last executing test programs:

56.475887475s ago: executing program 0 (id=1338):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$inet(0x2, 0x6, 0x7fffffff)
syz_io_uring_setup(0x4b6, &(0x7f0000000080)={0x0, 0x2361, 0x0, 0x2}, 0x0, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
socket$inet6(0xa, 0x2, 0x0)
socket$packet(0x11, 0x2, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7279, 0x0, 0x2, 0x316}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000380)={{{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@mcast2, 0x4e21, 0x5d62, 0x4e21, 0xf, 0xa, 0x20, 0xa0, 0x84, 0x0, 0xffffffffffffffff}, {0x81, 0x4, 0xffffffff, 0xfffffffffffffff0, 0xd8f0, 0x2, 0x6, 0x2}, {0x8, 0x207b, 0x100000000, 0x3ff}, 0x9207, 0x6e6bb7, 0x0, 0x1, 0x1}, {{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x4d4, 0x33}, 0x2, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x3506, 0x1, 0x0, 0x1, 0x2ed, 0x0, 0x3}}, 0xe8)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000180), 0xffffffffffffffff)
r4 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000340)={'batadv_slave_1\x00', <r5=>0x0})
newfstatat(0xffffffffffffff9c, &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, <r6=>0x0}, 0x2000)
setuid(r6)
setsockopt$inet6_mreq(r4, 0x29, 0x1b, &(0x7f0000000000)={@remote, r5}, 0x14)
close_range(r4, r4, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SIOCSIFMTU(0xffffffffffffffff, 0x8922, &(0x7f0000000300)={'veth0_macvtap\x00', 0x8})
ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0x10)
ioctl$TCFLSH(r7, 0x540b, 0x1)

55.834460258s ago: executing program 0 (id=1340):
socket$packet(0x11, 0x3, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000000300)=""/102376, 0x18fe8)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000180)=[@in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1f}}, @in6={0xa, 0x0, 0x0, @private0}, @in6={0xa, 0x0, 0x0, @private1}, @in6={0xa, 0x0, 0x0, @private1}], 0x64)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {}, [@IFLA_MTU={0x8, 0x4, 0x44}, @IFLA_GROUP={0x8}]}, 0x30}}, 0x0)

55.114704724s ago: executing program 0 (id=1344):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = fsopen(&(0x7f0000000000)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x3, 0x0, &(0x7f00000000c0)='3', 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r5 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r5, r6, 0x2, 0x2, 0x0, @void, @value}, 0x10)
socketpair(0xa, 0x1, 0x0, &(0x7f0000002d00))
r7 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)=ANY=[@ANYBLOB='@\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01000000000000000000020000000800", @ANYRES32=r8, @ANYBLOB="0c009985f2330fd547793c000800a0003a0900080500390104000000080026"], 0x40}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
r9 = socket$inet6(0xa, 0x40000080806, 0x0)
r10 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r10, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r10, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r10, 0x4040534e, &(0x7f0000000180)={0x77, @time={0x20000040, 0x5}, 0x0, {}, 0x0, 0x2})
connect$inet6(r9, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev={0xfe, 0x80, '\x00', 0x22}}, 0x1c)

54.32273607s ago: executing program 0 (id=1346):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00'}, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r3, &(0x7f00000002c0)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f0", @ANYRES32=r4, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000980)=@delchain={0x34, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r4, {0xfff1, 0xfff2}, {0xfff3, 0xffff}, {0x0, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TIOCMIWAIT(r5, 0x545c, 0x7cb7562f2d67)
ioctl$TIOCMSET(r5, 0x5418, &(0x7f0000000140)=0xfffffdfc)
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='blkio.bfq.time\x00', 0x26e1, 0x0)
close(r6)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0x6, 0xe, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7020000000d0000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000006f6400000000000045040400010000001704000001000a00b7040000ff0100006a0a00fe0000000085000000bd000000b70000000000000095000000000000009e17f199a68b06d83298a8cdc21ce784909b849d5550ad857d0454d8877a6db61d69f2ffcaa10350e11cb97c8adf1bc9a0c4eeceb9971e43405d621ffbc9ce000000d8ca56b50d0c010d631f6dde53a9a53608c10556e5734eb84049761451ce540c772e2d9f8004e26f7fcc059c062234d5595f6fbaa187b81d1106000000000fd60000fd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7e43c5cbd80450f859ce8122a79c3e40000b59b0fc46d6cec3c0802882add4e3179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3a32efa04137d4524847d2638da3261c8162bb7c7824be6195a66d2e17e122040e1100000000928612a29fc691e4f1f7bd053abb885f39381f1759410b1059f05684261f332d606834669b49ec99320ca7712d7e79bd5bf5ed818ecc7640917f6a559a47db608fcf9f6c131b84e41c354c66838f72b9e12d36e996f316f0812ca83efb30c7f6c6d57c4a64590401eec22523dd712c680013e87f649a1ede7142ca9d5d8a8c9f9b440fe4331ad5532c74d9a31a5d737537f7a2caa30581253d14dd3e92af7dc836686365ae01bdec561c0402b67801267a8df97d2f85426a5963d4fa3e26cc05972c162f223f000000d999e80de00fcbcc02d0aed7bb8f7ba337d59c14f39dcd4aad4139ef6425a9367f1bd1467fc6b95a4df7669839771ce9d5788029901e5a79d8b9990ace8f74087f25ad50c46088000000008000"/686], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x3a, 0x10, &(0x7f0000000340), 0xd58495bc, 0x0, 0xffffffffffffffff, 0xffffffffffffff5b, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000011c0)={r6, 0x18000000000002a0, 0xeff, 0x21, &(0x7f0000001240)="b9ff03076804268c989e14f088a8657986dd", 0x0, 0xb000000, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0xfffffecc, &(0x7f0000000280)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000200), 0x111, 0x2}}, 0x20)
r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r7, &(0x7f0000001a40)=""/102392, 0x18ff8)
r8 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1c00000033000b12d25a80648c2594f90124fc60100c034003000000", 0x1c}], 0x1}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@delchain={0x24, 0x11, 0x1, 0x1b, 0x0, {0x0, 0x0, 0x0, r4, {0xfff2}, {0x9}}}, 0x24}, 0x1, 0x0, 0x0, 0x24045114}, 0x800)

53.696564929s ago: executing program 0 (id=1348):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x27}, 0x74)
sendmmsg$unix(r3, &(0x7f0000000a00)=[{{&(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000001dc0)}, {0x0}], 0x2}}, {{&(0x7f0000000580)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000600)='z', 0x1}], 0x1}}, {{&(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000440)=[{0x0}, {&(0x7f00000004c0)="37b4f7c1b437f8f2cd61c74b3c78e1b7688a897467864c33c1bb447bc7ea32ce057ba72be8b8fbfb2cba46a220e68da8559a0f8658d4d37dedcc7e5c1f82d3b1b7ba34614ed57f1e71976a89999f6847c928ed1f2ec308a058ed3bf1dee4d29cb80c2a91020cdbf79790549e1702848ee88947dd6aa019b086637ae0de2e723b2caf24848bfaafa32b6076f77d43ad2e787f28feccad83605ca4f6980becb70042ea83a8eb1bbf744403b2001ddf597c53f50968a856a0283379029f", 0xbc}], 0x2, &(0x7f0000000b00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [r3, r2, r1, r1, r2, r1]}}, @rights={{0x30, 0x1, 0x1, [r1, r3, r0, 0xffffffffffffffff, r1, r0, r1, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, 0xee01}}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [r1, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r2]}}], 0xf0, 0x24004080}}], 0x4, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x18, 0x5, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x3, 0x300)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f00000001c0), 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={<r4=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000003c0)={r4, 0x10, "d24ec8bedb50a214ed375f000000005d"}, &(0x7f0000000480)=0x18)
socket$packet(0x11, 0x3, 0x300)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(0xffffffffffffffff, 0x48e9, 0x0, 0x2, 0x0, 0x0)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1, 0x0, 0x1})
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x38, 0x38, 0x4, [@var={0x2, 0x0, 0x0, 0x11, 0x4}, @const={0x0, 0x0, 0x0, 0x2}, @func_proto={0x2, 0x0, 0x0, 0x6, 0x2}, @var={0x2, 0x0, 0x0, 0xe, 0x3}]}, {0x0, [0x0, 0x61]}}, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)

