval 0, changing to 7
[  316.497827][   T25] usb 2-1: config 0 interface 107 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  316.510493][   T25] usb 2-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60
[  316.520108][   T25] usb 2-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3
[  316.529259][   T25] usb 2-1: Product: syz
[  316.533736][   T25] usb 2-1: Manufacturer: syz
[  316.536809][ T4621] Bluetooth: hci4: command 0x0c1a tx timeout
[  316.541598][   T25] usb 2-1: SerialNumber: syz
[  316.552687][   T25] usb 2-1: config 0 descriptor??
[  316.564904][   T25] keyspan 2-1:0.107: Keyspan 4 port adapter converter detected
[  316.573404][   T25] keyspan 2-1:0.107: found no endpoint descriptor for endpoint 81
[  316.584686][   T25] keyspan 2-1:0.107: found no endpoint descriptor for endpoint 1
[  316.602986][   T25] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB0
[  316.618402][   T25] keyspan 2-1:0.107: found no endpoint descriptor for endpoint 2
[  316.623338][ T4621] Bluetooth: hci1: command 0x041b tx timeout
[  316.634253][   T25] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB1
[  316.662528][   T25] keyspan 2-1:0.107: found no endpoint descriptor for endpoint 4
[  316.683284][   T25] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB2
[  316.704234][   T25] keyspan 2-1:0.107: found no endpoint descriptor for endpoint 6
[  316.724794][   T25] usb 2-1: Keyspan 4 port adapter converter now attached to ttyUSB3
[  317.003036][ T7808] netlink: 24 bytes leftover after parsing attributes in process `syz.4.546'.
[  317.024656][ T7759] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.032148][ T7759] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.046993][ T7759] bridge_slave_0: entered allmulticast mode
[  317.053916][ T7759] bridge_slave_0: entered promiscuous mode
[  317.086725][ T7819] netlink: 'syz.3.548': attribute type 10 has an invalid length.
[  317.179765][ T7819] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  317.201774][ T7820] netlink: 'syz.3.548': attribute type 15 has an invalid length.
[  317.203270][ T5233] usb 2-1: USB disconnect, device number 33
[  317.224770][ T7828] netlink: 4 bytes leftover after parsing attributes in process `syz.4.550'.
[  317.237214][ T7820] netlink: 666 bytes leftover after parsing attributes in process `syz.3.548'.
[  317.256377][ T5233] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0
[  317.269806][ T7759] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.292496][ T7759] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.301965][ T5233] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1
[  317.326103][ T7759] bridge_slave_1: entered allmulticast mode
[  317.337954][ T5233] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2
[  317.362279][ T7759] bridge_slave_1: entered promiscuous mode
[  317.396163][ T5233] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3
[  317.422906][ T5233] keyspan 2-1:0.107: device disconnected
[  317.528081][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  317.534572][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  317.552356][ T7759] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  317.588927][ T7759] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  317.661359][ T7837] netlink: 20 bytes leftover after parsing attributes in process `syz.3.553'.
[  317.686881][ T5287] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  317.708748][ T7759] team0: Port device team_slave_0 added
[  317.726832][ T5301] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  317.738611][ T7759] team0: Port device team_slave_1 added
[  317.790309][ T7759] batman_adv: batadv0: Adding interface: batadv_slave_0
[  317.805460][ T7759] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  317.860226][ T5287] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  317.860398][ T7759] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  317.886275][ T5287] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  317.896936][ T7759] batman_adv: batadv0: Adding interface: batadv_slave_1
[  317.903934][ T7759] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  317.926622][ T5287] usb 5-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  317.939364][ T5290] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  317.959516][ T5287] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  317.967776][ T5301] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  317.980416][ T5301] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  317.990539][ T5301] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  317.994816][ T5287] usb 5-1: config 0 descriptor??
[  318.010801][ T7759] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  318.033258][ T5301] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1c0d, bcdDevice= 0.00
[  318.079358][ T5301] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.109696][ T5301] usb 3-1: config 0 descriptor??
[  318.119498][ T5290] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  318.141314][ T5290] usb 4-1: New USB device found, idVendor=046d, idProduct=c513, bcdDevice= 0.00
[  318.169798][ T5290] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.171335][ T7759] hsr_slave_0: entered promiscuous mode
[  318.199846][ T5290] usb 4-1: config 0 descriptor??
[  318.201805][ T7759] hsr_slave_1: entered promiscuous mode
[  318.256744][ T7759] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  318.284824][ T7759] Cannot create hsr debugfs directory
[  318.558536][ T5301] corsair-psu 0003:1B1C:1C0D.001B: hidraw0: USB HID v0.00 Device [HID 1b1c:1c0d] on usb-dummy_hcd.2-1/input0
[  318.617207][ T4621] Bluetooth: hci4: command 0x0c1a tx timeout
[  318.637435][ T5301] corsair-psu 0003:1B1C:1C0D.001B: unable to initialize device (-38)
[  318.639571][ T5287] usbhid 5-1:0.0: can't add hid device: -71
[  318.666832][ T5301] corsair-psu 0003:1B1C:1C0D.001B: probe with driver corsair-psu failed with error -38
[  318.688170][ T5287] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  318.703121][ T4621] Bluetooth: hci1: command 0x041b tx timeout
[  318.719235][ T5287] usb 5-1: USB disconnect, device number 26
[  318.796861][ T5290] usb 3-1: USB disconnect, device number 32
[  318.834869][ T5233] usb 4-1: USB disconnect, device number 44
[  319.016999][ T5299] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  319.177272][ T5299] usb 2-1: Using ep0 maxpacket: 16
[  319.196760][ T5299] usb 2-1: config 253 has an invalid interface number: 157 but max is 3
[  319.206967][ T5299] usb 2-1: config 253 contains an unexpected descriptor of type 0x2, skipping
[  319.216166][ T7759] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  319.223493][ T5299] usb 2-1: config 253 has an invalid interface number: 213 but max is 3
[  319.234775][ T7759] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  319.241696][ T5299] usb 2-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  319.252617][ T5299] usb 2-1: config 253 has 2 interfaces, different from the descriptor's value: 4
[  319.257350][ T7759] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  319.271643][ T5299] usb 2-1: config 253 has no interface number 0
[  319.272662][ T7759] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  319.286207][ T5299] usb 2-1: config 253 has no interface number 1
[  319.293165][ T5299] usb 2-1: config 253 interface 157 altsetting 4 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  319.305595][ T5299] usb 2-1: config 253 interface 157 altsetting 4 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  319.317969][ T5299] usb 2-1: config 253 interface 157 altsetting 4 has a duplicate endpoint with address 0xD, skipping
[  319.341595][ T5299] usb 2-1: config 253 interface 213 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 14
[  319.376254][ T5299] usb 2-1: config 253 interface 157 has no altsetting 0
[  319.440379][ T5299] usb 2-1: config 253 interface 213 has no altsetting 0
[  319.486724][ T5299] usb 2-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice= 4.57
[  319.506208][ T5299] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  319.532987][ T5299] usb 2-1: Product: syz
[  319.551671][ T5299] usb 2-1: Manufacturer: syz
[  319.572650][ T5299] usb 2-1: SerialNumber: syz
[  319.623805][ T7759] 8021q: adding VLAN 0 to HW filter on device bond0
[  319.674791][ T7759] 8021q: adding VLAN 0 to HW filter on device team0
[  319.719545][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  319.726749][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  319.817086][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  319.824357][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  319.840404][    T8] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  319.878136][ T7861] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  319.940044][ T7861] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  319.988491][ T7759] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  320.007919][    T8] usb 3-1: Using ep0 maxpacket: 8
[  320.023837][    T8] usb 3-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  320.038266][ T5299] r8712u: register rtl8712_netdev_ops to netdev_ops
[  320.054554][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.067615][ T5299] usb 2-1: r8712u: USB_SPEED_HIGH with 4 endpoints
[  320.091769][    T8] usb 3-1: Product: syz
[  320.103237][ T5299] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed
[  320.120631][    T8] usb 3-1: Manufacturer: syz
[  320.125414][    T8] usb 3-1: SerialNumber: syz
[  320.149745][ T5299] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  320.169814][ T7759] 8021q: adding VLAN 0 to HW filter on device batadv0
[  320.174374][ T5299] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  320.200569][    T8] usb 3-1: config 0 descriptor??
[  320.225067][    T8] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  320.243711][ T5299] usb 2-1: Found UVC 0.00 device syz (0b05:1791)
[  320.250733][ T5299] usb 2-1: No valid video chain found.
[  320.257144][ T5299] r8712u: register rtl8712_netdev_ops to netdev_ops
[  320.263823][ T5299] usb 2-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[  320.272324][ T5299] usb 2-1: r8712u: Boot from EFUSE: Autoload Failed
[  320.279188][ T5299] usb 2-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  320.291656][ T5299] usb 2-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  320.312948][ T5299] usb 2-1: USB disconnect, device number 34
[  320.514646][ T7759] veth0_vlan: entered promiscuous mode
[  320.591286][ T7759] veth1_vlan: entered promiscuous mode
[  320.741772][ T7759] veth0_macvtap: entered promiscuous mode
[  320.776989][ T4621] Bluetooth: hci1: command 0x041b tx timeout
[  320.787454][ T7759] veth1_macvtap: entered promiscuous mode
[  320.972754][ T7759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  321.000196][ T7759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.017692][ T7759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  321.031107][ T7759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.044312][ T7759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  321.055418][ T7759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.109033][ T7759] batman_adv: batadv0: Interface activated: batadv_slave_0
[  321.143617][ T7759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.192517][ T7759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.232213][ T7759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.256619][ T7759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.276498][ T7759] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  321.296618][ T7759] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  321.343913][ T7759] batman_adv: batadv0: Interface activated: batadv_slave_1
[  321.419371][    T8] gspca_sonixj: reg_w1 err -71
[  321.426200][ T7877] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  321.478897][ T7759] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  321.496925][    T8] sonixj 3-1:0.0: probe with driver sonixj failed with error -71
[  321.514543][    T8] usb 3-1: USB disconnect, device number 33
[  321.586758][ T7759] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  321.623027][ T7759] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  321.658207][ T7759] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  321.879269][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  321.907102][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  322.035918][ T2566] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  322.088953][ T2566] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  322.148234][ T5301] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  322.358328][ T7923] FAULT_INJECTION: forcing a failure.
[  322.358328][ T7923] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  322.376661][ T5301] usb 2-1: Using ep0 maxpacket: 8
[  322.417903][ T7923] CPU: 1 UID: 0 PID: 7923 Comm: syz.2.565 Not tainted 6.12.0-rc2-syzkaller-00320-gba01565ced22 #0
[  322.428583][ T7923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  322.438711][ T7923] Call Trace:
[  322.442045][ T7923]  <TASK>
[  322.445020][ T7923]  dump_stack_lvl+0x241/0x360
[  322.449735][ T7923]  ? __pfx_dump_stack_lvl+0x10/0x10
[  322.454975][ T7923]  ? __pfx__printk+0x10/0x10
[  322.459715][ T7923]  ? __pfx_lock_release+0x10/0x10
[  322.464796][ T7923]  should_fail_ex+0x3b0/0x4e0
[  322.469533][ T7923]  _copy_from_iter+0x1ed/0x1d60
[  322.474433][ T7923]  ? __virt_addr_valid+0x183/0x530
[  322.479587][ T7923]  ? __pfx_lock_release+0x10/0x10
[  322.484656][ T7923]  ? __alloc_skb+0x28f/0x440
[  322.489315][ T7923]  ? __pfx__copy_from_iter+0x10/0x10
[  322.494654][ T7923]  ? __virt_addr_valid+0x183/0x530
[  322.499799][ T7923]  ? __virt_addr_valid+0x183/0x530
[  322.505114][ T7923]  ? __virt_addr_valid+0x45f/0x530
[  322.510258][ T7923]  ? __check_object_size+0x48e/0x900
[  322.515609][ T7923]  netlink_sendmsg+0x73d/0xcb0
[  322.520564][ T7923]  ? __pfx_netlink_sendmsg+0x10/0x10
[  322.525916][ T7923]  ? __pfx_lock_release+0x10/0x10
[  322.531049][ T7923]  ? aa_sock_msg_perm+0x91/0x160
[  322.536040][ T7923]  ? __pfx_netlink_sendmsg+0x10/0x10
[  322.541656][ T7923]  __sock_sendmsg+0x221/0x270
[  322.546378][ T7923]  ____sys_sendmsg+0x52a/0x7e0
[  322.551198][ T7923]  ? __pfx_____sys_sendmsg+0x10/0x10
[  322.556545][ T7923]  __sys_sendmsg+0x292/0x380
[  322.561183][ T7923]  ? __pfx___sys_sendmsg+0x10/0x10
[  322.566354][ T7923]  ? __pfx_vfs_write+0x10/0x10
[  322.571294][ T7923]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  322.577966][ T7923]  ? lockdep_hardirqs_on+0x99/0x150
[  322.583246][ T7923]  __do_fast_syscall_32+0xb4/0x110
[  322.588413][ T7923]  ? exc_page_fault+0x590/0x8c0
[  322.593357][ T7923]  do_fast_syscall_32+0x34/0x80
[  322.598288][ T7923]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  322.604677][ T7923] RIP: 0023:0xf747d579
[  322.608792][ T7923] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  322.628559][ T7923] RSP: 002b:00000000f576656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  322.637035][ T7923] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200000c0
[  322.645062][ T7923] RDX: 0000000004000040 RSI: 0000000000000000 RDI: 0000000000000000
[  322.653089][ T7923] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  322.661118][ T7923] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  322.669140][ T7923] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  322.677190][ T7923]  </TASK>
[  322.757278][ T5301] usb 2-1: config 254 has an invalid interface number: 167 but max is 0
[  322.795332][ T5301] usb 2-1: config 254 has no interface number 0
[  322.920688][ T4621] Bluetooth: hci1: command 0x041b tx timeout
[  323.071766][ T5301] usb 2-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  323.086094][ T5301] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  323.128400][ T7935] netlink: 28 bytes leftover after parsing attributes in process `syz.4.566'.
[  323.137682][ T7935] netlink: 'syz.4.566': attribute type 7 has an invalid length.
[  323.145445][ T7935] netlink: 'syz.4.566': attribute type 8 has an invalid length.
[  323.154054][ T7935] netlink: 4 bytes leftover after parsing attributes in process `syz.4.566'.
[  323.175588][ T7935] syz_tun: entered promiscuous mode
[  323.206677][ T7935] batadv_slave_1: entered promiscuous mode
[  323.216138][ T7935] gretap0: entered promiscuous mode
[  323.223274][ T5301] usb 2-1: Product: syz
[  323.274939][ T7938] netlink: 4 bytes leftover after parsing attributes in process `syz.2.567'.
[  323.287868][ T5301] usb 2-1: Manufacturer: syz
[  323.324350][ T5301] usb 2-1: SerialNumber: syz
[  323.574966][ T5301] mxuport 2-1:254.167: mxuport_send_ctrl_data_urb - usb_control_msg failed (-32)
[  323.622421][ T5301] mxuport 2-1:254.167: probe with driver mxuport failed with error -32
[  323.707387][    T8] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  323.861989][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  323.875380][ T5301] usb 2-1: USB disconnect, device number 35
[  323.940717][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  324.017818][    T8] usb 3-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  324.114968][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  324.156212][    T8] usb 3-1: config 0 descriptor??
[  324.602857][ T6989] syz_tun (unregistering): left promiscuous mode
[  324.825488][    T8] usbhid 3-1:0.0: can't add hid device: -71
[  324.848743][    T8] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  324.917961][    T8] usb 3-1: USB disconnect, device number 34
[  324.936760][ T4621] Bluetooth: hci1: command 0x041b tx timeout
[  325.131248][ T2566] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.691191][ T2566] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  325.775029][ T7975] netlink: 'syz.2.574': attribute type 10 has an invalid length.
