last executing test programs:

2m48.428802651s ago: executing program 3 (id=207):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61128c000000000061134e0000000000bf20000000000000070000000f0000003d030100000000009500ffb1000000006926000000000000bf6700000000000036000b000fff52004507000015300000d60600000ee60000bf050000000000003d63000000000000650700000200000007070000fbffffff1f75000000000000bf54000000000000070000000410f900bd430100000000009500000000000000050000000000000095000000000000001c15a3ce747c693a74b62fd0758b15f09429c09074bc4b2bd2dc480dd7a064b8673e2060162cc43bcba1060999eef9d60bb39d0af449deaa27ea949e8f9000d885deea2783835e29eba8546fc020c1966f8b5f32b095f566edf66b7751828da9dbd5b996b9e8d897e461c01c697671d100000000400036c17fb01dde179c1f26cac1c7b21bde7d1a55d6ebe700b3be005e47ef55e0dd81244b18590e000000000000356d82e43407a6d7fa94b21002f06cd247b126b6349ab62d7b07ba0a71a72145edade9941f49f300a8c8913e0e4ea9e4c77740ab3312edee62a4dc2fc85755d387d8a1bc8eb71fbe11b2216cc8d1f0160c237d929b49d828724b95555b459f4763c6222175c974be2f76fb5f330b015a68587a75c013000000000000000000000003000000000000d6ddc46e58eff8f4fbadfc6a3af8123b7f4240713a4c0cdc9d7820c4eb67cc0f8b5fe9258eeacb5776aebbab3d5c55020000006082778366dadfc36029633e0514cbcee1f3928970bde148c940434f33acd377cbad17673b2d30b6339255c98eba97efb4e9ac1f11be815dd6045592edcbee7f253ec74c7c1313505bd7ff8fd58b3a6569c91dbdef1df585aeaea7346a2a65caee5c85f9eddeeeee3c8a2e523c864ac430eb47cb4d0c8767b9d4125661b5a1a170c04b64da3a99ddb93bf14fae3ca2d1e882375b8dbac83978e136c34f90b33cc0eeb57debcfe26589efc08125d5d62a7e593c9738a50171adf051ea4f07e7e7e770c2016eeacbe8511afffffbea75759a1ea5404f5453c0b5c46c9700808c096cf8cf5223f341cbea3841b5cd224c1b381d56afebe9f99a00e3cd94dc0bb7af9e8709db487cc4d9b3b96723d69d512ddd57b0dee9b9f6ae80a502cce352098603e77f9ecced07fa25e99e9e415414c91f8bfd1c150570512f26c4ee34a64c131dce3800000000000000006c86287945bd8d258442870e000000000000000000000000f7e6a10de4bf7369b0d5b5373829b09bf5b7b34099b27ac7770fca449d4c4ca15f88b588b2429af2e1d1a4e1fa44cb80fcfae6e50d7e5b4675d7e0be706224f34e6eed553b40e2b897e73752fc7d1e4b0f4c5967eefd7448d5fde5841fa464a67267c631052bd7333769a4b8d19d4794357edce762e8136ab9d7ed34a72baffd849b90579b96b3"], &(0x7f0000000100)='GPL\x00'}, 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0x16, 0x7, 0x8000, 0x80000001, 0xc2, 0xffffffffffffffff, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x4}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="12000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x5}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x100}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x2000002, 0xe, 0x0, &(0x7f0000000200)="df33c9f7b9a60000000000000000", 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x57)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r3 = io_uring_setup(0x899, &(0x7f0000000040)={0x0, 0xd982, 0x1c080, 0x801, 0x20002f7})
openat2(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', &(0x7f0000000180)={0x400000, 0x0, 0x27}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1c, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="dbaa00fea0"], 0x0, 0x7, 0x0, 0x0, 0x41100, 0x6f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
io_uring_enter(r3, 0x2219, 0x7721, 0x16, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000ac0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000a80)={&(0x7f00000001c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x7}}, [@NFT_MSG_DELTABLE={0xb0, 0x2, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x8}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x1}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_USERDATA={0x68, 0x6, "269efc04846751b68e69ae9ef5b62446079a974a4504f6b15027f3d2c157de195861db5787ab1606f5b726cb56bf33d3f45d64bb20454be2e0e174a639daaeb99bd4eceb5c04911b7045b56bc998724b6aa72dbc11375d32fd0c7e57e1dbdcc7a55d37c1"}, @NFTA_TABLE_NAME={0x9, 0x1, 'syz1\x00'}, @NFTA_TABLE_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}]}, @NFT_MSG_NEWSET={0x1b4, 0x9, 0xa, 0xa03, 0x0, 0x0, {0x7, 0x0, 0x2}, [@NFTA_SET_EXPRESSIONS={0x94, 0x12, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @dup_ipv6={{0x8}, @void}}, {0x1c, 0x1, 0x0, 0x1, @range={{0xa}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_RANGE_SREG={0x8, 0x1, 0x1, 0x0, 0x8}]}}}, {0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_LEVEL={0x8, 0x3, 0xb5}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x2}]}}}, {0x34, 0x1, 0x0, 0x1, @numgen={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_NG_MODULUS={0x8, 0x2, 0x1, 0x0, 0xb}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_NG_DREG={0x8, 0x1, 0x1, 0x0, 0x10}]}}}, {0x10, 0x1, 0x0, 0x1, @exthdr={{0xb}, @void}}]}, @NFTA_SET_USERDATA={0xd4, 0xd, 0x1, 0x0, "cc6f5acb7ab34cf444e6c775a700c177b80cba1b9018e2d6c32c91e624434f3525ca0fe2596b011aa28a60da0b9f029a5e15ea5cecf6cf6312a5c5a441d2c3a1dc609f88794d3630a18a63226e6eb35cba68b5bc3bec917e80c825dbe2072220d644739378865b58bec398be506229eec76f70d7f6ed9a3de93a95164fffdb1c1787c6567f382a55d773952af64633471cd64c6574856e5a041746d8b3c29ab19bb5971021963868fa373dc991b3ab1898ff04a1b9108218046b0b0f580c3fe8347aec97d42cd88062dbdfd36d4b8459"}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x111}, @NFTA_SET_OBJ_TYPE={0x8}, @NFTA_SET_USERDATA={0x28, 0xd, 0x1, 0x0, "bdb51196acbe84f1686dc5da5025f01a0ac5310461d3adc0c815ef8a29714979dd81f785"}]}, @NFT_MSG_NEWSET={0x414, 0x9, 0xa, 0x101, 0x0, 0x0, {0x1bddc9dc1ad037c9, 0x0, 0x1}, [@NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0x2}, @NFTA_SET_DESC={0x228, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x110, 0x2, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x63}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}]}, {0x4}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x48d}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xf51f}]}, {0x3c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7ff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6f9a4912}]}, {0x4c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xa87}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffffe}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x800}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x49e}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}]}, {0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3ff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}]}]}, @NFTA_SET_DESC_CONCAT={0x40, 0x2, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}]}, {0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}]}]}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0xffffffff}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_DESC_CONCAT={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}]}]}, @NFTA_SET_DESC_CONCAT={0xa4, 0x2, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xffffff81}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2b}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1ff}]}, {0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffbff}, @NFTA_SET_FIELD_LEN={0x8}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xd64b}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfffffffa}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xfff}]}]}]}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x8}, @NFTA_SET_DESC={0x1c0, 0x9, 0x0, 0x1, [@NFTA_SET_DESC_CONCAT={0x110, 0x2, 0x0, 0x1, [{0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7fffffff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x36}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}]}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x80000001}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6c}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x5}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xff}]}, {0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xbf}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x101}]}, {0x34, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3ff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xc0}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x9}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8001}]}, {0x14, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x249}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xd9}]}]}, @NFTA_SET_DESC_CONCAT={0x7c, 0x2, 0x0, 0x1, [{0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x1}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3d}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x2}]}, {0x2c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7fff}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x8a98}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xb}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x3}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7}]}, {0x4}, {0x1c, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x7f}, @NFTA_SET_FIELD_LEN={0x8, 0x1, 0x1, 0x0, 0x6}]}]}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_DESC_CONCAT={0x10, 0x2, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@NFTA_SET_FIELD_LEN={0x8}]}]}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x1c0}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_SET_DESC_SIZE={0x8, 0x1, 0x1, 0x0, 0xf}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x40}]}, @NFT_MSG_DELCHAIN={0x184, 0x5, 0xa, 0x201, 0x0, 0x0, {0x3, 0x0, 0x6}, [@NFTA_CHAIN_ID={0x8, 0xb, 0x1, 0x0, 0x4}, @NFTA_CHAIN_USERDATA={0xd1, 0xc, "7c9e41f6817652985804398d9a5da6530466eda990294b2667b530c74d4b269043e0a67737cb382458ff646e4776935509a31a770e72231047f2a760761220ef3e76e7edaeb183f1f896d66929ab1e2c9ef210bed09204e4f82d09d39d6b54820d402ee361a103a2e205a5100a1fa4bd80d67659af950d7ed018c8fb1eadcec4270b5da5b7d192a3520dc010c6328c38c99eb9009b2afc82320e556b6c606362e680b716ba69415949a3d677698c974d7bf735da7dcd75943ff2192d07a72fd3c054b914ea92135850fce32fc2"}, @NFTA_CHAIN_COUNTERS={0x40, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0xd}, @NFTA_COUNTER_BYTES={0xc}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0x1a3f6d28}, @NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0xffffffff}, @NFTA_COUNTER_PACKETS={0xc, 0x2, 0x1, 0x0, 0xb}]}, @NFTA_CHAIN_FLAGS={0x8, 0xa, 0x1, 0x0, 0x4}, @NFTA_CHAIN_USERDATA={0x3c, 0xc, "5049a6065d76119c5521002f625c43f71cd881d4480f20bc82df071bcae3bec661defc3c5689b0e1c8d6f6dccd8313ca7458333b2e5aa838"}, @NFTA_CHAIN_COUNTERS={0x10, 0x8, 0x0, 0x1, [@NFTA_COUNTER_BYTES={0xc, 0x1, 0x1, 0x0, 0x800000}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x824}, 0x1, 0x0, 0x0, 0x40000}, 0x40800)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
timer_create(0x4, &(0x7f0000001c00)={0x0, 0x2a, 0x4, @thr={&(0x7f0000000b00)="397cac73b62490abbd2276148a3f115f94839f6ce1c45958d97bb40f52ad6a23c6e61d3627db002ab018fd54d7d66e43d1674ffa6d0a1fb553ef4230cdfbef90a1525e8a0c533077611aa07b1a1b7897948e652ed6dd997e7c4dcf7c1f3306e43b5afc4746129a29bca5ad41906d34a659302aa63bd183631edcd0be6095315d7bdec390e34676610f099c1673aeb69a930faff1091b226b899fb6ad8278abef533a6c584a285109c2900a42178073becda0aa1dac2e6b28f7165f75d90202a941ce187f42dba89b9fa278fde248001097688612ca4cea1a03a90fb4e137599aeaea04e9c35953e39fbde943ddd8efb5717f84060f61196fe2f2445aa4a336917d2d7393afbc49f7e19cd0d28f92bae5b5c614faeead5a6b298b970b537c593e663bb2732c357e6e436b8f0d604f9099e5f20e59cbecb45e7623c4dbf1925e96b6aa02727043be438245ceb9936948c628535a4b29903d734c503989fb434b4bccaf2352cc8ef357da64a8c04534b66cd66b47c1ce7a4f4d1d13fa14890d569ad92e137befe2d8e0da307926e061c493babed6e068651abe712fc61ff57bc9807e51d611d0055879f439817f84795578736604e1b07d6380646bc8733d2f3f474120d715b366bc1ead8f0f3e766f309546416e7e4f2db2e6ff91bd264f0e94992d3367ff1abec717ada1e596b8711481e653f5b653df6d326aefdcd4e0327ce441618dc06278879dca73d21852794898567a620f0c67fa4a6b3c9c132e901f02c70b108a6eae026e6d5f9cb69cf34895748ad800686b1d6ac5e3f65a3c05f9dd91b437d1b93a327ca54e9559bc18a32ba7e7733e05516af1d2fa8bbd9d00b58243d5c71070ba3cfb95c364c3c80da2e0ce6b1b041725e6ccd28f73fb6daf577c52f3a16e9ccea4ff661a68d2eaf7502801282881850f972cd01c614621d0f165e51848e33499dc7cd911aae13a6d135e0fe47facee6984d4c7c3b6a0b28b5e90d36fae4bf44aa7202511ac59e171d699786cc712e736c9dafb7e4e70d4a7cdac740ad151c5c68fc1f09ca830d406a927a9dc24701b3d2950b7634e670f636067bb53ab3fdfa5e82fc27432f35454f04a84ec7e3aeecea07fb329e9ab1b54228a666efaa5eab4039aede3397e5b2ea1b66a4d1ddad658c906187d137eedf58d327f79749b5abb4fbd27af27d4332bbb6a5d16bb4632d2aa156ee9a83afdf3aa20581a7a22fb4f484c8ea2cd1a5057e56b4857cfb5beca2565862dcfb840214b081c81de483995932a38629cd34bfe483d6e614d6c5a512c1b222af65a65498e07d2049b98c443531a719ed6f4b06a961ab93f647273710d29cc129ba62485b9df0d32374b3be1c05e387084fbd569f735fb1a317cc54398c43320263566370bafc78be7b6f4bf17a40b74a42ed1983a876b4aeb3ab6e08400f0b6bb9dac9e86287880eef47673b61e8a39e2d3e164dcd3cec0345bbd43254d9a8be86f23949c326b5b0231a0aaed4e0fc3685f1b4cea69ccd4ed4ad39c9b032baa0a888defc8cee9d24d38999d7076a7fd13cbef017773857530c77bc8eeb9ad04830807b00ffdccebd61dbfba6f74884102fbb3458c009bba29878af59ab4882ab6fbaa6f5aad7659e23d64c03992c523e46bac88b7c093f48146b35700590d2fbcd9d844dcdaf1a53206a78dcdd269b783b272087435ee4642a1ea2e342514fd5c73f566ecd9ef8150d42cb06da2ed31d663b3c766884a28364e7122ae93edac6bf1ab2ce549289d89ce4b6a42fede9bf2112cb75f0dd8f00c6cc68cebe7c06cbbc6fec3fe20a0b42e1fd4935c5d129b98f50bbffc950cf72ddc5efb487de241d9955e3ff5af437c0c28a664634b5f47e4c9e0f92d149e336ee9686a85e8cd5d333c07e8f85e739d26b210625e8b9fd3dbde8f361772ab0d436876c2ee28d9f665232f4f6932c631b50f6d64f7b12edff7d85df8fb94e94b25c5ec603a239e72ed1e4fd6d0f36f9560143b8d8f8797c2a9122a4c25c5fb9434b8962ec75110d8a1d16139bb37390790dc02031528083504ef0594af39f0acec64d951a23cbb11f181a61c29cc5069693df0327bc3c8e217accbdbd23531bf360e9f5116f3d0bcea1685fecf8209287170e4044ce6f58a7fb6f0f46a54aa760ae31f77856429d4f5575abbbf32117389d1b019a65d8696606c3195ddb8600526a291e1bd2970ad41bd7bc49e0ac8444368bd1f5a81ed663daefe5574f1ca74f9d16b3e28976b857c4b00eca9f5a086ea63a97f0e905d728c05d4427063a95ed8dd9294634f425a71877d155e8ff39902badb2ce17961bcc946880c2337f3fb8c725393b1923c164e1a6cf92a66efeb7dc670d9ae49e606d2096a3a3f9cc85cdf33b1d790bb31a24a3602f31a0f9748cdcd5607a46e4f23a490d3d8ad41ac69cf0ba4f0bdc22c8c3d0ba015917c25c7caab1e48c62b7ebe0da5c6321dc48779f0f3338ae603ed7fdec21b2588488e13fd9bcfd8e4db16b428969f3cbf63778b6f24c8e45e5a16b26358fbccce5cfadd7cb171ed49ee1cad876860cff0ad78531573ffe53fbb5ae20a56d21e6fcd39b0da5252fe83aa5a4611f584e24ce833ff92b48a6cb3482d5958e8dbe49f9d8e5342443cad3d07325e96a90260f981e6adf3b0ef9567cffd18388ac8d3631117d77eac70eff275eadb507d4679ab6b87207561b524aac4bb3a5227857dbb67b3ff2332d6b6de11d921e02f149a0dc99a5dd5e530f5c17ca71942d9f26298b33aee0fef960f63308f0c81d96d1966c51ddbb04390452f7e64b447d4e03d0b747262793d709ca2eba223649a049ba97ac74a8cb60b586c649e6cdc5c7c96258c59e78e2b80c3117ec59791080e41ea84ddc2cc94c9962af4b4b88689cf5b73f86a07677228dd0c678f1ba269ecab06bf08e6415503142a05000e2e2e84899b4016e19105a67ba8089e728ed531a553a08d70bf79a468f15467455c97f453645511a47077b9d753a9d2ad1049dd45384a13993762bbc11266dc28b6f164c1920af56f7ea3c996f2ed655e856a20a68cc3163e790f8d2e1962232c98cb41e58474afcb89338010a6982bf8e9507df96e86dbacd18f71ff4d4a96566ce11bbd90ad5084c07e653f861eee331f171c62c6421112cba284f95ea58a0194feefcca9595f1f968c6f71bf903b2dfbcfe00474fe6fffd4ccd0222fde02f03ed1932e0298664510fc8fbaa2526b70754697bc33ede9391b3f02117f432010ce93fc295082ccaa90229b6e04791858485a617c9c20623a130c63e5a038f3cc27427e7d272b87d392609ec940a9c40db4f460a14e23ba07d4c5908c7e96877c35aafbb9eee2b38a0c8e52894408098fdbfcd4b3b6dce080c8385c1731695b36050c15aba132278f4ba85005b02e14639016c0556f0b5e0ae37e8908524dcf6fb458888f73c574f090cc0d11d974a935211cad8eceb773427f149f3458d4f284e1c4341c97fdd91ef10d3caf0680a82d006f41143e765a4334b013cc0e833727bee7eb7f73dd198fbe3c92776f4981db7edb789b37317ad4814cb11a357acb8d54804d9b6b28fe9331ab83ae3308ffe320526ba1f89cf63c2a41f25036496cae4967a92f6f6ddcf929b14e65410e50a2ea3bad62ee6d5e7ded2067caed692e602c29976df00e82db7783a905d1425c58672bde27f8ef7513899eb90a2ede15a06a308b862ea80b48325588a20b442e188444ebe63ecba57f1ed6247d7df8c08f19ab5747ac21e448f3f116687ec084fe9ff2b71c6baa1968e54ebc7a0bb03d429215a05c9686edf01089f93111f0c05e45e5fddb2f0036336a3534ff6540b905cc167012e4df5be3b938ebf2dd2a8103cdbe0a6c66aa961081acce4f15e2a95e1e6530d41f33e6d9e7fe4706b973e1bc91de8d77438a1b939f4c6aabda927619a7c0c0fc0fe7fc0308025c57b36073b4ddd27abb2247d5d022a3abd1f8c95f6bc43b0ffc4f4820b7ba9080786f257d8bc566ca6f71817fa79baeaaad0bcc10e4a0da0856bb4e8df4095d91265b2896292f0d2d0b6c600e57a847a5d8e3d3339a29fa59e0c05f34861018595b5d994e8ae701ecbf7417e12687356607e52c55fcac806d3c690a7635a2b94429f6965109e97b28f3680e5cf75556d6b6a1728dac411d70de47f27dabc88418fd23cfbef137f2b7ef7f508dc1b5a01677c8986cf509419febbee38b42c1bcbe78076ed09502a0c927efc560241c16501d5c3961870fe36aac9f8d3ae2b9d1b27f7e29463a75debaa0df7e3eca577007995489e39614196d013db77aac5fac5d431f83c89836544f8eb382297b18a836b42ba5e5557912ee12b8fb66c6dd5f52b252a1f65fdb06504e72aa8c5568ce5c8efca64c3b73b1e53e4d8b113ee42e2519f78da78ebf18753f8835220e41bb78c7a126b5ebaa7ca999336af33f032cf6d8e1e3b753ed959c527db69b5ec7026990a5c94798f290315c2c50100ad7d69ba81636ce3f385ae25ca9c78863550a84319225f67e3280e81902ebead37bfe5ba7f8fdcaf4d71f4568cdbd060649828e46db386f2922c379e5978a99c0173d4322bcf6b1f139f427ddb66363a918e6393c71c8feea4159e87548d30e5315327ecfdde1370179c6ffd656b8f62031764bbe2fbb6cd84f163b5027cc6e4e5350a2188a14e8297b12f59d0273eae5e294abc384d88995aea667336d0e66e3b4049b13dfaca8b213837f55bc4f0ce773acae6895fb0015c40bda6f8159837353afd51602de63dd1a012828c8691fb08a4ed900ac6da64e4f8015852684392b119d122b2814db93bd2538cbe0093a16e3affdefa2404f7b8ffc91eb9a9e6e55ef487bd8b523550dfebc00a3ddacf8acb88284a774261a6e1a40b19eaa37bc92c1e731df5a294f268b608c547a1042931b21d73f7b2c98f3ef310005c70244171fa2ddece029c3562b0f82edfd78b121f67e45284e11f35e72a73190e82c9906635d0f30d3c2d1e865694d5183a4cb63aaece81f416a8d781fe9a547c9d463bfa449736f8deeada3cb0605baa1b48e23ef6ac86ab0f60af16a1afdb3818db5aca2a10db332546e8b3677cd56f9ce3282f90521f74c4033b8957e2f1ee3f731c5b8252b2c92dc3575f47eacbaeec023dae45a4929a0e67478f6880266e042167f5ce892f8837406dda39e0ec808500052d347513dd10d6954a6ac37f1c646cf18753661509099a02a81df4a039526f3d6244bd7787f015fc8bee4fa4d2fefeadcdade9c7c341cb5da87908039d4cd46fd4d39afd2061014faa234f9c0bf6d5046bf12fab823327f85898b837dbc62610b1a883283b527c2b6e75d6baf3d0d8389f892265c5f1c512bb85403db587090ee10e78fa256c94004694e834f3c6e7847620593e11d0c5f659864527304cfdaad4133904ea8fd18cf6644ec9c453b75a661328c846161e744e691f8b417e437ce92dbdd7e7b303fafe51eed162a072247b478d4ffd98442ad7e955585d7da17623b04e45be8feb5858c2fcfd3865c0e772a8672d33e880ff08aec2504d9ca27f81408ab16d10d09b4830bd27cd66e34b5566e5b30ea7ac07dd72602f440d22e42c5249ef64b91ae64365c4fcc5d199a4686f962da57e2de79c9e70dc3b74f9f752bb3de48eadb6a045a9c15a7be0df8579b5f65d7e7e1a4d120dbffd9c9fa8334f5bc019df973ae0e821a771e1b2ab850549661e8a60b34c173e700495b36ba3c0b7c3a9b83798b6c6b6af3ae12150252d641c6eacba5efcb64f5a2fd607f01936839450f0eb6004e96986a197548", &(0x7f0000001b00)="501f1f70786c5443dee932e915f75c6b24a75bdb9654c059eb1722e0e1b0ea9a2ca20cb0404d18a418327071bbf56bcc339d98166a66fd619624dc1e593b99bbacae73714a95a2808b91ea7188157ffee1f2f123ca487a7a0b88a0a6928f76ca9a21bbdd6b4098402c5161cb4a09f02eba7866a7711e3255fc0745e5eb7298e668f15131d38106a2e3e3163d8d80f37ea1cf2202c0cc5bd501cc4ded06cdcefc5dbdac62bdf0b80ea268651df7be5fcc9eec9d36e551364a7e58ccc6209813f96a560c9236999d30eecd1e0d450f01dc9b2b0ee1e905d3f3a56e3430394612941ba8f86fb8385413fceca3c77b58134f8b8514cdfadfa092ff5e"}}, &(0x7f0000001c40)=<r4=>0x0)
timer_settime(r4, 0x0, &(0x7f0000001c80)={{}, {0x0, 0x989680}}, &(0x7f0000001cc0))