23.490888507s ago: executing program 3 (id=1416):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)={0x74, r0, 0x8, 0x70bd25, 0x25dfdbfc, {{}, {@void, @val={0xc, 0x99, {0x9, 0x1c}}}}, [@NL80211_ATTR_CQM={0x54, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x27}, @NL80211_ATTR_CQM_TXE_PKTS={0x8, 0x6, 0x9}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0xc9}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x6}, @NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x3ff}, @NL80211_ATTR_CQM_RSSI_THRESHOLD_EVENT={0x8, 0x3, 0x5}, @NL80211_ATTR_CQM_TXE_INTVL={0x8, 0x7, 0x2dd}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x9}, @NL80211_ATTR_CQM_RSSI_LEVEL={0x8, 0x9, 0x2}]}]}, 0x74}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
r1 = socket$inet_mptcp(0x2, 0x1, 0x106)
read$FUSE(0xffffffffffffffff, &(0x7f00000001c0)={0x2020, 0x0, 0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
r4 = getuid()
r5 = getgid()
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f00000026c0)=@filter={'filter\x00', 0xe, 0x2, 0x494, [0x0, 0x400000002200, 0x400000002230, 0x400000002426], 0x0, &(0x7f0000000180), &(0x7f0000002200)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xfffffffffffffffc, 0x1, [{0x3, 0xa, 0xa00, 'lo\x00', 'veth0_to_team\x00', 'netpci0\x00', 'nicvf0\x00', @random="ca7bca638950", [0xff, 0xff, 0x0, 0xff, 0xff, 0xff], @broadcast, [0x0, 0xff, 0x0, 0x0, 0xff, 0xff], 0xd6, 0x14e, 0x1c6, [@pkttype={{'pkttype\x00', 0x0, 0x8}, {{0x7, 0x1}}}, @realm={{'realm\x00', 0x0, 0x10}, {{0x6bf74146, 0x101, 0x1}}}], [@common=@NFLOG={'NFLOG\x00', 0x50, {{0xc91, 0x3ff, 0x8, 0x0, 0x0, "2497418901977f987440cd0a43e5eed323a9bed865d0a202f4ad8955264947b49f7af622c8b0e299839685ab99a1dbed5438e81c496019d3546fe0807775f985"}}}], @common=@nflog={'nflog\x00', 0x50, {{0x8, 0x0, 0x9, 0x0, 0x0, "ae96b1696d7850066ebc628c0a7ab25e7d60622ab18c39d0d841fd328dc61cbea99baea62a05f3852f3c1eed6e29b763d8d6a942b254c3542d46d4059db8c8c0"}}}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffe}, {0x0, '\x00', 0x1, 0xffffffffffffffff, 0x1, [{0x5, 0x12, 0xc, 'veth0_to_bond\x00', 'bond_slave_0\x00', 'veth1_to_bond\x00', 'pim6reg\x00', @broadcast, [0xff, 0xff, 0x0, 0x0, 0xff, 0xff], @empty, [0x0, 0xff, 0x0, 0xff, 0x0, 0xff], 0x10e, 0x196, 0x20e, [@arp={{'arp\x00', 0x0, 0x38}, {{0x201, 0x4305, 0xa, @initdev={0xac, 0x1e, 0x0, 0x0}, 0xff000000, @multicast1, 0xff, @local, [0x0, 0xff, 0xff, 0x0, 0x0, 0xff], @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, [0x0, 0xff], 0xa0, 0x40}}}, @owner={{'owner\x00', 0x0, 0x18}, {{r2, r4, 0x0, r5, 0x4, 0x5}}}], [@common=@IDLETIMER={'IDLETIMER\x00', 0x28, {{0x1ff, 'syz0\x00', {0xfffffffffffffff7}}}}, @common=@dnat={'dnat\x00', 0x10, {{@local, 0xfffffffffffffffc}}}], @common=@NFLOG={'NFLOG\x00', 0x50, {{0x9, 0xea, 0x7f, 0x1, 0x0, "ac12fe220c2ce44e047a08f0c51157d146f458a05c335cfbb65d9ec97ee46f16daa82795fd92e92fde334ea6fdcdfa8b82de367a693e35e49cb1e5a45206fd9f"}}}}]}]}, 0x50c)
socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$DMA_HEAP_IOCTL_ALLOC(0xffffffffffffffff, 0xc0184800, &(0x7f0000002740)={0x8, <r6=>r1})
write$smackfs_ipv6host(r6, &(0x7f0000002780)=@l2={{0x258, 0x3a, 0x7, 0x3a, 0xffffffffffffff45, 0x3a, 0x7fff, 0x3a, 0x2, 0x3a, 0xe397, 0x3a, 0xfffffffffffffffe, 0x3a, 0x9}, 0x2f, 0x80000000}, 0xae)
r7 = syz_open_dev$dri(&(0x7f0000002840), 0xffffffffffffffff, 0x80800)
ioctl$SNDCTL_DSP_SPEED(r6, 0xc0045002, &(0x7f0000002880)=0x3ff)
sendmmsg$sock(r1, &(0x7f0000005d40)=[{{&(0x7f00000028c0)=@tipc=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x3, 0x1}}, 0x80, &(0x7f0000005c80)=[{&(0x7f0000002940)="e55b47c477471259fb03982c985b5cec3e3d2793046f25061ab34ca655db0f6526b463576908e78fb4266f245375e76006f62026f0b2a80d68021ae3abde246d70072c40644333f38c7ee54d3d4acaacb90fdc67e22fa3abadf0e5a45de3dce310693b486f0d368177b5f567ee2943bd138f5bd7129cad2b83c2a65c91f6bad5cd3afc53d5f74ee70b555d83f4de2162d082997edcab36c0431bed9faaec8f2531ce8c22fe7d02b2c7a9a3b7708ab42c66ce568858d8f8eda5b727f1325205477a347bb1681759dcfb688f3fbc28b97010f03064a594975351aeaa3c2e4fd496b9ba4132615a3a18d07e53b3ff449f9d1a6a7e2c", 0xf4}, {&(0x7f0000002a40)="59a7db4cc7fb0b4006a0d7c7b146a891854eb57bb6f4e75f667546002c1764189dae9dabbfefeecb9ea125eb740c14c9ae386aea95188eeb58545b918dca0ccbc179124201776feda7652943ca9a372774ffe988f48cb25556fdd1a79daa7c8ce1c864e9fad525eb500b8b9cde37385609d9c75290a2902489f60e8c4774535b3afb7fa6bb7945fb89b26b2fb70b6e976488228b2441010c947df4d0fae5bf262d1a5afc5b50ee69a44107fd03bc1190d27128bf40a5a78b5852a1d9d42c086b4ebd307d3fa001591c36983488bc6e240c38e9be0511edade519ab14746ba6841115a94b2d307f405190ab6d41866f7ea99b53eb61b06fc78d941c974e7d055a85b3b28acb2eee98d8e266dd0266945ada7505efcc0ca31002f4dac551a2c42e3058904b9bfbdc9e5b884ea14326638193d45d7a57fd3003813858844657378c91b1b9c28e9bed53051bf5efec169fda3e289d4035d4c8bef22d860b3910be25c645e6ef3d0a53a73bb145961ee5bdd588e46091825631122a8d321ea14d5c3f70bc266ea76bb1f64a3e5a66f5505ce30f616ba4f93060a60280d3912069b37c0066a3053702656e7d9caa35353d19b2b3ab00a73aa61b9b22b41d6ee03360bd3dc257cd1d23828b9bc18ee949e2638ae304b3986b69e4bf6cab917047246999a7cedf464ffccbc37b2016feea6bb98d9066732c3f0b51e211d42a2a4aecbc30c1c589f2954d3f95f85c213f95cc80b8222f5769fa55e31bfea638ee35da5f82ff919df7211e12eb8b36708c2e68fca12a99e7cf08c4b44daf4bb9b246d7bdb7d3427f9aa9a7d2c6bd3b7a8ae5a092505d0f046dc1d33a8b6e709a2212f906f9821a75653c4114cf5fc9f43851e2a144737cc09ce42469b91c82b271ae82fd5a8426901f807022d0b35078a62bb5170b77dba7bc863657094aa5cfe730021c1e5c21a36c1b691e070c2cc39d2c5890287ce9ee9891ea58bc6c4e4348e0b1cafa7b1895fa7d5f926ba7ae50fca6198969970515e76fae480b81a94dd65e9c3d9e8563aa6f11b1656e72d7db487bb6bccd22c95a038851095f406ff011e4a991e6a8ea63cf7d2e74f62319d12de75b7c8fa2e984c9983dd897e89935f66b9e38cf7553ac970afcae005197dbc1aaa3fe6bbae84fa3090fccf805374be4f7d4ed0db7d3e414ff870506dd5bb9fa39b6566752272ee04a196e5f5bdad3c908ebfb1703109acf9cb06b126dd44d9c88a654e06f880a4172e05216c43a8f45da1610d19c03c75c98c0c3c4426a23f5971104912fe2a0e81db074a4090bd5bffe6241a8bc319d355773895c244095bbfed0dd5b47f962d940e42710359237fdadea7d576e62d92ca2e591936eb1e5612d9d8752dfdba91751af72bcf8daccf24a0259f926bd73bd5320a49249db104327bb7f4d00f007a4a0725867ee4568fbb22f32bc34c6cf9206eebf87fbeba5254efd5c4492a8919d7598c996aa4088b2604719ba51f9b7a2ed1ac8745976837ed8ce291bd329eb1800eebb1aabe20823e5143da63a9a2f9fa0d4d247181c353650b1627d742b002320516917da078503e7f6e6172cdb19c42e8aae67bc7c19699689a31d465a7995257fcb6ab9a6c38376e82853720c7f2b6084cbdd4d35c6bdaed7b73b6b84d2cf214c0e7310fc1d69cd55c9d8d3ae7c4a8fef7731e08396ba6090b29fb8c19f5e0892fff7cdbe62a8b504c95f75bc5e9f1a55b487da29cb88df4f2ef0d32ffebd510b9fad15202393e42bf80b7870fb2a88747f250d7181f7a7610ed0d4cd79faf3aa2aee3819c3414643d9dc6fa45c230ebe7a6494b2e295534357aea6235e607c5eaa2cd53e3385d718f8d75d28a30efd08037145fb3d2ecbeab0b0c067e1265035254a1ea74ce21b156dae7e7e98fcc9665d2df2862b83d9a2e26070959db7f0aa3413b6092d1adfe2970b67d8fa7d5294478c30ac356d5f64858801b0a5b20107219701f2728507ce581970f3f18491d3801d0295676e277553e33cc1b0883b2c7cd114991abe929be56f0e4f98d2562652ebcec9f7571f23bc1bff028ec763fe4fd20cb34d9fa65ba8b6af52903b0e74a56ccc1b5beb4e09e538e880fed07f6c6b78c1696fa59ff020caf39b8b967e15d0e1183815bba5e8bc27ed195818dafc188831e230805ae809cb027202d16e7d074e2fcdd4c111249e21d5d17d9d0736ceaff7cbb0907fd09ac611804f00460ef218debba060235e6bd8b3063ff5bd70c5fc4b11ed873124e3d66d34243447f4c76f262eeb739d9b636d9f8523386f22cd4b725a82ddb30b5e16263f27a4a5b0312ffe5c2f7b183c272ab4f97670151c2bf1cdb95e96b4781fd782b85292ccca7b7b0d85714a5330e92b425b0bf2734cee2b000ab84c82651c8e7d6b61515d0e7395ed4acf6a6ff519599a0e73b923c03d2df354cddf4d063be8f719c6bd5112660c4e251ce3284979ef1129e7b6bbdade5f128f9ed2d3775d584567ac5e554a4ab9ae87271d7d562b8c4ec66aade38c88e0de36a2e3106ec090d56a63e808522ef80cc89d90100d88c28ca1d00b636d75d40d92758ac6db8414dd347098f2bcbda9d8c25490dfaec06ef50f3da10ce5bc0838014e848b1b69e348ae30c7693d96d26ecd0994e83ff5b8a4e72e17de71e3ff88e97031b67777d211fca831f6e98762fe55f0d5210bba053984a0a40350dc076e32e206941113845257087378198d70ed0ae72a806529e03e63dfa3c7f2149a225a678d60c1df67aada58d558d079e0b22c8e91ee65c58c231b2351fb91222a9f1a64af4c07008132948bc54d6a4d6ed929c12c44d38f3c999ccbc7c473a968fec1aa24b28063eae202ae78893bf8e1f47afec647275b9919f6f0e78bd21c5e53c846bab962c53adbe798c1d3367857a9d68ec207cc8ac0926431c7e657243aab5a6843ecb9c338141ddcdf8009da41f0687dc493ab146c94db05f0045e357e124768f3800078b40981a6bcb6dcc7d5404ebcf46d484257fda0c70bc481c6c8b59e4d647df20af82ba7b89c95e5c013cd5daa815555984da48e9ab068c5997e2daee66fa5bcd1cb858985e6b2f568bac20e930564ffe9c68a924cc6e43d16d982da92184e643b9614639726978f623ac90ecd0528c32e7fedcd13c7f7261cec3b340a419d4d7bebcc4bbfc9022cc12187ce967deb7331b47ba805a1e1785c1a2737bf76a563ab11f5ec2f97923feeb7ed6f0bfe549baca545eef521c47867f8ebadc6812b63b5d8057b474df6fe6809a82232b5afd2bc5f484fa0bb8210636bab76b5dcc842b482d9582182d94d637260c73e908d65a9d461fbd398ba5e68ecd18e3a513cf0035ad4403a5b3b4e18e3063a65e54aac8cc77b742e89483fbca50be332cc632ed917c26088cf5df27ad390522f5e7106b4979afbb21c0a0abacda543e7705cda69768215268c6c256e7141823fc61d662ac6dac32b92cc6ffda0bc11931f20cee33175bb59b6047a1084a68c6f7b58441ddf7e427b76977b8fea24393f847ca0963f7c95ff09b17e881a412b0a2b4d5753b5706df0c319de332f5369d52b8efff7840c841c7dbb6fe94a250e6140dbce44e975d48ff789a6da111155fc6cbf340356809ec34df13e581924793eb5e6f0f0d9f428cc42df182907240dd27fbdb054eef4d415ee26cf7f3d956ca3f9af577f4e1ea420e5f582b562340bebf011f14f8bd70f735dd3b23f5c66cf558279978a1d50c427c52d57ad6bac4cf41f4710e768af133601c0c096667b9aa53999edee6b7cf3276f27812c252df9961c17353ec8b477db3225e44baa3623087b1c7146fd5188052beaa2a481b9a975c0c6961b3447817fe26e93443eef780501676226e0d13cc71e38ca42c523f3f0ed6e633d488636df105c588e5d48cfba95d915ee3ace164667cf4afdb6c9289bb0e71f22d93ff654a3b98199f53ee66e3a2a77c68216594a00bbd2496b25b827b0a41765584d0cfa2786ebe1a31fdf5a2530eeb4f0239366bb740e2a944e2ebbdc0362dcbd25b4f1ce6fa039b0d6bb8bbef2ee64cf96f976f76783e9a67454e3495d5a69743a4e3bb225e43aa2d14009408cbe96957acc3138d53aab2b092d5180e62f708f9898121dc49561568ddf02a4f2037030b850cfb812242c41dd30766d7c4d6fc7c49d7601bc8bf48ded6b8a2481c00aa0c4870f95918dd11d397174446c20cb1a3d8be3407a0285aabc1f8fc06c535e96a9750bc8212b3850212145682f407ae8415a0c2410b29ed318535162f322fad7443953e91a162533a03040176f438b714ff5a3b38c3ebc3e3808eeb91612e5fd9d6b882012b6225607d2058f080ea93c3d6f0f4f7bcb56eff894337ff5c2f7e39ac88392a216d605dc5f64d6c6c62e3186229d183afd286cbf595a093357184d2a15770bada2d08c19abe619beea727153b277326650ce0fb4d695be18a144de48c945c559fff54bf7ceacc9758f1417343d1a23772e54cfa548e33771d70864b865dbf136ed9d8564605ebf5446f16404cd3ef6879161c1ae812a26c5fb9c8e6ce5836c8472ed2998d95c9b15d14ce1b038e5e247d1ea38ed8ff3eddbf63e1cdf65511098276e32f7b03ed6d053bc0da9df77cb89b892b4eac75bde561eacf7dc69c934a63dd8ccccaf6f699831ebaf4e1f6c78ce65c15c57a9ac5c88b640dcf954208e5530bf76e8aec8b54f32462d7e1c4df7b356f512ce0dd36cf12fee7a79058e471abd917ae3e881a1e3320a7e1a7ad8dfeb31731fd497f43decb400fc47cc8a6c6237b3f2955b094128563157437eb8308c47980f7288e51091846d88ca9eb33304afbcf3c7dc873ad57df991eb43f1ccb13aa2142b52f4dcb72a8038aa9af88f31a2c2a3fe6025e7994d942d19aa344a926f9e7340ef1e51aeb915885e7bc4a5797138d61692ca87812e70d6dda798a850be15bf69a21ae85aac66c6aee171ba1df3fdf4653e0fda1c4c86d7b4f18315a6f97dfc11fa5530da4083745d79988aefb6fa70e56034d72cc6e57194526a86bf9bcac63756d4f12aa2d1b0375db5fe069f83fbcdcbed187d54d07e68dc959b91dbdb7b95776e3509aec8f0a38ae56f22eca61733147603ad6c182fd585299ef9b891a9cd354b74c4dd094fb76d64f2f61065145014ae648077254ff1eb7f16ab1f76ecfa83141f530d53cec2cc9ecae7af9da0e17817ee1e3ac0abf8d9ed2efe5b9fb487fb5c7dfccc6194596ed693e388407f738f28baa2e65b075b47b3328c590f82fc5869583eb19bbe4390b5e2ed62fbb81e2608dc3c212a683ad6ae2bf64781edadac50e329c50cb8a0226df1a745090c8e156b8f786ec49a04c904e8e871c2a23c497580b125b03e3d8fe3ba02437ee15c6fbaa977cba588429c6f1f1c5078a9f10f86fad3c854515618bfeef8adc4629f94f2e9c2778481e81c40fdd0f0d7708ac1b9c90fbb70b0e4b9ec2dc2ff0dd32cd44d3e89c6bb72cf1b556e27b5a090de8ef2cc215a64f4989fbad0dcd2845d593d9fe3a6b08c576e24e63258b86dbcbdfc71371bc1541ea41279d5476b955e9ac33964529a3bd2eb10c35221dcc16cadb5e5091e0db53ab0862007eb90d5839d099d3faf074a7c0e324ec1c456a8141668cd146fa3e2a2d3e5b4156a404ca4dd059a92ae6f09de3dfbc1422a86726e4004379a61a9aaf407ed09b2dab23b49c934e625612257f8fc91ef1f2c4a5a355e82f223b9f8a76e35fd59358aab15c10361300fce4553c9e871da7529a1b7bfd17ac069628c5303040641e89154278e3bbc970728439f32", 0x1000}, {&(0x7f0000003a40)="0fac0d6d2d04ba7c4c96293d336359d65df0cde43dae9a9bd615959225a168cf932640fb1ece8105287f0d3a19eb67a54524212586f112661f9207cbf94703257a6ca698bcb42d2ec9867860c3b52323ecd1dbb33a88aa15ee8beb40bcfb39ad0ab023e72bd609f842121a8bde5cd07fe63ec7f4f58123b89276363d8ac0da251abf7d3aa3b9e87e611db95601ea722444d22a6af829c5cd4e8c94f3d48e53fc5f35e02c4628f225eea0023eccabdcc6a8f1c72654e657f256d42254a3cef41c080d7a67c34425b2e3f1c3b7b166d325d2a86cc9cec4873d950915ff02b6e830e58f992e111a6dba6fc16a04965a9d54c7d82559d5e6da57fd8a8df58ed9b23138301241d43b8b9fc1cd35fc3f5467e06855b61afc43704af5bb5bc442fd6841bfcfb2702186241b4dfbc6d4cfb58522d2d7a522578d882b7cf324967cb55a87c1969ccb1796780d39e7e758221106f11e2831093850a717f1400bf948e0f521f3dca94c3efc417425aafc9c2476e8677009bdf613ff24488208ce8d5bfab23ea79bdf58d28473efdaedda2bd62a7aaa01ed44db93e159cc2411a911c526d0a57dfd3fe627f49bfce80fe0b397e7072943caca3fc70a61567789dbd429dd6e2ee785b234d309cc611064895c042aeffc0898e3fe04cce26562ea3b3fc6e3b595ea295081e036929cac38ecb8d3e86bfe9a26db3d0b17b4ff68dfcb4842911cdf7e4e4b9399da1e74b8a63581fd7ce2640cea6c5b0a0921b001e4252df8d144860cb3afeb797e359404ed63c9fa3f569dcc6be4747383b734e9934e90bc418ffb4c738e65f3d24ef18e0947289a83f7431815bd2b06d32e80357c86195210d1169e2c955f0ef2cdf4ae1a7e3e5da2b75211c1c0e6fbd897178aba3d213e8d467b8db004dcc495054cc78f43e778c39ff863c9c0664ae5ea9282e1b8d373d94ff417a885008fc01022529c716dc6e949bc7759b17a6ed20a8a88d4509daed19511d967b1f515d003a4689214ba31f95c546daf7aa7b5f6c25fd747a1141cde4f09bc85d287b8ed4b43821b413d293908fa67149448aaa503e028412bc04627e4cb347b522266fd3ca29f6b1d98f41e58c5d146749f7af1cc7548dafad850f198ea7287522fa030bb04a2c49bd794ccf6172e787d7db001bbcb9e19ed6580e36f3c2d6699f68ee03d27f65498e5eb5a9557d471cc634bcd294b7c1bffd6024db430742b5791669273ef4d6b79c66ebaf13a6b554791a27f3dc2b009dfc03cc5e47621c431e16d20f3e413518f0dd6c3b0185233d25c6a4dc08140ec26c09dd24a618e0094d8fcc2f2247a6a3adbe47acb6e1d48b1be5137d801635e96ba4ebb0a3d9920a5ef76af472f34847075149638051b975dc5f5391885ad361f6fb4e43804f04d074c2c29e69c4cb272773e968951f70060666811b96f552c2c0764fade86f7a7fabc3d46a1ebf009f4c3a84d502896febb1a2dc754b42c7b3f4775624d3f4b837a47a84652ddd9d237ff023feda083568556fc82951defde0361ba4961e0417ff95db4429e68038ad1c14eece2096209a3a40d43dfa606c19cda77073a13a51f04653d6a41e2f2b19dfc53e5b2c11be087629b884275d373997197b341fdee1a41c010d81341b013d3d9ff9263b0e10638a4652455dd7862e14c4f65befc8be098c52fb93f4f8b8714c044951663774c2b9bab2b4228a100848cebb690699bb2a7c0b11e2b861ce29cf45d050d1bfe5a06a0c80ec7d1ea72a5ae025a12c6b62074225bfa85e015f11e973254dc9cceb1b4523116bc697d0585e5518e8ba0f97d01f02779340c0cc799f3f0adb655dfa822688e47d029c040a6a3953d5f2a8f48f4d0ea306cbc4640367140d2b7bbeec52b303e6aa52a257be653de5248a92656dd3d4447c61739311b2d9ac343c9f4d5c7a402b823c7a92f4b17e933b71685b52b0aa24ae57f11245a90f9cfcc0b5a19be7f570adf8abded8aedeeecd024486d0f2892568de5396f4a2e3e8dcb70756b98f1c2cca3b15a9e7953bc6fce90177bfcc785a24b4b311047cda6e5bd926d5844e4935905bb6a8a5e160df8c58a8fcede922d1f1a90931ac7f346dcf1fbbee2444a3feee1db8ffca3d8b9417b2fe02f3c74c1bcf3da2279807b71b27364fa897dde701c7cc5cc3bb2bc6a7db56b9c6289b014233b36d4b7e06a5f1cfda8e9ab3b5227ff7b976aa381e7aefbea507585989818d67705ae30b5bb3ace437bc2ed0dea0a03b61af366afea5579d6a709f611575a2407f1dc97f325ea68a340aa86bc464ffeb71b436538802778493b71ef9105eaa4a413d09df3f3653a5b4e1540cf58d1f7fe11fb516bcff3460f178fd56166c5a9e8b95cf4ec8c2cdb8c537bcec40baa28737dc33cd105789f6e0cef6fc84c346034a73c2b60c7409e793199bb20090a6549520dceeabed4e1f962b272be824ed43bf76d0887b1fbc0bae06b1631791b7094ee032d8c5ea688dadf16ffa35423532f91ef62d5a36b1cf25d3518d4a19816996b3d04c5cfe130afff45924fac98af6b074de1fcf65181e02db7c8fe34dc574cdc375844cc20ef85985b906bec715385977a0797dfecbc17e9aa7c2660a7e0a7617753deb8154c94f99b361069e590e4cb0b11fde23f3215a458bd48436e168e84f6617d44b376089cbdab76e3bf830ac4e2dd59292dddce29e39358204dbace645377408830c464eb960911ba893eb3455231c3aca1aa02fddcbb059fd16bd40d354348cbdf7585b3a9590c08537140adaedf6a6bc9bb6962e2b713cb045727ddd7874349faf8b4fee7c5c5c253efe45b76675fe38ea1ec537c70f1158d2e5ef8e4f7f6759dcbe4034e7b3ec4cfa855cd5d4e5ccaec72f84f4aaff16521c6058a3068b692123aad09d831df5944e462cb7b84d16cb49ec31c578a76e2059d6bd692acf70aef170c6ffb955b2b54f7e7e0f6fe4b8ba911eb447aa0dbabda522f15941de0502068ebf718e6f0e71d9abbc9dbf8ce506a89b08e82181580856156b107bdcd685ff59db207e16e5d66a94c623bd7ccdc60b01ff248f8fe9ee33a1b756764c50725182e44ae7c2c71f6c4bf7c9409327b56734027d9a4f41bbe3f58a6ab021c192577520bf4ee135fc4d85db0a52868323382b52f39669f5b060a8c8412e75f91e412f6da5274bcfd6fa96bf77bca7aa8835646ca3fb71e96b95201e0ace236532a9db97c28ded7b7bf75e8bbedd18322512a1f60d11287e9ec4325180a2f53d46a5a7ee7be13fb26c5556e41b6902ff7308b6b46c4f83be9be8d366f9a6643a54dad01758e150cc5b64094d8de195ef3caa9f777862d0e769be9e5eb0d835cf21383f102441ef4feff0ae41e7869c04c6d13c62110ed8789fdb606f8cda1c7b0811988f621d1c4ad30f069a39203b31fe94022557a05164ab4b38683bb80a3eccce6487a82b4e56ff269d2957dff44b2c43c01d8c0d4ddd3519e2637d073c148c7eb6ddb5ee90dd9aba30b63b8a9e45b4b3b1caac83d318275535d5412226c1ba93c1f72dbb04a5fde11ce6f616b118c6fb33cda6daa9509b83e0dbf6fbc53ab6de842dcd45071a7d56d975411708ed7fd2c9b95382e7ea92393831dfe359d6398d7ddc8b9de1ada5a2cf0d4f7749a1c8fd3bc619ed1df007eed3346c8f9d92aefe58a530c89bb8ed9a3e8add7f94ad1473a007ee6802a9af4153979cfd58ffcbeafac46f2c4f1de1ff1b74339694d48640bd23bb1368316c5049514862efbd3861a1d9f53ef46cb6d5f82827d9f0d7c4e4436df8098b4c94a9bc6fb508a0ea236f5b01eead6316b419c937d82070b4cfeb82ac31a5d5fc0c2217e66b35e50651bb0341abeb1bbfa6e0c68022f9ec42cd1787af0f4736a933b0154122185114450e9ed248b369b982bc2b5992bdeffcdccc82e676bd94e2d99f98636d4277336a59df7ea579a1b8ccd77bba1c8a137aa1ead101b81c86b30e72d1443562d89b44f4f378f844b8d4282804328466667d0e54e06172f583920e5e7b103bc56067f2f86ad0fd55acf4fa9e9e5ae1142a25d8135afc90a2a2075e1db8395900e4d746e00b7295cbd37e910dcd0264b53f8e127de0f7e5879addd224409c2728c3db8a2e3f2914fad5c496b33454ba4b6252c5ef261e2988ed90559a4cf1ce8c0455b2a4fbac4f58d5d6a0adf74a515ae7dd84c2e6d364bf94ccd542787a100def91ecff0ba6fe10f5c5fcaa740f6d073aabd78e1d14407453ab9b1750535a3f74e45455a6e9bc1b8209b83a4a5e616d4a4fb84733e6829a2804f4bb1467119cecbccb31443b11b504840966c8f043518da3773a775b8be346e6d2af4af8b1589eafe958c896e058fa117d3f291ccec3a89d4ef6cfa00cdb5cd0396dfd4564bb382100d05c1e1c779b71832b457126fcde375326b611bb96a64878db7a8546a64ee1046c31283197bd2f6e3782f95061ee64aa10996ef57da665a7c93face5be8b690b805a6c85d7254080a121901370da9cd8b5f4491632eaeda379e790e457ee01512e9456d6c531cb3a94251a61632918c962bcda0452027527f4459447aa5aa3c87f9745ffb3cd86bbe0c6ac10a4e275e29a22c6ca5652521635fbcc625cb4630d8968024344e11a81933f782d5b1749d8a7c3aef3376826b374aa0f6702577dbf03591293e5b0dc2ecde2ec878241bca84ded85e0f7b100b6215d34262857df5e7a7c134697a2fdc7a92f6df2ad9b5bb760f7c7de17022dc192705b252fd7fdabedd908636684df9c64c7900344a804ed93c6d2cbb16a65112b9ea2c3ae30489122956b8b5d5f731ff485870f5a10f0dbe56df934c85acb923f7bb86c28fd3359ad8991a3be51de8dbc0bc4135c3b99cdfbf1cd52196933aefbb16d5583d8dd854396e1aec337d57c41c4d8b51e7db624ac1b24f988dc9fd8f2cd8e1b463a6008c4d542a5e7d09382e506aa5977286d21a9777ccd9a91afab0c8cedd4e4806ca411c347b1901af9154a9ab617c4bf8a523397818b30e536a4ce850df421a0c9eed45412f7c91e08d4babf0b6a4edfdc4095e6bdc238b2962e9737f2fa67143eaba3f4dba6e6bdbdbb2a20ca3b60d43f6d6b9ecc979a434e0527fc89ad7791efb16e5ab3e36020ca581be0e1c87f7f9034dfd46ba28b7b898ab0cbd92cf001733631ced887d04573dbea1bd2044141a773088e215ed23432126aed36efae0a0a49948c4e522ed9d7facb4c4a7c14b64c2a195d867cf09e9b3c8b01707f4b8d4c7a1a0a1e44fd9afc5ee46ce86a23bb2bf44b554288550ba0b0e6c70b7f03ff822265c45cccb6b83ad76bfc1de009aae4809223dac04c4d886cb291fc68d4e033ed7c160d53f2eb1250dc9ca05eaf716922a85ad97aac7dce630ceb7f0df5d600a8f68a7e46ccfc2fdac9e8f6612d4a6a3cabae5864fa4e360d1a4f06b5b4f2a85bd7dbd6719fbf7e86e53358a7dcecf6c8de6abf220948c3e3b6f69326ffd3e1b8c57de21178b4c4d1449029d4b4b16a97750d4deb4b86d43f021b57f41fed2e938df2685153679a477dad435b7eaca9c113c7afd048e0fba5291e320a6c209021ff2bc4b8f1c00bdb41d8efd47b09c16b415c5a65644cab6a7b26716a5402622a0321b0fcf1d03afff41b04b527406ae030ecd5cfbf52bc17ed9730969a6c5c5e99a6e0afe7c82ba5367dd6659ff4cb77805f091527825a6a43245846dd3d04920a33d789122adb347886a548a47ebe2fdf397816bd368a1e1249f224377d06acb999f99ca271fa0027d5909d8bbc0abcb42b8407236cd5129847f43c9b9d433f01ee443", 0x1000}, {&(0x7f0000004a40)="12b13b4988dee221441c354a971033f6a8b03c3183d283981189c161c5f4cf25e1e8e6d0e67e67a261550570912f6bf59835642944b758ea03eeb87f516f9546b8efe0d7596d3fc2db47a4bc4a103e986218f6097ba7fad584db5ef6e969df69c25c5f34992de9b9e0bc0bbc36efc4fc523d7db7657666acb2fb5f53fca862ea4b75b5cfee0e9e43731fe6ec44c687b5aebcbdd47f4c69a86acaf1974b605233e9633cfab71d841ef54ecbaf5b2e419ea86927d5d846f9a3e5ff3ceb137feff7d25b69da06d0d19672def90a0c827ad575635e905f0c5f0f8d839ed8", 0xdc}, {&(0x7f0000004b40)="9856e8afaa425ef537141f20c125ea85332e0c73354948d0dde608", 0x1b}, {&(0x7f0000004b80)="abf5e34410eb6280de7801de562ecae908dce0a83bd002d7d6e120f9067c0a89c5c15803727b421c7be915c39737590b8cd0b656b0a0d6b044df7132cafdeadd61f168a236c5ca3b195efbb4bed43fcff652f6175ddf4b32a997c48059050bd546082606b64d8087497767626a8751177df61ea531c691a3976c0446389a2cd4c13c1110", 0x84}, {&(0x7f0000004c40)="03b08d0f2302d03e07b516a6db6d2a3411ede0887c52466b017a", 0x1a}, {&(0x7f0000004c80)="8990f28b691605b9a645ef9cd96f0d867a475da07a27863de80a173f772ffe52c5f7251d88e20f58fbc4e242584aa59f84c2807f46f6f437a4f908da29852ad5b714aae3d3130d129b50fad3dc86dd17305bb913e823bb21ae8d2bc0a16c3f8795ead98e49958856ecf8a360fcd19c88765570d054aec1218193a75c0bb68f2731a6248d1fc2c41eed9dfe765c2e633927119d85934b53e15c36d12433ab71b9d40aa9ae6c048a3d74833d5c132f429227b60994f4ed91ecd2a3174328d265a753a6682914cbdce1b5a39d1c093cb0d743e8d0530ae288f024cc4c45e7a3d8078b02ac0f0a3acd5a4ba92b5c3fb7d54775c584d25b9a90fddc8221ad9dfbcf96bb4483a150b0bcd0210e907c4012a34423930b9a863e9be1189d2e587c433269e5afe18b8934074349a440070374823bcf7d5c9c8334950bb84ec08ba442961a5554b08e1e8a6a141d903dcf62df34e6938b93f64c7c7ed804339b5b260f7041542a13d697071909ec5de959013f14a8ae6bc22088ed7b8793d70b224ff4a3f7f1505b41a2eb219f1b8ca029d7e12bf386c10631ec2e4f47bdc5835a91f5844be9d253fc7acb5f73011e5cbba967da7e2c0954f27f49ea924e8208e951f773537e8a37e70cf5cbe71a9d8d201f087ba177557e3e0b35c4e25ebf2d63de6240225385044b3c20a61f287dd8d9169df988a762b2f0ee7b6c985735868d4ea85a0b0c3f009d30574e4fd11b51170093122c7607772d39153015d62ce4d68467195a91a31a5511eda105696ab5ac4e9ae86430775278f78e7a40dd7678024314851e7bea800d29925897dcf65675a14b1d034489659e6ea706bd5a8992b70f8e0cbe778617fd0d5236251df3cf75ca3395ea88b1ca8dfd1e440214049d60890092daa0d3894b039845764c7619646df59328ba71d0a2379622c5982466caae01b7e30730a5da45f940ea98b7995fe16f0db5a6a3e53c2036ec0d012ddefd27e9ee6f6806989d8707a0d68bf1e305bbed7feaa8ef5a8b96ce174d7ac1f998d6ae30ac479ce39d01cf53b17f5d358991419c6833f10a979790020256f9a10c858756ce9351101ef479b8e01b95919abc913b81c215d4f48ac24421f2e95e7aea653a65d2de318cf815f7e5b97349ed13343f5c4262f7253899dec5d2b6af9c4f26a17366dc875db2c4e8c6e909d2b8ba185cfae3ffbddba7ba90341afda4f37070e2d947c82bb54e2b7727cbeb05d3cab3d22f5183209d3ca8344ec24c4b4cb8fd9d7a9a693c54c205618da6540ba0d50b3c6257fc6f0c7f98a3fdc50c01bea60310e97c6b00ef2ca2aa3f56d6f3c8a9e3e84a6f9b27f156c3d2441e3413bf6f51b061dfb9797d433940d96bea87e03d3c919cdb2b27208a028f33ae971433f95ee5713b0430fc77b76d32d91bebd17a02a2b66e4ececfcb5017117703b7c77f168c863a87ed8563f6040420b2b44b735f0583d7e7439068df0c0763237fe39130e4b90bfafde1e955a95fbf7f0a7d826606b1bb511d3cc2bdf755a5e6d6274f535792e146ae3346deb90643ab8fc63949af49d518cd76d91e5d40fb709620611424683ae49cee33f60962506b15a586839c58e1bff665cb7e414e54b0c28a3ae30d64d36cd9318bddae9db978f89ae6a061cdf2ece234e23c463f041f574fb45b2ab74cd709999fd83080f41b82a30ac4065572e1096f96325f05c9e98d0356b6a15fd1869834448ce8ef37eea9def2043c3813aa47779b883b54dd084b10e0cf16317064762ab8d078dba9c8fb81288d86a0e30ca66893997d05563fe59ad332e6aae6132813c90c3bb0c8106398378ccb322920c30dbb4f040531ffb0dc3461cf6d897084ca9808b597f946283ad1111a8ca9658693af01a32421b918e02cb2124e4d9eee1e0c166e77b2db706768ecbc8a84ebde45c448e10f00e5b7154d9017429ae636c2ef91ff78d68d0a53b19c95e77e0ed926b07718fc4cafe6000ac1e86f37124cef7ac264fac19d9ed5bf7a3f4fc6ca9111cb6aa38053691448c08813c7aa794994f9cb032f49d6d8116711550eb60ab3b153300d4a7d980ff313ec9e4e1e9e97589a0e5a2bf0cebc58b629e5f2e3f124d4dc78dbab3c833a62db907fd6a250fe097dfd15e2a9e8a9211c1d316e2ee071f5c35cce3ee8ab86a2843976030be3fbd20a3dd9d4dc4a078f7dbb7d55450d057ed79b5159e5dccfd2e9e7eeaaeca29d0647fb2870f0b8e0ed18c6feab98b0900fcd273c642e0d7a2299b6825691d962fd4b1c337c3f0c8a93e3cf69819c1b6eba6e2427e67a6aa3f07df472f6127170413cc84c02c2b5302b745213ee29dd779fa1fb99629c55719c839656a1e17befc37c5ad7d77c562d68661172a4c0544f0eac71180ae198c4ed29160d219575fed7f08570e62be32f4e916fd1e9e077ef23b3560bff9fe0f739258c798ff252f8e7a85c925db6933e9677b0457f0d140363d6db5cafdbb258f73bc38db85fbc23b0b28a159423341d21023c5d71c38484e046c33d1a0200375e7c46d47e46387910cdf4dcc2596a4e91668b8ee9e4155291056943a2bd6a4e5e451f1b4edcde41490abf8b89478ebac2d725200254331a398e834f05783cc8c0bc2ff86f0f0edb49df4603e52c2a8fa3b0205666623741f596c9228abb25a65dc5c97a4f95c52f37c6aad4f0f6de02da7c49279b16d57f2b9040cd7d017291658d44c09d5faea810a8579392a9c59042ae9e23ff07670f9ec41f7ff89194375a1b7960c042af735c241be9cbe552002ddae5a1910c73bbc220d19470cce3f87cdea8b26bcf173adfb4b2cfe18caa33a9d5bb74f79ecc79a95ec159de0d9d9349575f207c9159037e253bd61e4d798818717b135483f0ceef1a550a69fd387ddea9160407eb0d197eac49f386f0da129f6fd1558a89f9eacc40db3f5a5b695e627d05d9ac887c6deda0609433717ac205872b12fe3f01b31dc2e66bc70c82f1955256fcc253523d9836a466f9ee215de5ddee9e274f81049fa6ad84eb91b3cc13dc262362495e0a4b33709dfed5c3b42419421fbf5d9a4306d31703b9ccc6b0ecc16bf3133eb4dcc627b9b0be35e15faa2b8bef594ef0bd7537e4bbc1a023e829f831f4b4d869645abbf79bbe041b271a2a84fafddcb169e2804b01633589427e214cdcb3037cb5f78a6cd35726fc0e6dcff297db4946b6dcda4e146c37fe47b63f2c5c55738e8ff5033598d5343b06f95aca04e1d1e168aff03e45b8b71267b22e7f9ca8ca81c8be748b3c364c2d860e4e7bffe47fda30ccd4b8489367e814382be86148dd81e09329d338f5ee9900d512c284e7c08cdf44c9fc106fe6ca71fec915e371bb63b165a8d87a8ffc29a3f3d2b0c8bf47d833845b74be68f9267fd92cb26de45fc891d2938270de55df44339e6a1008789cf010b477125b682322f9443490fb9e9fe44ec65fa04b4886888712e26d484759ed6b4a77bf29fafea21cda24fbff682a3a9dbb3acae8ec2fc6984a4f9757ec195ffb24dd8257e3ab79ede4a4d48fc20ce92f8c553bf7413763bfc748e7f38882a8453758ead5c9b7629bb1908ff68af1575e346de0bd31c740f555622b63bd822d5315822e296a6c952172bb8a4690453d8ccad9092b0ab73f4198cf10a91c8543e89009fc081944a965b600e7cffbbabae57fa39ad53e9a91eaf39fe00014562a3f5482b1469381e25735333f1641c40a047f9f1a5de96fe2e37adc6966618952ccbab34178c779074d09d6b8b4cc6156dfce4ffbaf430cc5efab813cf6dd4a94d2add2ddcc47b442c13878169984e589907049aa84d52a28a9255633d0fd51bda6343127accd391bdbde0ea4c19b84f12410b070ad4a58e4800a784b4a806dc9e04b40255b9bb943a2bf6db2e0b5f765936bc1dc571b98d0922f036432290612bc47900f08bdf223252abb5c26a76549d0ffe71720b728618d27a0eadee648678e42f02f81e019f13926491604cd22dce84bb14132459186bfa66db967f8fa27bed8cb3d3eb44c36618d74831326d17cce556460220428b179574ddb3015b29794339310d1d48551d11650f5538ea34b2e75ec57e681997b3d21391410f7a973fb43c557d27050211063168533e82a48c658f6e98da54d8856c809bb388efc2d2a9817e262975844f1d70dc91978beddbea5e6c8cb6547895584bd5fd725632a528c81b9914e4729f2be08c7ef33aeb6657fafc123d6702dee8ca7cdec99cf094d98cf196ad4ca311033785cab1212405c63bb1e7b3bdfece20ccf762a7ca6071a0a7e1d457a3d9214c6c0ff02d10e55d91be7db588e467a35079804a37f94d09347be10111e5a443cb2229f520820e522c90dd81cb0a7b23b88bea1031e2c1d00c6cd0925debe7f6b647bfc7b73e12ab41314c37f75180bfeaa75680b96ce17b3273f3929da67c3630ae74465226d10cb0214514199147ba63342b4b3d6bbf661b0a316c15217baeef9ac80a55534353ed44cf06289b092b9e073c0a1b92c12d9cf54fe03d24fb33e56afd8b7f249e1adce32ed21fc29423891b80ddd70a3fe3140572d5b4d489fbf88c3d3a09b3068a9f2a7dea200312ba3ce286f2978857b7118c028889ddebd37c4445b9a4defafd79c937e5d7699b9dd91706f3af5a7e4ee2f4087652f7da1255a2369fa1006367863b502f36fa3e7b76afa90fc548eb5890a4394a892aa225944ac59a02870b9e044b86c5b6903db4fb4fd6c1fc0d2013162ef6873d5f34971a93b9e57fa83c089c2a22424bdae50af6fc8ad2682869d7144231c8171993d36ba069b1071df9f169b3e5ff1523cf4eb03f4c52bae89fb53bb3295325b8b4da2f04a4681d5b2a44212f1d65c53d9d6615cb21478a07df30d0a118aa5aec0111f2e6387e67235fa683d2f77032b84c90a8c31e0ee6989dd1540de03c1a74efa5888870c9b80bbd1731e973eaef4c985c1f89dd4ca490f2bab6f49794ff321418eba535c5753c14bd368024ecdd625348640807cea967b1a47ee7ff616b5ba8b91eb5a8ae7f8d2658ad5f70cedadb9d225e2bafa8e5e3a59c2f91c46513a9995a6c032e9c3ab0bf43439cc666b19bf98ae001198f36f31bd51af5d2241269b130ec810a87f31002e64ed816ba453c1d656411f651bfd019dca08e0e79f624fc3176f6eca7e35d75fb9591f7baac8ebcf45cebeaa1aa54172e7d5ac507e4b9778a60da247ce4c93acc561944e46d90ec6d660914d64aef3b36a0f1b17b41ad2453adc582e8759ca310622ce9000bdbabfbb95966f1db58ae922a77759516aefe7d3f2d097025b7a55e02991209dd522f52e9a3c3ae257771c8117345990c5afb87e6d794329ff7f4d00f860ab03ff85db22027af41583669a1b286706211d89648a3618376f337828e979dba0f340f7f21d4af838fa8af703a5e2025359354d785ae8b65a95bfc7e34b6ad8bf4782653c64cf2f5c6248277c0cf56154044ad6f65df35cabe6e21e095ae52eba99dbe079a47e374b9d2716ee5ea575e69b21f4e73079aa1a75223379017f0ad3574349072d12ff6b1f0cea6169fceec80e55ea4513f1285ed28b5e22b69f4208ba8126e62ca47ac207a04dc50fb5ca07233a237f7011ffe947e76e7d760d343fd4636b81b403897fb00df73c752a3e4f029afbf079c131a6e0fc54a185610768ab8d5fdaebc8b8fb468c57ce1013bfc37c2823c5e578e1be1095fbba2f73ed91ad6a9c10143181f1e3a7f28d581282055ac410a509858960674b7eced84b9f6a32a6e694f0bc1607a1f9118d69c87d9d47413b507ba45694b9", 0x1000}], 0x8, &(0x7f0000005d00)=[@txtime={{0x18, 0x1, 0x3d, 0x8}}], 0x18}}], 0x1, 0x240008b1)
connect$inet6(r1, &(0x7f0000005d80)={0xa, 0x4e21, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0x7}, 0x1c)
r8 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000005dc0), 0x8600, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r8, 0x8916, &(0x7f0000005e00)={'hsr0\x00', {0x2, 0x4e21, @broadcast}})
fdatasync(r6)
read$msr(r8, &(0x7f0000005e40)=""/121, 0x79)
getgroups(0x1, &(0x7f0000005ec0)=[r3])
mount$9p_virtio(&(0x7f0000005f00), &(0x7f0000005f40)='./file0\x00', &(0x7f0000005f80), 0x22, &(0x7f0000005fc0)={'trans=virtio,', {[{@fscache}], [{@mask={'mask', 0x3d, '^MAY_WRITE'}}, {@context={'context', 0x3d, 'staff_u'}}]}})
write$RDMA_USER_CM_CMD_CREATE_ID(r8, &(0x7f0000006040)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000006000)={<r9=>0xffffffffffffffff}, 0x2, 0x5}}, 0x20)
write$RDMA_USER_CM_CMD_LISTEN(r8, &(0x7f0000006080)={0x7, 0x8, 0xfa00, {r9, 0x6}}, 0x10)
r10 = add_key$fscrypt_v1(&(0x7f00000060c0), &(0x7f0000006100)={'fscrypt:', @desc2}, &(0x7f0000006140)={0x0, "ec31d2dd815697b077f7da3a7cea3be68023f2eb6bb341e7263744e6f671ac410b17bfb0224b15654db48e09935014df7abb8be7dfd37acf86664683bc5d3802", 0x35}, 0x48, 0xfffffffffffffffc)
r11 = add_key$keyring(&(0x7f00000061c0), &(0x7f0000006200)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffa)
keyctl$link(0x8, r10, r11)
r12 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000006280)=@o_path={&(0x7f0000006240)='./file0\x00', 0x0, 0x4010, r1}, 0x18)
ioctl$EXT4_IOC_CHECKPOINT(r12, 0x4004662b, &(0x7f00000062c0))
ioperm(0x9, 0x4, 0xfffffffffffffff7)
ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(r6, 0xc0189378, &(0x7f0000006300)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {r7}}, './file0\x00'})
mount$tmpfs(0x0, &(0x7f0000006340)='./file0/../file0\x00', &(0x7f0000006380), 0x80000, &(0x7f00000063c0)={[{@mpol={'mpol', 0x3d, {'default', '=static', @val={0x3a, [0x36, 0x36, 0x36, 0x2d, 0x16]}}}}, {@mpol={'mpol', 0x3d, {'default', '=static', @val={0x3a, [0x33, 0x26, 0x37]}}}}, {@size={'size', 0x3d, [0x65, 0x67]}}, {@noswap}, {@nr_blocks={'nr_blocks', 0x3d, [0x37, 0x67, 0x39]}}, {@usrquota}, {@huge_advise}, {@nr_inodes={'nr_inodes', 0x3d, [0x78, 0x0, 0x70, 0x65, 0x34, 0x6b, 0x25, 0x78, 0x30]}}], [{@context={'context', 0x3d, 'user_u'}}]})