[  325.806863][ T7975] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  325.831415][   T54] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  325.843973][   T54] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  325.855108][   T54] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  325.865908][   T54] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  325.880164][   T54] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  325.923391][ T7975] batman_adv: batadv0: Removing interface: batadv_slave_0
[  325.936413][   T54] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  326.023269][ T4621] Bluetooth: hci3: ACL packet for unknown connection handle 201
[  326.055542][ T7975] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  326.161115][ T2566] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.329343][ T2566] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  326.905462][ T2566] bridge_slave_1: left allmulticast mode
[  326.943217][ T2566] bridge_slave_1: left promiscuous mode
[  326.976975][ T2566] bridge0: port 2(bridge_slave_1) entered disabled state
[  327.071719][ T2566] bridge_slave_0: left allmulticast mode
[  327.078218][ T2566] bridge_slave_0: left promiscuous mode
[  327.112183][ T2566] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.614703][ T2566] gretap0 (unregistering): left promiscuous mode
[  327.635420][ T8000] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  327.669829][ T8000] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  327.846853][ T5285] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  327.976814][ T4621] Bluetooth: hci4: command tx timeout
[  328.016957][ T5285] usb 2-1: device descriptor read/64, error -71
[  328.199419][ T2566] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  328.208640][ T5233] usb 4-1: new high-speed USB device number 45 using dummy_hcd
[  328.253760][ T2566] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  328.289895][ T5285] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  328.293638][ T2566] bond0 (unregistering): Released all slaves
[  328.366741][ T5233] usb 4-1: Using ep0 maxpacket: 16
[  328.375223][ T7981] chnl_net:caif_netlink_parms(): no params data found
[  328.410724][ T5233] usb 4-1: config 253 has an invalid interface number: 157 but max is 3
[  328.453358][ T5233] usb 4-1: config 253 contains an unexpected descriptor of type 0x2, skipping
[  328.485509][ T5233] usb 4-1: config 253 has an invalid interface number: 213 but max is 3
[  328.496938][ T5285] usb 2-1: device descriptor read/64, error -71
[  328.512842][ T5233] usb 4-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  328.542195][ T5233] usb 4-1: config 253 has 2 interfaces, different from the descriptor's value: 4
[  328.555754][ T5233] usb 4-1: config 253 has no interface number 0
[  328.570092][ T5233] usb 4-1: config 253 has no interface number 1
[  328.583943][ T5233] usb 4-1: config 253 interface 157 altsetting 4 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  328.599890][ T5233] usb 4-1: config 253 interface 157 altsetting 4 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  328.623780][ T5285] usb usb2-port1: attempt power cycle
[  328.638235][ T5233] usb 4-1: config 253 interface 157 altsetting 4 has a duplicate endpoint with address 0xD, skipping
[  328.713682][ T5233] usb 4-1: config 253 interface 213 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 14
[  328.755691][ T5233] usb 4-1: config 253 interface 157 has no altsetting 0
[  328.765309][ T5233] usb 4-1: config 253 interface 213 has no altsetting 0
[  328.785322][ T5233] usb 4-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice= 4.57
[  328.816407][ T5233] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  328.867549][ T5233] usb 4-1: Product: syz
[  328.890807][ T5233] usb 4-1: Manufacturer: syz
[  328.916907][ T5233] usb 4-1: SerialNumber: syz
[  329.006800][ T5285] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  329.007706][ T7981] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.051000][ T7981] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.059363][ T5285] usb 2-1: device descriptor read/8, error -71
[  329.063094][ T7981] bridge_slave_0: entered allmulticast mode
[  329.082131][ T7981] bridge_slave_0: entered promiscuous mode
[  329.331633][ T7981] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.347113][ T5285] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  329.386871][ T7981] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.399849][ T5285] usb 2-1: device descriptor read/8, error -71
[  329.418320][ T8015] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  329.425256][ T7981] bridge_slave_1: entered allmulticast mode
[  329.467909][ T8015] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  329.475846][ T7981] bridge_slave_1: entered promiscuous mode
[  329.518262][ T5285] usb usb2-port1: unable to enumerate USB device
[  329.621837][ T5233] r8712u: register rtl8712_netdev_ops to netdev_ops
[  329.661176][ T5233] usb 4-1: r8712u: USB_SPEED_HIGH with 4 endpoints
[  329.704194][ T2566] batadv_slave_1: left promiscuous mode
[  329.730615][ T5233] usb 4-1: r8712u: Boot from EFUSE: Autoload Failed
[  329.769979][ T5233] usb 4-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  329.777662][ T2566] hsr_slave_0: left promiscuous mode
[  329.793612][ T2566] hsr_slave_1: left promiscuous mode
[  329.799216][ T5233] usb 4-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  329.809270][ T2566] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  329.835299][ T2566] batman_adv: batadv0: Removing interface: batadv_slave_0
[  329.850962][ T5233] usb 4-1: Found UVC 0.00 device syz (0b05:1791)
[  329.858361][ T5233] usb 4-1: No valid video chain found.
[  329.865399][ T5233] r8712u: register rtl8712_netdev_ops to netdev_ops
[  329.873603][ T2566] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  329.882679][ T5233] usb 4-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[  329.889754][ T2566] batman_adv: batadv0: Removing interface: batadv_slave_1
[  329.900659][ T5233] usb 4-1: r8712u: Boot from EFUSE: Autoload Failed
[  329.919235][ T5233] usb 4-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  329.941508][ T2566] veth1_macvtap: left promiscuous mode
[  329.949776][ T5233] usb 4-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  329.959227][ T2566] veth0_macvtap: left promiscuous mode
[  329.974092][ T5233] usb 4-1: USB disconnect, device number 45
[  329.980552][ T2566] veth1_vlan: left promiscuous mode
[  329.995934][ T2566] veth0_vlan: left promiscuous mode
[  330.057160][ T4621] Bluetooth: hci4: command tx timeout
[  330.197525][ T7977] syz.2.574 (7977): drop_caches: 1
[  330.369937][ T8029] FAULT_INJECTION: forcing a failure.
[  330.369937][ T8029] name failslab, interval 1, probability 0, space 0, times 0
[  330.405169][ T8029] CPU: 0 UID: 0 PID: 8029 Comm: syz.3.580 Not tainted 6.12.0-rc2-syzkaller-00320-gba01565ced22 #0
[  330.415962][ T8029] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  330.426160][ T8029] Call Trace:
[  330.429463][ T8029]  <TASK>
[  330.432416][ T8029]  dump_stack_lvl+0x241/0x360
[  330.437123][ T8029]  ? __pfx_dump_stack_lvl+0x10/0x10
[  330.442432][ T8029]  ? __pfx__printk+0x10/0x10
[  330.447053][ T8029]  ? ref_tracker_alloc+0x332/0x490
[  330.452189][ T8029]  should_fail_ex+0x3b0/0x4e0
[  330.456903][ T8029]  ? skb_clone+0x20c/0x390
[  330.461343][ T8029]  should_failslab+0xac/0x100
[  330.466070][ T8029]  ? skb_clone+0x20c/0x390
[  330.470528][ T8029]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  330.475956][ T8029]  skb_clone+0x20c/0x390
[  330.480221][ T8029]  __netlink_deliver_tap+0x3cc/0x7c0
[  330.485530][ T8029]  ? netlink_deliver_tap+0x2e/0x1b0
[  330.490760][ T8029]  netlink_deliver_tap+0x19d/0x1b0
[  330.495914][ T8029]  netlink_unicast+0x7c4/0x990
[  330.500732][ T8029]  ? __pfx_netlink_unicast+0x10/0x10
[  330.506038][ T8029]  ? __virt_addr_valid+0x183/0x530
[  330.511168][ T8029]  ? __check_object_size+0x48e/0x900
[  330.516507][ T8029]  netlink_sendmsg+0x8e4/0xcb0
[  330.521343][ T8029]  ? __pfx_netlink_sendmsg+0x10/0x10
[  330.526652][ T8029]  ? __pfx_lock_release+0x10/0x10
[  330.531699][ T8029]  ? aa_sock_msg_perm+0x91/0x160
[  330.536658][ T8029]  ? __pfx_netlink_sendmsg+0x10/0x10
[  330.541963][ T8029]  __sock_sendmsg+0x221/0x270
[  330.546670][ T8029]  ____sys_sendmsg+0x52a/0x7e0
[  330.551459][ T8029]  ? __pfx_____sys_sendmsg+0x10/0x10
[  330.556812][ T8029]  __sys_sendmsg+0x292/0x380
[  330.561515][ T8029]  ? __pfx___sys_sendmsg+0x10/0x10
[  330.566658][ T8029]  ? __pfx_vfs_write+0x10/0x10
[  330.571509][ T8029]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  330.578132][ T8029]  ? lockdep_hardirqs_on+0x99/0x150
[  330.583359][ T8029]  __do_fast_syscall_32+0xb4/0x110
[  330.588583][ T8029]  ? exc_page_fault+0x590/0x8c0
[  330.593464][ T8029]  do_fast_syscall_32+0x34/0x80
[  330.598332][ T8029]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  330.604684][ T8029] RIP: 0023:0xf7fb6579
[  330.608797][ T8029] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  330.628595][ T8029] RSP: 002b:00000000f573656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  330.637036][ T8029] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  330.645038][ T8029] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  330.653134][ T8029] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  330.661124][ T8029] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  330.669144][ T8029] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  330.677144][ T8029]  </TASK>
[  330.684858][ T8029] netlink: 'syz.3.580': attribute type 11 has an invalid length.
[  330.905641][   T25] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  330.973751][   T29] audit: type=1326 audit(1728867399.976:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8037 comm="syz.1.584" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  331.000929][   T29] audit: type=1326 audit(1728867399.976:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8037 comm="syz.1.584" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  331.051715][   T29] audit: type=1326 audit(1728867399.976:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8037 comm="syz.1.584" exe="/root/syz-executor" sig=0 arch=40000003 syscall=245 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  331.112787][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  331.125706][   T25] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  331.140894][   T29] audit: type=1326 audit(1728867399.986:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8037 comm="syz.1.584" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  331.184054][   T25] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  331.192092][   T29] audit: type=1326 audit(1728867399.986:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8037 comm="syz.1.584" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  331.225421][   T29] audit: type=1326 audit(1728867399.986:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8037 comm="syz.1.584" exe="/root/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  331.253816][   T29] audit: type=1326 audit(1728867399.986:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8037 comm="syz.1.584" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  331.276447][   T25] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1c0d, bcdDevice= 0.00
[  331.284151][   T29] audit: type=1326 audit(1728867399.986:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8037 comm="syz.1.584" exe="/root/syz-executor" sig=0 arch=40000003 syscall=248 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  331.315519][   T29] audit: type=1326 audit(1728867399.986:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8037 comm="syz.1.584" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  331.343064][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.390159][   T29] audit: type=1326 audit(1728867399.986:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8037 comm="syz.1.584" exe="/root/syz-executor" sig=0 arch=40000003 syscall=366 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  331.444668][   T25] usb 3-1: config 0 descriptor??
[  331.889824][   T25] corsair-psu 0003:1B1C:1C0D.001D: hidraw0: USB HID v0.00 Device [HID 1b1c:1c0d] on usb-dummy_hcd.2-1/input0
[  332.016948][   T25] corsair-psu 0003:1B1C:1C0D.001D: unable to initialize device (-38)
[  332.065972][   T25] corsair-psu 0003:1B1C:1C0D.001D: probe with driver corsair-psu failed with error -38
[  332.138346][ T4621] Bluetooth: hci4: command tx timeout
[  332.172986][ T2566] team0 (unregistering): Port device team_slave_1 removed
[  332.233578][ T2566] team0 (unregistering): Port device team_slave_0 removed
[  333.334659][ T7981] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  333.374841][ T5287] usb 3-1: USB disconnect, device number 35
[  333.445122][ T7981] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  333.585219][ T7981] team0: Port device team_slave_0 added
[  333.603096][ T7981] team0: Port device team_slave_1 added
[  333.711255][ T7981] batman_adv: batadv0: Adding interface: batadv_slave_0
[  333.721915][ T7981] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  333.748556][ T7981] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  333.761386][ T7981] batman_adv: batadv0: Adding interface: batadv_slave_1
[  333.768700][ T7981] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  333.795140][ T7981] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  333.909845][ T7981] hsr_slave_0: entered promiscuous mode
[  333.929345][ T7981] hsr_slave_1: entered promiscuous mode
[  333.948981][ T7981] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  333.977390][ T7981] Cannot create hsr debugfs directory
[  334.217157][ T4621] Bluetooth: hci4: command tx timeout
[  334.256211][ T8075] program syz.2.594 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  334.291634][ T4621] Bluetooth: hci3: unexpected event for opcode 0x0804
[  334.786769][ T5233] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  334.939091][ T7981] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  334.966703][ T5233] usb 3-1: Using ep0 maxpacket: 8
[  334.986983][ T5233] usb 3-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  335.015377][ T7981] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  335.028927][ T5233] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  335.058161][ T7981] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  335.066050][ T5233] usb 3-1: Product: syz
[  335.076482][ T7981] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  335.100398][ T5233] usb 3-1: Manufacturer: syz
[  335.115310][ T5233] usb 3-1: SerialNumber: syz
[  335.152306][ T5233] usb 3-1: config 0 descriptor??
[  335.175163][ T5233] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  335.383026][ T7981] 8021q: adding VLAN 0 to HW filter on device bond0
[  335.460697][ T7981] 8021q: adding VLAN 0 to HW filter on device team0
[  335.591309][  T994] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.598608][  T994] bridge0: port 1(bridge_slave_0) entered forwarding state
[  335.638343][  T994] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.645571][  T994] bridge0: port 2(bridge_slave_1) entered forwarding state
[  335.972957][ T7981] 8021q: adding VLAN 0 to HW filter on device batadv0
[  336.220279][ T7981] veth0_vlan: entered promiscuous mode
[  336.294025][ T7981] veth1_vlan: entered promiscuous mode
[  336.417223][ T5233] gspca_sonixj: reg_w1 err -71
[  336.424446][ T8088] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  336.473635][ T7981] veth0_macvtap: entered promiscuous mode
[  336.519286][ T7981] veth1_macvtap: entered promiscuous mode
[  336.593713][ T5233] sonixj 3-1:0.0: probe with driver sonixj failed with error -71
[  336.652108][ T5233] usb 3-1: USB disconnect, device number 36
[  336.675918][ T7981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  336.714684][ T7981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.753260][ T7981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  336.773078][ T7981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.808717][ T7981] batman_adv: batadv0: Interface activated: batadv_slave_0
[  336.819946][ T7981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  336.830814][ T7981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.840795][ T7981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  336.852937][ T7981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.862954][ T7981] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  336.873508][ T7981] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  336.884915][ T7981] batman_adv: batadv0: Interface activated: batadv_slave_1
[  336.895400][ T7981] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  336.904360][ T7981] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  336.916731][ T7981] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  336.925503][ T7981] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  337.210444][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  337.226394][ T8139] FAULT_INJECTION: forcing a failure.
[  337.226394][ T8139] name failslab, interval 1, probability 0, space 0, times 0
[  337.245210][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  337.257559][ T8139] CPU: 0 UID: 0 PID: 8139 Comm: syz.1.607 Not tainted 6.12.0-rc2-syzkaller-00320-gba01565ced22 #0
[  337.268332][ T8139] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  337.278640][ T8139] Call Trace:
[  337.281954][ T8139]  <TASK>
[  337.284910][ T8139]  dump_stack_lvl+0x241/0x360
[  337.289631][ T8139]  ? __pfx_dump_stack_lvl+0x10/0x10
[  337.294954][ T8139]  ? __pfx__printk+0x10/0x10
[  337.299585][ T8139]  ? __kmalloc_node_noprof+0xb7/0x440
[  337.305004][ T8139]  ? __pfx___might_resched+0x10/0x10
[  337.310326][ T8139]  should_fail_ex+0x3b0/0x4e0
[  337.315046][ T8139]  should_failslab+0xac/0x100
[  337.320204][ T8139]  __kmalloc_node_noprof+0xdf/0x440
[  337.325451][ T8139]  ? __kvmalloc_node_noprof+0x72/0x190
[  337.330968][ T8139]  ? __pfx_ip6_tnl_dev_setup+0x10/0x10
[  337.336482][ T8139]  __kvmalloc_node_noprof+0x72/0x190
[  337.341811][ T8139]  alloc_netdev_mqs+0x9b/0x1000
[  337.346695][ T8139]  ? __pfx_ip6_tnl_dev_setup+0x10/0x10
[  337.352194][ T8139]  ip6_tnl_locate+0x607/0x820
[  337.357046][ T8139]  ? __pfx_ip6_tnl_locate+0x10/0x10
[  337.362299][ T8139]  ? __might_fault+0xc6/0x120
[  337.367029][ T8139]  ? ip6_tnl_siocdevprivate+0x9c3/0x1700
[  337.372714][ T8139]  ip6_tnl_siocdevprivate+0x9e9/0x1700
[  337.378244][ T8139]  ? __pfx_ip6_tnl_siocdevprivate+0x10/0x10
[  337.384189][ T8139]  ? full_name_hash+0x93/0xe0
[  337.389019][ T8139]  dev_ifsioc+0xaec/0xe70
[  337.393400][ T8139]  ? __pfx_dev_ifsioc+0x10/0x10
[  337.398291][ T8139]  ? dev_load+0x21/0x1f0
[  337.402570][ T8139]  dev_ioctl+0x881/0x1340
[  337.406931][ T8139]  sock_ioctl+0x7ef/0x8e0
[  337.411305][ T8139]  ? __pfx_sock_ioctl+0x10/0x10
[  337.416200][ T8139]  compat_sock_ioctl+0x291/0xf20
[  337.421181][ T8139]  ? __pfx_compat_sock_ioctl+0x10/0x10
[  337.426741][ T8139]  ? __fget_files+0x29/0x470
[  337.431358][ T8139]  ? __fget_files+0x3f3/0x470
[  337.436072][ T8139]  __se_compat_sys_ioctl+0x510/0xc90
[  337.441418][ T8139]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  337.447260][ T8139]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  337.453281][ T8139]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  337.459692][ T8139]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  337.466352][ T8139]  ? lockdep_hardirqs_on+0x99/0x150
[  337.471584][ T8139]  __do_fast_syscall_32+0xb4/0x110
[  337.476726][ T8139]  ? exc_page_fault+0x590/0x8c0
[  337.481610][ T8139]  do_fast_syscall_32+0x34/0x80
[  337.486523][ T8139]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  337.492896][ T8139] RIP: 0023:0xf7fdf579
[  337.496987][ T8139] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  337.516658][ T8139] RSP: 002b:00000000f576656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  337.525116][ T8139] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000000089f1
[  337.533127][ T8139] RDX: 0000000020000900 RSI: 0000000000000000 RDI: 0000000000000000
[  337.541123][ T8139] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  337.549133][ T8139] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  337.557126][ T8139] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  337.565133][ T8139]  </TASK>
[  337.620498][ T8144] netlink: 4 bytes leftover after parsing attributes in process `syz.2.609'.