2m48.132954223s ago: executing program 3 (id=208):
ioctl$KVM_SET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, 0x0)
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000001480), 0x2000, 0x0)
r2 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000003e40)=@bpf_lsm={0x1d, 0x2d, &(0x7f0000003b00)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [@tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @tail_call, @snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, 0x1}}, @map_fd={0x18, 0x7}, @alu={0x4, 0x1, 0xb, 0xa, 0x6, 0xffffffffffffffe0, 0xfffffffffffffff0}, @alu={0x7, 0x0, 0x6, 0x3, 0x8, 0xffffffffffffffe4}, @call={0x85, 0x0, 0x0, 0xae}, @initr0={0x18, 0x0, 0x0, 0x0, 0xfffffffa, 0x0, 0x0, 0x0, 0x8}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}}}, &(0x7f0000003c80)='syzkaller\x00', 0x8cae, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000003d00)={0x4, 0x2, 0x3}, 0x10, 0xffffffffffffffff, 0x0, 0xa, &(0x7f0000003d40)=[0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000003d80)=[{0x3, 0x5, 0x6, 0x2}, {0x3, 0x2, 0x6}, {0x4, 0x3, 0xb, 0xb}, {0x5, 0x3, 0xb, 0xc}, {0x3, 0x3, 0x8}, {0x0, 0x5, 0xf, 0x1}, {0x1, 0x5, 0x10, 0x5}, {0x0, 0x5, 0xb, 0x6}, {0x3, 0x2, 0x1}, {0x2, 0x1, 0x3, 0x3}], 0x10, 0x2}, 0x94)
ioctl$TUNSETFILTEREBPF(r1, 0x800454e1, &(0x7f0000003f00)=r2)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000000))
r3 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
write$binfmt_script(r3, 0x0, 0x0)
r4 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r5=>0x0})
bind$can_j1939(r4, &(0x7f0000000100)={0x1d, r5, 0x0, {}, 0x1}, 0x18)
connect$can_j1939(r4, &(0x7f0000000080)={0x1d, r5, 0x0, {0x0, 0x0, 0x2}, 0xfe}, 0x18)
sendmsg$can_j1939(r4, &(0x7f0000000180)={0x0, 0xf5, &(0x7f00000001c0)={&(0x7f0000000300)='.', 0x1a000}}, 0x0)
file_setattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1000)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
syz_usb_connect(0x3, 0x0, 0x0, 0x0)
ioctl$IOCTL_STATUS_ACCEL_DEV(0xffffffffffffffff, 0x40046103, &(0x7f0000003f80)={0x0, 0x5, 0x1678357, 0x9, 0x3, 0x2, 0x0, 0x8, 0x5, 0x40, 0x3, "662efb74a35970303cc874a1fa0ba08366d9b365f475c0baa3884a4259020454"})
r6 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r6, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$CEC_ADAP_G_CAPS(r3, 0xc04c6100, &(0x7f0000000240))
write$char_usb(r3, &(0x7f0000000600)="b56511e72c6cba780ce701ed0b2db27a336692892a6491e2488652ff00c468d353d809d5b20d8ee0f9fefa6cd7bd1036ed25f0e37053d291887c707a892884c2b4aa2ebac156ef8288264449eea05c4f51c3bb4355eb108744fe34e5d0e851d51a855854135f04dd5d854459226f090b6f0d6135e8f2824eed7469236cad2251116a381d8cd30bae59c1fe71e028a667cb910d523aa5d7208286755075ee8be937304cca20e234303df72ad4e2bdc71219456229460a7c6a2df61e8b21b4a4941dcba5c257b90bbf0a976a73973319258ad7f738c04dfbdee4ea0e1b77a909a154fd934f791ebea03db6f06c8f14bc40924e46cbb9b343f25d63f332f9b3f176601f842a4e40401cbc62ee7803c3a2d71f3878f61d8fb8cb5ee90a696b22fb97bbdfd36af05c2e34dfb3d36cf7333ea9dc98af537780ae7bc701053b9009d654d84f04c851b311341efcec16ef3d5c8a7e8af494068dbad55bfa7b7bf4475ceb03a6f4ef11ce14652dc36f279671b7184586c7aab57d50ca23deaeeeaebc2ed024d91f399c84834e7802ad28b6ffec7ed089e8af35d15f2713e70ce55b3f60b9c002496e110c3a68e4c01faf901df4e39d007bf99f3a2d2e33c58b92b961937060a92ab6347995c09eb6a363092e3a45b68bd5e734d43b0bc98070d66c8d03490897a7d05e894da6d92c46cb1d961d11a7d1cd9d3c437c07e9f090690d2b344a93fdc5d7276b74231f1ad050024359e7a73ee913e9a7eba72f23482de94c572d07491328ca363762c44ddcdb1623ec6d639b368d407ffafbb265de19bd5e52ec86c12167dfe2a3de629af1d66612c3f313e07a301d8378fc6eb551196b51680d1194d682ff6cdbb0f811608d6321b41664108ef6dd1dfcc7df602901b0c0d549fb8d0c1aa9b542b99d76b6b8c360c9bcb01ed819a57441948465279d0b2652be1058065929bffae3e9c8923ba01c954f3c49298db8ffad96b73684daf2e608046be2ffb0de70237e044d4be3e6ccc1984ebd2f6e0f57e99fcb0ec30598f121bd93a4003e0ba0815e5ddbeba9f3f8600ef86258a5423fb1f30da5be531e573bf5322a5842eeb23107f02021dc332e0e687bd1f4f0ac09293c3638603279484dd552d534089e0b5b903c4ceeedef410662ec12e17e9b616950874e24d313d770e84b488544a8b829039d06637269367c108dc37712d46ef6601ef4e937a120c607e570446d6216366a72ced5d543ba92a929cef7c4fb03307e88174ad88381b16de1c3f9985f483ff75e9b40fc0e001d037dda41df9a583009baa3b246c19ab5a20cb4e62accb7a86090717c17db68b0d14905ed0ce6e49555de65448782fc0899f631393b5ccd65da59265d1b4ba9ff4d8a328cb42d2e3a465db23cfa9f159ce5716df7ccf393a561a1783679048570f2467c5336106bc8954569c047e854", 0x3fe)
write$UHID_INPUT(r3, &(0x7f00000014c0)={0x8, {"1774d10ed679a3761698425e02229859f202c5d54bb9aaa84c470671ed39e31fcd1987c3fab368535c1d72f471356277d68201ce587582e0b61c74107f26d9b357fed4393b6676c62cb12bb5104bc87b40120258613657f462d98097b32565f3c6a065c0ecf81581c270d0adccfdd40199844781374e1cee0129091296af79ff67a1f52be0c73043a7bb6860312b9b2d3514d05233defb9e2e9ae218a0731aa015e7f042114d434f4209218e37f80b240526d575cb63f1ca89512cd50e27c21a827328cbae0874b155506fd933a2e59978eaad1c78dbed757e9e0047f5ebd5e9faefad831e5c55100f289794dc5b2116838edc1caef786cead375259a7768ddfd6cf5ed870b7abdcef90350a64c1eb5d6e54de748d6349f7e5bcb0377df4744678e7700911426a8b8540996d54716ecd8cd3a9f8175f23d45f9a1497654d5f2e4dad96b4b34cce3a39eb084bb829e05c82249951f91b432999c302bbe8ae5f79bb8954ed23ad98f87b5c30d079b1b2186db53a3849f9dce0e4d49c04f3025d4b25bc0728ab25ea5d050dc2586bad7ac437d7a5881c06e8b9f3eae66dc2aa48d0edf763daa7c6aa90df3c61fd69cf301090790b608324f4cfcc23acdcbbf9bd7e224c5c33d817cddcd10e86cbbda0de36f52d2389fa84dad6ed1819ee056b9a80d0b81f2a6b4ac50192f87cabf46f5fc88abcfbeb4301632d353aaf091b7828d941cb1c0e1477e5761032a63dadc3c7f51de8429c63b4ad65e975e38f244c6fe40e8fc6c33c4a16deffbe1b0423e584f45023e196d92b5bbc7d1854c3f33e8b0b7c5d3d87f0119380e2d14d6630219dc0e31469c2af0db2d624cab5c276c396f7d1543370ca9d925ac2dc2204de8008517c815e9fa7cd56e53f82ce1d095cd08032f57835ecb14c39fd57c90e39557934cd278a609e2e05a07a791d417f4460d2c30c10e1ef92cc146b1f9ff6b98b2688e2f050c510feba0d6960d31522cec3f6b0f539f85898a6b6409dd179d990fb57026acd9382f505ce06db211d7a369f46d8ea5804502bc7829155794b19a098d095a00b520966e9f49c74111d1f0f0f75b07aff0d388650a63656c9e601269d2eff1740e87206416ec73c08b56570dd496846b4f1a5d76602b6594e173209e5e7cebbab3f9f29bf957d000510eff9ce7ee3fea7fff32f3b6ae414ac311e14550e9a597aec7e76df40b7352bf4ddbd00739041edda795aeaa2665ad51a836120054bb0c8c1d3149477167214a0f952c78039ec8a70e21158db26d8f0238f782a5d54dced90951085abd412ef2e5b9984c7e263dc3eac6c683e8b82c5d56b5fa1e2f65d5d0afd32bc66d76ddb87a41805e11137de7373a9f6366a9a314cc6d5e731abeb2e83f135798a8bdda1c47b36db21140a9278b86c520bdbc8338ccaf5fbd61d7e73750b38e4bb6c77c33bf5617086c8f97ab219b4f6c930fd717aed4f1fa0eebcda82322c561dcae23284e0bfa4bf7a5b4b19ff3fe3137c4e07c55543a7d3778ccfaf757fae541bcf475382cc8ab6a0ede61789652b528efaacfa804fc1583bdfeaea00565c70a5941dc7a947ed97d9b6688f6363edf0735e72d9b8a4b21e5cd2de518e27bfd41749eafa66f3452e941273050ceaf39435327737857d4718a31b83649b3dced6f37a9ce3621a83a7ba9163dea12990677d21781f4ff95a68dc4b268b4c5e428c0941443c98025773362acd28a88f8d7e42fa72b908ac6a816270d78541c98e36b838b83ba99656192624211a343e6e76e154ebdb1af56aa8489f6a30a6be0dcd84f80ab2d02ac7bee22e5f6207d74c4fda0c6d7cc71bea537718bf8bb1d3c2602903139449b046d09528b4331bd8e396bb9b5c0b15db16a72947eecd0f050de9ee9e6b82fcf48a7fbecf911fda3d013fa9941a60f41b9d1f56ac40f07e7259c7c79f17cb0a90c472d33aed227151fc93c76e7a1fee4675edae1a9fda95a5d2b42c7b13d84995ee1b6411c48329f529752d65601c034cdb13ea4051132ecb7f71953b43663053fc2a174b1a7694d6a8b3eb9facbaf8b7281e00357ee255816a489ca91656dc506deaa9c925a0e53600a9e7df5bc89db907a323ffeba03d3c06a4f0569a6c0cd02ca46eede0b9979aa5b40fa85b47b3d4f4aaf614b5b72ab9ea4289d08346759fbc4c0c25dd179d0efc994f4ace7612720dbd1b40395c95c43e24bdb5941295ccfdfb8b558b3234a80a2cfb5a50d96a31e2f1bcc4aba66994626f735d5fd742f0fc2ab2bcc0a73a6210e9b2222a3577f7cba7fd31459c58bef86eb76dd00fc165a16519d05f5aa5753b89c5391a051b2930b22eadbd1f4fc76fc675faf35bde9306ef48fa349f1978b84e033340681bf06966a833c03902d749444574b9e3e88e027b01d057db785a1e0d6b4135c3b6f2ac370a01351bcdf0474d4708675502e64e02d468c4e1454271dda60f82cefb8f6ec9bd871bb4c7a50a17f3d1d9c1bce2e79cb59704f78a31d13cd6678e20ea53e8d0bff1527bf76670982fab8cbe62377baf3c59f256e0bb21686402efd240cf07989832b02975e09b06da9486667869e543e7e868e1eb2242811f306f9cbeff4e606c62dbccfcc3dec265b396fa70c04b0816dddedfe5d70b44c35e387accad9945c91ced6665482f95e1bcd4fb603eb5add65c934d74a40dd37a24ea972babb9197dd85b102e67d5658dd8cd64b661fac6dae2e1d8f7325e2a62d1060836f53a2f3737c843a42662a7ed6eb63c5ca670273539529a760417f3d95fd4adfe86ae582742c1d54dd121e5ac820d3f547a647f72f723a66dc9830fbcc228559c77d3fd1d7443598717f69d58b9e7cc64e9aad2da810b45aaf01b377d54eddc0e97f6d1dc07aa33c30aa2667719cebf73e67d001bd967e6529f195b38dc6684758b557ce4ba3b47d84a03be117b58cc22adbab162bed3965f768982e5355d241f7f0c0943d389a61ef2c633d8b99c7b6deba3bc4e4c1b7366a178ed6bc1fb49ce646b411ccb940998d01a941546a5ad1988faa66ba6338a7562e17ee0af33e76d6dfcd0ed0fb92911b2c9cb880f367f6429a7446f090b90b83893d1c0ddb138959853b68a85894a6d5aa1d287c2a949f9331fedecf7de02a5b51014c917a42e33274e6d597bd6ab586f73ce61a96f9512a0ebc729869c664a895be61ec7882869852c922d3016726edc90f909af1d07e8a3671bf751135cd24066fad1992103bdcd5052059abb0e1df33560ab3637d66b1013f8a234e3238de1170da7addd84b21f1e870151f534d799ed6164a031686bc48d2ae5a89c81894a28a9cd944a535b907777397e739a3b6a8e7d54bef71907071bc2a047ca14d7ef2e9d9b66da86ce56bc62ada0c813d9d63aa899f77f5d804a13a79b0e2275c4ba387e970519e67d212193d91bd0a96a1068bc136616ab5153b1e4b956f1a44b5334e8fbf8abf57fb28a13a64ad6085497faf88556d721f8e0a0699469646f22789e6530c03c75f69279e809d95d444bd44af1d19d12046de9d524caedc84a506642edf34b409b41ccb9689f8597cacd20eee8beec2b3e89644c06750e080da5cc06f3cb10b854fc23d39e52bf95b88335e7536888d67ea92df5868c5835321234e70ebf80e4365c19693a3a640a30f5aec7c490b4ed32ff169e907e25f862fe5aa8a9238cf5cee03ec2ab9e2801239980e78162b560ae3d066351f944c31d8b57a20cd2419b05b0fdd9f8ca4b7a8e1e7955a6b66a264d6d4c56d83c15871ab3f3327284ff7cf5e8d6c7f762d755fac0c7784af9efd13c9337d38451acb23020f4934ef1708b362b5d5cf4b743fc0f9712860ca2977319e1226ed860c2be3caacc8465ba80a0a6856322bc352972fd3f3c0db3acd66d56fef139e48f3d63d3a62c532aa10485807269bac3348316d9fd1931cbfd2acaa5c4e9102872ab16500260f2aec57025c0d6dc1bd68bff597667469e8eb57459b1881c10bf9531c23a6d9349b06b0db60aa6f89a4e0162038ea1850348b72e16f7d647e092c1d7ca55ba5095e58b18dd56b72ba9cbc09598663e8f54b2594194de72475abafdb285d464007ab91a83b91e7c8d5968ecb452e011c0b74e4309180615c3f67c2cad6e086f3686fd5394efd86d8bd45829314a5eb4a0549613b668e7b97600ac9ffe59df44e87046de44432dcd0aaf0c02c446ee9aaf72e80ce989923d4720fd3b8257d3fec5af22737c1e426f9d851c7929d69713e4751d5d39de20f0990bbdcb579f36b778bba4b8c5bdeb78208412005fe7cee40fe86691b8b0d6d3234e74192528622c31022cc3a81f4a574efdb67348b36ae7fd5977059d911da17746b040f06e7bef06accf4ef1ea4f4402041a98f3760d0fb8851b4e7d1124f37b1c653cc9ac53f4e373f694f8c957c390b0801859a19776a83854d2b65766bb03321fdac9a23d3345821fc21195910245e5ad79926a08094b54e242f002634b7213e5c122e76514f9ce76ce2740741f7ffe30e036de63b737fb16b240c6eeef0c1c537d219449b95d497723088548267c229fd5a122f25f2c6ad2fc3ff28133305ca850c5e2d1453dbb4429a8ee3a8f173feb49b611764c536c668c9aca8b8ec575c2310044898a4657fa1dda2ec6f7b8906d9521525ffd30c2b5948a0250224ba4d6beb39008c3785ddad71ceedb34301706b71634bf74b33ea4c436c2006cc5275d7931855d376c6314f8a5431781c3347bd9b3edadb8fcb959a6bb48e9407de69458fcc61c3a62e32720d3fd838dad3f50e852a2aa6d26af70205f9d8e40d3b9232c2ea9a4f86857fec4f7772e43d6dabd1e34400a84d1d338941bc31ead12047bde3ccdd89c53fcbfeff9fba85be6c11447c4b088eb184186a5e41e17bc0011c008aa8b98b44c1c862f8f977d1998d8dce81688d3d80d0fa2b9b7e7f78f80361f525a7586f3d9e68456b55d6f0e8c99495da3a5f392fc8bfe4e42af04fe85936c99b7be80acd351bffa7b723717621d9ff37b5ef829dfdc6ab085c2e83df864306cee0096486e77a1f9d7b7cf5bd157a69a05a12bb735606ac360af2c23542e52880fe9328524d5b121e378319ef2e1a0874fc99842ac8ac04dd6c634b08d81ffd379e9a52573a1721f63a6c009c590e7f43fcbaa2c23c975dfd1a9d1a6dc21587511b4cfdb6f53721940a9f4dd3d8a2c6bdf9890a152e05c9b561518a58a861aae8cb02f1031a121297f6b0820b22d9d6e544adc91216f4a3c011dee24774bfddef418a56c5f0ed57e6f3ce2a76d812a19a9420141eca0ef3d86f552814cb8b2a68b53bb195b2dd2b44f49e93c742db0b2bd637fd247bc28755819a9e122725a6b4409baec607359268eb6cf83fcb674a3771b75b8a7ea0300c16a624333b69bc188c417557356ff7336cde8645f973ad18ee15fc3b34074e1ec58eb00b779a86c7dd7e76872798a12b29b3f446240770999853686f18a624beb6f07f614b413a0cbd954de99a6a79b7c9dbdec41fa172025d9e7d6e82935fc21b4c90bae9b4e9a84478e2289fda091ceacdd02bee2d96fa9d02982191418a9db4115ba049b045ef03dcffc0566d802df6d97dcd90660cd9c3a682bca8a48dd7168ab86074685993571843f74498f1d3a85ab9c63c83450809e86cb1bcf2f341cfd7db56090ad58c34e3a6a98ea65e7b5b439295b0ad6e6e695d88dec93c2ed776df7fc41ef0cec809500d2ce06ac217001748fa337b91f1bccf4d22ee7183e44a573cf95bdbe1e2e10d0c2d52e1992983f84fa1b109eb1495c9d25651510b75a2d5c689b7fe9", 0x1000}}, 0x1006)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r7, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0xfff], 0x0, 0x0, 0x1}}, 0x40)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$ipvs(&(0x7f0000019480), 0xffffffffffffffff)
sendmsg$IPVS_CMD_GET_DAEMON(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r9, 0xb0b}, 0x14}}, 0x0)
sendmsg$nl_generic(r8, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)={0x18, 0x2e, 0x9, 0x70bd27, 0x0, {0x4}, [@typed={0x4, 0x18, 0x0, 0x0, @binary}]}, 0x18}, 0x1, 0x0, 0x0, 0x42804}, 0xc040)

2m44.216295781s ago: executing program 3 (id=223):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{0x0}, {&(0x7f0000000200)=""/83, 0x53}], 0x2}, 0x0)

2m44.080487105s ago: executing program 3 (id=224):
syz_genetlink_get_family_id$nl802154(&(0x7f00000000c0), 0xffffffffffffffff)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
mremap(&(0x7f000087f000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f0000ffb000/0x2000)=nil)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknod$loop(0x0, 0xfff, 0x0)
sendmsg$BATADV_CMD_GET_TRANSTABLE_GLOBAL(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)={0x3c, 0x0, 0x200, 0x70bd2d, 0x25dfdbfb, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x2}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x48f9}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0x80000001}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x10001}, @BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x4000)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_PORT_UNSPLIT(r3, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x2, 0x0, 0x40}, 0x8000)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, 0x0, 0x804)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$sock_int(r4, 0x1, 0x4a, 0x0, &(0x7f0000000080))

2m42.668337268s ago: executing program 3 (id=228):
prlimit64(0x0, 0xe, &(0x7f0000000100)={0xa, 0x103}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_MAXSEG(r3, 0x84, 0xd, &(0x7f0000000300)=@assoc_value={0x0, 0x9cc}, 0x8) (fail_nth: 1)

2m41.173420974s ago: executing program 3 (id=231):
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="120100008e88052086800095d89301020301090212000100000000090401"], 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)={0x34, r1, 0x1, 0x20000002, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_SSID={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
r3 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
ioctl$I2C_RDWR(r3, 0x707, &(0x7f0000000400)={&(0x7f0000000000)=[{0x1e, 0x8c01, 0x45, &(0x7f00000007c0)="253ae1ff09423e082b90f4bf0aa5025a01c8d0fae52c8745ffb6c9b07820ba0a7da757dc4f648ed7aed50713c965c3403169b921182c0b9370e56e21421bd29fcb0c911af3"}], 0x1})
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x72, 0x101301)
ioctl$USBDEVFS_CONTROL(r4, 0xc0105500, &(0x7f0000000300)={0x20, 0xc, 0x3, 0xfffe, 0x0, 0xffffc, 0x0})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0xf22, <r5=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a0000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800020870000007000000095"], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x45, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)

2m25.127380154s ago: executing program 32 (id=231):
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="120100008e88052086800095d89301020301090212000100000000090401"], 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_AUTHENTICATE(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)={0x34, r1, 0x1, 0x20000002, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MAC={0xa}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_SSID={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x40010}, 0x0)
r3 = syz_open_dev$I2C(&(0x7f0000000040), 0x1, 0x2003)
ioctl$I2C_RDWR(r3, 0x707, &(0x7f0000000400)={&(0x7f0000000000)=[{0x1e, 0x8c01, 0x45, &(0x7f00000007c0)="253ae1ff09423e082b90f4bf0aa5025a01c8d0fae52c8745ffb6c9b07820ba0a7da757dc4f648ed7aed50713c965c3403169b921182c0b9370e56e21421bd29fcb0c911af3"}], 0x1})
r4 = syz_open_dev$usbfs(&(0x7f0000000100), 0x72, 0x101301)
ioctl$USBDEVFS_CONTROL(r4, 0xc0105500, &(0x7f0000000300)={0x20, 0xc, 0x3, 0xfffe, 0x0, 0xffffc, 0x0})
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f00000000c0)={0xf22, <r5=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0xc, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a0000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000800020870000007000000095"], &(0x7f0000000200)='GPL\x00', 0x6, 0x0, 0x0, 0x40f00, 0x45, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)