22.800971878s ago: executing program 3 (id=1419):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000200)=<r2=>0x0)
ptrace$ARCH_SHSTK_LOCK(0x1e, r2, 0x1, 0x5003)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$FBIO_WAITFORVSYNC(r3, 0x40044620, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x68}}, 0x40000)
r4 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000040)={@multicast1, @local, @loopback}, 0xc)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000140)={0xa, {{0x2, 0x0, @multicast2}}}, 0x88)
getsockopt$inet_buf(r4, 0x0, 0x29, &(0x7f0000000040)=""/185, &(0x7f0000000100)=0xb9)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f080003"], 0xf0}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x528}}, 0xc000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r6 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r6, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @empty}}}, @ip_retopts={{0x14, 0x110, 0xd, {[@timestamp_addr={0x44, 0x4, 0x0, 0x1, 0x8}]}}}], 0x38}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0), 0x10)
sendto$l2tp(0xffffffffffffffff, &(0x7f0000000040)="e5786a0d000000000000c83b", 0xc, 0x0, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10)
recvfrom$l2tp(0xffffffffffffffff, 0x0, 0x0, 0x40010062, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
socket$inet(0x2, 0x2000000080005, 0xffffffd2)

21.506449285s ago: executing program 3 (id=1422):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000200))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0)={<r0=>0x0}, &(0x7f0000000300)=0xc)
prlimit64(r0, 0xe, &(0x7f0000000240)={0x5, 0x1000087}, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, &(0x7f0000000040)={0xc, 0x0, <r3=>0x0})
r4 = socket(0x1a, 0x1, 0x6)
clock_gettime(0x0, 0x0)
recvmmsg(r4, &(0x7f0000003c00)=[{{&(0x7f0000000300)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, 0x0, 0x0, &(0x7f0000000500)=""/118, 0x76}, 0x3}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000580)=""/222, 0xde}, {0x0}], 0x2}, 0xffff}, {{&(0x7f0000000980)=@can, 0x80, &(0x7f0000000d80), 0x0, &(0x7f0000000e00)=""/110, 0x6e}, 0x7f}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001140)=""/139, 0x8b}, 0xc4}, {{0x0, 0x0, &(0x7f00000025c0), 0x0, &(0x7f0000002640)=""/102, 0x66}, 0x8}, {{0x0, 0x0, &(0x7f0000002b80)=[{&(0x7f0000002740)=""/90, 0x5a}, {&(0x7f00000027c0)=""/149, 0x95}, {&(0x7f0000002880)=""/77, 0x4d}, {&(0x7f0000002900)=""/41, 0x29}, {&(0x7f0000002a00)=""/59, 0x3b}, {&(0x7f0000002a40)=""/235, 0xeb}], 0x6}, 0x200}], 0x6, 0x10100, &(0x7f0000003dc0))
ioctl$sock_inet_udp_SIOCOUTQ(r1, 0x5411, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r2, 0x3ba0, &(0x7f0000000100)={0x48, 0x2, r3})
shmget$private(0x0, 0x3000, 0x8, &(0x7f0000ffd000/0x3000)=nil)
ioctl$IOMMU_IOAS_MAP$PAGES(r2, 0x3b85, &(0x7f0000000180)={0x28, 0x4, r3, 0x0, &(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x7})
pipe(&(0x7f0000000040)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
socket$inet6_sctp(0xa, 0x5, 0x84)
write$proc_mixer(r5, &(0x7f0000000400)=ANY=[@ANYBLOB="42415353f5"], 0x5)
r7 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r7, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r8=>0x0}, &(0x7f00000004c0)=0x27)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x1f, &(0x7f0000000000)={r8, @in6={{0xa, 0x4e24, 0x6, @empty, 0x7f4}}, 0x2, 0x9}, &(0x7f00000000c0)=0x90)
close(r2)
ioctl$VIDIOC_QUERYCTRL(0xffffffffffffffff, 0xc0445624, &(0x7f0000000040)={0x64e4ad8e, 0x2, "f256ff5141a2c4847732eb158006fd12ce52de20d2df3345c6b45b8c11c0bf30", 0x3, 0x2, 0xfffffffc, 0x9})

20.958715173s ago: executing program 0 (id=1348):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000380)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
r3 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r3, &(0x7f0000000000)={0x27}, 0x74)
sendmmsg$unix(r3, &(0x7f0000000a00)=[{{&(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000001dc0)}, {0x0}], 0x2}}, {{&(0x7f0000000580)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000600)='z', 0x1}], 0x1}}, {{&(0x7f0000000300)=@abs={0x0, 0x0, 0x4e22}, 0x6e, &(0x7f0000000440)=[{0x0}, {&(0x7f00000004c0)="37b4f7c1b437f8f2cd61c74b3c78e1b7688a897467864c33c1bb447bc7ea32ce057ba72be8b8fbfb2cba46a220e68da8559a0f8658d4d37dedcc7e5c1f82d3b1b7ba34614ed57f1e71976a89999f6847c928ed1f2ec308a058ed3bf1dee4d29cb80c2a91020cdbf79790549e1702848ee88947dd6aa019b086637ae0de2e723b2caf24848bfaafa32b6076f77d43ad2e787f28feccad83605ca4f6980becb70042ea83a8eb1bbf744403b2001ddf597c53f50968a856a0283379029f", 0xbc}], 0x2, &(0x7f0000000b00)=[@cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee00}}}, @rights={{0x28, 0x1, 0x1, [r3, r2, r1, r1, r2, r1]}}, @rights={{0x30, 0x1, 0x1, [r1, r3, r0, 0xffffffffffffffff, r1, r0, r1, 0xffffffffffffffff]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xee01, 0xee01}}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [r1, 0xffffffffffffffff]}}, @rights={{0x1c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, r2]}}], 0xf0, 0x24004080}}], 0x4, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000780)={0x18, 0x5, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
socket$packet(0x11, 0x3, 0x300)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, &(0x7f00000001c0), 0x4)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000000)={<r4=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000003c0)={r4, 0x10, "d24ec8bedb50a214ed375f000000005d"}, &(0x7f0000000480)=0x18)
socket$packet(0x11, 0x3, 0x300)
recvmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x22})
io_uring_enter(0xffffffffffffffff, 0x48e9, 0x0, 0x2, 0x0, 0x0)
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1, 0x0, 0x1})
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x38, 0x38, 0x4, [@var={0x2, 0x0, 0x0, 0x11, 0x4}, @const={0x0, 0x0, 0x0, 0x2}, @func_proto={0x2, 0x0, 0x0, 0x6, 0x2}, @var={0x2, 0x0, 0x0, 0xe, 0x3}]}, {0x0, [0x0, 0x61]}}, 0x0, 0x54, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20)

20.380916683s ago: executing program 3 (id=1425):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = fsopen(&(0x7f0000000000)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x3, 0x0, &(0x7f00000000c0)='3', 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r3, r4, 0x2, 0x2, 0x0, @void, @value}, 0x10)
socketpair(0xa, 0x1, 0x0, &(0x7f0000002d00))

19.667639768s ago: executing program 3 (id=1428):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x14, 0x9, 0x6, 0x801}, 0x14}, 0x1, 0x0, 0x0, 0x10000047}, 0x4008084)
r1 = socket$isdn_base(0x22, 0x3, 0x0)
connect(r1, &(0x7f0000000040)=@x25, 0x80)
r2 = syz_usb_connect$hid(0x0, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(r2, 0x0, 0x0)
syz_usb_control_io(r2, &(0x7f00000001c0)={0x2c, &(0x7f0000000200)={0x0, 0x11, 0x6, {0x6, 0x0, "b1354cbf"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
ioctl$BTRFS_IOC_LOGICAL_INO(r1, 0xc0389424, &(0x7f0000000140)={0x5, 0x20, '\x00', 0x0, &(0x7f00000000c0)=[0x0, 0x0, 0x0, 0x0]})

19.502018764s ago: executing program 3 (id=1429):
r0 = socket$nl_generic(0x11, 0x3, 0x10)
syz_emit_ethernet(0xc2, &(0x7f0000000780)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaaaa08004cf900b4006500000e069078000000006401010183074d7f00000107178e7f0000017f00000100000000ac1414bb7f000001443c11930a01010200000002ac1414aa000080006401010000000000000000000000025c7f00000100000fff0a01010100000004e00000011800000000000000000000000000000000000000000400004e2400004e210000400300000000000000000023000000000007000000030000000400000000000000020000000500000020f3e2037e1758a6419b30f2cbfaf57359d7a3f347b6209b58c5bd8a9ad4b6a0a07b543b444897421062c4aa8704cca8472170dc24d00a6866e6940e72ca5e237d2da1654aafea89ab62e715b312174f40d24d63147c3dcdea34d09b3765b041961ddb12a071d1545e8152490ecf16ee2cff70f75083578a593e2f7c9a7989c6b711be9f4c1d1928087401a11f65b6e8ae60d589be8853e513b9457ad1e6c193065ff8e1f168b7c37f1c53036d"], 0x0)
sendmsg(r0, &(0x7f0000000640)={&(0x7f00000000c0)=@nl=@unspec, 0x80, &(0x7f00000005c0)=[{&(0x7f0000000180)="4ba72c4cfd81685544f46c3f0800", 0xe}], 0x1, 0x0, 0xfffffffffffffdbc, 0x11000000}, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000480)=ANY=[@ANYBLOB="9feb01001800000019000000000000000000000043ffffff0000"], 0x0, 0x1a, 0x0, 0x1, 0x0, 0x0, @void, @value}, 0x28)
r1 = openat(0xffffffffffffff9c, 0x0, 0x624041, 0xe2)
r2 = gettid()
syz_kvm_setup_cpu$x86(r1, r1, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000240)=[@textreal={0x8, &(0x7f0000000040)="660f383e0b0f20c06635020000000f22c0f3670f0fc50d0f07f0820a8abaf80c66b82e061c8466efbafc0ced66b8070000000f23c80f21f866350c00a0000f23f836de782e66b9800000c00f326635008000000f30c4c241cfe6", 0x5a}], 0x1, 0x48, &(0x7f00000002c0)=[@vmwrite={0x8, 0x0, 0x1, 0x0, 0x1, 0x0, 0x3, 0x0, 0x3ff}, @cstype0={0x4, 0x5}], 0x2)
timer_create(0xb, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000300)='btrfs_space_reservation\x00', r3, 0x0, 0x3}, 0x18)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000032680)=""/102400, 0x19000)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
socket$inet_tcp(0x2, 0x1, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, 0x0, 0x0)
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000007000)={{0x0, 0x4}, {0x0, 0x989680}}, 0x0)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000040)={0x1f, 0x1, 0x3}, 0x6)

4.159374814s ago: executing program 2 (id=1468):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
writev(r1, &(0x7f00000028c0)=[{0x0}], 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x30, 0x1410, 0x4, 0x70bd2c, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x1}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}]}, 0x30}, 0x1, 0x2000000, 0x0, 0x24044836}, 0xc894)
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x20802, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x62882)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f0000000400)={0x0, 0x0, {0x3}, 0xc}) (fail_nth: 6)

4.063173259s ago: executing program 1 (id=1469):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
socket$nl_audit(0x10, 0x3, 0x9)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
writev(r1, &(0x7f00000028c0)=[{0x0}], 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
sendmsg$RDMA_NLDEV_CMD_STAT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x30, 0x1410, 0x4, 0x70bd2c, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x1}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}]}, 0x30}, 0x1, 0x2000000, 0x0, 0x24044836}, 0xc894)
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x20802, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x62882)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r3, 0x40605346, &(0x7f0000000400)={0x1f00, 0x0, {0x3}, 0xc})

4.061193641s ago: executing program 4 (id=1470):
r0 = socket$netlink(0x10, 0x3, 0x0)
unshare(0x22020600) (async)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f00000040c0)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff4070000000000000400000000000e1ff95000000000000002ba76bb3019c1341056bd8174b79603123751c4e345c652fbc1626cca2a2ad75806150ae0209e62751ee00ba19ce670d25010000020000040000009fc40400d2532e764975f03f1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac05c04683712a0b09ec39e9ef8f6e396ad200a011ea665c45a3449abe802f5ab3e89cf40b858e217ce740068720000074e468eea3fcfcf498278ad15f5f87e1c26433a8acdc0e65888b2007f00000000000000000100000000000000010000000000000053350000000034a70c2ab40c7cf5691db43a5c00000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000040cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d01000000520655a8056085f4d431623c850af895abba14f6fbd7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdc2ba9d580609e31c30891e7d87a79d6fce424c2200af6cb784a1975fa657de38a3a32a4fd67ce446adb431d07db79240aca1dd9ba02450500000000000000e645f091231b986e77d05d988d6edc6f9b4eb883ec8f878300cabf2b5543ffc1bdb92618242852e6e8b3e56fefbfff81669557b3809d8c396d2c0361629d1822f722ec23812770d72cd0010000007889b8c7044f563a1f68d4efe895fdbc463f747c08f4010586903500000000000000e800000000000000000000000000000000000000003ddf4aa4b1c8b0a0ae6feb6737c275dc2740f742b5425f1d581961471cdb51f8940290e99ccff4123f955267fe4a75c11448741f064fe7ce7e62ee4df874e086287547d4099aeec9f1538ee25a2a5ccf4a9b604e88e12ff251845d0fff45bdbaeba4d4e3c6f7f623579435b2c505fb711300000000040000000000000000000000004c00e67ccc02148a4fc43021cce9f24f4b2f9492c32e7a92a557ac2b44b84e88bbf7611589906d923e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec0c0acef5385c5a2720caeb68f1e9c05b0591d89467ded84da092dea262e51811e2d7fa515722516bd5ef6cfa4966e5937562a5649a1a0000a042a7097ddefe0671a5767014b09b78f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb32879d326497e21e041254f06bd7f3a067e147e82e841dba3867da8bfbc101d3960e07d282f483e7be49833f3c435f9700bc84680549f9eb16682ecb72277ffaca907a3eac4bfc8e0a47c0076d7cc9d32b3cc96aa751d890881c3c33bd91f6ecf45ab3f12f816318346f9b883427b9190024edc1eddd68f34ce3bfedb5fe5d7beae4d3ca561e37570587783f9673e7ab17f5a09efc1114777d2707d2996961203aedff1c5a87013b98649805216631e20d07dff3ae567ca0d38a828542625fc6096aedc0ac5c144f0965071274bea051007e398cf9090c53d4b8b7dc784e3d83b78b007a43d744aa99d6a7c576e20b4281eff511122ccb399bcef0a0471639c81aab7445cebfc9b00b31fcbaf63086b3c16f51b593acee0b3a4830dd6af1accb15cc6163cabc01442527aa10000000000000000a4ba25997affe74ec552bf9deafbd63e"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r1, 0xfe, 0x0}, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x9, 0x1}}}}]}, 0x44}}, 0x0) (async)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000400)=ANY=[@ANYBLOB="f00000001a0093cf26bd7000fddbdf25ff7fd36b27d9a6bde300000000000000ff0100000000000000000000000000013d2200054e240002020000002c000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fc010000000000000000000000000000000004d332000000ac1e01010000000000000000"], 0xf0}}, 0x28008004) (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
bind(r2, &(0x7f0000000200)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x4e24, @multicast1}, 0x4, 0x2, 0x4}}, 0x80) (async)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000180)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_BR_GROUP_ADDR={0x9, 0x14, @remote}, @IFLA_BR_AGEING_TIME={0x8, 0x9}]}}}]}, 0x48}}, 0x0)

3.678279622s ago: executing program 2 (id=1471):
r0 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x275a, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0xd, 0x15, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000019bf00000000ff5ef369000018e89523", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000085200000050000001830000003000000000000000000000018610000034000000000000001000000245a0400fcffffffbf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0xfffff001, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xbb3e, @void, @value}, 0x94)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_HARDIF(r0, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000002c0)={&(0x7f0000000380)={0x4c, r1, 0x800, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_ELP_INTERVAL={0x8, 0x3a, 0xf}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x81}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x2}, @BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x6}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20000044}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000840)='./bus\x00', 0xac)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x3)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000005f00)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
r5 = syz_open_dev$sndpcmc(&(0x7f0000000000), 0x7f, 0x200500)
ioctl$SNDRV_PCM_IOCTL_DELAY(r5, 0x80084121, &(0x7f0000000180))
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
mount$afs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB='dyn'])
getxattr(&(0x7f0000000140)='./bus\x00', &(0x7f00000001c0)=@known='system.posix_acl_access\x00', 0x0, 0x0)

3.520697645s ago: executing program 4 (id=1472):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x100008b}, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
writev(r2, &(0x7f00000028c0)=[{0x0}], 0x1)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000480)={[{@metacopy_on}, {@userxattr}]})
sendmsg$RDMA_NLDEV_CMD_STAT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x30, 0x1410, 0x4, 0x70bd2c, 0x25dfdbfe, "", [@RDMA_NLDEV_ATTR_STAT_MODE={0x8, 0x4a, 0x2}, @RDMA_NLDEV_ATTR_STAT_MODE={0x8}, @RDMA_NLDEV_ATTR_RES_LQPN={0x8, 0x15, 0x1}, @RDMA_NLDEV_ATTR_STAT_RES={0x8}]}, 0x30}, 0x1, 0x2000000, 0x0, 0x24044836}, 0xc894)
syz_usb_connect(0x0, 0x36, 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x20802, 0x0)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x400070}, 0xc, &(0x7f00000002c0)={&(0x7f0000000480)=@gettaction={0x164, 0x32, 0x400, 0x70bd27, 0x25dfdbfe, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x9}, @action_gd=@TCA_ACT_TAB={0x7c, 0x1, [{0x10, 0x9, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'gact\x00'}}, {0x14, 0x1, 0x0, 0x0, @TCA_ACT_KIND={0xd, 0x1, 'connmark\x00'}}, {0x10, 0x8, 0x0, 0x0, @TCA_ACT_KIND={0xa, 0x1, 'pedit\x00'}}, {0xc, 0x8, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x34f}}, {0xc, 0x1b, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x8}}, {0xc, 0x1c, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x2}}, {0xc, 0x1f, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xef33}}, {0x14, 0xe, 0x0, 0x0, @TCA_ACT_KIND={0xf, 0x1, 'tunnel_key\x00'}}]}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}, @action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}, @action_gd=@TCA_ACT_TAB={0x1c, 0x1, [{0xc, 0xa, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ipt\x00'}}, {0xc, 0x1a, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x7}, @action_gd=@TCA_ACT_TAB={0x50, 0x1, [{0x10, 0x15, 0x0, 0x0, @TCA_ACT_KIND={0x9, 0x1, 'csum\x00'}}, {0xc, 0x15, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0xc, 0x1, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xfffffffa}}, {0xc, 0x16, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'ife\x00'}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x4}}, {0xc, 0x3, 0x0, 0x0, @TCA_ACT_KIND={0x8, 0x1, 'nat\x00'}}]}, @action_gd=@TCA_ACT_TAB={0x34, 0x1, [{0xc, 0x1a, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x322}}, {0xc, 0xf, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0xf}}, {0xc, 0x1d, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x10001}}, {0xc, 0x1e, 0x0, 0x0, @TCA_ACT_KIND={0x7, 0x1, 'xt\x00'}}]}]}, 0x164}, 0x1, 0x0, 0x0, 0x8004}, 0x800)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmmsg(r5, &(0x7f0000000380)=[{{&(0x7f0000000580)=@nl=@proc, 0x80, &(0x7f0000001900)=[{&(0x7f0000000600)='B', 0x1}], 0x1}}, {{&(0x7f0000000200)=@nl=@proc, 0x80, &(0x7f0000000340)=[{&(0x7f0000000280)='6', 0x1}], 0x1, &(0x7f0000000400)=ANY=[], 0xfdef}}], 0x2, 0x0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e24, 0x800, @loopback, 0x7fffffff}}}, &(0x7f0000000600)=0x84)
r6 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000080)={0xa, 0x0, 0x0, @private0}, &(0x7f00000000c0)=0x1c, 0x0)
connect$inet6(r6, &(0x7f0000000100)={0xa, 0x4e21, 0x200, @private1, 0x1}, 0x1c)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
r7 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x62882)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r7, 0x40605346, &(0x7f0000000400)={0x0, 0x0, {0x3}, 0xc})

3.111608063s ago: executing program 2 (id=1473):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x19, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0xfffff000, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a80)=ANY=[@ANYBLOB="0b000000b9000000010001000900000001"], 0x48)
close(r0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="0b0000008b000000050000000900000001"], 0x48)
openat$tun(0xffffffffffffff9c, 0x0, 0x1c1842, 0x0)
mkdir(&(0x7f0000000240)='./file0\x00', 0x100)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xe8001, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller1\x00', 0x2})
ioctl$TUNSETOFFLOAD(r2, 0x400454c9, 0xba98575a95aeb70d)
ioctl$FAT_IOCTL_GET_ATTRIBUTES(r2, 0x80047210, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$clear(0x3, 0xfffffffffffffffd)
mount$afs(&(0x7f0000000040)=ANY=[@ANYBLOB='#Zyz1:syz0'], &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f0000000400)={[{@dyn}]})
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000002c0)={r1, &(0x7f00000000c0), &(0x7f0000000380)=""/107}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000040), &(0x7f0000000440)=""/183}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000000)={r0, &(0x7f0000000180), &(0x7f0000000680)=""/141}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000340)={r0, &(0x7f0000000040)}, 0x20)

3.054418522s ago: executing program 1 (id=1474):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000007c0)={<r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f00)={'wlan0\x00', &(0x7f00000002c0)=@ethtool_perm_addr={0x4b, 0x23, "4372073830000000020000000000000000000000ef86ed689a894bea2450854f2b904d"}}) (async, rerun: 64)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') (rerun: 64)
fchdir(r1) (async)
lstat(&(0x7f0000000200)='.\x00', &(0x7f00000002c0))

