last executing test programs:

5m47.152690766s ago: executing program 1 (id=1186):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_HEADER(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x28, 0xc, 0x6, 0x301, 0x0, 0x0, {0x3, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x28}, 0x1, 0x0, 0x0, 0x4040085}, 0x8000) (fail_nth: 3)

5m47.018939578s ago: executing program 1 (id=1189):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{0x0}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f4772e36c6c2fd4f69b65cc435f93c1a490cb75162251e15942b29", 0xce}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784b", 0x4a}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e95bc46471fae9167768d58f22f", 0x6f}, {&(0x7f00000000c0)}], 0x5}}, {{&(0x7f0000000a40)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha256\x00'}, 0x80, 0x0, 0x0, &(0x7f0000000cc0)=[@mark={{0x14, 0x1, 0x24, 0x9a9}}, @mark={{0x14, 0x1, 0x24, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x101}}, @txtime={{0x18, 0x1, 0x3d, 0x80}}, @txtime={{0x18, 0x1, 0x3d, 0x9d}}], 0x78}}], 0x2, 0x20000044)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}], 0x3, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

5m46.964174583s ago: executing program 1 (id=1190):
syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400150102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xc, 0x1ff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x66)
r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
write$char_usb(r0, &(0x7f0000000080)='0', 0x1)

5m45.631697535s ago: executing program 1 (id=1201):
sendmsg$NFNL_MSG_CTHELPER_NEW(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x34, 0x0, 0x9, 0x801, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFCTH_PRIV_DATA_LEN={0x8, 0x5, 0x1, 0x0, 0x1c}, @NFCTH_NAME={0x9, 0x1, 'syz1\x00'}, @NFCTH_POLICY={0xc, 0x4, 0x0, 0x1, {0x8, 0x1, 0x1, 0x0, 0x3}}]}, 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x2000000)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x1cb)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='.\x00', 0x0, 0x8b7840, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)
mkdir(&(0x7f0000000140)='./file0/../file0\x00', 0x190)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x2042, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000080)='.\x00', 0x0, 0x897848, 0x0)
mount$bpf(0x0, &(0x7f00000001c0)='./file0/../file0\x00', &(0x7f0000000240), 0x200001, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="05002ebd7000000000002e00000008000300", @ANYRES32=r2, @ANYBLOB="08004a000aac0f40050034"], 0x2c}}, 0x810)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
getsockopt$bt_l2cap_L2CAP_CONNINFO(r3, 0x6, 0x2, 0x0, &(0x7f0000000040))
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3400000040000701fcffffff00000100017c0000040042800c00018006000600800e0000100002800c0019"], 0x34}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)

5m45.585118221s ago: executing program 1 (id=1202):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)={0x14, 0x43, 0x107, 0xfffffffe, 0x25dfdbfc, {0x1, 0x7c}}, 0x14}, 0x1, 0x0, 0x0, 0xc004}, 0xc000)
bind$rds(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x4e24, @local}, 0x10)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000040)="b99d0100000f320fc76fb4360fc9bb25cc00007666ba6b416000f303c70fae6e2fc0c00f0f2367260f01ca660f38817700c4c2459d78ad", 0x37}], 0x1, 0x51, 0x0, 0x0)
ioctl$KVM_SET_NESTED_STATE(r0, 0x4080aebf, &(0x7f0000005700)=@vmx={0x0, 0x0, 0x2080, {}, {"000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400"}})
ioctl$KVM_RUN(r0, 0xae80, 0x0)

5m44.876904458s ago: executing program 1 (id=1205):
r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_netdev_private(r1, 0x8946, &(0x7f0000000140)="a6cc04e2d8f1c38afbf14b29b86e3a")
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x3}, 0x1c)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={r4, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xd4}, 0x9c)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000700)={0x44, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB="b0000000", @ANYRES16, @ANYBLOB="01"], 0xb0}}, 0x0)
ioctl$FS_IOC_GETVERSION(r5, 0xc0105b08, &(0x7f0000000040))

5m44.702826173s ago: executing program 32 (id=1205):
r0 = syz_usb_connect(0x2, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_netdev_private(r1, 0x8946, &(0x7f0000000140)="a6cc04e2d8f1c38afbf14b29b86e3a")
r2 = socket$inet6_sctp(0xa, 0x5, 0x84)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0x3}, 0x1c)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r3, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r4=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f00000001c0)={r4, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xd4}, 0x9c)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000700)={0x44, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
sendmsg$TIPC_NL_MEDIA_SET(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=ANY=[@ANYBLOB="b0000000", @ANYRES16, @ANYBLOB="01"], 0xb0}}, 0x0)
ioctl$FS_IOC_GETVERSION(r5, 0xc0105b08, &(0x7f0000000040))

8.879846807s ago: executing program 3 (id=2503):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000300), r1)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0x1d, 0xa2, 0x77, 0x40, 0x112a, 0x1, 0xcc2f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x1, 0x15, 0x50, 0xf5, "", [{{0x9, 0x4, 0x24, 0x81, 0x0, 0x92, 0x84, 0x73, 0x9f}}]}}]}}, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x4008054)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{0x0}], 0x1}, 0x0)
write$nci(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="5001"], 0x14)

8.647131176s ago: executing program 0 (id=2508):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000740)={0x48, 0x2, r1})
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000001, 0x4c032, 0xffffffffffffffff, 0x0)
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f00000007c0)={0x48, 0x3, r1, 0x0, &(0x7f0000000000/0x800000)=nil, 0x800000, 0x1004000})

8.396568677s ago: executing program 0 (id=2510):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000001500)=[{{0x0, 0x0, &(0x7f0000000300)}}, {{&(0x7f0000000600)=@can, 0x80, &(0x7f0000000680), 0x0, &(0x7f0000000b40)}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000014c0)}}], 0x3, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000f80)=[{{0x0, 0x0, &(0x7f0000000f00)=[{&(0x7f0000000540)}, {&(0x7f00000006c0)="58b327f21946add0e0c31b173119ac7b4ceda64bbfbc8159462a8686f4303aeee1d7c9b54c4bd660fe192582950eb09a8bae632fb4e7313e3828773c09fec9b010373ca7be0ccc91233fffcfe03f287a50f2b4a970278097aed06e61a0f2da47b0bd02fcb45bf35e78c15cc4c5d6d163a6eaf921d8afc7d8376e847f403535371a24ce2a19c3898aca", 0x89}, {0x0}, {0x0}, {0x0}], 0x5}}], 0x1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0xeeee8000, 0x4, 0x3, 0xf1, 0x5, 0xfa, 0xd4, 0x6, 0x0, 0x4, 0x7, 0x4f}, {0x5000, 0x2, 0xd, 0x9, 0x8, 0x3, 0xb, 0xb, 0x5, 0xf, 0x3, 0xc0}, {0xffff1000, 0x9000, 0xb, 0x1, 0x2, 0x7, 0x4, 0x4, 0x81, 0x0, 0x6, 0x5}, {0xeeee8000, 0x2000, 0x8, 0xf8, 0x3, 0x46, 0x2, 0xd, 0x6, 0xf3, 0x8, 0x1}, {0x100000, 0x4000, 0x9, 0x9, 0x3, 0x9, 0xd, 0x6, 0x5, 0x9, 0xc, 0x4b}, {0x6000, 0x0, 0x4, 0x4, 0x3, 0x7d, 0x1, 0xff, 0x4, 0x90, 0x1, 0xfc}, {0x8000000, 0x4000, 0x0, 0x9d, 0x3, 0x0, 0x0, 0xb, 0x5, 0x7, 0x9, 0xf8}, {0xf7f63004, 0x8000000, 0xf, 0x5, 0x7, 0x3, 0xa, 0x9, 0x54, 0x1, 0x2, 0x7}, {0xdddd1000, 0x5}, {0x4, 0x9}, 0x40030000, 0x0, 0x80a0000, 0x300, 0x1, 0xa901, 0xe6e70c00, [0x3, 0x401, 0x7, 0xc5]})
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be", 0x6)
r3 = accept4(r2, 0x0, 0x0, 0x800)
r4 = syz_open_procfs(0x0, &(0x7f00000020c0)='net/wireless\x00')
preadv(r4, &(0x7f0000001540)=[{&(0x7f0000001600)=""/171, 0xab}], 0x1, 0x2000000, 0x0)
sendmmsg$alg(r3, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text32={0x20, &(0x7f00000000c0)="650f340f3566b842000f00d8b805000000b9a00000000f01c13e0f070fde460b0f0130670f01c2f2360f217a0f07", 0x2e}], 0x1, 0x11, 0x0, 0x0)
pwritev(0xffffffffffffffff, &(0x7f0000000b00)=[{&(0x7f0000001880)="ea7c5828b87d70214008724bcae1ce6577c01031b19698ecb8a7f5183947918ce2cc9dc778dbfff9e28e1a6df7d8f95c3e45768a6786d6325bc0fe4ed394c8ed0edcbb9f917074251a7f5b6b24c52516a68f181592262dfd12b5af7386658c5fb6c36d86d5084624a302a155c0463b6c36e9fc88338b0f66e2713728a21d19d9a33da93d419df63d8a87fa100381ec74de8b7409f4977d3cd7a9f2fb03cec91c4277b39b2c9f227a9b74926a11960d085e2aaf98673d2a67fa95b8d9dcc72ca6181f6b9b2d1c402267e6cfef5599e1520077d9bc472fb5a5db42b1befd498ec7b8d519b12f065323b15280a2540bc7a4ffe508fc12f93707064caf4111e893142f9867b432b1e6258caa2ae081b8b646c25de7f5366a21f9dd257b84546cd316e17b79d22c4bcaf70e8a96d1e502b53c581c75482d1d63f0d5f3fb5bdbb714583f0798e0c4d6c9d99513e91a68a26612053290f15f5a2e06acfa229356e37b4d57697224e9561c0430a67fcb5dea72acc91e60751a5b07eb603548a646f082ce213347b4ee908bd95cc56775330aa09d4f19f48a8cb5d7f6346d82bab8ff019309684bd01eb4d90febe2269cd2a1100130c242a2995ce38638a3bbc9008ac0e820a1e0b9a9511af47aa7f3e30a69589985423f3b4ea98152433bf1aa53a0981f783f11c4cc50f70fe63b2043b74b9cb7da59caedadc1fa1f662831a353969893d4f93b919cda52a1ce2200a0a7895abb293c29d6d197cce98a4df8fc90c582014742a00b4bd09f1fcc5ff5753320d2b5593e657c0fb87a4cfa323ce59111eea806a6e020fb0c4fdd601087811e33e793975b5e9e936c16d243bdea757e0ee4508f5d5b496ed07b6f0f1f46ed752448f30d679b23ba8142d4ab25beb913ee77547866e5d9501a55e9797ba3407f3f4cc11398bdaf3ac4c2e79a5b133a09fcf8ae790bb985fa01daf2758fd8a77fde15a822227dddf64bb2ebc49a56ad025e01c6c59e4818abdf808789d9f87c103cf7f7d21d2a1345b9b7fd66b1cf96002343fbd62f8080d945e70bd93d4bf42b401477abed49065b4a8ccfb9d93724118168de2e8df4f78ccf3b9593f993423a619ef6bd8392a2cfc6424d3687fcdc67d33073db95d856f312b934d05a3c4e967217837920fee73b00757b617d1ef3bfc2e88a8a72f0948263db2c9e7bd491f059b6ee8d0ea3f2193314562910529869b248172bfe0f914f7a91a27c6e9e6c2e3455a7ae765392b48fc959958aa39a5a483b2a6e873ac76f8579515e42f7a3bbc82bcf71edaf12f7b40a2adc74d67ef793988cc8ac788185049e57fb84757bdc700ffde10afc19df290787ed98222f8afb2b6d11944666331350e2914466b398750acae526146373b2cbe1bdd1803e6c920a182a1ad118a3d09313c2ce2703a0a1c09215cab90c35b03b1c795cf704f42dd31ddff6be67bb355977b2e07609c5228299a170308e54705674384fc294cdfa4abf989d3c3bf3eabbbcf52a6a0646bf6db5b61ad027007464fd6fc10490ee2e9190c28ae5cb3733105cb782c0d53e5c79c3e455609d557d824154d01e282788ec8ae7c8a03fcd6cd4e37829b0f921c46d715454d5e1281c641cf0756a2f31b0369ce94e819e6254af95b88bffd7bb2cfe9469d303497fead174839b2789b5aa703176510eab1f46916b3b63f6f5b2df262fe7274a0cee9bd6e115e5f9f48ac1c09e5b3c546ae95b9916a633869854d3ee39d4acb800e876e7fc084ffd79a20fca8331caff657ec89b445c6012ff7eb9531eb1e8c90cdc66b82d6fd608310099503a9dcf50b40d10a3b1ab520477e20ad5f6405cd4b5b36d201e12088d7868c6e94737ea88db6ed5f7df4d31cbd2d0c4f21cdcc3b181f5aae7216dc4c06b2989bb44e5369ba96ce87f3e3abbb530d103a53d7e0b914115c302c935eea7d256a73aa851d84dec6d9112163be8135889c67fa90e796a6f050fba0a6a740618cd513748072daac9f3e25034772cc400a14834afbde835bc9fd7cf1113d67ebe99a3b78907596886ad5a1670ef572c18e26c98fe40194428de339cba7b8efc5fa7faf7512ef6b89a877f3e534fb4512729df686e14aece08fab3b42ea14acde0e18ffe5dc00e74288661c7463e00f3b942cddf3b71e1dcf71989f378b933df099316451cca296a4e117bbeb3b1e552e5a10f9731449ae830de14989049ce818f720e77e78a86c307c80450b26278bc25ee7390ce6d4c4dfc8d39b6b4b1ce6f3865dbdd1d37aedb555288bea9ef95c8600dea1cd10e9e42d15aa804f99a31bfaa5ea52185333d734c766e3bb4a9abf86cf4d840dc188167a25cc3054b65fd7ce053d38518474ab55e59c1ccaf34d57b4cd73b07ed63d754ab3d57dfc0f67bbdb22e33d9f63aa2b36cf0af338794d4acbd1b13669bde67f7bd032f9c6b400e8054a0cff77fc6e0591195b21715e42c881e23156b4ba504d7e1b6eb9c2ec9b9e382d85f7c52bd964d305da9496dbaa022880ddf236730c458f31258d64ae2668aa863b3fe558c7f8cfb3dabf42edcaf2891e9b9462c44153658eae85cd499abd9dca762adf26d9904d28b772b3fc3d066d56261474c944387ac7eb00059025ff25e34b8f7c2986db1ccc4297e1315c3ceeef1b8f98e0500bbb8bb0ab52d80f8c6c8fa5d24b9a05f5350e2fd59af4b9fa9a2b4339b61e208f227ba968d4dbd36246133de2078c6a15dd57754a3537c31d04da545f062dbf9cbaa0840e23974f441a4d5937fec23ff81c193bd951a7bacac8eb6d4705702cbe3c930f27869753ba6026455bbb7742c53644f1646d7545467091a207905f831505f214fbd818aea4455705b5e727850cdcac40620135b8dba85cb0c0f393af252ec082cba5c43385fbc2cc5682bc1994b064e29c8c5a20e7e6d15fbb13e6fd1a86b2fda666fbcd80fd08be00a7423fcafbdd8283bac88ead203bc10d1c1a13ca2fe853fa6cc8991b0476561be085b086b0d0e45f73e59f519342c13f368a37464cb55b8a13846f4cd610536d5c4b8704fcd347abe6712d3de67d7918e6954898f31647a8ea37ecc2e1bb02b1b26e7a60fbb2b0a48efc5795c12d5c4ac8dc4149dea0f2e085422ec69352882622711b74e1e32c7ead2cf3c554e8ff1648e8b66d0dc6997b6304b3b560a33d75aa49476175a386ca721156ea79bdba432d439dbceb0285561abd5d134badd9f38c04fae8fa920edfff15705371c907848c14acdfb0b22a4c7168e1840e8b8a50349dcee5f429b3cb34e30f0f67acf93604792b8574f36ea9409d422621f3c0c7b781fc8e23d1d46f04a9b44f633e5f72cb079fbde66a9745705666c6dab6238628e57ee6cffa8cfad616dac1abe2789c9efccb4fc7e65e490d9a4e49e7ce72a6980e72f70a17649e67de86f86b61a4b6219daefc939b5904e5712ecaf85c98484fc02585b1aa990b95173e4a2907cf877af696e528e6b2b634a4fb7d791cacc8644fa76e062148d411e18f0da5aed22116828cd700a28e8f46bca950550acb4ab05eddeb6b2dac24702cff4de0a3ece393cac879ed2f0c5b9645839cfdb79fb1df87596b14504cba9dddda51edaffcd0214b91b5898ea022774e699aa0caf0f646cc0cb8e8fc8b8be43c23aa7f6bd29fd0615c0b78f3514a52989d7f35ad08a4bd473e61da6657cc2e85d3b2b7d3fb51174a96f27038ddbc87a35e09a668e436aa40146c6a26dca87b39220f139b772719d80aadb752c622bf09acd6846838fb48a8817ba4aa72eaa32e82251b3789969d8518f9aa07cdcb9a355f73f119725c086168aaca262f13cd742e5f06c969a462638a557e15a4f5d43e3242c08f23b00d2b8d57c60d3636abd4068ec03a4be3429b95e41351ab5c58812e552df90c3e6c9d8779aa484e74f073ea9fcdce13b1dff8e7c101b2c6865c5cefe108e3559f520e2bc42c9dc39b57fddb44ca49f2689e10c1381c0740d20cbca46da475c62f513cb08398a5fd5d4f6b13ce839fe149df0d291a8f7267fe90a7e1845dace17cd927c2d1aeffbdc36bb983172ceff025e84b0419645fcc72897b992f5081c78756122391947f08ccd20806cfc2bded705b472fc52e84734e016cbd309aadebbbb4e8bdfed77b1e0b15ce0904838d9e4d64643df66f0353c377e554b428dc0f31189a134cdb8e66d2755e84c2b2409c3d63a81f5f05616baf6a243b09153a4f8289e15a5a4ffb007b0cbeffde25391bb2acd86b453e245643c0fa1dfe5d42e0e3f1c592a00b77f0133adf7989c6c2bf3ddc0b8a2b14f35d33f62f4ee2fc56166372058e997b9abe6bad8aa718f8d87ad095e8f354aaef540840437b5451771266a8358ed75954db52b38bca4a1c8696dca1de03b12627254409f8bb68c94eeaa1a8bcf894482b96e81b9ff5c2383a907537a191aff0bb5b5418ef5670cecca1cfbd41b61879b11a5a5053cd86cf5d61f8c2f7d7ad2034a1801b3b92a79ac3b4343c680008b1ba10577a35173cac6d4dbc1d00e436f238b57093b34d4ea19c225b84a2d6086cc6cf72595b980c88142d268bbf9c8375a93afe75c3583b3b9687368d78147985d209e6d89c335e948c51696a948f01ad062dcf84a99584466e24646b2e441fefb10ef962432f2925d6d98e790acf4ca7d9339a589a537aa3392ec79f34a6544144072ab8248e45ac560a78c70c5afcbf10909299dfcd67981c88780c1340c951e115ffec56d23b9ead6a55024e199238f4b133e3e1e0e84318b5037a3947ae09749c25c7e4887936ecf0ba9a807dfa471ea1f3350b70feb58dc9e2836365ce4db456a341e43410cac1253fe08e79c21fca932716f4c171fc957cb325737b70532d81f0eb2f0a16478c0d934165728f7b29a8a0ff6bc964e99dea26d3efd28336b00c112a26da7a2ea1c21a9688cc3a68293958edf27ae89e5f9b8348af4121028e760cf68c931af92906d27dad4d330df9201b5395ccce0c803806422883667ccb11438d9dbe1901d4ab98d89914b313338486deb6f748053517e2188c479adb1eabb8e8ed5d05bb3f66826fae83bbc5bce3615ee32d937ffbe8846a1156aaf7bf9b9d4189bdf290b3df254077688eeda824d6ea0a452f7e7f915c1a94ee250a3907ec035d7ba7bb0256811f04646ca156b8925506c774df4d4072c02929e985057a5f7ddc1469c7306e6fdb86b810ada1cc96f6bd389597dd27dd656f55c316fb2d56b2d13eddf893722e813934a19778719be99697c365222db64039f9caab1201c430e53df1af8a0321c8759fc33e8204150080979936d0717f6c4c9145fb828389acbb894a4600485e8b105c7165a40e814889343deead6d434a8da60eed1e50aa507ac2793b4a4c5517265f859f223bb4f6cadc6fb53430304baea18189e2b5ddd266c38f5c325ba391a50fcd34060d217c4118889c4275e40a8428099ddfa3cc0d8241c22fc1554318e922f3b1257f2046d70df460c5283a539487583ffca1972a19237b06480e0a56d9e185fe4dc3607666d81ed0d9d9f5c5c568a5a0a87160b6d35c73dae9c6177f2b25d90a2598042f4b43bc765fa86a831c401a01c391a8fdc8f8c742f2322a1b8ef18ec7d82f013893c981f6bd96ec57d8e73e1633ae3970721fcea055ecc836ce3", 0xf91}], 0x1, 0x1, 0x2)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0) (fail_nth: 4)

7.783185221s ago: executing program 2 (id=2514):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000004c0)=ANY=[@ANYBLOB="28000000400007012bbd700001000000047c000008004280040007"], 0x28}, 0x1, 0x0, 0x0, 0x48815}, 0xc020)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), 0xffffffffffffffff)
sendmsg$NL80211_CMD_CRIT_PROTOCOL_STOP(0xffffffffffffffff, &(0x7f0000000e00)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000d80)={0x0}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f0000000600)=[{0x0}, {&(0x7f0000000bc0)}, {&(0x7f0000000580)="8f966bd94d169820f6b844307d323b8c13deae", 0x13}], 0x3}}], 0x1, 0x20000044)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00'})
madvise(&(0x7f0000ff7000/0x6000)=nil, 0x6000, 0x12)
set_mempolicy_home_node(&(0x7f0000ff6000/0x4000)=nil, 0x4000, 0x0, 0x0)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="f4060020", @ANYRES16=r1, @ANYBLOB="01000000000046e14f003b00000008000300", @ANYRESDEC=r2, @ANYRESOCT=r2], 0x6f4}}, 0x2000c018)

7.782594157s ago: executing program 0 (id=2515):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f", 0x70}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f4772e36c6c2fd4f69b65cc435f93c1a490cb75162251e15942b29", 0xce}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d", 0x54}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e95bc46471fae9167768d58f22ff10ba3cc2050b1ee838ce9e4ac5a1544fec3e291272cfaaa4817539972fb8bb2ede33131", 0x93}, {&(0x7f00000000c0)}], 0x5}}], 0x1, 0x20000044)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$WPAN_SECURITY_LEVEL(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000100)=0xfffffffe, 0x4)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b000000", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

5.755282054s ago: executing program 0 (id=2517):
r0 = syz_open_dev$dvb_dvr(&(0x7f0000000380), 0x0, 0x800)
ioctl$DVB_DVR_DMX_SET_BUFFER_SIZE(r0, 0x40000000, 0x1d6000)

5.70622799s ago: executing program 2 (id=2518):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000001340))
ioctl$SNDCTL_DSP_CHANNELS(0xffffffffffffffff, 0xc0045006, 0x0)
r1 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
read$dsp(r1, &(0x7f00000002c0)=""/4096, 0x1000)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) (fail_nth: 2)

5.705985552s ago: executing program 3 (id=2519):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000380)={0x4, 0x2, 0xeeee0000, 0x2000, &(0x7f0000f6c000/0x2000)=nil})
r3 = syz_kvm_add_vcpu$x86(r2, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

5.301323842s ago: executing program 0 (id=2521):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001800)=ANY=[@ANYBLOB="180000002500010324bd7002ffdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x4008}, 0x0)
recvmmsg(r0, &(0x7f0000003440)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, &(0x7f0000003280)=[{&(0x7f0000001ac0)=""/121, 0x79}, {&(0x7f0000001b80)=""/130, 0x82}, {&(0x7f0000001c40)=""/4096, 0x1000}, {&(0x7f00000015c0)=""/165, 0xa5}, {&(0x7f0000002d80)=""/208, 0xd0}, {&(0x7f0000002e80)=""/251, 0xfb}, {&(0x7f0000002f80)=""/245, 0xf5}, {&(0x7f0000003080)=""/222, 0xde}, {&(0x7f0000003180)=""/246, 0xf6}], 0x9}, 0x81}], 0x4, 0x40010132, 0x0)