[  337.668277][ T8144] netlink: 4 bytes leftover after parsing attributes in process `syz.2.609'.
[  337.691963][ T8137] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  337.722561][ T8144] netlink: 104 bytes leftover after parsing attributes in process `syz.2.609'.
[  337.732836][ T8144] netlink: 104 bytes leftover after parsing attributes in process `syz.2.609'.
[  337.749706][ T5363] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  337.766706][ T5363] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  337.937674][   T29] kauditd_printk_skb: 5 callbacks suppressed
[  337.937706][   T29] audit: type=1326 audit(1728867406.946:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8153 comm="syz.1.614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  338.020009][   T29] audit: type=1326 audit(1728867406.946:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8153 comm="syz.1.614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  338.043345][   T29] audit: type=1326 audit(1728867407.036:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8153 comm="syz.1.614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  338.065741][   T29] audit: type=1326 audit(1728867407.036:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8153 comm="syz.1.614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  338.067249][ T8157] usb usb1: usbfs: process 8157 (syz.2.613) did not claim interface 0 before use
[  338.089463][   T29] audit: type=1326 audit(1728867407.036:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8153 comm="syz.1.614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  338.121103][   T29] audit: type=1326 audit(1728867407.036:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8153 comm="syz.1.614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  338.143719][   T29] audit: type=1326 audit(1728867407.036:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8153 comm="syz.1.614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  338.165815][   T29] audit: type=1326 audit(1728867407.036:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8153 comm="syz.1.614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  338.188006][   T29] audit: type=1326 audit(1728867407.036:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8153 comm="syz.1.614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  338.210035][   T29] audit: type=1326 audit(1728867407.036:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8153 comm="syz.1.614" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fdf579 code=0x7ffc0000
[  338.466713][ T5287] usb 2-1: new high-speed USB device number 40 using dummy_hcd
[  338.656648][ T5287] usb 2-1: Using ep0 maxpacket: 32
[  338.744369][ T5287] usb 2-1: config 0 has an invalid descriptor of length 38, skipping remainder of the config
[  338.877146][ T5287] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  338.886271][ T5287] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  338.945939][ T5287] usb 2-1: Product: syz
[  338.958923][ T5287] usb 2-1: Manufacturer: syz
[  338.963616][ T5287] usb 2-1: SerialNumber: syz
[  338.998950][ T5287] usb 2-1: config 0 descriptor??
[  339.027241][ T5287] usb 2-1: bad CDC descriptors
[  339.032610][ T5287] usb 2-1: unsupported MDLM descriptors
[  339.335520][    T8] usb 2-1: USB disconnect, device number 40
[  339.625525][ T8193] FAULT_INJECTION: forcing a failure.
[  339.625525][ T8193] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  339.654955][ T8195] FAULT_INJECTION: forcing a failure.
[  339.654955][ T8195] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  339.679173][ T8193] CPU: 0 UID: 0 PID: 8193 Comm: syz.4.621 Not tainted 6.12.0-rc2-syzkaller-00320-gba01565ced22 #0
[  339.689931][ T8193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  339.700007][ T8193] Call Trace:
[  339.703301][ T8193]  <TASK>
[  339.706247][ T8193]  dump_stack_lvl+0x241/0x360
[  339.710952][ T8193]  ? __pfx_dump_stack_lvl+0x10/0x10
[  339.716168][ T8193]  ? __pfx__printk+0x10/0x10
[  339.720801][ T8193]  ? snprintf+0xda/0x120
[  339.725076][ T8193]  should_fail_ex+0x3b0/0x4e0
[  339.729795][ T8193]  _copy_to_user+0x2f/0xb0
[  339.734247][ T8193]  simple_read_from_buffer+0xca/0x150
[  339.739646][ T8193]  proc_fail_nth_read+0x1e9/0x250
[  339.744690][ T8193]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  339.750253][ T8193]  ? rw_verify_area+0x55e/0x6f0
[  339.755120][ T8193]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  339.760681][ T8193]  vfs_read+0x201/0xbc0
[  339.764847][ T8193]  ? __pfx_lock_release+0x10/0x10
[  339.769899][ T8193]  ? __pfx_tun_chr_write_iter+0x10/0x10
[  339.775480][ T8193]  ? __pfx_vfs_read+0x10/0x10
[  339.780189][ T8193]  ? __fget_files+0x3f3/0x470
[  339.784901][ T8193]  ? fdget_pos+0x24e/0x320
[  339.789329][ T8193]  ksys_read+0x183/0x2b0
[  339.793578][ T8193]  ? __pfx_ksys_read+0x10/0x10
[  339.798348][ T8193]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  339.804979][ T8193]  ? lockdep_hardirqs_on+0x99/0x150
[  339.810194][ T8193]  __do_fast_syscall_32+0xb4/0x110
[  339.815312][ T8193]  ? exc_page_fault+0x590/0x8c0
[  339.820189][ T8193]  do_fast_syscall_32+0x34/0x80
[  339.825052][ T8193]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  339.831418][ T8193] RIP: 0023:0xf7fb7579
[  339.835521][ T8193] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  339.855153][ T8193] RSP: 002b:00000000f57365a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  339.863607][ T8193] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5736620
[  339.871608][ T8193] RDX: 000000000000000f RSI: 00000000f743bff4 RDI: 0000000000000000
[  339.879606][ T8193] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  339.887594][ T8193] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  339.895575][ T8193] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  339.903675][ T8193]  </TASK>
[  339.908233][ T8195] CPU: 0 UID: 0 PID: 8195 Comm: syz.3.620 Not tainted 6.12.0-rc2-syzkaller-00320-gba01565ced22 #0
[  339.918855][ T8195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  339.928938][ T8195] Call Trace:
[  339.932234][ T8195]  <TASK>
[  339.935175][ T8195]  dump_stack_lvl+0x241/0x360
[  339.939884][ T8195]  ? __pfx_dump_stack_lvl+0x10/0x10
[  339.945116][ T8195]  ? __pfx__printk+0x10/0x10
[  339.949777][ T8195]  ? snprintf+0xda/0x120
[  339.954044][ T8195]  should_fail_ex+0x3b0/0x4e0
[  339.958760][ T8195]  _copy_to_user+0x2f/0xb0
[  339.963331][ T8195]  simple_read_from_buffer+0xca/0x150
[  339.968743][ T8195]  proc_fail_nth_read+0x1e9/0x250
[  339.973803][ T8195]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  339.979383][ T8195]  ? rw_verify_area+0x55e/0x6f0
[  339.984253][ T8195]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  339.989821][ T8195]  vfs_read+0x201/0xbc0
[  339.993995][ T8195]  ? __pfx_lock_release+0x10/0x10
[  339.999041][ T8195]  ? __pfx_vfs_read+0x10/0x10
[  340.003783][ T8195]  ? __fget_files+0x3f3/0x470
[  340.008529][ T8195]  ? fdget_pos+0x24e/0x320
[  340.012967][ T8195]  ksys_read+0x183/0x2b0
[  340.017228][ T8195]  ? __pfx_ksys_read+0x10/0x10
[  340.022000][ T8195]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  340.028625][ T8195]  ? lockdep_hardirqs_on+0x99/0x150
[  340.033870][ T8195]  __do_fast_syscall_32+0xb4/0x110
[  340.038992][ T8195]  ? exc_page_fault+0x590/0x8c0
[  340.043860][ T8195]  do_fast_syscall_32+0x34/0x80
[  340.048890][ T8195]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  340.055281][ T8195] RIP: 0023:0xf7fb6579
[  340.059371][ T8195] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  340.079211][ T8195] RSP: 002b:00000000f57365a0 EFLAGS: 00000206 ORIG_RAX: 0000000000000003
[  340.087660][ T8195] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000f5736620
[  340.095646][ T8195] RDX: 000000000000000f RSI: 00000000f743bff4 RDI: 0000000000000000
[  340.103622][ T8195] RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000000
[  340.111612][ T8195] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  340.119594][ T8195] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  340.127608][ T8195]  </TASK>
[  340.576921][    T8] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  340.758839][    T8] usb 5-1: config 0 has an invalid interface number: 253 but max is 0
[  340.767519][    T8] usb 5-1: config 0 has no interface number 0
[  340.993283][    T8] usb 5-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  341.003065][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.013464][    T8] usb 5-1: Product: syz
[  341.021333][    T8] usb 5-1: Manufacturer: syz
[  341.034463][    T8] usb 5-1: SerialNumber: syz
[  341.042163][    T8] usb 5-1: config 0 descriptor??
[  341.256112][    T8] cx82310_eth 5-1:0.253: probe with driver cx82310_eth failed with error -22
[  341.465790][    T8] cxacru 5-1:0.253: usbatm_usb_probe: bind failed: -19!
[  341.471727][ T8224] FAULT_INJECTION: forcing a failure.
[  341.471727][ T8224] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  341.479208][    T8] usb 5-1: USB disconnect, device number 27
[  341.493267][ T8224] CPU: 0 UID: 0 PID: 8224 Comm: syz.0.631 Not tainted 6.12.0-rc2-syzkaller-00320-gba01565ced22 #0
[  341.503928][ T8224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  341.514017][ T8224] Call Trace:
[  341.517321][ T8224]  <TASK>
[  341.520290][ T8224]  dump_stack_lvl+0x241/0x360
[  341.524987][ T8224]  ? __pfx_dump_stack_lvl+0x10/0x10
[  341.530212][ T8224]  ? __pfx__printk+0x10/0x10
[  341.534832][ T8224]  ? __pfx_lock_release+0x10/0x10
[  341.539976][ T8224]  should_fail_ex+0x3b0/0x4e0
[  341.544691][ T8224]  _copy_from_user+0x2f/0xe0
[  341.549308][ T8224]  usbdev_ioctl+0xf3b/0x6120
[  341.553926][ T8224]  ? kernel_text_address+0xa7/0xe0
[  341.559148][ T8224]  ? __pfx_usbdev_ioctl+0x10/0x10
[  341.564190][ T8224]  ? unwind_get_return_address+0x4d/0x90
[  341.569845][ T8224]  ? arch_stack_walk+0xfd/0x150
[  341.574724][ T8224]  ? stack_trace_save+0x118/0x1d0
[  341.579782][ T8224]  ? __pfx_stack_trace_save+0x10/0x10
[  341.585294][ T8224]  ? stack_depot_save_flags+0x29/0x830
[  341.590795][ T8224]  ? kasan_save_track+0x51/0x80
[  341.595659][ T8224]  ? kasan_save_track+0x3f/0x80
[  341.600527][ T8224]  ? kasan_save_free_info+0x40/0x50
[  341.605752][ T8224]  ? __kasan_slab_free+0x59/0x70
[  341.610720][ T8224]  ? kfree+0x1a0/0x440
[  341.614810][ T8224]  ? tomoyo_path_number_perm+0x68d/0x880
[  341.620484][ T8224]  ? security_file_ioctl_compat+0xc6/0x2a0
[  341.626410][ T8224]  ? __se_compat_sys_ioctl+0xd6/0xc90
[  341.631817][ T8224]  ? do_vfs_ioctl+0xf08/0x2e40
[  341.636606][ T8224]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  341.641653][ T8224]  ? mark_lock+0x9a/0x360
[  341.646012][ T8224]  ? tomoyo_path_number_perm+0x208/0x880
[  341.651671][ T8224]  ? __pfx_lock_release+0x10/0x10
[  341.656718][ T8224]  ? lockdep_hardirqs_on+0x99/0x150
[  341.661945][ T8224]  ? kfree+0x1a0/0x440
[  341.666033][ T8224]  ? tomoyo_path_number_perm+0x68d/0x880
[  341.671710][ T8224]  ? tomoyo_path_number_perm+0x71a/0x880
[  341.677373][ T8224]  ? tomoyo_path_number_perm+0x208/0x880
[  341.683037][ T8224]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  341.689056][ T8224]  ? __pfx_lock_acquire+0x10/0x10
[  341.694162][ T8224]  ? __fget_files+0x29/0x470
[  341.698776][ T8224]  ? __fget_files+0x3f3/0x470
[  341.703482][ T8224]  __se_compat_sys_ioctl+0x510/0xc90
[  341.708784][ T8224]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  341.714612][ T8224]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  341.720634][ T8224]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  341.727012][ T8224]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  341.733628][ T8224]  ? lockdep_hardirqs_on+0x99/0x150
[  341.738857][ T8224]  __do_fast_syscall_32+0xb4/0x110
[  341.743988][ T8224]  ? exc_page_fault+0x590/0x8c0
[  341.748869][ T8224]  do_fast_syscall_32+0x34/0x80
[  341.753760][ T8224]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  341.760132][ T8224] RIP: 0023:0xf7f73579
[  341.764224][ T8224] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  341.784195][ T8224] RSP: 002b:00000000f56f656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  341.792652][ T8224] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000c0185500
[  341.800640][ T8224] RDX: 00000000200001c0 RSI: 0000000000000000 RDI: 0000000000000000
[  341.808652][ T8224] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  341.816646][ T8224] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  341.825107][ T8224] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  341.833303][ T8224]  </TASK>
[  341.838197][   T25] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  341.923061][ T8227] input: syz0 as /devices/virtual/input/input16
[  341.996795][   T25] usb 4-1: Using ep0 maxpacket: 8
[  342.005838][   T25] usb 4-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  342.029779][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.046901][   T25] usb 4-1: Product: syz
[  342.059695][   T25] usb 4-1: Manufacturer: syz
[  342.084557][   T25] usb 4-1: SerialNumber: syz
[  342.107871][   T25] usb 4-1: config 0 descriptor??
[  342.116931][ T5233] usb 2-1: new high-speed USB device number 41 using dummy_hcd
[  342.142212][   T25] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  342.280787][ T5233] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  342.294586][ T5233] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  342.308908][ T5233] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  342.334874][ T5233] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1c0d, bcdDevice= 0.00
[  342.345150][ T5233] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  342.365963][ T5233] usb 2-1: config 0 descriptor??
[  342.508982][    T8] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  342.666784][    T8] usb 5-1: Using ep0 maxpacket: 16
[  342.678588][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  342.716186][    T8] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  342.729865][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.738096][    T8] usb 5-1: Product: syz
[  342.742638][    T8] usb 5-1: Manufacturer: syz
[  342.747609][    T8] usb 5-1: SerialNumber: syz
[  342.764261][    T8] usb 5-1: config 0 descriptor??
[  342.776850][    T8] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  342.786176][    T8] em28xx 5-1:0.0: DVB interface 0 found: bulk
[  342.823322][ T5233] corsair-psu 0003:1B1C:1C0D.001E: hidraw0: USB HID v0.00 Device [HID 1b1c:1c0d] on usb-dummy_hcd.1-1/input0
[  342.906719][ T5233] corsair-psu 0003:1B1C:1C0D.001E: unable to initialize device (-38)
[  342.920158][ T5233] corsair-psu 0003:1B1C:1C0D.001E: probe with driver corsair-psu failed with error -38
[  343.054573][ T5233] usb 2-1: USB disconnect, device number 41
[  343.162762][   T25] gspca_sonixj: reg_w1 err -71
[  343.169420][ T8214] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  343.246835][   T25] sonixj 4-1:0.0: probe with driver sonixj failed with error -71
[  343.267083][   T25] usb 4-1: USB disconnect, device number 46
[  343.396209][    T8] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  344.126872][ T5289] usb 2-1: new high-speed USB device number 42 using dummy_hcd
[  344.136695][ T4621] Bluetooth: hci0: command 0x0c1a tx timeout
[  344.156700][ T5287] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  344.173726][ T5287] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[  344.221532][ T8239] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  344.276432][ T8239] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  344.318278][ T5289] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  344.346932][ T5289] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  344.360942][    T8] em28xx 5-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  344.366833][ T5289] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  344.385717][    T8] em28xx 5-1:0.0: board has no eeprom
[  344.420398][ T5289] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.446967][ T8306] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.639'.
[  344.467922][ T5289] usb 2-1: config 0 descriptor??
[  344.481135][    T8] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  344.509355][    T8] em28xx 5-1:0.0: dvb set to bulk mode.