2.754304709s ago: executing program 4 (id=1475):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
syz_emit_ethernet(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x2ddc4000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB], 0x60}, 0x1, 0x0, 0x0, 0x41}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
syz_emit_vhci(&(0x7f00000003c0)=ANY=[@ANYBLOB="04221d02000000000000fa0098a5afbeac08ffffffffffff02ae03b6fe0200406150af5dd207356c54771663503c1a07814a708a265e526e0808dedd6ef0574923c6b481f34615a52b7b953cbc1e345a230a69b6dbda7996beff64a5f890150f3e1536f573a7f2c967432a5fe3b025c0a1b711880f00076bf236861f61dda6464b3b2c35b52c0eda53dc49aafdf40dfbc409b8a737933e07910effd0d0aed26bded44a331e71a8e61ee272176ee45685442c3c3778b0ea6b9360"], 0x20)
unshare(0x6020480)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x6}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0x1}}]}}, @TCA_RATE={0x6}]}, 0x4c}, 0x1, 0x0, 0x0, 0x48801}, 0x0)
syz_io_uring_setup(0x5164, &(0x7f00000002c0)={0x0, 0x0, 0x1000, 0xffffffff, 0x3d9}, &(0x7f0000000240)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_open_dev$vim2m(0x0, 0x7, 0x2)
syz_io_uring_submit(r4, r5, &(0x7f00000004c0)=@IORING_OP_READ=@pass_buffer={0x16, 0xa, 0x2004, @fd_index=0x9, 0xc, 0x0, 0x0, 0x2})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r6 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000480)='/sys/kernel/oops_count', 0x438400, 0x93afeb4799760553)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_POWER_SAVE(r6, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)={0x4c, r7, 0xb3317fcb5c1869ae, 0x70bd25, 0x25dfdbfd, {{}, {@void, @void}}, [@NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x6265b6e16402b607}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}, @NL80211_ATTR_PS_STATE={0x8, 0x5d, 0x1}]}, 0x4c}}, 0x20000)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)

2.423707s ago: executing program 1 (id=1476):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000200))
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000002c0)={<r0=>0x0}, &(0x7f0000000300)=0xc)
prlimit64(r0, 0xe, &(0x7f0000000240)={0x5, 0x1000087}, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x43, &(0x7f0000000040)=0x2)
read$msr(0xffffffffffffffff, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r1, 0x3b81, &(0x7f0000000040)={0xc})
r2 = socket(0x1a, 0x1, 0x6)
ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000006c0)={'wg2\x00', &(0x7f0000000700)=@ethtool_coalesce={0xf, 0x2, 0x2502599c, 0x50, 0xfffffff8, 0x5, 0x4, 0x8000, 0xd243, 0x9, 0x2, 0x6908ba1c, 0x7fff, 0x2, 0x401, 0xfffff5bf, 0x8, 0x57a, 0x9, 0xfffffffe, 0x9, 0xfffffffc}})
clock_gettime(0x0, 0x0)
recvmmsg(r2, &(0x7f0000003c00)=[{{&(0x7f0000000300)=@in6={0xa, 0x0, 0x0, @loopback}, 0x80, 0x0, 0x0, &(0x7f0000000500)=""/118, 0x76}, 0x3}, {{0x0, 0x0, &(0x7f0000000900)=[{&(0x7f0000000580)=""/222, 0xde}, {0x0}], 0x2}, 0xffff}, {{&(0x7f0000000980)=@can, 0x80, &(0x7f0000000d80), 0x0, &(0x7f0000000e00)=""/110, 0x6e}, 0x7f}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001140)=""/139, 0x8b}, 0xc4}, {{0x0, 0x0, &(0x7f00000025c0), 0x0, &(0x7f0000002640)=""/102, 0x66}, 0x8}, {{0x0, 0x0, &(0x7f0000002b80)=[{&(0x7f0000002740)=""/90, 0x5a}, {&(0x7f00000027c0)=""/149, 0x95}, {&(0x7f0000002880)=""/77, 0x4d}, {&(0x7f0000002900)=""/41, 0x29}, {&(0x7f0000002a00)=""/59, 0x3b}, {&(0x7f0000002a40)=""/235, 0xeb}], 0x6}, 0x200}], 0x6, 0x10100, &(0x7f0000003dc0))
ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
shmget$private(0x0, 0x3000, 0x8, &(0x7f0000ffd000/0x3000)=nil)
pipe(&(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
socket$inet6_sctp(0xa, 0x5, 0x84)
write$proc_mixer(r3, &(0x7f0000000400)=ANY=[@ANYBLOB="42415353f5"], 0x5)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f00000004c0)=0x27)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r4, 0x84, 0x1f, &(0x7f0000000000)={r5, @in6={{0xa, 0x4e24, 0x6, @empty, 0x7f4}}, 0x2, 0x9}, &(0x7f00000000c0)=0x90)
close(r1)
ioctl$VIDIOC_QUERYCTRL(0xffffffffffffffff, 0xc0445624, &(0x7f0000000040)={0x64e4ad8e, 0x2, "f256ff5141a2c4847732eb158006fd12ce52de20d2df3345c6b45b8c11c0bf30", 0x3, 0x2, 0xfffffffc, 0x9})

2.14041414s ago: executing program 1 (id=1477):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000)={0x0, r0}, 0x8)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000040)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000002c0)=ANY=[], 0x0, 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = open(0x0, 0x0, 0x0)
r4 = openat$cgroup_subtree(r3, 0x0, 0x2, 0x0)
write$cgroup_subtree(r4, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
bpf$PROG_LOAD(0xa0, &(0x7f0000000840)={0x15, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8}, {{0x18, 0x1, 0x1, 0x0, r1}, {}, {0x7, 0x0, 0xb, 0x6}, {0x85, 0x0, 0x0, 0x5}, {0x4}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x6, 0xa, 0x9, 0xfff0, 0xf1}, {0x5, 0x0, 0xb, 0x9}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x6, 0x1, 0xb, 0xa, 0x8}, {0x7, 0x0, 0x0, 0x8}, {0x7, 0x1, 0xb, 0x4, 0x9}, {}, {}, {0x18, 0x6, 0x2, 0x0, r0}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sk_reuseport, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-avx2\x00'}, 0x58)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)

2.082317641s ago: executing program 4 (id=1478):
prctl$PR_SCHED_CORE(0x3e, 0x100000000001, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f0000000300), 0x100040000, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bind$alg(0xffffffffffffffff, &(0x7f0000000240)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cipher_null\x00'}, 0x58)
r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
accept$ax25(r1, 0x0, &(0x7f0000000280))
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r2 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f00000013c0)='tasks\x00', 0x2, 0x0)
r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r4, 0x11c, 0x2, 0x0, &(0x7f0000000100))
ioctl$VIDIOC_S_INPUT(r3, 0xc0045627, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r0, 0xc0845657, &(0x7f0000000340)={0x0, @bt={0x9, 0x6, 0x9412a84f003846ce, 0x7, 0x0, 0x101, 0x400, 0xfffffffd, 0x2f8, 0x7, 0x3, 0x2, 0x3, 0x1, 0x8, 0x35, {0x5, 0x10c}, 0x0, 0x3}})
write$cgroup_pid(r2, &(0x7f00000002c0), 0x12)
r5 = getpid()
syz_pidfd_open(r5, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000001c0)={<r6=>0xffffffffffffffff})
fsetxattr$trusted_overlay_nlink(r6, &(0x7f0000000200), &(0x7f0000000240)={'U-', 0x4}, 0x16, 0x1)
r7 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0)
write$binfmt_elf32(r7, 0x0, 0x4cd)
landlock_create_ruleset(&(0x7f0000000040)={0x8, 0x3}, 0x18, 0x0)

2.055585053s ago: executing program 2 (id=1479):
r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c4607030003000000000000000003003e00000000000103000038000000000000000f0000000000200001070000000000000000000003000000c0ffffff018000000700000006000000010100000900001008000000"], 0x58)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(r0)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)

1.004010248s ago: executing program 1 (id=1480):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x0, 0x0, &(0x7f0000003ff6)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000200)=<r2=>0x0)
ptrace$ARCH_SHSTK_LOCK(0x1e, r2, 0x1, 0x5003)
r3 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$FBIO_WAITFORVSYNC(r3, 0x40044620, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB], 0x68}}, 0x40000)
r4 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000040)={@multicast1, @local, @loopback}, 0xc)
setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000000140)={0xa, {{0x2, 0x0, @multicast2}}}, 0x88)
getsockopt$inet_buf(r4, 0x0, 0x29, &(0x7f0000000040)=""/185, &(0x7f0000000100)=0xb9)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f080003"], 0xf0}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="280500003d0007010000000000000000017c00000400"], 0x528}}, 0xc000)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r6 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$inet(r6, &(0x7f0000002780)={0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @empty}}}, @ip_retopts={{0x14, 0x110, 0xd, {[@timestamp_addr={0x44, 0x4, 0x0, 0x1, 0x8}]}}}], 0x38}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0), 0x10)
sendto$l2tp(0xffffffffffffffff, &(0x7f0000000040)="e5786a0d000000000000c83b", 0xc, 0x0, &(0x7f0000000100)={0x2, 0x0, @loopback}, 0x10)
recvfrom$l2tp(0xffffffffffffffff, 0x0, 0x0, 0x40010062, &(0x7f0000000280)={0x2, 0x0, @dev}, 0x10)
socket$inet(0x2, 0x2000000080005, 0xffffffd2)

811.71983ms ago: executing program 2 (id=1481):
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(0xffffffffffffffff, 0xc018937a, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r0=>0xffffffffffffffff, {0x7fffffff}}, './file0\x00'})
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x6, &(0x7f00000003c0)=@framed={{0x18, 0x2, 0x0, 0x0, 0x3}, [@call={0x85, 0x0, 0x0, 0x53}, @map_val={0x18, 0x9, 0x2, 0x0, r0}]}, &(0x7f0000000040)='syzkaller\x00', 0x2, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={r1, 0x0, 0xe, 0x0, &(0x7f0000000440)="c2e9ec9971f13cae60e2d15740e1", 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

745.869508ms ago: executing program 4 (id=1482):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0xe22}, 0x1c)
syz_emit_ethernet(0xfdef, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaa39f4c7f9ba6c851caaaa00000000000008004500fddf000000000011900600000000f1ffffffffff4d22fdcd90ff0f00000000000051dc749667b40264014cccf44fef316a41aa296d9f441199a3d0e5cb75c87d93f118b0eabd37f19eb9cf9cfdbf8b9d"], 0x0)

159.885813ms ago: executing program 4 (id=1483):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$mixer(0xffffffffffffff9c, &(0x7f00000016c0), 0x121040, 0x0)
recvfrom$inet(0xffffffffffffffff, &(0x7f00000000c0)=""/77, 0x4d, 0x41, 0x0, 0x0)
bind$vsock_stream(0xffffffffffffffff, &(0x7f0000000040), 0x10)
listen(0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xd, &(0x7f0000000300)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
write$binfmt_elf32(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="7f454c460403ad03000000000000000002003e00000000000103000038000000000000000ff300000000200001000400000000000000000003"], 0x58)
r5 = inotify_init()
inotify_add_watch(r5, &(0x7f0000000040)='./file0\x00', 0x991)
close(r4)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
recvfrom$unix(0xffffffffffffffff, &(0x7f0000000140)=""/281, 0x119, 0xa2, 0x0, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r3, 0x40086603, &(0x7f0000000040))
connect$can_bcm(0xffffffffffffffff, &(0x7f0000000080), 0x10)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
write$cgroup_int(r4, &(0x7f0000000000)=0x5, 0x12)
mkdir(&(0x7f0000000040)='./bus\x00', 0xc)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
madvise(&(0x7f0000000000/0x2000)=nil, 0x8000000, 0x4)

130.75868ms ago: executing program 2 (id=1484):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
connect$rxrpc(0xffffffffffffffff, 0x0, 0x0)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000000), 0xd)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000), 0x20301, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000240))
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000040))
write$binfmt_script(r0, &(0x7f00000000c0)={'#! ', './file0', [{0x20, '$wf\xdf\x13\x9f\xc0\xf2/`\xe06\xeb?\xbcI6\x1d\xd9\xe2\t\xd5\xd3\b\xbb0>1\xa0\xd1;\xba\xeb/\x9a\xf2,\xdd?\xb8\xed\xce\x11\xe8<\x02\xbdU\xbe\x95u\xc7#\xc3\xce\x98h\xc8\x9c\xc7\xfa\xe7r\xc1\x01\x9a\xf2\xf7\xc5\xc9\xfb\xc2q\x9f\x99\x13\xab\x10\xd2\xf9\x1a\xb0\xbd->\xa8\x1b\xb6\xc6y\x15\xea~w\xec\xb2%\x88\xca\x81;t\xba4\xdc\xf9\xf8\xec:\xd8\x84nP\xfb\"\x8f\xdb\xd2\xc2!eS\x984\x8a@\xd3N\xf9\'\x90\xec0\xfaR\x88\xcc\x9a\xc2\xa8\xda\xfc\x0f`\x9c`\xa1\xa5\x1d\xcb\xfe\xd8\xcc>\xda\xb1\xa7\xb2$\x82\x9b\xe4\xd7g\xea\xb4\\\xd1\x93z{\xd2\xc6J\x860\x10`,\xbf\xfbvZ\xd0L\xf6\bFs\xcc\xcd\xc1\xa9\xc6U\xfd\xbcC\xd9!\xeb\xb0\x88'}]}, 0xd7)
socket$l2tp(0x2, 0x2, 0x73)

0s ago: executing program 1 (id=1485):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0xc, 0x13, &(0x7f00000004c0)=ANY=[@ANYBLOB="1800000000181100000000000000000000104a00e8a1299cb15e022dda96cb35792accbccc45f556ec1aa66900000093cdf0abe63d1e1cb0ad86d67046317c9378e75f902ee2630277aa5d14a579bf", @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000", @ANYBLOB="0000000000000000b702000000000000850000007d000000bf91000000000000b7020000020000008500000085000000b70000000000000095000000"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = fsopen(&(0x7f0000000000)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r2, 0x3, 0x0, &(0x7f00000000c0)='3', 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback}], 0x2c)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, 0x0)
sendmsg$NL80211_CMD_FRAME(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={0x0, 0x40}, 0x1, 0x0, 0x0, 0x4040}, 0x0)
r5 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x42202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r5, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r5, 0x4040534e, &(0x7f0000000180)={0x77, @time={0x20000040, 0x5}, 0x0, {}, 0x0, 0x2})
sendmsg$NFT_MSG_GETRULE(r5, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000400)={&(0x7f0000000940)=ANY=[@ANYBLOB], 0x18c}, 0x1, 0x0, 0x0, 0x1}, 0x40001)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f0000000080)=@assoc_value, &(0x7f0000000100)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32}, 0x9c)
socket(0x10, 0x3, 0x0)
sendto$inet6(r1, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

kernel console output (not intermixed with test programs):