5.223523335s ago: executing program 4 (id=2522):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x40, 0x0)
ioctl$KDENABIO(r0, 0x4b36)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$TIOCMBIS(r0, 0x5416, &(0x7f0000000040)=0x1) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_NESTED_STATE(r4, 0x4048aecb, &(0x7f0000000780)=@vmx={0x1, 0x0, 0x2080, {0x60000, 0xc000, {}, 0x1, 0x4}, {"58f5b8687cbb38869a12ec0d1f1520dde4d76157bcc31d3e1211a2ead25a09ddc6c2da8f08c5bd4da80ce7b8a9314fc0bb22c673104908d96b821bee502a02b4f28ae59ac3622eab22fce7b49b4e45ab6d6688b4bbbd9ab0edf4d05548281ed33f49235b62c6b5a578e53d4e313762fb7f28f430729f5a7cbed20045c5bfc7c141abf6611259c5f15218b05b5d2196c1b7c5f3a1a577f65218e7bfa10d157a5516ac5e4a9c4271b6c8d6ac9c5559f6a8810e2e84479e81e0a4b3b3d7e8aa66938aa223213d006b46af0efa159b19cfa1591a92af2c2bc1652459f894463b54fec1b4b3638fe2a8aa626a54f0d305a5ce13e5ec4bbf4453f14b7dcb2adcbb2cfd4ece757fbb6455a830a29598fc115e3b4dbb5e5fdec3d3def3e21bd26f480971620fd4f3383a1de6eca786a3ca2dacf84269259307e2460b55597b95b45c34c3ad08bb60450f139cdb9207791fa251360cb298b2206c56daac2de12cbb2588c15aef2fe084ff2d81a474078d50b7445785cb1ed49d0392effc7a264633b508c19dd2a488457c28e71c151cebda1f0ff93b818342cb7409c665229120dcc2f6de9bea515abbb894bbd36bda3837fb0b7723f0bc8cbb78e534023ea0e4ddc562d4af5dff6d9617376ddc86073821f849b7b772aaf10c53d5d587aafc0a893609b62d78f14c8387e35f784503a3dd9b0d31520f0307394e94fd594812e8df5f97ddc89ccb0c01c5093dd70e8d5f194db791869dbfe32644721760cad0bd87a59c5e8be1253ee0e5252db0f06b9de6af2f27caeb09fa1be85e5226db09ff15118786a43f071ce799b0388b35a9602ba49416d77ad7581ecad2f9b3cbd442650246aa2bc51b156e58f2f0ed993a0041dc036d99bc46eba3a13e3f93465ed9e859940b1a4e5b269a5b503bfbe433d0778275c3e4644569f18fc594691e036c16ddd30284211c46a5f91f2cc34cd72c6f216d6345239f0d17566982b0a4c1226055cf4ac0474b1e53711d5d19408cd11b40c0e2fca38e720df094f63fdccccdf7e8b98b63aed3bd4bd24527ed37055a2b20f7c07c201997c379dafb4638e710b957f124deb059a049ab045dd406e56742d50819ecf62013ab83a5adf08ae6750a7fe04233aabffde4918b22255ae06cd75746f6781e905269a24a4a87a985b2d83badf0dc7e4f99ddc393c1bd7acbdc05bbe09b6b918ac6603b8afcb5565f861c58a1e2e54dfa93bc7472029b4863d053c43d94658924fad84136e5d2296baa484a4e667c6eaf7e26c1882be619ea29079452d77440f36209e066a694767ae82cac4623cba0c58bc3e5ea302671b1230f6713e0b41dd43cb3fbd3cc5aa4799352f8e3c8537403240c45d70df6b73111daa5ad5516de1ce921e5601ad84086c08624015eb4a12cd3ee35d7b10b5bc8a7ec07e2f50de6f09e315498aa4a7f58e21c22fe90aacd7bd5505835ad6721711f0cc4ce14149a3d15182edf079b74eac22da5aab776ec64b72be2f08134f8c2076d533798b4dd9bcc50b96713cc226469a2e00e746f6a6a14da4c01c2908b4c624de66c00ffdf8589e772c0ed0ad063aa3c9c98a837379e8c8b6978610a43b579d3d4e92880a43020d72e8bd2cd6c06eb76f023c8768ac704dffe6fe7d63ec65259787218518669ca678414ae06ef18003b8f1af7167b5cdbfbb918f1db3dd7a68cc0c21e9ea3f8e45595df9dfbfbb3162555113ea5d0324294a6ecc16594a5ba6f55667d859960a7c64b846a5455911a6b6eb0c7b57105b64072205cff0c10fe43fce7e6c3f955fe2144c940e80fc8de84c0096716292d959850815bf721acc8038a8543b549da932bb9dae5522843d174db0f8f5c60b89186368cf94728450602ee88a75b045e71a7bfd8305e01c5baf027de9a46889be69f95e1554ad27c90899aa08a9588012e8db44848fb779c06ba3e0a4ab0597fcf34eccf95f4ef37a68044b6859f584b490f301769ebf0b9c0f8b3171cd240a214b26351b12dadd9dd42bde79be607dd31a72a49f6905bf000000000000018a2468efb46d229d1cc1dbb1b2a8688a141bc1686b5ce483bc4f4fe2da3a76c9836b458c7987be55fcb07db63ea77c8c9ca0b84cb8bbfead13fee05bdbbe2eb351886684e766b843f7f99aebe462407a9d30e97ab18b5d279f43daa891fb386898518e40c75f0b29a32d74698a0be84ea66e0916c1ddb0070b5fec1e753d8b7b96de7d803c7d19c83391d772231256e784ada76e7516539cee8cc2a044d3d4887d84da77e70e48c26a8b2c2d21ceb813627cc3b383f2cd4a3b499b2872c4b57105d5186c262af696c96a8ca88531fe5ee6f98fe14f36b09dfb1644c2bfb2c71040f762b00b24c61aef72713304bccfa6e0df2ce19761ed391177cbe50315606511bb77ea8edd982ddbe3e85fa07692d1d2a08b94fe950a28d7c08ba54c462bd262dcd268ee8c012feb497c8e856234c9cb80ee3e49a65e7eb4b41f7fe2c600190ceaa0af3b262fdb123986677d60d6955ff800a7cfd7c5b9d3fbb28c8b55c9f6484cfc8b09df3f2aa1f80fe6da8be577e6ddaaec3a971eb65b0572d58d7458fb72cfb867d2d8270a52a24542764d872176033325c6e1b272e9ea58c27e9e696732f8e4d974350714acc2bc912ea10379d85f99170bf59f355042d72cc3a3315aeccbf1dbd93364d816bb82438cbe29532a3890b61a8b4d7ad3e0b84d918af809e7ff6cf8a0d3b944fe5b452d5d25631cf75b6360431114d2769e84ff1cb91549554ac88af6ec1f05022a1165fdbc6df077fa96bc6f0e8511ee3787d8f45b8c3aded5ef489e4dd3fd934fc4c71d964ba086f3cfe3df8d4b1cbbead4be0042864eeb16b713495c713c0c98dfedf9a1367dec175d453ea42beee50b19fcfc66eae899c8e7b514e274e27bbfad6534e3dfee1209a567e7fe52fb79e1eaea21515568d33c6a1473e8fd0b66c8cbb17cf9f0f59c2b1c6123c1754af9330e10f09500d8a9dc982a9c7f25aa6c74c63d34bf1906a82c63a654c16c9658877b5e9c67199bcb66a0506615d2c3a9894a702802c9f7711829c03197b8dd232453811cbb52db5ff8628ca78f6dd20ef47097d1c10b89f121bde091d1c35a6e9bd38f6da2bba6cdd4cc87c6290e4c8db4364a5e9d42943aa32d63d59056ccd765a54e7c6ad01d0af2ba63246eb73e8f5edbcf13d8028489d4a68c97f9b3db18a5982a9f3d1dd97acff9671e17f84e75268592a3d88de2f36a06483953f1ec22d6c1f7c2cd5aca739f48bd89255de64a1f0b4cb30764f9bb50c642bae47293e3e91e4e34e670604c561b10f9c16aa3cad267b1bf8648ae778d130dd04cda479743ac87848faa8b81d73a50d0ba8467f26228f9a61ef15192fea5514394a76d7593fc0e9e686e45ea71df00796652daf784dd7a47d5aa39d581a764b7614db59bd0939d127d453034f8399fc374bd8fbee5a73d6b658dc179c95fa5859c58e21706192d6a9e522a2b049b86403ae8df500dc123d244cf8f59ff2fa943c804d78ff29c5d05d0d0cf42540647ac6646714814d0793f24a8719802fc9262915768123893da1a59056fa9ecf1ade80b5a06ec2d781ec9142c3a8290195eb1d692ff3a843b97bcb53e7b9f615a7e32c01060fab7e8a02f4a964f25ffca1783786dec241e1cae9c77ce728007015d468ac842112ef5da29099470a2d2950637a0d4b3f03c0e744a9f64424fae0aff153d9208fbb32281929e8c96e26cbfd419b86f994a7744a4a95384364572ecc76af90c9f5bd88f65f079529fa73fdab23cd38ac6c3e490343303871723c677339fc3c26187111b9cc0209e45d535c0e36c6b9f5a0ed49003a221a2b27082cff7c1e932bdb3739c71a4e5fcee9144a066fce09b5ef66f4023f88ea5f82b4bd6d89f268bbe60ca62c45fdfc851d76c1437df553379959b95fd348200086a0a9f9421d073566c82d0759b25e2f68157dd937fbb65c8a2cface5b184caea1f4f17df87c02320a370de8a24ff49792ebcc5201e998ce7c69006651b0f57a131d062fe763aa6fd4b0fed3076af0c48573683a9470a55d0e7b959850746e31f30ac49b32e2fff59ea85deb24cc87267ac45f634531719b4efcdbae55eed68f0362b1a48f9679eb9b855c3f7ac0e4d4f870bb597abdd9ce0787a16c45c70d9aee5b250d473a78745992b964fca8bb20ea436d447706a1b69b533a8901c6aac101d1f86a19df0c391bc37de3622a38335b125d4139c7956a841bf822ada133be760604519cd4fcb82d3c3e987f992b87b79c2a09e39dcec278f04677531a5100d4a010be7ac9ce4f25f3cc90162b24379c1b9a015207ac28a5c75b04b03fd501e0b2cee1dce689ab5c663e37f3a810414e93ef86b978ca7b3134fcdd45b05ce9bdd25047196550ac50ca7093599c370ffb43e62d58fcda2b935deda07998c0ea63548d47ba4a111420e6fd822a9338165af49fafb99c12f39ee161d8b778b4411c906c438f46378046cc87dea3ff53c8efff032adb15753c2d7d4f4507f7a70dd4698590c22742fae1f7e443fddf0e17c718ac88885585b778197afe0ef2ecdf1acaf35e9750273071ce7c53b3e99018e8cdce3a06a0d8a0e0900dc7789b6e9c8a89ded3f0c9908b270d12582943ca2d3173b2271fd58069f7764081c9b80b9dc41e10630520c4e6348aa9137a5dfeaf5331af468434bf6e3c6ef407b330564c3fc81b1620e6338860df8e7653100ebe152ab83db0e59b781250687ec0de0793f50c0178792234b188d76042db4235795f7f15ce3d6d9cea050a2943db799cbeafa43c284b5f3240f4c1654752d7c82800e02dc44371a69b401ab5599a7642d90b4c72982cbbce1d2aabc90428ac0f462de9e36d2d2715b3e94633d88f987a67e6f52eeb8e868549ec2b5157aff8bb2c803da31a0068845176769035b76b1002228bb3df6b874b2460d5059ecb961867a37a2d399009ec752c4d7cd1418a78947a9a715dd0808b74263cd088885d6f670c46e35990c9989812c87a571f36ddb9895781fa629749dafcb1db3c2a84d8f5e131638869a6d660396e13aad9241f00804c9bc825916ddb32b9525732eb64b15e9d0a55deb550b8a359013c1786ce84c5197b5412ad9ec9b450e9e817eb65be302015e51647e4aca1ce4fb45c2c420a1a6f3d90980bbdc2ded29a3f6fffb039da49a68f30f788d7074fc5168627d8a8dbcec20aaacc1c02017f52a901aab7906dfad22b11f637ff5127890fb58595cc187d30fdd37dd4657d5ad98c74c7a775aacc2287e868b118a7dacbcaef70e21f810d855e64117ca53773f8bac9f0826af7c23b6c7b7e9ae905c1aebc167fd735f710bdbc80c7893342b32c20d1955267937ec44d7346bcb9f17682d87f2f6a44d092d6a580d3c47a90f70c77362e4ea4d236e00950e74fc2f476b0ea2e1764f3bfd490fbd990d7482eb5c2c7946a3d07cd4e86a169fe324e6b4081caf2a087ee3b3d70fb1f6e4178c5b5b12b7fe2b300f878419b2a92169540f5d2b3a122892adf40831a06da2e18374be1c9125bdb963bc9b6c2c4577af930d3da4d70c54cf002f660c675637fe8b696c5192695e6eed2930c73f046452e536afd1287093ead9c6f0000000000000003696451ebfef54b2e4c6d6aeb5bca1227aa31171185571ae6f56ee61aa8a5d90c221ea2b799e300aed1c8cf0aacbdc0edcc93300bc98db7695a67284a9ba595cfc6d76826c6041eda7eeae4957b7379758cbbb84bfc395dc26a53d3f890a9e442ce31d03b5cea8173ad00", "243af0202dc4e34731713086154c919b0baf97f9157b80477e086dec0d2004c5060396ab8704510dfeb8a13fac5721f472588a3cc80928620793341e9601c4b7065441400dd0625c9c3c577972a332736d12471c31fc3779186a5c41c9edc1dd3a68874af6bbee315b5ce2d792dc543232acb3822a0c38d477aa8d0c4b3e7cc61b2342b8d3dd9ff419ab074ee81e208e0ffa7e3d5314feedc86ecdb254889432f1498e2667c69193f5186489bfe478283247ac0ae60db5b64a60a0c07626656ff1b0f59f22a9467b5f74b1c2b97c94eb0dae3c1297ce3ee89c37888a956b5e5f49edcd1fde7b5cfdf2df824ed75168b8fbf8ce5301018360c1a606804952bb85113784b00dbda2b35addf806d111e78aaa5baee9dbf7b465b228336bf390ca0b84117146b52bfb587c76182ba98ee78ef948b7c3cb5999a4749236668c209edead64cf0c14483993a6d8260bc317d48931974b4eb744ffb1016e723883c28b81356189f70660139c6cd73fec3ca27e9825691e4a128a262b3829aa6979fbdb86809eed354d1dadbfc3b2e8fe076aadbe3fe1d8f3e353c053f4122348e912b1362450ef51f0f4378717a5af50cd5b63c34b28946fef79216d2931e21b4c833cf321631b865757d301a64c560187ec89e558a847bbb8493e2c693207be36a9c2d91a601839251ed77c9538a6fad6e3b0061f219f368430675bf23e0dcebc42c2d1936ba06c09071208b8db8dfbee306d642aea44a6cfb0753b965a8ccacfa11c94476a497a7d0c027ef369928ed31bdb66b11ae0371d1d52c25c9b5196158d23630273be437e84a496ddd254a1b960192e8792a79d3ee583957e284bd3e1d11cf8c422b879129b8b302231f48884145e9730cd5a9e7387a892a4dac44d0d4168849cbc14a64e639724e3d96857c19bf04ede0adab63e7680b553f8d17f00cc22b4128021e6c446b05c904c8b96ec1b861e496b6c214d286e4ff273e6783e8e389e2bd2738b2bdeaa7dc90c0974f7a0b56ea0d5e64693902b4bac3459a13f04b2a5099a601a98573d58d87180efdd5637d2d4999e6c4e230b9feb62ebfb836a15a250ad4707fd15c45d7457c7ccb2356af4193f75877abebd5d68599c0321549f5f152089674f152bd5af481d4546638c2942837de049bbf59eb57bf328f9327b25537e39bfb37a1b44a1dee929e87e461f5cd0c6bf4401e5653ce3529df475e52a660b43b55be098dd73762f1de5c95cc654720c9370c7003e59559de7194f20e3a8a11310ca6fdf2508bc056ddbf5d062cc547fe0ffe8080cb71a40f57860799db2ae17effe7709268d7a039596d555544b5ecfd92ac3f7b1cb03840e59779dbb80d263738161c4db273260231bbc275e074a1d85155109e3a674768270d326350d8d0a34634150effd9433600cedc2f287e18d446e58aa326afcba6a028f8d5c22c3ea8e6085ab23459ab3b857e72d61cbe51d37801f82ee8e56721350ee288c5834c6cdde4ec064aabf5a23efab3af7075ddb41b08e429507b70653ef093da68a5abda2ff20388ad75c76ca0baa389b46f3b5bdf01ad50d83aeaca66baa50d98afc3dd0c7570a9d41c9df41ce61da1015aab21265d01c2f380040febe015da3319eec89a07345f3a8ece47103f4b5d1fd89d9312d1c313cc059531bfbff58d2d58a98fe64a37ee5de0bbbf955928e01305a4b55d4820d874fd94ee466b2ce1a7703d7e174b6f419e3c08b0923b70fcd89da70d6fa2af368b5eb7f6d648440c31a1cf06be9ad76ecbd0fcc381d60210540e74349aae3f7a3e7cf13332d2fa1d473a9c7528a1eb53a7ef692a68588aed7c78fe437b7cfd59d972b13f1468f8559343e7049152b9d4bfa97cb6ab3065dc9623e7a5a5d0a996c9903609a27a250439168787499eee61a0688a7e4aa26db123f29c70bc50ac023edc358f935214d88488dfab2d2b47849654a7b5fdbd69f69190083b88e85b473f6ddcd00956dc1ef309e12012891a5cb77554687624a2b9f27ae7f36459512fb6f9b15dda37f19094f36498cac4961d21aaa823b9a421eb4a29c4add004909bac931a9af6e3abdf40c730fa6366d6081fd7ef633aec379228c849648a875f44e6f81a8a458439bb86f9dea3a45d94ffc25bb595b6234e70d179afcef54f1b92d06fd04449897fed4b358d742c1b40a841eea64a9088383ec324282f21581cf803d0305ec1e23442ea92b0266997baafccff74f2fae6ded8da351c4859a1e0f43bf711a3b3dda3c6b566d73de9cadf99701cc646d87e994d8251face6cc43205016c0f2a9733883fed529b72891702e05bea07bafe06383186e66c47bd255a206a0d75ecc4e0463f79de0cd61064ee95e325000bdaccf65c94d0bdfc3906a26ad837da93590a0f1b6fae5517e567d20ea58e5662088dc1a5ffc05f339a78257e480c750eee6ea1ca8b0df6c12340ae64a84a8727711484ad29fbe867577529c98823e7db4350b67aac1790e37bbee699c3a53f2ab980e14984148cf185776150f5578d6545aba06bc98b0986193d2d79839c2f659d727982e2effadacc4cf3b5a5e6ccfcb5cd69dfbef0a23f7a80a9bb341c90c28a42df0cd081a01fc908de45fe84f64b4b4ee3108aa94bdae32110bcc538baa379b5edf7d529ab71dc29351e16615ff919c28be0781ed713704827e9f47a9667831210f4b8dba616ef7660ec531d192c23e66bcb757deafdaa76fa19d9e6b4211d2accdc636183a2b6ba0bb826293ea285ffd12f631c58078b176842c362a62545c6bb231dfc1f0168917a10dadb0df9b42d56563ecf6b8c6ed1fcbbc2efc272cc5855335a83397fb97e97edc2852a907e4d2387b70b2c0ae061c1e13eec9c5dfff61aa8f5940af53ccceead8384f31962bb21764cf8bd57b61b84830bad7b37197796fa958e38d98aa9d8da0c9e2716594941ca5a23ea5e419245139d8549f7d8ed5f9297f8652cc6d9c580b34e96d656b3fe5606af35546d6e089091a41abc7e99bfc49a2a68311a0ec3f12ca57d043cf993392d52adc78d1cd1870cccabf08151f14f04904df87b9d303bca24c96859b754fb9768f21fbeaa163debc800140302cf360081c634af9b6b3610fb8a680eb0e172333a9f6d7d96537bd4ec6007212f3d53816deab4cbcd2c79bec29d3d58cdf69885b97e98287b71c5fae2860bffec5edd3c9b1728a1b90266c948dc87530287df11676959e4a8048b02d290f55d74a9b8687507550182ccaa29198fe557ff117a574aabf05d1ecb842bd9e70ba7345111369c2c57dfdb89cc9f80ac6995bb3221f88c4f5c1a391e812483b5a83aedf66bc6429b41c37b6bdd3785609d589f580bba28dbd0ebbd639935f279506737fd827a8390bacbdecf0de81f1960582f05795f93b0817e4778478d4c1b1a76a67c8629283d6a1480d2776dc9c961cdeb21b04fb6dfc879154864485af743ab28c4258d3778cb288ce004b2d2135b52f61359ef4c6ca965c048306ecb9f042dfcb8b6abeeac7b96a2b469ed34e589c9ad0fb56258715afcf3b710e4553a205f79b2af742bd06e1e8967d4e3141ea9f26ba7d45b2798c19fabc2dc5d7d69e9b22fdefb30951a1013e0503aa4418516e52ea40cd4b07c927c79d5800ccf3ec5bc13222f76665c1481d73f965f39c39b38fd9a9fe0a2189b39dc975cbc61f368b1fafe9cb5320bf8caa216d1064f2433e55e75ad76e24d7ba3956caac9c3d3508363484d9fb51e08adca5af71e391bec0b88be4a7b27eb46d64051caab635622d7ff199af7886d3b2b472184e5b4626453b860c6aa03767f0c6994600cb7c1a24f1d8dc9a8b4d3a6924ea5fbb2df314df7a98ecad4b28be639211d71b8cd8e91e512cabd84578d76a839b174d5ebdfcbfdb125d60949b639986839b126992566dbcafc1445a040fce83d2f8145bdbd83d7b4754a08763b8f0824b743acf32821acb1a1b866115c485d0ae1e3c7d7e578aaa3920235d00287a6675c35270458a6462282257abf65485f98f394529a0c9783b2aba7e8f50e7490039d2a88d535c38797dad72b07daca543c43509588e9566b49ca0ff41e8be090df2d29b3973471b88f16de227e475f0e704f85c449b93b5f94ed9f984bb57b27694e86c0f534b3106ca9f4d6a77fcb22601cf14b57ccfbee0a11022746d4876439d846089b5c9d525a243709455549fa6836dbf56d451a31a72937e27485cf5405d7dbfe2c2fa885f52bf95e657d47b4f82ef590d22de6b0ea9c1a4134d90bce20713ec0e0f656627a474efe36a3caba7adf977aeffae351fd8b4bcb2568ca0230a177ec3cf168bcabe9f2818131640bf8396a25c04e8b17c01b80f4c2cac208a53b40af66ec1365535a4df0d25b992a5ad1396a0c9e224345d7e47dfc1a623c16a9d7e99cba6c0146622fc3b9531cfdf7e8703e978f282f3f6c25fec3c96a76271890de0f72ab764a350a950e3e9fc0f109d17b38be29a05c9beb8e9f00b3c8e3f04c54f30f754e71c45405e4503742570fadb094907db0bafc8aa6ff32a9a7b9bcd9534ec08ee6dca6c644233faf398b1ade953cdf41fbc8079b1956c0f8ef5712f0afc8bdd87d79e4c8fd008d3399befcf6050a083b21443f972149bc439816c2da68e70505d5ca759392be600442efa556e333555a0ed340f15274b5b0245eeadc4f3c823a00efb723f0aecc0b08b83c54471d8af9024b76beb50d676a851979e237b452239de27d9fd8824972fbba1a113c8f22d9c48b396387a71bf3f1540c07c28f7369fd4f6a2d94cee8f2af6b97ef85a720921086807a960f386b41b54b856366b93be9d0e7c2475b0c1675580ad078b3782d4f185c6ada9795e5072d2620d5c3def44c3282169af3e7604cbc7852e6519a9337fa29ad590468e04aef819882f65828059b82279271c986e5eb1a52624c953bc8a0dc9ae4c013d07e66b4ce75d9be87d102962a1960a5cf692eecd74a68f41d7d5b098d04a28ba4ace845bdfb49bd2897cb39163ea104eea3b5080e2235e2e31ff6dc9cda7745d43e1b35bdf23fc0a7b4331a4a36a7cea0286b2ad0399456c3d12a17a998866e1000e0842a8076b600ee2e34c52432552c52b41f0ac465ab030e29fccec4a18e07937cf8daf232d595441bda37aa3b71d66ec0fb86e7bd72c557788b25430d88fb3350d3742c870fdd4dfa7901fbc76344537b2f6145b1e1d0fbf561ec85022d04bba0a8ba4754c6ed80a9564d4d2620b03fd856803d63e6224a24170002b5661386f69451efa0cdabd99a19ed66ac2156d8236fb020021e875771b170eb5bec3fadfe8be851e4e80b75fdab71a9136fd4c188382ff723f36ed46cfe24c91a147ea3697b31da59de429f31bf1f6154e9ce0bbc8606529bb77dd38455e005715abc98508e5b5cf2b4c9cfb6bd10c01a267f6f58f9daeac171cc6fbbce33a0f7a0be073b6bda98f76cc43dc5e314aa15b9f7defdd6992488a1e7552dc5661ee075fd33159e87f1c97b70dd83bd9f8d34b5d0f748d3ec0e479ce478850d2cbc6feba63549ad4ac379f773a51e9c7bd40f0891a36fa52a91a7700228b4b93e1f6331f85dcd5d671597d57fb369853a6ede7528ced5b1d5396a2e9b68ba1cdde4691a22144bd0291fa0ddd361a441bbcefbb8058f1ee629f90042de226a04affcaf07631c13b8d316d93df8683f43f8dbe7726187a8def49bda022723c26886193ef866f1f7b91de3d6284f9156839928a08a612b2bcc619364ed063cb8ef0813ca3524bd8d4508fcaab3cd0955abe861def83097a2b2f0a7e22e7d7a9c51a1e"}}) (async)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x6, &(0x7f0000000080)=0x4, 0x4)
getsockopt$inet6_tcp_int(r5, 0x6, 0x6, 0x0, &(0x7f0000000040)) (async)
setsockopt$inet6_int(r1, 0x29, 0xd0, 0x0, 0x0)

5.22321198s ago: executing program 3 (id=2523):
r0 = syz_usb_connect(0x2, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000016038308c5109a8146e40102230109022d0001000000000904000003030000000905be3b"], 0x0)
r1 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="120100007516b7108c0d0e008f8e0018030109021b0001000000000904080001030000000905", @ANYBLOB="8fcf"], 0x0)
syz_usb_control_io$cdc_ncm(r1, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep2(r1, 0x83, 0x10, &(0x7f0000000380)=@ready={0x0, 0x0, 0x8, "3318a520", {0x1, 0x9, 0x4, 0xd, 0x10}})
syz_usb_control_io$rtl8150(r0, 0x0, &(0x7f0000000a00)={0x2c, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_connect$hid(0x3, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0xffffffff, 0xffffffff, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x4, 0x20, 0xc, "", [{{0x9, 0x4, 0x0, 0x7, 0x2, 0x3, 0x1, 0x0, 0x7, {0x9, 0x21, 0x1, 0x4, 0x1, {0x22, 0x75}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x46, 0x5, 0x7}}, [{{0x9, 0x5, 0x2, 0x3, 0x3ff, 0x3, 0x4, 0x4}}]}}}]}}]}}, &(0x7f0000000300)={0xa, &(0x7f0000000080)={0xa, 0x6, 0x201, 0x0, 0x0, 0x4, 0x40, 0x8}, 0x24, &(0x7f00000000c0)={0x5, 0xf, 0x24, 0x2, [@ss_container_id={0x14, 0x10, 0x4, 0x6, "7adbb002d7c1874b3ce920aad7cdc650"}, @wireless={0xb, 0x10, 0x1, 0xc, 0xc6, 0xf, 0x2, 0x1, 0x9}]}, 0x7, [{0x4, &(0x7f0000000100)=@lang_id={0x4, 0x3, 0x427}}, {0x18, &(0x7f00000003c0)=ANY=[@ANYBLOB="1803bcdc4c2a00fbf6c882c7bde6e8be1b82bb355f0000008f33f2fc5706c00cccc23a54e72d47323d4f98b37efa063442d3e6b954d912cb16128d64272fc37832f5cd3421bb11a8a9657769ba9951715b86d4dd3a49b1963b69d5ad1d4ed287e34d61c3cedd0503fa88a172b8e1a0319bfe37249883e9d0cc2e9a3adc0e298355eb5b789885f4332a7a5137120e1a211503f2796bc8acf852112194fc38b82d8b7b22f0dc156dab8e03e361595f6600"/185]}, {0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x2c0a}}, {0x6d, &(0x7f00000001c0)=@string={0x6d, 0x3, "b54d1d71711c40fe18d5fd668b818f54f84c11eb0ebceee07dde500b0b215612380053cc201c962a359c3015e075d3e0a3aab7900f6ab384689b34e0396a28f5f17832f34b85c6e9b9cc344e7d8fcf4c63f09af1916c08d2e4c51c7155ce8afcf78e4589fcc75b88a5f2eb"}}, {0x4, &(0x7f0000000240)=@lang_id={0x4, 0x3, 0x409}}, {0x3b, &(0x7f0000000280)=@string={0x3b, 0x3, "836bfcd091b73fb08a7e97741be765f723d09a05319f1509e5cbc3c60e8ba6b2fe33cb02ed8dfc782bd829b139786f38b3fc0f0cebb7a54ef5"}}, {0x4, &(0x7f00000002c0)=@lang_id={0x4, 0x3, 0x446}}]})
syz_usb_control_io$uac2(r0, 0x0, &(0x7f0000000800)={0x44, &(0x7f0000000540)={0x0, 0x15}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ADD(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01002abd7000fddbdf2515000000140001800d0001007564703a8a2eac523a"], 0x28}, 0x1, 0x0, 0x0, 0x20000000}, 0x4040)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, &(0x7f00000004c0)="c74424000f000000c74424026a9e0000c7442406000000000f018414c1c1490fc7610dc442499e2bb9800000c00f3235004000000f30c7442402176c0000c7442406000000000fee1424240f682b430f785508b805000000b90e15900b0f01c1c4e2791828c7442400654d0000c7442402f9ca00000f011424", 0x79}], 0x1, 0x1c, &(0x7f0000000000)=[@cr4={0x1, 0x9e2}], 0x1)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)

5.166111478s ago: executing program 0 (id=2524):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (fail_nth: 4)
r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000007, 0x38011, r2, 0x0)

5.111588236s ago: executing program 4 (id=2525):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f", 0x70}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f4772e36c6c2fd4f69b65cc435f93c1a490cb75162251e15942b29", 0xce}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d", 0x54}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e95bc46471fae9167768d58f22ff10ba3cc2050b1ee838ce9e4ac5a1544fec3e291272cfaaa4817539972fb8bb2ede33131", 0x93}, {&(0x7f00000000c0)}], 0x5}}], 0x1, 0x20000044)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$WPAN_SECURITY_LEVEL(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000100)=0xfffffffe, 0x4)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b000000", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

5.018175162s ago: executing program 2 (id=2526):
r0 = syz_usb_connect$hid(0x2, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x926, 0x3333, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x0, 0x0, 0x40, 0x0, "", [{{0x9, 0x4, 0x0, 0x0, 0x9, 0x3, 0x0, 0x4, 0x0, {0x9, 0x21, 0x20, 0x0, 0x1, {0x22, 0x28}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x3, 0x8, 0xc5}}, [{{0x9, 0x5, 0x2, 0x3, 0x200, 0x7, 0x9, 0xff}}]}}}]}}]}}, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000340)={0x0, 0x1}, 0x8)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x371, {0x9}}}, &(0x7f0000000080)={0xffffffffffffffeb, 0x0, 0x0, 0x0, 0x0, 0x0})

4.842152169s ago: executing program 4 (id=2527):
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000005c0)='/sys/kernel/debug/binder/state\x00', 0x6, 0x0)
futex(0x0, 0xc, 0x1, 0x0, 0x0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r1, 0x28, 0x8, &(0x7f0000000100)=0xffffffff00040000, 0x112)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001", @ANYRES16=r0, @ANYRESOCT], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000680)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a54000000060a010400000000000000000a0000010900010073797a310000000028000480140001800a000100726564697200000004000280100001800a00010000000900020073797a3200000000140000001100010000000000000000000100000a000000000000"], 0x7c}, 0x1, 0x0, 0x0, 0x24048014}, 0x20040040)
r3 = syz_open_dev$dvb_dvr(&(0x7f0000000000), 0x6, 0x82000)
r4 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$inet_buf(r4, 0x0, 0x20, 0x0, 0x0)
ioctl$DVB_DVR_DMX_SET_BUFFER_SIZE(r3, 0x6f2d, 0x1d6000)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000000)={0x2, 0x0, @loopback}, 0x10)
getsockname(r5, 0x0, &(0x7f0000000340))
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f00000001c0)={'wpan3\x00', <r6=>0x0})
r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r9, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r10=>0x0})
sendmsg$NL802154_CMD_GET_WPAN_PHY(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000300)={0x1c, r7, 0xb15, 0x70bd2a, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x1c}, 0x1, 0x0, 0x0, 0x2600c8c0}, 0x4)
sendmsg$NL802154_CMD_NEW_SEC_KEY(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000002c0)={&(0x7f0000000200)={0x9c, 0x0, 0x200, 0x70bd25, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x78, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "218adb5a460d7c1683f25d8d175d089705198f1c2fa9221cae652aee7e48d910"}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x1}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "48c2c02895a1ae8f071fb0137da27727"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "0deaac5cb4b8d8a66961a158e4470c9485ed1d5bb141193d9378f52880d2b848"}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r6}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r10}]}, 0x9c}, 0x1, 0x0, 0x0, 0x4000}, 0xc000)

4.769385296s ago: executing program 4 (id=2528):
r0 = openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000300), r1)
syz_usb_connect(0x0, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x200, 0x1d, 0xa2, 0x77, 0x40, 0x112a, 0x1, 0xcc2f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x1, 0x15, 0x50, 0xf5, "", [{{0x9, 0x4, 0x24, 0x81, 0x0, 0x92, 0x84, 0x73, 0x9f}}]}}]}}, 0x0)
ioctl$IOCTL_GET_NCIDEV_IDX(r0, 0x0, &(0x7f00000000c0)=<r3=>0x0)
sendmsg$NFC_CMD_DEV_UP(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000d80)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r2, @ANYBLOB="010426bd7000f8dbdf250200000008000100", @ANYRES32=r3], 0x1c}}, 0x4008054)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)}], 0x1}, 0x0)
write$nci(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="5001"], 0x14)

3.266176767s ago: executing program 2 (id=2530):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001800)=ANY=[@ANYBLOB="180000002500010324bd7002"], 0x18}, 0x1, 0x0, 0x0, 0x4008}, 0x0)
recvmmsg(r0, &(0x7f0000003440)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/250, 0xfa}, {&(0x7f0000001a80)=""/43, 0x2b}], 0x3}, 0x5}, {{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, &(0x7f0000003280)=[{&(0x7f0000001ac0)=""/121, 0x79}, {&(0x7f0000001b80)=""/130, 0x82}, {&(0x7f0000001c40)=""/4096, 0x1000}, {&(0x7f0000002d80)=""/208, 0xd0}, {&(0x7f0000002e80)=""/251, 0xfb}, {&(0x7f0000002f80)=""/245, 0xf5}, {&(0x7f0000003080)=""/222, 0xde}, {&(0x7f0000003180)=""/246, 0xf6}], 0x8}, 0x81}], 0x4, 0x40010132, 0x0)