37.091106787s ago: executing program 2 (id=463):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x8)
io_setup(0x202, &(0x7f0000000200))
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
setsockopt(0xffffffffffffffff, 0x1, 0x10000000000009, &(0x7f0000000100)="01", 0x1)
ioctl$KVM_NMI(r2, 0xae9a)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=@newsa={0x150, 0x10, 0x413, 0x0, 0x25dfdbfa, {{@in=@empty, @in6=@ipv4={'\x00', '\xff\xff', @empty}, 0x0, 0x0, 0x4e24, 0x0, 0x2, 0x0, 0x20, 0x6}, {@in=@loopback, 0x4d4, 0x32}, @in=@multicast1, {0x0, 0x2, 0x5, 0x80000000000010, 0xffffffffffffffff, 0x0, 0x20000000007}, {0x0, 0xffffffffffffffff, 0x4}, {0xf6, 0x0, 0x7}, 0x70bd26, 0x0, 0xa, 0x1, 0x9, 0x110}, [@algo_aead={0x5d, 0x12, {{'rfc4309(ccm(aes))\x00'}, 0x88, 0x60, "ee975d40df06c77860e09d464fffd62203"}}]}, 0x150}, 0x1, 0x0, 0x0, 0x80c0}, 0x0)
ioctl$KVM_GET_MSR_FEATURE_INDEX_LIST(r0, 0xc004ae0a, &(0x7f0000000000))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000440)={[0x0, 0x100000000, 0x0, 0x7f, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x8, 0x2, 0xffffffffffffffff], 0xb000, 0x140200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x101, 0xaec4, 0x6, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x8000000001, 0x0, 0x2000000, 0x20000, 0x1c, 0x0, 0x5, 0x1], 0x0, 0x41981})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

33.795195718s ago: executing program 2 (id=467):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
ptrace$ARCH_SHSTK_LOCK(0x1e, r0, 0x0, 0x5003)
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
prlimit64(r0, 0xf, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x35, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x94}, [@initr0]}, &(0x7f0000000000)='GPL\x00'}, 0x80)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000440)={'ip6_vti0\x00', &(0x7f00000003c0)={'ip6_vti0\x00', 0x0, 0x2f, 0x1, 0x5, 0x4, 0x20, @dev={0xfe, 0x80, '\x00', 0x16}, @empty, 0x80, 0x20, 0x4, 0x1}})
gettid()
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001180)={0x38, r4, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x38}}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x200000000000000)
r5 = syz_open_procfs(0x0, &(0x7f00000193c0)='net/igmp6\x00')
r6 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000880)=@raw={'raw\x00', 0x3c1, 0x3, 0x458, 0x1b8, 0x12, 0x600, 0x1b8, 0x202, 0x388, 0x2e8, 0x2e8, 0x388, 0x2c0, 0x4, 0x0, {[{{@uncond, 0x0, 0x190, 0x1b8, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0000000000000019b5115c2aee68d23a465cd431e150c3234e082555f67222476147864fa03182f5cf11d8c348cbd06dc8de1dcbde7d4e252c3394fed47bf78c70f607b0178fa5ea335019ac07a602061c96baeb8989f1f34a214e6726401fe4b124e0f7323a587d2a1fcf07000000eca0a7b66c60c527bac2b500", 0x4}}, @common=@inet=@socket2={{0x28}}]}, @common=@unspec=@AUDIT={0x28, 'AUDIT\x00', 0x0, {0x1}}}, {{@uncond, 0x0, 0xa8, 0x1d0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x7ff, 'system_u:object_r:fuse_device_t:s0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4b8)
pread64(r5, &(0x7f0000019400)=""/102344, 0xfffffcbb, 0x1c2a)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

31.13233984s ago: executing program 2 (id=469):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB="02030003120000002cbd7000fbdbdf250300090080a2"], 0x90}, 0x1, 0x7}, 0x0)

29.072425079s ago: executing program 2 (id=471):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000000)=[{0x6, 0x5, 0x7, 0x7ffc0001}]})
add_key$fscrypt_v1(&(0x7f0000000240), &(0x7f0000000280)={'fscrypt:', @desc2}, &(0x7f0000000080)={0x0, "d73886a2949ead13cc794fd32b55f5d51718f7690f520a39939208f3eb420ee7597c6263c119ba59a8115b9fe220e2ab9100e1c2aa99398e8aa36d65ae97d6f2", 0x2d}, 0x48, 0xffffffffffffffff)

27.512627834s ago: executing program 2 (id=473):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000002280)={0x3, &(0x7f0000000180)=[{0x20, 0x2, 0x81, 0xfffff034}, {0x48, 0x0, 0x1}, {0x6, 0xba, 0x2, 0xffff}]}, 0x10)
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa04, &(0x7f0000000000)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1, 0x2})
r1 = socket$inet6(0xa, 0x3, 0x100)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x3, 0x3, @dev={0xfe, 0x80, '\x00', 0xd}, 0x9}, 0x1c)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x33, &(0x7f0000000100)=[{&(0x7f0000000000)=',', 0x584}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

26.003911319s ago: executing program 2 (id=476):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110c230005)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)

20.296128438s ago: executing program 0 (id=484):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000fd0f000007"], 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xb, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r3, r2, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000001200)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x2, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2, 0x0, 0x1, 0x0, 0x100}}}}}}}, 0x0)

18.03678442s ago: executing program 4 (id=486):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFC_CMD_GET_TARGET(r1, &(0x7f00000000c0)={0x0, 0xfffffffffffffdbf, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x4}, 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r1)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r1)
sendmsg$NL802154_CMD_GET_WPAN_PHY(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0xef5f483be2f91933, 0x70bd2d, 0x25dfdbfd, {}, [@NL802154_ATTR_WPAN_PHY={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x4004840)

12.590218335s ago: executing program 1 (id=488):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x0)
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000340)={0x4003, 0x9, 0x4010, 0x4, 0x91, 0x3, 0x1}, 0xc)

11.829564581s ago: executing program 1 (id=489):
syz_emit_ethernet(0x4e, &(0x7f00000007c0)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0xb, 0x4, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x5, 0x0, @dev, @private=0xa010100, {[@timestamp_addr={0x44, 0x14, 0x5, 0x3, 0x0, [{@broadcast}, {@remote}]}, @lsrr={0x83, 0x3}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x6, 0x5}}}}}}, 0x0)

11.249410014s ago: executing program 4 (id=490):
r0 = gettid()
timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000000000))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x6})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
timer_settime(0x0, 0x1, &(0x7f0000000040), 0x0)
unshare(0x400)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)

11.044042534s ago: executing program 1 (id=491):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0xc0000, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0)
setsockopt$inet_int(r1, 0x0, 0x17, &(0x7f0000000180)=0x6, 0x4)
setsockopt$inet_int(r1, 0x0, 0x19, &(0x7f0000000140)=0x400030, 0x4)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000280)={{0x2, 0x4e24, @rand_addr=0x64010101}, {0x306}, 0x40, {0x2, 0x4e22, @local}, 'geneve1\x00'})
syz_emit_ethernet(0x2e, &(0x7f0000000500)={@broadcast, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)

10.90199612s ago: executing program 33 (id=476):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r0, 0xc004743e, 0x110c230005)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0xc004743e, 0x110e22fff6)

9.912989977s ago: executing program 1 (id=493):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = memfd_create(&(0x7f00000005c0)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10`\xee\xa9\x8b\x06%\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xa96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xd9Jx\xaa\x8f~\xb94a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3\xd6m\xf7@]iNP\xf1\x1d\xab\x13\xce\x152s\xb8\x85\x98\x84\xbf\x8c\x80{\x16\t\xd6\x17P3\xe9\xebGKL\xd3\x88\xd2\rLG\x8e\xd6\xa72\xf4\x92\xeb&\xa5\xcc\x14FZN\x98%[p\x989\xf6\xf5\xb6\xedk\xe6\xb0\xa1\x8f\x90\xdb\xd6h)\x0f6\x88\x03P\x8ak\xf9\xc9\x82`\xa7Ku\x99\xab\xd4\xb2\xaa1\x99O\x8b\x99-\xe3', 0x1)
r4 = dup(r3)
write$binfmt_elf64(r4, &(0x7f0000000040)={{0x7f, 0x45, 0x4c, 0x46, 0x7, 0xff, 0x78, 0xa0, 0x23e, 0x2, 0x3e, 0xcd, 0x3c9, 0x40, 0x2ea, 0x10000, 0x5, 0x38, 0x1, 0xd, 0x6b4, 0x400}, [{0x3, 0x81, 0xff, 0xff5, 0x5, 0x3, 0x3}], "", ['\x00']}, 0x178)
eventfd2(0x1, 0x1)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000040)={'veth0\x00'})
sendmsg$nl_route(r5, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
bpf$MAP_DELETE_ELEM(0x3, 0x0, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x12, 0x1, 0x4, 0x8}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0xd, 0xd, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002e00000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

9.814067837s ago: executing program 4 (id=494):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
getdents64(r1, &(0x7f0000000f80)=""/4096, 0x1000)

7.67799826s ago: executing program 0 (id=495):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
sendto$inet(r0, &(0x7f00000000c0)="e91caed838bc9be5f3", 0x9, 0x81, 0x0, 0x0)

6.961636131s ago: executing program 0 (id=496):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff7ffc}]})
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = eventfd(0x8c66)
ioctl$KVM_IOEVENTFD(r2, 0x4040ae79, &(0x7f0000000240)={0x10000, 0xeeef0000, 0x1, r3, 0x9})
close_range(r0, 0xffffffffffffffff, 0x0)

6.671452523s ago: executing program 4 (id=497):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, 0x0, 0x0)
sendmsg$can_bcm(r0, 0x0, 0x0)
sendmsg$can_bcm(r0, 0x0, 0x240080cc)
r1 = syz_usb_connect$uac3(0x5, 0x80, &(0x7f0000000180)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x40, 0x1395, 0x300, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x6e, 0x3, 0x1, 0x54, 0xc0, 0xf, {0x8, 0xb, 0x0, 0x1, 0x1, 0x1, 0x30, 0x4}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x30, 0x0, {{0xa, 0x24, 0x1, 0xe, 0xa, 0x81}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x200, 0x5, 0xe0, 0x0, {0xa, 0x25, 0x25, 0x8, 0x1f, 0x2}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x30, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x40, 0x5, 0xc, 0x1, {0xa, 0x25, 0x25, 0x800, 0xf3, 0x3}}}}}}}}]}}, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r1, &(0x7f0000000000)={0xfffffffffffffd95, 0x0, &(0x7f0000000080)={0x0, 0x3, 0x4, @lang_id={0x4, 0x3, 0x814}}, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$uac3(r1, &(0x7f0000000140)={0x14, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00033d0000003d03", @ANYRES64=r1]}, 0x0)

5.696552236s ago: executing program 1 (id=498):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'veth0_to_bridge\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000005c0)=@newqdisc={0x138, 0x24, 0x4ee4e6a52ff56541, 0x8000000, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff7}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x108, 0x2, {{0xfffffffe, 0x2, 0x40, 0x7, 0xe9, 0xcc36}, [@TCA_NETEM_LOSS={0xbc, 0x5, 0x0, 0x1, [@NETEM_LOSS_GI={0x18, 0x1, {0x4, 0x10, 0x1, 0x9, 0x5}}, @NETEM_LOSS_GI={0x18, 0x1, {0x5, 0x1000, 0x10000, 0x5, 0x7}}, @NETEM_LOSS_GE={0xe, 0x2, {0x1, 0x9, 0x1, 0x8}}, @NETEM_LOSS_GI={0x18, 0x1, {0xcfbb, 0x2, 0x10001, 0x8, 0x1}}, @NETEM_LOSS_GE={0x14, 0x2, {0x9, 0x5, 0x1003, 0xb}}, @NETEM_LOSS_GI={0x18, 0x1, {0x8, 0x0, 0xfffff001, 0xf6, 0x3}}, @NETEM_LOSS_GI={0x18, 0x1, {0x7, 0x3, 0x5, 0x4, 0x27c}}, @NETEM_LOSS_GI={0x18, 0x1, {0x6, 0x8, 0x10000, 0x2, 0x7fff}}]}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0x8, 0x1000}}, @TCA_NETEM_CORRUPT={0xc, 0x4, {0xbba5, 0x2}}, @TCA_NETEM_LATENCY64={0xc, 0xa, 0xff}, @TCA_NETEM_LATENCY64={0xc, 0xa, 0x1}]}}}]}, 0x138}}, 0x0)

3.914227963s ago: executing program 0 (id=499):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0xa, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000f9b000/0x1000)=nil, 0x1000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000001040)={0x4c, 0x0, &(0x7f0000000ec0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0})

3.298080018s ago: executing program 0 (id=500):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@newlink={0x38, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x504c3}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_PMTUDISC={0x5, 0xa, 0xfd}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40010}, 0x4c040)

1.994611201s ago: executing program 4 (id=501):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000380)={0x79, 0x0, 0xc53})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000040)=0x3)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000003, 0x13, r2, 0x0)
ioctl$KVM_INTERRUPT(r2, 0x4004ae86, &(0x7f0000000240)=0x4)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000000c0)={[0x8, 0x8, 0x4000005, 0x2, 0x2, 0x2, 0x10001, 0x4, 0x3, 0x8000000000009, 0x3, 0x0, 0x3, 0x6, 0xbbd, 0x6], 0x50000, 0x8340})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

152.561131ms ago: executing program 0 (id=502):
syz_usb_connect(0x2, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000564404204e080110f9330102030109021b00010000000009040000014a90c200090588"], 0x0)

115.100172ms ago: executing program 4 (id=503):
r0 = syz_usb_connect$printer(0x3, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="12010002000000102105a8b140000102030109021b000101000000090400ff020701010009050102"], 0x0)
socket$packet(0x11, 0x3, 0x300)
syz_usb_control_io$printer(r0, 0x0, &(0x7f00000000c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1, 0x84}})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x80000000000)
read(r1, 0x0, 0x0)

0s ago: executing program 1 (id=504):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
openat2$dir(0xffffffffffffff9c, 0x0, &(0x7f00000002c0)={0x284140, 0x82, 0x4}, 0x18)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x141000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001140)=ANY=[], 0x48}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r0, &(0x7f00003a1000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f0000000000)="9a01000000f800b8d58800000f23d00f21f8351000000d0f23f864640f79ea66baf80cb8c85f5480ef66bafc0cecc4c2adac17b9550200000f320f2860c7c4e11751df0f2e2d00000080b9800000c00f3235008000000f30", 0x58}], 0x1, 0x4a, 0x0, 0x0)
ioctl$KVM_SET_GUEST_DEBUG_x86(r2, 0x4048ae9b, &(0x7f0000000080)={0x70003, 0x0, {[0xffffffffffffffff, 0x1f8, 0x7, 0xffffffffefffff15, 0x3, 0x4, 0x1, 0x4]}})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