 5-1: new high-speed USB device number 31 using dummy_hcd
[  407.787838][ T5870] usb 5-1: device descriptor read/64, error -71
[  407.935063][ T5870] usb usb5-port1: attempt power cycle
[  408.184782][ T5833] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  408.484084][ T5870] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  408.507068][ T5870] usb 5-1: device descriptor read/8, error -71
[  408.575219][ T5868] usb 4-1: USB disconnect, device number 36
[  408.705501][ T5833] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  408.715523][ T5833] usb 1-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00
[  408.724666][ T5833] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  408.735132][ T5833] usb 1-1: config 0 descriptor??
[  409.536047][ T5870] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  409.562075][ T5833] usbhid 1-1:0.0: can't add hid device: -71
[  409.569899][ T5833] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  409.664246][ T5833] usb 1-1: USB disconnect, device number 30
[  409.731478][ T9157] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  409.900111][ T5870] usb 5-1: device not accepting address 33, error -71
[  410.039560][ T5870] usb usb5-port1: unable to enumerate USB device
[  410.193214][ T9163] sp0: Synchronizing with TNC
[  411.384354][ T9171] fuse: Unknown parameter 'fd00000000000000000000003'
[  412.624241][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  412.624261][   T29] audit: type=1326 audit(1739591150.044:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=9183 comm="syz.3.873" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f675358cde9 code=0x0
[  414.803944][ T5870] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  414.834226][ T9222] lo: entered allmulticast mode
[  415.324083][ T5870] usb 4-1: device descriptor read/64, error -71
[  416.456227][ T5870] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  416.729706][ T9237] netlink: 24 bytes leftover after parsing attributes in process `syz.4.884'.
[  416.729711][ T9235] fuse: Unknown parameter 'fd00000000000000000000003'
[  416.804037][ T5870] usb 4-1: device descriptor read/64, error -71
[  417.292404][ T5870] usb usb4-port1: attempt power cycle
[  417.449319][ T9237] netlink: 8 bytes leftover after parsing attributes in process `syz.4.884'.
[  417.929258][ T5870] usb 4-1: new high-speed USB device number 39 using dummy_hcd
[  417.937513][ T9237] netlink: 4 bytes leftover after parsing attributes in process `syz.4.884'.
[  417.948207][ T9249] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  418.340044][ T9254] fuse: Unknown parameter '0xffffffffffffffff'
[  418.432035][ T5870] usb 4-1: device descriptor read/8, error -71
[  418.470279][ T9244] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  418.476608][ T9244] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  418.489439][ T9244] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  418.500174][ T9244] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  418.509489][ T9244] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  418.931590][ T9265] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[  418.940162][ T9265] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  419.403972][ T5135] Bluetooth: hci0: command 0x0c1a tx timeout
[  420.524175][ T5135] Bluetooth: hci3: command 0x0c1a tx timeout
[  420.531482][ T5822] Bluetooth: hci4: command 0x0c1a tx timeout
[  420.531795][ T5826] Bluetooth: hci2: command 0x0c1a tx timeout
[  420.538101][ T5822] Bluetooth: hci1: command 0x0c1a tx timeout
[  420.824735][ T9280] fuse: Unknown parameter 'fd00000000000000000000003'
[  420.973406][ T9287] FAULT_INJECTION: forcing a failure.
[  420.973406][ T9287] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  420.986995][ T9287] CPU: 0 UID: 0 PID: 9287 Comm: syz.4.898 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  420.987019][ T9287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  420.987029][ T9287] Call Trace:
[  420.987035][ T9287]  <TASK>
[  420.987042][ T9287]  dump_stack_lvl+0x241/0x360
[  420.987066][ T9287]  ? __pfx_dump_stack_lvl+0x10/0x10
[  420.987088][ T9287]  ? __wake_up_klogd+0xcc/0x110
[  420.987112][ T9287]  should_fail_ex+0x40a/0x550
[  420.987137][ T9287]  strncpy_from_user+0x36/0x270
[  420.987160][ T9287]  getname_flags+0xf1/0x540
[  420.987180][ T9287]  user_path_at+0x24/0x60
[  420.987199][ T9287]  __se_sys_mount+0x297/0x3c0
[  420.987220][ T9287]  ? __pfx___se_sys_mount+0x10/0x10
[  420.987236][ T9287]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  420.987255][ T9287]  ? __irq_exit_rcu+0x105/0x220
[  420.987275][ T9287]  ? __x64_sys_mount+0x20/0xc0
[  420.987293][ T9287]  do_syscall_64+0xf3/0x230
[  420.987313][ T9287]  ? clear_bhb_loop+0x35/0x90
[  420.987336][ T9287]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  420.987355][ T9287] RIP: 0033:0x7f0fd718cde9
[  420.987370][ T9287] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  420.987384][ T9287] RSP: 002b:00007f0fd805a038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  420.987402][ T9287] RAX: ffffffffffffffda RBX: 00007f0fd73a6080 RCX: 00007f0fd718cde9
[  420.987414][ T9287] RDX: 0000400000000300 RSI: 0000400000000280 RDI: 0000400000000240
[  420.987426][ T9287] RBP: 00007f0fd805a090 R08: 0000400000000440 R09: 0000000000000000
[  420.987437][ T9287] R10: 0000000001000800 R11: 0000000000000246 R12: 0000000000000001
[  420.987447][ T9287] R13: 0000000000000000 R14: 00007f0fd73a6080 R15: 00007ffcd4cac388
[  420.987472][ T9287]  </TASK>
[  421.169343][    C0] vkms_vblank_simulate: vblank timer overrun
[  421.834079][   T25] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  422.385333][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  422.396490][   T25] usb 2-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00
[  422.406637][   T25] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  422.434006][  T836] usb 3-1: new full-speed USB device number 24 using dummy_hcd
[  422.481006][   T25] usb 2-1: config 0 descriptor??
[  422.574027][ T5870] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  422.588609][  T836] usb 3-1: config 0 has an invalid interface number: 52 but max is 0
[  422.607417][  T836] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  422.648685][  T836] usb 3-1: config 0 has no interface number 0
[  422.716305][  T836] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 10
[  422.728276][  T836] usb 3-1: config 0 interface 52 altsetting 1 endpoint 0x8A has invalid wMaxPacketSize 0
[  422.738826][ T5870] usb 5-1: device descriptor read/64, error -71
[  422.749594][  T836] usb 3-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  422.763373][  T836] usb 3-1: config 0 interface 52 has no altsetting 0
[  422.776756][  T836] usb 3-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  422.789788][  T836] usb 3-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[  422.798611][  T836] usb 3-1: Manufacturer: syz
[  422.806911][  T836] usb 3-1: config 0 descriptor??
[  422.979196][   T25] wacom 0003:056A:032C.0015: hidraw0: USB HID v0.00 Device [HID 056a:032c] on usb-dummy_hcd.1-1/input0
[  423.019285][ T9295] =======================================================
[  423.019285][ T9295] WARNING: The mand mount option has been deprecated and
[  423.019285][ T9295]          and is ignored by this kernel. Remove the mand
[  423.019285][ T9295]          option from the mount to silence this warning.
[  423.019285][ T9295] =======================================================
[  423.054145][    C0] vkms_vblank_simulate: vblank timer overrun
[  423.128341][  T836] synaptics_usb 3-1:0.52: synusb_open - usb_submit_urb failed, error: -90
[  423.137631][ T5870] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[  423.160588][  T836] synaptics_usb 3-1:0.52: probe with driver synaptics_usb failed with error -5
[  423.210798][   T25] usb 2-1: USB disconnect, device number 57
[  423.283966][ T5870] usb 5-1: device descriptor read/64, error -71
[  423.348566][ T9295] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  423.361267][ T9295] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  423.390589][  T836] usb 3-1: USB disconnect, device number 24
[  423.424551][ T5870] usb usb5-port1: attempt power cycle
[  424.441067][ T5870] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[  424.625965][ T5870] usb 5-1: device descriptor read/8, error -71
[  425.884148][ T5870] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  426.116854][ T5870] usb 5-1: device not accepting address 37, error -71
[  426.145839][ T5870] usb usb5-port1: unable to enumerate USB device
[  428.213994][ T5870] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  428.293909][ T5920] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  428.376125][ T5870] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  428.397001][ T5870] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.417371][ T5870] usb 5-1: config 0 descriptor??
[  428.430710][ T5870] gspca_main: cpia1-2.14.0 probing 0813:0001
[  428.500998][ T5920] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  428.534807][ T5920] usb 3-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00
[  428.559235][ T5920] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  428.868877][ T5920] usb 3-1: config 0 descriptor??
[  429.140106][ T5870] cpia1 5-1:0.0: unexpected state after lo power cmd: 00
[  429.364434][ T1558] usb 1-1: new high-speed USB device number 31 using dummy_hcd
[  429.628589][ T1558] usb 1-1: config 0 has an invalid interface number: 87 but max is 0
[  429.655535][ T5920] wacom 0003:056A:032C.0016: hidraw0: USB HID v0.00 Device [HID 056a:032c] on usb-dummy_hcd.2-1/input0
[  429.723929][ T1558] usb 1-1: config 0 has no interface number 0
[  429.781205][ T1558] usb 1-1: too many endpoints for config 0 interface 87 altsetting 28: 204, using maximum allowed: 30
[  429.857591][ T5920] usb 3-1: USB disconnect, device number 25
[  429.864202][ T1558] usb 1-1: config 0 interface 87 altsetting 28 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  429.895233][ T1558] usb 1-1: config 0 interface 87 altsetting 28 has 1 endpoint descriptor, different from the interface descriptor's value: 204
[  429.919249][ T1558] usb 1-1: config 0 interface 87 has no altsetting 0
[  429.944272][ T1558] usb 1-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=8c.f4
[  429.968883][ T1558] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.993952][ T1558] usb 1-1: Product: syz
[  430.001433][ T1558] usb 1-1: Manufacturer: syz
[  430.014136][ T1558] usb 1-1: SerialNumber: syz
[  430.033142][ T1558] usb 1-1: config 0 descriptor??
[  430.205985][ T5870] gspca_cpia1: usb_control_msg 01, error -110
[  430.241253][ T5870] cpia1 5-1:0.0: only firmware version 1 is supported (got: 0)
[  430.870148][ T1558] usb 1-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  430.889241][   T11] usb 1-1: Failed to submit usb control message: -71
[  430.899114][ T1558] usb 1-1: USB disconnect, device number 31
[  430.905157][   T11] usb 1-1: unable to send the bmi data to the device: -71
[  430.913583][   T11] usb 1-1: unable to get target info from device
[  430.920349][   T11] usb 1-1: could not get target info (-71)
[  430.926354][   T11] usb 1-1: could not probe fw (-71)
[  431.469447][ T5870] usb 5-1: USB disconnect, device number 38
[  432.302433][ T9411] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  434.392705][ T9426] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[  434.401258][ T9426] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  435.700106][ T9434] netlink: 36 bytes leftover after parsing attributes in process `syz.0.937'.
[  437.596971][ T5870] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  438.058445][ T5870] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  438.069905][ T5870] usb 3-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00
[  438.184632][ T9460] netlink: 40 bytes leftover after parsing attributes in process `syz.3.945'.
[  438.284554][ T9396] usb 2-1: new high-speed USB device number 58 using dummy_hcd
[  438.404257][ T5870] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  438.575668][ T5870] usb 3-1: config 0 descriptor??
[  438.763905][ T5924] usb 4-1: new high-speed USB device number 41 using dummy_hcd
[  439.304081][ T9396] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  439.313182][ T9396] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  439.347960][ T9396] usb 2-1: config 0 descriptor??
[  439.511322][ T9396] gspca_main: cpia1-2.14.0 probing 0813:0001
[  439.550661][ T9469] netlink: 36 bytes leftover after parsing attributes in process `syz.0.948'.
[  439.855624][ T5870] wacom 0003:056A:032C.0017: hidraw0: USB HID v0.00 Device [HID 056a:032c] on usb-dummy_hcd.2-1/input0
[  439.875337][ T5924] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  439.896920][ T5924] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  439.920017][ T5924] usb 4-1: Product: syz
[  439.924478][ T5924] usb 4-1: Manufacturer: syz
[  439.929221][ T5924] usb 4-1: SerialNumber: syz
[  439.943033][ T5924] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  440.049005][ T5920] usb 3-1: USB disconnect, device number 26
[  440.074178][ T9396] cpia1 2-1:0.0: unexpected state after lo power cmd: 00
[  440.090805][ T5870] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  440.376132][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  440.382513][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  441.256247][ T9396] gspca_cpia1: usb_control_msg 01, error -110
[  441.262386][ T9396] cpia1 2-1:0.0: only firmware version 1 is supported (got: 0)
[  441.333933][ T5870] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  441.352110][ T5870] ath9k_htc: Failed to initialize the device
[  441.428343][ T5870] usb 4-1: ath9k_htc: USB layer deinitialized
[  441.760794][ T9458] netlink: 20 bytes leftover after parsing attributes in process `syz.3.945'.
[  442.927937][ T9481] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[  442.935614][ T9481] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  442.974063][ T1558] usb 4-1: USB disconnect, device number 41
[  444.778122][ T9494] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  446.544041][  T836] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  447.330518][ T9521] netlink: 4 bytes leftover after parsing attributes in process `syz.4.960'.
[  447.700868][ T9535] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  448.000006][  T836] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  448.057973][  T836] usb 1-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00
[  448.093432][  T836] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  448.204810][  T836] usb 1-1: config 0 descriptor??
[  448.333528][  T836] usbhid 1-1:0.0: can't add hid device: -71
[  448.339747][  T836] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  448.356549][  T836] usb 1-1: USB disconnect, device number 32
[  448.518101][ T9544] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  449.303339][ T9548] FAULT_INJECTION: forcing a failure.
[  449.303339][ T9548] name failslab, interval 1, probability 0, space 0, times 0
[  449.316489][ T9548] CPU: 1 UID: 0 PID: 9548 Comm: syz.4.967 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  449.316514][ T9548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  449.316538][ T9548] Call Trace:
[  449.316546][ T9548]  <TASK>
[  449.316553][ T9548]  dump_stack_lvl+0x241/0x360
[  449.316579][ T9548]  ? __pfx_dump_stack_lvl+0x10/0x10
[  449.316596][ T9548]  ? __pfx__printk+0x10/0x10
[  449.316617][ T9548]  ? _raw_write_lock_irq+0xdf/0x120
[  449.316636][ T9548]  ? __pfx__raw_write_lock_irq+0x10/0x10
[  449.316653][ T9548]  ? __lock_acquire+0x1397/0x2100
[  449.316679][ T9548]  should_fail_ex+0x40a/0x550
[  449.316704][ T9548]  should_failslab+0xac/0x100
[  449.316729][ T9548]  __kmalloc_node_track_caller_noprof+0xdc/0x4c0
[  449.316754][ T9548]  ? netlink_realloc_groups+0x115/0x330
[  449.316774][ T9548]  ? netlink_realloc_groups+0x115/0x330
[  449.316790][ T9548]  krealloc_noprof+0x10f/0x300
[  449.316809][ T9548]  netlink_realloc_groups+0x115/0x330
[  449.316831][ T9548]  netlink_bind+0x284/0xc90
[  449.316861][ T9548]  ? __pfx_netlink_bind+0x10/0x10
[  449.316880][ T9548]  ? __might_fault+0xc6/0x120
[  449.316907][ T9548]  __sys_bind+0x1e4/0x290
[  449.316928][ T9548]  ? __pfx___sys_bind+0x10/0x10
[  449.316957][ T9548]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  449.316979][ T9548]  ? do_syscall_64+0x100/0x230
[  449.317002][ T9548]  __x64_sys_bind+0x7a/0x90
[  449.317022][ T9548]  do_syscall_64+0xf3/0x230
[  449.317039][ T9548]  ? clear_bhb_loop+0x35/0x90
[  449.317063][ T9548]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  449.317084][ T9548] RIP: 0033:0x7f0fd718cde9
[  449.317104][ T9548] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  449.317119][ T9548] RSP: 002b:00007f0fd807b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  449.317136][ T9548] RAX: ffffffffffffffda RBX: 00007f0fd73a5fa0 RCX: 00007f0fd718cde9
[  449.317148][ T9548] RDX: 000000000000000c RSI: 0000400000514ff4 RDI: 0000000000000003
[  449.317158][ T9548] RBP: 00007f0fd807b090 R08: 0000000000000000 R09: 0000000000000000
[  449.317168][ T9548] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  449.317178][ T9548] R13: 0000000000000000 R14: 00007f0fd73a5fa0 R15: 00007ffcd4cac388
[  449.317204][ T9548]  </TASK>
[  449.328613][  T836] usb 2-1: USB disconnect, device number 58
[  449.902805][ T9557] netlink: 24 bytes leftover after parsing attributes in process `syz.4.970'.
[  450.856257][ T9570] netlink: 194488 bytes leftover after parsing attributes in process `syz.3.973'.
[  451.419110][ T9566] netlink: 8 bytes leftover after parsing attributes in process `syz.4.970'.
[  451.626021][ T9577] netlink: 4 bytes leftover after parsing attributes in process `syz.4.970'.
[  452.022057][ T9565] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  452.040281][ T9565] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  452.086181][ T9565] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  452.100187][ T9565] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  452.169080][ T9565] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  452.938582][ T5822] Bluetooth: hci0: command 0x0c1a tx timeout
[  452.958571][ T5900] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  453.334004][ T5900] usb 3-1: Using ep0 maxpacket: 8
[  453.817612][ T5900] usb 3-1: too many configurations: 10, using maximum allowed: 8
[  453.867526][ T5900] usb 3-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  454.344019][ T5822] Bluetooth: hci4: command 0x0c1a tx timeout
[  454.350057][ T5822] Bluetooth: hci2: command 0x0c1a tx timeout
[  454.356115][ T5822] Bluetooth: hci1: command 0x0c1a tx timeout
[  454.362109][ T5822] Bluetooth: hci3: command 0x0c1a tx timeout
[  454.394557][ T5900] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.409903][ T5900] usb 3-1: Product: syz
[  454.424664][ T5900] usb 3-1: Manufacturer: syz
[  454.429315][ T5900] usb 3-1: SerialNumber: syz
[  454.462679][ T5900] usb 3-1: config 0 descriptor??
[  454.481580][ T5900] radio-usb-si4713 3-1:0.0: Si4713 development board discovered: (10C4:8244)
[  454.955672][ T9592] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  454.964163][ T9592] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  454.971112][ T9592] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  454.977778][ T9592] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  454.985068][ T9592] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  455.308325][ T9583] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  455.461415][  T836] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  455.474507][ T9583] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  455.791730][  T836] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  455.816724][  T836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  455.817952][ T9583] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  455.861625][  T836] usb 5-1: config 0 descriptor??
[  455.876728][ T9583] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  455.885078][ T5135] Bluetooth: hci0: command 0x0c1a tx timeout
[  456.133679][  T836] gspca_main: cpia1-2.14.0 probing 0813:0001
[  457.155428][ T5135] Bluetooth: hci4: command 0x0c1a tx timeout
[  457.155451][ T5822] Bluetooth: hci3: command 0x0c1a tx timeout
[  457.155536][ T5822] Bluetooth: hci2: command 0x0c1a tx timeout
[  457.161610][ T5135] Bluetooth: hci1: command 0x0c1a tx timeout
[  457.168136][  T836] gspca_cpia1: usb_control_msg 05, error -110
[  457.203371][ T5900] radio-usb-si4713 3-1:0.0: probe with driver radio-usb-si4713 failed with error -32
[  457.231755][ T5900] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  457.286146][  T836] gspca_cpia1: usb_control_msg 01, error -32
[  457.436892][ T5870] usb 3-1: USB disconnect, device number 27
[  458.524051][  T836] gspca_cpia1: usb_control_msg 02, error -110
[  458.530420][  T836] cpia1 5-1:0.0: only firmware version 1 is supported (got: 0)
[  460.483639][ T9647] netlink: 40 bytes leftover after parsing attributes in process `syz.1.994'.
[  465.105217][  T836] usb 5-1: USB disconnect, device number 39
[  466.354882][ T9703] netlink: 'syz.2.1010': attribute type 39 has an invalid length.
[  469.798056][ T9718] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  469.804427][ T9718] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  469.810573][ T9718] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  469.816991][ T9718] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  469.823157][ T9718] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  470.100938][  T836] usb 2-1: new high-speed USB device number 59 using dummy_hcd
[  470.180949][ T9747] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1023'.
[  470.747758][  T836] usb 2-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  470.766141][  T836] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  470.786939][  T836] usb 2-1: config 0 descriptor??
[  470.864418][ T9752] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  470.935937][ T5135] Bluetooth: hci0: command 0x0c1a tx timeout
[  471.304602][  T836] gspca_main: cpia1-2.14.0 probing 0813:0001
[  472.419345][ T5135] Bluetooth: hci3: command 0x0c1a tx timeout
[  472.425880][ T5135] Bluetooth: hci4: command 0x0c1a tx timeout
[  472.432357][ T5135] Bluetooth: hci2: command 0x0c1a tx timeout
[  472.451294][ T5822] Bluetooth: hci1: command 0x0c1a tx timeout
[  472.523972][  T836] cpia1 2-1:0.0: unexpected state after lo power cmd: 00
[  473.156902][ T9769] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1029'.
[  473.615199][  T836] gspca_cpia1: usb_control_msg 01, error -110
[  473.693863][  T836] cpia1 2-1:0.0: only firmware version 1 is supported (got: 0)
[  474.049750][ T9782] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  474.173560][ T9779] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1029'.
[  474.579355][ T9779] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1029'.
[  475.651872][ T9790] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  477.459367][ T9802] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1037'.
[  477.478289][ T9802] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1037'.
[  478.760528][ T5924] usb 2-1: USB disconnect, device number 59
[  479.005361][ T9819] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1043'.
[  481.588697][ T9836] netlink: 4284 bytes leftover after parsing attributes in process `syz.3.1048'.
[  483.173943][ T1558] usb 1-1: new high-speed USB device number 33 using dummy_hcd
[  483.335307][ T1558] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  483.355663][ T1558] usb 1-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00
[  483.371776][ T1558] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.388074][ T1558] usb 1-1: config 0 descriptor??
[  483.494524][ T9854] overlayfs: failed to resolve './file0': -2
[  483.754034][ T5870] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  483.807765][ T1558] wacom 0003:056A:032C.0018: hidraw0: USB HID v0.00 Device [HID 056a:032c] on usb-dummy_hcd.0-1/input0
[  483.932631][ T5870] usb 4-1: config 0 has an invalid interface number: 87 but max is 0
[  483.935753][ T5920] usb 5-1: new high-speed USB device number 40 using dummy_hcd
[  483.942704][ T5870] usb 4-1: config 0 has no interface number 0
[  483.961322][ T5870] usb 4-1: too many endpoints for config 0 interface 87 altsetting 28: 204, using maximum allowed: 30
[  483.986670][ T5870] usb 4-1: config 0 interface 87 altsetting 28 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  483.989205][ T5900] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  483.998502][ T5870] usb 4-1: config 0 interface 87 altsetting 28 has 1 endpoint descriptor, different from the interface descriptor's value: 204
[  484.107702][ T9842] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  484.171702][ T5870] usb 4-1: config 0 interface 87 has no altsetting 0
[  484.220590][ T5870] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=8c.f4
[  484.220885][ T5920] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  484.231660][ T5870] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  484.292215][ T5870] usb 4-1: Product: syz
[  484.299529][ T5870] usb 4-1: Manufacturer: syz
[  484.304456][ T5870] usb 4-1: SerialNumber: syz
[  484.335086][ T5900] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  484.345484][ T5870] usb 4-1: config 0 descriptor??
[  484.356917][ T5920] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.416931][ T5900] usb 3-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00
[  484.497990][ T5920] usb 5-1: config 0 descriptor??
[  484.515816][ T5900] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  484.516709][ T5870] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  484.532718][ T5920] gspca_main: cpia1-2.14.0 probing 0813:0001
[  484.578374][ T9842] batman_adv: batadv0: Removing interface: batadv_slave_1
[  484.628844][ T5900] usb 3-1: config 0 descriptor??
[  484.708954][ T5870] usb 4-1: USB disconnect, device number 42
[  484.708976][ T1164] usb 4-1: Failed to submit usb control message: -71
[  484.728636][  T836] usb 1-1: USB disconnect, device number 33
[  484.820055][ T1164] usb 4-1: unable to send the bmi data to the device: -71
[  484.832784][ T1164] usb 4-1: unable to get target info from device
[  484.847041][ T1164] usb 4-1: could not get target info (-71)
[  484.853104][ T1164] usb 4-1: could not probe fw (-71)
[  485.052899][ T5920] cpia1 5-1:0.0: unexpected state after lo power cmd: 00
[  485.414606][ T5900] wacom 0003:056A:032C.0019: hidraw0: USB HID v0.00 Device [HID 056a:032c] on usb-dummy_hcd.2-1/input0
[  485.474283][ T9864] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  486.178158][ T5920] gspca_cpia1: usb_control_msg 02, error -71
[  486.186976][ T5920] cpia1 5-1:0.0: only firmware version 1 is supported (got: 0)
[  486.701883][ T5920] usb 5-1: USB disconnect, device number 40
[  487.352078][ T9894] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1062'.
[  487.551251][ T9864] batman_adv: batadv0: Removing interface: batadv_slave_1
[  487.794030][ T1558] usb 5-1: new high-speed USB device number 41 using dummy_hcd
[  487.981912][ T1558] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  487.986778][ T5870] usb 3-1: USB disconnect, device number 28
[  488.043682][ T1558] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  488.126488][ T1558] usb 5-1: Product: syz
[  488.169344][ T1558] usb 5-1: Manufacturer: syz
[  488.187081][ T1558] usb 5-1: SerialNumber: syz
[  488.240667][ T1558] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  488.260837][ T9396] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  488.360736][ T9907] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1064'.
[  488.893986][ T5870] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  488.997806][ T1558] usb 5-1: USB disconnect, device number 41
[  489.498953][ T5870] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  489.508388][ T5870] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  489.684227][ T5870] usb 4-1: Product: syz
[  489.688442][ T5870] usb 4-1: Manufacturer: syz
[  489.693049][ T5870] usb 4-1: SerialNumber: syz
[  489.980750][ T9396] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  490.015524][ T9396] ath9k_htc: Failed to initialize the device
[  490.074700][ T5870] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  490.078862][ T1558] usb 5-1: ath9k_htc: USB layer deinitialized
[  490.118680][ T5924] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  490.275102][ T9925] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1067'.
[  490.326592][ T9920] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1068'.
[  491.351366][ T5924] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  491.447062][ T5924] ath9k_htc: Failed to initialize the device
[  492.276997][ T1558] usb 4-1: USB disconnect, device number 43
[  492.325079][ T1558] usb 4-1: ath9k_htc: USB layer deinitialized
[  492.528226][ T9947] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  492.721970][  T836] usb 5-1: new high-speed USB device number 42 using dummy_hcd
[  493.315285][  T836] usb 5-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  493.350713][  T836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  493.396314][  T836] usb 5-1: config 0 descriptor??
[  493.421054][  T836] gspca_main: cpia1-2.14.0 probing 0813:0001
[  494.556970][  T836] cpia1 5-1:0.0: unexpected state after lo power cmd: 00
[  494.874293][ T9956] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1077'.
[  495.377611][ T5868] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  496.292120][ T5868] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  496.350347][  T836] gspca_cpia1: usb_control_msg 02, error -71
[  496.356475][  T836] cpia1 5-1:0.0: only firmware version 1 is supported (got: 0)
[  496.377812][ T5868] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  496.421290][  T836] usb 5-1: USB disconnect, device number 42
[  496.434037][ T5868] usb 1-1: Product: syz
[  496.443982][ T5868] usb 1-1: Manufacturer: syz
[  496.472839][ T5868] usb 1-1: SerialNumber: syz
[  496.502958][ T5868] usb 1-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  496.528550][ T5924] usb 1-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  496.810155][ T1558] usb 4-1: new high-speed USB device number 44 using dummy_hcd
[  497.366175][ T1558] usb 4-1: Using ep0 maxpacket: 8
[  497.387514][ T1558] usb 4-1: too many configurations: 10, using maximum allowed: 8
[  497.424596][ T5868] usb 1-1: USB disconnect, device number 34
[  497.457501][ T1558] usb 4-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  497.482964][ T1558] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  497.511567][ T1558] usb 4-1: Product: syz
[  497.524059][ T1558] usb 4-1: Manufacturer: syz
[  497.529241][ T1558] usb 4-1: SerialNumber: syz
[  497.552485][ T1558] usb 4-1: config 0 descriptor??
[  497.565319][ T5924] ath9k_htc 1-1:1.0: ath9k_htc: Target is unresponsive
[  497.569335][ T1558] radio-usb-si4713 4-1:0.0: Si4713 development board discovered: (10C4:8244)
[  497.587735][ T5924] ath9k_htc: Failed to initialize the device
[  497.600095][ T5868] usb 1-1: ath9k_htc: USB layer deinitialized
[  497.724256][  T836] usb 2-1: new high-speed USB device number 60 using dummy_hcd
[  497.874116][  T836] usb 2-1: Using ep0 maxpacket: 16
[  497.881972][  T836] usb 2-1: config 0 descriptor has 1 excess byte, ignoring
[  497.889359][  T836] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 4
[  497.902529][  T836] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2d50, bcdDevice= 0.00
[  497.911830][  T836] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  497.921848][  T836] usb 2-1: config 0 descriptor??