3.119283876s ago: executing program 2 (id=2531):
r0 = creat(&(0x7f0000000200)='./file0\x00', 0x2c)
mount$afs(&(0x7f00000000c0)=@cell={0x23, '', 'syz1', '.backup'}, &(0x7f0000000140)='./file0\x00', &(0x7f00000001c0), 0x800, 0x0)
syz_usb_connect(0x1, 0x2d, &(0x7f0000000240)=ANY=[@ANYRES64=r0], 0x0)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
sendmmsg$inet(r1, &(0x7f0000000480)=[{{0x0, 0x0, 0x0}}], 0x1, 0x24040890)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'sha384\x00'}, 0x58)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000002ac0)={'syztnl0\x00', &(0x7f0000002a40)={'syztnl1\x00', 0x0, 0x4, 0x2, 0x8, 0x9, 0x8, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @private2={0xfc, 0x2, '\x00', 0xfd}, 0x80, 0x10, 0xe, 0x5}})
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
bind$inet(r3, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r3, &(0x7f0000001740)=[{{0x0, 0xfd67, &(0x7f0000001400), 0x1}}], 0x4000210, 0x10002, 0x0)
pselect6(0x40, &(0x7f0000000000)={0x4, 0x2, 0x5e8a, 0x81, 0x9, 0x4, 0x1, 0x3ff}, 0x0, 0x0, 0x0, 0x0)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003600)=[{{0x0, 0x0, &(0x7f0000003380)=[{&(0x7f00000000c0)="ecf0", 0x2}], 0x1, 0x0, 0x0, 0x20000040}}], 0x1, 0x24004c00)
ioctl$FS_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000000)=0x8)

1.60317617s ago: executing program 4 (id=2532):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001800)=ANY=[@ANYBLOB="180000002500010324bd7002ffdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x4008}, 0x0)
recvmmsg(r0, &(0x7f0000003440)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}, 0x5}, {{0x0, 0x0, 0x0}, 0x8}, {{0x0, 0x0, &(0x7f0000003280)=[{&(0x7f0000001ac0)=""/121, 0x79}, {&(0x7f0000001b80)=""/130, 0x82}, {&(0x7f0000001c40)=""/4096, 0x1000}, {&(0x7f00000015c0)=""/165, 0xa5}, {&(0x7f0000002d80)=""/208, 0xd0}, {&(0x7f0000002e80)=""/251, 0xfb}, {&(0x7f0000002f80)=""/245, 0xf5}, {&(0x7f0000003080)=""/222, 0xde}, {&(0x7f0000003180)=""/246, 0xf6}], 0x9}, 0x81}], 0x4, 0x40010132, 0x0)

1.528795937s ago: executing program 3 (id=2533):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000380)={0x4, 0x2, 0xeeee0000, 0x2000, &(0x7f0000f6c000/0x2000)=nil})
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000080)={0x0, 0x0})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.244411694s ago: executing program 4 (id=2534):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000900)=ANY=[@ANYBLOB="30000000108101002cbd7000fddbdf250500000008009200", @ANYRESDEC=0x0, @ANYBLOB="08006180aa800000", @ANYBLOB="ff2b28ac8141d7b0c7795fedd331bcded9817a01ec60f27b1c1384225a2bb09d603c5da45d28e4bd8e630a1edc1a9a507729af6f2b26ae7550053efecb4f72ddd0ca4d23825a595b2d4f0c4c715bbbebc029bda14bf97987", @ANYRES32, @ANYBLOB="da98bd577e218ef1147832644b6fae600731f4d0e60f5b5556d155f23014efa56a113ca810da13a7be2d07b5c62b571c1ff73aab2ca0b710fb387ff05412bfcea611b95350e1813f0c5907b2e53b45a2ed927857bf2c370cf6bd420ceb56d4d2bf54", @ANYBLOB="27f31f6bd5a6088c954e846eb603811019b31fdfe3e62e7834bf6ec16a6ceb53fc079a068988bd820faab808e23e12b85e0a54561505a0ded7013190fdf39d1f36a2122ad130b3e45fecef2d830ab6d1643ca514efcd21e75aa2113b94da63f984eba3a0a5d48eb00bce8aa717cd13cb5008da1175e12e8ca535fd583f0b2c4429c1e48f3402771d562710f1f9c0b2c3f40866bad4205c23653e26e1ae4a7784c84d8b379180bda67f5b7b8ccf8a1b38786e879ce8b342493f9d18a0caec0b96310158e10046ecdcfcbcba0936d4d71a558b2acc2405dc3b3b6aa9ac58"], 0x30}, 0x1, 0x0, 0x0, 0x4000}, 0x40801)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x10)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000080)={'batadv0\x00', <r3=>0x0})
sendto$packet(r2, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x11, 0x0, r3, 0x1, 0x1, 0x6, @link_local}, 0x14)
r4 = syz_open_dev$evdev(&(0x7f00000000c0), 0x2, 0xa40b81)
ioctl$EVIOCSFF(r4, 0x40304580, &(0x7f00000003c0)={0x55, 0x8000, 0xfffd, {0x0, 0x1}, {0x4f, 0x2}, @cond=[{0x1ff, 0x5388, 0x6f5, 0x800, 0xc7, 0x2}, {0xffff, 0x5, 0x1, 0x46, 0x6, 0xfd}]})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = syz_open_dev$video(&(0x7f00000000c0), 0x0, 0x82341)
mkdirat(r1, &(0x7f0000000100)='./file0\x00', 0x0)
chroot(&(0x7f0000000200)='./file0\x00')
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000100)=0xdf9f, 0x12)
fsconfig$FSCONFIG_CMD_RECONFIGURE(0xffffffffffffffff, 0x7, 0x0, 0x0, 0x0)
capset(0x0, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x9c})
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
ioctl$VIDIOC_G_CROP(r6, 0xc014563b, &(0x7f0000000cc0)={0xa, {0x800, 0x7b, 0x1000}})
sendmsg$NFT_BATCH(r1, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$EXT4_IOC_GROUP_ADD(r5, 0x40286608, &(0x7f00000002c0)={0x6, 0x8, 0xfd5, 0x7fffffffffffffff, 0x4, 0x7ff})
sendmsg$NFNL_MSG_ACCT_GET_CTRZERO(r7, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB="1400000002070108ef0000000000000003000007"], 0x14}, 0x1, 0x0, 0x0, 0x40000040}, 0x24004004)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(0xffffffffffffffff, 0xc018937d, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r8=>r5, {0x6}}, './file0\x00'})
syz_usb_connect(0x0, 0x24, &(0x7f0000000540)=ANY=[@ANYBLOB="120101020af9570894060100166701020301090212000106ef400a0904"], &(0x7f0000001dc0)={0x0, 0x0, 0x0, 0x0})
ioctl$TUNSETOWNER(r8, 0x400454cc, 0x0)
write$char_usb(r4, &(0x7f0000000040)="e2", 0x2250)
ioctl$DVB_DEMUX_DMX_START(0xffffffffffffffff, 0x6f29)

441.634696ms ago: executing program 3 (id=2535):
sendmmsg$sock(0xffffffffffffffff, &(0x7f0000003b40)=[{{0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000380)="82f294054d05973abfac6a6f31050418457d017c5fd68b034cf51b9f6a6d71daa5c776bca90037bc7c3d88b151fbf856f69ebd05e750f13f02af646b284953b6640a08c827c6f2ff4ad8e84077f9f03f94792aa17c4743cba3f355bb9c5b04b91ed70d253db68e17cdd561fab504479f", 0x70}, {&(0x7f0000000480)="4ce09043b6aa2ae5946f67306c7f73ed469dfcfc5e1f4d8123a4a8a7b9be82f67f89605cd9bbf7254c156b00437f753a248daf68c5ebdc4a6346d336a6502e98eae72777956d1ebeeb855fae46b3ccb9fb3d593651b95ee00afe0816b3c6e7f3cb3b18fb5198643daa6b9cafde584957dd72ba27cef6604f5df59f0bee60bca63d75a9d812eb699c2d665b7179b22027cf748ac63bcc212703d44cb083e962eee9b5d212523c162b42377ebd0bc624bf9425f6f4772e36c6c2fd4f69b65cc435f93c1a490cb75162251e15942b29", 0xce}, {&(0x7f0000000780)="8ff2f15bd0017ce4b36b6bc4335634254cffcc40c0312f5ff35991272b79d76712dc0c3cfdc0d70ce8004884e6917bed9ffee1584df7f06c7bccac71daf78bf3c68b8d5e56357654784bdbc700bceb1049c6a47d", 0x54}, {&(0x7f0000000800)="5193f0b40db29d9ce06f429ed3c2c6405967f1e559f08c35f5e63ad64c2746967cca1bbeaf6206a79c42badb4fb453f294c2932cb5552a5f9c1d633207a53c2f54d98c2f9e4323eac6c20c56e7607d212b210a0325f7c289d1a2552d7a3f2176a47e95bc46471fae9167768d58f22ff10ba3cc2050b1ee838ce9e4ac5a1544fec3e291272cfaaa4817539972fb8bb2ede33131", 0x93}, {&(0x7f00000000c0)}], 0x5}}], 0x1, 0x20000044)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vlan1\x00'})
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$WPAN_SECURITY_LEVEL(0xffffffffffffffff, 0x0, 0x2, &(0x7f0000000100)=0xfffffffe, 0x4)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3", 0x5)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0xff31}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b0000000800", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

143.750905ms ago: executing program 3 (id=2536):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
ioctl$KVM_CAP_SPLIT_IRQCHIP(r1, 0x4068aea3, &(0x7f0000000140)={0x79, 0x0, 0xe2c})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000007c0)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

0s ago: executing program 2 (id=2537):
ioctl$SNDCTL_TMR_CONTINUE(0xffffffffffffffff, 0x5404)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x400040, 0x0)
ioctl$SNDCTL_TMR_STOP(r0, 0x5403)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x28800)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r1, 0x40505331, &(0x7f0000000080)={{0x8, 0x6}, {0x7}, 0x6, 0x6})
r2 = syz_open_dev$media(&(0x7f0000000100), 0x80, 0x4740c0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r2, 0x80047c05, &(0x7f0000000140)=<r3=>0xffffffffffffffff)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_RECVRCVINFO(r4, 0x84, 0x20, &(0x7f0000000180)=0x80000000, 0x4)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r5, 0x0, 0xca, &(0x7f00000001c0)={0x0, 0x8, 0x28, 0x8, @vifc_lcl_addr=@private=0xa010102, @dev={0xac, 0x14, 0x14, 0x13}}, 0x10)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(r4, 0x8982, &(0x7f0000000200)={0x0, 'veth0_to_bond\x00'})
r6 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r6, 0x6611)
r7 = signalfd4(r0, &(0x7f0000000280)={[0xe53f]}, 0x8, 0x80000)
write$sequencer(r0, &(0x7f00000002c0)=[@n={0x1, 0x8, @SEQ_NOTEON=@note=0x17, 0xf}, @v={0x93, 0x7, 0x80, 0x5, @generic=0x50, 0xf9, 0xc}, @l={0x92, 0x2, 0xe0, 0x1, 0x6, 0x2}, @l={0x92, 0x1, 0xb0, 0xe, 0x1, 0x60, 0x1}], 0x1c)
ioctl$BTRFS_IOC_SCRUB(r1, 0xc400941b, &(0x7f0000000300)={<r8=>0x0, 0x7, 0xf178, 0x1})
ioctl$BTRFS_IOC_DEV_INFO(r3, 0xd000941e, &(0x7f0000000700)={r8, "24792620da17f01bb60fa40895039510"})
ioctl$RTC_SET_TIME(r7, 0x4024700a, &(0x7f0000001700)={0x21, 0xd, 0x10, 0x8, 0xa, 0x7, 0x4, 0x13c, 0xffffffffffffffff})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r7, 0xc00c642d, &(0x7f0000001740)={0x0, 0x0, <r9=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GET_LEASE(r7, 0xc01064c8, &(0x7f00000017c0)={0x6, 0x0, &(0x7f0000001780)=[0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0]})
ioctl$DRM_IOCTL_MODE_SETGAMMA(r9, 0xc02064a5, &(0x7f00000018c0)={r10, 0x3, &(0x7f0000001800)=[0x4, 0x3, 0xdaf4], &(0x7f0000001840)=[0x9, 0xb, 0x2, 0xffc0, 0x4, 0x2, 0x55, 0x0], &(0x7f0000001880)=[0x4, 0x2, 0xffff, 0xc5ef, 0x1, 0x1b56]})
r11 = accept(r7, &(0x7f0000001900)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r12=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @private0}}}, &(0x7f0000001980)=0x80)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(r12, 0x84, 0x77, &(0x7f00000021c0)={<r13=>0x0, 0x20e, 0x6, [0x4, 0x424c, 0x3, 0x390a, 0x6, 0x0]}, &(0x7f0000002200)=0x14)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r12, 0x84, 0x6c, &(0x7f0000002f00)={<r14=>0x0, 0x30, "5c013427e8a8bd9e7c36a9749b6ed585d1a1bac21f25914b645f6a6fbcd64d4ba1ffaae343d74931d5649b7335e0a280"}, &(0x7f0000002f40)=0x38)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r11, 0x84, 0x70, &(0x7f0000002f80)={<r15=>0x0, @in6={{0xa, 0x4e23, 0x800, @mcast2, 0x5}}, [0x4, 0xfffffffffffffff8, 0x1000, 0x4, 0x0, 0x5000, 0x7, 0x400, 0x100000001, 0x6, 0x7fffffffffffffff, 0x800, 0x15077f90, 0x3]}, &(0x7f0000003080)=0x100)
sendmmsg$inet_sctp(r7, &(0x7f0000004780)=[{&(0x7f00000019c0)=@in={0x2, 0x4e22, @multicast2}, 0x10, &(0x7f0000001fc0)=[{&(0x7f0000001a00)="c0ae175616d0de21f91ae8182dff5cf3b9174d2645cace093a52344ed7215112657432f80c969cdeb478bdbb9da7806f695a1ffea4b84baeb08a7ed95f42788f608f42ccb7812d563b883b8cf91a35cf780e2b0e6108a7f72b7a9461d63f0e573a3a83a5acca82935b1f8d30e22ddd2177ef35420168bec30875104e28f68823b4ad89ae91980d00fa9f", 0x8a}, {&(0x7f0000001ac0)="f5f0878ac72c995ddbdec58bd40fdf3de630b13bd0de1b5074f6bb8d47a43180cfa31380655f9d67f48706a558e2d8e72fe55ca3729be37ced9e23208c97db62109c79f06551b0869502107ad84cef7dfadac355b3867137faa3e69db3a3921aa342af1dc2a219843269db4f33c71896b4f4aa401618f8dde401100b99d8fdc36f6fa2033707c3001a28c23ad472cca10cdf0cb522d1063f9dde25647b473d91d85e3577eaf3091c85bdbcb8cc69d8", 0xaf}, {&(0x7f0000001b80)="88056cf0305f9022dd4f460a85ca86822ca530f4be0ddf10a9fad38e10f1c2335091c7354d8d596ee63bce9150355e203c9834e35767ff919c46306bbdc931932fdaf9205a563a777d8042", 0x4b}, {&(0x7f0000001c00)="6a5f6be9ebc8e146179cc9064008b3452e2fd12434df966c899d1b1872a0cfe0713f513fafdfaeefac87107e7d9b3f1ea5c28a20bdbc02a62f759d45718fe4b87d7eb9fbb63101439d7c08396babd2ab7dbc1a7a6ba90dffb1dd6be84c151f8005b9f88f02c10b2bfb77148e26e5454bbb126ac55664352240487edad07a2c5dab29bf11c7dfa2a73c36c92eccb05836a2c90ceb4add57315ce4c83e0751bfe44122dfc6150ce40b89cea9f2cac14615fd769f47b603dc94a44ced9e29f8bec85a9c5ac4f103a7ad0369005e4be278801d", 0xd1}, {&(0x7f0000001d00)="bd860b8eec010ac3e3ecbc0f4db6ed67dfee7a175c62a838701c6871877086b1ca2cf0ed03dd451403eb086449a1fc8af9f7c412a2e82708fe1c12ed4af9bffb2bb77f63736ed75241cc01cd7bfea8e05042419f1380c996add4770eefc8798bc2548b79713fe3300bad7d6dfbc73a795600bd6b64f27e1255bfb7da41a033678464c299509e76a89cb35bc79b0546e1a60507e8de776940f82c5305b1b6f4c86d1d118021b6045c32576514efcf92cf25f3cc2aa946eed6bca9615c4208cd32adab5b90465f5756c6a71268d31cba723cfa63ed336d5ea18bf6", 0xda}, {&(0x7f0000001e00)="0478924d8643deae6f6c5c965ddbea57ac9461e9cf880ffd7f9c2165418e72bc05dd70dceae08baf1375993648a5e8f0c0137ae1808726b7ae3bde36af8dc9ef5a6b0f39e62e18f682c72480adae41cfbce770a5d44976aac095127ddb5cb5afd2a6697a2956553580386e1384e69870769feff0e9c45e741c69abe051bdc301cb9070159ed09a0df9bc9827fd09d52f2b61ae6f1abb8b0a0e86139cc977af002aa2339ab157f8e2e272c0c500912239ac8a1f2f66abda351aa4b6b14ff9", 0xbe}, {&(0x7f0000001ec0)="2a7ac13d719086f990dce0c70dc54402f5a3a81b0cbe07323581f772750bd779f0508c289afba0478b5f66a062dedbfc038363aeeff80c4e99c30198539025ed96251b49fa14cb9f55abb7aa77d473b7937b5459b13f55c3fe9242dba997fcc272eac61ff2c8577c596c9c929e", 0x6d}, {&(0x7f0000001f40)="17a4507f911dc1794242498f7f48b1fcab5e5739b2e30a7fec4330f694cfeccf21811b1df2b7e6a07592e5c6c3abb86e039d748169edc2985ebe0a3ca4b6520a96976c21d759bf35de83508c0404a9b3505c76fb78b1607ee04c979d610a7aee33705e90b62dfdb5312cb5906e9045b5dd2bda5f07bf68502389fea4", 0x7c}], 0x8, 0x0, 0x0, 0x24008890}, {&(0x7f0000002040)=@in={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000002180)=[{&(0x7f0000002080)="dc84", 0x2}, {&(0x7f00000020c0)="3db058d5fc8ebe8eb8f833947efeea63412f75df71d311f347514a93ffed1e59e11e1d7aa37f0f6387e82647409783f736765d60ef966bcf3d2b2232d88c35df4dd80aaf298a6880019866d9d3f65a1f31eaa7f098668f9297de924a9c0e45531616fdefe14169aec450ab0fd77d19cf09e95bf852646b6fe759ba27e5506920773affb053d364616e085ffca02753", 0x8f}], 0x2, &(0x7f0000002240)=[@init={0x18, 0x84, 0x0, {0x905, 0x7f, 0x16, 0xa}}, @sndinfo={0x20, 0x84, 0x2, {0x1, 0x8008, 0x8, 0xff, r13}}], 0x38, 0x80}, {&(0x7f0000002280)=@in={0x2, 0x4e22, @local}, 0x10, &(0x7f0000002640)=[{&(0x7f00000022c0)="e2b03fb44f092e93ee94007d5a3b39a88670e6585cc0e5917a9cb3b9d21c11", 0x1f}, {&(0x7f0000002300)="d0f42b7f0c281ca524e0062bdc16a35fb3c71257e01ec0798deae39aa5b9b678dccade44ed12723fa31c2617dcd1a13dec1d40fa918a3053cff284a614d822b1d3240a67dfb6c7ba9e526325e63ee69958adddcb37960d5fc5e9e3c7cb56579fd24addd3d4cbf2136a6f01b07717a44b3e26f1701b846c8fe12caf4bdf8d0e90f4532086661a8a48448f4c2557c0789d0f8aad51ca9a046911984bdebc6cdd0911ace72a8fd3509edb732e589cc98bfac81a12a2175f93174c6dbd1cfe4fea994af10d73876ef3d0ba9a9faffa9d48a94b72ba051b485cda7427efaf0dfca4376776dc5111", 0xe5}, {&(0x7f0000002400)="a12381cdd0bbf7d08b5badf7bf0542b9b2498ac721bc5ba3e46ef8a93ca2935621c5096259c218eae15eb3b938055cb12422cb696c0b8c83d186d8059e316953787a093d7bc3d7311b5bda42ccd638ba7f3a9f1d4d532e022c82880f37bcad632b5b2764f3ede2d2da5d8c8a68781ca08d95ad8356d0e6d631bf3c6f62162858fcd32e37dde254468014b38c97247602ebe888d0b961739d9ea3916157753f93753195d0c3198cbfe4c8b782f46e7a87e96be34930478129b868d7", 