[  344.534386][ T5285] em28xx 5-1:0.0: Binding DVB extension
[  344.559034][    T8] usb 5-1: USB disconnect, device number 28
[  344.587555][    T8] em28xx 5-1:0.0: Disconnecting em28xx
[  344.678560][ T5285] em28xx 5-1:0.0: Registering input extension
[  344.689249][    T8] em28xx 5-1:0.0: Closing input extension
[  344.762046][    T8] em28xx 5-1:0.0: Freeing device
[  345.107359][    T8] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  345.233754][ T5289] usb 2-1: string descriptor 0 read error: -71
[  345.248932][ T5289] uclogic 0003:256C:006D.001F: failed retrieving string descriptor #200: -71
[  345.276031][ T5289] uclogic 0003:256C:006D.001F: failed retrieving pen parameters: -71
[  345.286784][    T8] usb 5-1: Using ep0 maxpacket: 32
[  345.303262][ T5289] uclogic 0003:256C:006D.001F: failed probing pen v2 parameters: -71
[  345.304501][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  345.318759][ T5289] uclogic 0003:256C:006D.001F: failed probing parameters: -71
[  345.335365][ T5289] uclogic 0003:256C:006D.001F: probe with driver uclogic failed with error -71
[  345.347706][ T5301] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  345.357660][ T5289] usb 2-1: USB disconnect, device number 42
[  345.372677][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  345.417017][    T8] usb 5-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00
[  345.426262][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  345.461249][    T8] usb 5-1: config 0 descriptor??
[  345.569045][ T5301] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 1471, setting to 1024
[  345.592064][ T5301] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[  345.617668][ T5301] usb 4-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  345.646159][ T5301] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  345.667041][ T5301] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  345.675252][ T5301] usb 4-1: Product: ц
[  345.706638][ T5301] usb 4-1: Manufacturer: 㰁
[  345.711622][ T5301] usb 4-1: SerialNumber: ㏪쮩苇ఠ汽鐆੕룁䡙㰁뭅୓Ḷࣈ뱛跥ꙏ쑃㿖摲䇙ﾁͷ抴ᅟ툒全룇㌍ꤛ
[  345.754709][ T8322] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  345.768369][ T8322] raw-gadget.2 gadget.3: fail, usb_ep_enable returned -22
[  345.944236][    T8] kye 0003:0458:5016.0020: tablet report size too small, or kye_tablet_rdesc unexpectedly large
[  345.974167][    T8] kye 0003:0458:5016.0020: hidraw0: USB HID v0.00 Device [HID 0458:5016] on usb-dummy_hcd.4-1/input0
[  346.005764][    T8] kye 0003:0458:5016.0020: tablet-enabling feature report not found
[  346.024304][    T8] kye 0003:0458:5016.0020: tablet enabling failed
[  346.197168][ T5301] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 47 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  346.241153][ T8311] netlink: 24 bytes leftover after parsing attributes in process `syz.4.640'.
[  346.297559][   T25] usb 5-1: USB disconnect, device number 29
[  346.372648][ T8364] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.652'.
[  346.376989][ T4621] Bluetooth: hci3: command 0x0c1a tx timeout
[  346.388483][ T5287] Bluetooth: hci3: Opcode 0x0c1a failed: -110
[  346.394715][ T5287] Bluetooth: hci3: Error when powering off device on rfkill (-110)
[  346.542494][ T8369] netlink: 'syz.1.653': attribute type 10 has an invalid length.
[  346.576609][ T8369] netlink: 'syz.1.653': attribute type 10 has an invalid length.
[  346.584618][ T8369] bridge0: port 3(team0) entered blocking state
[  346.608915][ T8369] bridge0: port 3(team0) entered disabled state
[  346.615497][ T8369] team0: entered allmulticast mode
[  346.636595][ T8369] team_slave_0: entered allmulticast mode
[  346.642410][ T8369] team_slave_1: entered allmulticast mode
[  346.659095][ T8369] team0: entered promiscuous mode
[  346.664420][ T8369] team_slave_0: entered promiscuous mode
[  346.675072][ T8369] team_slave_1: entered promiscuous mode
[  346.941464][   T29] kauditd_printk_skb: 92 callbacks suppressed
[  346.941485][   T29] audit: type=1326 audit(1728867415.956:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8373 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  346.977006][   T29] audit: type=1326 audit(1728867415.956:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8373 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  347.000197][   T29] audit: type=1326 audit(1728867415.976:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8373 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  347.026311][ T8376] netlink: 24 bytes leftover after parsing attributes in process `syz.2.656'.
[  347.035803][   T29] audit: type=1326 audit(1728867415.976:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8373 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  347.043500][ T8376] usb usb1: usbfs: process 8376 (syz.2.656) did not claim interface 0 before use
[  347.070648][   T29] audit: type=1326 audit(1728867415.976:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8373 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  347.112410][   T29] audit: type=1326 audit(1728867415.976:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8373 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=40000003 syscall=172 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  347.134645][   T29] audit: type=1326 audit(1728867415.976:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8373 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  347.193154][   T29] audit: type=1326 audit(1728867415.976:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8373 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  347.236470][   T29] audit: type=1326 audit(1728867415.976:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8373 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  347.287218][   T29] audit: type=1326 audit(1728867415.976:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8373 comm="syz.4.655" exe="/root/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb7579 code=0x7ffc0000
[  347.346686][ T5289] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  347.357541][ T8386] mmap: syz.0.657 (8386) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  347.506769][ T5289] usb 5-1: Using ep0 maxpacket: 32
[  347.515409][ T5289] usb 5-1: config 0 has an invalid descriptor of length 38, skipping remainder of the config
[  347.559535][ T5289] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  347.575912][ T5289] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.597756][ T5289] usb 5-1: Product: syz
[  347.602461][ T5289] usb 5-1: Manufacturer: syz
[  347.609017][ T5289] usb 5-1: SerialNumber: syz
[  347.619929][ T5289] usb 5-1: config 0 descriptor??
[  347.629654][ T5289] usb 5-1: bad CDC descriptors
[  347.634962][ T5289] usb 5-1: unsupported MDLM descriptors
[  347.826834][ T5301] usb 3-1: new high-speed USB device number 37 using dummy_hcd
[  347.873734][ T5289] usb 5-1: USB disconnect, device number 30
[  347.996752][ T5301] usb 3-1: Using ep0 maxpacket: 16
[  348.012182][ T5301] usb 3-1: config 253 has an invalid interface number: 157 but max is 3
[  348.036155][ T5301] usb 3-1: config 253 contains an unexpected descriptor of type 0x2, skipping
[  348.045249][ T5301] usb 3-1: config 253 has an invalid interface number: 213 but max is 3
[  348.053794][ T5301] usb 3-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  348.060646][ T5289] usb 4-1: USB disconnect, device number 47
[  348.069873][ T5301] usb 3-1: config 253 has 2 interfaces, different from the descriptor's value: 4
[  348.085765][ T5301] usb 3-1: config 253 has no interface number 0
[  348.093126][ T5301] usb 3-1: config 253 has no interface number 1
[  348.105228][ T5289] usblp0: removed
[  348.123412][ T5301] usb 3-1: config 253 interface 157 altsetting 4 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  348.149400][ T5301] usb 3-1: config 253 interface 157 altsetting 4 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  348.178512][ T5301] usb 3-1: config 253 interface 157 altsetting 4 has a duplicate endpoint with address 0xD, skipping
[  348.207387][ T5301] usb 3-1: config 253 interface 213 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 14
[  348.234121][ T5301] usb 3-1: config 253 interface 157 has no altsetting 0
[  348.241350][ T5301] usb 3-1: config 253 interface 213 has no altsetting 0
[  348.256478][ T5301] usb 3-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice= 4.57
[  348.272627][ T5301] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  348.280910][ T5301] usb 3-1: Product: syz
[  348.285282][ T5301] usb 3-1: Manufacturer: syz
[  348.295136][ T5301] usb 3-1: SerialNumber: syz
[  348.553508][ T4621] Bluetooth: hci1: command 0x041b tx timeout
[  348.569881][ T5287] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[  348.577127][ T5287] Bluetooth: hci1: Error when powering off device on rfkill (-110)
[  348.609525][ T8390] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  348.646156][ T8390] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  348.731224][ T5301] r8712u: register rtl8712_netdev_ops to netdev_ops
[  348.743995][ T5301] usb 3-1: r8712u: USB_SPEED_HIGH with 4 endpoints
[  348.752698][ T5301] usb 3-1: r8712u: Boot from EFUSE: Autoload Failed
[  348.772367][ T5301] usb 3-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  348.787476][ T5301] usb 3-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  348.827582][ T5301] usb 3-1: Found UVC 0.00 device syz (0b05:1791)
[  348.847501][ T5301] usb 3-1: No valid video chain found.
[  348.856821][ T5301] r8712u: register rtl8712_netdev_ops to netdev_ops
[  348.875033][ T5301] usb 3-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[  348.885527][ T5301] usb 3-1: r8712u: Boot from EFUSE: Autoload Failed
[  348.895704][ T5301] usb 3-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  348.903665][ T5301] usb 3-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  348.924755][ T5301] usb 3-1: USB disconnect, device number 37
[  349.132197][ T8415] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.666'.
[  350.231537][ T5233] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  350.298185][ T5301] usb 2-1: new high-speed USB device number 43 using dummy_hcd
[  350.408528][ T5233] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  350.433497][ T5233] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  350.444366][ T5233] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  350.457660][ T5233] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1c0d, bcdDevice= 0.00
[  350.477932][ T5301] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  350.479334][ T5233] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.512451][ T5301] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  350.515194][ T5233] usb 3-1: config 0 descriptor??
[  350.541323][ T5301] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  350.563152][ T5301] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1c0d, bcdDevice= 0.00
[  350.572813][    T8] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  350.580779][ T5301] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  350.598910][ T5301] usb 2-1: config 0 descriptor??
[  350.649700][ T8441] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4154471757 (8308943514 ns) > initial count (334709606 ns). Using initial count to start timer.
[  350.696955][ T4621] Bluetooth: hci4: command 0x0c1a tx timeout
[  350.699255][ T5287] Bluetooth: hci4: Opcode 0x0c1a failed: -110
[  350.717357][ T5287] Bluetooth: hci4: Error when powering off device on rfkill (-110)
[  350.770534][    T8] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  350.781330][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  350.791335][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  350.803655][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  350.820933][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  350.831653][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  350.843282][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  350.851921][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  350.861758][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  350.873472][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  350.882236][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  350.891907][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  350.903376][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  350.911828][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  350.923414][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  350.936046][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  350.946417][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  350.956432][ T5233] corsair-psu 0003:1B1C:1C0D.0021: hidraw0: USB HID v0.00 Device [HID 1b1c:1c0d] on usb-dummy_hcd.2-1/input0
[  350.969302][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  350.980803][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  350.989634][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  350.999325][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  351.010955][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  351.019093][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  351.028344][ T5233] corsair-psu 0003:1B1C:1C0D.0021: unable to initialize device (-38)
[  351.040801][ T5233] corsair-psu 0003:1B1C:1C0D.0021: probe with driver corsair-psu failed with error -38
[  351.043827][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  351.062099][ T5301] corsair-psu 0003:1B1C:1C0D.0022: hidraw0: USB HID v0.00 Device [HID 1b1c:1c0d] on usb-dummy_hcd.1-1/input0
[  351.074753][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  351.090093][    T8] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  351.099570][    T8] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  351.108451][    T8] usb 4-1: Product: syz
[  351.112653][    T8] usb 4-1: Manufacturer: syz
[  351.117386][    T8] usb 4-1: SerialNumber: syz
[  351.123848][    T8] usb 4-1: config 0 descriptor??
[  351.129182][ T5301] corsair-psu 0003:1B1C:1C0D.0022: unable to initialize device (-38)
[  351.142039][    T8] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  351.150736][ T5301] corsair-psu 0003:1B1C:1C0D.0022: probe with driver corsair-psu failed with error -38
[  351.211469][ T5233] usb 3-1: USB disconnect, device number 38
[  351.306254][    T8] usb 2-1: USB disconnect, device number 43
[  351.410814][    C0] usb 4-1: yurex_control_callback - control failed: -71
[  351.411218][ T5233] usb 4-1: USB disconnect, device number 48
[  351.429958][ T5233] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  351.576840][ T5287] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  351.728598][ T5287] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  351.740557][ T5287] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  351.752248][ T5287] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  351.764048][ T5287] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  351.777514][ T5287] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  351.787984][ T5287] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.810051][ T5287] usb 5-1: config 0 descriptor??
[  351.819245][ T8446] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  351.962364][ T8449] IPVS: Scheduler module ip_vs_ not found
[  352.206239][ T8454] fuse: Bad value for 'fd'
[  354.567536][ T5287] usbhid 5-1:0.0: can't add hid device: -71
[  354.576920][ T5287] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  354.588990][ T5287] usb 5-1: USB disconnect, device number 31
[  354.854046][ T8494] tun0: tun_chr_ioctl cmd 1074025677
[  354.860224][ T8494] tun0: linktype set to 773
[  355.228442][ T8500] loop4: detected capacity change from 0 to 524288000
[  356.796662][ T5233] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  356.966891][ T5233] usb 3-1: Using ep0 maxpacket: 8
[  356.985330][ T5233] usb 3-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  357.017903][ T5233] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.064718][ T5233] usb 3-1: Product: syz
[  357.079359][ T5233] usb 3-1: Manufacturer: syz
[  357.084041][ T5233] usb 3-1: SerialNumber: syz
[  357.112918][ T5233] usb 3-1: config 0 descriptor??
[  357.125232][ T5233] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  358.191622][ T5299] usb 3-1: USB disconnect, device number 39
[  358.263476][ T8531] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  358.699823][ T8566] FAULT_INJECTION: forcing a failure.
[  358.699823][ T8566] name failslab, interval 1, probability 0, space 0, times 0
[  358.714589][ T8562] netlink: 68 bytes leftover after parsing attributes in process `syz.0.717'.
[  358.724374][ T8562] netlink: 68 bytes leftover after parsing attributes in process `syz.0.717'.
[  358.732429][ T8566] CPU: 0 UID: 0 PID: 8566 Comm: syz.1.715 Not tainted 6.12.0-rc2-syzkaller-00320-gba01565ced22 #0
[  358.743890][ T8566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  358.754017][ T8566] Call Trace:
[  358.757345][ T8566]  <TASK>
[  358.760321][ T8566]  dump_stack_lvl+0x241/0x360
[  358.765052][ T8566]  ? __pfx_dump_stack_lvl+0x10/0x10
[  358.770317][ T8566]  ? __pfx__printk+0x10/0x10
[  358.775008][ T8566]  ? ref_tracker_alloc+0x332/0x490
[  358.780450][ T8566]  should_fail_ex+0x3b0/0x4e0
[  358.785216][ T8566]  ? skb_clone+0x20c/0x390
[  358.789698][ T8566]  should_failslab+0xac/0x100
[  358.794442][ T8566]  ? skb_clone+0x20c/0x390
[  358.798950][ T8566]  kmem_cache_alloc_noprof+0x6c/0x2a0
[  358.804400][ T8566]  skb_clone+0x20c/0x390
[  358.808717][ T8566]  __netlink_deliver_tap+0x3cc/0x7c0
[  358.814072][ T8566]  ? netlink_deliver_tap+0x2e/0x1b0
[  358.819461][ T8566]  netlink_deliver_tap+0x19d/0x1b0
[  358.824621][ T8566]  netlink_unicast+0x7c4/0x990
[  358.829486][ T8566]  ? __pfx_netlink_unicast+0x10/0x10
[  358.834836][ T8566]  ? __virt_addr_valid+0x183/0x530
[  358.840015][ T8566]  ? __check_object_size+0x48e/0x900
[  358.845378][ T8566]  netlink_sendmsg+0x8e4/0xcb0
[  358.850217][ T8566]  ? __pfx_netlink_sendmsg+0x10/0x10
[  358.855835][ T8566]  ? __pfx_lock_release+0x10/0x10
[  358.860948][ T8566]  ? aa_sock_msg_perm+0x91/0x160
[  358.866016][ T8566]  ? __pfx_netlink_sendmsg+0x10/0x10
[  358.871371][ T8566]  __sock_sendmsg+0x221/0x270
[  358.876128][ T8566]  ____sys_sendmsg+0x52a/0x7e0
[  358.880969][ T8566]  ? __pfx_____sys_sendmsg+0x10/0x10
[  358.886342][ T8566]  __sys_sendmsg+0x292/0x380
[  358.891001][ T8566]  ? __pfx___sys_sendmsg+0x10/0x10
[  358.896190][ T8566]  ? __pfx_vfs_write+0x10/0x10
[  358.901049][ T8566]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  358.907723][ T8566]  ? lockdep_hardirqs_on+0x99/0x150
[  358.913012][ T8566]  __do_fast_syscall_32+0xb4/0x110
[  358.918224][ T8566]  ? exc_page_fault+0x590/0x8c0
[  358.923170][ T8566]  do_fast_syscall_32+0x34/0x80
[  358.928090][ T8566]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  358.934488][ T8566] RIP: 0023:0xf7fdf579
[  358.938639][ T8566] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  358.958297][ T8566] RSP: 002b:00000000f576656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  358.966748][ T8566] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0
[  358.974778][ T8566] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  358.982793][ T8566] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  358.990866][ T8566] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  358.998888][ T8566] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  359.006915][ T8566]  </TASK>
[  359.105044][ T8573] sg_write: process 323 (syz.3.720) changed security contexts after opening file descriptor, this is not allowed.