ber 6 using dummy_hcd
[  186.373461][ T5973] usb 1-1: device descriptor read/64, error -71
[  186.982023][ T5973] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  187.112038][ T5973] usb 1-1: device descriptor read/64, error -71
[  187.233563][ T5973] usb usb1-port1: attempt power cycle
[  187.603950][ T5973] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  187.622703][ T5973] usb 1-1: device descriptor read/8, error -71
[  187.719994][ T6537] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  187.862036][ T5973] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  187.884000][ T5973] usb 1-1: device descriptor read/8, error -71
[  187.945820][ T6540] netlink: 'syz.1.211': attribute type 1 has an invalid length.
[  187.945842][ T6540] netlink: 268 bytes leftover after parsing attributes in process `syz.1.211'.
[  188.002305][ T5973] usb usb1-port1: unable to enumerate USB device
[  188.555396][    C0] vcan0: j1939_tp_rxtimer: 0xffff888037cb0c00: rx timeout, send abort
[  188.806687][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888037cb0c00: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  189.388868][ T6549] =======================================================
[  189.388868][ T6549] WARNING: The mand mount option has been deprecated and
[  189.388868][ T6549]          and is ignored by this kernel. Remove the mand
[  189.388868][ T6549]          option from the mount to silence this warning.
[  189.388868][ T6549] =======================================================
[  189.534756][ T6555] trusted_key: syz.4.217 sent an empty control message without MSG_MORE.
[  189.535628][ T6555] FAULT_INJECTION: forcing a failure.
[  189.535628][ T6555] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  189.535661][ T6555] CPU: 1 UID: 0 PID: 6555 Comm: syz.4.217 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  189.535687][ T6555] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  189.535700][ T6555] Call Trace:
[  189.535708][ T6555]  <TASK>
[  189.535718][ T6555]  dump_stack_lvl+0xe8/0x150
[  189.535748][ T6555]  should_fail_ex+0x46b/0x600
[  189.535788][ T6555]  _copy_from_user+0x2d/0xb0
[  189.535813][ T6555]  ___sys_recvmsg+0x175/0x590
[  189.535847][ T6555]  ? __pfx____sys_recvmsg+0x10/0x10
[  189.535884][ T6555]  ? __fget_files+0x2a/0x420
[  189.535936][ T6555]  ? __fget_files+0x3a6/0x420
[  189.535980][ T6555]  do_recvmmsg+0x33a/0x800
[  189.536018][ T6555]  ? __pfx_do_recvmmsg+0x10/0x10
[  189.536060][ T6555]  ? rt_mutex_slowunlock+0x1cb/0x300
[  189.536108][ T6555]  __x64_sys_recvmmsg+0x198/0x250
[  189.536140][ T6555]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  189.536179][ T6555]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.536203][ T6555]  do_syscall_64+0x15f/0xf80
[  189.536225][ T6555]  ? trace_irq_disable+0x3b/0x140
[  189.536251][ T6555]  ? clear_bhb_loop+0x40/0x90
[  189.536278][ T6555]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  189.536300][ T6555] RIP: 0033:0x7f397831cdd9
[  189.536321][ T6555] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  189.536338][ T6555] RSP: 002b:00007f3976576028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  189.536361][ T6555] RAX: ffffffffffffffda RBX: 00007f3978595fa0 RCX: 00007f397831cdd9
[  189.536377][ T6555] RDX: 0000000000000001 RSI: 00002000000008c0 RDI: 0000000000000004
[  189.536391][ T6555] RBP: 00007f3976576090 R08: 0000000000000000 R09: 0000000000000000
[  189.536404][ T6555] R10: 0000000000012000 R11: 0000000000000246 R12: 0000000000000001
[  189.536416][ T6555] R13: 00007f3978596038 R14: 00007f3978595fa0 R15: 00007fff70fae778
[  189.536451][ T6555]  </TASK>
[  189.781587][ T6562] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  190.891442][ T5717] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  191.095333][ T5717] usb 3-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  191.095392][ T5717] usb 3-1: config 2 interface 0 altsetting 178 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  191.095418][ T5717] usb 3-1: config 2 interface 0 has no altsetting 0
[  191.098135][ T5717] usb 3-1: New USB device found, idVendor=04d8, idProduct=0083, bcdDevice=da.47
[  191.098162][ T5717] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.098182][ T5717] usb 3-1: Product: syz
[  191.098196][ T5717] usb 3-1: Manufacturer: syz
[  191.098211][ T5717] usb 3-1: SerialNumber: syz
[  191.183211][ T5973] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  191.369410][ T5973] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  191.369443][ T5973] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  191.369527][ T5973] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[  191.405834][ T5973] usb 5-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  191.406123][ T5973] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.406146][ T5973] usb 5-1: Product: syz
[  191.406162][ T5973] usb 5-1: Manufacturer: syz
[  191.406177][ T5973] usb 5-1: SerialNumber: syz
[  191.491746][ T5973] usb 5-1: config 0 descriptor??
[  191.503810][ T6563] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  191.504010][ T6563] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  191.542758][ T5973] usb 5-1: ucan: probing device on interface #0
[  191.575800][ T5717] ims_pcu 3-1:2.0: Missing CDC union descriptor
[  191.576040][ T5717] ims_pcu 3-1:2.0: probe with driver ims_pcu failed with error -22
[  192.405360][ T5717] usb 3-1: USB disconnect, device number 7
[  192.854564][ T6563] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  194.172187][ T5973] ucan 5-1:0.0: probe with driver ucan failed with error -110
[  194.512711][ T6602] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  194.512738][ T6602] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  194.512875][ T6602] F2FS-fs (loop1): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  194.512894][ T6602] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  195.254910][ T1334] ieee802154 phy0 wpan0: encryption failed: -22
[  195.254984][ T1334] ieee802154 phy1 wpan1: encryption failed: -22
[  195.336210][    T9] usb 5-1: USB disconnect, device number 10
[  195.552043][ T5605] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  195.630064][ T6614] FAULT_INJECTION: forcing a failure.
[  195.630064][ T6614] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  195.630096][ T6614] CPU: 1 UID: 0 PID: 6614 Comm: syz.0.235 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  195.630115][ T6614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  195.630125][ T6614] Call Trace:
[  195.630131][ T6614]  <TASK>
[  195.630138][ T6614]  dump_stack_lvl+0xe8/0x150
[  195.630165][ T6614]  should_fail_ex+0x46b/0x600
[  195.630198][ T6614]  _copy_from_user+0x2d/0xb0
[  195.630219][ T6614]  ___sys_sendmsg+0x1c6/0x360
[  195.630243][ T6614]  ? __lock_acquire+0x6b5/0x2cf0
[  195.630270][ T6614]  ? __pfx____sys_sendmsg+0x10/0x10
[  195.630324][ T6614]  ? __fget_files+0x2a/0x420
[  195.630352][ T6614]  ? __fget_files+0x3a6/0x420
[  195.630388][ T6614]  __x64_sys_sendmsg+0x1c3/0x2a0
[  195.630414][ T6614]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  195.630446][ T6614]  ? __pfx_ksys_write+0x10/0x10
[  195.630476][ T6614]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.630495][ T6614]  do_syscall_64+0x15f/0xf80
[  195.630513][ T6614]  ? trace_irq_disable+0x3b/0x140
[  195.630532][ T6614]  ? clear_bhb_loop+0x40/0x90
[  195.630553][ T6614]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  195.630570][ T6614] RIP: 0033:0x7f8605adcdd9
[  195.630587][ T6614] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  195.630602][ T6614] RSP: 002b:00007f8603d36028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  195.630622][ T6614] RAX: ffffffffffffffda RBX: 00007f8605d55fa0 RCX: 00007f8605adcdd9
[  195.630637][ T6614] RDX: 0000000020000010 RSI: 0000200000000900 RDI: 0000000000000003
[  195.630649][ T6614] RBP: 00007f8603d36090 R08: 0000000000000000 R09: 0000000000000000
[  195.630660][ T6614] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  195.630671][ T6614] R13: 00007f8605d56038 R14: 00007f8605d55fa0 R15: 00007ffddcbcb2a8
[  195.630702][ T6614]  </TASK>
[  195.701973][ T5605] usb 4-1: Using ep0 maxpacket: 32
[  195.833526][ T5605] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  195.833552][ T5605] usb 4-1: config 0 has no interface number 0
[  195.883792][ T5605] usb 4-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=93.d8
[  195.883823][ T5605] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.883844][ T5605] usb 4-1: Product: syz
[  195.883859][ T5605] usb 4-1: Manufacturer: syz
[  195.883874][ T5605] usb 4-1: SerialNumber: syz
[  195.932070][ T5605] usb 4-1: config 0 descriptor??
[  195.965228][ T5605] usb 4-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  195.965270][ T5605] usb 4-1: selecting invalid altsetting 1
[  195.965288][ T5605] usb 4-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  196.081423][ T5605] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  196.084158][ T5605] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  196.084297][ T5605] usb 4-1: media controller created
[  196.227371][ T5605] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  196.598495][ T6622] sysfs: cannot create duplicate filename '/class/ieee80211/1ùà^!'
[  196.598518][ T6622] CPU: 1 UID: 0 PID: 6622 Comm: syz.2.237 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  196.598544][ T6622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  196.598561][ T6622] Call Trace:
[  196.598570][ T6622]  <TASK>
[  196.598579][ T6622]  dump_stack_lvl+0xe8/0x150
[  196.598614][ T6622]  sysfs_warn_dup+0x8e/0xa0
[  196.598649][ T6622]  sysfs_do_create_link_sd+0xc0/0x110
[  196.598689][ T6622]  device_add_class_symlinks+0x1d2/0x240
[  196.598719][ T6622]  device_add+0x475/0xbb0
[  196.598749][ T6622]  wiphy_register+0x1dc5/0x2dc0
[  196.598792][ T6622]  ? __pfx_wiphy_register+0x10/0x10
[  196.598815][ T6622]  ? __pfx_netdev_run_todo+0x10/0x10
[  196.598843][ T6622]  ? minstrel_ht_alloc+0x6e0/0x7e0
[  196.598881][ T6622]  ? ieee80211_init_rate_ctrl_alg+0x55d/0x5d0
[  196.598923][ T6622]  ieee80211_register_hw+0x3d82/0x4a70
[  196.598967][ T6622]  ? ieee80211_register_hw+0x1951/0x4a70
[  196.599027][ T6622]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  196.599057][ T6622]  ? __asan_memset+0x22/0x50
[  196.599093][ T6622]  ? __hrtimer_setup+0x1c2/0x260
[  196.599114][ T6622]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  196.599145][ T6622]  mac80211_hwsim_new_radio+0x3051/0x54e0
[  196.599188][ T6622]  ? mac80211_hwsim_new_radio+0xee/0x54e0
[  196.599230][ T6622]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  196.599252][ T6622]  ? kstrndup+0xbf/0x160
[  196.599298][ T6622]  hwsim_new_radio_nl+0xf6a/0x1c00
[  196.599348][ T6622]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  196.599382][ T6622]  ? rcu_is_watching+0x15/0xb0
[  196.599415][ T6622]  ? trace_kmalloc+0x2a/0xf0
[  196.599446][ T6622]  ? __nla_parse+0x40/0x60
[  196.599475][ T6622]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[  196.599510][ T6622]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[  196.599552][ T6622]  genl_family_rcv_msg_doit+0x22a/0x330
[  196.599592][ T6622]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  196.599622][ T6622]  ? rcu_is_watching+0x15/0xb0
[  196.599669][ T6622]  ? bpf_lsm_capable+0x9/0x20
[  196.599695][ T6622]  ? security_capable+0x7e/0x2c0
[  196.599733][ T6622]  genl_rcv_msg+0x61c/0x7a0
[  196.599772][ T6622]  ? __pfx_genl_rcv_msg+0x10/0x10
[  196.599798][ T6622]  ? ref_tracker_free+0x673/0x820
[  196.599817][ T6622]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  196.599840][ T6622]  ? __pfx_ref_tracker_free+0x10/0x10
[  196.599860][ T6622]  ? __asan_memcpy+0x40/0x70
[  196.599889][ T6622]  ? __skb_clone+0x63/0x7a0
[  196.599922][ T6622]  netlink_rcv_skb+0x232/0x4b0
[  196.599945][ T6622]  ? __pfx_genl_rcv_msg+0x10/0x10
[  196.599974][ T6622]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  196.600009][ T6622]  ? netlink_deliver_tap+0x2e/0x1b0
[  196.600041][ T6622]  ? netlink_deliver_tap+0x2e/0x1b0
[  196.600068][ T6622]  genl_rcv+0x28/0x40
[  196.600094][ T6622]  netlink_unicast+0x780/0x920
[  196.600140][ T6622]  netlink_sendmsg+0x813/0xb40
[  196.600173][ T6622]  ? __pfx_netlink_sendmsg+0x10/0x10
[  196.600206][ T6622]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  196.600233][ T6622]  ____sys_sendmsg+0x94c/0x9c0
[  196.600268][ T6622]  ? __pfx_____sys_sendmsg+0x10/0x10
[  196.600301][ T6622]  ? import_iovec+0x73/0xa0
[  196.600327][ T6622]  ___sys_sendmsg+0x2a5/0x360
[  196.600350][ T6622]  ? __lock_acquire+0x6b5/0x2cf0
[  196.600382][ T6622]  ? __pfx____sys_sendmsg+0x10/0x10
[  196.600413][ T6622]  ? futex_wait+0x2a2/0x390
[  196.600461][ T6622]  ? __fget_files+0x2a/0x420
[  196.600492][ T6622]  ? __fget_files+0x3a6/0x420
[  196.600535][ T6622]  __x64_sys_sendmsg+0x1c3/0x2a0
[  196.600565][ T6622]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  196.600602][ T6622]  ? rcu_is_watching+0x15/0xb0
[  196.600643][ T6622]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.600666][ T6622]  do_syscall_64+0x15f/0xf80
[  196.600691][ T6622]  ? clear_bhb_loop+0x40/0x90
[  196.600716][ T6622]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.600737][ T6622] RIP: 0033:0x7fb8e0c2cdd9
[  196.600758][ T6622] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  196.600777][ T6622] RSP: 002b:00007fb8dee86028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  196.600800][ T6622] RAX: ffffffffffffffda RBX: 00007fb8e0ea5fa0 RCX: 00007fb8e0c2cdd9
[  196.600817][ T6622] RDX: 0000000004004004 RSI: 0000200000000100 RDI: 0000000000000005
[  196.600831][ T6622] RBP: 00007fb8e0cc2d69 R08: 0000000000000000 R09: 0000000000000000
[  196.600845][ T6622] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  196.600857][ T6622] R13: 00007fb8e0ea6038 R14: 00007fb8e0ea5fa0 R15: 00007ffda59a4cb8
[  196.600893][ T6622]  </TASK>
[  196.864502][    C0] vcan0: j1939_tp_rxtimer: 0xffff888063851c00: rx timeout, send abort
[  196.865013][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888063851c00: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  197.987714][ T6606] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  198.084568][ T6631] veth1_to_bridge: entered allmulticast mode
[  198.085331][ T6631] bridge0: port 3(veth1_to_bridge) entered blocking state
[  198.085738][ T6631] bridge0: port 3(veth1_to_bridge) entered disabled state
[  198.089291][ T6631] veth1_to_bridge: entered promiscuous mode
[  198.089498][ T6631] bridge0: adding interface veth1_to_bridge with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  198.132963][ T6631] bridge0: port 3(veth1_to_bridge) entered blocking state
[  198.139467][ T6631] bridge0: port 3(veth1_to_bridge) entered forwarding state
[  198.268866][ T5605] usb 4-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[  198.268926][ T5605] zl10353_read_register: readreg error (reg=127, ret==-32)
[  198.387000][ T6636] netlink: 4 bytes leftover after parsing attributes in process `syz.0.241'.
[  198.582577][ T5717] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  199.707842][ T5717] usb 2-1: config 0 has an invalid interface number: 76 but max is 0
[  199.707874][ T5717] usb 2-1: config 0 has no interface number 0
[  199.707923][ T5717] usb 2-1: config 0 interface 76 altsetting 232 endpoint 0xD has invalid maxpacket 1023, setting to 64
[  199.707951][ T5717] usb 2-1: config 0 interface 76 altsetting 232 endpoint 0xC has an invalid bInterval 129, changing to 11
[  199.707980][ T5717] usb 2-1: config 0 interface 76 altsetting 232 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  199.708009][ T5717] usb 2-1: config 0 interface 76 altsetting 232 has a duplicate endpoint with address 0x8D, skipping
[  199.708034][ T5717] usb 2-1: config 0 interface 76 altsetting 232 has a duplicate endpoint with address 0xB, skipping
[  199.708058][ T5717] usb 2-1: config 0 interface 76 altsetting 232 bulk endpoint 0x8 has invalid maxpacket 8
[  199.708083][ T5717] usb 2-1: config 0 interface 76 altsetting 232 has a duplicate endpoint with address 0xD, skipping
[  199.708106][ T5717] usb 2-1: config 0 interface 76 has no altsetting 0
[  199.711080][ T5717] usb 2-1: Dual-Role OTG device on HNP port
[  199.711358][ T5717] usb 2-1: New USB device found, idVendor=0eab, idProduct=c893, bcdDevice=6b.38
[  199.711382][ T5717] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.711400][ T5717] usb 2-1: Product: syz
[  199.711413][ T5717] usb 2-1: Manufacturer: à ¡
[  199.711425][ T5717] usb 2-1: SerialNumber: syz
[  199.856137][ T5717] usb 2-1: config 0 descriptor??
[  199.859829][ T6635] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  200.007240][ T6648] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  200.007267][ T6648] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  200.007382][ T6648] F2FS-fs (loop0): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  200.007401][ T6648] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  200.745790][ T6655] FAULT_INJECTION: forcing a failure.
[  200.745790][ T6655] name failslab, interval 1, probability 0, space 0, times 0
[  200.745827][ T6655] CPU: 1 UID: 0 PID: 6655 Comm: syz.4.248 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  200.745852][ T6655] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  200.745865][ T6655] Call Trace:
[  200.745873][ T6655]  <TASK>
[  200.745882][ T6655]  dump_stack_lvl+0xe8/0x150
[  200.745914][ T6655]  should_fail_ex+0x46b/0x600
[  200.745956][ T6655]  should_failslab+0xa8/0x100
[  200.745985][ T6655]  __kmalloc_noprof+0xdf/0x7b0
[  200.746008][ T6655]  ? kfree+0x4d/0x6c0
[  200.746028][ T6655]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  200.746069][ T6655]  tomoyo_realpath_from_path+0xe3/0x5d0
[  200.746106][ T6655]  ? tomoyo_domain+0xd8/0x130
[  200.746133][ T6655]  ? tomoyo_path_number_perm+0x219/0x630
[  200.746162][ T6655]  tomoyo_path_number_perm+0x246/0x630
[  200.746194][ T6655]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  200.746223][ T6655]  ? __lock_acquire+0x6b5/0x2cf0
[  200.746256][ T6655]  ? do_raw_spin_lock+0x12b/0x2f0
[  200.746317][ T6655]  ? __fget_files+0x2a/0x420
[  200.746355][ T6655]  ? __fget_files+0x2a/0x420
[  200.746386][ T6655]  ? __fget_files+0x3a6/0x420
[  200.746417][ T6655]  ? __fget_files+0x2a/0x420
[  200.746455][ T6655]  security_file_ioctl+0xc3/0x2a0
[  200.746488][ T6655]  __se_sys_ioctl+0x47/0x170
[  200.746515][ T6655]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.746547][ T6655]  do_syscall_64+0x15f/0xf80
[  200.746570][ T6655]  ? trace_irq_disable+0x3b/0x140
[  200.746597][ T6655]  ? clear_bhb_loop+0x40/0x90
[  200.746624][ T6655]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.746646][ T6655] RIP: 0033:0x7f397831cdd9
[  200.746666][ T6655] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  200.746683][ T6655] RSP: 002b:00007f3976576028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  200.746706][ T6655] RAX: ffffffffffffffda RBX: 00007f3978595fa0 RCX: 00007f397831cdd9
[  200.746722][ T6655] RDX: 0000200000000040 RSI: 00000000c00c642d RDI: 0000000000000003
[  200.746736][ T6655] RBP: 00007f3976576090 R08: 0000000000000000 R09: 0000000000000000
[  200.746750][ T6655] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  200.746762][ T6655] R13: 00007f3978596038 R14: 00007f3978595fa0 R15: 00007fff70fae778
[  200.746799][ T6655]  </TASK>
[  200.747523][ T6655] ERROR: Out of memory at tomoyo_realpath_from_path.
[  200.827770][ T5717] option 2-1:0.76: GSM modem (1-port) converter detected
[  201.167926][ T5717] usb 2-1: USB disconnect, device number 7
[  201.848818][ T5717] option 2-1:0.76: device disconnected
[  201.968779][ T6661] FAULT_INJECTION: forcing a failure.
[  201.968779][ T6661] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  201.968815][ T6661] CPU: 0 UID: 0 PID: 6661 Comm: syz.1.250 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  201.968840][ T6661] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  201.968853][ T6661] Call Trace:
[  201.968861][ T6661]  <TASK>
[  201.968871][ T6661]  dump_stack_lvl+0xe8/0x150
[  201.968902][ T6661]  should_fail_ex+0x46b/0x600
[  201.968944][ T6661]  _copy_from_user+0x2d/0xb0
[  201.968970][ T6661]  ___sys_sendmsg+0x1c6/0x360
[  201.968996][ T6661]  ? __lock_acquire+0x6b5/0x2cf0
[  201.969030][ T6661]  ? __pfx____sys_sendmsg+0x10/0x10
[  201.969092][ T6661]  ? __fget_files+0x2a/0x420
[  201.969125][ T6661]  ? __fget_files+0x3a6/0x420
[  201.969168][ T6661]  __x64_sys_sendmsg+0x1c3/0x2a0
[  201.969198][ T6661]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  201.969236][ T6661]  ? __pfx_ksys_write+0x10/0x10
[  201.969269][ T6661]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.969293][ T6661]  do_syscall_64+0x15f/0xf80
[  201.969315][ T6661]  ? trace_irq_disable+0x3b/0x140
[  201.969340][ T6661]  ? clear_bhb_loop+0x40/0x90
[  201.969367][ T6661]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.969390][ T6661] RIP: 0033:0x7f821b2acdd9
[  201.969414][ T6661] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  201.969433][ T6661] RSP: 002b:00007f8219506028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  201.969455][ T6661] RAX: ffffffffffffffda RBX: 00007f821b525fa0 RCX: 00007f821b2acdd9
[  201.969471][ T6661] RDX: 0000000020000010 RSI: 0000200000000900 RDI: 0000000000000004
[  201.969485][ T6661] RBP: 00007f8219506090 R08: 0000000000000000 R09: 0000000000000000
[  201.969498][ T6661] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  201.969510][ T6661] R13: 00007f821b526038 R14: 00007f821b525fa0 R15: 00007ffd456c1cf8
[  201.969544][ T6661]  </TASK>
[  202.299252][ T6664] netlink: 8 bytes leftover after parsing attributes in process `syz.2.251'.
[  202.675154][ T6672] netlink: 'syz.0.254': attribute type 4 has an invalid length.
[  203.044881][ T6666] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  203.391921][ T6672] syz.0.254 (6672) used greatest stack depth: 17832 bytes left
[  203.535267][ T6679] netlink: 8 bytes leftover after parsing attributes in process `syz.0.255'.
[  203.535291][ T6679] netlink: 24 bytes leftover after parsing attributes in process `syz.0.255'.
[  203.851276][    C1] vcan0: j1939_tp_rxtimer: 0xffff88803bf28400: rx timeout, send abort
[  203.859161][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88803bf28400: 0x20000: (3) A timeout occurred and this is the connection abort to close the session.
[  203.932439][ T5840] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  204.081338][ T6688] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  204.081373][ T6688] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  204.081496][ T6688] F2FS-fs (loop2): Magic Mismatch, valid(0xf2f52010) - read(0x0)
[  204.081517][ T6688] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  204.098317][ T5840] usb 5-1: config index 0 descriptor too short (expected 45, got 27)
[  204.098385][ T5840] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  204.143622][ T5840] usb 5-1: New USB device found, idVendor=0bda, idProduct=8150, bcdDevice= 0.00
[  204.143652][ T5840] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  204.143674][ T5840] usb 5-1: Product: syz
[  204.143690][ T5840] usb 5-1: Manufacturer: syz
[  204.143705][ T5840] usb 5-1: SerialNumber: syz
[  204.202490][ T5840] rtl8150 5-1:1.0: couldn't find required endpoints
[  204.202799][ T5840] rtl8150 5-1:1.0: probe with driver rtl8150 failed with error -5
[  204.430465][    T9] usb 5-1: USB disconnect, device number 11
[  206.272019][ T5840] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  206.439921][ T5840] usb 1-1: config 0 has an invalid interface number: 76 but max is 0
[  206.439953][ T5840] usb 1-1: config 0 has no interface number 0
[  206.440003][ T5840] usb 1-1: config 0 interface 76 altsetting 232 endpoint 0xD has invalid maxpacket 1023, setting to 64
[  206.440032][ T5840] usb 1-1: config 0 interface 76 altsetting 232 endpoint 0xC has an invalid bInterval 129, changing to 11
[  206.440061][ T5840] usb 1-1: config 0 interface 76 altsetting 232 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  206.440090][ T5840] usb 1-1: config 0 interface 76 altsetting 232 has a duplicate endpoint with address 0x8D, skipping
[  206.440114][ T5840] usb 1-1: config 0 interface 76 altsetting 232 has a duplicate endpoint with address 0xB, skipping
[  206.440139][ T5840] usb 1-1: config 0 interface 76 altsetting 232 bulk endpoint 0x8 has invalid maxpacket 8
[  206.440165][ T5840] usb 1-1: config 0 interface 76 altsetting 232 has a duplicate endpoint with address 0xD, skipping
[  206.440188][ T5840] usb 1-1: config 0 interface 76 has no altsetting 0
[  206.456831][ T5840] usb 1-1: Dual-Role OTG device on HNP port
[  206.457165][ T5840] usb 1-1: New USB device found, idVendor=0eab, idProduct=c893, bcdDevice=6b.38
[  206.457191][ T5840] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.457230][ T5840] usb 1-1: Product: syz
[  206.457245][ T5840] usb 1-1: Manufacturer: à ¡
[  206.457260][ T5840] usb 1-1: SerialNumber: syz
[  206.647843][ T5840] usb 1-1: config 0 descriptor??
[  206.649411][ T6698] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  206.661135][ T6708] netlink: 'syz.4.265': attribute type 4 has an invalid length.
[  206.951032][ T5840] option 1-1:0.76: GSM modem (1-port) converter detected
[  206.959921][ T5788] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  207.004887][ T5840] usb 1-1: USB disconnect, device number 10
[  207.043686][ T5840] option 1-1:0.76: device disconnected
[  207.101962][ T5788] usb 2-1: Using ep0 maxpacket: 8
[  207.105540][ T5788] usb 2-1: config 1 interface 0 altsetting 5 bulk endpoint 0x1 has invalid maxpacket 8
[  207.105570][ T5788] usb 2-1: config 1 interface 0 has no altsetting 0
[  207.107980][ T5788] usb 2-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[  207.108009][ T5788] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.108030][ T5788] usb 2-1: Product: syz