0xbb}, {&(0x7f00000024c0)="9795d07ef705a2bd058b6acddb629e1120fe2549a8fd6e68bf00ef8dd83fd5f55db447ab0a1a34fb7551eaafd60ce1defa9c7d6a607961d5", 0x38}, {&(0x7f0000002500)="999fe0871b6c328cf32551507256fe15fa6d4380d7f1a0b41b3cfaccc67f692fdd17968e5fa14ff8edfb431559fcd2c22586080c553030409f93f119947d45ef094d20b70ab91b50b0a7c96976b1b1636dfc1e9296d9abca5ad9e85c5e7317e56b6508d5bb6a3938da76d9c6d3c3155a88436ea1b258611cfe77392408d2b2c706dd99b2851e408194c08999fa30999e43161d8e238fb643df6ed4f0935a30115e59a09e0a64191e11ff64a25b9e5fbade9e22ec88c80f86fad8aaa8e6cb5fe3ee2f9738bc2819da4c90c98817e0dad696330f144c985c7eb446c25bfa5cd7d648a1b02d90248b6d", 0xe8}, {&(0x7f0000002600)="1513b4fd26e1fdf4c342843ee0f6f7e9a7428c69a40b363d276b273f2cca8f", 0x1f}], 0x6, &(0x7f00000026c0)=[@dstaddrv6={0x20, 0x84, 0x8, @dev={0xfe, 0x80, '\x00', 0x15}}, @dstaddrv6={0x20, 0x84, 0x8, @dev={0xfe, 0x80, '\x00', 0x38}}], 0x40, 0x4000}, {&(0x7f0000002700)=@in6={0xa, 0x4e22, 0x8, @mcast1, 0x6e937979}, 0x1c, &(0x7f00000027c0)=[{&(0x7f0000002740)="0026eacbdf4f8e8e623dc8b8aa0e686813e52d423f60b4c50dae182740bf0d8d7f517bcf4c28aaa4542fff739362240d17741c82c2a298962177a88352327f1134087a272560d1fb3cf3b4117abf159e0e3642634dfe2c94257d01207749b44ef77607304c1cea98c7c4768beba02576d7c5e454bd2f", 0x76}], 0x1, &(0x7f0000002800)=[@dstaddrv4={0x18, 0x84, 0x7, @broadcast}, @init={0x18, 0x84, 0x0, {0x8, 0x6, 0x0, 0x7845}}, @authinfo={0x18, 0x84, 0x6, {0xd}}, @authinfo={0x18, 0x84, 0x6, {0x3}}, @init={0x18, 0x84, 0x0, {0x5, 0x3, 0x1, 0x9}}, @authinfo={0x18, 0x84, 0x6, {0x5}}], 0x90, 0x440a0}, {&(0x7f00000028c0)=@in={0x2, 0x4e23, @rand_addr=0x64010101}, 0x10, &(0x7f0000002c40)=[{&(0x7f0000002900)="c3b9e6368560c30e37d09c16bce1e3418258b0d45c81562453d6be99c7cf3ef60851def799dd7aed719da3542c58b0638f7c2662588a9683d54672216790b1271c0bc413948340e57f1f06970b46f57023bd5edc8a2af183ae676d0a7e05b7f292f43ace0a5b3ed541654819bb167a657882e2bd5e9b7720572986f30a1667a346d6e06f1c95db4b28a341620a3579480cdfaae1f1f476e1e010fdbecb97f6", 0x9f}, {&(0x7f00000029c0)="b85325b18f8838fb07f2e2e782d4693e7fac9a092c1d2f94df4b6e1069e1ca088c56b13193b9b5f3e8739e82dbb7ffe0523b442a734339beb122735a9a0e1fe96b313fda2edd31125df448206fa1ce93e55f61f4c5e6d4bace5d3bd99cd7e095dac1ab8c29763b70a0094284396efc9a902fd7358e5433c33dc30fdcf6f6f57f7f91d1514598a991b6b591b177808271f6e92dd704e614b0c96de4e4918bd69f22bc4cc306220852104af34a4fdfa384b5c139929a125c4c34ea0be4094d306b42a05db92012fa9c2522147999b7e5dab70b6718d13ffb2b31276849a4dca3413a8cccc6048a", 0xe6}, {&(0x7f0000002ac0)="c554bfdc74525ffd202e2a235b9ca3728d8bb4d9cd770b523e4315028d56fd93c060632d1798246a0b85a5c3c490b2222c52b4e3bfc71e4ffa6cafa73a5472f82c499ba58f5ecc28039f657f8b30bd243490891aa37b766c3edc6aa14b081d126f51c0126c6ceacbae2015b9", 0x6c}, {&(0x7f0000002b40)="7d0b5214b7fb5a745055d8f9041a448b68552c22730ac5f32feec741b2661bcfa04ef46529e9", 0x26}, {&(0x7f0000002b80)="1904100a32e7443733bbc35d7fa6482036d426ba486ea3012c7c4db4ab82f3a352765883a6da245bd981a4e44c8f02179fd076651a445d4ed22768ea12998aba3b21fca1d2e2f862f0cbee258ba6e03f9e21b3de74e9b936edf2536fa109c4d251e8e10643dc9f805d8019ad3358c9a39317634ad9d077a7d45606e7f880167292a46f10a27b", 0x86}], 0x5, &(0x7f0000002cc0)=[@prinfo={0x18, 0x84, 0x5, {0x30, 0x6000000}}, @dstaddrv6={0x20, 0x84, 0x8, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x1f}}}, @prinfo={0x18, 0x84, 0x5, {0x30, 0x9}}, @init={0x18, 0x84, 0x0, {0x4, 0x2, 0x401, 0x9}}, @prinfo={0x18, 0x84, 0x5, {0x30, 0x5}}, @init={0x18, 0x84, 0x0, {0xd, 0x4, 0x7, 0x3}}], 0x98}, {&(0x7f0000002d80)=@in6={0xa, 0x4e22, 0x3, @ipv4={'\x00', '\xff\xff', @empty}, 0x3ff}, 0x1c, &(0x7f0000002ec0)=[{&(0x7f0000002dc0)="3e135249", 0x4}, {&(0x7f0000002e00)="fa675a04433fd0d01d29c90215cb44785343f09866ab8d56d17d68117a60110204ec5acb974a4cecee833e675204463c3f5860a88196b31d7bc4e26ac4c22cf9eda08ae566915760d7e6ad29ba9171af50d5951fbb72cdc1e51a0b", 0x5b}, {&(0x7f0000002e80)="f0674b8706a06ec89f6ad4f212ffad0028", 0x11}], 0x3, &(0x7f00000030c0)=[@sndinfo={0x20, 0x84, 0x2, {0x5, 0x1, 0x3, 0x1, r14}}, @dstaddrv6={0x20, 0x84, 0x8, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, @dstaddrv4={0x18, 0x84, 0x7, @private=0xa010102}, @authinfo={0x18, 0x84, 0x6, {0x73}}, @dstaddrv6={0x20, 0x84, 0x8, @ipv4={'\x00', '\xff\xff', @broadcast}}, @sndinfo={0x20, 0x84, 0x2, {0x100, 0xa, 0x2, 0x5, r15}}, @prinfo={0x18, 0x84, 0x5, {0x20, 0x800}}, @init={0x18, 0x84, 0x0, {0x401, 0x6, 0xa25, 0xd3c}}, @dstaddrv4={0x18, 0x84, 0x7, @rand_addr=0x64010100}], 0xf8, 0x48000}, {&(0x7f00000031c0)=@in6={0xa, 0x4e21, 0x8, @mcast1}, 0x1c, &(0x7f0000004580)=[{&(0x7f0000003200)="6688028d5597f46b4da532968712279f0770c540372e33d65a1b376b706906a4470caa93d0b2f78ca24580ef65f747149c44aea3dd9a11f7bff793724482681f633de10eff4c2e1463a5261f4b12bd8f9d2b38cbbf4725212419781c30157f05a6baa16445bd653b9402f278e6fe47bb0db36b052c14aa1488d5fe8736f5bfd2d07f78e1cc06a7aa9edd8c6d493c970a86c35219d804d754be38ba98609904f44ac0e633ab84eb409e4aad4850545dc2af160c0b4ad9ef65a8cfc9e2a8f99ca6831fc26c1a1aa2739aa8ba5dff44fd04d0bc4ca742", 0xd5}, {&(0x7f0000003300)="d9ad6e3eb504ae6f852215fc94f259ee7c0d32", 0x13}, {&(0x7f0000003340)="11a0200fc7c49da63595db7e6a1c425aec4d007fcc82affa5da831965f485617a135f04ca58dec26d28f2f2cffc0ce8a8957fc09a4ec28dfebd15391c4ab06df3e8b76e8c76db2f54342f101aff0ab3b4592b69bef91e6b4e442cc239206a82424e80f2a7922415fc6e1d29468bd42c04061769b954ca254f865aaf9a71222708125acf6da14706b207076eaeb3817cd296b", 0x92}, {&(0x7f0000003400)="34f0a0ad4a4ac8c7346dfa5221d5d737e3818e450fde5e7801381409aae25eadb01dbf4dcfe37b63b8e3b61ce8bd486f9f5ad3c6a352f7d6b127b15dcdeee471038c9460af99eb8e6b5e8931b573d796f7975ba7069ff7eff208afff280c9da862fb589bd2c92bd1c7ea48a6edbe05b01e23f326dfd998649923a55cc11cd5f8cacd56254acc4c", 0x87}, {&(0x7f00000034c0)="53be509ea0d70109176f94519e2f58bd5448efbaf8241588ed00d2fd45f33a544a6a9f08b68bf1c144e1721363e0d16a7b1e8bb81ce08817cb9aea00e80589700a8d3718d66d1b992618035c7ef062148ffa8b7011b7cfb936cb1386042bf0cf6a6047d13bdbcd7ad62a5381e165187c2814c9315789abc667f8c2b5f7d951305fe2c5b0e8e964cf01986c41dd3b0bb6d61ab55eb6e53730b0a3a8b5057ec413f6a3a7d51a296cf843e171e95c9794ce62bcc3a25fadb45dc00e5aa6446fbdb06e6c6a8159e99e1737a9e9849773c5611e5b0135ebb862fe3f0645e42b64392f9fba86eb5eb78066d2ac590b83c43161ee3cf1aea5395ba20e34c42a86e0b4ed80670cd828e043a4bdbbce1a962e1f0c7ff94270610df21bac8a0a3c0bfb2e9dba5819ac069f675a7500da7f6b84a93f02b9f0c11db21fe31b335e7f45c94c637c1c3f9a7fe07e2e4c6075696a0548e45c588eb6e4581d15f7cf4999bcc6477ab5c4ead7169fa4f58cc5fb3f85c4fa7a58c15c51762804ac65a87de4468d6cf7bbb48ab1f8c43ca009aae9c465e7858d76f19860a079d019b3446490d4e4e430dbbe29dfd8d92797f691753d1ec2c184535819426b67cbc1f0a88b6b906fba04508868ba7d731d207e308545917d878ad9daa6b1088dd93ec582f3b24ccce1bfb33f31d96dcf39f1444ee5a35d2c9d4d394a9ce4990ed440b3a290d46f3ca8e87dd6fa3a1d45942f69b286bb003807654a4d56f04a2c6dd8046c54baa9018ca93d356d190659a54ec2b229012cfe03de9ce364b754699bc0f548ca0550336ef1e5f078f5723bd6130afa0cf6e3dfecf1bf3d38149349aed454972dc1e07de89ba2adf62f8ee56134848b21e7c814849bc3a57ee3fc2c2891f55ec24133c01944e5f8c913dc67ea498ed8bbe1c517f7e715476ca79180dc073bf4abd2caef57901aad0a6ecebb13f731b6a1e28037f8732b662f3b97a7925d620a1879680e922be59b2a551e38e1a2eb43296dd0a8ebe31919b9c0442839851940e67c1fe3aee66c9f8a8e9a6d5cdad631c4d1ee5883b7da689de7bfa4ffe994ed04ea22213f94f1e020b70e06061821258bec6c030b0ba4417959e7d2a2543dc358cb2bbde876d1b5cfafd9e844a581eef1ec2d6e62aa053e6a58d16957e45408975566652da39823cec36ed4cf6d6c4e534dca82945d2ed79e1d2fcedde447ce2493d798cc6d59cb1561f5d6ee6b9022b1c3f000896895e51d573c80010ebf8ec82ce2f7b13ff4dd51858364869e91d0de2ec5dcff1cfed5b9e6c6fc4b057dec5701ab117a740455e2ec870faf2868b05d16d812d3b4e8a963eec6ecd00ac77b505da9c8b2ae37163e45db3b9d1f235e4a9e3e6289ebec42eda07d23e5474a69286ffa3c9fa697a4cbb28580c9432f03054c64a47024d805002a086b860f1f3bc199b6d2885e76034876c0e73bf67b0a2a22ade3a693ec0b238c1fd9c7f7c0ad901b5b27075b930dfbf7cd04f22185c209ea49b247c2507866d73db326092774a03db90f2e16ea3618d7280b5a9b3339acf48104b367ed350767d143148210fd23c38a726a12342912bb62c3fd4797ce8a24cbdefe17bbafbc608d62aef2d8e5dc5bc47da9c69d02fe24b0e1cec4c1e98ff52ae5d54e225994a5ee1e247ce65bd52e6233cee50c76cb2c229c0f55ff8ae33be198033ab13d69753636e403bf95723d93c0ae7561ded8f1d428215496e86218722e647653b5f93a7103cc937ee59f7e5e57a66ee3b655c908686d7420064bed86f224b5ed044b5c3261880437dbd5cf3bbb348ad2e273cfe61b62b8c6c01e42d0ae45b4c5a63fdf1d53449e01948392313f0e8b2f166041c4017cb33aea1a60c4460a20754ccd3f2007890b616b3f28cdf898b462db060145998dfd3aec468e953cc7097f881dd77b27f5ef883723ce16c198a4480eed156dd85b36a89be990c6967d0e54ad83f98d05183b0bef9ab5e2b454d0cc8a5f9648d10730e1cad20aca2728ae05085bd08d08c623cc583ef65a58886e71f01c037abd8b91cb3aa9a0b1f791fdbdaa94fafaff805624241dbad3ad055d06c79e5e4c24a274267158633d1d29435b7f361471d637e0e35e144510246d5953a43b7c9ff8a15e635c14645b5e74a5439d9d1bc6536dea607808f6ff0166290acff0d36ce18af1b594f1ade20e701d3435d03abbb6262934161dc70b835d7dca04eb1a1bbb7268fc4b32c2f5ba2bfbce1cb6de65aa48c61c625a149d64eda2c540fe52c0ea4ab90e67b8a3cc3d1d70b962060e6ccba9ac38fc85fc611e9b3e0dc7fedebeb71e71f9b35ad1b1bc5584af6b9a0cef35cf1ce338b745b7cef2101b4fa550fe80269dfd14dae3672a76a54832629c496eda2fa581078b1af93d12e41ddf83dbe8a4f95c794dc0fa0ec076a37958ee468f409c8eeffd34121b09c527cf66f7bdf8471824ae49e999d2c4c00cc2272bc1fb177a5a02cd1de0e7e4c74559a3e7f6409af8ca73533f2ae6738fb2e84a299ac37488ba398b76982944801b0ec9bfb7d5a96d7444b3e98e023b17667445270951e5498628d2856e9084d1fc0c27a562dc0bbc11962f90f66ff9b032c33f5d1ee74ff04d9bca911a9c290fb223e6be46d21e69cd6750e106c119dba7109d31b449ee8195e436f45f01c8ef522c31ec2ace846f6d563f55aaa7d361e44ca71c3103561f057d458b11c048849b10ad5e0d6be80a06fd997c8cc2ef675de88fc557888b88093c3ca8dc00ded9804f33a736d76c151beb109dc8e102bd9a02f55babd0d82d318047638192b20884908fc6c7a2c5e837787fc3ca90295d73aac8f4fcd6335208be632b9deda2914b6c586ffdc92bf8442c0d97450896e9cfa12931f0bc6367510869ae98b354e480cfecc5e626543fc264d93c6d2927022bb009c4bf382ccd9192fe8797935f41df04d3914babc50bbbdf8b0fa398d3df503221987b99bdee1b26db3fb463c84d556e40de56bf46b24d620025f08e416cac4f3eac12b3bc7fe1d55e4fe26cea24aa98e30a133e3aa41587911902cf1ffc252367eda351f8b8858a1e4ad908249d65cf67c2d7a46b526b383f3b463cbc16a152ee13095632056d601136e07964b4a85c3b50b0a2419aefc1e009e6f970983b865e9f73df84a411a0e772bc64200f8498e0b313ca41d1e08c51f920d61762741e9d7ffb96bea821efbd3792bca145ad18fbc77423733166e2a2cb561493eac3ad08a1ded7f8d07a4cb72790831a7b07ae25051995b6c0e09fc863bc582af85ed8be335427c3e32ec099ec5777ef4ed192a7c7bc0650507cdb7b97595b546c040730948d62261f0e88fc6bf7875f1939f31a17d9169287626f65062627f27b36a097dba1cb4801ebd8d8984f340e5c7b760ff581bb2131c394beec521d845199f0bfec5bf987c0cde80d00a987a01b094cc8c9c9ae0e094fb51a14b9d3b95761a42d86aa2694b9ee35c959d76f4b6e39881134e528bfff6dbd4118f8fa540cc4468eef999e23d77e26b63f0bafe9c3c56d73886ef74ff1fb50f692198fc5045c2cb412b769e9474e261762b9685bb372227daaebe3a1c5a6ba6b49f98124fe2e3dde534f00ab7d6da28b7ecb34ed133af7553f794bec14bb8bea7f099340b57dfc09d0d6f2c2e84028024af66f61ae89ee9e85d51910fa5bae83637c81d562f99a86a49def58580fdf071885fceca0d85c772d5eb85a6b4c1b2041738d702ebb63250ad43d7de490cb1efeba7b0c724a22657e02f60a0a66c51545c276363a0d843ace2dad88b3c3c21c5580b15f64556d810a98210443a058f8b0987d67f14e2ae54363879d292f2bf4cf7882200ec5a1838346f1d9e21bee5abae718dcf8be783423e8a2a7a0d4cb0d2484e31fffa4a750a12ed343395e103fb90e2aac0ee62c5a16d966b0d57c1a9bd09a3d2d2bd4c4ef8cb623bb547f8e615d9f767ffd05603586011de80e26b7f14cc25e35cd5b698d8ef5909b9b3e4eab71783ccd299a9897c81ffdf0feb5a3fda7e429a3c44d5eb01c9b18c3a374922123210dd2d5cd266d9a1c94c231ea18e616201dc6837bf561fbc71020be3bb2ab5d2d19e7b04de1fe56045789d4b80343b1c48e0878dce0683f9f8bfd5e83592edb57e4736a4b0855b9a5c5d939caffb16dbdb1c508ccb44cf6d57efe058e3e5a76b1d51e636b85020e6cbe4113cc9cc4ef37f796a0e56841be5af60eff9995321bf66bfd57af5c7d254e8ef2c5bbf487a9eff675586ece6db6df09d36b3593b75f420934b9ef6394ab9ab69410216b11e940af45b55aaff524c5e770008a972f55a353948ed0014a9ab34bdcaa8949e838cdebe5b98517951aaec11c55cb68cfea46176afa13e959272d19681ac2f58db62061ff92970d2105c06eeeeb4eac351637a92dfff102716785845f12ca8cf5db8b7dc144f74ad1587dbd5968ec5661df97441cf4c05a48b0fc728d8e61c63177921b2c21a8a22177a1f16b445fa2834c4404438675e6b13f3162733d8786a3244ab893fc59ea8e2bd3b6c034e84e632eee9214bea35358e9e52ed60ee59557e0729e75f7c0e2b260c7c72a8d2eecde377ca82651040a7316fbd7da9fcab794ec9602dd487a15db7f1b5998588ad03a4a20263082dca99d9b6468bc962d52e93811a16d8a26716e2dcd9ff93469191baa66a8a194df40f359ab6211a02b7f66a7d7c46259305385908b8c2df898e403cf51a9e3a331ba3a7dbd5661f121d88c54ce66160fa2638b87fb7153c62b02ae9ce1cd70e6bef124fa6c70436a06ea7ccf5464d501c3e08f278b41d9dfa12ce994510b7ac6a52cd1d27566cb7f20dea2243ecd12775e4ee83e41970eccdc0d38aab35f44c7b93f6a407491ef21e75d4a6775e7c990e425034c57f406e8d0a8a9c5321c8e6022c684aabf96e7aa4dce64834cb5158fb3044f1ff906ed12c190f385f9594fc2d9be39b7b7509be290719ea3c6852002316d4913a1f9365ef8f992ebd1096d2951d0ce8045f59363583c3df7fce62efd37299f7219636d4ad588c89a0d2f05d8102880daeb0eb2c5d12d0952a2fc4886fc21fe4d50ba62ab355d9a5c12d41b11b6ad78d41e7e51e8ed208ef2c6c60152729f701a8790c19785d938ce5d021f0572360f263d8f8175323cebee4c2782cb96b416e9e2dc71cd01353f2023e8f2a5030d7a427368eb63288965b67f36c400dd3b47809392bc97e7f0c8e93ba9c72561b8751657aab2d0c16ac4590bb3f1dbd5da452bae637d3ece1d738111a3e7bb93568d89d0b707d074c5833542f36185abf41e016819fed400afaefcc868aad6e9fcb54b9287944ed8f20785a0267af765fa36daa82395fb8514bee2a8090b95e9e3ac7b761537bde49c1edda36406c613dffba23605297cb2bb6b2c8a11a4d1518f1285a1f07152e02d683a398226c5bbc38847a1159be1b2b06586fbc84e4d917037fa252b5a2d62ca4a305ff01d9626912d942eb7d7dcb9276bae18f748defb0f3ad4824327efe96e114970ca8d4577e063dcc537c4ea8e4ee75196edbb610b890dc24cf47c9c4c67dd17e4854222f9899e06cea16084472b59b66063daf6ba18b904d6f584dd707444964f52b86a89ec407187aa70ddd26f06a5267c99afcdf9d5b19cf2cd83284becc7e5e6a5aa9b227e18cbaa96a8fd5e59d440bdba07b27dc6946834991fb2a3d3eccadae00924d23af7e3a054715b109cbbe5e5ed3336d03aab6c97447d59cf7c33ca729af0bbed2f03707cfe07668e6150fa31c5298d9789bb381eb0774a173eb7e19fa058", 0x1000}, {&(0x7f00000044c0)="0c8b8e0232e2d3b2619488450084f47a40973df82b5350532b0b1bcb80badb84d9f35c895226f5b51c39cd196e66f5127289c21b2f19f61f679446f580079b825437f08efc77b2091f7975a39d6df7bb4fea78fd961898a1894edf74b88209d65e7dae9fb2fae6c4efeb0097f9d0715ebc85208a4da5d61d1f7c61b64c952b334095988d09b6a843a2996e582ba098127e00091fa31abe5e53cca8472f64e4e3b88e0dbfcfb9686b10b0d88ba9b816", 0xaf}], 0x6, 0x0, 0x0, 0x4000085}, {&(0x7f0000004600)=@in6={0xa, 0x4e24, 0x5, @private1={0xfc, 0x1, '\x00', 0x1}, 0x1}, 0x1c, &(0x7f0000004680)=[{&(0x7f0000004640)="ead5139acd508dd7b22d2d464876", 0xe}], 0x1, &(0x7f00000046c0)=[@init={0x18, 0x84, 0x0, {0x7, 0x0, 0x7, 0xffff}}, @dstaddrv4={0x18, 0x84, 0x7, @private=0xa010101}, @init={0x18, 0x84, 0x0, {0xf2, 0x1, 0x8, 0x80}}, @dstaddrv6={0x20, 0x84, 0x8, @loopback}, @sndrcv={0x30, 0x84, 0x1, {0xf54, 0x23f, 0x0, 0x3, 0xf, 0x2, 0x100, 0xec9}}], 0x98, 0x400c000}], 0x8, 0x1)
ioctl$sock_SIOCETHTOOL(r5, 0x8946, &(0x7f0000004980)={'ip6_vti0\x00', &(0x7f0000004940)=@ethtool_sset_info={0x37, 0x6, 0x6, [0x1e9, 0x7, 0x8, 0x1]}})
ioctl$DMA_HEAP_IOCTL_ALLOC(r7, 0xc0184800, &(0x7f00000049c0)={0x89f, <r16=>0xffffffffffffffff, 0x80000})
ioctl$FITRIM(r16, 0xc0185879, &(0x7f0000004a00)={0xfffffffffffffffb, 0x1, 0x7})