[  359.166759][    T8] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  359.347264][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  359.370691][    T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  359.398813][    T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  359.428082][    T8] usb 5-1: New USB device found, idVendor=1b1c, idProduct=1c0d, bcdDevice= 0.00
[  359.451381][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  359.497786][    T8] usb 5-1: config 0 descriptor??
[  359.796725][ T5233] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  359.931875][    T8] corsair-psu 0003:1B1C:1C0D.0023: hidraw0: USB HID v0.00 Device [HID 1b1c:1c0d] on usb-dummy_hcd.4-1/input0
[  359.976870][ T5233] usb 4-1: Using ep0 maxpacket: 32
[  360.016746][    T8] corsair-psu 0003:1B1C:1C0D.0023: unable to initialize device (-38)
[  360.018864][ T5233] usb 4-1: config 32 has an invalid descriptor of length 0, skipping remainder of the config
[  360.038586][    T8] corsair-psu 0003:1B1C:1C0D.0023: probe with driver corsair-psu failed with error -38
[  360.116911][ T5233] usb 4-1: config 32 has 0 interfaces, different from the descriptor's value: 1
[  360.167860][ T8565] usb usb1: usbfs: process 8565 (syz.4.716) did not claim interface 0 before use
[  360.177874][ T5233] usb 4-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=27.9b
[  360.187231][ T5233] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  360.195408][ T5233] usb 4-1: Product: syz
[  360.200181][ T5233] usb 4-1: Manufacturer: syz
[  360.204888][ T5233] usb 4-1: SerialNumber: syz
[  360.388327][    T8] usb 5-1: USB disconnect, device number 32
[  360.425788][ T8604] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  360.449649][ T8604] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  360.473497][ T5233] usb 4-1: USB disconnect, device number 49
[  361.053195][ T8613] FAULT_INJECTION: forcing a failure.
[  361.053195][ T8613] name failslab, interval 1, probability 0, space 0, times 0
[  361.067538][ T8613] CPU: 0 UID: 0 PID: 8613 Comm: syz.2.733 Not tainted 6.12.0-rc2-syzkaller-00320-gba01565ced22 #0
[  361.068463][   T29] kauditd_printk_skb: 128 callbacks suppressed
[  361.068482][   T29] audit: type=1326 audit(1728867430.086:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8614 comm="syz.3.735" exe="/root/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7fb6579 code=0x0
[  361.078188][ T8613] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  361.078214][ T8613] Call Trace:
[  361.078224][ T8613]  <TASK>
[  361.078235][ T8613]  dump_stack_lvl+0x241/0x360
[  361.078271][ T8613]  ? __pfx_dump_stack_lvl+0x10/0x10
[  361.078295][ T8613]  ? __pfx__printk+0x10/0x10
[  361.078332][ T8613]  ? __kmalloc_noprof+0xb0/0x400
[  361.078365][ T8613]  ? __pfx___might_resched+0x10/0x10
[  361.078402][ T8613]  should_fail_ex+0x3b0/0x4e0
[  361.078438][ T8613]  ? kobject_get_path+0xb8/0x230
[  361.078460][ T8613]  should_failslab+0xac/0x100
[  361.078490][ T8613]  ? kobject_get_path+0xb8/0x230
[  361.078512][ T8613]  __kmalloc_noprof+0xd8/0x400
[  361.078551][ T8613]  kobject_get_path+0xb8/0x230
[  361.078588][ T8613]  kobject_uevent_env+0x2a5/0x8e0
[  361.078625][ T8613]  device_release_driver_internal+0x6e3/0x7c0
[  361.186812][ T8613]  proc_ioctl+0x2b5/0x660
[  361.191176][ T8613]  usbdev_ioctl+0x2cf8/0x6120
[  361.195875][ T8613]  ? kernel_text_address+0xa7/0xe0
[  361.201008][ T8613]  ? __pfx_usbdev_ioctl+0x10/0x10
[  361.206047][ T8613]  ? unwind_get_return_address+0x4d/0x90
[  361.211717][ T8613]  ? arch_stack_walk+0xfd/0x150
[  361.216694][ T8613]  ? stack_trace_save+0x118/0x1d0
[  361.221740][ T8613]  ? __pfx_stack_trace_save+0x10/0x10
[  361.227132][ T8613]  ? stack_depot_save_flags+0x29/0x830
[  361.232617][ T8613]  ? kasan_save_track+0x51/0x80
[  361.237482][ T8613]  ? kasan_save_track+0x3f/0x80
[  361.242351][ T8613]  ? kasan_save_free_info+0x40/0x50
[  361.247574][ T8613]  ? __kasan_slab_free+0x59/0x70
[  361.252525][ T8613]  ? kfree+0x1a0/0x440
[  361.256623][ T8613]  ? tomoyo_path_number_perm+0x68d/0x880
[  361.262289][ T8613]  ? security_file_ioctl_compat+0xc6/0x2a0
[  361.268119][ T8613]  ? __se_compat_sys_ioctl+0xd6/0xc90
[  361.273506][ T8613]  ? do_vfs_ioctl+0xf08/0x2e40
[  361.278295][ T8613]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  361.283340][ T8613]  ? mark_lock+0x9a/0x360
[  361.287696][ T8613]  ? tomoyo_path_number_perm+0x208/0x880
[  361.293356][ T8613]  ? __pfx_lock_release+0x10/0x10
[  361.298407][ T8613]  ? lockdep_hardirqs_on+0x99/0x150
[  361.303638][ T8613]  ? kfree+0x1a0/0x440
[  361.307737][ T8613]  ? tomoyo_path_number_perm+0x68d/0x880
[  361.313413][ T8613]  ? tomoyo_path_number_perm+0x71a/0x880
[  361.319091][ T8613]  ? tomoyo_path_number_perm+0x208/0x880
[  361.324759][ T8613]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  361.330784][ T8613]  ? __pfx_lock_acquire+0x10/0x10
[  361.335858][ T8613]  ? __fget_files+0x29/0x470
[  361.340471][ T8613]  ? __fget_files+0x3f3/0x470
[  361.345177][ T8613]  __se_compat_sys_ioctl+0x510/0xc90
[  361.350487][ T8613]  ? __pfx___se_compat_sys_ioctl+0x10/0x10
[  361.356325][ T8613]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  361.362346][ T8613]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  361.368712][ T8613]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  361.375336][ T8613]  ? lockdep_hardirqs_on+0x99/0x150
[  361.380578][ T8613]  __do_fast_syscall_32+0xb4/0x110
[  361.385715][ T8613]  ? exc_page_fault+0x590/0x8c0
[  361.390605][ T8613]  do_fast_syscall_32+0x34/0x80
[  361.395475][ T8613]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  361.401823][ T8613] RIP: 0023:0xf747d579
[  361.405912][ T8613] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  361.425633][ T8613] RSP: 002b:00000000f576656c EFLAGS: 00000206 ORIG_RAX: 0000000000000036
[  361.434071][ T8613] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000c0105512
[  361.442061][ T8613] RDX: 0000000020000200 RSI: 0000000000000000 RDI: 0000000000000000
[  361.450056][ T8613] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  361.458057][ T8613] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  361.466077][ T8613] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  361.474079][ T8613]  </TASK>
[  361.488219][ T8616] hub 9-0:1.0: USB hub found
[  361.501110][ T8616] hub 9-0:1.0: 8 ports detected
[  361.672826][    T8] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  361.778310][ T5287] usb 4-1: new high-speed USB device number 50 using dummy_hcd
[  361.836746][    T8] usb 5-1: Using ep0 maxpacket: 8
[  361.836746][ T5233] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  361.855954][    T8] usb 5-1: New USB device found, idVendor=2040, idProduct=7300, bcdDevice=db.79
[  361.865417][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  361.873873][    T8] usb 5-1: Product: syz
[  361.878423][    T8] usb 5-1: Manufacturer: syz
[  361.883253][    T8] usb 5-1: SerialNumber: syz
[  361.890851][    T8] usb 5-1: config 0 descriptor??
[  361.899668][    T8] pvrusb2: Hardware description: WinTV HVR-1900 Model 73xxx
[  361.906782][   T46] usb 2-1: new full-speed USB device number 44 using dummy_hcd
[  361.938587][ T5287] usb 4-1: config index 0 descriptor too short (expected 3133, got 61)
[  361.947201][ T5287] usb 4-1: config 0 has an invalid interface number: 156 but max is 1
[  361.955417][ T5287] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  361.965783][ T5287] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  361.974998][ T5287] usb 4-1: config 0 has no interface number 0
[  361.982125][ T5287] usb 4-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  361.993290][ T5287] usb 4-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  362.003353][ T5233] usb 3-1: Using ep0 maxpacket: 16
[  362.008702][ T5287] usb 4-1: config 0 interface 156 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  362.022098][ T5287] usb 4-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  362.032641][ T5233] usb 3-1: config 253 has an invalid interface number: 157 but max is 3
[  362.041349][ T5287] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  362.049608][ T5233] usb 3-1: config 253 contains an unexpected descriptor of type 0x2, skipping
[  362.061650][ T5233] usb 3-1: config 253 has an invalid interface number: 213 but max is 3
[  362.071482][ T5287] usb 4-1: config 0 descriptor??
[  362.082890][ T5233] usb 3-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  362.093674][ T5233] usb 3-1: config 253 has 2 interfaces, different from the descriptor's value: 4
[  362.109633][ T5287] gspca_main: spca561-2.14.0 probing abcd:cdee
[  362.116139][ T5233] usb 3-1: config 253 has no interface number 0
[  362.123978][   T46] usb 2-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  362.133754][ T5233] usb 3-1: config 253 has no interface number 1
[  362.140510][   T46] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  362.149006][ T5233] usb 3-1: config 253 interface 157 altsetting 4 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  362.160699][   T46] usb 2-1: Product: syz
[  362.164946][   T46] usb 2-1: Manufacturer: syz
[  362.169826][   T46] usb 2-1: SerialNumber: syz
[  362.174564][ T5233] usb 3-1: config 253 interface 157 altsetting 4 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  362.187375][ T5233] usb 3-1: config 253 interface 157 altsetting 4 has a duplicate endpoint with address 0xD, skipping
[  362.199010][ T5233] usb 3-1: config 253 interface 213 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 14
[  362.212652][ T5233] usb 3-1: config 253 interface 157 has no altsetting 0
[  362.219879][ T5233] usb 3-1: config 253 interface 213 has no altsetting 0
[  362.231573][   T46] usb 2-1: config 0 descriptor??
[  362.239232][ T5233] usb 3-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice= 4.57
[  362.251441][ T5233] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  362.259865][ T5233] usb 3-1: Product: syz
[  362.264134][ T5233] usb 3-1: Manufacturer: syz
[  362.269723][ T2038] usb 5-1: Direct firmware load for v4l-pvrusb2-73xxx-01.fw failed with error -2
[  362.279097][ T5233] usb 3-1: SerialNumber: syz
[  362.280716][ T2038] usb 5-1: Falling back to sysfs fallback for: v4l-pvrusb2-73xxx-01.fw
[  362.482513][ T5301] usb 5-1: USB disconnect, device number 33
[  362.525275][ T8622] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  362.534065][ T8622] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  362.571419][ T5233] r8712u: register rtl8712_netdev_ops to netdev_ops
[  362.581594][ T5233] usb 3-1: r8712u: USB_SPEED_HIGH with 4 endpoints
[  362.592047][ T5233] usb 3-1: r8712u: Boot from EFUSE: Autoload Failed
[  362.599331][ T5233] usb 3-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  362.607750][ T5233] usb 3-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  362.629550][   T46] dvb_usb_dtv5100 2-1:0.0: probe with driver dvb_usb_dtv5100 failed with error -71
[  362.644077][ T5287] spca561 4-1:0.156: probe with driver spca561 failed with error -22
[  362.654377][ T5287] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  362.663613][ T5233] usb 3-1: Found UVC 0.00 device syz (0b05:1791)
[  362.672875][ T5287] usb 4-1: MIDIStreaming interface descriptor not found
[  362.681149][   T46] usb 2-1: USB disconnect, device number 44
[  362.687521][ T5233] usb 3-1: No valid video chain found.
[  362.695834][ T5233] r8712u: register rtl8712_netdev_ops to netdev_ops
[  362.707149][ T5233] usb 3-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[  362.722983][ T5233] usb 3-1: r8712u: Boot from EFUSE: Autoload Failed
[  362.730029][ T5233] usb 3-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  362.744188][ T5233] usb 3-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  362.793214][ T5233] usb 3-1: USB disconnect, device number 40
[  363.197810][ T8602] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  363.256391][ T8635] netlink: 56 bytes leftover after parsing attributes in process `syz.2.741'.
[  363.799197][ T8656] 
@�: renamed from veth0_vlan (while UP)
[  364.101722][   T46] usb 4-1: USB disconnect, device number 50
[  364.386731][ T8662] loop6: detected capacity change from 0 to 7
[  364.422151][ T8662] Dev loop6: unable to read RDB block 7
[  364.461232][ T8662]  loop6: unable to read partition table
[  364.518888][ T8662] loop6: partition table beyond EOD, truncated
[  364.525151][ T8662] loop_reread_partitions: partition scan of loop6 (�被x������ڬ��dƤ����ݡ�����
[  364.525151][ T8662] 
) failed (rc=-5)
[  365.407529][ T5233] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  365.566639][ T5233] usb 4-1: Using ep0 maxpacket: 16
[  365.629437][ T5233] usb 4-1: config 253 has an invalid interface number: 157 but max is 3
[  365.657104][ T5233] usb 4-1: config 253 contains an unexpected descriptor of type 0x2, skipping
[  365.676426][ T5233] usb 4-1: config 253 has an invalid interface number: 213 but max is 3
[  365.705307][ T5233] usb 4-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  365.725643][ T5233] usb 4-1: config 253 has 2 interfaces, different from the descriptor's value: 4
[  365.751989][ T5233] usb 4-1: config 253 has no interface number 0
[  365.776711][ T5233] usb 4-1: config 253 has no interface number 1
[  365.800093][ T5233] usb 4-1: config 253 interface 157 altsetting 4 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  365.843290][ T5233] usb 4-1: config 253 interface 157 altsetting 4 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  365.884266][ T5233] usb 4-1: config 253 interface 157 altsetting 4 has a duplicate endpoint with address 0xD, skipping
[  365.936713][ T5233] usb 4-1: config 253 interface 213 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 14
[  365.966638][ T5233] usb 4-1: config 253 interface 157 has no altsetting 0
[  365.974900][ T5233] usb 4-1: config 253 interface 213 has no altsetting 0
[  365.992277][ T5233] usb 4-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice= 4.57
[  366.006694][ T5233] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  366.036703][ T5233] usb 4-1: Product: syz
[  366.050703][ T5233] usb 4-1: Manufacturer: syz
[  366.069024][ T5233] usb 4-1: SerialNumber: syz
[  366.318039][ T8672] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  366.351662][ T8672] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  366.419346][ T5233] r8712u: register rtl8712_netdev_ops to netdev_ops
[  366.426091][ T5233] usb 4-1: r8712u: USB_SPEED_HIGH with 4 endpoints
[  366.471668][ T5233] usb 4-1: r8712u: Boot from EFUSE: Autoload Failed
[  366.490343][ T5233] usb 4-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  366.509618][ T5233] usb 4-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  366.533457][    T8] usb 2-1: new high-speed USB device number 45 using dummy_hcd
[  366.558973][ T5233] usb 4-1: Found UVC 0.00 device syz (0b05:1791)
[  366.583534][ T5233] usb 4-1: No valid video chain found.
[  366.604336][ T5233] r8712u: register rtl8712_netdev_ops to netdev_ops
[  366.627964][ T5233] usb 4-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[  366.657109][ T5233] usb 4-1: r8712u: Boot from EFUSE: Autoload Failed
[  366.683712][ T5233] usb 4-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  366.716693][    T8] usb 2-1: Using ep0 maxpacket: 16
[  366.730309][    T8] usb 2-1: config 0 has no interfaces?
[  366.743653][ T5233] usb 4-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  366.750465][    T8] usb 2-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b5.89
[  366.774287][ T5233] usb 4-1: USB disconnect, device number 51
[  366.790207][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  366.820782][    T8] usb 2-1: Product: syz
[  366.830901][    T8] usb 2-1: Manufacturer: syz
[  366.864511][    T8] usb 2-1: SerialNumber: syz
[  366.902487][    T8] usb 2-1: config 0 descriptor??
[  367.665137][ T8685] syz.2.755 (8685) used obsolete PPPIOCDETACH ioctl
[  368.359516][ T8695] openvswitch: netlink: Unknown key attributes 2
[  368.412044][ T8697] Cannot find add_set index 0 as target
[  368.573468][ T8699] netlink: 'syz.2.760': attribute type 1 has an invalid length.