[  497.930581][  T836] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  497.964240][ T5920] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  498.155456][ T5920] usb 3-1: Using ep0 maxpacket: 8
[  498.197831][ T9969] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  498.221170][ T5920] usb 3-1: config 32 has an invalid interface number: 1 but max is 0
[  498.268357][ T5920] usb 3-1: config 32 has an invalid descriptor of length 0, skipping remainder of the config
[  498.329846][ T5920] usb 3-1: config 32 has no interface number 0
[  498.330266][ T9969] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  498.352052][ T5920] usb 3-1: New USB device found, idVendor=20a6, idProduct=1105, bcdDevice=c2.eb
[  498.446699][ T5920] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  498.491162][ T5920] usb 3-1: Product: syz
[  498.499821][ T5920] usb 3-1: Manufacturer: syz
[  498.504625][ T5920] usb 3-1: SerialNumber: syz
[  498.582037][ T5920] usb 3-1: bad CDC descriptors
[  498.599352][ T5920] option 3-1:32.1: GSM modem (1-port) converter detected
[  498.962882][ T1558] radio-usb-si4713 4-1:0.0: probe with driver radio-usb-si4713 failed with error -71
[  498.988545][ T1558] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  499.004028][ T1558] usb 4-1: USB disconnect, device number 44
[  499.074030][  T836] usb 1-1: new high-speed USB device number 35 using dummy_hcd
[  499.224174][  T836] usb 1-1: Using ep0 maxpacket: 8
[  499.231158][  T836] usb 1-1: too many configurations: 10, using maximum allowed: 8
[  499.251360][  T836] usb 1-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  499.260931][  T836] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  499.269057][  T836] usb 1-1: Product: syz
[  499.273229][  T836] usb 1-1: Manufacturer: syz
[  499.278549][  T836] usb 1-1: SerialNumber: syz
[  499.286064][  T836] usb 1-1: config 0 descriptor??
[  499.293164][  T836] radio-usb-si4713 1-1:0.0: Si4713 development board discovered: (10C4:8244)
[  499.782368][T10011] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1092'.
[  499.933325][ T9996] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  499.980650][ T9996] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  500.385744][  T836] radio-usb-si4713 1-1:0.0: probe with driver radio-usb-si4713 failed with error -71
[  500.409614][  T836] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  500.436318][  T836] usb 1-1: USB disconnect, device number 35
[  500.933479][ T5924] usb 2-1: USB disconnect, device number 60
[  501.052026][T10025] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1096'.
[  501.083210][ T1558] usb 3-1: USB disconnect, device number 29
[  501.092618][T10025] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1096'.
[  501.114703][ T1558] option 3-1:32.1: device disconnected
[  501.816476][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  501.822903][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  502.263731][T10041] netlink: 'syz.1.1102': attribute type 11 has an invalid length.
[  502.730857][T10041] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1102'.
[  503.681556][T10054] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1105'.
[  504.474963][T10062] FAULT_INJECTION: forcing a failure.
[  504.474963][T10062] name failslab, interval 1, probability 0, space 0, times 0
[  504.507960][T10062] CPU: 0 UID: 0 PID: 10062 Comm: syz.3.1108 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  504.507979][T10062] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  504.507987][T10062] Call Trace:
[  504.507991][T10062]  <TASK>
[  504.507996][T10062]  dump_stack_lvl+0x241/0x360
[  504.508014][T10062]  ? __pfx_dump_stack_lvl+0x10/0x10
[  504.508023][T10062]  ? __pfx__printk+0x10/0x10
[  504.508039][T10062]  ? kmem_cache_alloc_node_noprof+0x4f/0x380
[  504.508055][T10062]  ? __pfx___might_resched+0x10/0x10
[  504.508069][T10062]  should_fail_ex+0x40a/0x550
[  504.508085][T10062]  should_failslab+0xac/0x100
[  504.508100][T10062]  kmem_cache_alloc_node_noprof+0x77/0x380
[  504.508115][T10062]  ? __alloc_skb+0x1c3/0x440
[  504.508129][T10062]  __alloc_skb+0x1c3/0x440
[  504.508144][T10062]  ? __pfx___alloc_skb+0x10/0x10
[  504.508163][T10062]  ? netlink_autobind+0xd6/0x2f0
[  504.508171][T10062]  ? netlink_autobind+0x2b0/0x2f0
[  504.508182][T10062]  netlink_sendmsg+0x634/0xcb0
[  504.508203][T10062]  ? __pfx_netlink_sendmsg+0x10/0x10
[  504.508223][T10062]  ? __pfx_netlink_sendmsg+0x10/0x10
[  504.508237][T10062]  __sock_sendmsg+0x221/0x270
[  504.508249][T10062]  ____sys_sendmsg+0x53a/0x860
[  504.508266][T10062]  ? __pfx_____sys_sendmsg+0x10/0x10
[  504.508279][T10062]  ? __fget_files+0x2a/0x410
[  504.508290][T10062]  ? __fget_files+0x2a/0x410
[  504.508303][T10062]  __sys_sendmsg+0x269/0x350
[  504.508319][T10062]  ? __pfx___sys_sendmsg+0x10/0x10
[  504.508338][T10062]  ? do_sys_openat2+0x17a/0x1d0
[  504.508360][T10062]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  504.508374][T10062]  ? do_syscall_64+0x100/0x230
[  504.508388][T10062]  ? do_syscall_64+0xb6/0x230
[  504.508400][T10062]  do_syscall_64+0xf3/0x230
[  504.508410][T10062]  ? clear_bhb_loop+0x35/0x90
[  504.508426][T10062]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  504.508438][T10062] RIP: 0033:0x7f675358cde9
[  504.508448][T10062] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  504.508456][T10062] RSP: 002b:00007f67543ff038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  504.508468][T10062] RAX: ffffffffffffffda RBX: 00007f67537a5fa0 RCX: 00007f675358cde9
[  504.508474][T10062] RDX: 0000000004000800 RSI: 0000400000000280 RDI: 0000000000000003
[  504.508481][T10062] RBP: 00007f67543ff090 R08: 0000000000000000 R09: 0000000000000000
[  504.508486][T10062] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  504.508492][T10062] R13: 0000000000000000 R14: 00007f67537a5fa0 R15: 00007ffecb195198
[  504.508505][T10062]  </TASK>
[  505.567424][T10072] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  505.965295][T10073] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  507.444878][  T836] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  507.653858][  T836] usb 3-1: Using ep0 maxpacket: 16
[  507.685548][  T836] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  507.729486][  T836] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  507.756459][  T836] usb 3-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.00
[  507.779116][  T836] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.810187][  T836] usb 3-1: config 0 descriptor??
[  508.147946][  T836] usbhid 3-1:0.0: can't add hid device: -71
[  508.472724][  T836] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  508.493460][  T836] usb 3-1: USB disconnect, device number 30
[  508.771414][T10083] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  508.804724][T10083] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  508.928055][T10094] openvswitch: netlink: nsh attribute has 65532 unknown bytes.
[  508.936158][T10094] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  508.954810][T10083] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  509.009972][T10083] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  509.029628][T10083] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  509.384280][ T5920] usb 4-1: new full-speed USB device number 45 using dummy_hcd
[  509.654103][ T5135] Bluetooth: hci0: command 0x0c1a tx timeout
[  509.712748][ T5920] usb 4-1: unable to get BOS descriptor or descriptor too short
[  509.771016][ T5920] usb 4-1: not running at top speed; connect to a high speed hub
[  509.848380][ T5920] usb 4-1: config 4 has an invalid interface number: 116 but max is 0
[  509.862314][ T5920] usb 4-1: config 4 has no interface number 0
[  509.878954][ T5920] usb 4-1: config 4 interface 116 has no altsetting 0
[  509.889457][ T5920] usb 4-1: New USB device found, idVendor=0499, idProduct=101e, bcdDevice=ec.47
[  509.913303][ T5920] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  510.040740][ T5920] usb 4-1: Product: syz
[  510.046929][ T5920] usb 4-1: Manufacturer: syz
[  510.055204][ T5920] usb 4-1: SerialNumber: syz
[  510.204036][  T836] usb 5-1: new high-speed USB device number 43 using dummy_hcd
[  510.859993][ T5135] Bluetooth: hci1: command 0x0c1a tx timeout
[  510.919753][  T836] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  511.062773][ T5135] Bluetooth: hci2: command 0x0c1a tx timeout
[  511.101487][ T5135] Bluetooth: hci3: command 0x0c1a tx timeout
[  511.101895][ T9278] Bluetooth: hci4: command 0x0c1a tx timeout
[  511.118696][  T836] usb 5-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00
[  511.134168][  T836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  511.145495][ T5920] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  511.148938][  T836] usb 5-1: config 0 descriptor??
[  512.078568][ T5920] usb 4-1: USB disconnect, device number 45
[  512.421080][  T836] wacom 0003:056A:032C.001A: hidraw0: USB HID v0.00 Device [HID 056a:032c] on usb-dummy_hcd.4-1/input0
[  512.710917][T10130] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1126'.
[  512.837808][T10141] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1126'.
[  512.870069][  T836] usb 5-1: USB disconnect, device number 43
[  514.688975][T10136] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  514.843388][T10136] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  514.849539][ T9278] Bluetooth: hci0: command 0x0c1a tx timeout
[  514.903868][T10136] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  515.041917][T10136] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  515.079489][T10136] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  515.386641][  T836] usb 2-1: new high-speed USB device number 61 using dummy_hcd
[  516.089178][T10170] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1137'.
[  516.511060][T10161] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1136'.
[  516.724580][ T5868] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  516.773876][ T9396] usb 5-1: new high-speed USB device number 44 using dummy_hcd
[  516.858266][ T9278] Bluetooth: hci1: command 0x0c1a tx timeout
[  516.924117][ T9278] Bluetooth: hci2: command 0x0c1a tx timeout
[  516.992475][ T9396] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  517.001725][ T9396] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  517.010249][ T9396] usb 5-1: Product: syz
[  517.014588][ T9396] usb 5-1: Manufacturer: syz
[  517.019332][ T9396] usb 5-1: SerialNumber: syz
[  517.124514][ T9278] Bluetooth: hci3: command 0x0c1a tx timeout
[  517.131241][ T9278] Bluetooth: hci4: command 0x0c1a tx timeout
[  517.132854][T10181] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1139'.
[  517.142734][ T9396] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  517.280196][ T5920] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  517.562798][ T5868] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  517.572288][ T5868] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  517.591981][ T5868] usb 3-1: Product: syz
[  517.597448][ T5868] usb 3-1: Manufacturer: syz
[  517.602397][ T5868] usb 3-1: SerialNumber: syz
[  517.619299][ T5868] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  517.666941][  T836] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  517.785053][ T5870] usb 4-1: new high-speed USB device number 46 using dummy_hcd
[  517.838231][T10187] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1141'.
[  517.848189][T10187] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1141'.
[  518.584895][ T5924] usb 5-1: USB disconnect, device number 44
[  518.650217][ T5870] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  518.690378][ T5920] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  518.703928][ T5870] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  518.719726][T10169] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1137'.
[  518.750510][ T5870] usb 4-1: Product: syz
[  518.767133][ T5868] usb 3-1: USB disconnect, device number 31
[  518.777410][  T836] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  518.785044][ T5920] ath9k_htc: Failed to initialize the device
[  518.796257][ T5870] usb 4-1: Manufacturer: syz
[  518.800895][ T5870] usb 4-1: SerialNumber: syz
[  518.808637][  T836] ath9k_htc: Failed to initialize the device
[  518.815407][ T5924] usb 5-1: ath9k_htc: USB layer deinitialized
[  518.821835][ T5868] usb 3-1: ath9k_htc: USB layer deinitialized
[  518.840277][ T5870] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  518.886581][ T5936] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  519.224499][ T5870] usb 2-1: new high-speed USB device number 62 using dummy_hcd
[  519.994404][ T5868] usb 4-1: USB disconnect, device number 46
[  520.024561][ T5936] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  520.031563][ T5936] ath9k_htc: Failed to initialize the device
[  520.044656][ T5870] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  520.063305][ T5868] usb 4-1: ath9k_htc: USB layer deinitialized
[  520.114157][ T5870] usb 2-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00
[  520.173161][ T5870] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  520.227289][ T5870] usb 2-1: config 0 descriptor??
[  521.115215][ T5870] wacom 0003:056A:032C.001B: hidraw0: USB HID v0.00 Device [HID 056a:032c] on usb-dummy_hcd.1-1/input0
[  521.808813][T10211] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1149'.
[  522.218082][ T5870] usb 2-1: USB disconnect, device number 62
[  522.293521][T10213] capability: warning: `syz.4.1150' uses deprecated v2 capabilities in a way that may be insecure
[  522.924485][T10202] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  522.932528][T10202] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  522.942765][T10202] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  522.954092][T10202] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  522.960093][T10202] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  523.599750][T10239] hsr0: entered promiscuous mode
[  523.722925][ T5135] Bluetooth: hci0: command 0x0c1a tx timeout
[  524.794133][ T5868] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  525.024379][ T9278] Bluetooth: hci4: command 0x0c1a tx timeout
[  525.030568][ T9278] Bluetooth: hci2: command 0x0c1a tx timeout
[  525.036806][ T5135] Bluetooth: hci3: command 0x0c1a tx timeout
[  525.040482][ T5822] Bluetooth: hci1: command 0x0c1a tx timeout
[  525.042988][ T5868] usb 1-1: device descriptor read/64, error -71
[  525.344046][ T9396] usb 5-1: new full-speed USB device number 45 using dummy_hcd
[  525.377212][ T5868] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  525.456927][ T5920] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  525.467724][T10264] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1164'.
[  525.689438][ T9396] usb 5-1: not running at top speed; connect to a high speed hub
[  525.728660][ T5920] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  525.734230][ T5868] usb 1-1: device descriptor read/64, error -71
[  525.739941][ T9396] usb 5-1: config 1 interface 0 altsetting 8 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  525.760507][ T5920] usb 3-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00
[  525.773328][ T5920] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  525.781526][T10261] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1164'.
[  525.790740][ T9396] usb 5-1: config 1 interface 0 has no altsetting 0
[  525.810464][ T5920] usb 3-1: config 0 descriptor??
[  525.816852][ T9396] usb 5-1: language id specifier not provided by device, defaulting to English
[  525.828117][ T9396] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  525.837668][ T9396] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  525.854960][ T9396] usb 5-1: Product: syz
[  525.859338][ T9396] usb 5-1: Manufacturer: syz
[  525.868690][ T9396] usb 5-1: SerialNumber: syz
[  525.914986][ T5868] usb usb1-port1: attempt power cycle
[  527.215856][ T5920] wacom 0003:056A:032C.001C: hidraw0: USB HID v0.00 Device [HID 056a:032c] on usb-dummy_hcd.2-1/input0
[  527.240188][ T5920] usb 3-1: USB disconnect, device number 32
[  527.333137][ T5868] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  527.648306][ T5868] usb 1-1: device not accepting address 38, error -71
[  530.084196][ T5822] Bluetooth: hci0: command 0x0c1a tx timeout
[  530.227463][T10299] program syz.0.1171 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  530.236915][T10278] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  530.236990][T10299] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  530.360635][T10278] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  530.375155][T10278] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  530.391851][T10278] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  530.416055][T10278] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  530.533409][ T9396] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[  530.560020][ T9396] usb 5-1: USB disconnect, device number 45
[  531.006992][ T5868] usb 2-1: new high-speed USB device number 63 using dummy_hcd
[  531.854314][ T5868] usb 2-1: Using ep0 maxpacket: 8
[  531.874113][ T5868] usb 2-1: too many configurations: 10, using maximum allowed: 8
[  532.027409][ T5868] usb 2-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  532.036852][ T5868] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  532.050221][ T5868] usb 2-1: Product: syz
[  532.061357][ T5868] usb 2-1: Manufacturer: syz
[  532.066735][ T5868] usb 2-1: SerialNumber: syz
[  532.079032][ T5868] usb 2-1: config 0 descriptor??
[  532.089695][ T5868] radio-usb-si4713 2-1:0.0: Si4713 development board discovered: (10C4:8244)
[  532.444118][ T5822] Bluetooth: hci1: command 0x0c1a tx timeout
[  532.450576][ T5822] Bluetooth: hci4: command 0x0c1a tx timeout
[  532.451867][ T9278] Bluetooth: hci2: command 0x0c1a tx timeout
[  532.457721][ T5135] Bluetooth: hci3: command 0x0c1a tx timeout
[  533.742714][T10340] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1186'.
[  533.864712][T10341] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1186'.
[  534.156313][ T5868] radio-usb-si4713 2-1:0.0: probe with driver radio-usb-si4713 failed with error -32
[  534.167900][ T5868] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[  534.692929][T10327] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  535.164060][ T5135] Bluetooth: hci0: command 0x0c1a tx timeout
[  535.179720][T10327] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  535.234822][T10327] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  535.240847][T10327] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  535.269425][T10327] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  535.643317][ T5920] usb 2-1: USB disconnect, device number 63
[  536.669433][ T9396] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  537.305207][ T9278] Bluetooth: hci4: command 0x0c1a tx timeout
[  537.417976][ T5135] Bluetooth: hci2: command 0x0c1a tx timeout
[  537.423996][ T9278] Bluetooth: hci1: command 0x0c1a tx timeout
[  537.424107][ T9278] Bluetooth: hci3: command 0x0c1a tx timeout
[  537.476988][ T9396] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  537.486952][ T9396] usb 1-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00
[  537.496257][ T9396] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  537.520622][ T9396] usb 1-1: config 0 descriptor??
[  537.546024][T10369] loop2: detected capacity change from 0 to 7
[  537.557020][T10369] Dev loop2: unable to read RDB block 7
[  537.564146][T10369]  loop2: unable to read partition table
[  537.585174][T10369] loop2: partition table beyond EOD, truncated
[  537.593268][T10369] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  538.649578][ T9396] hid-steam 0003:28DE:1205.001D: hidraw0: USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.0-1/input0
[  538.696465][ T5868] usb 1-1: USB disconnect, device number 40
[  539.348620][T10395] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1202'.
[  541.307098][T10393] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  541.314349][T10393] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  541.320720][T10393] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  541.327196][T10393] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  541.334129][ T5825] Bluetooth: hci0: command 0x0c1a tx timeout
[  541.340600][T10393] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  541.854718][ T5920] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  541.865282][ T9396] usb 2-1: new high-speed USB device number 64 using dummy_hcd
[  542.143849][ T5920] usb 1-1: Using ep0 maxpacket: 8
[  542.219634][ T5920] usb 1-1: too many configurations: 10, using maximum allowed: 8
[  542.333917][ T9396] usb 2-1: device not accepting address 64, error -71
[  542.874145][ T5920] usb 1-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  542.883700][ T5920] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  542.892027][ T5920] usb 1-1: Product: syz
[  542.901700][ T5920] usb 1-1: Manufacturer: syz
[  542.909045][ T5920] usb 1-1: SerialNumber: syz
[  542.923552][ T5920] usb 1-1: config 0 descriptor??
[  542.947903][T10426] netlink: 'syz.3.1211': attribute type 11 has an invalid length.
[  542.961738][T10426] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1211'.
[  542.973670][ T5920] usb 1-1: can't set config #0, error -71
[  542.989800][ T5920] usb 1-1: USB disconnect, device number 41
[  543.393968][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout
[  543.394090][ T5135] Bluetooth: hci1: command 0x0c1a tx timeout
[  543.406226][ T9278] Bluetooth: hci4: command 0x0c1a tx timeout
[  543.413289][ T5825] Bluetooth: hci3: command 0x0c1a tx timeout
[  543.603904][ T5920] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  543.824531][T10439] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1215'.
[  543.925946][T10439] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1215'.
[  543.953444][ T5920] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  544.140617][ T5920] usb 1-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00
[  544.659228][ T5920] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  544.681890][ T5920] usb 1-1: config 0 descriptor??
[  545.369615][ T5920] hid-steam 0003:28DE:1205.001E: hidraw0: USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.0-1/input0
[  545.888270][ T5868] usb 1-1: USB disconnect, device number 42
[  546.430618][T10446] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  546.448038][T10446] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  546.475266][T10446] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  546.482634][T10446] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  546.524022][T10446] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  547.553858][ T9278] Bluetooth: hci0: command 0x0c1a tx timeout
[  547.711612][T10474] netlink: 'syz.4.1225': attribute type 11 has an invalid length.
[  547.733926][T10474] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1225'.
[  547.957733][T10489] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  548.215779][ T5936] usb 2-1: new high-speed USB device number 66 using dummy_hcd
[  548.534045][ T5825] Bluetooth: hci4: command 0x0c1a tx timeout
[  548.540085][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout
[  548.546205][ T9278] Bluetooth: hci1: command 0x0c1a tx timeout
[  548.600606][ T5936] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  548.617120][ T5825] Bluetooth: hci3: command 0x0c1a tx timeout
[  548.674201][ T5936] usb 2-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00
[  548.723898][ T5936] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  548.767789][ T5936] usb 2-1: config 0 descriptor??
[  549.421769][ T5936] wacom 0003:056A:032C.001F: hidraw0: USB HID v0.00 Device [HID 056a:032c] on usb-dummy_hcd.1-1/input0
[  549.971200][T10479] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  550.091114][T10479] batman_adv: batadv0: Removing interface: batadv_slave_1
[  550.164019][ T9396] usb 2-1: USB disconnect, device number 66
[  550.204000][   T25] usb 1-1: new high-speed USB device number 43 using dummy_hcd
[  550.383360][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  550.540668][   T25] usb 1-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00
[  550.591786][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  550.725744][   T25] usb 1-1: config 0 descriptor??
[  551.302443][   T25] hid-steam 0003:28DE:1205.0020: hidraw0: USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.0-1/input0
[  551.443559][   T25] usb 1-1: USB disconnect, device number 43
[  551.459902][T10517] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1236'.
[  551.648001][T10519] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1236'.
[  551.661495][T10519] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1236'.
[  551.721402][T10508] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  551.727643][T10508] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  551.739300][T10508] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  551.745486][T10508] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  551.761729][T10508] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  552.170393][ T5900] usb 5-1: new high-speed USB device number 46 using dummy_hcd
[  552.353237][ T5900] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  552.825332][ T5825] Bluetooth: hci0: command 0x0c1a tx timeout
[  552.877507][ T5900] usb 5-1: New USB device found, idVendor=28de, idProduct=1205, bcdDevice= 0.00
[  552.965020][ T5900] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  552.986208][ T5900] usb 5-1: config 0 descriptor??
[  553.304074][T10538] process 'syz.3.1241' launched './file0' with NULL argv: empty string added
[  553.996572][ T5825] Bluetooth: hci3: command 0x0c1a tx timeout
[  554.002816][ T5825] Bluetooth: hci4: command 0x0c1a tx timeout
[  554.004081][ T5135] Bluetooth: hci1: command 0x0c1a tx timeout
[  554.017784][ T9278] Bluetooth: hci2: command 0x0c1a tx timeout
[  554.115842][T10539] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1242'.
[  554.504010][ T5936] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[  554.636403][ T5900] hid-steam 0003:28DE:1205.0021: hidraw0: USB HID v0.00 Device [HID 28de:1205] on usb-dummy_hcd.4-1/input0
[  554.657339][ T5936] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  554.669946][ T5936] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  554.707226][ T5936] usb 3-1: Product: syz
[  554.723893][ T5936] usb 3-1: Manufacturer: syz
[  554.742163][ T5936] usb 3-1: SerialNumber: syz
[  554.767100][ T5936] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  554.785655][    T9] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  554.874823][ T5900] usb 5-1: USB disconnect, device number 46
[  555.769952][T10552] netlink: 4284 bytes leftover after parsing attributes in process `syz.3.1246'.
[  555.805328][    T9] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  555.824579][    T9] ath9k_htc: Failed to initialize the device
[  555.846877][T10547] ip6gretap0: entered promiscuous mode
[  555.852708][T10547] vlan2: entered promiscuous mode
[  555.880156][ T9396] usb 3-1: USB disconnect, device number 33
[  555.918053][ T9396] usb 3-1: ath9k_htc: USB layer deinitialized
[  556.624678][ T5936] usb 5-1: new high-speed USB device number 47 using dummy_hcd
[  556.854281][ T5936] usb 5-1: Using ep0 maxpacket: 8
[  556.954433][ T5936] usb 5-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  556.963527][ T5936] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  556.975490][ T5936] usb 5-1: Product: syz
[  556.979710][ T5936] usb 5-1: Manufacturer: syz
[  556.985739][ T5936] usb 5-1: SerialNumber: syz
[  557.117399][ T5936] usb 5-1: config 0 descriptor??
[  557.125823][ T5936] gspca_main: se401-2.14.0 probing 047d:5003
[  557.323633][ T9278] Bluetooth: hci4: unexpected event for opcode 0x080e
[  557.582267][T10560] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  557.588867][T10560] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  557.595086][T10560] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  557.601136][T10560] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  557.608852][T10560] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  557.699552][T10575] A link change request failed with some changes committed already. Interface gre0 may have been left with an inconsistent configuration, please check.
[  558.384142][ T9278] Bluetooth: hci0: command 0x0c1a tx timeout
[  558.558865][ T5936] gspca_se401: read req failed req 0x06 error -19
[  558.643451][ T5936] usb 5-1: USB disconnect, device number 47
[  559.203567][    T9] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  559.655315][ T9278] Bluetooth: hci3: command 0x0c1a tx timeout
[  559.661578][ T9278] Bluetooth: hci4: command 0x0c1a tx timeout
[  559.664163][ T5135] Bluetooth: hci2: command 0x0c1a tx timeout
[  559.667760][ T9278] Bluetooth: hci1: command 0x0c1a tx timeout
[  559.685490][    T9] usb 3-1: device descriptor read/64, error -71
[  560.594130][    T9] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  560.734038][    T9] usb 3-1: device descriptor read/64, error -71
[  560.923580][    T9] usb usb3-port1: attempt power cycle
[  561.402868][T10591] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  561.775022][T10591] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  561.782352][T10591] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  561.824179][ T9278] Bluetooth: hci0: command 0x0c1a tx timeout
[  561.924321][    T9] usb 3-1: new high-speed USB device number 36 using dummy_hcd
[  561.939653][T10591] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  561.979294][T10591] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  562.164444][    T9] usb 3-1: device not accepting address 36, error -71
[  562.953890][T10633] program syz.4.1267 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  562.963727][T10633] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  563.246487][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  563.530772][T10613] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  563.551161][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  563.555778][T10613] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  563.567504][T10613] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  563.574441][T10613] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  563.580595][T10613] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  564.517468][T10645] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1271'.
[  564.988946][ T5135] Bluetooth: hci0: command 0x0c1a tx timeout
[  565.566973][ T5135] Bluetooth: hci1: command 0x0c1a tx timeout
[  565.644776][ T5135] Bluetooth: hci3: command 0x0c1a tx timeout
[  565.645829][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout
[  565.656884][ T9278] Bluetooth: hci4: command 0x0c1a tx timeout
[  565.724155][ T9396] usb 4-1: new high-speed USB device number 47 using dummy_hcd
[  566.053104][ T9396] usb 4-1: device descriptor read/64, error -71
[  566.444087][ T5936] usb 5-1: new high-speed USB device number 48 using dummy_hcd
[  567.073935][ T9396] usb 4-1: new high-speed USB device number 48 using dummy_hcd
[  567.174577][ T5936] usb 5-1: device descriptor read/64, error -71
[  567.234114][ T9396] usb 4-1: device descriptor read/64, error -71
[  567.355148][ T9396] usb usb4-port1: attempt power cycle
[  567.714424][ T9396] usb 4-1: new high-speed USB device number 49 using dummy_hcd
[  568.136681][ T5936] usb 5-1: new high-speed USB device number 49 using dummy_hcd
[  568.201403][ T9396] usb 4-1: device descriptor read/8, error -71