kernel console output (not intermixed with test programs):

vice found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47
[  582.776468][ T5900] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  582.791802][ T5900] usb 1-1: config 0 descriptor??
[  582.968239][   T10] usb 5-1: new high-speed USB device number 64 using dummy_hcd
[  583.027613][T16126] FAULT_INJECTION: forcing a failure.
[  583.027613][T16126] name failslab, interval 1, probability 0, space 0, times 0
[  583.051498][T16126] CPU: 0 UID: 0 PID: 16126 Comm: syz.3.2269 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  583.051529][T16126] Tainted: [L]=SOFTLOCKUP
[  583.051536][T16126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  583.051548][T16126] Call Trace:
[  583.051555][T16126]  <TASK>
[  583.051564][T16126]  dump_stack_lvl+0xe8/0x150
[  583.051595][T16126]  should_fail_ex+0x412/0x560
[  583.051626][T16126]  should_failslab+0xa8/0x100
[  583.051649][T16126]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  583.051677][T16126]  ? dup_task_struct+0x52/0x840
[  583.051707][T16126]  dup_task_struct+0x52/0x840
[  583.051730][T16126]  ? _raw_spin_unlock_irq+0x23/0x50
[  583.051755][T16126]  copy_process+0x89b/0x4430
[  583.051812][T16126]  ? __pfx_copy_process+0x10/0x10
[  583.051844][T16126]  ? mutex_init_lockdep+0xdf/0x110
[  583.051867][T16126]  vhost_task_create+0x1f9/0x380
[  583.051892][T16126]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  583.051913][T16126]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  583.051934][T16126]  ? __pfx_vhost_task_create+0x10/0x10
[  583.051962][T16126]  ? __pfx_vhost_task_fn+0x10/0x10
[  583.051985][T16126]  ? __lock_acquire+0x6b5/0x2cf0
[  583.052017][T16126]  ? kasan_save_track+0x4f/0x80
[  583.052038][T16126]  ? kasan_save_track+0x3e/0x80
[  583.052057][T16126]  ? kasan_save_free_info+0x46/0x50
[  583.052076][T16126]  ? __kasan_slab_free+0x5c/0x80
[  583.052091][T16126]  ? kfree+0x1c5/0x640
[  583.052115][T16126]  kvm_mmu_post_init_vm+0x147/0x2d0
[  583.052137][T16126]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  583.052167][T16126]  ? __mutex_trylock_common+0x158/0x260
[  583.052186][T16126]  ? look_up_lock_class+0x57/0x110
[  583.052209][T16126]  ? register_lock_class+0x31/0x2e0
[  583.052230][T16126]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  583.052254][T16126]  ? __lock_acquire+0x6b5/0x2cf0
[  583.052278][T16126]  ? __mutex_lock+0x320/0x1420
[  583.052306][T16126]  ? kasan_quarantine_put+0xbb/0x1f0
[  583.052341][T16126]  ? do_raw_write_lock+0x11d/0x260
[  583.052374][T16126]  kvm_vcpu_ioctl+0xa62/0xfd0
[  583.052400][T16126]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  583.052417][T16126]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  583.052460][T16126]  ? __fget_files+0x2a/0x420
[  583.052487][T16126]  ? __fget_files+0x2a/0x420
[  583.052507][T16126]  ? __fget_files+0x3a0/0x420
[  583.052528][T16126]  ? __fget_files+0x2a/0x420
[  583.052553][T16126]  ? bpf_lsm_file_ioctl+0x9/0x20
[  583.052572][T16126]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  583.052591][T16126]  __se_sys_ioctl+0xfc/0x170
[  583.052610][T16126]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.052630][T16126]  do_syscall_64+0x15f/0xf80
[  583.052651][T16126]  ? trace_irq_disable+0x3b/0x140
[  583.052672][T16126]  ? clear_bhb_loop+0x40/0x90
[  583.052694][T16126]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.052712][T16126] RIP: 0033:0x7f206ff9c819
[  583.052729][T16126] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  583.052744][T16126] RSP: 002b:00007f2070d8e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  583.052762][T16126] RAX: ffffffffffffffda RBX: 00007f2070215fa0 RCX: 00007f206ff9c819
[  583.052775][T16126] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  583.052786][T16126] RBP: 00007f2070d8e090 R08: 0000000000000000 R09: 0000000000000000
[  583.052798][T16126] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  583.052808][T16126] R13: 00007f2070216038 R14: 00007f2070215fa0 R15: 00007ffc9f0c6d28
[  583.052840][T16126]  </TASK>
[  583.119126][   T10] usb 5-1: device descriptor read/64, error -71
[  583.166397][   T42] usb 1-1: USB disconnect, device number 121
[  583.201557][T16150] FAULT_INJECTION: forcing a failure.
[  583.201557][T16150] name failslab, interval 1, probability 0, space 0, times 0
[  583.456487][T16150] CPU: 1 UID: 0 PID: 16150 Comm: syz.2.2273 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  583.456515][T16150] Tainted: [L]=SOFTLOCKUP
[  583.456522][T16150] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  583.456531][T16150] Call Trace:
[  583.456537][T16150]  <TASK>
[  583.456545][T16150]  dump_stack_lvl+0xe8/0x150
[  583.456573][T16150]  should_fail_ex+0x412/0x560
[  583.456601][T16150]  should_failslab+0xa8/0x100
[  583.456624][T16150]  ? skb_clone+0x212/0x3a0
[  583.456647][T16150]  kmem_cache_alloc_noprof+0x87/0x650
[  583.456671][T16150]  ? __netlink_lookup+0xc6/0x8b0
[  583.456697][T16150]  skb_clone+0x212/0x3a0
[  583.456721][T16150]  __netlink_deliver_tap+0x404/0x850
[  583.456751][T16150]  ? netlink_deliver_tap+0x2e/0x1b0
[  583.456771][T16150]  netlink_deliver_tap+0x19c/0x1b0
[  583.456790][T16150]  netlink_unicast+0x7e3/0x9b0
[  583.456819][T16150]  ? __pfx_netlink_unicast+0x10/0x10
[  583.456844][T16150]  ? netlink_sendmsg+0x650/0xb40
[  583.456860][T16150]  ? skb_put+0x11b/0x210
[  583.456881][T16150]  netlink_sendmsg+0x813/0xb40
[  583.456908][T16150]  ? __pfx_netlink_sendmsg+0x10/0x10
[  583.456928][T16150]  ? aa_sock_msg_perm+0xf1/0x1b0
[  583.456949][T16150]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  583.456987][T16150]  ____sys_sendmsg+0x972/0x9f0
[  583.457008][T16150]  ? __might_fault+0xaf/0x130
[  583.457038][T16150]  ? __pfx_____sys_sendmsg+0x10/0x10
[  583.457068][T16150]  ? import_iovec+0x73/0xa0
[  583.457098][T16150]  ___sys_sendmsg+0x2a5/0x360
[  583.457122][T16150]  ? __lock_acquire+0x6b5/0x2cf0
[  583.457150][T16150]  ? __pfx____sys_sendmsg+0x10/0x10
[  583.457205][T16150]  ? __fget_files+0x2a/0x420
[  583.457226][T16150]  ? __fget_files+0x3a0/0x420
[  583.457257][T16150]  __x64_sys_sendmsg+0x1bd/0x2a0
[  583.457282][T16150]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  583.457313][T16150]  ? __pfx_ksys_write+0x10/0x10
[  583.457339][T16150]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.457359][T16150]  do_syscall_64+0x15f/0xf80
[  583.457381][T16150]  ? trace_irq_disable+0x3b/0x140
[  583.457399][T16150]  ? clear_bhb_loop+0x40/0x90
[  583.457418][T16150]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.457436][T16150] RIP: 0033:0x7f14e079c819
[  583.457451][T16150] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  583.457466][T16150] RSP: 002b:00007f14e15f3028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  583.457484][T16150] RAX: ffffffffffffffda RBX: 00007f14e0a15fa0 RCX: 00007f14e079c819
[  583.457497][T16150] RDX: 0000000000000000 RSI: 0000200000000340 RDI: 0000000000000003
[  583.457506][T16150] RBP: 00007f14e15f3090 R08: 0000000000000000 R09: 0000000000000000
[  583.457516][T16150] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  583.457525][T16150] R13: 00007f14e0a16038 R14: 00007f14e0a15fa0 R15: 00007ffea3cee5e8
[  583.457551][T16150]  </TASK>
[  583.459247][   T10] usb usb5-port1: attempt power cycle
[  583.742752][T16159] FAULT_INJECTION: forcing a failure.
[  583.742752][T16159] name failslab, interval 1, probability 0, space 0, times 0
[  583.800752][T16159] CPU: 0 UID: 0 PID: 16159 Comm: syz.2.2274 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  583.800783][T16159] Tainted: [L]=SOFTLOCKUP
[  583.800790][T16159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  583.800802][T16159] Call Trace:
[  583.800810][T16159]  <TASK>
[  583.800818][T16159]  dump_stack_lvl+0xe8/0x150
[  583.800850][T16159]  should_fail_ex+0x412/0x560
[  583.800892][T16159]  should_failslab+0xa8/0x100
[  583.800914][T16159]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  583.800942][T16159]  ? dup_task_struct+0x52/0x840
[  583.800973][T16159]  dup_task_struct+0x52/0x840
[  583.800995][T16159]  ? _raw_spin_unlock_irq+0x23/0x50
[  583.801021][T16159]  copy_process+0x89b/0x4430
[  583.801076][T16159]  ? __pfx_copy_process+0x10/0x10
[  583.801107][T16159]  ? mutex_init_lockdep+0xdf/0x110
[  583.801128][T16159]  vhost_task_create+0x1f9/0x380
[  583.801149][T16159]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  583.801170][T16159]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  583.801188][T16159]  ? __pfx_vhost_task_create+0x10/0x10
[  583.801216][T16159]  ? __pfx_vhost_task_fn+0x10/0x10
[  583.801241][T16159]  ? __lock_acquire+0x6b5/0x2cf0
[  583.801268][T16159]  ? kasan_save_track+0x4f/0x80
[  583.801291][T16159]  ? kasan_save_track+0x3e/0x80
[  583.801312][T16159]  ? kasan_save_free_info+0x46/0x50
[  583.801332][T16159]  ? __kasan_slab_free+0x5c/0x80
[  583.801347][T16159]  ? kfree+0x1c5/0x640
[  583.801371][T16159]  kvm_mmu_post_init_vm+0x147/0x2d0
[  583.801397][T16159]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  583.801427][T16159]  ? __mutex_trylock_common+0x158/0x260
[  583.801447][T16159]  ? look_up_lock_class+0x57/0x110
[  583.801470][T16159]  ? register_lock_class+0x31/0x2e0
[  583.801498][T16159]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  583.801520][T16159]  ? __lock_acquire+0x6b5/0x2cf0
[  583.801546][T16159]  ? __mutex_lock+0x320/0x1420
[  583.801576][T16159]  ? kasan_quarantine_put+0xbb/0x1f0
[  583.801612][T16159]  ? do_raw_write_lock+0x11d/0x260
[  583.801649][T16159]  kvm_vcpu_ioctl+0xa62/0xfd0
[  583.801675][T16159]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  583.801692][T16159]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  583.801736][T16159]  ? __fget_files+0x2a/0x420
[  583.801762][T16159]  ? __fget_files+0x2a/0x420
[  583.801782][T16159]  ? __fget_files+0x3a0/0x420
[  583.801802][T16159]  ? __fget_files+0x2a/0x420
[  583.801825][T16159]  ? bpf_lsm_file_ioctl+0x9/0x20
[  583.801843][T16159]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  583.801862][T16159]  __se_sys_ioctl+0xfc/0x170
[  583.801887][T16159]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.801907][T16159]  do_syscall_64+0x15f/0xf80
[  583.801929][T16159]  ? trace_irq_disable+0x3b/0x140
[  583.801949][T16159]  ? clear_bhb_loop+0x40/0x90
[  583.801972][T16159]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.801989][T16159] RIP: 0033:0x7f14e079c819
[  583.802006][T16159] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  583.802021][T16159] RSP: 002b:00007f14e15b1028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  583.802041][T16159] RAX: ffffffffffffffda RBX: 00007f14e0a16180 RCX: 00007f14e079c819
[  583.802053][T16159] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  583.802064][T16159] RBP: 00007f14e15b1090 R08: 0000000000000000 R09: 0000000000000000
[  583.802075][T16159] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  583.802085][T16159] R13: 00007f14e0a16218 R14: 00007f14e0a16180 R15: 00007ffea3cee5e8
[  583.802115][T16159]  </TASK>
[  584.310810][ T5928] usb 4-1: new high-speed USB device number 116 using dummy_hcd
[  584.458143][   T10] usb 5-1: new high-speed USB device number 65 using dummy_hcd
[  584.471657][ T5928] usb 4-1: config 1 has an invalid interface number: 36 but max is 0
[  584.484592][ T5928] usb 4-1: config 1 has no interface number 0
[  584.508860][   T10] usb 5-1: device descriptor read/8, error -71
[  584.510784][ T5928] usb 4-1: config 1 interface 36 has no altsetting 0
[  584.550619][ T5928] usb 4-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=cc.2f
[  584.566794][ T5928] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  584.587915][ T5928] usb 4-1: Product: syz
[  584.604588][ T5928] usb 4-1: Manufacturer: syz
[  584.617547][ T5928] usb 4-1: SerialNumber: syz
[  584.758175][   T10] usb 5-1: new high-speed USB device number 66 using dummy_hcd
[  584.779272][   T10] usb 5-1: device descriptor read/8, error -71
[  584.848186][   T42] usb 3-1: new high-speed USB device number 108 using dummy_hcd
[  584.888786][   T10] usb usb5-port1: unable to enumerate USB device
[  584.918893][   T24] usb 1-1: new high-speed USB device number 122 using dummy_hcd
[  584.928724][ T5928] redrat3 4-1:1.36: Couldn't find all endpoints
[  584.938462][ T5928] usb 4-1: USB disconnect, device number 116
[  585.011085][   T42] usb 3-1: unable to get BOS descriptor or descriptor too short
[  585.020596][   T42] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 79, changing to 7
[  585.032274][   T42] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  585.045122][   T42] usb 3-1: New USB device found, idVendor=046d, idProduct=08f6, bcdDevice= 0.40
[  585.063596][   T42] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  585.073676][   T42] usb 3-1: Product: syz
[  585.078453][   T42] usb 3-1: Manufacturer: syz
[  585.083368][   T42] usb 3-1: SerialNumber: syz
[  585.089005][   T24] usb 1-1: Using ep0 maxpacket: 8
[  585.096493][   T24] usb 1-1: config 0 has an invalid interface number: 239 but max is 0
[  585.107440][   T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  585.120116][   T24] usb 1-1: config 0 has no interface number 0
[  585.132393][   T24] usb 1-1: config 0 interface 239 altsetting 0 has an endpoint descriptor with address 0x64, changing to 0x4
[  585.144862][   T42] gspca_main: STV06xx-2.14.0 probing 046d:08f6
[  585.152008][   T42] gspca_stv06xx: st6422 sensor detected
[  585.158819][   T24] usb 1-1: config 0 interface 239 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 8
[  585.171322][   T24] usb 1-1: config 0 interface 239 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  585.193224][   T24] usb 1-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=99.1a
[  585.211729][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  585.220723][   T24] usb 1-1: Product: syz
[  585.224936][   T24] usb 1-1: Manufacturer: syz
[  585.230301][   T24] usb 1-1: SerialNumber: syz
[  585.237565][   T24] usb 1-1: config 0 descriptor??
[  585.243849][T16192] raw-gadget.3 gadget.0: fail, usb_ep_enable returned -22
[  585.331829][T16183] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  585.342071][T16183] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  585.478798][   T24] ath6kl: Failed to submit usb control message: -71
[  585.487792][   T24] ath6kl: unable to send the bmi data to the device: -71
[  585.498542][   T24] ath6kl: Unable to send get target info: -71
[  585.506346][   T24] ath6kl: Failed to init ath6kl core: -71
[  585.516631][   T24] ath6kl_usb 1-1:0.239: probe with driver ath6kl_usb failed with error -71
[  585.537675][   T24] usb 1-1: USB disconnect, device number 122
[  585.644502][T16239] "syz.3.2286" (16239) uses obsolete ecb(arc4) skcipher
[  587.958199][   T24] usb 1-1: new high-speed USB device number 123 using dummy_hcd
[  588.108176][   T24] usb 1-1: Using ep0 maxpacket: 16
[  588.115766][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  588.129397][   T24] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  588.138836][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  588.147171][   T24] usb 1-1: Product: syz
[  588.151693][   T24] usb 1-1: Manufacturer: syz
[  588.156458][   T24] usb 1-1: SerialNumber: syz
[  588.157654][T16216] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  588.174544][   T24] usb 1-1: config 0 descriptor??
[  588.192249][   T24] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  588.202251][   T24] em28xx 1-1:0.0: DVB interface 0 found: bulk
[  588.244478][   T42] STV06xx 3-1:1.0: probe with driver STV06xx failed with error -71
[  588.293293][   T42] usb 3-1: Audio class v2/v3 interfaces need an interface association
[  588.409273][T16267] FAULT_INJECTION: forcing a failure.
[  588.409273][T16267] name failslab, interval 1, probability 0, space 0, times 0
[  588.431898][   T42] snd-usb-audio 3-1:1.0: probe with driver snd-usb-audio failed with error -22
[  588.442401][T16267] CPU: 0 UID: 0 PID: 16267 Comm: syz.2.2291 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  588.442430][T16267] Tainted: [L]=SOFTLOCKUP
[  588.442437][T16267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  588.442447][T16267] Call Trace:
[  588.442455][T16267]  <TASK>
[  588.442463][T16267]  dump_stack_lvl+0xe8/0x150
[  588.442495][T16267]  should_fail_ex+0x412/0x560
[  588.442524][T16267]  should_failslab+0xa8/0x100
[  588.442544][T16267]  ? skb_clone+0x212/0x3a0
[  588.442567][T16267]  kmem_cache_alloc_noprof+0x87/0x650
[  588.442592][T16267]  ? __netlink_lookup+0xc6/0x8b0
[  588.442617][T16267]  skb_clone+0x212/0x3a0
[  588.442643][T16267]  __netlink_deliver_tap+0x404/0x850
[  588.442673][T16267]  ? netlink_deliver_tap+0x2e/0x1b0
[  588.442693][T16267]  netlink_deliver_tap+0x19c/0x1b0
[  588.442712][T16267]  netlink_unicast+0x7e3/0x9b0
[  588.442746][T16267]  ? __pfx_netlink_unicast+0x10/0x10
[  588.442773][T16267]  ? netlink_sendmsg+0x650/0xb40
[  588.442788][T16267]  ? skb_put+0x11b/0x210
[  588.442810][T16267]  netlink_sendmsg+0x813/0xb40
[  588.442837][T16267]  ? __pfx_netlink_sendmsg+0x10/0x10
[  588.442859][T16267]  ? aa_sock_msg_perm+0xf1/0x1b0
[  588.442880][T16267]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  588.442908][T16267]  ____sys_sendmsg+0x972/0x9f0
[  588.442928][T16267]  ? __might_fault+0xaf/0x130
[  588.442958][T16267]  ? __pfx_____sys_sendmsg+0x10/0x10
[  588.442986][T16267]  ? import_iovec+0x73/0xa0
[  588.443014][T16267]  ___sys_sendmsg+0x2a5/0x360
[  588.443035][T16267]  ? __lock_acquire+0x6b5/0x2cf0
[  588.443064][T16267]  ? __pfx____sys_sendmsg+0x10/0x10
[  588.443118][T16267]  ? __fget_files+0x2a/0x420
[  588.443139][T16267]  ? __fget_files+0x3a0/0x420
[  588.443172][T16267]  __x64_sys_sendmsg+0x1bd/0x2a0
[  588.443197][T16267]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  588.443222][T16267]  ? __pfx_ksys_write+0x10/0x10
[  588.443242][T16267]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  588.443260][T16267]  do_syscall_64+0x15f/0xf80
[  588.443282][T16267]  ? trace_irq_disable+0x3b/0x140
[  588.443302][T16267]  ? clear_bhb_loop+0x40/0x90
[  588.443322][T16267]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  588.443339][T16267] RIP: 0033:0x7f14e079c819
[  588.443356][T16267] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  588.443369][T16267] RSP: 002b:00007f14e15f3028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  588.443386][T16267] RAX: ffffffffffffffda RBX: 00007f14e0a15fa0 RCX: 00007f14e079c819
[  588.443398][T16267] RDX: 0000000000004000 RSI: 00002000000007c0 RDI: 0000000000000004
[  588.443409][T16267] RBP: 00007f14e15f3090 R08: 0000000000000000 R09: 0000000000000000
[  588.443420][T16267] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  588.443430][T16267] R13: 00007f14e0a16038 R14: 00007f14e0a15fa0 R15: 00007ffea3cee5e8
[  588.443458][T16267]  </TASK>
[  588.464442][   T42] usb 3-1: USB disconnect, device number 108
[  588.588550][ T7006] udevd[7006]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  588.834185][   T24] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[  588.898803][T16292] FAULT_INJECTION: forcing a failure.
[  588.898803][T16292] name failslab, interval 1, probability 0, space 0, times 0
[  588.912491][T16292] CPU: 1 UID: 0 PID: 16292 Comm: syz.3.2295 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  588.912509][T16292] Tainted: [L]=SOFTLOCKUP
[  588.912513][T16292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  588.912520][T16292] Call Trace:
[  588.912524][T16292]  <TASK>
[  588.912529][T16292]  dump_stack_lvl+0xe8/0x150
[  588.912549][T16292]  should_fail_ex+0x412/0x560
[  588.912567][T16292]  should_failslab+0xa8/0x100
[  588.912580][T16292]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  588.912601][T16292]  ? dup_task_struct+0x52/0x840
[  588.912619][T16292]  dup_task_struct+0x52/0x840
[  588.912633][T16292]  ? _raw_spin_unlock_irq+0x23/0x50
[  588.912648][T16292]  copy_process+0x89b/0x4430
[  588.912678][T16292]  ? __pfx_copy_process+0x10/0x10
[  588.912696][T16292]  ? mutex_init_lockdep+0xdf/0x110
[  588.912708][T16292]  vhost_task_create+0x1f9/0x380
[  588.912720][T16292]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  588.912732][T16292]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  588.912744][T16292]  ? __pfx_vhost_task_create+0x10/0x10
[  588.912759][T16292]  ? __pfx_vhost_task_fn+0x10/0x10
[  588.912773][T16292]  ? __lock_acquire+0x6b5/0x2cf0
[  588.912789][T16292]  ? kasan_save_track+0x4f/0x80
[  588.912804][T16292]  ? kasan_save_track+0x3e/0x80
[  588.912817][T16292]  ? kasan_save_free_info+0x46/0x50
[  588.912829][T16292]  ? __kasan_slab_free+0x5c/0x80
[  588.912837][T16292]  ? kfree+0x1c5/0x640
[  588.912852][T16292]  kvm_mmu_post_init_vm+0x147/0x2d0
[  588.912866][T16292]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  588.912884][T16292]  ? __mutex_trylock_common+0x158/0x260
[  588.912895][T16292]  ? look_up_lock_class+0x57/0x110
[  588.912909][T16292]  ? register_lock_class+0x31/0x2e0
[  588.912922][T16292]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  588.912936][T16292]  ? __lock_acquire+0x6b5/0x2cf0
[  588.912952][T16292]  ? __mutex_lock+0x320/0x1420
[  588.912969][T16292]  ? kasan_quarantine_put+0xbb/0x1f0
[  588.912990][T16292]  ? do_raw_write_lock+0x11d/0x260
[  588.913009][T16292]  kvm_vcpu_ioctl+0xa62/0xfd0
[  588.913024][T16292]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  588.913034][T16292]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  588.913058][T16292]  ? __fget_files+0x2a/0x420
[  588.913073][T16292]  ? __fget_files+0x2a/0x420
[  588.913085][T16292]  ? __fget_files+0x3a0/0x420
[  588.913097][T16292]  ? __fget_files+0x2a/0x420
[  588.913118][T16292]  ? bpf_lsm_file_ioctl+0x9/0x20
[  588.913129][T16292]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  588.913140][T16292]  __se_sys_ioctl+0xfc/0x170
[  588.913150][T16292]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  588.913161][T16292]  do_syscall_64+0x15f/0xf80
[  588.913174][T16292]  ? trace_irq_disable+0x3b/0x140
[  588.913187][T16292]  ? clear_bhb_loop+0x40/0x90
[  588.913200][T16292]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  588.913210][T16292] RIP: 0033:0x7f206ff9c819
[  588.913221][T16292] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  588.913229][T16292] RSP: 002b:00007f2070d8e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  588.913240][T16292] RAX: ffffffffffffffda RBX: 00007f2070215fa0 RCX: 00007f206ff9c819
[  588.913247][T16292] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  588.913253][T16292] RBP: 00007f2070d8e090 R08: 0000000000000000 R09: 0000000000000000
[  588.913259][T16292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  588.913265][T16292] R13: 00007f2070216038 R14: 00007f2070215fa0 R15: 00007ffc9f0c6d28
[  588.913282][T16292]  </TASK>
[  589.352979][T16304] fuse: Unknown parameter 'd'
[  589.364580][T16304] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2296'.
[  589.375791][T16304] netlink: 'syz.3.2296': attribute type 25 has an invalid length.
[  589.386522][T16304] netlink: 'syz.3.2296': attribute type 3 has an invalid length.
[  589.397544][T16304] netlink: 132 bytes leftover after parsing attributes in process `syz.3.2296'.
[  589.398190][T16196] usb 5-1: new high-speed USB device number 67 using dummy_hcd
[  589.411496][T16304] overlayfs: missing 'lowerdir'
[  589.473709][T16306] netlink: 1624 bytes leftover after parsing attributes in process `syz.3.2297'.
[  589.478500][   T42] usb 3-1: new high-speed USB device number 109 using dummy_hcd
[  589.494965][   T24] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  589.504060][   T24] em28xx 1-1:0.0: board has no eeprom
[  589.590731][T16196] usb 5-1: config 1 has an invalid interface number: 36 but max is 0
[  589.600008][T16196] usb 5-1: config 1 has no interface number 0
[  589.606742][T16196] usb 5-1: config 1 interface 36 has no altsetting 0
[  589.616629][T16196] usb 5-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=cc.2f
[  589.626198][T16196] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  589.634496][T16196] usb 5-1: Product: syz
[  589.638942][T16196] usb 5-1: Manufacturer: syz
[  589.643667][T16196] usb 5-1: SerialNumber: syz
[  589.670330][   T42] usb 3-1: config 253 has an invalid interface number: 130 but max is 0
[  589.679368][   T42] usb 3-1: config 253 has no interface number 0
[  589.685743][   T42] usb 3-1: config 253 interface 130 has no altsetting 0
[  589.695970][   T42] usb 3-1: New USB device found, idVendor=1e59, idProduct=0002, bcdDevice=98.ed
[  589.706361][   T42] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  589.714857][   T42] usb 3-1: Product: syz
[  589.721489][   T42] usb 3-1: Manufacturer: syz
[  589.728283][   T42] usb 3-1: SerialNumber: syz
[  589.778212][   T24] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  589.786349][   T24] em28xx 1-1:0.0: dvb set to bulk mode.
[  589.792084][ T5928] em28xx 1-1:0.0: Binding DVB extension
[  589.809034][   T24] usb 1-1: USB disconnect, device number 123
[  589.833462][   T24] em28xx 1-1:0.0: Disconnecting em28xx
[  589.875581][ T5928] em28xx 1-1:0.0: Registering input extension
[  589.883031][   T24] em28xx 1-1:0.0: Closing input extension
[  589.946194][   T24] em28xx 1-1:0.0: Freeing device
[  589.982320][T16196] redrat3 5-1:1.36: Couldn't find all endpoints
[  590.008395][T16196] usb 5-1: USB disconnect, device number 67
[  590.550930][T16359] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2301'.
[  590.687983][T16364] kvm: emulating exchange as write
[  590.928173][ T5900] usb 5-1: new high-speed USB device number 68 using dummy_hcd
[  590.978280][T16196] usb 4-1: new high-speed USB device number 117 using dummy_hcd
[  591.078976][ T5900] usb 5-1: too many configurations: 72, using maximum allowed: 8
[  591.095211][ T5900] usb 5-1: New USB device found, idVendor=7de0, idProduct=676e, bcdDevice=77.db
[  591.104684][ T5900] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  591.116139][ T5900] usb 5-1: config 0 descriptor??
[  591.141420][T16196] usb 4-1: Using ep0 maxpacket: 16
[  591.150028][T16196] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  591.162357][T16196] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  591.173946][T16196] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  591.186311][T16196] usb 4-1: config 0 descriptor??
[  591.262971][T16385] netlink: 1624 bytes leftover after parsing attributes in process `syz.0.2306'.
[  591.448542][ T5942] usb 5-1: USB disconnect, device number 68
[  591.570556][   T42] dvb-usb: found a 'EvolutePC TVWay+' in cold state, will try to load a firmware
[  591.595352][T16402] FAULT_INJECTION: forcing a failure.
[  591.595352][T16402] name failslab, interval 1, probability 0, space 0, times 0
[  591.612274][T16402] CPU: 0 UID: 0 PID: 16402 Comm: syz.0.2308 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  591.612300][T16402] Tainted: [L]=SOFTLOCKUP
[  591.612305][T16402] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  591.612314][T16402] Call Trace:
[  591.612321][T16402]  <TASK>
[  591.612328][T16402]  dump_stack_lvl+0xe8/0x150
[  591.612356][T16402]  should_fail_ex+0x412/0x560
[  591.612383][T16402]  should_failslab+0xa8/0x100
[  591.612399][T16402]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  591.612421][T16402]  ? dup_task_struct+0x52/0x840
[  591.612446][T16402]  dup_task_struct+0x52/0x840
[  591.612463][T16402]  ? _raw_spin_unlock_irq+0x23/0x50
[  591.612484][T16402]  copy_process+0x89b/0x4430
[  591.612527][T16402]  ? __pfx_copy_process+0x10/0x10
[  591.612550][T16402]  ? mutex_init_lockdep+0xdf/0x110
[  591.612568][T16402]  vhost_task_create+0x1f9/0x380
[  591.612586][T16402]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  591.612603][T16402]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  591.612620][T16402]  ? __pfx_vhost_task_create+0x10/0x10
[  591.612644][T16402]  ? __pfx_vhost_task_fn+0x10/0x10
[  591.612666][T16402]  ? __lock_acquire+0x6b5/0x2cf0
[  591.612689][T16402]  ? kasan_save_track+0x4f/0x80
[  591.612710][T16402]  ? kasan_save_track+0x3e/0x80
[  591.612727][T16402]  ? kasan_save_free_info+0x46/0x50
[  591.612745][T16402]  ? __kasan_slab_free+0x5c/0x80
[  591.612757][T16402]  ? kfree+0x1c5/0x640
[  591.612779][T16402]  kvm_mmu_post_init_vm+0x147/0x2d0
[  591.612802][T16402]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  591.612831][T16402]  ? __mutex_trylock_common+0x158/0x260
[  591.612858][T16402]  ? look_up_lock_class+0x57/0x110
[  591.612880][T16402]  ? register_lock_class+0x31/0x2e0
[  591.612899][T16402]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  591.612920][T16402]  ? __lock_acquire+0x6b5/0x2cf0
[  591.612942][T16402]  ? __mutex_lock+0x320/0x1420
[  591.612972][T16402]  ? kasan_quarantine_put+0xbb/0x1f0
[  591.613009][T16402]  ? do_raw_write_lock+0x11d/0x260
[  591.613047][T16402]  kvm_vcpu_ioctl+0xa62/0xfd0
[  591.613074][T16402]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  591.613091][T16402]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  591.613134][T16402]  ? __fget_files+0x2a/0x420
[  591.613157][T16402]  ? __fget_files+0x2a/0x420
[  591.613175][T16402]  ? __fget_files+0x3a0/0x420
[  591.613193][T16402]  ? __fget_files+0x2a/0x420
[  591.613217][T16402]  ? bpf_lsm_file_ioctl+0x9/0x20
[  591.613233][T16402]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  591.613250][T16402]  __se_sys_ioctl+0xfc/0x170
[  591.613268][T16402]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  591.613287][T16402]  do_syscall_64+0x15f/0xf80
[  591.613308][T16402]  ? trace_irq_disable+0x3b/0x140
[  591.613329][T16402]  ? clear_bhb_loop+0x40/0x90
[  591.613356][T16402]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  591.613374][T16402] RIP: 0033:0x7f7722f9c819
[  591.613392][T16402] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  591.613407][T16402] RSP: 002b:00007f7723e0c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  591.613427][T16402] RAX: ffffffffffffffda RBX: 00007f7723215fa0 RCX: 00007f7722f9c819
[  591.613440][T16402] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  591.613451][T16402] RBP: 00007f7723e0c090 R08: 0000000000000000 R09: 0000000000000000
[  591.613463][T16402] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  591.613473][T16402] R13: 00007f7723216038 R14: 00007f7723215fa0 R15: 00007fff06fbe1e8
[  591.613504][T16402]  </TASK>
[  591.975151][T16196] mcp2221 0003:04D8:00DD.0012: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[  592.017667][   T42] dvb-usb: downloading firmware from file 'dvb-usb-dib0700-1.20.fw'
[  592.026584][   T42] dib0700: firmware download failed at 7 with -22
[  592.095787][   T42] usb 3-1: USB disconnect, device number 109
[  592.196880][T16196] usb 4-1: USB disconnect, device number 117
[  592.348360][    T9] usb 1-1: new full-speed USB device number 124 using dummy_hcd
[  592.418421][   T42] usb 3-1: new high-speed USB device number 110 using dummy_hcd
[  592.511727][    T9] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  592.521373][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  592.530534][    T9] usb 1-1: Product: syz
[  592.535041][    T9] usb 1-1: Manufacturer: syz
[  592.539872][    T9] usb 1-1: SerialNumber: syz
[  592.546713][    T9] usb 1-1: config 0 descriptor??
[  592.568207][   T42] usb 3-1: Using ep0 maxpacket: 32
[  592.568342][ T5900] usb 5-1: new high-speed USB device number 69 using dummy_hcd
[  592.583669][   T42] usb 3-1: config 9 has an invalid interface number: 221 but max is 1
[  592.592898][   T42] usb 3-1: config 9 has an invalid interface number: 221 but max is 1
[  592.601361][   T42] usb 3-1: config 9 has 1 interface, different from the descriptor's value: 2
[  592.610955][   T42] usb 3-1: config 9 has no interface number 0
[  592.617208][   T42] usb 3-1: config 9 interface 221 altsetting 64 endpoint 0xA has invalid wMaxPacketSize 0
[  592.627349][   T42] usb 3-1: config 9 interface 221 has no altsetting 0
[  592.640688][   T42] usb 3-1: New USB device found, idVendor=0582, idProduct=74ce, bcdDevice=ba.38