[  368.629429][ T8676] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  368.825645][ T8701] bridge0: port 3(vlan2) entered blocking state
[  368.836858][   T25] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  368.855022][    T8] usb 2-1: USB disconnect, device number 45
[  368.875709][ T8701] bridge0: port 3(vlan2) entered disabled state
[  368.896254][ T8701] vlan2: entered allmulticast mode
[  368.918567][ T8701] vlan2: left allmulticast mode
[  369.031493][   T25] usb 3-1: config 36 interface 0 altsetting 0 has an endpoint descriptor with address 0x63, changing to 0x3
[  369.063502][   T25] usb 3-1: config 36 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 65049, setting to 64
[  369.098131][   T25] usb 3-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=26.29
[  369.116253][   T25] usb 3-1: New USB device strings: Mfr=244, Product=0, SerialNumber=0
[  369.126316][   T25] usb 3-1: Manufacturer: syz
[  369.356879][    T8] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  369.365059][ T8699] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  369.381067][ T8699] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  369.395663][   T25] usbhid 3-1:36.0: couldn't find an input interrupt endpoint
[  369.412815][   T25] usb 3-1: USB disconnect, device number 41
[  369.508782][    T8] usb 4-1: Using ep0 maxpacket: 32
[  369.516126][    T8] usb 4-1: no configurations
[  369.523738][    T8] usb 4-1: can't read configurations, error -22
[  369.686747][    T8] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  369.868350][    T8] usb 4-1: Using ep0 maxpacket: 32
[  369.877561][    T8] usb 4-1: no configurations
[  369.882227][    T8] usb 4-1: can't read configurations, error -22
[  369.896123][    T8] usb usb4-port1: attempt power cycle
[  370.269588][    T8] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  370.312715][    T8] usb 4-1: Using ep0 maxpacket: 32
[  370.323679][    T8] usb 4-1: no configurations
[  370.350386][    T8] usb 4-1: can't read configurations, error -22
[  370.496693][    T8] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  370.527289][    T8] usb 4-1: Using ep0 maxpacket: 32
[  370.533390][    T8] usb 4-1: no configurations
[  370.540517][    T8] usb 4-1: can't read configurations, error -22
[  370.547631][    T8] usb usb4-port1: unable to enumerate USB device
[  371.368355][ T8730] netlink: 48 bytes leftover after parsing attributes in process `syz.2.768'.
[  371.550806][ T8736] FAULT_INJECTION: forcing a failure.
[  371.550806][ T8736] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  371.564417][ T8736] CPU: 0 UID: 0 PID: 8736 Comm: syz.1.772 Not tainted 6.12.0-rc2-syzkaller-00320-gba01565ced22 #0
[  371.575163][ T8736] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  371.585274][ T8736] Call Trace:
[  371.588599][ T8736]  <TASK>
[  371.591575][ T8736]  dump_stack_lvl+0x241/0x360
[  371.596308][ T8736]  ? __pfx_dump_stack_lvl+0x10/0x10
[  371.601586][ T8736]  ? __pfx__printk+0x10/0x10
[  371.606249][ T8736]  ? __pfx_lock_release+0x10/0x10
[  371.611350][ T8736]  should_fail_ex+0x3b0/0x4e0
[  371.616119][ T8736]  _copy_from_user+0x2f/0xe0
[  371.620780][ T8736]  sk_setsockopt+0x2d4/0x33b0
[  371.625522][ T8736]  ? __pfx_sk_setsockopt+0x10/0x10
[  371.630711][ T8736]  ? rcu_read_lock_any_held+0xb7/0x160
[  371.636235][ T8736]  ? aa_sk_perm+0x96d/0xab0
[  371.640797][ T8736]  ? sb_end_write+0xe9/0x1c0
[  371.645478][ T8736]  ? __pfx_aa_sk_perm+0x10/0x10
[  371.650380][ T8736]  ? vfs_write+0x7bf/0xc90
[  371.654845][ T8736]  ? aa_sock_opt_perm+0x79/0x120
[  371.659878][ T8736]  do_sock_setsockopt+0x2fb/0x720
[  371.664966][ T8736]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  371.670571][ T8736]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  371.677146][ T8736]  __sys_setsockopt+0x1a2/0x250
[  371.682053][ T8736]  __ia32_sys_setsockopt+0xb5/0xd0
[  371.687219][ T8736]  __do_fast_syscall_32+0xb4/0x110
[  371.692384][ T8736]  ? exc_page_fault+0x590/0x8c0
[  371.697303][ T8736]  do_fast_syscall_32+0x34/0x80
[  371.702208][ T8736]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  371.708638][ T8736] RIP: 0023:0xf7fdf579
[  371.712785][ T8736] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  371.732446][ T8736] RSP: 002b:00000000f576656c EFLAGS: 00000206 ORIG_RAX: 000000000000016e
[  371.740926][ T8736] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000000001
[  371.748948][ T8736] RDX: 0000000000000045 RSI: 0000000020000040 RDI: 0000000000000004
[  371.756970][ T8736] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  371.764989][ T8736] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  371.773022][ T8736] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  371.781066][ T8736]  </TASK>
[  372.576682][ T5287] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  372.739118][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  372.765332][ T5287] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  372.787896][ T5287] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  372.812040][ T5287] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1c0d, bcdDevice= 0.00
[  372.822057][ T5287] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  372.833391][ T5287] usb 4-1: config 0 descriptor??
[  373.282852][ T5287] corsair-psu 0003:1B1C:1C0D.0024: hidraw0: USB HID v0.00 Device [HID 1b1c:1c0d] on usb-dummy_hcd.3-1/input0
[  373.438047][ T5287] corsair-psu 0003:1B1C:1C0D.0024: unable to initialize device (-38)
[  373.455753][ T8744] usb usb1: usbfs: process 8744 (syz.3.775) did not claim interface 0 before use
[  373.468455][ T5287] corsair-psu 0003:1B1C:1C0D.0024: probe with driver corsair-psu failed with error -38
[  373.489208][ T5287] usb 4-1: USB disconnect, device number 56
[  373.822657][ T8762] openvswitch: netlink: Unknown key attributes 2
[  373.982028][ T8767] FAULT_INJECTION: forcing a failure.
[  373.982028][ T8767] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  373.998273][ T8767] CPU: 1 UID: 0 PID: 8767 Comm: syz.2.783 Not tainted 6.12.0-rc2-syzkaller-00320-gba01565ced22 #0
[  374.008937][ T8767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  374.019025][ T8767] Call Trace:
[  374.022325][ T8767]  <TASK>
[  374.025275][ T8767]  dump_stack_lvl+0x241/0x360
[  374.029966][ T8767]  ? __pfx_dump_stack_lvl+0x10/0x10
[  374.035197][ T8767]  ? __pfx__printk+0x10/0x10
[  374.039840][ T8767]  ? __pfx_lock_release+0x10/0x10
[  374.044938][ T8767]  should_fail_ex+0x3b0/0x4e0
[  374.049643][ T8767]  _copy_from_iter+0x1ed/0x1d60
[  374.054513][ T8767]  ? __virt_addr_valid+0x183/0x530
[  374.059644][ T8767]  ? __pfx_lock_release+0x10/0x10
[  374.064700][ T8767]  ? __alloc_skb+0x28f/0x440
[  374.069352][ T8767]  ? __pfx__copy_from_iter+0x10/0x10
[  374.074668][ T8767]  ? __virt_addr_valid+0x183/0x530
[  374.079805][ T8767]  ? __virt_addr_valid+0x183/0x530
[  374.084932][ T8767]  ? __virt_addr_valid+0x45f/0x530
[  374.090061][ T8767]  ? __check_object_size+0x48e/0x900
[  374.095397][ T8767]  netlink_sendmsg+0x73d/0xcb0
[  374.100202][ T8767]  ? __pfx_netlink_sendmsg+0x10/0x10
[  374.105509][ T8767]  ? __pfx_lock_release+0x10/0x10
[  374.110561][ T8767]  ? aa_sock_msg_perm+0x91/0x160
[  374.115523][ T8767]  ? __pfx_netlink_sendmsg+0x10/0x10
[  374.120826][ T8767]  __sock_sendmsg+0x221/0x270
[  374.125535][ T8767]  ____sys_sendmsg+0x52a/0x7e0
[  374.130331][ T8767]  ? __pfx_____sys_sendmsg+0x10/0x10
[  374.135656][ T8767]  __sys_sendmsg+0x292/0x380
[  374.140282][ T8767]  ? __pfx___sys_sendmsg+0x10/0x10
[  374.145423][ T8767]  ? __pfx_vfs_write+0x10/0x10
[  374.150231][ T8767]  ? syscall_enter_from_user_mode_prepare+0x7f/0xe0
[  374.156849][ T8767]  ? lockdep_hardirqs_on+0x99/0x150
[  374.162079][ T8767]  __do_fast_syscall_32+0xb4/0x110
[  374.167210][ T8767]  ? exc_page_fault+0x590/0x8c0
[  374.172090][ T8767]  do_fast_syscall_32+0x34/0x80
[  374.176959][ T8767]  entry_SYSENTER_compat_after_hwframe+0x84/0x8e
[  374.183306][ T8767] RIP: 0023:0xf747d579
[  374.187388][ T8767] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90
[  374.207042][ T8767] RSP: 002b:00000000f576656c EFLAGS: 00000206 ORIG_RAX: 0000000000000172
[  374.215477][ T8767] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000000
[  374.223468][ T8767] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  374.231454][ T8767] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000
[  374.239458][ T8767] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000000
[  374.247443][ T8767] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000
[  374.255468][ T8767]  </TASK>
[  374.318184][ T5285] usb 2-1: new high-speed USB device number 46 using dummy_hcd
[  374.478246][ T5285] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  374.496652][ T5285] usb 2-1: New USB device found, idVendor=046d, idProduct=c513, bcdDevice= 0.00
[  374.506008][ T5285] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.527712][ T5285] usb 2-1: config 0 descriptor??
[  374.646817][    T8] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  374.722730][ T8783] netlink: 12 bytes leftover after parsing attributes in process `syz.3.789'.
[  374.754803][ T8783] hub 9-0:1.0: USB hub found
[  374.759899][ T8783] hub 9-0:1.0: 8 ports detected
[  374.840051][    T8] usb 3-1: Using ep0 maxpacket: 16
[  374.849453][    T8] usb 3-1: config 253 has an invalid interface number: 157 but max is 3
[  374.858385][    T8] usb 3-1: config 253 contains an unexpected descriptor of type 0x2, skipping
[  374.868208][    T8] usb 3-1: config 253 has an invalid interface number: 213 but max is 3
[  374.877524][    T8] usb 3-1: config 253 has an invalid descriptor of length 0, skipping remainder of the config
[  374.888102][    T8] usb 3-1: config 253 has 2 interfaces, different from the descriptor's value: 4
[  374.897405][    T8] usb 3-1: config 253 has no interface number 0
[  374.904195][    T8] usb 3-1: config 253 has no interface number 1
[  374.913499][    T8] usb 3-1: config 253 interface 157 altsetting 4 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  374.936253][    T8] usb 3-1: config 253 interface 157 altsetting 4 endpoint 0x4 has invalid maxpacket 512, setting to 64
[  374.967125][    T8] usb 3-1: config 253 interface 157 altsetting 4 has a duplicate endpoint with address 0xD, skipping
[  375.006649][    T8] usb 3-1: config 253 interface 213 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 14
[  375.045182][    T8] usb 3-1: config 253 interface 157 has no altsetting 0
[  375.053060][    T8] usb 3-1: config 253 interface 213 has no altsetting 0
[  375.073719][    T8] usb 3-1: New USB device found, idVendor=0b05, idProduct=1791, bcdDevice= 4.57
[  375.102506][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.125907][    T8] usb 3-1: Product: syz
[  375.141671][    T8] usb 3-1: Manufacturer: syz
[  375.156660][    T8] usb 3-1: SerialNumber: syz
[  375.179699][ T5291] usb 2-1: USB disconnect, device number 46
[  375.451978][ T8773] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  375.497685][ T8773] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  375.553722][    T8] r8712u: register rtl8712_netdev_ops to netdev_ops
[  375.574878][    T8] usb 3-1: r8712u: USB_SPEED_HIGH with 4 endpoints
[  375.609741][    T8] usb 3-1: r8712u: Boot from EFUSE: Autoload Failed
[  375.616727][    T8] usb 3-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  375.624578][    T8] usb 3-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  375.695316][    T8] usb 3-1: Found UVC 0.00 device syz (0b05:1791)
[  376.837358][    T8] usb 3-1: No valid video chain found.
[  378.554080][    T8] r8712u: register rtl8712_netdev_ops to netdev_ops
[  378.625848][    T8] usb 3-1: r8712u: USB_SPEED_HIGH with 0 endpoints
[  378.696768][    T8] usb 3-1: r8712u: Boot from EFUSE: Autoload Failed
[  378.703456][    T8] usb 3-1: r8712u: MAC Address from efuse = 00:e0:4c:87:00:00
[  378.967107][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  378.973494][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  379.247510][    T8] usb 3-1: r8712u: Loading firmware from "rtlwifi/rtl8712u.bin"
[  379.299088][    T8] usb 3-1: USB disconnect, device number 42
[  379.551832][ T8791] netlink: 8 bytes leftover after parsing attributes in process `syz.2.792'.
[  401.252266][   T54] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  401.286848][   T54] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  401.296751][   T54] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  401.305297][   T54] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  401.313114][   T54] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  401.320738][   T54] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  403.416750][ T5285] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  403.423265][ T5285] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[  403.440177][   T54] Bluetooth: hci0: command tx timeout
[  403.729886][ T4621] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  403.751916][ T4621] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  403.761426][ T4621] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  403.770067][ T4621] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  403.860286][ T8820] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  403.870858][ T8820] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  403.879992][ T8820] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  403.888086][ T8820] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  403.901358][ T8820] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  403.911252][ T8820] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  403.920742][ T8820] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  403.940669][ T8820] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  403.949588][ T8820] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  403.958577][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  403.967357][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  403.986661][ T8820] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  403.994017][ T8822] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  404.006801][ T8822] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  404.017311][ T8820] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  404.027848][ T8822] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  404.049755][ T4621] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  404.059203][ T8822] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  404.067322][ T4621] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  404.096749][ T5234] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  404.107824][ T5234] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  404.182087][ T8819] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  404.190982][ T8819] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  404.204442][ T8819] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  404.212286][ T8819] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  404.221874][ T8819] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  406.136928][ T8819] Bluetooth: hci4: command tx timeout
[  406.216998][ T8819] Bluetooth: hci1: command tx timeout
[  406.223633][ T8819] Bluetooth: hci5: command tx timeout
[  406.296998][ T8819] Bluetooth: hci3: command tx timeout
[  408.216906][ T8819] Bluetooth: hci4: command tx timeout
[  408.298020][ T5234] Bluetooth: hci1: command tx timeout
[  408.306280][ T8819] Bluetooth: hci5: command tx timeout
[  408.377079][ T8819] Bluetooth: hci3: command tx timeout
[  410.296808][ T8819] Bluetooth: hci4: command tx timeout
[  410.379142][ T5234] Bluetooth: hci1: command tx timeout
[  410.386660][ T8819] Bluetooth: hci5: command tx timeout
[  410.456944][ T8819] Bluetooth: hci3: command tx timeout
[  412.378412][ T8819] Bluetooth: hci4: command tx timeout
[  412.456839][ T5234] Bluetooth: hci1: command tx timeout
[  412.462373][ T8819] Bluetooth: hci5: command tx timeout
[  412.536936][ T8819] Bluetooth: hci3: command tx timeout
[  425.047059][ T2038] pvrusb2: request_firmware fatal error with code=-110
[  425.054006][ T2038] pvrusb2: Failure uploading firmware1
[  425.109168][ T2038] pvrusb2: Device initialization was not successful.