[  568.677707][ T5936] usb 5-1: device descriptor read/64, error -71
[  568.806315][ T5936] usb usb5-port1: attempt power cycle
[  568.856578][T10696] FAULT_INJECTION: forcing a failure.
[  568.856578][T10696] name failslab, interval 1, probability 0, space 0, times 0
[  568.870062][T10696] CPU: 0 UID: 0 PID: 10696 Comm: syz.0.1284 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  568.870087][T10696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  568.870098][T10696] Call Trace:
[  568.870105][T10696]  <TASK>
[  568.870112][T10696]  dump_stack_lvl+0x241/0x360
[  568.870138][T10696]  ? __pfx_dump_stack_lvl+0x10/0x10
[  568.870155][T10696]  ? __pfx__printk+0x10/0x10
[  568.870189][T10696]  ? __kmalloc_cache_noprof+0x48/0x390
[  568.870208][T10696]  ? __pfx___might_resched+0x10/0x10
[  568.870231][T10696]  should_fail_ex+0x40a/0x550
[  568.870257][T10696]  should_failslab+0xac/0x100
[  568.870281][T10696]  __kmalloc_cache_noprof+0x70/0x390
[  568.870296][T10696]  ? sctp_association_new+0x8a/0x2540
[  568.870317][T10696]  ? __asan_memcpy+0x40/0x70
[  568.870338][T10696]  sctp_association_new+0x8a/0x2540
[  568.870360][T10696]  ? sctp_do_bind+0x679/0x950
[  568.870386][T10696]  ? __ipv6_addr_type+0xda/0x2f0
[  568.870413][T10696]  sctp_connect_new_asoc+0x2d8/0x6c0
[  568.870438][T10696]  ? __pfx_sctp_connect_new_asoc+0x10/0x10
[  568.870459][T10696]  ? sctp_sendmsg+0xf1a/0x35d0
[  568.870491][T10696]  ? sctp_endpoint_lookup_assoc+0xc9/0x250
[  568.870511][T10696]  ? bpf_lsm_sctp_bind_connect+0x9/0x10
[  568.870534][T10696]  sctp_sendmsg+0x1f64/0x35d0
[  568.870572][T10696]  ? __pfx_sctp_sendmsg+0x10/0x10
[  568.870594][T10696]  ? tomoyo_socket_sendmsg_permission+0x288/0x420
[  568.870632][T10696]  ? inet_sendmsg+0x330/0x390
[  568.870655][T10696]  __sock_sendmsg+0x1a6/0x270
[  568.870677][T10696]  __sys_sendto+0x363/0x4c0
[  568.870703][T10696]  ? __pfx___sys_sendto+0x10/0x10
[  568.870735][T10696]  ? __fget_files+0x2a/0x410
[  568.870762][T10696]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  568.870786][T10696]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  568.870813][T10696]  __x64_sys_sendto+0xde/0x100
[  568.870837][T10696]  do_syscall_64+0xf3/0x230
[  568.870855][T10696]  ? clear_bhb_loop+0x35/0x90
[  568.870879][T10696]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  568.870898][T10696] RIP: 0033:0x7fb7e978cde9
[  568.870914][T10696] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  568.870927][T10696] RSP: 002b:00007fb7ea508038 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[  568.870945][T10696] RAX: ffffffffffffffda RBX: 00007fb7e99a5fa0 RCX: 00007fb7e978cde9
[  568.870961][T10696] RDX: 0000000000000001 RSI: 0000400000000000 RDI: 0000000000000003
[  568.870971][T10696] RBP: 00007fb7ea508090 R08: 0000400000000100 R09: 000000000000001c
[  568.870982][T10696] R10: 0000000000000040 R11: 0000000000000246 R12: 0000000000000001
[  568.870992][T10696] R13: 0000000000000000 R14: 00007fb7e99a5fa0 R15: 00007ffe33be4978
[  568.871019][T10696]  </TASK>
[  569.425712][T10699] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1283'.
[  569.582173][T10684] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  569.589343][T10684] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  569.596535][T10684] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  569.603551][T10684] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  569.610716][T10684] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  569.659822][T10701] netlink: 'syz.1.1286': attribute type 1 has an invalid length.
[  570.094287][ T9396] usb 4-1: new high-speed USB device number 51 using dummy_hcd
[  570.504184][ T9278] Bluetooth: hci0: command 0x0c1a tx timeout
[  571.224202][ T9396] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  571.248048][ T9396] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  571.285231][ T9396] usb 4-1: Product: syz
[  571.289446][ T9396] usb 4-1: Manufacturer: syz
[  571.359667][ T9396] usb 4-1: SerialNumber: syz
[  571.534736][ T9396] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  571.713465][ T9278] Bluetooth: hci1: command 0x0c1a tx timeout
[  571.714760][ T5135] Bluetooth: hci4: command 0x0c1a tx timeout
[  571.720611][ T9278] Bluetooth: hci3: command 0x0c1a tx timeout
[  571.726600][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout
[  571.834962][    T9] usb 3-1: new high-speed USB device number 38 using dummy_hcd
[  572.430096][   T25] usb 4-1: ath9k_htc: Firmware - ath9k_htc/htc_9271-1.4.0.fw download failed
[  572.430435][ T5936] usb 4-1: USB disconnect, device number 51
[  572.447395][    T9] usb 3-1: device descriptor read/64, error -71
[  572.491904][ T5936] usb 4-1: ath9k_htc: USB layer deinitialized
[  572.705630][    T9] usb 3-1: new high-speed USB device number 39 using dummy_hcd
[  572.719484][T10738] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  572.793910][ T9396] usb 1-1: new full-speed USB device number 44 using dummy_hcd
[  572.864264][    T9] usb 3-1: device descriptor read/64, error -71
[  572.996336][T10745] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1298'.
[  573.040145][ T9396] usb 1-1: config 0 has an invalid interface number: 37 but max is 1
[  573.048895][    T9] usb usb3-port1: attempt power cycle
[  573.115917][ T9396] usb 1-1: config 0 has no interface number 1
[  573.377328][ T9396] usb 1-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=20.a3
[  573.389725][ T9396] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  573.423872][ T9396] usb 1-1: Product: syz
[  573.433825][ T9396] usb 1-1: Manufacturer: syz
[  573.438674][ T9396] usb 1-1: SerialNumber: syz
[  573.462021][ T9396] usb 1-1: config 0 descriptor??
[  573.485295][ T5936] usb 4-1: new high-speed USB device number 52 using dummy_hcd
[  573.747223][    T9] usb 3-1: new high-speed USB device number 40 using dummy_hcd
[  573.983405][ T5936] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  573.983412][ T9396] usb 1-1: USB disconnect, device number 44
[  573.983433][ T5936] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  574.021894][    T9] usb 3-1: device descriptor read/8, error -71
[  574.033976][ T5936] usb 4-1: Product: syz
[  574.039396][ T5936] usb 4-1: Manufacturer: syz
[  574.044625][ T5936] usb 4-1: SerialNumber: syz
[  574.060751][ T5936] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  574.076345][ T5870] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  574.274136][    T9] usb 3-1: new high-speed USB device number 41 using dummy_hcd
[  574.338264][    T9] usb 3-1: device descriptor read/8, error -71
[  574.349426][T10744] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1298'.
[  574.994694][    T9] usb usb3-port1: unable to enumerate USB device
[  575.032419][ T5900] usb 4-1: USB disconnect, device number 52
[  575.106311][T10752] overlay: ./file0 is not a directory
[  575.164348][ T5870] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  575.171460][ T5870] ath9k_htc: Failed to initialize the device
[  575.297534][ T5900] usb 4-1: ath9k_htc: USB layer deinitialized
[  575.309826][T10748] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  575.344425][T10748] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  576.043989][ T5825] Bluetooth: hci0: command 0x0c1a tx timeout
[  576.112381][T10748] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  576.140414][T10748] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  576.154391][T10748] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  576.766425][T10767] netlink: 4284 bytes leftover after parsing attributes in process `syz.4.1305'.
[  577.414238][ T5825] Bluetooth: hci1: command 0x0c1a tx timeout
[  578.136840][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout
[  578.214037][ T5825] Bluetooth: hci3: command 0x0c1a tx timeout
[  578.217109][ T5135] Bluetooth: hci4: command 0x0c1a tx timeout
[  579.724646][ T5870] usb 1-1: new high-speed USB device number 45 using dummy_hcd
[  579.857615][T10805] netlink: 'syz.2.1311': attribute type 2 has an invalid length.
[  579.868778][T10805] netlink: 'syz.2.1311': attribute type 1 has an invalid length.
[  579.876853][T10805] netlink: 'syz.2.1311': attribute type 2 has an invalid length.
[  580.024008][ T5870] usb 1-1: device descriptor read/64, error -71
[  581.252617][ T5870] usb 1-1: new high-speed USB device number 46 using dummy_hcd
[  581.796712][ T5870] usb 1-1: device descriptor read/64, error -71
[  581.938747][T10823] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1315'.
[  582.335961][ T5870] usb usb1-port1: attempt power cycle
[  582.883876][ T5936] usb 5-1: new high-speed USB device number 51 using dummy_hcd
[  583.055441][T10839] openvswitch: netlink: nsh attr 0 has unexpected len 4 expected 0
[  583.063637][T10839] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  583.464653][ T5936] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  583.473829][ T5936] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  583.481835][ T5936] usb 5-1: Product: syz
[  583.513881][ T5936] usb 5-1: Manufacturer: syz
[  583.523525][ T5936] usb 5-1: SerialNumber: syz
[  583.583388][ T5936] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  583.632999][ T5868] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  583.930230][T10846] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1321'.
[  584.242622][T10821] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1315'.
[  584.317829][ T5936] usb 5-1: USB disconnect, device number 51
[  584.684726][ T5868] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  584.723831][ T5900] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[  584.729364][ T5868] ath9k_htc: Failed to initialize the device
[  585.132853][ T5936] usb 5-1: ath9k_htc: USB layer deinitialized
[  585.220316][ T5900] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  585.266545][T10852] kvm: user requested TSC rate below hardware speed
[  585.274887][T10857] netlink: 4284 bytes leftover after parsing attributes in process `syz.0.1325'.
[  585.283895][ T5900] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  585.298539][ T5900] usb 2-1: Product: syz
[  585.302864][ T5900] usb 2-1: Manufacturer: syz
[  585.332722][ T5900] usb 2-1: SerialNumber: syz
[  585.342598][ T5900] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  585.360339][ T9396] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  586.422174][T10846] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1321'.
[  586.454087][ T9396] ath9k_htc 2-1:1.0: ath9k_htc: Target is unresponsive
[  586.787777][ T9396] ath9k_htc: Failed to initialize the device
[  587.039248][ T5936] usb 2-1: USB disconnect, device number 67
[  587.068014][ T5936] usb 2-1: ath9k_htc: USB layer deinitialized
[  587.488984][ T5868] usb 3-1: new high-speed USB device number 42 using dummy_hcd
[  587.614129][    T9] usb 4-1: new high-speed USB device number 53 using dummy_hcd
[  587.683951][ T5868] usb 3-1: device descriptor read/64, error -71
[  587.765509][    T9] usb 4-1: config 0 has an invalid interface number: 87 but max is 0
[  587.773818][    T9] usb 4-1: config 0 has no interface number 0
[  587.779933][    T9] usb 4-1: too many endpoints for config 0 interface 87 altsetting 28: 204, using maximum allowed: 30
[  587.791230][    T9] usb 4-1: config 0 interface 87 altsetting 28 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  587.803039][    T9] usb 4-1: config 0 interface 87 altsetting 28 has 1 endpoint descriptor, different from the interface descriptor's value: 204
[  587.816838][    T9] usb 4-1: config 0 interface 87 has no altsetting 0
[  587.828322][    T9] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=8c.f4
[  587.841167][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  587.853932][    T9] usb 4-1: Product: syz
[  587.859821][    T9] usb 4-1: Manufacturer: syz
[  587.867757][    T9] usb 4-1: SerialNumber: syz
[  587.877463][    T9] usb 4-1: config 0 descriptor??
[  587.910122][    T9] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  587.929360][ T5868] usb 3-1: new high-speed USB device number 43 using dummy_hcd
[  588.031050][ T5936] usb 5-1: new high-speed USB device number 52 using dummy_hcd
[  588.114554][   T62] usb 4-1: Failed to submit usb control message: -71
[  588.116118][ T9396] usb 4-1: USB disconnect, device number 53
[  588.121750][   T62] usb 4-1: unable to send the bmi data to the device: -71
[  588.135169][ T5868] usb 3-1: device descriptor read/64, error -71
[  588.159584][   T62] usb 4-1: unable to get target info from device
[  588.166417][   T62] usb 4-1: could not get target info (-71)
[  588.172356][   T62] usb 4-1: could not probe fw (-71)
[  588.238920][ T5936] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  588.265227][ T5868] usb usb3-port1: attempt power cycle
[  588.281504][ T5936] usb 5-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00
[  588.671277][ T5936] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  588.706983][ T5936] usb 5-1: config 0 descriptor??
[  588.813171][T10896] ALSA: seq fatal error: cannot create timer (-19)
[  588.924354][ T5868] usb 3-1: new high-speed USB device number 44 using dummy_hcd
[  588.957741][   T25] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[  588.988828][ T5868] usb 3-1: device descriptor read/8, error -71
[  589.121594][ T5936] wacom 0003:056A:032C.0022: hidraw0: USB HID v0.00 Device [HID 056a:032c] on usb-dummy_hcd.4-1/input0
[  589.145882][   T25] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  589.279715][T10906] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1339'.
[  589.540196][   T25] usb 2-1: New USB device found, idVendor=18ec, idProduct=3288, bcdDevice=69.cf
[  589.657848][   T25] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  589.683905][   T25] usb 2-1: Product: syz
[  589.701678][   T25] usb 2-1: Manufacturer: syz
[  589.713033][   T25] usb 2-1: SerialNumber: syz
[  589.732430][T10911] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  589.737816][   T25] usb 2-1: config 0 descriptor??
[  589.760829][   T25] usb 2-1: Found UVC 0.00 device syz (18ec:3288)
[  589.767405][   T25] usb 2-1: No valid video chain found.
[  589.944369][ T5868] usb 3-1: new high-speed USB device number 45 using dummy_hcd
[  589.956785][T10911] batman_adv: batadv0: Removing interface: batadv_slave_1
[  590.208529][ T5868] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  590.235796][ T5868] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  590.248798][ T5868] usb 3-1: Product: syz
[  590.253359][ T5868] usb 3-1: Manufacturer: syz
[  590.260326][ T5868] usb 3-1: SerialNumber: syz
[  590.268689][ T5936] usb 2-1: USB disconnect, device number 68
[  590.277257][   T25] usb 5-1: USB disconnect, device number 52
[  590.279232][ T5868] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  590.305513][  T836] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  590.739959][T10922] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1344'.
[  591.554269][T10905] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1339'.
[  591.565623][   T25] usb 3-1: USB disconnect, device number 45
[  591.569501][  T836] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  591.578907][  T836] ath9k_htc: Failed to initialize the device
[  591.606840][   T25] usb 3-1: ath9k_htc: USB layer deinitialized
[  592.058476][ T7816] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  592.400807][ T7816] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  592.546276][ T7816] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  592.645780][T10952] netlink: 56 bytes leftover after parsing attributes in process `syz.1.1351'.
[  592.659615][T10952] netlink: 576 bytes leftover after parsing attributes in process `syz.1.1351'.
[  593.066346][T10956] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117
[  593.073123][T10956] PKCS7: Only support pkcs7_signedData type
[  593.540220][ T7816] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  593.848719][T10935] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  593.858879][T10935] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  594.131586][T10935] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  594.148359][T10935] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  594.444117][ T5135] Bluetooth: hci0: command 0x0c1a tx timeout
[  594.731893][ T7816] bridge_slave_1: left allmulticast mode
[  594.754553][ T7816] bridge_slave_1: left promiscuous mode
[  594.761673][ T7816] bridge0: port 2(bridge_slave_1) entered disabled state
[  594.811261][ T5825] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  594.821452][ T5825] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  594.832149][ T7816] bridge_slave_0: left allmulticast mode
[  594.839006][ T5825] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  594.851888][ T7816] bridge_slave_0: left promiscuous mode
[  594.859313][ T5825] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  594.869535][ T5825] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  594.886806][ T7816] bridge0: port 1(bridge_slave_0) entered disabled state
[  594.886979][ T5825] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  595.884008][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout
[  596.221543][ T5825] Bluetooth: hci3: command 0x0c1a tx timeout
[  596.237360][ T5135] Bluetooth: hci4: command 0x0c1a tx timeout
[  596.924053][ T5135] Bluetooth: hci1: command tx timeout
[  597.428668][T10993] program syz.4.1362 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  597.438409][T10993] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  597.683849][ T9396] usb 4-1: new high-speed USB device number 54 using dummy_hcd
[  597.862959][ T9396] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  597.902496][ T9396] usb 4-1: New USB device found, idVendor=056a, idProduct=032c, bcdDevice= 0.00
[  597.913920][ T9396] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  597.941740][ T9396] usb 4-1: config 0 descriptor??
[  597.947678][T11003] netlink: 40 bytes leftover after parsing attributes in process `syz.2.1364'.
[  598.453934][    T9] usb 3-1: new high-speed USB device number 46 using dummy_hcd
[  598.487094][ T9396] wacom 0003:056A:032C.0023: hidraw0: USB HID v0.00 Device [HID 056a:032c] on usb-dummy_hcd.3-1/input0
[  598.586354][ T7816] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  598.601002][ T7816] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  598.613301][ T7816] bond0 (unregistering): Released all slaves
[  598.693527][T10993] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  598.699820][T10993] Bluetooth: hci0: Error when powering off device on rfkill (-4)
[  598.712196][T10993] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  598.718220][T10993] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[  598.728334][T10993] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  598.734367][T10993] Bluetooth: hci3: Error when powering off device on rfkill (-4)
[  598.744758][T10993] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  598.750699][T10993] Bluetooth: hci4: Error when powering off device on rfkill (-4)
[  598.794064][ T9396] usb 4-1: USB disconnect, device number 54
[  598.805577][    T9] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  598.826442][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  598.835424][    T9] usb 3-1: Product: syz
[  598.839629][    T9] usb 3-1: Manufacturer: syz
[  598.844742][    T9] usb 3-1: SerialNumber: syz
[  598.882885][    T9] usb 3-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  599.004172][ T5135] Bluetooth: hci1: command tx timeout
[  599.319908][ T5868] usb 3-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  600.207279][T10993] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  600.213371][T10993] Bluetooth: hci1: Error when powering off device on rfkill (-4)
[  600.363956][ T5868] ath9k_htc 3-1:1.0: ath9k_htc: Target is unresponsive
[  600.414080][ T5868] ath9k_htc: Failed to initialize the device
[  600.474003][ T5868] usb 3-1: ath9k_htc: USB layer deinitialized
[  601.124717][T11002] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1364'.
[  602.070050][    T9] usb 3-1: USB disconnect, device number 46
[  602.176935][ T7816] hsr_slave_0: left promiscuous mode
[  602.253939][ T7816] hsr_slave_1: left promiscuous mode
[  602.267612][ T7816] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  602.305400][ T7816] batman_adv: batadv0: Removing interface: batadv_slave_0
[  602.339753][ T7816] veth1_macvtap: left promiscuous mode
[  602.353244][ T7816] veth0_macvtap: left promiscuous mode
[  602.359278][ T7816] veth1_vlan: left promiscuous mode
[  602.364874][ T7816] veth0_vlan: left promiscuous mode
[  604.250275][T11061] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1374'.
[  605.019638][T11066] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1376'.
[  605.419357][ T5868] usb 4-1: new high-speed USB device number 55 using dummy_hcd
[  605.657673][ T5868] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  605.674014][ T5868] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  605.687752][ T5868] usb 4-1: Product: syz
[  605.692089][ T5868] usb 4-1: Manufacturer: syz
[  605.697232][ T5868] usb 4-1: SerialNumber: syz
[  605.732645][ T5868] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  605.836195][    T9] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  606.125960][T11064] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1376'.
[  606.923983][    T9] ath9k_htc 4-1:1.0: ath9k_htc: Target is unresponsive
[  606.931936][    T9] ath9k_htc: Failed to initialize the device
[  606.982822][    T9] usb 4-1: ath9k_htc: USB layer deinitialized
[  607.824260][ T9396] usb 4-1: USB disconnect, device number 55
[  607.889253][T10967] chnl_net:caif_netlink_parms(): no params data found
[  609.674122][T10967] bridge0: port 1(bridge_slave_0) entered blocking state
[  609.694572][T10967] bridge0: port 1(bridge_slave_0) entered disabled state
[  609.701815][T10967] bridge_slave_0: entered allmulticast mode
[  609.714134][T10967] bridge_slave_0: entered promiscuous mode
[  609.728920][T10967] bridge0: port 2(bridge_slave_1) entered blocking state
[  609.736311][T10967] bridge0: port 2(bridge_slave_1) entered disabled state
[  609.745819][T10967] bridge_slave_1: entered allmulticast mode
[  609.753091][T10967] bridge_slave_1: entered promiscuous mode
[  609.852016][T10967] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  609.890226][T10967] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  609.996732][T10967] team0: Port device team_slave_0 added
[  610.073694][T11118] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  610.082711][T11118] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  610.626957][T10967] team0: Port device team_slave_1 added
[  610.718277][T10967] batman_adv: batadv0: Adding interface: batadv_slave_0
[  610.735500][T10967] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  610.809408][T10967] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  610.875142][T10967] batman_adv: batadv0: Adding interface: batadv_slave_1
[  610.882130][T10967] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  610.920177][T10967] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  611.144440][    T9] usb 4-1: new high-speed USB device number 56 using dummy_hcd
[  611.555546][T10967] hsr_slave_0: entered promiscuous mode
[  611.578426][T10967] hsr_slave_1: entered promiscuous mode
[  611.612065][    T9] usb 4-1: config 0 has an invalid interface number: 87 but max is 0
[  611.631280][    T9] usb 4-1: config 0 has no interface number 0
[  611.653971][    T9] usb 4-1: too many endpoints for config 0 interface 87 altsetting 28: 204, using maximum allowed: 30
[  611.836775][T11150] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1391'.
[  611.977092][    T9] usb 4-1: config 0 interface 87 altsetting 28 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  612.464547][    T9] usb 4-1: config 0 interface 87 altsetting 28 has 1 endpoint descriptor, different from the interface descriptor's value: 204
[  612.480855][    T9] usb 4-1: config 0 interface 87 has no altsetting 0
[  612.489789][    T9] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=8c.f4
[  612.506578][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  612.530155][    T9] usb 4-1: Product: syz
[  612.564219][    T9] usb 4-1: Manufacturer: syz
[  612.577597][    T9] usb 4-1: SerialNumber: syz
[  612.605304][    T9] usb 4-1: config 0 descriptor??
[  612.638760][    T9] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  612.858150][    T9] usb 4-1: USB disconnect, device number 56
[  612.883957][ T5900] usb 5-1: new high-speed USB device number 53 using dummy_hcd
[  612.898359][   T11] usb 4-1: Failed to submit usb control message: -71
[  612.906837][   T11] usb 4-1: unable to send the bmi data to the device: -71
[  612.914486][   T11] usb 4-1: unable to get target info from device
[  612.920847][   T11] usb 4-1: could not get target info (-71)
[  612.928127][   T11] usb 4-1: could not probe fw (-71)
[  613.010015][T11172] program syz.1.1394 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  613.019936][T11172] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  613.740533][ T9396] usb 3-1: new high-speed USB device number 47 using dummy_hcd
[  613.769010][ T5900] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  613.778305][ T5900] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  613.919447][ T5900] usb 5-1: Product: syz
[  613.923670][ T5900] usb 5-1: Manufacturer: syz
[  613.928858][ T5900] usb 5-1: SerialNumber: syz
[  613.955922][ T5900] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  613.979093][ T5920] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  614.003933][ T9396] usb 3-1: Using ep0 maxpacket: 8
[  614.039925][ T9396] usb 3-1: too many configurations: 10, using maximum allowed: 8
[  614.335914][T11147] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1391'.
[  614.346843][ T9396] usb 3-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  614.931247][ T9396] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  614.996090][ T9396] usb 3-1: Product: syz
[  615.000273][ T9396] usb 3-1: Manufacturer: syz
[  615.134045][ T5900] usb 5-1: USB disconnect, device number 53
[  615.146278][ T9396] usb 3-1: SerialNumber: syz
[  615.152874][ T9396] usb 3-1: config 0 descriptor??
[  615.160818][ T9396] radio-usb-si4713 3-1:0.0: Si4713 development board discovered: (10C4:8244)
[  615.170663][ T5920] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  615.177707][ T5920] ath9k_htc: Failed to initialize the device
[  615.184385][ T5900] usb 5-1: ath9k_htc: USB layer deinitialized
[  615.201420][T10967] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  615.216897][T10967] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  615.227080][T10967] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  615.237764][T10967] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  616.098513][T11160] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  616.369908][T11160] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  616.442683][T10967] 8021q: adding VLAN 0 to HW filter on device bond0
[  616.499466][T10967] 8021q: adding VLAN 0 to HW filter on device team0
[  616.513357][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  616.520566][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  616.579595][ T7816] bridge0: port 2(bridge_slave_1) entered blocking state
[  616.588086][ T7816] bridge0: port 2(bridge_slave_1) entered forwarding state
[  616.652537][ T9396] radio-usb-si4713 3-1:0.0: probe with driver radio-usb-si4713 failed with error -71
[  616.697443][ T9396] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  616.778968][ T9396] usb 3-1: USB disconnect, device number 47
[  617.368320][T11213] netlink: 'syz.1.1401': attribute type 1 has an invalid length.
[  617.540185][T11213] 8021q: adding VLAN 0 to HW filter on device bond1
[  618.128174][T11240] program syz.2.1405 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  618.134224][T10967] 8021q: adding VLAN 0 to HW filter on device batadv0
[  618.144837][T11240] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  618.593147][T10967] veth0_vlan: entered promiscuous mode
[  619.018707][T10967] veth1_vlan: entered promiscuous mode
[  619.382271][T10967] veth0_macvtap: entered promiscuous mode
[  619.522308][T11255] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1408'.
[  619.624790][T11259] program syz.2.1409 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  619.634674][T11259] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  620.655580][T10967] veth1_macvtap: entered promiscuous mode
[  621.152902][T10967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  621.168601][T10967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  621.183936][  T836] usb 5-1: new high-speed USB device number 54 using dummy_hcd
[  621.216215][T10967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  621.253162][T10967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  621.290632][T10967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  621.302527][T10967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  621.316178][T10967] batman_adv: batadv0: Interface activated: batadv_slave_0
[  621.355994][T10967] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  621.369806][  T836] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  621.378949][T10967] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  621.380065][T10967] batman_adv: batadv0: Interface activated: batadv_slave_1
[  621.424308][  T836] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  621.438166][  T836] usb 5-1: Product: syz
[  621.442444][  T836] usb 5-1: Manufacturer: syz
[  621.447968][  T836] usb 5-1: SerialNumber: syz
[  621.460740][T10967] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  621.461197][  T836] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  621.494985][ T5868] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  621.535915][T10967] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  621.579142][T10967] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  621.593929][T10967] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  622.104911][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  622.160575][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  622.498624][   T35] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  622.563277][   T35] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  622.724336][ T5868] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  622.731374][ T5868] ath9k_htc: Failed to initialize the device
[  622.893947][    T9] usb 5-1: USB disconnect, device number 54
[  622.907655][    T9] usb 5-1: ath9k_htc: USB layer deinitialized
[  624.501816][T11318] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  624.744703][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  624.751309][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  625.021468][ T9168] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  625.600574][ T9168] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  625.756557][ T9168] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  626.122680][ T9168] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  626.412335][ T9168] bridge_slave_1: left allmulticast mode
[  626.418243][ T9168] bridge_slave_1: left promiscuous mode
[  626.434007][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[  626.446344][ T5825] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  626.463421][ T5825] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  626.472422][ T5825] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  626.480737][ T5825] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  626.488738][ T5825] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  626.511613][ T5825] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  626.529867][ T9168] bridge_slave_0: left allmulticast mode