[  592.649906][   T42] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  592.657906][   T42] usb 3-1: Product: syz
[  592.662259][   T42] usb 3-1: Manufacturer: syz
[  592.666899][   T42] usb 3-1: SerialNumber: syz
[  592.730068][ T5900] usb 5-1: config 1 has an invalid interface number: 36 but max is 0
[  592.743499][ T5900] usb 5-1: config 1 has no interface number 0
[  592.752895][ T5900] usb 5-1: config 1 interface 36 has no altsetting 0
[  592.769052][ T5900] usb 5-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=cc.2f
[  592.779804][ T5900] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  592.788370][    T9] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  592.797916][ T5900] usb 5-1: Product: syz
[  592.803142][ T5900] usb 5-1: Manufacturer: syz
[  592.808611][ T5900] usb 5-1: SerialNumber: syz
[  592.833905][T16460] FAULT_INJECTION: forcing a failure.
[  592.833905][T16460] name failslab, interval 1, probability 0, space 0, times 0
[  592.847219][T16460] CPU: 1 UID: 0 PID: 16460 Comm: syz.3.2312 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  592.847247][T16460] Tainted: [L]=SOFTLOCKUP
[  592.847254][T16460] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  592.847264][T16460] Call Trace:
[  592.847271][T16460]  <TASK>
[  592.847280][T16460]  dump_stack_lvl+0xe8/0x150
[  592.847313][T16460]  should_fail_ex+0x412/0x560
[  592.847343][T16460]  should_failslab+0xa8/0x100
[  592.847365][T16460]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  592.847390][T16460]  ? dup_task_struct+0x52/0x840
[  592.847421][T16460]  dup_task_struct+0x52/0x840
[  592.847443][T16460]  ? _raw_spin_unlock_irq+0x23/0x50
[  592.847462][T16460]  copy_process+0x89b/0x4430
[  592.847516][T16460]  ? __pfx_copy_process+0x10/0x10
[  592.847549][T16460]  ? mutex_init_lockdep+0xdf/0x110
[  592.847564][T16460]  vhost_task_create+0x1f9/0x380
[  592.847577][T16460]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  592.847589][T16460]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  592.847600][T16460]  ? __pfx_vhost_task_create+0x10/0x10
[  592.847620][T16460]  ? __pfx_vhost_task_fn+0x10/0x10
[  592.847651][T16460]  ? __lock_acquire+0x6b5/0x2cf0
[  592.847677][T16460]  ? kasan_save_track+0x4f/0x80
[  592.847700][T16460]  ? kasan_save_track+0x3e/0x80
[  592.847716][T16460]  ? kasan_save_free_info+0x46/0x50
[  592.847728][T16460]  ? __kasan_slab_free+0x5c/0x80
[  592.847736][T16460]  ? kfree+0x1c5/0x640
[  592.847750][T16460]  kvm_mmu_post_init_vm+0x147/0x2d0
[  592.847766][T16460]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  592.847796][T16460]  ? __mutex_trylock_common+0x158/0x260
[  592.847816][T16460]  ? look_up_lock_class+0x57/0x110
[  592.847839][T16460]  ? register_lock_class+0x31/0x2e0
[  592.847861][T16460]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  592.847876][T16460]  ? __lock_acquire+0x6b5/0x2cf0
[  592.847891][T16460]  ? __mutex_lock+0x320/0x1420
[  592.847909][T16460]  ? kasan_quarantine_put+0xbb/0x1f0
[  592.847941][T16460]  ? do_raw_write_lock+0x11d/0x260
[  592.847979][T16460]  kvm_vcpu_ioctl+0xa62/0xfd0
[  592.848005][T16460]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  592.848019][T16460]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  592.848064][T16460]  ? __fget_files+0x2a/0x420
[  592.848089][T16460]  ? __fget_files+0x2a/0x420
[  592.848109][T16460]  ? __fget_files+0x3a0/0x420
[  592.848130][T16460]  ? __fget_files+0x2a/0x420
[  592.848155][T16460]  ? bpf_lsm_file_ioctl+0x9/0x20
[  592.848175][T16460]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  592.848193][T16460]  __se_sys_ioctl+0xfc/0x170
[  592.848204][T16460]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.848215][T16460]  do_syscall_64+0x15f/0xf80
[  592.848229][T16460]  ? clear_bhb_loop+0x40/0x90
[  592.848242][T16460]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  592.848258][T16460] RIP: 0033:0x7f206ff9c819
[  592.848276][T16460] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  592.848290][T16460] RSP: 002b:00007f2070d8e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  592.848439][T16460] RAX: ffffffffffffffda RBX: 00007f2070215fa0 RCX: 00007f206ff9c819
[  592.848450][T16460] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  592.848459][T16460] RBP: 00007f2070d8e090 R08: 0000000000000000 R09: 0000000000000000
[  592.848469][T16460] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  592.848478][T16460] R13: 00007f2070216038 R14: 00007f2070215fa0 R15: 00007ffc9f0c6d28
[  592.848506][T16460]  </TASK>
[  593.219412][T16411] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  593.229379][T16411] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  593.316138][ T5900] redrat3 5-1:1.36: Couldn't find all endpoints
[  593.350293][T16476] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  593.360215][ T5900] usb 5-1: USB disconnect, device number 69
[  593.371592][T16476] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  593.818183][T16196] usb 4-1: new full-speed USB device number 118 using dummy_hcd
[  593.970461][T16196] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  593.984403][T16196] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.002037][T16196] usb 4-1: config 0 descriptor??
[  594.023178][T16196] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  594.240233][T16419] dlm: non-version read from control device 226
[  594.422647][T16196] gp8psk: usb out operation failed.
[  594.430006][T16196] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  594.441556][T16196] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  594.455285][T16196] usb 4-1: USB disconnect, device number 118
[  594.475436][    T9] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  594.491486][    T9] usb 1-1: USB disconnect, device number 124
[  595.102156][T16526] syzkaller0: entered promiscuous mode
[  595.109068][T16526] syzkaller0: entered allmulticast mode
[  595.116975][T16531] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2318'.
[  595.126802][   T42] usb 3-1: USB disconnect, device number 110
[  595.171547][T16538] netlink: 60 bytes leftover after parsing attributes in process `syz.0.2318'.
[  595.178477][ T7006] udevd[7006]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:9.221/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  595.341870][T16554] FAULT_INJECTION: forcing a failure.
[  595.341870][T16554] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  595.357414][T16554] CPU: 0 UID: 0 PID: 16554 Comm: syz.0.2320 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  595.357434][T16554] Tainted: [L]=SOFTLOCKUP
[  595.357438][T16554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  595.357455][T16554] Call Trace:
[  595.357461][T16554]  <TASK>
[  595.357467][T16554]  dump_stack_lvl+0xe8/0x150
[  595.357489][T16554]  should_fail_ex+0x412/0x560
[  595.357508][T16554]  _copy_from_iter+0x1d3/0x1670
[  595.357524][T16554]  ? rcu_is_watching+0x15/0xb0
[  595.357543][T16554]  ? __pfx__copy_from_iter+0x10/0x10
[  595.357561][T16554]  ? netlink_sendmsg+0x650/0xb40
[  595.357573][T16554]  ? skb_put+0x11b/0x210
[  595.357598][T16554]  netlink_sendmsg+0x6c0/0xb40
[  595.357621][T16554]  ? __pfx_netlink_sendmsg+0x10/0x10
[  595.357639][T16554]  ? aa_sock_msg_perm+0xf1/0x1b0
[  595.357659][T16554]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  595.357682][T16554]  ____sys_sendmsg+0x972/0x9f0
[  595.357697][T16554]  ? __might_fault+0xaf/0x130
[  595.357715][T16554]  ? __pfx_____sys_sendmsg+0x10/0x10
[  595.357731][T16554]  ? import_iovec+0x73/0xa0
[  595.357749][T16554]  ___sys_sendmsg+0x2a5/0x360
[  595.357760][T16554]  ? __lock_acquire+0x6b5/0x2cf0
[  595.357777][T16554]  ? __pfx____sys_sendmsg+0x10/0x10
[  595.357806][T16554]  ? __fget_files+0x2a/0x420
[  595.357820][T16554]  ? __fget_files+0x3a0/0x420
[  595.357837][T16554]  __x64_sys_sendmsg+0x1bd/0x2a0
[  595.357851][T16554]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  595.357868][T16554]  ? __pfx_ksys_write+0x10/0x10
[  595.357882][T16554]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  595.357893][T16554]  do_syscall_64+0x15f/0xf80
[  595.357908][T16554]  ? clear_bhb_loop+0x40/0x90
[  595.357921][T16554]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  595.357931][T16554] RIP: 0033:0x7f7722f9c819
[  595.357943][T16554] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  595.357951][T16554] RSP: 002b:00007f7723deb028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  595.357967][T16554] RAX: ffffffffffffffda RBX: 00007f7723216090 RCX: 00007f7722f9c819
[  595.357974][T16554] RDX: 0000000000004000 RSI: 00002000000007c0 RDI: 0000000000000004
[  595.357981][T16554] RBP: 00007f7723deb090 R08: 0000000000000000 R09: 0000000000000000
[  595.357987][T16554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  595.357993][T16554] R13: 00007f7723216128 R14: 00007f7723216090 R15: 00007fff06fbe1e8
[  595.358017][T16554]  </TASK>
[  596.969837][T16495] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  599.426512][T16568] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  599.743190][T16608] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:00aa with DS=0xa2
[  599.858357][ T5942] usb 5-1: new high-speed USB device number 70 using dummy_hcd
[  600.020225][ T5942] usb 5-1: config 1 has an invalid interface number: 36 but max is 0
[  600.029802][ T5942] usb 5-1: config 1 has no interface number 0
[  600.036362][ T5942] usb 5-1: config 1 interface 36 has no altsetting 0
[  600.046904][ T5942] usb 5-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=cc.2f
[  600.056455][ T5942] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.064775][ T5942] usb 5-1: Product: syz
[  600.069075][ T5942] usb 5-1: Manufacturer: syz
[  600.073777][ T5942] usb 5-1: SerialNumber: syz
[  600.363131][ T5942] redrat3 5-1:1.36: Couldn't find all endpoints
[  600.375264][ T5942] usb 5-1: USB disconnect, device number 70
[  600.582739][T16637] netlink: 'syz.2.2334': attribute type 6 has an invalid length.
[  600.806889][T16650] loop6: detected capacity change from 0 to 2640
[  600.819265][T16650] buffer_io_error: 14 callbacks suppressed
[  600.819282][T16650] Buffer I/O error on dev loop6, logical block 0, async page read
[  600.838402][T16650] Buffer I/O error on dev loop6, logical block 0, async page read
[  600.853286][T16650] Buffer I/O error on dev loop6, logical block 0, async page read
[  600.864297][T16650] Buffer I/O error on dev loop6, logical block 0, async page read
[  600.876328][T16650] Buffer I/O error on dev loop6, logical block 0, async page read
[  600.890341][T16650] Buffer I/O error on dev loop6, logical block 0, async page read
[  600.914543][T16650] Buffer I/O error on dev loop6, logical block 0, async page read
[  600.924955][T16650] Buffer I/O error on dev loop6, logical block 0, async page read
[  600.934982][T16650] ldm_validate_partition_table(): Disk read failed.
[  600.942723][T16650] Buffer I/O error on dev loop6, logical block 0, async page read
[  600.952319][T16650] Buffer I/O error on dev loop6, logical block 0, async page read
[  600.979095][T16650] Dev loop6: unable to read RDB block 0
[  600.995633][T16650]  loop6: unable to read partition table
[  601.002843][T16650] loop_reread_partitions: partition scan of loop6 (3�����) failed (rc=-5)
[  601.122113][T16657] FAULT_INJECTION: forcing a failure.
[  601.122113][T16657] name failslab, interval 1, probability 0, space 0, times 0
[  601.159706][T16657] CPU: 0 UID: 0 PID: 16657 Comm: syz.3.2340 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  601.159754][T16657] Tainted: [L]=SOFTLOCKUP
[  601.159761][T16657] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  601.159773][T16657] Call Trace:
[  601.159781][T16657]  <TASK>
[  601.159789][T16657]  dump_stack_lvl+0xe8/0x150
[  601.159821][T16657]  should_fail_ex+0x412/0x560
[  601.159852][T16657]  should_failslab+0xa8/0x100
[  601.159879][T16657]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  601.159925][T16657]  ? dup_task_struct+0x52/0x840
[  601.159963][T16657]  dup_task_struct+0x52/0x840
[  601.159985][T16657]  ? _raw_spin_unlock_irq+0x23/0x50
[  601.160011][T16657]  copy_process+0x89b/0x4430
[  601.160067][T16657]  ? __pfx_copy_process+0x10/0x10
[  601.160099][T16657]  ? mutex_init_lockdep+0xdf/0x110
[  601.160121][T16657]  vhost_task_create+0x1f9/0x380
[  601.160143][T16657]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  601.160167][T16657]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  601.160189][T16657]  ? __pfx_vhost_task_create+0x10/0x10
[  601.160218][T16657]  ? __pfx_vhost_task_fn+0x10/0x10
[  601.160243][T16657]  ? __lock_acquire+0x6b5/0x2cf0
[  601.160271][T16657]  ? kasan_save_track+0x4f/0x80
[  601.160294][T16657]  ? kasan_save_track+0x3e/0x80
[  601.160317][T16657]  ? kasan_save_free_info+0x46/0x50
[  601.160337][T16657]  ? __kasan_slab_free+0x5c/0x80
[  601.160352][T16657]  ? kfree+0x1c5/0x640
[  601.160377][T16657]  kvm_mmu_post_init_vm+0x147/0x2d0
[  601.160403][T16657]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  601.160434][T16657]  ? __mutex_trylock_common+0x158/0x260
[  601.160454][T16657]  ? look_up_lock_class+0x57/0x110
[  601.160478][T16657]  ? register_lock_class+0x31/0x2e0
[  601.160502][T16657]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  601.160527][T16657]  ? __lock_acquire+0x6b5/0x2cf0
[  601.160553][T16657]  ? __mutex_lock+0x320/0x1420
[  601.160584][T16657]  ? kasan_quarantine_put+0xbb/0x1f0
[  601.160621][T16657]  ? do_raw_write_lock+0x11d/0x260
[  601.160658][T16657]  kvm_vcpu_ioctl+0xa62/0xfd0
[  601.160684][T16657]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  601.160702][T16657]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  601.160746][T16657]  ? __fget_files+0x2a/0x420
[  601.160775][T16657]  ? __fget_files+0x2a/0x420
[  601.160796][T16657]  ? __fget_files+0x3a0/0x420
[  601.160817][T16657]  ? __fget_files+0x2a/0x420
[  601.160842][T16657]  ? bpf_lsm_file_ioctl+0x9/0x20
[  601.160862][T16657]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  601.160881][T16657]  __se_sys_ioctl+0xfc/0x170
[  601.160900][T16657]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.160920][T16657]  do_syscall_64+0x15f/0xf80
[  601.160942][T16657]  ? trace_irq_disable+0x3b/0x140
[  601.160964][T16657]  ? clear_bhb_loop+0x40/0x90
[  601.160986][T16657]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.161005][T16657] RIP: 0033:0x7f206ff9c819
[  601.161022][T16657] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  601.161038][T16657] RSP: 002b:00007f2070d8e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  601.161058][T16657] RAX: ffffffffffffffda RBX: 00007f2070215fa0 RCX: 00007f206ff9c819
[  601.161070][T16657] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  601.161081][T16657] RBP: 00007f2070d8e090 R08: 0000000000000000 R09: 0000000000000000
[  601.161092][T16657] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  601.161102][T16657] R13: 00007f2070216038 R14: 00007f2070215fa0 R15: 00007ffc9f0c6d28
[  601.161133][T16657]  </TASK>
[  601.599589][T16680] loop4: detected capacity change from 0 to 7
[  601.719815][T16689] FAULT_INJECTION: forcing a failure.
[  601.719815][T16689] name failslab, interval 1, probability 0, space 0, times 0
[  601.733565][T16689] CPU: 0 UID: 0 PID: 16689 Comm: syz.4.2343 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  601.733594][T16689] Tainted: [L]=SOFTLOCKUP
[  601.733600][T16689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  601.733610][T16689] Call Trace:
[  601.733617][T16689]  <TASK>
[  601.733626][T16689]  dump_stack_lvl+0xe8/0x150
[  601.733656][T16689]  should_fail_ex+0x412/0x560
[  601.733684][T16689]  should_failslab+0xa8/0x100
[  601.733704][T16689]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  601.733729][T16689]  ? dup_task_struct+0x52/0x840
[  601.733757][T16689]  dup_task_struct+0x52/0x840
[  601.733777][T16689]  ? _raw_spin_unlock_irq+0x23/0x50
[  601.733802][T16689]  copy_process+0x89b/0x4430
[  601.733855][T16689]  ? __pfx_copy_process+0x10/0x10
[  601.733910][T16689]  ? mutex_init_lockdep+0xdf/0x110
[  601.733931][T16689]  vhost_task_create+0x1f9/0x380
[  601.733952][T16689]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  601.733971][T16689]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  601.733990][T16689]  ? __pfx_vhost_task_create+0x10/0x10
[  601.734015][T16689]  ? __pfx_vhost_task_fn+0x10/0x10
[  601.734038][T16689]  ? __lock_acquire+0x6b5/0x2cf0
[  601.734061][T16689]  ? kasan_save_track+0x4f/0x80
[  601.734084][T16689]  ? kasan_save_track+0x3e/0x80
[  601.734103][T16689]  ? kasan_save_free_info+0x46/0x50
[  601.734123][T16689]  ? __kasan_slab_free+0x5c/0x80
[  601.734136][T16689]  ? kfree+0x1c5/0x640
[  601.734159][T16689]  kvm_mmu_post_init_vm+0x147/0x2d0
[  601.734182][T16689]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  601.734213][T16689]  ? __mutex_trylock_common+0x158/0x260
[  601.734233][T16689]  ? look_up_lock_class+0x57/0x110
[  601.734257][T16689]  ? register_lock_class+0x31/0x2e0
[  601.734280][T16689]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  601.734305][T16689]  ? __lock_acquire+0x6b5/0x2cf0
[  601.734331][T16689]  ? __mutex_lock+0x320/0x1420
[  601.734361][T16689]  ? kasan_quarantine_put+0xbb/0x1f0
[  601.734400][T16689]  ? do_raw_write_lock+0x11d/0x260
[  601.734437][T16689]  kvm_vcpu_ioctl+0xa62/0xfd0
[  601.734464][T16689]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  601.734481][T16689]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  601.734525][T16689]  ? __fget_files+0x2a/0x420
[  601.734551][T16689]  ? __fget_files+0x2a/0x420
[  601.734572][T16689]  ? __fget_files+0x3a0/0x420
[  601.734593][T16689]  ? __fget_files+0x2a/0x420
[  601.734618][T16689]  ? bpf_lsm_file_ioctl+0x9/0x20
[  601.734637][T16689]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  601.734657][T16689]  __se_sys_ioctl+0xfc/0x170
[  601.734675][T16689]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.734695][T16689]  do_syscall_64+0x15f/0xf80
[  601.734716][T16689]  ? trace_irq_disable+0x3b/0x140
[  601.734736][T16689]  ? clear_bhb_loop+0x40/0x90
[  601.734757][T16689]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  601.734774][T16689] RIP: 0033:0x7f7e96d9c819
[  601.734793][T16689] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  601.734807][T16689] RSP: 002b:00007f7e97bf6028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  601.734827][T16689] RAX: ffffffffffffffda RBX: 00007f7e97016090 RCX: 00007f7e96d9c819
[  601.734841][T16689] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  601.734852][T16689] RBP: 00007f7e97bf6090 R08: 0000000000000000 R09: 0000000000000000
[  601.734870][T16689] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  601.734881][T16689] R13: 00007f7e97016128 R14: 00007f7e97016090 R15: 00007ffd1944aef8
[  601.734912][T16689]  </TASK>
[  602.620350][    T9] usb 5-1: new high-speed USB device number 71 using dummy_hcd
[  602.659370][T16723] FAULT_INJECTION: forcing a failure.
[  602.659370][T16723] name failslab, interval 1, probability 0, space 0, times 0
[  602.683886][T16723] CPU: 1 UID: 0 PID: 16723 Comm: syz.2.2353 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  602.683913][T16723] Tainted: [L]=SOFTLOCKUP
[  602.683920][T16723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  602.683931][T16723] Call Trace:
[  602.683937][T16723]  <TASK>
[  602.683944][T16723]  dump_stack_lvl+0xe8/0x150
[  602.683973][T16723]  should_fail_ex+0x412/0x560
[  602.684003][T16723]  should_failslab+0xa8/0x100
[  602.684024][T16723]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  602.684051][T16723]  ? dup_task_struct+0x52/0x840
[  602.684081][T16723]  dup_task_struct+0x52/0x840
[  602.684103][T16723]  ? _raw_spin_unlock_irq+0x23/0x50
[  602.684127][T16723]  copy_process+0x89b/0x4430
[  602.684181][T16723]  ? __pfx_copy_process+0x10/0x10
[  602.684213][T16723]  ? mutex_init_lockdep+0xdf/0x110
[  602.684234][T16723]  vhost_task_create+0x1f9/0x380
[  602.684255][T16723]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  602.684275][T16723]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  602.684294][T16723]  ? __pfx_vhost_task_create+0x10/0x10
[  602.684320][T16723]  ? __pfx_vhost_task_fn+0x10/0x10
[  602.684344][T16723]  ? __lock_acquire+0x6b5/0x2cf0
[  602.684366][T16723]  ? kasan_save_track+0x4f/0x80
[  602.684386][T16723]  ? kasan_save_track+0x3e/0x80
[  602.684406][T16723]  ? kasan_save_free_info+0x46/0x50
[  602.684426][T16723]  ? __kasan_slab_free+0x5c/0x80
[  602.684439][T16723]  ? kfree+0x1c5/0x640
[  602.684463][T16723]  kvm_mmu_post_init_vm+0x147/0x2d0
[  602.684486][T16723]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  602.684515][T16723]  ? __mutex_trylock_common+0x158/0x260
[  602.684531][T16723]  ? look_up_lock_class+0x57/0x110
[  602.684552][T16723]  ? register_lock_class+0x31/0x2e0
[  602.684572][T16723]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  602.684592][T16723]  ? __lock_acquire+0x6b5/0x2cf0
[  602.684613][T16723]  ? __mutex_lock+0x320/0x1420
[  602.684642][T16723]  ? kasan_quarantine_put+0xbb/0x1f0
[  602.684677][T16723]  ? do_raw_write_lock+0x11d/0x260
[  602.684710][T16723]  kvm_vcpu_ioctl+0xa62/0xfd0
[  602.684735][T16723]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  602.684752][T16723]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  602.684806][T16723]  ? __fget_files+0x2a/0x420
[  602.684841][T16723]  ? __fget_files+0x2a/0x420
[  602.684861][T16723]  ? __fget_files+0x3a0/0x420
[  602.684880][T16723]  ? __fget_files+0x2a/0x420
[  602.684906][T16723]  ? bpf_lsm_file_ioctl+0x9/0x20
[  602.684926][T16723]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  602.684945][T16723]  __se_sys_ioctl+0xfc/0x170
[  602.684962][T16723]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  602.684981][T16723]  do_syscall_64+0x15f/0xf80
[  602.685001][T16723]  ? trace_irq_disable+0x3b/0x140
[  602.685022][T16723]  ? clear_bhb_loop+0x40/0x90
[  602.685044][T16723]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  602.685061][T16723] RIP: 0033:0x7f14e079c819
[  602.685077][T16723] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  602.685090][T16723] RSP: 002b:00007f14e15d2028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  602.685108][T16723] RAX: ffffffffffffffda RBX: 00007f14e0a16090 RCX: 00007f14e079c819
[  602.685119][T16723] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  602.685130][T16723] RBP: 00007f14e15d2090 R08: 0000000000000000 R09: 0000000000000000
[  602.685141][T16723] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  602.685151][T16723] R13: 00007f14e0a16128 R14: 00007f14e0a16090 R15: 00007ffea3cee5e8
[  602.685180][T16723]  </TASK>
[  603.093211][T16732] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2355'.
[  603.151912][    T9] usb 5-1: config 1 has an invalid interface number: 36 but max is 0
[  603.165166][    T9] usb 5-1: config 1 has no interface number 0
[  603.183312][    T9] usb 5-1: config 1 interface 36 has no altsetting 0
[  603.200478][    T9] usb 5-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=cc.2f
[  603.210625][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  603.219316][    T9] usb 5-1: Product: syz
[  603.225083][    T9] usb 5-1: Manufacturer: syz
[  603.231947][    T9] usb 5-1: SerialNumber: syz
[  603.564842][    T9] redrat3 5-1:1.36: Couldn't find all endpoints
[  603.591548][    T9] usb 5-1: USB disconnect, device number 71
[  603.718424][ T5942] usb 4-1: new full-speed USB device number 119 using dummy_hcd
[  603.871725][ T5942] usb 4-1: config 0 has no interfaces?
[  603.880270][ T5942] usb 4-1: New USB device found, idVendor=12d1, idProduct=42f7, bcdDevice=aa.47
[  603.904662][ T5942] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  603.947079][ T5942] usb 4-1: config 0 descriptor??
[  604.222127][   T42] usb 4-1: USB disconnect, device number 119
[  604.239534][ T5942] usb 3-1: new full-speed USB device number 111 using dummy_hcd
[  604.268400][T16820] FAULT_INJECTION: forcing a failure.
[  604.268400][T16820] name failslab, interval 1, probability 0, space 0, times 0
[  604.281768][T16820] CPU: 0 UID: 0 PID: 16820 Comm: syz.4.2369 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  604.281798][T16820] Tainted: [L]=SOFTLOCKUP
[  604.281805][T16820] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  604.281816][T16820] Call Trace:
[  604.281866][T16820]  <TASK>
[  604.281873][T16820]  dump_stack_lvl+0xe8/0x150
[  604.281904][T16820]  should_fail_ex+0x412/0x560
[  604.281933][T16820]  should_failslab+0xa8/0x100
[  604.281952][T16820]  ? alloc_empty_file+0x5b/0x1d0
[  604.281975][T16820]  kmem_cache_alloc_noprof+0x87/0x650
[  604.282008][T16820]  alloc_empty_file+0x5b/0x1d0
[  604.282029][T16820]  alloc_file_pseudo+0x155/0x240
[  604.282050][T16820]  ? kmem_cache_alloc_noprof+0x15a/0x650
[  604.282076][T16820]  ? __pfx_alloc_file_pseudo+0x10/0x10
[  604.282096][T16820]  ? evm_inode_alloc_security+0x40/0xb0
[  604.282120][T16820]  ? security_inode_alloc+0xd5/0x310
[  604.282149][T16820]  sock_alloc_file+0xb8/0x2e0
[  604.282176][T16820]  do_accept+0x3a0/0x760
[  604.282200][T16820]  ? __pfx_do_accept+0x10/0x10
[  604.282237][T16820]  __sys_accept4+0x139/0x230
[  604.282258][T16820]  ? __pfx___sys_accept4+0x10/0x10
[  604.282278][T16820]  ? __pfx_ksys_write+0x10/0x10
[  604.282301][T16820]  __x64_sys_accept4+0x9a/0xb0
[  604.282319][T16820]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  604.282338][T16820]  do_syscall_64+0x15f/0xf80
[  604.282361][T16820]  ? trace_irq_disable+0x3b/0x140
[  604.282383][T16820]  ? clear_bhb_loop+0x40/0x90
[  604.282405][T16820]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  604.282422][T16820] RIP: 0033:0x7f7e96d9c819
[  604.282440][T16820] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  604.282454][T16820] RSP: 002b:00007f7e97c17028 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[  604.282474][T16820] RAX: ffffffffffffffda RBX: 00007f7e97015fa0 RCX: 00007f7e96d9c819
[  604.282487][T16820] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000003
[  604.282497][T16820] RBP: 00007f7e97c17090 R08: 0000000000000000 R09: 0000000000000000
[  604.282507][T16820] R10: 0000000000080000 R11: 0000000000000246 R12: 0000000000000001
[  604.282518][T16820] R13: 00007f7e97016038 R14: 00007f7e97015fa0 R15: 00007ffd1944aef8
[  604.282546][T16820]  </TASK>
[  604.591773][ T5942] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  604.603047][ T5942] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  604.614700][ T5942] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 9
[  604.631279][ T5942] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.00
[  604.641136][ T5942] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  604.653338][ T5942] usb 3-1: config 0 descriptor??
[  604.658264][    T9] usb 1-1: new full-speed USB device number 125 using dummy_hcd
[  604.666356][T16797] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  604.673785][T16797] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  604.829957][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  604.842305][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  604.852696][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[  604.862603][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  604.873650][    T9] usb 1-1: config 0 descriptor??
[  605.091378][    T9] apple 0003:05AC:024B.0013: unknown global tag 0xe
[  605.098757][    T9] apple 0003:05AC:024B.0013: item 0 1 1 14 parsing failed
[  605.107098][    T9] apple 0003:05AC:024B.0013: parse failed
[  605.113988][    T9] apple 0003:05AC:024B.0013: probe with driver apple failed with error -22
[  605.140460][ T5942] keytouch 0003:0926:3333.0014: fixing up Keytouch IEC report descriptor
[  605.166744][ T5942] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0014/input/input49
[  605.293500][    T9] usb 1-1: USB disconnect, device number 125
[  605.337318][ T5942] keytouch 0003:0926:3333.0014: input,hidraw0: USB HID v0.20 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[  605.405107][ T5942] usb 3-1: USB disconnect, device number 111
[  605.469988][T16859] fido_id[16859]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  605.818107][ T5900] usb 5-1: new high-speed USB device number 72 using dummy_hcd
[  605.990736][ T5900] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  606.024376][ T5900] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  606.038848][ T5900] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  606.049718][ T5900] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  606.065444][ T5900] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  606.075846][ T5900] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  606.084991][ T5900] usb 5-1: Manufacturer: syz
[  606.098107][ T5900] usb 5-1: config 0 descriptor??
[  606.348217][ T5940] usb 1-1: new high-speed USB device number 126 using dummy_hcd
[  606.500157][ T5940] usb 1-1: config 1 has an invalid interface number: 36 but max is 0
[  606.508717][ T5940] usb 1-1: config 1 has no interface number 0
[  606.515370][ T5940] usb 1-1: config 1 interface 36 has no altsetting 0
[  606.520044][ T5900] hid_parser_main: 26 callbacks suppressed
[  606.520068][ T5900] appleir 0003:05AC:8243.0015: unknown main item tag 0x0
[  606.525664][ T5940] usb 1-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=cc.2f
[  606.549044][ T5940] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  606.558687][ T5940] usb 1-1: Product: syz
[  606.563436][ T5940] usb 1-1: Manufacturer: syz
[  606.568985][ T5940] usb 1-1: SerialNumber: syz
[  606.582883][ T5900] appleir 0003:05AC:8243.0015: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[  606.774048][ T5942] usb 5-1: USB disconnect, device number 72
[  606.847758][ T5940] redrat3 1-1:1.36: Couldn't find all endpoints
[  606.863345][ T5940] usb 1-1: USB disconnect, device number 126
[  607.365867][T16970] FAULT_INJECTION: forcing a failure.
[  607.365867][T16970] name failslab, interval 1, probability 0, space 0, times 0
[  607.379596][T16970] CPU: 1 UID: 0 PID: 16970 Comm: syz.3.2389 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  607.379624][T16970] Tainted: [L]=SOFTLOCKUP
[  607.379631][T16970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  607.379641][T16970] Call Trace:
[  607.379648][T16970]  <TASK>
[  607.379654][T16970]  dump_stack_lvl+0xe8/0x150
[  607.379684][T16970]  should_fail_ex+0x412/0x560
[  607.379711][T16970]  should_failslab+0xa8/0x100
[  607.379731][T16970]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  607.379758][T16970]  ? dup_task_struct+0x52/0x840
[  607.379787][T16970]  dup_task_struct+0x52/0x840
[  607.379809][T16970]  ? _raw_spin_unlock_irq+0x23/0x50
[  607.379834][T16970]  copy_process+0x89b/0x4430
[  607.379884][T16970]  ? __pfx_copy_process+0x10/0x10
[  607.379915][T16970]  ? mutex_init_lockdep+0xdf/0x110
[  607.379937][T16970]  vhost_task_create+0x1f9/0x380
[  607.379958][T16970]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  607.379975][T16970]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  607.379994][T16970]  ? __pfx_vhost_task_create+0x10/0x10
[  607.380018][T16970]  ? __pfx_vhost_task_fn+0x10/0x10
[  607.380040][T16970]  ? __lock_acquire+0x6b5/0x2cf0
[  607.380065][T16970]  ? kasan_save_track+0x4f/0x80
[  607.380087][T16970]  ? kasan_save_track+0x3e/0x80
[  607.380107][T16970]  ? kasan_save_free_info+0x46/0x50
[  607.380125][T16970]  ? __kasan_slab_free+0x5c/0x80
[  607.380138][T16970]  ? kfree+0x1c5/0x640
[  607.380161][T16970]  kvm_mmu_post_init_vm+0x147/0x2d0
[  607.380183][T16970]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  607.380212][T16970]  ? __mutex_trylock_common+0x158/0x260
[  607.380231][T16970]  ? look_up_lock_class+0x57/0x110
[  607.380254][T16970]  ? register_lock_class+0x31/0x2e0
[  607.380276][T16970]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  607.380297][T16970]  ? __lock_acquire+0x6b5/0x2cf0
[  607.380331][T16970]  ? __mutex_lock+0x320/0x1420