[  207.108045][ T5788] usb 2-1: Manufacturer: syz
[  207.108060][ T5788] usb 2-1: SerialNumber: syz
[  207.183800][ T6705] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  207.438200][ T6715] FAULT_INJECTION: forcing a failure.
[  207.438200][ T6715] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  207.438237][ T6715] CPU: 1 UID: 0 PID: 6715 Comm: syz.2.268 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  207.438261][ T6715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  207.438274][ T6715] Call Trace:
[  207.438282][ T6715]  <TASK>
[  207.438292][ T6715]  dump_stack_lvl+0xe8/0x150
[  207.438324][ T6715]  should_fail_ex+0x46b/0x600
[  207.438365][ T6715]  _copy_from_user+0x2d/0xb0
[  207.438391][ T6715]  ucma_write+0x166/0x2f0
[  207.438420][ T6715]  ? __pfx_ucma_write+0x10/0x10
[  207.438447][ T6715]  ? rw_verify_area+0x25b/0x4e0
[  207.438472][ T6715]  ? __pfx_ucma_write+0x10/0x10
[  207.438497][ T6715]  vfs_write+0x2a3/0xba0
[  207.438531][ T6715]  ? __pfx_vfs_write+0x10/0x10
[  207.438558][ T6715]  ? __fget_files+0x2a/0x420
[  207.438594][ T6715]  ? __fget_files+0x2a/0x420
[  207.438626][ T6715]  ? __fget_files+0x3a6/0x420
[  207.438658][ T6715]  ? __fget_files+0x2a/0x420
[  207.438701][ T6715]  ksys_write+0x156/0x270
[  207.438729][ T6715]  ? __pfx_ksys_write+0x10/0x10
[  207.438762][ T6715]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.438786][ T6715]  do_syscall_64+0x15f/0xf80
[  207.438808][ T6715]  ? trace_irq_disable+0x3b/0x140
[  207.438834][ T6715]  ? clear_bhb_loop+0x40/0x90
[  207.438862][ T6715]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  207.438889][ T6715] RIP: 0033:0x7fb8e0c2cdd9
[  207.438909][ T6715] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  207.438927][ T6715] RSP: 002b:00007fb8dee86028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  207.438950][ T6715] RAX: ffffffffffffffda RBX: 00007fb8e0ea5fa0 RCX: 00007fb8e0c2cdd9
[  207.438966][ T6715] RDX: 0000000000000018 RSI: 0000200000000000 RDI: 0000000000000003
[  207.438979][ T6715] RBP: 00007fb8dee86090 R08: 0000000000000000 R09: 0000000000000000
[  207.438992][ T6715] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  207.439006][ T6715] R13: 00007fb8e0ea6038 R14: 00007fb8e0ea5fa0 R15: 00007ffda59a4cb8
[  207.439040][ T6715]  </TASK>
[  207.697127][ T5788] usb 2-1: USB disconnect, device number 8
[  207.875093][ T6721] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.270'.
[  208.574865][ T6734] FAULT_INJECTION: forcing a failure.
[  208.574865][ T6734] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  208.574903][ T6734] CPU: 0 UID: 0 PID: 6734 Comm: syz.1.276 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  208.574928][ T6734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  208.574942][ T6734] Call Trace:
[  208.574951][ T6734]  <TASK>
[  208.574960][ T6734]  dump_stack_lvl+0xe8/0x150
[  208.574992][ T6734]  should_fail_ex+0x46b/0x600
[  208.575033][ T6734]  _copy_from_user+0x2d/0xb0
[  208.575059][ T6734]  ucma_write+0x166/0x2f0
[  208.575088][ T6734]  ? __pfx_ucma_write+0x10/0x10
[  208.575115][ T6734]  ? rw_verify_area+0x25b/0x4e0
[  208.575139][ T6734]  ? __pfx_ucma_write+0x10/0x10
[  208.575172][ T6734]  vfs_write+0x2a3/0xba0
[  208.575206][ T6734]  ? __pfx_vfs_write+0x10/0x10
[  208.575234][ T6734]  ? __fget_files+0x2a/0x420
[  208.575270][ T6734]  ? __fget_files+0x2a/0x420
[  208.575302][ T6734]  ? __fget_files+0x3a6/0x420
[  208.575339][ T6734]  ? __fget_files+0x2a/0x420
[  208.575383][ T6734]  ksys_write+0x156/0x270
[  208.575411][ T6734]  ? __pfx_ksys_write+0x10/0x10
[  208.575446][ T6734]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.575471][ T6734]  do_syscall_64+0x15f/0xf80
[  208.575493][ T6734]  ? trace_irq_disable+0x3b/0x140
[  208.575519][ T6734]  ? clear_bhb_loop+0x40/0x90
[  208.575547][ T6734]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.575570][ T6734] RIP: 0033:0x7f821b2acdd9
[  208.575591][ T6734] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  208.575610][ T6734] RSP: 002b:00007f8219506028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  208.575634][ T6734] RAX: ffffffffffffffda RBX: 00007f821b525fa0 RCX: 00007f821b2acdd9
[  208.575651][ T6734] RDX: 0000000000000018 RSI: 0000200000000000 RDI: 0000000000000003
[  208.575665][ T6734] RBP: 00007f8219506090 R08: 0000000000000000 R09: 0000000000000000
[  208.575679][ T6734] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  208.575692][ T6734] R13: 00007f821b526038 R14: 00007f821b525fa0 R15: 00007ffd456c1cf8
[  208.575726][ T6734]  </TASK>
[  209.290990][ T6741] FAULT_INJECTION: forcing a failure.
[  209.290990][ T6741] name failslab, interval 1, probability 0, space 0, times 0
[  209.291027][ T6741] CPU: 0 UID: 0 PID: 6741 Comm: syz.4.279 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  209.291050][ T6741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  209.291064][ T6741] Call Trace:
[  209.291073][ T6741]  <TASK>
[  209.291083][ T6741]  dump_stack_lvl+0xe8/0x150
[  209.291115][ T6741]  should_fail_ex+0x46b/0x600
[  209.291156][ T6741]  should_failslab+0xa8/0x100
[  209.291190][ T6741]  __kmalloc_noprof+0xdf/0x7b0
[  209.291214][ T6741]  ? kfree+0x4d/0x6c0
[  209.291235][ T6741]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  209.291283][ T6741]  tomoyo_realpath_from_path+0xe3/0x5d0
[  209.291321][ T6741]  ? tomoyo_domain+0xd8/0x130
[  209.291348][ T6741]  ? tomoyo_path_number_perm+0x219/0x630
[  209.291379][ T6741]  tomoyo_path_number_perm+0x246/0x630
[  209.291413][ T6741]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  209.291442][ T6741]  ? __lock_acquire+0x6b5/0x2cf0
[  209.291475][ T6741]  ? do_raw_spin_lock+0x12b/0x2f0
[  209.291537][ T6741]  ? __fget_files+0x2a/0x420
[  209.291574][ T6741]  ? __fget_files+0x2a/0x420
[  209.291607][ T6741]  ? __fget_files+0x3a6/0x420
[  209.291640][ T6741]  ? __fget_files+0x2a/0x420
[  209.291678][ T6741]  security_file_ioctl+0xc3/0x2a0
[  209.291712][ T6741]  __se_sys_ioctl+0x47/0x170
[  209.291739][ T6741]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.291765][ T6741]  do_syscall_64+0x15f/0xf80
[  209.291787][ T6741]  ? trace_irq_disable+0x3b/0x140
[  209.291813][ T6741]  ? clear_bhb_loop+0x40/0x90
[  209.291841][ T6741]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.291863][ T6741] RIP: 0033:0x7f397831cdd9
[  209.291883][ T6741] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  209.291903][ T6741] RSP: 002b:00007f3976576028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  209.291926][ T6741] RAX: ffffffffffffffda RBX: 00007f3978595fa0 RCX: 00007f397831cdd9
[  209.291942][ T6741] RDX: 0000200000000080 RSI: 00000000403c6f2b RDI: 0000000000000003
[  209.291957][ T6741] RBP: 00007f3976576090 R08: 0000000000000000 R09: 0000000000000000
[  209.291971][ T6741] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  209.291984][ T6741] R13: 00007f3978596038 R14: 00007f3978595fa0 R15: 00007fff70fae778
[  209.292020][ T6741]  </TASK>
[  209.378216][ T6741] ERROR: Out of memory at tomoyo_realpath_from_path.
[  212.382861][ T6762] netlink: 28 bytes leftover after parsing attributes in process `syz.1.285'.
[  212.420882][ T6763] netlink: 8 bytes leftover after parsing attributes in process `syz.0.287'.
[  212.540341][ T6766] FAULT_INJECTION: forcing a failure.
[  212.540341][ T6766] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  212.540379][ T6766] CPU: 0 UID: 0 PID: 6766 Comm: syz.0.287 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  212.540404][ T6766] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  212.540418][ T6766] Call Trace:
[  212.540426][ T6766]  <TASK>
[  212.540436][ T6766]  dump_stack_lvl+0xe8/0x150
[  212.540466][ T6766]  should_fail_ex+0x46b/0x600
[  212.540507][ T6766]  _copy_from_user+0x2d/0xb0
[  212.540534][ T6766]  ___sys_sendmsg+0x1c6/0x360
[  212.540561][ T6766]  ? __lock_acquire+0x6b5/0x2cf0
[  212.540594][ T6766]  ? __pfx____sys_sendmsg+0x10/0x10
[  212.540655][ T6766]  ? __fget_files+0x2a/0x420
[  212.540687][ T6766]  ? __fget_files+0x3a6/0x420
[  212.540737][ T6766]  __x64_sys_sendmsg+0x1c3/0x2a0
[  212.540768][ T6766]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  212.540822][ T6766]  ? __pfx_ksys_write+0x10/0x10
[  212.540863][ T6766]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.540889][ T6766]  do_syscall_64+0x15f/0xf80
[  212.540912][ T6766]  ? trace_irq_disable+0x3b/0x140
[  212.540937][ T6766]  ? clear_bhb_loop+0x40/0x90
[  212.540964][ T6766]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  212.540986][ T6766] RIP: 0033:0x7f8605adcdd9
[  212.541007][ T6766] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  212.541026][ T6766] RSP: 002b:00007f8603d15028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  212.541049][ T6766] RAX: ffffffffffffffda RBX: 00007f8605d56090 RCX: 00007f8605adcdd9
[  212.541065][ T6766] RDX: 0000000000000000 RSI: 00002000000002c0 RDI: 0000000000000003
[  212.541079][ T6766] RBP: 00007f8603d15090 R08: 0000000000000000 R09: 0000000000000000
[  212.541093][ T6766] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  212.541106][ T6766] R13: 00007f8605d56128 R14: 00007f8605d56090 R15: 00007ffddcbcb2a8
[  212.541140][ T6766]  </TASK>
[  213.030408][ T5596] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  213.080970][ T5596] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  213.128837][ T5596] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  213.142007][ T5596] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  213.150367][ T5596] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  213.231238][ T6771] netlink: 52 bytes leftover after parsing attributes in process `syz.2.288'.
[  213.251673][ T6769] netlink: 8 bytes leftover after parsing attributes in process `syz.2.288'.
[  213.459048][ T6772] netlink: 'syz.1.289': attribute type 6 has an invalid length.
[  213.459078][ T6772] netlink: 112 bytes leftover after parsing attributes in process `syz.1.289'.
[  213.489918][ T6772] netlink: 4 bytes leftover after parsing attributes in process `syz.1.289'.
[  215.589516][ T5596] Bluetooth: hci5: command tx timeout
[  216.596166][ T6812] FAULT_INJECTION: forcing a failure.
[  216.596166][ T6812] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  216.596204][ T6812] CPU: 0 UID: 0 PID: 6812 Comm: syz.1.299 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  216.596230][ T6812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  216.596244][ T6812] Call Trace:
[  216.596253][ T6812]  <TASK>
[  216.596262][ T6812]  dump_stack_lvl+0xe8/0x150
[  216.596293][ T6812]  should_fail_ex+0x46b/0x600
[  216.596335][ T6812]  _copy_to_user+0x31/0xb0
[  216.596364][ T6812]  simple_read_from_buffer+0xe1/0x170
[  216.596404][ T6812]  proc_fail_nth_read+0x1be/0x230
[  216.596444][ T6812]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  216.596481][ T6812]  ? rw_verify_area+0x2ac/0x4e0
[  216.596505][ T6812]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  216.596543][ T6812]  vfs_read+0x212/0xa80
[  216.596576][ T6812]  ? __pfx_vfs_read+0x10/0x10
[  216.596604][ T6812]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  216.596628][ T6812]  ? lockdep_hardirqs_on+0x7a/0x110
[  216.596651][ T6812]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  216.596682][ T6812]  ? mutex_lock_nested+0x152/0x1d0
[  216.596711][ T6812]  ? fdget_pos+0x252/0x320
[  216.596742][ T6812]  ksys_read+0x156/0x270
[  216.596769][ T6812]  ? __pfx_ksys_read+0x10/0x10
[  216.596803][ T6812]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.596828][ T6812]  do_syscall_64+0x15f/0xf80
[  216.596850][ T6812]  ? trace_irq_disable+0x3b/0x140
[  216.596877][ T6812]  ? clear_bhb_loop+0x40/0x90
[  216.596905][ T6812]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  216.596928][ T6812] RIP: 0033:0x7f821b26d60e
[  216.596948][ T6812] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  216.596966][ T6812] RSP: 002b:00007f82194c3fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  216.596989][ T6812] RAX: ffffffffffffffda RBX: 00007f82194c46c0 RCX: 00007f821b26d60e
[  216.597005][ T6812] RDX: 000000000000000f RSI: 00007f82194c40a0 RDI: 0000000000000006
[  216.597019][ T6812] RBP: 00007f82194c4090 R08: 0000000000000000 R09: 0000000000000000
[  216.597033][ T6812] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  216.597046][ T6812] R13: 00007f821b526218 R14: 00007f821b526180 R15: 00007ffd456c1cf8
[  216.597082][ T6812]  </TASK>
[  216.714910][ T6810] ubifs: Unknown parameter 'fd'
[  217.711655][ T5596] Bluetooth: hci5: command tx timeout
[  218.892417][ T6826] faux_driver vkms: [drm] Unknown color mode 6; guessing buffer size.
[  219.227961][ T6833] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  219.453944][ T6842] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.309'.
[  219.732449][ T5596] Bluetooth: hci5: command tx timeout
[  220.431930][    T9] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  220.595282][    T9] usb 3-1: Using ep0 maxpacket: 16
[  220.598630][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  220.598664][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  220.598705][    T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[  220.598731][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.660710][    T9] usb 3-1: config 0 descriptor??
[  220.785948][ T6848] geneve2: entered promiscuous mode
[  220.878431][ T6855] batadv0: entered promiscuous mode
[  220.948362][ T6855] veth0_to_batadv: entered promiscuous mode
[  221.148885][ T6855] hsr1: entered allmulticast mode
[  221.148910][ T6855] batadv0: entered allmulticast mode
[  221.148938][ T6855] veth0_to_batadv: entered allmulticast mode
[  221.559892][ T6855] 9p: Bad value for 'rfdno'
[  221.763640][    T9] usbhid 3-1:0.0: can't add hid device: -71
[  221.763765][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  221.813257][ T5608] Bluetooth: hci5: command tx timeout
[  221.834917][ T6870] FAULT_INJECTION: forcing a failure.
[  221.834917][ T6870] name failslab, interval 1, probability 0, space 0, times 0
[  221.834955][ T6870] CPU: 1 UID: 0 PID: 6870 Comm: syz.4.317 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  221.834981][ T6870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  221.834995][ T6870] Call Trace:
[  221.835003][ T6870]  <TASK>
[  221.835013][ T6870]  dump_stack_lvl+0xe8/0x150
[  221.835046][ T6870]  should_fail_ex+0x46b/0x600
[  221.835087][ T6870]  should_failslab+0xa8/0x100
[  221.835122][ T6870]  __kvmalloc_node_noprof+0x170/0x8e0
[  221.835152][ T6870]  ? file_tty_write+0x2ec/0xa10
[  221.835175][ T6870]  ? _mutex_trylock_nest_lock+0x128/0x180
[  221.835213][ T6870]  file_tty_write+0x2ec/0xa10
[  221.835248][ T6870]  vfs_write+0x629/0xba0
[  221.835292][ T6870]  ? __pfx_vfs_write+0x10/0x10
[  221.835330][ T6870]  ? __fget_files+0x2a/0x420
[  221.835374][ T6870]  ksys_write+0x156/0x270
[  221.835403][ T6870]  ? __pfx_ksys_write+0x10/0x10
[  221.835439][ T6870]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.835465][ T6870]  do_syscall_64+0x15f/0xf80
[  221.835486][ T6870]  ? trace_irq_disable+0x3b/0x140
[  221.835513][ T6870]  ? clear_bhb_loop+0x40/0x90
[  221.835541][ T6870]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  221.835563][ T6870] RIP: 0033:0x7f397831cdd9
[  221.835585][ T6870] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  221.835603][ T6870] RSP: 002b:00007f3976555028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  221.835626][ T6870] RAX: ffffffffffffffda RBX: 00007f3978596090 RCX: 00007f397831cdd9
[  221.835643][ T6870] RDX: 00000000fffffecc RSI: 0000200000000240 RDI: 0000000000000003
[  221.835658][ T6870] RBP: 00007f3976555090 R08: 0000000000000000 R09: 0000000000000000
[  221.835671][ T6870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  221.835684][ T6870] R13: 00007f3978596128 R14: 00007f3978596090 R15: 00007fff70fae778
[  221.835720][ T6870]  </TASK>
[  222.205759][    T9] usb 3-1: USB disconnect, device number 8
[  222.371937][ T5611] Bluetooth: hci1: command 0x0406 tx timeout
[  222.396711][ T5611] Bluetooth: hci2: command 0x0406 tx timeout
[  222.396750][ T5611] Bluetooth: hci0: command 0x0406 tx timeout
[  222.396882][ T5611] Bluetooth: hci3: command 0x0406 tx timeout
[  222.397004][ T5611] Bluetooth: hci4: command 0x0406 tx timeout
[  222.454446][ T6873] CUSE: unknown device info "
"
[  222.454460][ T6873] CUSE: unknown device info ""
[  222.454467][ T6873] CUSE: unknown device info "ÿw"
[  222.454473][ T6873] CUSE: unknown device info ""
[  222.454479][ T6873] CUSE: unknown device info ""
[  222.454486][ T6873] CUSE: unknown device info ""
[  222.454492][ T6873] CUSE: unknown device info ""
[  222.454498][ T6873] CUSE: unknown device info ""
[  222.454505][ T6873] CUSE: DEVNAME unspecified
[  224.043883][ T6765] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.044107][ T6765] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.045917][ T6765] bridge_slave_0: entered allmulticast mode
[  224.084636][ T6765] bridge_slave_0: entered promiscuous mode
[  224.109581][ T6765] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.109793][ T6765] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.109984][ T6765] bridge_slave_1: entered allmulticast mode
[  224.146140][ T6765] bridge_slave_1: entered promiscuous mode
[  224.561755][ T6898] netlink: 12 bytes leftover after parsing attributes in process `syz.2.324'.
[  226.157166][ T6898] syz.2.324 (6898) used greatest stack depth: 17816 bytes left
[  226.533309][ T6897] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.535357][ T6897] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.024360][ T6916] FAULT_INJECTION: forcing a failure.
[  227.024360][ T6916] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  227.024397][ T6916] CPU: 0 UID: 0 PID: 6916 Comm: syz.1.328 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  227.024422][ T6916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  227.024435][ T6916] Call Trace:
[  227.024443][ T6916]  <TASK>
[  227.024453][ T6916]  dump_stack_lvl+0xe8/0x150
[  227.024483][ T6916]  should_fail_ex+0x46b/0x600
[  227.024524][ T6916]  _copy_from_user+0x2d/0xb0
[  227.024549][ T6916]  __sys_bpf+0x229/0x950
[  227.024578][ T6916]  ? __pfx___sys_bpf+0x10/0x10
[  227.024602][ T6916]  ? rt_mutex_slowunlock+0x1cb/0x300
[  227.024649][ T6916]  ? ksys_write+0x248/0x270
[  227.024676][ T6916]  ? __pfx_ksys_write+0x10/0x10
[  227.024705][ T6916]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.024729][ T6916]  __x64_sys_bpf+0x7c/0x90
[  227.024753][ T6916]  do_syscall_64+0x15f/0xf80
[  227.024775][ T6916]  ? trace_irq_disable+0x3b/0x140
[  227.024800][ T6916]  ? clear_bhb_loop+0x40/0x90
[  227.024828][ T6916]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  227.024850][ T6916] RIP: 0033:0x7f821b2acdd9
[  227.024887][ T6916] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  227.024906][ T6916] RSP: 002b:00007f82194c4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  227.024928][ T6916] RAX: ffffffffffffffda RBX: 00007f821b526180 RCX: 00007f821b2acdd9
[  227.024946][ T6916] RDX: 0000000000000050 RSI: 0000200000002140 RDI: 0000000000000000
[  227.024961][ T6916] RBP: 00007f82194c4090 R08: 0000000000000000 R09: 0000000000000000
[  227.024975][ T6916] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  227.024988][ T6916] R13: 00007f821b526218 R14: 00007f821b526180 R15: 00007ffd456c1cf8
[  227.025024][ T6916]  </TASK>
[  229.501333][ T6897] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  229.507142][ T6897] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  232.680764][ T6910] netlink: 72 bytes leftover after parsing attributes in process `syz.4.327'.
[  232.680795][ T6910] netlink: 72 bytes leftover after parsing attributes in process `syz.4.327'.
[  232.816463][ T6897] syz.2.324 (6897) used greatest stack depth: 16608 bytes left
[  233.262054][ T6823] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  233.342720][ T6765] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  233.362748][ T6823] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  233.393476][ T6823] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  233.720579][ T6765] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  233.721094][ T6823] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  234.463163][ T6939] bridge0: port 4(gretap1) entered blocking state
[  234.463738][ T6939] bridge0: port 4(gretap1) entered disabled state
[  234.465710][ T6939] gretap1: entered allmulticast mode
[  234.497005][ T6939] gretap1: entered promiscuous mode
[  234.548969][ T6765] team0: Port device team_slave_0 added
[  234.679218][ T6936] overlay: ./file0 is not a directory
[  234.715369][ T6943] hfsplus: unable to find HFS+ superblock
[  234.738756][ T6765] team0: Port device team_slave_1 added
[  235.160711][ T6765] batman_adv: batadv0: Adding interface: batadv_slave_0
[  235.160730][ T6765] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  235.160760][ T6765] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  235.693998][  T819] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  236.399182][ T6955] FAULT_INJECTION: forcing a failure.
[  236.399182][ T6955] name failslab, interval 1, probability 0, space 0, times 0
[  236.399218][ T6955] CPU: 1 UID: 0 PID: 6955 Comm: syz.1.340 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  236.399244][ T6955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  236.399258][ T6955] Call Trace:
[  236.399267][ T6955]  <TASK>
[  236.399276][ T6955]  dump_stack_lvl+0xe8/0x150
[  236.399308][ T6955]  should_fail_ex+0x46b/0x600
[  236.399350][ T6955]  should_failslab+0xa8/0x100
[  236.399403][ T6955]  kmem_cache_alloc_noprof+0x87/0x680
[  236.399427][ T6955]  ? lockdep_hardirqs_on+0x7a/0x110
[  236.399450][ T6955]  ? do_getname+0x2e/0x250
[  236.399485][ T6955]  do_getname+0x2e/0x250
[  236.399514][ T6955]  ? getname_flags+0x11/0x20
[  236.399547][ T6955]  do_sys_openat2+0xca/0x200
[  236.399584][ T6955]  ? __pfx_do_sys_openat2+0x10/0x10
[  236.399619][ T6955]  ? ksys_write+0x248/0x270
[  236.399669][ T6955]  ? __pfx_ksys_write+0x10/0x10
[  236.399698][ T6955]  __x64_sys_openat+0x138/0x170
[  236.399736][ T6955]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.399760][ T6955]  do_syscall_64+0x15f/0xf80
[  236.399782][ T6955]  ? trace_irq_disable+0x3b/0x140
[  236.399813][ T6955]  ? clear_bhb_loop+0x40/0x90
[  236.399842][ T6955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  236.399864][ T6955] RIP: 0033:0x7f821b2acdd9
[  236.399885][ T6955] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  236.399905][ T6955] RSP: 002b:00007f8219506028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  236.399929][ T6955] RAX: ffffffffffffffda RBX: 00007f821b525fa0 RCX: 00007f821b2acdd9
[  236.399945][ T6955] RDX: 0000000000105042 RSI: 0000200000000000 RDI: ffffffffffffff9c
[  236.399960][ T6955] RBP: 00007f8219506090 R08: 0000000000000000 R09: 0000000000000000
[  236.399974][ T6955] R10: 00000000000001db R11: 0000000000000246 R12: 0000000000000001
[  236.399987][ T6955] R13: 00007f821b526038 R14: 00007f821b525fa0 R15: 00007ffd456c1cf8
[  236.400022][ T6955]  </TASK>
[  236.491951][  T819] usb 3-1: Using ep0 maxpacket: 16
[  236.579610][  T819] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  236.579650][  T819] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.579672][  T819] usb 3-1: Product: syz
[  236.579688][  T819] usb 3-1: Manufacturer: syz
[  236.579702][  T819] usb 3-1: SerialNumber: syz
[  236.674144][ T6765] batman_adv: batadv0: Adding interface: batadv_slave_1
[  236.674163][ T6765] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  236.674193][ T6765] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  236.843782][  T819] usb 3-1: config 0 descriptor??
[  236.957335][  T819] visor 3-1:0.0: Sony Clie 3.5 converter detected
[  236.974838][ T6959] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.342'.
[  237.173112][ T5719] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  237.363901][ T5719] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x6 has invalid maxpacket 17343, setting to 1024
[  237.363933][ T5719] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1024
[  237.363957][ T5719] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 237, changing to 7
[  237.363981][ T5719] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 59314, setting to 1024
[  237.368352][ T5719] usb 5-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=e5.38
[  237.368383][ T5719] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.368406][ T5719] usb 5-1: Product: syz
[  237.368421][ T5719] usb 5-1: Manufacturer: syz
[  237.368437][ T5719] usb 5-1: SerialNumber: syz
[  237.417135][ T5719] usb 5-1: config 0 descriptor??
[  237.519605][ T6957] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  237.590000][ T6765] hsr_slave_0: entered promiscuous mode
[  237.624420][ T6765] hsr_slave_1: entered promiscuous mode
[  237.654078][ T6765] debugfs: 'hsr0' already exists in 'hsr'
[  237.654108][ T6765] Cannot create hsr debugfs directory
[  237.735013][ T6957] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  237.756193][ T6957] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  237.777359][ T5719] usb 5-1: USB disconnect, device number 12
[  239.750419][ T6969] netlink: 32 bytes leftover after parsing attributes in process `syz.0.344'.
[  239.965678][  T819] usb 3-1: clie_3_5_startup: get interface number failed: -71
[  239.965817][  T819] visor 3-1:0.0: probe with driver visor failed with error -71
[  240.081110][  T819] usb 3-1: USB disconnect, device number 9
[  240.436053][ T6977] FAULT_INJECTION: forcing a failure.
[  240.436053][ T6977] name failslab, interval 1, probability 0, space 0, times 0
[  240.436090][ T6977] CPU: 1 UID: 0 PID: 6977 Comm: syz.2.347 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  240.436116][ T6977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  240.436130][ T6977] Call Trace:
[  240.436139][ T6977]  <TASK>
[  240.436148][ T6977]  dump_stack_lvl+0xe8/0x150
[  240.436181][ T6977]  should_fail_ex+0x46b/0x600
[  240.436222][ T6977]  should_failslab+0xa8/0x100
[  240.436253][ T6977]  __kmalloc_noprof+0xdf/0x7b0
[  240.436276][ T6977]  ? kfree+0x4d/0x6c0
[  240.436296][ T6977]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  240.436338][ T6977]  tomoyo_realpath_from_path+0xe3/0x5d0
[  240.436377][ T6977]  ? tomoyo_domain+0xd8/0x130
[  240.436405][ T6977]  ? tomoyo_path_number_perm+0x219/0x630
[  240.436435][ T6977]  tomoyo_path_number_perm+0x246/0x630
[  240.436477][ T6977]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  240.436507][ T6977]  ? __lock_acquire+0x6b5/0x2cf0
[  240.436541][ T6977]  ? do_raw_spin_lock+0x12b/0x2f0
[  240.436604][ T6977]  ? __fget_files+0x2a/0x420
[  240.436642][ T6977]  ? __fget_files+0x2a/0x420
[  240.436675][ T6977]  ? __fget_files+0x3a6/0x420
[  240.436709][ T6977]  ? __fget_files+0x2a/0x420
[  240.436747][ T6977]  security_file_ioctl+0xc3/0x2a0
[  240.436780][ T6977]  __se_sys_ioctl+0x47/0x170
[  240.436807][ T6977]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.436832][ T6977]  do_syscall_64+0x15f/0xf80
[  240.436855][ T6977]  ? trace_irq_disable+0x3b/0x140
[  240.436887][ T6977]  ? clear_bhb_loop+0x40/0x90
[  240.436915][ T6977]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  240.436937][ T6977] RIP: 0033:0x7fb8e0c2cdd9
[  240.436959][ T6977] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  240.436978][ T6977] RSP: 002b:00007fb8dee65028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  240.437001][ T6977] RAX: ffffffffffffffda RBX: 00007fb8e0ea6090 RCX: 00007fb8e0c2cdd9
[  240.437018][ T6977] RDX: 0000200000000580 RSI: 00000000c03864bc RDI: 0000000000000003
[  240.437032][ T6977] RBP: 00007fb8dee65090 R08: 0000000000000000 R09: 0000000000000000
[  240.437046][ T6977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  240.437060][ T6977] R13: 00007fb8e0ea6128 R14: 00007fb8e0ea6090 R15: 00007ffda59a4cb8
[  240.437096][ T6977]  </TASK>
[  240.466226][ T6977] ERROR: Out of memory at tomoyo_realpath_from_path.
[  245.661082][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  245.663918][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  245.665831][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  245.677338][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  245.680744][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  245.686929][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  245.688832][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  245.690849][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  245.847407][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  245.850754][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  247.384768][ T6765] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  248.501768][ T6765] 8021q: adding VLAN 0 to HW filter on device netdevsim0
[  248.505267][ T6765] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  248.594535][ T7003] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  249.392707][ T7010] FAULT_INJECTION: forcing a failure.
[  249.392707][ T7010] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  249.392745][ T7010] CPU: 0 UID: 0 PID: 7010 Comm: syz.0.355 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  249.392770][ T7010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  249.392783][ T7010] Call Trace:
[  249.392791][ T7010]  <TASK>
[  249.392801][ T7010]  dump_stack_lvl+0xe8/0x150
[  249.392832][ T7010]  should_fail_ex+0x46b/0x600
[  249.392873][ T7010]  _copy_from_user+0x2d/0xb0
[  249.392908][ T7010]  ___sys_sendmsg+0x1c6/0x360
[  249.392936][ T7010]  ? __lock_acquire+0x6b5/0x2cf0
[  249.392973][ T7010]  ? __pfx____sys_sendmsg+0x10/0x10
[  249.393037][ T7010]  ? __fget_files+0x2a/0x420
[  249.393070][ T7010]  ? __fget_files+0x3a6/0x420
[  249.393115][ T7010]  __x64_sys_sendmsg+0x1c3/0x2a0
[  249.393145][ T7010]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  249.393187][ T7010]  ? __pfx_ksys_write+0x10/0x10
[  249.393222][ T7010]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.393247][ T7010]  do_syscall_64+0x15f/0xf80
[  249.393269][ T7010]  ? trace_irq_disable+0x3b/0x140
[  249.393295][ T7010]  ? clear_bhb_loop+0x40/0x90
[  249.393324][ T7010]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  249.393347][ T7010] RIP: 0033:0x7f8605adcdd9
[  249.393367][ T7010] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  249.393387][ T7010] RSP: 002b:00007f8603d36028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  249.393410][ T7010] RAX: ffffffffffffffda RBX: 00007f8605d55fa0 RCX: 00007f8605adcdd9
[  249.393426][ T7010] RDX: 0000000000000000 RSI: 0000200000000780 RDI: 0000000000000004
[  249.393440][ T7010] RBP: 00007f8603d36090 R08: 0000000000000000 R09: 0000000000000000
[  249.393454][ T7010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  249.393467][ T7010] R13: 00007f8605d56038 R14: 00007f8605d55fa0 R15: 00007ffddcbcb2a8
[  249.393501][ T7010]  </TASK>
[  250.115983][ T6765] 8021q: adding VLAN 0 to HW filter on device netdevsim1
[  250.132896][ T6765] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  250.662277][    C1] net_ratelimit: 1627 callbacks suppressed
[  250.662299][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  250.664178][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  250.667583][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  250.669555][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  250.689830][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  250.693933][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  250.696410][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  250.698712][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  250.700988][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  250.703527][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  251.509599][ T6765] 8021q: adding VLAN 0 to HW filter on device netdevsim2
[  251.634941][ T7013] batadv0: entered promiscuous mode
[  251.697243][ T7013] veth0_to_batadv: entered promiscuous mode
[  252.108044][ T7013] debugfs: 'hsr1' already exists in 'hsr'
[  252.108073][ T7013] Cannot create hsr debugfs directory
[  252.108364][ T7013] hsr1: entered allmulticast mode
[  252.108382][ T7013] batadv0: entered allmulticast mode
[  252.108407][ T7013] veth0_to_batadv: entered allmulticast mode
[  252.156969][ T6765] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  252.626829][ T6765] 8021q: adding VLAN 0 to HW filter on device netdevsim3
[  253.092165][ T5717] usb 5-1: new full-speed USB device number 13 using dummy_hcd
[  253.300255][ T7039] sctp: [Deprecated]: syz.1.363 (pid 7039) Use of int in max_burst socket option.
[  253.300255][ T7039] Use struct sctp_assoc_value instead
[  253.717129][ T7038] sctp: [Deprecated]: syz.2.364 (pid 7038) Use of int in max_burst socket option.
[  253.717129][ T7038] Use struct sctp_assoc_value instead
[  254.270537][ T5717] usb 5-1: not running at top speed; connect to a high speed hub
[  254.286969][ T5717] usb 5-1: config 6 has an invalid descriptor of length 64, skipping remainder of the config
[  254.321294][ T5717] usb 5-1: New USB device found, idVendor=1199, idProduct=9003, bcdDevice=d7.24
[  254.321327][ T5717] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.321350][ T5717] usb 5-1: Product: syz
[  254.321366][ T5717] usb 5-1: Manufacturer: syz
[  254.321381][ T5717] usb 5-1: SerialNumber: syz
[  255.672310][    C1] net_ratelimit: 1140 callbacks suppressed
[  255.672334][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  255.674233][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  255.676231][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  255.678310][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  255.680523][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  255.682510][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  255.684460][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  255.686430][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  255.688062][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  255.690499][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  255.942698][ T1334] ieee802154 phy0 wpan0: encryption failed: -22
[  255.942771][ T1334] ieee802154 phy1 wpan1: encryption failed: -22
[  256.982764][ T5717] qmi_wwan 5-1:6.0: invalid descriptor buffer length
[  256.983065][ T5717] qmi_wwan 5-1:6.0: probe with driver qmi_wwan failed with error -22
[  257.020456][ T5717] usb 5-1: USB disconnect, device number 13
[  257.026649][   T37] audit: type=1326 audit(1777605964.074:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7050 comm="syz.2.368" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e0c2cdd9 code=0x7ffc0000
[  257.157339][   T37] audit: type=1326 audit(1777605964.294:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7050 comm="syz.2.368" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e0c2cdd9 code=0x7ffc0000
[  258.038110][ T7055] fuse: Unknown parameter '
W'
[  259.402399][ T7066] netlink: 28 bytes leftover after parsing attributes in process `syz.0.369'.
[  259.938842][ T6765] 8021q: adding VLAN 0 to HW filter on device bond0
[  260.378920][ T5710] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  260.600364][ T5710] usb 3-1: config 0 has an invalid interface number: 76 but max is 0
[  260.600397][ T5710] usb 3-1: config 0 has no interface number 0
[  260.600447][ T5710] usb 3-1: config 0 interface 76 altsetting 232 endpoint 0xD has invalid maxpacket 1023, setting to 64
[  260.600477][ T5710] usb 3-1: config 0 interface 76 altsetting 232 endpoint 0xC has an invalid bInterval 129, changing to 11
[  260.600508][ T5710] usb 3-1: config 0 interface 76 altsetting 232 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  260.600537][ T5710] usb 3-1: config 0 interface 76 altsetting 232 has a duplicate endpoint with address 0x8D, skipping
[  260.600563][ T5710] usb 3-1: config 0 interface 76 altsetting 232 has a duplicate endpoint with address 0xB, skipping
[  260.600588][ T5710] usb 3-1: config 0 interface 76 altsetting 232 bulk endpoint 0x8 has invalid maxpacket 8
[  260.600614][ T5710] usb 3-1: config 0 interface 76 altsetting 232 has a duplicate endpoint with address 0xD, skipping
[  260.600638][ T5710] usb 3-1: config 0 interface 76 has no altsetting 0
[  260.704432][    C1] net_ratelimit: 2289 callbacks suppressed
[  260.704453][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  260.711580][ T5710] usb 3-1: Dual-Role OTG device on HNP port
[  260.736953][ T5710] usb 3-1: New USB device found, idVendor=0eab, idProduct=c893, bcdDevice=6b.38
[  260.736984][ T5710] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.737006][ T5710] usb 3-1: Product: syz
[  260.737022][ T5710] usb 3-1: Manufacturer: à ¡
[  260.737038][ T5710] usb 3-1: SerialNumber: syz
[  260.773652][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  260.796707][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  260.798943][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  260.799415][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  260.801246][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  260.801643][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  260.822380][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  260.822818][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  260.825241][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  260.910334][ T7079] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  260.986714][ T5710] usb 3-1: config 0 descriptor??
[  261.127206][ T6765] 8021q: adding VLAN 0 to HW filter on device team0
[  261.989484][ T7073] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  262.042916][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  262.046963][ T7079] overlayfs: overlapping lowerdir path
[  262.050256][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  262.094112][ T7085] ÿÿÿÿ: renamed from lo (while UP)
[  262.559310][ T5710] option 3-1:0.76: GSM modem (1-port) converter detected
[  263.062309][ T7085] ÿÿÿÿ: entered allmulticast mode
[  263.254600][ T5710] usb 3-1: USB disconnect, device number 10
[  263.460067][ T5710] option 3-1:0.76: device disconnected
[  263.603787][ T6823] bridge0: port 2(bridge_slave_1) entered blocking state
[  263.603929][ T6823] bridge0: port 2(bridge_slave_1) entered forwarding state
[  264.448025][ T7100] FAULT_INJECTION: forcing a failure.
[  264.448025][ T7100] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  264.448063][ T7100] CPU: 1 UID: 0 PID: 7100 Comm: syz.2.380 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  264.448088][ T7100] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  264.448102][ T7100] Call Trace:
[  264.448110][ T7100]  <TASK>
[  264.448119][ T7100]  dump_stack_lvl+0xe8/0x150
[  264.448150][ T7100]  should_fail_ex+0x46b/0x600
[  264.448193][ T7100]  _copy_from_user+0x2d/0xb0
[  264.448219][ T7100]  ___sys_sendmsg+0x1c6/0x360
[  264.448248][ T7100]  ? __lock_acquire+0x6b5/0x2cf0
[  264.448284][ T7100]  ? __pfx____sys_sendmsg+0x10/0x10
[  264.448350][ T7100]  ? __fget_files+0x2a/0x420
[  264.448382][ T7100]  ? __fget_files+0x3a6/0x420
[  264.448428][ T7100]  __x64_sys_sendmsg+0x1c3/0x2a0
[  264.448458][ T7100]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  264.448496][ T7100]  ? __pfx_ksys_write+0x10/0x10
[  264.448531][ T7100]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.448556][ T7100]  do_syscall_64+0x15f/0xf80
[  264.448581][ T7100]  ? clear_bhb_loop+0x40/0x90
[  264.448608][ T7100]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.448631][ T7100] RIP: 0033:0x7fb8e0c2cdd9
[  264.448652][ T7100] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  264.448670][ T7100] RSP: 002b:00007fb8dee86028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  264.448694][ T7100] RAX: ffffffffffffffda RBX: 00007fb8e0ea5fa0 RCX: 00007fb8e0c2cdd9
[  264.448710][ T7100] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  264.448723][ T7100] RBP: 00007fb8dee86090 R08: 0000000000000000 R09: 0000000000000000
[  264.448737][ T7100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  264.448750][ T7100] R13: 00007fb8e0ea6038 R14: 00007fb8e0ea5fa0 R15: 00007ffda59a4cb8
[  264.448785][ T7100]  </TASK>
[  264.840217][ T5717] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  265.444305][ T5717] usb 5-1: config 0 has an invalid interface number: 76 but max is 0
[  265.444338][ T5717] usb 5-1: config 0 has no interface number 0
[  265.444388][ T5717] usb 5-1: config 0 interface 76 altsetting 232 endpoint 0xD has invalid maxpacket 1023, setting to 64
[  265.444419][ T5717] usb 5-1: config 0 interface 76 altsetting 232 endpoint 0xC has an invalid bInterval 129, changing to 11
[  265.444449][ T5717] usb 5-1: config 0 interface 76 altsetting 232 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  265.444479][ T5717] usb 5-1: config 0 interface 76 altsetting 232 has a duplicate endpoint with address 0x8D, skipping
[  265.444503][ T5717] usb 5-1: config 0 interface 76 altsetting 232 has a duplicate endpoint with address 0xB, skipping
[  265.444528][ T5717] usb 5-1: config 0 interface 76 altsetting 232 bulk endpoint 0x8 has invalid maxpacket 8
[  265.444554][ T5717] usb 5-1: config 0 interface 76 altsetting 232 has a duplicate endpoint with address 0xD, skipping
[  265.444579][ T5717] usb 5-1: config 0 interface 76 has no altsetting 0
[  265.448204][ T5717] usb 5-1: Dual-Role OTG device on HNP port
[  265.448535][ T5717] usb 5-1: New USB device found, idVendor=0eab, idProduct=c893, bcdDevice=6b.38
[  265.448563][ T5717] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.448585][ T5717] usb 5-1: Product: syz
[  265.448600][ T5717] usb 5-1: Manufacturer: à ¡
[  265.448616][ T5717] usb 5-1: SerialNumber: syz
[  265.642470][ T5717] usb 5-1: config 0 descriptor??
[  265.720369][    C1] net_ratelimit: 2127 callbacks suppressed
[  265.720392][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  265.721058][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  265.724187][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  265.724518][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  265.726194][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  265.726591][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  265.728493][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  265.728892][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  265.730730][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  265.731115][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  265.735933][ T7099] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  266.556536][ T5717] option 5-1:0.76: GSM modem (1-port) converter detected
[  266.642427][ T5717] usb 5-1: USB disconnect, device number 14
[  267.136037][ T5717] option 5-1:0.76: device disconnected
[  267.631930][ T5949] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[  267.853418][ T7121] FAULT_INJECTION: forcing a failure.
[  267.853418][ T7121] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  267.853451][ T7121] CPU: 0 UID: 0 PID: 7121 Comm: syz.2.387 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  267.853470][ T7121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  267.853481][ T7121] Call Trace:
[  267.853487][ T7121]  <TASK>
[  267.853499][ T7121]  dump_stack_lvl+0xe8/0x150
[  267.853526][ T7121]  should_fail_ex+0x46b/0x600
[  267.853560][ T7121]  _copy_to_user+0x31/0xb0
[  267.853581][ T7121]  simple_read_from_buffer+0xe1/0x170
[  267.853612][ T7121]  proc_fail_nth_read+0x1be/0x230
[  267.853643][ T7121]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  267.853674][ T7121]  ? rw_verify_area+0x2ac/0x4e0
[  267.853693][ T7121]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  267.853724][ T7121]  vfs_read+0x212/0xa80
[  267.853753][ T7121]  ? __pfx_vfs_read+0x10/0x10
[  267.853788][ T7121]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  267.853811][ T7121]  ? lockdep_hardirqs_on+0x7a/0x110
[  267.853829][ T7121]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  267.853848][ T7121]  ? mutex_lock_nested+0x152/0x1d0
[  267.853873][ T7121]  ? fdget_pos+0x252/0x320
[  267.853897][ T7121]  ksys_read+0x156/0x270
[  267.853920][ T7121]  ? __pfx_ksys_read+0x10/0x10
[  267.853947][ T7121]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.853968][ T7121]  do_syscall_64+0x15f/0xf80
[  267.853988][ T7121]  ? trace_irq_disable+0x3b/0x140
[  267.854011][ T7121]  ? clear_bhb_loop+0x40/0x90
[  267.854036][ T7121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  267.854059][ T7121] RIP: 0033:0x7fb8e0bed60e
[  267.854076][ T7121] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  267.854091][ T7121] RSP: 002b:00007fb8dee64fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  267.854110][ T7121] RAX: ffffffffffffffda RBX: 00007fb8dee656c0 RCX: 00007fb8e0bed60e
[  267.854125][ T7121] RDX: 000000000000000f RSI: 00007fb8dee650a0 RDI: 0000000000000004
[  267.854137][ T7121] RBP: 00007fb8dee65090 R08: 0000000000000000 R09: 0000000000000000
[  267.854150][ T7121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  267.854160][ T7121] R13: 00007fb8e0ea6128 R14: 00007fb8e0ea6090 R15: 00007ffda59a4cb8
[  267.854192][ T7121]  </TASK>
[  268.236411][ T5949] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  268.236471][ T5949] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x48, changing to 0x8
[  268.236500][ T5949] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8 has an invalid bInterval 0, changing to 10
[  268.236528][ T5949] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  268.236552][ T5949] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  268.263527][ T5949] usb 1-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  268.263612][ T5949] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  268.263668][ T5949] usb 1-1: Product: syz
[  268.263684][ T5949] usb 1-1: Manufacturer: syz
[  268.263699][ T5949] usb 1-1: SerialNumber: syz
[  268.393762][ T5949] usb 1-1: config 0 descriptor??
[  268.467327][ T5949] radio-si470x 1-1:0.0: could not find interrupt in endpoint
[  268.467422][ T5949] radio-si470x 1-1:0.0: probe with driver radio-si470x failed with error -5
[  268.567277][ T5949] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  268.665052][ T5949] usb 1-1: USB disconnect, device number 11
[  268.877098][ T7128] FAULT_INJECTION: forcing a failure.
[  268.877098][ T7128] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  268.877131][ T7128] CPU: 1 UID: 0 PID: 7128 Comm: syz.2.390 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  268.877152][ T7128] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  268.877163][ T7128] Call Trace:
[  268.877169][ T7128]  <TASK>
[  268.877177][ T7128]  dump_stack_lvl+0xe8/0x150
[  268.877204][ T7128]  should_fail_ex+0x46b/0x600
[  268.877238][ T7128]  _copy_from_user+0x2d/0xb0
[  268.877258][ T7128]  __sys_sendto+0x2bc/0x710
[  268.877281][ T7128]  ? __pfx___sys_sendto+0x10/0x10
[  268.877320][ T7128]  ? ksys_write+0x248/0x270
[  268.877342][ T7128]  ? __pfx_ksys_write+0x10/0x10
[  268.877368][ T7128]  __x64_sys_sendto+0xde/0x100
[  268.877389][ T7128]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.877428][ T7128]  do_syscall_64+0x15f/0xf80
[  268.877455][ T7128]  ? trace_irq_disable+0x3b/0x140
[  268.877478][ T7128]  ? clear_bhb_loop+0x40/0x90
[  268.877501][ T7128]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  268.877520][ T7128] RIP: 0033:0x7fb8e0c2cdd9
[  268.877538][ T7128] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  268.877557][ T7128] RSP: 002b:00007fb8dee86028 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  268.877579][ T7128] RAX: ffffffffffffffda RBX: 00007fb8e0ea5fa0 RCX: 00007fb8e0c2cdd9
[  268.877593][ T7128] RDX: 000000000000002a RSI: 0000200000000100 RDI: 0000000000000003
[  268.877605][ T7128] RBP: 00007fb8dee86090 R08: 0000200000000200 R09: 0000000000000014
[  268.877617][ T7128] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  268.877628][ T7128] R13: 00007fb8e0ea6038 R14: 00007fb8e0ea5fa0 R15: 00007ffda59a4cb8
[  268.877658][ T7128]  </TASK>
[  269.635810][ T7131] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  270.722474][    C1] net_ratelimit: 2356 callbacks suppressed
[  270.722495][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  270.722885][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  270.766081][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  270.766534][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  270.798977][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  270.799405][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  270.801285][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  270.801678][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  270.852359][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  270.852698][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  272.286503][ T7146] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  274.219970][ T5606] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  274.284932][ T5606] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  274.302467][ T5606] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  274.338255][ T5606] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  274.339272][ T5606] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  274.533902][ T7155] sysfs: cannot create duplicate filename '/class/ieee80211/1ùà^!'
[  274.533944][ T7155] CPU: 1 UID: 0 PID: 7155 Comm: syz.2.399 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  274.533970][ T7155] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  274.533983][ T7155] Call Trace:
[  274.533992][ T7155]  <TASK>
[  274.534000][ T7155]  dump_stack_lvl+0xe8/0x150
[  274.534029][ T7155]  sysfs_warn_dup+0x8e/0xa0
[  274.534059][ T7155]  sysfs_do_create_link_sd+0xc0/0x110
[  274.534094][ T7155]  device_add_class_symlinks+0x1d2/0x240
[  274.534122][ T7155]  device_add+0x475/0xbb0
[  274.534149][ T7155]  wiphy_register+0x1dc5/0x2dc0
[  274.534188][ T7155]  ? __pfx_wiphy_register+0x10/0x10
[  274.534211][ T7155]  ? __pfx_netdev_run_todo+0x10/0x10
[  274.534239][ T7155]  ? minstrel_ht_alloc+0x6e0/0x7e0
[  274.534275][ T7155]  ? ieee80211_init_rate_ctrl_alg+0x55d/0x5d0
[  274.534318][ T7155]  ieee80211_register_hw+0x3d82/0x4a70
[  274.534357][ T7155]  ? ieee80211_register_hw+0x1951/0x4a70
[  274.534405][ T7155]  ? __pfx_ieee80211_register_hw+0x10/0x10
[  274.534444][ T7155]  ? __asan_memset+0x22/0x50
[  274.534476][ T7155]  ? __hrtimer_setup+0x1c2/0x260
[  274.534495][ T7155]  ? __pfx_mac80211_hwsim_beacon+0x10/0x10
[  274.534524][ T7155]  mac80211_hwsim_new_radio+0x3051/0x54e0
[  274.534560][ T7155]  ? mac80211_hwsim_new_radio+0xee/0x54e0
[  274.534595][ T7155]  ? __pfx_mac80211_hwsim_new_radio+0x10/0x10
[  274.534615][ T7155]  ? kstrndup+0xbf/0x160
[  274.534656][ T7155]  hwsim_new_radio_nl+0xf6a/0x1c00
[  274.534701][ T7155]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  274.534732][ T7155]  ? rcu_is_watching+0x15/0xb0
[  274.534761][ T7155]  ? trace_kmalloc+0x2a/0xf0
[  274.534789][ T7155]  ? __nla_parse+0x40/0x60
[  274.534820][ T7155]  ? genl_family_rcv_msg_attrs_parse+0x20b/0x2f0
[  274.534853][ T7155]  ? genl_family_rcv_msg_attrs_parse+0x265/0x2f0
[  274.534892][ T7155]  genl_family_rcv_msg_doit+0x22a/0x330
[  274.534929][ T7155]  ? __pfx_genl_family_rcv_msg_doit+0x10/0x10
[  274.534960][ T7155]  ? rcu_is_watching+0x15/0xb0
[  274.535006][ T7155]  ? bpf_lsm_capable+0x9/0x20
[  274.535033][ T7155]  ? security_capable+0x7e/0x2c0
[  274.535072][ T7155]  genl_rcv_msg+0x61c/0x7a0
[  274.535109][ T7155]  ? __pfx_genl_rcv_msg+0x10/0x10
[  274.535138][ T7155]  ? __pfx_hwsim_new_radio_nl+0x10/0x10
[  274.535176][ T7155]  netlink_rcv_skb+0x232/0x4b0
[  274.535198][ T7155]  ? __pfx_genl_rcv_msg+0x10/0x10
[  274.535227][ T7155]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  274.535261][ T7155]  ? netlink_deliver_tap+0x2e/0x1b0