[  425.115989][ T2038] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  425.194972][ T2038] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  425.230412][ T5301] pvrusb2: Device being rendered inoperable
[  440.383997][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  440.390456][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  440.836726][ T4685] udevd[4685]: worker [5627] /devices/platform/dummy_hcd.2/usb3/3-1 is taking a long time
[  457.850729][ T5234] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  457.861602][ T5234] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  457.872177][ T5234] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  457.880362][ T5234] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  457.888704][ T5234] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  457.900182][ T5234] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  457.970466][ T5234] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  457.980690][ T5234] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  457.989461][ T5234] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  457.997647][ T5234] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  458.012933][ T5234] Bluetooth: hci6: unexpected cc 0x0c25 length: 249 > 3
[  458.022026][ T5234] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  458.882815][ T8819] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  458.893642][ T8819] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  458.906899][ T8819] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  458.920787][ T8819] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  458.928629][ T8819] Bluetooth: hci7: unexpected cc 0x0c25 length: 249 > 3
[  458.936091][ T8819] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  459.035520][ T5234] Bluetooth: hci8: unexpected cc 0x0c03 length: 249 > 1
[  459.066891][ T5234] Bluetooth: hci8: unexpected cc 0x1003 length: 249 > 9
[  459.076662][ T5234] Bluetooth: hci8: unexpected cc 0x1001 length: 249 > 9
[  459.087563][ T5234] Bluetooth: hci8: unexpected cc 0x0c23 length: 249 > 4
[  459.098531][ T5234] Bluetooth: hci8: unexpected cc 0x0c25 length: 249 > 3
[  459.106088][ T5234] Bluetooth: hci8: unexpected cc 0x0c38 length: 249 > 2
[  459.225382][ T8819] Bluetooth: hci9: unexpected cc 0x0c03 length: 249 > 1
[  459.235380][ T8819] Bluetooth: hci9: unexpected cc 0x1003 length: 249 > 9
[  459.244827][ T8819] Bluetooth: hci9: unexpected cc 0x1001 length: 249 > 9
[  459.253406][ T8819] Bluetooth: hci9: unexpected cc 0x0c23 length: 249 > 4
[  459.267408][ T8819] Bluetooth: hci9: unexpected cc 0x0c25 length: 249 > 3
[  459.274816][ T8819] Bluetooth: hci9: unexpected cc 0x0c38 length: 249 > 2
[  459.976727][ T8819] Bluetooth: hci2: command tx timeout
[  460.056834][ T8819] Bluetooth: hci6: command tx timeout
[  461.016707][ T8819] Bluetooth: hci7: command tx timeout
[  461.176715][ T8819] Bluetooth: hci8: command tx timeout
[  461.341451][ T8819] Bluetooth: hci9: command tx timeout
[  462.056714][ T8819] Bluetooth: hci2: command tx timeout
[  462.136762][ T8819] Bluetooth: hci6: command tx timeout
[  463.096741][ T8819] Bluetooth: hci7: command tx timeout
[  463.256893][ T8819] Bluetooth: hci8: command tx timeout
[  463.416743][ T8819] Bluetooth: hci9: command tx timeout
[  464.143283][ T8819] Bluetooth: hci2: command tx timeout
[  464.221456][ T8819] Bluetooth: hci6: command tx timeout
[  465.176694][ T8819] Bluetooth: hci7: command tx timeout
[  465.336848][ T5234] Bluetooth: hci8: command tx timeout
[  465.496729][ T8819] Bluetooth: hci9: command tx timeout
[  466.216819][ T8819] Bluetooth: hci2: command tx timeout
[  466.296795][ T8819] Bluetooth: hci6: command tx timeout
[  467.257129][ T8819] Bluetooth: hci7: command tx timeout
[  467.426792][ T8819] Bluetooth: hci8: command tx timeout
[  467.576792][ T8819] Bluetooth: hci9: command tx timeout
[  501.821957][ T1267] ieee802154 phy0 wpan0: encryption failed: -22
[  501.828475][ T1267] ieee802154 phy1 wpan1: encryption failed: -22
[  519.928103][ T5234] Bluetooth: hci10: unexpected cc 0x0c03 length: 249 > 1
[  519.938887][ T5234] Bluetooth: hci10: unexpected cc 0x1003 length: 249 > 9
[  519.947835][ T5234] Bluetooth: hci10: unexpected cc 0x1001 length: 249 > 9
[  519.957529][ T5234] Bluetooth: hci10: unexpected cc 0x0c23 length: 249 > 4
[  519.975171][ T5234] Bluetooth: hci10: unexpected cc 0x0c25 length: 249 > 3
[  519.982794][ T5234] Bluetooth: hci10: unexpected cc 0x0c38 length: 249 > 2
[  520.071247][ T5234] Bluetooth: hci11: unexpected cc 0x0c03 length: 249 > 1
[  520.100799][ T5234] Bluetooth: hci11: unexpected cc 0x1003 length: 249 > 9
[  520.110450][ T5234] Bluetooth: hci11: unexpected cc 0x1001 length: 249 > 9
[  520.119220][ T5234] Bluetooth: hci11: unexpected cc 0x0c23 length: 249 > 4
[  520.130023][ T5234] Bluetooth: hci11: unexpected cc 0x0c25 length: 249 > 3
[  520.137677][ T5234] Bluetooth: hci11: unexpected cc 0x0c38 length: 249 > 2
[  520.207258][ T8819] Bluetooth: hci12: unexpected cc 0x0c03 length: 249 > 1
[  520.223732][ T8819] Bluetooth: hci12: unexpected cc 0x1003 length: 249 > 9
[  520.234012][ T8819] Bluetooth: hci12: unexpected cc 0x1001 length: 249 > 9
[  520.242739][ T8819] Bluetooth: hci12: unexpected cc 0x0c23 length: 249 > 4
[  520.252245][ T8819] Bluetooth: hci12: unexpected cc 0x0c25 length: 249 > 3
[  520.264538][ T8819] Bluetooth: hci12: unexpected cc 0x0c38 length: 249 > 2
[  520.348102][ T5234] Bluetooth: hci13: unexpected cc 0x0c03 length: 249 > 1
[  520.365590][ T5234] Bluetooth: hci13: unexpected cc 0x1003 length: 249 > 9
[  520.374441][ T5234] Bluetooth: hci13: unexpected cc 0x1001 length: 249 > 9
[  520.387065][ T5234] Bluetooth: hci13: unexpected cc 0x0c23 length: 249 > 4
[  520.415488][ T5234] Bluetooth: hci13: unexpected cc 0x0c25 length: 249 > 3
[  520.426862][ T5234] Bluetooth: hci13: unexpected cc 0x0c38 length: 249 > 2
[  520.554460][ T8819] Bluetooth: hci14: unexpected cc 0x0c03 length: 249 > 1
[  520.566968][ T8819] Bluetooth: hci14: unexpected cc 0x1003 length: 249 > 9
[  520.575631][ T8819] Bluetooth: hci14: unexpected cc 0x1001 length: 249 > 9
[  520.589985][ T8819] Bluetooth: hci14: unexpected cc 0x0c23 length: 249 > 4
[  520.608013][ T8819] Bluetooth: hci14: unexpected cc 0x0c25 length: 249 > 3
[  520.621448][ T8819] Bluetooth: hci14: unexpected cc 0x0c38 length: 249 > 2
[  522.056696][ T8819] Bluetooth: hci10: command tx timeout
[  522.226990][ T8819] Bluetooth: hci11: command tx timeout
[  522.376810][ T8819] Bluetooth: hci12: command tx timeout
[  522.541385][ T8819] Bluetooth: hci13: command tx timeout
[  522.696824][ T8819] Bluetooth: hci14: command tx timeout
[  524.136655][ T8819] Bluetooth: hci10: command tx timeout
[  524.301409][ T8819] Bluetooth: hci11: command tx timeout
[  524.456726][ T8819] Bluetooth: hci12: command tx timeout
[  524.616771][ T8819] Bluetooth: hci13: command tx timeout
[  524.777083][ T8819] Bluetooth: hci14: command tx timeout
[  526.216967][ T8819] Bluetooth: hci10: command tx timeout
[  526.376609][ T8819] Bluetooth: hci11: command tx timeout
[  526.536717][ T8819] Bluetooth: hci12: command tx timeout
[  526.696680][ T8819] Bluetooth: hci13: command tx timeout
[  526.856763][ T8819] Bluetooth: hci14: command tx timeout
[  528.298060][ T8819] Bluetooth: hci10: command tx timeout
[  528.466752][ T8819] Bluetooth: hci11: command tx timeout
[  528.616724][ T8819] Bluetooth: hci12: command tx timeout
[  528.776639][ T8819] Bluetooth: hci13: command tx timeout
[  528.940879][ T8819] Bluetooth: hci14: command tx timeout
[  529.526522][ T8819] Bluetooth: hci3: command 0x0406 tx timeout
[  529.532631][ T8819] Bluetooth: hci5: command 0x0406 tx timeout
[  529.538758][ T8820] Bluetooth: hci4: command 0x0406 tx timeout
[  529.544814][ T8820] Bluetooth: hci1: command 0x0406 tx timeout
[  536.376675][   T30] INFO: task kworker/0:0:8 blocked for more than 143 seconds.
[  536.384235][   T30]       Not tainted 6.12.0-rc2-syzkaller-00320-gba01565ced22 #0
[  536.412677][   T30] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  536.427584][   T30] task:kworker/0:0     state:D stack:19856 pid:8     tgid:8     ppid:2      flags:0x00004000
[  536.451538][   T30] Workqueue: usb_hub_wq hub_event
[  536.465431][   T30] Call Trace:
[  536.476537][   T30]  <TASK>
[  536.479549][   T30]  __schedule+0x1895/0x4b30
[  536.484145][   T30]  ? __pfx___schedule+0x10/0x10
[  536.490363][ T5221] syz-executor (5221) used greatest stack depth: 18832 bytes left
[  536.566570][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  536.572667][   T30]  ? __pfx_lock_release+0x10/0x10
[  536.626055][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  536.631730][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  536.642129][   T30]  ? schedule+0x90/0x320
[  536.648189][   T30]  schedule+0x14b/0x320
[  536.652435][   T30]  schedule_timeout+0xb0/0x310
[  536.662521][   T30]  ? __pfx_schedule_timeout+0x10/0x10
[  536.668909][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  536.674990][   T30]  ? wait_for_completion+0x2fe/0x620
[  536.685653][   T30]  ? wait_for_completion+0x2fe/0x620
[  536.691528][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  536.701891][   T30]  ? lockdep_hardirqs_on+0x99/0x150
[  536.709205][   T30]  ? wait_for_completion+0x2fe/0x620
[  536.714580][   T30]  wait_for_completion+0x355/0x620
[  536.725048][   T30]  ? __pfx_wait_for_completion+0x10/0x10
[  536.731200][   T30]  ? __flush_work+0xe7/0xc50
[  536.735856][   T30]  __flush_work+0xa37/0xc50
[  536.745748][   T30]  ? __flush_work+0xe7/0xc50
[  536.750794][   T30]  ? __pfx___flush_work+0x10/0x10
[  536.755880][   T30]  ? __pfx_wq_barrier_func+0x10/0x10
[  536.766740][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  536.773161][   T30]  ? _raw_spin_lock_irq+0xdf/0x120
[  536.783070][   T30]  ? _raw_spin_unlock_irq+0x23/0x50
[  536.788729][   T30]  unregister_netdevice_many_notify+0x87b/0x1da0
[  536.795142][   T30]  ? __mutex_trylock_common+0x183/0x2e0
[  536.806027][   T30]  ? __pfx___might_resched+0x10/0x10
[  536.812965][   T30]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  536.825267][   T30]  ? __pfx___mutex_trylock_common+0x10/0x10
[  536.831623][   T30]  ? rcu_is_watching+0x15/0xb0
[  536.836755][   T30]  ? trace_contention_end+0x3c/0x120
[  536.842101][   T30]  ? __mutex_lock+0x2ef/0xd70
[  536.852162][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  536.859006][   T30]  unregister_netdevice_queue+0x303/0x370
[  536.864895][   T30]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  536.876688][   T30]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  536.882684][   T30]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  536.893820][   T30]  unregister_netdev+0x1c/0x30
[  536.899046][   T30]  r871xu_dev_remove+0xae/0x450
[  536.903974][   T30]  usb_unbind_interface+0x25e/0x940
[  536.914431][   T30]  ? kernfs_remove_by_name_ns+0x11b/0x160
[  536.920604][   T30]  ? __pfx_usb_unbind_interface+0x10/0x10
[  536.926402][   T30]  device_release_driver_internal+0x503/0x7c0
[  536.939918][   T30]  bus_remove_device+0x34f/0x420
[  536.944940][   T30]  device_del+0x57a/0x9b0
[  536.954658][   T30]  ? kobject_put+0x272/0x480
[  536.959732][   T30]  ? __pfx_device_del+0x10/0x10
[  536.964653][   T30]  ? kobject_put+0x44d/0x480
[  536.974573][   T30]  usb_disable_device+0x3bf/0x850
[  536.980094][   T30]  usb_disconnect+0x340/0x950
[  536.984854][   T30]  hub_event+0x1ebc/0x5150
[  536.996591][   T30]  ? debug_object_deactivate+0x2d5/0x390
[  537.002393][   T30]  ? __pfx_hub_event+0x10/0x10
[  537.013019][   T30]  ? __pfx_lock_acquire+0x10/0x10
[  537.018518][   T30]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  537.024578][   T30]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  537.036295][   T30]  ? process_scheduled_works+0x976/0x1850
[  537.043594][   T30]  process_scheduled_works+0xa63/0x1850
[  537.054352][   T30]  ? __pfx_process_scheduled_works+0x10/0x10
[  537.060855][   T30]  ? assign_work+0x364/0x3d0
[  537.065543][   T30]  worker_thread+0x870/0xd30
[  537.075541][   T30]  ? __kthread_parkme+0x169/0x1d0
[  537.081050][   T30]  ? __pfx_worker_thread+0x10/0x10
[  537.086235][   T30]  kthread+0x2f0/0x390
[  537.095715][   T30]  ? __pfx_worker_thread+0x10/0x10
[  537.103010][   T30]  ? __pfx_kthread+0x10/0x10
[  537.112816][   T30]  ret_from_fork+0x4b/0x80
[  537.118162][   T30]  ? __pfx_kthread+0x10/0x10
[  537.122825][   T30]  ret_from_fork_asm+0x1a/0x30
[  537.132745][   T30]  </TASK>
[  537.136026][   T30] 
[  537.136026][   T30] Showing all locks held in the system:
[  537.144991][   T30] 7 locks held by kworker/0:0/8:
[  537.157323][   T30]  #0: ffff88801dac6d48 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  537.173912][   T30]  #1: ffffc900000d7d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  537.199960][   T30]  #2: ffff888028339190 (&dev->mutex){....}-{3:3}, at: hub_event+0x1fe/0x5150
[  537.210653][   T30]  #3: ffff88805e168190 (&dev->mutex){....}-{3:3}, at: usb_disconnect+0x103/0x950
[  537.225480][   T30]  #4: ffff888030439160 (&dev->mutex){....}-{3:3}, at: device_release_driver_internal+0xce/0x7c0
[  537.238298][   T30]  #5: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: unregister_netdev+0x12/0x30
[  537.251652][   T30]  #6: ffffffff8e7d1dd0 (cpu_hotplug_lock){++++}-{0:0}, at: unregister_netdevice_many_notify+0x5ea/0x1da0
[  537.266281][   T30] 1 lock held by khungtaskd/30:
[  537.279797][   T30]  #0: ffffffff8e937de0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x2a0
[  537.295022][   T30] 3 locks held by kworker/0:2/937:
[  537.300591][   T30]  #0: ffff88801ac80948 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  537.316505][   T30]  #1: ffffc90003b1fd00 (deferred_process_work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  537.333905][   T30]  #2: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: switchdev_deferred_process_work+0xe/0x20
[  537.351870][   T30] 3 locks held by kworker/u8:5/994:
[  537.362708][   T30]  #0: ffff88802e221948 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  537.374822][   T30]  #1: ffffc90003d47d00 ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  537.395061][   T30]  #2: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: addrconf_verify_work+0x19/0x30
[  537.405085][   T30] 2 locks held by getty/4999:
[  537.414959][   T30]  #0: ffff8880326790a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  537.431276][   T30]  #1: ffffc900031332f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x6a6/0x1e00
[  537.443219][   T30] 5 locks held by kworker/1:5/5287:
[  537.453505][   T30] 3 locks held by kworker/0:4/5291:
[  537.459138][   T30]  #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  537.476344][   T30]  #1: ffffc90003f67d00 ((check_lifetime_work).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  537.501803][   T30]  #2: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: check_lifetime+0x433/0x960
[  537.516326][   T30] 3 locks held by kworker/0:5/5298:
[  537.522003][   T30]  #0: ffff88801ac81948 ((wq_completion)events_power_efficient){+.+.}-{0:0}, at: process_scheduled_works+0x93b/0x1850
[  537.539722][   T30]  #1: ffffc90003fd7d00 ((reg_check_chans).work){+.+.}-{0:0}, at: process_scheduled_works+0x976/0x1850
[  537.552544][   T30]  #2: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: reg_check_chans_work+0x99/0xfd0
[  537.568937][   T30] 4 locks held by udevd/5627:
[  537.573689][   T30]  #0: ffff88802d55ed58 (&p->lock){+.+.}-{3:3}, at: seq_read_iter+0xb4/0xd70
[  537.586852][   T30]  #1: ffff88807d162c88 (&of->mutex#2){+.+.}-{3:3}, at: kernfs_seq_start+0x53/0x3b0
[  537.596407][   T30]  #2: ffff8880653044b8 (kn->active#18){++++}-{0:0}, at: kernfs_seq_start+0x72/0x3b0
[  537.611611][   T30]  #3: ffff88805e168190 (&dev->mutex){....}-{3:3}, at: manufacturer_show+0x26/0xa0
[  537.627384][   T30] 1 lock held by syz-executor/5834:
[  537.632647][   T30]  #0: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  537.646499][   T30] 1 lock held by syz-executor/6151:
[  537.651769][   T30]  #0: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  537.665559][   T30] 1 lock held by syz-executor/7759:
[  537.672876][   T30]  #0: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  537.687106][   T30] 1 lock held by syz-executor/7981:
[  537.692363][   T30]  #0: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  537.705984][   T30] 1 lock held by syz.3.791/8788:
[  537.712693][   T30]  #0: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: tun_chr_close+0x3b/0x1b0
[  537.728615][   T30] 2 locks held by syz-executor/8814:
[  537.733964][   T30]  #0: ffffffff8fcc5690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  537.748736][   T30]  #1: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  537.761825][   T30] 2 locks held by syz-executor/8823:
[  537.770098][   T30]  #0: ffffffff8fcc5690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  537.784616][   T30]  #1: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  537.797685][   T30] 2 locks held by syz-executor/8824:
[  537.803049][   T30]  #0: ffffffff8fcc5690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  537.816000][   T30]  #1: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  537.829109][   T30] 2 locks held by syz-executor/8825:
[  537.834457][   T30]  #0: ffffffff8fcc5690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  537.848810][   T30]  #1: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  537.861850][   T30] 2 locks held by syz-executor/8827:
[  537.869929][   T30]  #0: ffffffff8fcc5690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  537.882287][   T30]  #1: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  537.896828][   T30] 2 locks held by syz-executor/8835:
[  537.902200][   T30]  #0: ffffffff8fcc5690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  537.916843][   T30]  #1: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  537.939816][   T30] 2 locks held by syz-executor/8837:
[  537.945178][   T30]  #0: ffffffff8fcc5690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  537.961701][   T30]  #1: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  537.973723][   T30] 2 locks held by syz-executor/8842:
[  537.983036][   T30]  #0: ffffffff8fcc5690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  537.994586][   T30]  #1: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  538.009909][   T30] 2 locks held by syz-executor/8844:
[  538.015268][   T30]  #0: ffffffff8fcc5690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  538.026587][   T30]  #1: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  538.041198][   T30] 2 locks held by syz-executor/8846:
[  538.048134][   T30]  #0: ffffffff8fcc5690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  538.061681][   T30]  #1: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  538.074965][   T30] 2 locks held by syz-executor/8854:
[  538.084418][   T30]  #0: ffffffff8fcc5690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  538.095568][   T30]  #1: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  538.109812][   T30] 2 locks held by syz-executor/8856:
[  538.115168][   T30]  #0: ffffffff8fcc5690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  538.128737][   T30]  #1: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  538.143618][   T30] 2 locks held by syz-executor/8858:
[  538.151059][   T30]  #0: ffffffff8fcc5690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  538.164653][   T30]  #1: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  538.176502][   T30] 2 locks held by syz-executor/8859:
[  538.181852][   T30]  #0: ffffffff8fcc5690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  538.197982][   T30]  #1: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  538.213287][   T30] 2 locks held by syz-executor/8861:
[  538.228062][   T30]  #0: ffffffff8fcc5690 (pernet_ops_rwsem){++++}-{3:3}, at: copy_net_ns+0x328/0x570
[  538.244006][   T30]  #1: ffffffff8fcd2188 (rtnl_mutex){+.+.}-{3:3}, at: register_nexthop_notifier+0x84/0x290
[  538.254696][   T30] 2 locks held by dhcpcd/8864:
[  538.265045][   T30]  #0: ffff888070664258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0
[  538.275290][   T30]  #1: ffffffff8e93d378 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x381/0x830
[  538.291619][   T30] 2 locks held by dhcpcd/8865:
[  538.300143][   T30]  #0: ffff888056dd8258 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcb0
[  538.315081][   T30]  #1: ffffffff8e93d378 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x451/0x830
[  538.327179][   T30] 
[  538.329555][   T30] =============================================
[  538.329555][   T30] 
[  538.350982][   T30] NMI backtrace for cpu 0
[  538.355391][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00320-gba01565ced22 #0
[  538.365944][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  538.376051][   T30] Call Trace:
[  538.379378][   T30]  <TASK>
[  538.382351][   T30]  dump_stack_lvl+0x241/0x360
[  538.387080][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  538.392321][   T30]  ? __pfx__printk+0x10/0x10
[  538.396988][   T30]  nmi_cpu_backtrace+0x49c/0x4d0
[  538.401984][   T30]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  538.407491][   T30]  ? _printk+0xd5/0x120
[  538.411705][   T30]  ? __pfx__printk+0x10/0x10
[  538.416363][   T30]  ? __wake_up_klogd+0xcc/0x110
[  538.421271][   T30]  ? __pfx__printk+0x10/0x10
[  538.425927][   T30]  ? __rcu_read_unlock+0xa1/0x110
[  538.431016][   T30]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  538.437061][   T30]  nmi_trigger_cpumask_backtrace+0x198/0x320
[  538.443184][   T30]  watchdog+0xff4/0x1040
[  538.447485][   T30]  ? watchdog+0x1ea/0x1040
[  538.451954][   T30]  ? __pfx_watchdog+0x10/0x10
[  538.456684][   T30]  kthread+0x2f0/0x390
[  538.460794][   T30]  ? __pfx_watchdog+0x10/0x10
[  538.465518][   T30]  ? __pfx_kthread+0x10/0x10
[  538.470154][   T30]  ret_from_fork+0x4b/0x80
[  538.474627][   T30]  ? __pfx_kthread+0x10/0x10
[  538.479284][   T30]  ret_from_fork_asm+0x1a/0x30
[  538.484129][   T30]  </TASK>
[  538.488008][   T30] Sending NMI from CPU 0 to CPUs 1:
[  538.493287][    C1] NMI backtrace for cpu 1
[  538.493302][    C1] CPU: 1 UID: 0 PID: 5287 Comm: kworker/1:5 Not tainted 6.12.0-rc2-syzkaller-00320-gba01565ced22 #0
[  538.493325][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  538.493339][    C1] Workqueue: wg-crypt-wg0 wg_packet_tx_worker
[  538.493369][    C1] RIP: 0010:kasan_check_range+0x3a/0x290
[  538.493396][    C1] Code: f6 0f 84 a0 01 00 00 4c 8d 04 37 49 39 f8 0f 82 56 02 00 00 48 89 fd 48 c1 ed 2f 81 fd fe ff 01 00 0f 86 43 02 00 00 48 89 fb <48> c1 eb 03 49 ba 00 00 00 00 00 fc ff df 4e 8d 1c 13 49 ff c8 4d
[  538.493413][    C1] RSP: 0018:ffffc90000a17aa0 EFLAGS: 00000002
[  538.493428][    C1] RAX: 0000000000000001 RBX: ffffffff942c7800 RCX: ffffffff81706bec
[  538.493442][    C1] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff942c7800
[  538.493454][    C1] RBP: 000000000001ffff R08: ffffffff942c7808 R09: 1ffffffff2858f00
[  538.493468][    C1] R10: dffffc0000000000 R11: fffffbfff2858f01 R12: 0000000000000000
[  538.493482][    C1] R13: ffff88802f1928d8 R14: 1ffff11005e32534 R15: ffff88802f1929a0
[  538.493497][    C1] FS:  0000000000000000(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000
[  538.493512][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  538.493525][    C1] CR2: 000000002000f000 CR3: 000000000e734000 CR4: 00000000003526f0
[  538.493541][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  538.493553][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  538.493565][    C1] Call Trace:
[  538.493578][    C1]  <NMI>
[  538.493585][    C1]  ? nmi_cpu_backtrace+0x3c2/0x4d0
[  538.493609][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  538.493637][    C1]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  538.493665][    C1]  ? nmi_cpu_backtrace_handler+0xc/0x20
[  538.493691][    C1]  ? nmi_handle+0x14f/0x5a0
[  538.493710][    C1]  ? nmi_handle+0x2a/0x5a0
[  538.493729][    C1]  ? kasan_check_range+0x3a/0x290
[  538.493750][    C1]  ? default_do_nmi+0x63/0x160
[  538.493773][    C1]  ? exc_nmi+0x123/0x1f0
[  538.493795][    C1]  ? end_repeat_nmi+0xf/0x53
[  538.493815][    C1]  ? __lock_acquire+0xf3c/0x2050
[  538.493842][    C1]  ? kasan_check_range+0x3a/0x290
[  538.493864][    C1]  ? kasan_check_range+0x3a/0x290
[  538.493886][    C1]  ? kasan_check_range+0x3a/0x290
[  538.493907][    C1]  </NMI>
[  538.493913][    C1]  <IRQ>
[  538.493921][    C1]  __lock_acquire+0xf3c/0x2050
[  538.493954][    C1]  lock_acquire+0x1ed/0x550
[  538.493980][    C1]  ? debug_objects_fill_pool+0x80/0x9f0
[  538.494007][    C1]  ? __dev_queue_xmit+0x2da/0x3ed0
[  538.494030][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  538.494061][    C1]  ? __dev_queue_xmit+0x2da/0x3ed0
[  538.494079][    C1]  ? __lock_acquire+0x1384/0x2050
[  538.494108][    C1]  ? debug_objects_fill_pool+0x80/0x9f0
[  538.494133][    C1]  debug_objects_fill_pool+0xa0/0x9f0
[  538.494159][    C1]  ? debug_objects_fill_pool+0x80/0x9f0
[  538.494187][    C1]  ? ip_finish_output2+0x45f/0x1390
[  538.494216][    C1]  ? __pfx_debug_objects_fill_pool+0x10/0x10
[  538.494244][    C1]  ? ip_finish_output2+0x45f/0x1390
[  538.494271][    C1]  ? __pfx_lock_release+0x10/0x10
[  538.494303][    C1]  debug_object_activate+0x135/0x510
[  538.494329][    C1]  ? ip_finish_output2+0x45f/0x1390
[  538.494358][    C1]  ? __pfx_debug_object_activate+0x10/0x10
[  538.494387][    C1]  ? rcuref_put_slowpath+0x138/0x340
[  538.494412][    C1]  ? __pfx_dst_destroy_rcu+0x10/0x10
[  538.494431][    C1]  call_rcu+0x97/0xa70
[  538.494465][    C1]  ? rcuref_put+0x1e3/0x240
[  538.494481][    C1]  ? __pfx_call_rcu+0x10/0x10
[  538.494502][    C1]  ? percpu_counter_add_batch+0xff/0x1f0
[  538.494537][    C1]  skb_release_head_state+0x73/0x250
[  538.494558][    C1]  consume_skb+0x60/0xf0
[  538.494580][    C1]  nft_synproxy_eval_v4+0x3d2/0x610
[  538.494610][    C1]  ? __pfx_nft_synproxy_eval_v4+0x10/0x10
[  538.494638][    C1]  ? nf_ip_checksum+0x13a/0x500
[  538.494667][    C1]  nft_synproxy_do_eval+0x362/0xa60
[  538.494696][    C1]  ? __pfx_nft_synproxy_do_eval+0x10/0x10
[  538.494725][    C1]  ? __pfx_validate_chain+0x10/0x10
[  538.494749][    C1]  nft_do_chain+0x4ad/0x1da0
[  538.494781][    C1]  ? __pfx_nft_do_chain+0x10/0x10
[  538.494807][    C1]  ? __local_bh_enable_ip+0x168/0x200
[  538.494842][    C1]  ? __pfx_nf_nat_inet_fn+0x10/0x10
[  538.494863][    C1]  nft_do_chain_inet+0x418/0x6b0
[  538.494891][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  538.494917][    C1]  ? ipt_do_table+0x312/0x1860
[  538.494949][    C1]  ? __pfx_nft_do_chain_inet+0x10/0x10
[  538.494975][    C1]  nf_hook_slow+0xc3/0x220
[  538.494999][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  538.495020][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  538.495041][    C1]  NF_HOOK+0x29e/0x450
[  538.495062][    C1]  ? NF_HOOK+0x9a/0x450
[  538.495081][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  538.495101][    C1]  ? __pfx_ip_local_deliver_finish+0x10/0x10
[  538.495125][    C1]  ? ip_rcv_finish+0x406/0x560
[  538.495145][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  538.495166][    C1]  NF_HOOK+0x3a4/0x450
[  538.495186][    C1]  ? NF_HOOK+0x9a/0x450
[  538.495206][    C1]  ? __pfx_NF_HOOK+0x10/0x10
[  538.495224][    C1]  ? ip_rcv_core+0x801/0xd10
[  538.495245][    C1]  ? __pfx_ip_rcv_finish+0x10/0x10
[  538.495268][    C1]  ? __pfx_ip_rcv+0x10/0x10
[  538.495288][    C1]  __netif_receive_skb+0x2bf/0x650
[  538.495312][    C1]  ? __pfx_lock_acquire+0x10/0x10
[  538.495339][    C1]  ? __pfx___netif_receive_skb+0x10/0x10
[  538.495361][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  538.495387][    C1]  ? __pfx_lock_release+0x10/0x10
[  538.495414][    C1]  ? _raw_spin_lock_irq+0xdf/0x120
[  538.495445][    C1]  process_backlog+0x662/0x15b0
[  538.495470][    C1]  ? process_backlog+0x33b/0x15b0
[  538.495497][    C1]  ? __pfx_process_backlog+0x10/0x10
[  538.495520][    C1]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  538.495548][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  538.495582][    C1]  __napi_poll+0xcb/0x490
[  538.495606][    C1]  net_rx_action+0x89b/0x1240
[  538.495637][    C1]  ? __pfx_net_rx_action+0x10/0x10
[  538.495662][    C1]  ? sched_clock+0x4a/0x70
[  538.495691][    C1]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  538.495723][    C1]  handle_softirqs+0x2c5/0x980
[  538.495748][    C1]  ? do_softirq+0x11b/0x1e0
[  538.495772][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  538.495800][    C1]  do_softirq+0x11b/0x1e0
[  538.495822][    C1]  </IRQ>
[  538.495829][    C1]  <TASK>
[  538.495835][    C1]  ? __pfx_do_softirq+0x10/0x10
[  538.495859][    C1]  ? __pfx_lockdep_softirqs_on+0x10/0x10
[  538.495886][    C1]  ? mod_peer_timer+0x21/0x260
[  538.495906][    C1]  ? rcu_is_watching+0x15/0xb0
[  538.495927][    C1]  __local_bh_enable_ip+0x1bb/0x200
[  538.495952][    C1]  ? mod_peer_timer+0x21/0x260
[  538.495972][    C1]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  538.495996][    C1]  ? mod_peer_timer+0x21/0x260
[  538.496018][    C1]  ? mod_peer_timer+0x212/0x260
[  538.496040][    C1]  wg_packet_tx_worker+0x160/0x810
[  538.496065][    C1]  ? process_scheduled_works+0x976/0x1850
[  538.496091][    C1]  process_scheduled_works+0xa63/0x1850
[  538.496126][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  538.496155][    C1]  ? assign_work+0x364/0x3d0
[  538.496180][    C1]  worker_thread+0x870/0xd30
[  538.496208][    C1]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  538.496236][    C1]  ? __kthread_parkme+0x169/0x1d0
[  538.496263][    C1]  ? __pfx_worker_thread+0x10/0x10
[  538.496288][    C1]  kthread+0x2f0/0x390
[  538.496305][    C1]  ? __pfx_worker_thread+0x10/0x10
[  538.496331][    C1]  ? __pfx_kthread+0x10/0x10
[  538.496349][    C1]  ret_from_fork+0x4b/0x80
[  538.496375][    C1]  ? __pfx_kthread+0x10/0x10
[  538.496392][    C1]  ret_from_fork_asm+0x1a/0x30
[  538.496424][    C1]  </TASK>
[  539.274637][   T30] Kernel panic - not syncing: hung_task: blocked tasks
[  539.281584][   T30] CPU: 0 UID: 0 PID: 30 Comm: khungtaskd Not tainted 6.12.0-rc2-syzkaller-00320-gba01565ced22 #0
[  539.292319][   T30] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  539.302433][   T30] Call Trace:
[  539.305853][   T30]  <TASK>
[  539.308927][   T30]  dump_stack_lvl+0x241/0x360
[  539.313664][   T30]  ? __pfx_dump_stack_lvl+0x10/0x10
[  539.318926][   T30]  ? __pfx__printk+0x10/0x10
[  539.323592][   T30]  ? vscnprintf+0x5d/0x90
[  539.327993][   T30]  panic+0x349/0x880
[  539.331961][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  539.338271][   T30]  ? __pfx_panic+0x10/0x10
[  539.342752][   T30]  ? tick_nohz_tick_stopped+0x82/0xb0
[  539.348191][   T30]  ? __irq_work_queue_local+0x137/0x410
[  539.353890][   T30]  ? preempt_schedule_thunk+0x1a/0x30
[  539.359416][   T30]  ? nmi_trigger_cpumask_backtrace+0x244/0x320
[  539.365653][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d4/0x320
[  539.371982][   T30]  ? nmi_trigger_cpumask_backtrace+0x2d9/0x320
[  539.378237][   T30]  watchdog+0x1033/0x1040
[  539.382632][   T30]  ? watchdog+0x1ea/0x1040
[  539.387117][   T30]  ? __pfx_watchdog+0x10/0x10
[  539.391847][   T30]  kthread+0x2f0/0x390
[  539.395966][   T30]  ? __pfx_watchdog+0x10/0x10
[  539.400705][   T30]  ? __pfx_kthread+0x10/0x10
[  539.405360][   T30]  ret_from_fork+0x4b/0x80
[  539.409840][   T30]  ? __pfx_kthread+0x10/0x10
[  539.414500][   T30]  ret_from_fork_asm+0x1a/0x30
[  539.419362][   T30]  </TASK>
[  539.422744][   T30] Kernel Offset: disabled
[  539.427093][   T30] Rebooting in 86400 seconds..