[  607.380358][T16970]  ? kasan_quarantine_put+0xbb/0x1f0
[  607.380396][T16970]  ? do_raw_write_lock+0x11d/0x260
[  607.380438][T16970]  kvm_vcpu_ioctl+0xa62/0xfd0
[  607.380465][T16970]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  607.380482][T16970]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  607.380526][T16970]  ? __fget_files+0x2a/0x420
[  607.380553][T16970]  ? __fget_files+0x2a/0x420
[  607.380573][T16970]  ? __fget_files+0x3a0/0x420
[  607.380594][T16970]  ? __fget_files+0x2a/0x420
[  607.380619][T16970]  ? bpf_lsm_file_ioctl+0x9/0x20
[  607.380640][T16970]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  607.380660][T16970]  __se_sys_ioctl+0xfc/0x170
[  607.380679][T16970]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  607.380699][T16970]  do_syscall_64+0x15f/0xf80
[  607.380721][T16970]  ? trace_irq_disable+0x3b/0x140
[  607.380743][T16970]  ? clear_bhb_loop+0x40/0x90
[  607.380766][T16970]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  607.380785][T16970] RIP: 0033:0x7f206ff9c819
[  607.380803][T16970] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  607.380818][T16970] RSP: 002b:00007f2070d8e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  607.380837][T16970] RAX: ffffffffffffffda RBX: 00007f2070215fa0 RCX: 00007f206ff9c819
[  607.380851][T16970] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  607.380862][T16970] RBP: 00007f2070d8e090 R08: 0000000000000000 R09: 0000000000000000
[  607.380873][T16970] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  607.380884][T16970] R13: 00007f2070216038 R14: 00007f2070215fa0 R15: 00007ffc9f0c6d28
[  607.380915][T16970]  </TASK>
[  607.743733][ T5940] usb 3-1: new full-speed USB device number 112 using dummy_hcd
[  607.910048][ T5940] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  607.922198][ T5940] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  607.934682][ T5940] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 9
[  607.948052][ T5940] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.00
[  607.957620][ T5940] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  607.970129][ T5940] usb 3-1: config 0 descriptor??
[  607.975911][T16959] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  607.983360][T16959] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  608.278664][ T5900] usb 4-1: new full-speed USB device number 120 using dummy_hcd
[  608.361969][T16997] netlink: 1624 bytes leftover after parsing attributes in process `syz.4.2395'.
[  608.413117][ T5940] keytouch 0003:0926:3333.0016: fixing up Keytouch IEC report descriptor
[  608.446966][ T5900] usb 4-1: New USB device found, idVendor=0c72, idProduct=0013, bcdDevice=ba.be
[  608.447648][ T5940] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0016/input/input50
[  608.466497][ T5900] usb 4-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3
[  608.492055][ T5900] usb 4-1: Product: syz
[  608.503408][ T5900] usb 4-1: Manufacturer: syz
[  608.512438][ T5900] usb 4-1: SerialNumber: syz
[  608.530439][ T5900] usb 4-1: config 0 descriptor??
[  608.646167][ T5940] keytouch 0003:0926:3333.0016: input,hidraw0: USB HID v0.20 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[  608.704490][ T5940] usb 3-1: USB disconnect, device number 112
[  608.754613][T16987] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  608.766740][T17031] netlink: 104 bytes leftover after parsing attributes in process `syz.0.2399'.
[  608.780393][T16987] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  608.791757][T17025] fido_id[17025]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/3-1/report_descriptor': No such file or directory
[  608.822614][ T5900] peak_usb 4-1:0.0: PEAK-System PCAN-Chip USB v29 fw v73.186.59 (1 channels)
[  609.025017][ T5900] peak_usb 4-1:0.0 can0: unable to request usb[type=2 value=5] err=-71
[  609.035473][ T5900] peak_usb 4-1:0.0: unable to tell PCAN-Chip USB driver is loaded (err -71)
[  609.090160][ T5900] peak_usb 4-1:0.0: probe with driver peak_usb failed with error -71
[  609.106233][ T5900] usb 4-1: USB disconnect, device number 120
[  609.194488][T17079] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2401'.
[  609.212685][T17080] IPVS: sync thread started: state = BACKUP, mcast_ifn = vcan0, syncid = 0, id = 0
[  609.228313][    T9] usb 5-1: new high-speed USB device number 73 using dummy_hcd
[  609.392113][    T9] usb 5-1: config 1 has an invalid interface number: 36 but max is 0
[  609.400610][    T9] usb 5-1: config 1 has no interface number 0
[  609.406992][    T9] usb 5-1: config 1 interface 36 has no altsetting 0
[  609.418204][    T9] usb 5-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=cc.2f
[  609.427386][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  609.436179][    T9] usb 5-1: Product: syz
[  609.440710][    T9] usb 5-1: Manufacturer: syz
[  609.445372][    T9] usb 5-1: SerialNumber: syz
[  609.646765][T17089] netlink: 1624 bytes leftover after parsing attributes in process `syz.0.2404'.
[  610.290121][   T42] usb 4-1: new full-speed USB device number 121 using dummy_hcd
[  610.419227][ T5844] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  610.439466][ T5844] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  610.451815][ T5844] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  610.461201][ T5844] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  610.470081][ T5844] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  610.483292][   T42] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  610.494862][   T42] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  610.506663][   T42] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 9
[  610.520173][   T42] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.00
[  610.529945][   T42] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  610.543078][   T42] usb 4-1: config 0 descriptor??
[  610.549391][T17108] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  610.558680][T17108] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  610.992337][   T42] keytouch 0003:0926:3333.0017: fixing up Keytouch IEC report descriptor
[  611.041624][   T42] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0017/input/input51
[  611.251761][   T42] keytouch 0003:0926:3333.0017: input,hidraw0: USB HID v0.20 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  611.329271][T17116] chnl_net:caif_netlink_parms(): no params data found
[  611.331346][   T42] usb 4-1: USB disconnect, device number 121
[  611.486203][T17192] fido_id[17192]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory
[  611.755914][T17116] bridge0: port 1(bridge_slave_0) entered blocking state
[  611.763636][T17116] bridge0: port 1(bridge_slave_0) entered disabled state
[  611.772254][T17116] bridge_slave_0: entered allmulticast mode
[  611.781702][T17116] bridge_slave_0: entered promiscuous mode
[  611.808772][T17116] bridge0: port 2(bridge_slave_1) entered blocking state
[  611.821082][T17116] bridge0: port 2(bridge_slave_1) entered disabled state
[  611.828878][T17116] bridge_slave_1: entered allmulticast mode
[  611.836826][T17116] bridge_slave_1: entered promiscuous mode
[  611.844988][T17271] syzkaller1: entered promiscuous mode
[  611.851726][T17271] syzkaller1: entered allmulticast mode
[  611.926471][T10466] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  611.967369][T17058] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  612.081064][    T9] redrat3 5-1:1.36: Couldn't find all endpoints
[  612.093420][    T9] usb 5-1: USB disconnect, device number 73
[  612.219474][T17303] netlink: 1688 bytes leftover after parsing attributes in process `syz.0.2415'.
[  612.250260][T10466] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  612.311384][T17116] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  612.331910][T17116] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  612.469116][T10466] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  612.485027][T17116] team0: Port device team_slave_0 added
[  612.495447][T17116] team0: Port device team_slave_1 added
[  612.535946][T17116] batman_adv: batadv0: Adding interface: batadv_slave_0
[  612.544861][T17116] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  612.571970][ T5844] Bluetooth: hci3: command tx timeout
[  612.583726][T17116] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  612.619628][T10466] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  612.639400][   T42] usb 5-1: new high-speed USB device number 74 using dummy_hcd
[  612.652631][T17116] batman_adv: batadv0: Adding interface: batadv_slave_1
[  612.661266][T17116] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  612.690244][T17116] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  612.754656][T17116] hsr_slave_0: entered promiscuous mode
[  612.763041][T17116] hsr_slave_1: entered promiscuous mode
[  612.770447][T17116] debugfs: 'hsr0' already exists in 'hsr'
[  612.776350][T17116] Cannot create hsr debugfs directory
[  612.783507][   T42] usb 5-1: device descriptor read/64, error -71
[  612.974098][T10466] bridge_slave_1: left allmulticast mode
[  612.980027][T10466] bridge_slave_1: left promiscuous mode
[  612.985941][T10466] bridge0: port 2(bridge_slave_1) entered disabled state
[  612.996456][T10466] bridge_slave_0: left allmulticast mode
[  613.002679][T10466] bridge_slave_0: left promiscuous mode
[  613.009266][T10466] bridge0: port 1(bridge_slave_0) entered disabled state
[  613.030669][   T42] usb 5-1: new high-speed USB device number 75 using dummy_hcd
[  613.188275][   T42] usb 5-1: device descriptor read/64, error -71
[  613.216888][T10466] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  613.229321][T10466] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  613.239612][T10466] bond0 (unregistering): Released all slaves
[  613.299941][   T42] usb usb5-port1: attempt power cycle
[  613.491656][T10466] tipc: Left network mode
[  613.537117][T10466] IPVS: stopping backup sync thread 17080 ...
[  613.681802][   T42] usb 5-1: new high-speed USB device number 76 using dummy_hcd
[  613.718910][   T42] usb 5-1: device descriptor read/8, error -71
[  613.735586][T17476] binder: BINDER_SET_CONTEXT_MGR already set
[  613.749715][T17476] binder: 17475:17476 ioctl 4018620d 2000000002c0 returned -16
[  613.803220][T17483] FAULT_INJECTION: forcing a failure.
[  613.803220][T17483] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  613.853318][T17483] CPU: 1 UID: 0 PID: 17483 Comm: syz.0.2424 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  613.853348][T17483] Tainted: [L]=SOFTLOCKUP
[  613.853355][T17483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  613.853366][T17483] Call Trace:
[  613.853373][T17483]  <TASK>
[  613.853382][T17483]  dump_stack_lvl+0xe8/0x150
[  613.853412][T17483]  should_fail_ex+0x412/0x560
[  613.853443][T17483]  copy_folio_from_iter_atomic+0x44c/0x1ad0
[  613.853491][T17483]  ? __pfx_copy_folio_from_iter_atomic+0x10/0x10
[  613.853525][T17483]  ? shmem_write_begin+0x1d8/0x330
[  613.853554][T17483]  generic_perform_write+0x5d9/0x8f0
[  613.853586][T17483]  ? __pfx_generic_perform_write+0x10/0x10
[  613.853603][T17483]  ? down_write+0x16d/0x200
[  613.853637][T17483]  ? file_update_time_flags+0x3b3/0x4a0
[  613.853667][T17483]  shmem_file_write_iter+0xf8/0x120
[  613.853694][T17483]  vfs_write+0x61d/0xb90
[  613.853720][T17483]  ? __pfx_vfs_write+0x10/0x10
[  613.853756][T17483]  ? __fget_files+0x2a/0x420
[  613.853788][T17483]  ksys_write+0x150/0x270
[  613.853808][T17483]  ? __pfx_ksys_write+0x10/0x10
[  613.853834][T17483]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  613.853854][T17483]  do_syscall_64+0x15f/0xf80
[  613.853876][T17483]  ? trace_irq_disable+0x3b/0x140
[  613.853896][T17483]  ? clear_bhb_loop+0x40/0x90
[  613.853919][T17483]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  613.853937][T17483] RIP: 0033:0x7f7722f9c819
[  613.853953][T17483] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  613.853968][T17483] RSP: 002b:00007f7723e0c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  613.853986][T17483] RAX: ffffffffffffffda RBX: 00007f7723215fa0 RCX: 00007f7722f9c819
[  613.854000][T17483] RDX: 000000011ffffce1 RSI: 0000200000000080 RDI: 0000000000000004
[  613.854011][T17483] RBP: 00007f7723e0c090 R08: 0000000000000000 R09: 0000000000000000
[  613.854022][T17483] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  613.854033][T17483] R13: 00007f7723216038 R14: 00007f7723215fa0 R15: 00007fff06fbe1e8
[  613.854064][T17483]  </TASK>
[  614.229682][   T42] usb 5-1: new high-speed USB device number 77 using dummy_hcd
[  614.291631][   T42] usb 5-1: device descriptor read/8, error -71
[  614.369039][    T9] usb 4-1: new high-speed USB device number 122 using dummy_hcd
[  614.410041][   T42] usb usb5-port1: unable to enumerate USB device
[  614.529605][T17517] netlink: 1688 bytes leftover after parsing attributes in process `syz.0.2426'.
[  614.543821][    T9] usb 4-1: config 1 has an invalid interface number: 36 but max is 0
[  614.554109][    T9] usb 4-1: config 1 has no interface number 0
[  614.590592][    T9] usb 4-1: config 1 interface 36 has no altsetting 0
[  614.616007][    T9] usb 4-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=cc.2f
[  614.641986][ T5844] Bluetooth: hci3: command tx timeout
[  614.649999][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  614.671075][    T9] usb 4-1: Product: syz
[  614.684675][    T9] usb 4-1: Manufacturer: syz
[  614.699888][    T9] usb 4-1: SerialNumber: syz
[  614.974632][    T9] redrat3 4-1:1.36: Couldn't find all endpoints
[  615.002363][    T9] usb 4-1: USB disconnect, device number 122
[  615.041953][T10466] hsr_slave_1: left promiscuous mode
[  615.050712][T10466] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  615.059160][T10466] batman_adv: batadv0: Removing interface: batadv_slave_0
[  615.067479][T10466] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  615.076715][T10466] batman_adv: batadv0: Removing interface: batadv_slave_1
[  615.090530][T10466] veth1_macvtap: left promiscuous mode
[  615.096387][T10466] veth0_macvtap: left promiscuous mode
[  615.103143][T10466] veth1_vlan: left promiscuous mode
[  615.109016][T10466] veth0_vlan: left promiscuous mode
[  615.339179][T10466] team0 (unregistering): Port device team_slave_1 removed
[  615.356234][T10466] team0 (unregistering): Port device team_slave_0 removed
[  615.631500][T17116] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  615.663596][T17116] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  615.713931][T17116] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  615.727776][T17116] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  615.994798][T10466] IPVS: stop unused estimator thread 0...
[  616.052683][T17116] 8021q: adding VLAN 0 to HW filter on device bond0
[  616.078181][   T42] usb 4-1: new high-speed USB device number 123 using dummy_hcd
[  616.089280][T17116] 8021q: adding VLAN 0 to HW filter on device team0
[  616.113739][T10466] bridge0: port 1(bridge_slave_0) entered blocking state
[  616.120980][T10466] bridge0: port 1(bridge_slave_0) entered forwarding state
[  616.136255][ T1169] bridge0: port 2(bridge_slave_1) entered blocking state
[  616.143429][ T1169] bridge0: port 2(bridge_slave_1) entered forwarding state
[  616.239265][   T42] usb 4-1: Using ep0 maxpacket: 8
[  616.249884][T17595] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  616.252110][   T42] usb 4-1: config index 0 descriptor too short (expected 6427, got 27)
[  616.278385][   T42] usb 4-1: config 0 has an invalid interface number: 21 but max is 0
[  616.298117][   T42] usb 4-1: config 0 has no interface number 0
[  616.330267][   T42] usb 4-1: config 0 interface 21 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  616.377586][   T42] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  616.433619][   T42] usb 4-1: config 0 interface 21 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  616.463859][   T42] usb 4-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[  616.491212][   T42] usb 4-1: New USB device strings: Mfr=0, Product=1, SerialNumber=0
[  616.505541][T17617] input: syz1 as /devices/virtual/input/input52
[  616.523748][   T42] usb 4-1: Product: syz
[  616.554217][   T42] usb 4-1: config 0 descriptor??
[  616.580552][T17569] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  616.650957][T17626] netlink: 1688 bytes leftover after parsing attributes in process `syz.0.2434'.
[  616.682442][T17116] 8021q: adding VLAN 0 to HW filter on device batadv0
[  616.720597][ T5844] Bluetooth: hci3: command tx timeout
[  616.817511][T17116] veth0_vlan: entered promiscuous mode
[  616.853687][T17116] veth1_vlan: entered promiscuous mode
[  616.897086][T17116] veth0_macvtap: entered promiscuous mode
[  616.912533][T17116] veth1_macvtap: entered promiscuous mode
[  616.943106][T17116] batman_adv: batadv0: Interface activated: batadv_slave_0
[  616.984853][T17116] batman_adv: batadv0: Interface activated: batadv_slave_1
[  617.010352][   T49] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  617.020682][   T49] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  617.031614][   T49] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  617.045962][   T49] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  617.068159][    T9] usb 5-1: new high-speed USB device number 78 using dummy_hcd
[  617.211220][   T42] input: syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.21/input/input54
[  617.231681][    T9] usb 5-1: unable to get BOS descriptor or descriptor too short
[  617.251967][    T9] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  617.273017][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  617.279142][    T9] usb 5-1: config 1 interface 1 has no altsetting 1
[  617.296251][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  617.309469][    T9] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  617.328704][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  617.345750][    T9] usb 5-1: Product: syz
[  617.376615][    T9] usb 5-1: Manufacturer: syz
[  617.384710][  T181] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  617.400710][  T181] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  617.400814][    T9] usb 5-1: SerialNumber: syz
[  617.451145][ T5907] usb 4-1: USB disconnect, device number 123
[  617.451307][    C1] keyspan_remote 4-1:0.21: keyspan_irq_recv - usb_submit_urb failed with result: -19
[  617.712515][T17682] netlink: 'syz.4.2436': attribute type 21 has an invalid length.
[  617.721002][T17682] netlink: 164 bytes leftover after parsing attributes in process `syz.4.2436'.
[  617.807586][    T9] usb 5-1: selecting invalid altsetting 1
[  617.824272][    T9] cdc_ncm 5-1:1.0: bind() failure
[  617.857460][    T9] cdc_ncm 5-1:1.1: CDC Union missing and no IAD found
[  617.865855][    T9] cdc_ncm 5-1:1.1: bind() failure
[  617.882106][    T9] usb 5-1: USB disconnect, device number 78
[  618.345944][T17702] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  618.427912][T17705] netlink: 'syz.4.2442': attribute type 72 has an invalid length.
[  618.528838][T17707] netlink: 212408 bytes leftover after parsing attributes in process `syz.4.2443'.
[  618.801797][ T5844] Bluetooth: hci3: command tx timeout
[  618.907654][T17724] netlink: 'syz.2.2447': attribute type 27 has an invalid length.
[  619.112072][T17733] netlink: 'syz.3.2451': attribute type 72 has an invalid length.
[  619.395676][T17751] FAULT_INJECTION: forcing a failure.
[  619.395676][T17751] name failslab, interval 1, probability 0, space 0, times 0
[  619.409773][T17751] CPU: 0 UID: 0 PID: 17751 Comm: syz.0.2456 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  619.409803][T17751] Tainted: [L]=SOFTLOCKUP
[  619.409810][T17751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  619.409821][T17751] Call Trace:
[  619.409829][T17751]  <TASK>
[  619.409837][T17751]  dump_stack_lvl+0xe8/0x150
[  619.409868][T17751]  should_fail_ex+0x412/0x560
[  619.409897][T17751]  should_failslab+0xa8/0x100
[  619.409919][T17751]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  619.409948][T17751]  ? dup_task_struct+0x52/0x840
[  619.409978][T17751]  dup_task_struct+0x52/0x840
[  619.410000][T17751]  ? _raw_spin_unlock_irq+0x23/0x50
[  619.410024][T17751]  copy_process+0x89b/0x4430
[  619.410082][T17751]  ? __pfx_copy_process+0x10/0x10
[  619.410113][T17751]  ? mutex_init_lockdep+0xdf/0x110
[  619.410134][T17751]  vhost_task_create+0x1f9/0x380
[  619.410154][T17751]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  619.410172][T17751]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  619.410203][T17751]  ? __pfx_vhost_task_create+0x10/0x10
[  619.410231][T17751]  ? __pfx_vhost_task_fn+0x10/0x10
[  619.410256][T17751]  ? __lock_acquire+0x6b5/0x2cf0
[  619.410283][T17751]  ? kasan_save_track+0x4f/0x80
[  619.410306][T17751]  ? kasan_save_track+0x3e/0x80
[  619.410324][T17751]  ? kasan_save_free_info+0x46/0x50
[  619.410342][T17751]  ? __kasan_slab_free+0x5c/0x80
[  619.410362][T17751]  ? kfree+0x1c5/0x640
[  619.410388][T17751]  kvm_mmu_post_init_vm+0x147/0x2d0
[  619.410419][T17751]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  619.410450][T17751]  ? __mutex_trylock_common+0x158/0x260
[  619.410469][T17751]  ? look_up_lock_class+0x57/0x110
[  619.410493][T17751]  ? register_lock_class+0x31/0x2e0
[  619.410517][T17751]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  619.410542][T17751]  ? __lock_acquire+0x6b5/0x2cf0
[  619.410569][T17751]  ? __mutex_lock+0x320/0x1420
[  619.410599][T17751]  ? kasan_quarantine_put+0xbb/0x1f0
[  619.410635][T17751]  ? do_raw_write_lock+0x11d/0x260
[  619.410668][T17751]  kvm_vcpu_ioctl+0xa62/0xfd0
[  619.410692][T17751]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  619.410708][T17751]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  619.410748][T17751]  ? __fget_files+0x2a/0x420
[  619.410771][T17751]  ? __fget_files+0x2a/0x420
[  619.410790][T17751]  ? __fget_files+0x3a0/0x420
[  619.410810][T17751]  ? __fget_files+0x2a/0x420
[  619.410834][T17751]  ? bpf_lsm_file_ioctl+0x9/0x20
[  619.410850][T17751]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  619.410869][T17751]  __se_sys_ioctl+0xfc/0x170
[  619.410886][T17751]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  619.410905][T17751]  do_syscall_64+0x15f/0xf80
[  619.410926][T17751]  ? trace_irq_disable+0x3b/0x140
[  619.410946][T17751]  ? clear_bhb_loop+0x40/0x90
[  619.410966][T17751]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  619.410983][T17751] RIP: 0033:0x7f7722f9c819
[  619.410999][T17751] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  619.411015][T17751] RSP: 002b:00007f7723e0c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  619.411033][T17751] RAX: ffffffffffffffda RBX: 00007f7723215fa0 RCX: 00007f7722f9c819
[  619.411046][T17751] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  619.411057][T17751] RBP: 00007f7723e0c090 R08: 0000000000000000 R09: 0000000000000000
[  619.411067][T17751] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  619.411077][T17751] R13: 00007f7723216038 R14: 00007f7723215fa0 R15: 00007fff06fbe1e8
[  619.411107][T17751]  </TASK>
[  619.796852][T17755] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  620.023122][T17771] netlink: 'syz.2.2460': attribute type 72 has an invalid length.
[  620.208338][ T5942] usb 4-1: new high-speed USB device number 124 using dummy_hcd
[  620.359003][ T5942] usb 4-1: device descriptor read/64, error -71
[  620.409663][T17801] netlink: 'syz.4.2464': attribute type 13 has an invalid length.
[  620.608246][ T5942] usb 4-1: new high-speed USB device number 125 using dummy_hcd
[  620.748256][ T5942] usb 4-1: device descriptor read/64, error -71
[  620.858618][ T5942] usb usb4-port1: attempt power cycle
[  620.872851][T17831] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.2470'.
[  621.048327][    T9] usb 1-1: new high-speed USB device number 127 using dummy_hcd
[  621.198469][    T9] usb 1-1: Using ep0 maxpacket: 16
[  621.207605][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  621.218167][ T5942] usb 4-1: new high-speed USB device number 126 using dummy_hcd
[  621.227460][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  621.241214][    T9] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  621.249871][ T5942] usb 4-1: device descriptor read/8, error -71
[  621.251674][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  621.267053][    T9] usb 1-1: config 0 descriptor??
[  621.277252][    T9] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  621.339770][   T42] IPVS: starting estimator thread 0...
[  621.428132][T17852] IPVS: using max 55 ests per chain, 132000 per kthread
[  621.508166][ T5942] usb 4-1: new high-speed USB device number 127 using dummy_hcd
[  621.527564][T17822] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  621.537307][T17822] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  621.539413][ T5942] usb 4-1: device descriptor read/8, error -71
[  621.550754][T17822] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  621.561551][T17822] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  621.582792][T17822] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  621.592104][T17822] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  621.609390][   T42] usb 5-1: new high-speed USB device number 79 using dummy_hcd
[  621.668699][ T5942] usb usb4-port1: unable to enumerate USB device
[  621.768113][   T42] usb 5-1: Using ep0 maxpacket: 8
[  621.775204][   T42] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  621.783609][   T42] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  621.796739][   T42] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xAF, changing to 0x8F
[  621.811726][   T42] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  621.822556][   T42] usb 5-1: config 168 interface 0 altsetting 0 bulk endpoint 0x8F has invalid maxpacket 0
[  621.834855][   T42] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  621.848538][   T42] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  621.872168][   T42] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xAF, changing to 0x8F
[  621.884398][   T42] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  621.895733][   T42] usb 5-1: config 168 interface 0 altsetting 0 bulk endpoint 0x8F has invalid maxpacket 0
[  621.925548][   T42] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  621.933715][   T42] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  621.953966][   T42] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xAF, changing to 0x8F
[  621.975179][   T42] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  621.987393][   T42] usb 5-1: config 168 interface 0 altsetting 0 bulk endpoint 0x8F has invalid maxpacket 0
[  622.000858][   T42] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=f0.6e
[  622.015628][   T42] usb 5-1: New USB device strings: Mfr=98, Product=201, SerialNumber=71
[  622.025320][   T42] usb 5-1: Product: syz
[  622.032815][   T42] usb 5-1: Manufacturer: syz
[  622.038576][   T42] usb 5-1: SerialNumber: syz
[  623.003875][T17881] tipc: Started in network mode
[  623.020067][T17881] tipc: Node identity 1a3f963c79b5, cluster identity 4711
[  623.051481][T17881] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  623.254975][T17885] syzkaller0: entered promiscuous mode
[  623.271799][T17885] syzkaller0: entered allmulticast mode
[  623.286814][T17885] tipc: Resetting bearer <eth:syzkaller0>
[  623.318370][T17880] tipc: Resetting bearer <eth:syzkaller0>
[  623.985682][    T9] usb 1-1: USB disconnect, device number 127
[  624.166828][T17900] netlink: 1752 bytes leftover after parsing attributes in process `syz.0.2479'.
[  624.222453][   T42] adutux 5-1:168.0: interrupt endpoints not found
[  624.305019][   T42] usb 5-1: USB disconnect, device number 79
[  624.484103][ T1315] ieee802154 phy0 wpan0: encryption failed: -22
[  624.492626][ T1315] ieee802154 phy1 wpan1: encryption failed: -22
[  624.674017][   T42] usb 5-1: new high-speed USB device number 80 using dummy_hcd
[  624.902236][   T42] usb 5-1: config 9 has an invalid interface number: 174 but max is 1
[  624.910852][   T42] usb 5-1: config 9 has an invalid interface number: 105 but max is 1
[  624.919804][   T42] usb 5-1: config 9 has no interface number 0
[  624.926534][   T42] usb 5-1: config 9 has no interface number 1
[  624.933927][   T42] usb 5-1: config 9 interface 174 altsetting 14 endpoint 0x2 has invalid maxpacket 1024, setting to 64
[  624.945474][   T42] usb 5-1: config 9 interface 174 altsetting 14 endpoint 0xF has invalid maxpacket 1024, setting to 64
[  624.957927][   T42] usb 5-1: config 9 interface 174 altsetting 14 endpoint 0xE has invalid maxpacket 1023, setting to 64
[  624.992039][   T42] usb 5-1: config 9 interface 174 altsetting 14 has an invalid descriptor for endpoint zero, skipping
[  625.003191][   T42] usb 5-1: config 9 interface 174 altsetting 14 has a duplicate endpoint with address 0xF, skipping
[  625.014201][   T42] usb 5-1: config 9 interface 174 altsetting 14 endpoint 0x4 has invalid wMaxPacketSize 0
[  625.024601][   T42] usb 5-1: config 9 interface 174 altsetting 14 has an endpoint descriptor with address 0xB8, changing to 0x88
[  625.037499][   T42] usb 5-1: config 9 interface 174 altsetting 14 endpoint 0x88 has an invalid bInterval 160, changing to 11
[  625.049344][   T42] usb 5-1: config 9 interface 174 altsetting 14 endpoint 0x88 has invalid maxpacket 50210, setting to 1024
[  625.061751][   T42] usb 5-1: config 9 interface 174 altsetting 14 has a duplicate endpoint with address 0x8, skipping
[  625.073555][   T42] usb 5-1: config 9 interface 174 altsetting 14 has an invalid descriptor for endpoint zero, skipping
[  625.086778][   T42] usb 5-1: config 9 interface 174 altsetting 14 has a duplicate endpoint with address 0x8, skipping
[  625.100009][   T42] usb 5-1: config 9 interface 174 altsetting 14 has an endpoint descriptor with address 0x48, changing to 0x8
[  625.112037][   T42] usb 5-1: config 9 interface 174 altsetting 14 has a duplicate endpoint with address 0x8, skipping
[  625.123666][   T42] usb 5-1: config 9 interface 174 altsetting 14 has a duplicate endpoint with address 0x4, skipping
[  625.135508][   T42] usb 5-1: config 9 interface 174 altsetting 14 has 15 endpoint descriptors, different from the interface descriptor's value: 14
[  625.150012][   T42] usb 5-1: config 9 interface 105 altsetting 4 has an invalid descriptor for endpoint zero, skipping
[  625.161093][   T42] usb 5-1: config 9 interface 105 altsetting 4 bulk endpoint 0x8 has invalid maxpacket 1024
[  625.171808][   T42] usb 5-1: config 9 interface 105 altsetting 4 has a duplicate endpoint with address 0x7, skipping
[  625.183228][   T42] usb 5-1: config 9 interface 105 altsetting 4 has a duplicate endpoint with address 0x5, skipping
[  625.194549][   T42] usb 5-1: config 9 interface 105 altsetting 4 has a duplicate endpoint with address 0xF, skipping
[  625.206253][   T42] usb 5-1: config 9 interface 105 altsetting 4 has a duplicate endpoint with address 0x6, skipping
[  625.218533][   T42] usb 5-1: config 9 interface 174 has no altsetting 0
[  625.225410][   T42] usb 5-1: config 9 interface 105 has no altsetting 0
[  625.236889][   T42] usb 5-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=e4.dd
[  625.246433][   T42] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  625.255774][   T42] usb 5-1: Product: ⋔풟鹧믞ፗ霌惜ǟ⼟毻썠왫篭꾋࿙ࡣ햌軗ꌪ嬢珎璟᷆Ꞣᄆ䋶븃獠ʷ㬤ဳ⒯쵡〴䄐䣸春夙瑯덦Ⓞנᦹ쒾ᙤ鮪实锰ৢ☨⻕ꡟ㨤⚃៺죁堥⛮똝寕맜톽怙涆曋馜祱鈫譆榺㍄࿕궇喓觸鴿ﾰ퍊⬻壄調擂繹߃顬⚈蔘栟ᇏ࣯⌒틄然ḽ雠鑳긁웷ံ樫
[  625.289305][   T42] usb 5-1: Manufacturer: 㠁
[  625.293925][   T42] usb 5-1: SerialNumber: ⤛ᱶ⎡䯦䛌䪥硆犿맽ζ讥晋狝됦㌧嘕ữ䃷❱翚轲쯦䏯䭥뗯켪딧ꝉ깽≄࢐僈볗땋쫤솠╿䞍칶ᛥ晆ˮ䡜䩀豠
[  625.315707][T17909] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  626.385078][    T9] usb 5-1: USB disconnect, device number 80
[  628.100360][T17880] tipc: Disabling bearer <eth:syzkaller0>
[  628.111761][ T5940] tipc: Node number set to 1670026812