[  274.535284][ T7155]  ? netlink_deliver_tap+0x2e/0x1b0
[  274.535309][ T7155]  genl_rcv+0x28/0x40
[  274.535335][ T7155]  netlink_unicast+0x780/0x920
[  274.535378][ T7155]  netlink_sendmsg+0x813/0xb40
[  274.535413][ T7155]  ? __pfx_netlink_sendmsg+0x10/0x10
[  274.535454][ T7155]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  274.535479][ T7155]  ____sys_sendmsg+0x94c/0x9c0
[  274.535509][ T7155]  ? __pfx_____sys_sendmsg+0x10/0x10
[  274.535544][ T7155]  ? import_iovec+0x73/0xa0
[  274.535572][ T7155]  ___sys_sendmsg+0x2a5/0x360
[  274.535611][ T7155]  ? __lock_acquire+0x6b5/0x2cf0
[  274.535648][ T7155]  ? __pfx____sys_sendmsg+0x10/0x10
[  274.535688][ T7155]  ? futex_wait+0x2a2/0x390
[  274.535743][ T7155]  ? __fget_files+0x2a/0x420
[  274.535776][ T7155]  ? __fget_files+0x3a6/0x420
[  274.535819][ T7155]  __x64_sys_sendmsg+0x1c3/0x2a0
[  274.535849][ T7155]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  274.535885][ T7155]  ? rcu_is_watching+0x15/0xb0
[  274.535923][ T7155]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.535945][ T7155]  do_syscall_64+0x15f/0xf80
[  274.535966][ T7155]  ? trace_irq_disable+0x3b/0x140
[  274.535990][ T7155]  ? clear_bhb_loop+0x40/0x90
[  274.536014][ T7155]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.536035][ T7155] RIP: 0033:0x7fb8e0c2cdd9
[  274.536055][ T7155] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  274.536074][ T7155] RSP: 002b:00007fb8dee86028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  274.536097][ T7155] RAX: ffffffffffffffda RBX: 00007fb8e0ea5fa0 RCX: 00007fb8e0c2cdd9
[  274.536113][ T7155] RDX: 0000000004004004 RSI: 0000200000000100 RDI: 0000000000000005
[  274.536129][ T7155] RBP: 00007fb8e0cc2d69 R08: 0000000000000000 R09: 0000000000000000
[  274.536143][ T7155] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  274.536155][ T7155] R13: 00007fb8e0ea6038 R14: 00007fb8e0ea5fa0 R15: 00007ffda59a4cb8
[  274.536190][ T7155]  </TASK>
[  275.733112][    C1] net_ratelimit: 2328 callbacks suppressed
[  275.733135][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  275.733549][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  275.735435][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  275.735823][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  275.737792][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  275.738263][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  275.740081][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  275.740518][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  275.746834][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  275.747692][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  276.382743][ T7176] FAULT_INJECTION: forcing a failure.
[  276.382743][ T7176] name failslab, interval 1, probability 0, space 0, times 0
[  276.382783][ T7176] CPU: 1 UID: 0 PID: 7176 Comm: syz.1.403 Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  276.382809][ T7176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  276.382822][ T7176] Call Trace:
[  276.382831][ T7176]  <TASK>
[  276.382841][ T7176]  dump_stack_lvl+0xe8/0x150
[  276.382874][ T7176]  should_fail_ex+0x46b/0x600
[  276.382923][ T7176]  should_failslab+0xa8/0x100
[  276.382952][ T7176]  kmem_cache_alloc_noprof+0x87/0x680
[  276.382986][ T7176]  ? __send_signal_locked+0x22c/0xec0
[  276.383016][ T7176]  ? sig_get_ucounts+0x3da/0x450
[  276.383043][ T7176]  __send_signal_locked+0x22c/0xec0
[  276.383075][ T7176]  ? send_signal_locked+0x1b4/0x8e0
[  276.383110][ T7176]  ? group_send_sig_info+0x3d/0x250
[  276.383144][ T7176]  group_send_sig_info+0x1f4/0x250
[  276.383196][ T7176]  do_pidfd_send_signal+0x3c5/0x4e0
[  276.383233][ T7176]  ? __pfx_do_pidfd_send_signal+0x10/0x10
[  276.383267][ T7176]  ? __fget_files+0x2a/0x420
[  276.383312][ T7176]  ? __fget_files+0x2a/0x420
[  276.383350][ T7176]  ? __fget_files+0x3a6/0x420
[  276.383383][ T7176]  ? __fget_files+0x2a/0x420
[  276.383417][ T7176]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.383448][ T7176]  __se_sys_pidfd_send_signal+0x286/0x320
[  276.383480][ T7176]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.383504][ T7176]  do_syscall_64+0x15f/0xf80
[  276.383529][ T7176]  ? clear_bhb_loop+0x40/0x90
[  276.383556][ T7176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  276.383578][ T7176] RIP: 0033:0x7f821b2acdd9
[  276.383599][ T7176] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  276.383617][ T7176] RSP: 002b:00007f8219506028 EFLAGS: 00000246 ORIG_RAX: 00000000000001a8
[  276.383640][ T7176] RAX: ffffffffffffffda RBX: 00007f821b525fa0 RCX: 00007f821b2acdd9
[  276.383656][ T7176] RDX: 0000000000000000 RSI: 0000000000000021 RDI: 0000000000000005
[  276.383669][ T7176] RBP: 00007f8219506090 R08: 0000000000000000 R09: 0000000000000000
[  276.383682][ T7176] R10: 0000000000000004 R11: 0000000000000246 R12: 0000000000000001
[  276.383695][ T7176] R13: 00007f821b526038 R14: 00007f821b525fa0 R15: 00007ffd456c1cf8
[  276.383732][ T7176]  </TASK>
[  276.531983][  T819] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  276.581950][ T5840] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  276.702603][ T4910] Bluetooth: hci6: command tx timeout
[  276.772183][ T5840] usb 5-1: Using ep0 maxpacket: 8
[  276.824147][  T819] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  276.824183][  T819] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  276.824222][  T819] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  276.824245][  T819] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.884084][ T5840] usb 5-1: config 1 interface 0 altsetting 5 bulk endpoint 0x1 has invalid maxpacket 8
[  276.884118][ T5840] usb 5-1: config 1 interface 0 has no altsetting 0
[  277.134988][ T5840] usb 5-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[  277.135031][ T5840] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  277.135054][ T5840] usb 5-1: Product: syz
[  277.135069][ T5840] usb 5-1: Manufacturer: syz
[  277.135085][ T5840] usb 5-1: SerialNumber: syz
[  277.273824][  T819] usb 1-1: config 0 descriptor??
[  277.385902][ T7170] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  278.325857][ T5840] usb 5-1: USB disconnect, device number 15
[  278.327366][ T7187] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  278.771966][ T4910] Bluetooth: hci6: command tx timeout
[  279.422617][ T7195] IPv6: NLM_F_CREATE should be specified when creating new route
[  280.023235][ T7201] netlink: 60 bytes leftover after parsing attributes in process `syz.1.407'.
[  280.745347][    C1] net_ratelimit: 872 callbacks suppressed
[  280.745371][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  280.780677][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  280.826057][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  280.827822][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  280.867976][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  280.870833][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  280.871352][ T5606] Bluetooth: hci6: command tx timeout
[  280.913411][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  280.914566][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  280.951205][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  280.964893][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  283.001950][ T4910] Bluetooth: hci6: command tx timeout
[  283.012215][  T819] usbhid 1-1:0.0: can't add hid device: -32
[  283.012346][  T819] usbhid 1-1:0.0: probe with driver usbhid failed with error -32
[  284.501929][ T1242] usb 1-1: USB disconnect, device number 12
[  285.754082][    C1] net_ratelimit: 2315 callbacks suppressed
[  285.754105][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  285.754519][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  285.756530][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  285.756948][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  285.759012][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  285.759430][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  285.761665][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  285.763139][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  285.768085][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  285.769101][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  290.763327][    C1] net_ratelimit: 2632 callbacks suppressed
[  290.763348][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  290.763680][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  290.765761][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  290.766189][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  290.768292][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  290.768964][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  290.771059][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  290.771479][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  290.777133][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  290.778267][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  294.490838][ T7261] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  294.595671][ T7261] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  294.717575][ T7276] program syz.1.426 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  295.786317][    C1] net_ratelimit: 1926 callbacks suppressed
[  295.786338][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  295.786869][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  295.791110][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  295.791617][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  295.805113][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  295.805650][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  295.808189][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  295.808671][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  295.818129][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  295.818521][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  296.084187][ T7261] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  296.084403][ T7261] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  296.084504][ T7261] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  296.480389][ T4910] Bluetooth: hci0: command 0x0406 tx timeout
[  296.837472][ T7261] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  296.837631][ T7261] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  297.448982][ T7261] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  297.449148][ T7261] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  297.508818][ T7288] syz.4.430 (7288) used greatest stack depth: 16360 bytes left
[  297.695974][ T7261] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  297.696122][ T7261] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  298.132077][ T4910] Bluetooth: hci1: command 0x0406 tx timeout
[  298.132118][ T4910] Bluetooth: hci2: command 0x0c1a tx timeout
[  298.423897][ T7261] Bluetooth: hci6: Opcode 0x0406 failed: -4
[  298.531899][   T59] Bluetooth: hci0: command 0x0406 tx timeout
[  298.900645][   T59] Bluetooth: hci3: command 0x0406 tx timeout
[  299.492576][   T59] Bluetooth: hci4: command 0x0406 tx timeout
[  299.733314][   T59] Bluetooth: hci6: command 0x0c1a tx timeout
[  300.276909][   T59] Bluetooth: hci1: command 0x0406 tx timeout
[  300.814183][    C1] net_ratelimit: 2786 callbacks suppressed
[  300.814278][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  301.535952][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  301.595635][   T59] Bluetooth: hci3: command 0x0406 tx timeout
[  301.766457][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  301.847535][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  302.305257][   T59] Bluetooth: hci4: command 0x0406 tx timeout
[  302.306021][   T59] Bluetooth: hci6: command 0x0c1a tx timeout
[  302.379410][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  302.380577][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  302.430224][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  302.430688][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  302.457676][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  302.458149][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  302.781930][   T36] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  302.944349][   T36] usb 1-1: Using ep0 maxpacket: 32
[  302.946343][   T36] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  302.946370][   T36] usb 1-1: config 0 has no interface number 0
[  302.948757][   T36] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  302.948786][   T36] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  302.948807][   T36] usb 1-1: Product: syz
[  302.948822][   T36] usb 1-1: Manufacturer: syz
[  302.948838][   T36] usb 1-1: SerialNumber: syz
[  303.002165][ T5840] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  303.100172][   T36] usb 1-1: config 0 descriptor??
[  303.168406][ T5840] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x6 has invalid maxpacket 1023
[  303.168442][ T5840] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  303.168479][ T5840] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 121
[  303.214357][ T5840] usb 2-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  303.214389][ T5840] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  303.214411][ T5840] usb 2-1: Product: syz
[  303.214426][ T5840] usb 2-1: Manufacturer: syz
[  303.214443][ T5840] usb 2-1: SerialNumber: syz
[  303.280964][ T5840] usb 2-1: config 0 descriptor??
[  303.288544][ T7318] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  303.288840][ T7318] raw-gadget.2 gadget.1: fail, usb_ep_enable returned -22
[  303.318093][ T5840] usb 2-1: ucan: probing device on interface #0
[  304.386894][   T59] Bluetooth: hci6: command 0x0c1a tx timeout
[  304.812658][   T36] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -71
[  304.812694][   T36] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  304.874408][   T36] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  304.874756][   T36] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -71
[  305.112044][   T36] usb 1-1: USB disconnect, device number 13
[  305.735232][ T5840] ucan 2-1:0.0: probe with driver ucan failed with error -110
[  305.866068][    C1] net_ratelimit: 1440 callbacks suppressed
[  305.866091][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  305.959370][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  307.261983][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  307.262394][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  307.264362][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  307.264752][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  307.266649][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  307.267038][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  307.268920][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  307.269325][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  307.416037][ T7333] netlink: 12 bytes leftover after parsing attributes in process `syz.0.442'.
[  307.416068][ T7333] netlink: 40 bytes leftover after parsing attributes in process `syz.0.442'.
[  307.691727][ T7334] netlink: 'syz.4.440': attribute type 1 has an invalid length.
[  309.584694][ T7330] workqueue: Failed to create a rescuer kthread for wq "nfc2_nci_rx_wq": -EINTR
[  309.775052][ T5719] usb 2-1: USB disconnect, device number 9
[  310.410201][ T5840] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  310.872777][    C1] net_ratelimit: 2534 callbacks suppressed
[  310.872800][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  310.873226][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  310.875413][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  310.875834][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  310.877977][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  310.878478][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  310.880495][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  310.881078][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  310.907923][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  310.908347][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  311.217428][ T5840] usb 1-1: device descriptor read/all, error -71
[  312.345613][ T7353] netlink: 64 bytes leftover after parsing attributes in process `syz.0.447'.
[  313.824562][ T7345] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  313.826906][ T7345] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  313.829556][ T7345] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  313.853187][ T7345] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  313.854058][ T7345] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  313.854268][ T7345] Bluetooth: hci6: Opcode 0x0c1a failed: -4
[  315.882341][    C1] net_ratelimit: 2898 callbacks suppressed
[  315.882363][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  315.882828][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  315.884724][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  315.885109][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  315.887272][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  315.887673][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  315.889620][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  315.890047][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  315.891968][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  315.892362][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  316.069845][   T59] Bluetooth: hci6: command 0x0c1a tx timeout
[  316.069895][   T59] Bluetooth: hci4: command 0x0406 tx timeout
[  316.069928][   T59] Bluetooth: hci3: command 0x0406 tx timeout
[  316.069959][   T59] Bluetooth: hci1: command 0x0406 tx timeout
[  316.069989][   T59] Bluetooth: hci2: command 0x0c1a tx timeout
[  316.070020][   T59] Bluetooth: hci0: command 0x0406 tx timeout
[  317.464206][ T1334] ieee802154 phy0 wpan0: encryption failed: -22
[  317.465166][ T1334] ieee802154 phy1 wpan1: encryption failed: -22
[  319.874114][ T5840] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  320.304278][ T5840] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  320.304311][ T5840] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.454461][ T5840] usb 1-1: config 0 descriptor??
[  320.892406][    C1] net_ratelimit: 3160 callbacks suppressed
[  320.892429][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  320.892801][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  320.896577][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  320.896967][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  320.900916][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  320.903910][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  320.909377][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  320.909766][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  320.914390][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  320.914799][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  321.487842][ T7156] bridge0: port 1(bridge_slave_0) entered blocking state
[  321.488033][ T7156] bridge0: port 1(bridge_slave_0) entered disabled state
[  321.488234][ T7156] bridge_slave_0: entered allmulticast mode
[  321.526587][ T7156] bridge_slave_0: entered promiscuous mode
[  324.251954][ T7156] bridge0: port 2(bridge_slave_1) entered blocking state
[  324.252219][ T7156] bridge0: port 2(bridge_slave_1) entered disabled state
[  324.252581][ T7156] bridge_slave_1: entered allmulticast mode
[  324.514441][ T7156] bridge_slave_1: entered promiscuous mode
[  325.742168][ T5840] usb 1-1: Cannot set autoneg
[  325.742533][ T5840] MOSCHIP usb-ethernet driver 1-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  325.903947][    C1] net_ratelimit: 1980 callbacks suppressed
[  325.903969][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  325.904387][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  325.906484][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  325.906919][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  325.908985][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  325.909414][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  325.911632][ T5840] usb 1-1: USB disconnect, device number 16
[  325.944597][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  325.944921][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  326.035858][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  326.036261][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  326.232095][ T5719] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  326.477741][ T5719] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  326.477771][ T5719] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  326.521511][ T5719] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  326.521544][ T5719] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  326.521567][ T5719] usb 2-1: SerialNumber: syz
[  326.649119][   T37] audit: type=1326 audit(1777606033.784:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7427 comm="syz.2.471" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e0c2cdd9 code=0x7ffc0000
[  326.650300][   T37] audit: type=1326 audit(1777606033.784:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7427 comm="syz.2.471" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e0c2cdd9 code=0x7ffc0000
[  327.171927][   T37] audit: type=1326 audit(1777606034.294:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7427 comm="syz.2.471" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e0c2cdd9 code=0x7ffc0000
[  327.171989][   T37] audit: type=1326 audit(1777606034.294:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7427 comm="syz.2.471" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e0c2cdd9 code=0x7ffc0000
[  327.172039][   T37] audit: type=1326 audit(1777606034.294:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7427 comm="syz.2.471" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=248 compat=0 ip=0x7fb8e0c2cdd9 code=0x7ffc0000
[  327.172087][   T37] audit: type=1326 audit(1777606034.294:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7427 comm="syz.2.471" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e0c2cdd9 code=0x7ffc0000
[  327.172134][   T37] audit: type=1326 audit(1777606034.294:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7427 comm="syz.2.471" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8e0c2cdd9 code=0x7ffc0000
[  327.172184][   T37] audit: type=1326 audit(1777606034.294:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7427 comm="syz.2.471" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fb8e0c2cdd9 code=0x7ffc0000
[  327.172240][   T37] audit: type=1326 audit(1777606034.294:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=7427 comm="syz.2.471" exe="/root/ci-upstream-kasan-gce-smack-root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fb8e0c2cdd9 code=0x7ffc0000
[  328.801226][  T175] bridge_slave_1: left allmulticast mode
[  328.801457][  T175] bridge_slave_1: left promiscuous mode
[  328.816083][  T175] bridge0: port 2(bridge_slave_1) entered disabled state
[  328.818265][ T5719] usb 2-1: 0:2 : does not exist
[  330.864920][  T175] bridge_slave_0: left allmulticast mode
[  330.864959][  T175] bridge_slave_0: left promiscuous mode
[  330.865217][  T175] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.940622][    C1] net_ratelimit: 2032 callbacks suppressed
[  330.940643][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  330.941072][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  330.944366][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  330.944994][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  330.946955][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  330.947363][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  330.949412][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  330.949814][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  330.951735][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  330.952265][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  331.639385][ T7451] netlink: 4 bytes leftover after parsing attributes in process `syz.0.477'.
[  332.761912][   T36] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  333.012009][   T36] usb 1-1: device descriptor read/64, error -71
[  333.051236][ T5719] usb 2-1: USB disconnect, device number 10
[  333.283864][   T36] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  333.457081][   T36] usb 1-1: device descriptor read/64, error -71
[  333.621950][   T36] usb usb1-port1: attempt power cycle
[  334.192077][   T36] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  334.375858][   T59] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  334.415109][   T59] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  334.417420][   T59] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  334.426044][   T59] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  334.427964][   T59] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  334.523701][   T36] usb 1-1: device not accepting address 19, error -71
[  334.807271][ T7463] netlink: 277 bytes leftover after parsing attributes in process `syz.1.481'.
[  335.576757][ T6150] udevd[6150]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  335.943273][    C1] net_ratelimit: 1742 callbacks suppressed