[  626.546797][ T9168] bridge_slave_0: left promiscuous mode
[  626.639553][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[  627.280396][ T5135] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  627.290717][ T5135] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  627.299944][ T5135] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  627.309824][ T5135] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  627.321880][ T5135] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  627.335239][ T5135] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  627.407790][T11351] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  627.492456][T11337] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=io+mem:owns=io+mem
[  627.680946][ T9168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  627.691943][ T9168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  627.701850][ T9168] bond0 (unregistering): Released all slaves
[  628.045116][T11359] ip6gretap0: entered promiscuous mode
[  628.051232][T11359] vlan2: entered promiscuous mode
[  628.125942][ T5900] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[  628.304448][ T5900] usb 2-1: config 0 has an invalid interface number: 87 but max is 0
[  628.313415][ T5900] usb 2-1: config 0 has no interface number 0
[  628.324073][ T5900] usb 2-1: too many endpoints for config 0 interface 87 altsetting 28: 204, using maximum allowed: 30
[  628.335127][ T9168] hsr_slave_0: left promiscuous mode
[  628.343404][ T5900] usb 2-1: config 0 interface 87 altsetting 28 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  628.343901][ T9168] hsr_slave_1: left promiscuous mode
[  628.354417][ T5900] usb 2-1: config 0 interface 87 altsetting 28 has 1 endpoint descriptor, different from the interface descriptor's value: 204
[  628.354446][ T5900] usb 2-1: config 0 interface 87 has no altsetting 0
[  628.361747][ T5900] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=8c.f4
[  628.389333][ T5900] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  628.400357][T11375] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1439'.
[  628.418339][T11375] netlink: 44 bytes leftover after parsing attributes in process `syz.2.1439'.
[  628.420759][ T5900] usb 2-1: Product: syz
[  628.430176][ T9168] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  628.450522][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_0
[  628.463073][ T9168] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  628.470317][ T5900] usb 2-1: Manufacturer: syz
[  628.480453][ T5900] usb 2-1: SerialNumber: syz
[  628.484049][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_1
[  628.506710][ T5900] usb 2-1: config 0 descriptor??
[  628.551799][ T9168] veth1_macvtap: left promiscuous mode
[  628.563891][ T9168] veth0_macvtap: left promiscuous mode
[  628.571510][ T5900] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  628.598376][ T9168] veth1_vlan: left promiscuous mode
[  628.610785][ T9168] veth0_vlan: left promiscuous mode
[  628.616374][ T5825] Bluetooth: hci1: command tx timeout
[  628.730046][ T5868] usb 2-1: USB disconnect, device number 69
[  628.730445][ T7816] usb 2-1: Failed to submit usb control message: -71
[  628.745323][ T7816] usb 2-1: unable to send the bmi data to the device: -71
[  628.753019][ T7816] usb 2-1: unable to get target info from device
[  628.764121][ T7816] usb 2-1: could not get target info (-71)
[  628.770862][ T7816] usb 2-1: could not probe fw (-71)
[  628.817505][    T9] usb 5-1: new high-speed USB device number 55 using dummy_hcd
[  628.839152][ T5920] usb 3-1: new high-speed USB device number 48 using dummy_hcd
[  628.990410][    T9] usb 5-1: too many configurations: 241, using maximum allowed: 8
[  628.994013][ T5920] usb 3-1: device descriptor read/64, error -71
[  629.060220][    T9] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  629.070325][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  629.089919][    T9] usb 5-1: Product: syz
[  629.094283][    T9] usb 5-1: Manufacturer: syz
[  629.098923][    T9] usb 5-1: SerialNumber: syz
[  629.120266][    T9] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  629.158222][ T5868] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  629.211400][ T9168] team0 (unregistering): Port device team_slave_1 removed
[  629.242048][ T5920] usb 3-1: new high-speed USB device number 49 using dummy_hcd
[  629.289062][ T9168] team0 (unregistering): Port device team_slave_0 removed
[  629.386586][T11390] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1441'.
[  629.394030][ T5920] usb 3-1: device descriptor read/64, error -71
[  629.404100][ T5825] Bluetooth: hci2: command tx timeout
[  629.516719][ T5920] usb usb3-port1: attempt power cycle
[  629.613967][ T9396] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[  629.790865][ T9396] usb 2-1: config 0 has an invalid interface number: 87 but max is 0
[  629.806671][ T9396] usb 2-1: config 0 has no interface number 0
[  629.812879][ T9396] usb 2-1: too many endpoints for config 0 interface 87 altsetting 28: 204, using maximum allowed: 30
[  629.814337][T11380] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1439'.
[  629.853660][ T9396] usb 2-1: config 0 interface 87 altsetting 28 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  629.872088][ T5920] usb 3-1: new high-speed USB device number 50 using dummy_hcd
[  629.884363][    T9] usb 5-1: USB disconnect, device number 55
[  629.902977][T11341] chnl_net:caif_netlink_parms(): no params data found
[  629.903847][ T9396] usb 2-1: config 0 interface 87 altsetting 28 has 1 endpoint descriptor, different from the interface descriptor's value: 204
[  629.941901][ T5920] usb 3-1: device descriptor read/8, error -71
[  629.960446][T11352] chnl_net:caif_netlink_parms(): no params data found
[  629.969505][ T9396] usb 2-1: config 0 interface 87 has no altsetting 0
[  629.994442][ T9396] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=8c.f4
[  630.005234][ T9396] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  630.013248][ T9396] usb 2-1: Product: syz
[  630.041112][ T9396] usb 2-1: Manufacturer: syz
[  630.051225][ T9396] usb 2-1: SerialNumber: syz
[  630.085229][ T9396] usb 2-1: config 0 descriptor??
[  630.108944][ T9396] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  630.141515][T11341] bridge0: port 1(bridge_slave_0) entered blocking state
[  630.153353][T11341] bridge0: port 1(bridge_slave_0) entered disabled state
[  630.183170][T11341] bridge_slave_0: entered allmulticast mode
[  630.192202][T11341] bridge_slave_0: entered promiscuous mode
[  630.200320][ T5920] usb 3-1: new high-speed USB device number 51 using dummy_hcd
[  630.204012][ T5868] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  630.244279][ T5868] ath9k_htc: Failed to initialize the device
[  630.253297][    T9] usb 5-1: ath9k_htc: USB layer deinitialized
[  630.253444][ T5920] usb 3-1: device descriptor read/8, error -71
[  630.321365][T11341] bridge0: port 2(bridge_slave_1) entered blocking state
[  630.332893][   T51] usb 2-1: Failed to submit usb control message: -71
[  630.334131][ T9396] usb 2-1: USB disconnect, device number 70
[  630.343498][T11341] bridge0: port 2(bridge_slave_1) entered disabled state
[  630.360520][   T51] usb 2-1: unable to send the bmi data to the device: -71
[  630.368704][T11341] bridge_slave_1: entered allmulticast mode
[  630.374968][   T51] usb 2-1: unable to get target info from device
[  630.382622][T11341] bridge_slave_1: entered promiscuous mode
[  630.389235][   T51] usb 2-1: could not get target info (-71)
[  630.403833][   T51] usb 2-1: could not probe fw (-71)
[  630.411064][ T5920] usb usb3-port1: unable to enumerate USB device
[  630.512270][T11341] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  630.597033][T11341] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  630.623043][T11352] bridge0: port 1(bridge_slave_0) entered blocking state
[  630.647071][T11352] bridge0: port 1(bridge_slave_0) entered disabled state
[  630.662290][T11352] bridge_slave_0: entered allmulticast mode
[  630.683942][ T5825] Bluetooth: hci1: command tx timeout
[  630.684126][T11352] bridge_slave_0: entered promiscuous mode
[  630.724539][T11352] bridge0: port 2(bridge_slave_1) entered blocking state
[  630.735010][T11352] bridge0: port 2(bridge_slave_1) entered disabled state
[  630.742484][T11352] bridge_slave_1: entered allmulticast mode
[  630.751170][T11352] bridge_slave_1: entered promiscuous mode
[  630.811193][ T9168] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  630.838552][T11341] team0: Port device team_slave_0 added
[  630.887438][T11341] team0: Port device team_slave_1 added
[  630.922125][ T9168] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  631.494002][ T5825] Bluetooth: hci2: command tx timeout
[  631.549208][ T9168] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  631.577933][T11352] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  631.609428][T11341] batman_adv: batadv0: Adding interface: batadv_slave_0
[  631.616777][T11341] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  631.643113][T11341] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  631.681625][ T9168] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  631.732026][T11352] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  631.748790][T11341] batman_adv: batadv0: Adding interface: batadv_slave_1
[  631.781186][T11341] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  631.835813][T11341] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  631.874603][T11420] FAULT_INJECTION: forcing a failure.
[  631.874603][T11420] name failslab, interval 1, probability 0, space 0, times 0
[  631.950760][T11420] CPU: 1 UID: 0 PID: 11420 Comm: syz.2.1447 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  631.950789][T11420] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  631.950799][T11420] Call Trace:
[  631.950805][T11420]  <TASK>
[  631.950812][T11420]  dump_stack_lvl+0x241/0x360
[  631.950840][T11420]  ? __pfx_dump_stack_lvl+0x10/0x10
[  631.950857][T11420]  ? __pfx__printk+0x10/0x10
[  631.950881][T11420]  ? fs_reclaim_acquire+0x93/0x130
[  631.950900][T11420]  ? __pfx___might_resched+0x10/0x10
[  631.950922][T11420]  should_fail_ex+0x40a/0x550
[  631.950946][T11420]  should_failslab+0xac/0x100
[  631.950970][T11420]  __kmalloc_noprof+0xdd/0x4c0
[  631.950985][T11420]  ? tomoyo_realpath_from_path+0xcf/0x5e0
[  631.951003][T11420]  tomoyo_realpath_from_path+0xcf/0x5e0
[  631.951031][T11420]  tomoyo_mount_permission+0x3bf/0xb80
[  631.951058][T11420]  ? stack_depot_save_flags+0x37/0x940
[  631.951078][T11420]  ? tomoyo_mount_permission+0x298/0xb80
[  631.951105][T11420]  ? __pfx_tomoyo_mount_permission+0x10/0x10
[  631.951166][T11420]  ? hook_sb_mount+0x10b/0x420
[  631.951182][T11420]  ? security_sb_mount+0x22/0x2f0
[  631.951204][T11420]  security_sb_mount+0xe0/0x2f0
[  631.951225][T11420]  path_mount+0xb9/0xfa0
[  631.951246][T11420]  ? kmem_cache_free+0x195/0x410
[  631.951262][T11420]  ? user_path_at+0x44/0x60
[  631.951288][T11420]  __se_sys_mount+0x2d6/0x3c0
[  631.951310][T11420]  ? __pfx___se_sys_mount+0x10/0x10
[  631.951328][T11420]  ? do_syscall_64+0x100/0x230
[  631.951350][T11420]  ? __x64_sys_mount+0x20/0xc0
[  631.951368][T11420]  do_syscall_64+0xf3/0x230
[  631.951386][T11420]  ? clear_bhb_loop+0x35/0x90
[  631.951410][T11420]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  631.951430][T11420] RIP: 0033:0x7ffa5858cde9
[  631.951445][T11420] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  631.951459][T11420] RSP: 002b:00007ffa59428038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  631.951477][T11420] RAX: ffffffffffffffda RBX: 00007ffa587a5fa0 RCX: 00007ffa5858cde9
[  631.951489][T11420] RDX: 0000400000001200 RSI: 0000400000000000 RDI: 0000000000000000
[  631.951500][T11420] RBP: 00007ffa59428090 R08: 0000400000000180 R09: 0000000000000000
[  631.951511][T11420] R10: 000000000000000a R11: 0000000000000246 R12: 0000000000000001
[  631.951521][T11420] R13: 0000000000000000 R14: 00007ffa587a5fa0 R15: 00007ffc30fbdc68
[  631.951547][T11420]  </TASK>
[  631.951722][T11420] ERROR: Out of memory at tomoyo_realpath_from_path.
[  632.689978][T11352] team0: Port device team_slave_0 added
[  632.717383][T11352] team0: Port device team_slave_1 added
[  632.737319][T11341] hsr_slave_0: entered promiscuous mode
[  632.744969][T11341] hsr_slave_1: entered promiscuous mode
[  632.763866][ T5825] Bluetooth: hci1: command tx timeout
[  632.818592][T11352] batman_adv: batadv0: Adding interface: batadv_slave_0
[  632.833987][T11352] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  632.860360][T11352] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  632.873083][T11352] batman_adv: batadv0: Adding interface: batadv_slave_1
[  632.895341][T11352] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  632.922566][T11352] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  633.099518][T11352] hsr_slave_0: entered promiscuous mode
[  633.113483][T11352] hsr_slave_1: entered promiscuous mode
[  633.124172][ T5936] usb 5-1: new high-speed USB device number 56 using dummy_hcd
[  633.142687][T11352] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  633.155068][T11352] Cannot create hsr debugfs directory
[  633.237187][ T9168] bridge_slave_1: left allmulticast mode
[  633.243542][ T9168] bridge_slave_1: left promiscuous mode
[  633.254053][ T9168] bridge0: port 2(bridge_slave_1) entered disabled state
[  633.269255][ T9168] bridge_slave_0: left allmulticast mode
[  633.275385][ T9168] bridge_slave_0: left promiscuous mode
[  633.281625][ T9168] bridge0: port 1(bridge_slave_0) entered disabled state
[  633.293922][ T5936] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[  633.323078][ T5936] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[  633.338717][ T5936] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  633.386526][ T5936] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  633.421445][ T5936] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  633.441169][ T5936] usb 5-1: config 0 descriptor??
[  633.457936][T11430] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  633.563931][ T5825] Bluetooth: hci2: command tx timeout
[  633.899408][ T5936] plantronics 0003:047F:FFFF.0024: unknown main item tag 0xd
[  633.917443][ T5936] plantronics 0003:047F:FFFF.0024: No inputs registered, leaving
[  633.940866][ T5936] plantronics 0003:047F:FFFF.0024: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  634.021559][ T9168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  634.035945][ T9168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  634.251211][T11430] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  634.405191][ T9168] bond0 (unregistering): Released all slaves
[  634.420210][T11430] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  634.442824][ T5936] usb 5-1: USB disconnect, device number 56
[  634.845026][ T5825] Bluetooth: hci1: command tx timeout
[  634.935178][T11443] ip6gretap0: entered promiscuous mode
[  634.946503][T11443] vlan2: entered promiscuous mode
[  635.239991][T11451] nvme_fabrics: missing parameter 'transport=%s'
[  635.254905][T11451] nvme_fabrics: missing parameter 'nqn=%s'
[  635.410351][ T9168] hsr_slave_0: left promiscuous mode
[  635.426751][ T9168] hsr_slave_1: left promiscuous mode
[  635.449473][ T9168] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  635.458514][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_0
[  635.544682][ T9168] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  635.701260][ T9168] batman_adv: batadv0: Removing interface: batadv_slave_1
[  635.733960][ T5825] Bluetooth: hci2: command tx timeout
[  635.770248][ T9168] veth1_macvtap: left promiscuous mode
[  635.786311][ T9168] veth0_macvtap: left promiscuous mode
[  635.802086][ T9168] veth1_vlan: left promiscuous mode
[  635.812027][ T9168] veth0_vlan: left promiscuous mode
[  637.583634][T11476] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(8)
[  637.590458][T11476] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  637.598989][T11476] vhci_hcd vhci_hcd.0: Device attached
[  637.955244][T11477] vhci_hcd: connection closed
[  637.958770][   T11] vhci_hcd: stop threads
[  637.968741][   T11] vhci_hcd: release socket
[  637.974676][   T11] vhci_hcd: disconnect device
[  638.033970][ T9396] vhci_hcd: vhci_device speed not set
[  639.254936][T11494] xt_cluster: node mask cannot exceed total number of nodes
[  640.969999][T11492] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  640.984146][T11492] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  641.021935][T11492] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  641.109422][T11492] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  641.140315][T11492] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  641.203488][T11492] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  641.365163][T11503] FAULT_INJECTION: forcing a failure.
[  641.365163][T11503] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  641.378307][T11503] CPU: 0 UID: 0 PID: 11503 Comm: syz.2.1468 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  641.378321][T11503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  641.378328][T11503] Call Trace:
[  641.378332][T11503]  <TASK>
[  641.378336][T11503]  dump_stack_lvl+0x241/0x360
[  641.378352][T11503]  ? __pfx_dump_stack_lvl+0x10/0x10
[  641.378362][T11503]  ? __pfx__printk+0x10/0x10
[  641.378380][T11503]  ? snprintf+0xda/0x120
[  641.378395][T11503]  should_fail_ex+0x40a/0x550
[  641.378411][T11503]  _copy_to_user+0x31/0xb0
[  641.378423][T11503]  simple_read_from_buffer+0xca/0x150
[  641.378439][T11503]  proc_fail_nth_read+0x1e9/0x250
[  641.378456][T11503]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  641.378472][T11503]  ? rw_verify_area+0x243/0x630
[  641.378483][T11503]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  641.378498][T11503]  vfs_read+0x1f8/0xb40
[  641.378509][T11503]  ? fdget_pos+0x254/0x320
[  641.378519][T11503]  ? __pfx___mutex_lock+0x10/0x10
[  641.378539][T11503]  ? __pfx_vfs_read+0x10/0x10
[  641.378548][T11503]  ? snd_seq_ioctl+0x300/0x450
[  641.378561][T11503]  ? __fget_files+0x2a/0x410
[  641.378572][T11503]  ? __fget_files+0x395/0x410
[  641.378580][T11503]  ? __fget_files+0x2a/0x410
[  641.378594][T11503]  ksys_read+0x18f/0x2b0
[  641.378606][T11503]  ? __pfx_ksys_read+0x10/0x10
[  641.378618][T11503]  ? do_syscall_64+0x100/0x230
[  641.378630][T11503]  ? do_syscall_64+0xb6/0x230
[  641.378643][T11503]  do_syscall_64+0xf3/0x230
[  641.378653][T11503]  ? clear_bhb_loop+0x35/0x90
[  641.378668][T11503]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  641.378681][T11503] RIP: 0033:0x7ffa5858b7fc
[  641.378690][T11503] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  641.378699][T11503] RSP: 002b:00007ffa59428030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  641.378709][T11503] RAX: ffffffffffffffda RBX: 00007ffa587a5fa0 RCX: 00007ffa5858b7fc
[  641.378716][T11503] RDX: 000000000000000f RSI: 00007ffa594280a0 RDI: 0000000000000009
[  641.378721][T11503] RBP: 00007ffa59428090 R08: 0000000000000000 R09: 0000000000000000
[  641.378727][T11503] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  641.378732][T11503] R13: 0000000000000000 R14: 00007ffa587a5fa0 R15: 00007ffc30fbdc68
[  641.378747][T11503]  </TASK>
[  641.716012][T11508] netlink: 'syz.4.1470': attribute type 9 has an invalid length.
[  641.807904][T11513] overlayfs: workdir and upperdir must be separate subtrees
[  641.824117][T11513] afs: Unknown parameter 'dynl'
[  641.893532][T11515] overlayfs: conflicting options: userxattr,metacopy=on
[  642.029244][T11341] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  642.045117][T11341] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  642.058047][T11341] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  642.100930][T11341] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  642.156165][T11352] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  642.175365][T11352] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  642.196497][T11352] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  642.208940][T11352] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  642.291671][T11341] 8021q: adding VLAN 0 to HW filter on device bond0
[  642.334467][T11341] 8021q: adding VLAN 0 to HW filter on device team0
[  642.357361][   T51] bridge0: port 1(bridge_slave_0) entered blocking state
[  642.364551][   T51] bridge0: port 1(bridge_slave_0) entered forwarding state
[  642.374159][   T51] bridge0: port 2(bridge_slave_1) entered blocking state
[  642.381269][   T51] bridge0: port 2(bridge_slave_1) entered forwarding state
[  642.407326][T11520] syzkaller1: tun_chr_ioctl cmd 2147774992
[  642.927920][T11341] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  642.988760][T11352] 8021q: adding VLAN 0 to HW filter on device bond0
[  643.003990][ T5825] Bluetooth: hci1: command 0x0c1a tx timeout
[  643.027074][T11352] 8021q: adding VLAN 0 to HW filter on device team0
[  643.049643][   T35] bridge0: port 1(bridge_slave_0) entered blocking state
[  643.056811][   T35] bridge0: port 1(bridge_slave_0) entered forwarding state
[  643.164151][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout
[  643.286139][   T35] bridge0: port 2(bridge_slave_1) entered blocking state
[  643.293260][   T35] bridge0: port 2(bridge_slave_1) entered forwarding state
[  644.964542][T11550] netlink: 1296 bytes leftover after parsing attributes in process `syz.1.1480'.
[  644.974261][T11550] openvswitch: netlink: Flow key attr not present in new flow.
[  645.084352][ T5825] Bluetooth: hci1: command 0x0c1a tx timeout
[  645.192417][T11341] 8021q: adding VLAN 0 to HW filter on device batadv0
[  645.243900][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout
[  645.305232][T11352] 8021q: adding VLAN 0 to HW filter on device batadv0
[  646.688237][T11566] page: refcount:3 mapcount:1 mapping:ffff888024754b78 index:0x73 pfn:0x57973
[  646.698036][T11566] memcg:ffff888031b52000
[  646.702262][T11566] aops:shmem_aops ino:4e1
[  646.706579][T11566] flags: 0xfff0000002012d(locked|referenced|uptodate|lru|active|swapbacked|node=0|zone=1|lastcpupid=0x7ff)
[  646.717934][T11566] raw: 00fff0000002012d ffffea00015e5c88 ffffea0001669d08 ffff888024754b78
[  646.726502][T11566] raw: 0000000000000073 0000000000000000 0000000300000000 ffff888031b52000
[  646.734079][T11341] veth0_vlan: entered promiscuous mode
[  646.735055][T11566] page dumped because: VM_BUG_ON_FOLIO(folio_mapped(folio))
[  646.747783][T11566] page_owner tracks the page as allocated
[  646.754296][T11566] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 11561, tgid 11560 (syz.4.1483), ts 645378051669, free_ts 636471925468
[  646.772176][T11566]  post_alloc_hook+0x1f4/0x240
[  646.776928][T11566]  get_page_from_freelist+0x3651/0x37a0
[  646.782453][T11566]  __alloc_frozen_pages_noprof+0x292/0x710
[  646.788245][T11566]  alloc_pages_mpol+0x311/0x660
[  646.793084][T11566]  folio_alloc_mpol_noprof+0x36/0x70
[  646.798353][T11566]  shmem_alloc_and_add_folio+0x4a0/0x1090
[  646.804069][T11566]  shmem_get_folio_gfp+0x621/0x1840
[  646.809248][T11566]  shmem_fault+0x220/0x5b0
[  646.813650][T11566]  __do_fault+0x135/0x390
[  646.817982][T11566]  __handle_mm_fault+0x4c44/0x70f0
[  646.823077][T11566]  handle_mm_fault+0x2c1/0x7e0
[  646.827818][T11566]  __get_user_pages+0x1a92/0x4140
[  646.832822][T11566]  populate_vma_page_range+0x264/0x330
[  646.838264][T11566]  __mm_populate+0x27a/0x460
[  646.842836][T11566]  vm_mmap_pgoff+0x303/0x430
[  646.847409][T11566]  do_syscall_64+0xf3/0x230
[  646.851892][T11566] page last free pid 11464 tgid 11457 stack trace:
[  646.858370][T11566]  free_unref_folios+0xe2f/0x18a0
[  646.863377][T11566]  folios_put_refs+0x76c/0x860
[  646.868120][T11566]  shmem_undo_range+0x593/0x1820
[  646.873037][T11566]  shmem_evict_inode+0x29b/0xa80
[  646.877955][T11566]  evict+0x4e8/0x9a0
[  646.881828][T11566]  __dentry_kill+0x20d/0x630
[  646.886398][T11566]  dput+0x19f/0x2b0
[  646.890183][T11566]  __fput+0x60b/0x9f0
[  646.894149][T11566]  task_work_run+0x24f/0x310
[  646.898721][T11566]  do_exit+0xa2a/0x28e0
[  646.902853][T11566]  do_group_exit+0x207/0x2c0
[  646.907422][T11566]  get_signal+0x168c/0x1720
[  646.911904][T11566]  arch_do_signal_or_restart+0x96/0x860
[  646.917429][T11566]  syscall_exit_to_user_mode+0xce/0x340
[  646.922963][T11566]  do_syscall_64+0x100/0x230
[  646.927548][T11566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  646.933490][T11566] ------------[ cut here ]------------
[  646.938926][T11566] kernel BUG at mm/filemap.c:154!
[  646.943970][T11566] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTI
[  646.950887][T11566] CPU: 0 UID: 0 PID: 11566 Comm: syz.4.1483 Not tainted 6.14.0-rc2-syzkaller-00228-g04f41cbf03ec #0
[  646.961644][T11566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[  646.971684][T11566] RIP: 0010:filemap_unaccount_folio+0x73d/0x7d0
[  646.977913][T11566] Code: cd c7 ff 48 89 df 48 c7 c6 c0 d6 33 8c e8 1b 27 10 00 90 0f 0b e8 e3 cd c7 ff 48 89 df 48 c7 c6 a0 d5 33 8c e8 04 27 10 00 90 <0f> 0b e8 cc cd c7 ff 48 89 df 48 c7 c6 c0 d6 33 8c e8 ed 26 10 00
[  646.997501][T11566] RSP: 0018:ffffc90003347070 EFLAGS: 00010046
[  647.003549][T11566] RAX: f902613f54759300 RBX: ffffea00015e5cc0 RCX: ffffc90003346c03
[  647.011503][T11566] RDX: 0000000000000002 RSI: ffffffff8c2ab6a0 RDI: ffffffff8c801880
[  647.019452][T11566] RBP: 0000000000000000 R08: ffffffff903bb277 R09: 1ffffffff207764e
[  647.027402][T11566] R10: dffffc0000000000 R11: fffffbfff207764f R12: dffffc0000000000
[  647.035350][T11566] R13: 1ffffd40002bcb99 R14: ffff888024754b78 R15: ffffea00015e5cc8
[  647.043296][T11566] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  647.052202][T11566] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  647.058776][T11566] CR2: 0000400000400000 CR3: 000000000e938000 CR4: 00000000003526f0
[  647.066740][T11566] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  647.074690][T11566] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  647.082654][T11566] Call Trace:
[  647.085915][T11566]  <TASK>
[  647.088827][T11566]  ? __die_body+0x5f/0xb0
[  647.093134][T11566]  ? die+0x9e/0xc0
[  647.096849][T11566]  ? do_trap+0x15a/0x3a0
[  647.101068][T11566]  ? filemap_unaccount_folio+0x73d/0x7d0
[  647.106681][T11566]  ? do_error_trap+0x1dc/0x2c0
[  647.111420][T11566]  ? filemap_unaccount_folio+0x73d/0x7d0
[  647.117029][T11566]  ? __pfx_do_error_trap+0x10/0x10
[  647.122117][T11566]  ? report_bug+0x3cd/0x500
[  647.126599][T11566]  ? handle_invalid_op+0x34/0x40
[  647.131513][T11566]  ? filemap_unaccount_folio+0x73d/0x7d0
[  647.137138][T11566]  ? exc_invalid_op+0x38/0x50
[  647.141793][T11566]  ? asm_exc_invalid_op+0x1a/0x20
[  647.146800][T11566]  ? filemap_unaccount_folio+0x73d/0x7d0
[  647.152425][T11566]  __filemap_remove_folio+0xc7/0x670
[  647.157688][T11566]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  647.163035][T11566]  ? __pfx___filemap_remove_folio+0x10/0x10
[  647.168904][T11566]  ? _raw_spin_lock_irq+0xdf/0x120
[  647.173997][T11566]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[  647.179525][T11566]  filemap_remove_folio+0xe1/0x1f0
[  647.184082][ T5825] Bluetooth: hci1: command 0x0c1a tx timeout
[  647.184612][T11566]  truncate_inode_folio+0x5d/0x70
[  647.195605][T11566]  shmem_undo_range+0x44b/0x1820
[  647.200534][T11566]  ? validate_chain+0x11e/0x5920
[  647.205452][T11566]  ? __pfx_shmem_undo_range+0x10/0x10
[  647.210810][T11566]  ? __pfx_validate_chain+0x10/0x10
[  647.215994][T11566]  ? percpu_counter_add_batch+0xff/0x1f0
[  647.221610][T11566]  shmem_evict_inode+0x29b/0xa80
[  647.226533][T11566]  ? inode_wait_for_writeback+0x111/0x2a0
[  647.232229][T11566]  ? __pfx_shmem_evict_inode+0x10/0x10
[  647.237673][T11566]  ? do_raw_spin_unlock+0x13c/0x8b0
[  647.242850][T11566]  ? __pfx_shmem_evict_inode+0x10/0x10
[  647.248292][T11566]  evict+0x4e8/0x9a0
[  647.252198][T11566]  ? __pfx_evict+0x10/0x10
[  647.256594][T11566]  ? iput+0x713/0xa50
[  647.260554][T11566]  __dentry_kill+0x20d/0x630
[  647.265122][T11566]  ? dput+0x37/0x2b0
[  647.268993][T11566]  dput+0x19f/0x2b0
[  647.272776][T11566]  __fput+0x60b/0x9f0
[  647.276738][T11566]  task_work_run+0x24f/0x310
[  647.281310][T11566]  ? __pfx_task_work_run+0x10/0x10
[  647.286402][T11566]  ? switch_task_namespaces+0xe4/0x110
[  647.291840][T11566]  do_exit+0xa2a/0x28e0
[  647.295977][T11566]  ? __pfx_do_exit+0x10/0x10
[  647.300545][T11566]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  647.305893][T11566]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  647.311859][T11566]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  647.318165][T11566]  ? _raw_spin_lock_irq+0xdf/0x120
[  647.323259][T11566]  do_group_exit+0x207/0x2c0
[  647.327850][T11566]  ? _raw_spin_unlock_irq+0x23/0x50
[  647.333038][T11566]  ? lockdep_hardirqs_on+0x99/0x150
[  647.333855][ T5825] Bluetooth: hci2: command 0x0c1a tx timeout
[  647.338225][T11566]  get_signal+0x168c/0x1720
[  647.348670][T11566]  ? __pfx_get_signal+0x10/0x10
[  647.353497][T11566]  arch_do_signal_or_restart+0x96/0x860
[  647.359022][T11566]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  647.365191][T11566]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  647.371236][T11566]  ? syscall_exit_to_user_mode+0xa3/0x340
[  647.376962][T11566]  syscall_exit_to_user_mode+0xce/0x340
[  647.382498][T11566]  do_syscall_64+0x100/0x230
[  647.387074][T11566]  ? clear_bhb_loop+0x35/0x90
[  647.391760][T11566]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  647.397637][T11566] RIP: 0033:0x7f0fd718cde9
[  647.402029][T11566] Code: Unable to access opcode bytes at 0x7f0fd718cdbf.
[  647.409022][T11566] RSP: 002b:00007f0fd80390e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  647.417411][T11566] RAX: fffffffffffffe00 RBX: 00007f0fd73a6168 RCX: 00007f0fd718cde9
[  647.425360][T11566] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f0fd73a6168
[  647.433306][T11566] RBP: 00007f0fd73a6160 R08: 0000000000000000 R09: 0000000000000000
[  647.441261][T11566] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0fd73a616c
[  647.449212][T11566] R13: 0000000000000000 R14: 00007ffcd4cac2a0 R15: 00007ffcd4cac388
[  647.457166][T11566]  </TASK>
[  647.460164][T11566] Modules linked in:
[  647.464057][T11566] ---[ end trace 0000000000000000 ]---
[  647.469490][T11566] RIP: 0010:filemap_unaccount_folio+0x73d/0x7d0
[  647.475727][T11566] Code: cd c7 ff 48 89 df 48 c7 c6 c0 d6 33 8c e8 1b 27 10 00 90 0f 0b e8 e3 cd c7 ff 48 89 df 48 c7 c6 a0 d5 33 8c e8 04 27 10 00 90 <0f> 0b e8 cc cd c7 ff 48 89 df 48 c7 c6 c0 d6 33 8c e8 ed 26 10 00
[  647.495327][T11566] RSP: 0018:ffffc90003347070 EFLAGS: 00010046
[  647.501436][T11566] RAX: f902613f54759300 RBX: ffffea00015e5cc0 RCX: ffffc90003346c03
[  647.509404][T11566] RDX: 0000000000000002 RSI: ffffffff8c2ab6a0 RDI: ffffffff8c801880
[  647.517360][T11566] RBP: 0000000000000000 R08: ffffffff903bb277 R09: 1ffffffff207764e
[  647.525313][T11566] R10: dffffc0000000000 R11: fffffbfff207764f R12: dffffc0000000000
[  647.533259][T11566] R13: 1ffffd40002bcb99 R14: ffff888024754b78 R15: ffffea00015e5cc8
[  647.541216][T11566] FS:  0000000000000000(0000) GS:ffff8880b8600000(0000) knlGS:0000000000000000
[  647.550125][T11566] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  647.556684][T11566] CR2: 0000400000400000 CR3: 000000000e938000 CR4: 00000000003526f0
[  647.564653][T11566] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  647.572601][T11566] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  647.580563][T11566] Kernel panic - not syncing: Fatal exception
[  647.586849][T11566] Kernel Offset: disabled
[  647.591156][T11566] Rebooting in 86400 seconds..