[  628.837535][   T29] audit: type=1326 audit(1776085587.662:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17977 comm="syz.4.2492" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f7e96d9c819 code=0x0
[  628.888239][    T9] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  629.049895][    T9] usb 1-1: config 0 interface 0 has no altsetting 0
[  629.056964][    T9] usb 1-1: New USB device found, idVendor=0079, idProduct=1846, bcdDevice= 0.00
[  629.066329][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  629.077155][    T9] usb 1-1: config 0 descriptor??
[  629.149727][T17988] netlink: 1752 bytes leftover after parsing attributes in process `syz.2.2493'.
[  629.242387][T17992] FAULT_INJECTION: forcing a failure.
[  629.242387][T17992] name failslab, interval 1, probability 0, space 0, times 0
[  629.256337][T17992] CPU: 1 UID: 0 PID: 17992 Comm: syz.2.2495 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  629.256365][T17992] Tainted: [L]=SOFTLOCKUP
[  629.256373][T17992] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  629.256384][T17992] Call Trace:
[  629.256391][T17992]  <TASK>
[  629.256400][T17992]  dump_stack_lvl+0xe8/0x150
[  629.256431][T17992]  should_fail_ex+0x412/0x560
[  629.256457][T17992]  should_failslab+0xa8/0x100
[  629.256476][T17992]  ? prepare_creds+0x30/0x820
[  629.256498][T17992]  kmem_cache_alloc_noprof+0x87/0x650
[  629.256531][T17992]  prepare_creds+0x30/0x820
[  629.256554][T17992]  lookup_user_key+0x319/0x1170
[  629.256574][T17992]  ? __might_fault+0xaf/0x130
[  629.256592][T17992]  ? __pfx_lookup_user_key+0x10/0x10
[  629.256609][T17992]  ? __pfx_lookup_user_key_possessed+0x10/0x10
[  629.256635][T17992]  ? _copy_from_user+0x94/0xb0
[  629.256653][T17992]  ? memdup_user+0x99/0xd0
[  629.256676][T17992]  __se_sys_request_key+0x22b/0x350
[  629.256702][T17992]  ? __pfx___se_sys_request_key+0x10/0x10
[  629.256722][T17992]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  629.256734][T17992]  do_syscall_64+0x15f/0xf80
[  629.256751][T17992]  ? trace_irq_disable+0x3b/0x140
[  629.256772][T17992]  ? clear_bhb_loop+0x40/0x90
[  629.256793][T17992]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  629.256810][T17992] RIP: 0033:0x7f22b4f9c819
[  629.256832][T17992] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  629.256845][T17992] RSP: 002b:00007f22b5e44028 EFLAGS: 00000246 ORIG_RAX: 00000000000000f9
[  629.256864][T17992] RAX: ffffffffffffffda RBX: 00007f22b5215fa0 RCX: 00007f22b4f9c819
[  629.256876][T17992] RDX: 0000000000000000 RSI: 0000200000001ffb RDI: 0000200000000040
[  629.256883][T17992] RBP: 00007f22b5e44090 R08: 0000000000000000 R09: 0000000000000000
[  629.256889][T17992] R10: fffffffffffffffe R11: 0000000000000246 R12: 0000000000000001
[  629.256895][T17992] R13: 00007f22b5216038 R14: 00007f22b5215fa0 R15: 00007ffebd7954d8
[  629.256916][T17992]  </TASK>
[  629.676604][    T9] hid_mf 0003:0079:1846.0018: unknown main item tag 0x0
[  629.699616][    T9] hid_mf 0003:0079:1846.0018: unknown main item tag 0x0
[  629.707742][    T9] hid_mf 0003:0079:1846.0018: unknown main item tag 0x0
[  629.738581][T18006] FAULT_INJECTION: forcing a failure.
[  629.738581][T18006] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  629.741152][    T9] hid_mf 0003:0079:1846.0018: unknown main item tag 0x0
[  629.753666][T18006] CPU: 1 UID: 0 PID: 18006 Comm: syz.4.2499 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  629.753693][T18006] Tainted: [L]=SOFTLOCKUP
[  629.753700][T18006] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  629.753711][T18006] Call Trace:
[  629.753719][T18006]  <TASK>
[  629.753726][T18006]  dump_stack_lvl+0xe8/0x150
[  629.753757][T18006]  should_fail_ex+0x412/0x560
[  629.753785][T18006]  _copy_to_user+0x31/0xb0
[  629.753804][T18006]  simple_read_from_buffer+0xe1/0x170
[  629.753836][T18006]  proc_fail_nth_read+0x1bb/0x230
[  629.753862][T18006]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  629.753887][T18006]  ? rw_verify_area+0x2a6/0x4d0
[  629.753911][T18006]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  629.753935][T18006]  vfs_read+0x20c/0xa70
[  629.753958][T18006]  ? fdget_pos+0x246/0x320
[  629.753983][T18006]  ? __pfx___mutex_lock+0x10/0x10
[  629.754006][T18006]  ? __pfx_vfs_read+0x10/0x10
[  629.754031][T18006]  ? __fget_files+0x2a/0x420
[  629.754056][T18006]  ? __fget_files+0x3a0/0x420
[  629.754076][T18006]  ? __fget_files+0x2a/0x420
[  629.754104][T18006]  ksys_read+0x150/0x270
[  629.754130][T18006]  ? __pfx_ksys_read+0x10/0x10
[  629.754153][T18006]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  629.754173][T18006]  do_syscall_64+0x15f/0xf80
[  629.754196][T18006]  ? clear_bhb_loop+0x40/0x90
[  629.754217][T18006]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  629.754234][T18006] RIP: 0033:0x7f7e96d5d04e
[  629.754250][T18006] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[  629.754264][T18006] RSP: 002b:00007f7e97c16fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  629.754282][T18006] RAX: ffffffffffffffda RBX: 00007f7e97c176c0 RCX: 00007f7e96d5d04e
[  629.754295][T18006] RDX: 000000000000000f RSI: 00007f7e97c170a0 RDI: 0000000000000004
[  629.754305][T18006] RBP: 00007f7e97c17090 R08: 0000000000000000 R09: 0000000000000000
[  629.754315][T18006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  629.754325][T18006] R13: 00007f7e97016038 R14: 00007f7e97015fa0 R15: 00007ffd1944aef8
[  629.754353][T18006]  </TASK>
[  629.986144][    T9] hid_mf 0003:0079:1846.0018: unknown main item tag 0x0
[  629.993861][    T9] hid_mf 0003:0079:1846.0018: unknown main item tag 0x0
[  630.001495][    T9] hid_mf 0003:0079:1846.0018: unknown main item tag 0x0
[  630.017254][    T9] hid_mf 0003:0079:1846.0018: unknown main item tag 0x0
[  630.025475][    T9] hid_mf 0003:0079:1846.0018: unknown main item tag 0x0
[  630.033082][    T9] hid_mf 0003:0079:1846.0018: unknown main item tag 0x0
[  630.046082][    T9] hid_mf 0003:0079:1846.0018: hidraw0: USB HID v0.00 Device [HID 0079:1846] on usb-dummy_hcd.0-1/input0
[  630.070830][    T9] hid_mf 0003:0079:1846.0018: Force feedback for HJZ Mayflash game controller adapters by Marcel Hasler <mahasler@gmail.com>
[  630.092997][    T9] usb 1-1: USB disconnect, device number 2
[  630.175146][T18020] fido_id[18020]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  630.335014][T18049] netlink: 144 bytes leftover after parsing attributes in process `syz.4.2504'.
[  630.410887][T18052] netlink: 1688 bytes leftover after parsing attributes in process `syz.4.2505'.
[  630.525654][T18061] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  630.538255][   T42] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  630.700151][   T42] usb 4-1: config 1 has an invalid interface number: 36 but max is 0
[  630.708945][   T42] usb 4-1: config 1 has no interface number 0
[  630.715933][   T42] usb 4-1: config 1 interface 36 has no altsetting 0
[  630.727901][   T42] usb 4-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=cc.2f
[  630.742537][   T42] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  630.751054][   T42] usb 4-1: Product: syz
[  630.755620][   T42] usb 4-1: Manufacturer: syz
[  630.760797][   T42] usb 4-1: SerialNumber: syz
[  630.857840][T18075] FAULT_INJECTION: forcing a failure.
[  630.857840][T18075] name failslab, interval 1, probability 0, space 0, times 0
[  630.887128][T18075] CPU: 0 UID: 0 PID: 18075 Comm: syz.0.2510 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  630.887158][T18075] Tainted: [L]=SOFTLOCKUP
[  630.887165][T18075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  630.887176][T18075] Call Trace:
[  630.887183][T18075]  <TASK>
[  630.887191][T18075]  dump_stack_lvl+0xe8/0x150
[  630.887223][T18075]  should_fail_ex+0x412/0x560
[  630.887253][T18075]  should_failslab+0xa8/0x100
[  630.887284][T18075]  kmem_cache_alloc_node_noprof+0x8f/0x690
[  630.887312][T18075]  ? dup_task_struct+0x52/0x840
[  630.887342][T18075]  dup_task_struct+0x52/0x840
[  630.887364][T18075]  ? _raw_spin_unlock_irq+0x23/0x50
[  630.887390][T18075]  copy_process+0x89b/0x4430
[  630.887443][T18075]  ? __pfx_copy_process+0x10/0x10
[  630.887476][T18075]  ? mutex_init_lockdep+0xdf/0x110
[  630.887497][T18075]  vhost_task_create+0x1f9/0x380
[  630.887518][T18075]  ? __pfx_kvm_nx_huge_page_recovery_worker+0x10/0x10
[  630.887538][T18075]  ? __pfx_kvm_nx_huge_page_recovery_worker_kill+0x10/0x10
[  630.887559][T18075]  ? __pfx_vhost_task_create+0x10/0x10
[  630.887584][T18075]  ? __pfx_vhost_task_fn+0x10/0x10
[  630.887607][T18075]  ? __lock_acquire+0x6b5/0x2cf0
[  630.887631][T18075]  ? kasan_save_track+0x4f/0x80
[  630.887655][T18075]  ? kasan_save_track+0x3e/0x80
[  630.887676][T18075]  ? kasan_save_free_info+0x46/0x50
[  630.887696][T18075]  ? __kasan_slab_free+0x5c/0x80
[  630.887710][T18075]  ? kfree+0x1c5/0x640
[  630.887735][T18075]  kvm_mmu_post_init_vm+0x147/0x2d0
[  630.887759][T18075]  kvm_arch_vcpu_ioctl_run+0x106/0x20d0
[  630.887789][T18075]  ? __mutex_trylock_common+0x158/0x260
[  630.887809][T18075]  ? look_up_lock_class+0x57/0x110
[  630.887833][T18075]  ? register_lock_class+0x31/0x2e0
[  630.887856][T18075]  ? __pfx_kvm_arch_vcpu_ioctl_run+0x10/0x10
[  630.887881][T18075]  ? __lock_acquire+0x6b5/0x2cf0
[  630.887907][T18075]  ? __mutex_lock+0x320/0x1420
[  630.887937][T18075]  ? kasan_quarantine_put+0xbb/0x1f0
[  630.887975][T18075]  ? do_raw_write_lock+0x11d/0x260
[  630.888012][T18075]  kvm_vcpu_ioctl+0xa62/0xfd0
[  630.888037][T18075]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  630.888052][T18075]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  630.888093][T18075]  ? __fget_files+0x2a/0x420
[  630.888118][T18075]  ? __fget_files+0x2a/0x420
[  630.888139][T18075]  ? __fget_files+0x3a0/0x420
[  630.888160][T18075]  ? __fget_files+0x2a/0x420
[  630.888185][T18075]  ? bpf_lsm_file_ioctl+0x9/0x20
[  630.888205][T18075]  ? __pfx_kvm_vcpu_ioctl+0x10/0x10
[  630.888224][T18075]  __se_sys_ioctl+0xfc/0x170
[  630.888243][T18075]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  630.888263][T18075]  do_syscall_64+0x15f/0xf80
[  630.888293][T18075]  ? clear_bhb_loop+0x40/0x90
[  630.888315][T18075]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  630.888332][T18075] RIP: 0033:0x7f7722f9c819
[  630.888350][T18075] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  630.888364][T18075] RSP: 002b:00007f7723e0c028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  630.888383][T18075] RAX: ffffffffffffffda RBX: 00007f7723215fa0 RCX: 00007f7722f9c819
[  630.888396][T18075] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000008
[  630.888408][T18075] RBP: 00007f7723e0c090 R08: 0000000000000000 R09: 0000000000000000
[  630.888419][T18075] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  630.888430][T18075] R13: 00007f7723216038 R14: 00007f7723215fa0 R15: 00007fff06fbe1e8
[  630.888461][T18075]  </TASK>
[  633.275617][T18038] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  633.324335][   T42] redrat3 4-1:1.36: Couldn't find all endpoints
[  633.357422][   T42] usb 4-1: USB disconnect, device number 2
[  633.521919][T18125] FAULT_INJECTION: forcing a failure.
[  633.521919][T18125] name failslab, interval 1, probability 0, space 0, times 0
[  633.562537][T18125] CPU: 0 UID: 0 PID: 18125 Comm: syz.2.2518 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  633.562564][T18125] Tainted: [L]=SOFTLOCKUP
[  633.562571][T18125] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  633.562581][T18125] Call Trace:
[  633.562589][T18125]  <TASK>
[  633.562597][T18125]  dump_stack_lvl+0xe8/0x150
[  633.562626][T18125]  should_fail_ex+0x412/0x560
[  633.562655][T18125]  should_failslab+0xa8/0x100
[  633.562673][T18125]  __kmalloc_cache_noprof+0x88/0x660
[  633.562700][T18125]  ? snd_pcm_oss_change_params_locked+0x1ae/0x3e00
[  633.562727][T18125]  ? __kmalloc_cache_noprof+0x15b/0x660
[  633.562754][T18125]  snd_pcm_oss_change_params_locked+0x1ae/0x3e00
[  633.562783][T18125]  ? __pfx___mutex_trylock_common+0x10/0x10
[  633.562815][T18125]  ? rcu_is_watching+0x15/0xb0
[  633.562838][T18125]  ? trace_contention_end+0x3d/0x140
[  633.562859][T18125]  ? __mutex_lock+0x320/0x1420
[  633.562891][T18125]  ? kstrtoull+0x12f/0x1d0
[  633.562910][T18125]  ? __pfx_snd_pcm_oss_change_params_locked+0x10/0x10
[  633.562936][T18125]  ? __pfx_aa_file_perm+0x10/0x10
[  633.562956][T18125]  ? __pfx___mutex_lock+0x10/0x10
[  633.562994][T18125]  snd_pcm_oss_write+0x27c/0xbd0
[  633.563030][T18125]  ? __pfx_snd_pcm_oss_write+0x10/0x10
[  633.563055][T18125]  vfs_write+0x29a/0xb90
[  633.563081][T18125]  ? __pfx_vfs_write+0x10/0x10
[  633.563098][T18125]  ? __fget_files+0x2a/0x420
[  633.563123][T18125]  ? __fget_files+0x2a/0x420
[  633.563143][T18125]  ? __fget_files+0x3a0/0x420
[  633.563163][T18125]  ? __fget_files+0x2a/0x420
[  633.563192][T18125]  ksys_write+0x150/0x270
[  633.563212][T18125]  ? __pfx_ksys_write+0x10/0x10
[  633.563237][T18125]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  633.563257][T18125]  do_syscall_64+0x15f/0xf80
[  633.563279][T18125]  ? trace_irq_disable+0x3b/0x140
[  633.563301][T18125]  ? clear_bhb_loop+0x40/0x90
[  633.563322][T18125]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  633.563340][T18125] RIP: 0033:0x7f22b4f9c819
[  633.563356][T18125] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  633.563371][T18125] RSP: 002b:00007f22b5e23028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  633.563390][T18125] RAX: ffffffffffffffda RBX: 00007f22b5216090 RCX: 00007f22b4f9c819
[  633.563406][T18125] RDX: 0000000000004000 RSI: 00002000000012c0 RDI: 0000000000000003
[  633.563418][T18125] RBP: 00007f22b5e23090 R08: 0000000000000000 R09: 0000000000000000
[  633.563429][T18125] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  633.563452][T18125] R13: 00007f22b5216128 R14: 00007f22b5216090 R15: 00007ffebd7954d8
[  633.563481][T18125]  </TASK>
[  634.037439][T18146] FAULT_INJECTION: forcing a failure.
[  634.037439][T18146] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  634.052218][T18146] CPU: 0 UID: 0 PID: 18146 Comm: syz.0.2524 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  634.052246][T18146] Tainted: [L]=SOFTLOCKUP
[  634.052253][T18146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  634.052264][T18146] Call Trace:
[  634.052271][T18146]  <TASK>
[  634.052279][T18146]  dump_stack_lvl+0xe8/0x150
[  634.052310][T18146]  should_fail_ex+0x412/0x560
[  634.052349][T18146]  _copy_from_user+0x2d/0xb0
[  634.052366][T18146]  ___sys_recvmsg+0x175/0x590
[  634.052393][T18146]  ? __pfx____sys_recvmsg+0x10/0x10
[  634.052419][T18146]  ? __fget_files+0x2a/0x420
[  634.052470][T18146]  do_recvmmsg+0x334/0x800
[  634.052499][T18146]  ? __pfx_do_recvmmsg+0x10/0x10
[  634.052532][T18146]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  634.052572][T18146]  __x64_sys_recvmmsg+0x198/0x250
[  634.052597][T18146]  ? __pfx___x64_sys_recvmmsg+0x10/0x10
[  634.052628][T18146]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.052648][T18146]  do_syscall_64+0x15f/0xf80
[  634.052670][T18146]  ? trace_irq_disable+0x3b/0x140
[  634.052698][T18146]  ? clear_bhb_loop+0x40/0x90
[  634.052721][T18146]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  634.052738][T18146] RIP: 0033:0x7f7722f9c819
[  634.052756][T18146] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  634.052770][T18146] RSP: 002b:00007f7723deb028 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  634.052797][T18146] RAX: ffffffffffffffda RBX: 00007f7723216090 RCX: 00007f7722f9c819
[  634.052810][T18146] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000003
[  634.052821][T18146] RBP: 00007f7723deb090 R08: 0000000000000000 R09: 0000000000000000
[  634.052832][T18146] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000001
[  634.052843][T18146] R13: 00007f7723216128 R14: 00007f7723216090 R15: 00007fff06fbe1e8
[  634.052872][T18146]  </TASK>
[  634.106762][T18148] netlink: 1688 bytes leftover after parsing attributes in process `syz.4.2525'.
[  634.316617][T18157] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2527'.
[  634.329062][   T42] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  634.368157][ T5907] usb 3-1: new full-speed USB device number 113 using dummy_hcd
[  634.490947][   T42] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  634.501646][   T42] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  634.514465][   T42] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  634.526017][   T42] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  634.536143][   T42] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  634.551206][   T42] usb 4-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  634.560866][   T42] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  634.569950][   T42] usb 4-1: Product: syz
[  634.574233][   T42] usb 4-1: Manufacturer: syz
[  634.578944][   T42] usb 4-1: SerialNumber: syz
[  634.585305][ T5907] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  634.596885][ T5907] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  634.599991][   T42] usb 4-1: config 0 descriptor??
[  634.608943][ T5907] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 9
[  634.628708][ T5907] usb 3-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.00
[  634.637980][ T5907] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  634.649928][ T5907] usb 3-1: config 0 descriptor??
[  634.663809][T18151] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  634.671359][T18151] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  634.678713][    T9] usb 5-1: new high-speed USB device number 81 using dummy_hcd
[  634.830690][T18140] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  634.850928][    T9] usb 5-1: config 1 has an invalid interface number: 36 but max is 0
[  634.855960][T18140] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  634.868826][    T9] usb 5-1: config 1 has no interface number 0
[  634.876440][    T9] usb 5-1: config 1 interface 36 has no altsetting 0
[  634.895738][   T42] radio-si470x 4-1:0.0: DeviceID=0x0000 ChipID=0x0000
[  634.905153][   T42] radio-si470x 4-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[  634.931220][    T9] usb 5-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=cc.2f
[  634.947501][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  634.979811][    T9] usb 5-1: Product: syz
[  634.994331][    T9] usb 5-1: Manufacturer: syz
[  635.008694][    T9] usb 5-1: SerialNumber: syz
[  635.099006][T18140] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  635.110284][ T5907] keytouch 0003:0926:3333.0019: fixing up Keytouch IEC report descriptor
[  635.128888][T18140] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  635.154707][ T5907] input: HID 0926:3333 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:0926:3333.0019/input/input55
[  635.158897][   T42] radio-si470x 4-1:0.0: software version 0, hardware version 0
[  635.202025][   T42] radio-si470x 4-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[  635.234928][   T42] radio-si470x 4-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[  635.249894][ T5162] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  635.266476][ T5162] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  635.277759][ T5162] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  635.295993][ T5162] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  635.306498][ T5162] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  635.357404][   T42] radio-si470x 4-1:0.0: submitting int urb failed (-90)
[  635.425166][ T5907] keytouch 0003:0926:3333.0019: input,hidraw0: USB HID v0.20 Keyboard [HID 0926:3333] on usb-dummy_hcd.2-1/input0
[  635.444414][ T5907] usb 3-1: USB disconnect, device number 113
[  635.668820][T18220] fido_id[18220]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  636.114949][T18251] kAFS: No cell specified
[  636.228390][   T42] radio-si470x 4-1:0.0: si470x_set_report: usb_control_msg returned -110
[  636.249389][   T42] radio-si470x 4-1:0.0: probe with driver radio-si470x failed with error -22
[  636.305143][T18181] chnl_net:caif_netlink_parms(): no params data found
[  636.378542][ T5940] usb 3-1: new low-speed USB device number 114 using dummy_hcd
[  636.493846][T18181] bridge0: port 1(bridge_slave_0) entered blocking state
[  636.503748][T18181] bridge0: port 1(bridge_slave_0) entered disabled state
[  636.512606][T18181] bridge_slave_0: entered allmulticast mode
[  636.519985][ T5940] usb 3-1: device descriptor read/64, error -71
[  636.531527][T18181] bridge_slave_0: entered promiscuous mode
[  636.540760][T18181] bridge0: port 2(bridge_slave_1) entered blocking state
[  636.548319][T18181] bridge0: port 2(bridge_slave_1) entered disabled state
[  636.555866][T18181] bridge_slave_1: entered allmulticast mode
[  636.566537][T18181] bridge_slave_1: entered promiscuous mode
[  636.620492][T18181] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  636.645187][T18181] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  636.699475][T18181] team0: Port device team_slave_0 added
[  636.710362][T18181] team0: Port device team_slave_1 added
[  636.758184][ T5940] usb 3-1: new low-speed USB device number 115 using dummy_hcd
[  636.814781][T10466] smc: removing ib device syz1
[  636.835244][T18181] batman_adv: batadv0: Adding interface: batadv_slave_0
[  636.842765][T18181] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  636.872243][T18181] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  636.886614][   T42] syz1: Port: 1 Link DOWN
[  636.895221][ T5940] usb 3-1: device descriptor read/64, error -71
[  636.907444][T18181] batman_adv: batadv0: Adding interface: batadv_slave_1
[  636.917325][T18181] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  636.945819][T18181] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  636.988496][T10466] smbdirect: ib_dev[syz1] removed
[  637.019393][ T5940] usb usb3-port1: attempt power cycle
[  637.119668][T18181] hsr_slave_0: entered promiscuous mode
[  637.129424][T18181] hsr_slave_1: entered promiscuous mode
[  637.137318][T18181] debugfs: 'hsr0' already exists in 'hsr'
[  637.144825][T18181] Cannot create hsr debugfs directory
[  637.358788][ T5844] Bluetooth: hci1: command tx timeout
[  637.368102][ T5940] usb 3-1: new low-speed USB device number 116 using dummy_hcd
[  637.380248][T18160] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  637.409081][ T5940] usb 3-1: device descriptor read/8, error -71
[  637.532124][    T9] redrat3 5-1:1.36: Couldn't find all endpoints
[  637.557092][ T5907] usb 4-1: USB disconnect, device number 3
[  637.592773][    T9] usb 5-1: USB disconnect, device number 81
[  637.668530][ T5940] usb 3-1: new low-speed USB device number 117 using dummy_hcd
[  637.698873][ T5940] usb 3-1: device descriptor read/8, error -71
[  637.829566][ T5940] usb usb3-port1: unable to enumerate USB device
[  638.120648][T18181] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  638.182124][ T5940] usb 5-1: new high-speed USB device number 82 using dummy_hcd
[  638.378360][ T5940] usb 5-1: Using ep0 maxpacket: 8
[  638.416699][ T5940] usb 5-1: unable to get BOS descriptor or descriptor too short
[  638.435223][ T5940] usb 5-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=67.16
[  638.452507][ T5940] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  638.466414][T18181] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  638.474784][ T5940] usb 5-1: Product: syz
[  638.498872][ T5940] usb 5-1: Manufacturer: syz
[  638.509265][ T5940] usb 5-1: SerialNumber: syz
[  638.630827][T18181] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  638.743717][ T5940] legousbtower 5-1:6.0: interrupt endpoints not found
[  638.781010][ T5940] usb 5-1: USB disconnect, device number 82
[  638.826985][T18181] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  638.844425][T18537] netlink: 'syz.3.2535': attribute type 72 has an invalid length.
[  639.003410][   T49] bridge_slave_1: left allmulticast mode
[  639.025358][   T49] bridge_slave_1: left promiscuous mode
[  639.034252][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  639.059415][   T49] bridge_slave_0: left allmulticast mode
[  639.078132][   T49] bridge_slave_0: left promiscuous mode
[  639.095677][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  639.172370][T10466] ==================================================================
[  639.180570][T10466] BUG: KASAN: invalid-free in gid_table_release_one+0x384/0x470
[  639.188639][T10466] Free of addr ffff8880575d80d8 by task kworker/u8:0/10466
[  639.195857][T10466] 
[  639.198190][T10466] CPU: 0 UID: 0 PID: 10466 Comm: kworker/u8:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  639.198211][T10466] Tainted: [L]=SOFTLOCKUP
[  639.198217][T10466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  639.198226][T10466] Workqueue: ib-unreg-wq ib_unregister_work
[  639.198248][T10466] Call Trace:
[  639.198254][T10466]  <TASK>
[  639.198260][T10466]  dump_stack_lvl+0xe8/0x150
[  639.198280][T10466]  print_address_description+0x55/0x1e0
[  639.198302][T10466]  print_report+0x58/0x70
[  639.198317][T10466]  ? gid_table_release_one+0x384/0x470
[  639.198332][T10466]  kasan_report_invalid_free+0xea/0x110
[  639.198348][T10466]  ? gid_table_release_one+0x384/0x470
[  639.198364][T10466]  free_large_kmalloc+0x3c/0x110
[  639.198378][T10466]  gid_table_release_one+0x384/0x470
[  639.198396][T10466]  ib_device_release+0xd2/0x1c0
[  639.198416][T10466]  ? __pfx_ib_device_release+0x10/0x10
[  639.198434][T10466]  device_release+0xc4/0x1f0
[  639.198449][T10466]  kobject_put+0x228/0x560
[  639.198469][T10466]  ? process_scheduled_works+0xa70/0x1860
[  639.198491][T10466]  process_scheduled_works+0xb5d/0x1860
[  639.198519][T10466]  ? __pfx_process_scheduled_works+0x10/0x10
[  639.198539][T10466]  ? assign_work+0x3d5/0x5e0
[  639.198557][T10466]  worker_thread+0xa53/0xfc0
[  639.198583][T10466]  kthread+0x388/0x470
[  639.198598][T10466]  ? __pfx_worker_thread+0x10/0x10
[  639.198615][T10466]  ? __pfx_kthread+0x10/0x10
[  639.198630][T10466]  ret_from_fork+0x514/0xb70
[  639.198650][T10466]  ? __pfx_ret_from_fork+0x10/0x10
[  639.198667][T10466]  ? __switch_to+0xc79/0x1410
[  639.198683][T10466]  ? __pfx_kthread+0x10/0x10
[  639.198697][T10466]  ret_from_fork_asm+0x1a/0x30
[  639.198715][T10466]  </TASK>
[  639.198720][T10466] 
[  639.367860][T10466] The buggy address belongs to the physical page:
[  639.374535][T10466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff8880575d8d80 pfn:0x575d8
[  639.384678][T10466] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  639.393343][T10466] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  639.400976][T10466] page_type: f8(unknown)
[  639.405301][T10466] raw: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  639.414333][T10466] raw: ffff8880575d8d80 0000000000000000 00000000f8000000 0000000000000000
[  639.423105][T10466] head: 00fff00000000040 0000000000000000 dead000000000122 0000000000000000
[  639.431773][T10466] head: ffff8880575d8d80 0000000000000000 00000000f8000000 0000000000000000
[  639.440525][T10466] head: 00fff00000000002 ffffffffffffff01 00000000ffffffff 00000000ffffffff
[  639.449534][T10466] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  639.458363][T10466] page dumped because: kasan: bad access detected
[  639.464767][T10466] page_owner tracks the page as allocated
[  639.470658][T10466] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x40dc0(GFP_KERNEL|__GFP_ZERO|__GFP_COMP), pid 9229, tgid 9228 (syz.0.1121), ts 283681731042, free_ts 283612603893
[  639.489054][T10466]  post_alloc_hook+0x231/0x280
[  639.494263][T10466]  get_page_from_freelist+0x24ba/0x2540
[  639.499892][T10466]  __alloc_frozen_pages_noprof+0x18d/0x380
[  639.505797][T10466]  alloc_pages_mpol+0x235/0x490
[  639.511172][T10466]  ___kmalloc_large_node+0x4e/0x120
[  639.516970][T10466]  __kmalloc_large_node_noprof+0x18/0x90
[  639.522805][T10466]  __kmalloc_noprof+0x3e8/0x760
[  639.527789][T10466]  ib_cache_setup_one+0x198/0x570
[  639.532822][T10466]  ib_register_device+0xfbd/0x13e0
[  639.538394][T10466]  rxe_register_device+0x1e3/0x350
[  639.543555][T10466]  rxe_net_add+0x81/0x110
[  639.548176][T10466]  rxe_newlink+0xf4/0x1c0
[  639.552509][T10466]  nldev_newlink+0x5bc/0x650
[  639.557207][T10466]  rdma_nl_rcv+0x6d1/0xa10
[  639.561894][T10466]  netlink_unicast+0x80f/0x9b0
[  639.566660][T10466]  netlink_sendmsg+0x813/0xb40
[  639.571505][T10466] page last free pid 5212 tgid 5212 stack trace:
[  639.577819][T10466]  __free_frozen_pages+0xbc7/0xd30
[  639.582943][T10466]  __slab_free+0x274/0x2c0
[  639.587641][T10466]  qlist_free_all+0x99/0x100
[  639.592302][T10466]  kasan_quarantine_reduce+0x148/0x160
[  639.597845][T10466]  __kasan_slab_alloc+0x22/0x80
[  639.604703][T10466]  kmem_cache_alloc_noprof+0x2bc/0x650
[  639.610161][T10466]  do_getname+0x2e/0x250
[  639.614494][T10466]  do_sys_openat2+0xca/0x200
[  639.619279][T10466]  __x64_sys_openat+0x138/0x170
[  639.624634][T10466]  do_syscall_64+0x15f/0xf80
[  639.629237][T10466]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  639.635395][T10466] 
[  639.637731][T10466] Memory state around the buggy address:
[  639.643475][T10466]  ffff8880575d7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  639.651861][T10466]  ffff8880575d8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  639.660367][T10466] >ffff8880575d8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  639.668593][T10466]                                                     ^
[  639.675686][T10466]  ffff8880575d8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  639.684460][T10466]  ffff8880575d8180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  639.692704][T10466] ==================================================================
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  639.740939][ T5844] Bluetooth: hci1: command tx timeout
[  639.786618][T10466] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  639.794086][T10466] CPU: 0 UID: 0 PID: 10466 Comm: kworker/u8:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  639.805490][T10466] Tainted: [L]=SOFTLOCKUP
[  639.809920][T10466] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/18/2026
[  639.820179][T10466] Workqueue: ib-unreg-wq ib_unregister_work
[  639.826465][T10466] Call Trace:
[  639.830006][T10466]  <TASK>
[  639.832927][T10466]  vpanic+0x56c/0xa60
[  639.836901][T10466]  ? __pfx_vpanic+0x10/0x10
[  639.841483][T10466]  ? __pfx___schedule+0x10/0x10
[  639.846597][T10466]  panic+0xc5/0xd0
[  639.850399][T10466]  ? __pfx_panic+0x10/0x10
[  639.855011][T10466]  ? preempt_schedule_common+0x82/0xd0
[  639.860463][T10466]  check_panic_on_warn+0x89/0xb0
[  639.865485][T10466]  end_report+0x73/0x170
[  639.869807][T10466]  ? gid_table_release_one+0x384/0x470
[  639.875525][T10466]  kasan_report_invalid_free+0xfa/0x110
[  639.881478][T10466]  ? gid_table_release_one+0x384/0x470
[  639.887037][T10466]  free_large_kmalloc+0x3c/0x110
[  639.892051][T10466]  gid_table_release_one+0x384/0x470
[  639.897359][T10466]  ib_device_release+0xd2/0x1c0
[  639.902602][T10466]  ? __pfx_ib_device_release+0x10/0x10
[  639.908348][T10466]  device_release+0xc4/0x1f0
[  639.913026][T10466]  kobject_put+0x228/0x560
[  639.917631][T10466]  ? process_scheduled_works+0xa70/0x1860
[  639.923896][T10466]  process_scheduled_works+0xb5d/0x1860
[  639.929577][T10466]  ? __pfx_process_scheduled_works+0x10/0x10
[  639.935990][T10466]  ? assign_work+0x3d5/0x5e0
[  639.940664][T10466]  worker_thread+0xa53/0xfc0
[  639.945919][T10466]  kthread+0x388/0x470
[  639.950014][T10466]  ? __pfx_worker_thread+0x10/0x10
[  639.955312][T10466]  ? __pfx_kthread+0x10/0x10
[  639.959921][T10466]  ret_from_fork+0x514/0xb70
[  639.964511][T10466]  ? __pfx_ret_from_fork+0x10/0x10
[  639.969621][T10466]  ? __switch_to+0xc79/0x1410
[  639.974408][T10466]  ? __pfx_kthread+0x10/0x10
[  639.979357][T10466]  ret_from_fork_asm+0x1a/0x30
[  639.984219][T10466]  </TASK>
[  639.988837][T10466] Kernel Offset: disabled
[  639.996099][T10466] Rebooting in 86400 seconds..