[  335.943293][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  335.943615][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  335.945555][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  335.945948][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  335.947773][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  335.948138][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  335.950046][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  335.950418][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  336.062010][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  336.111144][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  336.532299][ T5606] Bluetooth: hci5: command tx timeout
[  339.413442][   T59] Bluetooth: hci5: command tx timeout
[  340.470587][ T4960] udevd[4960]: worker [5962] /devices/platform/dummy_hcd.3/usb4/4-1 is taking a long time
[  340.583464][  T175] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  340.950423][  T175] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  340.967891][    C1] net_ratelimit: 3000 callbacks suppressed
[  340.967912][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  340.968328][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  340.970247][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  340.970632][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  341.032630][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  341.032929][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  341.035588][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  341.036075][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  341.038329][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  341.038800][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  341.492555][   T59] Bluetooth: hci5: command tx timeout
[  342.529639][  T175] bond0 (unregistering): Released all slaves
[  343.572493][   T59] Bluetooth: hci5: command tx timeout
[  345.972180][    C1] net_ratelimit: 2656 callbacks suppressed
[  345.972206][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  345.972655][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  345.974574][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  345.974977][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  345.976543][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  345.976869][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  345.978831][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  345.979240][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  345.980978][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  345.981374][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  349.651015][ T5606] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  349.727909][ T5606] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  349.746856][ T5606] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  349.762005][ T5606] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  349.764283][ T5606] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  350.551957][ T5840] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  350.982971][    C1] net_ratelimit: 2222 callbacks suppressed
[  350.982994][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  350.983379][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  350.985321][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  350.985714][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  350.987722][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  350.988109][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  350.990151][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  350.990559][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  350.994542][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  350.994979][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  351.224325][ T5840] usb 5-1: unable to get BOS descriptor or descriptor too short
[  351.229061][ T5840] usb 5-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice= 0.40
[  351.229095][ T5840] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  351.229117][ T5840] usb 5-1: Product: syz
[  351.229132][ T5840] usb 5-1: Manufacturer: syz
[  351.229147][ T5840] usb 5-1: SerialNumber: syz
[  351.606959][ T5840] usb 5-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  351.905072][ T5606] Bluetooth: hci6: command tx timeout
[  353.161472][ T5840] usb 5-1: USB disconnect, device number 16
[  354.090891][ T5606] Bluetooth: hci6: command tx timeout
[  354.822182][ T7518] netem: incorrect ge model size
[  354.822203][ T7518] netem: change failed
[  355.647307][  T175] hsr_slave_0: left promiscuous mode
[  355.729316][   T36] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  355.781088][   T38] INFO: task kworker/0:3:5605 blocked for more than 143 seconds.
[  355.781156][   T38]       Not tainted syzkaller #0
[  355.781175][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  355.781193][   T38] task:kworker/0:3     state:D stack:21848 pid:5605  tgid:5605  ppid:2      task_flags:0x4208060 flags:0x00080000
[  355.781379][   T38] Workqueue: usb_hub_wq hub_event
[  355.781469][   T38] Call Trace:
[  355.781491][   T38]  <TASK>
[  355.781531][   T38]  __schedule+0x1681/0x54c0
[  355.781675][   T38]  ? __lock_acquire+0x6b5/0x2cf0
[  355.781828][   T38]  ? __device_attach+0x2c8/0x450
[  355.781854][   T38]  ? device_initial_probe+0xa1/0xd0
[  355.781883][   T38]  ? look_up_lock_class+0x57/0x110
[  355.781927][   T38]  ? __pfx___schedule+0x10/0x10
[  355.782001][   T38]  ? schedule+0x90/0x360
[  355.782137][   T38]  schedule+0x164/0x360
[  355.782261][   T38]  schedule_timeout+0xc3/0x2c0
[  355.782361][   T38]  ? __pfx_schedule_timeout+0x10/0x10
[  355.782451][   T38]  ? do_raw_spin_lock+0x12b/0x2f0
[  355.782553][   T38]  ? _raw_spin_unlock_irq+0x23/0x50
[  355.782616][   T38]  ? wait_for_completion+0x274/0x5e0
[  355.782682][   T38]  wait_for_completion+0x2cc/0x5e0
[  355.782781][   T38]  ? __pfx_wait_for_completion+0x10/0x10
[  355.782880][   T38]  i2c_del_adapter+0x5c0/0x790
[  355.782966][   T38]  ? lockdep_hardirqs_on+0x7a/0x110
[  355.783049][   T38]  ? dvb_usbv2_exit+0x4b8/0xb80
[  355.783105][   T38]  ? __pfx_i2c_del_adapter+0x10/0x10
[  355.783194][   T38]  ? dvb_usbv2_exit+0x94c/0xb80
[  355.783277][   T38]  dvb_usbv2_probe+0x4c0/0x3c20
[  355.783501][   T38]  ? __pfx_dvb_usbv2_probe+0x10/0x10
[  355.783602][   T38]  ? __pm_runtime_set_status+0x99c/0xc70
[  355.783700][   T38]  usb_probe_interface+0x659/0xc70
[  355.783810][   T38]  ? __pfx_usb_probe_interface+0x10/0x10
[  355.783877][   T38]  really_probe+0x267/0xaf0
[  355.783983][   T38]  __driver_probe_device+0x1ef/0x380
[  355.784063][   T38]  driver_probe_device+0x4f/0x240
[  355.784150][   T38]  __device_attach_driver+0x279/0x430
[  355.784239][   T38]  bus_for_each_drv+0x25b/0x2f0
[  355.784347][   T38]  ? __pfx___device_attach_driver+0x10/0x10
[  355.784426][   T38]  ? __pfx_bus_for_each_drv+0x10/0x10
[  355.784527][   T38]  ? rt_spin_unlock+0x160/0x200
[  355.784641][   T38]  __device_attach+0x2c8/0x450
[  355.784720][   T38]  ? __pfx___device_attach+0x10/0x10
[  355.784803][   T38]  ? rt_spin_unlock+0x160/0x200
[  355.784842][   T38]  device_initial_probe+0xa1/0xd0
[  355.784871][   T38]  bus_probe_device+0x12d/0x220
[  355.784910][   T38]  device_add+0x7e9/0xbb0
[  355.784996][   T38]  usb_set_configuration+0x1a87/0x2110
[  355.785166][   T38]  usb_generic_driver_probe+0x8d/0x150
[  355.785241][   T38]  usb_probe_device+0x1c4/0x3b0
[  355.785341][   T38]  ? __pfx_usb_probe_device+0x10/0x10
[  355.785406][   T38]  really_probe+0x267/0xaf0
[  355.785497][   T38]  __driver_probe_device+0x1ef/0x380
[  355.785576][   T38]  driver_probe_device+0x4f/0x240
[  355.785661][   T38]  __device_attach_driver+0x279/0x430
[  355.785747][   T38]  bus_for_each_drv+0x25b/0x2f0
[  355.785842][   T38]  ? __pfx___device_attach_driver+0x10/0x10
[  355.785918][   T38]  ? __pfx_bus_for_each_drv+0x10/0x10
[  355.786008][   T38]  ? rt_spin_unlock+0x160/0x200
[  355.786114][   T38]  __device_attach+0x2c8/0x450
[  355.786213][   T38]  ? __pfx___device_attach+0x10/0x10
[  355.786310][   T38]  ? rt_spin_unlock+0x160/0x200
[  355.786384][   T38]  device_initial_probe+0xa1/0xd0
[  355.786443][   T38]  bus_probe_device+0x12d/0x220
[  355.786540][   T38]  device_add+0x7e9/0xbb0
[  355.786616][   T38]  usb_new_device+0x9f8/0x16e0
[  355.786742][   T38]  ? __pfx_usb_new_device+0x10/0x10
[  355.786860][   T38]  hub_event+0x2a49/0x4f60
[  355.787068][   T38]  ? __pfx_hub_event+0x10/0x10
[  355.787133][   T38]  ? process_scheduled_works+0xa70/0x1860
[  355.787222][   T38]  ? process_scheduled_works+0xa70/0x1860
[  355.787297][   T38]  ? process_scheduled_works+0xa70/0x1860
[  355.787371][   T38]  process_scheduled_works+0xb5d/0x1860
[  355.787527][   T38]  ? __pfx_process_scheduled_works+0x10/0x10
[  355.787636][   T38]  ? assign_work+0x3d5/0x5e0
[  355.787716][   T38]  worker_thread+0xa53/0xfc0
[  355.787851][   T38]  kthread+0x388/0x470
[  355.787932][   T38]  ? __pfx_worker_thread+0x10/0x10
[  355.787998][   T38]  ? __pfx_kthread+0x10/0x10
[  355.788076][   T38]  ret_from_fork+0x514/0xb70
[  355.788105][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  355.788139][   T38]  ? __switch_to+0xc79/0x1410
[  355.788282][   T38]  ? __pfx_kthread+0x10/0x10
[  355.788384][   T38]  ret_from_fork_asm+0x1a/0x30
[  355.788439][   T38]  </TASK>
[  355.788485][   T38] INFO: task syz.3.231:6621 blocked for more than 143 seconds.
[  355.788503][   T38]       Not tainted syzkaller #0
[  355.788523][   T38] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  355.788547][   T38] task:syz.3.231       state:D stack:27040 pid:6621  tgid:6599  ppid:5598   task_flags:0x400040 flags:0x00080002
[  355.788731][   T38] Call Trace:
[  355.788752][   T38]  <TASK>
[  355.788786][   T38]  __schedule+0x1681/0x54c0
[  355.788965][   T38]  ? lockdep_hardirqs_on+0x7a/0x110
[  355.789031][   T38]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  355.789099][   T38]  ? __pfx___schedule+0x10/0x10
[  355.789219][   T38]  rt_mutex_schedule+0x76/0xf0
[  355.789243][   T38]  rt_mutex_slowlock_block+0x508/0x680
[  355.789295][   T38]  ? rt_mutex_slowlock_block+0x2e9/0x680
[  355.789372][   T38]  rt_mutex_slowlock+0x2dc/0x780
[  355.789452][   T38]  ? rt_mutex_slowlock+0x1fd/0x780
[  355.789533][   T38]  ? __pfx_rt_mutex_slowlock+0x10/0x10
[  355.789639][   T38]  ? usbdev_open+0x182/0x790
[  355.789716][   T38]  ? usbdev_open+0x182/0x790
[  355.789855][   T38]  ? usbdev_open+0x182/0x790
[  355.789934][   T38]  mutex_lock_nested+0x168/0x1d0
[  355.790012][   T38]  ? usbdev_open+0xa7/0x790
[  355.790107][   T38]  usbdev_open+0x182/0x790
[  355.790194][   T38]  ? __pfx_rt_mutex_slowunlock+0x10/0x10
[  355.790291][   T38]  ? __pfx_usbdev_open+0x10/0x10
[  355.790359][   T38]  ? rt_spin_unlock+0x14f/0x200
[  355.790458][   T38]  ? rt_spin_unlock+0x160/0x200
[  355.790547][   T38]  chrdev_open+0x4d0/0x5f0
[  355.790634][   T38]  ? __pfx_chrdev_open+0x10/0x10
[  355.790713][   T38]  ? fsnotify_open_perm_and_set_mode+0x13b/0x6e0
[  355.790802][   T38]  ? __pfx_chrdev_open+0x10/0x10
[  355.790879][   T38]  do_dentry_open+0x83d/0x13e0
[  355.791021][   T38]  vfs_open+0x3b/0x350
[  355.791122][   T38]  ? path_openat+0x2e2b/0x38a0
[  355.996308][    C1] net_ratelimit: 3206 callbacks suppressed
[  355.996330][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  355.996774][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  355.998865][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  355.999294][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  356.001414][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  356.001952][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  356.004202][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  356.004640][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  356.006676][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:02:68:bd:89:1c:ce, vlan:0)
[  356.007086][    C1] bridge0: received packet on veth1_to_bridge with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  356.011948][  T819] usb 1-1: new full-speed USB device number 21 using dummy_hcd
[  356.089710][   T38]  path_openat+0x2e43/0x38a0
[  356.089782][   T38]  ? __pfx_path_openat+0x10/0x10
[  356.089813][   T38]  ? kasan_save_track+0x4f/0x80
[  356.089833][   T38]  ? kasan_save_track+0x3e/0x80
[  356.089854][   T38]  ? __kasan_slab_alloc+0x6c/0x80
[  356.089876][   T38]  ? kmem_cache_alloc_noprof+0x33b/0x680
[  356.089910][   T38]  ? do_raw_spin_lock+0x12b/0x2f0
[  356.089947][   T38]  do_file_open+0x23e/0x4a0
[  356.089973][   T38]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  356.090003][   T38]  ? __pfx_do_file_open+0x10/0x10
[  356.090025][   T38]  ? rt_mutex_slowunlock+0x4a7/0x8b0
[  356.090084][   T38]  ? alloc_fd+0x64e/0x6c0
[  356.090128][   T38]  do_sys_openat2+0x113/0x200
[  356.090166][   T38]  ? __pfx_do_sys_openat2+0x10/0x10
[  356.090215][   T38]  __x64_sys_openat+0x138/0x170
[  356.090252][   T38]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.090277][   T38]  do_syscall_64+0x15f/0xf80
[  356.090301][   T38]  ? trace_irq_disable+0x3b/0x140
[  356.090328][   T38]  ? clear_bhb_loop+0x40/0x90
[  356.090358][   T38]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.090381][   T38] RIP: 0033:0x7ff5a9b8d60e
[  356.090402][   T38] RSP: 002b:00007ff5a7dfcb28 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  356.090426][   T38] RAX: ffffffffffffffda RBX: 00007ff5a7dfd6c0 RCX: 00007ff5a9b8d60e
[  356.090443][   T38] RDX: 0000000000101301 RSI: 00007ff5a7dfcc00 RDI: ffffffffffffff9c
[  356.090459][   T38] RBP: 00007ff5a7dfcc00 R08: 0000000000000000 R09: 0000000000000000
[  356.090474][   T38] R10: 0000000000000000 R11: 0000000000000246 R12: cccccccccccccccd
[  356.090488][   T38] R13: 00007ff5a9e46128 R14: 00007ff5a9e46090 R15: 00007ffc630daad8
[  356.090533][   T38]  </TASK>
[  356.090568][   T38] 
[  356.090568][   T38] Showing all locks held in the system:
[  356.090580][   T38] 4 locks held by pr/legacy/17:
[  356.090601][   T38] 6 locks held by kworker/1:1/36:
[  356.090614][   T38]  #0: ffff888022296138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[  356.090672][   T38]  #1: ffffc90000ab7c40 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[  356.090728][   T38]  #2: ffff88802acde210 (&dev->mutex){....}-{4:4}, at: hub_event+0x17c/0x4f60
[  356.090898][   T38]  #3: ffff88802acf2658 (&port_dev->status_lock){+.+.}-{4:4}, at: hub_event+0x21b0/0x4f60
[  356.090951][   T38]  #4: ffff888028ad0458 (hcd->address0_mutex){+.+.}-{4:4}, at: hub_event+0x21e0/0x4f60
[  356.091005][   T38]  #5: ffffffff8ec00d60 (ehci_cf_port_reset_rwsem){.+.+}-{4:4}, at: hub_port_reset+0x14e/0x1820
[  356.091060][   T38] 1 lock held by khungtaskd/38:
[  356.091073][   T38]  #0: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  356.091136][   T38] 3 locks held by kworker/u8:4/66:
[  356.091152][   T38] 4 locks held by kworker/u8:6/175:
[  356.091165][   T38]  #0: ffff88801b290938 ((wq_completion)netns){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[  356.091219][   T38]  #1: ffffc90003ab7c40 (net_cleanup_work){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[  356.091275][   T38]  #2: ffffffff8f347760 (pernet_ops_rwsem){++++}-{4:4}, at: cleanup_net+0xf4/0x800
[  356.091328][   T38]  #3: ffffffff8f3564b8 (rtnl_mutex){+.+.}-{4:4}, at: default_device_exit_batch+0xe5/0xa00
[  356.091383][   T38] 8 locks held by kworker/1:2/819:
[  356.091399][   T38] 6 locks held by kworker/u8:7/992:
[  356.091416][   T38] 5 locks held by kworker/u8:11/2153:
[  356.091430][   T38] 6 locks held by kworker/u8:12/2364:
[  356.091457][   T38] 2 locks held by dhcpcd/5255:
[  356.091469][   T38]  #0: ffff8880217c4928 (nlk_cb_mutex-ROUTE){+.+.}-{4:4}, at: __netlink_dump_start+0xfe/0x7e0
[  356.091531][   T38]  #1: ffffffff8f3564b8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_dumpit+0x92/0x200
[  356.091582][   T38] 2 locks held by getty/5350:
[  356.091594][   T38]  #0: ffff8880373740a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  356.091648][   T38]  #1: ffffc90003cbe2e0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x462/0x13a0
[  356.091713][   T38] 5 locks held by kworker/0:3/5605:
[  356.091726][   T38]  #0: ffff888022296138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[  356.128575][   T38]  #1: ffffc90004417c40 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[  356.128703][   T38]  #2: ffff88802abe6210 (&dev->mutex){....}-{4:4}, at: hub_event+0x17c/0x4f60
[  356.128905][   T38]  #3: ffff88802a458210 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x450
[  356.129049][   T38]  #4: ffff888065bbf1d8 (&dev->mutex){....}-{4:4}, at: __device_attach+0x88/0x450
[  356.129161][   T38] 5 locks held by kworker/0:7/5840:
[  356.129175][   T38]  #0: ffff888038bcbd38 ((wq_completion)wg-crypt-wg0#3){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[  356.129280][   T38]  #1: ffffc90005bafc40 ((work_completion)(&peer->transmit_packet_work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[  356.129440][   T38]  #2: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: __local_bh_disable_ip+0x3c/0x420
[  356.129622][   T38]  #3: ffffffff8dfc8140 (rcu_read_lock){....}-{1:3}, at: process_backlog+0x271/0xc60
[  356.129804][   T38]  #4: ffff88801ea9cb58 (&n->list_lock){+.+.}-{3:3}, at: __refill_objects_node+0x87/0x560
[  356.129976][   T38] 4 locks held by udevd/5962:
[  356.130010][   T38]  #0: ffff888060ee71a8 (&p->lock){+.+.}-{4:4}, at: seq_read_iter+0xb8/0xe20
[  356.130169][   T38]  #1: ffff88802cc6f078 (&of->mutex#2){+.+.}-{4:4}, at: kernfs_seq_start+0x5c/0x420
[  356.130373][   T38]  #2: ffff88803bf142d8 (kn->active#27){.+.+}-{0:0}, at: kernfs_seq_start+0xb2/0x420
[  356.130557][   T38]  #3: ffff88802a458210 (&dev->mutex){....}-{4:4}, at: manufacturer_show+0x26/0xa0
[  356.130697][   T38] 4 locks held by kworker/u8:14/6065:
[  356.130730][   T38] 4 locks held by kworker/u8:15/6068:
[  356.130770][   T38] 3 locks held by kworker/u8:16/6070:
[  356.130804][   T38]  #0: ffff8880326fe938 ((wq_completion)ipv6_addrconf){+.+.}-{0:0}, at: process_scheduled_works+0xa35/0x1860
[  356.130983][   T38]  #1: ffffc900064ffc40
[  356.132838][ T5606] Bluetooth: hci6: command tx timeout
[  356.171537][   T38]  ((work_completion)(&(&net->ipv6.addr_chk_work)->work)){+.+.}-{0:0}, at: process_scheduled_works+0xa70/0x1860
[  356.171701][   T38]  #2: ffffffff8f3564b8 (rtnl_mutex){+.+.}-{4:4}, at: addrconf_verify_work+0x19/0x30
[  356.171864][   T38] 1 lock held by syz.3.231/6621:
[  356.171900][   T38]  #0: ffff88802abe6210 (&dev->mutex){....}-{4:4}, at: usbdev_open+0x182/0x790
[  356.172112][   T38] 3 locks held by kworker/u8:18/7269:
[  356.172156][   T38] 4 locks held by syz.2.476/7444:
[  356.172207][   T38] 1 lock held by syz-executor/7457:
[  356.172242][   T38]  #0: ffffffff8f3564b8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x883/0x1bb0
[  356.172545][   T38] 1 lock held by syz-executor/7514:
[  356.172586][   T38]  #0: ffffffff8f3564b8 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_newlink+0x883/0x1bb0
[  356.172730][   T38] 1 lock held by syz.1.504/7537:
[  356.172763][   T38]  #0: ffffffff8dfce2f0 (rcu_state.barrier_mutex){+.+.}-{4:4}, at: rcu_barrier+0x4c/0x580
[  356.172889][   T38] 
[  356.172895][   T38] =============================================
[  356.172895][   T38] 
[  356.172932][   T38] NMI backtrace for cpu 1
[  356.172977][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  356.173043][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  356.173077][   T38] Call Trace:
[  356.173100][   T38]  <TASK>
[  356.173130][   T38]  dump_stack_lvl+0xe8/0x150
[  356.173199][   T38]  nmi_cpu_backtrace+0x274/0x2d0
[  356.173299][   T38]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  356.173379][   T38]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  356.173473][   T38]  sys_info+0x135/0x170
[  356.173537][   T38]  watchdog+0xfd3/0x1030
[  356.173627][   T38]  ? watchdog+0x1c9/0x1030
[  356.173712][   T38]  kthread+0x388/0x470
[  356.173791][   T38]  ? __pfx_watchdog+0x10/0x10
[  356.173855][   T38]  ? __pfx_kthread+0x10/0x10
[  356.173936][   T38]  ret_from_fork+0x514/0xb70
[  356.174001][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  356.174074][   T38]  ? __switch_to+0xc79/0x1410
[  356.174154][   T38]  ? __pfx_kthread+0x10/0x10
[  356.174187][   T38]  ret_from_fork_asm+0x1a/0x30
[  356.174323][   T38]  </TASK>
[  356.174384][   T38] Sending NMI from CPU 1 to CPUs 0:
[  356.174413][    C0] NMI backtrace for cpu 0
[  356.174428][    C0] CPU: 0 UID: 0 PID: 17 Comm: pr/legacy Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  356.174449][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  356.174460][    C0] RIP: 0010:native_apic_msr_write+0x39/0x50
[  356.174490][    C0] Code: 74 2a 83 ff 30 74 25 eb 10 81 ff d0 00 00 00 74 1b 81 ff e0 00 00 00 74 13 c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 c3 cc cc cc cc cc 89 f6 31 d2 e9 a6 c0 69 03 66 0f 1f 44 00
[  356.174508][    C0] RSP: 0018:ffffc90000167590 EFLAGS: 00000046
[  356.174524][    C0] RAX: 000000000001df14 RBX: ffff8880b8823e40 RCX: 0000000000000838
[  356.174537][    C0] RDX: 0000000000000000 RSI: 000000000001df14 RDI: 0000000000000838
[  356.174549][    C0] RBP: ffffc90000167658 R08: 0000000000000000 R09: 0000000000000000
[  356.174561][    C0] R10: 0000000000000100 R11: ffffffff817426a0 R12: 000000000001df14
[  356.174573][    C0] R13: dffffc0000000000 R14: 0000000010003c65 R15: 0000000000000020
[  356.174586][    C0] FS:  0000000000000000(0000) GS:ffff88812617a000(0000) knlGS:0000000000000000
[  356.174602][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  356.174614][    C0] CR2: 0000001b32711ff8 CR3: 000000000ddb6000 CR4: 00000000003526f0
[  356.174630][    C0] DR0: ffffffffffffffff DR1: 00000000000001f8 DR2: 0000000000000007
[  356.174642][    C0] DR3: ffffffffefffff15 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  356.174655][    C0] Call Trace:
[  356.174661][    C0]  <TASK>
[  356.174667][    C0]  lapic_next_event+0x11/0x20
[  356.174690][    C0]  clockevents_program_event+0x385/0x630
[  356.174721][    C0]  ? __pfx_clockevents_program_event+0x10/0x10
[  356.174753][    C0]  ? tick_program_event+0x8f/0x120
[  356.174777][    C0]  __hrtimer_rearm_deferred+0x273/0x460
[  356.174797][    C0]  hrtick_schedule_exit+0x1c7/0x2b0
[  356.174826][    C0]  __schedule+0x1c36/0x54c0
[  356.174859][    C0]  ? __pfx_sprintf+0x10/0x10
[  356.174890][    C0]  ? info_print_prefix+0x20f/0x360
[  356.174914][    C0]  ? __pfx___schedule+0x10/0x10
[  356.174940][    C0]  ? _prb_read_valid+0xa95/0xab0
[  356.174969][    C0]  ? record_print_text+0x28e/0x450
[  356.174989][    C0]  ? __pfx_rtlock_slowlock_locked+0x10/0x10
[  356.175021][    C0]  preempt_schedule_irq+0x4d/0xa0
[  356.175039][    C0]  irqentry_exit+0x14f/0x730
[  356.175057][    C0]  ? trace_irq_disable+0x3b/0x140
[  356.175081][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  356.175101][    C0] RIP: 0010:io_serial_out+0x7c/0xc0
[  356.175132][    C0] Code: 4b 90 fc 44 89 f9 d3 e5 49 83 ee 80 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 ac 54 f7 fc 41 03 2e 89 d8 89 ea ee <5b> 41 5c 41 5e 41 5f 5d c3 cc cc cc cc cc 44 89 f9 80 e1 07 38 c1
[  356.175148][    C0] RSP: 0018:ffffc90000167a30 EFLAGS: 00000202
[  356.175162][    C0] RAX: 000000000000005d RBX: 000000000000005d RCX: 0000000000000000
[  356.175173][    C0] RDX: 00000000000003f8 RSI: 0000000000000000 RDI: 0000000000000000
[  356.175184][    C0] RBP: 00000000000003f8 R08: 0000000000000000 R09: 0000000000000000
[  356.175195][    C0] R10: dffffc0000000000 R11: ffffffff853425a0 R12: dffffc0000000000
[  356.175210][    C0] R13: 0000000000000001 R14: ffffffff99b156a0 R15: 0000000000000000
[  356.175224][    C0]  ? __pfx_io_serial_out+0x10/0x10
[  356.175267][    C0]  serial8250_console_write+0x12e1/0x1b90
[  356.175301][    C0]  ? __pfx_serial8250_console_write+0x10/0x10
[  356.175325][    C0]  ? console_flush_one_record+0xfa/0xb90
[  356.175352][    C0]  ? console_flush_one_record+0x48f/0xb90
[  356.175378][    C0]  console_flush_one_record+0x68b/0xb90
[  356.175406][    C0]  ? console_flush_one_record+0xfa/0xb90
[  356.175433][    C0]  ? __pfx_console_flush_one_record+0x10/0x10
[  356.175458][    C0]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  356.175480][    C0]  legacy_kthread_func+0x1b6/0x250
[  356.175506][    C0]  ? __pfx_legacy_kthread_func+0x10/0x10
[  356.175529][    C0]  ? __pfx_autoremove_wake_function+0x10/0x10
[  356.175553][    C0]  ? __kthread_parkme+0x7a/0x1f0
[  356.175579][    C0]  kthread+0x388/0x470
[  356.175603][    C0]  ? __pfx_legacy_kthread_func+0x10/0x10
[  356.175625][    C0]  ? __pfx_kthread+0x10/0x10
[  356.175650][    C0]  ret_from_fork+0x514/0xb70
[  356.175671][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  356.175691][    C0]  ? __switch_to+0xc79/0x1410
[  356.175719][    C0]  ? __pfx_kthread+0x10/0x10
[  356.175744][    C0]  ret_from_fork_asm+0x1a/0x30
[  356.175775][    C0]  </TASK>
[  356.180695][   T36] usb 5-1: Using ep0 maxpacket: 16
[  356.242387][   T38] Kernel panic - not syncing: hung_task: blocked tasks
[  356.242409][   T38] CPU: 1 UID: 0 PID: 38 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT_{RT,(full)} 
[  356.242434][   T38] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  356.242446][   T38] Call Trace:
[  356.242454][   T38]  <TASK>
[  356.242463][   T38]  vpanic+0x56c/0xa60
[  356.242506][   T38]  ? __pfx_vpanic+0x10/0x10
[  356.242535][   T38]  ? irqentry_exit+0x218/0x730
[  356.242566][   T38]  panic+0xc5/0xd0
[  356.242592][   T38]  ? __pfx_panic+0x10/0x10
[  356.242631][   T38]  ? __pfx_panic+0x10/0x10
[  356.242661][   T38]  watchdog+0x102c/0x1030
[  356.242694][   T38]  ? watchdog+0x1c9/0x1030
[  356.242726][   T38]  kthread+0x388/0x470
[  356.242756][   T38]  ? __pfx_watchdog+0x10/0x10
[  356.242780][   T38]  ? __pfx_kthread+0x10/0x10
[  356.242811][   T38]  ret_from_fork+0x514/0xb70
[  356.242841][   T38]  ? __pfx_ret_from_fork+0x10/0x10
[  356.242866][   T38]  ? __switch_to+0xc79/0x1410
[  356.242903][   T38]  ? __pfx_kthread+0x10/0x10
[  356.242935][   T38]  ret_from_fork_asm+0x1a/0x30
[  356.242980][   T38]  </TASK>
[  356.243573][   T38] Kernel Offset: disabled